sentry-ruby 5.4.0 → 5.4.1

data/lib/sentry/interfaces/request.rb

@@ -0,0 +1,144 @@
+# frozen_string_literal: true
+
+module Sentry
+  class RequestInterface < Interface
+    REQUEST_ID_HEADERS = %w(action_dispatch.request_id HTTP_X_REQUEST_ID).freeze
+    CONTENT_HEADERS = %w(CONTENT_TYPE CONTENT_LENGTH).freeze
+    IP_HEADERS = [
+      "REMOTE_ADDR",
+      "HTTP_CLIENT_IP",
+      "HTTP_X_REAL_IP",
+      "HTTP_X_FORWARDED_FOR"
+    ].freeze
+
+    # See Sentry server default limits at
+    # https://github.com/getsentry/sentry/blob/master/src/sentry/conf/server.py
+    MAX_BODY_LIMIT = 4096 * 4
+
+    # @return [String]
+    attr_accessor :url
+
+    # @return [String]
+    attr_accessor :method
+
+    # @return [Hash]
+    attr_accessor :data
+
+    # @return [String]
+    attr_accessor :query_string
+
+    # @return [String]
+    attr_accessor :cookies
+
+    # @return [Hash]
+    attr_accessor :headers
+
+    # @return [Hash]
+    attr_accessor :env
+
+    # @param env [Hash]
+    # @param send_default_pii [Boolean]
+    # @param rack_env_whitelist [Array]
+    # @see Configuration#send_default_pii
+    # @see Configuration#rack_env_whitelist
+    def initialize(env:, send_default_pii:, rack_env_whitelist:)
+      env = env.dup
+
+      unless send_default_pii
+        # need to completely wipe out ip addresses
+        RequestInterface::IP_HEADERS.each do |header|
+          env.delete(header)
+        end
+      end
+
+      request = ::Rack::Request.new(env)
+
+      if send_default_pii
+        self.data = read_data_from(request)
+        self.cookies = request.cookies
+        self.query_string = request.query_string
+      end
+
+      self.url = request.scheme && request.url.split('?').first
+      self.method = request.request_method
+
+      self.headers = filter_and_format_headers(env, send_default_pii)
+      self.env     = filter_and_format_env(env, rack_env_whitelist)
+    end
+
+    private
+
+    def read_data_from(request)
+      if request.form_data?
+        request.POST
+      elsif request.body # JSON requests, etc
+        data = request.body.read(MAX_BODY_LIMIT)
+        data = encode_to_utf_8(data.to_s)
+        request.body.rewind
+        data
+      end
+    rescue IOError => e
+      e.message
+    end
+
+    def filter_and_format_headers(env, send_default_pii)
+      env.each_with_object({}) do |(key, value), memo|
+        begin
+          key = key.to_s # rack env can contain symbols
+          next memo['X-Request-Id'] ||= Utils::RequestId.read_from(env) if Utils::RequestId::REQUEST_ID_HEADERS.include?(key)
+          next if is_server_protocol?(key, value, env["SERVER_PROTOCOL"])
+          next if is_skippable_header?(key)
+          next if key == "HTTP_AUTHORIZATION" && !send_default_pii
+
+          # Rack stores headers as HTTP_WHAT_EVER, we need What-Ever
+          key = key.sub(/^HTTP_/, "")
+          key = key.split('_').map(&:capitalize).join('-')
+
+          memo[key] = encode_to_utf_8(value.to_s)
+        rescue StandardError => e
+          # Rails adds objects to the Rack env that can sometimes raise exceptions
+          # when `to_s` is called.
+          # See: https://github.com/rails/rails/blob/master/actionpack/lib/action_dispatch/middleware/remote_ip.rb#L134
+          Sentry.logger.warn(LOGGER_PROGNAME) { "Error raised while formatting headers: #{e.message}" }
+          next
+        end
+      end
+    end
+
+    def encode_to_utf_8(value)
+      if value.encoding != Encoding::UTF_8 && value.respond_to?(:force_encoding)
+        value = value.dup.force_encoding(Encoding::UTF_8)
+      end
+
+      if !value.valid_encoding?
+        value = value.scrub
+      end
+
+      value
+    end
+
+    def is_skippable_header?(key)
+      key.upcase != key || # lower-case envs aren't real http headers
+        key == "HTTP_COOKIE" || # Cookies don't go here, they go somewhere else
+        !(key.start_with?('HTTP_') || CONTENT_HEADERS.include?(key))
+    end
+
+    # Rack adds in an incorrect HTTP_VERSION key, which causes downstream
+    # to think this is a Version header. Instead, this is mapped to
+    # env['SERVER_PROTOCOL']. But we don't want to ignore a valid header
+    # if the request has legitimately sent a Version header themselves.
+    # See: https://github.com/rack/rack/blob/028438f/lib/rack/handler/cgi.rb#L29
+    # NOTE: This will be removed in version 3.0+
+    def is_server_protocol?(key, value, protocol_version)
+      key == 'HTTP_VERSION' && value == protocol_version
+    end
+
+    def filter_and_format_env(env, rack_env_whitelist)
+      return env if rack_env_whitelist.empty?
+
+      env.select do |k, _v|
+        rack_env_whitelist.include? k.to_s
+      end
+    end
+  end
+end

data/lib/sentry/interfaces/single_exception.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+require "sentry/utils/exception_cause_chain"
+
+module Sentry
+  class SingleExceptionInterface < Interface
+    include CustomInspection
+
+    SKIP_INSPECTION_ATTRIBUTES = [:@stacktrace]
+    PROBLEMATIC_LOCAL_VALUE_REPLACEMENT = "[ignored due to error]".freeze
+    OMISSION_MARK = "...".freeze
+    MAX_LOCAL_BYTES = 1024
+
+    attr_reader :type, :value, :module, :thread_id, :stacktrace
+
+    def initialize(exception:, stacktrace: nil)
+      @type = exception.class.to_s
+      @value = (exception.message || "").byteslice(0..Event::MAX_MESSAGE_SIZE_IN_BYTES)
+      @module = exception.class.to_s.split('::')[0...-1].join('::')
+      @thread_id = Thread.current.object_id
+      @stacktrace = stacktrace
+    end
+
+    def to_hash
+      data = super
+      data[:stacktrace] = data[:stacktrace].to_hash if data[:stacktrace]
+      data
+    end
+
+    # patch this method if you want to change an exception's stacktrace frames
+    # also see `StacktraceBuilder.build`.
+    def self.build_with_stacktrace(exception:, stacktrace_builder:)
+      stacktrace = stacktrace_builder.build(backtrace: exception.backtrace)
+
+      if locals = exception.instance_variable_get(:@sentry_locals)
+        locals.each do |k, v|
+          locals[k] =
+            begin
+              v = v.inspect unless v.is_a?(String)
+
+              if v.length >= MAX_LOCAL_BYTES
+                v = v.byteslice(0..MAX_LOCAL_BYTES - 1) + OMISSION_MARK
+              end
+
+              v
+            rescue StandardError
+              PROBLEMATIC_LOCAL_VALUE_REPLACEMENT
+            end
+        end
+
+        stacktrace.frames.last.vars = locals
+      end
+
+      new(exception: exception, stacktrace: stacktrace)
+    end
+  end
+end

data/lib/sentry/interfaces/stacktrace.rb

@@ -0,0 +1,87 @@
+# frozen_string_literal: true
+
+module Sentry
+  class StacktraceInterface
+    # @return [<Array[Frame]>]
+    attr_reader :frames
+
+    # @param frames [<Array[Frame]>]
+    def initialize(frames:)
+      @frames = frames
+    end
+
+    # @return [Hash]
+    def to_hash
+      { frames: @frames.map(&:to_hash) }
+    end
+
+    # @return [String]
+    def inspect
+      @frames.map(&:to_s)
+    end
+
+    private
+
+    # Not actually an interface, but I want to use the same style
+    class Frame < Interface
+      attr_accessor :abs_path, :context_line, :function, :in_app, :filename,
+                  :lineno, :module, :pre_context, :post_context, :vars
+
+      def initialize(project_root, line)
+        @project_root = project_root
+
+        @abs_path = line.file
+        @function = line.method if line.method
+        @lineno = line.number
+        @in_app = line.in_app
+        @module = line.module_name if line.module_name
+        @filename = compute_filename
+      end
+
+      def to_s
+        "#{@filename}:#{@lineno}"
+      end
+
+      def compute_filename
+        return if abs_path.nil?
+
+        prefix =
+          if under_project_root? && in_app
+            @project_root
+          elsif under_project_root?
+            longest_load_path || @project_root
+          else
+            longest_load_path
+          end
+
+        prefix ? abs_path[prefix.to_s.chomp(File::SEPARATOR).length + 1..-1] : abs_path
+      end
+
+      def set_context(linecache, context_lines)
+        return unless abs_path
+
+        @pre_context, @context_line, @post_context = \
+            linecache.get_file_context(abs_path, lineno, context_lines)
+      end
+
+      def to_hash(*args)
+        data = super(*args)
+        data.delete(:vars) unless vars && !vars.empty?
+        data.delete(:pre_context) unless pre_context && !pre_context.empty?
+        data.delete(:post_context) unless post_context && !post_context.empty?
+        data.delete(:context_line) unless context_line && !context_line.empty?
+        data
+      end
+
+      private
+
+      def under_project_root?
+        @project_root && abs_path.start_with?(@project_root)
+      end
+
+      def longest_load_path
+        $LOAD_PATH.select { |path| abs_path.start_with?(path.to_s) }.max_by(&:size)
+      end
+    end
+  end
+end

data/lib/sentry/interfaces/stacktrace_builder.rb

@@ -0,0 +1,79 @@
+# frozen_string_literal: true
+
+module Sentry
+  class StacktraceBuilder
+    # @return [String]
+    attr_reader :project_root
+
+    # @return [Regexp, nil]
+    attr_reader :app_dirs_pattern
+
+    # @return [LineCache]
+    attr_reader :linecache
+
+    # @return [Integer, nil]
+    attr_reader :context_lines
+
+    # @return [Proc, nil]
+    attr_reader :backtrace_cleanup_callback
+
+    # @param project_root [String]
+    # @param app_dirs_pattern [Regexp, nil]
+    # @param linecache [LineCache]
+    # @param context_lines [Integer, nil]
+    # @param backtrace_cleanup_callback [Proc, nil]
+    # @see Configuration#project_root
+    # @see Configuration#app_dirs_pattern
+    # @see Configuration#linecache
+    # @see Configuration#context_lines
+    # @see Configuration#backtrace_cleanup_callback
+    def initialize(project_root:, app_dirs_pattern:, linecache:, context_lines:, backtrace_cleanup_callback: nil)
+      @project_root = project_root
+      @app_dirs_pattern = app_dirs_pattern
+      @linecache = linecache
+      @context_lines = context_lines
+      @backtrace_cleanup_callback = backtrace_cleanup_callback
+    end
+
+    # Generates a StacktraceInterface with the given backtrace.
+    # You can pass a block to customize/exclude frames:
+    #
+    # @example
+    #   builder.build(backtrace) do |frame|
+    #     if frame.module.match?(/a_gem/)
+    #       nil
+    #     else
+    #       frame
+    #     end
+    #   end
+    # @param backtrace [Array<String>]
+    # @param frame_callback [Proc]
+    # @yieldparam frame [StacktraceInterface::Frame]
+    # @return [StacktraceInterface]
+    def build(backtrace:, &frame_callback)
+      parsed_lines = parse_backtrace_lines(backtrace).select(&:file)
+
+      frames = parsed_lines.reverse.map do |line|
+        frame = convert_parsed_line_into_frame(line)
+        frame = frame_callback.call(frame) if frame_callback
+        frame
+      end.compact
+
+      StacktraceInterface.new(frames: frames)
+    end
+
+    private
+
+    def convert_parsed_line_into_frame(line)
+      frame = StacktraceInterface::Frame.new(project_root, line)
+      frame.set_context(linecache, context_lines) if context_lines
+      frame
+    end
+
+    def parse_backtrace_lines(backtrace)
+      Backtrace.parse(
+        backtrace, project_root, app_dirs_pattern, &backtrace_cleanup_callback
+      ).lines
+    end
+  end
+end

data/lib/sentry/interfaces/threads.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Sentry
+  class ThreadsInterface
+    # @param crashed [Boolean]
+    # @param stacktrace [Array]
+    def initialize(crashed: false, stacktrace: nil)
+      @id = Thread.current.object_id
+      @name = Thread.current.name
+      @current = true
+      @crashed = crashed
+      @stacktrace = stacktrace
+    end
+
+    # @return [Hash]
+    def to_hash
+      {
+        values: [
+          {
+            id: @id,
+            name: @name,
+            crashed: @crashed,
+            current: @current,
+            stacktrace: @stacktrace&.to_hash
+          }
+        ]
+      }
+    end
+
+    # Builds the ThreadsInterface with given backtrace and stacktrace_builder.
+    # Patch this method if you want to change a threads interface's stacktrace frames.
+    # @see StacktraceBuilder.build
+    # @param backtrace [Array]
+    # @param stacktrace_builder [StacktraceBuilder]
+    # @param crashed [Hash]
+    # @return [ThreadsInterface]
+    def self.build(backtrace:, stacktrace_builder:, **options)
+      stacktrace = stacktrace_builder.build(backtrace: backtrace) if backtrace
+      new(**options, stacktrace: stacktrace)
+    end
+  end
+end

data/lib/sentry/linecache.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Sentry
+  # @api private
+  class LineCache
+    def initialize
+      @cache = {}
+    end
+
+    # Any linecache you provide to Sentry must implement this method.
+    # Returns an Array of Strings representing the lines in the source
+    # file. The number of lines retrieved is (2 * context) + 1, the middle
+    # line should be the line requested by lineno. See specs for more information.
+    def get_file_context(filename, lineno, context)
+      return nil, nil, nil unless valid_path?(filename)
+
+      lines = Array.new(2 * context + 1) do |i|
+        getline(filename, lineno - context + i)
+      end
+      [lines[0..(context - 1)], lines[context], lines[(context + 1)..-1]]
+    end
+
+    private
+
+    def valid_path?(path)
+      lines = getlines(path)
+      !lines.nil?
+    end
+
+    def getlines(path)
+      @cache[path] ||= begin
+        IO.readlines(path)
+                       rescue
+                         nil
+      end
+    end
+
+    def getline(path, n)
+      return nil if n < 1
+
+      lines = getlines(path)
+      return nil if lines.nil?
+
+      lines[n - 1]
+    end
+  end
+end

data/lib/sentry/logger.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require 'logger'
+
+module Sentry
+  class Logger < ::Logger
+    LOG_PREFIX = "** [Sentry] "
+    PROGNAME   = "sentry"
+
+    def initialize(*)
+      super
+      @level = ::Logger::INFO
+      original_formatter = ::Logger::Formatter.new
+      @default_formatter = proc do |severity, datetime, _progname, msg|
+        msg = "#{LOG_PREFIX}#{msg}"
+        original_formatter.call(severity, datetime, PROGNAME, msg)
+      end
+    end
+  end
+end

data/lib/sentry/net/http.rb

@@ -0,0 +1,115 @@
+# frozen_string_literal: true
+
+require "net/http"
+
+module Sentry
+  # @api private
+  module Net
+    module HTTP
+      OP_NAME = "http.client"
+      BREADCRUMB_CATEGORY = "net.http"
+
+      # To explain how the entire thing works, we need to know how the original Net::HTTP#request works
+      # Here's part of its definition. As you can see, it usually calls itself inside a #start block
+      #
+      # ```
+      # def request(req, body = nil, &block)
+      #   unless started?
+      #     start {
+      #       req['connection'] ||= 'close'
+      #       return request(req, body, &block) # <- request will be called for the second time from the first call
+      #     }
+      #   end
+      #   # .....
+      # end
+      # ```
+      #
+      # So we're only instrumenting request when `Net::HTTP` is already started
+      def request(req, body = nil, &block)
+        return super unless started?
+
+        sentry_span = start_sentry_span
+        set_sentry_trace_header(req, sentry_span)
+
+        super.tap do |res|
+          record_sentry_breadcrumb(req, res)
+          record_sentry_span(req, res, sentry_span)
+        end
+      end
+
+      private
+
+      def set_sentry_trace_header(req, sentry_span)
+        return unless sentry_span
+
+        trace = Sentry.get_current_client.generate_sentry_trace(sentry_span)
+        req[SENTRY_TRACE_HEADER_NAME] = trace if trace
+      end
+
+      def record_sentry_breadcrumb(req, res)
+        return unless Sentry.initialized? && Sentry.configuration.breadcrumbs_logger.include?(:http_logger)
+        return if from_sentry_sdk?
+
+        request_info = extract_request_info(req)
+
+        crumb = Sentry::Breadcrumb.new(
+          level: :info,
+          category: BREADCRUMB_CATEGORY,
+          type: :info,
+          data: {
+            status: res.code.to_i,
+            **request_info
+          }
+        )
+        Sentry.add_breadcrumb(crumb)
+      end
+
+      def record_sentry_span(req, res, sentry_span)
+        return unless Sentry.initialized? && sentry_span
+
+        request_info = extract_request_info(req)
+        sentry_span.set_description("#{request_info[:method]} #{request_info[:url]}")
+        sentry_span.set_data(:status, res.code.to_i)
+        finish_sentry_span(sentry_span)
+      end
+
+      def start_sentry_span
+        return unless Sentry.initialized? && span = Sentry.get_current_scope.get_span
+        return if from_sentry_sdk?
+        return if span.sampled == false
+
+        span.start_child(op: OP_NAME, start_timestamp: Sentry.utc_now.to_f)
+      end
+
+      def finish_sentry_span(sentry_span)
+        return unless Sentry.initialized? && sentry_span
+
+        sentry_span.set_timestamp(Sentry.utc_now.to_f)
+      end
+
+      def from_sentry_sdk?
+        dsn = Sentry.configuration.dsn
+        dsn && dsn.host == self.address
+      end
+
+      def extract_request_info(req)
+        uri = req.uri || URI.parse("#{use_ssl? ? 'https' : 'http'}://#{address}#{req.path}")
+        url = "#{uri.scheme}://#{uri.host}#{uri.path}" rescue uri.to_s
+
+        result = { method: req.method, url: url }
+
+        if Sentry.configuration.send_default_pii
+          result[:url] = result[:url] + "?#{uri.query}"
+          result[:body] = req.body
+        end
+
+        result
+      end
+    end
+  end
+end
+
+Sentry.register_patch do
+  patch = Sentry::Net::HTTP
+  Net::HTTP.send(:prepend, patch) unless Net::HTTP.ancestors.include?(patch)
+end

data/lib/sentry/rack/capture_exceptions.rb

@@ -0,0 +1,80 @@
+# frozen_string_literal: true
+
+module Sentry
+  module Rack
+    class CaptureExceptions
+      ERROR_EVENT_ID_KEY = "sentry.error_event_id"
+
+      def initialize(app)
+        @app = app
+      end
+
+      def call(env)
+        return @app.call(env) unless Sentry.initialized?
+
+        # make sure the current thread has a clean hub
+        Sentry.clone_hub_to_current_thread
+
+        Sentry.with_scope do |scope|
+          Sentry.with_session_tracking do
+            scope.clear_breadcrumbs
+            scope.set_transaction_name(env["PATH_INFO"]) if env["PATH_INFO"]
+            scope.set_rack_env(env)
+
+            transaction = start_transaction(env, scope)
+            scope.set_span(transaction) if transaction
+
+            begin
+              response = @app.call(env)
+            rescue Sentry::Error
+              finish_transaction(transaction, 500)
+              raise # Don't capture Sentry errors
+            rescue Exception => e
+              capture_exception(e, env)
+              finish_transaction(transaction, 500)
+              raise
+            end
+
+            exception = collect_exception(env)
+            capture_exception(exception, env) if exception
+
+            finish_transaction(transaction, response[0])
+
+            response
+          end
+        end
+      end
+
+      private
+
+      def collect_exception(env)
+        env['rack.exception'] || env['sinatra.error']
+      end
+
+      def transaction_op
+        "rack.request".freeze
+      end
+
+      def capture_exception(exception, env)
+        Sentry.capture_exception(exception).tap do |event|
+          env[ERROR_EVENT_ID_KEY] = event.event_id if event
+        end
+      end
+
+      def start_transaction(env, scope)
+        sentry_trace = env["HTTP_SENTRY_TRACE"]
+        options = { name: scope.transaction_name, op: transaction_op }
+        transaction = Sentry::Transaction.from_sentry_trace(sentry_trace, **options) if sentry_trace
+        Sentry.start_transaction(transaction: transaction, custom_sampling_context: { env: env }, **options)
+      end
+
+
+      def finish_transaction(transaction, status_code)
+        return unless transaction
+
+        transaction.set_http_status(status_code)
+        transaction.finish
+      end
+    end
+  end
+end

data/lib/sentry/rack.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+require 'rack'
+
+require 'sentry/rack/capture_exceptions'