api #54

New issue

Closed

opened 2026-03-02 02:59:39 +03:00 by kerem · 0 comments

kerem commented

2026-03-02 02:59:39 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/bunkerity/bunkerweb-plugins/pull/50
Author: @dependabot[bot]
Created: 2/12/2024
Status: ✅ Merged
Merged: 2/20/2024
Merged by: @TheophileDiot

Base: dev ← Head: dependabot/go_modules/coraza/api/dev/github.com/corazawaf/coraza/v3-3.1.0

📝 Commits (1)

32f0084 deps/coraza/api: bump github.com/corazawaf/coraza/v3 in /coraza/api

📊 Changes

1 file changed (+4 additions, -4 deletions)

View changed files

📝 coraza/api/go.mod (+4 -4)

📄 Description

Bumps github.com/corazawaf/coraza/v3 from 3.0.4 to 3.1.0.

Release notes

Sourced from github.com/corazawaf/coraza/v3's releases.

Version 3.1.0

This is a new minor version release with emphasis in improving the overall logging experience, fixes for interoperability of the http middleware with other middlewares, better defaults, various fixes and a few new features like the uppercase transformation, the raw body processor (both thanks to @blotus) and a way to pass a context into a transaction to be later retrieved the error log callback.

What's Changed

chore: improve GetField logic by @jptosso in corazawaf/coraza#897

chore: setvar minor fix, tests, added warning when missing variable, deprecates usage of tx.LogData by @M4tteoP in corazawaf/coraza#892

chore: fixes audit log. by @jcchavezs in corazawaf/coraza#889

fix http.Flusher and io.ReaderFrom implementation by @romainmenke in corazawaf/coraza#923

fix: stack overflow in ReadFrom by @romainmenke in corazawaf/coraza#925

fix: Disables implicit Cookies url decoding by @M4tteoP in corazawaf/coraza#928

feat: add uppercase transformation by @blotus in corazawaf/coraza#935

fix: parse multiple cookies with spaces by @fzipi in corazawaf/coraza#943

fix: more forgiving base64 transformation [custom implementation] by @M4tteoP in corazawaf/coraza#944

fix: filling variables struct to complete audit info by @CArellanoOrbik in corazawaf/coraza#968

feat: adds context to transaction. by @jcchavezs in corazawaf/coraza#963

feat: improves logging. by @jcchavezs in corazawaf/coraza#971

feat: add raw body processor by @blotus in corazawaf/coraza#983

chore: updates CRS tests to CRS 4.0.0-rc2 by @M4tteoP in corazawaf/coraza#899

fix(seclang): merge chained raw rules by @jptosso in corazawaf/coraza#985

fix: BodyLimit related documented default values, default RequestBodyLimitAction, adds some tests by @M4tteoP in corazawaf/coraza#895

chore: Go 1.20 as minimum supported version by @jcchavezs in corazawaf/coraza#996

chore: upgrades go-ftw to 0.6.4. by @jcchavezs in corazawaf/coraza#998

New Contributors (thanks a lot!)

