libddwaf 1.15.0.0.2 → 1.18.0.0.0

data/libddwaf.gemspec

@@ -1,43 +1,40 @@
-lib = File.expand_path("../lib", __FILE__)
+# coding: utf-8
+
+lib = File.expand_path('../lib', __FILE__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require "datadog/appsec/waf/version"
+require 'datadog/appsec/waf/version'
 
 Gem::Specification.new do |spec|
-  spec.name = "libddwaf"
-  spec.version = Datadog::AppSec::WAF::VERSION::STRING
+  spec.name                  = 'libddwaf'
+  spec.version               = Datadog::AppSec::WAF::VERSION::STRING
   spec.required_ruby_version = [">= #{Datadog::AppSec::WAF::VERSION::MINIMUM_RUBY_VERSION}"]
-  spec.required_rubygems_version = ">= 2.0.0"
-  spec.authors = ["Datadog, Inc."]
-  spec.email = ["dev@datadoghq.com"]
+  spec.required_rubygems_version = '>= 2.0.0'
+  spec.authors               = ['Datadog, Inc.']
+  spec.email                 = ['dev@datadoghq.com']
 
-  spec.summary = "Datadog WAF"
-  spec.description = <<-EOS.gsub(/^[\s]+/, "")
+  spec.summary     = 'Datadog WAF'
+  spec.description = <<-EOS.gsub(/^[\s]+/, '')
     libddwaf packages a WAF implementation in C++, exposed to Ruby
   EOS
 
-  spec.homepage = "https://github.com/DataDog/libddwaf-rb"
-  spec.license = "BSD-3-Clause"
+  spec.homepage = 'https://github.com/DataDog/libddwaf-rb'
+  spec.license  = 'BSD-3-Clause'
 
   if spec.respond_to?(:metadata)
-    spec.metadata["allowed_push_host"] = "https://rubygems.org"
+    spec.metadata['allowed_push_host'] = 'https://rubygems.org'
   else
-    raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
+    raise 'RubyGems 2.0 or newer is required to protect against public gem pushes.'
   end
 
-  libddwaf_version = Datadog::AppSec::WAF::VERSION::BASE_STRING
-
-  spec.files = ["libddwaf.gemspec"]
-  spec.files.concat(Dir.glob("lib/**/*.rb"))
-  spec.files.concat(Dir.glob("{vendor/rbs,sig}/**/*.rbs"))
-  spec.files.concat(Dir.glob("{README,CHANGELOG,LICENSE,NOTICE}*"))
-  spec.files.concat(%W[
-    vendor/libddwaf/libddwaf-#{libddwaf_version}-darwin-arm64/lib/libddwaf.dylib
-    vendor/libddwaf/libddwaf-#{libddwaf_version}-darwin-x86_64/lib/libddwaf.dylib
-    vendor/libddwaf/libddwaf-#{libddwaf_version}-linux-aarch64/lib/libddwaf.so
-    vendor/libddwaf/libddwaf-#{libddwaf_version}-linux-x86_64/lib/libddwaf.so
-  ])
-
-  spec.require_paths = ["lib"]
-
-  spec.add_dependency "ffi", "~> 1.0"
+  spec.files =
+    `git ls-files -z`
+    .split("\x0")
+    .reject { |f| f.match(%r{^(spec|[.]circleci)/}) }
+    .reject do |f|
+      ['.dockerignore', '.env', '.rspec', '.rubocop.yml', '.rubocop_todo.yml',
+      '.simplecov', 'Gemfile', 'Rakefile', 'docker-compose.yml'].include?(f)
+    end
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'ffi', '~> 1.0'
 end

