newrelic_rpm 9.14.0 → 9.17.0

data/lib/new_relic/agent/new_relic_service.rb

@@ -455,6 +455,8 @@ module NewRelic
       end
 
       def handle_error_response(response, endpoint)
+        NewRelic::Agent.agent.health_check.update_status(NewRelic::Agent::HealthCheck::HTTP_ERROR, [response.code, endpoint])
+
         case response
         when Net::HTTPRequestTimeOut,
              Net::HTTPTooManyRequests,
@@ -637,9 +639,13 @@ module NewRelic
       def send_request(opts)
         request = prep_request(opts)
         response = relay_request(request, opts)
-        return response if response.is_a?(Net::HTTPSuccess) || response.is_a?(Net::HTTPAccepted)
 
-        handle_error_response(response, opts[:endpoint])
+        if response.is_a?(Net::HTTPSuccess) || response.is_a?(Net::HTTPAccepted)
+          NewRelic::Agent.agent.health_check.update_status(NewRelic::Agent::HealthCheck::HEALTHY)
+          response
+        else
+          handle_error_response(response, opts[:endpoint])
+        end
       end
 
       def log_response(response)

data/lib/new_relic/agent/span_event_primitive.rb

@@ -52,6 +52,8 @@ module NewRelic
       DATASTORE_CATEGORY = 'datastore'
       CLIENT = 'client'
 
+      DB_STATEMENT_MAX_BYTES = 4096
+
       # Builds a Hash of error attributes as well as the Span ID when
       # an error is present.  Otherwise, returns nil when no error present.
       def error_attributes(segment)
@@ -114,9 +116,9 @@ module NewRelic
         agent_attributes[DB_SYSTEM_KEY] = segment.product if allowed?(DB_SYSTEM_KEY)
 
         if segment.sql_statement && allowed?(DB_STATEMENT_KEY)
-          agent_attributes[DB_STATEMENT_KEY] = truncate(segment.sql_statement.safe_sql, 2000)
+          agent_attributes[DB_STATEMENT_KEY] = truncate(segment.sql_statement.safe_sql, DB_STATEMENT_MAX_BYTES)
         elsif segment.nosql_statement && allowed?(DB_STATEMENT_KEY)
-          agent_attributes[DB_STATEMENT_KEY] = truncate(segment.nosql_statement, 2000)
+          agent_attributes[DB_STATEMENT_KEY] = truncate(segment.nosql_statement, DB_STATEMENT_MAX_BYTES)
         end
 
         [intrinsics, custom_attributes(segment), agent_attributes.merge(agent_attributes(segment))]

data/lib/new_relic/agent/threading/backtrace_node.rb

@@ -125,7 +125,16 @@ module NewRelic
 
         # Returns [filename, method, line number]
         def parse_backtrace_frame(frame)
-          frame =~ /([^:]*)(\:(\d+))?\:in `(.*)'/
+          # TODO: OLD RUBIES - Ruby 3.3
+          # The (?:`|') non-capturing group can be removed when the agent
+          # drops support for Ruby 3.3
+          # This group is used to capture the pre-Ruby 3.4.0 backtrace syntax.
+          # Example frame:
+          # Ruby 3.3.0 and below
+          # "irb.rb:69:in `catch'"
+          # Ruby 3.4.0+
+          # "irb.rb:69:in 'Kernel#catch'"
+          frame =~ /([^:]*)(\:(\d+))?\:in (?:`|')(.*)'/
           [$1, $4, $3] # sic
         end
       end

data/lib/new_relic/agent/transaction/message_broker_segment.rb

@@ -15,6 +15,7 @@ module NewRelic
         PRODUCE = 'Produce'.freeze
         QUEUE = 'Queue'.freeze
         PURGE = 'Purge'.freeze
+        STREAM = 'Stream'.freeze
         TEMP = 'Temp'.freeze
         TOPIC = 'Topic'.freeze
         UNKNOWN = 'Unknown'.freeze
@@ -22,6 +23,7 @@ module NewRelic
         DESTINATION_TYPES = [
           :exchange,
           :queue,
+          :stream,
           :topic,
           :temporary_queue,
           :temporary_topic,
@@ -37,6 +39,7 @@ module NewRelic
         TYPES = {
           exchange: EXCHANGE,
           temporary_queue: QUEUE,
+          stream: STREAM,
           queue: QUEUE,
           temporary_topic: TOPIC,
           topic: TOPIC,

data/lib/new_relic/agent.rb

@@ -132,8 +132,8 @@ module NewRelic
     def agent # :nodoc:
       return @agent if @agent
 
