gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-04-28 11:33:06 -07:00
Code Issues Packages Projects Releases Wiki Activity
301 Commits 14 Branches 61 Tags
24a9f4411fcf52c566043439fb3a07533841ac8e
Commit Graph

301 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
24a9f4411f chore(deps): bump reviewdog/action-misspell from 1.26.0 to 1.27.0 (#82) 
Bumps [reviewdog/action-misspell](https://github.com/reviewdog/action-misspell) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/reviewdog/action-misspell/releases)
- [Commits](https://github.com/reviewdog/action-misspell/compare/v1.26.0...v1.27.0)

---
updated-dependencies:
- dependency-name: reviewdog/action-misspell
  dependency-version: 1.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-23 02:10:52 +01:00
dependabot[bot]
22936a3281 chore(deps): bump reviewdog/action-yamllint from 1.19.0 to 1.21.0 (#83) 
Bumps [reviewdog/action-yamllint](https://github.com/reviewdog/action-yamllint) from 1.19.0 to 1.21.0.
- [Release notes](https://github.com/reviewdog/action-yamllint/releases)
- [Commits](https://github.com/reviewdog/action-yamllint/compare/v1.19.0...v1.21.0)

---
updated-dependencies:
- dependency-name: reviewdog/action-yamllint
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-23 02:10:40 +01:00
vmfunc
495d2c5496 feat: add securitytrails integration for domain discovery + target expansion v2026.2.17 2026-02-17 13:38:07 +01:00
dependabot[bot]
5ddfbc6204 chore(deps): bump github.com/likexian/whois from 1.15.1 to 1.15.7 (#67) 
Bumps [github.com/likexian/whois](https://github.com/likexian/whois) from 1.15.1 to 1.15.7.
- [Release notes](https://github.com/likexian/whois/releases)
- [Commits](https://github.com/likexian/whois/compare/v1.15.1...v1.15.7)

---
updated-dependencies:
- dependency-name: github.com/likexian/whois
  dependency-version: 1.15.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:32:55 +01:00
dependabot[bot]
b522aa3206 chore(deps): bump github.com/charmbracelet/log from 0.2.4 to 0.4.2 (#74) 
Bumps [github.com/charmbracelet/log](https://github.com/charmbracelet/log) from 0.2.4 to 0.4.2.
- [Release notes](https://github.com/charmbracelet/log/releases)
- [Commits](https://github.com/charmbracelet/log/compare/v0.2.4...v0.4.2)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/log
  dependency-version: 0.4.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:11:38 +01:00
dependabot[bot]
efd089a9b6 chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.3 (#66) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.3)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:11:30 +01:00
dependabot[bot]
dd9db0dfd6 chore(deps): bump reviewdog/action-shellcheck from 1.27.0 to 1.32.0 (#70) 
Bumps [reviewdog/action-shellcheck](https://github.com/reviewdog/action-shellcheck) from 1.27.0 to 1.32.0.
- [Release notes](https://github.com/reviewdog/action-shellcheck/releases)
- [Commits](https://github.com/reviewdog/action-shellcheck/compare/v1.27.0...v1.32.0)

---
updated-dependencies:
- dependency-name: reviewdog/action-shellcheck
  dependency-version: 1.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:11:26 +01:00
dependabot[bot]
1eab6143bb chore(deps): bump reviewdog/action-markdownlint from 0.24.0 to 0.26.2 (#73) 
Bumps [reviewdog/action-markdownlint](https://github.com/reviewdog/action-markdownlint) from 0.24.0 to 0.26.2.
- [Release notes](https://github.com/reviewdog/action-markdownlint/releases)
- [Commits](https://github.com/reviewdog/action-markdownlint/compare/v0.24.0...v0.26.2)

---
updated-dependencies:
- dependency-name: reviewdog/action-markdownlint
  dependency-version: 0.26.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:11:23 +01:00
dependabot[bot]
418180a124 chore(deps): bump actions/github-script from 7 to 8 (#77) 
Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 8.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v7...v8)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:05:54 +01:00
dependabot[bot]
6f4144efe1 chore(deps): bump actions/checkout from 4 to 6 (#68) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 14:47:32 +01:00
vmfunc
a05d6ada56 ci: add pr bot for auto-labeling + rewrite release workflow for semver tags 
pr-bot labels PRs by area (scan, nuclei, modules, ci, deps, etc) and size
(xs/s/m/l/xl), posts a summary comment with file stats breakdown.

release workflow now triggers on v* tags instead of every push to main -
extracts version from tag, injects via ldflags, auto-generates changelog
from commits since last release, includes install instructions in the
release body. prerelease detection for rc/beta tags.

Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 02:19:19 +01:00
vmfunc
75da3e3131 fix: resolve all golangci-lint issues across codebase 
- noctx: use http.NewRequestWithContext instead of http.Get/client.Get
- bodyclose: close response bodies on all code paths
- httpNoBody: use http.NoBody instead of nil for GET request bodies
- ifElseChain: convert if/else chains to switch in sif.go
- sloppyReassign: use := in logger.go where possible
- nilnil: annotate intentional nil,nil returns in lfi.go, sql.go
- errcheck: handle template install error in nuclei.go
- govet copylock: pass mutex by pointer in executor.go
- log.Fatalf: replace with log.Errorf+continue in api mode
 2026-02-13 02:11:17 +01:00
vmfunc
f5251d0c44 chore: strengthen golangci-lint config - add gosec, errorlint, nilnil, wastedassign, usetesting linters 
adds security and correctness linters, suppresses noisy checks
(fieldalignment, shadow, unusedwrite, nestingReduce), excludes
logger.Write from errcheck since log writes are best-effort
 2026-02-13 02:11:03 +01:00
vmfunc
e2198e932b ci: replace qodana with codeql - no external tokens needed 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 02:08:32 +01:00
vmfunc
bad5b598c9 test: add fuzz tests for LFI detection, SQL patterns, version parsing 
fuzz targets: DetectLFIFromResponse, isAdminPanel, databaseErrorPatterns,
isValidVersionString, ExtractVersionOptimized - should bump the scorecard
fuzzing check.

Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:57:46 +01:00
vmfunc
c85201b1ed ci: pin govulncheck to v1.1.4 - fixes scorecard pinned-dependencies 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:57:36 +01:00
vmfunc
45a384bdc9 add SECURITY.md - fixes scorecard security-policy check 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:57:31 +01:00
vmfunc
fcf9291653 ci: add explicit permissions to all workflows - fixes scorecard token-permissions 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:40:22 +01:00
vmfunc
e94fda0acf deps: bump go-git to v5.16.5 - fixes CVE-2026-25934 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:39:00 +01:00
vmfunc
03a9488b65 internal/scan: migrate nuclei integration to v3 SDK 
replace ~100 lines of manual nuclei v2 plumbing (catalog, loader, core,
protocolstate, protocolinit, hosterrorscache, interactsh, reporting,
ratelimit, testutils) with the v3 lib SDK - NewNucleiEngineCtx +
functional options.

drops direct ratelimit dep, mholt/archiver and nwaples/rardecode
(resolves dependabot CVE alerts for path traversal + DoS).

Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:22:25 +01:00
vmfunc
83702e9a41 ci: overhaul workflows - lint, security scanning, release hardening 
- add golangci-lint job to go.yml (parallel with build+test)
- add Go 1.23/1.24 version matrix, coverage only on 1.24
- upgrade setup-go@v4 to v5, codecov@v4 to v5 across all workflows
- fix check-large-files bug (find|while never exits 1), exclude .git/
- add concurrency groups to push+PR workflows (no duplicate runs)
- lowercase all workflow names to match project voice
- add gosec, errorlint, gocognit, nilnil, wastedassign, usetesting linters
- remove deprecated exportloopref (Go 1.22 fixed loop var capture)
- new: govulncheck.yml - Go vuln scanner with call-graph analysis
- new: scorecard.yml - OpenSSF supply chain scorecard
- new: dependabot.yml - auto-update Go deps + Actions versions
- release: SHA256 checksums + SBOM generation for all artifacts
- add CODEOWNERS
 2026-02-13 01:09:57 +01:00
vmfunc
426a301182 deps: bump projectdiscovery/utils to v0.9.0 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:03:47 +01:00
vmfunc
953ef299c9 deps: bump goflags to v0.1.74 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:03:46 +01:00
vmfunc
548c2110d4 update funding.yml with proper sponsor info 2026-02-13 00:26:04 +01:00
vmfunc
4f42c52964 add nixpkgs install instructions and badge to readme 2026-02-13 00:12:28 +01:00
vmfunc
5a557eb20a Merge pull request #62 from 0x4bs3nt/feat/builtin-shodan 
feat(modules): builtin shodan scan as module
 2026-02-08 21:31:07 +01:00
vmfunc
f50f1b933a Merge branch 'main' into feat/builtin-shodan 2026-02-08 19:22:32 +01:00
vmfunc
6f460425be Merge pull request #63 from 0x4bs3nt/feat/builtin-whois 
feat(modules): builtin whois scan as module
 2026-02-08 14:12:27 +01:00
vmfunc
261dbea356 Merge pull request #64 from 0x4bs3nt/feat/builtin-frameworks 
feat(modules): builtin framework detection as module
 2026-02-08 14:11:56 +01:00
vmfunc
16ea9047f0 Merge branch 'main' into feat/builtin-frameworks 2026-01-12 11:22:56 +01:00
vmfunc
39bd115d3c Merge branch 'main' into feat/builtin-shodan 2026-01-12 11:22:36 +01:00
vmfunc
ccf093b7e9 fix: rename to snakecase 2026-01-12 11:19:54 +01:00
vmfunc
b5398ec687 fix: renamed whois module file 
Renamed whois scan module file to differentiate from legacy whois scan
file.
 2026-01-12 11:19:54 +01:00
vmfunc
b298e2ec2c fix(conflicts): fix PR conflicts on 2026-01-12 11:19:48 +01:00
vmfunc
812d0b3e53 Merge pull request #61 from 0x4bs3nt/feat/builtin-nuclei 
feat(modules): builtin nuclei scan as module
 2026-01-11 16:39:18 -08:00
vmfunc
95cebab47f fix: rename to snakecase 2026-01-07 22:39:56 +01:00
vmfunc
579f5aff4b fix: rename to snakecase 2026-01-07 22:39:35 +01:00
vmfunc
6df46b635a fix: rename to snakecase 2026-01-07 22:39:19 +01:00
vmfunc
4a6364aba9 fix: shodan module file rename 
Renamed shodan module file to differentiate from legacy shodan lookup
files.
 2026-01-07 22:35:51 +01:00
vmfunc
e7db0777c2 fix: frameworks module file rename 
Renamed frameworks module file to differentiate from legacy framework
scans.
 2026-01-07 22:34:53 +01:00
vmfunc
9767a6b189 fix: renamed nuclei module file 
Renamed the nuclei module file to differentiate from the nuclei legacy
scan file.
 2026-01-07 22:33:49 +01:00
vmfunc
abb992aefd fix: colorizer exception 
Fixed Nuclei giving off exception for missing Colorizer on the executor
options.
 2026-01-07 19:06:51 +01:00
vmfunc
3c160de165 fix(nuclei): logdir, headless option and hosterrorscache 
Set the HostErrorsCache executor option, cache is created but not passed
as option.
Headless initialization is required even without browser templates.
Nuclei expects project file to be set
 2026-01-07 17:01:22 +01:00
vmfunc
66a752d604 fix: nuclei scan nil pointer dereference 
Fixed nil pointer dereference issues in the nuclei scan running as a
module
 2026-01-07 15:09:49 +01:00
vmfunc
45f341c97f feat(modules): legacy nuclei scan 
Converted nuclei scan to be able to run as module.
 2026-01-07 13:07:35 +01:00
vmfunc
0383c49bbd feat(modules): legacy shodan scan 
Converted legacy Go shodan scan to be able to run as module.
 2026-01-07 13:05:08 +01:00
vmfunc
e5e831541f feat(modules): legacy framework scan 
Converted legacy framework scan to be able to run as module.
 2026-01-07 13:02:40 +01:00
vmfunc
f309198f69 feat(modules): infra for builtin modules 
Infrastructure preparation for builtin complex Go module registration.
 2026-01-07 12:56:17 +01:00
vmfunc
689d575282 Merge pull request #56 from 0x4bs3nt/feat/astro-framework-detection 
feat(frameworks): add Astro framework detection
 2026-01-06 12:10:34 -08:00
vmfunc
75014e244b fix: adjust generator meta weight 
Adjusted generator meta weight to remain consistent with other meta-framework detectors.

Co-authored-by: vmfunc <celeste@router.sex>
 2026-01-06 14:45:03 +01:00