bugsnag 4.2.1 → 6.27.1

data/README.md

@@ -1,50 +1,46 @@
-# Bugsnag exception reporter for Ruby
-[![build status](https://travis-ci.org/bugsnag/bugsnag-ruby.svg?branch=master)](https://travis-ci.org/bugsnag/bugsnag-ruby)
+# Bugsnag error monitoring & exception reporter for Ruby
+[![build status](https://github.com/bugsnag/bugsnag-ruby/actions/workflows/test-package.yml/badge.svg)](https://github.com/bugsnag/bugsnag-ruby/actions/workflows/test-package.yml?query=branch%3Amaster)
 
 
-The Bugsnag exception reporter for Ruby gives you instant notification of exceptions
-thrown from your **[Rails](https://bugsnag.com/platforms/rails)**, **Sinatra**, **Rack** or **plain Ruby** app.
-Any uncaught exceptions will trigger a notification to be sent to your
-Bugsnag project.
+The Bugsnag exception reporter for Ruby gives you instant notification of exceptions thrown from your **[Rails](https://www.bugsnag.com/platforms/rails)**, **Sinatra**, **Rack** or **plain Ruby** app. Any uncaught exceptions will trigger a notification to be sent to your Bugsnag project.
 
 ## Features
 
 * Automatically report unhandled exceptions and crashes
-* Report handled exceptions 
+* Report handled exceptions
 * Attach user information to determine how many people are affected by a crash
 * Send customized diagnostic data
+* Track events that occur leading up to a crash
 
 ## Getting started
 
-1. [Create a Bugsnag account](https://bugsnag.com)
+1. [Create a Bugsnag account](https://www.bugsnag.com)
 2. Complete the instructions in the integration guide for your framework:
-    * [Rack](http://docs.bugsnag.com/platforms/ruby/rack)
-    * [Rails](http://docs.bugsnag.com/platforms/ruby/rails)
-    * [Rake](http://docs.bugsnag.com/platforms/ruby/rake)
-    * [Sidekiq](http://docs.bugsnag.com/platforms/ruby/sidekiq)
-    * [Other Ruby apps](http://docs.bugsnag.com/platforms/ruby/other)
-    * For [EventMachine](http://rubyeventmachine.com) integration, see [`bugsnag-em`](https://github.com/bugsnag/bugsnag-em)
+    * [Que](https://docs.bugsnag.com/platforms/ruby/que)
+    * [Rack](https://docs.bugsnag.com/platforms/ruby/rack)
+    * [Rails](https://docs.bugsnag.com/platforms/ruby/rails)
+    * [Rake](https://docs.bugsnag.com/platforms/ruby/rake)
+    * [Sidekiq](https://docs.bugsnag.com/platforms/ruby/sidekiq)
+    * [Other Ruby apps](https://docs.bugsnag.com/platforms/ruby/other)
 3. Relax!
 
 ## Support
 
 * Read the configuration reference:
-    * [Rack](http://docs.bugsnag.com/platforms/ruby/rack/configuration-options)
-    * [Rails](http://docs.bugsnag.com/platforms/ruby/rails/configuration-options)
-    * [Rake](http://docs.bugsnag.com/platforms/ruby/rake/configuration-options)
-    * [Sidekiq](http://docs.bugsnag.com/platforms/ruby/sidekiq/configuration-options)
-    * [Other Ruby apps](http://docs.bugsnag.com/platforms/ruby/other/configuration-options)
-* Check out some [example apps integrated with Bugsnag](https://github.com/bugsnag/bugsnag-example-apps/tree/master/apps/ruby) using Rails, Sinatra, Padrino, and more.
+    * [Que](https://docs.bugsnag.com/platforms/ruby/que/configuration-options)
+    * [Rack](https://docs.bugsnag.com/platforms/ruby/rack/configuration-options)
+    * [Rails](https://docs.bugsnag.com/platforms/ruby/rails/configuration-options)
+    * [Rake](https://docs.bugsnag.com/platforms/ruby/rake/configuration-options)
+    * [Sidekiq](https://docs.bugsnag.com/platforms/ruby/sidekiq/configuration-options)
+    * [Other Ruby apps](https://docs.bugsnag.com/platforms/ruby/other/configuration-options)
+* Check out some [example apps integrated with Bugsnag](https://github.com/bugsnag/bugsnag-ruby/tree/master/example) using Rails, Sinatra, Padrino, and more.
 * [Search open and closed issues](https://github.com/bugsnag/bugsnag-ruby/issues?utf8=✓&q=is%3Aissue) for similar problems
 * [Report a bug or request a feature](https://github.com/bugsnag/bugsnag-ruby/issues/new)
 
 ## Contributing
 
-All contributors are welcome! For information on how to build, test
-and release `bugsnag-ruby`, see our
-[contributing guide](https://github.com/bugsnag/bugsnag-ruby/blob/master/CONTRIBUTING.md). Feel free to comment on [existing issues](https://github.com/bugsnag/bugsnag-ruby/issues) for clarification or starting points.
+All contributors are welcome! For information on how to build, test and release `bugsnag-ruby`, see our [contributing guide](https://github.com/bugsnag/bugsnag-ruby/blob/master/CONTRIBUTING.md). Feel free to comment on [existing issues](https://github.com/bugsnag/bugsnag-ruby/issues) for clarification or starting points.
 
 ## License
 
-The Bugsnag ruby notifier is free software released under the MIT License.
-See [LICENSE.txt](LICENSE.txt) for details.
+The Bugsnag ruby notifier is free software released under the MIT License. See [LICENSE.txt](LICENSE.txt) for details.

data/VERSION

@@ -1 +1 @@
-4.2.1
+6.27.1

data/bugsnag.gemspec

@@ -7,10 +7,10 @@ Gem::Specification.new do |s|
 
   s.description = "Ruby notifier for bugsnag.com"
   s.summary = "Ruby notifier for bugsnag.com"
-  s.homepage = "http://github.com/bugsnag/bugsnag-ruby"
+  s.homepage = "https://github.com/bugsnag/bugsnag-ruby"
   s.licenses = ["MIT"]
 
-  s.files = `git ls-files`.split("\n").reject {|file| file.start_with? "example/"}
+  s.files = `git ls-files -z lib bugsnag.gemspec VERSION .yardopts`.split("\x0")
   s.extra_rdoc_files = [
     "LICENSE.txt",
     "README.md",
@@ -19,10 +19,21 @@ Gem::Specification.new do |s|
   s.require_paths = ["lib"]
   s.required_ruby_version = '>= 1.9.2'
 
-  s.add_development_dependency 'rake', '~> 10.1.1'
-  s.add_development_dependency 'rspec'
-  s.add_development_dependency 'rdoc'
-  s.add_development_dependency 'pry'
-  s.add_development_dependency 'addressable', '~> 2.3.8'
-  s.add_development_dependency 'webmock'
+  ruby_version = Gem::Version.new(RUBY_VERSION.dup)
+
+  if ruby_version < Gem::Version.new('2.2.0')
+    # concurrent-ruby 1.1.10 requires Ruby 2.2+
+    s.add_runtime_dependency 'concurrent-ruby', '~> 1.0', '< 1.1.10'
+  else
+    s.add_runtime_dependency 'concurrent-ruby', '~> 1.0'
+  end
+
+  if s.respond_to?(:metadata=)
+    s.metadata = {
+      "changelog_uri" => "https://github.com/bugsnag/bugsnag-ruby/blob/v#{File.read("VERSION").strip}/CHANGELOG.md",
+      "documentation_uri" => "https://docs.bugsnag.com/platforms/ruby/",
+      "source_code_uri" => "https://github.com/bugsnag/bugsnag-ruby/",
+      "rubygems_mfa_required" => "true"
+    }
+  end
 end

data/lib/bugsnag/breadcrumb_type.rb

@@ -0,0 +1,14 @@
+require "bugsnag/breadcrumbs/breadcrumbs"
+
+module Bugsnag
+  module BreadcrumbType
+    ERROR = Bugsnag::Breadcrumbs::ERROR_BREADCRUMB_TYPE
+    LOG = Bugsnag::Breadcrumbs::LOG_BREADCRUMB_TYPE
+    MANUAL = Bugsnag::Breadcrumbs::MANUAL_BREADCRUMB_TYPE
+    NAVIGATION = Bugsnag::Breadcrumbs::NAVIGATION_BREADCRUMB_TYPE
+    PROCESS = Bugsnag::Breadcrumbs::PROCESS_BREADCRUMB_TYPE
+    REQUEST = Bugsnag::Breadcrumbs::REQUEST_BREADCRUMB_TYPE
+    STATE = Bugsnag::Breadcrumbs::STATE_BREADCRUMB_TYPE
+    USER = Bugsnag::Breadcrumbs::USER_BREADCRUMB_TYPE
+  end
+end

