RubyGems - datadog - Versions diffs - 2.7.1 → 2.17.0 - Mend

datadog 2.7.1 → 2.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (417) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +310 -1
data/ext/datadog_profiling_native_extension/clock_id.h +2 -2
data/ext/datadog_profiling_native_extension/collectors_cpu_and_wall_time_worker.c +66 -56
data/ext/datadog_profiling_native_extension/collectors_discrete_dynamic_sampler.c +1 -1
data/ext/datadog_profiling_native_extension/collectors_discrete_dynamic_sampler.h +1 -1
data/ext/datadog_profiling_native_extension/collectors_idle_sampling_helper.c +16 -16
data/ext/datadog_profiling_native_extension/collectors_stack.c +10 -10
data/ext/datadog_profiling_native_extension/collectors_stack.h +2 -2
data/ext/datadog_profiling_native_extension/collectors_thread_context.c +314 -145
data/ext/datadog_profiling_native_extension/datadog_ruby_common.c +1 -4
data/ext/datadog_profiling_native_extension/datadog_ruby_common.h +10 -0
data/ext/datadog_profiling_native_extension/encoded_profile.c +79 -0
data/ext/datadog_profiling_native_extension/encoded_profile.h +8 -0
data/ext/datadog_profiling_native_extension/extconf.rb +7 -8
data/ext/datadog_profiling_native_extension/gvl_profiling_helper.c +2 -0
data/ext/datadog_profiling_native_extension/gvl_profiling_helper.h +0 -8
data/ext/datadog_profiling_native_extension/heap_recorder.c +61 -174
data/ext/datadog_profiling_native_extension/heap_recorder.h +2 -2
data/ext/datadog_profiling_native_extension/http_transport.c +64 -98
data/ext/datadog_profiling_native_extension/private_vm_api_access.c +68 -1
data/ext/datadog_profiling_native_extension/private_vm_api_access.h +10 -1
data/ext/datadog_profiling_native_extension/profiling.c +19 -8
data/ext/datadog_profiling_native_extension/ruby_helpers.c +8 -8
data/ext/datadog_profiling_native_extension/stack_recorder.c +84 -131
data/ext/datadog_profiling_native_extension/stack_recorder.h +2 -2
data/ext/datadog_profiling_native_extension/time_helpers.h +1 -1
data/ext/datadog_profiling_native_extension/unsafe_api_calls_check.c +47 -0
data/ext/datadog_profiling_native_extension/unsafe_api_calls_check.h +31 -0
data/ext/libdatadog_api/crashtracker.c +17 -15
data/ext/libdatadog_api/crashtracker.h +5 -0
data/ext/libdatadog_api/datadog_ruby_common.c +1 -4
data/ext/libdatadog_api/datadog_ruby_common.h +10 -0
data/ext/libdatadog_api/init.c +15 -0
data/ext/libdatadog_api/library_config.c +122 -0
data/ext/libdatadog_api/library_config.h +19 -0
data/ext/libdatadog_api/macos_development.md +3 -3
data/ext/libdatadog_api/process_discovery.c +117 -0
data/ext/libdatadog_api/process_discovery.h +5 -0
data/ext/libdatadog_extconf_helpers.rb +1 -1
data/lib/datadog/appsec/actions_handler/serializable_backtrace.rb +89 -0
data/lib/datadog/appsec/actions_handler.rb +49 -0
data/lib/datadog/appsec/anonymizer.rb +16 -0
data/lib/datadog/appsec/api_security/lru_cache.rb +49 -0
data/lib/datadog/appsec/api_security.rb +9 -0
data/lib/datadog/appsec/assets/waf_rules/README.md +50 -5
data/lib/datadog/appsec/assets/waf_rules/processors.json +239 -10
data/lib/datadog/appsec/assets/waf_rules/recommended.json +355 -157
data/lib/datadog/appsec/assets/waf_rules/scanners.json +926 -17
data/lib/datadog/appsec/assets/waf_rules/strict.json +62 -32
data/lib/datadog/appsec/autoload.rb +1 -1
data/lib/datadog/appsec/component.rb +41 -33
data/lib/datadog/appsec/compressed_json.rb +40 -0
data/lib/datadog/appsec/configuration/settings.rb +152 -25
data/lib/datadog/appsec/context.rb +74 -0
data/lib/datadog/appsec/contrib/active_record/instrumentation.rb +92 -0
data/lib/datadog/appsec/contrib/active_record/integration.rb +41 -0
data/lib/datadog/appsec/contrib/active_record/patcher.rb +101 -0
data/lib/datadog/appsec/contrib/auto_instrument.rb +1 -1
data/lib/datadog/appsec/contrib/devise/configuration.rb +52 -0
data/lib/datadog/appsec/contrib/devise/data_extractor.rb +78 -0
data/lib/datadog/appsec/contrib/devise/ext.rb +22 -0
data/lib/datadog/appsec/contrib/devise/integration.rb +1 -2
data/lib/datadog/appsec/contrib/devise/patcher.rb +33 -25
data/lib/datadog/appsec/contrib/devise/patches/signin_tracking_patch.rb +102 -0
data/lib/datadog/appsec/contrib/devise/patches/signup_tracking_patch.rb +69 -0
data/lib/datadog/appsec/contrib/devise/{patcher/rememberable_patch.rb → patches/skip_signin_tracking_patch.rb} +3 -3
data/lib/datadog/appsec/contrib/devise/tracking_middleware.rb +106 -0
data/lib/datadog/appsec/contrib/excon/integration.rb +41 -0
data/lib/datadog/appsec/contrib/excon/patcher.rb +28 -0
data/lib/datadog/appsec/contrib/excon/ssrf_detection_middleware.rb +42 -0
data/lib/datadog/appsec/contrib/faraday/connection_patch.rb +22 -0
data/lib/datadog/appsec/contrib/faraday/integration.rb +42 -0
data/lib/datadog/appsec/contrib/faraday/patcher.rb +53 -0
data/lib/datadog/appsec/contrib/faraday/rack_builder_patch.rb +22 -0
data/lib/datadog/appsec/contrib/faraday/ssrf_detection_middleware.rb +41 -0
data/lib/datadog/appsec/contrib/graphql/appsec_trace.rb +1 -7
data/lib/datadog/appsec/contrib/graphql/gateway/watcher.rb +17 -30
data/lib/datadog/appsec/contrib/graphql/integration.rb +1 -1
data/lib/datadog/appsec/contrib/graphql/patcher.rb +0 -3
data/lib/datadog/appsec/contrib/rack/ext.rb +34 -0
data/lib/datadog/appsec/contrib/rack/gateway/response.rb +3 -3
data/lib/datadog/appsec/contrib/rack/gateway/watcher.rb +78 -98
data/lib/datadog/appsec/contrib/rack/integration.rb +1 -1
data/lib/datadog/appsec/contrib/rack/patcher.rb +0 -3
data/lib/datadog/appsec/contrib/rack/request_body_middleware.rb +10 -11
data/lib/datadog/appsec/contrib/rack/request_middleware.rb +52 -68
data/lib/datadog/appsec/contrib/rails/gateway/watcher.rb +16 -33
data/lib/datadog/appsec/contrib/rails/integration.rb +1 -1
data/lib/datadog/appsec/contrib/rails/patcher.rb +25 -38
data/lib/datadog/appsec/contrib/rest_client/integration.rb +45 -0
data/lib/datadog/appsec/contrib/rest_client/patcher.rb +28 -0
data/lib/datadog/appsec/contrib/rest_client/request_ssrf_detection_patch.rb +38 -0
data/lib/datadog/appsec/contrib/sinatra/gateway/watcher.rb +31 -68
data/lib/datadog/appsec/contrib/sinatra/integration.rb +1 -1
data/lib/datadog/appsec/contrib/sinatra/patcher.rb +5 -31
data/lib/datadog/appsec/event.rb +96 -135
data/lib/datadog/appsec/ext.rb +12 -3
data/lib/datadog/appsec/instrumentation/gateway/argument.rb +7 -2
data/lib/datadog/appsec/instrumentation/gateway/middleware.rb +24 -0
data/lib/datadog/appsec/instrumentation/gateway.rb +17 -22
data/lib/datadog/appsec/metrics/collector.rb +38 -0
data/lib/datadog/appsec/metrics/exporter.rb +35 -0
data/lib/datadog/appsec/metrics/telemetry.rb +23 -0
data/lib/datadog/appsec/metrics.rb +13 -0
data/lib/datadog/appsec/monitor/gateway/watcher.rb +52 -32
data/lib/datadog/appsec/processor/rule_loader.rb +26 -31
data/lib/datadog/appsec/processor/rule_merger.rb +7 -6
data/lib/datadog/appsec/processor.rb +5 -4
data/lib/datadog/appsec/remote.rb +26 -12
data/lib/datadog/appsec/response.rb +19 -85
data/lib/datadog/appsec/security_engine/result.rb +67 -0
data/lib/datadog/appsec/security_engine/runner.rb +88 -0
data/lib/datadog/appsec/security_engine.rb +9 -0
data/lib/datadog/appsec/security_event.rb +39 -0
data/lib/datadog/appsec/utils.rb +0 -2
data/lib/datadog/appsec.rb +23 -10
data/lib/datadog/auto_instrument.rb +3 -0
data/lib/datadog/core/buffer/random.rb +18 -2
data/lib/datadog/core/configuration/agent_settings_resolver.rb +42 -14
data/lib/datadog/core/configuration/agentless_settings_resolver.rb +176 -0
data/lib/datadog/core/configuration/components.rb +76 -32
data/lib/datadog/core/configuration/components_state.rb +23 -0
data/lib/datadog/core/configuration/ext.rb +5 -1
data/lib/datadog/core/configuration/option.rb +79 -43
data/lib/datadog/core/configuration/option_definition.rb +6 -4
data/lib/datadog/core/configuration/options.rb +3 -3
data/lib/datadog/core/configuration/settings.rb +100 -41
data/lib/datadog/core/configuration/stable_config.rb +23 -0
data/lib/datadog/core/configuration.rb +43 -11
data/lib/datadog/{tracing → core}/contrib/rails/utils.rb +1 -3
data/lib/datadog/core/crashtracking/component.rb +4 -13
data/lib/datadog/core/diagnostics/environment_logger.rb +1 -1
data/lib/datadog/core/encoding.rb +17 -1
data/lib/datadog/core/environment/agent_info.rb +78 -0
data/lib/datadog/core/environment/cgroup.rb +10 -12
data/lib/datadog/core/environment/container.rb +38 -40
data/lib/datadog/core/environment/ext.rb +6 -6
data/lib/datadog/core/environment/git.rb +1 -0
data/lib/datadog/core/environment/identity.rb +3 -3
data/lib/datadog/core/environment/platform.rb +3 -3
data/lib/datadog/core/environment/variable_helpers.rb +1 -1
data/lib/datadog/core/error.rb +11 -9
data/lib/datadog/core/logger.rb +2 -2
data/lib/datadog/core/metrics/client.rb +27 -27
data/lib/datadog/core/metrics/logging.rb +5 -5
data/lib/datadog/core/process_discovery.rb +32 -0
data/lib/datadog/core/rate_limiter.rb +4 -2
data/lib/datadog/core/remote/client/capabilities.rb +6 -0
data/lib/datadog/core/remote/client.rb +107 -92
data/lib/datadog/core/remote/component.rb +18 -19
data/lib/datadog/core/remote/configuration/digest.rb +7 -7
data/lib/datadog/core/remote/configuration/path.rb +1 -1
data/lib/datadog/core/remote/configuration/repository.rb +2 -1
data/lib/datadog/core/remote/negotiation.rb +9 -9
data/lib/datadog/core/remote/transport/config.rb +4 -3
data/lib/datadog/core/remote/transport/http/api.rb +13 -18
data/lib/datadog/core/remote/transport/http/client.rb +5 -4
data/lib/datadog/core/remote/transport/http/config.rb +27 -55
data/lib/datadog/core/remote/transport/http/negotiation.rb +8 -51
data/lib/datadog/core/remote/transport/http.rb +25 -94
data/lib/datadog/core/remote/transport/negotiation.rb +17 -4
data/lib/datadog/core/remote/worker.rb +10 -7
data/lib/datadog/core/runtime/metrics.rb +12 -5
data/lib/datadog/core/telemetry/component.rb +84 -49
data/lib/datadog/core/telemetry/emitter.rb +23 -11
data/lib/datadog/core/telemetry/event/app_client_configuration_change.rb +65 -0
data/lib/datadog/core/telemetry/event/app_closing.rb +18 -0
data/lib/datadog/core/telemetry/event/app_dependencies_loaded.rb +33 -0
data/lib/datadog/core/telemetry/event/app_heartbeat.rb +18 -0
data/lib/datadog/core/telemetry/event/app_integrations_change.rb +58 -0
data/lib/datadog/core/telemetry/event/app_started.rb +179 -0
data/lib/datadog/core/telemetry/event/base.rb +40 -0
data/lib/datadog/core/telemetry/event/distributions.rb +18 -0
data/lib/datadog/core/telemetry/event/generate_metrics.rb +43 -0
data/lib/datadog/core/telemetry/event/log.rb +76 -0
data/lib/datadog/core/telemetry/event/message_batch.rb +42 -0
data/lib/datadog/core/telemetry/event/synth_app_client_configuration_change.rb +43 -0
data/lib/datadog/core/telemetry/event.rb +17 -383
data/lib/datadog/core/telemetry/ext.rb +1 -0
data/lib/datadog/core/telemetry/http/adapters/net.rb +12 -97
data/lib/datadog/core/telemetry/logger.rb +1 -1
data/lib/datadog/core/telemetry/logging.rb +2 -2
data/lib/datadog/core/telemetry/metric.rb +28 -6
data/lib/datadog/core/telemetry/request.rb +4 -4
data/lib/datadog/core/telemetry/transport/http/api.rb +43 -0
data/lib/datadog/core/telemetry/transport/http/client.rb +49 -0
data/lib/datadog/core/telemetry/transport/http/telemetry.rb +92 -0
data/lib/datadog/core/telemetry/transport/http.rb +63 -0
data/lib/datadog/core/telemetry/transport/telemetry.rb +51 -0
data/lib/datadog/core/telemetry/worker.rb +128 -25
data/lib/datadog/core/transport/http/adapters/test.rb +2 -1
data/lib/datadog/core/transport/http/adapters/unix_socket.rb +1 -1
data/lib/datadog/{tracing → core}/transport/http/api/instance.rb +18 -1
data/lib/datadog/core/transport/http/api/spec.rb +36 -0
data/lib/datadog/{tracing → core}/transport/http/builder.rb +53 -31
data/lib/datadog/core/transport/http.rb +75 -0
data/lib/datadog/core/transport/response.rb +4 -0
data/lib/datadog/core/utils/at_fork_monkey_patch.rb +6 -6
data/lib/datadog/core/utils/duration.rb +32 -32
data/lib/datadog/core/utils/forking.rb +2 -2
data/lib/datadog/core/utils/network.rb +6 -6
data/lib/datadog/core/utils/only_once_successful.rb +16 -5
data/lib/datadog/core/utils/time.rb +20 -0
data/lib/datadog/core/utils/truncation.rb +21 -0
data/lib/datadog/core/vendor/multipart-post/multipart/post/composite_read_io.rb +1 -1
data/lib/datadog/core/vendor/multipart-post/multipart/post/multipartable.rb +8 -8
data/lib/datadog/core/vendor/multipart-post/multipart/post/parts.rb +7 -7
data/lib/datadog/core/worker.rb +1 -1
data/lib/datadog/core/workers/async.rb +29 -12
data/lib/datadog/core/workers/interval_loop.rb +12 -1
data/lib/datadog/core/workers/runtime_metrics.rb +2 -2
data/lib/datadog/core.rb +8 -0
data/lib/datadog/di/base.rb +115 -0
data/lib/datadog/di/boot.rb +34 -0
data/lib/datadog/di/code_tracker.rb +26 -15
data/lib/datadog/di/component.rb +23 -14
data/lib/datadog/di/configuration/settings.rb +25 -1
data/lib/datadog/di/contrib/active_record.rb +1 -0
data/lib/datadog/di/contrib/railtie.rb +15 -0
data/lib/datadog/di/contrib.rb +28 -0
data/lib/datadog/di/error.rb +5 -0
data/lib/datadog/di/instrumenter.rb +111 -20
data/lib/datadog/di/logger.rb +30 -0
data/lib/datadog/di/preload.rb +18 -0
data/lib/datadog/di/probe.rb +14 -7
data/lib/datadog/di/probe_builder.rb +1 -0
data/lib/datadog/di/probe_manager.rb +11 -5
data/lib/datadog/di/probe_notification_builder.rb +34 -8
data/lib/datadog/di/probe_notifier_worker.rb +52 -26
data/lib/datadog/di/redactor.rb +0 -1
data/lib/datadog/di/remote.rb +147 -0
data/lib/datadog/di/serializer.rb +14 -7
data/lib/datadog/di/transport/diagnostics.rb +62 -0
data/lib/datadog/di/transport/http/api.rb +42 -0
data/lib/datadog/di/transport/http/client.rb +47 -0
data/lib/datadog/di/transport/http/diagnostics.rb +65 -0
data/lib/datadog/di/transport/http/input.rb +67 -0
data/lib/datadog/di/transport/http.rb +57 -0
data/lib/datadog/di/transport/input.rb +62 -0
data/lib/datadog/di/utils.rb +103 -0
data/lib/datadog/di.rb +14 -76
data/lib/datadog/error_tracking/collector.rb +87 -0
data/lib/datadog/error_tracking/component.rb +167 -0
data/lib/datadog/error_tracking/configuration/settings.rb +63 -0
data/lib/datadog/error_tracking/configuration.rb +11 -0
data/lib/datadog/error_tracking/ext.rb +18 -0
data/lib/datadog/error_tracking/extensions.rb +16 -0
data/lib/datadog/error_tracking/filters.rb +77 -0
data/lib/datadog/error_tracking.rb +18 -0
data/lib/datadog/kit/appsec/events.rb +15 -3
data/lib/datadog/kit/identity.rb +9 -5
data/lib/datadog/opentelemetry/api/baggage.rb +90 -0
data/lib/datadog/opentelemetry/api/baggage.rbs +26 -0
data/lib/datadog/opentelemetry/api/context.rb +16 -2
data/lib/datadog/opentelemetry/sdk/trace/span.rb +1 -1
data/lib/datadog/opentelemetry.rb +2 -1
data/lib/datadog/profiling/collectors/code_provenance.rb +1 -1
data/lib/datadog/profiling/collectors/info.rb +3 -0
data/lib/datadog/profiling/collectors/thread_context.rb +1 -1
data/lib/datadog/profiling/component.rb +60 -76
data/lib/datadog/profiling/encoded_profile.rb +11 -0
data/lib/datadog/profiling/exporter.rb +3 -4
data/lib/datadog/profiling/ext.rb +0 -2
data/lib/datadog/profiling/flush.rb +5 -8
data/lib/datadog/profiling/http_transport.rb +6 -85
data/lib/datadog/profiling/load_native_extension.rb +1 -33
data/lib/datadog/profiling/scheduler.rb +8 -1
data/lib/datadog/profiling/stack_recorder.rb +4 -4
data/lib/datadog/profiling/tag_builder.rb +1 -5
data/lib/datadog/profiling.rb +6 -2
data/lib/datadog/tracing/analytics.rb +1 -1
data/lib/datadog/tracing/component.rb +16 -12
data/lib/datadog/tracing/configuration/ext.rb +8 -1
data/lib/datadog/tracing/configuration/settings.rb +22 -10
data/lib/datadog/tracing/context_provider.rb +1 -1
data/lib/datadog/tracing/contrib/action_cable/integration.rb +5 -2
data/lib/datadog/tracing/contrib/action_mailer/integration.rb +6 -2
data/lib/datadog/tracing/contrib/action_pack/integration.rb +5 -2
data/lib/datadog/tracing/contrib/action_view/integration.rb +5 -2
data/lib/datadog/tracing/contrib/active_job/integration.rb +5 -2
