Merge pull request #342 from psiinon/2.10/release

thc202 · web-flow · commit 1ef09aeb0624 · 2020-12-16T13:35:17.000Z
2.10 release
diff --git a/addOns/addOns.gradle.kts b/addOns/addOns.gradle.kts
@@ -34,7 +34,7 @@ subprojects {
     }
 
     zapAddOn {
-        zapVersion.set("2.7.0")
+        zapVersion.set("2.9.0")
 
         releaseLink.set(project.provider { "https://github.com/zaproxy/zap-core-help/releases/${zapAddOn.addOnId.get()}-v@CURRENT_VERSION@" })
 
diff --git a/addOns/help/CHANGELOG.md b/addOns/help/CHANGELOG.md
@@ -3,8 +3,9 @@ All notable changes to this add-on will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
-## Unreleased
+## [11] - 2020-12-16
 
+- Update for 2.10.0 release.
 
 ## [10] - 2020-01-17
 
@@ -43,5 +44,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 - First version.
 
+[11]: https://github.com/zaproxy/zap-core-help/releases/help-v11
 [10]: https://github.com/zaproxy/zap-core-help/releases/help-v10
 [9]: https://github.com/zaproxy/zap-core-help/releases/help-v9
diff --git a/addOns/help/help.gradle.kts b/addOns/help/help.gradle.kts
@@ -8,6 +8,6 @@ zapAddOn {
 
     manifest {
         url.set("https://www.zaproxy.org/docs/desktop/")
-        notBeforeVersion.set("2.9.0")
+        notBeforeVersion.set("2.10.0")
     }
 }
diff --git a/addOns/help/src/main/javahelp/contents/releases/2.10.0.html b/addOns/help/src/main/javahelp/contents/releases/2.10.0.html
@@ -57,17 +57,60 @@ <H3>Cached Scripts</H3>
 <li>Proxy</li>
 </ul>
 
-<H2>New Add-Ons</H2>
+<H2>Add-Ons</H2>
+<H3>New Add-Ons</H3>
 The following add-ons are included by default in this release for the first time:
 <ul>
   <li><a href="https://www.zaproxy.org/docs/desktop/addons/encode-decode-hash/">Advanced Encode / Decode / Hash dialog</a> - this replaces the old core encode/decode/hash dialog</li>
   <li><a href="https://www.zaproxy.org/docs/desktop/addons/dom-xss-active-scan-rule/">DOM XSS Scan Rule</a> - an Active Scan rule for detecting DOM XSS vulnerabilities</li>
   <li><a href="https://www.zaproxy.org/docs/desktop/addons/form-handler/">Form Handler</a> - allows for the custom configuration of values used in forms based on field names</li>
   <li><a href="https://www.zaproxy.org/docs/desktop/addons/graalvm-javascript/">GraalVM JavaScript</a> - included as Java 15+ no longer includes the Oracle Nashorn JavaScript engine</li>
-  <li><a href="https://www.zaproxy.org/docs/desktop/addons/graphql-support/">GraphQL Supprt</a> - allows you to import and active scan GraphQL definitions</li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/graphql-support/">GraphQL Support</a> - allows you to import and active scan GraphQL definitions</li>
   <li><a href="https://www.zaproxy.org/docs/desktop/addons/retire.js/">Retire.js</a> - a Passive Scan rule which implements checks provided by <a href="https://retirejs.github.io/retire.js/">Retire.js</a> in order to identify vulnerable or out-dated JavaScript packages</li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/soap-support/">SOAP Support</a> - allows you to import and active scan WSDL files containing SOAP endpoints</li>
 </ul>
 
+<H3>Updated Add-Ons</H3>
+The following add-ons have been updated since the last full release:
+<ul>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/ajax-spider/">Ajax Spider</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/active-scan-rules/">Active Scan Rules</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/forced-browse/">Forced Browse</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/fuzzer/">Fuzzing</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/getting-started-guide/">Getting Started Guide</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/hud/">The HUD</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/online-menu/">Online Menu</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/openapi-support/">OpenAPI Support</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/passive-scan-rules/">Passive Scan Rules</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/quick-start/">Quick Start</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/script-console/">Script Console</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/selenium/">Selenium</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/linux-webdrivers/">Linux WebDrivers</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/macos-webdrivers/">MacOS WebDrivers</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/windows-webdrivers/">Windows WebDrivers</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/websockets/">WebSockets</a></li>
+  <li><a href="https://www.zaproxy.org/docs/desktop/addons/zest/">Zest</a></li>
+</ul>
+
+<H2>Docker Updates</H2>
+The following changes are included in the latest Stable Docker image:
+<ul>
+	<li>Update Webswing to latest version (20.2.1) to work with newer Java versions.</li>
+	<li>Update Java in stable image to version 11.</li>
+	<li>Add support for authenticated scans.</li>
+	<li>Add zap_tune function (disable all tags and limit pscan alerts to 10), zap_tuned hook and disable recovery log.</li>
+	<li>Update zap-api-scan.py to add support for GraphQL.</li>
+	<li>Fail immediately if the spider scans were not started to provide better error message.</li>
+	<li>Packaged scans will use the provided context when spidering and active scanning.</li>
+	<li>Add `IS_CONTAINERIZED` environment variable to the container image, used in the python script to check for containerized environments (e.g. containerd) without relying on container runtime specific files.</li>
+	<li>Make podman compatible</li>
+	<li>Make docker stable use ubuntu 20.04</li>
+	<li>Make `python` command use Python 3.</li>
+	<li>Removed python 2, only python 3 will be supported going forward.</li>
+	<li>Changed zap-full-scan.py and zap-api-scan.py to include the -I option to ignore only warning used by zap-baseline-scan.py</li>
+</ul>
+For full list of changes made to the docker images see the docker <a href="https://github.com/zaproxy/zaproxy/blob/develop/docker/CHANGELOG.md">CHANGELOG.md</a>.
+
 <H2>Changes in Bundled Libraries</H2>
 The following libraries were updated:
 <ul>

Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ subprojects {`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`zapAddOn {`
`37`		`- zapVersion.set("2.7.0")`
	`37`	`+ zapVersion.set("2.9.0")`
`38`	`38`
`39`	`39`	`releaseLink.set(project.provider { "https://github.com/zaproxy/zap-core-help/releases/${zapAddOn.addOnId.get()}-v@CURRENT_VERSION@" })`
`40`	`40`
Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,6 @@ zapAddOn {`
`8`	`8`
`9`	`9`	`manifest {`
`10`	`10`	`url.set("https://www.zaproxy.org/docs/desktop/")`
`11`		`- notBeforeVersion.set("2.9.0")`
	`11`	`+ notBeforeVersion.set("2.10.0")`
`12`	`12`	`}`
`13`	`13`	`}`