Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Upgrade dependencies #319

Closed
fl0ppy-d1sk opened this issue Oct 5, 2022 · 5 comments
Closed

[FEATURE] Upgrade dependencies #319

fl0ppy-d1sk opened this issue Oct 5, 2022 · 5 comments
Labels
enhancement New feature or request next major Will be implemented in the next major version.

Comments

@fl0ppy-d1sk
Copy link
Member

Upgrade the dependencies :

  • ModSecurity
  • ModSecurity-nginx
  • OWASP CRS
  • LUA dependencies
  • PYTHON dependencies

We also need to add a way to automatically check and test new versions of (some) dependencies like the Python ones (cc @TheophileDiot).
@fl0ppy-d1sk fl0ppy-d1sk added enhancement New feature or request next major Will be implemented in the next major version. labels Oct 5, 2022
@EricDriussi
Copy link

Hi there! May I ask what versions of those dependencies are used?
I've looked around for a while but can't seem to find the information.

It would help a lot when troubleshooting 😃

@TheophileDiot
Copy link
Member

Hi @EricDriussi
Here are the current versions :

ModSecurity => v3.0.4
ModSecurity-nginx => v1.0.2
OWASP CRS => v3.3.2

The LUA deps and others are listed in this file :
https://github.com/bunkerity/bunkerweb/blob/master/deps/clone.sh

And the python deps are in theses two files :
https://github.com/bunkerity/bunkerweb/blob/master/deps/requirements.in
https://github.com/bunkerity/bunkerweb/blob/master/ui/requirements.txt

@EricDriussi
Copy link

Thank you very much!!

@EricDriussi EricDriussi mentioned this issue Dec 12, 2022
Closed
@alexanderadam
Copy link

FYI: ModSecurity => v3.0.9 apparently also doesn't suffer from the well-known memory leak any more.

@fl0ppy-d1sk
Copy link
Member Author

We updated many dependencies in the last v1.5.0-beta release.

Dependabot setup and various helpers will also help us to keep everything up-to-date.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request next major Will be implemented in the next major version.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@alexanderadam @EricDriussi @fl0ppy-d1sk @TheophileDiot