Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update zaproxy-baseline GitHub Action reference #2313

Merged
merged 3 commits into from
Jan 31, 2025
Merged

Update zaproxy-baseline GitHub Action reference #2313

merged 3 commits into from
Jan 31, 2025

Conversation

ccostino
Copy link
Contributor

A note to PR reviewers: it may be helpful to review our code review documentation to know what to keep in mind while reviewing pull requests.

Description

This changeset explicitly enables the FEATURE_ABOUT_PAGE_ENABLED feature flag for our dynamic scans to make sure that all pages are scanned, regardless if they are enabled on our production site or not.

Security Considerations

  • This makes sure the about pages are always accessible in the dynamic scans no matter what, but does not change the flag in any other environment the application is actually deployed to.

A11y Checks (if applicable)

  • Double check work is getting picked up by the automated E2E tests
  • Conduct browser-based tests through AxeDevTools and WAVE
  • Review the Manual Checklist
  • Make sure there are no linting errors in VSCode or other IDE of choice

@ccostino
This changeset explicitly enables the FEATURE_ABOUT_PAGE_ENABLED feat…
4ae351b 
…ure flag for our dynamic scans to make sure that all pages are scanned, regardless if they are enabled on our production site or not.

Signed-off-by: Carlo Costino <[email protected]>
@ccostino ccostino added engineering bug github_actions Pull requests that update GitHub Actions code labels Jan 30, 2025
@ccostino ccostino self-assigned this Jan 30, 2025
@ccostino ccostino changed the title This changeset explicitly enables the FEATURE_ABOUT_PAGE_ENABLED feat… Address dynamic scan warnings Jan 30, 2025
@ccostino ccostino removed the bug label Jan 30, 2025
@ccostino ccostino mentioned this pull request Jan 30, 2025
Closed
3 tasks
@ccostino ccostino changed the title Address dynamic scan warnings Update zaproxy-baseline GitHub Action Jan 31, 2025
@ccostino ccostino changed the title Update zaproxy-baseline GitHub Action Update zaproxy-baseline GitHub Action reference Jan 31, 2025
@terrazoon terrazoon merged commit 9e1ec46 into main Jan 31, 2025
11 checks passed
@terrazoon terrazoon deleted the enable-about-page-in-dynamic-scans branch January 31, 2025 16:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xlorepdarkhelm xlorepdarkhelm xlorepdarkhelm approved these changes

@terrazoon terrazoon terrazoon approved these changes

@A-Shumway42 A-Shumway42 A-Shumway42 approved these changes

@stvnrlly stvnrlly Awaiting requested review from stvnrlly

@alexjanousekGSA alexjanousekGSA Awaiting requested review from alexjanousekGSA

Assignees

@ccostino ccostino

Labels
engineering github_actions Pull requests that update GitHub Actions code
Projects
Notify.gov product board
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ccostino @xlorepdarkhelm @terrazoon @A-Shumway42