chore(deps): update tools versions#643
Conversation
cd6ceba to
8b5f4b2
Compare
f555926 to
cf237a4
Compare
|
Important Review skippedAuto incremental reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
WalkthroughThe changes update the Changes
Poem
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (1)
to_install.sh (1)
1-1: Add shebang and fail-fast flagShellcheck (SC2148) flags the missing shebang. Add
#!/usr/bin/env bashandset -eto define the interpreter and exit on errors:+#!/usr/bin/env bash +set -e secator update && secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1🧰 Tools
🪛 Shellcheck (0.10.0)
[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
(SC2148)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (9)
secator/tasks/cariddi.py(1 hunks)secator/tasks/fping.py(1 hunks)secator/tasks/gitleaks.py(1 hunks)secator/tasks/grype.py(1 hunks)secator/tasks/naabu.py(1 hunks)secator/tasks/nuclei.py(1 hunks)secator/tasks/subfinder.py(1 hunks)secator/tasks/trivy.py(1 hunks)to_install.sh(1 hunks)
🧰 Additional context used
🧬 Code Graph Analysis (1)
to_install.sh (1)
secator/cli.py (1)
update(1369-1412)
🪛 Shellcheck (0.10.0)
to_install.sh
[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
(SC2148)
⏰ Context from checks skipped due to timeout of 90000ms (2)
- GitHub Check: integration (3.11, ubuntu-latest)
- GitHub Check: test-tasks (ubuntu-latest)
🔇 Additional comments (9)
secator/tasks/naabu.py (1)
53-53: Bump naabu install_version to v2.3.4
Theinstall_versionhas been updated to the latest release and remains consistent with the placeholder usage ininstall_cmd. No functional changes otherwise.secator/tasks/gitleaks.py (1)
40-40: Update gitleaks install_version to v8.26.0
The version bump aligns with the coordinated tool updates and the shell script. The[install_version]placeholder in clone paths remains correct.secator/tasks/fping.py (1)
33-33: Raise fping install_version to v5.3
Theinstall_versionupdate matches the repository release and stays in sync with other secator tasks. No downstream impact detected.secator/tasks/grype.py (1)
35-35: Bump grype install_version to v0.92.2
The version string is updated correctly; install_cmd still references the upstream install script. Ensure that the installer script supports this tag or continues to retrieve the intended version.secator/tasks/trivy.py (1)
37-37: Upgrade trivy install_version to v0.62.1
The version constant is updated, and the[install_version]placeholder is present ininstall_cmd. Confirm the install script uses this parameter to pin the desired release.secator/tasks/subfinder.py (1)
36-36: Approve version bump to subfinder v2.7.1The
install_versionattribute has been updated to the latest patch release, aligning with the coordinated toolchain update.secator/tasks/cariddi.py (1)
59-59: Approve version bump to cariddi v1.4.1The
install_versionattribute has been updated to the latest patch release, keeping the crawler tool current.secator/tasks/nuclei.py (1)
86-86: Approve version bump to nuclei v3.4.4The
install_versionattribute has been updated to the newest release, ensuring the vulnerability scanner is up to date.to_install.sh (1)
1-1:Details
✅ Verification successful
Verify version consistency across task modules
Ensure the versions in this script match each
install_versioninsecator/tasks/*.py. Run this check:
🏁 Script executed:
#!/bin/bash # Verify task module install_version matches to_install.sh declare -A versions=( [cariddi]=v1.4.1 [fping]=v5.3 [gitleaks]=v8.26.0 [grype]=v0.92.2 [naabu]=v2.3.4 [nuclei]=v3.4.4 [subfinder]=v2.7.1 [trivy]=v0.62.1 ) status=0 for tool in "${!versions[@]}"; do file="secator/tasks/${tool}.py" expected="${versions[$tool]}" if ! grep -q "install_version = '$expected'" "$file"; then echo "Mismatch: $file does not have install_version = '$expected'" status=1 fi done exit $statusLength of output: 1423
✅ Versions in to_install.sh and secator/tasks/*.py are consistent
All
install_versionvalues insecator/tasks/*.pymatch the versions specified into_install.sh. No further changes are needed.🧰 Tools
