RubyGems - datadog - Versions diffs - 2.14.0 → 2.15.0 - Mend

datadog 2.14.0 → 2.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +24 -2
data/ext/datadog_profiling_native_extension/collectors_thread_context.c +7 -6
data/ext/datadog_profiling_native_extension/datadog_ruby_common.h +3 -0
data/ext/datadog_profiling_native_extension/encoded_profile.c +69 -0
data/ext/datadog_profiling_native_extension/encoded_profile.h +7 -0
data/ext/datadog_profiling_native_extension/http_transport.c +25 -32
data/ext/datadog_profiling_native_extension/profiling.c +2 -0
data/ext/datadog_profiling_native_extension/stack_recorder.c +22 -21
data/ext/libdatadog_api/datadog_ruby_common.h +3 -0
data/lib/datadog/appsec/assets/waf_rules/README.md +50 -5
data/lib/datadog/appsec/assets/waf_rules/processors.json +239 -10
data/lib/datadog/appsec/assets/waf_rules/recommended.json +0 -1344
data/lib/datadog/appsec/assets/waf_rules/scanners.json +926 -17
data/lib/datadog/appsec/assets/waf_rules/strict.json +0 -1344
data/lib/datadog/appsec/component.rb +19 -17
data/lib/datadog/appsec/compressed_json.rb +40 -0
data/lib/datadog/appsec/contrib/active_record/integration.rb +1 -1
data/lib/datadog/appsec/event.rb +21 -50
data/lib/datadog/appsec/remote.rb +4 -0
data/lib/datadog/core/diagnostics/environment_logger.rb +1 -1
data/lib/datadog/core/telemetry/metric.rb +5 -5
data/lib/datadog/core/telemetry/request.rb +1 -1
data/lib/datadog/di/probe_notification_builder.rb +1 -1
data/lib/datadog/di/transport/http/diagnostics.rb +0 -1
data/lib/datadog/di/transport/http/input.rb +0 -1
data/lib/datadog/di/transport/http.rb +0 -6
data/lib/datadog/profiling/collectors/info.rb +3 -0
data/lib/datadog/profiling/encoded_profile.rb +11 -0
data/lib/datadog/profiling/exporter.rb +2 -3
data/lib/datadog/profiling/ext.rb +0 -1
data/lib/datadog/profiling/flush.rb +4 -7
data/lib/datadog/profiling/http_transport.rb +10 -59
data/lib/datadog/profiling/stack_recorder.rb +4 -4
data/lib/datadog/profiling.rb +1 -0
data/lib/datadog/tracing/contrib/active_record/integration.rb +1 -1
data/lib/datadog/tracing/contrib/opensearch/configuration/settings.rb +17 -0
data/lib/datadog/tracing/contrib/opensearch/ext.rb +9 -0
data/lib/datadog/tracing/contrib/opensearch/patcher.rb +5 -1
data/lib/datadog/tracing/contrib/rack/request_queue.rb +1 -1
data/lib/datadog/tracing/contrib/sidekiq/server_tracer.rb +1 -1
data/lib/datadog/tracing/span_event.rb +1 -1
data/lib/datadog/version.rb +1 -1
metadata +10 -6

