diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml
index 963e833ec..5ab1e32ec 100644
--- a/.github/workflows/container-build.yml
+++ b/.github/workflows/container-build.yml
@@ -66,22 +66,22 @@ jobs:
SSH_IP: ${{ secrets.ARM_SSH_IP }}
SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
- name: Setup Buildx
- uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0
+ uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
if: inputs.CACHE_SUFFIX != 'arm'
- name: Setup Buildx (ARM)
- uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0
+ uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
if: inputs.CACHE_SUFFIX == 'arm'
with:
endpoint: ssh://root@arm
platforms: linux/arm64,linux/arm/v7,linux/arm/v6
- name: Login to Docker Hub
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to ghcr
if: inputs.PUSH == true
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -95,7 +95,7 @@ jobs:
# Build cached image
- name: Build image
if: inputs.CACHE == true
- uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
+ uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
file: ${{ inputs.DOCKERFILE }}
@@ -108,7 +108,7 @@ jobs:
# Build non-cached image
- name: Build image
if: inputs.CACHE != true
- uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
+ uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
file: ${{ inputs.DOCKERFILE }}
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
index e8fae16e4..cfb4fc998 100644
--- a/.github/workflows/dev.yml
+++ b/.github/workflows/dev.yml
@@ -151,12 +151,12 @@ jobs:
packages: write
steps:
- name: Login to Docker Hub
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/.github/workflows/linux-build.yml b/.github/workflows/linux-build.yml
index c8167fc7e..b57f78109 100644
--- a/.github/workflows/linux-build.yml
+++ b/.github/workflows/linux-build.yml
@@ -75,21 +75,21 @@ jobs:
SSH_IP: ${{ secrets.ARM_SSH_IP }}
SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
- name: Setup Buildx
- uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0
+ uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
if: startsWith(env.ARCH, 'arm') == false
- name: Setup Buildx (ARM)
- uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0
+ uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
if: startsWith(env.ARCH, 'arm') == true
with:
endpoint: ssh://root@arm
platforms: linux/arm64,linux/arm/v7,linux/arm/v6
- name: Login to Docker Hub
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -97,7 +97,7 @@ jobs:
# Build testing package image
- name: Build package image
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui' || inputs.RELEASE == '1.6'
- uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
+ uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
load: true
@@ -109,7 +109,7 @@ jobs:
# Build non-testing package image
- name: Build package image
if: inputs.RELEASE != 'testing' && inputs.RELEASE != 'dev' && inputs.RELEASE != 'ui' && inputs.RELEASE != '1.6'
- uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
+ uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
load: true
@@ -145,7 +145,7 @@ jobs:
images: ghcr.io/bunkerity/${{ inputs.LINUX }}-tests:${{ inputs.RELEASE }}
- name: Build test image
if: inputs.TEST == true
- uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
+ uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
file: tests/linux/Dockerfile-${{ inputs.LINUX }}
diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml
index adbe20e1f..8f41f3178 100644
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@@ -35,12 +35,12 @@ jobs:
- name: Check out repository code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Login to Docker Hub
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -58,7 +58,7 @@ jobs:
SSH_IP: ${{ secrets.ARM_SSH_IP }}
SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }}
- name: Setup Buildx (ARM)
- uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0
+ uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
with:
endpoint: ssh://root@arm
platforms: linux/arm64,linux/arm/v7,linux/arm/v6
@@ -70,7 +70,7 @@ jobs:
images: bunkerity/${{ inputs.IMAGE }}
# Build and push
- name: Build and push
- uses: docker/build-push-action@1ca370b3a9802c92e886402e0dd88098a2533b12 # v6.4.1
+ uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
with:
context: .