data/lib/bugsnag/breadcrumbs/breadcrumb.rb

@@ -0,0 +1,109 @@
+module Bugsnag::Breadcrumbs
+  class Breadcrumb
+    # @deprecated Use {#message} instead
+    # @return [String] the breadcrumb name
+    attr_accessor :name
+
+    # @return [String] the breadcrumb type
+    attr_accessor :type
+
+    # @deprecated Use {#metadata} instead
+    # @return [Hash, nil] metadata hash containing strings, numbers, or booleans, or nil
+    attr_accessor :meta_data
+
+    # @return [Boolean] set to `true` if the breadcrumb was automatically generated
+    attr_reader :auto
+
+    # @return [Time] a Time object referring to breadcrumb creation time
+    attr_reader :timestamp
+
+    ##
+    # Creates a breadcrumb
+    #
+    # This will not have been validated, which must occur before this is attached to a report
+    #
+    # @api private
+    #
+    # @param name [String] the breadcrumb name
+    # @param type [String] the breadcrumb type from Bugsnag::BreadcrumbType
+    # @param meta_data [Hash, nil] a hash containing strings, numbers, or booleans, or nil
+    # @param auto [Symbol] set to `:auto` if the breadcrumb is automatically generated
+    def initialize(name, type, meta_data, auto)
+      @should_ignore = false
+      self.name = name
+      self.type = type
+      self.meta_data = meta_data
+
+      # Use the symbol comparison to improve readability of breadcrumb creation
+      @auto = auto == :auto
+
+      # Store it as a timestamp for now
+      @timestamp = Time.now.utc
+    end
+
+    ##
+    # Flags the breadcrumb to be ignored
+    #
+    # Ignored breadcrumbs will not be attached to a report
+    def ignore!
+      @should_ignore = true
+    end
+
+    ##
+    # Checks if the `ignore!` method has been called
+    #
+    # Ignored breadcrumbs will not be attached to a report
+    #
+    # @return [True] if `ignore!` has been called
+    # @return [nil] if `ignore` has not been called
+    def ignore?
+      @should_ignore
+    end
+
+    ##
+    # Outputs the breadcrumb data in a formatted hash
+    #
+    # These adhere to the breadcrumb format as defined in the Bugsnag error reporting API
+    #
+    # @return [Hash] Hash representation of the breadcrumb
+    def to_h
+      {
+        :name => @name,
+        :type => @type,
+        :metaData => @meta_data,
+        :timestamp => @timestamp.iso8601(3)
+      }
+    end
+
+    # TODO: "message" and "metadata" can be simple attr_accessors when they
+    #       replace "name" and "meta_data"
+    # NOTE: these are not aliases as YARD doesn't allow documenting the non-alias
+    #       as deprecated without also marking the alias as deprecated
+
+    # The breadcrumb message
+    # @!attribute message
+    # @return [String]
+    def message
+      @name
+    end
+
+    # @param message [String]
+    # @return [void]
+    def message=(message)
+      @name = message
+    end
+
+    # A Hash containing arbitrary metadata associated with this breadcrumb
+    # @!attribute metadata
+    # @return [Hash, nil]
+    def metadata
+      @meta_data
+    end
+
+    # @param metadata [Hash, nil]
+    # @return [void]
+    def metadata=(metadata)
+      @meta_data = metadata
+    end
+  end
+end

