Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

appsec: do not attempt to deduplicate native modsec rules #3347

Merged
merged 14 commits into from
Jan 27, 2025
Merged

appsec: do not attempt to deduplicate native modsec rules #3347

merged 14 commits into from
Jan 27, 2025

Conversation

buixor
Copy link
Contributor

@buixor buixor commented Nov 27, 2024
edited by blotus
Loading

Do not attempt to dedup modsec native rules as they might have no IDs. Doing this can mess up stuff (see #3343 and #3350 )

@github-actions GitHub Actions
Copy link

@buixor: There are no 'kind' label on this PR. You need a 'kind' label to generate the release automatically.

  • /kind feature
  • /kind enhancement
  • /kind refactoring
  • /kind fix
  • /kind chore
  • /kind dependencies
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

@github-actions GitHub Actions
Copy link

@buixor: There are no area labels on this PR. You can add as many areas as you see fit.

  • /area agent
  • /area local-api
  • /area cscli
  • /area appsec
  • /area security
  • /area configuration
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

@buixor
Copy link
Contributor Author

buixor commented Nov 27, 2024

/area agent
/kind fix

@codecov Codecov
Copy link

codecov bot commented Nov 27, 2024
edited
Loading

Codecov Report

Attention: Patch coverage is 84.61538% with 2 lines in your changes missing coverage. Please review.

Project coverage is 59.31%. Comparing base (4935dc5) to head (41177a3).
Report is 3 commits behind head on master.

Files with missing lines Patch % Lines
pkg/appsec/appsec_rules_collection.go 0.00% 2 Missing ⚠️
Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #3347   +/-   ##
=======================================
  Coverage   59.30%   59.31%           
=======================================
  Files         358      358           
  Lines       38433    38428    -5     
=======================================
- Hits        22794    22793    -1     
+ Misses      13744    13739    -5     
- Partials     1895     1896    +1
Flag Coverage Δ
bats 42.24% <0.00%> (+0.04%) ⬆️
unit-linux 33.22% <84.61%> (+0.02%) ⬆️
unit-windows 28.49% <84.61%> (+<0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@buixor buixor changed the title fix #3343 fix #3343 + #3350 Nov 29, 2024
@buixor buixor added this to the 1.6.5 milestone Dec 18, 2024
@blotus blotus changed the title fix #3343 + #3350 appsec: do not attempt to deduplicate native modsec rules Jan 10, 2025
sabban
sabban approved these changes Jan 23, 2025
View reviewed changes
Copy link
Contributor

@sabban sabban left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

pkg/acquisition/modules/appsec/appsec_runner.go Show resolved Hide resolved
This was linked to issues Jan 23, 2025
invalid memory address on SecRuleUpdateTargetById #3390
Closed
False positive "unknown directive" and crash #3389
Closed
This was linked to issues Jan 23, 2025
Appsec rule deduplication breaks multilines seclang rules #3343
Closed
[AppSec] - SecLang rule behaving different in 1.6.4 #3350
Closed
@buixor buixor merged commit fdd3737 into master Jan 27, 2025
17 checks passed
@buixor buixor deleted the fix_3343 branch January 27, 2025 09:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@LaurenceJJones LaurenceJJones LaurenceJJones approved these changes

@sabban sabban sabban approved these changes

Assignees

@blotus blotus

Labels
area/agent kind/fix
Projects
None yet
Milestone
1.6.5
4 participants
@buixor @sabban @LaurenceJJones @blotus