Skip to content

chore(deps): update tools versions#643

Open
ocervell wants to merge 1 commit into
mainfrom
chore/update-tools-version
Open

chore(deps): update tools versions#643
ocervell wants to merge 1 commit into
mainfrom
chore/update-tools-version

Conversation

@ocervell

@ocervell ocervell commented May 14, 2025

Copy link
Copy Markdown
Contributor

Automated updates for tool versions based on secator health --bleeding.

Please review the changes and merge if appropriate.

@ocervell ocervell added automated dependencies Pull requests that update a dependency file labels May 14, 2025
@ocervell ocervell force-pushed the chore/update-tools-version branch from cd6ceba to 8b5f4b2 Compare May 15, 2025 01:52
@ocervell ocervell force-pushed the chore/update-tools-version branch from f555926 to cf237a4 Compare May 25, 2025 02:02
@coderabbitai

coderabbitai Bot commented May 25, 2025

Copy link
Copy Markdown
Contributor

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: e78ec188-92e5-4a0f-88b9-a9dbb0a46dac

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review

Walkthrough

The changes update the install_version attribute for several tool classes in the secator/tasks directory to newer versions. Additionally, a new shell script to_install.sh is introduced to automate the installation of these tools at the specified versions using the secator package manager. The project version in pyproject.toml is also incremented to 0.16.0, and the changelog is updated accordingly.

Changes

File(s) Change Summary
secator/tasks/cariddi.py Updated install_version from 'v1.3.6' to 'v1.4.1' in class cariddi.
secator/tasks/fping.py Updated install_version from 'v5.1' to 'v5.3' in class fping.
secator/tasks/gitleaks.py Updated install_version from 'v8.24.3' to 'v8.26.0' in class gitleaks.
secator/tasks/grype.py Updated install_version from 'v0.91.2' to 'v0.92.2' in class grype.
secator/tasks/naabu.py Updated install_version from 'v2.3.3' to 'v2.3.4' in class naabu.
secator/tasks/nuclei.py Updated install_version from 'v3.4.2' to 'v3.4.4' in class nuclei.
secator/tasks/subfinder.py Updated install_version from 'v2.7.0' to 'v2.7.1' in class subfinder.
secator/tasks/trivy.py Updated install_version from 'v0.61.1' to 'v0.62.1' in class trivy.
to_install.sh Added new shell script to automate installation of all updated tools with fixed versions.
CHANGELOG.md Added entry for version 0.16.0 with features, bug fixes, and documentation updates.
pyproject.toml Updated project version from "0.15.0" to "0.16.0".

Poem

The tools all got a shiny new coat,
With versions updated, each gets my vote!
A script now hops in, installs with glee,
Ensuring all tools are as fresh as can be.
🐇✨
Hop, install, and scan away—
Secator’s ready for a brand-new day!

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch chore/update-tools-version

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

🧹 Nitpick comments (1)
to_install.sh (1)

1-1: Add shebang and fail-fast flag

Shellcheck (SC2148) flags the missing shebang. Add #!/usr/bin/env bash and set -e to define the interpreter and exit on errors:

+#!/usr/bin/env bash
+set -e
 secator update && secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1
🧰 Tools
🪛 Shellcheck (0.10.0)

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8392551 and cf237a4.

📒 Files selected for processing (9)
  • secator/tasks/cariddi.py (1 hunks)
  • secator/tasks/fping.py (1 hunks)
  • secator/tasks/gitleaks.py (1 hunks)
  • secator/tasks/grype.py (1 hunks)
  • secator/tasks/naabu.py (1 hunks)
  • secator/tasks/nuclei.py (1 hunks)
  • secator/tasks/subfinder.py (1 hunks)
  • secator/tasks/trivy.py (1 hunks)
  • to_install.sh (1 hunks)
🧰 Additional context used
🧬 Code Graph Analysis (1)
to_install.sh (1)
secator/cli.py (1)
  • update (1369-1412)
🪛 Shellcheck (0.10.0)
to_install.sh

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

⏰ Context from checks skipped due to timeout of 90000ms (2)
  • GitHub Check: integration (3.11, ubuntu-latest)
  • GitHub Check: test-tasks (ubuntu-latest)
🔇 Additional comments (9)
secator/tasks/naabu.py (1)

53-53: Bump naabu install_version to v2.3.4
The install_version has been updated to the latest release and remains consistent with the placeholder usage in install_cmd. No functional changes otherwise.

secator/tasks/gitleaks.py (1)

40-40: Update gitleaks install_version to v8.26.0
The version bump aligns with the coordinated tool updates and the shell script. The [install_version] placeholder in clone paths remains correct.

secator/tasks/fping.py (1)

33-33: Raise fping install_version to v5.3
The install_version update matches the repository release and stays in sync with other secator tasks. No downstream impact detected.

secator/tasks/grype.py (1)

35-35: Bump grype install_version to v0.92.2
The version string is updated correctly; install_cmd still references the upstream install script. Ensure that the installer script supports this tag or continues to retrieve the intended version.

secator/tasks/trivy.py (1)

37-37: Upgrade trivy install_version to v0.62.1
The version constant is updated, and the [install_version] placeholder is present in install_cmd. Confirm the install script uses this parameter to pin the desired release.

secator/tasks/subfinder.py (1)

36-36: Approve version bump to subfinder v2.7.1

The install_version attribute has been updated to the latest patch release, aligning with the coordinated toolchain update.

secator/tasks/cariddi.py (1)

59-59: Approve version bump to cariddi v1.4.1

The install_version attribute has been updated to the latest patch release, keeping the crawler tool current.

secator/tasks/nuclei.py (1)

86-86: Approve version bump to nuclei v3.4.4

The install_version attribute has been updated to the newest release, ensuring the vulnerability scanner is up to date.

to_install.sh (1)

1-1:

Details

✅ Verification successful

Verify version consistency across task modules

Ensure the versions in this script match each install_version in secator/tasks/*.py. Run this check:


🏁 Script executed:

#!/bin/bash
# Verify task module install_version matches to_install.sh
declare -A versions=(
  [cariddi]=v1.4.1 [fping]=v5.3 [gitleaks]=v8.26.0 [grype]=v0.92.2
  [naabu]=v2.3.4 [nuclei]=v3.4.4 [subfinder]=v2.7.1 [trivy]=v0.62.1
)
status=0
for tool in "${!versions[@]}"; do
  file="secator/tasks/${tool}.py"
  expected="${versions[$tool]}"
  if ! grep -q "install_version = '$expected'" "$file"; then
    echo "Mismatch: $file does not have install_version = '$expected'"
    status=1
  fi
done
exit $status

Length of output: 1423


✅ Versions in to_install.sh and secator/tasks/*.py are consistent

All install_version values in secator/tasks/*.py match the versions specified in to_install.sh. No further changes are needed.

🧰 Tools
🪛 Shellcheck (0.10.0)

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

@ocervell ocervell force-pushed the chore/update-tools-version branch from cf237a4 to 3189a6e Compare May 25, 2025 08:07

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🧹 Nitpick comments (1)
to_install.sh (1)

1-1: Optional: Quote the comma-separated tool list

Depending on how secator parses its arguments, wrapping the entire list in quotes can ensure it’s passed as one parameter:

-secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1
+secator install tools "cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1"
🧰 Tools
🪛 Shellcheck (0.10.0)

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between cf237a4 and 3189a6e.

📒 Files selected for processing (11)
  • CHANGELOG.md (1 hunks)
  • pyproject.toml (1 hunks)
  • secator/tasks/cariddi.py (1 hunks)
  • secator/tasks/fping.py (1 hunks)
  • secator/tasks/gitleaks.py (1 hunks)
  • secator/tasks/grype.py (1 hunks)
  • secator/tasks/naabu.py (1 hunks)
  • secator/tasks/nuclei.py (1 hunks)
  • secator/tasks/subfinder.py (1 hunks)
  • secator/tasks/trivy.py (1 hunks)
  • to_install.sh (1 hunks)
✅ Files skipped from review due to trivial changes (3)
  • secator/tasks/subfinder.py
  • pyproject.toml
  • secator/tasks/cariddi.py
🚧 Files skipped from review as they are similar to previous changes (6)
  • secator/tasks/grype.py
  • secator/tasks/naabu.py
  • secator/tasks/trivy.py
  • secator/tasks/gitleaks.py
  • secator/tasks/nuclei.py
  • secator/tasks/fping.py
🧰 Additional context used
🪛 LanguageTool
CHANGELOG.md

[uncategorized] ~8-~8: Loose punctuation mark.
Context: ... (2025-05-25) ### Features * dnsx: merge dnsxbrute into dnsx ([#571]...

(UNLIKELY_OPENING_PUNCTUATION)

🪛 Shellcheck (0.10.0)
to_install.sh

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

⏰ Context from checks skipped due to timeout of 90000ms (3)
  • GitHub Check: test-tasks (ubuntu-latest)
  • GitHub Check: test-tasks (ubuntu-latest)
  • GitHub Check: integration (3.11, ubuntu-latest)
🔇 Additional comments (1)
CHANGELOG.md (1)

3-3:

Details

✅ Verification successful

Verify compare-range tag in the new release header

The 0.16.0 entry references v0.15.1 as its base, but the previous section is for 0.15.0. Please confirm that v0.15.1 exists, or update the URL to v0.15.0:


🏁 Script executed:

#!/bin/bash
# Check if tag v0.15.1 is present in the repo
git tag | grep -E '^v0\.15\.1$'

Length of output: 33


🏁 Script executed:

#!/bin/bash
# Ensure all remote tags are present locally and check for v0.15.1
git fetch --tags --quiet
git tag | grep -E '^v0\.15\.1$'

Length of output: 68


CHANGELOG compare link validated
Confirmed that tag v0.15.1 exists in the repository, so the comparison URL for the 0.16.0 release is correct. No changes needed.

Comment thread to_install.sh Outdated
@@ -0,0 +1 @@
secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Specify shell and enable strict modes

ShellCheck SC2148 indicates that the script’s interpreter is unknown. It’s best to add a shebang and enable strict settings to prevent silent failures:

+#!/usr/bin/env bash
+set -euo pipefail
 secator install tools cariddi==v1.4.1,fping==v5.3,gitleaks==v8.26.0,grype==v0.92.2,naabu==v2.3.4,nuclei==v3.4.4,subfinder==v2.7.1,trivy==v0.62.1
🧰 Tools
🪛 Shellcheck (0.10.0)

[error] 1-1: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.

(SC2148)

🤖 Prompt for AI Agents
In to_install.sh at line 1, the script lacks a shebang line specifying the shell
interpreter and does not enable strict modes. Add a shebang line such as
#!/bin/bash at the very top of the file and enable strict modes by adding set
-euo pipefail after the shebang to ensure the script exits on errors, treats
unset variables as errors, and fails on pipeline errors.

@ocervell ocervell force-pushed the chore/update-tools-version branch 7 times, most recently from 694058b to 3be369d Compare November 28, 2025 01:55
@ocervell ocervell force-pushed the chore/update-tools-version branch 6 times, most recently from 9476453 to 6dca65c Compare December 5, 2025 02:01
@ocervell ocervell force-pushed the chore/update-tools-version branch 6 times, most recently from 0316133 to ee2b824 Compare December 12, 2025 02:02
@ocervell ocervell force-pushed the chore/update-tools-version branch 3 times, most recently from 563b855 to 8310c5d Compare December 16, 2025 02:03
@ocervell ocervell force-pushed the chore/update-tools-version branch 5 times, most recently from 67c7cb9 to 5b0a9f0 Compare January 22, 2026 02:10
@ocervell ocervell force-pushed the chore/update-tools-version branch 4 times, most recently from 43538cb to 976cfd7 Compare January 29, 2026 02:30
@ocervell ocervell force-pushed the chore/update-tools-version branch 5 times, most recently from 7a43813 to bb113fa Compare February 5, 2026 02:33
@ocervell ocervell force-pushed the chore/update-tools-version branch 5 times, most recently from 60e84aa to 2577c6c Compare February 12, 2026 02:41
@ocervell ocervell force-pushed the chore/update-tools-version branch 3 times, most recently from 573cb15 to 07105a8 Compare February 20, 2026 00:41
@ocervell ocervell force-pushed the chore/update-tools-version branch 2 times, most recently from 6626bc7 to 02893df Compare February 24, 2026 00:42
@ocervell ocervell force-pushed the chore/update-tools-version branch 3 times, most recently from 40ee682 to 99a4bd7 Compare March 6, 2026 00:46
@ocervell ocervell force-pushed the chore/update-tools-version branch 2 times, most recently from 394ca89 to 993992b Compare March 18, 2026 00:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automated dependencies Pull requests that update a dependency file urgent

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant