sentry-raven 2.1.3 → 3.1.2

data/lib/raven/configuration.rb

@@ -1,4 +1,3 @@
-require 'logger'
 require 'uri'
 
 module Raven
@@ -13,6 +12,11 @@ module Raven
     attr_reader :async
     alias async? async
 
+    # An array of breadcrumbs loggers to be used. Available options are:
+    # - :sentry_logger
+    # - :active_support_logger
+    attr_reader :breadcrumbs_logger
+
     # Number of lines of code context to capture, or nil for none
     attr_accessor :context_lines
 
@@ -32,12 +36,25 @@ module Raven
     # You should probably append to this rather than overwrite it.
     attr_accessor :excluded_exceptions
 
+    # Boolean to check nested exceptions when deciding if to exclude. Defaults to false
+    attr_accessor :inspect_exception_causes_for_exclusion
+    alias inspect_exception_causes_for_exclusion? inspect_exception_causes_for_exclusion
+
     # DSN component - set automatically if DSN provided
     attr_accessor :host
 
     # The Faraday adapter to be used. Will default to Net::HTTP when not set.
     attr_accessor :http_adapter
 
+    # A Proc yeilding the faraday builder allowing for further configuration
+    # of the faraday adapter
+    attr_accessor :faraday_builder
+
+    # You may provide your own LineCache for matching paths with source files.
+    # This may be useful if you need to get source code from places other than
+    # the disk. See Raven::LineCache for the required interface you must implement.
+    attr_accessor :linecache
+
     # Logger used by Raven. In Rails, this is the Rails logger, otherwise
     # Raven provides its own Raven::Logger.
     attr_accessor :logger
@@ -71,7 +88,7 @@ module Raven
     attr_accessor :public_key
 
     # Turns on ActiveSupport breadcrumbs integration
-    attr_accessor :rails_activesupport_breadcrumbs
+    attr_reader :rails_activesupport_breadcrumbs
 
     # Rails catches exceptions in the ActionDispatch::ShowExceptions or
     # ActionDispatch::DebugExceptions middlewares, depending on the environment.
@@ -83,6 +100,10 @@ module Raven
     # We automatically try to set this to a git SHA or Capistrano release.
     attr_accessor :release
 
+    # The sampling factor to apply to events. A value of 0.0 will not send
+    # any events, and a value of 1.0 will send 100% of events.
+    attr_accessor :sample_rate
+
     # Boolean - sanitize values that look like credit card numbers
     attr_accessor :sanitize_credit_cards
 
@@ -91,6 +112,10 @@ module Raven
     # a hash key, will be censored and not sent to Sentry.
     attr_accessor :sanitize_fields
 
+    # If you're sure you want to override the default sanitization values, you can
+    # add to them to an array of Strings here, e.g. %w(authorization password)
+    attr_accessor :sanitize_fields_excluded
+
     # Sanitize additional HTTP headers - only Authorization is removed by default.
     attr_accessor :sanitize_http_headers
 
@@ -98,8 +123,23 @@ module Raven
     # Otherwise, can be one of "http", "https", or "dummy"
     attr_accessor :scheme
 
+    # a proc/lambda that takes an array of stack traces
+    # it'll be used to silence (reduce) backtrace of the exception
+    #
+    # for example:
+    #
+    # ```ruby
+    # Raven.configuration.backtrace_cleanup_callback = lambda do |backtrace|
+    #   Rails.backtrace_cleaner.clean(backtrace)
+    # end
+    # ```
+    #
+    attr_accessor :backtrace_cleanup_callback
+
     # Secret key for authentication with the Sentry server
     # If you provide a DSN, this will be set automatically.
+    #
+    # This is deprecated and not necessary for newer Sentry installations any more.
     attr_accessor :secret_key
 
     # Include module versions in reports - boolean.
@@ -114,7 +154,7 @@ module Raven
     # Note that the object passed into the block will be a String (messages) or
     # an exception.
     # e.g. lambda { |exc_or_msg| exc_or_msg.some_attr == false }
-    attr_accessor :should_capture
+    attr_reader :should_capture
 
     # Silences ready message when true.
     attr_accessor :silence_ready
@@ -138,14 +178,45 @@ module Raven
     # E.g. lambda { |event| Thread.new { MyJobProcessor.send_email(event) } }
     attr_reader :transport_failure_callback
 
