libddwaf 1.0.14.1.0.beta2-aarch64-linux → 1.2.1.0.0.beta1-aarch64-linux

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 25f37c81636777916be8148d0dbd82e478fb1f781a0968d54602a5ccd957727d
-  data.tar.gz: 418dee0b177f812a81737b70609362d27c28e519761315344e73b4e57f02a1ac
+  metadata.gz: bfb2432bc222dbfdb31746689817e5daf2db7c33a529820a8ded0cb8562dbdfe
+  data.tar.gz: 0e9107e0a6051237816dd853b5cfd7afa06df2491056fcc4298898b1dfc579c2
 SHA512:
-  metadata.gz: bdc8ed5f2b7d83506f6392061648af98fa2c6d0ca4b85a2b1c718063e6e9b1c4722e23237c45623c61ebe2ece2e466d34567a5899c14440a2f929b41135c8472
-  data.tar.gz: b3c7cef687642257b6ed8a82cf926bc063312cfb0da666cced8c58c5a5615d03751c14c7fa65445922be8de3cf6294a6cd61aef8b833c56a7b58f1d36b42e0df
+  metadata.gz: 21998b8bfc616220ee5a0b7a81565576bb4a8010fd8419cf617b6a9bd643630760f8b04550d66f8d148692770ef89173f1b63d7a9f609e4a8006e9fa59b54f16
+  data.tar.gz: de70ff25315ddd224985021935913d27c054af0eba5c03d6272757a028b9e42745f475198028c4efad5f77a5cb7c67c03ca62c6a9a5cc3605e2f5052089fa529

data/lib/datadog/{security → appsec}/waf/version.rb

@@ -1,9 +1,9 @@
 module Datadog
-  module Security
+  module AppSec
     module WAF
       module VERSION
-        BASE_STRING = '1.0.14'
-        STRING = "#{BASE_STRING}.1.0.beta2"
+        BASE_STRING = '1.2.1'
+        STRING = "#{BASE_STRING}.0.0.beta1"
         MINIMUM_RUBY_VERSION = '2.1'
       end
     end

data/lib/datadog/{security → appsec}/waf.rb

@@ -1,9 +1,9 @@
 require 'ffi'
 require 'json'
-require 'datadog/security/waf/version'
+require 'datadog/appsec/waf/version'
 
 module Datadog
-  module Security
+  module AppSec
     module WAF
       module LibDDWAF
         class Error < StandardError; end
@@ -46,7 +46,7 @@ module Datadog
         end
 
         def self.shared_lib_path
-          File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::Security::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
+          File.join(__dir__, "../../../vendor/libddwaf/libddwaf-#{Datadog::AppSec::WAF::VERSION::BASE_STRING}-#{local_os}-#{local_cpu}/lib/libddwaf#{shared_lib_extname}")
         end
 
         ffi_lib [shared_lib_path]
@@ -73,6 +73,25 @@ module Datadog
                               :ddwaf_obj_map,      1 << 4
 
         typedef :pointer, :charptr
+        typedef :pointer, :charptrptr
+
+        class UInt32Ptr < ::FFI::Struct
+          layout :value, :uint32
+        end
+
+        typedef UInt32Ptr.by_ref, :uint32ptr
+
+        class UInt64Ptr < ::FFI::Struct
+          layout :value, :uint64
+        end
+
+        typedef UInt64Ptr.by_ref, :uint64ptr
+
+        class SizeTPtr < ::FFI::Struct
+          layout :value, :size_t
+        end
+
+        typedef SizeTPtr.by_ref, :sizeptr
 
         class ObjectValueUnion < ::FFI::Union
           layout :stringValue, :charptr,
@@ -91,6 +110,8 @@ module Datadog
 
         typedef Object.by_ref, :ddwaf_object
 
+        ## setters
+
         attach_function :ddwaf_object_invalid, [:ddwaf_object], :ddwaf_object
         attach_function :ddwaf_object_string, [:ddwaf_object, :string], :ddwaf_object
         attach_function :ddwaf_object_stringl, [:ddwaf_object, :charptr, :size_t], :ddwaf_object
@@ -108,6 +129,19 @@ module Datadog
         attach_function :ddwaf_object_map_addl, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
         attach_function :ddwaf_object_map_addl_nc, [:ddwaf_object, :charptr, :size_t, :pointer], :bool
 
