v6.3.0

.flake8

@@ -12,4 +12,5 @@ exclude =
     migrations,
     virtualenv,
     ldap_config.py
-    api_app/analyzers_manager/migrations/*
+    api_app/analyzers_manager/migrations/*
+    api_app/ingestors_manager/migrations/*

.github/CHANGELOG.md

@@ -2,6 +2,16 @@
 
 [**Upgrade Guide**](https://intelowlproject.github.io/docs/IntelOwl/installation/#update-to-the-most-recent-version)
 
+## [v6.3.0](https://github.com/intelowlproject/IntelOwl/releases/tag/v6.3.0)
+
+This release brings official support for ARM architecture. From now on, our Docker builds are multi-platform. You can now run IntelOwl in your favourite ARM machine smoothly, e.g. Apple Silicon Mac and Raspberry PI.
+
+We have few new analyzers that you can play with (in particular new Vulnerability scanners like WAD, Nuclei) and updated Abuse.Ch analyzers to allow the configuration of your API key.
+
+Then we have a lot of fixes and dependencies upgrades as usual.
+
+Happy hunting!
+
 ## [v6.2.1](https://github.com/intelowlproject/IntelOwl/releases/tag/v6.2.1)
 Minor fixes and dependencies upgrades
 

.github/dependabot.yml

@@ -7,12 +7,12 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
       - dependency-name: "boto3"
         update-types: ["version-update:semver-minor"]
+      - dependency-name: "faker"
+        update-types: ["version-update:semver-minor"]
 
   - package-ecosystem: "pip"
     directory: "/integrations/malware_tools_analyzers/requirements"
@@ -21,8 +21,6 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
 
@@ -33,8 +31,6 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: [ "version-update:semver-patch" ]
 
@@ -44,6 +40,16 @@ updates:
       interval: "weekly"
       day: "tuesday"
     target-branch: "develop"
+    ignore:
+      - dependency-name: "*"
+        update-types: [ "version-update:semver-patch" ]
+
+  - package-ecosystem: "pip"
+    directory: "/integrations/nuclei_analyzer"
+    schedule:
+      interval: "weekly"
+      day: "tuesday"
+    target-branch: "develop"
     ignore:
       # ignore all patch updates since we are using ~=
       # this does not work for security updates
@@ -57,8 +63,6 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: [ "version-update:semver-patch" ]
 
@@ -78,8 +82,6 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
 
@@ -90,8 +92,6 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
 
@@ -102,8 +102,6 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
 
@@ -113,6 +111,26 @@ updates:
       interval: "weekly"
       day: "tuesday"
     target-branch: "develop"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+
+  - package-ecosystem: "docker"
+    directory: "/integrations/cyberchef"
+    schedule:
+      interval: "weekly"
+      day: "tuesday"
+    target-branch: "develop"
+    ignore:
+      - dependency-name: "*"
+        update-types: ["version-update:semver-patch"]
+
+  - package-ecosystem: "docker"
+    directory: "/integrations/nuclei_analyzer"
+    schedule:
+      interval: "weekly"
+      day: "tuesday"
+    target-branch: "develop"
     ignore:
       # ignore all patch updates since we are using ~=
       # this does not work for security updates
@@ -126,20 +144,26 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
 
+  - package-ecosystem: "docker"
+    directory: "/integrations/thug"
+    schedule:
+      interval: "weekly"
+      day: "tuesday"
+    target-branch: "develop"
+    ignore:
+      - dependency-name: "*"
+        update-types: [ "version-update:semver-patch" ]
+
   - package-ecosystem: "docker"
     directory: "/integrations/phishing_analyzers"
     schedule:
       interval: "weekly"
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]
 
@@ -150,7 +174,5 @@ updates:
       day: "tuesday"
     target-branch: "develop"
     ignore:
-      # ignore all patch updates since we are using ~=
-      # this does not work for security updates
       - dependency-name: "*"
         update-types: ["version-update:semver-patch"]

