appsignal 3.4.4-java → 3.4.6-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d424b2fb153945a0ead961e5c02ec4ee58bababe8135403c49c990ba2f2eb1f1
-  data.tar.gz: b633f608930f213d0b83e0903334e96a17fa19fa2c7aff6d2485db1b9aa0d648
+  metadata.gz: af3d35d071f1564b0cbdaf41dbc8d28578aa4bef90ac880a3731b227fb067643
+  data.tar.gz: 69d319fa4870d64c3e54bb78f12c643934bb0a17c20145dcc373b52defcea554
 SHA512:
-  metadata.gz: a313ef38d4cee93e9c0b8dfe503d2bf4dae2410b69fd8d6f78210fe1779d7d9644bc973ebcc000ae61691faacd89c56853862b8b1970dc6c8d69026ed8263f55
-  data.tar.gz: 87aac29579b855242d002fd12645716879af8eb4c8ec2c4afe79227a3225923b9e44a5a85f701add17bcdba74a6fadadc78b0f501ec9f42e4acbd1ae936ee51a
+  metadata.gz: a977d7886759656795f443e7488420708c54e1086701f55a3d17aec8f22c1a50a54068b2a63b0e804433913f79aee7927e02bd97890cb055ef0abd7015ece32f
+  data.tar.gz: e23e971908c575908983bd7f16ed6321f559799af5e6442766208532a117722dc51d245b11d723a08a22e348b18cbec6f2911f52abe598df87be24cc2aea1743

data/CHANGELOG.md

@@ -1,5 +1,31 @@
 # AppSignal for Ruby gem Changelog
 
+## 3.4.6
+
+### Changed
+
+- [85c155a0](https://github.com/appsignal/appsignal-ruby/commit/85c155a0a4b2b618c04db52c34ee7f0adba8f3c5) patch - When sanitizing an array or hash, replace recursively nested values with a placeholder string. This fixes a SystemStackError issue when sanitising arrays and hashes.
+
+## 3.4.5
+
+### Added
+
+- [e5e79d9a](https://github.com/appsignal/appsignal-ruby/commit/e5e79d9aa17006a6995e9ea18fabdc14a2356c82) patch - Add `filter_metadata` config option to filter metadata set on Transactions set by default. Metadata like `path`, (request)  `method`, `request_id`, `hostname`, etc. This can be useful if there's PII or other sensitive data in any of the app's metadata.
+
+### Fixed
+
+- [5a4797c8](https://github.com/appsignal/appsignal-ruby/commit/5a4797c8560c2d1e60b4f1a750136c906505746c) patch - Fix Sinatra request custom request parameters method. If the Sinatra option `params_method` is set, a different method than `params` will be called on the request object to fetch the request parameters. This can be used to add custom filtering to parameters recorded by AppSignal.
+- [9cdee8aa](https://github.com/appsignal/appsignal-ruby/commit/9cdee8aae3cb7b969583493440469ac0dfea764f) patch - Log error when the argument type of the breadcrumb metadata is invalid. This metadata argument should be a Hash, and other values are not supported. More information can be found in the [Ruby gem breadcrumb documentation](https://docs.appsignal.com/ruby/instrumentation/breadcrumbs.html).
+  
+  ```ruby
+  Appsignal.add_breadcrumb(
+    "breadcrumb category",
+    "breadcrumb action",
+    "some message",
+    { :metadata_key => "some value" } # This needs to be a Hash object
+  )
+  ```
+
 ## 3.4.4
 
