From 60a9f7cbbd79c78be322562501c81b3b1f247470 Mon Sep 17 00:00:00 2001
From: ricekot <git@ricekot.com>
Date: Sat, 29 Nov 2025 15:54:30 +0530
Subject: [PATCH] Update AF templates and help

Signed-off-by: ricekot <git@ricekot.com>
---
 addOns/alertFilters/CHANGELOG.md              |  3 +-
 .../resources/help/contents/automation.html   |  4 ++-
 .../resources/alertFilter-max.yaml            |  1 +
 addOns/client/CHANGELOG.md                    |  1 +
 .../client/resources/spiderClient-max.yaml    |  3 +-
 addOns/reports/CHANGELOG.md                   |  3 +-
 .../resources/help/contents/automation.html   | 14 +++++++++
 .../reports/resources/outputSummary-max.yaml  |  6 +++-
 addOns/scripts/CHANGELOG.md                   |  1 +
 .../resources/help/contents/automation.html   |  2 +-
 .../scripts/resources/script-max.yaml         |  1 +
 addOns/wappalyzer/CHANGELOG.md                |  3 ++
 .../resources/help/contents/automation.html   | 31 +++++++++++++++++++
 13 files changed, 67 insertions(+), 6 deletions(-)
 create mode 100644 addOns/wappalyzer/src/main/javahelp/org/zaproxy/zap/extension/wappalyzer/resources/help/contents/automation.html

diff --git a/addOns/alertFilters/CHANGELOG.md b/addOns/alertFilters/CHANGELOG.md
index 53ee1b537fa..0d81309cbbb 100644
--- a/addOns/alertFilters/CHANGELOG.md
+++ b/addOns/alertFilters/CHANGELOG.md
@@ -4,7 +4,8 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
-
+### Changed
+- Update the automation framework template and help to include missing fields (`ruleName` and `methods`).
 
 ## [25] - 2025-11-04
 ### Changed
diff --git a/addOns/alertFilters/src/main/javahelp/org/zaproxy/zap/extension/alertFilters/resources/help/contents/automation.html b/addOns/alertFilters/src/main/javahelp/org/zaproxy/zap/extension/alertFilters/resources/help/contents/automation.html
index 9750a19a8fb..a2fb6e7bcd1 100644
--- a/addOns/alertFilters/src/main/javahelp/org/zaproxy/zap/extension/alertFilters/resources/help/contents/automation.html
+++ b/addOns/alertFilters/src/main/javahelp/org/zaproxy/zap/extension/alertFilters/resources/help/contents/automation.html
@@ -19,7 +19,8 @@ <H2>Job: alertFilter</H2>
     parameters:
       deleteGlobalAlerts: true         # Boolean, if true then will delete all existing global alerts, default false
     alertFilters:                      # A list of alertFilters to be applied
-      - ruleId:                        # Int/String: Mandatory, the scan rule ID or the alert reference
+      - ruleId:                        # Int: Mandatory, the scan rule ID or the alert reference
+        ruleName:                      # String: Optional, the name of the rule
         newRisk:                       # String: Mandatory new risk level, one of 'False Positive', 'Info', 'Low', 'Medium', 'High'
         context:                       # String: Optional context name, if empty then a global alert filter will be created
         url:                           # String: Optional string to match against the alert, supports environment vars
@@ -30,6 +31,7 @@ <H2>Job: alertFilter</H2>
         attackRegex:                   # Boolean: Optional, if true then the attack is a regex
         evidence:                      # String: Optional string to match against the alert evidence field
         evidenceRegex:                 # Boolean: Optional, if true then the evidence is a regex
+        methods:                       # List: Optional, the HTTP methods
 </pre>
 
 </BODY>
diff --git a/addOns/alertFilters/src/main/resources/org/zaproxy/zap/extension/alertFilters/resources/alertFilter-max.yaml b/addOns/alertFilters/src/main/resources/org/zaproxy/zap/extension/alertFilters/resources/alertFilter-max.yaml
index 60eee62ed83..08ac95ca67e 100644
--- a/addOns/alertFilters/src/main/resources/org/zaproxy/zap/extension/alertFilters/resources/alertFilter-max.yaml
+++ b/addOns/alertFilters/src/main/resources/org/zaproxy/zap/extension/alertFilters/resources/alertFilter-max.yaml
@@ -3,6 +3,7 @@
       deleteGlobalAlerts: true         # Boolean, if true then will delete all existing global alerts, default false
     alertFilters:                      # A list of alertFilters to be applied
       - ruleId:                        # Int: Mandatory, the scan rule ID or the alert reference
+        ruleName:                      # String: Optional, the name of the rule
         newRisk:                       # String: Mandatory new risk level, one of 'False Positive', 'Info', 'Low', 'Medium', 'High'
         context:                       # String: Optional context name, if empty then a global alert filter will be created
         url:                           # String: Optional string to match against the alert, supports environment vars
diff --git a/addOns/client/CHANGELOG.md b/addOns/client/CHANGELOG.md
index 9b76f3c2e30..84b53956e51 100644
--- a/addOns/client/CHANGELOG.md
+++ b/addOns/client/CHANGELOG.md
@@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ## Unreleased
 ### Changed
 - Updated Chrome and Firefox extensions to v0.1.7.
+- Update the automation framework template to include missing field (`scopeCheck`).
 
 ## [0.18.0] - 2025-11-04
 ### Added
diff --git a/addOns/client/src/main/resources/org/zaproxy/addon/client/resources/spiderClient-max.yaml b/addOns/client/src/main/resources/org/zaproxy/addon/client/resources/spiderClient-max.yaml
index deb5c63a3da..44becc966a3 100644
--- a/addOns/client/src/main/resources/org/zaproxy/addon/client/resources/spiderClient-max.yaml
+++ b/addOns/client/src/main/resources/org/zaproxy/addon/client/resources/spiderClient-max.yaml
@@ -10,4 +10,5 @@
       browserId:                       # String: Browser ID to use, default: firefox-headless
       initialLoadTime:                 # Int: The time in seconds to wait after the initial URL is loaded, default: 5
       pageLoadTime:                    # Int: The time in seconds to wait after a new URL is loaded, default: 1
-      shutdownTime:                    # Int: The time in seconds to wait after no activity before shutting down, default: 5
\ No newline at end of file
+      shutdownTime:                    # Int: The time in seconds to wait after no activity before shutting down, default: 5
+      scopeCheck:                      # String: The scope check, either Flexible or Strict, default: Flexible
\ No newline at end of file
diff --git a/addOns/reports/CHANGELOG.md b/addOns/reports/CHANGELOG.md
index bb6f85c2827..1eb18a02a8e 100644
--- a/addOns/reports/CHANGELOG.md
+++ b/addOns/reports/CHANGELOG.md
@@ -4,7 +4,8 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
-
+### Changed
+- Update the automation framework template and help to include missing `outputSummary` job fields.
 
 ## [0.42.0] - 2025-11-07
 ### Changed
diff --git a/addOns/reports/src/main/javahelp/org/zaproxy/addon/reports/resources/help/contents/automation.html b/addOns/reports/src/main/javahelp/org/zaproxy/addon/reports/resources/help/contents/automation.html
index 1c8057b61cf..3f507350e6a 100644
--- a/addOns/reports/src/main/javahelp/org/zaproxy/addon/reports/resources/help/contents/automation.html
+++ b/addOns/reports/src/main/javahelp/org/zaproxy/addon/reports/resources/help/contents/automation.html
@@ -39,5 +39,19 @@ <H2>Job: report</H2>
 	the strings in the sites list is included. The sites list also supports
 	variables.
 
+	<H2>Job: outputSummary</H2>
+	The outputSummary job allows you to generate a summary of the alerts
+	found.
+	<pre>
+  - type: outputSummary                # Print summary to stdout, primarily to mimic the behaviour of the packaged scans
+    parameters:
+      format: None                     # String: The format of the output, one of None, Short, Long, default: None
+      summaryFile:                     # String: The full path of a file into which will be written a JSON summary of the scan, default empty
+    rules:                             # A list of rules for which the actions are to be overriden
+      - id:                            # Int: The rule id as per https://www.zaproxy.org/docs/alerts/
+        action:                        # String: The action to take for this rule, one of IGNORE, INFO, FAIL, default: WARN
+        customMessage:                 # String: A custom message which will be displayed with this rule
+</pre>
+
 </BODY>
 </HTML>
\ No newline at end of file
diff --git a/addOns/reports/src/main/resources/org/zaproxy/addon/reports/resources/outputSummary-max.yaml b/addOns/reports/src/main/resources/org/zaproxy/addon/reports/resources/outputSummary-max.yaml
index 4d55bd133b6..8868e87c7d8 100644
--- a/addOns/reports/src/main/resources/org/zaproxy/addon/reports/resources/outputSummary-max.yaml
+++ b/addOns/reports/src/main/resources/org/zaproxy/addon/reports/resources/outputSummary-max.yaml
@@ -1,4 +1,8 @@
   - type: outputSummary                # Print summary to stdout, primarily to mimic the behaviour of the packaged scans
     parameters:
       format: None                     # String: The format of the output, one of None, Short, Long, default: None
-      summaryFile:                     # String: The full path of a file into which will be written a JSON summary of the scan, default empty
\ No newline at end of file
+      summaryFile:                     # String: The full path of a file into which will be written a JSON summary of the scan, default empty
+    rules:                             # A list of rules for which the actions are to be overridden
+      - id:                            # Int: The rule id as per https://www.zaproxy.org/docs/alerts/
+        action:                        # String: The action to take for this rule, one of IGNORE, INFO, FAIL, default: WARN
+        customMessage:                 # String: A custom message which will be displayed with this rule
\ No newline at end of file
diff --git a/addOns/scripts/CHANGELOG.md b/addOns/scripts/CHANGELOG.md
index c0fdbe27799..bcf50dcbf2b 100644
--- a/addOns/scripts/CHANGELOG.md
+++ b/addOns/scripts/CHANGELOG.md
@@ -9,6 +9,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Changed
 - Update dependency.
+- Update the automation framework template to include missing field (`inline`).
 
