Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update module github.com/corazawaf/coraza/v3 to v3.3.0 in testing/coreruleset/go.mod #1268

Merged
merged 1 commit into from
Jan 4, 2025
Merged

fix(deps): update module github.com/corazawaf/coraza/v3 to v3.3.0 in testing/coreruleset/go.mod #1268

merged 1 commit into from
Jan 4, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 4, 2025

This PR contains the following updates:

Package Type Update Change OpenSSF
github.com/corazawaf/coraza/v3 require minor v3.2.2 -> v3.3.0 OpenSSF Scorecard

Release Notes

corazawaf/coraza (github.com/corazawaf/coraza/v3)

v3.3.0

Compare Source

Another year, another version 🎉 !

Version 3.3.0 comes with some nice new features, extended compatibility with ModSecurity SecLang, and some quick performance improvements.

The minimum required Go version is 1.22.

New features:

Fixes:

  • Fixed incorrect parsing of regex in SecRule with multiple ARGS specifiers by @​geekeryy. Reference: #​1087
  • Fixed default deny action status code to 403 by @​M4tteoP. Reference: #​1097
  • Fixed setvar action to allow values to start with - or + by @​soujanyanmbri. Reference: #​1125
  • Fixed macro parsing to handle additional border cases by @​fzipi. Reference: #​1180
  • Fixed default redirect action status code by @​fzipi. Reference: #​1183
  • Improved noisy warn level debug logging when the body limit action is ProcessPartial. Reference: #​1187
  • Added empty glob error when no files match by @​gantony as we don't want to accidentally miss rules to be loaded because an incorrect glob. Reference: #​1259
  • Go version was pinned to 1.22.0 as coraza is a library and we should not target patch versions. Reference: #​1246

Performance improvements

What's Changed

New Contributors

Full Changelog: v3.2.1...v3.3.0

Configuration

📅 Schedule: Branch creation - "* 0-3 * * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner January 4, 2025 02:18
@renovate renovate bot added dependencies Pull requests that update a dependency file go minor labels Jan 4, 2025
@renovate renovate bot enabled auto-merge (squash) January 4, 2025 02:18
@renovate renovate bot merged commit 8c7df30 into main Jan 4, 2025
@renovate renovate bot deleted the renovate/all-minor-patch branch January 4, 2025 02:18
@codecov Codecov
Copy link

codecov bot commented Jan 4, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.69%. Comparing base (44c991b) to head (1cf8a65).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #1268   +/-   ##
=======================================
  Coverage   81.69%   81.69%           
=======================================
  Files         169      169           
  Lines        9770     9770           
=======================================
  Hits         7982     7982           
  Misses       1537     1537           
  Partials      251      251
Flag Coverage Δ
coraza.rule.case_sensitive_args_keys 81.65% <ø> (ø)
coraza.rule.multiphase_valuation 81.69% <ø> (ø)
coraza.rule.no_regex_multiline 81.63% <ø> (ø)
default 81.69% <ø> (ø)
examples+ 16.54% <ø> (ø)
examples+coraza.rule.case_sensitive_args_keys 81.65% <ø> (ø)
examples+coraza.rule.multiphase_valuation 81.53% <ø> (ø)
examples+coraza.rule.no_regex_multiline 81.55% <ø> (ø)
examples+memoize_builders 81.65% <ø> (ø)
examples+no_fs_access 80.98% <ø> (ø)
ftw 81.69% <ø> (ø)
memoize_builders 81.79% <ø> (ø)
no_fs_access 81.14% <ø> (ø)
tinygo 81.66% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@renovate-approve renovate-approve[bot] renovate-approve[bot] approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go minor
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants