sidekiq 6.2.0 → 6.2.1
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of sidekiq might be problematic. Click here for more details.
- checksums.yaml +4 -4
- data/Changes.md +11 -0
- data/lib/sidekiq/client.rb +0 -4
- data/lib/sidekiq/launcher.rb +9 -3
- data/lib/sidekiq/util.rb +28 -0
- data/lib/sidekiq/version.rb +1 -1
- data/lib/sidekiq/web.rb +5 -5
- data/lib/sidekiq/web/action.rb +1 -1
- data/lib/sidekiq/web/application.rb +3 -1
- data/lib/sidekiq/web/csrf_protection.rb +9 -6
- data/web/views/busy.erb +3 -2
- data/web/views/queue.erb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 298711914bcb8534a9599c47b00b7410467ce324619ee70e7050d15c42f4c329
|
|
4
|
+
data.tar.gz: '007900de7a1558633520c61870a58eff341e9c11009441dbabe0fbc177e4ed99'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 592ecc114de13f0e43bba9193e1ffd3a973c89a43fac3ed1b750b6a70e29b5bf128a05657baf3fc2ccb77134f092efac055651907f01c0ed6d3c00d45a5ebdc9
|
|
7
|
+
data.tar.gz: a7baed1f1df451e8bd5183fec4631e49c0761e700c4c95fc070389894894a5fb90103d0adce29da797bc1cae72f8a1f21e71da0279e8c18cb62e3b3b5ae05f0a
|
data/Changes.md
CHANGED
|
@@ -2,6 +2,13 @@
|
|
|
2
2
|
|
|
3
3
|
[Sidekiq Changes](https://github.com/mperham/sidekiq/blob/master/Changes.md) | [Sidekiq Pro Changes](https://github.com/mperham/sidekiq/blob/master/Pro-Changes.md) | [Sidekiq Enterprise Changes](https://github.com/mperham/sidekiq/blob/master/Ent-Changes.md)
|
|
4
4
|
|
|
5
|
+
6.2.1
|
|
6
|
+
---------
|
|
7
|
+
|
|
8
|
+
- Update RTT warning logic to handle transient RTT spikes [#4851]
|
|
9
|
+
- Fix very low priority CVE on unescaped queue name [#4852]
|
|
10
|
+
- Add note about sessions and Rails apps in API mode
|
|
11
|
+
|
|
5
12
|
6.2.0
|
|
6
13
|
---------
|
|
7
14
|
|
|
@@ -31,6 +38,10 @@ If this is a bare Rack app, use a session middleware before Sidekiq::Web:
|
|
|
31
38
|
# now, update your Rack app to include the secret with a session cookie middleware
|
|
32
39
|
use Rack::Session::Cookie, secret: File.read(".session.key"), same_site: true, max_age: 86400
|
|
33
40
|
run Sidekiq::Web
|
|
41
|
+
|
|
42
|
+
If this is a Rails app in API mode, you need to enable sessions.
|
|
43
|
+
|
|
44
|
+
https://guides.rubyonrails.org/api_app.html#using-session-middlewares
|
|
34
45
|
```
|
|
35
46
|
|
|
36
47
|
6.1.3
|
data/lib/sidekiq/client.rb
CHANGED
|
@@ -228,10 +228,6 @@ module Sidekiq
|
|
|
228
228
|
end
|
|
229
229
|
|
|
230
230
|
def normalize_item(item)
|
|
231
|
-
# 6.0.0 push_bulk bug, #4321
|
|
232
|
-
# TODO Remove after a while...
|
|
233
|
-
item.delete("at") if item.key?("at") && item["at"].nil?
|
|
234
|
-
|
|
235
231
|
validate(item)
|
|
236
232
|
# raise(ArgumentError, "Arguments must be native JSON types, see https://github.com/mperham/sidekiq/wiki/Best-Practices") unless JSON.load(JSON.dump(item['args'])) == item['args']
|
|
237
233
|
|
data/lib/sidekiq/launcher.rb
CHANGED
|
@@ -188,6 +188,10 @@ module Sidekiq
|
|
|
188
188
|
end
|
|
189
189
|
end
|
|
190
190
|
|
|
191
|
+
# We run the heartbeat every five seconds.
|
|
192
|
+
# Capture five samples of RTT, log a warning if each sample
|
|
193
|
+
# is above our warning threshold.
|
|
194
|
+
RTT_READINGS = RingBuffer.new(5)
|
|
191
195
|
RTT_WARNING_LEVEL = 50_000
|
|
192
196
|
|
|
193
197
|
def check_rtt
|
|
@@ -198,15 +202,17 @@ module Sidekiq
|
|
|
198
202
|
b = ::Process.clock_gettime(::Process::CLOCK_MONOTONIC, :microsecond)
|
|
199
203
|
end
|
|
200
204
|
rtt = b - a
|
|
205
|
+
RTT_READINGS << rtt
|
|
201
206
|
# Ideal RTT for Redis is < 1000µs
|
|
202
207
|
# Workable is < 10,000µs
|
|
203
208
|
# Log a warning if it's a disaster.
|
|
204
|
-
if
|
|
205
|
-
Sidekiq.logger.warn
|
|
209
|
+
if RTT_READINGS.all? { |x| x > RTT_WARNING_LEVEL }
|
|
210
|
+
Sidekiq.logger.warn <<~EOM
|
|
206
211
|
Your Redis network connection is performing extremely poorly.
|
|
207
|
-
|
|
212
|
+
Last RTT readings were #{RTT_READINGS.buffer.inspect}, ideally these should be < 1000.
|
|
208
213
|
Ensure Redis is running in the same AZ or datacenter as Sidekiq.
|
|
209
214
|
EOM
|
|
215
|
+
RTT_READINGS.reset
|
|
210
216
|
end
|
|
211
217
|
rtt
|
|
212
218
|
end
|
data/lib/sidekiq/util.rb
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require "forwardable"
|
|
3
4
|
require "socket"
|
|
4
5
|
require "securerandom"
|
|
5
6
|
require "sidekiq/exception_handler"
|
|
@@ -8,6 +9,33 @@ module Sidekiq
|
|
|
8
9
|
##
|
|
9
10
|
# This module is part of Sidekiq core and not intended for extensions.
|
|
10
11
|
#
|
|
12
|
+
|
|
13
|
+
class RingBuffer
|
|
14
|
+
include Enumerable
|
|
15
|
+
extend Forwardable
|
|
16
|
+
def_delegators :@buf, :[], :each, :size
|
|
17
|
+
|
|
18
|
+
def initialize(size, default = 0)
|
|
19
|
+
@size = size
|
|
20
|
+
@buf = Array.new(size, default)
|
|
21
|
+
@index = 0
|
|
22
|
+
end
|
|
23
|
+
|
|
24
|
+
def <<(element)
|
|
25
|
+
@buf[@index % @size] = element
|
|
26
|
+
@index += 1
|
|
27
|
+
element
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
def buffer
|
|
31
|
+
@buf
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def reset(default = 0)
|
|
35
|
+
@buf.fill(default)
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
11
39
|
module Util
|
|
12
40
|
include ExceptionHandler
|
|
13
41
|
|
data/lib/sidekiq/version.rb
CHANGED
data/lib/sidekiq/web.rb
CHANGED
|
@@ -144,11 +144,11 @@ module Sidekiq
|
|
|
144
144
|
m = middlewares
|
|
145
145
|
|
|
146
146
|
::Rack::Builder.new do
|
|
147
|
-
use Rack::Static, :
|
|
148
|
-
:
|
|
149
|
-
:
|
|
150
|
-
:
|
|
151
|
-
[:all, {
|
|
147
|
+