data/lib/bugsnag/breadcrumbs/breadcrumbs.rb

@@ -0,0 +1,13 @@
+module Bugsnag::Breadcrumbs
+  # @deprecated Use {Bugsnag::BreadcrumbType} instead
+  VALID_BREADCRUMB_TYPES = [
+    ERROR_BREADCRUMB_TYPE = "error",
+    MANUAL_BREADCRUMB_TYPE = "manual",
+    NAVIGATION_BREADCRUMB_TYPE = "navigation",
+    REQUEST_BREADCRUMB_TYPE = "request",
+    PROCESS_BREADCRUMB_TYPE = "process",
+    LOG_BREADCRUMB_TYPE = "log",
+    USER_BREADCRUMB_TYPE = "user",
+    STATE_BREADCRUMB_TYPE = "state"
+  ].freeze
+end

data/lib/bugsnag/breadcrumbs/on_breadcrumb_callback_list.rb

@@ -0,0 +1,48 @@
+module Bugsnag::Breadcrumbs
+  class OnBreadcrumbCallbackList
+    def initialize(configuration)
+      @callbacks = Set.new
+      @mutex = Mutex.new
+      @configuration = configuration
+    end
+
+    ##
+    # @param callback [Proc, Method, #call]
+    # @return [void]
+    def add(callback)
+      @mutex.synchronize do
+        @callbacks.add(callback)
+      end
+    end
+
+    ##
+    # @param callback [Proc, Method, #call]
+    # @return [void]
+    def remove(callback)
+      @mutex.synchronize do
+        @callbacks.delete(callback)
+      end
+    end
+
+    ##
+    # @param breadcrumb [Breadcrumb]
+    # @return [void]
+    def call(breadcrumb)
+      @callbacks.each do |callback|
+        begin
+          should_continue = callback.call(breadcrumb)
+        rescue StandardError => e
+          @configuration.warn("Error occurred in on_breadcrumb callback: '#{e}'")
+          @configuration.warn("on_breadcrumb callback stacktrace: #{e.backtrace.inspect}")
+        end
+
+        # only stop if should_continue is explicity 'false' to allow callbacks
+        # to return 'nil'
+        if should_continue == false
+          breadcrumb.ignore!
+          break
+        end
+      end
+    end
+  end
+end

data/lib/bugsnag/breadcrumbs/validator.rb

@@ -0,0 +1,29 @@
+module Bugsnag::Breadcrumbs
+  ##
+  # Validates a given breadcrumb before it is stored
+  class Validator
+    ##
+    # @param configuration [Bugsnag::Configuration] The current configuration
+    def initialize(configuration)
+      @configuration = configuration
+    end
+
+    ##
+    # Validates a given breadcrumb.
+    #
+    # @param breadcrumb [Bugsnag::Breadcrumbs::Breadcrumb] the breadcrumb to be validated
+    def validate(breadcrumb)
+      # Check type is valid, set to manual otherwise
+      unless Bugsnag::Breadcrumbs::VALID_BREADCRUMB_TYPES.include?(breadcrumb.type)
+        @configuration.debug("Invalid type: #{breadcrumb.type} for breadcrumb: #{breadcrumb.name}, defaulting to #{Bugsnag::Breadcrumbs::MANUAL_BREADCRUMB_TYPE}")
+        breadcrumb.type = Bugsnag::Breadcrumbs::MANUAL_BREADCRUMB_TYPE
+      end
+
+      # If auto is true, check type is in enabled_automatic_breadcrumb_types
+      return unless breadcrumb.auto && !@configuration.enabled_automatic_breadcrumb_types.include?(breadcrumb.type)
+
+      @configuration.debug("Automatic breadcrumb of type #{breadcrumb.type} ignored: #{breadcrumb.name}")
+      breadcrumb.ignore!
+    end
+  end
+end

data/lib/bugsnag/cleaner.rb

@@ -1,19 +1,105 @@
-require 'uri'
-
 module Bugsnag
+  # @api private
   class Cleaner
-    ENCODING_OPTIONS = {:invalid => :replace, :undef => :replace}.freeze
     FILTERED = '[FILTERED]'.freeze
     RECURSION = '[RECURSION]'.freeze
     OBJECT = '[OBJECT]'.freeze
+    RAISED = '[RAISED]'.freeze
+    OBJECT_WITH_ID_AND_CLASS = '[OBJECT]: [Class]: %<class_name>s [ID]: %<id>d'.freeze
+
+    ##
+    # @param configuration [Configuration]
+    def initialize(configuration)
+      @configuration = configuration
+    end
 
