Skip to content

Add dast documentation [TAROT-3247] #2371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Apr 10, 2025
Merged

Add dast documentation [TAROT-3247] #2371

merged 9 commits into from
Apr 10, 2025

Conversation

joanasteodoro
Copy link
Contributor

@joanasteodoro joanasteodoro commented Apr 4, 2025
edited
Loading

👀 Live preview

🚧 To do

  • If relevant, include the Jira issue key at the end of the pull request title
  • Perform a self-review of the changes
  • Fix any issues reported by the CI/CD

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 4, 2025
edited
Loading

Overall readability score: 53.32 (🟢 +0.07)

File Readability
roles-and-permissions-for-organizations.md 56.35 (🔴 -1.61)
managing-security-and-risk.md 52.68 (🟢 +0.6)
configuring-your-repository.md 30.06 (🔴 -0.37)
triggering-dast-scans.md 70.72 (-)
View detailed metrics

🟢 - Shows an increase in readability
🔴 - Shows a decrease in readability

File Readability FRE GF ARI CLI DCRS
roles-and-permissions-for-organizations.md 56.35 28.84 9.32 13.4 13.69 6.33
  🔴 -1.61 🔴 -8.26 🟢 +0 🟢 +0 🔴 -0.06 🔴 -0.05
managing-security-and-risk.md 52.68 34.46 10.73 14.3 13.58 6.65
  🟢 +0.6 🔴 -0.3 🔴 -0.04 🟢 +0.1 🟢 +0.34 🟢 +0.03
configuring-your-repository.md 30.06 26.85 16.18 17.9 13.7 8.71
  🔴 -0.37 🟢 +0 🔴 -0.12 🟢 +0 🟢 +0 🔴 -0.05
triggering-dast-scans.md 70.72 50.53 8.17 8.9 10.48 7.03
  - - - - - -

Averages:

  Readability FRE GF ARI CLI DCRS
Average 53.32 42.76 10.86 12.63 12.68 7.96
  🟢 +0.07 🟢 +0 🟢 +0.01 🟢 +0.02 🟢 +0.01 🟢 +0
View metric targets
Metric Range Ideal score
Flesch Reading Ease 100 (very easy read) to 0 (extremely difficult read) 60
Gunning Fog 6 (very easy read) to 17 (extremely difficult read) 8 or less
Auto. Read. Index 6 (very easy read) to 14 (extremely difficult read) 8 or less
Coleman Liau Index 6 (very easy read) to 17 (extremely difficult read) 8 or less
Dale-Chall Readability 4.9 (very easy read) to 9.9 (extremely difficult read) 6.9 or less

@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch 3 times, most recently from 028b237 to 43cf9f5 Compare April 7, 2025 11:20
@github-actions github-actions bot temporarily deployed to Netlify April 7, 2025 11:21 Inactive
@joanasteodoro joanasteodoro requested a review from a team April 7, 2025 11:24
@joanasteodoro joanasteodoro marked this pull request as ready for review April 7, 2025 11:24
@joanasteodoro joanasteodoro requested a review from a team as a code owner April 7, 2025 11:24
@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch 2 times, most recently from 8f41513 to 365dff8 Compare April 7, 2025 15:10
@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch from 365dff8 to 3ee5ea9 Compare April 7, 2025 15:13
@joanasteodoro @claudiacodacy
Apply suggestions from code review
e197523 
Co-authored-by: Cláudia <83641264+claudiacodacy@users.noreply.github.com>
@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch from 3ee5ea9 to e197523 Compare April 7, 2025 15:22
@github-actions github-actions bot temporarily deployed to Netlify April 7, 2025 15:23 Inactive
@joanasteodoro @claudiacodacy
Apply suggestions from code review
3c24ce0 
Co-authored-by: Cláudia <83641264+claudiacodacy@users.noreply.github.com>
@github-actions github-actions bot temporarily deployed to Netlify April 7, 2025 16:16 Inactive
@claudiacodacy claudiacodacy requested review from lventura-codacy and removed request for claudiacodacy April 8, 2025 08:19
@github-actions github-actions bot temporarily deployed to Netlify April 9, 2025 11:26 Inactive
@github-actions github-actions bot temporarily deployed to Netlify April 10, 2025 09:50 Inactive
afsmeira
afsmeira reviewed Apr 10, 2025
View reviewed changes
@afsmeira
Copy link
Contributor

In general, we are using DAST and App scanning interchangeably. For clarity, we should stick to a single nomenclature.

