From 338f6f784a956c1ab1d87cb637b64964f1311cd2 Mon Sep 17 00:00:00 2001
From: Favee <mac@MacBook-Pro.local>
Date: Fri, 11 Apr 2025 09:49:51 +0100
Subject: [PATCH] added project key and org key to sonar.yml

---
 .github/workflows/security.yml | 11 ++++++++++-
 .zap/rules.tsv                 |  0
 2 files changed, 10 insertions(+), 1 deletion(-)
 create mode 100644 .zap/rules.tsv

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 3c3a8bbbd..4d581b820 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -20,10 +20,18 @@ jobs:
         java-version: '17'
         distribution: 'temurin'
         cache: maven
+
+    - name: Cache OWASP Dependency-Check data
+      uses: actions/cache@v2
+      with:
+        path: ~/.m2/repository/org/owasp/dependency-check-data
+        key: ${{ runner.os }}-dependency-check-${{ hashFiles('**/pom.xml') }}
+        restore-keys: |
+          ${{ runner.os  }}-dependency-check-
     
     - name: Run OWASP Dependency Check
       run: ./mvnw org.owasp:dependency-check-maven:check
-    
+
     - name: Archive dependency check results
       uses: actions/upload-artifact@v4
       with:
@@ -74,6 +82,7 @@ jobs:
       uses: zaproxy/action-baseline@v0.7.0
       with:
         target: 'http://localhost:8080'
+        docker_name: 'ghcr.io/zaproxy/zaproxy:stable'
         rules_file_name: '.zap/rules.tsv'
         cmd_options: '-a'
     
diff --git a/.zap/rules.tsv b/.zap/rules.tsv
new file mode 100644
index 000000000..e69de29bb