Infrastructure/zot
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-30 22:34:13 -05:00
Code Issues Activity

feat(zui): update to zui supporting social login (#1639)

Browse source 
Also ignore issues related to https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header
It is not clear what the zap tool expectations are from the zot server, as these headers are supposed to be set by the zot client.

As a separate not ZUI sets these headers, but for some reason the scan expects them when scanning zot minimal without the UI

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
This commit is contained in:
Andrei Aaron 2023-07-21 22:50:41 +03:00 committed by GitHub
parent 86a83ca6e3
commit 46ee330b2a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.zap/rules.tsv
View file

@ -57,6 +57,7 @@
90001 WARN (Insecure JSF ViewState) 90001 WARN (Insecure JSF ViewState)
90002 WARN (Java Serialization Object) 90002 WARN (Java Serialization Object)
90003 WARN (Sub Resource Integrity Attribute Missing) 90003 WARN (Sub Resource Integrity Attribute Missing)
90005 IGNORE (Sec-Fetch-Dest Header is Missing)
90011 WARN (Charset Mismatch) 90011 WARN (Charset Mismatch)
90022 WARN (Application Error Disclosure) 90022 WARN (Application Error Disclosure)
90030 WARN (WSDL File Detection) 90030 WARN (WSDL File Detection)

Can't render this file because it has a wrong number of fields in line 5.

2
Makefile
View file

@ -24,7 +24,7 @@ CRICTL := $(TOOLSDIR)/bin/crictl
CRICTL_VERSION := v1.26.1 CRICTL_VERSION := v1.26.1
ACTION_VALIDATOR := $(TOOLSDIR)/bin/action-validator ACTION_VALIDATOR := $(TOOLSDIR)/bin/action-validator
ACTION_VALIDATOR_VERSION := v0.2.1 ACTION_VALIDATOR_VERSION := v0.2.1
ZUI_VERSION := commit-a552487 ZUI_VERSION := commit-44289c7
SWAGGER_VERSION := v1.8.12 SWAGGER_VERSION := v1.8.12
STACKER := $(TOOLSDIR)/bin/stacker STACKER := $(TOOLSDIR)/bin/stacker
BATS := $(TOOLSDIR)/bin/bats BATS := $(TOOLSDIR)/bin/bats