From f7c65a97cf3da90f24ca28770406d1e77e3fbfa1 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 23 Feb 2026 07:00:18 +0100 Subject: [PATCH 1/5] Fix netty issue --- js/package-lock.json | 3 +-- package-lock.json | 10 ++++++---- pom.xml | 2 +- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/js/package-lock.json b/js/package-lock.json index 27f08ceee..be142b7c7 100644 --- a/js/package-lock.json +++ b/js/package-lock.json @@ -1246,8 +1246,7 @@ "resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.2.2.tgz", "integrity": "sha512-urBwgfrvVP/eAyXx4hluJivBKzuEbSQs9rKWCrCkbSxNv8mxPcUZKeuoF3Uy4mJl3Lwprp6yy5/39VWigZ4K6Q==", "dev": true, - "license": "Apache-2.0", - "peer": true + "license": "Apache-2.0" }, "node_modules/require-from-string": { "version": "2.0.2", diff --git a/package-lock.json b/package-lock.json index b48e0cd56..2cad0003a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,6 +25,7 @@ "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", "dev": true, "license": "Apache-2.0", + "peer": true, "dependencies": { "@jridgewell/gen-mapping": "^0.3.5", "@jridgewell/trace-mapping": "^0.3.24" @@ -393,6 +394,7 @@ "integrity": "sha512-muE8Tt8M22638HU31A3CgfSUciwz1fhATfoVai05aPXGor//CdWDCbnlY1yvBPo07njuVOCNGCSp/GTt12lIug==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@babel/template": "^7.27.2", "@babel/types": "^7.27.6" @@ -1887,7 +1889,6 @@ "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -2042,7 +2043,6 @@ } ], "license": "MIT", - "peer": true, "dependencies": { "baseline-browser-mapping": "^2.9.0", "caniuse-lite": "^1.0.30001759", @@ -2177,7 +2177,8 @@ "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", "dev": true, - "license": "MIT" + "license": "MIT", + "peer": true }, "node_modules/core-js-compat": { "version": "3.48.0", @@ -2282,7 +2283,6 @@ "integrity": "sha512-VmQ+sifHUbI/IcSopBCF/HO3YiHQx/AVd3UVyYL6weuwW+HvON9VYn5l6Zl1WZzPWXPNZrSQpxwkkZ/VuvJZzg==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.1", @@ -2639,6 +2639,7 @@ "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", "dev": true, "license": "MIT", + "peer": true, "engines": { "node": ">=6.9.0" } @@ -2845,6 +2846,7 @@ "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true, "license": "MIT", + "peer": true, "bin": { "json5": "lib/cli.js" }, diff --git a/pom.xml b/pom.xml index 44b6c0f43..41f046b64 100644 --- a/pom.xml +++ b/pom.xml @@ -56,7 +56,7 @@ 3.14.9 7.4.5 2.14.1 - 4.1.118.Final + 4.1.123.Final 25 3.7.1 10.0.3.0 From 6e5512137134dcaa43e2882daafbce6d8bb6d77d Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 23 Feb 2026 07:07:55 +0100 Subject: [PATCH 2/5] Fixes for challenge colors for additional uis --- .../scripts/generate_thymeleaf_previews.py | 1 - .../challenge-57/challenge-57.snippet | 2 +- .../challenge-58/challenge-58.snippet | 6 +- src/main/resources/static/css/dark.css | 61 +++++++++++++++++++ .../pr-2125/pages/challenge-example.html | 38 ++++++++++++ 5 files changed, 103 insertions(+), 5 deletions(-) diff --git a/.github/scripts/generate_thymeleaf_previews.py b/.github/scripts/generate_thymeleaf_previews.py index 4e0a79250..e0aa44252 100755 --- a/.github/scripts/generate_thymeleaf_previews.py +++ b/.github/scripts/generate_thymeleaf_previews.py @@ -456,7 +456,6 @@ def add_static_assets_challenge58(self, content): /* Challenge 58 specific styles */ .demo-section {{ - background: #fff3cd; border: 1px solid #ffeaa7; border-radius: 6px; padding: 15px; diff --git a/src/main/resources/challenges/challenge-57/challenge-57.snippet b/src/main/resources/challenges/challenge-57/challenge-57.snippet index e62d7c2f6..1b1c6f541 100644 --- a/src/main/resources/challenges/challenge-57/challenge-57.snippet +++ b/src/main/resources/challenges/challenge-57/challenge-57.snippet @@ -11,7 +11,7 @@ -
+
💡 Tip: This AI has been given specific instructions. Try exploring what it knows!
diff --git a/src/main/resources/challenges/challenge-58/challenge-58.snippet b/src/main/resources/challenges/challenge-58/challenge-58.snippet index 679cffa0f..a8cae3301 100644 --- a/src/main/resources/challenges/challenge-58/challenge-58.snippet +++ b/src/main/resources/challenges/challenge-58/challenge-58.snippet @@ -2,16 +2,16 @@

