Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update names and default Docker image #106

Merged
merged 1 commit into from
Aug 2, 2023
Merged

Update names and default Docker image #106

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ All notable changes to this GitHub action will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

## [Unreleased]
### Changed
- The default Docker image was changed to `ghcr.io/zaproxy/zaproxy:stable`.

## [0.8.2] - 2023-07-04
### Fixed
Expand Down
6 changes: 2 additions & 4 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Action Baseline

A GitHub Action for running the OWASP ZAP [Baseline scan](https://www.zaproxy.org/docs/docker/baseline-scan/) to find vulnerabilities in your web application.
A GitHub Action for running the ZAP [Baseline scan](https://www.zaproxy.org/docs/docker/baseline-scan/) to find vulnerabilities in your web application.

The ZAP baseline action scans a target URL for vulnerabilities and maintains an issue in GitHub repository for the
identified alerts. Read the following [blog post](https://www.zaproxy.org/blog/2020-04-09-automate-security-testing-with-zap-and-github-actions)
Expand Down Expand Up @@ -85,7 +85,7 @@ jobs:
uses: zaproxy/[email protected]
with:
token: ${{ secrets.GITHUB_TOKEN }}
docker_name: 'owasp/zap2docker-stable'
docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
target: 'https://www.zaproxy.org'
rules_file_name: '.zap/rules.tsv'
cmd_options: '-a'
Expand Down Expand Up @@ -114,8 +114,6 @@ ZAP is internationalised and alert information is available in many languages.

You can change the language used by this action by changing the locale via the `cmd_options` e.g.: `-z "-config view.locale=fr_FR"`

This is currently only available with the `owasp/zap2docker-weekly` or `owasp/zap2docker-live` Docker images.

See [https://github.com/zaproxy/zaproxy/tree/main/zap/src/main/dist/lang](https://github.com/zaproxy/zaproxy/tree/main/zap/src/main/dist/lang) for the full set of locales currently supported.

You can help improve ZAP translations via [https://crowdin.com/project/owasp-zap](https://crowdin.com/project/owasp-zap).
6 changes: 3 additions & 3 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
name: 'OWASP ZAP Baseline Scan'
description: 'Scans the web application with the OWASP ZAP Baseline Scan'
name: 'ZAP Baseline Scan'
description: 'Scans the web application with the ZAP Baseline Scan'
branding:
icon: 'zap'
color: 'blue'
Expand All @@ -17,7 +17,7 @@ inputs:
docker_name:
description: 'The Docker file to be executed'
required: true
default: 'owasp/zap2docker-stable'
default: 'ghcr.io/zaproxy/zaproxy:stable'
cmd_options:
description: 'Additional command line options'
required: false
Expand Down
Loading