aiwaf 0.1.9.1.5__tar.gz → 0.1.9.1.7__tar.gz

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.9.1.5
+Version: 0.1.9.1.7
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -249,6 +249,7 @@ python manage.py check_dependencies --upgrade --check-security --update-requirem
 - ✅ **Dry run mode** for testing upgrade plans
 - ✅ **AIWAF compatibility validation**
 - ✅ **Automatic requirements.txt updates** after successful upgrades
+- ✅ **Pip cache clearing** to prevent cache-related issues
 
 **Safe Upgrade System:**
 
@@ -305,6 +306,9 @@ The upgrade system is designed to maintain AIWAF stability while keeping your pa
 
 🎉 Upgrade complete: 2/2 packages upgraded successfully
 
+🧹 Clearing pip cache...
+   ✅ Pip cache cleared successfully
+
 📝 Updating requirements.txt...
    📋 Backup created: requirements.txt.backup
    📦 pandas: pandas>=1.3 → pandas>=1.5.3
@@ -323,6 +327,7 @@ The upgrade system is designed to maintain AIWAF stability while keeping your pa
 - 🧪 **Dry Run Mode**: Test upgrade plans before execution
 - ⚠️ **Clear Blocking Reasons**: Explains why upgrades are blocked
 - 📝 **Requirements.txt Updates**: Automatically updates dependency files
+- 🧹 **Cache Management**: Clears pip cache after successful upgrades
 
 **Recommended Upgrade Workflow:**
 
@@ -361,6 +366,7 @@ The system uses a multi-layer decision process:
 - **Layer 3**: Analyze cross-package dependencies  
 - **Layer 4**: Select highest safe version within constraints
 - **Layer 5**: Execute with error handling and rollback capability
+- **Layer 6**: Clear pip cache and update requirements.txt after success
 
 This will ensure the IP is never blocked by AI‑WAF. You can also manage exemptions via the Django admin interface.
 

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/README.md

@@ -226,6 +226,7 @@ python manage.py check_dependencies --upgrade --check-security --update-requirem
 - ✅ **Dry run mode** for testing upgrade plans
 - ✅ **AIWAF compatibility validation**
 - ✅ **Automatic requirements.txt updates** after successful upgrades
+- ✅ **Pip cache clearing** to prevent cache-related issues
 
 **Safe Upgrade System:**
 
@@ -282,6 +283,9 @@ The upgrade system is designed to maintain AIWAF stability while keeping your pa
 
 🎉 Upgrade complete: 2/2 packages upgraded successfully
 
+🧹 Clearing pip cache...
+   ✅ Pip cache cleared successfully
+
 📝 Updating requirements.txt...
    📋 Backup created: requirements.txt.backup
    📦 pandas: pandas>=1.3 → pandas>=1.5.3
@@ -300,6 +304,7 @@ The upgrade system is designed to maintain AIWAF stability while keeping your pa
 - 🧪 **Dry Run Mode**: Test upgrade plans before execution
 - ⚠️ **Clear Blocking Reasons**: Explains why upgrades are blocked
 - 📝 **Requirements.txt Updates**: Automatically updates dependency files
+- 🧹 **Cache Management**: Clears pip cache after successful upgrades
 
 **Recommended Upgrade Workflow:**
 
@@ -338,6 +343,7 @@ The system uses a multi-layer decision process:
 - **Layer 3**: Analyze cross-package dependencies  
 - **Layer 4**: Select highest safe version within constraints
 - **Layer 5**: Execute with error handling and rollback capability
+- **Layer 6**: Clear pip cache and update requirements.txt after success
 
 This will ensure the IP is never blocked by AI‑WAF. You can also manage exemptions via the Django admin interface.
 