+        ## getters
+
+        attach_function :ddwaf_object_type, [:ddwaf_object], DDWAF_OBJ_TYPE
+        attach_function :ddwaf_object_size, [:ddwaf_object], :uint64
+        attach_function :ddwaf_object_length, [:ddwaf_object], :size_t
+        attach_function :ddwaf_object_get_key, [:ddwaf_object, :sizeptr], :charptr
+        attach_function :ddwaf_object_get_string, [:ddwaf_object, :sizeptr], :charptr
+        attach_function :ddwaf_object_get_unsigned, [:ddwaf_object], :uint64
+        attach_function :ddwaf_object_get_signed, [:ddwaf_object], :int64
+        attach_function :ddwaf_object_get_index, [:ddwaf_object, :size_t], :ddwaf_object
+
+        ## freeers
+
         ObjectFree = attach_function :ddwaf_object_free, [:ddwaf_object], :void
         ObjectNoFree = ::FFI::Pointer::NULL
 
@@ -118,16 +152,27 @@ module Datadog
 
         class Config < ::FFI::Struct
           layout :maxArrayLength, :uint64,
-                 :maxMapDepth,    :uint64,
-                 :maxTimeStore,   :uint64
+                 :maxMapDepth,    :uint64
         end
 
         typedef Config.by_ref, :ddwaf_config
 
-        attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config], :ddwaf_handle
+        class RuleSetInfo < ::FFI::Struct
+          layout :loaded, :uint16,
+                 :failed, :uint16,
+                 :errors, Object,
+                 :version, :string
+        end
+
+        typedef RuleSetInfo.by_ref, :ddwaf_ruleset_info
+        RuleSetInfoNone = Datadog::AppSec::WAF::LibDDWAF::RuleSetInfo.new(::FFI::Pointer::NULL)
+
+        attach_function :ddwaf_ruleset_info_free, [:ddwaf_ruleset_info], :void
+
+        attach_function :ddwaf_init, [:ddwaf_rule, :ddwaf_config, :ddwaf_ruleset_info], :ddwaf_handle
         attach_function :ddwaf_destroy, [:ddwaf_handle], :void
 
-        attach_function :ddwaf_required_addresses, [:ddwaf_handle, :pointer], :pointer
+        attach_function :ddwaf_required_addresses, [:ddwaf_handle, :uint32ptr], :charptrptr
 
         # running
 
@@ -138,19 +183,17 @@ module Datadog
         attach_function :ddwaf_context_init, [:ddwaf_handle, :ddwaf_object_free_fn], :ddwaf_context
         attach_function :ddwaf_context_destroy, [:ddwaf_context], :void
 
-        DDWAF_RET_CODE = enum :ddwaf_err_internal,         -4,
-                              :ddwaf_err_invalid_object,   -3,
-                              :ddwaf_err_invalid_argument, -2,
-                              :ddwaf_err_timeout,          -1,
+        DDWAF_RET_CODE = enum :ddwaf_err_internal,         -3,
+                              :ddwaf_err_invalid_object,   -2,
+                              :ddwaf_err_invalid_argument, -1,
                               :ddwaf_good,                  0,
                               :ddwaf_monitor,               1,
                               :ddwaf_block,                 2
 
         class Result < ::FFI::Struct
-          layout :action,           DDWAF_RET_CODE,
+          layout :timeout,          :bool,
                  :data,             :string,
-                 :perfData,         :string,
-                 :perfTotalRuntime, :uint32 # in us
+                 :total_runtime,    :uint64
         end
 
         typedef Result.by_ref, :ddwaf_result
@@ -253,13 +296,7 @@ module Datadog
 
           obj
         else
-          obj = LibDDWAF::Object.new
-          res = LibDDWAF.ddwaf_object_invalid(obj)
-          if res.null?
-            fail LibDDWAF::Error, "Could not convert into object: #{val}"
-          end
-
-          obj
+          ruby_to_object(''.freeze)
         end
       end
 
