Merge remote-tracking branch 'upstream/main' into HEAD

Author: M4tteoP

.github/workflows/ci.yaml

@@ -13,14 +13,14 @@ on:
 
 env:
   GO_VERSION: '1.20'
-  TINYGO_VERSION: 0.30.0
+  TINYGO_VERSION: 0.31.2
   # Run e2e tests against latest two releases and latest dev
   ENVOY_IMAGES: >
+    envoyproxy/envoy:v1.30-latest
     envoyproxy/envoy:v1.29-latest
-    envoyproxy/envoy:v1.28-latest
     envoyproxy/envoy-dev:latest
-    istio/proxyv2:1.21.0
-    istio/proxyv2:1.20.4
+    istio/proxyv2:1.22.1
+    istio/proxyv2:1.21.3
 
 jobs:
   build:
@@ -30,6 +30,7 @@ jobs:
       contents: write
       packages: write
     strategy:
+      fail-fast: false # ftw runs are flaky, let's keep the two jobs running reducing re-runs
       matrix:
         multiphase_eval: ["true","false"]
     env:

.github/workflows/nightly-coraza-check.yaml

@@ -9,7 +9,7 @@ on:
 
 env:
   GO_VERSION: '1.20'
-  TINYGO_VERSION: 0.30.0
+  TINYGO_VERSION: 0.31.2
 
 jobs:
   test:

ftw/Dockerfile

@@ -1,15 +1,16 @@
 # Copyright 2022 The OWASP Coraza contributors
 # SPDX-License-Identifier: Apache-2.0
 
+# Stick with go-ftw:0.6.4 until CRS tests new format is merged (https://github.com/coreruleset/coreruleset/pull/3369)
 FROM ghcr.io/coreruleset/go-ftw:0.6.4
 
 RUN apk update && apk add curl
 
 WORKDIR /workspace
 
-# TODO update when new CRS version is tagged: https://github.com/coreruleset/coreruleset/archive/refs/tags/v4.0.0-rc2.tar.gz
-ADD https://github.com/coreruleset/coreruleset/tarball/1d95422bb31983a5290720b7fb662ce3dd51f753 /workspace/coreruleset/
-RUN cd coreruleset && tar -xf 1d95422bb31983a5290720b7fb662ce3dd51f753 --strip-components 1
+# Keep this CRS version aligned with the one embedded in wasmplugin/rules
+ADD https://github.com/coreruleset/coreruleset/archive/refs/tags/v4.3.0.tar.gz /workspace/coreruleset/
+RUN cd coreruleset && tar -xf v4.3.0.tar.gz --strip-components 1
 
 COPY ftw.yml /workspace/ftw.yml
 COPY tests.sh /workspace/tests.sh

ftw/ftw.yml

@@ -12,6 +12,7 @@ testoverride:
     '920100-10': 'Invalid HTTP method. Rejected by Envoy with Error 400'
     '920100-14': 'Invalid HTTP method. Rejected by Envoy with Error 400'
     '920100-16': 'Invalid HTTP request line. Rejected by Envoy with Error 400'
+    '920181-1': 'Content-Length with Transfer-Encoding chunked is rejected by Envoy with Error 400'
     '920210-2': 'Connection header is stripped out by Envoy'
     '920210-3': 'Connection header is stripped out by Envoy'
     '920210-4': 'Connection header is stripped out by Envoy'
@@ -35,18 +36,18 @@ testoverride:
     '941101-1': 'Referer header is sanitized by Envoy and removed from the request'
     '941110-4': 'Referer header is sanitized by Envoy and removed from the request'
     '949110-4': 'Related to 920100. Invalid HTTP method. Rejected by Envoy with Error 400'
-    '920181-1': 'Content-Length with Transfer-Encoding chunked is rejected by Envoy with Error 400' 
-    '932260-28': 'test bug, fixed upstream https://github.com/coreruleset/coreruleset/pull/3580'
+
+    # coraza-proxy-wasm not compatible tests
+    '920280-1': 'Rule 920280 matches missing Host. coraza-proxy-wasm crafts it from :authority'
+    '920280-3': 'Rule 920280 matches missing Host. coraza-proxy-wasm crafts it from :authority'
+    '920290-1': 'Rule 920290 matches empty Host. coraza-proxy-wasm crafts it from :authority'
 
     # Rules working, tests excluded for different expected output
     '920270-4': 'Log contains 920270. Test has log_contains disabled.'
 
