Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#810 challenge 42: Created a settings.xml to connect to an imaginary Nexus repo #1034

Closed
wants to merge 16 commits into from
Closed

#810 challenge 42: Created a settings.xml to connect to an imaginary Nexus repo #1034

wants to merge 16 commits into from

Conversation

divyanshuagarwal-23
Copy link

@divyanshuagarwal-23 divyanshuagarwal-23 commented Oct 12, 2023
edited by commjoen
Loading

What kind of changes does this PR include?

-Fixes

Description

As per #810 task one was to Create a settings.xml to connect to an imaginary Nexus repo,
I have created the settings.xml file for the same
and have created a challenge reading the credential

Relations

closes #810

References

issue: #810
took ref from: https://github.com/sonatype/nexus-book-examples/blob/master/maven/settings/settings.xml

@divyanshuagarwal-23 divyanshuagarwal-23 mentioned this pull request Oct 12, 2023
Open
2 tasks
@commjoen
Copy link
Collaborator

Hi @divyanshuagarwal-23 can you please add the challenge code itself as well? having only the isolated XML will not do a lot without the challenge itself. Please have a look at https://github.com/OWASP/wrongsecrets/blob/master/CONTRIBUTING.md on how to add a challenge .

github-advanced-security[bot]
github-advanced-security bot found potential problems Oct 13, 2023
View reviewed changes
maven/settings/settings.xml
Comment on lines +16 to +25
<repository>
<id>central</id>
<url>http://central</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>

Check failure

Code scanning / CodeQL

Failure to use HTTPS or SFTP URL in Maven artifact upload/download High

Downloading or uploading artifacts over insecure protocol (eg. http or ftp) to/from repository http://central
maven/settings/settings.xml
Comment on lines +28 to +37
<pluginRepository>
<id>central</id>
<url>http://central</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</pluginRepository>

Check failure

Code scanning / CodeQL

Failure to use HTTPS or SFTP URL in Maven artifact upload/download High

Downloading or uploading artifacts over insecure protocol (eg. http or ftp) to/from repository http://central
@divyanshuagarwal-23
Copy link
Author

Sure, working on it

@divyanshuagarwal-23
Copy link
Author

Hello @commjoen I have added the challenge as well, please review all the changes now

@commjoen
Copy link
Collaborator

commjoen commented Oct 17, 2023
edited
Loading

Can you please refactor your challenge to number 42? 41 has been merged and your changes override the current challenge 41 instead of creating a new one.

@commjoen commjoen changed the title #810 Created a settings.xml to connect to an imaginary Nexus repo #810 challenge 42: Created a settings.xml to connect to an imaginary Nexus repo Oct 18, 2023
@divyanshuagarwal-23
OWASP#810 update the challenge
eed9ee2
@divyanshuagarwal-23
Merge remote-tracking branch 'origin/nexus-credentials' into nexus-cr…
9124030 
…edentials

# Conflicts:
#	src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge42.java
@divyanshuagarwal-23
Copy link
Author

@commjoen done, I have updated the challenge

@commjoen
Copy link
Collaborator

Uhoh, it looks like your deleting challenge41 now and partially overwrite.. Can we do something instead please?

  1. sync your fork (make sure your local master is up to date)
  2. create a new branch from master
  3. copy the new Challenge42.java, the ascidoc files, and the settings.xml file to that branch
  4. create a new PR.

@commjoen
Copy link
Collaborator

Closing this in favor of https://github.com/OWASP/wrongsecrets/pull/1046/files . Thank you!

@commjoen commjoen closed this Oct 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@commjoen commjoen Awaiting requested review from commjoen commjoen is a code owner

@bendehaan bendehaan Awaiting requested review from bendehaan bendehaan is a code owner

Assignees
No one assigned
Labels
hacktoberfest-accepted
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Nexus deployment credentials in settings.xml
2 participants
@divyanshuagarwal-23 @commjoen