From 46ee330b2a64a65d71b644e8552842ca8f44dc3b Mon Sep 17 00:00:00 2001
From: Andrei Aaron <aaaron@luxoft.com>
Date: Fri, 21 Jul 2023 22:50:41 +0300
Subject: [PATCH] feat(zui): update to zui supporting social login (#1639)

Also ignore issues related to https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header
It is not clear what the zap tool expectations are from the zot server, as these headers are supposed to be set by the zot client.

As a separate not ZUI sets these headers, but for some reason the scan expects them when scanning zot minimal without the UI

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
---
 .zap/rules.tsv | 1 +
 Makefile       | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.zap/rules.tsv b/.zap/rules.tsv
index cdddf0ac..c4fcb63c 100644
--- a/.zap/rules.tsv
+++ b/.zap/rules.tsv
@@ -57,6 +57,7 @@
 90001	WARN	(Insecure JSF ViewState)
 90002	WARN	(Java Serialization Object)
 90003	WARN	(Sub Resource Integrity Attribute Missing)
+90005	IGNORE	(Sec-Fetch-Dest Header is Missing)
 90011	WARN	(Charset Mismatch)
 90022	WARN	(Application Error Disclosure)
 90030	WARN	(WSDL File Detection)
diff --git a/Makefile b/Makefile
index 23ae8f3d..65dd713e 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,7 @@ CRICTL := $(TOOLSDIR)/bin/crictl
 CRICTL_VERSION := v1.26.1
 ACTION_VALIDATOR := $(TOOLSDIR)/bin/action-validator
 ACTION_VALIDATOR_VERSION := v0.2.1
-ZUI_VERSION := commit-a552487
+ZUI_VERSION := commit-44289c7
 SWAGGER_VERSION := v1.8.12
 STACKER := $(TOOLSDIR)/bin/stacker
 BATS := $(TOOLSDIR)/bin/bats