corazawaf/coraza v2.0.0

V2 Release

on GitHub

V2 is a major rework of OWASP Coraza.

• Better APIs and linting
• Better plugin support
• Better performance
• Better compatibility
• Better logging

What's Changed

• fix(op): move operator to native utf8.ValidString method by @fzipi in #88
• fix(removewhitespace): move to golang funcs by @fzipi in #92
• fix(removenull): move to golang funcs by @fzipi in #91
• fix(utf8toUnicode): change to golang standard funcs by @fzipi in #90
• fix(lint): fixes golang linter errors by @fzipi in #89
• Add error log support by @jptosso in #93
• Add tx tests by @jptosso in #94
• Bump github.com/antchfx/xmlquery from 1.3.6 to 1.3.7 by @dependabot in #95
• Bump github.com/antchfx/xmlquery from 1.3.7 to 1.3.8 by @dependabot in #96
• Bump github.com/antchfx/jsonquery from 1.1.4 to 1.1.5 by @dependabot in #97
• V2/testing rework by @jptosso in #109
• V2/testing rework by @jptosso in #110
• V2/testing rework by @jptosso in #111
• V2/directive plugins by @jptosso in #120
• V2/fix byteranges by @jptosso in #123
• Rules refactor by @jptosso in #125
• V2/crs tests by @jptosso in #128
• V2/parser rework by @jptosso in #131
• V2/audit rework by @jptosso in #133
• V2/rc1 by @jptosso in #135
• V2/tx syncpool by @jptosso in #136
• build(deps): bump go.uber.org/zap from 1.19.1 to 1.20.0 by @dependabot in #139
• fix for auditlog by @ShiMing-Q in #140
• Fix for some config does not work by @ShiMing-Q in #142
• feat: integrate libinjection-go by @jptosso in #149
• V2/master code specification and remove some useless code by @bxlxx in #157
• V2/rc2 by @jptosso in #158
• fix: chain loop for #159 by @jptosso in #166
• update module name by @bxlxx in #169
• build(deps): bump go.uber.org/zap from 1.20.0 to 1.21.0 by @dependabot in #155
• fix for #176 by @bxlxx in #184
• fix MATCHED VARS issues by @jptosso in #189
• fix for #172 by @bxlxx in #188
• feat(operator): support SecRule "! ^some" as a valid rx negation by @bxlxx in #197
• fix(test): Update go-ftw action with new org by @jptosso in #201
• README: add owasp status, pre-commit and new org by @jptosso in #202
• fix: support array format for parsing json data in the body processor by @bxlxx in #205
• feat: use DirectiveOptions instead of waf.Config to share variables across directives by @bxlxx in #206

New Contributors

• @fzipi
• @ShiMing-Q
• @bxlxx
• @airween

Full Changelog: v1.2.0...v2.0.0