An open source API to validate the EU Covid Certificates / Green Certificates

Related tags

Third-party APIs Wrapperseuvaccinationvaccinecovid-19covidgreen-certificateeu-covidpass
Overview

Open Covid Certificate Validator

Build badge Language badge License badge Star count badge

This an open source API to validate EU Digital COVID Certificates. It receives a COVID certificate and validates it using a list of signing certificates provided by an EU member state.

The server provides a simple JSON-API that returns validation result and the data stored inside a certificate. There is also a simple web frontend to test the service.

There is a basic demo available at

https://covid.merlinschumacher.de/

The demo neither logs IP addresses nor stores any COVID certificate data.

NOTICE: THIS IS NOT AN OFFICIAL VALIDATOR! IT COMES WITHOUT ANY WARRANTIES!

Getting started

The easiest way to run OCCV is to use a container. An up to date docker image is provided via GitHubs Container Image Registry under ghcr.io/merlinschumacher/open-covid-certificate-validator:main.

To start the container you need a recent version of Docker and docker-compose. Just execute docker-compose up and the server will answer on port 8000 of your server. Modify the compose file to fit your needs. Currently only validation against the german list of certificates provided by Ubirch is supported. But this should be able to validate all certificates issued in the EU. The certificates are updated every 24 hours.

To access the API send a POST request containing the following JSON to /:

    {"dcc": "HC1:XXXX..."}

Replace the payload with the data of the COVID certificate. The server will then return the following answer, if the certificate is valid:

{
  "valid": true,
  "dccdata": {
    "1": "AT",
    "4": 1635876000,
    "6": 1620324000,
    "-260": {
      "1": {
        "v": [
          {
            "dn": 1,
            "ma": "ORG-100030215",
            "vp": "1119349007",
            "dt": "2021-02-18",
            "co": "AT",
            "ci": "URN:UVCI:01:AT:10807843F94AEE0EE5093FBC254BD813#B",
            "mp": "EU/1/20/1528",
            "is": "Ministry of Health, Austria",
            "sd": 2,
            "tg": "840539006"
          }
        ],
        "nam": {
          "fnt": "MUSTERFRAU<GOESSINGER",
          "fn": "Musterfrau-Gößinger",
          "gnt": "GABRIELE",
          "gn": "Gabriele"
        },
        "ver": "1.0.0",
        "dob": "1998-02-26"
      }
    }
  }
}

If it's invalid, the server will simply return

{
    "valid":false, 
    "ddcdata":{}
}

The ddcdata field contains all the data encoded in the certificate according to the specification by the EU

Contributing

Everyone is invited to contribute to the service and provide pull-requests, ideas and feedback.

Foremost the service needs testing with certificates from all issuing countries and also the implementation of all available validation lists from the EU members. You can contribute with testing your certificate and reporting your success or possible errors.

Privacy

While the data encoded in the certificate are sent to the server, they are never stored. They will be processed to generate a response and are deleted afterwards. There is no logging of indidivual data of any kind.

The web service

This container provides a simple web service to test and validate certificates. It uses your webcam or phone camera to scan a QR code for a certificate and sends it to the API.

An example of a scanned and validated COVID Certificate

Technology

The API service is written in Python and uses FastAPI to provide the JSON API. The validation is handled by python-cwt, a CBOR Web Token library.

The web interface is still very rudimentary and build in Typescript using jsQR to decode the QR codes.

Comments
  • Bump loader-utils from 1.4.0 to 1.4.1 in /web

    Bump loader-utils from 1.4.0 to 1.4.1 in /web

    Bumps loader-utils from 1.4.0 to 1.4.1.

    Release notes

    Sourced from loader-utils's releases.

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    Changelog

    Sourced from loader-utils's changelog.

    1.4.1 (2022-11-07)

    Bug Fixes

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • Bump qs from 6.5.2 to 6.5.3 in /web

    Bump qs from 6.5.2 to 6.5.3 in /web

    Bumps qs from 6.5.2 to 6.5.3.

    Changelog

    Sourced from qs's changelog.