-    def initialize(filters)
-      @filters = Array(filters)
-      @deep_filters = @filters.any? {|f| f.kind_of?(Regexp) && f.to_s.include?("\\.".freeze) }
+    def clean_object(object)
+      @deep_filters = deep_filters?
+
+      traverse_object(object, {}, nil)
     end
 
-    def clean_object(obj)
-      traverse_object(obj, {}, nil)
+    ##
+    # @param url [String]
+    # @return [String]
+    def clean_url(url)
+      return url if @configuration.meta_data_filters.empty? && @configuration.redacted_keys.empty?
+      return url unless url.include?('?')
+
+      begin
+        uri = URI(url)
+
+        if uri.is_a?(URI::MailTo)
+          clean_mailto_url(url, uri)
+        else
+          clean_generic_url(url, uri)
+        end
+      rescue URI::InvalidURIError
+        pre_query_string, _query_string = url.split('?', 2)
+
+        "#{pre_query_string}?#{FILTERED}"
+      rescue StandardError
+        FILTERED
+      end
+    end
+
+    ##
+    # @param key [String, #to_s]
+    # @return [Boolean]
+    def filters_match?(key)
+      str = key.to_s
+
+      matched = @configuration.meta_data_filters.any? do |filter|
+        case filter
+        when Regexp
+          str.match(filter)
+        else
+          str.include?(filter.to_s)
+        end
+      end
+
+      return true if matched
+
+      @configuration.redacted_keys.any? do |redaction_pattern|
+        case redaction_pattern
+        when Regexp
+          str.match(redaction_pattern)
+        when String
+          str.downcase == redaction_pattern.downcase
+        end
+      end
+    end
+
+    private
+
+    ##
+    # This method calculates whether we need to filter deeply or not; i.e. whether
+    # we should match both with and without 'request.params'
+    #
+    # This is cached on the instance variable '@deep_filters' for performance
+    # reasons
+    #
+    # @return [Boolean]
+    def deep_filters?
+      is_deep_filter = proc do |filter|
+        filter.is_a?(Regexp) && filter.to_s.include?("\\.".freeze)
+      end
+
+      @configuration.meta_data_filters.any?(&is_deep_filter) || @configuration.redacted_keys.any?(&is_deep_filter)
+    end
+
+    def clean_string(str)
+      if defined?(str.encoding) && defined?(Encoding::UTF_8)
+        if str.encoding == Encoding::UTF_8
+          str.valid_encoding? ? str : str.encode('utf-16', invalid: :replace, undef: :replace).encode('utf-8')
+        else
+          str.encode('utf-8', invalid: :replace, undef: :replace)
+        end
+      elsif defined?(Iconv)
+        Iconv.conv('UTF-8//IGNORE', 'UTF-8', str) || str
+      else
+        str
+      end
     end
 
     def traverse_object(obj, seen, scope)
@@ -28,25 +114,49 @@ module Bugsnag
       value = case obj
       when Hash
         clean_hash = {}
-        obj.each do |k,v|
-          if filters_match_deeply?(k, scope)
-            clean_hash[k] = FILTERED
-          else
-            clean_hash[k] = traverse_object(v, seen, [scope, k].compact.join('.'))
+        obj.each do |k, v|
+          begin
+            current_scope = [scope, k].compact.join('.')
+
+            if filters_match_deeply?(k, current_scope)
+              clean_hash[k] = FILTERED
+            else
+              clean_hash[k] = traverse_object(v, seen, current_scope)
+            end
+          # If we get an error here, we assume the key needs to be filtered
+          # to avoid leaking things we shouldn't. We also remove the key itself
+          # because it may cause issues later e.g. when being converted to JSON
+          rescue StandardError
+            clean_hash[RAISED] = FILTERED
+          rescue SystemStackError
+            clean_hash[RECURSION] = FILTERED
           end
         end
         clean_hash
       when Array, Set
-        obj.map { |el| traverse_object(el, seen, scope) }.compact
+        obj.map { |el| traverse_object(el, seen, scope) }
       when Numeric, TrueClass, FalseClass
         obj
       when String
         clean_string(obj)
       else
-        str = obj.to_s
+        # guard against objects that raise or blow the stack when stringified
+        begin
+          str = obj.to_s
+        rescue StandardError
+          str = RAISED
+        rescue SystemStackError
+          str = RECURSION
+        end
+
         # avoid leaking potentially sensitive data from objects' #inspect output
         if str =~ /#<.*>/
-          OBJECT
+          # Use id of the object if available
+          if obj.respond_to?(:id)
+            format(OBJECT_WITH_ID_AND_CLASS, class_name: obj.class, id: obj.id)
+          else
+            OBJECT
+          end
         else
           clean_string(str)
         end
@@ -56,67 +166,68 @@ module Bugsnag
       value
     end
 
