Recent Commits to john-packages:main

chore: start using Rocky Linux for CI (#782)

2025-04-05T12:59:01Z

chore: start using Rocky Linux for CI (#782)

Switch to Rocky Linux as our Enterprise Linux in use.

Since Openwall is working with the software, we should add it to our
test procedures.

Signed-off-by: Claudio André <[email protected]>

ci(gha): Bump actions/dependency-review-action from 4.5.0 to 4.6.0

2025-04-05T12:49:23Z

ci(gha): Bump actions/dependency-review-action from 4.5.0 to 4.6.0

Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/3b139cfc5fae8b618d3eae3675e383bb1769c019...ce3cf9537a52e8119d91fd484ab5b8a807627bf8)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 4.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

ci(gha): Bump step-security/harden-runner from 2.11.0 to 2.11.1

2025-04-05T12:37:35Z

ci(gha): Bump step-security/harden-runner from 2.11.0 to 2.11.1

Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.11.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

ci(gha): Bump crazy-max/ghaction-virustotal from 4.1.0 to 4.2.0

2025-04-05T12:29:00Z

ci(gha): Bump crazy-max/ghaction-virustotal from 4.1.0 to 4.2.0

Bumps [crazy-max/ghaction-virustotal](https://github.com/crazy-max/ghaction-virustotal) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/crazy-max/ghaction-virustotal/releases)
- [Commits](https://github.com/crazy-max/ghaction-virustotal/compare/93ce6fb8ca09fed3d3d2010a8be65552ae5d3854...d34968c958ae283fe976efed637081b9f9dcf74f)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-virustotal
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

build(ci): Bump oss-fuzz-base/base-builder in /.clusterfuzzlite

2025-04-05T06:29:47Z

build(ci): Bump oss-fuzz-base/base-builder in /.clusterfuzzlite

Bumps oss-fuzz-base/base-builder from `42c5348` to `d39e1af`.

---
updated-dependencies:
- dependency-name: oss-fuzz-base/base-builder
  dependency-version: v1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

build(ci): Bump fedora

2025-03-29T11:35:32Z

build(ci): Bump fedora

Bumps the ubuntu group with 1 update in the /CI/Dockerfiles directory: fedora.


Updates `fedora` from `3ec60eb` to `f84a7b7`

---
updated-dependencies:
- dependency-name: fedora
  dependency-type: direct:production
  dependency-group: ubuntu
...

Signed-off-by: dependabot[bot] <[email protected]>

ci(gha): Bump github/codeql-action from 3.28.12 to 3.28.13

2025-03-29T11:30:15Z

ci(gha): Bump github/codeql-action from 3.28.12 to 3.28.13

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.12 to 3.28.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/5f8171a638ada777af81d42b55959a643bb29017...1b549b9259bda1cb5ddde3b41741a82a2d15a841)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

build(ci): Bump oss-fuzz-base/base-builder in /.clusterfuzzlite

2025-03-29T11:24:52Z

build(ci): Bump oss-fuzz-base/base-builder in /.clusterfuzzlite

Bumps oss-fuzz-base/base-builder from `0f5a80a` to `e4f0be5`.

---
updated-dependencies:
- dependency-name: oss-fuzz-base/base-builder
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

docs(ci): remove formats from issues (#777)

2025-03-28T22:42:08Z

docs(ci): remove formats from issues (#777)

Remove OpenCL krb5pa-md5 from the list of problematic formats. It has
PROBABLY been fixed.

Side effect of openwall/john#5710.

Signed-off-by: Claudio André <[email protected]>

test: allow zzuf to use more memory (#779)

2025-03-27T17:34:21Z

test: allow zzuf to use more memory (#779)

Since the recent changes to the suppressor, the process needs more
memory. While we change this configuration, let's take advantage
of it and offer more processing time to the binary.

Signed-off-by: Claudio André <[email protected]>

build: update how we build AVX512* binaries (#778)

2025-03-27T12:23:11Z

build: update how we build AVX512* binaries (#778)

The way we should call `./configure` has changed.

Signed-off-by: Claudio André <[email protected]>

build: use macOS image preferred by runner (#776)

2025-03-26T13:44:21Z

build: use macOS image preferred by runner (#776)

Prefer to use the images that the environment favors.

Complements b793593420e39f39d0ee024e395516b686050ed3.

Signed-off-by: Claudio André <[email protected]>

test: add code to check format cracks itself (#772)

2025-03-26T13:08:52Z

test: add code to check format cracks itself (#772)

Add a test that checks whether the formats are capable of cracking
the hashes used in the format definition.

Signed-off-by: Claudio André <[email protected]>

ci(trivy): update egress policy (#773)

2025-03-25T13:33:54Z

ci(trivy): update egress policy (#773)

Update the network policy in trivy.yml and trivy-scanfs.yml as
recommended by the audit log. Using the recommended policy.

Signed-off-by: Claudio André <[email protected]>

chore: update dependabot commit prefixes (#771)

2025-03-25T13:19:41Z

chore: update dependabot commit prefixes (#771)

- categorize GitHub Actions under the 'ci' prefix;
- categorize devcontainers updates under the 'chore' prefix.

Signed-off-by: Claudio André <[email protected]>

ci: change the default Docker image user (#770)

2025-03-25T12:59:05Z

ci: change the default Docker image user (#770)

And make the process more parameterizable.

Signed-off-by: Claudio André <[email protected]>

docs: warn that SunMD5 fails a lot (#769)

2025-03-25T12:50:56Z

docs: warn that SunMD5 fails a lot (#769)

- it fails in clang and gcc;
- on Linux and macOS;
- on aarch64, armhf, ppc64el, and Apple Silicon.

Signed-off-by: Claudio André <[email protected]>

build: update macOS build env to sequoia (#768)

2025-03-23T13:57:01Z

build: update macOS build env to sequoia (#768)

The latest release of macOS. Version 15.x.

Signed-off-by: Claudio André <[email protected]>

ci: schedule trivy to run weekly (#762)

2025-03-22T12:55:42Z

ci: schedule trivy to run weekly (#762)

From now on, Trivy's evaluation of the project will be updated
automatically.

Signed-off-by: Claudio André <[email protected]>

docs: add example of 2john tools with Docker (#761)

2025-03-22T12:49:59Z

docs: add example of 2john tools with Docker (#761)

It is possible to run some 2john tools directly from the Docker image.

The Docker image does not have Python or Lua installed, so it is not
possible to run scripts using this approach.

Signed-off-by: Claudio André <[email protected]>