@testwill made their first contribution in corazawaf/coraza#894

@renovate made their first contribution in corazawaf/coraza#903

@romainmenke made their first contribution in corazawaf/coraza#923

@blotus made their first contribution in corazawaf/coraza#935

@CArellanoOrbik made their first contribution in corazawaf/coraza#968

Full Changelog: https://github.com/corazawaf/coraza/compare/v3.0.4...v3.1.0

Commits

bb55b68 chore: upgrades go-ftw to 0.6.4. (#998)
350972b chore: sets floor to 1.20. (#996)
00ff3b9 chore: remove .github/dependabot.yml (#995)
a2c990c fix(deps): update module github.com/foxcpp/go-mockdns to v1.1.0 (#992)
1e2c01e fix(deps): update module github.com/coreruleset/go-ftw to v0.6.3 (#908)
190665b chore: adds header. (#993)
3c15624 fix: BodyLimit related documented default values, default RequestBodyLimitAct...
acd2040 fix(seclang): merge chained raw rules (#985)
8993363 chore: updates CRS tests to CRS 4.0.0-rc2 (#899)
f2579b9 Add raw body processor (#983)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/bunkerity/bunkerweb-plugins/pull/50 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 2/12/2024 **Status:** ✅ Merged **Merged:** 2/20/2024 **Merged by:** [@TheophileDiot](https://github.com/TheophileDiot) **Base:** `dev` ← **Head:** `dependabot/go_modules/coraza/api/dev/github.com/corazawaf/coraza/v3-3.1.0` --- ### 📝 Commits (1) - [`32f0084`](https://github.com/bunkerity/bunkerweb-plugins/commit/32f0084e80ea567e3f574a5239f89de5dc306d9a) deps/coraza/api: bump github.com/corazawaf/coraza/v3 in /coraza/api ### 📊 Changes **1 file changed** (+4 additions, -4 deletions) <details> <summary>View changed files</summary> 📝 `coraza/api/go.mod` (+4 -4) </details> ### 📄 Description Bumps [github.com/corazawaf/coraza/v3](https://github.com/corazawaf/coraza) from 3.0.4 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/corazawaf/coraza/releases">github.com/corazawaf/coraza/v3's releases</a>.</em></p> <blockquote> <h2>Version 3.1.0</h2> <p>This is a new minor version release with emphasis in improving the overall logging experience, fixes for interoperability of the http middleware with other middlewares, better defaults, various fixes and a few new features like the uppercase transformation, the raw body processor (both thanks to <a href="https://github.com/blotus"><code>@blotus</code></a>) and a way to pass a context into a transaction to be later retrieved the error log callback.</p> <h2>What's Changed</h2> <ul> <li>chore: improve GetField logic by <a href="https://github.com/jptosso"><code>@jptosso</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/897">corazawaf/coraza#897</a></li> <li>chore: setvar minor fix, tests, added warning when missing variable, deprecates usage of tx.LogData by <a href="https://github.com/M4tteoP"><code>@M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/892">corazawaf/coraza#892</a></li> <li>chore: fixes audit log. by <a href="https://github.com/jcchavezs"><code>@jcchavezs</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/889">corazawaf/coraza#889</a></li> <li>fix <code>http.Flusher</code> and <code>io.ReaderFrom</code> implementation by <a href="https://github.com/romainmenke"><code>@romainmenke</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/923">corazawaf/coraza#923</a></li> <li>fix: stack overflow in <code>ReadFrom</code> by <a href="https://github.com/romainmenke"><code>@romainmenke</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/925">corazawaf/coraza#925</a></li> <li>fix: Disables implicit Cookies url decoding by <a href="https://github.com/M4tteoP"><code>@M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/928">corazawaf/coraza#928</a></li> <li>feat: add uppercase transformation by <a href="https://github.com/blotus"><code>@blotus</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/935">corazawaf/coraza#935</a></li> <li>fix: parse multiple cookies with spaces by <a href="https://github.com/fzipi"><code>@fzipi</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/943">corazawaf/coraza#943</a></li> <li>fix: more forgiving base64 transformation [custom implementation] by <a href="https://github.com/M4tteoP"><code>@M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/944">corazawaf/coraza#944</a></li> <li>fix: filling variables struct to complete audit info by <a href="https://github.com/CArellanoOrbik"><code>@CArellanoOrbik</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/968">corazawaf/coraza#968</a></li> <li>feat: adds context to transaction. by <a href="https://github.com/jcchavezs"><code>@jcchavezs</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/963">corazawaf/coraza#963</a></li> <li>feat: improves logging. by <a href="https://github.com/jcchavezs"><code>@jcchavezs</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/971">corazawaf/coraza#971</a></li> <li>feat: add raw body processor by <a