-    def clean_string(str)
-      if defined?(str.encoding) && defined?(Encoding::UTF_8)
-        if str.encoding == Encoding::UTF_8
-          str.valid_encoding? ? str : str.encode('utf-16', ENCODING_OPTIONS).encode('utf-8')
+    ##
+    # If someone has a Rails filter like /^stuff\.secret/, it won't match
+    # "request.params.stuff.secret", so we try it both with and without the
+    # "request.params." bit.
+    #
+    # @param key [String, #to_s]
+    # @param scope [String]
+    # @return [Boolean]
+    def filters_match_deeply?(key, scope)
+      return false unless scope_should_be_filtered?(scope)
+
+      return true if filters_match?(key)
+      return false unless @deep_filters
+
+      return true if filters_match?(scope)
+
+      @configuration.scopes_to_filter.any? do |scope_to_filter|
+        if scope.start_with?("#{scope_to_filter}.request.params.")
+          filters_match?(scope.sub("#{scope_to_filter}.request.params.", ''))
         else
-          str.encode('utf-8', ENCODING_OPTIONS)
+          filters_match?(scope.sub("#{scope_to_filter}.", ''))
         end
-      elsif defined?(Iconv)
-        Iconv.conv('UTF-8//IGNORE', 'UTF-8', str) || str
-      else
-        str
       end
     end
 
-    def self.clean_object_encoding(obj)
-      new(nil).clean_object(obj)
+    ##
+    # Should the given scope be filtered?
+    #
+    # @param scope [String]
+    # @return [Boolean]
+    def scope_should_be_filtered?(scope)
+      @configuration.scopes_to_filter.any? do |scope_to_filter|
+        scope.start_with?("#{scope_to_filter}.")
+      end
     end
 
-    def clean_url(url)
-      return url if @filters.empty?
-
-      uri = URI(url)
-      return url unless uri.query
+    def clean_generic_url(original_url, uri)
+      return original_url unless uri.query
 
       query_params = uri.query.split('&').map { |pair| pair.split('=') }
-      query_params.map! do |key, val|
-        if filters_match?(key)
-          "#{key}=#{FILTERED}"
-        else
-          "#{key}=#{val}"
-        end
-      end
 
-      uri.query = query_params.join('&')
+      uri.query = filter_uri_parameter_array(query_params).join('&')
       uri.to_s
     end
 
-    private
+    def clean_mailto_url(original_url, uri)
+      return original_url unless uri.headers
 
-    def filters_match?(key)
-      str = key.to_s
+      # headers in mailto links can't contain square brackets so we replace
+      # filtered parameters with 'FILTERED' instead of '[FILTERED]'
+      uri.headers = filter_uri_parameter_array(uri.headers, 'FILTERED').join('&')
+      uri.to_s
+    end
 
-      @filters.any? do |f|
-        case f
-        when Regexp
-          str.match(f)
+    def filter_uri_parameter_array(parameters, replacement = FILTERED)
+      parameters.map do |key, value|
+        if filters_match?(key)
+          "#{key}=#{replacement}"
         else
-          str.include?(f.to_s)
+          "#{key}=#{value}"
         end
       end
     end
-
-    # If someone has a Rails filter like /^stuff\.secret/, it won't match "request.params.stuff.secret",
-    # so we try it both with and without the "request.params." bit.
-    def filters_match_deeply?(key, scope)
-      return true if filters_match?(key)
-      return false unless @deep_filters
-
-      long = [scope, key].compact.join('.')
-      short = long.sub(/^request\.params\./, '')
-      filters_match?(long) || filters_match?(short)
-    end
   end
 end