    6.5.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Refactor] parse: only need to reassign the var once
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] always use String(x) over x.toString()
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main
    Commits
    • 298bfa5 v6.5.3
    • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 12ac1c4 [meta] fix README.md (#399)
    • 0338716 [actions] backport actions from main
    • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • 51b8a0b add FUNDING.yml
    • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • f814a7f [Dev Deps] backport from main
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump certifi from 2021.10.8 to 2022.12.7

    Bump certifi from 2021.10.8 to 2022.12.7

    Bumps certifi from 2021.10.8 to 2022.12.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies python 
    opened by dependabot[bot] 0
  • Bump loader-utils from 1.4.0 to 1.4.2 in /web

    Bump loader-utils from 1.4.0 to 1.4.2 in /web

    Bumps loader-utils from 1.4.0 to 1.4.2.

    Release notes

    Sourced from loader-utils's releases.

    v1.4.2

    1.4.2 (2022-11-11)

    Bug Fixes

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    Changelog

    Sourced from loader-utils's changelog.

    1.4.2 (2022-11-11)

    Bug Fixes

    1.4.1 (2022-11-07)

    Bug Fixes

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump minimatch from 3.0.4 to 3.0.8 in /web

    Bump minimatch from 3.0.4 to 3.0.8 in /web

    Bumps minimatch from 3.0.4 to 3.0.8.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump json-schema and jsprim in /web

    Bump json-schema and jsprim in /web

    Bumps json-schema and jsprim. These dependencies needed to be updated together. Updates json-schema from 0.2.3 to 0.4.0

    Commits
    • f6f6a3b Use a little more robust method of checking instances
    • ef60987 Update version
    • b62f1da Protect against constructor modification, #84
    • fb427cd Link to json-schema-org repository in addition to site, fixes #54
    • 22f1461 Don't allow proto property to be used for schema default/coerce, fixes #84
    • c52a27c Get basic test to pass
    • b3f42b3 Add security policy
    • 3b0cec3 Update version
    • c28470f Update readme to acknowledge the state of the package
    • 7dff9cd Merge pull request #81 from hodovani/patch-1
    • Additional commits viewable in compare view

    Updates jsprim from 1.4.1 to 1.4.2

    Changelog

    Sourced from jsprim's changelog.

    v1.4.2 (2021-11-29)

    • #35 Backport json-schema 0.4.0 to version 1.4.x
    Commits
    Maintainer changes

    This version was pushed to npm by bahamat, a new releaser for jsprim since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump node-forge and webpack-dev-server in /web

    Bump node-forge and webpack-dev-server in /web

    Bumps node-forge to 1.3.1 and updates ancestor dependency webpack-dev-server. These dependencies need to be updated together.

    Updates node-forge from 0.10.0 to 1.3.1

    Changelog

    Sourced from node-forge's changelog.

    1.3.1 - 2022-03-29

    Fixes

    • RFC 3447 and RFC 8017 allow for optional DigestAlgorithm NULL parameters for sha* algorithms and require NULL paramters for md2 and md5 algorithms.

    1.3.0 - 2022-03-17

    Security

    • Three RSA PKCS#1 v1.5 signature verification issues were reported by Moosa Yahyazadeh ([email protected]).
    • HIGH: Leniency in checking digestAlgorithm structure can lead to signature forgery.
    • HIGH: Failing to check tailing garbage bytes can lead to signature forgery.
    • MEDIUM: Leniency in checking type octet.
      • DigestInfo is not properly checked for proper ASN.1 structure. This can lead to successful verification with signatures that contain invalid structures but a valid digest.
      • CVE ID: CVE-2022-24773
      • GHSA ID: GHSA-2r2c-g63r-vccr

    Fixed

    • [asn1] Add fallback to pretty print invalid UTF8 data.
    • [asn1] fromDer is now more strict and will default to ensuring all input bytes are parsed or throw an error. A new option parseAllBytes can disable this behavior.
      • NOTE: The previous behavior is being changed since it can lead to security issues with crafted inputs. It is possible that code doing custom DER parsing may need to adapt to this new behavior and optional flag.
    • [rsa] Add and use a validator to check for proper structure of parsed ASN.1

    ... (truncated)

    Commits

    Updates webpack-dev-server from 4.4.0 to 4.11.1

    Release notes

    Sourced from webpack-dev-server's releases.

    v4.11.1

    4.11.1 (2022-09-19)

    Bug Fixes

    • respect client.logging option for all logs (#4572) (375835c)

    v4.11.0

    4.11.0 (2022-09-07)

    Features

    • make allowedHosts accept localhost subdomains by default (#4357) (0a33e6a)

    Bug Fixes

    v4.10.1

    4.10.1 (2022-08-29)

    Bug Fixes

    v4.10.0

    4.10.0 (2022-08-10)

    Features

    • allow to configure more client options via resource URL (#4274) (216e3cb)

    Bug Fixes

    • response correctly when receive an OPTIONS request (#4185) (2b3b7e0)

    v4.9.3

    4.9.3 (2022-06-29)

    Bug Fixes

    • avoid creation unnecessary stream for static sockjs file (#4482) (049b153)
    • history-api-fallback now supports HEAD requests and handles them the same as GET (8936082)

    ... (truncated)

    Changelog

    Sourced from webpack-dev-server's changelog.