@@ -281,8 +318,8 @@ module Datadog
           end
         when :ddwaf_obj_map
           (0...obj[:nbEntries]).each.with_object({}) do |i, h|
-            ptr = obj[:valueUnion][:array] + i * Datadog::Security::WAF::LibDDWAF::Object.size
-            o = Datadog::Security::WAF::LibDDWAF::Object.new(ptr)
+            ptr = obj[:valueUnion][:array] + i * Datadog::AppSec::WAF::LibDDWAF::Object.size
+            o = Datadog::AppSec::WAF::LibDDWAF::Object.new(ptr)
             l = o[:parameterNameLength]
             k = o[:parameterName].read_bytes(l)
             v = object_to_ruby(LibDDWAF::Object.new(ptr))
@@ -293,10 +330,10 @@ module Datadog
 
       def self.logger=(logger)
         @log_cb = proc do |level, func, file, line, message, len|
-          logger.debug { { level: level, func: func, file: file, message: message.read_bytes(len) }.inspect }
+          logger.debug { { level: level, func: func, file: file, line: line, message: message.read_bytes(len) }.inspect }
         end
 
-        Datadog::Security::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
+        Datadog::AppSec::WAF::LibDDWAF.ddwaf_set_log_cb(@log_cb, :ddwaf_log_trace)
       end
 
       class Handle
@@ -304,50 +341,51 @@ module Datadog
 
         DEFAULT_MAX_ARRAY_LENGTH = 0
         DEFAULT_MAX_MAP_DEPTH = 0
-        DEFAULT_MAX_TIME_STORE = 0
 
         def initialize(rule, config = {})
-          rule_obj = Datadog::Security::WAF.ruby_to_object(rule)
+          rule_obj = Datadog::AppSec::WAF.ruby_to_object(rule)
           if rule_obj.null? || rule_obj[:type] == :ddwaf_object_invalid
             fail LibDDWAF::Error, "Could not convert object #{rule.inspect}"
           end
 
-          config_obj = Datadog::Security::WAF::LibDDWAF::Config.new
+          config_obj = Datadog::AppSec::WAF::LibDDWAF::Config.new
           if config_obj.null?
             fail LibDDWAF::Error, 'Could not create config struct'
           end
 
           config_obj[:maxArrayLength] = config[:max_array_length] || DEFAULT_MAX_ARRAY_LENGTH
           config_obj[:maxMapDepth]    = config[:max_map_depth]    || DEFAULT_MAX_MAP_DEPTH
-          config_obj[:maxTimeStore]   = config[:max_time_store]   || DEFAULT_MAX_TIME_STORE
 
-          @handle_obj = Datadog::Security::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj)
+          ruleset_info = LibDDWAF::RuleSetInfoNone
+
+          @handle_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_init(rule_obj, config_obj, ruleset_info)
           if @handle_obj.null?
             fail LibDDWAF::Error, 'Could not create handle'
           end
 
           ObjectSpace.define_finalizer(self, Handle.finalizer(handle_obj))
         ensure
-          Datadog::Security::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
+          Datadog::AppSec::WAF::LibDDWAF.ddwaf_ruleset_info_free(ruleset_info) if ruleset_info
+          Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(rule_obj) if rule_obj
         end
 
         def self.finalizer(handle_obj)
           proc do |object_id|
-            Datadog::Security::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
+            Datadog::AppSec::WAF::LibDDWAF.ddwaf_destroy(handle_obj)
           end
         end
       end
 
-      Result = Struct.new(:action, :data, :perf_data, :perf_total_runtime)
+      Result = Struct.new(:action, :data, :total_runtime, :timeout)
 
       class Context
         attr_reader :context_obj
 
         def initialize(handle)
           handle_obj = handle.handle_obj
-          free_func = Datadog::Security::WAF::LibDDWAF::ObjectNoFree
+          free_func = Datadog::AppSec::WAF::LibDDWAF::ObjectNoFree
 
