datadog 2.12.1 → 2.13.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: datadog
 version: !ruby/object:Gem::Version
-  version: 2.12.1
+  version: 2.13.0
 platform: ruby
 authors:
 - Datadog, Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-06 00:00:00.000000000 Z
+date: 2025-04-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msgpack
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.18.0.0.1
+        version: 1.21.0.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.18.0.0.1
+        version: 1.21.0.0.1
 - !ruby/object:Gem::Dependency
   name: libdatadog
   requirement: !ruby/object:Gem::Requirement
@@ -152,6 +152,8 @@ files:
 - lib/datadog.rb
 - lib/datadog/appsec.rb
 - lib/datadog/appsec/actions_handler.rb
+- lib/datadog/appsec/actions_handler/serializable_backtrace.rb
+- lib/datadog/appsec/anonymizer.rb
 - lib/datadog/appsec/assets.rb
 - lib/datadog/appsec/assets/blocked.html
 - lib/datadog/appsec/assets/blocked.json
@@ -171,15 +173,14 @@ files:
 - lib/datadog/appsec/contrib/active_record/patcher.rb
 - lib/datadog/appsec/contrib/auto_instrument.rb
 - lib/datadog/appsec/contrib/devise/configuration.rb
-- lib/datadog/appsec/contrib/devise/event.rb
+- lib/datadog/appsec/contrib/devise/data_extractor.rb
 - lib/datadog/appsec/contrib/devise/ext.rb
 - lib/datadog/appsec/contrib/devise/integration.rb
 - lib/datadog/appsec/contrib/devise/patcher.rb
-- lib/datadog/appsec/contrib/devise/patcher/authenticatable_patch.rb
-- lib/datadog/appsec/contrib/devise/patcher/registration_controller_patch.rb
-- lib/datadog/appsec/contrib/devise/patcher/rememberable_patch.rb
-- lib/datadog/appsec/contrib/devise/resource.rb
-- lib/datadog/appsec/contrib/devise/tracking.rb
+- lib/datadog/appsec/contrib/devise/patches/signin_tracking_patch.rb
+- lib/datadog/appsec/contrib/devise/patches/signup_tracking_patch.rb
+- lib/datadog/appsec/contrib/devise/patches/skip_signin_tracking_patch.rb
+- lib/datadog/appsec/contrib/devise/tracking_middleware.rb
 - lib/datadog/appsec/contrib/excon/integration.rb
 - lib/datadog/appsec/contrib/excon/patcher.rb
 - lib/datadog/appsec/contrib/excon/ssrf_detection_middleware.rb
@@ -226,6 +227,7 @@ files:
 - lib/datadog/appsec/instrumentation.rb
 - lib/datadog/appsec/instrumentation/gateway.rb
 - lib/datadog/appsec/instrumentation/gateway/argument.rb
+- lib/datadog/appsec/instrumentation/gateway/middleware.rb
 - lib/datadog/appsec/metrics.rb
 - lib/datadog/appsec/metrics/collector.rb
 - lib/datadog/appsec/metrics/exporter.rb
@@ -246,7 +248,6 @@ files:
 - lib/datadog/appsec/utils/http.rb
 - lib/datadog/appsec/utils/http/media_range.rb
 - lib/datadog/appsec/utils/http/media_type.rb
-- lib/datadog/appsec/utils/trace_operation.rb
 - lib/datadog/auto_instrument.rb
 - lib/datadog/auto_instrument_base.rb
 - lib/datadog/core.rb
@@ -420,6 +421,8 @@ files:
 - lib/datadog/kit/enable_core_dumps.rb
 - lib/datadog/kit/identity.rb
 - lib/datadog/opentelemetry.rb
+- lib/datadog/opentelemetry/api/baggage.rb
+- lib/datadog/opentelemetry/api/baggage.rbs
 - lib/datadog/opentelemetry/api/context.rb
 - lib/datadog/opentelemetry/api/trace/span.rb
 - lib/datadog/opentelemetry/sdk/configurator.rb
@@ -863,12 +866,14 @@ files:
 - lib/datadog/tracing/diagnostics/health.rb
 - lib/datadog/tracing/distributed/b3_multi.rb
 - lib/datadog/tracing/distributed/b3_single.rb
+- lib/datadog/tracing/distributed/baggage.rb
 - lib/datadog/tracing/distributed/datadog.rb
 - lib/datadog/tracing/distributed/datadog_tags_codec.rb
 - lib/datadog/tracing/distributed/fetcher.rb
 - lib/datadog/tracing/distributed/helpers.rb
 - lib/datadog/tracing/distributed/none.rb
 - lib/datadog/tracing/distributed/propagation.rb
+- lib/datadog/tracing/distributed/propagation_policy.rb
 - lib/datadog/tracing/distributed/trace_context.rb
 - lib/datadog/tracing/event.rb
 - lib/datadog/tracing/flush.rb
@@ -876,6 +881,8 @@ files:
 - lib/datadog/tracing/metadata/analytics.rb
 - lib/datadog/tracing/metadata/errors.rb
 - lib/datadog/tracing/metadata/ext.rb
+- lib/datadog/tracing/metadata/metastruct.rb
+- lib/datadog/tracing/metadata/metastruct_tagging.rb
 - lib/datadog/tracing/metadata/tagging.rb
 - lib/datadog/tracing/pipeline.rb
 - lib/datadog/tracing/pipeline/span_filter.rb
@@ -930,8 +937,8 @@ licenses:
 - Apache-2.0
 metadata:
   allowed_push_host: https://rubygems.org
-  changelog_uri: https://github.com/DataDog/dd-trace-rb/blob/v2.12.1/CHANGELOG.md
-  source_code_uri: https://github.com/DataDog/dd-trace-rb/tree/v2.12.1
+  changelog_uri: https://github.com/DataDog/dd-trace-rb/blob/v2.13.0/CHANGELOG.md
+  source_code_uri: https://github.com/DataDog/dd-trace-rb/tree/v2.13.0
 post_install_message:
 rdoc_options: []
 require_paths:

data/lib/datadog/appsec/contrib/devise/event.rb

@@ -1,54 +0,0 @@
-# frozen_string_literal: true
-
-module Datadog
-  module AppSec
-    module Contrib
-      module Devise
-        # Class to extract event information from the resource
-        class Event
-          UUID_REGEX = /^\h{8}-\h{4}-\h{4}-\h{4}-\h{12}$/.freeze
-
-          attr_reader :user_id
-
-          def initialize(resource, mode)
-            @resource = resource
-            @mode = mode
-            @user_id = nil
-            @email = nil
-            @username = nil
-
-            extract if @resource
-          end
-
-          def to_h
-            return @event if defined?(@event)
-
-            @event = {}
-            @event[:email] = @email if @email
-            @event[:username] = @username if @username
-            @event
-          end
-
-          private
-
-          def extract
-            @user_id = @resource.id
-
-            case @mode
-            when AppSec::Configuration::Settings::IDENTIFICATION_AUTO_USER_INSTRUMENTATION_MODE
-              @email = @resource.email
-              @username = @resource.username
-            when AppSec::Configuration::Settings::ANONYMIZATION_AUTO_USER_INSTRUMENTATION_MODE
-              @user_id = nil unless @user_id && @user_id.to_s =~ UUID_REGEX
-            else
-              Datadog.logger.warn(
-                "Invalid auto_user_instrumentation.mode: `#{@mode}`. " \
-                "Supported modes are: #{AppSec::Configuration::Settings::AUTO_USER_INSTRUMENTATION_MODES.join(' | ')}."
-              )
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/datadog/appsec/contrib/devise/patcher/authenticatable_patch.rb

@@ -1,72 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../configuration'
-require_relative '../tracking'
-require_relative '../resource'
-require_relative '../event'
-
-module Datadog
-  module AppSec
-    module Contrib
-      module Devise
-        module Patcher
-          # Hook in devise validate method
-          module AuthenticatablePatch
-            # rubocop:disable Metrics/MethodLength
-            def validate(resource, &block)
-              result = super
-
-              return result unless AppSec.enabled?
-              return result if @_datadog_appsec_skip_track_login_event
-              return result unless Configuration.auto_user_instrumentation_enabled?
-              return result unless AppSec.active_context
-
-              devise_resource = resource ? Resource.new(resource) : nil
-              event_information = Event.new(devise_resource, Configuration.auto_user_instrumentation_mode)
-
-              if result
-                if event_information.user_id
-                  Datadog.logger.debug { 'AppSec: User successful login event' }
-                else
-                  Datadog.logger.debug do
-                    "AppSec: User successful login event, but can't extract user ID. Tracking empty event"
-                  end
-                end
-
-                Tracking.track_login_success(
-                  AppSec.active_context.trace,
-                  AppSec.active_context.span,
-                  user_id: event_information.user_id,
-                  **event_information.to_h
-                )
-
-                return result
-              end
-
-              user_exists = nil
-
-              if resource
-                user_exists = true
-                Datadog.logger.debug { 'AppSec: User failed login event, but user exists' }
-              else
-                user_exists = false
-                Datadog.logger.debug { 'AppSec: User failed login event and user does not exist' }
-              end
-
-              Tracking.track_login_failure(
-                AppSec.active_context.trace,
-                AppSec.active_context.span,
-                user_id: event_information.user_id,
-                user_exists: user_exists,
-                **event_information.to_h
-              )
-
-              result
-            end
-            # rubocop:enable Metrics/MethodLength
-          end
-        end
-      end
-    end
-  end
-end