    4.11.1 (2022-09-19)

    Bug Fixes

    • respect client.logging option for all logs (#4572) (375835c)

    4.11.0 (2022-09-07)

    Features

    • make allowedHosts accept localhost subdomains by default (#4357) (0a33e6a)

    Bug Fixes

    4.10.1 (2022-08-29)

    Bug Fixes

    4.10.0 (2022-08-10)

    Features

    • allow to configure more client options via resource URL (#4274) (216e3cb)

    Bug Fixes

    • response correctly when receive an OPTIONS request (#4185) (2b3b7e0)

    4.9.3 (2022-06-29)

    Bug Fixes

    • avoid creation unnecessary stream for static sockjs file (#4482) (049b153)
    • history-api-fallback now supports HEAD requests and handles them the same as GET (8936082)

    4.9.2 (2022-06-06)

    Bug Fixes

    ... (truncated)

    Commits
    • 418e932 chore(release): 4.11.1
    • 375835c fix: respect client.logging option for all logs (#4572)
    • ef2f9e9 chore: fix examples for open target not working (#4575)
    • 7da7336 ci: workflow security
    • 5d4b347 chore(deps-dev): bump core-js from 3.25.1 to 3.25.2 (#4574)
    • 87072c7 chore(deps-dev): bump @​types/node-forge from 1.0.4 to 1.0.5 (#4571)
    • 28f6381 chore(deps-dev): bump @​babel/plugin-transform-runtime (#4567)
    • 595003b chore(deps-dev): bump @​babel/core from 7.19.0 to 7.19.1 (#4568)
    • 67acc2e chore(deps-dev): bump @​babel/eslint-parser from 7.18.9 to 7.19.1 (#4569)
    • ad2dcc5 chore(deps-dev): bump @​babel/preset-env from 7.19.0 to 7.19.1 (#4570)
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump nanoid from 3.1.25 to 3.3.4 in /web

    Bump nanoid from 3.1.25 to 3.3.4 in /web

    Bumps nanoid from 3.1.25 to 3.3.4.

    Changelog

    Sourced from nanoid's changelog.

    3.3.4

    3.3.3

    • Reduced size (by Anton Khlynovskiy).

    3.3.2

    • Fixed enhanced-resolve support.

    3.3.1

    • Reduced package size.

    3.3

    • Added size argument to function from customAlphabet (by Stefan Sundin).

    3.2

    • Added --size and --alphabet arguments to binary (by Vitaly Baev).

    3.1.32

    • Reduced async exports size (by Artyom Arutyunyan).
    • Moved from Jest to uvu (by Vitaly Baev).

    3.1.31

    • Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

    3.1.30

    • Reduced size for project with brotli compression (by Anton Khlynovskiy).

    3.1.29

    • Reduced npm package size.

    3.1.28

    • Reduced npm package size.

    3.1.27

    • Cleaned dependencies from development tools.

    3.1.26

    • Improved performance (by Eitan Har-Shoshanim).
    • Reduced npm package size.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump terser from 5.9.0 to 5.14.2 in /web

    Bump terser from 5.9.0 to 5.14.2 in /web

    Bumps terser from 5.9.0 to 5.14.2.

    Changelog

    Sourced from terser's changelog.

    v5.14.2

    • Security fix for RegExps that should not be evaluated (regexp DDOS)
    • Source maps improvements (#1211)
    • Performance improvements in long property access evaluation (#1213)

    v5.14.1

    • keep_numbers option added to TypeScript defs (#1208)
    • Fixed parsing of nested template strings (#1204)

    v5.14.0

    • Switched to @​jridgewell/source-map for sourcemap generation (#1190, #1181)
    • Fixed source maps with non-terminated segments (#1106)
    • Enabled typescript types to be imported from the package (#1194)
    • Extra DOM props have been added (#1191)
    • Delete the AST while generating code, as a means to save RAM

    v5.13.1

    • Removed self-assignments (varname=varname) (closes #1081)
    • Separated inlining code (for inlining things into references, or removing IIFEs)
    • Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

    v5.13.0

    • All calls to eval() were removed (#1171, #1184)
    • source-map was updated to 0.8.0-beta.0 (#1164)
    • NavigatorUAData was added to domprops to avoid property mangling (#1166)

    v5.12.1

    • Fixed an issue with function definitions inside blocks (#1155)
    • Fixed parens of new in some situations (closes #1159)

    v5.12.0

    • TERSER_DEBUG_DIR environment variable
    • @​copyright comments are now preserved with the comments="some" option (#1153)

    v5.11.0

    • Unicode code point escapes (\u{abcde}) are not emitted inside RegExp literals anymore (#1147)
    • acorn is now a regular dependency

    v5.10.0

    • Massive optimization to max_line_len (#1109)
    • Basic support for import assertions
    • Marked ES2022 Object.hasOwn as a pure function
    • Fix delete optional?.property
    • New CI/CD pipeline with github actions (#1057)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump async from 2.6.3 to 2.6.4 in /web

    Bump async from 2.6.3 to 2.6.4 in /web

    Bumps async from 2.6.3 to 2.6.4.

    Changelog

    Sourced from async's changelog.

    v2.6.4

    • Fix potential prototype pollution exploit (#1828)
    Commits
    Maintainer changes

    This version was pushed to npm by hargasinski, a new releaser for async since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump minimist from 1.2.5 to 1.2.6 in /web

    Bump minimist from 1.2.5 to 1.2.6 in /web

    Bumps minimist from 1.2.5 to 1.2.6.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Permission denied on startup

    Permission denied on startup

    Hi,

    I get this when trying to start the container:

    # docker-compose up
Creating network "validator_default" with the default driver
Creating occv ... done
Attaching to occv
occv    | Traceback (most recent call last):
occv    |   File "/code/./main.py", line 5, in <module>
occv    | Open Covid Certificate Validator
occv    | Certificate country: DE
occv    | Development mode: False
occv    |     uvicorn.run("occv:app", host="0.0.0.0", port=8000, log_level="info")
occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/main.py", line 447, in run
occv    |     server.run()
occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/server.py", line 68, in run
occv    |     return asyncio.run(self.serve(sockets=sockets))
occv    |   File "/usr/local/lib/python3.10/asyncio/runners.py", line 44, in run
occv    |     return loop.run_until_complete(main)
occv    |   File "/usr/local/lib/python3.10/asyncio/base_events.py", line 641, in run_until_complete
occv    |     return future.result()
occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/server.py", line 76, in serve
occv    |     config.load()
occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/config.py", line 448, in load
occv    |     self.loaded_app = import_from_string(self.app)
occv    |   File "/usr/local/lib/python3.10/site-packages/uvicorn/importer.py", line 21, in import_from_string
occv    |     module = importlib.import_module(module_str)
occv    |   File "/usr/local/lib/python3.10/importlib/__init__.py", line 126, in import_module
occv    |     return _bootstrap._gcd_import(name[level:], package, level)
occv    |   File "<frozen importlib._bootstrap>", line 1050, in _gcd_import
occv    |   File "<frozen importlib._bootstrap>", line 1027, in _find_and_load
occv    |   File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked
occv    |   File "<frozen importlib._bootstrap>", line 688, in _load_unlocked
occv    |   File "<frozen importlib._bootstrap_external>", line 883, in exec_module
occv    |   File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed
occv    |   File "/code/occv.py", line 47, in <module>
occv    |     validator = DCCValidator(CERT_COUNTRY)
occv    |   File "/code/validator.py", line 33, in __init__
occv    |     self._cert_loader = self._get_cert_loader(country)()
occv    |   File "/code/cert_loaders/de.py", line 23, in __init__
occv    |     self._build_certlist()
occv    |   File "/code/cert_loaders/de.py", line 140, in _build_certlist
occv    |     certs_str = self._load_certs()
occv    |   File "/code/cert_loaders/de.py", line 86, in _load_certs
occv    |     certs_str = self._download_certs()
occv    |   File "/code/cert_loaders/de.py", line 130, in _download_certs
occv    |     self._save_certs(certs_str, signature)
occv    |   File "/code/cert_loaders/de.py", line 55, in _save_certs
occv    |     with open("./data/" + self._cert_filename, 'wb') as f:
occv    | PermissionError: [Errno 13] Permission denied: './data/de.json'
occv exited with code 1