@github-actions github-actions bot temporarily deployed to Netlify April 10, 2025 10:56 Inactive
@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch 2 times, most recently from 2857742 to 7fee1b7 Compare April 10, 2025 12:13
@github-actions github-actions bot temporarily deployed to Netlify April 10, 2025 12:14 Inactive
@joanasteodoro @afsmeira
Apply suggestions from code review
6cb947e 
Co-authored-by: André Meira <6381457+afsmeira@users.noreply.github.com>
@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch from 7fee1b7 to 6cb947e Compare April 10, 2025 12:19
@joanasteodoro joanasteodoro requested a review from afsmeira April 10, 2025 12:20
@joanasteodoro joanasteodoro enabled auto-merge (squash) April 10, 2025 12:21
@github-actions github-actions bot temporarily deployed to Netlify April 10, 2025 12:21 Inactive
@github-actions github-actions bot temporarily deployed to Netlify April 10, 2025 13:25 Inactive
@joanasteodoro @claudiacodacy @afsmeira
Apply suggestions from code review
73d6a0d 
Co-authored-by: Cláudia <83641264+claudiacodacy@users.noreply.github.com>
Co-authored-by: André Meira <6381457+afsmeira@users.noreply.github.com>
@joanasteodoro joanasteodoro force-pushed the add-dast-documentation-tarot-3247 branch from 4bcca1d to 73d6a0d Compare April 10, 2025 13:29
@github-actions github-actions bot temporarily deployed to Netlify April 10, 2025 13:31 Inactive
claudiacodacy
claudiacodacy approved these changes Apr 10, 2025
View reviewed changes
Copy link
Contributor

@claudiacodacy claudiacodacy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:dew_it:

@joanasteodoro joanasteodoro merged commit 439dd0c into master Apr 10, 2025
5 checks passed
@joanasteodoro joanasteodoro deleted the add-dast-documentation-tarot-3247 branch April 10, 2025 13:32
lventura-codacy
lventura-codacy reviewed Apr 10, 2025
View reviewed changes
docs/codacy-api/examples/triggering-dast-scans.md

!!! important
App scanning is a business feature. If you are a Codacy Pro customer, contact our customer success team to access a short trial.
Check your [permissions](../../organizations/roles-and-permissions-for-organizations.md). Only git provider admins and organization managers will be able to create new targets and trigger scans (in app and via the API).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Check your [permissions](../../organizations/roles-and-permissions-for-organizations.md). Only git provider admins and organization managers will be able to create new targets and trigger scans (in app and via the API).
Check your [permissions](../../organizations/roles-and-permissions-for-organizations.md). Only git provider admins and organization managers will be able to create new targets and trigger scans (either via Codacy's UI or API).

lventura-codacy
lventura-codacy reviewed Apr 10, 2025
View reviewed changes
docs/codacy-api/examples/triggering-dast-scans.md
| `bb` | Bitbucket Cloud |
| `bbe` | Bitbucket Server |

- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must either be an organization manager or have admin permissions on the Git provider.

lventura-codacy
lventura-codacy reviewed Apr 10, 2025
View reviewed changes
docs/codacy-api/examples/triggering-dast-scans.md
| `bbe` | Bitbucket Server |

- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
**DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets). For example, `457`. You must have admin permissions over the organization on the Git provider.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
**DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets). For example, `457`. You must have admin permissions over the organization on the Git provider.
**DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets). For example, `457`. You must either be an organization manager or have admin permissions on the Git provider.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
**DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets). For example, `457`. You must have admin permissions over the organization on the Git provider.
**DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets)). For example, `457`. You must either be an organization manager or have admin permissions on the Git provider.

lventura-codacy
lventura-codacy reviewed Apr 10, 2025
View reviewed changes
docs/codacy-api/examples/triggering-dast-scans.md
| `bb` | Bitbucket Cloud |
| `bbe` | Bitbucket Server |

- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must either be an organization manager or have admin permissions on the Git provider.

lventura-codacy
lventura-codacy reviewed Apr 10, 2025
View reviewed changes
docs/codacy-api/examples/triggering-dast-scans.md
- **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
**DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets). For example, `457`. You must have admin permissions over the organization on the Git provider.

Scans occur asynchronously. To monitor an ongoing scan you can use the [target management page in Codacy](../../organizations/managing-security-and-risk.md#app-scanning). Once completed, you can access all scan results by navigating to the **Security dashboard**, selecting the **Findings tab** and filtering by **Scan types > DAST/App scanning**.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Scans occur asynchronously. To monitor an ongoing scan you can use the [target management page in Codacy](../../organizations/managing-security-and-risk.md#app-scanning). Once completed, you can access all scan results by navigating to the **Security dashboard**, selecting the **Findings tab** and filtering by **Scan types > DAST/App scanning**.
Scans occur asynchronously. To monitor an ongoing scan you can use the [target management page in Codacy](../../organizations/managing-security-and-risk.md#app-scanning). Once a scan is completed, you can access all its results by navigating to the **Security dashboard**, selecting the **Findings tab** and filtering by **Scan types > DAST/App scanning**.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afsmeira afsmeira

@claudiacodacy claudiacodacy

@lventura-codacy lventura-codacy

@lorandszakacs lorandszakacs

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@joanasteodoro @afsmeira @claudiacodacy @lventura-codacy