file: ${{ inputs.DOCKERFILE }}
diff --git a/.github/workflows/push-packagecloud.yml b/.github/workflows/push-packagecloud.yml
index 57da405c7..c42c39795 100644
--- a/.github/workflows/push-packagecloud.yml
+++ b/.github/workflows/push-packagecloud.yml
@@ -42,7 +42,7 @@ jobs:
- name: Check out repository code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Install ruby
- uses: ruby/setup-ruby@161cd54b698f1fb3ea539faab2e036d409550e3c # v1.187.0
+ uses: ruby/setup-ruby@50ba3386b050ad5b97a41fcb81240cbee1d1821f # v1.188.0
with:
ruby-version: "3.0"
- name: Install packagecloud
diff --git a/.github/workflows/staging-tests.yml b/.github/workflows/staging-tests.yml
index 6b1c94fe2..8e4bc160d 100644
--- a/.github/workflows/staging-tests.yml
+++ b/.github/workflows/staging-tests.yml
@@ -27,7 +27,7 @@ jobs:
- name: Checkout source code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml
index 30325144c..447015a0a 100644
--- a/.github/workflows/staging.yml
+++ b/.github/workflows/staging.yml
@@ -199,12 +199,12 @@ jobs:
packages: write
steps:
- name: Login to Docker Hub
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/.github/workflows/test-core-linux.yml b/.github/workflows/test-core-linux.yml
index f69e7480c..ec6915298 100644
--- a/.github/workflows/test-core-linux.yml
+++ b/.github/workflows/test-core-linux.yml
@@ -49,7 +49,7 @@ jobs:
sudo chmod +x /usr/local/bin/geckodriver
rm -f geckodriver.tar.gz
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/.github/workflows/test-core.yml b/.github/workflows/test-core.yml
index bf33ce9d4..7efed25ae 100644
--- a/.github/workflows/test-core.yml
+++ b/.github/workflows/test-core.yml
@@ -18,7 +18,7 @@ jobs:
- name: Checkout source code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/.github/workflows/tests-ui-linux.yml b/.github/workflows/tests-ui-linux.yml
index 4e42b51c4..ffcce81b3 100644
--- a/.github/workflows/tests-ui-linux.yml
+++ b/.github/workflows/tests-ui-linux.yml
@@ -49,7 +49,7 @@ jobs:
sudo chmod +x /usr/local/bin/geckodriver
rm -f geckodriver.tar.gz
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/.github/workflows/tests-ui.yml b/.github/workflows/tests-ui.yml
index 4836e611d..c01c11850 100644
--- a/.github/workflows/tests-ui.yml
+++ b/.github/workflows/tests-ui.yml
@@ -17,7 +17,7 @@ jobs:
- name: Checkout source code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Login to ghcr
- uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+ uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ghcr.io
username: ${{ github.actor }}
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f049d1011..feaab9b25 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,6 @@
# Changelog
-## v1.5.9 - ????/??/??
+## v1.5.9 - 2024/07/22
- [BUGFIX] Fix compatibility issues with mysql 8.4+ version and the `backup` plugin by adding the `mariadb-connector-c` dependency to the scheduler Dockerfile (on alpine)
- [BUGFIX] Fix potential issues with multiple settings in helpers.load_variables when multiple settings have the same suffix (the issue is only present in future external plugins)
@@ -12,7 +12,7 @@
- [LINUX] Update Linux repository to repo.bunkerweb.io
- [SECURITY] Update security headers in default pages and error pages for improved security
- [DEPS] Updated LuaJIT version to v2.1-20240626
-- [DEPS] Updated coreruleset-v4 version to v4.4.0
+- [DEPS] Updated coreruleset-v4 version to v4.5.0
## v1.5.8 - 2024/06/19
diff --git a/docs/security-tuning.md b/docs/security-tuning.md
index 3de403d7d..27602a07e 100644
--- a/docs/security-tuning.md
+++ b/docs/security-tuning.md
@@ -261,7 +261,7 @@ ModSecurity is integrated and enabled by default alongside the OWASP Core Rule S
You can choose between the following versions of the OWASP Core Rule Set :
- **3** : The version [v3.3.5](https://github.com/coreruleset/coreruleset/releases/tag/v3.3.5) of the OWASP Core Rule Set
-- **4** : The version [v4.4.0](https://github.com/coreruleset/coreruleset/releases/tag/v4.4.0) of the OWASP Core Rule Set (***default***)
+- **4** : The version [v4.5.0](https://github.com/coreruleset/coreruleset/releases/tag/v4.5.0) of the OWASP Core Rule Set (***default***)
- **nightly** : The latest [nightly](https://github.com/coreruleset/coreruleset/releases/tag/nightly) build of the OWASP Core Rule Set which is updated every day
!!! example "OWASP Core Rule Set's nightly build"
diff --git a/src/bw/Dockerfile b/src/bw/Dockerfile
index 513136305..05526d154 100644
--- a/src/bw/Dockerfile
+++ b/src/bw/Dockerfile
@@ -1,4 +1,4 @@
-FROM nginx:1.26.1-alpine-slim@sha256:ce01dacf330fdcbc3c93926291ab027396e7e9680a4180318b06e86525d1aa9f AS builder
+FROM nginx:1.26.1-alpine-slim@sha256:6bbbdaddc6cfe8ca4185019f554f73ac37a5b270bdd49fae5b3b482f903ef46f AS builder
# Install temporary requirements for the dependencies
RUN apk add --no-cache bash autoconf libtool automake geoip-dev g++ gcc curl-dev libxml2-dev pcre-dev make linux-headers musl-dev gd-dev gnupg brotli-dev openssl-dev patch readline-dev yajl yajl-dev yajl-tools py3-pip
@@ -42,7 +42,7 @@ COPY src/common/utils utils
COPY src/VERSION VERSION
COPY misc/*.ascii misc/
-FROM nginx:1.26.1-alpine-slim@sha256:ce01dacf330fdcbc3c93926291ab027396e7e9680a4180318b06e86525d1aa9f
+FROM nginx:1.26.1-alpine-slim@sha256:6bbbdaddc6cfe8ca4185019f554f73ac37a5b270bdd49fae5b3b482f903ef46f
# Set default umask to prevent huge recursive chmod increasing the final image size
RUN umask 027
diff --git a/src/linux/Dockerfile-rhel9 b/src/linux/Dockerfile-rhel9
index c5fc2c942..49db6d1dd 100644
--- a/src/linux/Dockerfile-rhel9
+++ b/src/linux/Dockerfile-rhel9
@@ -1,4 +1,4 @@
-FROM redhat/ubi9:9.4@sha256:081c96d1b1c7cd1855722d01f1ca53360510443737b1eb33284c6c4c330e537c AS builder
+FROM redhat/ubi9:9.4@sha256:1ee4d8c50d14d9c9e9229d9a039d793fcbc9aa803806d194c957a397cf1d2b17 AS builder
ENV OS=rhel
ENV NGINX_VERSION=1.26.1
@@ -68,7 +68,7 @@ COPY src/scheduler scheduler
COPY src/ui ui
COPY src/VERSION VERSION
-FROM redhat/ubi9:9.4@sha256:081c96d1b1c7cd1855722d01f1ca53360510443737b1eb33284c6c4c330e537c
+FROM redhat/ubi9:9.4@sha256:1ee4d8c50d14d9c9e9229d9a039d793fcbc9aa803806d194c957a397cf1d2b17
# Set default umask to prevent huge recursive chmod increasing the final image size
RUN umask 027
diff --git a/src/ui/templates/setting_input.html b/src/ui/templates/setting_input.html
index 27274b7b1..abe65ff86 100644
--- a/src/ui/templates/setting_input.html
+++ b/src/ui/templates/setting_input.html
@@ -22,7 +22,7 @@
id="{{ inp_name_mult }}"
name="{{ inp_name_mult }}"
class="regular-input"
- value="{% if global_config_value %} {{ global_config_value }} {% else %} {{ inp_default }} {% endif %}"
+ value="{% if global_config_value != None %} {{ global_config_value }} {% else %} {{ inp_default }} {% endif %}"
type="{{ inp_type }}"
pattern="{{ inp_regex|safe }}"
{% if is_multiple %}data-is-multiple{% endif %} />
diff --git a/src/ui/templates/setting_select.html b/src/ui/templates/setting_select.html
index 65b1000b9..dfdf6c57f 100644
--- a/src/ui/templates/setting_select.html
+++ b/src/ui/templates/setting_select.html
@@ -24,7 +24,7 @@
{% for item in inp_items %}
{% endfor %}
@@ -42,11 +42,11 @@
type="button"
class="custom-select-btn">
{% for item in inp_items %}
- {% if global_config_value and
+ {% if global_config_value != None and
global_config_value == item %}
{{ global_config_value }}
- {% elif not global_config_value and inp_default == item %}
+ {% elif global_config_value == None and inp_default == item %}
{{ inp_default }}
@@ -67,8 +67,8 @@
data-setting-select-dropdown="{{ inp_id }}"
class="hidden z-[20] fixed h-full flex-col mt-2 max-h-[200px] overflow-auto">
{% for item in inp_items %}
- {% if global_config_value and
- global_config_value == item or not global_config_value
+ {% if global_config_value != None and
+ global_config_value == item or global_config_value == None
and inp_default == item %}