    Maybe this has something to do with a version error on docker-compose.yml:

    # docker-compose up -d
ERROR: Version in "./docker-compose.yml" is unsupported. You might be seeing this error because you're using the wrong Compose file version. Either specify a supported version (e.g "2.2" or "3.3") and place your service definitions under the `services` key, or omit the `version` key and place your service definitions at the root of the file to use version 1.
For more on the Compose file format versions, see https://docs.docker.com/compose/compose-file/

    I changed the version entry to "3.3" which yields the above error.

    System info:

    # docker-compose -v
docker-compose version 1.25.0, build unknown

# docker -v
Docker version 20.10.7, build 20.10.7-0ubuntu5~20.04.2
    opened by hokascha 2
  • check if a certificate is valid by date or is a final injection

    check if a certificate is valid by date or is a final injection

    Currently, the service only evaluates, if a certificate has a correct cryptographic signature, but not if the last vaccination was given more than 14 days ago or if it's a completed vaccination cycle of 1 or 2 injections.

    enhancement 
    opened by merlinschumacher 0
Releases(v0.0.6)

  • v0.0.6(Jan 2, 2022)

    This release fixes the broken update mechanism. The certificates will now be updated every 24hs.

    Full Changelog: https://github.com/merlinschumacher/Open-Covid-Certificate-Validator/compare/v0.0.5...v0.0.6

    Source code(tar.gz)
    Source code(zip)

  • v0.0.5(Dec 15, 2021)

  • v0.0.4(Dec 13, 2021)

    This version will always return DCC data. Even if the validation fails. Also the tests have been extended.

    Full Changelog: https://github.com/merlinschumacher/Open-Covid-Certificate-Validator/compare/v0.0.3...v0.0.4

    Source code(tar.gz)
    Source code(zip)

  • v0.0.3(Nov 25, 2021)

    This version supports the Austrian certificate infrastructure. Just set AT as the CERT_COUNTRY variable. It also exports business rules needed to check the validity of a certificate according to national rules.

    Source code(tar.gz)
    Source code(zip)

  • v0.0.2(Nov 8, 2021)

  • v0.0.1(Aug 16, 2021)

    The first release contains a working validator for EU COVID certificates / EU Green Certificates / Digitaler Impfnachweis. It currently only supports the certificate list provided by Germany, which should be able to validate all conforming European vaccination certificates. The German certificates are signature checked when (down)loaded.

    Notice: This software is still very rudimentary. It comes withour any warrant.

    Source code(tar.gz)
    Source code(zip)
Owner
Merlin Schumacher
Pop, Computers and so on.
Merlin Schumacher
GitHub Repository
A Telegram AntiChannel bot to ban users who using channel to send message in group

Anti-Channel-bot A Telegram AntiChannel bot to ban users who using channel to send message in group. BOT LINK: Features: Automatic ban Whitelist Unban

Jigar varma 36 Oct 21, 2022
Telegram bot to download tiktok video/audio

TikTokDL (Bot) Telegram RoBot to Download Tiktok video/audio. Features: 👉 Download TikTok Video without Watermark 👉 Download TikTok Video with Water

X-Noid 23 Nov 21, 2022
A simple telegram bot to download from Zee5 links

Zee5 Downloader If you find any bugs, report at @TroJanzSupport My Features: 👉 Upload as file/video from any NON-DRM Zee5 link 👉 Permanent thumbnail

TroJanzHEX 95 Dec 20, 2022
Wrapper for wttr.in weather forecast.

pywttr Wrapper for wttr.in weather forecast. Asynchronous version here. Installation pip install pywttr Example This example prints the average temper

Almaz 6 Dec 25, 2022
A Python wrapper for the Dogehouse API.

Python wrapper for the dogehouse API Installation pip install dogehouse Example from dogehouse import DogeClient, event, command from dogehouse.entiti

Arthur 36 Jun 15, 2022
Telegram Radio - A User-bot who continuously play random audio files (from the famous telegram music channel @mveargasm) in the intended voice chat.

