Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(asm): update libddwaf to 1.19.0 #9906

Merged
merged 1 commit into from
Jul 23, 2024
Merged

chore(asm): update libddwaf to 1.19.0 #9906

merged 1 commit into from
Jul 23, 2024

Conversation

christophe-papazian
Copy link
Contributor

@christophe-papazian christophe-papazian commented Jul 23, 2024
edited
Loading

update libddwaf to 1.19.0

no further changes in the tracer are required as this update does not contain any breaking changes.

Backporting to 2.10 to able the backend to test the new waf features while deploying 2.10rc on staging

APPSEC-54212

Checklist

  • PR author has checked that all the criteria below are met
  • The PR description includes an overview of the change
  • The PR description articulates the motivation for the change
  • The change includes tests OR the PR description describes a testing strategy
  • The PR description notes risks associated with the change, if any
  • Newly-added code is easy to change
  • The change follows the library release note guidelines
  • The change includes or references documentation updates if necessary
  • Backport labels are set (if applicable)

Reviewer Checklist

  • Reviewer has checked that all the criteria below are met
  • Title is accurate
  • All changes are related to the pull request's stated goal
  • Avoids breaking API changes
  • Testing strategy adequately addresses listed risks
  • Newly-added code is easy to change
  • Release note makes sense to a user of the library
  • If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment
  • Backport labels are set in a manner that is consistent with the release branch maintenance policy

@christophe-papazian christophe-papazian added changelog/no-changelog A changelog entry is not required for this PR. ASM Application Security Monitoring labels Jul 23, 2024
@github-actions GitHub Actions
Copy link
Contributor

CODEOWNERS have been resolved as:

setup.py                                                                @DataDog/python-guild
tests/snapshots/tests.appsec.appsec.test_processor.test_appsec_body_no_collection_snapshot.json  @DataDog/asm-python
tests/snapshots/tests.appsec.appsec.test_processor.test_appsec_cookies_no_collection_snapshot.json  @DataDog/asm-python
tests/snapshots/tests.appsec.appsec.test_processor.test_appsec_span_tags_snapshot.json  @DataDog/asm-python
tests/snapshots/tests.appsec.appsec.test_processor.test_appsec_span_tags_snapshot_with_errors.json  @DataDog/asm-python
tests/snapshots/tests.contrib.django.test_django_appsec_snapshots.test_appsec_enabled.json  @DataDog/asm-python
tests/snapshots/tests.contrib.django.test_django_appsec_snapshots.test_appsec_enabled_attack.json  @DataDog/asm-python
tests/snapshots/tests.contrib.django.test_django_appsec_snapshots.test_request_ipblock_match_403.json  @DataDog/asm-python
tests/snapshots/tests.contrib.django.test_django_appsec_snapshots.test_request_ipblock_match_403_json.json  @DataDog/asm-python
tests/snapshots/tests.contrib.django.test_django_appsec_snapshots.test_request_ipblock_nomatch_200.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_ipblock_match_403[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_ipblock_match_403[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_ipblock_match_403_json[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_ipblock_match_403_json[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_osspawn[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_osspawn[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_ossystem[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_ossystem[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_subprocesscommunicatenoshell[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_subprocesscommunicatenoshell[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_subprocesscommunicateshell[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_processexec_subprocesscommunicateshell[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_userblock_match_200_json[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_userblock_match_200_json[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_userblock_match_403_json[flask_appsec_good_rules_env].json  @DataDog/asm-python
tests/snapshots/tests.contrib.flask.test_appsec_flask_snapshot.test_flask_userblock_match_403_json[flask_appsec_good_rules_env]_220.json  @DataDog/asm-python

@datadog-dd-trace-py-rkomorn
Copy link

datadog-dd-trace-py-rkomorn bot commented Jul 23, 2024
edited
Loading

Datadog Report

Branch report: christophe-papazian/upgrade-libddwaf-v1.19
Commit report: fbf29e5
Test service: dd-trace-py

✅ 0 Failed, 175755 Passed, 1175 Skipped, 9h 53m 21.5s Total duration (18m 36.42s time saved)
❄️ 1 New Flaky

New Flaky Tests (1)

  • test_propagation_memory_check[taintsource1-taintsource20] - test_iast_mem_check.py - Last Failure

    Expand for error 
     assert 28 == 27
  +  where 27 = num_objects_tainted()

@christophe-papazian christophe-papazian marked this pull request as ready for review July 23, 2024 09:44
@christophe-papazian christophe-papazian requested review from a team as code owners July 23, 2024 09:44
@christophe-papazian christophe-papazian enabled auto-merge (squash) July 23, 2024 09:51
@christophe-papazian christophe-papazian merged commit cac5e29 into main Jul 23, 2024
230 of 239 checks passed
@christophe-papazian christophe-papazian deleted the christophe-papazian/upgrade-libddwaf-v1.19 branch July 23, 2024 09:54
github-actions bot pushed a commit that referenced this pull request Jul 23, 2024
@christophe-papazian @github-actions
chore(asm): update libddwaf to 1.19.0 (#9906)
832c243 
update libddwaf to
[1.19.0](https://github.com/DataDog/libddwaf/releases/tag/1.19.0)

_no further changes in the tracer are required as this update does not
contain any breaking changes._

Backporting to 2.10 to able the backend to test the new waf features
while deploying 2.10rc on staging

## Checklist
- [x] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)

(cherry picked from commit cac5e29)
@github-actions github-actions bot mentioned this pull request Jul 23, 2024
Merged
2 tasks
christophe-papazian added a commit that referenced this pull request Jul 23, 2024
@github-actions @christophe-papazian
chore(asm): update libddwaf to 1.19.0 [backport 2.10] (#9907)
7ea31c5 
Backport cac5e29 from #9906 to 2.10.

update libddwaf to
[1.19.0](https://github.com/DataDog/libddwaf/releases/tag/1.19.0)

_no further changes in the tracer are required as this update does not
contain any breaking changes._

Backporting to 2.10 to able the backend to test the new waf features
while deploying 2.10rc on staging

## Checklist
- [x] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))

## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met 
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)

Co-authored-by: Christophe Papazian <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juanjux juanjux juanjux approved these changes

@sanchda sanchda Awaiting requested review from sanchda sanchda is a code owner automatically assigned from DataDog/python-guild

Assignees
No one assigned
Labels
ASM Application Security Monitoring backport 2.10 changelog/no-changelog A changelog entry is not required for this PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@christophe-papazian @juanjux