-      NewRelic::Agent.logger.warn("Agent unavailable as it hasn't been started.")
-      NewRelic::Agent.logger.warn(caller.join("\n"))
+      NewRelic::Agent.logger.debug("Agent unavailable as it hasn't been started.")
+      NewRelic::Agent.logger.debug(caller.join("\n"))
       nil
     end
 

data/lib/new_relic/control/frameworks/rails4.rb

@@ -9,11 +9,7 @@ module NewRelic
     module Frameworks
       class Rails4 < NewRelic::Control::Frameworks::Rails3
         def rails_gem_list
-          if Bundler.rubygems.respond_to?(:installed_specs)
-            Bundler.rubygems.installed_specs.map { |gem| "#{gem.name} (#{gem.version})" }
-          else
-            Bundler.rubygems.all_specs.map { |gem| "#{gem.name} (#{gem.version})" }
-          end
+          NewRelic::Helper.rubygems_specs.map { |gem| "#{gem.name} (#{gem.version})" }
         end
 
         def append_plugin_list

data/lib/new_relic/dependency_detection.rb

@@ -25,11 +25,9 @@ module DependencyDetection
 
   def detect!
     @items.each do |item|
-      if item.dependencies_satisfied?
-        item.execute
-      else
-        item.configure_as_unsatisfied unless item.disabled_configured?
-      end
+      next if item.executed || item.disabled_configured?
+
+      item.dependencies_satisfied? ? item.execute : item.configure_as_unsatisfied
     end
   end
 
@@ -65,6 +63,13 @@ module DependencyDetection
     end
 
     def configure_as_unsatisfied
+      # TODO: currently using :unsatisfied for Padrino will clobber the value
+      #       already set for Sinatra, so skip Padrino and circle back with a
+      #       new Padrino specific solution in the future.
+      #
+      #       https://github.com/newrelic/newrelic-ruby-agent/issues/2912
+      return if name == :padrino
+
       NewRelic::Agent.config.instance_variable_get(:@cache)[config_key] = :unsatisfied
     end
 
@@ -139,8 +144,6 @@ module DependencyDetection
       !(disabled_configured? || deprecated_disabled_configured?)
     end
 
-    # TODO: MAJOR VERSION
-    # will only return true if a disabled key is found and is truthy
     def deprecated_disabled_configured?
       return false if self.name.nil?
 
@@ -148,12 +151,7 @@ module DependencyDetection
       return false unless ::NewRelic::Agent.config[key] == true
 
       ::NewRelic::Agent.logger.debug("Not installing #{self.name} instrumentation because of configuration #{key}")
-      ::NewRelic::Agent.logger.debug( \
-        "[DEPRECATED] configuration #{key} for #{self.name} will be removed in the next major release. " \
-        "Use `#{config_key}` with one of `#{VALID_CONFIG_VALUES.map(&:to_s).inspect}`"
-      )
-
-      return true
+      true
     end
 
     def config_key

data/lib/new_relic/environment_report.rb

@@ -44,11 +44,7 @@ module NewRelic
     ####################################
     report_on('Gems') do
       begin
-        if Bundler.rubygems.respond_to?(:installed_specs)
-          Bundler.rubygems.installed_specs.map { |gem| "#{gem.name}(#{gem.version})" }
-        else
-          Bundler.rubygems.all_specs.map { |gem| "#{gem.name}(#{gem.version})" }
-        end
+        NewRelic::Helper.rubygems_specs.map { |gem| "#{gem.name}(#{gem.version})" }
       rescue
         # There are certain rubygem, bundler, rails combinations (e.g. gem
         # 1.6.2, rails 2.3, bundler 1.2.3) where the code above throws an error

