492882577d
clarify what a braking change is
2026-06-22 13:01:56 +02:00
8b653d0abf
Merge pull request #3072 from testssl/my-patch-1
...
AI section + minor improvements
2026-06-22 12:56:35 +02:00
a75e25a958
Minor changes
2026-06-22 12:55:45 +02:00
74ba0c4f1e
Add links
2026-06-22 12:47:24 +02:00
efab5f9165
AI section + minor improvements
...
- AI generated code becomes more important, so we add a new section (albeit bash support is not really as good as for other languages).
- streamlined comment, which is a comment
2026-06-22 12:33:11 +02:00
a55fc6d5d4
Merge pull request #3071 from testssl/potato-20-revive-hsts-preload
...
Potato 20 revive hsts preload
2026-06-20 18:34:54 +02:00
bfdfaf49a6
Merge branch 'potato-20-revive-hsts-preload' of github.com:testssl/testssl.sh into potato-20-revive-hsts-preload
2026-06-20 17:19:38 +02:00
bb408fd7d5
reflect renaming the variable
...
and u+x the script
2026-06-20 17:17:36 +02:00
050a141a71
Auto-generate docs from testssl.1.md [skip ci]
2026-06-20 14:59:08 +00:00
a13eb751ec
Credit where credits is due
...
Amend manyak
2026-06-20 16:54:30 +02:00
083f0148ca
Move --phone-out to 3.3dev
2026-06-20 16:53:36 +02:00
fda8d34edd
Minor changes to #3060 (HSTS preload)
...
- readability: case statements!
- we query the API, not the list
- safe_echo makes echo safer
2026-06-20 16:46:32 +02:00
2b00b984f9
Merge branch 'revive-hsts-preload' of https://github.com/potato-20/testssl.sh into potato-20-revive-hsts-preload
2026-06-20 16:10:52 +02:00
2a30ddc35e
Merge pull request #3069 from testssl/dependabot/github_actions/actions/checkout-7
...
Bump actions/checkout from 6 to 7
2026-06-20 15:56:44 +02:00
c93ad06489
Bump actions/checkout from 6 to 7
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-19 00:22:25 +00:00
8d0f86eada
Merge pull request #3066 from logopk/fix/issuer-cn-linecount
...
[Bug] FIXME: issuer_CN error with more than 5 lines in Issuer #3065
2026-06-18 11:29:47 +02:00
53d0125b44
Merge pull request #3068 from testssl/dependabot/github_actions/actions/checkout-6
...
Bump actions/checkout from 4 to 6
2026-06-18 09:51:44 +02:00
7a5bdd80b9
Bump actions/checkout from 4 to 6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-06-18 00:22:31 +00:00
bdeff4d23b
[Bug] FIXME: issuer_CN error with more than 5 lines in Issuer #3065
2026-06-17 22:35:32 +02:00
391f6a6b2b
ui: replace raw API value 'unknown' with 'no entry' in HSTS preload output
2026-06-17 15:10:51 +05:30
57fc5850d1
Add HSTS preload list check via the hstspreload.org API ( #1248 )
...
Revives and rebases #1809 by @tosticated (Jim Blankendaal) onto 3.3dev. When --phone-out is set, run_hsts now queries https://hstspreload.org/api/v2/status and reports whether the domain is on the browser HSTS preload list (preloaded/pending/rejected/unknown), cross-referenced with the served header, the same-domain check and the bulk flag.
Addresses the review comments on #1809 : the API-response matching uses native bash string matching instead of forking grep, the JSON quoting is handled inside check_hsts_preloadlist_match() so callers pass plain values, and the value arrays use 'local -a'. The output decision table is kept as-is (per maintainer feedback). Adds t/53_hsts_preload.t. Original design and decision table by @tosticated.
2026-06-17 15:10:51 +05:30
826449115c
Merge pull request #3064 from testssl/automate_pandoc
...