.github/pull_request_template.md

@@ -28,6 +28,7 @@ Please delete options that are not relevant.
     - [ ] If the plugin interacts with an external service, I have created an attribute called precisely `url` that contains this information. This is required for Health Checks. 
     - [ ] If the plugin requires mocked testing, `_monkeypatch()` was used in its class to apply the necessary decorators.
     - [ ] I have added that raw JSON sample to the `MockUpResponse` of the `_monkeypatch()` method. This serves us to provide a valid sample for testing.
+- [ ] I have inserted the copyright banner at the start of the file: ```# This file is a part of IntelOwl https://github.com/intelowlproject/IntelOwl # See the file 'LICENSE' for copying permission.```
 - [ ] If external libraries/packages with restrictive licenses were used, they were added in the [Legal Notice](https://github.com/certego/IntelOwl/blob/master/.github/legal_notice.md) section.
 - [ ] Linters (`Black`, `Flake`, `Isort`) gave 0 errors. If you have correctly installed [pre-commit](https://intelowlproject.github.io/docs/IntelOwl/contribute/#how-to-start-setup-project-and-development-instance), it does these checks and adjustments on your behalf.
 - [ ] I have added tests for the feature/bug I solved (see `tests` folder). All the tests (new and old ones) gave 0 errors.
@@ -38,4 +39,4 @@ Please delete options that are not relevant.
 
 ### Important Rules
 - If you miss to compile the Checklist properly, your PR won't be reviewed by the maintainers.
-- Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review. After being reviewed and received a "change request", you should explicitly ask for a review again once you have made the requested changes.
+- Everytime you make changes to the PR and you think the work is done, you should explicitly ask for a review by using GitHub's reviewing system detailed [here](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/requesting-a-pull-request-review).

.github/release_template.md

@@ -21,4 +21,5 @@ WARNING: The release will be live within an hour!
 ```commandline
 published #IntelOwl vX.X.X! https://github.com/intelowlproject/IntelOwl/releases/tag/vX.X.X #ThreatIntelligence #CyberSecurity #OpenSource #OSINT #DFIR
 ```
-- [ ] If that was a major release or an important release, communicate the news to the marketing staff
+- [ ] If that was a major release or an important release, communicate the news to the marketing staff
+- [ ] This is a good time to check for old dangling issues and clean-up the inactive ones. Same for issues solved by this release.

.github/workflows/codeql-analysis.yml

@@ -44,7 +44,7 @@ jobs:
         fetch-depth: 2
 
     - name: Set up Python
-      uses: actions/setup-python@v5.3.0
+      uses: actions/setup-python@v5.4.0
       with:
         python-version: '3.11'
 

.github/workflows/pull_request_automation.yml

@@ -37,7 +37,7 @@ jobs:
         uses: actions/checkout@v4.2.2
 
       - name: Set up Python
-        uses: actions/setup-python@v5.3.0
+        uses: actions/setup-python@v5.4.0
         with:
           python-version: 3.11
 

.github/workflows/scorecard.yml

@@ -59,7 +59,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: SARIF file
           path: results.sarif

.github/workflows/stale.yml

@@ -0,0 +1,23 @@
+name: "Tag stale issues and pull requests"
+
+on:
+  schedule:
+    - cron: "0 9 * * *" # Runs every day at 9 AM
+  workflow_dispatch: # Allows the workflow to be triggered manually
+
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/stale@v9
+      with:
+        repo-token: ${{ github.token }}
+        stale-pr-message: "This pull request has been marked as stale because it has had no activity for 10 days. If you are still working on this, please provide some updates or it will be closed in 5 days."
+        close-pr-message: "This pull request has been closed because it had no updates in 15 days. If you're still working on this fell free to reopen."
+        days-before-pr-stale: 10
+        days-before-pr-close: 5
+        stale-pr-label: "stale"
+        exempt-pr-labels: "keep-open"
+        operations-per-run: 100
+        debug-only: false
+        exempt-all-milestones: true