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/aiwaf/__init__.py

@@ -1,6 +1,6 @@
 default_app_config = "aiwaf.apps.AiwafConfig"
 
-__version__ = "0.1.9.1.5"
+__version__ = "0.1.9.1.7"
 
 # Note: Middleware classes are available from aiwaf.middleware
 # Import them only when needed to avoid circular imports during Django app loading

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/aiwaf/management/commands/check_dependencies.py

@@ -498,7 +498,9 @@ class Command(BaseCommand):
                 else u['package']['name'] 
                 for u in safe_upgrades
             ])
-            self.stdout.write(f"Command that would be executed:\n   {upgrade_cmd}")
+            self.stdout.write(f"Commands that would be executed:")
+            self.stdout.write(f"   {upgrade_cmd}")
+            self.stdout.write(f"   pip cache purge  # Clear pip cache after upgrades")
             return []
             return []
         else:
@@ -537,6 +539,20 @@ class Command(BaseCommand):
             self.stdout.write(f"\n🎉 Upgrade complete: {success_count}/{len(safe_upgrades)} packages upgraded successfully")
             
             if success_count > 0:
+                # Clear pip cache after successful upgrades
+                self.stdout.write(self.style.HTTP_INFO("\n🧹 Clearing pip cache..."))
+                try:
+                    cache_result = subprocess.run(['pip', 'cache', 'purge'], 
+                                                capture_output=True, text=True, timeout=60)
+                    if cache_result.returncode == 0:
+                        self.stdout.write(self.style.SUCCESS("   ✅ Pip cache cleared successfully"))
+                    else:
+                        self.stdout.write(self.style.WARNING(f"   ⚠️  Cache clear warning: {cache_result.stderr}"))
+                except subprocess.TimeoutExpired:
+                    self.stdout.write(self.style.WARNING("   ⚠️  Pip cache clear timed out"))
+                except Exception as e:
+                    self.stdout.write(self.style.WARNING(f"   ⚠️  Could not clear pip cache: {e}"))
+                
                 self.stdout.write(self.style.HTTP_INFO("\n💡 Recommendations after upgrade:"))
                 self.stdout.write("   1. Run tests to ensure everything works correctly")
                 self.stdout.write("   2. Run 'python manage.py check_dependencies' again to verify")

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/aiwaf/middleware.py

@@ -17,7 +17,7 @@ from django.urls import get_resolver
 from .trainer import STATIC_KW, STATUS_IDX, path_exists_in_django
 from .blacklist_manager import BlacklistManager
 from .models import IPExemption
-from .utils import is_exempt, get_ip, is_ip_exempted
+from .utils import is_exempt, get_ip, is_ip_exempted, is_exempt_path
 from .storage import get_keyword_store
 
 MODEL_PATH = getattr(
@@ -191,10 +191,12 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         key = f"aiwaf:{ip}"
         data = cache.get(key, [])
         path_len = len(request.path)
-        if not path_exists_in_django(request.path) and not is_exempt(request):
+        
+        # Use the same scoring logic as trainer.py
+        known_path = path_exists_in_django(request.path)
+        kw_hits = 0
+        if not known_path and not is_exempt_path(request.path):
             kw_hits = sum(1 for kw in STATIC_KW if kw in request.path.lower())
-        else:
-            kw_hits = 0
 