data/lib/new_relic/helper.rb

@@ -82,5 +82,20 @@ module NewRelic
         File.exist?(executable_path) && File.file?(executable_path) && File.executable?(executable_path)
       end
     end
+
+    # Bundler version 2.5.12 deprecated all_specs and added installed_specs.
+    # To support newer Bundler versions, try to use installed_specs first,
+    # then fall back to all_specs.
+    # All callers expect this to be an array, so return an array if Bundler isn't defined
+    # @api private
+    def rubygems_specs
+      return [] unless defined?(Bundler)
+
+      if Bundler.rubygems.respond_to?(:installed_specs)
+        Bundler.rubygems.installed_specs
+      else
+        Bundler.rubygems.all_specs
+      end
+    end
   end
 end

data/lib/new_relic/language_support.rb

@@ -90,11 +90,7 @@ module NewRelic
     def bundled_gem?(gem_name)
       return false unless defined?(Bundler)
 
-      if Bundler.rubygems.respond_to?(:installed_specs)
-        Bundler.rubygems.installed_specs.map(&:name).include?(gem_name)
-      else
-        Bundler.rubygems.all_specs.map(&:name).include?(gem_name)
-      end
+      NewRelic::Helper.rubygems_specs.map(&:name).include?(gem_name)
     rescue => e
       ::NewRelic::Agent.logger.info("Could not determine if third party #{gem_name} gem is installed", e)
       false

data/lib/new_relic/version.rb

@@ -6,7 +6,7 @@
 module NewRelic
   module VERSION # :nodoc:
     MAJOR = 9
-    MINOR = 14
+    MINOR = 17
     TINY = 0
 
     STRING = "#{MAJOR}.#{MINOR}.#{TINY}"

data/lib/sequel/extensions/new_relic_instrumentation.rb

@@ -79,7 +79,7 @@ module Sequel
 
     THREAD_SAFE_CONNECTION_POOL_CLASSES = [
       (defined?(::Sequel::ThreadedConnectionPool) && ::Sequel::ThreadedConnectionPool),
-      (defined?(::Sequel::TimedQueueConnectionPool) && RUBY_VERSION >= '3.4' && ::Sequel::TimedQueueConnectionPool)
+      (defined?(::Sequel::TimedQueueConnectionPool) && RUBY_VERSION >= '3.2' && ::Sequel::TimedQueueConnectionPool)
     ].compact.freeze
 
     def explainer_for(sql)

data/lib/tasks/instrumentation_generator/templates/dependency_detection.tt

@@ -2,12 +2,8 @@
 # See https://github.com/newrelic/newrelic-ruby-agent/blob/main/LICENSE for complete details.
 # frozen_string_literal: true
 
-require_relative '<%= @snake_name.downcase %>/instrumentation'
-require_relative '<%= @snake_name.downcase %>/chain'
-require_relative '<%= @snake_name.downcase %>/prepend'
-
 DependencyDetection.defer do
-  named :<%= @name.match?(/\-|\_/) ? "'#{@snake_name}'" : @name.downcase %>
+  named :<%= @snake_name %>
 
   depends_on do
     # The class that needs to be defined to prepend/chain onto. This can be used
@@ -18,11 +14,18 @@ DependencyDetection.defer do
   end
 
   executes do
-    NewRelic::Agent.logger.info('Installing <%= @name.downcase %> instrumentation')
+    require_relative '<%= @snake_name.downcase %>/instrumentation'
 
+    # prepend_instrument and chain_instrument call extract_supportability_name
+    # to get the library name for supportability metrics and info-level logging.
+    # This is done by spliting on the 2nd to last spot of the instrumented
+    # module. If this isn't how we want the name to appear, pass in the desired
+    # name as a third argument.
     if use_prepend?
+      require_relative '<%= @snake_name.downcase %>/prepend'
       prepend_instrument <%= @class_name %>, NewRelic::Agent::Instrumentation::<%= @class_name %>::Prepend
     else
+      require_relative '<%= @snake_name.downcase %>/chain'
       chain_instrument NewRelic::Agent::Instrumentation::<%= @class_name %>::Chain
     end
   end

data/newrelic.yml

@@ -65,9 +65,16 @@ common: &default_settings
   # If true, the agent captures log records emitted by your application.
   # application_logging.forwarding.enabled: true
 
