simon-biber
commented
1 year ago It would also be nice for the extension to provide a option to publish the findings as failed tests, as if they are unit tests that failed. Then we could use the Test Results dashboard for the pipeline to make Azure DevOps show on the dashboard a graph of how many vulnerabilities were found over time.
Issues and Contributing
Currently these two options from the Azure DevOps (extension).
Generate findings report? - Option used to generate a raw JSON report that contains all findings from a completed scan. Upload report output? - Uploads any generated reports to build pipeline artifacts or release pipeline logs.
Just output a json that you have to download the log to find and then try to dig though. While this works for tech minded people, it would be nice to have the extension be able to convert to an xml file and display in Azure DevOps in a more human readable format.
Expected Behavior
improvement
After scan and creation of the json output, convert to an xml file and display in Azure DevOps in a more human readable format.
Actual Behavior
improvement
Currently the reports are just not human readable (pretty).
Possible Solution
improvement
Convert the output json, to an xml file that Azure DevOps can display a tab for the Scan Output.
Steps to Reproduce (for bugs)
(n/a)
Your Environment
1.2.3 (Latest)
Other relevant information
(n/a)