data/lib/datadog/appsec/assets/waf_rules/processors.json CHANGED Viewed

@@ -1,6 +1,57 @@
 [
   {
-    "id": "processor-001",
+    "id": "http-endpoint-fingerprint",
+    "generator": "http_endpoint_fingerprint",
+    "conditions": [
+      {
+        "operator": "exists",
+        "parameters": {
+          "inputs": [
+            {
+              "address": "waf.context.event"
+            },
+            {
+              "address": "server.business_logic.users.login.failure"
+            },
+            {
+              "address": "server.business_logic.users.login.success"
+            }
+          ]
+        }
+      }
+    ],
+    "parameters": {
+      "mappings": [
+        {
+          "method": [
+            {
+              "address": "server.request.method"
+            }
+          ],
+          "uri_raw": [
+            {
+              "address": "server.request.uri.raw"
+            }
+          ],
+          "body": [
+            {
+              "address": "server.request.body"
+            }
+          ],
+          "query": [
+            {
+              "address": "server.request.query"
+            }
+          ],
+          "output": "_dd.appsec.fp.http.endpoint"
+        }
+      ]
+    },
+    "evaluate": false,
+    "output": true
+  },
+  {
+    "id": "extract-content",
     "generator": "extract_schema",
     "conditions": [
       {
@@ -32,10 +83,10 @@
         {
           "inputs": [
             {
-              "address": "server.request.headers.no_cookies"
+              "address": "server.request.cookies"
             }
           ],
-          "output": "_dd.appsec.s.req.headers"
+          "output": "_dd.appsec.s.req.cookies"
         },
         {
           "inputs": [
@@ -56,29 +107,89 @@
         {
           "inputs": [
             {
-              "address": "server.request.cookies"
+              "address": "server.response.body"
             }
           ],
-          "output": "_dd.appsec.s.req.cookies"
+          "output": "_dd.appsec.s.res.body"
         },
         {
           "inputs": [
             {
-              "address": "server.response.headers.no_cookies"
+              "address": "graphql.server.all_resolvers"
             }
           ],
-          "output": "_dd.appsec.s.res.headers"
+          "output": "_dd.appsec.s.graphql.all_resolvers"
         },
         {
           "inputs": [
             {
-              "address": "server.response.body"
+              "address": "graphql.server.resolver"
             }
           ],
-          "output": "_dd.appsec.s.res.body"
+          "output": "_dd.appsec.s.graphql.resolver"
+        }
+      ],
+      "scanners": [
+        {
+          "tags": {
+            "category": "payment"
+          }
+        },
+        {
+          "tags": {
+            "category": "pii"
+          }
+        }
+      ]
+    },
+    "evaluate": false,
+    "output": true
+  },
+  {
+    "id": "extract-headers",
+    "generator": "extract_schema",
+    "conditions": [
+      {
+        "operator": "equals",
+        "parameters": {
+          "inputs": [
+            {
+              "address": "waf.context.processor",
+              "key_path": [
+                "extract-schema"
+              ]
+            }
+          ],
+          "type": "boolean",
+          "value": true
+        }
+      }
+    ],
+    "parameters": {
+      "mappings": [
+        {
+          "inputs": [
+            {
+              "address": "server.request.headers.no_cookies"
+            }
+          ],
+          "output": "_dd.appsec.s.req.headers"
+        },
+        {
+          "inputs": [
+            {
+              "address": "server.response.headers.no_cookies"
+            }
+          ],
+          "output": "_dd.appsec.s.res.headers"
         }
       ],
       "scanners": [
+        {
+          "tags": {
+            "category": "credentials"
+          }
+        },
         {
           "tags": {
             "category": "pii"
@@ -88,5 +199,123 @@
     },
     "evaluate": false,
     "output": true
+  },
+  {
+    "id": "http-header-fingerprint",
+    "generator": "http_header_fingerprint",
+    "conditions": [
+      {
+        "operator": "exists",
+        "parameters": {
+          "inputs": [
+            {
+              "address": "waf.context.event"
+            },
+            {
+              "address": "server.business_logic.users.login.failure"
+            },
+            {
+              "address": "server.business_logic.users.login.success"
+            }
+          ]
+        }
+      }
+    ],
+    "parameters": {
+      "mappings": [
+        {
+          "headers": [
+            {
+              "address": "server.request.headers.no_cookies"
+            }
+          ],
+          "output": "_dd.appsec.fp.http.header"
+        }
+      ]
+    },
+    "evaluate": false,
+    "output": true
+  },
+  {
+    "id": "http-network-fingerprint",
+    "generator": "http_network_fingerprint",
+    "conditions": [
+      {
+        "operator": "exists",
+        "parameters": {
+          "inputs": [
+            {
+              "address": "waf.context.event"
+            },
+            {
+              "address": "server.business_logic.users.login.failure"
+            },
+            {
+              "address": "server.business_logic.users.login.success"
+            }
+          ]
+        }
+      }
+    ],
+    "parameters": {
+      "mappings": [
+        {
+          "headers": [
+            {
+              "address": "server.request.headers.no_cookies"
+            }
+          ],
+          "output": "_dd.appsec.fp.http.network"
+        }
+      ]
+    },
+    "evaluate": false,
+    "output": true
+  },
+  {
+    "id": "session-fingerprint",
+    "generator": "session_fingerprint",
+    "conditions": [
+      {
+        "operator": "exists",
+        "parameters": {
+          "inputs": [
+            {
+              "address": "waf.context.event"
+            },
+            {
+              "address": "server.business_logic.users.login.failure"
+            },
+            {
+              "address": "server.business_logic.users.login.success"
+            }
+          ]
+        }
+      }
+    ],
+    "parameters": {
+      "mappings": [
+        {
+          "cookies": [
+            {
+              "address": "server.request.cookies"
+            }
+          ],
+          "session_id": [
+            {
+              "address": "usr.session_id"
+            }
+          ],
+          "user_id": [
+            {
+              "address": "usr.id"
+            }
+          ],
+          "output": "_dd.appsec.fp.session"
+        }
+      ]
+    },
+    "evaluate": false,
+    "output": true
   }
-]
+]