🗄️ Database Connection Error Demo

This challenge demonstrates how database connection failures can expose sensitive credentials through error messages.

-
+

Try the vulnerable endpoint:

Click the button below to trigger a database connection error that exposes the connection string with embedded credentials.

🚨 Trigger Database Connection Error -

This endpoint simulates a database connection failure that exposes the connection string with embedded credentials.

+

This endpoint simulates a database connection failure that exposes the connection string with embedded credentials.

-
+
💡 Tip: Look for the database password in the error message or application logs.
diff --git a/src/main/resources/static/css/dark.css b/src/main/resources/static/css/dark.css index d9398ac30..9f9fd2d3d 100644 --- a/src/main/resources/static/css/dark.css +++ b/src/main/resources/static/css/dark.css @@ -112,3 +112,64 @@ .dark-mode .text-muted { color: var(--bs-gray-300) !important; } + +.dark-mode #llm-challenge-container { + background-color: #1f1f1f !important; + border-color: var(--bs-gray-700) !important; + color: var(--bs-body-color); +} + +.dark-mode #llm-challenge-container h4, +.dark-mode #llm-challenge-container p { + color: var(--bs-body-color); +} + +.dark-mode #chat-history { + background-color: #1a1a1a !important; + border-color: var(--bs-gray-700) !important; +} + +.dark-mode #chat-history .ai-message { + background-color: #2a2a2a !important; + color: var(--bs-body-color); +} + +.dark-mode #chat-history .user-message { + background-color: #243548 !important; + color: var(--bs-body-color); +} + +.dark-mode #llm-challenge-container input[type="text"] { + border-color: var(--bs-gray-700) !important; +} + +.dark-mode #llm-challenge-container button { + background-color: var(--bs-primary) !important; + border-color: var(--bs-primary) !important; +} + +.dark-mode #llm-challenge-container .chat-tip { + color: var(--bs-gray-300) !important; +} + +.dark-mode #database-challenge-container { + background-color: #1f1f1f !important; + border-color: var(--bs-gray-700) !important; + color: var(--bs-body-color); +} + +.dark-mode #database-challenge-container h4, +.dark-mode #database-challenge-container p { + color: var(--bs-body-color); +} + +.dark-mode #database-challenge-container .db-warning { + background-color: #2a2412 !important; + border-color: #6a5a2a !important; + color: var(--bs-body-color); +} + +.dark-mode #database-challenge-container .db-warning-text, +.dark-mode #database-challenge-container .db-tip { + color: var(--bs-gray-300) !important; +} diff --git a/static-site/pr-2125/pages/challenge-example.html b/static-site/pr-2125/pages/challenge-example.html index 8ebcc57d3..1b0f1ce88 100644 --- a/static-site/pr-2125/pages/challenge-example.html +++ b/static-site/pr-2125/pages/challenge-example.html @@ -224,6 +224,44 @@ border-color: white; } +.dark-mode #llm-challenge-container { + background-color: #1f1f1f; + border-color: var(--bs-gray-700); + color: var(--bs-body-color); +} + +.dark-mode #llm-challenge-container h4, +.dark-mode #llm-challenge-container p { + color: var(--bs-body-color); +} + +.dark-mode #chat-history { + background-color: #1a1a1a; + border-color: var(--bs-gray-700); +} + +.dark-mode #chat-history .ai-message { + background-color: #2a2a2a; + color: var(--bs-body-color); +} + +.dark-mode #chat-history .user-message { + background-color: #243548; + color: var(--bs-body-color); +} + +.dark-mode .chat-input { + border-color: var(--bs-gray-700); +} + +.dark-mode .chat-send-btn { + background-color: var(--bs-primary); +} + +.dark-mode .chat-tip { + color: var(--bs-gray-300); +} + /* Bootstrap CSS (minimal) */ From 6fbfde81ebb85cf4073a40835330687586999692 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 23 Feb 2026 07:13:40 +0100 Subject: [PATCH 3/5] Fix flaky url lookups --- .lycheeignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.lycheeignore b/.lycheeignore index 91569555d..f32f92a92 100644 --- a/.lycheeignore +++ b/.lycheeignore @@ -30,3 +30,6 @@ https://medium.com/sweetmeat/how-to-keep-a-downstream-git-repository-current-wit # Issues with lychee: https://github.com/topics/secrets-detection + +# Helm docs are flaky in CI (connection resets) +https://helm.sh/docs/intro/install/ From 87dd37bf05420dd1ab887af6d1c7e2b3fc6469bc Mon Sep 17 00:00:00 2001 From: "pre-commit-ci-lite[bot]" <117423508+pre-commit-ci-lite[bot]@users.noreply.github.com> Date: Mon, 23 Feb 2026 06:18:21 +0000 Subject: [PATCH 4/5] [pre-commit.ci lite] apply automatic fixes --- package-lock.json | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2cad0003a..b48e0cd56 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,7 +25,6 @@ "integrity": "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw==", "dev": true, "license": "Apache-2.0", - "peer": true, "dependencies": { "@jridgewell/gen-mapping": "^0.3.5", "@jridgewell/trace-mapping": "^0.3.24" @@ -394,7 +393,6 @@ "integrity": "sha512-muE8Tt8M22638HU31A3CgfSUciwz1fhATfoVai05aPXGor//CdWDCbnlY1yvBPo07njuVOCNGCSp/GTt12lIug==", "dev": true, "license": "MIT", - "peer": true, "dependencies": { "@babel/template": "^7.27.2", "@babel/types": "^7.27.6" @@ -1889,6 +1887,7 @@ "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", "dev": true, "license": "MIT", + "peer": true, "bin": { "acorn": "bin/acorn" }, @@ -2043,6 +2042,7 @@ } ], "license": "MIT", + "peer": true, "dependencies": { "baseline-browser-mapping": "^2.9.0", "caniuse-lite": "^1.0.30001759", @@ -2177,8 +2177,7 @@ "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-2.0.0.tgz", "integrity": "sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg==", "dev": true, - "license": "MIT", - "peer": true + "license": "MIT" }, "node_modules/core-js-compat": { "version": "3.48.0", @@ -2283,6 +2282,7 @@ "integrity": "sha512-VmQ+sifHUbI/IcSopBCF/HO3YiHQx/AVd3UVyYL6weuwW+HvON9VYn5l6Zl1WZzPWXPNZrSQpxwkkZ/VuvJZzg==", "dev": true, "license": "MIT", + "peer": true, "dependencies": { "@eslint-community/eslint-utils": "^4.8.0", "@eslint-community/regexpp": "^4.12.1", @@ -2639,7 +2639,6 @@ "integrity": "sha512-3hN7NaskYvMDLQY55gnW3NQ+mesEAepTqlg+VEbj7zzqEMBVNhzcGYYeqFo/TlYz6eQiFcp1HcsCZO+nGgS8zg==", "dev": true, "license": "MIT", - "peer": true, "engines": { "node": ">=6.9.0" } @@ -2846,7 +2845,6 @@ "integrity": "sha512-XmOWe7eyHYH14cLdVPoyg+GOH3rYX++KpzrylJwSW98t3Nk+U8XOl8FWKOgwtzdb8lXGf6zYwDUzeHMWfxasyg==", "dev": true, "license": "MIT", - "peer": true, "bin": { "json5": "lib/cli.js" }, From 6bffbf18eaa072e545b9e7df2aae36c69b925f38 Mon Sep 17 00:00:00 2001 From: Jeroen Willemsen Date: Mon, 23 Feb 2026 07:20:22 +0100 Subject: [PATCH 5/5] loosen previews --- .github/workflows/github-pages-preview.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/github-pages-preview.yml b/.github/workflows/github-pages-preview.yml index f42a5b0af..24533fd36 100644 --- a/.github/workflows/github-pages-preview.yml +++ b/.github/workflows/github-pages-preview.yml @@ -2,7 +2,6 @@ name: GitHub Pages PR Preview on: pull_request: - types: [opened, synchronize, reopened, closed] paths: - 'src/main/resources/templates/**' - 'src/main/resources/static/**'