+    # Optional Proc, called before sending an event to the server/
+    # E.g.: lambda { |event, hint| event }
+    # E.g.: lambda { |event, hint| nil }
+    # E.g.: lambda { |event, hint|
+    #   event[:message] = 'a'
+    #   event
+    # }
+    attr_reader :before_send
+
+    # Errors object - an Array that contains error messages. See #
+    attr_reader :errors
+
+    # the dsn value, whether it's set via `config.dsn=` or `ENV["SENTRY_DSN"]`
+    attr_reader :dsn
+
+    # Array of rack env parameters to be included in the event sent to sentry.
+    attr_accessor :rack_env_whitelist
+
+    # Most of these errors generate 4XX responses. In general, Sentry clients
+    # only automatically report 5xx responses.
     IGNORE_DEFAULT = [
       'AbstractController::ActionNotFound',
+      'ActionController::BadRequest',
       'ActionController::InvalidAuthenticityToken',
+      'ActionController::InvalidCrossOriginRequest',
+      'ActionController::MethodNotAllowed',
+      'ActionController::NotImplemented',
+      'ActionController::ParameterMissing',
       'ActionController::RoutingError',
       'ActionController::UnknownAction',
+      'ActionController::UnknownFormat',
+      'ActionController::UnknownHttpMethod',
+      'ActionDispatch::Http::Parameters::ParseError',
+      'ActiveJob::DeserializationError', # Can cause infinite loops
       'ActiveRecord::RecordNotFound',
       'CGI::Session::CookieStore::TamperedWithCookie',
       'Mongoid::Errors::DocumentNotFound',
+      'Rack::QueryParser::InvalidParameterError',
+      'Rack::QueryParser::ParameterTypeError',
       'Sinatra::NotFound'
     ].freeze
 
@@ -160,34 +231,61 @@ module Raven
       Raven::Processor::HTTPHeaders
     ].freeze
 
+    HEROKU_DYNO_METADATA_MESSAGE = "You are running on Heroku but haven't enabled Dyno Metadata. For Sentry's "\
+    "release detection to work correctly, please run `heroku labs:enable runtime-dyno-metadata`".freeze
+
+    RACK_ENV_WHITELIST_DEFAULT = %w(
+      REMOTE_ADDR
+      SERVER_NAME
+      SERVER_PORT
+    ).freeze
+
+    LOG_PREFIX = "** [Raven] ".freeze
+    MODULE_SEPARATOR = "::".freeze
+
+    AVAILABLE_BREADCRUMBS_LOGGERS = [:sentry_logger, :active_support_logger].freeze
+
     def initialize
       self.async = false
+      self.breadcrumbs_logger = []
       self.context_lines = 3
-      self.current_environment = ENV['RAILS_ENV'] || ENV['RACK_ENV'] || 'default'
+      self.current_environment = current_environment_from_env
       self.encoding = 'gzip'
       self.environments = []
       self.exclude_loggers = []
       self.excluded_exceptions = IGNORE_DEFAULT.dup
+      self.inspect_exception_causes_for_exclusion = false
+      self.linecache = ::Raven::LineCache.new
+      self.logger = ::Raven::Logger.new(STDOUT)
       self.open_timeout = 1
       self.processors = DEFAULT_PROCESSORS.dup
-      self.proxy = nil
-      self.rails_activesupport_breadcrumbs = false
+      self.project_root = detect_project_root
+      @rails_activesupport_breadcrumbs = false
+
       self.rails_report_rescued_exceptions = true
       self.release = detect_release
+      self.sample_rate = 1.0
       self.sanitize_credit_cards = true
       self.sanitize_fields = []
+      self.sanitize_fields_excluded = []
       self.sanitize_http_headers = []
       self.send_modules = true
-      self.server = ENV['SENTRY_DSN'] if ENV['SENTRY_DSN']
-      self.server_name = resolve_hostname
+      self.server = ENV['SENTRY_DSN']
+      self.server_name = server_name_from_env
       self.should_capture = false
       self.ssl_verification = true
       self.tags = {}
       self.timeout = 2
       self.transport_failure_callback = false
+      self.before_send = false
+      self.rack_env_whitelist = RACK_ENV_WHITELIST_DEFAULT
     end
 
     def server=(value)
+      return if value.nil?
+
+      @dsn = value
+
       uri = URI.parse(value)
       uri_path = uri.path.split('/')
 