data/shell.nix

@@ -0,0 +1,35 @@
+{
+  # use the environment channel
+  pkgs ? import <nixpkgs> {},
+
+  # use a pinned package state
+  pinned ? import(fetchTarball("https://github.com/NixOS/nixpkgs/archive/14d9b465c71.tar.gz")) {},
+}:
+let
+  # specify ruby version to use
+  ruby = pinned.ruby_3_1;
+
+  # control llvm/clang version (e.g for packages built form source)
+  llvm = pinned.llvmPackages_12;
+in llvm.stdenv.mkDerivation {
+  # unique project name for this environment derivation
+  name = "libddwaf-rb.devshell";
+
+  buildInputs = [
+    ruby
+  ];
+
+  shellHook = ''
+    # get major.minor.0 ruby version
+    export RUBY_VERSION="$(ruby -e 'puts RUBY_VERSION.gsub(/\d+$/, "0")')"
+
+    # make gem install work in-project, compatibly with bundler
+    export GEM_HOME="$(pwd)/vendor/bundle/ruby/$RUBY_VERSION"
+
+    # make bundle work in-project
+    export BUNDLE_PATH="$(pwd)/vendor/bundle"
+
+    # enable calling gem scripts without bundle exec
+    export PATH="$GEM_HOME/bin:$PATH"
+  '';
+}

data/sig/datadog/appsec/waf/context.rbs

@@ -0,0 +1,39 @@
+module Datadog
+  module AppSec
+    module WAF
+      class Context
+        @context_obj: ::FFI::Pointer
+
+        @valid: bool
+
+        @retained: Array[untyped]
+
+        RESULT_CODE: ::Hash[::Symbol, ::Symbol]
+
+        attr_reader context_obj: ::FFI::Pointer
+
+        def initialize: (Handle handle) -> void
+
+        def finalize: () -> void
+
+        def run: (WAF::data persistent_data, WAF::data ephemeral_data, ?::Integer timeout) -> ::Array[top]
+
+        private
+
+        def validate!: () -> void
+
+        def invalidate!: () -> void
+
+        def valid?: () -> bool?
+
+        def valid!: () -> void
+
+        def retained: () -> Array[untyped]
+
+        def retain: (top object) -> void
+
+        def release: (top object) -> void
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/converter.rbs

@@ -0,0 +1,11 @@
+module Datadog
+  module AppSec
+    module WAF
+      module Converter
+        def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?coerce: bool?) -> LibDDWAF::Object
+
+        def self.object_to_ruby: (LibDDWAF::Object obj) -> WAF::data
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/handle.rbs

@@ -0,0 +1,42 @@
+module Datadog
+  module AppSec
+    module WAF
+      class Handle
+        @config: LibDDWAF::Config
+
+        @handle_obj: ::FFI::Pointer
+
+        @diagnostics: WAF::data
+
+        @valid: bool
+
+        attr_reader handle_obj: ::FFI::Pointer
+
+        attr_reader diagnostics: WAF::data
+
+        attr_reader config: LibDDWAF::Config
+
+        def initialize: (data rule, ?limits: ::Hash[::Symbol, ::Integer], ?obfuscator: ::Hash[::Symbol, ::String]) -> void
+
+        def finalize: () -> void
+
+        def required_addresses: () -> ::Array[::String?]
+
+        # TODO: WAF::data
+        def merge: (untyped data) -> Handle?
+
+        private
+
+        def new_from_handle: (::FFI::Pointer handle_object, data diagnostics, WAF::LibDDWAF::Config config) -> Handle
+
+        def validate!: () -> void
+
+        def invalidate!: () -> void
+
+        def valid?: () -> bool?
+
+        def valid!: () -> void
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/lib_ddwaf.rbs