use Rack::Static, urls: ["/stylesheets", "/images", "/javascripts"],
|
|
148
|
+
root: ASSETS,
|
|
149
|
+
cascade: true,
|
|
150
|
+
header_rules: [
|
|
151
|
+
[:all, {"Cache-Control" => "public, max-age=86400"}]
|
|
152
152
|
]
|
|
153
153
|
m.each { |middleware, block| use(*middleware, &block) }
|
|
154
154
|
use Sidekiq::Web::CsrfProtection unless $TESTING
|
data/lib/sidekiq/web/action.rb
CHANGED
|
@@ -82,10 +82,12 @@ module Sidekiq
|
|
|
82
82
|
erb(:queues)
|
|
83
83
|
end
|
|
84
84
|
|
|
85
|
+
QUEUE_NAME = /\A[a-z_:.\-0-9]+\z/i
|
|
86
|
+
|
|
85
87
|
get "/queues/:name" do
|
|
86
88
|
@name = route_params[:name]
|
|
87
89
|
|
|
88
|
-
halt(404)
|
|
90
|
+
halt(404) if !@name || @name !~ QUEUE_NAME
|
|
89
91
|
|
|
90
92
|
@count = (params["count"] || 25).to_i
|
|
91
93
|
@queue = Sidekiq::Queue.new(@name)
|
|
@@ -77,16 +77,19 @@ module Sidekiq
|
|
|
77
77
|
end
|
|
78
78
|
|
|
79
79
|
|
|
80
|
-
If this is a
|
|
80
|
+
If this is a Rails app in API mode, you need to enable sessions.
|
|
81
|
+
|
|
82
|
+
https://guides.rubyonrails.org/api_app.html#using-session-middlewares
|
|
81
83
|
|
|
84
|
+
If this is a bare Rack app, use a session middleware before Sidekiq::Web:
|
|
82
85
|
|
|
83
|
-
|
|
84
|
-
|
|
86
|
+
# first, use IRB to create a shared secret key for sessions and commit it
|
|
87
|
+
require 'securerandom'; File.open(".session.key", "w") {|f| f.write(SecureRandom.hex(32)) }
|
|
85
88
|
|
|
89
|
+
# now use the secret with a session cookie middleware
|
|
90
|
+
use Rack::Session::Cookie, secret: File.read(".session.key"), same_site: true, max_age: 86400
|
|
91
|
+
run Sidekiq::Web
|
|
86
92
|
|
|
87
|
-
# now use the secret with a session cookie middleware
|
|
88
|
-
use Rack::Session::Cookie, secret: File.read(".session.key"), same_site: true, max_age: 86400
|
|
89
|
-
run Sidekiq::Web
|
|
90
93
|
EOM
|
|
91
94
|
end
|
|
92
95
|
|
data/web/views/busy.erb
CHANGED
|
@@ -78,9 +78,10 @@
|
|
|
78
78
|
<td><%= process['busy'] %></td>
|
|
79
79
|
<td>
|
|
80
80
|
<form method="POST">
|
|
81
|
+
<%= csrf_tag %>
|
|
82
|
+
<input type="hidden" name="identity" value="<%= process['identity'] %>"/>
|
|
83
|
+
|
|
81
84
|
<div class="btn-group pull-right flip">
|
|
82
|
-
<%= csrf_tag %>
|
|
83
|
-
<input type="hidden" name="identity" value="<%= process['identity'] %>"/>
|
|
84
85
|
<% unless process.stopping? %><button class="btn btn-warn" type="submit" name="quiet" value="1"><%= t('Quiet') %></button><% end %>
|
|
85
86
|
<button class="btn btn-danger" type="submit" name="stop" value="1"><%= t('Stop') %></button>
|
|
86
87
|
</div>
|
data/web/views/queue.erb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sidekiq
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.2.
|
|
4
|
+
version: 6.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Mike Perham
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-04-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: redis
|