@saucelabs/zap
Advanced tools
The NodeJS implementation to access the OWASP ZAP API in Sauce Labs. This is a "Labs" project and for experimental use only.
npm install @saucelabs/zap
Sauce Labs provides OWASP Zap instances in the cloud for you to use. You only need to authenticate with your Sauce account to access the API. Currently only the australia-southeast1 region is supported.
import SauceZAP from '@saucelabs/zap'
;(async () => {
const zaproxy = new SauceZAP({
user: process.env.SAUCE_USERNAME,
key: process.env.SAUCE_ACCESS_KEY,
region: 'apac' // only supported region so far
});
/**
* initiate cloud session (no other command will be accessible before)
*/
await zaproxy.session.newSession({ commandTimeout: 1000 * 60 })
/**
* run ZAP commands
*/
const { scan } = await zaproxy.spider.scan({ url: 'https://saucedemo.com' })
// ...
/**
* delete session
*/
await zaproxy.session.deleteSession()
})().catch(console.error)
Note: you can find a complete example in /examples/spider.ts
If you already have a session running and you want to attach to it, you can do that by passing in the desired session id, e.g.:
const zaproxy = new SauceZAP({
user: process.env.SAUCE_USERNAME,
key: process.env.SAUCE_ACCESS_KEY,
region: 'apac',
sessionId: 'a71199b9-6016-4abd-a582-5b14f965a413'
});
/**
* no `newSession` call needed, you can immeditially run commands
*/
const { scan } = await zaproxy.spider.scan({ url: 'https://saucedemo.com' })
For a full API list, see https://www.zaproxy.org/docs/api. The Node API methods have the same signature as the API documentation.
For help using the OWASP ZAP API refer to:
For specific help with this Node API, contact @christian-bromann (the maintainer).
To report issues related to the OWASP ZAP Node API, bugs and enhancements requests, use the issue tracker of the main OWASP ZAP project.
FAQs
OWASP ZapProxy bindings for Node.js
The npm package @saucelabs/zap receives a total of 2 weekly downloads. As such, @saucelabs/zap popularity was classified as not popular.
We found that @saucelabs/zap demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 32 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Newly introduced telemetry in devenv 1.4 sparked a backlash over privacy concerns, leading to the removal of its AI-powered feature after strong community pushback.
Security News
TC39 met in Seattle and advanced 9 JavaScript proposals, including three to Stage 4, introducing new features and enhancements for a future ECMAScript release.
Security News
Deno 2.2 enhances Node.js compatibility, improves dependency management, adds OpenTelemetry support, and expands linting and task automation for developers.