Carlo Costino
eadd8dddb5
Update GitHub Action References
...
This changeset updates many of our GitHub Action references to point to the latest versions to ensure they are kept up-to-date. This helps address any improvements and security patches that have been made to them.
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov >
2025-02-19 16:56:09 -05:00
ccostino
77248b8bf0
Merge pull request #2345 from GSA/2344-reverting-back-100000-messages-to-250000-messages-in-front-of-login
...
reverting back to 250,000
2025-02-19 14:23:59 -05:00
Andrew Shumway
a8d036a3e5
Merge pull request #2340 from GSA/dependabot/pip/pyproj-3.7.1
...
Bump pyproj from 3.6.1 to 3.7.1
2025-02-19 12:22:49 -07:00
dependabot[bot]
05a746a042
Bump pyproj from 3.6.1 to 3.7.1
...
Bumps [pyproj](https://github.com/pyproj4/pyproj ) from 3.6.1 to 3.7.1.
- [Release notes](https://github.com/pyproj4/pyproj/releases )
- [Changelog](https://github.com/pyproj4/pyproj/blob/main/docs/history.rst )
- [Commits](https://github.com/pyproj4/pyproj/compare/3.6.1...3.7.1 )
---
updated-dependencies:
- dependency-name: pyproj
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-19 18:58:30 +00:00
Andrew Shumway
84acce48c4
Merge pull request #2335 from GSA/dependabot/pip/newrelic-10.6.0
...
Bump newrelic from 10.2.0 to 10.6.0
2025-02-19 11:55:21 -07:00
Beverly Nguyen
1bbc49c0ad
reverting back to 250,000
2025-02-19 10:06:41 -08:00
Alex Janousek
bcd7ead5ec
Merge pull request #2338 from GSA/dependabot/npm_and_yarn/babel/core-7.26.9
...
Bump @babel/core from 7.26.8 to 7.26.9
2025-02-19 12:52:53 -05:00
ccostino
0405c92f69
Merge pull request #2311 from GSA/2171-clean-up-titles
...
Pluralization around text, fixing conditionals, making bar chart more visible
2025-02-19 12:45:20 -05:00
Beverly Nguyen
ad1f83e80e
Merge branch 'main' into 2171-clean-up-titles
2025-02-19 09:05:16 -08:00
dependabot[bot]
44778349f0
Bump @babel/core from 7.26.8 to 7.26.9
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.26.8 to 7.26.9.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.26.9/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-19 16:28:48 +00:00
Alex Janousek
5b46a4e1d7
Merge pull request #2337 from GSA/dependabot/npm_and_yarn/babel/preset-env-7.26.9
...
Bump @babel/preset-env from 7.26.7 to 7.26.9
2025-02-19 11:27:43 -05:00
Alex Janousek
91bea21607
Merge pull request #2339 from GSA/dependabot/npm_and_yarn/sass-embedded-1.85.0
...
Bump sass-embedded from 1.83.4 to 1.85.0
2025-02-19 11:27:33 -05:00
Alex Janousek
ab497be1f8
Merge pull request #2341 from GSA/dependabot/npm_and_yarn/rollup-4.34.8
...
Bump rollup from 4.34.6 to 4.34.8
2025-02-19 11:27:15 -05:00
dependabot[bot]
5b88eefe27
Bump rollup from 4.34.6 to 4.34.8
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.34.6 to 4.34.8.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.34.6...v4.34.8 )
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-17 23:50:56 +00:00
dependabot[bot]
34e8647fba
Bump sass-embedded from 1.83.4 to 1.85.0
...
Bumps [sass-embedded](https://github.com/sass/embedded-host-node ) from 1.83.4 to 1.85.0.
- [Changelog](https://github.com/sass/embedded-host-node/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/embedded-host-node/compare/1.83.4...1.85.0 )
---
updated-dependencies:
- dependency-name: sass-embedded
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-14 23:48:09 +00:00
dependabot[bot]
2fdedc1b4f
Bump @babel/preset-env from 7.26.7 to 7.26.9
...
