diff --git a/.github/scripts/docker-create-and-push.sh b/.github/scripts/docker-create-and-push.sh
index 375ba0839..6deeb0242 100755
--- a/.github/scripts/docker-create-and-push.sh
+++ b/.github/scripts/docker-create-and-push.sh
@@ -35,7 +35,7 @@ echo "buildarg supplied: $buildarg"
 echo "check if al required binaries are installed"
 source ../../scripts/check-available-commands.sh
 
-checkCommandsAvailable java git docker mvn
+checkCommandsAvailable java git docker mvn gsed
 
 echo "Start building assets required for container"
 
@@ -49,10 +49,11 @@ SECENDKEYPART4=$(openssl rand -base64 3 | tr -d '\n')
 echo -n "${SECENDKEYPART1}9${SECENDKEYPART2}6${SECENDKEYPART3}2${SECENDKEYPART4}7" > secondkey.txt
 printf "function secret() { \n var password = \"$SECENDKEYPART1\" + 9 + \"$SECENDKEYPART2\" + 6 + \"$SECENDKEYPART3\" + 2 + \"$SECENDKEYPART4\" + 7;\n return password;\n }\n" > ../../js/index.js
 echo "generating challenge 17"
+rm thirdkey.txt
 openssl rand -base64 32 | tr -d '\n' > thirdkey.txt
 answer=$(<thirdkey.txt)
-answerRegexSafe="$(printf '%s' "$answer" | sed -e 's/[]\/$*.^|[]/\\&/g' | sed ':a;N;$!ba;s,\n,\\n,g')"
-sed -i "s/Placeholder Password, find the real one in the history of the container/$answerRegexSafe/g" ../../src/main/resources/.bash_history
+answerRegexSafe="$(printf '%s' "$answer" | gsed -e 's/[]\/$*.^|[]/\\&/g' | gsed ':a;N;$!ba;s,\n,\\n,g')"
+gsed -i "s/Placeholder Password, find the real one in the history of the container/$answerRegexSafe/g" ../../src/main/resources/.bash_history
 
 # preps for #178:
 #echo "Building and publishing to maven central, did you set: a settings.xml file with:"
@@ -69,9 +70,7 @@ sed -i "s/Placeholder Password, find the real one in the history of the containe
 echo "Building and updating pom.xml file so we can use it in our docker"
 cd ../.. && mvn clean && mvn --batch-mode release:update-versions -DdevelopmentVersion=${tag}-SNAPSHOT && mvn install
 git add pom.xml
-git commit -am "Update POM file with new version: ${tag}"
-cd .github/scripts && git push
-#cd .github/scripts
+cd .github/scripts
 docker buildx create --name mybuilder
 docker buildx use mybuilder
 echo "creating containers"
@@ -81,13 +80,16 @@ docker buildx build --platform linux/amd64,linux/arm64 -t jeroenwillemsen/addo-e
 docker buildx build --platform linux/amd64,linux/arm64 -t jeroenwillemsen/wrongsecrets:$tag-no-vault --build-arg "$buildarg" --build-arg "PORT=8081" --build-arg "argBasedVersion=$tag" --build-arg "spring_profile=without-vault" --push ./../../.
 docker buildx build --platform linux/amd64,linux/arm64 -t jeroenwillemsen/wrongsecrets:$tag-local-vault --build-arg "$buildarg" --build-arg "PORT=8081" --build-arg "argBasedVersion=$tag" --build-arg "spring_profile=local-vault" --push ./../../.
 docker buildx build --platform linux/amd64,linux/arm64 -t jeroenwillemsen/wrongsecrets:$tag-k8s-vault --build-arg "$buildarg" --build-arg "PORT=8081" --build-arg "argBasedVersion=$tag" --build-arg "spring_profile=kubernetes-vault" --push ./../../.
-
+cd ../..
 echo "restoring temporal change"
 git restore js/index.js
-
+git restore src/main/resources/.bash_history
+echo "committing changes and new pom file with version ${tag}"
+git commit -am "Update POM file with new version: ${tag}"
+git push
 echo "tagging version"
-#git tag -a $tag -m "${message}"
-#git push --tags
+git tag -a $tag -m "${message}"
+git push --tags
 
 echo "Don't forget to update experiment-bed"
 echo "git checkout experiment-bed && git merge master --no-edit"
diff --git a/Dockerfile.web b/Dockerfile.web
index d740956a9..fe7b5495f 100644
--- a/Dockerfile.web
+++ b/Dockerfile.web
@@ -1,6 +1,6 @@
-FROM jeroenwillemsen/wrongsecrets:1.4.0-no-vault
+FROM jeroenwillemsen/wrongsecrets:1.4.1-no-vault
 