@@ -0,0 +1,156 @@
+module Datadog
+  module AppSec
+    module WAF
+      module LibDDWAF
+        class Error < StandardError
+          attr_reader diagnostics: WAF::data
+
+          def initialize: (::String msg, ?diagnostics: WAF::data?) -> void
+        end
+
+        extend ::FFI::Library
+
+        def self.typedef: [T < ::FFI::Type, N, R, C] (T old, Symbol | ::FFI::DataConverter[N, R, C] add, ?untyped) -> T
+           | (Symbol old, Symbol add, ?untyped) -> (::FFI::Type | ::FFI::Enum)
+           | [X < ::FFI::DataConverter[N, R, C], N, R, C] (X old, Symbol add, ?untyped) -> ::FFI::Type::Mapped[X, N, R, C]
+           | (:enum old, Array[Symbol | Integer] add, ?untyped) -> ::FFI::Enum
+           | (:enum old, Symbol | ::FFI::Type add, Array[Symbol | Integer] info) -> ::FFI::Enum
+           | (untyped, ::Symbol) -> void
+
+        def self.callback: (::Symbol name, Array[::FFI::Library::ffi_lib_type] params, ::FFI::Library::ffi_lib_type ret) -> ::FFI::CallbackInfo
+
+        def self.enum: (*(Symbol | Integer) args) -> ::FFI::Enum
+                     | (Array[Symbol | Integer] values) -> ::FFI::Enum
+
+        def self.local_os: () -> ::String
+        def self.local_cpu: () -> ::String
+        def self.local_version: () -> (::String | nil)
+        def self.source_dir: () -> ::String
+        def self.vendor_dir: () -> ::String
+        def self.libddwaf_vendor_dir: () -> ::String
+        def self.shared_lib_triplet: (?version: ::String?) -> ::String
+        def self.libddwaf_dir: () -> ::String
+        def self.shared_lib_extname: () -> ::String
+        def self.shared_lib_path: () -> ::String
+
+        # version
+
+        def self.ddwaf_get_version: () -> ::String
+
+        # ddwaf::object data structure
+
+        DDWAF_OBJ_TYPE: ::FFI::Enum
+
+        class UInt32Ptr < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
+        end
+
+        class UInt64Ptr < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
+        end
+
+        class SizeTPtr < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
+        end
+
+        class ObjectValueUnion < ::FFI::Union[::FFI::AbstractMemory, untyped]
+        end
+
+        class Object < ::FFI::Struct[::FFI::AbstractMemory, untyped]
+        end
+
+        # setters
+
+        def self.ddwaf_object_invalid: (LibDDWAF::Object) -> ::FFI::Pointer
+        def self.ddwaf_object_string: (LibDDWAF::Object, ::String) -> ::FFI::Pointer
+        def self.ddwaf_object_stringl: (LibDDWAF::Object, ::String, ::Integer) -> ::FFI::Pointer
+        def self.ddwaf_object_stringl_nc: (LibDDWAF::Object, ::String, ::Integer) -> ::FFI::Pointer
+        def self.ddwaf_object_unsigned: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
+        def self.ddwaf_object_signed: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
+        def self.ddwaf_object_string_from_unsigned: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
+        def self.ddwaf_object_string_from_signed: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
+        def self.ddwaf_object_bool: (LibDDWAF::Object, bool) -> ::FFI::Pointer
+        def self.ddwaf_object_float: (LibDDWAF::Object, ::Float) -> ::FFI::Pointer
+        def self.ddwaf_object_null: (LibDDWAF::Object) -> ::FFI::Pointer
+
+        def self.ddwaf_object_array: (LibDDWAF::Object) -> ::FFI::Pointer
+        def self.ddwaf_object_array_add: (LibDDWAF::Object, LibDDWAF::Object) -> bool
+
+        def self.ddwaf_object_map: (LibDDWAF::Object) -> ::FFI::Pointer
+        def self.ddwaf_object_map_add: (LibDDWAF::Object, ::String, LibDDWAF::Object) -> bool
+        def self.ddwaf_object_map_addl: (LibDDWAF::Object, ::String, ::Integer, LibDDWAF::Object) -> bool
+        def self.ddwaf_object_map_addl_nc: (LibDDWAF::Object, ::String, ::Integer, LibDDWAF::Object) -> bool
+
+        # getters
+
+        def self.ddwaf_object_type: (LibDDWAF::Object) -> ::FFI::Enum
+        def self.ddwaf_object_size: (LibDDWAF::Object) -> ::Integer
+        def self.ddwaf_object_length: (LibDDWAF::Object) -> ::Integer
+        def self.ddwaf_object_get_key: (LibDDWAF::Object, SizeTPtr) -> ::String
+        def self.ddwaf_object_get_string: (LibDDWAF::Object, SizeTPtr) -> ::String
+        def self.ddwaf_object_get_unsigned: (LibDDWAF::Object, SizeTPtr) -> ::Integer
+        def self.ddwaf_object_get_signed: (LibDDWAF::Object, SizeTPtr) -> ::Integer
+        def self.ddwaf_object_get_index: (LibDDWAF::Object, ::Integer) -> LibDDWAF::Object
+        def self.ddwaf_object_get_bool: (LibDDWAF::Object) -> bool
+        def self.ddwaf_object_get_float: (LibDDWAF::Object) -> ::Float
+
+        # freeers
+
+        def self.ddwaf_object_free: (LibDDWAF::Object) -> void
+
+        ObjectFree: ::FFI::Function
+        ObjectNoFree: ::FFI::Pointer
+
+        # main handle
+
+        class Config < ::FFI::Struct[::FFI::AbstractMemory, untyped]
+          class Limits < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
+          end
+
+          class Obfuscator < ::FFI::Struct[::FFI::AbstractMemory, ::FFI::Pointer]
+          end
+        end
+
+        def self.ddwaf_init: (top, Config, Object) -> ::FFI::Pointer
+        def self.ddwaf_update: (::FFI::Pointer, LibDDWAF::Object, LibDDWAF::Object) -> ::FFI::Pointer
+        def self.ddwaf_destroy: (::FFI::Pointer) -> void
+
+        def self.ddwaf_known_addresses: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
+        def self.ddwaf_rule_data_ids: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
+
+        # updating
+
+        DDWAF_RET_CODE: ::FFI::Enum
+
+        # running
+
+        def self.ddwaf_context_init: (::FFI::Pointer) -> ::FFI::Pointer
+        def self.ddwaf_context_destroy: (::FFI::Pointer) -> void
+
+        class Result < ::FFI::Struct[::FFI::AbstractMemory, untyped]
+        end
+
+        def self.ddwaf_run: (::FFI::Pointer, Object, Object, Result, ::Integer) -> ::Symbol
+        def self.ddwaf_result_free: (Result) -> void
+
+        # logging
+
+        DDWAF_LOG_LEVEL: ::FFI::Enum
+
+        type ddwaf_log_level = ::Symbol
+
+        # TODO: signature is as below but steep 1.1 does not yet support method/proc/block mapping
+        # type ddwaf_log_cb = ^(ddwaf_log_level, ::String, ::String, ::Integer, ::FFI::Pointer, ::Integer) -> void
+        type ddwaf_log_cb = ::Method | ::Proc
+        def self.ddwaf_set_log_cb: (ddwaf_log_cb, ddwaf_log_level) -> bool
+
+        DEFAULT_MAX_CONTAINER_SIZE: ::Integer
+        DEFAULT_MAX_CONTAINER_DEPTH: ::Integer
+        DEFAULT_MAX_STRING_LENGTH: ::Integer
+
+        DDWAF_MAX_CONTAINER_SIZE: ::Integer
+        DDWAF_MAX_CONTAINER_DEPTH: ::Integer
+        DDWAF_MAX_STRING_LENGTH: ::Integer
+
+        DDWAF_RUN_TIMEOUT: ::Integer
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf/result.rbs

