audit: H should populate also with error logs.

[M4tteoP]

Part of #1305.
Address point 1 of #1305 (comment)

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.99%. Comparing base (cb80190) to head (b5f4154).
Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1310      +/-   ##
==========================================
+ Coverage   81.94%   81.99%   +0.04%     
==========================================
  Files         170      170              
  Lines        9777     9803      +26     
==========================================
+ Hits         8012     8038      +26     
  Misses       1518     1518              
  Partials      247      247              

Flag	Coverage Δ
coraza.rule.case_sensitive_args_keys	81.95% <100.00%> (+0.04%)	⬆️
coraza.rule.multiphase_valuation	81.99% <100.00%> (+0.04%)	⬆️
coraza.rule.no_regex_multiline	81.93% <100.00%> (+0.04%)	⬆️
default	81.99% <100.00%> (+0.04%)	⬆️
examples+	16.50% <0.00%> (-0.05%)	⬇️
examples+coraza.rule.case_sensitive_args_keys	81.95% <100.00%> (+0.04%)	⬆️
examples+coraza.rule.multiphase_valuation	81.83% <100.00%> (+0.04%)	⬆️
examples+coraza.rule.no_regex_multiline	81.85% <100.00%> (+0.04%)	⬆️
examples+memoize_builders	81.95% <100.00%> (+0.04%)	⬆️
examples+no_fs_access	81.28% <100.00%> (+0.04%)	⬆️
ftw	81.99% <100.00%> (+0.04%)	⬆️
memoize_builders	82.08% <100.00%> (+0.04%)	⬆️
no_fs_access	81.44% <100.00%> (+0.04%)	⬆️
tinygo	81.96% <100.00%> (+0.04%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[jcchavezs]

Do you mind elaborating why?

[M4tteoP]

I remember that with #848 we agreed that Log() was indeed helpful to be exported, but then to avoid breaking the Coraza v3.* API adding a Log() method to the MatchedRule interface we provided the workaround via the type assertion. So I guess that the proper outcome is to have it properly exported.
See also

coraza/internal/corazawaf/transaction.go

Lines 1499 to 1503 in e29a849

	// Log action is required to log a matched rule on both error log and audit log
	// An assertion has to be done to check if the MatchedRule implements the Log() function before calling Log()
	// It is performed to avoid breaking the Coraza v3.* API adding a Log() method to the MatchedRule interface
	mrWithlog, ok := mr.(*corazarules.MatchedRule)
	if ok && mrWithlog.Log() {

[jcchavezs]

Suggested change

	res.WriteByte('\n')
	fmt.Fprintln(res, "")

[M4tteoP]

I can't use it as is with a string builder (complains of missing io.Writer). We are using in several places res.WriteByte('\n'), is it a performance or readability suggestion?

[jcchavezs]

it is because the method is in the pointer not in the value. The main use here is to make this working on windows but I see this has been used before so we can keep it.

[M4tteoP]

I see, thanks!

[M4tteoP]

Fixed go.sum conflicts