Hi everyone, I probably missed this information somewhen during our conversation.
Two things. Do we have a paranoia-level assignment for each candidate? And what about the rule IDs for rules that were initially dropped but later assigned to paranoia mode? Thanks for feedback. Cheers, Noël > On 03 Mar 2016, at 10:22, Christian Folini <christian.fol...@netnea.com> > wrote: > > Hi there, > > Chaim merged our first pull request yesterday morning GMT. > For me, this is the formal blessing of our plans, even more so as > Ryan named Chaim his successor as project lead last week. Chaim > gave me write access to the CRS repository and I plan to use that > for the subsequent pull requests. > > What is left to do? > Pull Request #2: Move 3.0.0 candidate rules to paranoia mode > With this milestone reached, we can invite people to run > the new ruleset (and see a difference with false positives) > Pull Request #3: Add 2.2.X rules to paranoia mode > Pull Request #4: Add stricter siblings > > Noël volunteered to do pull request #2. It is a simple job. You > only need to move the rules around (and tag them accordingly). > > Would somebody among you like to do pull request #3 and #4? > That would be nice as it would allow you to feature in the > CHANGES file and underline the community character of the > paranoia mode. Just drop me a line. > > Pull request. Here is what I did > (CAVEAT: I am not a very experienced git user. This worked > for me, but maybe you guys have improvements for the procedure.) > > Fork spiderlabs/crs online at github > Clone with: > $> git clone https://github.com/dune73/owasp-modsecurity-crs.git paranoia > Add the remote: > $> git remote add upstream > https://github.com/SpiderLabs/owasp-modsecurity-crs.git > Check: > $> git remote -v > origin https://github.com/dune73/owasp-modsecurity-crs.git (fetch) > origin https://github.com/dune73/owasp-modsecurity-crs.git (push) > upstream https://github.com/SpiderLabs/owasp-modsecurity-crs.git > (fetch) > upstream https://github.com/SpiderLabs/owasp-modsecurity-crs.git > (push) > Fetch upstream branches list > $> git fetch upstream > * [new branch] gh-pages -> upstream/gh-pages > * [new branch] master -> upstream/master > * [new branch] owasp-honeypots -> upstream/owasp-honeypots > * [new branch] trunk -> upstream/trunk > * [new branch] v3.0.0-dev -> upstream/v3.0.0-dev > * [new branch] v3.0.0-rc1 -> upstream/v3.0.0-rc1 > Checkout 3.0.0rc1 branch > $> git checkout remotes/upstream/v3.0.0-rc1 > Start new personal branch > $> git checkout -b paranoia-mode > Do your update > ... > status > $> git status > ... > Add changes > $> git add ... > Commit changes > $> git commit -m "blabla..." > Push changes to personal branch on git > $> git push > > Go online and create pull request > > @Noël: Does this make sense to you? If not, just ask. > > Ideally, you could do this in the next two days and I can test and > merge on the weekend or early next week. > > Franziska has two open questions which need to be sorted out before > the pull request #4. We agreed she will post these two the > mailinglist. > > Cheers, > > Christian > > > > -- > One can acquire everything in solitude - except character. > -- Stendhal
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
