datadog 2.9.0 → 2.10.0

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: datadog
 version: !ruby/object:Gem::Version
-  version: 2.9.0
+  version: 2.10.0
 platform: ruby
 authors:
 - Datadog, Inc.
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-01-15 00:00:00.000000000 Z
+date: 2025-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: msgpack
@@ -30,20 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.3.7
+        version: '3.4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.3'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.3.7
+        version: '3.4'
 - !ruby/object:Gem::Dependency
   name: libddwaf
   requirement: !ruby/object:Gem::Requirement
@@ -72,6 +66,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 14.3.1.1.0
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: |
   datadog is Datadog's client library for Ruby. It includes a suite of tools
   which provide visibility into the performance and security of Ruby applications,
@@ -146,6 +154,7 @@ files:
 - ext/libdatadog_extconf_helpers.rb
 - lib/datadog.rb
 - lib/datadog/appsec.rb
+- lib/datadog/appsec/actions_handler.rb
 - lib/datadog/appsec/assets.rb
 - lib/datadog/appsec/assets/blocked.html
 - lib/datadog/appsec/assets/blocked.json
@@ -201,7 +210,6 @@ files:
 - lib/datadog/appsec/contrib/rails/reactive/action.rb
 - lib/datadog/appsec/contrib/rails/request.rb
 - lib/datadog/appsec/contrib/rails/request_middleware.rb
-- lib/datadog/appsec/contrib/sinatra/ext.rb
 - lib/datadog/appsec/contrib/sinatra/framework.rb
 - lib/datadog/appsec/contrib/sinatra/gateway/request.rb
 - lib/datadog/appsec/contrib/sinatra/gateway/route_params.rb
@@ -216,11 +224,14 @@ files:
 - lib/datadog/appsec/instrumentation.rb
 - lib/datadog/appsec/instrumentation/gateway.rb
 - lib/datadog/appsec/instrumentation/gateway/argument.rb
+- lib/datadog/appsec/metrics.rb
+- lib/datadog/appsec/metrics/collector.rb
+- lib/datadog/appsec/metrics/exporter.rb
+- lib/datadog/appsec/metrics/telemetry.rb
 - lib/datadog/appsec/monitor.rb
 - lib/datadog/appsec/monitor/gateway/watcher.rb
 - lib/datadog/appsec/monitor/reactive/set_user.rb
 - lib/datadog/appsec/processor.rb
-- lib/datadog/appsec/processor/context.rb
 - lib/datadog/appsec/processor/rule_loader.rb
 - lib/datadog/appsec/processor/rule_merger.rb
 - lib/datadog/appsec/rate_limiter.rb
@@ -230,6 +241,9 @@ files:
 - lib/datadog/appsec/remote.rb
 - lib/datadog/appsec/response.rb
 - lib/datadog/appsec/sample_rate.rb
+- lib/datadog/appsec/security_engine.rb
+- lib/datadog/appsec/security_engine/result.rb
+- lib/datadog/appsec/security_engine/runner.rb
 - lib/datadog/appsec/utils.rb
 - lib/datadog/appsec/utils/http.rb
 - lib/datadog/appsec/utils/http/media_range.rb
@@ -911,9 +925,9 @@ licenses:
 - Apache-2.0
 metadata:
   allowed_push_host: https://rubygems.org
-  changelog_uri: https://github.com/DataDog/dd-trace-rb/blob/v2.9.0/CHANGELOG.md
-  source_code_uri: https://github.com/DataDog/dd-trace-rb/tree/v2.9.0
-post_install_message: 
+  changelog_uri: https://github.com/DataDog/dd-trace-rb/blob/v2.10.0/CHANGELOG.md
+  source_code_uri: https://github.com/DataDog/dd-trace-rb/tree/v2.10.0
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -931,8 +945,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.0.0
 requirements: []
-rubygems_version: 3.5.11
-signing_key: 
+rubygems_version: 3.5.22
+signing_key:
 specification_version: 4
 summary: Datadog tracing code for your Ruby applications
 test_files: []

data/lib/datadog/appsec/contrib/sinatra/ext.rb

@@ -1,14 +0,0 @@
-# frozen_string_literal: true
-
-module Datadog
-  module AppSec
-    module Contrib
-      module Sinatra
-        # Sinatra integration constants
-        module Ext
-          ROUTE_INTERRUPT = :datadog_appsec_contrib_sinatra_route_interrupt
-        end
-      end
-    end
-  end
-end

data/lib/datadog/appsec/processor/context.rb

@@ -1,107 +0,0 @@
-# frozen_string_literal: true
-
-module Datadog
-  module AppSec
-    class Processor
-      # Context manages a sequence of runs
-      class Context
-        LIBDDWAF_SUCCESSFUL_EXECUTION_CODES = [:ok, :match].freeze
-
-        attr_reader :time_ns, :time_ext_ns, :timeouts, :events
-
-        def initialize(handle, telemetry:)
-          @context = WAF::Context.new(handle)
-          @telemetry = telemetry
-
-          @time_ns = 0.0
-          @time_ext_ns = 0.0
-          @timeouts = 0
-          @events = []
-          @run_mutex = Mutex.new
-
-          @libddwaf_debug_tag = "libddwaf:#{WAF::VERSION::STRING} method:ddwaf_run"
-        end
-
-        def run(persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
-          @run_mutex.lock
-
-          start_ns = Core::Utils::Time.get_time(:nanosecond)
-
-          persistent_data.reject! do |_, v|
-            next false if v.is_a?(TrueClass) || v.is_a?(FalseClass)
-
-            v.nil? ? true : v.empty?
-          end
-
-          ephemeral_data.reject! do |_, v|
-            next false if v.is_a?(TrueClass) || v.is_a?(FalseClass)
-
-            v.nil? ? true : v.empty?
-          end
-
-          _code, result = try_run(persistent_data, ephemeral_data, timeout)
-
-          stop_ns = Core::Utils::Time.get_time(:nanosecond)
-
-          # these updates are not thread safe and should be protected
-          @time_ns += result.total_runtime
-          @time_ext_ns += (stop_ns - start_ns)
-          @timeouts += 1 if result.timeout
-
-          report_execution(result)
-          result
-        ensure
-          @run_mutex.unlock
-        end
-
-        def extract_schema
-          return unless extract_schema?
-
-          input = {
-            'waf.context.processor' => {
-              'extract-schema' => true
-            }
-          }
-
-          _code, result = try_run(input, {}, WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
-
-          report_execution(result)
-          result
-        end
-
-        def finalize
-          @context.finalize
-        end
-
-        private
-
-        def try_run(persistent_data, ephemeral_data, timeout)
-          @context.run(persistent_data, ephemeral_data, timeout)
-        rescue WAF::LibDDWAF::Error => e
-          Datadog.logger.debug { "#{@libddwaf_debug_tag} execution error: #{e} backtrace: #{e.backtrace&.first(3)}" }
-          @telemetry.report(e, description: 'libddwaf-rb internal low-level error')
-
-          [:err_internal, WAF::Result.new(:err_internal, [], 0.0, false, [], [])]
-        end
-
-        def report_execution(result)
-          Datadog.logger.debug { "#{@libddwaf_debug_tag} execution timed out: #{result.inspect}" } if result.timeout
-
-          if LIBDDWAF_SUCCESSFUL_EXECUTION_CODES.include?(result.status)
-            Datadog.logger.debug { "#{@libddwaf_debug_tag} execution result: #{result.inspect}" }
-          else
-            message = "#{@libddwaf_debug_tag} execution error: #{result.status.inspect}"
-
-            Datadog.logger.debug { message }
-            @telemetry.error(message)
-          end
-        end
-
-        def extract_schema?
-          Datadog.configuration.appsec.api_security.enabled &&
-            Datadog.configuration.appsec.api_security.sample_rate.sample?
-        end
-      end
-    end
-  end
-end