Lombiq · Piedone · Dec 5, 2023 · Nov 14, 2023 · Nov 14, 2023 · Nov 14, 2023
diff --git a/.github/actions/spelling/allow.txt b/.github/actions/spelling/allow.txt
@@ -13,6 +13,7 @@ Overconstrained
 parallelizable
 qrcode
 retriable
+Runtimes
 sanitizers
 scrollbars
 shortcutting

diff --git a/.github/actions/spelling/excludes.txt b/.github/actions/spelling/excludes.txt
@@ -1,6 +1,9 @@
 Assets/Vendors/
 \QLombiq.VueJs.Tests.UI/Assets/Media/\E.*\.mjpeg$
 ^\Qtest/Lombiq.UITestingToolbox/Lombiq.Tests.UI/Constants/CommonDisplayResolutions.cs\E$
+^\Qtest/Lombiq.UITestingToolbox/Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlanFragments/\E.*.yml$
+^\Qtest/Lombiq.UITestingToolbox/Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlans/\E.*.yml$
+^\Qtest/Lombiq.UITestingToolbox/Lombiq.Tests.UI.Samples/Tests/CustomZapAutomationFrameworkPlan.yml\E$
 ^\Qtools/Lombiq.GitHub.Actions/\E
 \QUnmanagedNodeModules/\E
 \QUploadingTestFileDOCX.docx\E$

diff --git a/.github/workflows/build-and-test-windows.yml b/.github/workflows/build-and-test-windows.yml
@@ -42,6 +42,7 @@ jobs:
       ui-test-parallelism: 0
       build-create-binary-log: "true"
       blame-hang-timeout: "5m"
+      test-filter: "FullyQualifiedName!~SecurityScanningTests"
 
   build-and-test-standard-runners:
     # Since dev builds are not awaited by anyone, they can run on the slower free runners.
@@ -55,6 +56,7 @@ jobs:
       set-up-azurite: "true"
       build-create-binary-log: "true"
       blame-hang-timeout: "5m"
+      test-filter: "FullyQualifiedName!~SecurityScanningTests"
 
   build-and-test-nuget-test:
     if: github.ref_name == github.event.repository.default_branch || 
@@ -67,6 +69,7 @@ jobs:
       build-directory: NuGetTest
       timeout-minutes: 25
       blame-hang-timeout: "5m"
+      test-filter: "FullyQualifiedName!~SecurityScanningTests"
 
   powershell-static-code-analysis:
     if: github.ref_name == github.event.repository.default_branch || 

diff --git a/NuGetTest/src/Lombiq.OSOCE.NuGet.Web/Lombiq.OSOCE.NuGet.Web.csproj b/NuGetTest/src/Lombiq.OSOCE.NuGet.Web/Lombiq.OSOCE.NuGet.Web.csproj
@@ -47,8 +47,8 @@
     <PackageReference Include="Lombiq.Privacy" Version="7.0.2-alpha.2.osoe-638" />
     <PackageReference Include="Lombiq.Privacy.Samples" Version="7.0.2-alpha.2.osoe-638" />
     <PackageReference Include="Lombiq.SetupExtensions" Version="5.0.0" />
-    <PackageReference Include="Lombiq.Tests.UI.AppExtensions" Version="8.2.1-alpha.1.osoe-733" />
-    <PackageReference Include="Lombiq.Tests.UI.Shortcuts" Version="8.2.1-alpha.1.osoe-733" />
+    <PackageReference Include="Lombiq.Tests.UI.AppExtensions" Version="8.2.1-alpha.4.osoe-351" />
+    <PackageReference Include="Lombiq.Tests.UI.Shortcuts" Version="8.2.1-alpha.4.osoe-351" />
     <PackageReference Include="Lombiq.UIKit" Version="6.0.1-alpha.0.osoe-638" />
     <PackageReference Include="Lombiq.VueJs" Version="3.0.1-alpha.0.osoe-638" />
     <PackageReference Include="Lombiq.VueJs.Samples" Version="3.0.1-alpha.0.osoe-638" />

diff --git a/NuGetTest/src/Modules/Lombiq.OSOCE.NuGet.TestModule/Lombiq.OSOCE.NuGet.TestModule.csproj b/NuGetTest/src/Modules/Lombiq.OSOCE.NuGet.TestModule/Lombiq.OSOCE.NuGet.TestModule.csproj
@@ -16,7 +16,7 @@
   </ItemGroup>
 