@@ -0,0 +1,33 @@
+module Datadog
+  module AppSec
+    module WAF
+      class Result
+        @status: ::Symbol
+
+        @events: WAF::data
+
+        @total_runtime: ::Float
+
+        @timeout: bool
+
+        @actions: WAF::data
+
+        @derivatives: WAF::data
+
+        attr_reader status: ::Symbol
+
+        attr_reader events: WAF::data
+
+        attr_reader total_runtime: ::Float
+
+        attr_reader timeout: bool
+
+        attr_reader actions: WAF::data
+
+        attr_reader derivatives: WAF::data
+
+        def initialize: (::Symbol status, WAF::data events, ::Float total_runtime, bool timeout, WAF::data actions, WAF::data derivatives) -> void
+      end
+    end
+  end
+end

data/sig/datadog/appsec/waf.rbs

@@ -1,163 +1,9 @@
 module Datadog
   module AppSec
     module WAF
-      module LibDDWAF
-        class Error < StandardError
-          attr_reader diagnostics: ::Datadog::AppSec::WAF::data
-
-          def initialize: (::String msg, ?diagnostics: ::Datadog::AppSec::WAF::data?) -> void
-        end
-
-        extend ::FFI::Library
-
-        def self.typedef: [T < ::FFI::Type, N, R, C] (T old, Symbol | ::FFI::DataConverter[N, R, C] add, ?untyped) -> T
-           | (Symbol old, Symbol add, ?untyped) -> (::FFI::Type | ::FFI::Enum)
-           | [X < ::FFI::DataConverter[N, R, C], N, R, C] (X old, Symbol add, ?untyped) -> ::FFI::Type::Mapped[X, N, R, C]
-           | (:enum old, Array[Symbol | Integer] add, ?untyped) -> ::FFI::Enum
-           | (:enum old, Symbol | ::FFI::Type add, Array[Symbol | Integer] info) -> ::FFI::Enum
-           | (untyped, ::Symbol) -> void
-
-        def self.callback: (::Symbol name, Array[::FFI::Library::ffi_lib_type] params, ::FFI::Library::ffi_lib_type ret) -> ::FFI::CallbackInfo
-
-        def self.enum: (*(Symbol | Integer) args) -> ::FFI::Enum
-                     | (Array[Symbol | Integer] values) -> ::FFI::Enum
- 
-        def self.local_os: () -> ::String
-        def self.local_cpu: () -> ::String
-        def self.local_version: () -> (::String | nil)
-        def self.source_dir: () -> ::String
-        def self.vendor_dir: () -> ::String
-        def self.libddwaf_vendor_dir: () -> ::String
-        def self.shared_lib_triplet: (?version: ::String?) -> ::String
-        def self.libddwaf_dir: () -> ::String
-        def self.shared_lib_extname: () -> ::String
-        def self.shared_lib_path: () -> ::String
-
-        # version
-
-        def self.ddwaf_get_version: () -> ::String
-
-        # ddwaf::object data structure
-
-        DDWAF_OBJ_TYPE: ::FFI::Enum
-
-        class UInt32Ptr < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
-        end
-
-        class UInt64Ptr < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
-        end
-
-        class SizeTPtr < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
-        end
-
-        class ObjectValueUnion < ::FFI::Union[::FFI::AbstractMemory, untyped]
-        end
-
-        class Object < ::FFI::Struct[::FFI::AbstractMemory, untyped]
-        end
-
-        # setters
-
-        def self.ddwaf_object_invalid: (LibDDWAF::Object) -> ::FFI::Pointer
-        def self.ddwaf_object_string: (LibDDWAF::Object, ::String) -> ::FFI::Pointer
-        def self.ddwaf_object_stringl: (LibDDWAF::Object, ::String, ::Integer) -> ::FFI::Pointer
-        def self.ddwaf_object_stringl_nc: (LibDDWAF::Object, ::String, ::Integer) -> ::FFI::Pointer
-        def self.ddwaf_object_unsigned: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
-        def self.ddwaf_object_signed: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
-        def self.ddwaf_object_string_from_unsigned: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
-        def self.ddwaf_object_string_from_signed: (LibDDWAF::Object, ::Integer) -> ::FFI::Pointer
