gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-04-28 11:33:06 -07:00
Code Issues Packages Projects Releases Wiki Activity
334 Commits 14 Branches 61 Tags
c6143f7f39a1f72f4c05917fb74152f7158765b0
Commit Graph

37 Commits

Author SHA1 Message Date
dependabot[bot]
c6143f7f39 chore(deps): bump go.opentelemetry.io/otel 
Bumps the go_modules group with 1 update in the / directory: [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go).


Updates `go.opentelemetry.io/otel` from 1.38.0 to 1.41.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.38.0...v1.41.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-version: 1.41.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-24 20:33:16 +00:00
dependabot[bot]
7123e392c9 chore(deps): bump the go_modules group across 1 directory with 5 updates 
Bumps the go_modules group with 3 updates in the / directory: [github.com/projectdiscovery/nuclei/v3](https://github.com/projectdiscovery/nuclei), [github.com/Azure/go-ntlmssp](https://github.com/Azure/go-ntlmssp) and [github.com/go-git/go-git/v5](https://github.com/go-git/go-git).


Updates `github.com/projectdiscovery/nuclei/v3` from 3.7.1 to 3.8.0
- [Release notes](https://github.com/projectdiscovery/nuclei/releases)
- [Commits](https://github.com/projectdiscovery/nuclei/compare/v3.7.1...v3.8.0)

Updates `github.com/Azure/go-ntlmssp` from 0.1.0 to 0.1.1
- [Release notes](https://github.com/Azure/go-ntlmssp/releases)
- [Commits](https://github.com/Azure/go-ntlmssp/compare/v0.1.0...v0.1.1)

Updates `github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream` from 1.6.11 to 1.7.8
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/service/rum/v1.6.11...service/m2/v1.7.8)

Updates `github.com/buger/jsonparser` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/buger/jsonparser/releases)
- [Commits](https://github.com/buger/jsonparser/compare/v1.1.1...v1.1.2)

Updates `github.com/go-git/go-git/v5` from 5.17.1 to 5.18.0
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.17.1...v5.18.0)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/nuclei/v3
  dependency-version: 3.8.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/Azure/go-ntlmssp
  dependency-version: 0.1.1
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream
  dependency-version: 1.7.8
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/buger/jsonparser
  dependency-version: 1.1.2
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.18.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-24 07:40:32 +00:00
celeste
30bf148768 Merge pull request #92 from vmfunc/dependabot/go_modules/go_modules-f67f74747b 
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.5 to 5.17.1 in the go_modules group across 1 directory
 2026-04-24 00:37:42 -07:00
celeste
3d04a61b27 Merge pull request #89 from vmfunc/dependabot/go_modules/github.com/charmbracelet/log-1.0.0 
chore(deps): bump github.com/charmbracelet/log from 0.4.2 to 1.0.0
 2026-04-24 00:37:22 -07:00
dependabot[bot]
c527668c60 chore(deps): bump github.com/projectdiscovery/utils from 0.9.0 to 0.10.1 
Bumps [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) from 0.9.0 to 0.10.1.
- [Release notes](https://github.com/projectdiscovery/utils/releases)
- [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md)
- [Commits](https://github.com/projectdiscovery/utils/compare/v0.9.0...v0.10.1)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/utils
  dependency-version: 0.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-17 12:43:54 +00:00
dependabot[bot]
4152e74ade chore(deps): bump github.com/go-git/go-git/v5 
Bumps the go_modules group with 1 update in the / directory: [github.com/go-git/go-git/v5](https://github.com/go-git/go-git).


Updates `github.com/go-git/go-git/v5` from 5.16.5 to 5.17.1
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.16.5...v5.17.1)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.17.1
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 17:15:28 +00:00
dependabot[bot]
abe8bac165 chore(deps): bump github.com/charmbracelet/log from 0.4.2 to 1.0.0 
Bumps [github.com/charmbracelet/log](https://github.com/charmbracelet/log) from 0.4.2 to 1.0.0.
- [Release notes](https://github.com/charmbracelet/log/releases)
- [Commits](https://github.com/charmbracelet/log/compare/v0.4.2...v1.0.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/log
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-13 12:44:04 +00:00
celeste
d6c52d3dd8 Merge pull request #87 from vmfunc/dependabot/go_modules/github.com/projectdiscovery/nuclei/v3-3.7.1 
chore(deps): bump github.com/projectdiscovery/nuclei/v3 from 3.7.0 to 3.7.1
 2026-03-06 22:01:46 +01:00
dependabot[bot]
d5067d08b2 chore(deps): bump github.com/antchfx/htmlquery from 1.3.5 to 1.3.6 
Bumps [github.com/antchfx/htmlquery](https://github.com/antchfx/htmlquery) from 1.3.5 to 1.3.6.
- [Release notes](https://github.com/antchfx/htmlquery/releases)
- [Commits](https://github.com/antchfx/htmlquery/compare/v1.3.5...v1.3.6)

