libddwaf 1.3.0.2.0 → 1.5.1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (16) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/lint.yml +33 -0
  3. data/.github/workflows/package.yml +20 -46
  4. data/.github/workflows/test.yml +23 -26
  5. data/CHANGELOG.md +74 -0
  6. data/Steepfile +22 -0
  7. data/lib/datadog/appsec/waf/version.rb +2 -2
  8. data/lib/datadog/appsec/waf.rb +281 -92
  9. data/libddwaf.gemspec +1 -1
  10. data/sig/datadog/appsec/waf/version.rbs +13 -0
  11. data/sig/datadog/appsec/waf.rbs +230 -0
  12. data/sig/libddwaf.rbs +0 -0
  13. data/vendor/rbs/ffi/0/ffi.rbs +62 -0
  14. data/vendor/rbs/gem/0/gem.rbs +7 -0
  15. data/vendor/rbs/jruby/0/jruby.rbs +3 -0
  16. metadata +12 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 761413998bd5c350c78413a3b1ab14de9d7b31e5784e206d4a1e24747e84943b
4
- data.tar.gz: 99f0a81a21c6e6cb78895422fc93345b2e466adc2977e97d0fb69f2ca7d4968c
3
+ metadata.gz: 38d7409fb731162a26f8ab1a510f2aa3282a9d1889afee95cbc4468be3116f5d
4
+ data.tar.gz: c92a1e8d70a5cdc3a8b2d9e42526418013a0d103aa1f827ba47cb857e137281f
5
5
  SHA512:
6
- metadata.gz: ef74395170939fb40cca96f4b93628987d980d579a05083cbf7e738e239be2bd61bfde3e3666e5a6227f57681bd3961a24d81f33140e463110f80c916b5311d0
7
- data.tar.gz: 834f41db4de087c0dc8df8ba418c54ff5d530223e94a627f65f818482183678626a89dcdc07b91045b66ae0b8d75b6f6e6452ff9e5f535bad231625a7cb8b340
6
+ metadata.gz: a256ca93952b9633869b4801212251d04c9d64a84b8276dbc58df0e5aa8249258d4005a2204e3c4db1d2b768f52c9d265731da5c1b0a696a1f812ef7b5662ef1
7
+ data.tar.gz: e947f17969ddbe0b996835acff0eff24f7870eacbe1a19df3536623c65ccf9b9c5d392d518e318e657ef4da3513f0f885fb9a040c9c3b7e603ddf13b8af88339
data/.github/workflows/lint.yml ADDED
@@ -0,0 +1,33 @@
1
+ name: Lint
2
+ on:
3
+ - push
4
+
5
+ jobs:
6
+ style-check:
7
+ name: Style check
8
+ runs-on: ubuntu-20.04
9
+ container:
10
+ image: ruby:3.1
11
+ steps:
12
+ - name: Checkout
13
+ uses: actions/checkout@v2
14
+ - name: Bundle
15
+ run: |
16
+ bundle install
17
+ - name: Run Rubocop
18
+ run: |
19
+ bundle exec rubocop -D
20
+ type-check:
21
+ name: Type check
22
+ runs-on: ubuntu-20.04
23
+ container:
24
+ image: ruby:3.1
25
+ steps:
26
+ - name: Checkout
27
+ uses: actions/checkout@v2
28
+ - name: Bundle
29
+ run: |
30
+ bundle install
31
+ - name: Run Steep
32
+ run: |
33
+ bundle exec steep check
data/.github/workflows/package.yml CHANGED
@@ -37,31 +37,24 @@ jobs:
37
37
  include:
38
38
  - os: ubuntu-20.04
39
39
  cpu: x86_64
40
- platform: x86_64-linux
41
- - os: ubuntu-20.04
42
- cpu: aarch64
43
- platform: aarch64-linux
44
- - os: ubuntu-20.04
45
- cpu: x86_64
46
- platform: x86_64-linux-gnu
47
- - os: ubuntu-20.04
48
- cpu: aarch64
49
- platform: aarch64-linux-gnu
50
- - os: ubuntu-20.04
51
- cpu: x86_64
52
- platform: x86_64-linux-musl
40
+ platform: x86_64-linux:llvm
41
+ artifact: x86_64-linux-llvm
53
42
  - os: ubuntu-20.04
54
43
  cpu: aarch64
55
- platform: aarch64-linux-musl
44
+ platform: aarch64-linux:llvm
45
+ artifact: aarch64-linux-llvm
56
46
  - os: ubuntu-20.04
57
47
  cpu: universal
58
48
  platform: java
59
- - os: macos-10.15
49
+ artifact: java
50
+ - os: macos-12
60
51
  cpu: x86_64
61
52
  platform: x86_64-darwin
62
- - os: macos-10.15
53
+ artifact: x86_64-darwin
54
+ - os: macos-12
63
55
  cpu: arm64
64
56
  platform: arm64-darwin
57
+ artifact: arm64-darwin
65
58
  name: Build package (${{ matrix.platform }})
66
59
  runs-on: ${{ matrix.os }}
67
60
  steps:
@@ -79,7 +72,7 @@ jobs:
79
72
  - name: Upload gem
80
73
  uses: actions/upload-artifact@v2
81
74
  with:
82
- name: libddwaf-${{ matrix.platform }}-${{ github.run_id }}-${{ github.sha }}
75
+ name: libddwaf-${{ matrix.artifact }}-${{ github.run_id }}-${{ github.sha }}
83
76
  path: pkg
84
77
  test-ruby:
85
78
  needs: package-ruby
@@ -130,54 +123,35 @@ jobs:
130
123
  - os: ubuntu-20.04
131
124
  cpu: x86_64
132
125
  platform: x86_64-linux
126
+ artifact: x86_64-linux-llvm
133
127
  image: ruby:2.6
134
128
  qemu: amd64
135
129
  libc: gnu
136
130
  - os: ubuntu-20.04
137
131
  cpu: aarch64
138
132
  platform: aarch64-linux
133
+ artifact: aarch64-linux-llvm
139
134
  image: ruby:2.6
140
135
  qemu: aarch64
141
136
  libc: gnu
142
137
  - os: ubuntu-20.04
143
138
  cpu: x86_64
144
139
  platform: x86_64-linux
140
+ artifact: x86_64-linux-llvm
145
141
  image: ruby:2.6-alpine
146
142
  qemu: amd64
147
143
  libc: musl
148
144
  - os: ubuntu-20.04
149
145
  cpu: aarch64
150
146
  platform: aarch64-linux
151
- image: ruby:2.6-alpine
152
- qemu: aarch64
153
- libc: musl
154
- - os: ubuntu-20.04
155
- cpu: x86_64
156
- platform: x86_64-linux-gnu
157
- image: ruby:2.6
158
- qemu: amd64
159
- libc: gnu
160
- - os: ubuntu-20.04
161
- cpu: aarch64
162
- platform: aarch64-linux-gnu
163
- image: ruby:2.6
164
- qemu: aarch64
165
- libc: gnu
166
- - os: ubuntu-20.04
167
- cpu: x86_64
168
- platform: x86_64-linux-musl
169
- image: ruby:2.6-alpine
170
- qemu: amd64
171
- libc: musl
172
- - os: ubuntu-20.04
173
- cpu: aarch64
174
- platform: aarch64-linux-musl
147
+ artifact: aarch64-linux-llvm
175
148
  image: ruby:2.6-alpine
176
149
  qemu: aarch64
177
150
  libc: musl
178
151
  - os: ubuntu-20.04
179
152
  cpu: x86_64
180
153
  platform: java
154
+ artifact: java
181
155
  image: jruby:9.3.0.0
182
156
  qemu: amd64
183
157
  libc: gnu
@@ -199,7 +173,7 @@ jobs:
199
173
  echo "::set-output name=id::$(cat container_id)"
200
174
  - uses: actions/download-artifact@v2
201
175
  with:
202
- name: libddwaf-${{ matrix.platform }}-${{ github.run_id }}-${{ github.sha }}
176
+ name: libddwaf-${{ matrix.artifact }}-${{ github.run_id }}-${{ github.sha }}
203
177
  path: pkg
204
178
  - name: List artifact files
205
179
  run: find .
@@ -211,17 +185,17 @@ jobs:
211
185
  run: docker exec -w "${PWD}" ${{ steps.container.outputs.id }} gem install --verbose pkg/*.gem
212
186
  - name: Run smoke test
213
187
  run: |
214
- docker exec -w "${PWD}" ${{ steps.container.outputs.id }} ruby -r 'libddwaf' -e 'v = Datadog::AppSec::WAF::LibDDWAF::Version.new; Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version(v); p [v[:major], v[:minor], v[:patch]]'
188
+ docker exec -w "${PWD}" ${{ steps.container.outputs.id }} ruby -r 'libddwaf' -e 'p Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version'
215
189
  test-darwin:
216
190
  needs: package-binary
217
191
  strategy:
218
192
  fail-fast: false
219
193
  matrix:
220
194
  include:
221
- - os: macos-10.15
195
+ - os: macos-12
222
196
  cpu: x86_64
223
197
  platform: x86_64-darwin
224
- # - os: macos-11.0
198
+ # - os: macos-12
225
199
  # cpu: arm64
226
200
  # platform: arm64-darwin
227
201
  name: Test package (${{ matrix.platform }})
@@ -238,4 +212,4 @@ jobs:
238
212
  run: gem install --verbose pkg/*.gem
239
213
  - name: Run smoke test
240
214
  run: |
241
- ruby -r 'libddwaf' -e 'v = Datadog::AppSec::WAF::LibDDWAF::Version.new; Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version(v); p [v[:major], v[:minor], v[:patch]]'
215
+ ruby -r 'libddwaf' -e 'p Datadog::AppSec::WAF::LibDDWAF.ddwaf_get_version'
data/.github/workflows/test.yml CHANGED
@@ -10,127 +10,127 @@ jobs:
10
10
  include:
11
11
  - os: ubuntu-20.04
12
12
  cpu: x86_64
13
- platform: x86_64-linux-gnu
13
+ platform: x86_64-linux
14
14
  image: ruby:3.1
15
15
  qemu: amd64
16
16
  libc: gnu
17
17
  - os: ubuntu-20.04
18
18
  cpu: aarch64
19
- platform: aarch64-linux-gnu
19
+ platform: aarch64-linux
20
20
  image: ruby:3.1
21
21
  qemu: arm64
22
22
  libc: gnu
23
23
  - os: ubuntu-20.04
24
24
  cpu: x86_64
25
- platform: x86_64-linux-gnu
25
+ platform: x86_64-linux
26
26
  image: ruby:3.0
27
27
  qemu: amd64
28
28
  libc: gnu
29
29
  - os: ubuntu-20.04
30
30
  cpu: aarch64
31
- platform: aarch64-linux-gnu
31
+ platform: aarch64-linux
32
32
  image: ruby:3.0
33
33
  qemu: arm64
34
34
  libc: gnu
35
35
  - os: ubuntu-20.04
36
36
  cpu: x86_64
37
- platform: x86_64-linux-gnu
37
+ platform: x86_64-linux
38
38
  image: ruby:2.7
39
39
  qemu: amd64
40
40
  libc: gnu
41
41
  - os: ubuntu-20.04
42
42
  cpu: aarch64
43
- platform: aarch64-linux-gnu
43
+ platform: aarch64-linux
44
44
  image: ruby:2.7
45
45
  qemu: arm64
46
46
  libc: gnu
47
47
  - os: ubuntu-20.04
48
48
  cpu: x86_64
49
- platform: x86_64-linux-gnu
49
+ platform: x86_64-linux
50
50
  image: ruby:2.6
51
51
  qemu: amd64
52
52
  libc: gnu
53
53
  - os: ubuntu-20.04
54
54
  cpu: aarch64
55
- platform: aarch64-linux-gnu
55
+ platform: aarch64-linux
56
56
  image: ruby:2.6
57
57
  qemu: arm64
58
58
  libc: gnu
59
59
  - os: ubuntu-20.04
60
60
  cpu: x86_64
61
- platform: x86_64-linux-gnu
61
+ platform: x86_64-linux