-ARG argBasedVersion="1.4.0"
+ARG argBasedVersion="1.4.1"
 ARG CANARY_URLS="http://canarytokens.com/terms/about/s7cfbdakys13246ewd8ivuvku/post.jsp,http://canarytokens.com/terms/about/y0all60b627gzp19ahqh7rl6j/post.jsp"
 ENV APP_VERSION=$argBasedVersion
 ENV K8S_ENV=Heroku(Docker)
diff --git a/README.md b/README.md
index 2d7e8f83f..25ce44a32 100644
--- a/README.md
+++ b/README.md
@@ -6,7 +6,7 @@
 
 Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management is ok. The challenge is to find all the different secrets by means of various tools and techniques.
 
-Can you solve all the 16 challenges?
+Can you solve all the 17 challenges?
 ![screenshot.png](screenshot.png)
 
 ## Support
@@ -21,7 +21,7 @@ We will keep providing updates to this branch, and you can track the status quo
 
 ## Basic docker exercises
 
-_Can be used for challenges 1-4, 8, 12-15_
+_Can be used for challenges 1-4, 8, 12-17_
 
 For the basic docker exercises you currently require:
 
@@ -31,7 +31,7 @@ For the basic docker exercises you currently require:
 You can install it by doing:
 
 ```bash
-docker run -p 8080:8080 jeroenwillemsen/wrongsecrets:1.4.0-no-vault
+docker run -p 8080:8080 jeroenwillemsen/wrongsecrets:1.4.1-no-vault
 ```
 
 Now you can try to find the secrets by means of solving the challenge offered at:
@@ -46,6 +46,7 @@ Now you can try to find the secrets by means of solving the challenge offered at
 - [localhost:8080/challenge/14](http://localhost:8080/challenge/14)
 - [localhost:8080/challenge/15](http://localhost:8080/challenge/15)
 - [localhost:8080/challenge/16](http://localhost:8080/challenge/16)
+- [localhost:8080/challenge/17](http://localhost:8080/challenge/17)
 
 Note that these challenges are still very basic, and so are their explanations. Feel free to file a PR to make them look better ;-).
 
@@ -62,7 +63,7 @@ You can test them out at [https://wrongsecrets.herokuapp.com/](https://wrongsecr
 
 ## Basic K8s exercise
 
-_Can be used for challenges 1-6, 8, 12-16_
+_Can be used for challenges 1-6, 8, 12-17_
 
 ### Minikube based
 
@@ -109,7 +110,7 @@ now you can use the provided IP address and port to further play with the K8s va
 
 ## Vault exercises with minikube
 
-_Can be used for challenges 1-8, 12-16_
+_Can be used for challenges 1-8, 12-17_
 Make sure you have the following installed:
 
 - minikube with docker (or comment out line 8 and work at your own k8s setup),
@@ -120,13 +121,13 @@ Make sure you have the following installed:
 - vault [Install from here](https://www.vaultproject.io/downloads),
 - grep, Cat, and Sed
 
-Run `./k8s-vault-minkube-start.sh`, when the script is done, then the challenges will wait for you at <http://localhost:8080> . This will allow you to run challenges 1-8, 12-15.
+Run `./k8s-vault-minkube-start.sh`, when the script is done, then the challenges will wait for you at <http://localhost:8080> . This will allow you to run challenges 1-8, 12-17.
 
 When you stopped the `k8s-vault-minikube-start.sh` script and want to resume the port forward run: `k8s-vault-minikube-resume.sh`. This is because if you run the start script again it will replace the secret in the vault and not update the secret-challenge application with the new secret.
 
