Bot releases are visible (Hide)
This release is a security fix for a RCE vulnerability in the go-git dependency.
Overview
Affected versions of this package are vulnerable to Path Traversal via malicious server replies. An attacker can create and amend files across the filesystem and potentially achieve remote code execution by sending crafted responses to the client.
Notes
This is only exploitable if the client is using ChrootOS, which is the default for certain functions such as PlainClone.
Applications using BoundOS or in-memory filesystems are not affected by this issue.
Users loading rules from remote Git servers are encouraged to upgrade to v1.15.0 as soon as possible.
Published by newm4n about 1 year ago
grule-rule-engine
to `github.com/hyperjumptech/grule-rule-engine'Published by newm4n about 1 year ago
After a quite long time, I've finally manage to find some time on recontributing on Grule Rule Engine. Thank you very-very much for all contributors. The following are some collection of changes we did since the last release.
golangci-lint
, Its there but no yet integrated to the CI yet.Cheers
Published by newm4n over 1 year ago
Published by newm4n almost 2 years ago
Published by newm4n about 2 years ago
MatchString
as built in string function.Note on the Zap Logger :
By default, grule-rule-engine and its subpackages use the logrus logger, which is initialized in the logger subpackage.
The ability to pass a logger (zap or logrus) to subpackages that is initialized in your applications (usually in main.go) has been added.
In each subpackage antlr, ast, builder, engine, the SetLogger (externalLog interface{}) function was added.
It can be passed a logger instance (zap or logrus) to be used by the subpackage.
The SetLogLevel()
function from the logger package has been changed.
Now it is not tied to logrus levels, but uses the levels defined in the logger subpackage of the current library.
Published by newm4n over 2 years ago
Published by newm4n over 2 years ago
MatchString
for matching a string to regular expression. fixes issue #281Published by newm4n almost 3 years ago
Published by newm4n almost 3 years ago
Published by jinagamvasubabu about 3 years ago
Full Changelog: https://github.com/hyperjumptech/grule-rule-engine/compare/v1.10.1...v1.10.2
Published by newm4n about 3 years ago
Releasing patch v1.10.1
Published by newm4n over 3 years ago
Release v1.10.0
Published by newm4n over 3 years ago
Published by newm4n over 3 years ago
KnowledgeBase
inside KnowledgeLibrary
into binary file (GRB). This makes the loading of rule sets from GRB to be much faster. Almost 10x faster.Published by newm4n over 3 years ago
Small quick path to fix possible bug when loading RuleSet from binary file,
where io.EOF is not detected causing loading to fail.
Although, by design, this should not be possible.
Published by newm4n over 3 years ago
Published by newm4n over 3 years ago
This patch includes support for UTF-8 character in SIMPLENAME
within the grammar.
With this change, from within the GRL rule name, variable name, function name can
use non-ascii unicode characters except symbols, etc. Thus, golang struct, variables that has unicode in their name
should be accessible from the rule script.
The example/UnicodeRule_test.go
file tested this new patch.
Published by newm4n almost 4 years ago
This patch contains lots of math built-in functions
Check out the Math Function Page
Published by newm4n almost 4 years ago
.0
rendering 12.012
an error.