data/lib/datadog/tracing/contrib/active_record/integration.rb +7 -3
data/lib/datadog/tracing/contrib/active_support/cache/events/cache.rb +7 -2
data/lib/datadog/tracing/contrib/active_support/cache/instrumentation.rb +36 -1
data/lib/datadog/tracing/contrib/active_support/cache/patcher.rb +4 -0
data/lib/datadog/tracing/contrib/active_support/cache/redis.rb +14 -4
data/lib/datadog/tracing/contrib/active_support/configuration/settings.rb +10 -0
data/lib/datadog/tracing/contrib/active_support/integration.rb +5 -2
data/lib/datadog/tracing/contrib/auto_instrument.rb +2 -2
data/lib/datadog/tracing/contrib/aws/instrumentation.rb +10 -0
data/lib/datadog/tracing/contrib/aws/integration.rb +3 -0
data/lib/datadog/tracing/contrib/aws/parsed_context.rb +5 -1
data/lib/datadog/tracing/contrib/concurrent_ruby/integration.rb +3 -0
data/lib/datadog/tracing/contrib/configuration/settings.rb +1 -1
data/lib/datadog/tracing/contrib/elasticsearch/configuration/settings.rb +4 -0
data/lib/datadog/tracing/contrib/elasticsearch/patcher.rb +6 -1
data/lib/datadog/tracing/contrib/ethon/easy_patch.rb +4 -5
data/lib/datadog/tracing/contrib/excon/middleware.rb +5 -3
data/lib/datadog/tracing/contrib/ext.rb +1 -0
data/lib/datadog/tracing/contrib/extensions.rb +29 -3
data/lib/datadog/tracing/contrib/faraday/middleware.rb +5 -3
data/lib/datadog/tracing/contrib/graphql/configuration/error_extension_env_parser.rb +21 -0
data/lib/datadog/tracing/contrib/graphql/configuration/settings.rb +11 -0
data/lib/datadog/tracing/contrib/graphql/ext.rb +5 -0
data/lib/datadog/tracing/contrib/graphql/unified_trace.rb +102 -11
data/lib/datadog/tracing/contrib/grpc/datadog_interceptor/client.rb +7 -1
data/lib/datadog/tracing/contrib/grpc/distributed/propagation.rb +3 -0
data/lib/datadog/tracing/contrib/http/circuit_breaker.rb +0 -15
data/lib/datadog/tracing/contrib/http/distributed/propagation.rb +4 -1
data/lib/datadog/tracing/contrib/http/instrumentation.rb +6 -10
data/lib/datadog/tracing/contrib/http/integration.rb +3 -0
data/lib/datadog/tracing/contrib/httpclient/instrumentation.rb +6 -16
data/lib/datadog/tracing/contrib/httprb/instrumentation.rb +7 -15
data/lib/datadog/tracing/contrib/httprb/integration.rb +3 -0
data/lib/datadog/tracing/contrib/kafka/integration.rb +3 -0
data/lib/datadog/tracing/contrib/karafka/configuration/settings.rb +27 -0
data/lib/datadog/tracing/contrib/karafka/distributed/propagation.rb +48 -0
data/lib/datadog/tracing/contrib/karafka/ext.rb +27 -0
data/lib/datadog/tracing/contrib/karafka/integration.rb +45 -0
data/lib/datadog/tracing/contrib/karafka/monitor.rb +66 -0
data/lib/datadog/tracing/contrib/karafka/patcher.rb +71 -0
data/lib/datadog/tracing/contrib/karafka.rb +37 -0
data/lib/datadog/tracing/contrib/mongodb/configuration/settings.rb +8 -0
data/lib/datadog/tracing/contrib/mongodb/ext.rb +1 -0
data/lib/datadog/tracing/contrib/mongodb/integration.rb +3 -0
data/lib/datadog/tracing/contrib/mongodb/subscribers.rb +18 -1
data/lib/datadog/tracing/contrib/opensearch/configuration/settings.rb +17 -0
data/lib/datadog/tracing/contrib/opensearch/ext.rb +9 -0
data/lib/datadog/tracing/contrib/opensearch/integration.rb +3 -0
data/lib/datadog/tracing/contrib/opensearch/patcher.rb +5 -1
data/lib/datadog/tracing/contrib/patcher.rb +5 -2
data/lib/datadog/tracing/contrib/presto/integration.rb +3 -0
data/lib/datadog/tracing/contrib/rack/header_collection.rb +11 -1
data/lib/datadog/tracing/contrib/rack/integration.rb +2 -2
data/lib/datadog/tracing/contrib/rack/middlewares.rb +1 -1
data/lib/datadog/tracing/contrib/rack/request_queue.rb +1 -1
data/lib/datadog/tracing/contrib/rails/framework.rb +2 -2
data/lib/datadog/tracing/contrib/rails/patcher.rb +1 -1
data/lib/datadog/tracing/contrib/rest_client/integration.rb +3 -0
data/lib/datadog/tracing/contrib/rest_client/request_patch.rb +5 -3
data/lib/datadog/tracing/contrib/sidekiq/client_tracer.rb +6 -1
data/lib/datadog/tracing/contrib/sidekiq/distributed/propagation.rb +3 -0
data/lib/datadog/tracing/contrib/sidekiq/server_tracer.rb +1 -1
data/lib/datadog/tracing/contrib/span_attribute_schema.rb +6 -1
data/lib/datadog/tracing/contrib/support.rb +28 -0
data/lib/datadog/tracing/contrib.rb +1 -0
data/lib/datadog/tracing/correlation.rb +9 -2
data/lib/datadog/tracing/distributed/b3_multi.rb +1 -1
data/lib/datadog/tracing/distributed/b3_single.rb +1 -1
data/lib/datadog/tracing/distributed/baggage.rb +131 -0
data/lib/datadog/tracing/distributed/datadog.rb +4 -2
data/lib/datadog/tracing/distributed/propagation.rb +25 -4
data/lib/datadog/tracing/distributed/propagation_policy.rb +42 -0
data/lib/datadog/tracing/metadata/errors.rb +4 -4
data/lib/datadog/tracing/metadata/ext.rb +5 -0
data/lib/datadog/tracing/metadata/metastruct.rb +36 -0
data/lib/datadog/tracing/metadata/metastruct_tagging.rb +42 -0
data/lib/datadog/tracing/metadata.rb +2 -0
data/lib/datadog/tracing/sampling/rate_sampler.rb +2 -1
data/lib/datadog/tracing/sampling/span/rule.rb +0 -1
data/lib/datadog/tracing/span.rb +22 -5
data/lib/datadog/tracing/span_event.rb +124 -4
data/lib/datadog/tracing/span_operation.rb +52 -16
data/lib/datadog/tracing/sync_writer.rb +9 -5
data/lib/datadog/tracing/trace_digest.rb +9 -2
data/lib/datadog/tracing/trace_operation.rb +44 -24
data/lib/datadog/tracing/trace_segment.rb +6 -4
data/lib/datadog/tracing/tracer.rb +60 -12
data/lib/datadog/tracing/transport/http/api.rb +5 -4
