I’m trying to script setup and configuration of caddy server based on a custom download that includes additional plugins (caddy-auth-portal, caddy-auth-jwt, caddy-trace, and various caddy-dns modules ).

During setup, the caddy unit file is configured to run caddy as a non priveledged user (by design).

To get certificates configured properly we are attempting to use the caddy trust command

The docs at https://www.ory.sh/hydra/docs/cli/hydra-clients-import state as a description:

"Imports cryptographic keys of any format to the JSON Web Key Store

This appears to be incorrect. The description would be expected to be:

"Import OAuth 2.0 Clients from one or more JSON files"

(and this is confirmed by an earlier version of the docs for this CLI interface: https://www.ory.sh/hyd

AlmaLinux should be detected as RHEL/CentOS. Trivy should be able to detect RHEL/CentOS vulnerabilities

https://almalinux.org/

Describe the solution you'd like
I'd like to go back to using a CHANGELOG.md to track changes. This will be the first step in updating the ci/cd process to increase the frequency of patches/deploys.

Additional context
Go through https://github.com/zricethezav/gitleaks/releases and create a CHANGELOG.md file

cc @zricethezav

Would love to see an option to customize the logo and favicon!

What version of Gophish are you using?:
0.11.0

Brief description of the issue:
When editing existing templates/sending profiles/landing pages etc, the title of the popup boxes all begin with 'New'.

What are you expecting to see happen? :
When creating new (or copying) templates/sending profiles/landing pages they are titled 'New xxxxxx'. When editing existing templates/sending profi

Is your feature request related to a problem? Please describe.
When the user is running cscli dashboard setup and the available resources are obviously lacking (people tend to think that the dashboard might not require more resources than crowdsec itself), we should warn the user.

Describe the solution you'd like
Warn the user and/or ask for a confirmation if the available res

What would you like to be added

We can't query smallstep for anything related to certs because the only thing in the DB is the bytes of the cert. Storing the cert alongside more columns like the common name, not after date, and more, would let us enable more complex queries, and optimize performance for future use cases.

Why this is needed

Enable searching of Certificates signed by attrib

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

Is there a way to skip the nmap scan and go straight to the attacking routes? In case i already know the target list is full of open rtsp port IPs.

• terrascan version: 1.9.0
• terraform version: 1.0.1

Enhancement Request

Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.

Extremely useful when running the tool without halting a pipeline for example.

I currently use a workaround, but something more concrete would be very desira