Skip to content

Update naming guidance in CONTRIBUTING.md #488

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 30, 2025
Merged

Update naming guidance in CONTRIBUTING.md #488

merged 1 commit into from
Jul 30, 2025

Conversation

kingthorin
Copy link
Member

As noticed in: #487 (review)

psiinon
psiinon approved these changes Jul 30, 2025
View reviewed changes
Copy link
Member

@psiinon psiinon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ha! Good spot

@psiinon
Copy link
Member

psiinon commented Jul 30, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsab1d8211-7601-4d1e-bd86-a159fb6350ca

New Issues (6)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
HIGH Last User Is 'root' /docker-wrapper: 10
detailsLeaving the last user as root can cause security risks. Change to another user after running the commands the need privileges
ID: 48tNdC6UziXyOGUccQZn3tPPzi4%3D
MEDIUM Use_of_Broken_or_Risky_Cryptographic_Algorithm /payloadgenerator/associated_fields.py: 34
detailsIn , the application protects sensitive data using a cryptographic algorithm, hexdigest, that is considered weak or even trivially broken, in /payl...
ID: CNnVh4l8dtrFt9tVEtyvzAiIUj4%3D
Attack Vector
LOW MAINTAINER Instruction Being Used /docker-wrapper: 3
detailsThe MAINTAINER instruction sets the Author field of the generated images. The LABEL instruction is a much more flexible version of this and you sh...
ID: nlHBIHIr9RZHoVXOgGxJ9hQCHFA%3D
LOW Unpinned Actions Full Length Commit SHA /codeql.yml: 31
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA help...
ID: z89ONTXYaYdPcNUEzfFqPVDqGfU%3D
LOW Unpinned Actions Full Length Commit SHA /codeql.yml: 34
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA help...
ID: wmF9HbZcEd4Px83a0Vg%2BO%2F%2B%2B4BU%3D
LOW Unpinned Actions Full Length Commit SHA /codeql.yml: 35
detailsPinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA help...
ID: ivv4LqDvobLaIQBf4po7RJO0z9E%3D
Fixed Issues (1)

Great job! The following issues were fixed in this Pull Request

Severity Issue Source File / Package
LOW Filtering_Sensitive_Logs /other/api/sdlc-integration/core/scan_module/scan.py: 219

@thc202
Copy link
Member

thc202 commented Jul 30, 2025

Why the change if CameCase is CamelCase.

@kingthorin
Copy link
Member Author

Just so that we don't end-up with people debating camelCase vs CamelCase.

@thc202
Copy link
Member

thc202 commented Jul 30, 2025

Who? Where?

@kingthorin
Copy link
Member Author

Who? 🤷‍♂️ Preemptively.
Where? PRs or if/when we actually rename older/existing scripts.

Seemed worth clarifying since there is an "industry" term for it differentiating leading cap vs leading small.

@thc202 thc202 merged commit 8c8ddd1 into zaproxy:main Jul 30, 2025
9 checks passed
@kingthorin kingthorin deleted the tweak-file-naming branch July 30, 2025 16:10
@thc202
Copy link
Member

thc202 commented Jul 30, 2025

I don't know about the "industry" but okay.

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@psiinon psiinon psiinon approved these changes

@thc202 thc202 thc202 approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kingthorin @psiinon @thc202