tdshipley
commented
5 years ago Yep will do - just wanted to get this PR raised before I leave the office :)
Closed tdshipley closed 5 years ago
tdshipley
commented
5 years ago Yep will do - just wanted to get this PR raised before I leave the office :)
tdshipley
commented
5 years ago @omerlh Added a test for this. It relies on stubbing out the client HTTP calls and checks that the slack reporter makes an HTTP request to the slack API after running that includes findings in the attachment field and the updated message in the text field.
I did consider changing the reporter code so the client itself could be stubbed but it seemed better to just stub out the HTTP requests and leave the reporter code mostly unchanged.
Summary
Currently, the Slack reporter puts all the findings from glue into one big formatted string and sends this as a message to slack. However, depending on how long this message gets it can flood a channel. Instead by setting the message as an attachment the message will be collapsed after 700 chars or 5+ line breaks. (see https://api.slack.com/docs/message-attachments - Attachment Params, Text to see more. I know the docs are out of date but testing myself suggests the rule is still true).
Change
Instead of sending a large message now the bot sends a message saying it has results and then a text attachment with the results in it.