data/lib/datadog/tracing/transport/http/client.rb +5 -4
data/lib/datadog/tracing/transport/http/traces.rb +13 -44
data/lib/datadog/tracing/transport/http.rb +13 -70
data/lib/datadog/tracing/transport/serializable_trace.rb +31 -7
data/lib/datadog/tracing/transport/trace_formatter.rb +7 -0
data/lib/datadog/tracing/transport/traces.rb +47 -13
data/lib/datadog/tracing/utils.rb +1 -1
data/lib/datadog/tracing/workers/trace_writer.rb +8 -5
data/lib/datadog/tracing/workers.rb +5 -4
data/lib/datadog/tracing/writer.rb +10 -6
data/lib/datadog/tracing.rb +16 -3
data/lib/datadog/version.rb +2 -2
data/lib/datadog.rb +2 -0
metadata +143 -50
data/ext/datadog_profiling_loader/datadog_profiling_loader.c +0 -142
data/ext/datadog_profiling_loader/extconf.rb +0 -60
data/lib/datadog/appsec/contrib/devise/event.rb +0 -57
data/lib/datadog/appsec/contrib/devise/patcher/authenticatable_patch.rb +0 -77
data/lib/datadog/appsec/contrib/devise/patcher/registration_controller_patch.rb +0 -54
data/lib/datadog/appsec/contrib/devise/resource.rb +0 -35
data/lib/datadog/appsec/contrib/devise/tracking.rb +0 -57
data/lib/datadog/appsec/contrib/graphql/reactive/multiplex.rb +0 -46
data/lib/datadog/appsec/contrib/patcher.rb +0 -12
data/lib/datadog/appsec/contrib/rack/reactive/request.rb +0 -69
data/lib/datadog/appsec/contrib/rack/reactive/request_body.rb +0 -47
data/lib/datadog/appsec/contrib/rack/reactive/response.rb +0 -53
data/lib/datadog/appsec/contrib/rails/reactive/action.rb +0 -53
data/lib/datadog/appsec/contrib/sinatra/ext.rb +0 -14
data/lib/datadog/appsec/contrib/sinatra/reactive/routed.rb +0 -48
data/lib/datadog/appsec/monitor/reactive/set_user.rb +0 -45
data/lib/datadog/appsec/processor/actions.rb +0 -49
data/lib/datadog/appsec/processor/context.rb +0 -107
data/lib/datadog/appsec/reactive/address_hash.rb +0 -22
data/lib/datadog/appsec/reactive/engine.rb +0 -47
data/lib/datadog/appsec/reactive/operation.rb +0 -68
data/lib/datadog/appsec/reactive/subscriber.rb +0 -19
data/lib/datadog/appsec/scope.rb +0 -58
data/lib/datadog/appsec/utils/trace_operation.rb +0 -15
data/lib/datadog/core/crashtracking/agent_base_url.rb +0 -21
data/lib/datadog/core/remote/transport/http/api/instance.rb +0 -39
data/lib/datadog/core/remote/transport/http/api/spec.rb +0 -21
data/lib/datadog/core/remote/transport/http/builder.rb +0 -219
data/lib/datadog/core/telemetry/http/env.rb +0 -20
data/lib/datadog/core/telemetry/http/ext.rb +0 -28
data/lib/datadog/core/telemetry/http/response.rb +0 -70
data/lib/datadog/core/telemetry/http/transport.rb +0 -90
data/lib/datadog/di/transport.rb +0 -81
data/lib/datadog/tracing/transport/http/api/spec.rb +0 -19

data/lib/datadog/appsec/configuration/settings.rb CHANGED Viewed

@@ -12,14 +12,29 @@ module Datadog
         DEFAULT_OBFUSCATOR_KEY_REGEX = '(?i)pass|pw(?:or)?d|secret|(?:api|private|public|access)[_-]?key|token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)|bearer|authorization|jsessionid|phpsessid|asp\.net[_-]sessionid|sid|jwt'
         DEFAULT_OBFUSCATOR_VALUE_REGEX = '(?i)(?:p(?:ass)?w(?:or)?d|pass(?:[_-]?phrase)?|secret(?:[_-]?key)?|(?:(?:api|private|public|access)[_-]?)key(?:[_-]?id)?|(?:(?:auth|access|id|refresh)[_-]?)?token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?|jsessionid|phpsessid|asp\.net(?:[_-]|-)sessionid|sid|jwt)(?:\s*=[^;]|"\s*:\s*"[^"]+")|bearer\s+[a-z0-9\._\-]+|token:[a-z0-9]{13}|gh[opsu]_[0-9a-zA-Z]{36}|ey[I-L][\w=-]+\.ey[I-L][\w=-]+(?:\.[\w.+\/=-]+)?|[\-]{5}BEGIN[a-z\s]+PRIVATE\sKEY[\-]{5}[^\-]+[\-]{5}END[a-z\s]+PRIVATE\sKEY|ssh-rsa\s*[a-z0-9\/\.+]{100,}'
         # rubocop:enable Layout/LineLength
+        DISABLED_AUTO_USER_INSTRUMENTATION_MODE = 'disabled'
+        ANONYMIZATION_AUTO_USER_INSTRUMENTATION_MODE = 'anonymization'
+        IDENTIFICATION_AUTO_USER_INSTRUMENTATION_MODE = 'identification'
+        AUTO_USER_INSTRUMENTATION_MODES = [
+          DISABLED_AUTO_USER_INSTRUMENTATION_MODE,
+          ANONYMIZATION_AUTO_USER_INSTRUMENTATION_MODE,
+          IDENTIFICATION_AUTO_USER_INSTRUMENTATION_MODE
+        ].freeze
+        AUTO_USER_INSTRUMENTATION_MODES_ALIASES = {
+          'ident' => IDENTIFICATION_AUTO_USER_INSTRUMENTATION_MODE,
+          'anon' => ANONYMIZATION_AUTO_USER_INSTRUMENTATION_MODE,
+        }.freeze
+        # NOTE: These two constants are deprecated
+        SAFE_TRACK_USER_EVENTS_MODE = 'safe'
+        EXTENDED_TRACK_USER_EVENTS_MODE = 'extended'
         APPSEC_VALID_TRACK_USER_EVENTS_MODE = [
-          'safe',
-          'extended'
+          SAFE_TRACK_USER_EVENTS_MODE, EXTENDED_TRACK_USER_EVENTS_MODE
         ].freeze
-        APPSEC_VALID_TRACK_USER_EVENTS_ENABLED_VALUES = [
-          '1',
-          'true'
-        ].concat(APPSEC_VALID_TRACK_USER_EVENTS_MODE).freeze
+        APPSEC_VALID_TRACK_USER_EVENTS_ENABLED_VALUES = ['1', 'true'].concat(
+          APPSEC_VALID_TRACK_USER_EVENTS_MODE
+        ).freeze
         def self.extended(base)
           base = base.singleton_class unless base.is_a?(Class)
@@ -49,6 +64,15 @@ module Datadog
                 end
               end
+              # RASP or Runtime Application Self-Protection
+              # is a collection of techniques and heuristics aimed at detecting malicious inputs and preventing
+              # any potential side-effects on the application resulting from the use of said malicious inputs.