 ### Fixed

data/lib/appsignal/config.rb

@@ -24,6 +24,7 @@ module Appsignal
       :enable_rails_error_reporter => true,
       :endpoint => "https://push.appsignal.com",
       :files_world_accessible => true,
+      :filter_metadata => [],
       :filter_parameters => [],
       :filter_session_data => [],
       :ignore_actions => [],
@@ -77,6 +78,7 @@ module Appsignal
       "APPSIGNAL_ENABLE_GVL_WAITING_THREADS" => :enable_gvl_waiting_threads,
       "APPSIGNAL_ENABLE_RAILS_ERROR_REPORTER" => :enable_rails_error_reporter,
       "APPSIGNAL_FILES_WORLD_ACCESSIBLE" => :files_world_accessible,
+      "APPSIGNAL_FILTER_METADATA" => :filter_metadata,
       "APPSIGNAL_FILTER_PARAMETERS" => :filter_parameters,
       "APPSIGNAL_FILTER_SESSION_DATA" => :filter_session_data,
       "APPSIGNAL_HOSTNAME" => :hostname,
@@ -150,6 +152,7 @@ module Appsignal
     # @api private
     ENV_ARRAY_KEYS = %w[
       APPSIGNAL_DNS_SERVERS
+      APPSIGNAL_FILTER_METADATA
       APPSIGNAL_FILTER_PARAMETERS
       APPSIGNAL_FILTER_SESSION_DATA
       APPSIGNAL_IGNORE_ACTIONS

data/lib/appsignal/rack/sinatra_instrumentation.rb

@@ -47,13 +47,14 @@ module Appsignal
       end
 
       def call_with_appsignal_monitoring(env)
-        env[:params_method] = @options[:params_method] if @options[:params_method]
+        options = { :force => @options.include?(:force) && @options[:force] }
+        options.merge!(:params_method => @options[:params_method]) if @options[:params_method]
         request = @options.fetch(:request_class, Sinatra::Request).new(env)
         transaction = Appsignal::Transaction.create(
           SecureRandom.uuid,
           Appsignal::Transaction::HTTP_REQUEST,
           request,
-          :force => @options.include?(:force) && @options[:force]
+          options
         )
         begin
           Appsignal.instrument("process_action.sinatra") do

data/lib/appsignal/transaction.rb

@@ -186,6 +186,12 @@ module Appsignal
     # @see https://docs.appsignal.com/ruby/instrumentation/breadcrumbs.html
     #   Breadcrumb reference
     def add_breadcrumb(category, action, message = "", metadata = {}, time = Time.now.utc)
+      unless metadata.is_a? Hash
+        Appsignal.logger.error "add_breadcrumb: Cannot add breadcrumb. " \
+          "The given metadata argument is not a Hash."
+        return
+      end
+
       @breadcrumbs.push(
         :time => time.to_i,
         :category => category,
@@ -308,6 +314,7 @@ module Appsignal
 
     def set_metadata(key, value)
       return unless key && value
+      return if Appsignal.config[:filter_metadata].include?(key.to_s)
 
       @ext.set_metadata(key, value)
     end
@@ -337,7 +344,7 @@ module Appsignal
         :params => sanitized_params,
         :environment => sanitized_environment,
         :session_data => sanitized_session_data,
-        :metadata => metadata,
+        :metadata => sanitized_metadata,
         :tags => sanitized_tags,
         :breadcrumbs => breadcrumbs
       }.each do |key, data|
@@ -522,12 +529,17 @@ module Appsignal
       )
     end
 
-    # Returns metadata from the environment.
+    # Returns sanitized metadata set by {#set_metadata} and from the
+    # {#environment}.
     #
-    # @return [nil] if no `:metadata` key is present in the {#environment}.
     # @return [Hash<String, Object>]
-    def metadata
-      environment[:metadata]
+    def sanitized_metadata
+      metadata = environment[:metadata]
+      return unless metadata
+
+      metadata
+        .transform_keys(&:to_s)
+        .except(*Appsignal.config[:filter_metadata])
     end
 
     # Returns the environment for a transaction.

data/lib/appsignal/utils/hash_sanitizer.rb

@@ -5,20 +5,21 @@ module Appsignal
     # @api private
     class HashSanitizer
       FILTERED = "[FILTERED]"
+      RECURSIVE = "[RECURSIVE VALUE]"
 
       class << self
         def sanitize(value, filter_keys = [])
-          sanitize_value(value, filter_keys)
+          sanitize_value(value, filter_keys, [])
         end
 
         private
 
-        def sanitize_value(value, filter_keys)
+        def sanitize_value(value, filter_keys, seen)
           case value
           when Hash
-            sanitize_hash(value, filter_keys)
+            sanitize_hash(value, filter_keys, seen)
           when Array
-            sanitize_array(value, filter_keys)
+            sanitize_array(value, filter_keys, seen)
           when TrueClass, FalseClass, NilClass, Integer, String, Symbol, Float
             unmodified(value)
           else
@@ -26,23 +27,34 @@ module Appsignal
           end
         end
 
