DataDog · Anilm3 · Jan 13, 2023 · Jan 12, 2023 · Jan 12, 2023 · Jan 13, 2023
@@ -17,6 +17,7 @@ jobs:
   system-tests:
     runs-on: ubuntu-latest
     strategy:
+      fail-fast: false
       matrix:
         include:
           - weblog-variant: apache-mod-7.0

@@ -1,5 +1,56 @@
 # Datadog AppSec for PHP Release
 
+### v0.5.0
+#### Fixes
+ - ([#120](https://github.com/DataDog/dd-appsec-php/pull/120)) Return error response in helper when incoming message can't be adequately handled
+ - ([#124](https://github.com/DataDog/dd-appsec-php/pull/124)) Avoid creating log file as root
+ - ([#130](https://github.com/DataDog/dd-appsec-php/pull/130)) Reset context on shutdown
+ - ([#132](https://github.com/DataDog/dd-appsec-php/pull/132)) Handle errors on `request_shutdown`
+ - ([#170](https://github.com/DataDog/dd-appsec-php/pull/170)) Avoid regenerating ip when multiple headers are already present
+
+#### Additions
+ - ([#114](https://github.com/DataDog/dd-appsec-php/pull/114)) Add zai config
+ - ([#128](https://github.com/DataDog/dd-appsec-php/pull/128)) Replace `actor.ip` with `http.client_ip`
+ - ([#151](https://github.com/DataDog/dd-appsec-php/pull/151)) PHP 8.2RC support
+ - ([#155](https://github.com/DataDog/dd-appsec-php/pull/155)) Generate IP on appsec
+ - ([#166](https://github.com/DataDog/dd-appsec-php/pull/166)) Support PHP 8.2 Release
+ - ([#174](https://github.com/DataDog/dd-appsec-php/pull/174)) Login and custom event SDK
+
+#### Miscellaneous Changes
+ - ([#117](https://github.com/DataDog/dd-appsec-php/pull/117)) Upgrade WAF to 1.5.0 and ruleset to 1.4.0
+ - ([#125](https://github.com/DataDog/dd-appsec-php/pull/125)) Update ip extraction module
+ - ([#129](https://github.com/DataDog/dd-appsec-php/pull/129)) Make test use latest version of ddtrace 0.79.0
+ - ([#142](https://github.com/DataDog/dd-appsec-php/pull/142)) Update ddtrace-basic test to be compatible with older tracers
+ - ([#152](https://github.com/DataDog/dd-appsec-php/pull/152)) Fix package / release build
+ - ([#153](https://github.com/DataDog/dd-appsec-php/pull/153)) Update LLVM script
+ - ([#172](https://github.com/DataDog/dd-appsec-php/pull/172)) Fix package build
+ - ([#175](https://github.com/DataDog/dd-appsec-php/pull/175)) WAF upgrade to 1.6.0 and ruleset to 1.4.2
+
+### v0.4.5
+#### Miscellaneous Changes
+- ([#154](https://github.com/DataDog/dd-appsec-php/pull/154)) Support for PHP 8.2.0RC6
+
+### v0.4.4
+#### Additions
+- ([#141](https://github.com/DataDog/dd-appsec-php/pull/141)) Generate ip and duplicate ip headers on appsec
+
+### v0.4.3
+#### Fixes
+- ([#132](https://github.com/DataDog/dd-appsec-php/pull/132)) Handle errors on request shutdown
+
+### v0.4.2
+#### Fixes
+- ([#127](https://github.com/DataDog/dd-appsec-php/pull/127)) Handle helper errors gracefully
+- ([#130](https://github.com/DataDog/dd-appsec-php/pull/130)) Reset context on shutdown
+
+### v0.4.1
+#### Fixes
+- ([#120](https://github.com/DataDog/dd-appsec-php/pull/120)) Return error response in helper when incoming message can't be unpacked
+- ([#124](https://github.com/DataDog/dd-appsec-php/pull/124)) Avoid creating a log file during MINIT/MSHUTDOWN
+
+#### Miscellaneous Changes
+- ([#123](https://github.com/DataDog/dd-appsec-php/pull/123)) Enable CI on all relevant branches
+
 ### v0.4.0
 #### Fixes
 - ([#99](https://github.com/DataDog/dd-appsec-php/pull/99)) Fix interned string invalidation on PHP <= 7.2

@@ -7,7 +7,7 @@ HunterGate(
     URL "https://github.com/cpp-pm/hunter/archive/v0.23.314.tar.gz"
     SHA1 "95c47c92f68edb091b5d6d18924baabe02a6962a")
 
-project(ddappsec VERSION 0.4.0)
+project(ddappsec VERSION 0.5.0)
 
 include(CheckCCompilerFlag)
 include(CheckCXXCompilerFlag)

@@ -52,7 +52,6 @@ extern bool runtime_config_first_init;
     CONFIG(STRING, DD_APPSEC_HELPER_EXTRA_ARGS, "")                                                             \
     CONFIG(STRING, DD_SERVICE, "", CALIASES("DD_SERVICE_NAME"))                                                 \
     CONFIG(STRING, DD_ENV, "")                                                                                  \
-    CONFIG(BOOL, DD_TRACE_CLIENT_IP_HEADER_DISABLED, "false")                                                   \
     CONFIG(CUSTOM(STRING), DD_TRACE_CLIENT_IP_HEADER, "", .parser = dd_parse_client_ip_header_config)
 // clang-format on
 

@@ -53,7 +53,7 @@ TEST(ClientTest, ClientInit)
     EXPECT_TRUE(c.run_client_init());
     EXPECT_STREQ(res.status.c_str(), "ok");
     EXPECT_EQ(res.meta.size(), 2);
-    EXPECT_STREQ(res.meta[tag::waf_version].c_str(), "1.5.0");
+    EXPECT_STREQ(res.meta[tag::waf_version].c_str(), "1.6.0");
     EXPECT_STREQ(res.meta[tag::event_rules_errors].c_str(), "{}");
 
     EXPECT_EQ(res.metrics.size(), 2);
@@ -88,7 +88,7 @@ TEST(ClientTest, ClientInitInvalidRules)
     EXPECT_TRUE(c.run_client_init());
     EXPECT_STREQ(res.status.c_str(), "ok");
     EXPECT_EQ(res.meta.size(), 2);
-    EXPECT_STREQ(res.meta[tag::waf_version].c_str(), "1.5.0");
+    EXPECT_STREQ(res.meta[tag::waf_version].c_str(), "1.6.0");
 
     rapidjson::Document doc;
     doc.Parse(res.meta[tag::event_rules_errors]);

@@ -46,7 +46,7 @@ TEST(WafTest, InitWithInvalidRules)
     subscriber::ptr wi{waf::instance::from_settings(cs, meta, metrics)};
 
     EXPECT_EQ(meta.size(), 2);
-    EXPECT_STREQ(meta[tag::waf_version].c_str(), "1.5.0");
+    EXPECT_STREQ(meta[tag::waf_version].c_str(), "1.6.0");
 
     rapidjson::Document doc;
     doc.Parse(meta[tag::event_rules_errors]);

@@ -3,6 +3,7 @@ include(FetchContent)
 option(MPACK_DEBUG "Compile mpack with MPACK_DEBUG=1 and min buffer size" OFF)
 
 if(DD_APPSEC_BUILD_HELPER)
+    set(LIBDDWAF_TESTING OFF)
     add_subdirectory(libddwaf EXCLUDE_FROM_ALL)
 
     FetchContent_Declare(
@@ -81,7 +82,7 @@ FetchContent_MakeAvailable(spdlog)
 include(ExternalProject)
 ExternalProject_Add(event_rules
     GIT_REPOSITORY https://github.com/DataDog/appsec-event-rules.git
-    GIT_TAG 1.4.0
+    GIT_TAG 1.4.2
     GIT_SHALLOW ON
     CONFIGURE_COMMAND ""
     BUILD_COMMAND ""