From f0e4b50d27b37ff748cafe680e44f4b7bcae9b4f Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 27 Feb 2024 18:42:39 -0500 Subject: [PATCH 01/18] Update cx.yml --- .github/workflows/cx.yml | 48 ++++++++++++++++++++-------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index b807343..8941e5d 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -1,24 +1,24 @@ -name: cx -on: - pull_request: - branches: - - master -# push: -jobs: - ast_scan: - runs-on: ubuntu-latest - name: Checkmarx scan run - steps: - - name: Run scan - uses: CheckmarxDev/ast-github-action@more_engines - id: scan - with: - github_repo_token: ${{ secrets.GITHUB_TOKEN }} - ast_uri: ${{ secrets.AST_URI }} - ast_access_key_id: ${{ secrets.AST_ACCESS_KEY_ID }} - ast_access_key_secret: ${{ secrets.AST_ACCESS_KEY_SECRET }} - sca_user: ${{ secrets.SCA_USER }} - sca_password: ${{ secrets.SCA_PASSWORD }} - action_scan_complete_timeout_secs: 600 - high_results_threshold: 0 - medium_results_threshold: 10 +# name: cx +# on: +# pull_request: +# branches: +# - master +# # push: +# jobs: +# ast_scan: +# runs-on: ubuntu-latest +# name: Checkmarx scan run +# steps: +# - name: Run scan +# uses: CheckmarxDev/ast-github-action@more_engines +# id: scan +# with: +# github_repo_token: ${{ secrets.GITHUB_TOKEN }} +# ast_uri: ${{ secrets.AST_URI }} +# ast_access_key_id: ${{ secrets.AST_ACCESS_KEY_ID }} +# ast_access_key_secret: ${{ secrets.AST_ACCESS_KEY_SECRET }} +# sca_user: ${{ secrets.SCA_USER }} +# sca_password: ${{ secrets.SCA_PASSWORD }} +# action_scan_complete_timeout_secs: 600 +# high_results_threshold: 0 +# medium_results_threshold: 10 From afcf18a6aca3f45dd4de499f5d7b6368152891c0 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 27 Feb 2024 18:43:09 -0500 Subject: [PATCH 02/18] Delete .checkmarx/config.yaml --- .checkmarx/config.yaml | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 .checkmarx/config.yaml diff --git a/.checkmarx/config.yaml b/.checkmarx/config.yaml deleted file mode 100644 index 4c45b32..0000000 --- a/.checkmarx/config.yaml +++ /dev/null @@ -1,16 +0,0 @@ -version: 1 - -checkmarx: - scan: - #optional - tags: - "fromConfig": "true" - - project: - tags: - "fromConfig": "true" - - configs: - sast: - presetName: 'Checkmarx Default' - incremental: 'true' From c8df1eda90f7c2846abd33ec3d247cd45b725981 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 27 Feb 2024 18:43:27 -0500 Subject: [PATCH 03/18] Delete .github/workflows/cx.yml --- .github/workflows/cx.yml | 24 ------------------------ 1 file changed, 24 deletions(-) delete mode 100644 .github/workflows/cx.yml diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml deleted file mode 100644 index 8941e5d..0000000 --- a/.github/workflows/cx.yml +++ /dev/null @@ -1,24 +0,0 @@ -# name: cx -# on: -# pull_request: -# branches: -# - master -# # push: -# jobs: -# ast_scan: -# runs-on: ubuntu-latest -# name: Checkmarx scan run -# steps: -# - name: Run scan -# uses: CheckmarxDev/ast-github-action@more_engines -# id: scan -# with: -# github_repo_token: ${{ secrets.GITHUB_TOKEN }} -# ast_uri: ${{ secrets.AST_URI }} -# ast_access_key_id: ${{ secrets.AST_ACCESS_KEY_ID }} -# ast_access_key_secret: ${{ secrets.AST_ACCESS_KEY_SECRET }} -# sca_user: ${{ secrets.SCA_USER }} -# sca_password: ${{ secrets.SCA_PASSWORD }} -# action_scan_complete_timeout_secs: 600 -# high_results_threshold: 0 -# medium_results_threshold: 10 From b2f7da3d344fc7063131ca86fbd0dde93e8c5fa8 Mon Sep 17 00:00:00 2001 From: CxSeanC Date: Wed, 13 Mar 2024 18:00:19 -0400 Subject: [PATCH 04/18] Editing github action --- .github/workflows/cx.yml | 27 +++++++++++++++++++++++++++ .vscode/settings.json | 3 +++ pom.xml | 2 +- target/classes/Users.hbm.xml | 23 +++++++++++++++++++++++ 4 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/cx.yml create mode 100644 .vscode/settings.json create mode 100644 target/classes/Users.hbm.xml diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml new file mode 100644 index 0000000..8c00290 --- /dev/null +++ b/.github/workflows/cx.yml @@ -0,0 +1,27 @@ +name: cx + +on: + pull_request: + branches: + - master + push: + branches: + - master + +jobs: + ast_scan: + runs-on: ubuntu-latest + name: Checkmarx scan run + + steps: + - name: Checkout code + uses: actions/checkout@v2 + + - name: Checkmarx AST CLI Action + uses: checkmarx/ast-github-action@main + with: + base_uri: https://ast.checkmarx.net/ + cx_tenant: workshop + cx_client_id: ${{ secrets.CX_CLIENT_ID }} + cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} + additional_params: '' # Specify any additional parameters you need here \ No newline at end of file diff --git a/.vscode/settings.json b/.vscode/settings.json new file mode 100644 index 0000000..e0f15db --- /dev/null +++ b/.vscode/settings.json @@ -0,0 +1,3 @@ +{ + "java.configuration.updateBuildConfiguration": "automatic" +} \ No newline at end of file diff --git a/pom.xml b/pom.xml index f6af69d..c7e3180 100644 --- a/pom.xml +++ b/pom.xml @@ -17,7 +17,7 @@ mysql mysql-connector-java - 5.1.26 + 5.2.26 org.json diff --git a/target/classes/Users.hbm.xml b/target/classes/Users.hbm.xml new file mode 100644 index 0000000..e8f5b6a --- /dev/null +++ b/target/classes/Users.hbm.xml @@ -0,0 +1,23 @@ + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file From b5658e08cd4324ba7134ee8794160fcb34f07fcf Mon Sep 17 00:00:00 2001 From: CxSeanC Date: Wed, 13 Mar 2024 18:04:02 -0400 Subject: [PATCH 05/18] HEre --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 80e96b0..56db683 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,4 @@ +Sean Test ![](https://github.com/CheckmarxDev/NodeGoat-test/workflows/cx/badge.svg) This is a "Vulnerable" Web Application developed by Cyber Security and Privacy Foundation(www.cysecurity.org). This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code.123 From df589ed8d74b8b3f7064b34300ea560339946904 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Wed, 27 Mar 2024 16:13:19 -0400 Subject: [PATCH 06/18] Update cx.yml --- .github/workflows/cx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 8c00290..a34613c 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -24,4 +24,4 @@ jobs: cx_tenant: workshop cx_client_id: ${{ secrets.CX_CLIENT_ID }} cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - additional_params: '' # Specify any additional parameters you need here \ No newline at end of file + additional_params: From 2cb8af3c1f280f289c8597f5b666f682ed4da4d2 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Wed, 27 Mar 2024 16:15:12 -0400 Subject: [PATCH 07/18] Update cx.yml --- .github/workflows/cx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index a34613c..bb9cfef 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -24,4 +24,4 @@ jobs: cx_tenant: workshop cx_client_id: ${{ secrets.CX_CLIENT_ID }} cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - additional_params: + additional_params: From 4597c6fd9733b9835f2afce333c61496c505c18e Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 30 Apr 2024 11:09:59 -0400 Subject: [PATCH 08/18] Update cx.yml --- .github/workflows/cx.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index bb9cfef..004671a 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -25,3 +25,4 @@ jobs: cx_client_id: ${{ secrets.CX_CLIENT_ID }} cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} additional_params: + From fbb9cdf864d4c149de749eefdbc16f227910d7ce Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Wed, 11 Sep 2024 14:26:34 -0400 Subject: [PATCH 09/18] Update cx.yml --- .github/workflows/cx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 004671a..6fff7d0 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -24,5 +24,5 @@ jobs: cx_tenant: workshop cx_client_id: ${{ secrets.CX_CLIENT_ID }} cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - additional_params: + additional_params: --report-format json,sbom --report-sbom-format CycloneDxJson --output-name result_summary --output-path . --output-name sbom_report --output-path . From b27b7555fa7d2c0d6b16d6d8106ac49f0c8ae091 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Wed, 11 Sep 2024 14:37:42 -0400 Subject: [PATCH 10/18] Update