aikido-zen 1.0.2.beta.9-x86_64-linux-musl → 1.0.2-x86_64-linux-musl

data/lib/aikido/zen.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require_relative "zen/helpers"
 require_relative "zen/version"
 require_relative "zen/errors"
 require_relative "zen/actor"
@@ -13,13 +14,15 @@ require_relative "zen/context"
 require_relative "zen/detached_agent"
 require_relative "zen/middleware/middleware"
 require_relative "zen/middleware/fork_detector"
-require_relative "zen/middleware/set_context"
-require_relative "zen/middleware/check_allowed_addresses"
+require_relative "zen/middleware/context_setter"
+require_relative "zen/middleware/allowed_address_checker"
+require_relative "zen/middleware/attack_wave_protector"
 require_relative "zen/middleware/request_tracker"
 require_relative "zen/outbound_connection"
 require_relative "zen/outbound_connection_monitor"
 require_relative "zen/runtime_settings"
 require_relative "zen/rate_limiter"
+require_relative "zen/attack_wave"
 require_relative "zen/scanners"
 
 module Aikido
@@ -77,6 +80,16 @@ module Aikido
       @runtime_settings = settings
     end
 
+    # @return [Boolean] whether the Aikido agent is currently blocking requests.
+    #   Blocking mode is configured at startup and can be controlled through the
+    #   Aikido dashboard at runtime.
+    def self.blocking_mode?
+      blocking_mode = runtime_settings.blocking_mode
+      return blocking_mode unless blocking_mode.nil?
+
+      config.blocking_mode
+    end
+
     # Gets information about the current system configuration, which is sent to
     # the server along with any events.
     def self.system_info
@@ -89,10 +102,6 @@ module Aikido
       @collector ||= Collector.new
     end
 
-    def self.detached_agent
-      @detached_agent ||= DetachedAgent::Agent.new
-    end
-
     # Gets the current context object that holds all information about the
     # current request.
     #
@@ -118,6 +127,18 @@ module Aikido
       collector.track_request
     end
 
+    # Track statistics about an attack wave the app is handling.
+    #
+    # @param attack_wave [Aikido::Zen::Events::AttackWave]
+    # @return [void]
+    def self.track_attack_wave(attack_wave)
+      collector.track_attack_wave(being_blocked: false)
+    end
+
+    # Track statistics about a route that the app has discovered.
+    #
+    # @param request [Aikido::Zen::Request]
+    # @return [void]
     def self.track_discovered_route(request)
       collector.track_route(request)
     end
@@ -173,6 +194,11 @@ module Aikido
       collector.middleware_installed!
     end
 
+    # @return [Aikido::Zen::AttackWave::Detector] the attack wave detector.
+    def self.attack_wave_detector
+      @attack_wave_detector ||= AttackWave::Detector.new
+    end
+
     # @!visibility private
     # Load all sources.
     #
@@ -210,6 +236,10 @@ module Aikido
       @agent ||= Agent.start
     end
 
+    def self.detached_agent
+      @detached_agent ||= DetachedAgent::Agent.new
+    end
+
     def self.detached_agent_server
       @detached_agent_server ||= DetachedAgent::Server.start
     end
@@ -250,5 +280,24 @@ module Aikido
         @detached_agent&.handle_fork
       end
     end
+
+    # @!visibility private
+    # Returns the stack trace trimmed to where execution last entered Zen.
+    #
+    # @return [String]
+    def self.clean_stack_trace
+      stack_trace = caller_locations
+
+      spec = Gem.loaded_specs["aikido-zen"]
+
+      # Only trim stack frames from .../lib/aikido/zen/ in the aikido-zen gem,
+      # so calls in sample apps are preserved.
+      lib_path_start = File.expand_path(File.join(spec.full_gem_path, "lib", "aikido", "zen")) + File::SEPARATOR
+
+      index = stack_trace.index { |frame| !File.expand_path(frame.path).start_with?(lib_path_start) }
+      stack_trace = stack_trace[index..] if index
+
+      stack_trace.map(&:to_s).join("\n")
+    end
   end
 end

data/tasklib/bench.rake

@@ -87,7 +87,7 @@ Pathname.glob("sample_apps/*").select(&:directory?).each do |dir|
       end
 
       task :boot_unprotected_app do
-        boot_server(dir, port: PORT_UNPROTECTED, env: {"AIKIDO_DISABLED" => "true"})
+        boot_server(dir, port: PORT_UNPROTECTED, env: {"AIKIDO_DISABLE" => "true"})
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aikido-zen
 version: !ruby/object:Gem::Version
-  version: 1.0.2.beta.9
+  version: 1.0.2
 platform: x86_64-linux-musl
 authors:
 - Aikido Security
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2025-10-28 00:00:00.000000000 Z
+date: 2025-12-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby
@@ -77,6 +77,7 @@ files:
 - docs/config.md
 - docs/proxy.md
 - docs/rails.md
+- docs/troubleshooting.md
 - lib/aikido-zen.rb
 - lib/aikido/zen.rb
 - lib/aikido/zen/actor.rb
@@ -84,7 +85,10 @@ files:
 - lib/aikido/zen/agent/heartbeats_manager.rb
 - lib/aikido/zen/api_client.rb
 - lib/aikido/zen/attack.rb
+- lib/aikido/zen/attack_wave.rb
+- lib/aikido/zen/attack_wave/helpers.rb
 - lib/aikido/zen/background_worker.rb
+- lib/aikido/zen/cache.rb
 - lib/aikido/zen/capped_collections.rb
 - lib/aikido/zen/collector.rb
 - lib/aikido/zen/collector/event.rb
@@ -103,14 +107,16 @@ files:
 - lib/aikido/zen/detached_agent/server.rb
 - lib/aikido/zen/errors.rb
 - lib/aikido/zen/event.rb
+- lib/aikido/zen/helpers.rb
 - lib/aikido/zen/internals.rb
 - lib/aikido/zen/libzen-v0.1.48-x86_64-linux-musl.so
-- lib/aikido/zen/middleware/check_allowed_addresses.rb
+- lib/aikido/zen/middleware/allowed_address_checker.rb
+- lib/aikido/zen/middleware/attack_wave_protector.rb
+- lib/aikido/zen/middleware/context_setter.rb
 - lib/aikido/zen/middleware/fork_detector.rb
 - lib/aikido/zen/middleware/middleware.rb
 - lib/aikido/zen/middleware/rack_throttler.rb
 - lib/aikido/zen/middleware/request_tracker.rb
-- lib/aikido/zen/middleware/set_context.rb
 - lib/aikido/zen/outbound_connection.rb
 - lib/aikido/zen/outbound_connection_monitor.rb
 - lib/aikido/zen/package.rb