starred/skills-HacktronAI
1
0
Fork 0
mirror of https://github.com/HacktronAI/skills.git synced 2026-04-27 08:45:50 +03:00
Code Issues 1 Projects Releases Packages Wiki Activity

[PR #7] Bump github.com/corazawaf/coraza/v3 from 3.2.1 to 3.3.3 in /environments/vercel-waf-env/waf #7

New issue
Open
opened 2026-03-03 13:49:23 +03:00 by kerem · 0 comments
kerem commented 2026-03-03 13:49:23 +03:00
Owner
Copy link

📋 Pull Request Information

Original PR: https://github.com/HacktronAI/skills/pull/7
Author: @dependabot[bot]
Created: 12/25/2025
Status: 🔄 Open

Base: mainHead: dependabot/go_modules/environments/vercel-waf-env/waf/github.com/corazawaf/coraza/v3-3.3.3

📝 Commits (1)

  • ee5668a Bump github.com/corazawaf/coraza/v3 in /environments/vercel-waf-env/waf

📊 Changes

1 file changed (+14 additions, -2 deletions)

View changed files

📝 environments/vercel-waf-env/waf/go.mod (+14 -2)

📄 Description

Bumps github.com/corazawaf/coraza/v3 from 3.2.1 to 3.3.3.

Release notes

Sourced from github.com/corazawaf/coraza/v3's releases.

v3.3.3

Important

This release has a fix for https://github.com/corazawaf/coraza/security/advisories/GHSA-q9f5-625g-xm39.

Thanks to @​blotus for finding it and providing a proper discloruse AND fix! ❤️

What's Changed

New Contributors

Full Changelog: https://github.com/corazawaf/coraza/compare/v3.3.2...v3.3.3

Version 3.3.2

What's Changed

... (truncated)

