Bump docker/build-push-action from 4 to 5

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
2023-09-27 10:15:30 +00:00
11 changed files with 16 additions and 48 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -9,7 +9,7 @@ jobs:
    strategy:
      matrix:
-        ruby: [2.7, '3.0', 3.1, 3.2]
+        ruby: [2.7, '3.0', 3.1]
    steps:
    - name: Checkout code
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -49,7 +49,7 @@ jobs:
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
        with:
          platforms: linux/amd64,linux/arm/v7,linux/arm64
          push: true
--- a/README.md
+++ b/README.md
@@ -38,9 +38,7 @@ When using a pentesting distubution (such as Kali Linux), it is recommended to i
 ### In macOSX via Homebrew
-```shell
+`brew install wpscanteam/tap/wpscan`
 brew install wpscanteam/tap/wpscan
 ```
 ### From RubyGems
--- a/app/finders/db_exports/known_locations.rb
+++ b/app/finders/db_exports/known_locations.rb
@@ -7,10 +7,6 @@ module WPScan
      class KnownLocations < CMSScanner::Finders::Finder
        include CMSScanner::Finders::Finder::Enumerator
        def valid_response_codes
          @valid_response_codes ||= [200, 206].freeze
        end
        SQL_PATTERN = /(?:DROP|(?:UN)?LOCK|CREATE|ALTER) (?:TABLE|DATABASE)|INSERT INTO/.freeze
        # @param [ Hash ] opts
@@ -21,7 +17,7 @@ module WPScan
        def aggressive(opts = {})
          found = []
-          enumerate(potential_urls(opts), opts.merge(check_full_response: valid_response_codes)) do |res|
+          enumerate(potential_urls(opts), opts.merge(check_full_response: 200)) do |res|
            if res.effective_url.end_with?('.zip')
              next unless %r{\Aapplication/zip}i.match?(res.headers['Content-Type'])
            else
--- a/app/finders/users/oembed_api.rb
+++ b/app/finders/users/oembed_api.rb
@@ -36,8 +36,6 @@ module WPScan
          oembed_data = oembed_data.first if oembed_data.is_a?(Array)
          oembed_data = {} unless oembed_data.is_a?(Hash)
          if oembed_data['author_url'] =~ %r{/author/([^/]+)/?\z}
            details = [Regexp.last_match[1], 'Author URL', 90]
          elsif oembed_data['author_name'] && !oembed_data['author_name'].empty?
--- a/app/finders/users/wp_json_api.rb
+++ b/app/finders/users/wp_json_api.rb
@@ -42,17 +42,13 @@ module WPScan
        def users_from_response(response)
          found = []
-          json = JSON.parse(response.body)
+          JSON.parse(response.body)&.each do |user|
          if json.is_a?(Enumerable)
            json.each do |user|
            found << Model::User.new(user['slug'],
                                     id: user['id'],
                                     found_by: found_by,
                                     confidence: 100,
                                     interesting_entries: [response.effective_url])
          end
          end
          found
        end
--- a/app/models/theme.rb
+++ b/app/models/theme.rb
@@ -92,7 +92,7 @@ module WPScan
          tags: 'Tags',
          text_domain: 'Text Domain'
        }.each do |attribute, tag|
-          instance_variable_set(:"@#{attribute}", parse_style_tag(style_body, tag)&.force_encoding('UTF-8'))
+          instance_variable_set(:"@#{attribute}", parse_style_tag(style_body, tag))
        end
      end
--- a/lib/wpscan/helper.rb
+++ b/lib/wpscan/helper.rb
@@ -16,8 +16,5 @@ def classify_slug(slug)
  classified = slug.to_s.gsub(/[^a-z\d\-]/i, '-').gsub(/-{1,}/, '_').camelize.to_s
  classified = "D_#{classified}" if /\d/.match?(classified[0])
  # Special case for slugs with all non-latin characters.
  classified = "HexSlug_#{slug.bytes.map { |i| i.to_s(16) }.join}" if classified.empty?
  classified.to_sym
 end
--- a/spec/app/finders/users/oembed_api_spec.rb
+++ b/spec/app/finders/users/oembed_api_spec.rb
@@ -13,19 +13,11 @@ describe WPScan::Finders::Users::OembedApi do
    end
    context 'when not a JSON response' do
      context 'when empty' do
      let(:body) { '' }
      its(:aggressive) { should eql([]) }
    end
      context 'when a string' do
        let(:body) { '404' }
        its(:aggressive) { should eql([]) }
      end
    end
    context 'when a JSON response' do
      let(:body) { File.read(fixture) }
--- a/spec/app/finders/users/wp_json_api_spec.rb
+++ b/spec/app/finders/users/wp_json_api_spec.rb
@@ -20,19 +20,11 @@ describe WPScan::Finders::Users::WpJsonApi do
      end
      context 'when not a JSON response' do
        context 'when empty' do
        let(:body) { '' }
        its(:aggressive) { should eql([]) }
      end
        context 'when a string' do
          let(:body) { '404' }
          its(:aggressive) { should eql([]) }
        end
      end
      context 'when a JSON response' do
        context 'when unauthorised' do
          let(:body) { File.read(fixtures.join('401.json')) }
--- a/spec/lib/helper_spec.rb
+++ b/spec/lib/helper_spec.rb
@@ -7,8 +7,7 @@ describe '#classify_slug' do
    '12-slug' => :D_12Slug,
    'slug.s' => :SlugS,
    'slug yolo $' => :SlugYolo,
-    'slug $ ab.cd/12' => :SlugAbCd12,
+    'slug $ ab.cd/12' => :SlugAbCd12
    'カスタムテーマ' => :HexSlug_e382abe382b9e382bfe383a0e38386e383bce3839e
  }.each do |slug, expected_symbol|
    context "when #{slug}" do
      it "returns #{expected_symbol}" do