 ## Cloud Challenges
 
-_Can be used for challenges 1-16_
+_Can be used for challenges 1-17_
 
 **READ THIS**: Given that the exercises below contain IAM privilege escalation exercises, 
 never run this on an account which is related to your production environment or can influence your account-over-arching resources.
diff --git a/aws/k8s/secret-challenge-vault-deployment.yml b/aws/k8s/secret-challenge-vault-deployment.yml
index 394809903..69a635bf0 100644
--- a/aws/k8s/secret-challenge-vault-deployment.yml
+++ b/aws/k8s/secret-challenge-vault-deployment.yml
@@ -37,7 +37,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "wrongsecrets-aws-secretsmanager"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.4.0-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.4.1-k8s-vault
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080
diff --git a/azure/k8s/secret-challenge-vault-deployment.yml.tpl b/azure/k8s/secret-challenge-vault-deployment.yml.tpl
index 9a0e2c733..f4e87de6e 100644
--- a/azure/k8s/secret-challenge-vault-deployment.yml.tpl
+++ b/azure/k8s/secret-challenge-vault-deployment.yml.tpl
@@ -35,7 +35,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "azure-wrongsecrets-vault"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.4.0-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.4.1-k8s-vault
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080
diff --git a/gcp/k8s/secret-challenge-vault-deployment.yml.tpl b/gcp/k8s/secret-challenge-vault-deployment.yml.tpl
index 56914b11a..21d967a35 100644
--- a/gcp/k8s/secret-challenge-vault-deployment.yml.tpl
+++ b/gcp/k8s/secret-challenge-vault-deployment.yml.tpl
@@ -37,7 +37,7 @@ spec:
             volumeAttributes:
               secretProviderClass: "wrongsecrets-gcp-secretsmanager"
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.4.0-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.4.1-k8s-vault
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080
diff --git a/js/index.js b/js/index.js
index e1e4ab417..f7d1f24d0 100644
--- a/js/index.js
+++ b/js/index.js
@@ -1,4 +1,4 @@
 function secret() { 
- var password = "kY3HAYM=" + 9 + "iKBa" + 6 + "vQo=" + 2 + "VpEk" + 7;
+ var password = "jLJIQZM=" + 9 + "aG7l" + 6 + "LAQ=" + 2 + "UdiM" + 7;
  return password;
  }
diff --git a/k8s/secret-challenge-deployment.yml b/k8s/secret-challenge-deployment.yml
index 75687be77..5336fc69b 100644
--- a/k8s/secret-challenge-deployment.yml
+++ b/k8s/secret-challenge-deployment.yml
@@ -28,7 +28,7 @@ spec:
         runAsGroup: 2000
         fsGroup: 2000
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.4.0-no-vault
+        - image: jeroenwillemsen/wrongsecrets:1.4.1-no-vault
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080
diff --git a/k8s/secret-challenge-vault-deployment.yml b/k8s/secret-challenge-vault-deployment.yml
index 9685c541d..7149e7513 100644
--- a/k8s/secret-challenge-vault-deployment.yml
+++ b/k8s/secret-challenge-vault-deployment.yml
@@ -30,7 +30,7 @@ spec:
         runAsNonRoot: true
       serviceAccountName: vault
       containers:
-        - image: jeroenwillemsen/wrongsecrets:1.4.0-k8s-vault
+        - image: jeroenwillemsen/wrongsecrets:1.4.1-k8s-vault
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 8080
diff --git a/pom.xml b/pom.xml
index 0a7489a3e..7b1525fec 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
     </parent>
     <groupId>org.owasp</groupId>
     <artifactId>wrongsecrets</artifactId>
-    <version>1.4.1-dev-SNAPSHOT</version>
+    <version>1.4.1-SNAPSHOT</version>
     <name>OWASP WrongSecrets</name>
     <description>Examples with how to not use secrets</description>
     <url>https://owasp.org/www-project-wrongsecrets/</url>
diff --git a/secretscache/curl.sh b/secretscache/curl.sh
new file mode 100644
index 000000000..03643e280
--- /dev/null
+++ b/secretscache/curl.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+curl -H Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== https://en.wikipedia.org/wiki/Basic_access_authentication
diff --git a/src/main/resources/.bash_history b/src/main/resources/.bash_history
index c7ccb55d5..3104ef7b9 100644
--- a/src/main/resources/.bash_history
+++ b/src/main/resources/.bash_history
@@ -709,4 +709,4 @@ w
 pinky
 history
 pwd
-cat .bash_history
\ No newline at end of file
+cat .bash_history