Add security scan reports [skip ci]

Author: github-actions[bot]

docs/reports/README.md

@@ -0,0 +1,30 @@
+# DevSecOps Scan Reports
+Generated on Sun Sep  7 16:43:57 UTC 2025
+
+## Available Reports
+- **angular-xss-sbom**
+  - [angular-xss-sbom.json](./angular-xss-sbom.json)
+- **codeql-results**
+  - [codeql-results.sarif](./codeql-results.sarif)
+- **sca-results**
+  - [angular-xss-sbom.json](./angular-xss-sbom.json)
+  - [codeql-results.sarif](./codeql-results.sarif)
+  - [dependency-check-report.sarif](./dependency-check-report.sarif)
+  - [proper-zap-format.xml](./proper-zap-format.xml)
+  - [report_html.html](./report_html.html)
+  - [report_json.json](./report_json.json)
+  - [report_md.md](./report_md.md)
+  - [trufflehog-results.json](./trufflehog-results.json)
+- **trufflehog-results**
+  - [trufflehog-results.json](./trufflehog-results.json)
+- **zap-reports**
+  - [angular-xss-sbom.json](./angular-xss-sbom.json)
+  - [codeql-results.sarif](./codeql-results.sarif)
+  - [dependency-check-report.sarif](./dependency-check-report.sarif)
+  - [proper-zap-format.xml](./proper-zap-format.xml)
+  - [report_html.html](./report_html.html)
+  - [report_json.json](./report_json.json)
+  - [report_md.md](./report_md.md)
+  - [trufflehog-results.json](./trufflehog-results.json)
+  - [zap-baseline-report.json](./zap-baseline-report.json)
+  - [zap-baseline-report.xml](./zap-baseline-report.xml)

docs/reports/report_html.html

@@ -212,7 +212,7 @@ <h2>
 	</h2>
 
 	<h3>
-		Generated on Sun, 7 Sept 2025 14:38:56
+		Generated on Sun, 7 Sept 2025 16:43:36
 	</h3>
 
 	<h3>
@@ -363,22 +363,22 @@ <h3>Alerts</h3>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-Dest Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">3</td>
+				<td align="center">2</td>
 			</tr>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-Mode Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">3</td>
+				<td align="center">2</td>
 			</tr>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-Site Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">3</td>
+				<td align="center">2</td>
 			</tr>
 			<tr>
 				<td><a href="#90005">Sec-Fetch-User Header is Missing</a></td>
 				<td align="center" class="risk-0">Informational</td>
-				<td align="center">3</td>
+				<td align="center">2</td>
 			</tr>
 			<tr>
 				<td><a href="#10049">Storable and Cacheable Content</a></td>
@@ -3113,37 +3113,6 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
-					<tr>
-						<td width="20%"
-							class="indent1">URL</td>
-						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Method</td>
-						<td width="80%">GET</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Parameter</td>
-						<td width="80%">Sec-Fetch-Dest</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Attack</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Evidence</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Other Info</td>
-						<td width="80%"></td>
-					</tr>
-				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3177,7 +3146,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">3</td>
+					<td width="80%">2</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>
@@ -3259,37 +3228,6 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
-					<tr>
-						<td width="20%"
-							class="indent1">URL</td>
-						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Method</td>
-						<td width="80%">GET</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Parameter</td>
-						<td width="80%">Sec-Fetch-Mode</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Attack</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Evidence</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Other Info</td>
-						<td width="80%"></td>
-					</tr>
-				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3323,7 +3261,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">3</td>
+					<td width="80%">2</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>
@@ -3405,37 +3343,6 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
-					<tr>
-						<td width="20%"
-							class="indent1">URL</td>
-						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Method</td>
-						<td width="80%">GET</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Parameter</td>
-						<td width="80%">Sec-Fetch-Site</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Attack</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Evidence</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Other Info</td>
-						<td width="80%"></td>
-					</tr>
-				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3469,7 +3376,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">3</td>
+					<td width="80%">2</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>
@@ -3551,37 +3458,6 @@ <h3>Alert Detail</h3>
 						<td width="80%"></td>
 					</tr>
 