-        def self.ddwaf_object_bool: (LibDDWAF::Object, bool) -> ::FFI::Pointer
-        def self.ddwaf_object_float: (LibDDWAF::Object, ::Float) -> ::FFI::Pointer
-        def self.ddwaf_object_null: (LibDDWAF::Object) -> ::FFI::Pointer
-
-        def self.ddwaf_object_array: (LibDDWAF::Object) -> ::FFI::Pointer
-        def self.ddwaf_object_array_add: (LibDDWAF::Object, LibDDWAF::Object) -> bool
-
-        def self.ddwaf_object_map: (LibDDWAF::Object) -> ::FFI::Pointer
-        def self.ddwaf_object_map_add: (LibDDWAF::Object, ::String, LibDDWAF::Object) -> bool
-        def self.ddwaf_object_map_addl: (LibDDWAF::Object, ::String, ::Integer, LibDDWAF::Object) -> bool
-        def self.ddwaf_object_map_addl_nc: (LibDDWAF::Object, ::String, ::Integer, LibDDWAF::Object) -> bool
-
-        # getters
-
-        def self.ddwaf_object_type: (LibDDWAF::Object) -> ::FFI::Enum
-        def self.ddwaf_object_size: (LibDDWAF::Object) -> ::Integer
-        def self.ddwaf_object_length: (LibDDWAF::Object) -> ::Integer
-        def self.ddwaf_object_get_key: (LibDDWAF::Object, SizeTPtr) -> ::String
-        def self.ddwaf_object_get_string: (LibDDWAF::Object, SizeTPtr) -> ::String
-        def self.ddwaf_object_get_unsigned: (LibDDWAF::Object, SizeTPtr) -> ::Integer
-        def self.ddwaf_object_get_signed: (LibDDWAF::Object, SizeTPtr) -> ::Integer
-        def self.ddwaf_object_get_index: (LibDDWAF::Object, ::Integer) -> LibDDWAF::Object
-        def self.ddwaf_object_get_bool: (LibDDWAF::Object) -> bool
-        def self.ddwaf_object_get_float: (LibDDWAF::Object) -> ::Float
-
-        # freeers
-
-        def self.ddwaf_object_free: (LibDDWAF::Object) -> void
-
-        ObjectFree: ::FFI::Function
-        ObjectNoFree: ::FFI::Pointer
-
-        # main handle
-
-        class Config < ::FFI::Struct[::FFI::AbstractMemory, untyped]
-          class Limits < ::FFI::Struct[::FFI::AbstractMemory, ::Integer]
-          end
-
-          class Obfuscator < ::FFI::Struct[::FFI::AbstractMemory, ::FFI::Pointer]
-          end
-        end
-
-        def self.ddwaf_init: (top, Config, Object) -> ::FFI::Pointer
-        def self.ddwaf_update: (::FFI::Pointer, LibDDWAF::Object, LibDDWAF::Object) -> ::FFI::Pointer
-        def self.ddwaf_destroy: (::FFI::Pointer) -> void
-
-        def self.ddwaf_known_addresses: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
-        def self.ddwaf_rule_data_ids: (::FFI::Pointer, UInt32Ptr) -> ::FFI::Pointer
-
-        # updating
-
-        DDWAF_RET_CODE: ::FFI::Enum
-
-        # running
-
-        def self.ddwaf_context_init: (::FFI::Pointer) -> ::FFI::Pointer
-        def self.ddwaf_context_destroy: (::FFI::Pointer) -> void
-
-        class Result < ::FFI::Struct[::FFI::AbstractMemory, untyped]
-        end
-
-        def self.ddwaf_run: (::FFI::Pointer, Object, Object, Result, ::Integer) -> ::Symbol
-        def self.ddwaf_result_free: (Result) -> void
-
-        # logging
-
-        DDWAF_LOG_LEVEL: ::FFI::Enum
-
-        type ddwaf_log_level = ::Symbol
-
-        # TODO: signature is as below but steep 1.1 does not yet support method/proc/block mapping
-        # type ddwaf_log_cb = ^(ddwaf_log_level, ::String, ::String, ::Integer, ::FFI::Pointer, ::Integer) -> void
-        type ddwaf_log_cb = ::Method | ::Proc
-        def self.ddwaf_set_log_cb: (ddwaf_log_cb, ddwaf_log_level) -> bool
-
-        DEFAULT_MAX_CONTAINER_SIZE: ::Integer
-        DEFAULT_MAX_CONTAINER_DEPTH: ::Integer
-        DEFAULT_MAX_STRING_LENGTH: ::Integer
-
-        DDWAF_MAX_CONTAINER_SIZE: ::Integer
-        DDWAF_MAX_CONTAINER_DEPTH: ::Integer
-        DDWAF_MAX_STRING_LENGTH: ::Integer
-
-        DDWAF_RUN_TIMEOUT: ::Integer
-      end
-
-      def self.version: () -> ::String
-
       type data = String | Symbol | Integer | Float | TrueClass | FalseClass | Array[data] | Hash[(String | Symbol | nil), data] | nil
 