MvEargasmDJ: This is my submission for the Telegram Radio Project of Baivaru. Which required a userbot to continiously play random audio files from th

eyaadh 24 Nov 12, 2022
Desktop Backup Client for Borg

Vorta Backup Client Vorta is a backup client for macOS and Linux desktops. It integrates the mighty BorgBackup with your desktop environment to protec

BorgBase.com 1.5k Jan 03, 2023
Command-line program to download videos from YouTube.com and other video sites

youtube-dl - download videos from youtube.com or other video platforms INSTALLATION DESCRIPTION OPTIONS CONFIGURATION OUTPUT TEMPLATE FORMAT SELECTION

youtube-dl 116.4k Jan 07, 2023
Opasium AI was specifically designed for the Opasium Games discord only. It is a bot that covers the basic functions of any other bot.

OpasiumAI Opasium AI was specifically designed for the Opasium Games discord only. It is a bot that covers the basic functions of any other bot. Insta

Dan 3 Oct 15, 2021
Very Sempil Bot Auto Filter bot

SAMANTHA_BOT Very Sempil Bot Auto Filter bot ##[ # 𝐂𝐋𝐈𝐂𝐊 𝐁𝐄𝐋𝐎𝐖 𝐈𝐌𝐀𝐆𝐄 𝐓𝐎 𝐃𝐄𝐏𝐋𝐎𝐘 👇 👇 👇 Auto Filter Manuel Filter IMDB Admin Co

DARK WEBLOAD 3 Jun 27, 2022
Amanda-A next gen powerful telegram group manager bot for manage your groups and have fun with other cool modules.

Amanda-A next gen powerful telegram group manager bot for manage your groups and have fun with other cool modules.

Team Amanda 4 Oct 21, 2022
Discord Bot Sending Members - Leaked by BambiKu ( Me )

Wokify Bot Discord Bot Sending Members - Leaked by BambiKu ( Me ) Info The Bot was orginaly made by someone else! Ghost-Dev just wanted to sell "priva

bambiku 6 Jul 05, 2022
MCNameBot is a fast discord bot that is used to check the availability of a Minecraft name with a simple command.

MCNameBot MCNameBot is a fast discord bot that is used to check the availability of a Minecraft name with a simple command. If you would like to just

Killin 2 Oct 11, 2022
A repo to automate the booking process for vaccinations

OntarioVaccineFormAutomaker A repo to automate the booking process for vaccinations Requirements Allow ALL sights to be able to know your location (on

Rafid Dewan 7 May 31, 2021
This repository is used to simplify the process of cloning the SSM documents across the AWS regions.

SSM Cloner Introduction This module is created in order to simplify the process of copying the SSM documents from one region to another regions. As an

6 Jun 04, 2022
Web3 Pancakeswap Sniper & honeypot detector Take Profit/StopLose bot written in python3, For ANDROID WIN MAC & LINUX

🏆 Pancakeswap BSC Sniper Bot web3 with honeypot detector (ANDROID WINDOWS MAC LINUX) 🥇 ⭐️ ⭐️ ⭐️ First SNIPER BOT for ANDROID & WINDOWS with honeypot

HYDRA 2 Dec 24, 2021
A tool that helps keeping track of your AWS quota utilization

aws-quota-checker A tool that helps keeping track of your AWS quota utilization. It'll determine the limits of your AWS account and compare them to th

Max 63 Dec 14, 2022
An information scroller Twitter trends, news, weather for raspberry pi and Pimoroni Unicorn Hat Mini and Scroll Phat HD.

uticker An information scroller Twitter trends, news, weather for raspberry pi and Pimoroni Unicorn Hat Mini and Scroll Phat HD. Features include: Twi

Tansu Şenyurt 1 Nov 28, 2021
Touca SDK for Python

Touca SDK For Python Touca helps you understand the true impact of your day to day code changes on the behavior and performance of your overall softwa

Touca 12 May 18, 2022
Fastest Pancakeswap Sniper BOT TORNADO CASH 2022-V1 (MAC WINDOWS ANDROID LINUX)

Fastest Pancakeswap Sniper BOT TORNADO CASH 2022-V1 (MAC WINDOWS ANDROID LINUX) ⭐️ AUTO BUY TOKEN ON LAUNCH AFTER ADD LIQUIDITY ⭐️ ⭐️ Support Uniswap

Crypto Trader 7 Jan 31, 2022