libddwaf 1.14.0.0.0 → 1.18.0.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/actions/docker-build-ruby/Dockerfile +5 -0
- data/.github/actions/docker-build-ruby/Dockerfile.alpine +7 -0
- data/.github/actions/docker-build-ruby/Dockerfile.jruby +6 -0
- data/.github/actions/docker-build-ruby/action.yml +57 -0
- data/.github/workflows/lint.yml +13 -12
- data/.github/workflows/package.yml +93 -174
- data/.github/workflows/test.yml +86 -190
- data/.gitignore +4 -1
- data/.steepignore +4 -0
- data/CHANGELOG.md +5 -1
- data/lib/datadog/appsec/waf/context.rb +122 -0
- data/lib/datadog/appsec/waf/converter.rb +172 -0
- data/lib/datadog/appsec/waf/handle.rb +108 -0
- data/lib/datadog/appsec/waf/lib_ddwaf.rb +307 -0
- data/lib/datadog/appsec/waf/result.rb +33 -0
- data/lib/datadog/appsec/waf/version.rb +2 -2
- data/lib/datadog/appsec/waf.rb +17 -670
- data/sig/datadog/appsec/waf/context.rbs +39 -0
- data/sig/datadog/appsec/waf/converter.rbs +11 -0
- data/sig/datadog/appsec/waf/handle.rbs +42 -0
- data/sig/datadog/appsec/waf/lib_ddwaf.rbs +156 -0
- data/sig/datadog/appsec/waf/result.rbs +33 -0
- data/sig/datadog/appsec/waf.rbs +1 -201
- metadata +22 -8
- data/vendor/rbs/ffi/0/ffi.rbs +0 -62
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2cea26919b7498876af6b3517e509939b1dfc2bfac538dccf9d4f7d6ba02bb84
|
|
4
|
+
data.tar.gz: ec604e73b223f59abcc8d001a08f46ea7d130b2ecc9e4f672313b812e91e5016
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 706ca9b34d702e244d74b46f2ef5633de09f37b8b8cfa3591e4421417592a9034eeabde5358879a00b113acad38c04a2827418edf8b936f8af3302d8b902bd01
|
|
7
|
+
data.tar.gz: c4c0f294b8e4d9e173ed775d6b60ecf89ebeb97360dfd67bb6c8049582f5f9d3e5cd7bc3cf179ac319518bef11b38b1bfcb7e740e18281b14c22510ee763dfcc
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
name: Build docker image
|
|
2
|
+
description:
|
|
3
|
+
Github Actions does not support setting the platform for the container yet.
|
|
4
|
+
This action builds the image for the specified architecture and libc.
|
|
5
|
+
|
|
6
|
+
inputs:
|
|
7
|
+
ruby-version:
|
|
8
|
+
description: Ruby version
|
|
9
|
+
required: true
|
|
10
|
+
|
|
11
|
+
arch:
|
|
12
|
+
description: Build architecture
|
|
13
|
+
required: true
|
|
14
|
+
|
|
15
|
+
libc:
|
|
16
|
+
description: Which libc is used
|
|
17
|
+
required: true
|
|
18
|
+
|
|
19
|
+
jruby:
|
|
20
|
+
description: Whether to use JRuby
|
|
21
|
+
required: false
|
|
22
|
+
default: "false"
|
|
23
|
+
|
|
24
|
+
outputs:
|
|
25
|
+
run-cmd:
|
|
26
|
+
description: Command to run the container
|
|
27
|
+
value: ${{ steps.set-run-cmd.outputs.run-cmd }}
|
|
28
|
+
|
|
29
|
+
runs:
|
|
30
|
+
using: "composite"
|
|
31
|
+
steps:
|
|
32
|
+
- name: Set up QEMU
|
|
33
|
+
uses: docker/setup-qemu-action@v3
|
|
34
|
+
with:
|
|
35
|
+
platforms: ${{ inputs.arch }}
|
|
36
|
+
|
|
37
|
+
- name: Set up Docker Buildx
|
|
38
|
+
uses: docker/setup-buildx-action@v3
|
|
39
|
+
|
|
40
|
+
- name: Build image
|
|
41
|
+
uses: docker/build-push-action@v6
|
|
42
|
+
with:
|
|
43
|
+
file: .github/actions/docker-build-ruby/Dockerfile${{ inputs.libc == 'musl' && '.alpine' || '' }}${{ inputs.jruby == 'true' && '.jruby' || '' }}
|
|
44
|
+
build-args: |
|
|
45
|
+
"RUBY_VERSION=${{ inputs.ruby-version }}"
|
|
46
|
+
push: false
|
|
47
|
+
load: true
|
|
48
|
+
tags: libddwaf-rb-test:latest
|
|
49
|
+
cache-from: type=gha
|
|
50
|
+
cache-to: type=gha,mode=max
|
|
51
|
+
platforms: linux/${{ inputs.arch }}
|
|
52
|
+
|
|
53
|
+
- name: Set run-cmd output
|
|
54
|
+
id: set-run-cmd
|
|
55
|
+
shell: bash
|
|
56
|
+
run: |
|
|
57
|
+
echo "run-cmd=docker run --platform linux/${{ inputs.arch }} -v gems:/usr/local/bundle -v ${{ github.workspace }}:/libddwaf-rb -w /libddwaf-rb libddwaf-rb-test:latest" >> "$GITHUB_OUTPUT"
|
data/.github/workflows/lint.yml
CHANGED
|
@@ -5,29 +5,30 @@ on:
|
|
|
5
5
|
jobs:
|
|
6
6
|
style-check:
|
|
7
7
|
name: Style check
|
|
8
|
-
runs-on: ubuntu-
|
|
8
|
+
runs-on: ubuntu-24.04
|
|
9
9
|
container:
|
|
10
|
-
image: ruby:3.
|
|
10
|
+
image: ruby:3.3
|
|
11
11
|
steps:
|
|
12
12
|
- name: Checkout
|
|
13
13
|
uses: actions/checkout@v2
|
|
14
|
+
|
|
14
15
|
- name: Bundle
|
|
15
|
-
run:
|
|
16
|
-
|
|
16
|
+
run: bundle install
|
|
17
|
+
|
|
17
18
|
- name: Run Rubocop
|
|
18
|
-
run:
|
|
19
|
-
|
|
19
|
+
run: bundle exec rubocop -D
|
|
20
|
+
|
|
20
21
|
type-check:
|
|
21
22
|
name: Type check
|
|
22
|
-
runs-on: ubuntu-
|
|
23
|
+
runs-on: ubuntu-24.04
|
|
23
24
|
container:
|
|
24
|
-
image: ruby:3.
|
|
25
|
+
image: ruby:3.3
|
|
25
26
|
steps:
|
|
26
27
|
- name: Checkout
|
|
27
28
|
uses: actions/checkout@v2
|
|
29
|
+
|
|
28
30
|
- name: Bundle
|
|
29
|
-
run:
|
|
30
|
-
|
|
31
|
+
run: bundle install
|
|
32
|
+
|
|
31
33
|
- name: Run Steep
|
|
32
|
-
run:
|
|
33
|
-
bundle exec steep check
|
|
34
|
+
run: bundle exec rake steep:check
|
|
@@ -3,213 +3,132 @@ on:
|
|
|
3
3
|
- push
|
|
4
4
|
|
|
5
5
|
jobs:
|
|
6
|
-
|
|
6
|
+
test-rake-build:
|
|
7
7
|
strategy:
|
|
8
8
|
fail-fast: false
|
|
9
9
|
matrix:
|
|
10
|
+
os: [ubuntu-24.04]
|
|
11
|
+
ruby: ["3.3"]
|
|
12
|
+
arch: [amd64, arm64]
|
|
13
|
+
libc: [gnu]
|
|
10
14
|
include:
|
|
11
|
-
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
17
|
-
- name: Checkout
|
|
18
|
-
uses: actions/checkout@v2
|
|
19
|
-
- name: Install Linux build tools
|
|
20
|
-
if: ${{ startsWith(matrix.os, 'ubuntu-') }}
|
|
21
|
-
run: sudo apt-get install -y ruby ruby-bundler
|
|
22
|
-
- name: Bundle
|
|
23
|
-
run: |
|
|
24
|
-
bundle install
|
|
25
|
-
- name: Build gem
|
|
26
|
-
run: |
|
|
27
|
-
bundle exec rake build
|
|
28
|
-
- name: Upload gem
|
|
29
|
-
uses: actions/upload-artifact@v2
|
|
30
|
-
with:
|
|
31
|
-
name: libddwaf-${{ matrix.platform }}-${{ github.run_id }}-${{ github.sha }}
|
|
32
|
-
path: pkg
|
|
33
|
-
package-binary:
|
|
34
|
-
strategy:
|
|
35
|
-
fail-fast: false
|
|
36
|
-
matrix:
|
|
37
|
-
include:
|
|
38
|
-
- os: ubuntu-20.04
|
|
39
|
-
cpu: x86_64
|
|
40
|
-
platform: x86_64-linux:llvm
|
|
41
|
-
artifact: x86_64-linux-llvm
|
|
42
|
-
- os: ubuntu-20.04
|
|
43
|
-
cpu: aarch64
|
|
44
|
-
platform: aarch64-linux:llvm
|
|
45
|
-
artifact: aarch64-linux-llvm
|
|
46
|
-
- os: ubuntu-20.04
|
|
47
|
-
cpu: universal
|
|
48
|
-
platform: java
|
|
49
|
-
artifact: java
|
|
50
|
-
- os: macos-12
|
|
51
|
-
cpu: x86_64
|
|
52
|
-
platform: x86_64-darwin
|
|
53
|
-
artifact: x86_64-darwin
|
|
54
|
-
- os: macos-12
|
|
55
|
-
cpu: arm64
|
|
56
|
-
platform: arm64-darwin
|
|
57
|
-
artifact: arm64-darwin
|
|
58
|
-
name: Build package (${{ matrix.platform }})
|
|
15
|
+
- arch: amd64
|
|
16
|
+
platform: x86_64-linux
|
|
17
|
+
- arch: arm64
|
|
18
|
+
platform: aarch64-linux
|
|
19
|
+
|
|
20
|
+
name: Test build without fetching libddwaf (Ruby ${{ matrix.ruby }}, ${{ matrix.arch }}, ${{ matrix.libc }})
|
|
59
21
|
runs-on: ${{ matrix.os }}
|
|
22
|
+
|
|
60
23
|
steps:
|
|
61
24
|
- name: Checkout
|
|
62
|
-
uses: actions/checkout@
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
run: |
|
|
68
|
-
bundle install
|
|
69
|
-
- name: Build binary gem
|
|
70
|
-
run: |
|
|
71
|
-
bundle exec rake binary[${{ matrix.platform }}]
|
|
72
|
-
- name: Upload gem
|
|
73
|
-
uses: actions/upload-artifact@v2
|
|
74
|
-
with:
|
|
75
|
-
name: libddwaf-${{ matrix.artifact }}-${{ github.run_id }}-${{ github.sha }}
|
|
76
|
-
path: pkg
|
|
77
|
-
test-ruby:
|
|
78
|
-
needs: package-ruby
|
|
79
|
-
strategy:
|
|
80
|
-
fail-fast: false
|
|
81
|
-
matrix:
|
|
82
|
-
include:
|
|
83
|
-
- os: ubuntu-20.04
|
|
84
|
-
cpu: x86_64
|
|
85
|
-
platform: ruby
|
|
86
|
-
image: ruby:2.6
|
|
87
|
-
qemu: amd64
|
|
88
|
-
libc: gnu
|
|
89
|
-
name: Test package (${{ matrix.platform }}-${{ matrix.libc }})
|
|
90
|
-
runs-on: ${{ matrix.os }}
|
|
91
|
-
steps:
|
|
92
|
-
- name: Enable ${{ matrix.qemu }} platform
|
|
93
|
-
id: qemu
|
|
94
|
-
if: ${{ matrix.cpu != 'amd64' }}
|
|
95
|
-
run: |
|
|
96
|
-
docker run --privileged --rm tonistiigi/binfmt:latest --install ${{ matrix.qemu }} | tee platforms.json
|
|
97
|
-
echo "::set-output name=platforms::$(cat platforms.json)"
|
|
98
|
-
- name: Start container
|
|
99
|
-
id: container
|
|
100
|
-
run: |
|
|
101
|
-
echo ${{ matrix.image }} > container_image
|
|
102
|
-
docker run --rm -d -v "${PWD}":"${PWD}" -w "${PWD}" --platform linux/${{ matrix.qemu }} ${{ matrix.image }} /bin/sleep 64d | tee container_id
|
|
103
|
-
docker exec -w "${PWD}" $(cat container_id) uname -a
|
|
104
|
-
echo "::set-output name=id::$(cat container_id)"
|
|
105
|
-
- uses: actions/download-artifact@v2
|
|
25
|
+
uses: actions/checkout@v4
|
|
26
|
+
|
|
27
|
+
- name: Build docker image
|
|
28
|
+
id: build-image
|
|
29
|
+
uses: ./.github/actions/docker-build-ruby
|
|
106
30
|
with:
|
|
107
|
-
|
|
108
|
-
|
|
31
|
+
ruby-version: ${{ matrix.ruby }}
|
|
32
|
+
arch: ${{ matrix.arch }}
|
|
33
|
+
libc: ${{ matrix.libc }}
|
|
34
|
+
|
|
35
|
+
- name: Bundle install
|
|
36
|
+
run: ${{ steps.build-image.outputs.run-cmd }} bundle install
|
|
37
|
+
|
|
38
|
+
- name: Build gem
|
|
39
|
+
run: ${{ steps.build-image.outputs.run-cmd }} bundle exec rake build
|
|
40
|
+
|
|
109
41
|
- name: List artifact files
|
|
110
42
|
run: find .