-          @context_obj = Datadog::Security::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
+          @context_obj = Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_init(handle_obj, free_func)
           if @context_obj.null?
             fail LibDDWAF::Error, 'Could not create context'
           end
@@ -360,9 +398,9 @@ module Datadog
         def self.finalizer(context_obj, input_objs)
           proc do |object_id|
             input_objs.each do |input_obj|
-              Datadog::Security::WAF::LibDDWAF.ddwaf_object_free(input_obj)
+              Datadog::AppSec::WAF::LibDDWAF.ddwaf_object_free(input_obj)
             end
-            Datadog::Security::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
+            Datadog::AppSec::WAF::LibDDWAF.ddwaf_context_destroy(context_obj)
           end
         end
 
@@ -371,19 +409,18 @@ module Datadog
           ddwaf_err_internal:         :err_internal,
           ddwaf_err_invalid_object:   :err_invalid_object,
           ddwaf_err_invalid_argument: :err_invalid_argument,
-          ddwaf_err_timeout:          :err_invalid_object,
           ddwaf_good:                 :good,
           ddwaf_monitor:              :monitor,
           ddwaf_block:                :block,
         }
 
         def run(input, timeout = DEFAULT_TIMEOUT_US)
-          input_obj = Datadog::Security::WAF.ruby_to_object(input)
+          input_obj = Datadog::AppSec::WAF.ruby_to_object(input)
           if input_obj.null?
             fail LibDDWAF::Error, "Could not convert input: #{input.inspect}"
           end
 
-          result_obj = Datadog::Security::WAF::LibDDWAF::Result.new
+          result_obj = Datadog::AppSec::WAF::LibDDWAF::Result.new
           if result_obj.null?
             fail LibDDWAF::Error, "Could not create result object"
           end
@@ -391,18 +428,18 @@ module Datadog
           # retain C objects in memory for subsequent calls to run
           @input_objs << input_obj
 
-          code = Datadog::Security::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
+          code = Datadog::AppSec::WAF::LibDDWAF.ddwaf_run(@context_obj, input_obj, result_obj, timeout)
 
           result = Result.new(
-            ACTION_MAP_OUT[result_obj[:action]],
+            ACTION_MAP_OUT[code],
             (JSON.parse(result_obj[:data]) if result_obj[:data] != nil),
-            (JSON.parse(result_obj[:perfData]) if result_obj[:perfData] != nil),
-            result_obj[:perfTotalRuntime],
+            result_obj[:total_runtime],
+            result_obj[:timeout],
           )
 
           [ACTION_MAP_OUT[code], result]
         ensure
-          Datadog::Security::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
+          Datadog::AppSec::WAF::LibDDWAF.ddwaf_result_free(result_obj) if result_obj
         end
       end
     end

data/lib/libddwaf.rb

@@ -1 +1 @@
-require 'datadog/security/waf'
+require 'datadog/appsec/waf'

data/vendor/libddwaf/{libddwaf-1.0.14-linux-aarch64 → libddwaf-1.2.1-linux-aarch64}/include/ddwaf.h

@@ -48,10 +48,9 @@ typedef enum
  **/
 typedef enum
 {
-    DDWAF_ERR_INTERNAL     = -4,
-    DDWAF_ERR_INVALID_OBJECT = -3,
-    DDWAF_ERR_INVALID_ARGUMENT = -2,
-    DDWAF_ERR_TIMEOUT      = -1,
+    DDWAF_ERR_INTERNAL     = -3,
+    DDWAF_ERR_INVALID_OBJECT = -2,
+    DDWAF_ERR_INVALID_ARGUMENT = -1,
     DDWAF_GOOD             = 0,
     DDWAF_MONITOR          = 1,
     DDWAF_BLOCK            = 2
@@ -72,13 +71,21 @@ typedef enum
     DDWAF_LOG_OFF,
 } DDWAF_LOG_LEVEL;
 