-        def sanitize_hash(source, filter_keys)
+        def sanitize_hash(source, filter_keys, seen)
+          seen = seen.clone << source.object_id
+
           {}.tap do |hash|
             source.each_pair do |key, value|
               hash[key] =
-                if filter_keys.include?(key.to_s)
+                if seen.include?(value.object_id)
+                  RECURSIVE
+                elsif filter_keys.include?(key.to_s)
                   FILTERED
                 else
-                  sanitize_value(value, filter_keys)
+                  sanitize_value(value, filter_keys, seen)
                 end
             end
           end
         end
 
-        def sanitize_array(source, filter_keys)
+        def sanitize_array(source, filter_keys, seen)
+          seen = seen.clone << source.object_id
+
           [].tap do |array|
             source.each_with_index do |item, index|
-              array[index] = sanitize_value(item, filter_keys)
+              array[index] =
+                if seen.include?(item.object_id)
+                  RECURSIVE
+                else
+                  sanitize_value(item, filter_keys, seen)
+                end
             end
           end
         end

data/lib/appsignal/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Appsignal
-  VERSION = "3.4.4"
+  VERSION = "3.4.6"
 end

data/spec/lib/appsignal/config_spec.rb

@@ -165,6 +165,7 @@ describe Appsignal::Config do
         :enable_rails_error_reporter    => true,
         :endpoint                       => "https://push.appsignal.com",
         :files_world_accessible         => true,
+        :filter_metadata                => [],
         :filter_parameters              => [],
         :filter_session_data            => [],
         :ignore_actions                 => [],

data/spec/lib/appsignal/rack/sinatra_instrumentation_spec.rb

@@ -1,39 +1,49 @@
 if DependencyHelper.sinatra_present?
   require "appsignal/integrations/sinatra"
 
+  module SinatraRequestHelpers
+    def make_request(env)
+      middleware.call(env)
+    end
+
+    def make_request_with_error(env, error)
+      expect { middleware.call(env) }.to raise_error(error)
+    end
+  end
+
   describe Appsignal::Rack::SinatraInstrumentation do
+    include SinatraRequestHelpers
+
     let(:settings) { double(:raise_errors => false) }
     let(:app) { double(:call => true, :settings => settings) }
     let(:env) { { "sinatra.route" => "GET /", :path => "/", :method => "GET" } }
     let(:middleware) { Appsignal::Rack::SinatraInstrumentation.new(app) }
 
+    before(:context) { start_agent }
+    around do |example|
+      keep_transactions { example.run }
+    end
+
     describe "#call" do
-      before do
-        start_agent
-        allow(middleware).to receive(:raw_payload).and_return({})
-        allow(Appsignal).to receive(:active?).and_return(true)
-      end
+      before { allow(middleware).to receive(:raw_payload).and_return({}) }
 
-      it "should call without monitoring" do
-        expect(Appsignal::Transaction).to_not receive(:create)
+      it "doesn't instrument requests" do
+        make_request(env)
+        expect(created_transactions.count).to eq(0)
       end
-
-      after { middleware.call(env) }
     end
 
     describe ".settings" do
       subject { middleware.settings }
 
-      it "should return the app's settings" do
+      it "returns the app's settings" do
         expect(subject).to eq(app.settings)
       end
     end
   end
 
   describe Appsignal::Rack::SinatraBaseInstrumentation do
-    before :context do
-      start_agent
-    end
+    include SinatraRequestHelpers
 
     let(:settings) { double(:raise_errors => false) }
     let(:app) { double(:call => true, :settings => settings) }
@@ -41,11 +51,16 @@ if DependencyHelper.sinatra_present?
     let(:options) { {} }
     let(:middleware) { Appsignal::Rack::SinatraBaseInstrumentation.new(app, options) }
 
+    before(:context) { start_agent }
+    around do |example|
+      keep_transactions { example.run }
+    end
+
     describe "#initialize" do
       context "with no settings method in the Sinatra app" do
         let(:app) { double(:call => true) }
 
-        it "should not raise errors" do
+        it "does not raise errors" do
           expect(middleware.raise_errors_on).to be(false)
         end
       end
@@ -53,7 +68,7 @@ if DependencyHelper.sinatra_present?
       context "with no raise_errors setting in the Sinatra app" do
         let(:app) { double(:call => true, :settings => double) }
 
-        it "should not raise errors" do
+        it "does not raise errors" do
           expect(middleware.raise_errors_on).to be(false)
         end
       end
@@ -61,7 +76,7 @@ if DependencyHelper.sinatra_present?
       context "with raise_errors turned off in the Sinatra app" do
         let(:app) { double(:call => true, :settings => double(:raise_errors => false)) }
 
-        it "should raise errors" do
+        it "raises errors" do
           expect(middleware.raise_errors_on).to be(false)
         end
       end
@@ -69,21 +84,17 @@ if DependencyHelper.sinatra_present?
       context "with raise_errors turned on in the Sinatra app" do
         let(:app) { double(:call => true, :settings => double(:raise_errors => true)) }
 
-        it "should raise errors" do
+        it "raises errors" do
           expect(middleware.raise_errors_on).to be(true)
         end
       end
     end
 
     describe "#call" do
-      before do
-        allow(middleware).to receive(:raw_payload).and_return({})
-      end
+      before { allow(middleware).to receive(:raw_payload).and_return({}) }
 
       context "when appsignal is active" do
-        before { allow(Appsignal).to receive(:active?).and_return(true) }
-
-        it "should call with monitoring" do
+        it "instruments requests" do
           expect(middleware).to receive(:call_with_appsignal_monitoring).with(env)
         end
       end
@@ -91,34 +102,36 @@ if DependencyHelper.sinatra_present?
       context "when appsignal is not active" do
         before { allow(Appsignal).to receive(:active?).and_return(false) }
 
-        it "should not call with monitoring" do
-          expect(middleware).to_not receive(:call_with_appsignal_monitoring)
+        it "does not instrument requests" do
+          expect(created_transactions.count).to eq(0)
         end
 
-        it "should call the stack" do
+        it "calls the next middleware in the stack" do
           expect(app).to receive(:call).with(env)
         end
       end
 
-      after { middleware.call(env) }
+      after { make_request(env) }
     end
 
-    describe "#call_with_appsignal_monitoring", :error => false do
-      it "should create a transaction" do
-        expect(Appsignal::Transaction).to receive(:create).with(
-          kind_of(String),
-          Appsignal::Transaction::HTTP_REQUEST,
-          kind_of(Sinatra::Request),
-          kind_of(Hash)
-        ).and_return(double(:set_action_if_nil => nil, :set_http_or_background_queue_start => nil,
-          :set_metadata => nil))
-      end
+    describe "#call_with_appsignal_monitoring" do
+      context "without an error" do
+        it "creates a transaction" do
+          expect(app).to receive(:call).with(env)
+
+          make_request(env)
 
-      it "should call the app" do
-        expect(app).to receive(:call).with(env)
+          expect(created_transactions.count).to eq(1)
+          expect(last_transaction.to_h).to include(
+            "namespace" => Appsignal::Transaction::HTTP_REQUEST,
+            "action" => "GET /",
+            "error" => nil,
+            "metadata" => { "path" => "" }
+          )
+        end
       end
 
-      context "with an error", :error => true do
+      context "with an error" do
         let(:error) { ExampleException }
         let(:app) do
           double.tap do |d|
@@ -128,23 +141,48 @@ if DependencyHelper.sinatra_present?
         end
 
         it "records the exception" do
-          expect_any_instance_of(Appsignal::Transaction).to receive(:set_error).with(error)
+          make_request_with_error(env, error)
+
+          expect(created_transactions.count).to eq(1)
+          expect(last_transaction.to_h).to include(
+            "namespace" => Appsignal::Transaction::HTTP_REQUEST,
+            "action" => "GET /",
+            "error" => hash_including(
+              "name" => "ExampleException",
+              "message" => "ExampleException"
+            )
+          )
         end
       end
 
       context "with an error in sinatra.error" do
-        let(:error) { ExampleException }
+        let(:error) { ExampleException.new }
         let(:env) { { "sinatra.error" => error } }
 
