Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CI: Add ZAP (Baseline) for DAST scanning #520

Merged
merged 3 commits into from
Jun 19, 2022
Merged

CI: Add ZAP (Baseline) for DAST scanning #520

merged 3 commits into from
Jun 19, 2022

Conversation

daniel-ac-martin
Copy link
Owner

@daniel-ac-martin daniel-ac-martin commented Jun 15, 2022
edited
Loading

Partially addresses: #487

@github-actions github-actions bot temporarily deployed to commit June 15, 2022 13:12 Inactive
github-actions[bot]
github-actions bot reviewed Jun 15, 2022
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Scan Summary

Tool Critical High Medium Low Status
Dependency Scan (nodejs) 1 9 3 0
Security Audit for Infrastructure 0 0 0 0
Secrets Audit 0 67 0 0

Recommendation

Please review the findings from Code scanning alerts before approving this pull request. You can also configure the build rules or add suppressions to customize this bot 👍

@cypress
Copy link

cypress bot commented Jun 15, 2022
edited
Loading


Test summary

34 0 21 0

Run details
Project NotGovUK
Status Passed
Commit f684c45
Started Jun 19, 2022 9:28 PM
Ended Jun 19, 2022 9:42 PM
Duration 13:39 💡
OS Linux Ubuntu - 20.04
Browser Multiple

View run in Cypress Dashboard ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@cypress
Copy link

cypress bot commented Jun 15, 2022
edited
Loading


Test summary

33 0 21 0

Run details
Project NotGovUK
Status Passed
Commit 72f2a72 ℹ️
Started Jun 19, 2022 9:28 PM
Ended Jun 19, 2022 9:41 PM
Duration 13:08 💡
OS Linux Ubuntu - 20.04
Browser Multiple

View run in Cypress Dashboard ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Dashboard

@github-actions github-actions bot temporarily deployed to commit June 15, 2022 13:32 Inactive
@github-actions github-actions bot temporarily deployed to commit June 17, 2022 20:43 Inactive
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 13:01 Inactive
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 17:00 Inactive
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 17:08 Inactive
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 17:39 Inactive
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 21:28 Inactive
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 21:42 Inactive
@daniel-ac-martin
CI: Add ZAP (Baseline) for DAST scanning
0856906 
Runs ZAP Baseline against applications and deployments.
@daniel-ac-martin
CI: Make wording clearer
88dc735
@daniel-ac-martin
CI: Just scan deployments for now
e26051a 
We will need a way to stand-up the application prior to running the
scan.
@github-actions github-actions bot temporarily deployed to commit June 19, 2022 21:57 Inactive
@daniel-ac-martin daniel-ac-martin merged commit 9a62b88 into master Jun 19, 2022
@daniel-ac-martin daniel-ac-martin deleted the zap branch June 19, 2022 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

Assignees
No one assigned
Labels
security findings
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@daniel-ac-martin