🪛 Shellcheck (0.10.0)
[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
(SC2148)
cf237a4 to
3189a6e
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
to_install.sh (1)
1-1: Optional: Quote the comma-separated tool listDepending on how
secatorparses its arguments, wrapping the entire list in quotes can ensure it’s passed as one parameter:-secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1 +secator install tools "cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1"🧰 Tools
🪛 Shellcheck (0.10.0)
[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
(SC2148)
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (11)
CHANGELOG.md(1 hunks)pyproject.toml(1 hunks)secator/tasks/cariddi.py(1 hunks)secator/tasks/fping.py(1 hunks)secator/tasks/gitleaks.py(1 hunks)secator/tasks/grype.py(1 hunks)secator/tasks/naabu.py(1 hunks)secator/tasks/nuclei.py(1 hunks)secator/tasks/subfinder.py(1 hunks)secator/tasks/trivy.py(1 hunks)to_install.sh(1 hunks)
✅ Files skipped from review due to trivial changes (3)
- secator/tasks/subfinder.py
- pyproject.toml
- secator/tasks/cariddi.py
🚧 Files skipped from review as they are similar to previous changes (6)
- secator/tasks/grype.py
- secator/tasks/naabu.py
- secator/tasks/trivy.py
- secator/tasks/gitleaks.py
- secator/tasks/nuclei.py
- secator/tasks/fping.py
🧰 Additional context used
🪛 LanguageTool
CHANGELOG.md
[uncategorized] ~8-~8: Loose punctuation mark.
Context: ... (2025-05-25) ### Features * dnsx: merge dnsxbrute into dnsx ([#571]...
(UNLIKELY_OPENING_PUNCTUATION)
🪛 Shellcheck (0.10.0)
to_install.sh
[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
(SC2148)
⏰ Context from checks skipped due to timeout of 90000ms (3)
- GitHub Check: test-tasks (ubuntu-latest)
- GitHub Check: test-tasks (ubuntu-latest)
- GitHub Check: integration (3.11, ubuntu-latest)
🔇 Additional comments (1)
CHANGELOG.md (1)
3-3:Details
✅ Verification successful
Verify compare-range tag in the new release header
The 0.16.0 entry references
v0.15.1as its base, but the previous section is for 0.15.0. Please confirm thatv0.15.1exists, or update the URL tov0.15.0:
🏁 Script executed:
#!/bin/bash # Check if tag v0.15.1 is present in the repo git tag | grep -E '^v0\.15\.1$'Length of output: 33
🏁 Script executed:
#!/bin/bash # Ensure all remote tags are present locally and check for v0.15.1 git fetch --tags --quiet git tag | grep -E '^v0\.15\.1$'Length of output: 68
CHANGELOG compare link validated
Confirmed that tagv0.15.1exists in the repository, so the comparison URL for the 0.16.0 release is correct. No changes needed.
| @@ -0,0 +1 @@ | |||
| secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1 | |||
There was a problem hiding this comment.
🛠️ Refactor suggestion
Specify shell and enable strict modes
ShellCheck SC2148 indicates that the script’s interpreter is unknown. It’s best to add a shebang and enable strict settings to prevent silent failures:
+#!/usr/bin/env bash
+set -euo pipefail
secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1🧰 Tools
🪛 Shellcheck (0.10.0)
[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
(SC2148)
🤖 Prompt for AI Agents
In to_install.sh at line 1, the script lacks a shebang line specifying the shell
interpreter and does not enable strict modes. Add a shebang line such as
#!/bin/bash at the very top of the file and enable strict modes by adding set
-euo pipefail after the shebang to ensure the script exits on errors, treats
unset variables as errors, and fails on pipeline errors.
694058b to
3be369d
Compare
9476453 to
6dca65c
Compare
0316133 to
ee2b824
Compare
563b855 to
8310c5d
Compare
67c7cb9 to
5b0a9f0
Compare
43538cb to
976cfd7
Compare
7a43813 to
bb113fa
Compare
60e84aa to
2577c6c
Compare
573cb15 to
07105a8
Compare
6626bc7 to
02893df
Compare
40ee682 to
99a4bd7
Compare
394ca89 to
993992b
Compare
Automated updates for tool versions based on
secator health --bleeding.Please review the changes and merge if appropriate.