 ## [45.15.0] - 2025-11-04
 ### Added
diff --git a/addOns/scripts/src/main/javahelp/org/zaproxy/zap/extension/scripts/resources/help/contents/automation.html b/addOns/scripts/src/main/javahelp/org/zaproxy/zap/extension/scripts/resources/help/contents/automation.html
index 5e79df123b7..39ae6351670 100644
--- a/addOns/scripts/src/main/javahelp/org/zaproxy/zap/extension/scripts/resources/help/contents/automation.html
+++ b/addOns/scripts/src/main/javahelp/org/zaproxy/zap/extension/scripts/resources/help/contents/automation.html
@@ -84,7 +84,7 @@ <H2>YAML definition</H2>
       engine:                    # String: The script engine to use - can be used to override the default engine for the file extension
       name:                      # String: The name of the script, defaults to the file name
       source:                    # String: The full or relative file path, must be readable
-      inline:                    # String: The full script (may be multi-line) - supply this or 'file' not both
+      inline:                    # String: The full script (may be multi-line) - supply this or 'source' not both
       target:                    # String: The URL to be invoked for "targeted" script type
 	</pre>
 
diff --git a/addOns/scripts/src/main/resources/org/zaproxy/zap/extension/scripts/resources/script-max.yaml b/addOns/scripts/src/main/resources/org/zaproxy/zap/extension/scripts/resources/script-max.yaml
index e377f8c4120..a14570e8ac1 100644
--- a/addOns/scripts/src/main/resources/org/zaproxy/zap/extension/scripts/resources/script-max.yaml
+++ b/addOns/scripts/src/main/resources/org/zaproxy/zap/extension/scripts/resources/script-max.yaml
@@ -5,4 +5,5 @@
       engine:                    # String: The script engine to use - can be used to override the default engine for the file extension
       name:                      # String: The name of the script, defaults to the file name
       source:                    # String: The full or relative path, must be readable
+      inline:                    # String: The full script (may be multi-line) - supply this or 'source' not both
       target:                    # String: The URL to be invoked for "targeted" script type
\ No newline at end of file
diff --git a/addOns/wappalyzer/CHANGELOG.md b/addOns/wappalyzer/CHANGELOG.md
index 7f85ff81727..6f3143c1872 100644
--- a/addOns/wappalyzer/CHANGELOG.md
+++ b/addOns/wappalyzer/CHANGELOG.md
@@ -4,6 +4,9 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
+### Added
+- A help page for the tech-detection (`wappalyzer`) automation framework job.
+
 ### Changed
 - Updated with enthec upstream icon and pattern changes.
 
diff --git a/addOns/wappalyzer/src/main/javahelp/org/zaproxy/zap/extension/wappalyzer/resources/help/contents/automation.html b/addOns/wappalyzer/src/main/javahelp/org/zaproxy/zap/extension/wappalyzer/resources/help/contents/automation.html
new file mode 100644
index 00000000000..5ab9411ea9d
--- /dev/null
+++ b/addOns/wappalyzer/src/main/javahelp/org/zaproxy/zap/extension/wappalyzer/resources/help/contents/automation.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<HTML>
+<HEAD>
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
+<TITLE>
+Technology Detection Automation Framework Support
+</TITLE>
+</HEAD>
+<BODY>
+<H1>Technology Detection Automation Framework Support</H1>
+This add-on supports the Automation Framework.
+<br><br>
+<H2>Job: wappalyzer</H2>
+The <code>wappalyzer</code> job is a data job. It does not have any configurable parameters.
+It provides technology detection data to other jobs via the <code>TechJobResultData</code> class.
+
+<H2>YAML</H2>
+
+<pre>
+  - type: wappalyzer             # Passive scan wait for the passive scanner to finish
+</pre>
+
+<H2>Job Data</H2>
+The following class will be made available to add-ons that provide access to the Job Data such as the Reporting add-on.
+<ul>
+<li>Key: <code>wappalyzerData</code>
+<li>Class: <a href="https://github.com/zaproxy/zap-extensions/blob/main/addOns/wappalyzer/src/main/java/org/zaproxy/zap/extension/wappalyzer/automation/TechJobResultData.java">TechJobResultData</a>
+</ul>
+
+</BODY>
+</HTML>