Update AF templates and help

addOns/alertFilters/CHANGELOG.md

@@ -4,7 +4,8 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
-
+### Changed
+- Update the automation framework template and help to include missing fields (`ruleName` and `methods`).
 
 ## [25] - 2025-11-04
 ### Changed

addOns/alertFilters/src/main/javahelp/org/zaproxy/zap/extension/alertFilters/resources/help/contents/automation.html

@@ -19,7 +19,8 @@ <H2>Job: alertFilter</H2>
     parameters:
       deleteGlobalAlerts: true         # Boolean, if true then will delete all existing global alerts, default false
     alertFilters:                      # A list of alertFilters to be applied
-      - ruleId:                        # Int/String: Mandatory, the scan rule ID or the alert reference
+      - ruleId:                        # Int: Mandatory, the scan rule ID or the alert reference
+        ruleName:                      # String: Optional, the name of the rule
         newRisk:                       # String: Mandatory new risk level, one of 'False Positive', 'Info', 'Low', 'Medium', 'High'
         context:                       # String: Optional context name, if empty then a global alert filter will be created
         url:                           # String: Optional string to match against the alert, supports environment vars
@@ -30,6 +31,7 @@ <H2>Job: alertFilter</H2>
         attackRegex:                   # Boolean: Optional, if true then the attack is a regex
         evidence:                      # String: Optional string to match against the alert evidence field
         evidenceRegex:                 # Boolean: Optional, if true then the evidence is a regex
+        methods:                       # List: Optional, the HTTP methods
 </pre>
 
 </BODY>

addOns/alertFilters/src/main/resources/org/zaproxy/zap/extension/alertFilters/resources/alertFilter-max.yaml

@@ -3,6 +3,7 @@
       deleteGlobalAlerts: true         # Boolean, if true then will delete all existing global alerts, default false
     alertFilters:                      # A list of alertFilters to be applied
       - ruleId:                        # Int: Mandatory, the scan rule ID or the alert reference
+        ruleName:                      # String: Optional, the name of the rule
         newRisk:                       # String: Mandatory new risk level, one of 'False Positive', 'Info', 'Low', 'Medium', 'High'
         context:                       # String: Optional context name, if empty then a global alert filter will be created
         url:                           # String: Optional string to match against the alert, supports environment vars

addOns/client/CHANGELOG.md

@@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ## Unreleased
 ### Changed
 - Updated Chrome and Firefox extensions to v0.1.7.
+- Update the automation framework template to include missing field (`scopeCheck`).
 
 ## [0.18.0] - 2025-11-04
 ### Added

addOns/client/src/main/resources/org/zaproxy/addon/client/resources/spiderClient-max.yaml

@@ -10,4 +10,5 @@
       browserId:                       # String: Browser ID to use, default: firefox-headless
       initialLoadTime:                 # Int: The time in seconds to wait after the initial URL is loaded, default: 5
       pageLoadTime:                    # Int: The time in seconds to wait after a new URL is loaded, default: 1
-      shutdownTime:                    # Int: The time in seconds to wait after no activity before shutting down, default: 5
+      shutdownTime:                    # Int: The time in seconds to wait after no activity before shutting down, default: 5
+      scopeCheck:                      # String: The scope check, either Flexible or Strict, default: Flexible

addOns/reports/CHANGELOG.md

@@ -4,7 +4,8 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
-
+### Changed
+- Update the automation framework template and help to include missing `outputSummary` job fields.
 
 ## [0.42.0] - 2025-11-07
 ### Changed

addOns/reports/src/main/javahelp/org/zaproxy/addon/reports/resources/help/contents/automation.html

@@ -39,5 +39,19 @@ <H2>Job: report</H2>
 	the strings in the sites list is included. The sites list also supports
 	variables.
 