     # Coraza related issues
     '920171-2': 'Rule 920171 not detected. GET/HEAD with body. Coraza side'
     '920171-3': 'Rule 920171 not detected. GET/HEAD with body. Coraza side'
-    '920280-1': 'Rule 920280 not detected. Host not present. Coraza side'
-    '920280-3': 'Rule 920280 not detected. Host not present. Coraza side'
-    '920290-1': 'Rule 920290 not detected. Empty Host. Coraza side'
     '920430-3': 'Rule 920430 not detected. Proto version. Coraza side'
     '920430-8': 'Rule 920430 not detected. Proto version. Coraza side'
     '920430-9': 'Rule 920430 not detected. Proto version. Coraza side'
@@ -56,5 +57,4 @@ testoverride:
     '934120-26': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'
     '934120-39': 'Rule 934120 partially detected. With HTTP/1.1 Envoy return 400. With HTTP/2 Enclosed alphanumerics not detected. Coraza Side'
     '932200-13': 'Unfortunate match inside logs against a different rule log. wip'
-    '942440-19': 'Coraza side: Seems like ARGS is not splitted in _GET and _POST in ruleRemoveTargetById. Further investigation needed.'
-    '942440-20': 'Coraza side: Seems like ARGS is not splitted in _GET and _POST in ruleRemoveTargetById. Further investigation needed.'
+    '930110-7': 'Coraza/CRS side: See https://github.com/corazawaf/coraza/pull/1081'

go.mod

@@ -3,29 +3,30 @@ module github.com/corazawaf/coraza-proxy-wasm
 go 1.20
 
 require (
-	github.com/corazawaf/coraza-wasilibs v0.1.0
-	github.com/corazawaf/coraza/v3 v3.1.0
-	github.com/stretchr/testify v1.8.4
+	github.com/corazawaf/coraza-wasilibs v0.2.0
+	github.com/corazawaf/coraza/v3 v3.2.2-0.20240718151026-8ebb4a82ce41
+	github.com/stretchr/testify v1.9.0
 	github.com/tetratelabs/proxy-wasm-go-sdk v0.23.0
 	github.com/tidwall/gjson v1.17.1
 	github.com/wasilibs/nottinygc v0.7.1
 )
 
 require (
-	github.com/corazawaf/libinjection-go v0.1.3 // indirect
+	github.com/corazawaf/libinjection-go v0.2.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/kr/pretty v0.1.0 // indirect
-	github.com/magefile/mage v1.15.0 // indirect
-	github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e // indirect
+	github.com/magefile/mage v1.15.1-0.20230912152418-9f54e0f83e2a // indirect
+	github.com/petar-dambovaliev/aho-corasick v0.0.0-20240411101913-e07a1f0e8eb4 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/tetratelabs/wazero v1.6.0 // indirect
+	github.com/tetratelabs/wazero v1.7.2 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
-	github.com/wasilibs/go-aho-corasick v0.5.0 // indirect
-	github.com/wasilibs/go-libinjection v0.4.0 // indirect
-	github.com/wasilibs/go-re2 v1.4.0 // indirect
-	golang.org/x/net v0.21.0 // indirect
-	golang.org/x/sync v0.6.0 // indirect
+	github.com/wasilibs/go-aho-corasick v0.6.0 // indirect
+	github.com/wasilibs/go-libinjection v0.5.0 // indirect
+	github.com/wasilibs/go-re2 v1.6.0 // indirect
+	golang.org/x/net v0.26.0 // indirect
+	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/sys v0.21.0 // indirect
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	rsc.io/binaryregexp v0.2.0 // indirect

go.sum

@@ -1,9 +1,9 @@
-github.com/corazawaf/coraza-wasilibs v0.1.0 h1:cYsblr346P5cA49g6YQwhS1ygUQg5egwAywwsAbsUIo=
-github.com/corazawaf/coraza-wasilibs v0.1.0/go.mod h1:aMVO6E4TFAxXnPmyrrEoXVYeMDovq3IsKwuetAR38JE=
-github.com/corazawaf/coraza/v3 v3.1.0 h1:CB6YxNXdbZjUJS/0FVFoFvS8eOVFbIvlNuHNC5dh88c=
-github.com/corazawaf/coraza/v3 v3.1.0/go.mod h1:S0bhYQfTu1Ew3YKdI37X1WWu6t4En4Tvw28aKyQFJaU=
-github.com/corazawaf/libinjection-go v0.1.3 h1:PUplAYho1BBl0tIVbhDsNRuVGIeUYSiCEc9oQpb2rJU=
-github.com/corazawaf/libinjection-go v0.1.3/go.mod h1:OP4TM7xdJ2skyXqNX1AN1wN5nNZEmJNuWbNPOItn7aw=
+github.com/corazawaf/coraza-wasilibs v0.2.0 h1:BT8x2pks6Xk7Oi1cUS9BPO+hi3QWQyQAtBkC3IR3Mt8=
+github.com/corazawaf/coraza-wasilibs v0.2.0/go.mod h1:jmUPQdndtPfMzKPn0a8BqdikXjuT3wY+6zDx5NvKshI=
+github.com/corazawaf/coraza/v3 v3.2.2-0.20240718151026-8ebb4a82ce41 h1:BVk6PUP8RsYtSAGlpGH3w0Bnjyjd2nADCy7ZkjXC0MQ=
+github.com/corazawaf/coraza/v3 v3.2.2-0.20240718151026-8ebb4a82ce41/go.mod h1:fVndCGdUHJWl9c26VZPcORQRzUYwMPnRkC6TyTkhbUg=
+github.com/corazawaf/libinjection-go v0.2.1 h1:vNJ7L6c4xkhRgYU6sIO0Tl54TmeCQv/yfxBma30Dy/Y=
+github.com/corazawaf/libinjection-go v0.2.1/go.mod h1:OP4TM7xdJ2skyXqNX1AN1wN5nNZEmJNuWbNPOItn7aw=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/foxcpp/go-mockdns v1.1.0 h1:jI0rD8M0wuYAxL7r/ynTrCQQq0BVqfB99Vgk7DlmewI=
@@ -12,41 +12,42 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/magefile/mage v1.15.0 h1:BvGheCMAsG3bWUDbZ8AyXXpCNwU9u5CB6sM+HNb9HYg=
-github.com/magefile/mage v1.15.0/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
+github.com/magefile/mage v1.15.1-0.20230912152418-9f54e0f83e2a h1:tdPcGgyiH0K+SbsJBBm2oPyEIOTAvLBwD9TuUwVtZho=
+github.com/magefile/mage v1.15.1-0.20230912152418-9f54e0f83e2a/go.mod h1:z5UZb/iS3GoOSn0JgWuiw7dxlurVYTu+/jHXqQg881A=
 github.com/miekg/dns v1.1.57 h1:Jzi7ApEIzwEPLHWRcafCN9LZSBbqQpxjt/wpgvg7wcM=
-github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e h1:POJco99aNgosh92lGqmx7L1ei+kCymivB/419SD15PQ=
-github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
+github.com/petar-dambovaliev/aho-corasick v0.0.0-20240411101913-e07a1f0e8eb4 h1:1Kw2vDBXmjop+LclnzCb/fFy+sgb3gYARwfmoUcQe6o=
+github.com/petar-dambovaliev/aho-corasick v0.0.0-20240411101913-e07a1f0e8eb4/go.mod h1:EHPiTAKtiFmrMldLUNswFwfZ2eJIYBHktdaUTZxYWRw=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/tetratelabs/proxy-wasm-go-sdk v0.23.0 h1:e0dm/ypyd1xudIrg8VTsd8dawuYaSy2gqewH5zD4rU8=
 github.com/tetratelabs/proxy-wasm-go-sdk v0.23.0/go.mod h1:YqR8JZaY3Ev9ihXgjzAQAMkXEzPKKmy4Q5rsVWt4XGk=
-github.com/tetratelabs/wazero v1.6.0 h1:z0H1iikCdP8t+q341xqepY4EWvHEw8Es7tlqiVzlP3g=
-github.com/tetratelabs/wazero v1.6.0/go.mod h1:0U0G41+ochRKoPKCJlh0jMg1CHkyfK8kDqiirMmKY8A=
+github.com/tetratelabs/wazero v1.7.2 h1:1+z5nXJNwMLPAWaTePFi49SSTL0IMx/i3Fg8Yc25GDc=
+github.com/tetratelabs/wazero v1.7.2/go.mod h1:ytl6Zuh20R/eROuyDaGPkp82O9C/DJfXAwJfQ3X6/7Y=
 github.com/tidwall/gjson v1.17.1 h1:wlYEnwqAHgzmhNUFfw7Xalt2JzQvsMx2Se4PcoFCT/U=
 github.com/tidwall/gjson v1.17.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
 github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
 github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
 github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
 github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
 github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
-github.com/wasilibs/go-aho-corasick v0.5.0 h1:Y8G8eJ7usuC14sd93IxxnZH43K5Bz5C90a6LsAYGjmY=
-github.com/wasilibs/go-aho-corasick v0.5.0/go.mod h1:1XPgz4lvFZA+Ytd8vfeCoqnwy4CSe0MxnLfRQJVqpJM=
-github.com/wasilibs/go-libinjection v0.4.0 h1:dr1Y/kM/gmoA7eSfdf+CvCcmzwsz2jVYjNdakgladDU=
-github.com/wasilibs/go-libinjection v0.4.0/go.mod h1:zD7fNXKSaTKoSTmrfuP9Gc16alNEgwkZaHIeDDk3WWM=
-github.com/wasilibs/go-re2 v1.4.0 h1:Jp6BM8G/zajgY1BCQUm3i7oGMdR1gA5EBv87wGd2ysc=
-github.com/wasilibs/go-re2 v1.4.0/go.mod h1:hLzlKjEgON+17hWjikLx8hJBkikyjQH/lsqCy9t6tIY=
+github.com/wasilibs/go-aho-corasick v0.6.0 h1:/usYKOljcc+264yq7jzq1tsgyuS1F/cUzLE75TJIgsQ=
+github.com/wasilibs/go-aho-corasick v0.6.0/go.mod h1:juBo/POXN3BapT9Bw93oxRQyyPha7AEu5SPUicPfLn4=
+github.com/wasilibs/go-libinjection v0.5.0 h1:ef+xIy0vLkZgvsyZevGDOFH3sq1aIrQI/8ImaCGDqDU=
+github.com/wasilibs/go-libinjection v0.5.0/go.mod h1:i1Va/vm/PFDYZS1JHUd3Ab2bNk7Qol3W70bEWz7I3b4=
+github.com/wasilibs/go-re2 v1.6.0 h1:CLlhDebt38wtl/zz4ww+hkXBMcxjrKFvTDXzFW2VOz8=
+github.com/wasilibs/go-re2 v1.6.0/go.mod h1:prArCyErsypRBI/jFAFJEbzyHzjABKqkzlidF0SNA04=
 github.com/wasilibs/nottinygc v0.7.1 h1:rKu19+SFniRNuSo5NX7/wxpSpXmMUmkcyt/YiWLJg8w=
 github.com/wasilibs/nottinygc v0.7.1/go.mod h1:oDcIotskuYNMpqMF23l7Z8uzD4TC0WXHK8jetlB3HIo=
-golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
-golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
-golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
-golang.org/x/tools v0.15.0 h1:zdAyfUGbYmuVokhzVmghFl2ZJh5QhcfebBgmVPFYA+8=
+golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
+golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
+golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
+golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
+golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

internal/auditlog/serial_writer.go

@@ -0,0 +1,50 @@
+// Copyright The OWASP Coraza contributors
+// SPDX-License-Identifier: Apache-2.0
+
+package auditlog
+
+import (
+	"io"
+
+	"github.com/corazawaf/coraza/v3/experimental/plugins"
+	"github.com/corazawaf/coraza/v3/experimental/plugins/plugintypes"
+	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm"
+)
+
+// RegisterProxyWasmSerialWriter overrides the default "Serial" audit log writer (see https://github.com/corazawaf/coraza/blob/main/internal/auditlog/init_tinygo.go)
+// in order to print audit logs to the proxy-wasm log as info messages with a prefix to differentiate them from other logs.
+func RegisterProxyWasmSerialWriter() {
+	plugins.RegisterAuditLogWriter("serial", func() plugintypes.AuditLogWriter {
+		return &wasmSerial{}
+	})
+}
+
+type wasmSerial struct {
+	io.Closer
+	formatter plugintypes.AuditLogFormatter
+}
+
+func (s *wasmSerial) Init(cfg plugintypes.AuditLogConfig) error {
+	s.formatter = cfg.Formatter
+	return nil
+}
+
+func (s *wasmSerial) Write(al plugintypes.AuditLog) error {
+	if s.formatter == nil {
+		return nil
+	}
+
+	bts, err := s.formatter.Format(al)
+	if err != nil {
+		return err
+	}
+
+	if len(bts) == 0 {
+		return nil
+	}
+	// Print the audit log to the proxy-wasm log as an info message adding an "AuditLog:" prefix.
+	proxywasm.LogInfo("AuditLog:" + string(bts))
+	return nil
+}
+
+func (s *wasmSerial) Close() error { return nil }

magefiles/magefile.go

@@ -20,7 +20,7 @@ import (
 )
 
 var minGoVersion = "1.20"
-var minTinygoVersion = "0.30"
+var minTinygoVersion = "0.31.2"
 var addLicenseVersion = "04bfe4ee9ca5764577b029acc6a1957fd1997153" // https://github.com/google/addlicense
 var golangCILintVer = "v1.54.2"                                    // https://github.com/golangci/golangci-lint/releases
 var gosImportsVer = "v0.3.1"                                       // https://github.com/rinchsan/gosimports/releases/tag/v0.3.1
@@ -216,6 +216,7 @@ func Build() error {
 		}
 	}
 
+	// TODO: from tinygo 0.32.0 -target=wasi is replaced by GOOS=wasip1. See https://github.com/tinygo-org/tinygo/pull/3861
 	if err := sh.RunV("tinygo", "build", "-gc=custom", "-opt=2", "-o", filepath.Join("build", "mainraw.wasm"), "-scheduler=none", "-target=wasi", buildTagArg); err != nil {
 		return err
 	}

main.go

@@ -6,11 +6,13 @@ package main
 import (
 	"github.com/tetratelabs/proxy-wasm-go-sdk/proxywasm"
 
+	"github.com/corazawaf/coraza-proxy-wasm/internal/auditlog"
 	"github.com/corazawaf/coraza-proxy-wasm/internal/operators"
 	"github.com/corazawaf/coraza-proxy-wasm/wasmplugin"
 )
 
 func main() {
 	operators.Register()
+	auditlog.RegisterProxyWasmSerialWriter()
 	proxywasm.SetVMContext(wasmplugin.NewVMContext())
 }