Andrew Howe
Andrew Howe
Associated issue: #2724 This PR adds the additional PHP wrappers documented at https://www.php.net/manual/en/wrappers.ssh2.php and a new test for each new wrapper: - `ssh2.shell://` - `ssh2.exec://` - `ssh2.tunnel://` - `ssh2.sftp://` -...
### Describe the bug Following on from #2722, it looks like we may be missing some additional PHP wrappers, specifically the `ssh2.*` family. **Source**: https://www.php.net/manual/en/wrappers.ssh2.php ### Expected behaviour We should...
PR resolves #2657 by removing all unnecessary escapes of forward slashes in regular expression patterns (excludes compiled/optimised patterns, which may still escape forward slashes). Only one instance of an unnecessary...
### Describe the bug We need to agree on a consistent way to reference multi-byte characters in regular expression patterns (and we can enforce this via `rules-check.py`.) Our current approach...
### Describe the bug Once v3.3.5 is out, we should update the v4 branch with all of the missing CHANGES.MD changes. It currently doesn't cover the most recent few v3.3...
### Describe the bug Both in the CRS repo (rule exclusion examples) and also the HTML documentation, the coverage of "when can I use a rule range in a rule...
### Motivation We agreed as a project that we need to fix the paranoia level scoring bugs in 3.3.4 (see: https://github.com/coreruleset/coreruleset/issues/3038#issuecomment-1419716639). We agreed not to do a full 3.3.5 fix...
### Describe the bug Since the official CRS Docker containers were modified recently to no longer support `root` by default, the testing in the CRS repo is broken out of...
For quantitative testing mode, the numbers reported for libInjection rules do not match with the numbers produced by running the reference shell script against Apache + ModSecurity v2. ## Testing...
*This issue is part of the ongoing* quantitative testing *natural language FPs improvement task. See the main issue for details: #4354* ### Description Doing a custom git bisect: #### The...