Skip to content

Bump zaproxy/action-baseline from 0.3.0 to 0.9.0#8

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/zaproxy/action-baseline-0.9.0
Closed

Bump zaproxy/action-baseline from 0.3.0 to 0.9.0#8
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/zaproxy/action-baseline-0.9.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Aug 28, 2023

Copy link
Copy Markdown
Contributor

Bumps zaproxy/action-baseline from 0.3.0 to 0.9.0.

Release notes

Sourced from zaproxy/action-baseline's releases.

Version 0.9.0

Changed

  • The default Docker image was changed to ghcr.io/zaproxy/zaproxy:stable.

Version 0.8.2

Fixed

  • Fix an issue introduced in the previous release that prevented the use of the default GitHub authentication token to raise issues.

Version 0.8.1

Fixed

  • Check issues with authenticated user. #17

Version 0.8.0

Added

  • An input (artifact_name) used to name the artifact that contains the ZAP reports. #45

Changed

  • Run action with Node 16.
  • Update dependencies.

Version 0.7.0

Changed

  • Update dependencies.

Fixed

  • Use default zap user rather than root to allow the Ajax Spider to run.

Version 0.6.1

Changed

  • Revert previous change (not into effect), no longer needed.

Version 0.6.0

Changed

  • Disabled the automation framework while we investigate a problem with it.

Version 0.5.0

Added

  • An input (allow_issue_writing) to choose if a GitHub issue should be raised or not. #56

Changed

  • Update dependencies.

Version 0.4.0

Added

  • Option to fail the status of the GitHub action if any alerts are found during the scan process. #31

Changed

  • Modified the action status to pass by default (previously fail by default) #31
  • Reduced docker logs #20
Changelog

Sourced from zaproxy/action-baseline's changelog.

[0.9.0] - 2023-08-02

Changed

  • The default Docker image was changed to ghcr.io/zaproxy/zaproxy:stable.

[0.8.2] - 2023-07-04

Fixed

  • Fix an issue introduced in the previous release that prevented the use of the default GitHub authentication token to raise issues.

[0.8.1] - 2023-07-03

Fixed

  • Check issues with authenticated user. #17

[0.8.0] - 2023-06-30

Added

  • An input (artifact_name) used to name the artifact that contains the ZAP reports. #45

Changed

  • Run action with Node 16.
  • Update dependencies.

[0.7.0] - 2022-05-23

Changed

  • Update dependencies.

Fixed

  • Use default zap user rather than root to allow the Ajax Spider to run.

[0.6.1] - 2021-10-08

Changed

  • Revert previous change (not into effect), no longer needed.

[0.6.0] - 2021-10-08

Changed

  • Disabled the automation framework while we investigate a problem with it.

[0.5.0] - 2021-09-14

Added

  • An input (allow_issue_writing) to choose if a GitHub issue should be raised or not. #56

Changed

  • Update dependencies.

[0.4.0] - 2020-10-08

Added

  • Option to fail the status of the GitHub action if any alerts are found during the scan process. #31

Changed

  • Modified the action status to pass by default (previously fail by default) #31
  • Reduced docker logs #20
Commits
  • 41aee98 Merge pull request #107 from thc202/release-v0.9.0
  • 2a3687c Release v0.9.0
  • bf76656 Merge pull request #106 from thc202/update-image
  • 69078c5 Update names and default Docker image
  • 827653e Merge pull request #103 from thc202/update-changelog
  • 7c68121 Prepare next dev version
  • 1a33fae Merge pull request #102 from thc202/release-v0.8.2
  • 66cc74d Update dependency and release v0.8.2
  • 61ae317 Merge pull request #101 from thc202/update-changelog
  • 8c990b9 Prepare next dev version
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [zaproxy/action-baseline](https://github.com/zaproxy/action-baseline) from 0.3.0 to 0.9.0.
- [Release notes](https://github.com/zaproxy/action-baseline/releases)
- [Changelog](https://github.com/zaproxy/action-baseline/blob/master/CHANGELOG.md)
- [Commits](zaproxy/action-baseline@v0.3.0...v0.9.0)

---
updated-dependencies:
- dependency-name: zaproxy/action-baseline
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Aug 28, 2023
@dependabot @github

dependabot Bot commented on behalf of github Nov 6, 2023

Copy link
Copy Markdown
Contributor Author

Superseded by #14.

@dependabot dependabot Bot closed this Nov 6, 2023
@dependabot dependabot Bot deleted the dependabot/github_actions/zaproxy/action-baseline-0.9.0 branch November 6, 2023 18:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants