2 unstable releases

0.6.0 Jun 27, 2024
0.5.0 Apr 7, 2024

#1196 in WebAssembly

38 downloads per month
Used in 3 crates

Apache-2.0 WITH LLVM-exception

28KB
249 lines

Bulwark Logo


Crates.io Version msrv 1.76.0 Crates.io Total Downloads GitHub Actions Workflow Status docs.rs

Automated security decision-making under uncertainty.

🛠️ Build

The build crate is responsible for building Bulwark's plugins.

🏰 What is Bulwark?

Bulwark is a fast, modern, open-source web application firewall (WAF) and API security gateway. It simplifies the implementation of detective security controls while offering comprehensive visibility into your web services. Bulwark's detection-as-code approach to rule definition offers security teams higher confidence in their response to persistent and adaptive threats. Bulwark plugins offer a wide range of capabilities, enabling security teams to define and evolve detections rapidly, without making changes to the underlying application.

🚀 Quickstart

Bulwark plugins are compiled to WebAssembly before use. While it's recommended to do this using a workflow like GitHub Actions, you can also do this manually, particularly for development. Most users will want to use the Bulwark CLI to build their plugins. The CLI uses this library as a dependency.

To compile a Bulwark plugin with the CLI (after installing the CLI with cargo install bulwark-cli):

bulwark-cli build -p rules/example-plugin -o dist/plugins/

In some cases, you may want to compile a plugin without the CLI, such as within a test case.

bulwark_build::build_plugin(
    base.join("path/to/plugin"),            // input directory
    base.join("dist/plugins/plugin.wasm"),  // output file
    &[],                                    // no additional compiler args
    true,                                   // install missing targets if needed
)?;

💪 Contributing

Check out the list of open issues. We actively maintain a list of issues suitable for new contributors to the project. Alternatively, detection plugins may be contributed to the community ruleset.

We do not require contributors to sign a license agreement (CLA) because we want users of Bulwark to be confident that the software will remain available under its current license.

🤝 License

This project is licensed under the Apache 2.0 license with the LLVM exception. See LICENSE for more details.

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this project by you, as defined in the Apache 2.0 license, shall be licensed as above, without any additional terms or conditions.

🛟 Getting Help

To start, check if the answer to your question can be found in any of the guides or API documentation. If you aren't able to find an answer there, check the Bulwark project's discussion forum. We are happy to help answer your questions and provide guidance through our community forum.

Dependencies

~7.5MB
~131K SLoC