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ) from 7.26.7 to 7.26.9.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.26.9/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-14 23:47:50 +00:00
dependabot[bot]
db1f929dba
Bump newrelic from 10.2.0 to 10.6.0
...
Bumps [newrelic](https://github.com/newrelic/newrelic-python-agent ) from 10.2.0 to 10.6.0.
- [Release notes](https://github.com/newrelic/newrelic-python-agent/releases )
- [Commits](https://github.com/newrelic/newrelic-python-agent/compare/v10.2.0...v10.6.0 )
---
updated-dependencies:
- dependency-name: newrelic
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-13 23:35:51 +00:00
Andrew Shumway
e7953262a3
Merge pull request #2329 from GSA/dependabot/pip/botocore-1.35.99
...
Bump botocore from 1.35.51 to 1.35.99
2025-02-13 10:44:03 -07:00
dependabot[bot]
89cfbd989d
Bump botocore from 1.35.51 to 1.35.99
...
Bumps [botocore](https://github.com/boto/botocore ) from 1.35.51 to 1.35.99.
- [Commits](https://github.com/boto/botocore/compare/1.35.51...1.35.99 )
---
updated-dependencies:
- dependency-name: botocore
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-12 21:41:11 +00:00
Andrew Shumway
479cca3adb
Merge pull request #2330 from GSA/dependabot/pip/cryptography-44.0.1
...
Bump cryptography from 43.0.3 to 44.0.1
2025-02-12 14:39:05 -07:00
dependabot[bot]
cc6a66f790
Bump cryptography from 43.0.3 to 44.0.1
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 43.0.3 to 44.0.1.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/43.0.3...44.0.1 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-11 19:17:18 +00:00
Alex Janousek
0c1dd129e0
Merge pull request #2326 from GSA/dependabot/npm_and_yarn/rollup-4.34.6
...
Bump rollup from 4.34.4 to 4.34.6
2025-02-11 11:41:40 -05:00
Alex Janousek
d70a80f4a6
Merge pull request #2328 from GSA/dependabot/npm_and_yarn/babel/core-7.26.8
...
Bump @babel/core from 7.26.7 to 7.26.8
2025-02-11 11:41:25 -05:00
dependabot[bot]
78cfafae94
Bump @babel/core from 7.26.7 to 7.26.8
...
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core ) from 7.26.7 to 7.26.8.
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.26.8/packages/babel-core )
---
updated-dependencies:
- dependency-name: "@babel/core"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-10 23:18:16 +00:00
ccostino
3016aff185
Merge pull request #2261 from GSA/dependabot/pip/vulture-2.14
...
Bump vulture from 2.13 to 2.14
2025-02-10 16:13:02 -05:00
dependabot[bot]
4726143fb7
Bump vulture from 2.13 to 2.14
...
Bumps [vulture](https://github.com/jendrikseipp/vulture ) from 2.13 to 2.14.
- [Release notes](https://github.com/jendrikseipp/vulture/releases )
- [Changelog](https://github.com/jendrikseipp/vulture/blob/main/CHANGELOG.md )
- [Commits](https://github.com/jendrikseipp/vulture/compare/v2.13...v2.14 )
---
updated-dependencies:
- dependency-name: vulture
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-10 19:06:21 +00:00
ccostino
a4963b8263
Merge pull request #2321 from GSA/notify-admin-2315
...
dynamic scan warnings
2025-02-10 14:05:22 -05:00
ccostino
22f729d652
Merge pull request #2289 from GSA/notify-admin-2286
...
