scout_apm 5.1.0 → 5.1.1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3a569967a27143fe36a506e8757eeda10f2de6cf85567cb2af8c08993b558abb
4
- data.tar.gz: 49a5277948f6dab053268af7f912f8905b78d2173c79cfb1c3e9a87288e33113
3
+ metadata.gz: 5a1da3776ca231a4d81c9ab5935e6b644ab46ae5609cef60402ccd5258e07795
4
+ data.tar.gz: f583776f39fa426aa43d1942bd83e4bcd23ca3a6f71a2e883df22a74cb2db868
5
5
  SHA512:
6
- metadata.gz: 523767ea43b634748ff16ee974fd6bb659ddced673fbd9106e6f3a07ed8e9d78ec30b88094dac2aff4a374af719691249534aa471a7fc993813018d92bf71333
7
- data.tar.gz: f67a78084a1280b497422f4dc35ea3ed5afb1cfbde55c79c4020b11e407674f803ea8d1dec8803bb6bf1fcc8a4e11ac728621cf2f45b8d2d35956497d55a78d7
6
+ metadata.gz: bc2f10c76ea8abbb6f74cbe86cbd0e0d1265143a19008307609be35adb57737f474c9a2f59545e2f36b00b5006c5f1b9726f59e70c3e327e6487eb2445e07df6
7
+ data.tar.gz: 8863c891bbd5f1e87d56a06f8275cbcf711b15964116cbddbb648398825eed65fa6ce73cd3848815e8ab8a1eec1f8a2e4a878682e2d47d457778786532ee3db4
data/CHANGELOG.markdown CHANGED
@@ -1,5 +1,9 @@
1
1
  # Unreleased
2
2
 
3
+ # 5.1.1
4
+
5
+ * Improvements to SqlServer scrubbing in SqlSanitizer (#422)
6
+
3
7
  # 5.1.0
4
8
 
5
9
  * Specify correct (MIT) license in Gemspec (#430)
@@ -34,7 +34,8 @@ module ScoutApm
34
34
  SQLITE_REMOVE_INTEGERS = /(?<!LIMIT )\b\d+\b/.freeze
35
35
 
36
36
  # => "EXEC sp_executesql N'SELECT [users].* FROM [users] WHERE (age > 50) ORDER BY [users].[id] ASC OFFSET 0 ROWS FETCH NEXT @0 ROWS ONLY', N'@0 int', @0 = 10"
37
- SQLSERVER_EXECUTESQL = /EXEC sp_executesql N'(.*?)'.*/
37
+ SQLSERVER_REMOVE_EXECUTESQL = /EXEC sp_executesql (N')?/.freeze
38
+ SQLSERVER_REMOVE_STRINGS = /'(?:[^']|'')*'/.freeze
38
39
  SQLSERVER_REMOVE_INTEGERS = /(?<!LIMIT )\b(?<!@)\d+\b/.freeze
39
40
  SQLSERVER_IN_CLAUSE = /IN\s+\(\?[^\)]*\)/.freeze
40
41
 
@@ -67,7 +68,8 @@ module ScoutApm
67
68
  private
68
69
 
69
70
  def to_s_sqlserver
70
- sql.gsub!(SQLSERVER_EXECUTESQL, '\1')
71
+ sql.gsub!(SQLSERVER_REMOVE_EXECUTESQL, '')
72
+ sql.gsub!(SQLSERVER_REMOVE_STRINGS, '?')
71
73
  sql.gsub!(SQLSERVER_REMOVE_INTEGERS, '?')
72
74
  sql.gsub!(SQLSERVER_IN_CLAUSE, 'IN (?)')
73
75
  sql
@@ -1,3 +1,3 @@
1
1
  module ScoutApm
2
- VERSION = "5.1.0"
2
+ VERSION = "5.1.1"
3
3
  end
@@ -123,27 +123,27 @@ module ScoutApm
123
123
  end
124
124
 
125
125
  def test_sqlserver_integers
126
- skip "SQLServer Support requires Ruby 1.9+ For Regexes"
127
-
128
126
  sql = "EXEC sp_executesql N'SELECT [users].* FROM [users] WHERE (age > 50) ORDER BY [users].[id] ASC OFFSET 0 ROWS FETCH NEXT @0 ROWS ONLY', N'@0 int', @0 = 10"
129
127
  ss = SqlSanitizer.new(sql).tap{ |it| it.database_engine = :sqlserver }
130
- assert_equal %q|SELECT [users].* FROM [users] WHERE (age > ?) ORDER BY [users].[id] ASC OFFSET ? ROWS FETCH NEXT @0 ROWS ONLY|, ss.to_s
128
+ assert_equal "SELECT [users].* FROM [users] WHERE (age > ?) ORDER BY [users].[id] ASC OFFSET ? ROWS FETCH NEXT @0 ROWS ONLY?@0 int', @0 = ?", ss.to_s
131
129
  end
132
130
 
133
131
  def test_sqlserver_strings
134
- skip "SQLServer Support requires Ruby 1.9+ For Regexes"
132
+ sql = "EXEC sp_executesql N'SELECT [users].* FROM [users] WHERE first_name = N'john' AND last_name = N'doe' ORDER BY [users].[id] ASC OFFSET 0 ROWS FETCH NEXT @0 ROWS ONLY', N'@0 int', @0 = 10"
133
+ ss = SqlSanitizer.new(sql).tap{ |it| it.database_engine = :sqlserver }
134
+ assert_equal "SELECT [users].* FROM [users] WHERE first_name = N? AND last_name = N? ORDER BY [users].[id] ASC OFFSET ? ROWS FETCH NEXT @0 ROWS ONLY?@0 int', @0 = ?", ss.to_s
135
+ end
135
136
 
136
- sql = "EXEC sp_executesql N'SELECT [users].* FROM [users] WHERE [users].[email] = @0 ORDER BY [users].[id] ASC OFFSET 0 ROWS FETCH NEXT @1 ROWS ONLY', N'@0 nvarchar(4000), @1 int', @0 = N'foo', @1 = 10"
137
+ def test_sqlserver_strings_no_executesql
138
+ sql = "EXEC Authenticate @username = N'abraham.lincoln', @password = N'somepassword!', @token = NULL, @app_name = N'Central Auth Service', @log_login = true, @ip_address = N'127.0.0.1', @external_type = NULL, @external_success = NULL"
137
139
  ss = SqlSanitizer.new(sql).tap{ |it| it.database_engine = :sqlserver }
138
- assert_equal %q|SELECT [users].* FROM [users] WHERE [users].[email] = @0 ORDER BY [users].[id] ASC OFFSET ? ROWS FETCH NEXT @1 ROWS ONLY|, ss.to_s
140
+ assert_equal "EXEC Authenticate @username = N?, @password = N?, @token = NULL, @app_name = N?, @log_login = true, @ip_address = N?, @external_type = NULL, @external_success = NULL", ss.to_s
139
141
  end
140
142
 
141
143
  def test_sqlserver_in_clause
142
- skip "SQLServer Support requires Ruby 1.9+ For Regexes"
143
-
144
144
  sql = "EXEC sp_executesql N'SELECT [users].* FROM [users] WHERE (id IN (1,2,3)) ORDER BY [users].[id] ASC OFFSET 0 ROWS FETCH NEXT @0 ROWS ONLY', N'@0 int', @0 = 10"
145
145
  ss = SqlSanitizer.new(sql).tap{ |it| it.database_engine = :sqlserver }
146
- assert_equal %q|SELECT [users].* FROM [users] WHERE (id IN (?)) ORDER BY [users].[id] ASC OFFSET ? ROWS FETCH NEXT @0 ROWS ONLY|, ss.to_s
146
+ assert_equal "SELECT [users].* FROM [users] WHERE (id IN (?)) ORDER BY [users].[id] ASC OFFSET ? ROWS FETCH NEXT @0 ROWS ONLY?@0 int', @0 = ?", ss.to_s
147
147
  end
148
148
 
149
149
  def test_scrubs_invalid_encoding
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: scout_apm
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.1.0
4
+ version: 5.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Derek Haynes
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2021-11-18 00:00:00.000000000 Z
12
+ date: 2021-12-14 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: minitest