---
updated-dependencies:
- dependency-name: github.com/antchfx/htmlquery
  dependency-version: 1.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-06 12:44:13 +00:00
dependabot[bot]
98c987bfbb chore(deps): bump github.com/projectdiscovery/nuclei/v3 
Bumps [github.com/projectdiscovery/nuclei/v3](https://github.com/projectdiscovery/nuclei) from 3.7.0 to 3.7.1.
- [Release notes](https://github.com/projectdiscovery/nuclei/releases)
- [Commits](https://github.com/projectdiscovery/nuclei/compare/v3.7.0...v3.7.1)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/nuclei/v3
  dependency-version: 3.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-06 12:44:06 +00:00
dependabot[bot]
93783d8bd3 chore(deps): bump the go_modules group across 1 directory with 2 updates 
Bumps the go_modules group with 2 updates in the / directory: [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) and [github.com/cloudflare/circl](https://github.com/cloudflare/circl).


Updates `filippo.io/edwards25519` from 1.1.0 to 1.1.1
- [Commits](https://github.com/FiloSottile/edwards25519/compare/v1.1.0...v1.1.1)

Updates `github.com/cloudflare/circl` from 1.6.1 to 1.6.3
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](https://github.com/cloudflare/circl/compare/v1.6.1...v1.6.3)

---
updated-dependencies:
- dependency-name: filippo.io/edwards25519
  dependency-version: 1.1.1
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/cloudflare/circl
  dependency-version: 1.6.3
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-25 19:34:14 +00:00
dependabot[bot]
fef7806ac2 chore(deps): bump github.com/refraction-networking/utls (#78) 
Bumps the go_modules group with 1 update in the / directory: [github.com/refraction-networking/utls](https://github.com/refraction-networking/utls).


Updates `github.com/refraction-networking/utls` from 1.8.1 to 1.8.2
- [Release notes](https://github.com/refraction-networking/utls/releases)
- [Commits](https://github.com/refraction-networking/utls/compare/v1.8.1...v1.8.2)

---
updated-dependencies:
- dependency-name: github.com/refraction-networking/utls
  dependency-version: 1.8.2
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-23 02:11:40 +01:00
dependabot[bot]
5ddfbc6204 chore(deps): bump github.com/likexian/whois from 1.15.1 to 1.15.7 (#67) 
Bumps [github.com/likexian/whois](https://github.com/likexian/whois) from 1.15.1 to 1.15.7.
- [Release notes](https://github.com/likexian/whois/releases)
- [Commits](https://github.com/likexian/whois/compare/v1.15.1...v1.15.7)

---
updated-dependencies:
- dependency-name: github.com/likexian/whois
  dependency-version: 1.15.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:32:55 +01:00
dependabot[bot]
b522aa3206 chore(deps): bump github.com/charmbracelet/log from 0.2.4 to 0.4.2 (#74) 
Bumps [github.com/charmbracelet/log](https://github.com/charmbracelet/log) from 0.2.4 to 0.4.2.
- [Release notes](https://github.com/charmbracelet/log/releases)
- [Commits](https://github.com/charmbracelet/log/compare/v0.2.4...v0.4.2)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/log
  dependency-version: 0.4.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-13 15:11:38 +01:00
vmfunc
e94fda0acf deps: bump go-git to v5.16.5 - fixes CVE-2026-25934 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:39:00 +01:00
vmfunc
03a9488b65 internal/scan: migrate nuclei integration to v3 SDK 
replace ~100 lines of manual nuclei v2 plumbing (catalog, loader, core,
protocolstate, protocolinit, hosterrorscache, interactsh, reporting,
ratelimit, testutils) with the v3 lib SDK - NewNucleiEngineCtx +
functional options.

drops direct ratelimit dep, mholt/archiver and nwaples/rardecode
(resolves dependabot CVE alerts for path traversal + DoS).

Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:22:25 +01:00
vmfunc
426a301182 deps: bump projectdiscovery/utils to v0.9.0 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:03:47 +01:00
vmfunc
953ef299c9 deps: bump goflags to v0.1.74 
Signed-off-by: vmfunc <celeste@linux.com>
 2026-02-13 01:03:46 +01:00
vmfunc
1bf927b895 fix: update dependencies to address security vulnerabilities 
- golang.org/x/crypto v0.26.0 -> v0.46.0 (critical: ssh auth bypass)
- golang.org/x/net v0.28.0 -> v0.48.0 (medium: xss vulnerability)
- golang.org/x/oauth2 v0.11.0 -> v0.34.0 (high: input validation)
- quic-go v0.48.2 -> v0.58.0 (high: panic on undecryptable packets)
- golang-jwt/jwt v4.5.1 -> v4.5.2 (high: memory allocation)
- cloudflare/circl v1.3.7 -> v1.6.2 (low: validation issues)
- refraction-networking/utls v1.5.4 -> v1.8.1 (medium: tls downgrade)
- ulikunitz/xz v0.5.11 -> v0.5.15 (medium: memory leak)
- klauspost/compress v1.16.7 -> v1.17.4

also fixes go vet warnings for non-constant format strings
 2026-01-02 18:03:27 -08:00
dependabot[bot]
1d4673c078 build(deps): bump github.com/quic-go/quic-go in the go_modules group 
Bumps the go_modules group with 1 update: [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go).


