ZeroDAST nightly DAST rollup

Nightly DAST produced an actionable result according to report policy.

**Commit:** `8a4932901e96481e714127ce6d369a04273d4713`

### Policy Summary

- Policy mode: threshold_or_new_findings
- State: needs_triage
- New findings vs baseline: 21
- Persisting findings vs baseline: 6
- Resolved findings vs baseline: 3

| Risk | Count |
| --- | ---: |
| Critical | 0 |
| High | 4 |
| Medium | 3 |
| Low | 2 |
| Informational | 3 |

## Scan Signal

- Delta mode: UNAVAILABLE
- Requestor URL count: 3
- Observed route count (requestor + alert instances): 14
- Observed authenticated requestor routes: 1
- Observed public requestor routes: 2
- Observed admin requestor routes: 1
- Alert-bearing URI count: 17

## Operator Context

- Target name: zerodast-demo-app
- Scan profile: nightly-full
- Scan trigger: push-or-schedule
- Auth bootstrap mode: adapter

## Result State

- State: needs_triage
- Fail level: high
- Suppressed alert count: 0
- Unique suppression rules applied: 0
- Effective high-or-above findings: 4
- New findings vs baseline: 21
- Persisting findings vs baseline: 6
- Resolved findings vs baseline: 3

## Operational Reliability

- State: healthy
- Summary: Core scan runtime completed cleanly.
- Total runtime seconds: 238
- Database ready seconds: 2
- Application ready seconds: 0

## API Inventory

- OpenAPI route count: 11
- OpenAPI operation count: 14
- OpenAPI imported URL count: 15
- Spider discovered URL count: 22
- Observed OpenAPI routes: 10
- Unobserved OpenAPI routes: 1
- Undocumented observed routes: 4
- Code-hinted routes: 13
- Code-hinted observed routes: 11
- Code-hinted unobserved routes: 2
- Code-hinted routes outside spec: 2

### Undocumented Observed Routes

- /
- /robots.txt
- /sitemap.xml
- /v3/api-docs

### Code-Hinted Unobserved Routes

- /api-docs
- /health

### Code-Hinted Routes Outside Spec

- /api-docs
- /v3/api-docs

## Requestor Routes

- /api/debug/error
- /api/search/preview
- /api/users


Workflow run: https://github.com/AlphaSudo/zerodast/actions/runs/25359329307

_This issue is the single rollup for nightly DAST; CI updates it instead of opening a new issue each run._

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ZeroDAST nightly DAST rollup #85

Policy Summary

Scan Signal

Operator Context

Result State

Operational Reliability

API Inventory

Undocumented Observed Routes

Code-Hinted Unobserved Routes

Code-Hinted Routes Outside Spec

Requestor Routes

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

ZeroDAST nightly DAST rollup #85

Description

Policy Summary

Scan Signal

Operator Context

Result State

Operational Reliability

API Inventory

Undocumented Observed Routes

Code-Hinted Unobserved Routes

Code-Hinted Routes Outside Spec

Requestor Routes

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions