scout_apm 2.6.8 → 2.6.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d99ef266b1387f4a51d49467a3d6cad6499f3054834d8695b5e0f3af1d7a36b3
-  data.tar.gz: 04f505997a14d3312de48905b27aab38beedf846de0e7c9411d4e71e1b4477c4
+  metadata.gz: 54f1c7e07f92a0d5d67a22354b0273c4894e8408ec00bcdada275457ed2f00f2
+  data.tar.gz: 50cf2d441c948e769b2f2222895c84aadb0a5e3e3f75d16e647a2096a86551e4
 SHA512:
-  metadata.gz: 5918121a80a2dd6e15c12f2c45ae294c8f2dbb815296b1d63f9dbd5065e97e10312c4c7674a3c89496dc91303c47aa8f2d61b19005f130f40ceceba6ebd170da
-  data.tar.gz: 2033f3db42f9f0a3626c540e3beecb68aaf3480a4e88bdbaae43a7fe0a4273c06ad4b15c546b8a4d4051e7b8d96526e80847129dba9a9ed66fd4efa0b27cadc4
+  metadata.gz: 27a012457a6871cdbed206f2a55914163571e81af1b1f6253079c2fe9954354a9888b59627d832f3635a536ddf3f331c066b2bc4e053956f5135c706ffea1a17
+  data.tar.gz: cfc5d80fb3b0ccebc2e78246a394a23a8e16d52a89868cff024931d6ce5b3539aafc42ef6f491105db43f8c544750b270cbbc7cc1fed556ab543bb0d963f1c75

data/CHANGELOG.markdown

@@ -1,3 +1,9 @@
+# 2.6.9
+
+* Add `ssl_cert_file` config option (#352)
+* Improve sanitization of Postgres UPDATE SQL (#351)
+* Allow custom URL sanitization (#341)
+
 # 2.6.8
 
 * Lock rake version for 1.8.7 to older version (#329)

data/lib/scout_apm/config.rb

@@ -75,6 +75,7 @@ module ScoutApm
         'revision_sha',
         'scm_subdirectory',
         'start_resque_server_instrument',
+        'ssl_cert_file',
         'uri_reporting',
         'instrument_http_url_length',
         'timeline_traces',
@@ -284,7 +285,8 @@ module ScoutApm
         'collect_remote_ip' => true,
         'timeline_traces' => true,
         'auto_instruments' => false,
-        'auto_instruments_ignore' => []
+        'auto_instruments_ignore' => [],
+        'ssl_cert_file' => File.join( File.dirname(__FILE__), *%w[.. .. data cacert.pem] )
       }.freeze
 
       def value(key)

data/lib/scout_apm/instruments/action_controller_rails_3_rails4.rb

@@ -74,6 +74,16 @@ module ScoutApm
       # before_action callbacks
       def self.build_instrument_module
         Module.new do
+          # Determine the URI of this request to capture. Overridable by users in their controller.
+          def scout_transaction_uri(config=ScoutApm::Agent.instance.context.config)
+            case config.value("uri_reporting")
+            when 'path'
+              request.path # strips off the query string for more security
+            else # default handles filtered params
+              request.filtered_path
+            end
+          end
+
           def process_action(*args)
             req = ScoutApm::RequestManager.lookup
             current_layer = req.current_layer
@@ -89,7 +99,11 @@ module ScoutApm
               # Don't start a new layer if ActionController::API or ActionController::Base handled it already.
               super
             else
-              req.annotate_request(:uri => ScoutApm::Instruments::ActionControllerRails3Rails4.scout_transaction_uri(request))
+              begin
+                uri = scout_transaction_uri
+                req.annotate_request(:uri => uri)
+              rescue
+              end
 
               # IP Spoofing Protection can throw an exception, just move on w/o remote ip
               if agent_context.config.value('collect_remote_ip')
@@ -112,16 +126,6 @@ module ScoutApm
         end
       end
 
-      # Given an +ActionDispatch::Request+, formats the uri based on config settings.
-      # XXX: Don't lookup context like this - find a way to pass it through
-      def self.scout_transaction_uri(request, config=ScoutApm::Agent.instance.context.config)
-        case config.value("uri_reporting")
-        when 'path'
-          request.path # strips off the query string for more security
-        else # default handles filtered params
-          request.filtered_path
-        end
-      end
     end
 
     module ActionControllerMetalInstruments

data/lib/scout_apm/reporter.rb

@@ -2,7 +2,6 @@ require 'openssl'
 
 module ScoutApm
   class Reporter
-    CA_FILE     = File.join( File.dirname(__FILE__), *%w[.. .. data cacert.pem] )
     VERIFY_MODE = OpenSSL::SSL::VERIFY_PEER | OpenSSL::SSL::VERIFY_FAIL_IF_NO_PEER_CERT
 
     attr_reader :type
@@ -123,7 +122,7 @@ module ScoutApm
                               proxy_uri.password).new(url.host, url.port)
       if url.is_a?(URI::HTTPS)
         http.use_ssl = true
-        http.ca_file = CA_FILE
+        http.ca_file = config.value("ssl_cert_file")
         http.verify_mode = VERIFY_MODE
       end
       http

data/lib/scout_apm/utils/sql_sanitizer.rb

@@ -51,6 +51,7 @@ module ScoutApm
         sql.gsub!(PSQL_PLACEHOLDER, '?')
         sql.gsub!(PSQL_VAR_INTERPOLATION, '')
         sql.gsub!(PSQL_AFTER_WHERE) {|c| c.gsub(PSQL_REMOVE_STRINGS, '?')}
+        sql.gsub!(PSQL_AFTER_SET) {|c| c.gsub(PSQL_REMOVE_STRINGS, '?')}
         sql.gsub!(PSQL_REMOVE_INTEGERS, '?')
         sql.gsub!(PSQL_IN_CLAUSE, 'IN (?)')
         sql.gsub!(MULTIPLE_SPACES, ' ')

data/lib/scout_apm/utils/sql_sanitizer_regex.rb

@@ -5,13 +5,13 @@ module ScoutApm
       MULTIPLE_SPACES    = %r|\s+|.freeze
       MULTIPLE_QUESTIONS = /\?(,\?)+/.freeze
 
-
       PSQL_VAR_INTERPOLATION = %r|\[\[.*\]\]\s*$|.freeze
       PSQL_REMOVE_STRINGS = /'(?:[^']|'')*'/.freeze
       PSQL_REMOVE_INTEGERS = /(?<!LIMIT )\b\d+\b/.freeze
       PSQL_PLACEHOLDER = /\$\d+/.freeze
       PSQL_IN_CLAUSE = /IN\s+\(\?[^\)]*\)/.freeze
       PSQL_AFTER_WHERE = /(?:WHERE\s+).*?(?:SELECT|$)/i.freeze
+      PSQL_AFTER_SET = /(?:SET\s+).*?(?:WHERE|$)/i.freeze
 
       MYSQL_VAR_INTERPOLATION = %r|\[\[.*\]\]\s*$|.freeze
       MYSQL_REMOVE_INTEGERS = /(?<!LIMIT )\b\d+\b/.freeze

data/lib/scout_apm/utils/sql_sanitizer_regex_1_8_7.rb

@@ -11,6 +11,7 @@ module ScoutApm
       PSQL_PLACEHOLDER = /\$\d+/.freeze
       PSQL_IN_CLAUSE = /IN\s+\(\?[^\)]*\)/.freeze
       PSQL_AFTER_WHERE = /(?:WHERE\s+).*?(?:SELECT|$)/i.freeze
+      PSQL_AFTER_SET = /(?:SET\s+).*?(?:WHERE|$)/i.freeze
 
       MYSQL_VAR_INTERPOLATION = %r|\[\[.*\]\]\s*$|.freeze
       MYSQL_REMOVE_INTEGERS = /\b\d+\b/.freeze

data/lib/scout_apm/version.rb

@@ -1,3 +1,3 @@
 module ScoutApm
-  VERSION = "2.6.8"
+  VERSION = "2.6.9"
 end

data/test/unit/sql_sanitizer_test.rb

@@ -139,6 +139,13 @@ module ScoutApm
         assert_equal %q|SELECT `blogs`.* FROM `blogs` WHERE (title = ?)|, ss.to_s
       end
 
+      def test_set_columns
+        sql = %q|UPDATE "mytable" SET "myfield" = 'fieldcontent', "countofthings" = 10 WHERE "user_id" = 10|
+
+        ss = SqlSanitizer.new(sql).tap{ |it| it.database_engine = :postgres }
+        assert_equal %q|UPDATE "mytable" SET "myfield" = ?, "countofthings" = ? WHERE "user_id" = ?|, ss.to_s
+      end
+
       def assert_faster_than(target_seconds)
         t1 = ::Time.now
         yield

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: scout_apm
 version: !ruby/object:Gem::Version
-  version: 2.6.8
+  version: 2.6.9
 platform: ruby
 authors:
 - Derek Haynes
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-25 00:00:00.000000000 Z
+date: 2020-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: minitest
@@ -460,8 +460,61 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.8
+rubygems_version: 3.0.6
 signing_key: 
 specification_version: 4
 summary: Ruby application performance monitoring
-test_files: []
+test_files:
+- test/data/config_test_1.yml
+- test/test_helper.rb
+- test/tmp/README.md
+- test/unit/agent_test.rb
+- test/unit/auto_instrument/assignments-instrumented.rb
+- test/unit/auto_instrument/assignments.rb
+- test/unit/auto_instrument/controller-ast.txt
+- test/unit/auto_instrument/controller-instrumented.rb
+- test/unit/auto_instrument/controller.rb
+- test/unit/auto_instrument/rescue_from-instrumented.rb
+- test/unit/auto_instrument/rescue_from.rb
+- test/unit/auto_instrument_test.rb
+- test/unit/background_job_integrations/sidekiq_test.rb
+- test/unit/config_test.rb
+- test/unit/context_test.rb
+- test/unit/db_query_metric_set_test.rb
+- test/unit/db_query_metric_stats_test.rb
+- test/unit/environment_test.rb
+- test/unit/extensions/periodic_callbacks_test.rb
+- test/unit/extensions/transaction_callbacks_test.rb
+- test/unit/fake_store_test.rb
+- test/unit/git_revision_test.rb
+- test/unit/histogram_test.rb
+- test/unit/ignored_uris_test.rb
+- test/unit/instruments/active_record_test.rb
+- test/unit/instruments/net_http_test.rb
+- test/unit/instruments/percentile_sampler_test.rb
+- test/unit/layaway_test.rb
+- test/unit/layer_children_set_test.rb
+- test/unit/layer_converters/depth_first_walker_test.rb
+- test/unit/layer_converters/metric_converter_test.rb
+- test/unit/layer_converters/stubs.rb
+- test/unit/limited_layer_test.rb
+- test/unit/logger_test.rb
+- test/unit/metric_set_test.rb
+- test/unit/remote/test_message.rb
+- test/unit/remote/test_router.rb
+- test/unit/remote/test_server.rb
+- test/unit/request_histograms_test.rb
+- test/unit/scored_item_set_test.rb
+- test/unit/serializers/payload_serializer_test.rb
+- test/unit/slow_job_policy_test.rb
+- test/unit/slow_request_policy_test.rb
+- test/unit/sql_sanitizer_test.rb
+- test/unit/store_test.rb
+- test/unit/tracer_test.rb
+- test/unit/tracked_request_test.rb
+- test/unit/transaction_test.rb
+- test/unit/transaction_time_consumed_test.rb
+- test/unit/utils/active_record_metric_name_test.rb
+- test/unit/utils/backtrace_parser_test.rb
+- test/unit/utils/numbers_test.rb
+- test/unit/utils/scm.rb