Commits
  • 4722c9a Merge commit from fork
  • 8b612f4 chore: points to Go v1.23.0 and some clean ups (#1328)
  • e29a849 chore(deps): update module golang.org/x/net to v0.36.0 [security] (#1327)
  • 117380e fix(deps): update module github.com/mccutchen/go-httpbin/v2 to v2.17.1 in go....
  • 902edfa chore(deps): update github/codeql-action digest to 6bb031a in .github/workflo...
  • fa6558b fix(deps): update go modules in go.mod (#1320)
  • 78946f6 fix(deps): update module golang.org/x/net to v0.36.0 in go.mod (#1318)
  • b9e125f chore(deps): update module golang.org/x/crypto to v0.35.0 [security] (#1319)
  • d7a7194 fix(deps): update all non-major dependencies in go.mod (#1317)
  • 68ab4db chore(deps): update actions/cache digest to d4323d4 in .github/workflows/tiny...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/HacktronAI/skills/pull/7 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 12/25/2025 **Status:** 🔄 Open **Base:** `main` ← **Head:** `dependabot/go_modules/environments/vercel-waf-env/waf/github.com/corazawaf/coraza/v3-3.3.3` --- ### 📝 Commits (1) - [`ee5668a`](https://github.com/HacktronAI/skills/commit/ee5668a8ee835a16121cc14d8777d55fcba20d9b) Bump github.com/corazawaf/coraza/v3 in /environments/vercel-waf-env/waf ### 📊 Changes **1 file changed** (+14 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `environments/vercel-waf-env/waf/go.mod` (+14 -2) </details> ### 📄 Description Bumps [github.com/corazawaf/coraza/v3](https://github.com/corazawaf/coraza) from 3.2.1 to 3.3.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/corazawaf/coraza/releases">github.com/corazawaf/coraza/v3's releases</a>.</em></p> <blockquote> <h2>v3.3.3</h2> <h2>Important</h2> <p>This release has a fix for <a href="https://github.com/corazawaf/coraza/security/advisories/GHSA-q9f5-625g-xm39">https://github.com/corazawaf/coraza/security/advisories/GHSA-q9f5-625g-xm39</a>.</p> <p>Thanks to <a href="https://github.com/blotus"><code>@​blotus</code></a> for finding it and providing a proper discloruse AND fix! :heart:</p> <h2>What's Changed</h2> <ul> <li>fix(deps): update module github.com/corazawaf/coraza/v3 to v3.3.2 in testing/coreruleset/go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1282">corazawaf/coraza#1282</a></li> <li>chore(deps): update github/codeql-action digest to b6a472f in .github/workflows/codeql-analysis.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1284">corazawaf/coraza#1284</a></li> <li>fix(deps): update module github.com/bmatcuk/doublestar/v4 to v4.8.0 in testing/coreruleset/go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1285">corazawaf/coraza#1285</a></li> <li>ci: add wait-for-status check by <a href="https://github.com/fzipi"><code>@​fzipi</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1286">corazawaf/coraza#1286</a></li> <li>chore(deps): update all non-major dependencies in .github/workflows/tinygo.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1289">corazawaf/coraza#1289</a></li> <li>chore(deps): pin poseidon/wait-for-status-checks action to 899c768 in .github/workflows/regression.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1288">corazawaf/coraza#1288</a></li> <li>chore(deps): update github/codeql-action digest to dd196fa in .github/workflows/codeql-analysis.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1293">corazawaf/coraza#1293</a></li> <li>chore(deps): update all non-major dependencies in .github/workflows/regression.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1295">corazawaf/coraza#1295</a></li> <li>fix(ci): ignore codecov tests from wait-for-status-checks by <a href="https://github.com/M4tteoP"><code>@​M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1292">corazawaf/coraza#1292</a></li> <li>feat: add hexDecode transformation by <a href="https://github.com/tty2"><code>@​tty2</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1275">corazawaf/coraza#1275</a></li> <li>chore(deps): update all non-major dependencies in .github/workflows/regression.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1296">corazawaf/coraza#1296</a></li> <li>fix(deps): update module github.com/bmatcuk/doublestar/v4 to v4.8.1 in testing/coreruleset/go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1297">corazawaf/coraza#1297</a></li> <li>fix(deps): update all non-major dependencies in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1298">corazawaf/coraza#1298</a></li> <li>chore(deps): update github/codeql-action digest to dd74661 in .github/workflows/codeql-analysis.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1299">corazawaf/coraza#1299</a></li> <li>fix(deps): update module golang.org/x/sync to v0.11.0 in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1302">corazawaf/coraza#1302</a></li> <li>chore(deps): update github/codeql-action digest to 9e8d078 in .github/workflows/codeql-analysis.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1303">corazawaf/coraza#1303</a></li> <li>fix(deps): update module golang.org/x/net to v0.35.0 in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1306">corazawaf/coraza#1306</a></li> <li>fix(deps): update module github.com/coreruleset/go-ftw to v1.3.0 in testing/coreruleset/go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1308">corazawaf/coraza#1308</a></li> <li>chore(deps): update actions/cache digest to 0c907a7 in .github/workflows/tinygo.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1309">corazawaf/coraza#1309</a></li> <li>chore(deps): update all non-major dependencies in .github/workflows/codeql-analysis.