dial 0.2.2 → 0.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f0cde97fba38cb1cf2eb253b525513f6e531f1e5b917eda64ebcae004e608fb6
-  data.tar.gz: 97e745b90b4bb7bfaae7ac64c8bb26325fe7927182877d316bf503b46e9712b8
+  metadata.gz: c21506e3c567f79104e394c2ab2fc1c29d433ef9e9e27f201d8fe3e6bdc2227f
+  data.tar.gz: 5a8a65aa3fcdd52d59508ebac6bb12bfa156d6f577793f7c05ac8eb14d5409b3
 SHA512:
-  metadata.gz: b5efaaef24b3fa42ddbb732c70f0af3ba9d4240ddc1a4b520304a68b020ec88c5b1751e92c79b0d8c02fe20b521e73bf27adeefd9af5293a03bd33aeb8dc17e7
-  data.tar.gz: b9b65a06f97a67fd003e73b6b8337d0a9800fb78dc02b095f4878e4b3062a69915e4022e270669c870df3514d45d57c15132f45bf70c4b559eeacd9b3d050d26
+  metadata.gz: c20d37444e2d186490ea5e75d30c2a6940d56adbff21c91d01a448d96b4b7b6baa0ead5da5305a1398dcd8e916f5a9dab60c2d0d101404a1377a998fe2d2d91c
+  data.tar.gz: 525eef47d8136c0c34ddc0c8460637370e87ea13d43c8d83e1c3b4c9dc992b192414f570a0258a9ffd16206a235611a5450982c3a9cf474f12552c16ef646613

data/CHANGELOG.md

@@ -1,5 +1,14 @@
 ## [Unreleased]
 
+## [0.2.4] - 2025-03-03
+
+- Add configuration option for setting script CSP nonce (thanks @matthaigh27)
+
+## [0.2.3] - 2025-02-28
+
+- Add configuration API
+- Make default prosopite ignore queries case insensitive
+
 ## [0.2.2] - 2025-02-27
 