+  # If true, the agent attaches labels to log records.
+  # application_logging.forwarding.labels.enabled: false
+
+  # A case-insensitive array or comma-delimited string containing the labels to
+  # exclude from log records.
+  # application_logging.forwarding.labels.exclude: []
+
   # Sets the minimum level a log event must have to be forwarded to New Relic.
   # This is based on the integer values of Ruby's Logger::Severity constants:
-  # https://github.com/ruby/ruby/blob/master/lib/logger/severity.rb
+  # https://github.com/ruby/logger/blob/113b82a06b3076b93a71cd467e1605b23afb3088/lib/logger/severity.rb
   # The intention is to forward logs with the level given to the configuration, as
   # well as any logs with a higher level of severity.
   # For example, setting this value to "debug" will forward all log events to New
@@ -114,17 +121,15 @@ common: &default_settings
   # audit_log.path: log/newrelic_audit.log
 
   # An array of CLASS#METHOD (for instance methods) and/or CLASS.METHOD (for class
-  # methods) strings representing Ruby methods for the agent to automatically add
-  # custom instrumentation to without the need for altering any of the source code
-  # that defines the methods.
-  #
+  # methods) strings representing Ruby methods that the agent can automatically
+  # add custom instrumentation to. This doesn't require any modifications of the
+  # source code that defines the methods.
   # Use fully qualified class names (using the :: delimiter) that include any
   # module or class namespacing.
-  #
   # Here is some Ruby source code that defines a render_png instance method for an
   # Image class and a notify class method for a User class, both within a
   # MyCompany module namespace:
-  # 
+  #
   # module MyCompany
   #   class Image
   #     def render_png
@@ -138,26 +143,29 @@ common: &default_settings
   #     end
   #   end
   # end
-  # 
+  #
   # Given that source code, the newrelic.yml config file might request
   # instrumentation for both of these methods like so:
-  # 
+  #
   # automatic_custom_instrumentation_method_list:
   # - MyCompany::Image#render_png
   # - MyCompany::User.notify
   #
   # That configuration example uses YAML array syntax to specify both methods.
-  # Alternatively, a comma-delimited string can be used instead:
-  # 
-  # automatic_custom_instrumentation_method_list: 'MyCompany::Image#render_png, MyCompany::User.notify'
-  # 
+  # Alternatively, you can use a comma-delimited string:
+  #
+  # automatic_custom_instrumentation_method_list: 'MyCompany::Image#render_png,
+  # MyCompany::User.notify'
+  #
   # Whitespace around the comma(s) in the list is optional. When configuring the
   # agent with a list of methods via the
   # NEW_RELIC_AUTOMATIC_CUSTOM_INSTRUMENTATION_METHOD_LIST environment variable,
-  # this comma-delimited string format should be used:
-  # 
-  # export NEW_RELIC_AUTOMATIC_CUSTOM_INSTRUMENTATION_METHOD_LIST='MyCompany::Image#render_png, MyCompany::User.notify'
-  # 
+  # use this comma-delimited string format:
+  #
+  # export
+  # NEW_RELIC_AUTOMATIC_CUSTOM_INSTRUMENTATION_METHOD_LIST='MyCompany::Image#render_png,
+  # MyCompany::User.notify'
+  #
   # automatic_custom_instrumentation_method_list: []
 
   # Specify a list of constants that should prevent the agent from starting
@@ -197,9 +205,8 @@ common: &default_settings
   # monitoring scripts. For now, auto-injection only works with Rails 5.2+.
   # browser_monitoring.content_security_policy_nonce: true
 
-  # Manual override for the path to your local CA bundle. This CA bundle will be
-  # used to validate the SSL certificate presented by New Relic's data collection
-  # service.
+  # Manual override for the path to your local CA bundle. This CA bundle validates
+  # the SSL certificate presented by New Relic's data collection service.
   # ca_bundle_path: nil
 