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1312">corazawaf/coraza#1312</a></li> <li>chore: update to golang 1.23.6 by <a href="https://github.com/fzipi"><code>@​fzipi</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1313">corazawaf/coraza#1313</a></li> <li>inspectFile: False-positive match fixed by <a href="https://github.com/vimusov"><code>@​vimusov</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1311">corazawaf/coraza#1311</a></li> <li>chore(deps): update codecov/codecov-action digest to 0565863 in .github/workflows/regression.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1314">corazawaf/coraza#1314</a></li> <li>chore(deps): update actions/cache digest to d4323d4 in .github/workflows/tinygo.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1315">corazawaf/coraza#1315</a></li> <li>fix(deps): update all non-major dependencies in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1317">corazawaf/coraza#1317</a></li> <li>chore(deps): update module golang.org/x/crypto to v0.35.0 [security] by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1319">corazawaf/coraza#1319</a></li> <li>fix(deps): update module golang.org/x/net to v0.36.0 in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1318">corazawaf/coraza#1318</a></li> <li>fix(deps): update go modules in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1320">corazawaf/coraza#1320</a></li> <li>chore(deps): update github/codeql-action digest to 6bb031a in .github/workflows/codeql-analysis.yml by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1323">corazawaf/coraza#1323</a></li> <li>fix(deps): update module github.com/mccutchen/go-httpbin/v2 to v2.17.1 in go.mod by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1324">corazawaf/coraza#1324</a></li> <li>chore(deps): update module golang.org/x/net to v0.36.0 [security] by <a href="https://github.com/renovate"><code>@​renovate</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1327">corazawaf/coraza#1327</a></li> <li>chore: points to Go <code>v1.23.0</code> and some clean ups by <a href="https://github.com/M4tteoP"><code>@​M4tteoP</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1328">corazawaf/coraza#1328</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vimusov"><code>@​vimusov</code></a> made their first contribution in <a href="https://redirect.github.com/corazawaf/coraza/pull/1311">corazawaf/coraza#1311</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/corazawaf/coraza/compare/v3.3.2...v3.3.3">https://github.com/corazawaf/coraza/compare/v3.3.2...v3.3.3</a></p> <h2>Version 3.3.2</h2> <h2>What's Changed</h2> <ul> <li>fix: warn instead of returning error on empty glob result (<a href="https://redirect.github.com/corazawaf/coraza/issues/1280">#1280</a>) by <a href="https://github.com/jcchavezs"><code>@​jcchavezs</code></a> in <a href="https://redirect.github.com/corazawaf/coraza/pull/1281">corazawaf/coraza#1281</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/corazawaf/coraza/commit/4722c9ad0d502abd56b8d6733c6b47eb4111742d"><code>4722c9a</code></a> Merge commit from fork</li> <li><a href="https://github.com/corazawaf/coraza/commit/8b612f4e6e18c606e371110227bc7669dc714cab"><code>8b612f4</code></a> chore: points to Go <code>v1.23.0</code> and some clean ups (<a href="https://redirect.github.com/corazawaf/coraza/issues/1328">#1328</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/e29a849961c1688a7c0700b139262445a098aba3"><code>e29a849</code></a> chore(deps): update module golang.org/x/net to v0.36.0 [security] (<a href="https://redirect.github.com/corazawaf/coraza/issues/1327">#1327</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/117380eab5602692b902e9983b8191a6c0949806"><code>117380e</code></a> fix(deps): update module github.com/mccutchen/go-httpbin/v2 to v2.17.1 in go....</li> <li><a href="https://github.com/corazawaf/coraza/commit/902edfad06039b662973d0907a05da2a33ec5d24"><code>902edfa</code></a> chore(deps): update github/codeql-action digest to 6bb031a in .github/workflo...</li> <li><a href="https://github.com/corazawaf/coraza/commit/fa6558b0b00a281bb71870e7c3f23c22dda9fea6"><code>fa6558b</code></a> fix(deps): update go modules in go.mod (<a href="https://redirect.github.com/corazawaf/coraza/issues/1320">#1320</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/78946f66ddef46a3e51695428a90550f74c52fd2"><code>78946f6</code></a> fix(deps): update module golang.org/x/net to v0.36.0 in go.mod (<a href="https://redirect.github.com/corazawaf/coraza/issues/1318">#1318</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/b9e125f6882e1b003cdac9b92b25a565e28e9348"><code>b9e125f</code></a> chore(deps): update module golang.org/x/crypto to v0.35.0 [security] (<a href="https://redirect.github.com/corazawaf/coraza/issues/1319">#1319</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/d7a7194b83b9bddcbffc3c5e99c8814357eee421"><code>d7a7194</code></a> fix(deps): update all non-major dependencies in go.mod (<a href="https://redirect.github.com/corazawaf/coraza/issues/1317">#1317</a>)</li> <li><a href="https://github.com/corazawaf/coraza/commit/68ab4db0f221ae149dbbcbf86deb83d7cd02123b"><code>68ab4db</code></a> chore(deps): update actions/cache digest to d4323d4 in .github/workflows/tiny...</li> <li>Additional commits viewable in <a href="https://github.com/corazawaf/coraza/compare/v3.2.1...v3.3.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/corazawaf/coraza/v3&package-manager=go_modules&previous-version=3.2.1&new-version=3.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/HacktronAI/skills/network/alerts). </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
vercel_waf_env
dependabot/go_modules/environments/vercel-waf-env/waf/github.com/corazawaf/coraza/v3-3.3.3
agent-skills
min-js-helper
rootxharsh-patch-1
fix/usage-patch-diff
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/skills-HacktronAI#7
No description provided.