No new version of the nginx connector has been cut in a long time(2 years)

Question

No new version of the nginx connector has been cut in a long time(2 years)

jeremyjpj0916 opened this issue 6 months ago · 1 comments

Since https://github.com/owasp-modsecurity/ModSecurity-nginx/tree/v1.0.3 there has not been another version cut in a long time of this connector from 2 years ago. Yet master jumps to 233 commits vs v1.0.3 has 209 commits so 20+ commits later. @airween long time no see buddy, If confident in master branch here being stable for a release again, may be worth cutting off a new v1.0.4 version now with all the latest goodies but also not force users to rely on pulling master(which may get breaking changes or issues in it sometime?)

I am still trying to catch up my mod security build/deploy flows on nginx. I see owasp has now officially taken over all components from Spiderlabs which hopefully gets things fixed up sooner with more community leads and bandwidth on the repo.

-Jeremy

Answer 1 · 2024-05-30T22:10:26.000Z

Hi @jeremyjpj0916,

thanks for writing!

Yes, OWASP received the ownership of the project, but unfortunately there is not a big community around here. We work on that we might involve people to development again.

And yes, release is actually. I really hope we can make it in next few days/weeks. I would have made a release all of our source (mod_security2, libmodsecurity3 and Nginx connector), but I was a bit busy in recent days.

Feel free to reach us on OWASP Slack server, on #project-modsecurity channel - or you can ping me directly too.