 - Increase default vernier allocation interval from 200 to 20k

data/README.md

@@ -33,6 +33,27 @@ bundle install
 mount Dial::Engine, at: "/" if Rails.env.development?
 ```
 
+4. (Optional) Configure the gem in an initializer:
+
+```ruby
+# config/initializers/dial.rb
+
+Dial.configure do |config|
+  config.vernier_interval = 100
+  config.vernier_allocation_interval = 10_000
+  config.prosopite_ignore_queries += [/pg_sleep/i]
+end
+```
+
+### Options
+
+Option | Description | Default
+- | - | -
+`vernier_interval` | Sets the `interval` option for vernier. | `200`
+`vernier_allocation_interval` | Sets the `allocation_interval` option for vernier. | `20_000`
+`prosopite_ignore_queries` | Sets the `ignore_queries` option for prosopite. | `[/schema_migrations/i]`
+`content_security_policy_nonce` | Sets the content security policy nonce to use when inserting Dial's script. Can be a string, or a Proc which receives `env` and response `headers` as arguments and returns the nonce. | Rails generated nonce or `nil`
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `bundle exec rake test` to run the

data/lib/dial/configuration.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Dial
+  def self.configure
+    yield _configuration
+  end
+
+  def self._configuration
+    @_configuration ||= Configuration.new
+  end
+
+  class Configuration
+    def initialize
+      @options = {
+        vernier_interval: VERNIER_INTERVAL,
+        vernier_allocation_interval: VERNIER_ALLOCATION_INTERVAL,
+        prosopite_ignore_queries: PROSOPITE_IGNORE_QUERIES,
+        content_security_policy_nonce: -> (env, _headers) { env[NONCE] || "" },
+      }
+
+      @options.keys.each do |key|
+        define_singleton_method key do
+          @options[key]
+        end
+
+        define_singleton_method "#{key}=" do |value|
+          @options[key] = value
+        end
+      end
+    end
+
+    def freeze
+      @options.freeze
+      super
+    end
+  end
+end

data/lib/dial/constants.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "rack"
+require "action_dispatch"
 
 require_relative "version"
 
@@ -10,6 +11,7 @@ module Dial
   HTTP_ACCEPT = "HTTP_ACCEPT"
   CONTENT_TYPE = ::Rack::CONTENT_TYPE
   CONTENT_LENGTH = ::Rack::CONTENT_LENGTH
+  NONCE = ::ActionDispatch::ContentSecurityPolicy::Request::NONCE
   REQUEST_TIMING = "dial_request_timing"
 
   FILE_STALE_SECONDS = 60 * 60
@@ -18,7 +20,7 @@ module Dial
   VERNIER_ALLOCATION_INTERVAL = 20_000
   VERNIER_PROFILE_OUT_RELATIVE_DIRNAME = "tmp/dial/profiles"
 
-  PROSOPITE_IGNORE_QUERIES = [/schema_migrations/].freeze
+  PROSOPITE_IGNORE_QUERIES = [/schema_migrations/i].freeze
   PROSOPITE_LOG_RELATIVE_DIRNAME = "log/dial"
   PROSOPITE_LOG_FILENAME = "#{Util.uuid}_prosopite_#{PROGRAM_ID}.log".freeze
 end

data/lib/dial/middleware/panel.rb

@@ -5,7 +5,7 @@ require "uri"
 module Dial
   class Panel
     class << self
-      def html env, profile_out_filename, query_logs, ruby_vm_stat, gc_stat, gc_stat_heap, server_timing
+      def html env, headers, profile_out_filename, query_logs, ruby_vm_stat, gc_stat, gc_stat_heap, server_timing
         <<~HTML
           <style>#{style}</style>
 
@@ -69,7 +69,9 @@ module Dial
             </div>
           </div>
 
-          <script>#{script}</script>
+          <script nonce="#{configured_nonce env, headers}">
+            #{script}
+          </script>
         HTML
       end
 
@@ -171,7 +173,7 @@ module Dial
       end
 
       def formatted_rails_route_info env
-        rails_route_info = begin
+        begin
           ::Rails.application.routes.recognize_path env[::Rack::PATH_INFO], method: env[::Rack::REQUEST_METHOD]
         rescue ::ActionController::RoutingError
           {}
@@ -253,6 +255,15 @@ module Dial
           HTML
         end.join
       end
+
+      def configured_nonce env, headers
+        config_nonce = Dial._configuration.content_security_policy_nonce
+        if config_nonce.instance_of? Proc
+          config_nonce.call env, headers
+        else
+          config_nonce
+        end
+      end
     end
   end
 end

data/lib/dial/middleware/ruby_stat.rb

@@ -27,7 +27,7 @@ module Dial
     def stat_diff before, after, no_diff: []
       after.except(*no_diff).each_with_object({}) do |(key, value), diff|
         diff[key] = value - before[key]
-      end.merge after.slice *no_diff
+      end.merge after.slice(*no_diff)
     end
   end
 end

data/lib/dial/middleware.rb

@@ -28,7 +28,9 @@ module Dial
 
       status, headers, rack_body, ruby_vm_stat, gc_stat, gc_stat_heap, vernier_result = nil
       ::Prosopite.scan do
-        vernier_result = ::Vernier.profile interval: VERNIER_INTERVAL, allocation_interval: VERNIER_ALLOCATION_INTERVAL, hooks: [:memory_usage, :rails] do
+        vernier_result = ::Vernier.profile interval: Dial._configuration.vernier_interval, \
+                                           allocation_interval: Dial._configuration.vernier_allocation_interval, \
+                                           hooks: [:memory_usage, :rails] do
           ruby_vm_stat, gc_stat, gc_stat_heap = with_diffed_ruby_stats do
             status, headers, rack_body = @app.call env
           end
@@ -49,10 +51,12 @@ module Dial
       body = String.new.tap do |str|
         rack_body.each { |chunk| str << chunk }
         rack_body.close if rack_body.respond_to? :close
-      end.sub "</body>", <<~HTML
-          #{Panel.html env, profile_out_filename, query_logs, ruby_vm_stat, gc_stat, gc_stat_heap, server_timing}
-        </body>
-      HTML
+
+        str.sub! "</body>", <<~HTML
+            #{Panel.html env, headers, profile_out_filename, query_logs, ruby_vm_stat, gc_stat, gc_stat_heap, server_timing}
+          </body>
+        HTML
+      end
 
       headers[CONTENT_LENGTH] = body.bytesize.to_s
 
@@ -84,7 +88,7 @@ module Dial
 
     def clear_query_logs!
       [].tap do |query_logs|
-        File.open("#{query_log_dir_pathname}/#{PROSOPITE_LOG_FILENAME}", "r+") do |file|
+        File.open "#{query_log_dir_pathname}/#{PROSOPITE_LOG_FILENAME}", "r+" do |file|
           entry = section = count = nil
           file.each_line do |line|
             entry, section, count = process_query_log_line line, entry, section, count

data/lib/dial/railtie.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require "rails"
+require "active_record"
 require "prosopite"
 
 require_relative "middleware"
@@ -8,25 +9,25 @@ require_relative "prosopite_logger"
 
 module Dial
   class Railtie < ::Rails::Railtie
-    initializer "dial.use_middleware" do |app|
+    initializer "dial.use_middleware", after: :load_config_initializers do |app|
       app.middleware.insert_before 0, Middleware
     end
 
-    initializer "dial.set_up_vernier" do |app|
+    initializer "dial.set_up_vernier", after: :load_config_initializers do |app|
       app.config.after_initialize do
         FileUtils.mkdir_p ::Rails.root.join VERNIER_PROFILE_OUT_RELATIVE_DIRNAME
       end
     end
 
-    initializer "dial.clean_up_vernier_profile_out_files" do |app|
+    initializer "dial.clean_up_vernier_profile_out_files", after: :load_config_initializers do |app|
       stale_files("#{profile_out_dir_pathname}/*.json.gz").each do |profile_out_file|
         File.delete profile_out_file rescue nil
       end
     end
 
-    initializer "dial.set_up_prosopite" do |app|
+    initializer "dial.set_up_prosopite", after: :load_config_initializers do |app|
       app.config.after_initialize do
-        if ::ActiveRecord::Base.connection.adapter_name == "PostgreSQL"
+        if ::ActiveRecord::Base.configurations.configurations.any? { |config| config.adapter == "postgresql" }
           require "pg_query"
         end
 
@@ -34,17 +35,23 @@ module Dial
         FileUtils.mkdir_p File.dirname prosopite_log_pathname
         FileUtils.touch prosopite_log_pathname
         ::Prosopite.custom_logger = ProsopiteLogger.new prosopite_log_pathname
-
-        ::Prosopite.ignore_queries = PROSOPITE_IGNORE_QUERIES
       end
     end
 
-    initializer "dial.clean_up_prosopite_log_files" do |app|
+    initializer "dial.clean_up_prosopite_log_files", after: :load_config_initializers do |app|
       stale_files("#{query_log_dir_pathname}/*.log").each do |query_log_file|
         File.delete query_log_file rescue nil
       end
     end
 
+    initializer "dial.setup", after: :load_config_initializers do |app|
+      app.config.after_initialize do
+        Dial._configuration.freeze
+
+        ::Prosopite.ignore_queries = Dial._configuration.prosopite_ignore_queries
+      end
+    end
+
     private
 
     def stale_files glob_pattern

data/lib/dial/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Dial
-  VERSION = "0.2.2"
+  VERSION = "0.2.4"
 end

data/lib/dial.rb

@@ -3,5 +3,7 @@
 require_relative "dial/util"
 require_relative "dial/constants"
 
+require_relative "dial/configuration"
+
 require_relative "dial/railtie"
 require_relative "dial/engine"

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: dial
 version: !ruby/object:Gem::Version
-  version: 0.2.2
+  version: 0.2.4
 platform: ruby
 authors:
 - Joshua Young
 bindir: bin
 cert_chain: []
-date: 2025-02-27 00:00:00.000000000 Z
+date: 2025-03-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: railties
@@ -123,6 +123,7 @@ files:
 - README.md
 - dial.gemspec
 - lib/dial.rb
+- lib/dial/configuration.rb
 - lib/dial/constants.rb
 - lib/dial/engine.rb
 - lib/dial/engine/routes.rb