@@ -195,7 +293,7 @@ module Raven
         # DSN-style string
         self.project_id = uri_path.pop
         self.public_key = uri.user
-        self.secret_key = uri.password
+        self.secret_key = !(uri.password.nil? || uri.password.empty?) ? uri.password : nil
       end
 
       self.scheme = uri.scheme
@@ -205,13 +303,14 @@ module Raven
 
       # For anyone who wants to read the base server string
       @server = "#{scheme}://#{host}"
-      @server << ":#{port}" unless port == { 'http' => 80, 'https' => 443 }[scheme]
-      @server << path
+      @server += ":#{port}" unless port == { 'http' => 80, 'https' => 443 }[scheme]
+      @server += path
     end
     alias dsn= server=
 
     def encoding=(encoding)
       raise(Error, 'Unsupported encoding') unless %w(gzip json).include? encoding
+
       @encoding = encoding
     end
 
@@ -219,13 +318,32 @@ module Raven
       unless value == false || value.respond_to?(:call)
         raise(ArgumentError, "async must be callable (or false to disable)")
       end
+
       @async = value
     end
 
+    def breadcrumbs_logger=(logger)
+      loggers =
+        if logger.is_a?(Array)
+          logger
+        else
+          unless AVAILABLE_BREADCRUMBS_LOGGERS.include?(logger)
+            raise Raven::Error, "Unsupported breadcrumbs logger. Supported loggers: #{AVAILABLE_BREADCRUMBS_LOGGERS}"
+          end
+
+          Array(logger)
+        end
+
+      require "raven/breadcrumbs/sentry_logger" if loggers.include?(:sentry_logger)
+
+      @breadcrumbs_logger = logger
+    end
+
     def transport_failure_callback=(value)
       unless value == false || value.respond_to?(:call)
         raise(ArgumentError, "transport_failure_callback must be callable (or false to disable)")
       end
+
       @transport_failure_callback = value
     end
 
@@ -233,9 +351,18 @@ module Raven
       unless value == false || value.respond_to?(:call)
         raise ArgumentError, "should_capture must be callable (or false to disable)"
       end
+
       @should_capture = value
     end
 
+    def before_send=(value)
+      unless value == false || value.respond_to?(:call)
+        raise ArgumentError, "before_send must be callable (or false to disable)"
+      end
+
+      @before_send = value
+    end
+
     # Allows config options to be read like a hash
     #
     # @param [Symbol] option Key for a given attribute
@@ -248,17 +375,19 @@ module Raven
     end
 
     def capture_allowed?(message_or_exc = nil)
-      capture_in_current_environment? &&
-        capture_allowed_by_callback?(message_or_exc)
-    end
+      @errors = []
 
+      valid? &&
+        capture_in_current_environment? &&
+        capture_allowed_by_callback?(message_or_exc) &&
+        sample_allowed?
+    end
     # If we cannot capture, we cannot send.
     alias sending_allowed? capture_allowed?
 
-    def verify!
-      %w(server public_key secret_key project_id).each do |key|
-        raise(Error, "No #{key} specified") unless public_send key
-      end
+    def error_messages
+      @errors = [errors[0]] + errors[1..-1].map(&:downcase) # fix case of all but first
+      errors.join(", ")
     end
 
     def project_root=(root_dir)
@@ -266,45 +395,144 @@ module Raven
       Backtrace::Line.instance_variable_set(:@in_app_pattern, nil) # blow away cache
     end
 
+    def rails_activesupport_breadcrumbs=(val)
+      DeprecationHelper.deprecate_old_breadcrumbs_configuration(:active_support_logger)
+      @rails_activesupport_breadcrumbs = val
+    end
+
+    def exception_class_allowed?(exc)
+      if exc.is_a?(Raven::Error)
+        # Try to prevent error reporting loops
+        logger.debug "Refusing to capture Raven error: #{exc.inspect}"
+        false
+      elsif excluded_exception?(exc)
+        logger.debug "User excluded error: #{exc.inspect}"
+        false
+      else
+        true
+      end
+    end
+
+    def enabled_in_current_env?
+      environments.empty? || environments.include?(current_environment)
+    end
+
+    private
+
+    def detect_project_root
+      if defined? Rails.root # we are in a Rails application
+        Rails.root.to_s
+      else
+        Dir.pwd
+      end
+    end
+
     def detect_release
-      detect_release_from_git ||
+      detect_release_from_env ||
+        detect_release_from_git ||
         detect_release_from_capistrano ||
         detect_release_from_heroku
+    rescue => e
+      logger.error "Error detecting release: #{e.message}"
     end
 
-    private
+    def excluded_exception?(incoming_exception)
+      excluded_exceptions.any? do |excluded_exception|
+        matches_exception?(get_exception_class(excluded_exception), incoming_exception)
+      end
+    end
 
-    def detect_release_from_heroku
-      sys_dyno_info = File.read("/etc/heroku/dyno").strip if File.directory?("/etc/heroku") rescue nil
-      return unless sys_dyno_info
-
-      # being overly cautious, because if we raise an error Raven won't start
-      begin
-        hash = JSON.parse(sys_dyno_info)
-        hash && hash["release"] && hash["release"]["commit"]
-      rescue JSON::JSONError
-        Raven.logger.error "Cannot parse Heroku JSON: #{sys_dyno_info}"
+    def get_exception_class(x)
+      x.is_a?(Module) ? x : qualified_const_get(x)
+    end
+
+    def matches_exception?(excluded_exception_class, incoming_exception)
+      if inspect_exception_causes_for_exclusion?
+        Raven::Utils::ExceptionCauseChain.exception_to_array(incoming_exception).any? { |cause| excluded_exception_class === cause }
+      else
+        excluded_exception_class === incoming_exception
+      end
+    end
+
+    # In Ruby <2.0 const_get can't lookup "SomeModule::SomeClass" in one go
+    def qualified_const_get(x)
+      x = x.to_s
+      if !x.match(/::/)
+        Object.const_get(x)
+      else
+        x.split(MODULE_SEPARATOR).reject(&:empty?).inject(Object) { |a, e| a.const_get(e) }
       end
+    rescue NameError # There's no way to safely ask if a constant exist for an unknown string
+      nil
+    end
+
+    def detect_release_from_heroku
+      return unless running_on_heroku?
+      return if ENV['CI']
+      logger.warn(HEROKU_DYNO_METADATA_MESSAGE) && return unless ENV['HEROKU_SLUG_COMMIT']
+
+      ENV['HEROKU_SLUG_COMMIT']
+    end
+
+    def running_on_heroku?
+      File.directory?("/etc/heroku")
     end
 
     def detect_release_from_capistrano
-      version = File.read(File.join(project_root, 'REVISION')).strip rescue nil
+      revision_file = File.join(project_root, 'REVISION')
+      revision_log = File.join(project_root, '..', 'revisions.log')
 
-      # Capistrano 3.0 - 3.1.x
-      version || File.open(File.join(project_root, '..', 'revisions.log')).to_a.last.strip.sub(/.*as release ([0-9]+).*/, '\1') rescue nil
+      if File.exist?(revision_file)
+        File.read(revision_file).strip
+      elsif File.exist?(revision_log)
+        File.open(revision_log).to_a.last.strip.sub(/.*as release ([0-9]+).*/, '\1')
+      end
     end
 
     def detect_release_from_git
-      `git rev-parse --short HEAD`.strip if File.directory?(".git") rescue nil
+      Raven.sys_command("git rev-parse --short HEAD") if File.directory?(".git")
+    end
+
+    def detect_release_from_env
+      ENV['SENTRY_RELEASE']
     end
 
     def capture_in_current_environment?
-      !!server && (environments.empty? || environments.include?(current_environment))
+      return true if enabled_in_current_env?
+
+      @errors << "Not configured to send/capture in environment '#{current_environment}'"
+      false
     end
 
     def capture_allowed_by_callback?(message_or_exc)
-      return true if !should_capture || message_or_exc.nil?
-      should_capture.call(*[message_or_exc])
+      return true if !should_capture || message_or_exc.nil? || should_capture.call(message_or_exc)
+
+      @errors << "should_capture returned false"
+      false
+    end
+
+    def valid?
+      return true if %w(server host path public_key project_id).all? { |k| public_send(k) }
+
+      if server
+        %w(server host path public_key project_id).map do |key|
+          @errors << "No #{key} specified" unless public_send(key)
+        end
+      else
+        @errors << "DSN not set"
+      end
+      false
+    end
+
+    def sample_allowed?
+      return true if sample_rate == 1.0
+
+      if Random::DEFAULT.rand >= sample_rate
+        @errors << "Excluded by random sample"
+        false
+      else
+        true
+      end
     end
 
     # Try to resolve the hostname to an FQDN, but fall back to whatever
@@ -313,5 +541,17 @@ module Raven
       Socket.gethostname ||
         Socket.gethostbyname(hostname).first rescue server_name
     end
+
+    def current_environment_from_env
+      ENV['SENTRY_CURRENT_ENV'] || ENV['SENTRY_ENVIRONMENT'] || ENV['RAILS_ENV'] || ENV['RACK_ENV'] || 'default'
+    end
+
+    def server_name_from_env
+      if running_on_heroku?
+        ENV['DYNO']
+      else
+        resolve_hostname
+      end
+    end
   end
 end

data/lib/raven/context.rb

@@ -1,4 +1,5 @@
 require 'rbconfig'
+require 'etc'
 
 module Raven
   class Context
@@ -10,31 +11,36 @@ module Raven
       Thread.current[:sentry_context] = nil
     end
 
-    attr_accessor :extra, :server_os, :rack_env, :runtime, :tags, :user
+    attr_accessor :transaction, :extra, :server_os, :rack_env, :runtime, :tags, :user
 
     def initialize
-      self.extra = {}
       self.server_os = self.class.os_context
-      self.rack_env = nil
       self.runtime = self.class.runtime_context
+      self.extra = { :server => { :os => server_os, :runtime => runtime } }
+      self.rack_env = nil
       self.tags = {}
       self.user = {}
+      self.transaction = []
     end
 
     class << self
       def os_context
-        @os_context ||= {
-          "name" => Raven.sys_command("uname -s") || RbConfig::CONFIG["host_os"],
-          "version" => Raven.sys_command("uname -v"),
-          "build" => Raven.sys_command("uname -r"),
-          "kernel_version" => Raven.sys_command("uname -a") || Raven.sys_command("ver") # windows
-        }
+        @os_context ||=
+          begin
+            uname = Etc.uname
+            {
+              name: uname[:sysname] || RbConfig::CONFIG["host_os"],
+              version: uname[:version],
+              build: uname[:release],
+              kernel_version: uname[:version]
+            }
+          end
       end
 
       def runtime_context
         @runtime_context ||= {
-          "name" => RbConfig::CONFIG["ruby_install_name"],
-          "version" => Raven.sys_command("ruby -v")
+          name: RbConfig::CONFIG["ruby_install_name"],
+          version: RUBY_DESCRIPTION || Raven.sys_command("ruby -v")
         }
       end
     end

data/lib/raven/core_ext/object/deep_dup.rb

@@ -0,0 +1,57 @@
+require 'raven/core_ext/object/duplicable'
+
+#########################################
+#  This file was copied from Rails 5.2  #
+#########################################
+
+class Object
+  # Returns a deep copy of object if it's duplicable. If it's
+  # not duplicable, returns +self+.
+  #
+  #   object = Object.new
+  #   dup    = object.deep_dup
+  #   dup.instance_variable_set(:@a, 1)
+  #
+  #   object.instance_variable_defined?(:@a) # => false
+  #   dup.instance_variable_defined?(:@a)    # => true
+  def deep_dup
+    duplicable? ? dup : self
+  end
+end
+
+class Array
+  # Returns a deep copy of array.
+  #
+  #   array = [1, [2, 3]]
+  #   dup   = array.deep_dup
+  #   dup[1][2] = 4
+  #
+  #   array[1][2] # => nil
+  #   dup[1][2]   # => 4
+  def deep_dup
+    map(&:deep_dup)
+  end
+end
+
+class Hash
+  # Returns a deep copy of hash.
+  #
+  #   hash = { a: { b: 'b' } }
+  #   dup  = hash.deep_dup
+  #   dup[:a][:c] = 'c'
+  #
+  #   hash[:a][:c] # => nil
+  #   dup[:a][:c]  # => "c"
+  def deep_dup
+    hash = dup
+    each_pair do |key, value|
+      if key.frozen? && ::String === key
+        hash[key] = value.deep_dup
+      else
+        hash.delete(key)
+        hash[key.deep_dup] = value.deep_dup
+      end
+    end
+    hash
+  end
+end