Document Active Checks
Problem to solve
Released browser-based DAST scanner Active Checks are not documented.
All passive checks are documented in https://docs.gitlab.com/ee/user/application_security/dast/checks/ and are generated using the how-to-generate-the-markdown-documentation.md process. Active checks are not included in this process.
Implementation Plan
-
The structs that represent the passive checks are defined in browserker and the DAST CWE checks projects. Rather than copying the struct from browserker to CWE check, consider either: - Moving the generation process to browserker (recommended)
- Extracting YAMLActiveAttack and YAMLPassiveAttack to their own project
-
Ensure the generation documentation is updated with new instructions or a link to the new instructions in browserker
-
Update the generation script to build active checks -
Optional - Add a CI job that fails when documentation needs to be regenerated (but do not fail the build)
Edited by Craig Smith