GitHub / aikidosec/firewall-python issues and pull requests
#418 - Draft: Ensure functions are only patched with the same patch once
Pull Request -
State: open - Opened by bitterpanda63 about 1 month ago
#417 - Django: cleanup & extract cookies from request
Pull Request -
State: open - Opened by bitterpanda63 about 1 month ago
#416 - Pymongo: Fix bug with ^4.9.0
Pull Request -
State: closed - Opened by bitterpanda63 about 1 month ago
#415 - Flask improvements: Return response on block earlier & extract query params directly from request
Pull Request -
State: closed - Opened by bitterpanda63 about 1 month ago
#414 - Bump urllib3 from 2.3.0 to 2.5.0 in /sample-apps/flask-mongo
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: dependencies, python
#413 - README: Add AI SDK Text
Pull Request -
State: closed - Opened by bitterpanda63 about 1 month ago
#412 - Bump protobuf from 5.29.3 to 5.29.5 in /sample-apps/flask-mongo
Pull Request -
State: closed - Opened by dependabot[bot] about 1 month ago
- 1 comment
Labels: dependencies, python
#411 - add optional = true to tool.poetry.group.dev
Pull Request -
State: closed - Opened by bitterpanda63 about 1 month ago
#410 - Fix security issue in requests via minor version upgrade from 2.32.3 to 2.32.4
Pull Request -
State: closed - Opened by aikido-autofix[bot] about 1 month ago
#409 - Sync routes improved, allowing new fields to be added
Pull Request -
State: closed - Opened by bitterpanda63 about 1 month ago
#408 - Count rate-limited hits
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#407 - Add e2e test to validate packages
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#406 - Set timeout for GitHub workflows (unit tests + end2end tests)
Pull Request -
State: closed - Opened by hansott about 2 months ago
#405 - Increase coverage of reported packages & fix recursive bug
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#404 - Add anthropic AI Usage
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#403 - Add Mistral AI Usage
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#402 - Python SCA: Report packages
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#401 - Allow setting of token in aikido_zen.protect()
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#400 - Bump cryptography from 44.0.0 to 44.0.1 in /sample-apps/flask-openai
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, python
#399 - Bump jinja2 from 3.1.5 to 3.1.6 in /sample-apps/flask-openai
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, python
#398 - Bump requests from 2.32.3 to 2.32.4 in /sample-apps/fastapi-postgres-uvicorn
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, python
#397 - Add AI wrapping for openai
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#396 - Bump django from 5.1.5 to 5.1.10 in /sample-apps/django-mysql
Pull Request -
State: closed - Opened by dependabot[bot] about 2 months ago
- 1 comment
Labels: dependencies, python
#395 - Add sink statistics
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#394 - set develop=true in sample apps for aikido_zen
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#393 - Fix unnecessary escape in match endpoints that causes a log
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#392 - Add wrapping for clickhouse-driver
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#391 - Add devcontainer
Pull Request -
State: closed - Opened by hansott about 2 months ago
#390 - Remove python-dotenv
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#389 - Create a sample app for clickhouse
Pull Request -
State: closed - Opened by bitterpanda63 about 2 months ago
#388 - Cleanup and sync statistics over IPC calls
Pull Request -
State: closed - Opened by bitterpanda63 2 months ago
#387 - Allow flask ^2.2.4
Pull Request -
State: closed - Opened by bitterpanda63 2 months ago
#386 - Make sure the @on_import is always at the end of the file
Pull Request -
State: closed - Opened by bitterpanda63 2 months ago
#385 - Remove flaky time-based unit test in users_test.py
Pull Request -
State: closed - Opened by bitterpanda63 2 months ago
#384 - Set flask version requirement to 2.2.4
Pull Request -
State: closed - Opened by bitterpanda63 2 months ago
Labels: enhancement
#383 - Sync users using process cache, instead of IPC
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#382 - Sync users using process cache, instead of IPC
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#381 - Remove unused ipc calls (STATISTICS/KILL)
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#380 - AIK-5109 Make sure API Spec only gets checked every first 20 times
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#379 - Fix unit tests after merge of #377 and #372
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#378 - improved-wrapping -> main
Pull Request -
State: closed - Opened by willem-delbare 3 months ago
#377 - AIK-5087 remove HOSTNAMES_ADD, and just add it to the sync
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
Labels: enhancement
#376 - Set flask version requirement to 2.2.4 instead of major release 2.3.0
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
- 1 comment
Labels: WIP, Blocked
#375 - Remove flask dev server warning
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#374 - Bump flask from 3.1.0 to 3.1.1 in /sample-apps/flask-mongo
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 1 comment
Labels: dependencies, python
#373 - DRAFT: Only do api spec analysis on first 20 hits
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#372 - Fix routes not clearing due to sync re-populating them
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
Labels: bug
#371 - Fix user agent not being reported correctly on attack
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
Labels: bug
#370 - New Wrapping PR 6: Delete importhook/
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#369 - New Wrapping PR 5: Update all sources to new wrapping system
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#368 - XML/LXML sources: create unit tests (used to rely only on end2end tests)
