The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
README.md	2026-03-11	15.6 kB	0
v3.4.0 source code.tar.gz	2026-03-11	387.8 kB	1
v3.4.0 source code.zip	2026-03-11	629.5 kB	1
Totals: 3 Items		1.0 MB	2

What's Changed

Features

feat: allow selectors on *_NAMES collections by @blotus in https://github.com/corazawaf/coraza/pull/1143
feat: auditlog syslog writer by @Serjick in https://github.com/corazawaf/coraza/pull/1383
feat: add json schema improvements by @jcchavezs in https://github.com/corazawaf/coraza/pull/1384
feat: implement ctl:auditLogParts + and - for modifying audit logs by @fzipi in https://github.com/corazawaf/coraza/pull/1467
feat(strmatch): add new operator by @fzipi in https://github.com/corazawaf/coraza/pull/1473
feat: add optional rule observer callback to WAF config by @heaven in https://github.com/corazawaf/coraza/pull/1478
feat: add WAFWithRules interface with RulesCount() by @ppomes in https://github.com/corazawaf/coraza/pull/1492
feat: add SecRequestBodyJsonDepthLimit directive by @fzipi in https://github.com/corazawaf/coraza/pull/1110
feat: ignore unexpected EOF in MIME multipart request body processor by @hnakamur in https://github.com/corazawaf/coraza/pull/1453
feat: optimize ruleRemoveById range handling store ranges instead of expanding to int slices by @Copilot in https://github.com/corazawaf/coraza/pull/1538

Fixes

fix(go1.24): bump linter by @M4tteoP in https://github.com/corazawaf/coraza/pull/1330
fix(deps): update all non-major dependencies in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1326
fix(deps): update module github.com/mccutchen/go-httpbin/v2 to v2.18.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1331
audit: H should populate also with error logs. by @M4tteoP in https://github.com/corazawaf/coraza/pull/1310
fix(deps): update module github.com/rs/zerolog to v1.34.0 in testing/coreruleset/go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1332
fix(deps): update module golang.org/x/net to v0.38.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1337
fixes misspelled build tag coraza.rule.multiphase_evaluation by @daum3ns in https://github.com/corazawaf/coraza/pull/1338
fix(deps): update module github.com/corazawaf/coraza-coreruleset/v4 to v4.10.0 in testing/coreruleset/go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1341
fix(deps): update module golang.org/x/sync to v0.13.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1344
fix(deps): update module golang.org/x/net to v0.39.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1346
fix(deps): update go modules in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1354
fix(deps): update all non-major dependencies in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1342
fix: coraza.conf-recommended, stricter parsing actions by @M4tteoP in https://github.com/corazawaf/coraza/pull/1352
fix(deps): update go modules in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1372
fix: regenerate variables map to allow selection on all supported collections by @blotus in https://github.com/corazawaf/coraza/pull/1371
fix: nil deference on err.Error() by @ad3n in https://github.com/corazawaf/coraza/pull/1367
fix(deps): update all non-major dependencies in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1373
fix(deps): update module github.com/mccutchen/go-httpbin/v2 to v2.18.3 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1374
fix(deps): update github.com/magefile/mage digest to 78acbaf in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1375
fix: resolve cutQuotedString issue with double backslashes (\) by @trgalho in https://github.com/corazawaf/coraza/pull/1364
fix(deps): update module github.com/corazawaf/coraza-coreruleset/v4 to v4.15.0 in testing/coreruleset/go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1376
fix: wrong status returned when SecResponseBodyLimit is reached and Action is Reject by @daum3ns in https://github.com/corazawaf/coraza/pull/1379
fix(deps): update module golang.org/x/sync to v0.16.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1385
fix(deps): update module golang.org/x/net to v0.42.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1386
fix(deps): update module github.com/bmatcuk/doublestar/v4 to v4.9.0 in testing/coreruleset/go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1388
fix(deps): update all non-major dependencies in testing/coreruleset/go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1392
Fixed mandatory check of rule ID. by @brijeshjvalera in https://github.com/corazawaf/coraza/pull/1325
fix: cutQuotedString - not working for \"" by @trgalho in https://github.com/corazawaf/coraza/pull/1394
fix(deps): update module golang.org/x/net to v0.43.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1397
fix: lowercase regex patterns for case-insensitive variable collections by @fzipi in https://github.com/corazawaf/coraza/pull/1505
fix: ctl:ruleRemoveTargetById to support whole-collection exclusion by @Copilot in https://github.com/corazawaf/coraza/pull/1495
fix: update constants for recursion limit by @jcchavezs in https://github.com/corazawaf/coraza/pull/1512
Fix HTTP middleware to process all Transfer-Encoding values by @Copilot in https://github.com/corazawaf/coraza/pull/1518
fix: set changed flag in removeComments and escapeSeqDecode by @jptosso in https://github.com/corazawaf/coraza/pull/1532
fix(testing): Correct use of ProcessURI in Benchmarks by @MarcWort in https://github.com/corazawaf/coraza/pull/1546
fix: typo in responseWriter name in TestWriteResponseBody by @hnakamur in https://github.com/corazawaf/coraza/pull/1451
fix: streamed responses by @daum3ns in https://github.com/corazawaf/coraza/pull/1449
fix: adds timeout to tinygo by @jcchavezs in https://github.com/corazawaf/coraza/pull/1463
fix: pass through respose body after process partial by @M4tteoP in https://github.com/corazawaf/coraza/pull/1461
fix: directive name is SecAuditLogsStorageDir by @fzipi in https://github.com/corazawaf/coraza/pull/1466
fix: SecRuleUpdateActionById should replace disruptive actions by @fzipi in https://github.com/corazawaf/coraza/pull/1471
fix(1482): improve quotes parsing during seclang bootstrap by @jptosso in https://github.com/corazawaf/coraza/pull/1486
fix(deps): update module golang.org/x/net to v0.45.0 [security] by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1487
fix(deps): update module golang.org/x/sync to v0.20.0 in go.mod by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1543

Tests

updates CRS tests from v4.10.0 to v4.14.0 by @M4tteoP in https://github.com/corazawaf/coraza/pull/1355
updates tests to CRS 4.20 by @M4tteoP in https://github.com/corazawaf/coraza/pull/1444
fix tinygo tests for go 25 by @jptosso in https://github.com/corazawaf/coraza/pull/1485
fix(testing): Correct use of ProcessURI in Benchmarks by @MarcWort in https://github.com/corazawaf/coraza/pull/1546
Pre add testcase for streamed responses by @jcchavezs in https://github.com/corazawaf/coraza/pull/1459

Chores and Other

chore(deps): update github/codeql-action digest to 1b549b9 in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1335
chore: improves coraza.conf-recommended comments by @M4tteoP in https://github.com/corazawaf/coraza/pull/1334
chore: update tinygo 0.34.0 by @M4tteoP in https://github.com/corazawaf/coraza/pull/1353
Add @pmf short alias for @pmFromFile by @dmefs in https://github.com/corazawaf/coraza/pull/1356
Add @ipMatchF short alias for @ipMatchFromFile by @dmefs in https://github.com/corazawaf/coraza/pull/1357
chore(deps): update codecov/codecov-action digest to 18283e0 in .github/workflows/regression.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1359
chore(deps): update github/codeql-action digest to ff0a06e in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1361
docs: add RuiQi to integrations list by @HUAHUAI23 in https://github.com/corazawaf/coraza/pull/1368
chore(deps): update all non-major dependencies in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1369
chore: add tx to context by @trgalho in https://github.com/corazawaf/coraza/pull/1345
Revert "chore: add tx to context" by @jcchavezs in https://github.com/corazawaf/coraza/pull/1378
chore(deps): update github/codeql-action digest to 39edc49 in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1380
chore(deps): update module github.com/go-viper/mapstructure/v2 to v2.3.0 [security] by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1381
chore(deps): update github/codeql-action digest to 181d5ee in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1382
chore(deps): update github/codeql-action digest to d6bbdef in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1390
chore(deps): update github/codeql-action digest to 4e828ff in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1391
chore(deps): update github/codeql-action digest to 51f7732 in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1393
chore(deps): update actions/cache digest to 0400d5f in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1396
chore(deps): update github/codeql-action digest to 76621b6 in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1398
chore(deps): update actions/checkout action to v5 in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1401
chore(deps): update github/codeql-action digest to df55935 in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1403
chore(deps): update dependency go to 1.25.x in .github/workflows/lint.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1405
chore(deps): update github/codeql-action digest to 96f518a in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1407
chore(deps): update codecov/codecov-action digest to fdcc847 in .github/workflows/regression.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1408
chore(deps): update github/codeql-action digest to 3c3833e in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1410
chore(deps): update module github.com/go-viper/mapstructure/v2 to v2.4.0 [security] by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1411
chore(deps): update all non-major dependencies in .github/workflows/regression.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1419
chore(deps): update actions/setup-go action to v6 in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1420
chore(deps): update actions/stale action to v10 in .github/workflows/close-issues.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1422
chore(deps): update github/codeql-action action to v4 in .github/workflows/codeql-analysis.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1437
chore(deps): update actions/checkout action to v6 in .github/workflows/tinygo.yml by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1442
Migrates golangci-lint to v2 by @M4tteoP in https://github.com/corazawaf/coraza/pull/1445
chore: run golang modernize by @M4tteoP in https://github.com/corazawaf/coraza/pull/1446
chore: increases the minimum go version by @jcchavezs in https://github.com/corazawaf/coraza/pull/1462
chore(deps): update module golang.org/x/crypto to v0.45.0 [security] by @renovate[bot] in https://github.com/corazawaf/coraza/pull/1443
chore: update libinjection-go and deps by @fzipi in https://github.com/corazawaf/coraza/pull/1496
chore: min go version to 1.25 by @M4tteoP in https://github.com/corazawaf/coraza/pull/1497
chore: remove panic from seclang compiler by @Copilot in https://github.com/corazawaf/coraza/pull/1514
ci: reduce regression matrix from 128 to 15 jobs by @jptosso in https://github.com/corazawaf/coraza/pull/1522
perf: use map for ruleRemoveByID for O(1) lookup by @jptosso in https://github.com/corazawaf/coraza/pull/1524
perf: prefix-based transformation cache with inline values by @fzipi in https://github.com/corazawaf/coraza/pull/1544
perf: bulk-allocate MatchData in collection Find methods by @jptosso in https://github.com/corazawaf/coraza/pull/1530
perf: use FindStringSubmatchIndex to avoid capture allocations by @jptosso in https://github.com/corazawaf/coraza/pull/1547
refactor: remove root package dependency on experimental by @fzipi in https://github.com/corazawaf/coraza/pull/1494
docs: update package and strmatch operators by @fzipi in https://github.com/corazawaf/coraza/pull/1477
docs(actions): update format and add package by @fzipi in https://github.com/corazawaf/coraza/pull/1475
doc: fix phase in ctl action example by @hnakamur in https://github.com/corazawaf/coraza/pull/1428
Add doc to directives by @hnakamur in https://github.com/corazawaf/coraza/pull/1434
Mark unimplemented SecAuditLogParts in docs by @louis-lau in https://github.com/corazawaf/coraza/pull/1455
docs: adds documentation to e2e package by @jcchavezs in https://github.com/corazawaf/coraza/pull/1460
chore: adds copilot instructions. by @jcchavezs in https://github.com/corazawaf/coraza/pull/1464
Replace "1GB" with "1GiB" in request/response body size limit by @hnakamur in https://github.com/corazawaf/coraza/pull/1418
Pre add testcase for streamed responses by @jcchavezs in https://github.com/corazawaf/coraza/pull/1459