Skip to content

fix(deps): update dependency org.owasp:dependency-check-maven to v11.1.1 #3893

fix(deps): update dependency org.owasp:dependency-check-maven to v11.1.1

fix(deps): update dependency org.owasp:dependency-check-maven to v11.1.1 #3893

Workflow file for this run

name: DAST with ZAP
on:
pull_request:
branches: [master]
workflow_dispatch:
permissions:
contents: read
jobs:
test-dast:
name: DAST test with ZAP
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 23
uses: actions/setup-java@v4
with:
java-version: "23"
distribution: "oracle"
- name: Clean install
run: ./mvnw --no-transfer-progress clean install -DskipTests -Ddependency-check.skip -Dcyclonedx.skip=true -Dexec.skip
- name: Start wrongsecrets
run: nohup ./mvnw spring-boot:run -Dspring-boot.run.profiles=without-vault &
- name: ZAP Scan
uses: zaproxy/[email protected]
env:
ZAP_AUTH_HEADER_VALUE: "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="
ZAP_AUTH_HEADER: "Authorization"
with:
allow_issue_writing: false
docker_name: "ghcr.io/zaproxy/zaproxy:stable"
target: "http://localhost:8080"
rules_file_name: config/zap/rule-config.tsv
fail_action: true
cmd_options: '-z "-configFile /zap/wrk/config/zap/options.prop" -a'