+#ifdef __cplusplus
+class PowerWAF;
+class PWAdditive;
+using ddwaf_handle = PowerWAF *;
+using ddwaf_context = PWAdditive *;
+#else
 typedef struct _ddwaf_handle* ddwaf_handle;
 typedef struct _ddwaf_context* ddwaf_context;
+#endif
+
 typedef struct _ddwaf_object ddwaf_object;
 typedef struct _ddwaf_config ddwaf_config;
 typedef struct _ddwaf_result ddwaf_result;
 typedef struct _ddwaf_version ddwaf_version;
-
+typedef struct _ddwaf_ruleset_info ddwaf_ruleset_info;
 /**
  * @struct ddwaf_object
  *
@@ -94,7 +101,7 @@ struct _ddwaf_object
         const char* stringValue;
         uint64_t uintValue;
         int64_t intValue;
-        const ddwaf_object* array;
+        ddwaf_object* array;
     };
     uint64_t nbEntries;
     DDWAF_OBJ_TYPE type;
@@ -111,8 +118,6 @@ struct _ddwaf_config
     uint64_t maxArrayLength;
     /** Maximum depth of ddwaf::object maps. */
     uint64_t maxMapDepth;
-    /** Maximum size of the rule run time store. **/
-    int32_t maxTimeStore;
 };
 
 /**
@@ -122,14 +127,12 @@ struct _ddwaf_config
  **/
 struct _ddwaf_result
 {
-    /** Run result action **/
-    DDWAF_RET_CODE action;
+    /** Whether there has been a timeout during the operation **/
+    bool timeout;
     /** Run result in JSON format **/
     const char* data;
-    /** Performance data in JSON format **/
-    const char* perfData;
-    /** Total run time in microseconds **/
-    uint32_t perfTotalRuntime;
+    /** Total WAF runtime in nanoseconds **/
+    uint64_t total_runtime;
 };
 
 /**
@@ -144,6 +147,24 @@ struct _ddwaf_version
     uint16_t patch;
 };
 
+/**
+ * @ddwaf_ruleset_info
+ *
+ * Structure containing diagnostics on the provided ruleset.
+ * */
+struct _ddwaf_ruleset_info
+{
+    /** Number of rules successfully loaded **/
+    uint16_t loaded;
+    /** Number of rules which failed to parse **/
+    uint16_t failed;
+    /** Map from an error string to an array of all the rule ids for which
+     *  that error was raised. {error: [rule_ids]} **/
+    ddwaf_object errors;
+    /** Ruleset version **/
+    const char *version;
+};
+
 /**
  * @typedef ddwaf_object_free_fn
  *
@@ -174,10 +195,12 @@ typedef void (*ddwaf_log_cb)(
  *
  * @param rule ddwaf::object containing the patterns to be used by the WAF. (nonnull)
  * @param config Optional configuration of the WAF. (nullable)
+ * @param info Optional ruleset parsing diagnostics. (nullable)
  *
  * @return Handle to the WAF instance.
  **/
-ddwaf_handle ddwaf_init(const ddwaf_object *rule, const ddwaf_config* config);
+ddwaf_handle ddwaf_init(const ddwaf_object *rule,
+    const ddwaf_config* config, ddwaf_ruleset_info *info);
 
 /**
  * ddwaf_destroy
@@ -187,7 +210,14 @@ ddwaf_handle ddwaf_init(const ddwaf_object *rule, const ddwaf_config* config);
  * @param Handle to the WAF instance.
  */
 void ddwaf_destroy(ddwaf_handle handle);
-
+/**
+ * ddwaf_ruleset_info_free
+ *
+ * Free the memory associated with the ruleset info structure.
+ *
+ * @param info Ruleset info to free.
+ * */
+void ddwaf_ruleset_info_free(ddwaf_ruleset_info *info);
 /**
  * ddwaf_required_addresses
  *
@@ -248,7 +278,8 @@ ddwaf_context ddwaf_context_init(const ddwaf_handle handle, ddwaf_object_free_fn
  *                           data is unknown. The result structure will not be
  *                           filled if this error occurs.
  **/
-DDWAF_RET_CODE ddwaf_run(ddwaf_context context, ddwaf_object *data, ddwaf_result *result, uint64_t timeout);
+DDWAF_RET_CODE ddwaf_run(ddwaf_context context, ddwaf_object *data,
+                         ddwaf_result *result,  uint64_t timeout);
 
 /**
  * ddwaf_context_destroy
@@ -451,6 +482,101 @@ bool ddwaf_object_map_addl(ddwaf_object *map, const char *key, size_t length, dd
  **/
 bool ddwaf_object_map_addl_nc(ddwaf_object *map, const char *key, size_t length, ddwaf_object *object);
 