         resp_time = now - getattr(request, "_start_time", now)
         status_code = str(response.status_code)
@@ -206,11 +208,60 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         
         # Only use AI model if it's available
         if self.model is not None and self.model.predict(X)[0] == -1:
-            # BlacklistManager.block() now checks exemptions internally
-            BlacklistManager.block(ip, "AI anomaly")
-            # Check if actually blocked (exempted IPs won't be blocked)
-            if BlacklistManager.is_blocked(ip):
-                return JsonResponse({"error": "blocked"}, status=403)
+            # AI detected anomaly - but analyze patterns before blocking (like trainer.py)
+            
+            # Get recent behavior data for this IP to make intelligent blocking decision
+            recent_data = [d for d in data if now - d[0] <= 300]  # Last 5 minutes
+            
+            if recent_data:
+                # Calculate behavior metrics similar to trainer.py
+                recent_kw_hits = []
+                recent_404s = 0
+                recent_burst_counts = []
+                
+                for entry_time, entry_path, entry_status, entry_resp_time in recent_data:
+                    # Calculate keyword hits for this entry
+                    entry_known_path = path_exists_in_django(entry_path)
+                    entry_kw_hits = 0
+                    if not entry_known_path and not is_exempt_path(entry_path):
+                        entry_kw_hits = sum(1 for kw in STATIC_KW if kw in entry_path.lower())
+                    recent_kw_hits.append(entry_kw_hits)
+                    
+                    # Count 404s
+                    if entry_status == 404:
+                        recent_404s += 1
+                    
+                    # Calculate burst for this entry (requests within 10 seconds)
+                    entry_burst = sum(1 for (t, _, _, _) in recent_data if abs(entry_time - t) <= 10)
+                    recent_burst_counts.append(entry_burst)
+                
+                # Calculate averages and maximums
+                avg_kw_hits = sum(recent_kw_hits) / len(recent_kw_hits) if recent_kw_hits else 0
+                max_404s = recent_404s
+                avg_burst = sum(recent_burst_counts) / len(recent_burst_counts) if recent_burst_counts else 0
+                total_requests = len(recent_data)
+                
+                # Don't block if it looks like legitimate behavior (same thresholds as trainer.py):
+                if (
+                    avg_kw_hits < 2 and           # Not hitting many malicious keywords
+                    max_404s < 10 and            # Not excessive 404s
+                    avg_burst < 15 and           # Not excessive burst activity
+                    total_requests < 100         # Not excessive total requests
+                ):
+                    # Anomalous but looks legitimate - don't block
+                    pass
+                else:
+                    # Block if it shows clear signs of malicious behavior
+                    BlacklistManager.block(ip, f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
+                    # Check if actually blocked (exempted IPs won't be blocked)
+                    if BlacklistManager.is_blocked(ip):
+                        return JsonResponse({"error": "blocked"}, status=403)
+            else:
+                # No recent data to analyze - be more conservative, only block on very suspicious current request
+                if kw_hits >= 2 or status_idx == STATUS_IDX.index("404"):
+                    BlacklistManager.block(ip, "AI anomaly + immediate suspicious behavior")
+                    if BlacklistManager.is_blocked(ip):
+                        return JsonResponse({"error": "blocked"}, status=403)
 
         data.append((now, request.path, response.status_code, resp_time))
         data = [d for d in data if now - d[0] < self.WINDOW]

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/aiwaf.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.9.1.5
+Version: 0.1.9.1.7
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -249,6 +249,7 @@ python manage.py check_dependencies --upgrade --check-security --update-requirem
 - ✅ **Dry run mode** for testing upgrade plans
 - ✅ **AIWAF compatibility validation**
 - ✅ **Automatic requirements.txt updates** after successful upgrades
+- ✅ **Pip cache clearing** to prevent cache-related issues
 
 **Safe Upgrade System:**
 
@@ -305,6 +306,9 @@ The upgrade system is designed to maintain AIWAF stability while keeping your pa
 
 🎉 Upgrade complete: 2/2 packages upgraded successfully
 
+🧹 Clearing pip cache...
+   ✅ Pip cache cleared successfully
+
 📝 Updating requirements.txt...
    📋 Backup created: requirements.txt.backup
    📦 pandas: pandas>=1.3 → pandas>=1.5.3
@@ -323,6 +327,7 @@ The upgrade system is designed to maintain AIWAF stability while keeping your pa
 - 🧪 **Dry Run Mode**: Test upgrade plans before execution
 - ⚠️ **Clear Blocking Reasons**: Explains why upgrades are blocked
 - 📝 **Requirements.txt Updates**: Automatically updates dependency files
+- 🧹 **Cache Management**: Clears pip cache after successful upgrades
 
 **Recommended Upgrade Workflow:**
 
@@ -361,6 +366,7 @@ The system uses a multi-layer decision process:
 - **Layer 3**: Analyze cross-package dependencies  
 - **Layer 4**: Select highest safe version within constraints
 - **Layer 5**: Execute with error handling and rollback capability
+- **Layer 6**: Clear pip cache and update requirements.txt after success
 
 This will ensure the IP is never blocked by AI‑WAF. You can also manage exemptions via the Django admin interface.
 

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "aiwaf"
-version = "0.1.9.1.5"
+version = "0.1.9.1.7"
 description = "AI-powered Web Application Firewall"
 readme = "README.md"
 requires-python = ">=3.8"

{aiwaf-0.1.9.1.5 → aiwaf-0.1.9.1.7}/setup.py

@@ -9,7 +9,7 @@ long_description = (HERE / "README.md").read_text(encoding="utf-8")
 
 setup(
     name="aiwaf",
-    version="0.1.9.1.5",
+    version="0.1.9.1.7",
     description="AI‑driven, self‑learning Web Application Firewall for Django",
     long_description=long_description,
     long_description_content_type="text/markdown",