Thanks for answering. I was pretty sure I was missing something.
Yes, I'm using the packaged scans (with zap-baseline.py). Something like
10063-1 WARN (Permissions Policy Header Not Set)
is not supported as they are expected to be ints on the python scripts:
Traceback (most recent call last):
File "/zap//zap-baseline.py", line 655, in <module>
main(sys.argv[1:])
File "/zap//zap-baseline.py", line 380, in main
jobs.append(get_af_output_summary(('Short', 'Long')[detailed_output], summary_file, config_dict, config_msg))
File "/zap/zap_common.py", line 668, in get_af_output_summary
rules.append({'id': int(id), 'action': action, 'customMessage': config_msg[id]})
ValueError: invalid literal for int() with base 10: '10063-1'
If I try with ./zap.sh -cmd -autorun config.yaml having
- action: WARN
customMessage: ''
id: 10063-1
- action: IGNORE
customMessage: ''
id: 10063-2
I get a similar error as those are expected to be ints:
Unexpected error accessing file /zap/wrk/zap.yaml : class java.lang.String cannot be cast to class java.lang.Integer (java.lang.String and java.lang.Integer are in module java.base of loader 'bootstrap') - see log for details