redis report
2025-02-10 12:45:44 -05:00
dependabot[bot]
38fad44a15
Bump rollup from 4.34.4 to 4.34.6
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.34.4 to 4.34.6.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.34.4...v4.34.6 )
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-07 23:58:26 +00:00
Kenneth Kehl
208891a71a
ignore source code disclosure java as a false positive
2025-02-06 11:42:31 -08:00
Kenneth Kehl
afd3d94790
try again
2025-02-06 11:33:58 -08:00
Kenneth Kehl
515419e0a2
try to block serving node files
2025-02-06 11:26:44 -08:00
Kenneth Kehl
d16eb70765
try to fix svg content type
2025-02-06 10:52:53 -08:00
Kenneth Kehl
39fd87064b
try to remove comments
2025-02-06 08:25:39 -08:00
Kenneth Kehl
5c6b4132a9
try to remove comments
2025-02-06 08:10:15 -08:00
Alex Janousek
b12f124b62
Merge pull request #2322 from GSA/dependabot/npm_and_yarn/rollup-4.34.4
...
Bump rollup from 4.34.1 to 4.34.4
2025-02-06 07:45:49 -05:00
dependabot[bot]
af8f8a9c17
Bump rollup from 4.34.1 to 4.34.4
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.34.1 to 4.34.4.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.34.1...v4.34.4 )
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-05 23:35:14 +00:00
Kenneth Kehl
23e10b1529
tuple
2025-02-05 10:56:32 -08:00
Kenneth Kehl
545bf10e0d
tuple
2025-02-05 10:47:25 -08:00
Kenneth Kehl
12a2290ea9
dynamic scan warnings
2025-02-05 10:35:30 -08:00
Alex Janousek
5ffb4ddacf
Merge pull request #2319 from GSA/dependabot/npm_and_yarn/rollup-4.34.1
...
Bump rollup from 4.32.0 to 4.34.1
2025-02-04 11:30:10 -05:00
Alex Janousek
0a538c4c1d
Merge pull request #2317 from GSA/dependabot/npm_and_yarn/playwright-1.50.1
...
Bump playwright from 1.50.0 to 1.50.1
2025-02-04 11:29:56 -05:00
dependabot[bot]
d29260d7b6
Bump rollup from 4.32.0 to 4.34.1
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.32.0 to 4.34.1.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.32.0...v4.34.1 )
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-02-03 23:46:04 +00:00
Kenneth Kehl
bd619af421
merge from main
2025-02-03 09:01:12 -08:00
dependabot[bot]
91faaebcfd
Bump playwright from 1.50.0 to 1.50.1
...
Bumps [playwright](https://github.com/microsoft/playwright ) from 1.50.0 to 1.50.1.
- [Release notes](https://github.com/microsoft/playwright/releases )
- [Commits](https://github.com/microsoft/playwright/compare/v1.50.0...v1.50.1 )
---
updated-dependencies:
- dependency-name: playwright
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-01-31 23:50:58 +00:00
Kenneth Kehl
9e1ec466f5
Merge pull request #2313 from GSA/enable-about-page-in-dynamic-scans
...
Update zaproxy-baseline GitHub Action reference
2025-01-31 08:44:38 -08:00
Carlo Costino
d627ba62de
Update reference in daily check action
...
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov >
2025-01-31 11:08:48 -05:00
Carlo Costino
0ba489df78
Update reference to zaproxy/action-baseline to 0.14.0
...
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov >
2025-01-31 10:46:32 -05:00
Carlo Costino
4ae351b1f6
This changeset explicitly enables the FEATURE_ABOUT_PAGE_ENABLED feature flag for our dynamic scans to make sure that all pages are scanned, regardless if they are enabled on our production site or not.
...
Signed-off-by: Carlo Costino <carlo.costino@gsa.gov >
2025-01-30 16:32:12 -05:00
Beverly Nguyen
704fe322ba
Merge pull request #2300 from GSA/2125-send-message-a11y-audit---unique-ids
...
Send Message A11Y Audit - Unique IDs and Required Field
2025-01-30 12:07:45 -08:00