data/lib/datadog/appsec/contrib/devise/patcher/registration_controller_patch.rb

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../configuration'
-require_relative '../tracking'
-require_relative '../resource'
-require_relative '../event'
-
-module Datadog
-  module AppSec
-    module Contrib
-      module Devise
-        module Patcher
-          # Hook in devise registration controller
-          module RegistrationControllerPatch
-            def create
-              return super unless AppSec.enabled?
-              return super unless Configuration.auto_user_instrumentation_enabled?
-              return super unless AppSec.active_context
-
-              super do |resource|
-                if resource.persisted?
-                  devise_resource = Resource.new(resource)
-                  event_information = Event.new(devise_resource, Configuration.auto_user_instrumentation_mode)
-
-                  if event_information.user_id
-                    Datadog.logger.debug { 'AppSec: User signup event' }
-                  else
-                    Datadog.logger.warn { "AppSec: User signup event, but can't extract user ID. Tracking empty event" }
-                  end
-
-                  Tracking.track_signup(
-                    AppSec.active_context.trace,
-                    AppSec.active_context.span,
-                    user_id: event_information.user_id,
-                    **event_information.to_h
-                  )
-                end
-
-                yield resource if block_given?
-              end
-            end
-          end
-        end
-      end
-    end
-  end
-end

data/lib/datadog/appsec/contrib/devise/resource.rb

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-module Datadog
-  module AppSec
-    module Contrib
-      module Devise
-        # Class to encpasulate extracting information from a Devise resource
-        # Normally a devise resource would be an Active::Record instance
-        class Resource
-          def initialize(resource)
-            @resource = resource
-          end
-
-          def id
-            extract(:id) || extract(:uuid)
-          end
-
-          def email
-            extract(:email)
-          end
-
-          def username
-            extract(:username)
-          end
-
-          private
-
-          def extract(method)
-            @resource.send(method) if @resource.respond_to?(method)
-          end
-        end
-      end
-    end
-  end
-end

data/lib/datadog/appsec/contrib/devise/tracking.rb

@@ -1,57 +0,0 @@
-# frozen_string_literal: true
-
-require_relative '../../../kit/identity'
-
-module Datadog
-  module AppSec
-    module Contrib
-      module Devise
-        # Internal module to track user events
-        module Tracking
-          LOGIN_SUCCESS_EVENT = 'users.login.success'
-          LOGIN_FAILURE_EVENT = 'users.login.failure'
-          SIGNUP_EVENT = 'users.signup'
-
-          def self.track_login_success(trace, span, user_id:, **others)
-            return if trace.nil? || span.nil?
-
-            track(LOGIN_SUCCESS_EVENT, trace, span, **others)
-
-            Kit::Identity.set_user(trace, span, id: user_id.to_s, **others) if user_id
-          end
-
-          def self.track_login_failure(trace, span, user_id:, user_exists:, **others)
-            return if trace.nil? || span.nil?
-
-            track(LOGIN_FAILURE_EVENT, trace, span, **others)
-
-            span.set_tag('appsec.events.users.login.failure.usr.id', user_id) if user_id
-            span.set_tag('appsec.events.users.login.failure.usr.exists', user_exists)
-          end
-
-          def self.track_signup(trace, span, user_id:, **others)
-            return if trace.nil? || span.nil?
-
-            track(SIGNUP_EVENT, trace, span, **others)
-            Kit::Identity.set_user(trace, id: user_id.to_s, **others) if user_id
-          end
-
-          def self.track(event, trace, span, **others)
-            return if trace.nil? || span.nil?
-
-            span.set_tag("appsec.events.#{event}.track", 'true')
-            span.set_tag("_dd.appsec.events.#{event}.auto.mode", Configuration.track_user_events_mode)
-
-            others.each do |k, v|
-              raise ArgumentError, 'key cannot be :track' if k.to_sym == :track
-
-              span.set_tag("appsec.events.#{event}.#{k}", v) unless v.nil?
-            end
-
-            trace.keep!
-          end
-        end
-      end
-    end
-  end
-end

data/lib/datadog/appsec/utils/trace_operation.rb

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-module Datadog
-  module AppSec
-    module Utils
-      # Utility class to to AppSec-specific trace operations
-      class TraceOperation
-        def self.appsec_standalone_reject?(trace)
-          Datadog.configuration.appsec.standalone.enabled &&
-            (trace.nil? || trace.get_tag(Datadog::AppSec::Ext::TAG_DISTRIBUTED_APPSEC_EVENT) != '1')
-        end
-      end
-    end
-  end
-end