The repo referenced in this file for getting the docker-ci-zap tool is still pointing to an old account, which has been repo jacked by a security researcher and has a pseudo-malicious version of the app living there (it just pings their server when someone uses the tool and passes over environment variables). The correct repo is updated in this PR.
Please update this as it isn't the correct application and although isn't malicious, it could have been!
The repo referenced in this file for getting the docker-ci-zap tool is still pointing to an old account, which has been repo jacked by a security researcher and has a pseudo-malicious version of the app living there (it just pings their server when someone uses the tool and passes over environment variables). The correct repo is updated in this PR.
Please update this as it isn't the correct application and although isn't malicious, it could have been!