Stein Arne Storslett
Stein Arne Storslett
I saw that there was a couple more changes that was required. I'll update the PR shortly. In addition, I did what you did, and made a local build with...
It seems that installing temurin before installing the rest of the packages we don't draw in openjdk. I'll adapt the PR accordingly.
My local build is progressing (if somewhat slowly), and is passed my edits anyways. ```bash docker build . --platform linux/amd64 -t zaproxy-live -t owasp/zap2docker-live:latest -t ghcr.io/zaproxy/zaproxy:nightly -t softwaresecurityproject/zap-nightly:latest -f Dockerfile-live...
I got a build size of `2.15GB`, as compared to `1.99GB` in the "old". A trivy scan showed 7 a drop from 14 CRITICAL to 4, and from 126 HIGH...
I see that `ubuntu:22.04` is 78MB and `debian:bookworm-slim` is 75MB. In comparison `debian:bullseye-slim` is 80MB. `ubuntu:22.04` also has packages for `openjdk-11-jdk`. The immediate change I see is that one has...
I see and understand. As we're running zaproxy in a closed environment I setup a test and verified that indeed you get a `400 Bad Request` with that options specified...
@psiinon we could perhaps briefly discuss if the response code should be `401` instead of `400`. I still think that is the correct response code, perhaps with a `403` in...
It would of course be good to get some votes on this issue in that case. I have not looked into if the actual code change is a big one....
Could add that after adding `api.reportpermerrors=true` I get `400 Bad Request` also when doing API calls to non-existent API's. This issue could perhaps be expanded to plan REST-ful responses for...
Can you describe how the docker build process has been handled before? I would for one really like to see automated builds following upstream logstash with the plugin.