   # Enable or disable the capture of memcache keys from transaction traces.
@@ -216,6 +223,9 @@ common: &default_settings
   # If true, the agent will clear Tracer::State in Agent.drop_buffered_data.
   # clear_transaction_state_after_fork: false
 
+  # The AWS account ID for the AWS account associated with this app
+  # cloud.aws.account_id: nil
+
   # If true, the agent will report source code level metrics for traced methods.
   # See:
   # https://docs.newrelic.com/docs/apm/agents/ruby-agent/features/ruby-codestream-integration/
@@ -312,18 +322,6 @@ common: &default_settings
   # If true, disables agent middleware for Sinatra. This middleware is responsible
   # for advanced feature support such as cross application tracing, page load
   # timing, and error collection.
-  # Cross application tracing is deprecated in favor of distributed tracing.
-  # Distributed tracing is on by default for Ruby agent versions 8.0.0 and above.
-  # Middlewares are not required to support distributed tracing.
-  # To continue using cross application tracing, update the following options in
-  # your newrelic.yml configuration file:
-  # ``yaml
-  # # newrelic.yml
-  # cross_application_tracer:
-  # enabled: true
-  # distributed_tracing:
-  # enabled: false
-  # ``
   # disable_sinatra_auto_middleware: false
 
   # If true, disables view instrumentation.
@@ -455,6 +453,18 @@ common: &default_settings
   # prepend, chain, disabled.
   # instrumentation.async_http: auto
 
+  # Controls auto-instrumentation of the aws-sdk-firehose library at start-up. May
+  # be one of auto, prepend, chain, disabled.
+  # instrumentation.aws_sdk_firehose: auto
+
+  # Controls auto-instrumentation of the aws-sdk-kinesis library at start-up. May
+  # be one of auto, prepend, chain, disabled.
+  # instrumentation.aws_sdk_kinesis: auto
+
+  # Controls auto-instrumentation of the aws_sdk_lambda library at start-up. May
+  # be one of auto, prepend, chain, disabled.
+  # instrumentation.aws_sdk_lambda: auto
+
   # Controls auto-instrumentation of the aws-sdk-sqs library at start-up. May be
   # one of: auto, prepend, chain, disabled.
   # instrumentation.aws_sqs: auto
@@ -719,8 +729,8 @@ common: &default_settings
 
   # If true, the agent will operate in a streamlined mode suitable for use with
   # short-lived serverless functions. NOTE: Only AWS Lambda functions are
-  # supported currently and this option is not intended for use without New
-  # Relic's Ruby Lambda layer offering.
+  # supported currently and this option isn't intended for use without New Relic's
+  # Ruby Lambda layer offering.
   # serverless_mode.enabled: false
 
   # An array of strings that will collectively serve as a denylist for filtering
@@ -791,7 +801,7 @@ common: &default_settings
   # strip_exception_messages.allowed_classes: ""
 
   # If true, the agent strips messages from all exceptions except those in the
-  # allowlist. Enabled automatically in high security mode.
+  # allowed classes list. Enabled automatically in high security mode.
   # strip_exception_messages.enabled: false
 
   # An array of strings to specify which keys and/or values inside a Stripe
@@ -799,17 +809,17 @@ common: &default_settings
   # not be reported to New Relic. Each string in this array will be turned into a
   # regular expression via
   # Regexp.new to permit advanced matching. For each hash pair, if either the key
-  # or value is matched the
-  # pair will not be reported. By default, no user_data is reported, so this
-  # option should only be used if
-  # the stripe.user_data.include option is being used.
+  # or value is matched the pair
+  # isn't reported. By default, no user_data is reported. Use this option only if
+  # the
+  # stripe.user_data.include option is also used.
   # stripe.user_data.exclude: []
 
   # An array of strings to specify which keys inside a Stripe event's user_data
   # hash should be reported
   # to New Relic. Each string in this array will be turned into a regular
   # expression via Regexp.new to
-  # permit advanced matching. Setting the value to ["."] will report all
+  # enable advanced matching. Setting the value to ["."] will report all
   # user_data.
   # stripe.user_data.include: []
 
@@ -873,7 +883,7 @@ common: &default_settings
 
   # If true, enables the collection of explain plans in transaction traces. This
   # setting will also apply to explain plans in slow SQL traces if
-  # slow_sql.explain_enabled is not set separately.
+  # slow_sql.explain_enabled isn't set separately.
   # transaction_tracer.explain_enabled: true
 
   # Threshold (in seconds) above which the agent will collect explain plans.
@@ -947,33 +957,104 @@ common: &default_settings
   #   NOTE: All "security.*" configuration parameters are related only to the
   #         security agent, and all other configuration parameters that may
   #         have "security" in the name somewhere are related to the APM agent.
-  
+
   # If true, the security agent is loaded (a Ruby 'require' is performed)
   # security.agent.enabled: false
 
   # The port the application is listening on. This setting is mandatory for
-  # Passenger servers. Other servers should be detected by default.
+  # Passenger servers. The agent detects other servers by default.
   # security.application_info.port: nil
 
-  # If true, enables deserialization detection
-  # security.detection.deserialization.enabled: true
+  # If true, the security agent is started (the agent runs in its event loop)
+  # security.enabled: false
 
-  # If true, enables RCI (remote code injection) detection
-  # security.detection.rci.enabled: true
+  # Defines API paths the security agent should ignore in IAST scans. Accepts an
+  # array of regex patterns matching the URI to ignore. The regex pattern should
+  # find a complete match for the URL without the endpoint. For example,
+  # [".*account.*"], [".*/\api\/v1\/.*?\/login"]
+  # security.exclude_from_iast_scan.api: []
 
-  # If true, enables RXSS (reflected cross-site scripting) detection
-  # security.detection.rxss.enabled: true
+  # An array of HTTP request body keys the security agent should ignore in IAST
+  # scans.
+  # security.exclude_from_iast_scan.http_request_parameters.body: []
 
-  # If true, the security agent is started (the agent runs in its event loop)
-  # security.enabled: false
+  # An array of HTTP request headers the security agent should ignore in IAST
+  # scans. The array should specify a list of patterns matching the headers to
+  # ignore.
+  # security.exclude_from_iast_scan.http_request_parameters.header: []
+
+  # An array of HTTP request query parameters the security agent should ignore in
+  # IAST scans. The array should specify a list of patterns matching the HTTP
+  # request query parameters to ignore.
+  # security.exclude_from_iast_scan.http_request_parameters.query: []
+
+  # If true, disables system command injection detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.command_injection: false
+
+  # If true, disables the detection of low-severity insecure settings. For
+  # example, hash, crypto, cookie, random generators, trust boundary).
+  # security.exclude_from_iast_scan.iast_detection_category.insecure_settings: false
+
+  # If true, disables file operation-related IAST detections (File Access &
+  # Application integrity violation)
+  # security.exclude_from_iast_scan.iast_detection_category.invalid_file_access: false
+
+  # If true, disables Javascript injection detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.javascript_injection: false
+
+  # If true, disables LDAP injection detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.ldap_injection: false
+
+  # If true, disables NOSQL injection detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.nosql_injection: false
+
+  # If true, disables Reflected Cross-Site Scripting (RXSS) detection in IAST
+  # scans.
+  # security.exclude_from_iast_scan.iast_detection_category.rxss: false
+
+  # If true, disables SQL injection detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.sql_injection: false
+
+  # If true, disables Sever-Side Request Forgery (SSRF) detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.ssrf: false
+
+  # If true, disables XPATH injection detection in IAST scans.
+  # security.exclude_from_iast_scan.iast_detection_category.xpath_injection: false
+
+  # A unique test identifier when runnning IAST in a CI/CD environment to
+  # differentiate between different test runs. For example, a build number.
+  # security.iast_test_identifier: nil
 
   # Defines the mode for the security agent to operate in. Currently only IAST is
   # supported
   # security.mode: IAST
 
-  # Defines the request body limit to process in security events (in KB). The
-  # default value is 300, for 300KB.
-  # security.request.body_limit: 300
+  # Sets the maximum number of HTTP requests allowed for the IAST scan per minute.
+  # Any Integer between 12 and 3600 is valid. The default value is 3600.
+  # security.scan_controllers.iast_scan_request_rate_limit: 3600
+
+  # If true, enables the sending of HTTP responses bodies. Disabling this also
+  # disables Reflected Cross-Site Scripting (RXSS) vulnerability detection.
+  # security.scan_controllers.report_http_response_body: true
+
+  # The number of application instances for a specific entity to perform IAST
+  # analysis on.
+  # security.scan_controllers.scan_instance_count: 0
+
+  # If true, allows IAST to continuously gather trace data in the background. The
+  # security agent uses collected data to perform an IAST scan at the scheduled
+  # time.
+  # security.scan_schedule.always_sample_traces: false
+
+  # Specifies the delay time (in minutes) before the IAST scan begins after the
+  # application starts.
+  # security.scan_schedule.delay: 0
+
+  # Indicates the duration (in minutes) for which the IAST scan will be performed.
+  # security.scan_schedule.duration: 0
+
+  # Specifies a cron expression that sets when the IAST scan should run.
+  # security.scan_schedule.schedule: ""
 
   # Defines the endpoint URL for posting security-related data
   # security.validator_service_url: wss://csec.nr-data.net

data/test/agent_helper.rb

@@ -112,7 +112,14 @@ def assert_log_contains(log, message)
   lines = log.array
 
   assert (lines.any? { |line| line.match(message) }),
-    "Could not find message. Log contained: #{lines.join("\n")}"
+    "Could not find message: '#{message.inspect}'. Log contained: #{lines.join("\n")}"
+end
+
+def refute_log_contains(log, message)
+  lines = log.array
+
+  refute (lines.any? { |line| line.match(message) }),
+    "Found message: '#{message.inspect}'. Log contained: #{lines.join("\n")}"
 end
 
 def assert_audit_log_contains(audit_log_contents, needle)

metadata

@@ -1,17 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: newrelic_rpm
 version: !ruby/object:Gem::Version
-  version: 9.14.0
+  version: 9.17.0
 platform: ruby
 authors:
 - Tanna McClure
 - Kayla Reopelle
 - James Bunch
 - Hannah Ramadan
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-09-30 00:00:00.000000000 Z
+date: 2025-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -344,6 +343,7 @@ files:
 - lib/new_relic/agent/external.rb
 - lib/new_relic/agent/guid_generator.rb
 - lib/new_relic/agent/harvester.rb
+- lib/new_relic/agent/health_check.rb
 - lib/new_relic/agent/heap.rb
 - lib/new_relic/agent/hostname.rb
 - lib/new_relic/agent/http_clients/abstract.rb
@@ -392,6 +392,18 @@ files:
 - lib/new_relic/agent/instrumentation/async_http/chain.rb
 - lib/new_relic/agent/instrumentation/async_http/instrumentation.rb
 - lib/new_relic/agent/instrumentation/async_http/prepend.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_firehose.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_firehose/chain.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_firehose/instrumentation.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_firehose/prepend.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_kinesis.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_kinesis/chain.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_kinesis/instrumentation.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_kinesis/prepend.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_lambda.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_lambda/chain.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_lambda/instrumentation.rb
+- lib/new_relic/agent/instrumentation/aws_sdk_lambda/prepend.rb
 - lib/new_relic/agent/instrumentation/aws_sqs.rb
 - lib/new_relic/agent/instrumentation/aws_sqs/chain.rb
 - lib/new_relic/agent/instrumentation/aws_sqs/instrumentation.rb
@@ -763,7 +775,6 @@ metadata:
   documentation_uri: https://docs.newrelic.com/docs/agents/ruby-agent
   source_code_uri: https://github.com/newrelic/newrelic-ruby-agent
   homepage_uri: https://newrelic.com/ruby
-post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -778,8 +789,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 1.3.1
 requirements: []
-rubygems_version: 3.5.16
-signing_key: 
+rubygems_version: 3.6.2
 specification_version: 4
 summary: New Relic Ruby Agent
 test_files: []