cx.yml --- .github/workflows/cx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 6fff7d0..2626920 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -24,5 +24,5 @@ jobs: cx_tenant: workshop cx_client_id: ${{ secrets.CX_CLIENT_ID }} cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - additional_params: --report-format json,sbom --report-sbom-format CycloneDxJson --output-name result_summary --output-path . --output-name sbom_report --output-path . + additional_params: --report-format json,sbom --report-sbom-format CycloneDxJson --output-name sean_results --output-path ./results/ --output-name sean_sbom --output-path ./results/ From 560f0a27717421b6952938f2907b82ceb6c67afb Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Thu, 26 Sep 2024 11:28:57 -0400 Subject: [PATCH 11/18] Update cx.yml --- .github/workflows/cx.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 2626920..f496035 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -7,6 +7,7 @@ on: push: branches: - master + jobs: ast_scan: From 00f35424aaf9befcb5af7421a83becb51ed63045 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Thu, 26 Sep 2024 11:33:42 -0400 Subject: [PATCH 12/18] Update cx.yml --- .github/workflows/cx.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index f496035..96ed447 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -8,7 +8,6 @@ on: branches: - master - jobs: ast_scan: runs-on: ubuntu-latest From 579ef1689b9dae7ba7223e5cae44cfb70a1c93ed Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Thu, 26 Sep 2024 11:46:44 -0400 Subject: [PATCH 13/18] Update cx.yml --- .github/workflows/cx.yml | 69 +++++++++++++++++++++++++++++----------- 1 file changed, 51 insertions(+), 18 deletions(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 96ed447..6f59d1b 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -1,28 +1,61 @@ -name: cx + +name: Debugging Action on: - pull_request: - branches: - - master push: branches: - - master - + - main + pull_request: + branches: + - main + jobs: - ast_scan: + debug-job: runs-on: ubuntu-latest - name: Checkmarx scan run steps: - name: Checkout code - uses: actions/checkout@v2 - - - name: Checkmarx AST CLI Action - uses: checkmarx/ast-github-action@main - with: - base_uri: https://ast.checkmarx.net/ - cx_tenant: workshop - cx_client_id: ${{ secrets.CX_CLIENT_ID }} - cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - additional_params: --report-format json,sbom --report-sbom-format CycloneDxJson --output-name sean_results --output-path ./results/ --output-name sean_sbom --output-path ./results/ + uses: actions/checkout@v3 + + - name: Dummy Debug Step + run: | + echo "Starting debug step..." + echo "Debugging purpose: Print environment variables" + env + + - name: Complete Debug Step + run: echo "Debugging step completed!" + + +# name: cx + +# on: +# pull_request: +# branches: +# - master +# push: +# branches: +# - master + +# jobs: +# ast_scan: +# runs-on: ubuntu-latest +# name: Checkmarx scan run + +# steps: +# - name: Checkout code +# uses: actions/checkout@v2 +# - name: Dummy Debug Step +# run: | +# echo "Starting debug step..." +# echo "Debugging purpose: Print environment variables" +# env +# # - name: Checkmarx AST CLI Action +# # uses: checkmarx/ast-github-action@main +# # with: +# # base_uri: https://ast.checkmarx.net/ +# # cx_tenant: workshop +# # cx_client_id: ${{ secrets.CX_CLIENT_ID }} +# # cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} +# # additional_params: --report-format json,sbom --report-sbom-format CycloneDxJson --output-name sean_results --output-path ./results/ --output-name sean_sbom --output-path ./results/ From 17eda210c54547352953f7a64c5f75faf05e348c Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 17 Dec 2024 08:18:32 -0500 Subject: [PATCH 14/18] Update cx.yml --- .github/workflows/cx.yml | 68 ++++++++++------------------------------ 1 file changed, 17 insertions(+), 51 deletions(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 6f59d1b..90df262 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -1,61 +1,27 @@ - -name: Debugging Action +name: cx on: - push: - branches: - - main pull_request: branches: - - main - + - master + push: + branches: + - master + jobs: - debug-job: + ast_scan: runs-on: ubuntu-latest + name: Checkmarx scan run steps: - name: Checkout code - uses: actions/checkout@v3 - - - name: Dummy Debug Step - run: | - echo "Starting debug step..." - echo "Debugging purpose: Print environment variables" - env - - - name: Complete Debug Step - run: echo "Debugging step completed!" - - -# name: cx - -# on: -# pull_request: -# branches: -# - master -# push: -# branches: -# - master - -# jobs: -# ast_scan: -# runs-on: ubuntu-latest -# name: Checkmarx scan run - -# steps: -# - name: Checkout code -# uses: actions/checkout@v2 -# - name: Dummy Debug Step -# run: | -# echo "Starting debug step..." -# echo "Debugging purpose: Print environment variables" -# env -# # - name: Checkmarx AST CLI Action -# # uses: checkmarx/ast-github-action@main -# # with: -# # base_uri: https://ast.checkmarx.net/ -# # cx_tenant: workshop -# # cx_client_id: ${{ secrets.CX_CLIENT_ID }} -# # cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} -# # additional_params: --report-format json,sbom --report-sbom-format CycloneDxJson --output-name sean_results --output-path ./results/ --output-name sean_sbom --output-path ./results/ + uses: actions/checkout@v2 + - name: Checkmarx AST CLI Action + uses: checkmarx/ast-github-action@main + with: + base_uri: https://ast.checkmarx.net/ + cx_tenant: workshop + cx_client_id: ${{ secrets.CX_CLIENT_ID }} + cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} + additional_params: From b1cd59518278bf60c6fa40b2ccc4499d1c50a5c7 Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Fri, 7 Mar 2025 10:41:29 -0500 Subject: [PATCH 15/18] Update cx.yml --- .github/workflows/cx.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 90df262..58594c7 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -23,5 +23,4 @@ jobs: cx_tenant: workshop cx_client_id: ${{ secrets.CX_CLIENT_ID }} cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - additional_params: From 693e309da7e4979f0a1f0bd6681dce6d9dda48aa Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 25 Mar 2025 08:38:01 -0400 Subject: [PATCH 16/18] Update cx.yml --- .github/workflows/cx.yml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 58594c7..733b07a 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -12,15 +12,14 @@ jobs: ast_scan: runs-on: ubuntu-latest name: Checkmarx scan run - + steps: - name: Checkout code uses: actions/checkout@v2 - name: Checkmarx AST CLI Action uses: checkmarx/ast-github-action@main with: - base_uri: https://ast.checkmarx.net/ - cx_tenant: workshop - cx_client_id: ${{ secrets.CX_CLIENT_ID }} - cx_client_secret: ${{ secrets.CX_CLIENT_SECRET }} - + base_uri: https://us.ast.checkmarx.net/ + cx_tenant: wiley + cx_api_key: ${{ secrets.CX_API_KEY }} + From c8e997e34fcc24dfcee97a17f8c18eef3939003d Mon Sep 17 00:00:00 2001 From: CxSeanC <81707723+CxSeanC@users.noreply.github.com> Date: Tue, 25 Mar 2025 08:46:48 -0400 Subject: [PATCH 17/18] Update cx.yml --- .github/workflows/cx.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cx.yml b/.github/workflows/cx.yml index 733b07a..d91f0cf 100644 --- a/.github/workflows/cx.yml +++ b/.github/workflows/cx.yml @@ -20,6 +20,6 @@ jobs: uses: checkmarx/ast-github-action@main with: base_uri: https://us.ast.checkmarx.net/ - cx_tenant: wiley + cx_tenant: workshop cx_api_key: ${{ secrets.CX_API_KEY }} From 887a910b8868f19c17bd1ba3a7623f1395f5e1c1 Mon Sep 17 00:00:00 2001 From: Sean Carroll <81707723+cx-sean-carroll@users.noreply.github.com> Date: Tue, 24 Jun 2025 15:34:52 -0400 Subject: [PATCH 18/18] Update README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 56db683..80e96b0 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,3 @@ -Sean Test ![](https://github.com/CheckmarxDev/NodeGoat-test/workflows/cx/badge.svg) This is a "Vulnerable" Web Application developed by Cyber Security and Privacy Foundation(www.cysecurity.org). This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code.123