kb.yaml signature mismatch for thesp0nge/dawnscanner_knowledge_base 1.0.0

[daisy1754]

I tried downloading the lastest dwnscanner (2.0.0rc5) and running it using the kb here https://github.com/thesp0nge/dawnscanner_knowledge_base/tags

However I am getting signature mismatch error

reproduce steps:

          wget https://github.com/thesp0nge/dawnscanner_knowledge_base/archive/refs/tags/v1.0.0.zip
          expected_checksum=cb2c57dc4305fa1497f7db5779bb05fb19329749
          if [[ $(sha1sum v1.0.0.zip) != "$expected_checksum  v1.0.0.zip" ]];then
            echo "Checksum failed" >&2
            sha1sum v1.0.0.zip
            exit 1
          fi
          mkdir ~/dawnscanner
          unzip v1.0.0.zip -d ~/dawnscanner
          mv ~/dawnscanner/dawnscanner_knowledge_base-1.0.0 ~/dawnscanner/kb
          bundle exec dawn scan .

Error I get

[2023-04-01 04:28:09] INFO  (dawn): dawn v2.0.0.rc5 is starting up
[2023-04-01 04:28:09] WARN  (dawn): pattern matching security checks are disabled for Gemfile.lock scan
[2023-04-01 04:28:09] WARN  (dawn): combo security checks are disabled for Gemfile.lock scan
[2023-04-01 04:28:09] ERROR (dawn): kb.yaml signature mismatch. Found 8efb1fd9c58795bc7fa2fae8389e129eabfd34ac4b36c93c981ec4c69d0c3dd9 while expecting 009101c8787ecd7a14ad15599fe145abd3e21069888ffa175e2c60fff870866d  /home/thesp0nge/src/dawnscanner/db/kb.yaml
. Giving up
[2023-04-01 04:28:09] WARN  (dawn): no security checks found. This is strange
[2023-04-01 04:28:09] INFO  (dawn): 0 issues found
[2023-04-01 04:28:09] INFO  (dawn): /home/runner/dawnscanner/results/./20230401/summary.txt created (1020 bytes)
[2023-04-01 04:28:09] INFO  (dawn): /home/runner/dawnscanner/results/./20230401/statistics.txt created (459 bytes)
[2023-04-01 04:28:09] INFO  (dawn): dawn is shutting down

[thesp0nge]

Hi @daisy1754 thanks for reporting it. I will address. By now you can simply override the check putting the expected hash in the kb.yaml.sig file

[thesp0nge]

The latest knowledge base has the correct signaure