Open
Description
Since ages ago, probably when there was only one repo assigned in the OWASP organization, we pushed all the utilities related to CRS in the same repository as the rules.
This has lead to having lots of different tools and scripts in the same place, making it more difficult to test properly, and to perform updates on tools independent from the rules themselves.
After considering it in our October 2024 monthly chat, we decided to move away from this pattern.
The idea is then to split the tools and scripts in different repos. This will be the epic ticket to start the move.
The (updated) proposal is:
Move
- move crs-rules-check to its own repository #3892
- APPROVED_TAGS file is used by crs-rules-check. Must be moved with the script
- move the
rule_ctldirectory to its own repository. Done: https://github.com/coreruleset/rule-ctl -
⚠️ Look at thefind-rules-without-testas it is part of CI/CD tools #3880
Add to crs-toolchain as feature
- fp-finder: tool to find potential false positives in data files crs-toolchain#181
- feat: add php-dictionary-gen crs-toolchain#204
Remove
- Remove
av-scanningfrom utils #3870 - Remove
change-versionfrom util #3868 - Remove
find-max-datalen-in-tests#3890 - Remove
virtual-patching#3888 - Remove
honeypot-sensor#3882 - Remove
join-multiline-rules#3876 - Remove
send-payload-pls.sh#3878 - Remove
geo-location#3874 - Remove
crs2-renumbering#3872 - Remove
browser-tools#3886 - Remove
verify.rbandid-range#3884 -
regexp-tricks+ add documentation feat: add simple no lookahead regex generation crs-toolchain#202