Automate pandoc
2026-06-17 11:24:25 +02:00
f8c23ab69f
Auto-generate docs from testssl.1.md [skip ci]
2026-06-17 09:22:17 +00:00
2dc81417f6
git push
2026-06-17 11:21:31 +02:00
85f80a6487
change template name
2026-06-17 11:12:53 +02:00
1297c88d26
fix syntax error
2026-06-17 11:08:24 +02:00
8fd171783c
Correct dir name, autopush gnerated files
2026-06-17 11:05:47 +02:00
4f874b3ebf
should better run on PR
2026-06-17 10:51:38 +02:00
1d6045ccd8
Add workflow for pandoc
2026-06-17 10:43:05 +02:00
0359a363ae
Change title --> trigger pandoc
2026-06-17 10:41:49 +02:00
e0af44a7be
Merge pull request #3058 from testssl/debug_hooks
...
Provide better debugging means for GH runners
2026-06-10 14:11:14 +02:00
8e25163625
Remove QUIC from runner
2026-06-10 10:03:25 +02:00
457f8fd0a0
Provide better debugging means
...
This is just to assist debugging of the runners, so that
we can grab in a case needed the screen and stderr .
* there's a script t/03_debug.t.DISABLED which needs to be renamed then
* it utilises IPC::Run3
- also showing the PATH is added for both runners
- Readme amended accordingly
2026-06-09 13:43:43 +02:00
c25a0ad491
Merge pull request #3057 from testssl/drwetter-patch-1
...
Hide CI badges for now
2026-06-09 10:39:41 +02:00
2f591423f2
fix spelling
2026-06-09 10:39:03 +02:00
5205310c0c
Remove CI badges
...
... as they reflect the PR status and not the current branch
See #2794
2026-06-09 10:36:24 +02:00
e7204bd524
Merge pull request #3056 from testssl/revert-3055-drwetter-patch-1
...
Revert "Trying to fix the badge issue"
2026-06-09 10:32:16 +02:00
f634570af7
Revert "Trying to fix the badge issue"
2026-06-09 10:31:37 +02:00
fbedfe5f5f
Merge pull request #3055 from testssl/drwetter-patch-1
...
Trying to fix the badge issue
2026-06-09 10:19:40 +02:00
01f9b49549
Update unit_tests_ubuntu.yml
...
... also for the ubuntu runner
2026-06-09 10:18:52 +02:00
b9dda9312d
Trying to fix the badge issue
...
... by having the runner only act on 3.3dev. Sounds counter intuitive but I was recommended to try
2026-06-09 10:16:50 +02:00
db014a6289
Merge pull request #3054 from testssl/drwetter-patch-1
...
Fix badges, try 2
2026-06-09 09:58:42 +02:00
ea16c81e97
Fix badges, try 2
...
* comment in status badges (try)
* stars getting to work again
2026-06-09 09:57:21 +02:00
fe080150cf
Merge pull request #3053 from testssl/drwetter-patch-1
...
Handle badges, remove 1 bracket
2026-06-09 09:45:10 +02:00
1bf15f41e1
Handle badges
2026-06-09 09:42:50 +02:00
cfde1df489
Merge pull request #3050 from potato-20/add-modern-security-headers
...
Report additional modern security headers (INFO)
2026-06-09 09:22:54 +02:00
8f588813c0
Merge pull request #3049 from potato-20/fix-mx-host-port-2986
...
Fix --mx host:port parsing and incorrect no-MX message (#2986 )
2026-06-08 18:33:32 +02:00
654dc18760
Merge pull request #3052 from testssl/mac_runner_update
...
Update runner to macos-26 (arm64 as before)
2026-06-08 17:08:16 +02:00
3c5b733431
Update runneer to macos-26 (arm64 as before)
...
... as they were strange failures in the past.
Supported runners: https://docs.github.com/en/actions/reference/runners/github-hosted-runners#single-cpu-runners .
Details: https://github.com/actions/runner-images/blob/main/images/macos/macos-26-arm64-Readme.md
2026-06-08 16:41:37 +02:00
0a7aff701e
Report additional modern security headers as INFO
...
Adds X-Permitted-Cross-Domain-Policies (already highlighted in emphasize_stuff_in_headers() but never reported), Origin-Agent-Cluster, Document-Policy, Clear-Site-Data, Reporting-Endpoints, Report-To and NEL to run_security_headers(), all presence-only/INFO, matching how COOP/COEP/CORP were added in #2619 .
2026-06-06 16:27:55 +05:30
Dirk Wetter