Merge branch 'release-1.5.0' into master

Author: thc202

CHANGES.md

@@ -2,6 +2,12 @@
 
 Summary of the changes done in each version.
 
+## 1.5.0 (2017-11-30)
+
+### Updated APIs
+
+ - Core APIs updated for ZAP version 2.7.0.
+
 ## 1.4.0 (2017-07-13)
 
 ### Ant Tasks

README.md

@@ -3,6 +3,7 @@
 [![Version](https://maven-badges.herokuapp.com/maven-central/org.zaproxy/zap-clientapi/badge.svg)](https://maven-badges.herokuapp.com/maven-central/org.zaproxy/zap-clientapi/)
 [![License](https://img.shields.io/badge/license-Apache%202-4EB1BA.svg)](https://www.apache.org/licenses/LICENSE-2.0.html)
 [![Build Status](https://api.travis-ci.org/zaproxy/zap-api-java.svg?branch=develop)](https://travis-ci.org/zaproxy/zap-api-java)
+[![Known Vulnerabilities](https://snyk.io/test/github/zaproxy/zap-api-java/badge.svg)](https://snyk.io/test/github/zaproxy/zap-api-java)
 
 The Java implementation to access the [OWASP ZAP API](https://github.com/zaproxy/zaproxy/wiki/ApiDetails). For more information
 about OWASP ZAP consult the (main) [OWASP ZAP project](https://github.com/zaproxy/zaproxy/).
@@ -21,7 +22,7 @@ can be obtained from [Maven Central](http://search.maven.org/) with following co
 
  * GroupId: `org.zaproxy`
  * ArtifactId: `zap-clientapi`
- * Version: `1.4.0`
+ * Version: `1.5.0`
 
 Previous releases are also available, more details can be found in [Maven Central](http://search.maven.org/#search|ga|1|org.zaproxy).
 

build.gradle

@@ -1,5 +1,5 @@
 task wrapper(type: Wrapper) {
-    gradleVersion = '4.0'
+    gradleVersion = '4.2.1'
 }
 
 apply from: "gradle/compile.gradle"
@@ -10,8 +10,8 @@ subprojects {
     apply plugin: 'java'
     group = 'org.zaproxy'
 
-    version '1.4.0'
-    ext.versionBC = '1.0.0'
+    version '1.5.0'
+    ext.versionBC = '1.3.0'
 
     repositories {
         mavenLocal()

gradle/wrapper/gradle-wrapper.jar

@@ -2,5 +2,4 @@ distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.0-bin.zip
-distributionSha256Sum=56bd2dde29ba2a93903c557da1745cafd72cdd8b6b0b83c05a40ed7896b79dfe
+distributionUrl=https\://services.gradle.org/distributions/gradle-4.2.1-bin.zip

gradle/wrapper/gradle-wrapper.properties

@@ -2,7 +2,7 @@
  *
  * ZAP is an HTTP/HTTPS proxy for assessing web application security.
  *
- * Copyright 2016 the ZAP development team
+ * Copyright 2017 the ZAP development team
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/Acsrf.java

@@ -2,7 +2,7 @@
  *
  * ZAP is an HTTP/HTTPS proxy for assessing web application security.
  *
- * Copyright 2016 the ZAP development team
+ * Copyright 2017 the ZAP development team
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -56,12 +56,18 @@ public ApiResponse scanProgress(String scanid) throws ClientApiException {
 		return api.callApi("ascan", "view", "scanProgress", map);
 	}
 
+	/**
+	 * Gets the IDs of the messages sent during the scan with the given ID. A message can be obtained with 'message' core view.
+	 */
 	public ApiResponse messagesIds(String scanid) throws ClientApiException {
 		Map<String, String> map = new HashMap<>();
 		map.put("scanId", scanid);
 		return api.callApi("ascan", "view", "messagesIds", map);
 	}
 
+	/**
+	 * Gets the IDs of the alerts raised during the scan with the given ID. An alert can be obtained with 'alert' core view.
+	 */
 	public ApiResponse alertsIds(String scanid) throws ClientApiException {
 		Map<String, String> map = new HashMap<>();
 		map.put("scanId", scanid);
@@ -453,6 +459,15 @@ public ApiResponse updateScanPolicy(String scanpolicyname, String alertthreshold
 		return api.callApi("ascan", "action", "updateScanPolicy", map);
 	}
 
+	/**
+	 * Imports a Scan Policy using the given file system path.
+	 */
+	public ApiResponse importScanPolicy(String path) throws ClientApiException {
+		Map<String, String> map = new HashMap<>();
+		map.put("path", path);
+		return api.callApi("ascan", "action", "importScanPolicy", map);
+	}
+
 	/**
 	 * Adds a new parameter excluded from the scan, using the specified name. Optionally sets if the new entry applies to a specific URL (default, all URLs) and sets the ID of the type of the parameter (default, ID of any type). The type IDs can be obtained with the view excludedParamTypes. 
 	 */
@@ -495,6 +510,16 @@ public ApiResponse removeExcludedParam(String idx) throws ClientApiException {
 		return api.callApi("ascan", "action", "removeExcludedParam", map);
 	}
 
+	/**
+	 * Skips the scanner using the given IDs of the scan and the scanner.
+	 */
+	public ApiResponse skipScanner(String scanid, String scannerid) throws ClientApiException {
+		Map<String, String> map = new HashMap<>();
+		map.put("scanId", scanid);
+		map.put("scannerId", scannerid);
+		return api.callApi("ascan", "action", "skipScanner", map);
+	}
+
 	public ApiResponse setOptionAttackPolicy(String string) throws ClientApiException {
 		Map<String, String> map = new HashMap<>();
 		map.put("String", string);

subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/Ascan.java

@@ -2,7 +2,7 @@
  *
  * ZAP is an HTTP/HTTPS proxy for assessing web application security.
  *
- * Copyright 2016 the ZAP development team
+ * Copyright 2017 the ZAP development team
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/Authentication.java

@@ -2,7 +2,7 @@
  *
  * ZAP is an HTTP/HTTPS proxy for assessing web application security.
  *
- * Copyright 2016 the ZAP development team
+ * Copyright 2017 the ZAP development team
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.

subprojects/zap-clientapi/src/main/java/org/zaproxy/clientapi/gen/Authorization.java

@@ -2,7 +2,7 @@
  *
  * ZAP is an HTTP/HTTPS proxy for assessing web application security.
  *
- * Copyright 2016 the ZAP development team
+ * Copyright 2017 the ZAP development team
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.