-      def self.ruby_to_object: (top val, ?max_container_size: ::Integer?, ?max_container_depth: ::Integer?, ?max_string_length: ::Integer?, ?coerce: bool?) -> ::Datadog::AppSec::WAF::LibDDWAF::Object
-      def self.object_to_ruby: (::Datadog::AppSec::WAF::LibDDWAF::Object obj) -> data
+      def self.version: () -> ::String
 
       self.@logger: ::Logger
       self.@log_callback: LibDDWAF::ddwaf_log_cb
@@ -165,64 +11,6 @@ module Datadog
       def self.log_callback: (LibDDWAF::ddwaf_log_level, ::String, ::String, ::Integer, ::FFI::Pointer, ::Integer) -> void
       def self.logger: () -> ::Logger
       def self.logger=: (::Logger logger) -> void
-
-      RESULT_CODE: ::Hash[::Symbol, ::Symbol]
-
-      class Handle
-        attr_reader handle_obj: ::FFI::Pointer
-        attr_reader diagnostics: data
-        attr_reader config: WAF::LibDDWAF::Config
-
-        def initialize: (data rule, ?limits: ::Hash[::Symbol, ::Integer], ?obfuscator: ::Hash[::Symbol, ::String]) -> void
-        def finalize: () -> untyped
-        def required_addresses: () -> ::Array[::String?]
-        def merge: (untyped data) -> Handle?
-
-        private
-
-        @valid: bool
-
-        def new_from_handle: (::FFI::Pointer handle_object, data diagnostics, WAF::LibDDWAF::Config config) -> untyped
-        def validate!: () -> void
-        def invalidate!: () -> void
-        def valid?: () -> (nil | bool)
-        def valid!: () -> void
-      end
-
-      class Result
-        attr_reader status: ::Symbol
-        attr_reader events: data
-        attr_reader total_runtime: ::Float
-        attr_reader timeout: bool
-        attr_reader actions: data
-        attr_reader derivatives: data
-
-        def initialize: (::Symbol, data, ::Float, bool, data, data) -> void
-      end
-
-      class Context
-        attr_reader context_obj: ::FFI::Pointer
-
-        def initialize: (Handle handle) -> void
-        def finalize: () -> void
-
-        def run: (data persistent_data, data ephemeral_data, ?::Integer timeout) -> ::Array[top]
-
-        private
-
-        @valid: bool
-
-        def validate!: () -> void
-        def invalidate!: () -> void
-        def valid?: () -> (nil | bool)
-        def valid!: () -> void
-
-        @retained: Array[untyped]
-
-        def retained: () -> Array[untyped]
-        def retain: (top object) -> void
-        def release: (top object) -> void
-      end
     end
   end
 end