In the current version of ZAP, the report XML can contain muliple <Site /> elements. In the zap-sonar-plugin, all sites will be looped over, but only the last site gets eventually reported. I added support to add the alertitems for all sites.
In the current version of ZAP, the report XML contains <instance/> elements that contain the <uri/>, <method/> etc.. The plugin didn't evaluate the <instances/>, so URI etc. weren't present in the description. I added handling of those elements.
I also added a view rules that are evaluated in the baseline scan and need to be present on the SonarQube server (best effort).
In the current version of ZAP, the report XML can contain muliple
<Site />elements. In the zap-sonar-plugin, all sites will be looped over, but only the last site gets eventually reported. I added support to add the alertitems for all sites.In the current version of ZAP, the report XML contains
<instance/>elements that contain the<uri/>,<method/>etc.. The plugin didn't evaluate the<instances/>, so URI etc. weren't present in the description. I added handling of those elements.I also added a view rules that are evaluated in the baseline scan and need to be present on the SonarQube server (best effort).