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
Labels: enhancement
#367 - Bump django from 5.1.5 to 5.1.9 in /sample-apps/django-mysql
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 2 comments
Labels: dependencies, python
#366 - New Wrapping PR 4: Update all sinks to new wrapping system
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#365 - New Wrapping PR 3: Update github workflows and benchmarks
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#364 - New Wrapping PR 2: update sample app lockfiles
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#363 - New Wrapping PR 1: Install wrapt and add helper functions for new wrapping system
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#362 - Report dialect in case of sql injection
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
#361 - Fix windows bug with socket being UDS
Pull Request -
State: closed - Opened by bitterpanda63 3 months ago
Labels: bug
#360 - Bump h11 from 0.14.0 to 0.16.0 in /sample-apps/quart-postgres-uvicorn
Pull Request -
State: closed - Opened by dependabot[bot] 3 months ago
- 2 comments
Labels: dependencies, python
#359 - Python 3.13 support: wrapping update
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
- 1 comment
#358 - (draft) workflow testing
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#357 - Subprocess import - NotImplementedError: object proxy must define __deepcopy__()
Issue -
State: closed - Opened by andymcblane 4 months ago
- 6 comments
#356 - Prioritize JSON parsing for body
Pull Request -
State: open - Opened by kapyteinaikido 4 months ago
#355 - Handle JSON body starting with double quote
Pull Request -
State: closed - Opened by kapyteinaikido 4 months ago
#354 - Bump django from 5.1.5 to 5.1.8 in /sample-apps/django-mysql
Pull Request -
State: closed - Opened by dependabot[bot] 4 months ago
- 2 comments
Labels: dependencies, python
#353 - Fix for windows: os wrapper, check if property exists
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#352 - split os functions into platform-specific arrays for better Windows compatibility
Pull Request -
State: closed - Opened by hansott 4 months ago
- 1 comment
#351 - Support ip ranges in endpoint allowedIPAddresses
Pull Request -
State: closed - Opened by timokoessler 4 months ago
#350 - Cleanup: Remove a print redirect statement
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#349 - Fix: bot blocking needs to use .search(...) instead of .match(...)
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#348 - Fix: validate the firewall lists API response correctly
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#347 - Improvement for incoherent statistics
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#346 - Create a unified on_init_handler, that does not set context if IP is bypassed
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
- 1 comment
#345 - Refactor: Remove add_ip_address_to_blocklist as separate helper file
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#344 - Start mock server before running starlette benchmark
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#343 - Add bot blocking and IP Allowlist
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#342 - AIK-4650 SSRF: Don't flag requests made to itself, from e.g. host header (Zen for Python)
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#341 - Improve isPrivateIP function
Pull Request -
State: closed - Opened by timokoessler 4 months ago
#340 - Improve the package compatibility check
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#339 - Improve logging in python
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#338 - Improve flaky or incoherent statistics
Pull Request -
State: closed - Opened by bitterpanda63 4 months ago
#337 - added warning to flask
Pull Request -
State: closed - Opened by kidk 4 months ago
#336 - Don't report outbound hostnames with port number zero
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#335 - Use sliding window rate limiter
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#334 - Use sliding window rate limiting
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#333 - Better e2e testing
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
- 1 comment
#332 - Bump django from 5.1.5 to 5.1.7 in /sample-apps/django-mysql
Pull Request -
State: closed - Opened by dependabot[bot] 5 months ago
- 1 comment
Labels: dependencies, python
#331 - Check all endpoints for forced protection off
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#330 - Use set syntax
Pull Request -
State: closed - Opened by hansott 5 months ago
#329 - Ignore .well-known routes if not actual well known URI
Pull Request -
State: closed - Opened by hansott 5 months ago
#328 - Ignore base URL for outbound requests
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#327 - Add bot blocking and IP Allowlists for python
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#326 - Remove request_handler and write responses earlier
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#325 - Minor fixes: Improved thread cache renewing, better logging, removed broken package reporting
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#324 - Remove the broken reporting method for wrapped packages
Pull Request -
State: closed - Opened by bitterpanda63 5 months ago
#323 - Ignore webmanifest files for route discovery
Pull Request -
State: closed - Opened by timokoessler 5 months ago
#322 - Support ip ranges in bypass list
Pull Request -
State: closed - Opened by timokoessler 6 months ago
- 1 comment
#321 - AIK-4214: Use a sliding window for rate limiting (instead of fixed)
Pull Request -
State: closed - Opened by bitterpanda63 6 months ago
#320 - AIK-4449 Implement bypassed IPs by just skipping request entirely
Pull Request -
State: closed - Opened by bitterpanda63 6 months ago
- 1 comment
#319 - Optimization: Only request thread cache after verifying context exists
Pull Request -
State: closed - Opened by bitterpanda63 6 months ago