-        it "records the exception" do
-          expect_any_instance_of(Appsignal::Transaction).to receive(:set_error).with(error)
+        context "when raise_errors is off" do
+          let(:settings) { double(:raise_errors => false) }
+
+          it "record the error" do
+            make_request(env)
+
+            expect(created_transactions.count).to eq(1)
+            expect(last_transaction.to_h).to include(
+              "error" => hash_including(
+                "name" => "ExampleException",
+                "message" => "ExampleException"
+              )
+            )
+          end
         end
 
         context "when raise_errors is on" do
           let(:settings) { double(:raise_errors => true) }
 
           it "does not record the error" do
-            expect_any_instance_of(Appsignal::Transaction).to_not receive(:set_error)
+            make_request(env)
+
+            expect(created_transactions.count).to eq(1)
+            expect(last_transaction.to_h).to include("error" => nil)
           end
         end
 
@@ -152,22 +190,30 @@ if DependencyHelper.sinatra_present?
           let(:env) { { "sinatra.error" => error, "sinatra.skip_appsignal_error" => true } }
 
           it "does not record the error" do
-            expect_any_instance_of(Appsignal::Transaction).to_not receive(:set_error)
+            make_request(env)
+
+            expect(created_transactions.count).to eq(1)
+            expect(last_transaction.to_h).to include("error" => nil)
           end
         end
       end
 
       describe "action name" do
-        it "should set the action" do
-          expect_any_instance_of(Appsignal::Transaction)
-            .to receive(:set_action_if_nil).with("GET /")
+        it "sets the action" do
+          make_request(env)
+
+          expect(created_transactions.count).to eq(1)
+          expect(last_transaction.to_h).to include("action" => "GET /")
         end
 
         context "without 'sinatra.route' env" do
           let(:env) { { :path => "/", :method => "GET" } }
 
-          it "returns nil" do
-            expect_any_instance_of(Appsignal::Transaction).to receive(:set_action_if_nil).with(nil)
+          it "doesn't set an action name" do
+            make_request(env)
+
+            expect(created_transactions.count).to eq(1)
+            expect(last_transaction.to_h).to include("action" => nil)
           end
         end
 
@@ -175,44 +221,90 @@ if DependencyHelper.sinatra_present?
           before { env["SCRIPT_NAME"] = "/api" }
 
           it "should call set_action with an application prefix path" do
-            expect_any_instance_of(Appsignal::Transaction)
-              .to receive(:set_action_if_nil).with("GET /api/")
+            make_request(env)
+
+            expect(created_transactions.count).to eq(1)
+            expect(last_transaction.to_h).to include("action" => "GET /api/")
           end
 
           context "without 'sinatra.route' env" do
             let(:env) { { :path => "/", :method => "GET" } }
 
-            it "returns nil" do
-              expect_any_instance_of(Appsignal::Transaction)
-                .to receive(:set_action_if_nil).with(nil)
+            it "doesn't set an action name" do
+              make_request(env)
+
+              expect(created_transactions.count).to eq(1)
+              expect(last_transaction.to_h).to include("action" => nil)
             end
           end
         end
       end
 
-      it "should set metadata" do
-        expect_any_instance_of(Appsignal::Transaction).to receive(:set_metadata).twice
+      context "metadata" do
+        let(:env) { { "PATH_INFO" => "/some/path", "REQUEST_METHOD" => "GET" } }
+
+        it "sets metadata from the environment" do
+          make_request(env)
+
+          expect(created_transactions.count).to eq(1)
+          expect(last_transaction.to_h).to include(
+            "metadata" => {
+              "method" => "GET",
+              "path" => "/some/path"
+            },
+            "sample_data" => hash_including(
+              "environment" => hash_including(
+                "REQUEST_METHOD" => "GET",
+                "PATH_INFO" => "/some/path"
+              )
+            )
+          )
+        end
+      end
+
+      context "with queue start" do
+        let(:queue_start_time) { fixed_time * 1_000 }
+        let(:env) do
+          { "HTTP_X_REQUEST_START" => "t=#{queue_start_time.to_i}" } # in milliseconds
+        end
+
+        it "sets the queue start" do
+          make_request(env)
+          expect(last_transaction.ext.queue_start).to eq(queue_start_time)
+        end
       end
 
