DEPRECATION: This will stop working on June 30, 2024

[pauleustice]

Hi there,

We use the zap-full-scan-action and have noticed deprecation warnings in our pipeline. It seems to use this actions-common repo, which in turn has a very outdated version of "@actions/artifact": "^1.1.0".

As per the alert on the repo's README:

actions/upload-artifact@v3 is scheduled for deprecation on November 30, 2024. Similarly, v1/v2 are scheduled for deprecation on June 30, 2024. Please update your workflow to use v4 of the artifact actions.

Please could this be updated (and the updated version propagated to any consuming repos, such as zap-full-scan-action) urgently, to ensure these useful tools continue to be usable?

Can I also humbly suggest enabling Dependabot to ensure dependencies are maintained going forwards? My team wrote an action, Dependabot Batcher, that you might find useful.

Thanks!

[thc202]

And the same readme also says:

[!IMPORTANT] upload-artifact@v4+ is not currently supported on GHES yet. If you are on GHES, you must use v3.

There are users of the ZAP actions on GHES.

[pauleustice]

That's a good spot. Could the update to use v4 be a breaking change major version update?