62
62
  image: ruby:2.5
63
63
  qemu: amd64
64
64
  libc: gnu
65
65
  - os: ubuntu-20.04
66
66
  cpu: x86_64
67
- platform: x86_64-linux-gnu
67
+ platform: x86_64-linux
68
68
  image: ruby:2.4
69
69
  qemu: amd64
70
70
  libc: gnu
71
71
  - os: ubuntu-20.04
72
72
  cpu: x86_64
73
- platform: x86_64-linux-gnu
73
+ platform: x86_64-linux
74
74
  image: ruby:2.3
75
75
  qemu: amd64
76
76
  libc: gnu
77
77
  - os: ubuntu-20.04
78
78
  cpu: x86_64
79
- platform: x86_64-linux-gnu
79
+ platform: x86_64-linux
80
80
  image: ruby:2.2
81
81
  qemu: amd64
82
82
  libc: gnu
83
83
  - os: ubuntu-20.04
84
84
  cpu: x86_64
85
- platform: x86_64-linux-gnu
85
+ platform: x86_64-linux
86
86
  image: ruby:2.1
87
87
  qemu: amd64
88
88
  libc: gnu
89
89
  - os: ubuntu-20.04
90
90
  cpu: x86_64
91
- platform: x86_64-linux-musl
91
+ platform: x86_64-linux
92
92
  image: ruby:3.1-alpine
93
93
  qemu: amd64
94
94
  libc: musl
95
95
  - os: ubuntu-20.04
96
96
  cpu: aarch64
97
- platform: aarch64-linux-musl
97
+ platform: aarch64-linux
98
98
  image: ruby:3.1-alpine
99
99
  qemu: arm64
100
100
  libc: musl
101
101
  - os: ubuntu-20.04
102
102
  cpu: x86_64
103
- platform: x86_64-linux-musl
103
+ platform: x86_64-linux
104
104
  image: ruby:3.0-alpine
105
105
  qemu: amd64
106
106
  libc: musl
107
107
  - os: ubuntu-20.04
108
108
  cpu: aarch64
109
- platform: aarch64-linux-musl
109
+ platform: aarch64-linux
110
110
  image: ruby:3.0-alpine
111
111
  qemu: arm64
112
112
  libc: musl
113
113
  - os: ubuntu-20.04
114
114
  cpu: x86_64
115
- platform: x86_64-linux-musl
115
+ platform: x86_64-linux
116
116
  image: ruby:2.7-alpine
117
117
  qemu: amd64
118
118
  libc: musl
119
119
  - os: ubuntu-20.04
120
120
  cpu: aarch64
121
- platform: aarch64-linux-musl
121
+ platform: aarch64-linux
122
122
  image: ruby:2.7-alpine
123
123
  qemu: arm64
124
124
  libc: musl
125
125
  - os: ubuntu-20.04
126
126
  cpu: x86_64
127
- platform: x86_64-linux-musl
127
+ platform: x86_64-linux
128
128
  image: ruby:2.6-alpine
129
129
  qemu: amd64
130
130
  libc: musl
131
131
  - os: ubuntu-20.04
132
132
  cpu: aarch64
133
- platform: aarch64-linux-musl
133
+ platform: aarch64-linux
134
134
  image: ruby:2.6-alpine
135
135
  qemu: arm64
136
136
  libc: musl
@@ -196,13 +196,10 @@ jobs:
196
196
  fail-fast: false
197
197
  matrix:
198
198
  include:
199
- - os: macos-10.15
199
+ - os: macos-12
200
200
  cpu: x86_64
201
201
  platform: x86_64-darwin
202
- - os: macos-11.0
203
- cpu: x86_64
204
- platform: x86_64-darwin
205
- # - os: macos-11.0
202
+ # - os: macos-12
206
203
  # cpu: arm64
207
204
  # platform: arm64-darwin
208
205
  name: Test (${{ matrix.os }} ${{ matrix.cpu }})
data/CHANGELOG.md ADDED
@@ -0,0 +1,74 @@
1
+ # 2022-10-04 v1.5.1.0.0
2
+
3
+ - Update to libddwaf 1.5.1
4
+ - Add live rule data update API
5
+ - Add live rule toggle API
6
+ - Add libddwaf boolean type support
7
+ - Add Ruby to libddwaf object conversion limits
8
+ - Add Ruby to libddwaf object converter optional coercion of scalars to string
9
+ - Add static type checking via RBS+Steep
10
+ - Change version to return a string
11
+ - Change free function to be passed as config instead of context init argument
12
+ - Change result to include action list
13
+ - Change return code from action to status
14
+ - Change handle and context freeing model from GC-based to explicit
15
+ - Fix double-free upon finalization of retained C objects
16
+ - Fix context crash by retaining necessary C objects
17
+
18
+ # 2022-05-20 v1.3.0.2.0
19
+
20
+ - Fix multibyte string handling
21
+ - Support JRuby
22
+
23
+ # 2022-04-29 v1.3.0.1.0
24
+
25
+ Promotion of v1.3.0.1.0.beta1 to stable
26
+
27
+ # 2022-04-25 v1.3.0.1.0.beta1
28
+
29
+ - Add obfuscator configuration
30
+ - Add nested object limit configuration
31
+ - Add report ruleset information
32
+
33
+ # 2022-04-29 v1.3.0.0.0
34
+
35
+ - Promote v1.3.0.0.0.beta1 to stable
36
+
37
+ # 2022-04-20 v1.3.0.0.0.beta1
38
+
39
+ - Update to libddwaf 1.3.0
40
+
41
+ # 2022-03-18 v1.2.1.0.0.beta1
42
+
43
+ - Update to libddwaf 1.2.1
44
+ - Fix incorrect types for a few binding functions
45
+
46
+ # 2022-03-04 v1.0.14.2.1.beta1
47
+
48
+ - Fix incorrect return code
49
+ - Fix passing nil in libddwaf object containers
50
+
51
+ # 2022-02-07 v1.0.14.2.0.beta1
52
+
53
+ - Change Datadog::Security to Datadog::AppSec
54
+
55
+ # 2022-02-01 v1.0.14.1.0.beta2
56
+
57
+ - Add support for Ruby 3.1
58
+
59
+ # 2021-12-14 v1.0.14.1.0.beta1
60
+
61
+ - Fix sequential runs on a single context by retaining C input data objects
62
+
63
+ # 2021-11-24 v1.0.14.0.0.beta1
64
+
65
+ - Update to libddwaf 1.0.14
66
+
67
+ # 2021-11-24 v1.0.13.0.0.beta1
68
+
69
+ - Add ruby platform fallback for unsupported platforms
70
+ - Update to libddwaf 1.0.13
71
+
72
+ # 2021-10-13 v1.0.12.0.0.beta1
73
+
74
+ - Initial release
data/Steepfile ADDED
@@ -0,0 +1,22 @@
1
+ # D = Steep::Diagnostic
2
+
3
+ target :lib do
4
+ signature "sig"
5
+
6
+ check "lib"
7
+ library "rubygems"
8
+ library "logger"
9
+ library "monitor" # needed by logger
10
+ library "json"
11
+
12
+ repo_path "vendor/rbs"
13
+ library "ffi"
14
+ library "jruby"
15
+ library "gem"
16
+
17
+ # # configure_code_diagnostics(D::Ruby.strict) # `strict` diagnostics setting
18
+ # # configure_code_diagnostics(D::Ruby.lenient) # `lenient` diagnostics setting
19
+ # # configure_code_diagnostics do |hash| # You can setup everything yourself
20
+ # # hash[D::Ruby::NoMethod] = :information
21
+ # # end
22
+ end
data/lib/datadog/appsec/waf/version.rb CHANGED
@@ -2,8 +2,8 @@ module Datadog
2
2
  module AppSec
3
3
  module WAF
4
4
  module VERSION
5
- BASE_STRING = '1.3.0'
6
- STRING = "#{BASE_STRING}.2.0"
5
+ BASE_STRING = '1.5.1'
6
+ STRING = "#{BASE_STRING}.0.0"
7
7
  MINIMUM_RUBY_VERSION = '2.1'
8
8
  end
9
9
  end