Updates `github.com/quic-go/quic-go` from 0.42.0 to 0.48.2
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.42.0...v0.48.2)

---
updated-dependencies:
- dependency-name: github.com/quic-go/quic-go
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-02 17:51:08 +00:00
dependabot[bot]
8a0ed28bd5 build(deps): bump github.com/golang-jwt/jwt/v4 in the go_modules group 
Bumps the go_modules group with 1 update: [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt).


Updates `github.com/golang-jwt/jwt/v4` from 4.5.0 to 4.5.1
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.5.0...v4.5.1)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-11-04 23:33:18 +00:00
dependabot[bot]
7aa52c2d78 build(deps): bump github.com/hashicorp/go-retryablehttp 
Bumps the go_modules group with 1 update: [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp).


Updates `github.com/hashicorp/go-retryablehttp` from 0.7.2 to 0.7.7
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.2...v0.7.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-24 22:11:06 +00:00
dependabot[bot]
1c077eeb9f build(deps): bump github.com/projectdiscovery/interactsh 
Bumps the go_modules group with 1 update in the / directory: [github.com/projectdiscovery/interactsh](https://github.com/projectdiscovery/interactsh).


Updates `github.com/projectdiscovery/interactsh` from 1.1.6 to 1.2.0
- [Release notes](https://github.com/projectdiscovery/interactsh/releases)
- [Changelog](https://github.com/projectdiscovery/interactsh/blob/main/.goreleaser.yml)
- [Commits](https://github.com/projectdiscovery/interactsh/compare/v1.1.6...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/interactsh
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-05 17:07:28 +00:00
dependabot[bot]
ae9750f079 build(deps): bump golang.org/x/net 
Bumps the go_modules group with 1 update in the / directory: [golang.org/x/net](https://github.com/golang/net).


Updates `golang.org/x/net` from 0.20.0 to 0.23.0
- [Commits](https://github.com/golang/net/compare/v0.20.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-19 13:02:39 +00:00
vmfunc
855363e078 chore: update go modfile 2024-04-15 02:42:54 +02:00
dependabot[bot]
c76a6c3555 build(deps): bump the go_modules group across 1 directory with 3 updates 
Bumps the go_modules group with 3 updates in the / directory: [github.com/cloudflare/circl](https://github.com/cloudflare/circl), [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) and google.golang.org/protobuf.


Updates `github.com/cloudflare/circl` from 1.3.3 to 1.3.7
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](https://github.com/cloudflare/circl/compare/v1.3.3...v1.3.7)

Updates `github.com/quic-go/quic-go` from 0.37.4 to 0.42.0
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Changelog](https://github.com/quic-go/quic-go/blob/master/Changelog.md)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.37.4...v0.42.0)

Updates `google.golang.org/protobuf` from 1.31.0 to 1.33.0

---
updated-dependencies:
- dependency-name: github.com/cloudflare/circl
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: github.com/quic-go/quic-go
  dependency-type: indirect
  dependency-group: go_modules-security-group
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
  dependency-group: go_modules-security-group
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-02 14:19:23 +00:00
syscats
ad18133b88 chore: update dependencies 2024-02-04 15:09:18 +01:00
Sol Fisher Romanoff
7aa66ee6b7 Use nuclei API to scan nuclei templates 2023-09-14 20:48:28 +03:00
Sol Fisher Romanoff
755b4641c7 Refactor 2023-09-14 20:46:47 +03:00
Sol Fisher Romanoff
4f117c465f config: use goflags instead of pflag 2023-09-14 20:46:47 +03:00
Sol Fisher Romanoff
04a304908a Add nuclei template parsing support 2023-09-14 20:46:47 +03:00
Sol Fisher Romanoff
e839d817ca go mod tidy 2023-09-14 20:46:45 +03:00
pushfs
09f761d908 dork: add dorking feature 2023-09-14 20:46:45 +03:00
pushfs
69db4b26ef progress bar 2023-09-01 19:34:18 +02:00
Sol Fisher Romanoff
fdb46284f6 Add flag parsing for --file and --url 2023-09-01 19:12:25 +03:00
pushfs
d2e214f691 asdd 2023-09-01 17:28:59 +02:00
pushfs
50dd6e38a7 base logging 2023-09-01 17:27:19 +02:00