Skip to content

Releases: sqreen/go-libsqreen

v0.7.0

13 Jul 11:01
Compare
Choose a tag to compare

New features:

  • Update to libsqreen v0.7.0:

    • Fix false positives in libinjection SQL heuristics
    • Fix a false positive in libinjection XSS heuristics
  • Add support for boolean values.

  • Add support for float values.

Fixes:

  • Fix memory deallocator of non-allocated values.

v0.6.1

12 May 14:07
Compare
Choose a tag to compare

Fixes:

  • When running a rule with multiple parameters, don't stop processing if a parameter is missing.
  • Add support for the config key in the init payload.
  • Add support for prefixes to operators.
  • Add a switch through both means to revert the first fix.

v0.4.2

23 Jan 18:59
3e3e772
Compare
Choose a tag to compare

Fixes:

  • Vendoring: C files were not copied by go mod vendor because they were not into a Go package. By moving them into the bindings package, they are now correctly copied by the regular go mod vendor command without further concer.

  • Remove the unused plugin compilation mode since we now it won't be used anymore.

v0.4.1

11 Dec 09:04
Compare
Choose a tag to compare

New Feature:

  • Marshaling of Go values into WAF values is now written in Go to avoid the
    overhead of lots of short calls to C.

Internal changes:

  • Maximum traversal depth when marshaling a Go value.

  • Overall performance improvments of the marshaler, mainly by removing some
    useless string copies.

  • CI: alpine is now part of the tests.

v0.4.0

14 Oct 14:53
07c2847
Compare
Choose a tag to compare
  • Update the latest libsqreen version which includes the @pm operator.
  • Export Go error types instead of C.

v0.2.0

19 Sep 08:48
e2d12e9
Compare
Choose a tag to compare

Go bindings for the WAF library. The C library is only available for Go targets
linux,amd64 or darwin,amd64. Any other Go target is stubbed with a failsafe
implementation allowing the agent to compile and to properly work.