+              option :rasp_enabled do |o|
+                o.type :bool, nilable: true
+                o.env 'DD_APPSEC_RASP_ENABLED'
+                o.default true
+              end
               option :ruleset do |o|
                 o.env 'DD_APPSEC_RULES'
                 o.default :recommended
@@ -107,9 +131,12 @@ module Datadog
                     o.type :string, nilable: true
                     o.setter do |value|
                       if value
-                        raise(ArgumentError, "appsec.templates.html: file not found: #{value}") unless File.exist?(value)
+                        unless File.exist?(value)
+                          raise(ArgumentError,
+                            "appsec.templates.html: file not found: #{value}")
+                        end
-                        File.open(value, 'rb', &:read) || ''
+                        File.binread(value) || ''
                       end
                     end
                   end
@@ -119,9 +146,12 @@ module Datadog
                     o.type :string, nilable: true
                     o.setter do |value|
                       if value
-                        raise(ArgumentError, "appsec.templates.json: file not found: #{value}") unless File.exist?(value)
+                        unless File.exist?(value)
+                          raise(ArgumentError,
+                            "appsec.templates.json: file not found: #{value}")
+                        end
-                        File.open(value, 'rb', &:read) || ''
+                        File.binread(value) || ''
                       end
                     end
                   end
@@ -131,15 +161,101 @@ module Datadog
                     o.type :string, nilable: true
                     o.setter do |value|
                       if value
-                        raise(ArgumentError, "appsec.templates.text: file not found: #{value}") unless File.exist?(value)
+                        unless File.exist?(value)
+                          raise(ArgumentError,
+                            "appsec.templates.text: file not found: #{value}")
+                        end
-                        File.open(value, 'rb', &:read) || ''
+                        File.binread(value) || ''
                       end
                     end
                   end
                 end
               end
+              settings :stack_trace do
+                option :enabled do |o|
+                  o.type :bool
+                  o.env 'DD_APPSEC_STACK_TRACE_ENABLED'
+                  o.default true
+                end
+                # The maximum number of stack trace frames to collect for each stack trace.
+                #
+                # If the stack trace exceeds this limit, the frames are dropped from the middle of the stack trace:
+                # 75% of the frames are kept from the top of the stack trace and 25% from the bottom
+                # (this percentage is also configurable).
+                #
+                # Minimum value is 10.
+                # Set to zero if you don't want any frames to be dropped.
+                #
+                # Default value is 32
+                option :max_depth do |o|
+                  o.type :int
+                  o.env 'DD_APPSEC_MAX_STACK_TRACE_DEPTH'
+                  o.default 32
+                  o.setter do |value|
+                    value = 0 if value < 0
+                    value
+                  end
+                end
+                # The percentage of frames to keep from the top of the stack trace.
+                #
+                # Default value is 75
+                option :top_percentage do |o|
+                  o.type :int
+                  o.env 'DD_APPSEC_MAX_STACK_TRACE_DEPTH_TOP_PERCENT'
+                  o.default 75
+                  o.setter do |value|
+                    value = 100 if value > 100
+                    value = 0 if value.negative?
+                    value
+                  end
+                end
+                # Maximum number of stack traces to collect per span.
+                #
+                # Set to zero if you want to collect all stack traces.
+                #
+                # Default value is 2
+                option :max_stack_traces do |o|
+                  o.type :int
+                  o.env 'DD_APPSEC_MAX_STACK_TRACES'
+                  o.default 2
+                  o.setter do |value|
+                    value = 0 if value < 0
+                    value
+                  end
+                end
+              end
+              settings :auto_user_instrumentation do
+                define_method(:enabled?) { get_option(:mode) != DISABLED_AUTO_USER_INSTRUMENTATION_MODE }
+                option :mode do |o|
+                  o.type :string
+                  o.env 'DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE'
+                  o.default IDENTIFICATION_AUTO_USER_INSTRUMENTATION_MODE
+                  o.setter do |value|
+                    mode = AUTO_USER_INSTRUMENTATION_MODES_ALIASES.fetch(value, value)
+                    next mode if AUTO_USER_INSTRUMENTATION_MODES.include?(mode)
+                    Datadog.logger.warn(
+                      'The appsec.auto_user_instrumentation.mode value provided is not supported. ' \
+                      "Supported values are: #{AUTO_USER_INSTRUMENTATION_MODES.join(" | ")}. " \
+                      "Using value: #{DISABLED_AUTO_USER_INSTRUMENTATION_MODE}."
+                    )
+                    DISABLED_AUTO_USER_INSTRUMENTATION_MODE
+                  end
+                end
+              end
+              # DEV-3.0: Remove `track_user_events.enabled` and `track_user_events.mode` options
               settings :track_user_events do
                 option :enabled do |o|
                   o.default true
@@ -152,24 +268,43 @@ module Datadog
                       APPSEC_VALID_TRACK_USER_EVENTS_ENABLED_VALUES.include?(env_value.strip.downcase)
                     end
                   end
+                  o.after_set do |_, _, precedence|
+                    unless precedence == Datadog::Core::Configuration::Option::Precedence::DEFAULT
+                      Core.log_deprecation(key: :appsec_track_user_events_enabled) do
+                        'The appsec.track_user_events.enabled setting is deprecated. ' \
+                        'Please remove it from your Datadog.configure block and use ' \
+                        'appsec.auto_user_instrumentation.mode instead.'
