ddtrace 1.5.0 → 1.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +43 -1
- data/LICENSE-3rdparty.csv +1 -0
- data/lib/datadog/appsec/assets/waf_rules/recommended.json +1169 -275
- data/lib/datadog/appsec/assets/waf_rules/risky.json +78 -78
- data/lib/datadog/appsec/assets/waf_rules/strict.json +278 -88
- data/lib/datadog/appsec/contrib/rack/gateway/watcher.rb +25 -18
- data/lib/datadog/appsec/contrib/rack/reactive/request.rb +11 -11
- data/lib/datadog/appsec/contrib/rack/reactive/request_body.rb +11 -11
- data/lib/datadog/appsec/contrib/rack/reactive/response.rb +11 -11
- data/lib/datadog/appsec/contrib/rack/request.rb +3 -0
- data/lib/datadog/appsec/contrib/rack/request_middleware.rb +42 -19
- data/lib/datadog/appsec/contrib/rails/gateway/watcher.rb +7 -6
- data/lib/datadog/appsec/contrib/rails/reactive/action.rb +11 -11
- data/lib/datadog/appsec/contrib/rails/request.rb +3 -0
- data/lib/datadog/appsec/contrib/sinatra/gateway/watcher.rb +14 -12
- data/lib/datadog/appsec/contrib/sinatra/reactive/routed.rb +11 -11
- data/lib/datadog/appsec/event.rb +2 -12
- data/lib/datadog/appsec/instrumentation/gateway.rb +16 -2
- data/lib/datadog/appsec/processor.rb +18 -2
- data/lib/datadog/core/configuration/settings.rb +19 -5
- data/lib/datadog/tracing/client_ip.rb +11 -0
- data/lib/datadog/tracing/configuration/ext.rb +2 -1
- data/lib/datadog/tracing/contrib/rack/middlewares.rb +3 -1
- data/lib/datadog/tracing/contrib/utils/quantization/http.rb +14 -6
- data/lib/ddtrace/transport/traces.rb +2 -0
- data/lib/ddtrace/version.rb +1 -1
- metadata +3 -3
@@ -31,7 +31,7 @@ module Datadog
|
|
31
31
|
def run(*args)
|
32
32
|
start_ns = Core::Utils::Time.get_time(:nanosecond)
|
33
33
|
|
34
|
-
|
34
|
+
_code, res = @context.run(*args)
|
35
35
|
|
36
36
|
stop_ns = Core::Utils::Time.get_time(:nanosecond)
|
37
37
|
|
@@ -39,7 +39,11 @@ module Datadog
|
|
39
39
|
@time_ext_ns += (stop_ns - start_ns)
|
40
40
|
@timeouts += 1 if res.timeout
|
41
41
|
|
42
|
-
|
42
|
+
res
|
43
|
+
end
|
44
|
+
|
45
|
+
def finalize
|
46
|
+
@context.finalize
|
43
47
|
end
|
44
48
|
end
|
45
49
|
|
@@ -64,6 +68,18 @@ module Datadog
|
|
64
68
|
Context.new(self)
|
65
69
|
end
|
66
70
|
|
71
|
+
def update_rule_data(data)
|
72
|
+
@handle.update_rule_data(data)
|
73
|
+
end
|
74
|
+
|
75
|
+
def toggle_rules(map)
|
76
|
+
@handle.toggle_rules(map)
|
77
|
+
end
|
78
|
+
|
79
|
+
def finalize
|
80
|
+
@handle.finalize
|
81
|
+
end
|
82
|
+
|
67
83
|
protected
|
68
84
|
|
69
85
|
attr_reader :handle
|
@@ -323,8 +323,8 @@ module Datadog
|
|
323
323
|
|
324
324
|
# Parse tags from environment
|
325
325
|
env_to_list(Core::Environment::Ext::ENV_TAGS, comma_separated_only: false).each do |tag|
|
326
|
-
|
327
|
-
tags[
|
326
|
+
key, value = tag.split(':', 2)
|
327
|
+
tags[key] = value if value && !value.empty?
|
328
328
|
end
|
329
329
|
|
330
330
|
# Override tags if defined
|
@@ -667,13 +667,27 @@ module Datadog
|
|
667
667
|
# Whether client IP collection is enabled. When enabled client IPs from HTTP requests will
|
668
668
|
# be reported in traces.
|
669
669
|
#
|
670
|
+
# Usage of the DD_TRACE_CLIENT_IP_HEADER_DISABLED environment variable is deprecated.
|
671
|
+
#
|
670
672
|
# @see https://docs.datadoghq.com/tracing/configure_data_security#configuring-a-client-ip-header
|
671
673
|
#
|
672
|
-
# @default
|
673
|
-
# variable or `true` if it doesn't exist.
|
674
|
+
# @default `DD_TRACE_CLIENT_IP_ENABLED` environment variable, otherwise `false`.
|
674
675
|
# @return [Boolean]
|
675
676
|
option :enabled do |o|
|
676
|
-
o.default
|
677
|
+
o.default do
|
678
|
+
disabled = env_to_bool(Tracing::Configuration::Ext::ClientIp::ENV_DISABLED)
|
679
|
+
|
680
|
+
enabled = if disabled.nil?
|
681
|
+
false
|
682
|
+
else
|
683
|
+
Datadog.logger.warn { "#{Tracing::Configuration::Ext::ClientIp::ENV_DISABLED} environment variable is deprecated, found set to #{disabled}, use #{Tracing::Configuration::Ext::ClientIp::ENV_ENABLED}=#{!disabled}" }
|
684
|
+
|
685
|
+
!disabled
|
686
|
+
end
|
687
|
+
|
688
|
+
# ENABLED env var takes precedence over deprecated DISABLED
|
689
|
+
env_to_bool(Tracing::Configuration::Ext::ClientIp::ENV_ENABLED, enabled)
|
690
|
+
end
|
677
691
|
o.lazy
|
678
692
|
end
|
679
693
|
|
@@ -39,6 +39,17 @@ module Datadog
|
|
39
39
|
def self.set_client_ip_tag(span, headers: nil, remote_ip: nil)
|
40
40
|
return unless configuration.enabled
|
41
41
|
|
42
|
+
set_client_ip_tag!(span, headers: headers, remote_ip: remote_ip)
|
43
|
+
end
|
44
|
+
|
45
|
+
# Forcefully sets the `http.client_ip` tag on the given span.
|
46
|
+
#
|
47
|
+
# This function ignores the user's `enabled` setting.
|
48
|
+
#
|
49
|
+
# @param [Span] span The span that's associated with the request.
|
50
|
+
# @param [HeaderCollection, #get, nil] headers A collection with the request headers.
|
51
|
+
# @param [String, nil] remote_ip The remote IP the request associated with the span is sent to.
|
52
|
+
def self.set_client_ip_tag!(span, headers: nil, remote_ip: nil)
|
42
53
|
result = raw_ip_from_request(headers, remote_ip)
|
43
54
|
|
44
55
|
if result.raw_ip
|
@@ -54,7 +54,8 @@ module Datadog
|
|
54
54
|
|
55
55
|
# @public_api
|
56
56
|
module ClientIp
|
57
|
-
|
57
|
+
ENV_ENABLED = 'DD_TRACE_CLIENT_IP_ENABLED'.freeze
|
58
|
+
ENV_DISABLED = 'DD_TRACE_CLIENT_IP_HEADER_DISABLED'.freeze # TODO: deprecated, remove later
|
58
59
|
ENV_HEADER_NAME = 'DD_TRACE_CLIENT_IP_HEADER'.freeze
|
59
60
|
end
|
60
61
|
end
|
@@ -268,7 +268,9 @@ module Datadog
|
|
268
268
|
|
269
269
|
query_string.empty? ? path : "#{path}?#{query_string}"
|
270
270
|
else
|
271
|
-
|
271
|
+
# normally REQUEST_URI starts at the path, but it
|
272
|
+
# might contain the full URL in some cases (e.g WEBrick)
|
273
|
+
request_uri.sub(/^#{base_url}/, '')
|
272
274
|
end
|
273
275
|
|
274
276
|
base_url + fullpath
|
@@ -14,20 +14,28 @@ module Datadog
|
|
14
14
|
|
15
15
|
PLACEHOLDER = '?'.freeze
|
16
16
|
|
17
|
+
# taken from Ruby https://github.com/ruby/uri/blob/ffbab83de6d8748c9454414e02db5317609166eb/lib/uri/rfc3986_parser.rb
|
18
|
+
# but adjusted to parse only <scheme>://<host>:<port>/ components
|
19
|
+
# and stop there, since we don't care about the path, query string,
|
20
|
+
# and fragment components
|
21
|
+
RFC3986_URL_BASE = /\A(?<URI>(?<scheme>[A-Za-z][+\-.0-9A-Za-z]*):(?<hier-part>\/\/(?<authority>(?:(?<userinfo>(?:%\h\h|[!$&-.0-;=A-Z_a-z~])*)@)?(?<host>(?<IP-literal>\[(?:(?<IPv6address>(?:\h{1,4}:){6}(?<ls32>\h{1,4}:\h{1,4}|(?<IPv4address>(?<dec-octet>[1-9]\d|1\d{2}|2[0-4]\d|25[0-5]|\d)\.\g<dec-octet>\.\g<dec-octet>\.\g<dec-octet>))|::(?:\h{1,4}:){5}\g<ls32>|\h{1,4}?::(?:\h{1,4}:){4}\g<ls32>|(?:(?:\h{1,4}:)?\h{1,4})?::(?:\h{1,4}:){3}\g<ls32>|(?:(?:\h{1,4}:){,2}\h{1,4})?::(?:\h{1,4}:){2}\g<ls32>|(?:(?:\h{1,4}:){,3}\h{1,4})?::\h{1,4}:\g<ls32>|(?:(?:\h{1,4}:){,4}\h{1,4})?::\g<ls32>|(?:(?:\h{1,4}:){,5}\h{1,4})?::\h{1,4}|(?:(?:\h{1,4}:){,6}\h{1,4})?::)|(?<IPvFuture>v\h+\.[!$&-.0-;=A-Z_a-z~]+))\])|\g<IPv4address>|(?<reg-name>(?:%\h\h|[!$&-.0-9;=A-Z_a-z~])*))(?::(?<port>\d*))?)))(?:\/|\z)/.freeze # rubocop:disable Style/RegexpLiteral, Layout/LineLength
|
22
|
+
|
17
23
|
module_function
|
18
24
|
|
19
25
|
def url(url, options = {})
|
20
26
|
url!(url, options)
|
21
27
|
rescue StandardError
|
22
|
-
options[:placeholder] || PLACEHOLDER
|
28
|
+
placeholder = options[:placeholder] || PLACEHOLDER
|
29
|
+
|
30
|
+
options[:base] == :exclude ? placeholder : "#{base_url(url)}/#{placeholder}"
|
23
31
|
end
|
24
32
|
|
25
33
|
def base_url(url, options = {})
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
end
|
34
|
+
if (m = RFC3986_URL_BASE.match(url))
|
35
|
+
m[1]
|
36
|
+
else
|
37
|
+
''
|
38
|
+
end
|
31
39
|
end
|
32
40
|
|
33
41
|
def url!(url, options = {})
|
@@ -101,6 +101,8 @@ module Datadog
|
|
101
101
|
# Make the trace serializable
|
102
102
|
serializable_trace = SerializableTrace.new(trace)
|
103
103
|
|
104
|
+
Datadog.logger.debug { "Flushing trace: #{JSON.dump(serializable_trace)}" }
|
105
|
+
|
104
106
|
# Encode the trace
|
105
107
|
encoder.encode(serializable_trace)
|
106
108
|
end
|
data/lib/ddtrace/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: ddtrace
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.5.
|
4
|
+
version: 1.5.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Datadog, Inc.
|
@@ -50,14 +50,14 @@ dependencies:
|
|
50
50
|
requirements:
|
51
51
|
- - "~>"
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: 1.
|
53
|
+
version: 1.5.1.0.0
|
54
54
|
type: :runtime
|
55
55
|
prerelease: false
|
56
56
|
version_requirements: !ruby/object:Gem::Requirement
|
57
57
|
requirements:
|
58
58
|
- - "~>"
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: 1.
|
60
|
+
version: 1.5.1.0.0
|
61
61
|
- !ruby/object:Gem::Dependency
|
62
62
|
name: libdatadog
|
63
63
|
requirement: !ruby/object:Gem::Requirement
|