fix false positive with untrusted flag (#296)

* fix false positive with untrusted flag * move update root certs logic to cmd seperate utility add gh action to update assets/root-certs file weekly * update root-certs workflow
projectdiscovery · Jul 4, 2023 · d19e53c · d19e53c
1 parent b5025fa
commit d19e53c
Show file tree

Hide file tree

Showing 5 changed files with 3,544 additions and 4 deletions.
diff --git a/.github/workflows/update-root-certs.yml b/.github/workflows/update-root-certs.yml
@@ -0,0 +1,47 @@
+name: Root Certificates Update
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 0 * * 0'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v3
+        with:
+          persist-credentials: false
+
+      - name: Setup golang
+        uses: actions/setup-go@v4
+        with:
+          go-version: 1.19
+
+      - name: Installing Update binary
+        run: |
+          go install github.com/projectdiscovery/tlsx/cmd/update-rootcerts
+        shell: bash
+
+      - name: Downloading latest root certificate changes
+        run: |
+          update-rootcerts -out-root-certs ./assets/root-certs.pem
+        shell: bash
+        working-directory: .
+
+      - name: Create local changes
+        run: |
+          git add ./assets/root-certs.pem
+
+      - name: Commit files
+        run: |
+          git config --local user.email "action@github.com"
+          git config --local user.name "GitHub Action"
+          git commit -m "Weekly root certifacte update [$(date)] :robot:" -a --allow-empty
+
+      - name: Push changes
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ github.ref }}