-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Removed code for SecStatusEngine #3157
Removed code for SecStatusEngine #3157
Conversation
…ction. Directives are still allowed but ignored.
If you remove SecRemoteRules, everything curl could be removed IMHO from modsec (but not mlogc), which eliminates a big dependency. |
I think probably splitting this into smaller PRs would be what we want, right? One for SecStatusEngine. Another for SecRemoteRules*? |
I agree with @fzipi: we should split this PR into more smaller, but I think it's more important that we have to announce that we will eliminate these functions in next(-next) release. Perhaps in first step we should add a warning message if someone uses any of them, and (if the user checks the logs after startup) then it can be visible our aim. Also we should make these eliminations in v3 too, in parallel with v2, I guess. So I would close this PR without merging - what do you think guys? |
Also we should check the CI logs - all builds were fail. |
My bad:
So, we indeed must split the PR. As SecStatusEngine is already broken, I think there's no problem to remove the code, even without announcing it (in advance), as it doesn't do anything already (except potentially introducing a delay). |
I'm not a fan of the remote rules and namely how it was being implemented, but commercial rule vendors do use this and I am sure there are people who host their own rules centrally and then load them on startup. We have to keep this around for the time being. |
I re-introduced the code for SecRemoteRules & SecRemoteRulesFailAction |
Looks like pipeline is failing... |
Why are the ISSUE_TEMPLATES also being modified in this PR? Maybe move those to a new PR? |
Quality Gate passedIssues Measures |
Removed code for SecStatusEngine.
Directives is still allowed but ignored.