href="https://github.com/blotus"><code>@blotus</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/983">corazawaf/coraza#983</a></li> <li>chore: updates CRS tests to CRS 4.0.0-rc2 by <a href="https://github.com/M4tteoP"><code>@M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/899">corazawaf/coraza#899</a></li> <li>fix(seclang): merge chained raw rules by <a href="https://github.com/jptosso"><code>@jptosso</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/985">corazawaf/coraza#985</a></li> <li>fix: BodyLimit related documented default values, default RequestBodyLimitAction, adds some tests by <a href="https://github.com/M4tteoP"><code>@M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/895">corazawaf/coraza#895</a></li> <li>chore: Go 1.20 as minimum supported version by <a href="https://github.com/jcchavezs"><code>@jcchavezs</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/996">corazawaf/coraza#996</a></li> <li>chore: upgrades go-ftw to 0.6.4. by <a href="https://github.com/jcchavezs"><code>@jcchavezs</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/998">corazawaf/coraza#998</a></li> </ul> <h2>New Contributors (thanks a lot!)</h2> <ul> <li><a href="https://github.com/testwill"><code>@testwill</code></a> made their first contribution in <a href="https://redirect.github.com/corazawaf/coraza/pull/894">corazawaf/coraza#894</a></li> <li><a href="https://github.com/renovate"><code>@renovate</code></a> made their first contribution in <a href="https://redirect.github.com/corazawaf/coraza/pull/903">corazawaf/coraza#903</a></li> <li><a href="https://github.com/romainmenke"><code>@romainmenke</code></a> made their first contribution in <a href="https://redirect.github.com/corazawaf/coraza/pull/923">corazawaf/coraza#923</a></li> <li><a href="https://github.com/blotus"><code>@blotus</code></a> made their first contribution in <a href="https://redirect.github.com/corazawaf/coraza/pull/935">corazawaf/coraza#935</a></li> <li><a href="https://github.com/CArellanoOrbik"><code>@CArellanoOrbik</code></a> made their first contribution in <a href="https://redirect.github.com/corazawaf/coraza/pull/968">corazawaf/coraza#968</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corazawaf/coraza/compare/v3.0.4...v3.1.0">https://github.com/corazawaf/coraza/compare/v3.0.4...v3.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/corazawaf/coraza/commit/bb55b68dede1db71c54b08102e126e89d0299478"><code>bb55b68</code></a> chore: upgrades go-ftw to 0.6.4. (<a href="https://redirect.github.com/corazawaf/coraza/issues/998">#998</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/350972b173486e9b8665faf1f2189a57fb613889"><code>350972b</code></a> chore: sets floor to 1.20. (<a href="https://redirect.github.com/corazawaf/coraza/issues/996">#996</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/00ff3b9b00da8c25a1cdbf14ac6c6d6507c44929"><code>00ff3b9</code></a> chore: remove .github/dependabot.yml (<a href="https://redirect.github.com/corazawaf/coraza/issues/995">#995</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/a2c990cd56bfcded6d4f40629f1e4534ff40ba73"><code>a2c990c</code></a> fix(deps): update module github.com/foxcpp/go-mockdns to v1.1.0 (<a href="https://redirect.github.com/corazawaf/coraza/issues/992">#992</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/1e2c01e8d4fa54851d1ba9df14832ecd894f0d53"><code>1e2c01e</code></a> fix(deps): update module github.com/coreruleset/go-ftw to v0.6.3 (<a href="https://redirect.github.com/corazawaf/coraza/issues/908">#908</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/190665b9b0d1c5c1c81bb009045e04b7f79d839b"><code>190665b</code></a> chore: adds header. (<a href="https://redirect.github.com/corazawaf/coraza/issues/993">#993</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/3c15624acc2f28e8ab879a71aae01c9af9476146"><code>3c15624</code></a> fix: BodyLimit related documented default values, default RequestBodyLimitAct...</li> <li><a href="https://github.com/corazawaf/coraza/commit/acd2040d9d0bc7a263d95fbd92e4d52b60328ef2"><code>acd2040</code></a> fix(seclang): merge chained raw rules (<a href="https://redirect.github.com/corazawaf/coraza/issues/985">#985</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/8993363d10e261d766d8c14d95550b25a69b11c2"><code>8993363</code></a> chore: updates CRS tests to CRS 4.0.0-rc2 (<a href="https://redirect.github.com/corazawaf/coraza/issues/899">#899</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/f2579b9805f4b511c4e2d4a766c3185eb06d1784"><code>f2579b9</code></a> Add raw body processor (<a href="https://redirect.github.com/corazawaf/coraza/issues/983">#983</a>)</li> <li>Additional commits viewable in <a href="https://github.com/corazawaf/coraza/compare/v3.0.4...v3.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/corazawaf/coraza/v3&package-manager=go_modules&previous-version=3.0.4&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>