+                      end
+                    end
+                  end
                 end
                 option :mode do |o|
                   o.type :string
                   o.env 'DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING'
-                  o.default 'safe'
+                  o.default SAFE_TRACK_USER_EVENTS_MODE
                   o.setter do |v|
                     if APPSEC_VALID_TRACK_USER_EVENTS_MODE.include?(v)
                       v
                     elsif v == 'disabled'
-                      'safe'
+                      SAFE_TRACK_USER_EVENTS_MODE
                     else
                       Datadog.logger.warn(
                         'The appsec.track_user_events.mode value provided is not supported.' \
-                        'Supported values are: safe | extended.' \
-                        'Using default value `safe`'
+                        "Supported values are: #{APPSEC_VALID_TRACK_USER_EVENTS_MODE.join(" | ")}." \
+                        "Using default value: #{SAFE_TRACK_USER_EVENTS_MODE}."
                       )
-                      'safe'
+                      SAFE_TRACK_USER_EVENTS_MODE
+                    end
+                  end
+                  o.after_set do |_, _, precedence|
+                    unless precedence == Datadog::Core::Configuration::Option::Precedence::DEFAULT
+                      Core.log_deprecation(key: :appsec_track_user_events_mode) do
+                        'The appsec.track_user_events.mode setting is deprecated. ' \
+                        'Please remove it from your Datadog.configure block and use ' \
+                        'appsec.auto_user_instrumentation.mode instead.'
+                      end
                     end
                   end
                 end
@@ -197,14 +332,6 @@ module Datadog
                 o.type :bool, nilable: true
                 o.env 'DD_APPSEC_SCA_ENABLED'
               end
-              settings :standalone do
-                option :enabled do |o|
-                  o.type :bool
-                  o.env 'DD_EXPERIMENTAL_APPSEC_STANDALONE_ENABLED'
-                  o.default false
-                end
-              end
             end
           end
         end

data/lib/datadog/appsec/context.rb ADDED Viewed

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+require_relative 'metrics'
+module Datadog
+  module AppSec
+    # This class accumulates the context over the request life-cycle and exposes
+    # interface sufficient for instrumentation to perform threat detection.
+    class Context
+      ActiveContextError = Class.new(StandardError)
+      attr_reader :trace, :span, :events
+      class << self
+        def activate(context)
+          raise ArgumentError, 'not a Datadog::AppSec::Context' unless context.instance_of?(Context)
+          raise ActiveContextError, 'another context is active, nested contexts are not supported' if active
+          Thread.current[Ext::ACTIVE_CONTEXT_KEY] = context
+        end
+        def deactivate
+          active&.finalize
+        ensure
+          Thread.current[Ext::ACTIVE_CONTEXT_KEY] = nil
+        end
+        def active
+          Thread.current[Ext::ACTIVE_CONTEXT_KEY]
+        end
+      end
+      def initialize(trace, span, security_engine)
+        @trace = trace
+        @span = span
+        @events = []
+        @security_engine = security_engine
+        @waf_runner = security_engine.new_runner
+        @metrics = Metrics::Collector.new
+      end
+      def run_waf(persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
+        result = @waf_runner.run(persistent_data, ephemeral_data, timeout)
+        @metrics.record_waf(result)
+        result
+      end
+      def run_rasp(type, persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
+        result = @waf_runner.run(persistent_data, ephemeral_data, timeout)
+        Metrics::Telemetry.report_rasp(type, result)
+        @metrics.record_rasp(result)
+        result
+      end
+      def extract_schema
+        @waf_runner.run({'waf.context.processor' => {'extract-schema' => true}}, {})
+      end
+      def export_metrics
+        return if @span.nil?
+        Metrics::Exporter.export_waf_metrics(@metrics.waf, @span)
+        Metrics::Exporter.export_rasp_metrics(@metrics.rasp, @span)
+      end
+      def finalize
+        @waf_runner.finalize
+      end
+    end
+  end
+end

data/lib/datadog/appsec/contrib/active_record/instrumentation.rb ADDED Viewed

@@ -0,0 +1,92 @@
+# frozen_string_literal: true
+require_relative '../../event'
+require_relative '../../security_event'
+module Datadog
+  module AppSec
+    module Contrib
+      module ActiveRecord
+        # AppSec module that will be prepended to ActiveRecord adapter
+        module Instrumentation
+          module_function
+          def detect_sql_injection(sql, adapter_name)
+            return unless AppSec.rasp_enabled?
+            context = AppSec.active_context
+            return unless context
+            # libddwaf expects db system to be lowercase,
+            # in case of sqlite adapter, libddwaf expects 'sqlite' as db system
+            db_system = adapter_name.downcase
+            db_system = 'sqlite' if db_system == 'sqlite3'
+            ephemeral_data = {
+              'server.db.statement' => sql,
+              'server.db.system' => db_system
+            }
+            waf_timeout = Datadog.configuration.appsec.waf_timeout
+            result = context.run_rasp(Ext::RASP_SQLI, {}, ephemeral_data, waf_timeout)
+            if result.match?
+              AppSec::Event.tag_and_keep!(context, result)
+              context.events.push(
+                AppSec::SecurityEvent.new(result, trace: context.trace, span: context.span)
+              )
+              AppSec::ActionsHandler.handle(result.actions)
+            end
+          end
+          # patch for mysql2, sqlite3, and postgres+jdbc adapters in ActiveRecord >= 7.1
+          module InternalExecQueryAdapterPatch
+            def internal_exec_query(sql, *args, **rest)
+              Instrumentation.detect_sql_injection(sql, adapter_name)
+              super
+            end
+          end
+          # patch for mysql2, sqlite3, and postgres+jdbc adapters in ActiveRecord < 7.1
+          module ExecQueryAdapterPatch
+            def exec_query(sql, *args, **rest)
+              Instrumentation.detect_sql_injection(sql, adapter_name)
+              super
+            end
+          end
+          # patch for mysql2, sqlite3, and postgres+jdbc db adapters in ActiveRecord 4
+          module Rails4ExecQueryAdapterPatch
+            def exec_query(sql, *args)
+              Instrumentation.detect_sql_injection(sql, adapter_name)
+              super
+            end
+          end
+          # patch for non-jdbc postgres adapter in ActiveRecord > 4
+          module ExecuteAndClearAdapterPatch
+            def execute_and_clear(sql, *args, **rest)
+              Instrumentation.detect_sql_injection(sql, adapter_name)
+              super
+            end
+          end
+          # patch for non-jdbc postgres adapter in ActiveRecord 4
+          module Rails4ExecuteAndClearAdapterPatch
+            def execute_and_clear(sql, name, binds)
+              Instrumentation.detect_sql_injection(sql, adapter_name)
+              super
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/appsec/contrib/active_record/integration.rb ADDED Viewed

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+require_relative '../integration'
+require_relative 'patcher'
+module Datadog
+  module AppSec
+    module Contrib
+      module ActiveRecord
+        # This class provides helper methods that are used when patching ActiveRecord
+        class Integration
+          include Datadog::AppSec::Contrib::Integration
+          MINIMUM_VERSION = Gem::Version.new('4')
+          register_as :active_record, auto_patch: true
+          def self.version
+            Gem.loaded_specs['activerecord']&.version
+          end
+          def self.loaded?
+            !defined?(::ActiveRecord).nil?
+          end
+          def self.compatible?
+            super && version >= MINIMUM_VERSION
+          end
+          def self.auto_instrument?
+            true
+          end
+          def patcher
+            Patcher
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/appsec/contrib/active_record/patcher.rb ADDED Viewed

@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+require_relative 'instrumentation'
+module Datadog
+  module AppSec
+    module Contrib
+      module ActiveRecord
+        # AppSec patcher module for ActiveRecord
+        module Patcher
+          module_function
+          def patched?
+            Patcher.instance_variable_get(:@patched)
+          end
+          def target_version
+            Integration.version
+          end
+          def patch
+            # Rails 7.0 intruduced new on-load hooks for sqlite3 and postgresql adapters
+            # The load hook for mysql2 adapter was introduced in Rails 7.1
+            #
+            # If the adapter is not loaded when the :active_record load hook is called,
+            # we need to add a load hook for the adapter
+            ActiveSupport.on_load :active_record do
+              if defined?(::ActiveRecord::ConnectionAdapters::SQLite3Adapter)
+                ::Datadog::AppSec::Contrib::ActiveRecord::Patcher.patch_sqlite3_adapter
+              else
+                ActiveSupport.on_load :active_record_sqlite3adapter do
+                  ::Datadog::AppSec::Contrib::ActiveRecord::Patcher.patch_sqlite3_adapter
+                end
+              end
+              if defined?(::ActiveRecord::ConnectionAdapters::Mysql2Adapter)
+                ::Datadog::AppSec::Contrib::ActiveRecord::Patcher.patch_mysql2_adapter
+              else
+                ActiveSupport.on_load :active_record_mysql2adapter do
+                  ::Datadog::AppSec::Contrib::ActiveRecord::Patcher.patch_mysql2_adapter
+                end
+              end
+              if defined?(::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter)
+                ::Datadog::AppSec::Contrib::ActiveRecord::Patcher.patch_postgresql_adapter
+              else
+                ActiveSupport.on_load :active_record_postgresqladapter do
+                  ::Datadog::AppSec::Contrib::ActiveRecord::Patcher.patch_postgresql_adapter
+                end
+              end
+            end
+          end
+          def patch_sqlite3_adapter
+            instrumentation_module = if ::ActiveRecord.gem_version >= Gem::Version.new('7.1')
+              Instrumentation::InternalExecQueryAdapterPatch
+            elsif ::ActiveRecord.gem_version.segments.first == 4
+              Instrumentation::Rails4ExecQueryAdapterPatch
+            else
+              Instrumentation::ExecQueryAdapterPatch
+            end
+            ::ActiveRecord::ConnectionAdapters::SQLite3Adapter.prepend(instrumentation_module)
+          end
+          def patch_mysql2_adapter
+            instrumentation_module = if ::ActiveRecord.gem_version >= Gem::Version.new('7.1')
+              Instrumentation::InternalExecQueryAdapterPatch
+            elsif ::ActiveRecord.gem_version.segments.first == 4
+              Instrumentation::Rails4ExecQueryAdapterPatch
+            else
+              Instrumentation::ExecQueryAdapterPatch
+            end
+            ::ActiveRecord::ConnectionAdapters::Mysql2Adapter.prepend(instrumentation_module)
+          end
+          def patch_postgresql_adapter
+            instrumentation_module = if ::ActiveRecord.gem_version.segments.first == 4
+              Instrumentation::Rails4ExecuteAndClearAdapterPatch
+            else
+              Instrumentation::ExecuteAndClearAdapterPatch
+            end
+            if defined?(::ActiveRecord::ConnectionAdapters::JdbcAdapter)
+              instrumentation_module = if ::ActiveRecord.gem_version >= Gem::Version.new('7.1')
+                Instrumentation::InternalExecQueryAdapterPatch
+              elsif ::ActiveRecord.gem_version.segments.first == 4
+                Instrumentation::Rails4ExecQueryAdapterPatch
+              else
+                Instrumentation::ExecQueryAdapterPatch
+              end
+            end
+            ::ActiveRecord::ConnectionAdapters::PostgreSQLAdapter.prepend(instrumentation_module)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/appsec/contrib/auto_instrument.rb CHANGED Viewed

@@ -9,7 +9,7 @@ module Datadog
         def self.patch_all
           integrations = []
-          Datadog::AppSec::Contrib::Integration.registry.each do |_name, integration|
+          Datadog::AppSec::Contrib::Integration.registry.each_value do |integration|
             next unless integration.klass.auto_instrument?
             integrations << integration.name

data/lib/datadog/appsec/contrib/devise/configuration.rb ADDED Viewed

@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+module Datadog
+  module AppSec
+    module Contrib
+      module Devise
+        # A temporary configuration module to accomodate new RFC changes.
+        # NOTE: DEV-3 Remove module
+        module Configuration
+          TRACK_USER_EVENTS_CONVERSION_RULES = {
+            AppSec::Configuration::Settings::SAFE_TRACK_USER_EVENTS_MODE =>
+              AppSec::Configuration::Settings::ANONYMIZATION_AUTO_USER_INSTRUMENTATION_MODE,
+            AppSec::Configuration::Settings::EXTENDED_TRACK_USER_EVENTS_MODE =>
+              AppSec::Configuration::Settings::IDENTIFICATION_AUTO_USER_INSTRUMENTATION_MODE
+          }.freeze
+          module_function
+          # NOTE: DEV-3 Replace method use with `auto_user_instrumentation.enabled?`
+          def auto_user_instrumentation_enabled?
+            appsec = Datadog.configuration.appsec
+            appsec.auto_user_instrumentation.mode
+            unless appsec.auto_user_instrumentation.options[:mode].default_precedence?
+              return appsec.auto_user_instrumentation.enabled?
+            end
+            appsec.track_user_events.enabled
+          end
+          # NOTE: DEV-3 Replace method use with `auto_user_instrumentation.mode`
+          def auto_user_instrumentation_mode
+            appsec = Datadog.configuration.appsec
+            # NOTE: Reading both to trigger precedence set
+            appsec.auto_user_instrumentation.mode
+            appsec.track_user_events.mode
+            if !appsec.track_user_events.options[:mode].default_precedence? &&
+                appsec.auto_user_instrumentation.options[:mode].default_precedence?
+              return TRACK_USER_EVENTS_CONVERSION_RULES.fetch(
+                appsec.track_user_events.mode, appsec.auto_user_instrumentation.mode
+              )
+            end
+            appsec.auto_user_instrumentation.mode
+          end
+        end
+      end
+    end
+  end
+end