Open pauleustice opened 2 months ago
And the same readme also says:
[!IMPORTANT] upload-artifact@v4+ is not currently supported on GHES yet. If you are on GHES, you must use v3.
There are users of the ZAP actions on GHES.
That's a good spot. Could the update to use v4 be a breaking change major version update?
Hi there,
We use the zap-full-scan-action and have noticed deprecation warnings in our pipeline. It seems to use this
actions-common
repo, which in turn has a very outdated version of"@actions/artifact": "^1.1.0"
.As per the alert on the repo's README:
Please could this be updated (and the updated version propagated to any consuming repos, such as
zap-full-scan-action
) urgently, to ensure these useful tools continue to be usable?Can I also humbly suggest enabling Dependabot to ensure dependencies are maintained going forwards? My team wrote an action, Dependabot Batcher, that you might find useful.
Thanks!