Skip to content

chore(deps): bump zaproxy/action-baseline from 0.14.0 to 0.15.0#1914

Merged
pethers merged 1 commit into
mainfrom
dependabot/github_actions/zaproxy/action-baseline-0.15.0
May 10, 2026
Merged

chore(deps): bump zaproxy/action-baseline from 0.14.0 to 0.15.0#1914
pethers merged 1 commit into
mainfrom
dependabot/github_actions/zaproxy/action-baseline-0.15.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 10, 2026

Bumps zaproxy/action-baseline from 0.14.0 to 0.15.0.

Release notes

Sourced from zaproxy/action-baseline's releases.

Version 0.15.0

Changed

  • Update dependencies.
  • Run with node24.
Changelog

Sourced from zaproxy/action-baseline's changelog.

Changelog

All notable changes to this GitHub action will be documented in this file.

The format is based on Keep a Changelog.

[Unreleased]

Changed

Update dependencies.

[0.15.0] - 2025-10-22

Changed

  • Update dependencies.
  • Run with node24.

[0.14.0] - 2024-11-20

Changed

  • Update dependencies to stop using deprecated upload-artifact version.

[0.13.0] - 2024-09-25

Changed

  • Update dependencies, which adds rate-limiting when accessing the GitHub API.

Fixed

  • Allow to write any file from the Docker container. #118

[0.12.0] - 2024-04-02

Changed

  • Update dependencies.

[0.11.0] - 2024-01-25

Changed

  • Run with node20. #114

[0.10.0] - 2023-10-31

Added

  • Support for authentication environment variables.

Fixed

  • Update Crowdin link.

[0.9.0] - 2023-08-02

Changed

  • The default Docker image was changed to ghcr.io/zaproxy/zaproxy:stable.

[0.8.2] - 2023-07-04

Fixed

  • Fix an issue introduced in the previous release that prevented the use of the default GitHub authentication token to raise issues.

[0.8.1] - 2023-07-03

Fixed

... (truncated)

Commits
  • de8ad96 Merge pull request #143 from thc202/release-v0.15.0
  • f5ca774 Release v0.15.0
  • 5518416 Merge pull request #142 from zaproxy/dependabot/npm_and_yarn/brace-expansion-...
  • e429174 Bump brace-expansion from 1.1.11 to 1.1.12
  • 85f1db6 Merge pull request #141 from thc202/nodejs24
  • e525ed6 Bump Node.js and update dependencies
  • aeed8ca Merge pull request #137 from zaproxy/dependabot/npm_and_yarn/octokit/endpoint...
  • b57022e Update dist file and changelog
  • 1374ee7 Bump @​octokit/endpoint from 10.1.1 to 10.1.4
  • adc29ad Merge pull request #136 from zaproxy/dependabot/npm_and_yarn/babel/helpers-7....
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump zaproxy/action-baseline from 0.14.0 to 0.15.0
1ee44aa 
Bumps [zaproxy/action-baseline](https://github.com/zaproxy/action-baseline) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/zaproxy/action-baseline/releases)
- [Changelog](https://github.com/zaproxy/action-baseline/blob/master/CHANGELOG.md)
- [Commits](zaproxy/action-baseline@7c4deb1...de8ad96)

---
updated-dependencies:
- dependency-name: zaproxy/action-baseline
  dependency-version: 0.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Dependency updates github-actions labels May 10, 2026
Copilot AI review requested due to automatic review settings May 10, 2026 07:12
@dependabot dependabot Bot requested a review from pethers as a code owner May 10, 2026 07:12
@dependabot dependabot Bot added dependencies Dependency updates github-actions labels May 10, 2026
@dependabot dependabot Bot review requested due to automatic review settings May 10, 2026 07:12
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 10, 2026

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/zaproxy/action-baseline de8ad967d3548d44ef623df22cf95c3b0baf8b25 🟢 5.5
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Code-Review🟢 10all changesets reviewed
Maintained🟢 1025 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • .github/workflows/zap-scan.yml

@github-actions github-actions Bot added the infrastructure CI/CD and build infrastructure label May 10, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 10, 2026

📸 Automated UI Screenshots

📋 Screenshots Captured (8)

# Screenshot
1 01-splash-screen.png - 01 splash screen.png
2 02-intro-screen-menu.png - 02 intro screen menu.png
3 03-intro-screen-archetype-selector.png - 03 intro screen archetype selector.png
4 04-controls-screen.png - 04 controls screen.png
5 05-philosophy-screen.png - 05 philosophy screen.png
6 06-training-screen.png - 06 training screen.png
7 07-combat-screen-practice.png - 07 combat screen practice.png
8 08-combat-screen-versus.png - 08 combat screen versus.png

📦 Download Screenshots

📥 Download all screenshots from workflow artifacts

Screenshots are preserved as workflow artifacts for 30 days.

🤖 Generated by Playwright automation

@pethers pethers merged commit c16c127 into main May 10, 2026
10 of 11 checks passed
@pethers pethers deleted the dependabot/github_actions/zaproxy/action-baseline-0.15.0 branch May 10, 2026 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pethers pethers pethers approved these changes

Assignees

No one assigned

Labels

dependencies Dependency updates github-actions infrastructure CI/CD and build infrastructure

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pethers