|
|
111
43
|
working-directory: pkg
|
|
44
|
+
|
|
112
45
|
- name: Install gem
|
|
113
|
-
run:
|
|
46
|
+
run: ${{ steps.build-image.outputs.run-cmd }} gem install --verbose pkg/*.gem
|
|
47
|
+
|
|
114
48
|
- name: Run smoke test
|
|
115
|
-
run:
|
|
116
|
-
|
|
117
|
-
test-
|
|
118
|
-
needs: package-binary
|
|
49
|
+
run: ${{ steps.build-image.outputs.run-cmd }} ruby -e 'begin require "libddwaf"; rescue LoadError => e; puts e.message; else fail "loaded when it should not"; end'
|
|
50
|
+
|
|
51
|
+
test-rake-binary:
|
|
119
52
|
strategy:
|
|
120
53
|
fail-fast: false
|
|
121
54
|
matrix:
|
|
55
|
+
os: [ubuntu-24.04]
|
|
56
|
+
ruby: ["3.3", "9.4"]
|
|
57
|
+
arch: [amd64, arm64]
|
|
58
|
+
libc: [gnu, musl]
|
|
122
59
|
include:
|
|
123
|
-
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
artifact: aarch64-linux-llvm
|
|
134
|
-
image: ruby:2.6
|
|
135
|
-
qemu: aarch64
|
|
136
|
-
libc: gnu
|
|
137
|
-
- os: ubuntu-20.04
|
|
138
|
-
cpu: x86_64
|
|
139
|
-
platform: x86_64-linux
|
|
140
|
-
artifact: x86_64-linux-llvm
|
|
141
|
-
image: ruby:2.6-alpine
|
|
142
|
-
qemu: amd64
|
|
143
|
-
libc: musl
|
|
144
|
-
- os: ubuntu-20.04
|
|
145
|
-
cpu: aarch64
|
|
146
|
-
platform: aarch64-linux
|
|
147
|
-
artifact: aarch64-linux-llvm
|
|
148
|
-
image: ruby:2.6-alpine
|
|
149
|
-
qemu: aarch64
|
|
60
|
+
- arch: amd64
|
|
61
|
+
platform: x86_64-linux:llvm
|
|
62
|
+
- arch: arm64
|
|
63
|
+
platform: aarch64-linux:llvm
|
|
64
|
+
- ruby: 3.3
|
|
65
|
+
jruby: false
|
|
66
|
+
- ruby: 9.4
|
|
67
|
+
jruby: true
|
|
68
|
+
exclude:
|
|
69
|
+
- ruby: 9.4
|
|
150
70
|
libc: musl
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
platform: java
|
|
154
|
-
artifact: java
|
|
155
|
-
image: jruby:9.3.0.0
|
|
156
|
-
qemu: amd64
|
|
157
|
-
libc: gnu
|
|
158
|
-
name: Test package (${{ matrix.platform }}, ${{ matrix.libc }}, ${{ matrix.cpu }})
|
|
71
|
+
|
|
72
|
+
name: Test gem build (${{ matrix.jruby == true && 'Jruby' || 'Ruby'}} ${{ matrix.ruby }}, ${{ matrix.arch }}, ${{ matrix.libc }})
|
|
159
73
|
runs-on: ${{ matrix.os }}
|
|
74
|
+
|
|
160
75
|
steps:
|
|
161
|
-
- name:
|
|
162
|
-
|
|
163
|
-
|
|
164
|
-
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
- name: Start container
|
|
168
|
-
id: container
|
|
169
|
-
run: |
|
|
170
|
-
echo ${{ matrix.image }} > container_image
|
|
171
|
-
docker run --rm -d -v "${PWD}":"${PWD}" -w "${PWD}" --platform linux/${{ matrix.qemu }} ${{ matrix.image }} /bin/sleep 64d | tee container_id
|
|
172
|
-
docker exec -w "${PWD}" $(cat container_id) uname -a
|
|
173
|
-
echo "::set-output name=id::$(cat container_id)"
|
|
174
|
-
- uses: actions/download-artifact@v2
|
|
76
|
+
- name: Checkout
|
|
77
|
+
