corazawaf / coraza-caddy

OWASP Coraza middleware for Caddy. It provides Web Application Firewall capabilities
https://www.coraza.io/
Apache License 2.0
355 stars 41 forks source link

fix(deps): update module github.com/corazawaf/coraza/v3 to v3.1.0 #131

Closed renovate[bot] closed 9 months ago

renovate[bot] commented 9 months ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/corazawaf/coraza/v3 v3.0.4 -> v3.1.0 age adoption passing confidence

Release Notes

corazawaf/coraza (github.com/corazawaf/coraza/v3) ### [`v3.1.0`](https://togithub.com/corazawaf/coraza/releases/tag/v3.1.0): Version 3.1.0 [Compare Source](https://togithub.com/corazawaf/coraza/compare/v3.0.4...v3.1.0) This is a new minor version release with emphasis in improving the overall logging experience, fixes for interoperability of the http middleware with other middlewares, better defaults, various fixes and a few new features like the uppercase transformation, the raw body processor (both thanks to [@​blotus](https://togithub.com/blotus)) and a way to pass a context into a transaction to be later retrieved the error log callback. #### What's Changed - chore: improve GetField logic by [@​jptosso](https://togithub.com/jptosso) in [https://github.com/corazawaf/coraza/pull/897](https://togithub.com/corazawaf/coraza/pull/897) - chore: setvar minor fix, tests, added warning when missing variable, deprecates usage of tx.LogData by [@​M4tteoP](https://togithub.com/M4tteoP) in [https://github.com/corazawaf/coraza/pull/892](https://togithub.com/corazawaf/coraza/pull/892) - chore: fixes audit log. by [@​jcchavezs](https://togithub.com/jcchavezs) in [https://github.com/corazawaf/coraza/pull/889](https://togithub.com/corazawaf/coraza/pull/889) - fix `http.Flusher` and `io.ReaderFrom` implementation by [@​romainmenke](https://togithub.com/romainmenke) in [https://github.com/corazawaf/coraza/pull/923](https://togithub.com/corazawaf/coraza/pull/923) - fix: stack overflow in `ReadFrom` by [@​romainmenke](https://togithub.com/romainmenke) in [https://github.com/corazawaf/coraza/pull/925](https://togithub.com/corazawaf/coraza/pull/925) - fix: Disables implicit Cookies url decoding by [@​M4tteoP](https://togithub.com/M4tteoP) in [https://github.com/corazawaf/coraza/pull/928](https://togithub.com/corazawaf/coraza/pull/928) - feat: add uppercase transformation by [@​blotus](https://togithub.com/blotus) in [https://github.com/corazawaf/coraza/pull/935](https://togithub.com/corazawaf/coraza/pull/935) - fix: parse multiple cookies with spaces by [@​fzipi](https://togithub.com/fzipi) in [https://github.com/corazawaf/coraza/pull/943](https://togithub.com/corazawaf/coraza/pull/943) - fix: more forgiving base64 transformation \[custom implementation] by [@​M4tteoP](https://togithub.com/M4tteoP) in [https://github.com/corazawaf/coraza/pull/944](https://togithub.com/corazawaf/coraza/pull/944) - fix: filling variables struct to complete audit info by [@​CArellanoOrbik](https://togithub.com/CArellanoOrbik) in [https://github.com/corazawaf/coraza/pull/968](https://togithub.com/corazawaf/coraza/pull/968) - feat: adds context to transaction. by [@​jcchavezs](https://togithub.com/jcchavezs) in [https://github.com/corazawaf/coraza/pull/963](https://togithub.com/corazawaf/coraza/pull/963) - feat: improves logging. by [@​jcchavezs](https://togithub.com/jcchavezs) in [https://github.com/corazawaf/coraza/pull/971](https://togithub.com/corazawaf/coraza/pull/971) - feat: add raw body processor by [@​blotus](https://togithub.com/blotus) in [https://github.com/corazawaf/coraza/pull/983](https://togithub.com/corazawaf/coraza/pull/983) - chore: updates CRS tests to CRS 4.0.0-rc2 by [@​M4tteoP](https://togithub.com/M4tteoP) in [https://github.com/corazawaf/coraza/pull/899](https://togithub.com/corazawaf/coraza/pull/899) - fix(seclang): merge chained raw rules by [@​jptosso](https://togithub.com/jptosso) in [https://github.com/corazawaf/coraza/pull/985](https://togithub.com/corazawaf/coraza/pull/985) - fix: BodyLimit related documented default values, default RequestBodyLimitAction, adds some tests by [@​M4tteoP](https://togithub.com/M4tteoP) in [https://github.com/corazawaf/coraza/pull/895](https://togithub.com/corazawaf/coraza/pull/895) - chore: Go 1.20 as minimum supported version by [@​jcchavezs](https://togithub.com/jcchavezs) in [https://github.com/corazawaf/coraza/pull/996](https://togithub.com/corazawaf/coraza/pull/996) - chore: upgrades go-ftw to 0.6.4. by [@​jcchavezs](https://togithub.com/jcchavezs) in [https://github.com/corazawaf/coraza/pull/998](https://togithub.com/corazawaf/coraza/pull/998) #### New Contributors (thanks a lot!) - [@​testwill](https://togithub.com/testwill) made their first contribution in [https://github.com/corazawaf/coraza/pull/894](https://togithub.com/corazawaf/coraza/pull/894) - [@​renovate](https://togithub.com/renovate) made their first contribution in [https://github.com/corazawaf/coraza/pull/903](https://togithub.com/corazawaf/coraza/pull/903) - [@​romainmenke](https://togithub.com/romainmenke) made their first contribution in [https://github.com/corazawaf/coraza/pull/923](https://togithub.com/corazawaf/coraza/pull/923) - [@​blotus](https://togithub.com/blotus) made their first contribution in [https://github.com/corazawaf/coraza/pull/935](https://togithub.com/corazawaf/coraza/pull/935) - [@​CArellanoOrbik](https://togithub.com/CArellanoOrbik) made their first contribution in [https://github.com/corazawaf/coraza/pull/968](https://togithub.com/corazawaf/coraza/pull/968) **Full Changelog**: https://github.com/corazawaf/coraza/compare/v3.0.4...v3.1.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] commented 9 months ago

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

sonarcloud[bot] commented 9 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud