update vulnerable-checker

.github/scripts/vulnerable_checker.js

@@ -7,34 +7,61 @@ const GITHUB_STEP_SUMMARY = process.env.GITHUB_STEP_SUMMARY
 
 const ignore = {
   missing: [
-    'ADD_USER_ID',
-    'GRAPHQL_DEBUG_MODE_ENABLED',
-    'GRAPHQL_FIELD_SUGGESTIONS_ENABLED',
-    'MASS_ASSIGNMENT_CHANGE_ACCOUNT',
-    'ADD_JKU_TO_JWT',
-    'JWT_INVALID_SIGNATURE',
-    'MASS_ASSIGNMENT_CHANGE_ADMIN_ROLE',
-    'HEAD_METHOD_TEST',
+    'BFLA_INSERT_ADMIN_IN_URL_PATHS',
+    'SSRF_ON_XML_UPLOAD_LOCALHOST_REDIRECT',
+    'SSL_ENABLE_CHECK',
+    'BFLA_WITH_PUT_METHOD',
+    'BFLA_REPLACE_ADMIN_IN_URL_PATHS',
+    'BFLA_WITH_POST_METHOD',
+    'USER_ENUM_REDIRECT_PAGE',
+    'AUTH_BYPASS_STAGING_URL',
+    'SSRF_ON_IMAGE_UPLOAD_GCP_REDIRECT',
+    'SSRF_ON_PDF_UPLOAD_AWS_REDIRECT',
+    'BFLA_WITH_PATCH_METHOD',
+    'SSRF_ON_XML_UPLOAD_AZURE_REDIRECT',
+    'SSRF_ON_CSV_UPLOAD_AWS_REDIRECT',
     'RANDOM_METHOD_TEST',
-    'JWT_SIGNING_IN_CLIENT_SIDE',
-    'GRAPHQL_TYPE_INTROSPECTION_ALLOWED',
-    'GRAPHQL_DEVELOPMENT_CONSOLE_EXPOSED',
-    'PARAMETER_POLLUTION',
-    'GRAPHQL_INTROSPECTION_MODE_ENABLED'
+    'SSRF_ON_LOCALHOST_DNS_PINNING',
+    'DOS_FILE_URL_JPG',
+    'BFLA_WITH_GET_METHOD',
+    'SSRF_ON_IMAGE_UPLOAD_LOCALHOST_REDIRECT',
+    'DOS_ATTACH_LARGE_FILE',
+    '2FA_BROKEN_LOGIC_AUTH_TOKEN_TEST',
+    'DOS_FILE_URL_XML',
+    'SSRF_ON_CSV_UPLOAD_GCP_REDIRECT',
+    'DOS_FILE_URL_CSV',
+    'SSRF_ON_CSV_UPLOAD_LOCALHOST_REDIRECT',
+    'SSRF_ON_PDF_UPLOAD_GCP_REDIRECT',
+    'SSRF_ON_PDF_UPLOAD_LOCALHOST_REDIRECT',
+    'LOGOUT_AUTH_TOKEN_TEST',
+    'SSRF_SCRIPT_TAG_AZURE_REDIRECT',
+    'SSL_ENABLE_CHECK_AUTH',
+    'SSRF_SCRIPT_TAG_AWS_REDIRECT',
+    'SSRF_ON_LOCALHOST',
+    'SSRF_SCRIPT_TAG_BASIC',
+    'DOCKERFILE_HIDDEN_DISCLOSURE',
+    'SSRF_ON_XML_UPLOAD_GCP_REDIRECT',
+    'SSRF_ON_IMAGE_UPLOAD_AZURE_REDIRECT',
+    'SSRF_ON_LOCALHOST_ENCODED',
+    'AUTH_BYPASS_LOCKED_ACCOUNT_TOKEN_ROLE',
+    'BOLA_ADD_CUSTOM_HEADER',
+    'DOS_FILE_URL_PNG',
+    'SSRF_ON_PDF_UPLOAD_AZURE_REDIRECT',
+    'SSRF_SCRIPT_TAG_LOCALHOST_REDIRECT',
+    'DOS_FILE_URL_PDF',
+    'USER_ENUM_ACCOUNT_LOCK',
+    'DOS_FILE_URL_MP4',
+    'SSRF_ON_IMAGE_UPLOAD_AWS_REDIRECT',
+    'SSRF_ON_CSV_UPLOAD_AZURE_REDIRECT',
+    'DOS_ATTACH_FILE_IN_BODY',
+    'SSRF_SCRIPT_TAG_GCP_REDIRECT',
+    'BASIC_BFLA',
+    'SSRF_ON_XML_UPLOAD_AWS_REDIRECT',
   ],
   notVulnerable: [
+    'DOS_TEST_URL',
     'TEXT_INJECTION_VIA_INVALID_URLS',
-    'CORS_MISCONFIGURATION_INVALID_ORIGIN',
-    'SSRF_ON_LOCALHOST',
-    'MASS_ASSIGNMENT_CHANGE_ROLE',
     'XSS_IN_PATH',
-    'DOCKERFILE_HIDDEN_DISCLOSURE',
-    'TRACE_METHOD_TEST',
-    'CORS_MISCONFIGURATION_WHITELIST_ORIGIN',
-    'LARAVEL_DEBUG_MODE_ENABLED',
-    'CONFIG_JSON',
-    'RAILS_DEBUG_MODE_ENABLED',
-    'CONTENT_TYPE_HEADER_MISSING'
   ]
 }