uses: actions/checkout@v4
|
|
78
|
+
|
|
79
|
+
- name: Build docker image
|
|
80
|
+
id: build-image
|
|
81
|
+
uses: ./.github/actions/docker-build-ruby
|
|
175
82
|
with:
|
|
176
|
-
|
|
177
|
-
|
|
83
|
+
ruby-version: ${{ matrix.ruby }}
|
|
84
|
+
arch: ${{ matrix.arch }}
|
|
85
|
+
libc: ${{ matrix.libc }}
|
|
86
|
+
jruby: ${{ matrix.jruby }}
|
|
87
|
+
|
|
88
|
+
- name: Bundle install
|
|
89
|
+
run: ${{ steps.build-image.outputs.run-cmd }} bundle install
|
|
90
|
+
|
|
91
|
+
- name: Build binary gem
|
|
92
|
+
run: ${{ steps.build-image.outputs.run-cmd }} bundle exec rake binary[${{ matrix.platform }}]
|
|
93
|
+
|
|
178
94
|
- name: List artifact files
|
|
179
95
|
run: find .
|
|
180
96
|
working-directory: pkg
|
|
181
|
-
|
|
182
|
-
if: ${{ matrix.libc == 'musl' }}
|
|
183
|
-
run: docker exec -w "${PWD}" ${{ steps.container.outputs.id }} apk add --no-cache build-base
|
|
97
|
+
|
|
184
98
|
- name: Install gem
|
|
185
|
-
run:
|
|
99
|
+
run: ${{ steps.build-image.outputs.run-cmd }} gem install --verbose pkg/*.gem
|
|
100
|
+
|
|
186
101
|
- name: Run smoke test
|
|
187
|
-
run:
|
|
188
|
-
|
|
189
|
-
test-darwin:
|
|
190
|
-
needs: package-binary
|
|
102
|
+
run: ${{ steps.build-image.outputs.run-cmd }} ruby -r 'libddwaf' -e 'p Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version'
|
|
103
|
+
|
|
104
|
+
test-rake-binary-on-darwin:
|
|
191
105
|
strategy:
|
|
192
106
|
fail-fast: false
|
|
193
107
|
matrix:
|
|
108
|
+
os: [macos-15, macos-15-large]
|
|
194
109
|
include:
|
|
195
|
-
- os: macos-
|
|
196
|
-
|
|
110
|
+
- os: macos-15
|
|
111
|
+
platform: arm64-darwin
|
|
112
|
+
- os: macos-15-large
|
|
197
113
|
platform: x86_64-darwin
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
# platform: arm64-darwin
|
|
201
|
-
name: Test package (${{ matrix.platform }})
|
|
114
|
+
|
|
115
|
+
name: Test gem build (${{ matrix.os }})
|
|
202
116
|
runs-on: ${{ matrix.os }}
|
|
117
|
+
env:
|
|
118
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
119
|
+
|
|
203
120
|
steps:
|
|
204
|
-
-
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
121
|
+
- name: Checkout
|
|
122
|
+
uses: actions/checkout@v4
|
|
123
|
+
|
|
124
|
+
- name: Bundle
|
|
125
|
+
run: bundle install
|
|
126
|
+
|
|
127
|
+
- name: Build binary gem
|
|
128
|
+
run: bundle exec rake binary[${{ matrix.platform }}]
|
|
129
|
+
|
|
211
130
|
- name: Install gem
|
|
212
131
|
run: gem install --verbose pkg/*.gem
|
|
132
|
+
|
|
213
133
|
- name: Run smoke test
|
|
214
|
-
run:
|
|
215
|
-
ruby -r 'libddwaf' -e 'p Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version'
|
|
134
|
+
run: ruby -r 'libddwaf' -e 'p Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version'
|