Open dbartholomae opened 2 years ago
Hiya @dbartholomae ! Thanks for the PR and this issue - really good feedback. As you've probably worked out, the ZAP actions have not had much love recently. We are a small core team and have loads to do 😉 I completely agree with the desire for a testing framework - its actually one of the reasons I've been nervous about touching this code as well! I have added an action which runs the baseline scan, and plan to add that to the other actions, but more tests would be really good, esp for this repo. It would be really great if you could help us out - feel free to carry on the chat here, or contact me directly - I should be easy to find on email / twitter etc. Very happy to have a video call about the actions as well if you like?
Hi there!
I've just implemented the GitHub Actions at a company, and there are some things which are cumbersome around the workflow. This issue specifically addresses the "Issue" created and missing information in it.
The individual alerts are hard to understand without more context.
To solve this, I would add information about the severity and add a link to the description for each alert. I already provided a PR (#43) for this.
It's hard to see which alerts are more and which are less important
For this, I would group the alerts by severity.
There's no good summary for the overall report
Here, I would recreate the summary table from the markdown report and add it to the top of the issue.
In addition, I would like to add a testing framework and some tests to be able to more confidently work on the code.