   <ItemGroup>
-    <PackageReference Include="Lombiq.HelpfulLibraries" Version="8.0.2" />
+    <PackageReference Include="Lombiq.HelpfulLibraries" Version="8.0.3-alpha.2.osoe-351" />
     <PackageReference Include="OrchardCore.Module.Targets" Version="1.7.0" />
     <PackageReference Include="OrchardCore.ContentManagement" Version="1.7.0" />
     <PackageReference Include="OrchardCore.ContentTypes.Abstractions" Version="1.7.0" />

diff --git a/NuGetTest/test/Lombiq.OSOCE.NuGet.Tests.UI/Lombiq.OSOCE.NuGet.Tests.UI.csproj b/NuGetTest/test/Lombiq.OSOCE.NuGet.Tests.UI/Lombiq.OSOCE.NuGet.Tests.UI.csproj
@@ -34,7 +34,7 @@
     <PackageReference Include="Lombiq.OrchardCoreApiClient.Tests.UI" Version="4.0.1-alpha.0.osoe-638" />
     <PackageReference Include="Lombiq.Privacy.Tests.UI" Version="7.0.2-alpha.2.osoe-638" />
     <PackageReference Include="Lombiq.HelpfulExtensions.Tests.UI" Version="7.0.2-alpha.2.osoe-683" />
-    <PackageReference Include="Lombiq.Tests.UI" Version="8.2.1-alpha.1.osoe-733" />
+    <PackageReference Include="Lombiq.Tests.UI" Version="8.2.1-alpha.4.osoe-351" />
     <PackageReference Include="Lombiq.VueJs.Tests.UI" Version="3.0.1-alpha.0.osoe-638" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.7.2" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.5.1">

diff --git a/NuGetTest/test/Lombiq.OSOCE.NuGet.Tests.UI/Tests/SecurityScanningTests.cs b/NuGetTest/test/Lombiq.OSOCE.NuGet.Tests.UI/Tests/SecurityScanningTests.cs
@@ -0,0 +1,23 @@
+using Lombiq.Tests.UI.SecurityScanning;
+using Shouldly;
+using System.Threading.Tasks;
+using Xunit;
+using Xunit.Abstractions;
+
+namespace Lombiq.OSOCE.NuGet.Tests.UI.Tests;
+
+public class SecurityScanningTests : UITestBase
+{
+    public SecurityScanningTests(ITestOutputHelper testOutputHelper)
+        : base(testOutputHelper)
+    {
+    }
+
+    // Only scanning the homepage, since this is just to make sure that ZAP still works from NuGet.
+    [Fact]
+    public Task BasicSecurityScanShouldPass() =>
+        ExecuteTestAfterSetupAsync(
+            context => context.RunAndAssertBaselineSecurityScanAsync(
+                configuration => configuration.ExcludeUrlWithRegex(".*:[0-9]+\\/.+"),
+                sarifLog => sarifLog.Runs[0].Results.Count.ShouldBeLessThan(6)));
+}
diff --git a/NuGetTest/test/Lombiq.OSOCE.NuGet.Tests/Lombiq.OSOCE.NuGet.Tests.csproj b/NuGetTest/test/Lombiq.OSOCE.NuGet.Tests/Lombiq.OSOCE.NuGet.Tests.csproj
@@ -5,7 +5,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Lombiq.HelpfulLibraries" Version="8.0.2" />
+    <PackageReference Include="Lombiq.HelpfulLibraries" Version="8.0.3-alpha.2.osoe-351" />
     <PackageReference Include="Lombiq.Tests" Version="2.2.5" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.7.2" />
     <PackageReference Include="xunit.runner.visualstudio" Version="2.5.1">

diff --git a/src/Libraries/Lombiq.HelpfulLibraries b/src/Libraries/Lombiq.HelpfulLibraries
diff --git a/src/Modules/Lombiq.TrainingDemo b/src/Modules/Lombiq.TrainingDemo
diff --git a/test/Lombiq.UITestingToolbox b/test/Lombiq.UITestingToolbox
+27 −0		Lombiq.HelpfulLibraries.Cli/CliProgram.cs
+4 −3		Lombiq.HelpfulLibraries.Common/Extensions/StringExtensions.cs
+5 −2		Controllers/CrossTenantServicesController.cs
+2 −0		Controllers/FileManagementController.cs
+4 −0		Lombiq.Tests.UI.Samples/Lombiq.Tests.UI.Samples.csproj
+1 −0		Lombiq.Tests.UI.Samples/Readme.md
+114 −0		Lombiq.Tests.UI.Samples/Tests/CustomZapAutomationFrameworkPlan.yml
+1 −0		Lombiq.Tests.UI.Samples/Tests/InteractiveModeTests.cs
+158 −0		Lombiq.Tests.UI.Samples/Tests/SecurityScanningTests.cs
+1 −1		Lombiq.Tests.UI.Shortcuts/Controllers/CurrentUserController.cs
+1 −1		Lombiq.Tests.UI.Shortcuts/Lombiq.Tests.UI.Shortcuts.csproj
+ −		Lombiq.Tests.UI/Docs/Attachments/ZapReportScreenshot.png
+1 −1		Lombiq.Tests.UI/Docs/Configuration.md
+1 −0		Lombiq.Tests.UI/Docs/CreatingTests.md
+28 −0		Lombiq.Tests.UI/Docs/SecurityScanning.md
+1 −0		Lombiq.Tests.UI/Docs/Tools.md
+4 −0		Lombiq.Tests.UI/Docs/Troubleshooting.md
+49 −4		Lombiq.Tests.UI/Extensions/FailureDumpUITestContextExtensions.cs
+17 −11		Lombiq.Tests.UI/Extensions/ShortcutsUITestContextExtensions.cs
+30 −5		Lombiq.Tests.UI/Extensions/TypedRouteUITestContextExtensions.cs
+1 −1		Lombiq.Tests.UI/Helpers/DirectoryHelper.cs
+23 −4		Lombiq.Tests.UI/Lombiq.Tests.UI.csproj
+25 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlanFragments/DisplayActiveScanRuleRuntimesScript.yml
+12 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlanFragments/RequestorJob.yml
+8 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlanFragments/SpiderAjaxJob.yml
+14 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlanFragmentsPaths.cs
+13 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlanPaths.cs
+102 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlans/Baseline.yml
+107 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlans/FullScan.yml
+116 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlans/GraphQL.yml
+107 −0		Lombiq.Tests.UI/SecurityScanning/AutomationFrameworkPlans/OpenAPI.yml
+216 −0		Lombiq.Tests.UI/SecurityScanning/SecurityScanConfiguration.cs
+15 −0		Lombiq.Tests.UI/SecurityScanning/SecurityScanResult.cs
+27 −0		Lombiq.Tests.UI/SecurityScanning/SecurityScanningAssertionException.cs
+36 −0		Lombiq.Tests.UI/SecurityScanning/SecurityScanningConfiguration.cs
+20 −0		Lombiq.Tests.UI/SecurityScanning/SecurityScanningException.cs
+163 −0		Lombiq.Tests.UI/SecurityScanning/SecurityScanningUITestContextExtensions.cs
+405 −0		Lombiq.Tests.UI/SecurityScanning/YamlDocumentExtensions.cs
+15 −0		Lombiq.Tests.UI/SecurityScanning/YamlHelper.cs
+25 −0		Lombiq.Tests.UI/SecurityScanning/YamlNodeExtensions.cs
+244 −0		Lombiq.Tests.UI/SecurityScanning/ZapManager.cs
+3 −0		Lombiq.Tests.UI/Services/OrchardCoreUITestExecutorConfiguration.cs
+1 −1		Lombiq.Tests.UI/Services/SmtpService.cs
+4 −10		Lombiq.Tests.UI/Services/SqlServerManager.cs
+12 −2		Lombiq.Tests.UI/Services/UITestContext.cs
+28 −3		Lombiq.Tests.UI/Services/UITestExecutionSession.cs
+2 −0		Readme.md