From 2dffa75ca5fd3402135bf18fb39e53abdd20dfc0 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 6 Nov 2023 17:37:03 +0000
Subject: [PATCH 1/7] [pre-commit.ci] pre-commit autoupdate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

updates:
- [github.com/pre-commit/pre-commit-hooks: v3.2.0 → v4.5.0](https://github.com/pre-commit/pre-commit-hooks/compare/v3.2.0...v4.5.0)
- [github.com/gitleaks/gitleaks: v8.17.0 → v8.18.0](https://github.com/gitleaks/gitleaks/compare/v8.17.0...v8.18.0)
- [github.com/ansible-community/ansible-lint: v6.17.2 → v6.22.0](https://github.com/ansible-community/ansible-lint/compare/v6.17.2...v6.22.0)
---
 .pre-commit-config.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index ffc67b7e..efec8883 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -7,7 +7,7 @@ ci:
 
 repos:
 - repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v3.2.0
+  rev: v4.5.0
   hooks:
   # Safety
   - id: detect-aws-credentials
@@ -37,14 +37,14 @@ repos:
     exclude: package.lock.json
 
 - repo: https://github.com/gitleaks/gitleaks
-  rev: v8.17.0
+  rev: v8.18.0
   hooks:
   - id: gitleaks
     args: ['--baseline-path', '.config/.gitleaks-report.json']
     exclude: .config/.secrets.baseline
 
 - repo: https://github.com/ansible-community/ansible-lint
-  rev: v6.17.2
+  rev: v6.22.0
   hooks:
   - id: ansible-lint
     name: Ansible-lint

From 0898602310f159882a1e7f7ffeb3d1a3d81f1c5b Mon Sep 17 00:00:00 2001
From: William Golembieski <william@armoryanalytics.com>
Date: Tue, 7 Nov 2023 00:39:10 -0500
Subject: [PATCH 2/7] Update cis_3.4.2.x.yml

Fixing name spacing

Signed-off-by: William Golembieski <william@armoryanalytics.com>
---
 tasks/section_3/cis_3.4.2.x.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/section_3/cis_3.4.2.x.yml b/tasks/section_3/cis_3.4.2.x.yml
index dff2c9ad..be9f79f4 100644
--- a/tasks/section_3/cis_3.4.2.x.yml
+++ b/tasks/section_3/cis_3.4.2.x.yml
@@ -225,13 +225,13 @@
         failed_when: false
         register: rhel8cis_3_4_2_8_inconnectionrule
 
-      - name: "3.4.2.8| AUDIT | Ensure nftables outbound and established connections are configured | Gather outbound connection rules"
+      - name: "3.4.2.8 | AUDIT | Ensure nftables outbound and established connections are configured | Gather outbound connection rules"
         ansible.builtin.shell: nft list ruleset | awk '/hook output/,/}/' | grep -E 'ip protocol (tcp|udp|icmp) ct state'
         changed_when: false
         failed_when: false
         register: rhel8cis_3_4_2_8_outconnectionrule
 
-      - name: "3.4.2.8| PATCH | Ensure nftables outbound and established connections are configured | Add input tcp established accept policy"
+      - name: "3.4.2.8 | PATCH | Ensure nftables outbound and established connections are configured | Add input tcp established accept policy"
         ansible.builtin.shell: nft add rule inet "{{ rhel8cis_nft_tables_tablename }}" input ip protocol tcp ct state established accept
         when: '"ip protocol tcp ct state established accept" not in rhel8cis_3_4_2_8_inconnectionrule.stdout'
 

From 4dd4c6939b2bd293aca0228ac0d3fc80627aecbd Mon Sep 17 00:00:00 2001
From: William Golembieski <william@armoryanalytics.com>
Date: Tue, 7 Nov 2023 00:41:55 -0500
Subject: [PATCH 3/7] Update cis_1.2.x.yml

Name spacing fix

Signed-off-by: William Golembieski <william@armoryanalytics.com>
---
 tasks/section_1/cis_1.2.x.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/section_1/cis_1.2.x.yml b/tasks/section_1/cis_1.2.x.yml
index 66c28cfa..d43e4b03 100644
--- a/tasks/section_1/cis_1.2.x.yml
+++ b/tasks/section_1/cis_1.2.x.yml
@@ -35,7 +35,7 @@
       - patch
       - rule_1.2.2
 
-- name: "1.2.3| PATCH | Ensure gpgcheck is globally activated"
+- name: "1.2.3 | PATCH | Ensure gpgcheck is globally activated"
   block:
       - name: "1.2.3 | AUDIT | Ensure gpgcheck is globally activated | Find repos"
         ansible.builtin.find:

From 021a63f4c929cfdf033de3656284d212acacc4d5 Mon Sep 17 00:00:00 2001
From: William Golembieski <william@armoryanalytics.com>
Date: Tue, 7 Nov 2023 00:45:56 -0500
Subject: [PATCH 4/7] Update cis_5.6.1.x.yml

Updating name spacing

Signed-off-by: William Golembieski <william@armoryanalytics.com>
---
 tasks/section_5/cis_5.6.1.x.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/section_5/cis_5.6.1.x.yml b/tasks/section_5/cis_5.6.1.x.yml
index 82f51b75..441b36e6 100644
--- a/tasks/section_5/cis_5.6.1.x.yml
+++ b/tasks/section_5/cis_5.6.1.x.yml
@@ -78,7 +78,7 @@
       - password
       - rule_5.6.1.4
 
-- name: "5.6.1.5 |  PATCH | Ensure all users last password change date is in the past"
+- name: "5.6.1.5 | PATCH | Ensure all users last password change date is in the past"
   block:
       - name: "5.6.1.5 | AUDIT | Ensure all users last password change date is in the past | Get current date in Unix Time"
         ansible.builtin.shell: echo $(($(date --utc --date "$1" +%s)/86400))

From 68be17900f4d1a70a8d3a3162b91cc6219fc9b74 Mon Sep 17 00:00:00 2001
From: William Golembieski <william@armoryanalytics.com>
Date: Tue, 7 Nov 2023 00:48:11 -0500
Subject: [PATCH 5/7] Update cis_6.2.x.yml

Fixing name spacing and format

Signed-off-by: William Golembieski <william@armoryanalytics.com>
---
 tasks/section_6/cis_6.2.x.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/section_6/cis_6.2.x.yml b/tasks/section_6/cis_6.2.x.yml
index 959457eb..d4f2b8ac 100644
--- a/tasks/section_6/cis_6.2.x.yml
+++ b/tasks/section_6/cis_6.2.x.yml
@@ -46,7 +46,7 @@
       - groups
       - rule_6.2.2
 
-- name: "6.2.3 | AUDIT Ensure no duplicate UIDs exist"
+- name: "6.2.3 | AUDIT | Ensure no duplicate UIDs exist"
   block:
       - name: "6.2.3 | AUDIT | Ensure no duplicate UIDs exist | Check for duplicate UIDs"
         ansible.builtin.shell: "pwck -r | awk -F: '{if ($3 in uid) print $1 ; else uid[$3]}' /etc/passwd"
@@ -134,7 +134,7 @@
       - users
       - rule_6.2.5
 
-- name: "6.2.6 | AUDIT |Ensure no duplicate group names exist"
+- name: "6.2.6 | AUDIT | Ensure no duplicate group names exist"
   block:
       - name: "6.2.6 | AUDIT | Ensure no duplicate group names exist | Check for duplicate group names"
         ansible.builtin.shell: 'getent passwd | cut -d: -f1 | sort -n | uniq -d'

From efc25134b9e47b5caaf6d578f332b06ebc236a41 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 13 Nov 2023 17:46:15 +0000
Subject: [PATCH 6/7] [pre-commit.ci] pre-commit autoupdate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

updates:
- [github.com/adrienverge/yamllint.git: v1.32.0 → v1.33.0](https://github.com/adrienverge/yamllint.git/compare/v1.32.0...v1.33.0)
---
 .pre-commit-config.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index efec8883..7a7938cd 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -63,6 +63,6 @@ repos:
     - ansible-core>=2.10.1
 
 - repo: https://github.com/adrienverge/yamllint.git
-  rev: v1.32.0  # or higher tag
+  rev: v1.33.0  # or higher tag
   hooks:
   - id: yamllint

From ea7ba48c62c7faba9c9c30c1eb2da47c4c835cd5 Mon Sep 17 00:00:00 2001
From: "pre-commit-ci[bot]"
 <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Date: Mon, 20 Nov 2023 17:35:52 +0000
Subject: [PATCH 7/7] [pre-commit.ci] pre-commit autoupdate
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

updates:
- [github.com/gitleaks/gitleaks: v8.18.0 → v8.18.1](https://github.com/gitleaks/gitleaks/compare/v8.18.0...v8.18.1)
---
 .pre-commit-config.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 7a7938cd..bb3a49af 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -37,7 +37,7 @@ repos:
     exclude: package.lock.json
 
 - repo: https://github.com/gitleaks/gitleaks
-  rev: v8.18.0
+  rev: v8.18.1
   hooks:
   - id: gitleaks
     args: ['--baseline-path', '.config/.gitleaks-report.json']