+	<H2>Job: outputSummary</H2>
+	The outputSummary job allows you to generate a summary of the alerts
+	found.
+	<pre>
+  - type: outputSummary                # Print summary to stdout, primarily to mimic the behaviour of the packaged scans
+    parameters:
+      format: None                     # String: The format of the output, one of None, Short, Long, default: None
+      summaryFile:                     # String: The full path of a file into which will be written a JSON summary of the scan, default empty
+    rules:                             # A list of rules for which the actions are to be overriden
+      - id:                            # Int: The rule id as per https://www.zaproxy.org/docs/alerts/
+        action:                        # String: The action to take for this rule, one of IGNORE, INFO, FAIL, default: WARN
+        customMessage:                 # String: A custom message which will be displayed with this rule
+</pre>
+
 </BODY>
 </HTML>

addOns/reports/src/main/resources/org/zaproxy/addon/reports/resources/outputSummary-max.yaml

@@ -1,4 +1,8 @@
   - type: outputSummary                # Print summary to stdout, primarily to mimic the behaviour of the packaged scans
     parameters:
       format: None                     # String: The format of the output, one of None, Short, Long, default: None
-      summaryFile:                     # String: The full path of a file into which will be written a JSON summary of the scan, default empty
+      summaryFile:                     # String: The full path of a file into which will be written a JSON summary of the scan, default empty
+    rules:                             # A list of rules for which the actions are to be overridden
+      - id:                            # Int: The rule id as per https://www.zaproxy.org/docs/alerts/
+        action:                        # String: The action to take for this rule, one of IGNORE, INFO, FAIL, default: WARN
+        customMessage:                 # String: A custom message which will be displayed with this rule

addOns/scripts/CHANGELOG.md

@@ -9,6 +9,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Changed
 - Update dependency.
+- Update the automation framework template to include missing field (`inline`).
 
 ## [45.15.0] - 2025-11-04
 ### Added

addOns/scripts/src/main/javahelp/org/zaproxy/zap/extension/scripts/resources/help/contents/automation.html

@@ -84,7 +84,7 @@ <H2>YAML definition</H2>
       engine:                    # String: The script engine to use - can be used to override the default engine for the file extension
       name:                      # String: The name of the script, defaults to the file name
       source:                    # String: The full or relative file path, must be readable
-      inline:                    # String: The full script (may be multi-line) - supply this or 'file' not both
+      inline:                    # String: The full script (may be multi-line) - supply this or 'source' not both
       target:                    # String: The URL to be invoked for "targeted" script type
 	</pre>
 

addOns/scripts/src/main/resources/org/zaproxy/zap/extension/scripts/resources/script-max.yaml

@@ -5,4 +5,5 @@
       engine:                    # String: The script engine to use - can be used to override the default engine for the file extension
       name:                      # String: The name of the script, defaults to the file name
       source:                    # String: The full or relative path, must be readable
+      inline:                    # String: The full script (may be multi-line) - supply this or 'source' not both
       target:                    # String: The URL to be invoked for "targeted" script type

addOns/wappalyzer/CHANGELOG.md

@@ -4,6 +4,9 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
+### Added
+- A help page for the tech-detection (`wappalyzer`) automation framework job.
+
 ### Changed
 - Updated with enthec upstream icon and pattern changes.
 

addOns/wappalyzer/src/main/javahelp/org/zaproxy/zap/extension/wappalyzer/resources/help/contents/automation.html

@@ -0,0 +1,31 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
+<HTML>
+<HEAD>
+<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
+<TITLE>
+Technology Detection Automation Framework Support
+</TITLE>
+</HEAD>
+<BODY>
+<H1>Technology Detection Automation Framework Support</H1>
+This add-on supports the Automation Framework.
+<br><br>
+<H2>Job: wappalyzer</H2>
+The <code>wappalyzer</code> job is a data job. It does not have any configurable parameters.
+It provides technology detection data to other jobs via the <code>TechJobResultData</code> class.
+
+<H2>YAML</H2>
+
+<pre>
+  - type: wappalyzer             # Passive scan wait for the passive scanner to finish
+</pre>
+
+<H2>Job Data</H2>
+The following class will be made available to add-ons that provide access to the Job Data such as the Reporting add-on.
+<ul>
+<li>Key: <code>wappalyzerData</code>
+<li>Class: <a href="https://github.com/zaproxy/zap-extensions/blob/main/addOns/wappalyzer/src/main/java/org/zaproxy/zap/extension/wappalyzer/automation/TechJobResultData.java">TechJobResultData</a>
+</ul>
+
+</BODY>
+</HTML>