+/**
+ * ddwaf_object_type
+ *
+ * Returns the type of the object.
+ *
+ * @param object The object from which to get the type.
+ *
+ * @return The object type of DDWAF_OBJ_INVALID if NULL.
+ **/
+DDWAF_OBJ_TYPE ddwaf_object_type(ddwaf_object *object);
+
+/**
+ * ddwaf_object_size
+ *
+ * Returns the size of the container object.
+ *
+ * @param object The object from which to get the size.
+ *
+ * @return The object size or 0 if the object is not a container (array, map).
+ **/
+size_t ddwaf_object_size(ddwaf_object *object);
+
+/**
+ * ddwaf_object_length
+ *
+ * Returns the length of the string object.
+ *
+ * @param object The object from which to get the length.
+ *
+ * @return The string length or 0 if the object is not a string.
+ **/
+size_t ddwaf_object_length(ddwaf_object *object);
+
+/**
+ * ddwaf_object_get_key
+ *
+ * Returns the key contained within the object.
+ *
+ * @param object The object from which to get the key.
+ * @param length Output parameter on which to return the length of the key,
+ *               this parameter is optional / nullable.
+ *
+ * @return The key of the object or NULL if the object doesn't contain a key.
+ **/
+const char* ddwaf_object_get_key(ddwaf_object *object, size_t *length);
+
+/**
+ * ddwaf_object_get_string
+ *
+ * Returns the string contained within the object.
+ *
+ * @param object The object from which to get the string.
+ * @param length Output parameter on which to return the length of the string,
+ *               this parameter is optional / nullable.
+ *
+ * @return The string of the object or NULL if the object is not a string.
+ **/
+const char* ddwaf_object_get_string(ddwaf_object *object, size_t *length);
+
+/**
+ * ddwaf_object_get_unsigned
+ *
+ * Returns the uint64 contained within the object.
+ *
+ * @param object The object from which to get the integer.
+ *
+ * @return The integer or 0 if the object is not an unsigned.
+ **/
+uint64_t ddwaf_object_get_unsigned(ddwaf_object *object);
+
+/**
+ * ddwaf_object_get_signed
+ *
+ * Returns the int64 contained within the object.
+ *
+ * @param object The object from which to get the integer.
+ *
+ * @return The integer or 0 if the object is not a signed.
+ **/
+int64_t ddwaf_object_get_signed(ddwaf_object *object);
+
+/**
+ * ddwaf_object_get_index
+ *
+ * Returns the object contained in the container at the given index.
+ *
+ * @param object The container from which to extract the object.
+ * @param index The position of the required object within the container.
+ *
+ * @return The requested object or NULL if the index is out of bounds or the
+ *         object is not a container.
+ **/
+ddwaf_object* ddwaf_object_get_index(ddwaf_object *object, size_t index);
+
+
 /**
  * ddwaf_object_free
  *

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: libddwaf
 version: !ruby/object:Gem::Version
-  version: 1.0.14.1.0.beta2
+  version: 1.2.1.0.0.beta1
 platform: aarch64-linux
 authors:
 - Datadog, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-01 00:00:00.000000000 Z
+date: 2022-03-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -38,11 +38,11 @@ files:
 - LICENSE.Apache
 - LICENSE.BSD3
 - NOTICE
-- lib/datadog/security/waf.rb
-- lib/datadog/security/waf/version.rb
+- lib/datadog/appsec/waf.rb
+- lib/datadog/appsec/waf/version.rb
 - lib/libddwaf.rb
-- vendor/libddwaf/libddwaf-1.0.14-linux-aarch64/include/ddwaf.h
-- vendor/libddwaf/libddwaf-1.0.14-linux-aarch64/lib/libddwaf.so
+- vendor/libddwaf/libddwaf-1.2.1-linux-aarch64/include/ddwaf.h
+- vendor/libddwaf/libddwaf-1.2.1-linux-aarch64/lib/libddwaf.so
 homepage: https://github.com/DataDog/libddwaf
 licenses:
 - BSD-3-Clause