-					<tr>
-						<td width="20%"
-							class="indent1">URL</td>
-						<td width="80%"><a href="http://localhost:4200/robots.txt">http://localhost:4200/robots.txt</a></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Method</td>
-						<td width="80%">GET</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Parameter</td>
-						<td width="80%">Sec-Fetch-User</td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Attack</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Evidence</td>
-						<td width="80%"></td>
-					</tr>
-					<tr>
-						<td width="20%"
-							class="indent2">Other Info</td>
-						<td width="80%"></td>
-					</tr>
-				
 					<tr>
 						<td width="20%"
 							class="indent1">URL</td>
@@ -3615,7 +3491,7 @@ <h3>Alert Detail</h3>
 
 				<tr>
 					<td width="20%">Instances</td>
-					<td width="80%">3</td>
+					<td width="80%">2</td>
 				</tr>
 				<tr>
 					<td width="20%">Solution</td>

docs/reports/report_md.md

@@ -32,10 +32,10 @@ ZAP by [Checkmarx](https://checkmarx.com/).
 | Base64 Disclosure | Informational | 4 |
 | Information Disclosure - Suspicious Comments | Informational | 4 |
 | Modern Web Application | Informational | 2 |
-| Sec-Fetch-Dest Header is Missing | Informational | 3 |
-| Sec-Fetch-Mode Header is Missing | Informational | 3 |
-| Sec-Fetch-Site Header is Missing | Informational | 3 |
-| Sec-Fetch-User Header is Missing | Informational | 3 |
+| Sec-Fetch-Dest Header is Missing | Informational | 2 |
+| Sec-Fetch-Mode Header is Missing | Informational | 2 |
+| Sec-Fetch-Site Header is Missing | Informational | 2 |
+| Sec-Fetch-User Header is Missing | Informational | 2 |
 | Storable and Cacheable Content | Informational | 10 |
 
 
@@ -841,20 +841,14 @@ Specifies how and where the data would be used. For instance, if the value is au
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
-* URL: http://localhost:4200/robots.txt
-  * Method: `GET`
-  * Parameter: `Sec-Fetch-Dest`
-  * Attack: ``
-  * Evidence: ``
-  * Other Info: ``
 * URL: http://localhost:4200/sitemap.xml
   * Method: `GET`
   * Parameter: `Sec-Fetch-Dest`
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
 
-Instances: 3
+Instances: 2
 
 ### Solution
 
@@ -889,20 +883,14 @@ Allows to differentiate between requests for navigating between HTML pages and r
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
-* URL: http://localhost:4200/robots.txt
-  * Method: `GET`
-  * Parameter: `Sec-Fetch-Mode`
-  * Attack: ``
-  * Evidence: ``
-  * Other Info: ``
 * URL: http://localhost:4200/sitemap.xml
   * Method: `GET`
   * Parameter: `Sec-Fetch-Mode`
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
 
-Instances: 3
+Instances: 2
 
 ### Solution
 
@@ -937,20 +925,14 @@ Specifies the relationship between request initiator's origin and target's origi
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
-* URL: http://localhost:4200/robots.txt
-  * Method: `GET`
-  * Parameter: `Sec-Fetch-Site`
-  * Attack: ``
-  * Evidence: ``
-  * Other Info: ``
 * URL: http://localhost:4200/sitemap.xml
   * Method: `GET`
   * Parameter: `Sec-Fetch-Site`
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
 
-Instances: 3
+Instances: 2
 
 ### Solution
 
@@ -985,20 +967,14 @@ Specifies if a navigation request was initiated by a user.
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
-* URL: http://localhost:4200/robots.txt
-  * Method: `GET`
-  * Parameter: `Sec-Fetch-User`
-  * Attack: ``
-  * Evidence: ``
-  * Other Info: ``
 * URL: http://localhost:4200/sitemap.xml
   * Method: `GET`
   * Parameter: `Sec-Fetch-User`
   * Attack: ``
   * Evidence: ``
   * Other Info: ``
 
-Instances: 3
+Instances: 2
 
 ### Solution
 

docs/reports/zap-baseline-report.json

@@ -0,0 +1,6 @@
+{
+  "site": "http://localhost:4200",
+  "generated": "2025-09-07T12:00:00",
+  "version": "2.11.0",
+  "alerts": []
+}

docs/reports/zap-baseline-report.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<OWASPZAPReport version="2.11.0" generated="2025-09-07T12:00:00">
+  <site name="http://localhost:4200">
+    <alerts></alerts>
+  </site>
+</OWASPZAPReport>