Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dockerfile is not really pulling in the ModSecurity v3/dev/wasm-experimental branch #37

Open
dspeg opened this issue Nov 1, 2022 · 4 comments
Open

Dockerfile is not really pulling in the ModSecurity v3/dev/wasm-experimental branch #37

dspeg opened this issue Nov 1, 2022 · 4 comments

Comments

@dspeg
Copy link
Contributor

dspeg commented Nov 1, 2022

In the Dockerfile, there are the below lines:

# Commit from SpiderLabs/ModSecurity repository, aiming at v3/dev/wasm-experimental branch
ARG MODSEC_SHA=a3454df9b09a8de16d41be10cdea4fc46ef08e91

WORKDIR /root/
RUN git clone https://github.com/emscripten-core/emsdk.git -b 3.1.16 \ 
    && git clone https://github.com/M4tteoP/libpcre.git -b wasm-emscripten \
    && git clone https://github.com/SpiderLabs/ModSecurity.git \
    && git -C ModSecurity checkout $MODSEC_SHA \

The tag a3454df9b09a8de16d41be10cdea4fc46ef08e91 is not pointing to the ModSecurity v3/dev/wasm-experimental branch. Any specific reason?

>git -C ModSecurity checkout a3454df9b09a8de16d41be10cdea4fc46ef08e91
Note: switching to 'a3454df9b09a8de16d41be10cdea4fc46ef08e91'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by switching back to a branch.
@dspeg
Copy link
Contributor Author

dspeg commented Nov 3, 2022

Are there any concerns for just using the ModSecurity v3/dev/wasm-experimental branch?

@M4tteoP
Copy link
Contributor

M4tteoP commented Nov 4, 2022
edited
Loading

Hi @dspeg!

is not pointing to the ModSecurity v3/dev/wasm-experimental branch

It actually is, you are just checking out the specific commit, it is intended to end up with a detached HEAD.
You may also see it with a git log after checking out the latest commit with git checkout v3/dev/wasm-experimental or here (look at the commit that starts with a3454df).

Are there any concerns for just using the ModSecurity v3/dev/wasm-experimental branch?

I would say just a matter of precaution: by default, it is not doing the checkout of v3/dev/wasm-experimental in order to avoid pulling changes from the experimental branch that can break the wasm filter. This is why we stick with commits that are proven to work.

@M4tteoP
Copy link
Contributor

M4tteoP commented Nov 5, 2022

Proposing to update to the latest commit, no big changes at all, but just to test and stick with the latest one #38 :)

@dspeg
Copy link
Contributor Author

dspeg commented Nov 10, 2022

Thank you @M4tteoP for making the changes! It is really nice to periodically change to reference a verified, tested recent commit in ModSecurity v3/dev/wasm-experimental branch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@M4tteoP @dspeg