From 1d6ddaafe552ec92c81665ef519be9355b405eb2 Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Wed, 13 Nov 2024 11:50:11 +0100 Subject: [PATCH 1/3] Fix template variable references in organization group pages and confirm delete page --- .../ckanext-pages/01_org_group_templates.patch | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/ckan/patches/ckanext-pages/01_org_group_templates.patch b/ckan/patches/ckanext-pages/01_org_group_templates.patch index 94b74a69..cdfefc33 100644 --- a/ckan/patches/ckanext-pages/01_org_group_templates.patch +++ b/ckan/patches/ckanext-pages/01_org_group_templates.patch @@ -13,6 +13,19 @@ index bbdae8f..6bf00fa 100644 + {{ h.build_nav_icon('group_pages_index', _('Pages'), id=group_dict.name, icon='file') }} {% endif %} {% endblock %} +diff --git a/ckanext/pages/theme/templates_main/ckanext_pages/confirm_delete.html b/ckanext/pages/theme/templates_main/ckanext_pages/confirm_delete.html +index 6ab5f92..c00e1d6 100644 +--- a/ckanext/pages/theme/templates_main/ckanext_pages/confirm_delete.html ++++ b/ckanext/pages/theme/templates_main/ckanext_pages/confirm_delete.html +@@ -10,7 +10,7 @@ + {% block form %} +

{{ _('Are you sure you want to delete page - {name}?').format(name=c.page_dict.name) }}

+

+- {% set action = form_action or h.url_for('organization_pages_delete', id=c.group_dict.name, page='/' + page) %} ++ {% set action = form_action or h.url_for('organization_pages_delete', id=group_dict.name, page='/' + page) %} +

+ + diff --git a/ckanext/pages/theme/templates_organization/organization/read_base.html b/ckanext/pages/theme/templates_organization/organization/read_base.html index e5f3b47..eb2f39b 100644 --- a/ckanext/pages/theme/templates_organization/organization/read_base.html From c1139e2404f1613f7c1bd35c7d11252db6a50830 Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Wed, 13 Nov 2024 11:50:24 +0100 Subject: [PATCH 2/3] Update map tile URL to use HTTPS for improved security --- .env.example | 2 +- samples/.env.codespaces | 2 +- samples/.env.dev.example | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.env.example b/.env.example index c8f8864c..5d87abd0 100644 --- a/.env.example +++ b/.env.example @@ -195,7 +195,7 @@ CKANEXT__DCAT__DEFAULT_CATALOG_ENDPOINT='/catalog.{_format}' CKANEXT__SPATIAL__SEARCH_BACKEND=solr-spatial-field CKAN__SPATIAL__SRID=3857 CKANEXT__SPATIAL__COMMON_MAP__TYPE=custom -CKANEXT__SPATIAL__COMMON_MAP__CUSTOM__URL=http://a.tile.openstreetmap.org/{z}/{x}/{y}.png +CKANEXT__SPATIAL__COMMON_MAP__CUSTOM__URL=https://a.tile.openstreetmap.org/{z}/{x}/{y}.png CKANEXT__SPATIAL__COMMON_MAP__ATTRIBUTION='Map tiles by OpenStreetMap (CC BY SA)' # ckanext-geoview diff --git a/samples/.env.codespaces b/samples/.env.codespaces index 6db307c1..4e206be3 100644 --- a/samples/.env.codespaces +++ b/samples/.env.codespaces @@ -198,7 +198,7 @@ CKANEXT__DCAT__DEFAULT_CATALOG_ENDPOINT='/catalog.{_format}' CKANEXT__SPATIAL__SEARCH_BACKEND=solr-spatial-field CKAN__SPATIAL__SRID=3857 CKANEXT__SPATIAL__COMMON_MAP__TYPE=custom -CKANEXT__SPATIAL__COMMON_MAP__CUSTOM__URL=http://a.tile.openstreetmap.org/{z}/{x}/{y}.png +CKANEXT__SPATIAL__COMMON_MAP__CUSTOM__URL=https://a.tile.openstreetmap.org/{z}/{x}/{y}.png CKANEXT__SPATIAL__COMMON_MAP__ATTRIBUTION='Map tiles by OpenStreetMap (CC BY SA)' # ckanext-geoview diff --git a/samples/.env.dev.example b/samples/.env.dev.example index 8d845b57..6de2bf4b 100644 --- a/samples/.env.dev.example +++ b/samples/.env.dev.example @@ -196,7 +196,7 @@ CKANEXT__DCAT__DEFAULT_CATALOG_ENDPOINT='/catalog.{_format}' CKANEXT__SPATIAL__SEARCH_BACKEND=solr-spatial-field CKAN__SPATIAL__SRID=3857 CKANEXT__SPATIAL__COMMON_MAP__TYPE=custom -CKANEXT__SPATIAL__COMMON_MAP__CUSTOM__URL=http://a.tile.openstreetmap.org/{z}/{x}/{y}.png +CKANEXT__SPATIAL__COMMON_MAP__CUSTOM__URL=https://a.tile.openstreetmap.org/{z}/{x}/{y}.png CKANEXT__SPATIAL__COMMON_MAP__ATTRIBUTION='Map tiles by OpenStreetMap (CC BY SA)' # ckanext-geoview From 9448619f7eedb5c7652c7efc11e7bbf1bb101be2 Mon Sep 17 00:00:00 2001 From: mjanez <96422458+mjanez@users.noreply.github.com> Date: Wed, 13 Nov 2024 12:57:03 +0100 Subject: [PATCH 3/3] Add Trivy database repositories to vulnerability scanner workflows More info at: https://github.com/ballerina-platform/ballerina-library/pull/7357 that fixes: https://github.com/aquasecurity/trivy-action/issues/389 --- .github/workflows/docker-build.yml | 3 +++ .github/workflows/docker-manual.yml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 51c8f775..f13c5410 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -82,6 +82,9 @@ jobs: - name: Run Trivy container image vulnerability scanner uses: aquasecurity/trivy-action@0.28.0 + env: + TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db + TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} format: sarif diff --git a/.github/workflows/docker-manual.yml b/.github/workflows/docker-manual.yml index f4e5a97b..40e1bdbe 100644 --- a/.github/workflows/docker-manual.yml +++ b/.github/workflows/docker-manual.yml @@ -72,6 +72,9 @@ jobs: - name: Run Trivy container image vulnerability scanner uses: aquasecurity/trivy-action@0.28.0 + env: + TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db + TRIVY_JAVA_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-java-db,public.ecr.aws/aquasecurity/trivy-java-db with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.VERSION }} format: sarif