-      it "should set the queue start" do
-        expect_any_instance_of(Appsignal::Transaction)
-          .to receive(:set_http_or_background_queue_start)
+      class FilteredRequest
+        def initialize(_args) # rubocop:disable Style/RedundantInitialize
+        end
+
+        def path
+          "/static/path"
+        end
+
+        def request_method
+          "GET"
+        end
+
+        def filtered_params
+          { "abc" => "123" }
+        end
       end
 
       context "with overridden request class and params method" do
-        let(:options) { { :request_class => ::Rack::Request, :params_method => :filtered_params } }
+        let(:options) { { :request_class => FilteredRequest, :params_method => :filtered_params } }
 
-        it "should use the overridden request class and params method" do
-          request = ::Rack::Request.new(env)
-          expect(::Rack::Request).to receive(:new)
-            .with(env.merge(:params_method => :filtered_params))
-            .at_least(:once)
-            .and_return(request)
+        it "uses the overridden request class and params method to fetch params" do
+          make_request(env)
+
+          expect(created_transactions.count).to eq(1)
+          expect(last_transaction.to_h).to include(
+            "sample_data" => hash_including(
+              "params" => { "abc" => "123" }
+            )
+          )
         end
       end
-
-      after(:error => false) { middleware.call(env) }
-      after(:error => true) { expect { middleware.call(env) }.to raise_error(error) }
     end
   end
 end

data/spec/lib/appsignal/rack/streaming_listener_spec.rb

@@ -1,6 +1,7 @@
 require "appsignal/rack/streaming_listener"
 
 describe Appsignal::Rack::StreamingListener do
+  before(:context) { start_agent }
   let(:headers) { {} }
   let(:env) do
     {

data/spec/lib/appsignal/transaction_spec.rb

@@ -432,6 +432,19 @@ describe Appsignal::Transaction do
           expect(breadcrumb["metadata"]).to eq({})
         end
       end
+
+      context "with metadata argument that's not a Hash" do
+        it "does not add the breadcrumb and logs and error" do
+          transaction.add_breadcrumb("category", "action", "message", "invalid metadata")
+          transaction.sample_data
+
+          expect(transaction.to_h["sample_data"]["breadcrumbs"]).to be_empty
+          expect(log_contents(log)).to contains_log(
+            :error,
+            "add_breadcrumb: Cannot add breadcrumb. The given metadata argument is not a Hash."
+          )
+        end
+      end
     end
 
     describe "#set_action" do
@@ -623,6 +636,18 @@ describe Appsignal::Transaction do
         expect(transaction.to_h["metadata"]).to eq("request_method" => "GET")
       end
 
+      context "when filter_metadata includes metadata key" do
+        before { Appsignal.config[:filter_metadata] = ["filter_key"] }
+        after { Appsignal.config[:filter_metadata] = [] }
+
+        it "does not set the metadata on the transaction" do
+          transaction.set_metadata(:filter_key, "filtered value")
+          transaction.set_metadata("filter_key", "filtered value")
+
+          expect(transaction.to_h["metadata"].keys).to_not include("filter_key")
+        end
+      end
+
       context "when the key is nil" do
         it "does not update the metadata on the transaction" do
           transaction.set_metadata(nil, "GET")
@@ -1275,8 +1300,8 @@ describe Appsignal::Transaction do
       end
     end
 
-    describe "#metadata" do
-      subject { transaction.send(:metadata) }
+    describe "#sanitized_metadata" do
+      subject { transaction.send(:sanitized_metadata) }
 
       context "when request is nil" do
         let(:request) { nil }
@@ -1291,9 +1316,18 @@ describe Appsignal::Transaction do
       end
 
       context "when env is present" do
-        let(:env) { { :metadata => { :key => "value" } } }
+        let(:env) { { "key" => "value" } }
+
+        it { is_expected.to eq("key" => "value") }
 
-        it { is_expected.to eq env[:metadata] }
+        context "with filter_metadata option set" do
+          before { Appsignal.config[:filter_metadata] = ["key"] }
+          after { Appsignal.config[:filter_metadata] = [] }
+
+          it "filters out keys listed in the filter_metadata option" do
+            expect(subject.keys).to_not include("key")
+          end
+        end
       end
     end
 

data/spec/lib/appsignal/utils/hash_sanitizer_spec.rb

@@ -1,5 +1,7 @@
 describe Appsignal::Utils::HashSanitizer do
   let(:file) { uploaded_file }
+  let(:some_array) { [1, 2, 3] }
+  let(:some_hash) { { :a => 1, :b => 2 } }
   let(:params) do
     {
       :text => "string",
@@ -8,6 +10,10 @@ describe Appsignal::Utils::HashSanitizer do
       :float => 0.0,
       :bool_true => true,
       :bool_false => false,
+      # Non-recursive appearances of the same array instance
+      :some_arrays => [some_array, some_array],
+      # Non-recursive appearances of the same hash instance
+      :some_hashes => { :a => some_hash, :b => some_hash },
       :nil => nil,
       :int => 1, # Fixnum
       :int64 => 1 << 64, # Bignum
@@ -20,9 +26,20 @@ describe Appsignal::Utils::HashSanitizer do
           {
             :key => "value",
             :file => file
-          }
-        ]
-      }
+          }.tap do |hsh|
+            # Recursive hash-in-hash (should be [:nested_array][3][:recursive_hash])
+            hsh[:recursive_hash] = hsh
+          end
+        ].tap do |ary|
+          # Recursive array-in-array (should be [:nested_array][4])
+          ary << ary
+          # Recursive array-in-hash (should be [:nested_array][3][:recursive_array])
+          ary[3][:recursive_array] = ary
+        end
+      }.tap do |hsh|
+        # Recursive hash-in-array (should be [:nested_array][5])
+        hsh[:nested_array] << hsh
+      end
     }
   end
 
@@ -43,6 +60,9 @@ describe Appsignal::Utils::HashSanitizer do
       expect(subject[:nil]).to be_nil
       expect(subject[:int]).to eq(1)
       expect(subject[:int64]).to eq(1 << 64)
+      expect(subject[:some_arrays]).to eq([[1, 2, 3], [1, 2, 3]])
+      expect(subject[:some_hashes]).to eq({ :a => { :a => 1, :b => 2 },
+:b => { :a => 1, :b => 2 } })
     end
 
     it "does not change the original params" do
@@ -72,7 +92,7 @@ describe Appsignal::Utils::HashSanitizer do
           expect(subject[2]).to include "::UploadedFile"
         end
 
-        describe ":nested_hash key" do
+        describe "nested hash" do
           subject { sanitized_params[:hash][:nested_array][3] }
 
           it "returns a sanitized Hash" do
@@ -82,6 +102,24 @@ describe Appsignal::Utils::HashSanitizer do
             expect(subject[:file]).to be_instance_of String
             expect(subject[:file]).to include "::UploadedFile"
           end
+
+          it "replaces a recursive array" do
+            expect(subject[:recursive_array]).to eq("[RECURSIVE VALUE]")
+          end
+
+          it "replaces a recursive hash" do
+            expect(subject[:recursive_hash]).to eq("[RECURSIVE VALUE]")
+          end
+        end
+
+        describe "nested array" do
+          it "replaces a recursive array" do
+            expect(sanitized_params[:hash][:nested_array][4]).to eq("[RECURSIVE VALUE]")
+          end
+
+          it "replaces a recursive hash" do
+            expect(sanitized_params[:hash][:nested_array][5]).to eq("[RECURSIVE VALUE]")
+          end
         end
       end
     end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: appsignal
 version: !ruby/object:Gem::Version
-  version: 3.4.4
+  version: 3.4.6
 platform: java
 authors:
 - Robert Beekman
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-06-02 00:00:00.000000000 Z
+date: 2023-07-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -453,7 +453,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.11
+rubygems_version: 3.3.7
 signing_key:
 specification_version: 4
 summary: Logs performance and exception data from your app to appsignal.com