sqreen 1.12.0 → 1.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 867b430d86c473c22fcad2e5531c5ee70078ffa45201e8e4e906127e854eaf84
-  data.tar.gz: e8ba868e3b21824963da46dde7abbf171f17cb83732af65599fb84eaa4181245
+  metadata.gz: fb4ef79ad2d573f02250c303800c9d4c8b64a3f1e0318fbf2f7e198508826b7b
+  data.tar.gz: 991f85b77cb27f9387fb027e74538aded1a7f0e4dd0c1a78a8a89041154d790a
 SHA512:
-  metadata.gz: 98d5d2879397613f82ead509e0dc352ab7c139c8e045f0e64d4f2f8938b3c992264e4053e6b1d001af7f2131593bf319d45882235388b417d48c9cf88a337093
-  data.tar.gz: c0ee0912af909dd7fa94db71a5480215dc36e4e2c3cd6471dae61b0ee888763c63e10fa385027957d0d7c17e34c47aa96968225be3a4ebe8f04fbe044b2ad0ab
+  metadata.gz: a575ae38cbccc9381e8dea3fedc7c7ac24ce0a7174b0ba799f264cfbd8bf0a346c4c60fc6518172f6bff09d692193d469cb31fe4513781f67468d52c7db14419
+  data.tar.gz: 8dffc28661b0e8fd608cae0917326519abf7c6d8f4b36d96ffead33e6df3059f0de05187a03d425d21068e36a04f8b6f0b42c9375bce9a9a7515c1fe6f847ff4

data/lib/sqreen/actions.rb

@@ -6,6 +6,7 @@ require 'sqreen/log'
 require 'sqreen/exception'
 require 'sqreen/sdk'
 require 'sqreen/frameworks'
+require 'singleton'
 
 module Sqreen
   # Implements actions (behavior taken in response to agent signals)
@@ -58,25 +59,39 @@ module Sqreen
         return nil
       end
 
-      subclass.new(id, duration, hash['parameters'] || {})
+      opts = {
+        :duration => duration,
+        :send_response => hash['send_response'],
+      }
+
+      subclass.new(id, opts, hash['parameters'] || {})
     end
 
+    # Base class for actions
     class Base
-      attr_reader :id, :expiry
+      attr_reader :id, :expiry, :send_response
 
-      def initialize(id, duration)
+      def initialize(id, opts)
         @id = id
+        duration = opts[:duration]
         @expiry = Time.new + duration unless duration.nil?
+        @send_response = if opts[:send_response].nil?
+                           true
+                         else
+                           !!opts[:send_response]
+                         end
       end
 
       # See Sqreen::CB for return values
       def run(*args)
         return if expiry && Time.new > expiry
         ret = do_run *args
-        unless ret.nil?
+        unless ret.nil? || !@send_response
           Sqreen.internal_track(event_name,
-                                'properties' => event_properties(*args).
-                                  merge('action_id' => id))
+                                'properties' => {
+                                  'output' => event_properties(*args),
+                                  'action_id' => id,
+                                })
         end
         ret
       end
@@ -155,8 +170,8 @@ module Sqreen
       include IpRanges
       self.type_name = 'block_ip'
 
-      def initialize(id, duration, params = {})
-        super(id, duration)
+      def initialize(id, opts, params = {})
+        super(id, opts)
         parse_ip_ranges params
       end
 
@@ -179,8 +194,8 @@ module Sqreen
 
       attr_reader :redirect_url
 
-      def initialize(id, duration, params = {})
-        super(id, duration)
+      def initialize(id, opts, params = {})
+        super(id, opts)
         @redirect_url = params['url']
         raise "no url provided for action #{id}" unless @redirect_url
         parse_ip_ranges params
@@ -199,5 +214,48 @@ module Sqreen
         { 'ip_address' => client_ip, 'url' => @redirect_url }
       end
     end
+
+    # Blocks a user at the point Sqreen::identify()
+    # or Sqreen::auth_track() are called
+    class BlockUser < Base
+      self.type_name = 'block_user'
+
+      def initialize(id, opts, params = {})
+        super(id, opts)
+        @users = params['users']
+        raise ::Sqreen::Exception, 'nil "users" param for block_user action' if @users.nil?
+        raise ::Sqreen::Exception, '"users" param must be an array' unless @users.is_a? Array
+      end
+
+      def do_run(identity_params)
+        return unless @users.include? stringify_keys(identity_params)
+        Sqreen.log.info(
+          "Will raise due to user being blocked by action #{id}. " \
+          "Blocked user identity: #{identity_params}"
+        )
+
+        e = Sqreen::AttackBlocked.new(
+          "Blocked user with identity #{identity_params} " \
+          'due to automatic security response. No action is required'
+        )
+
+        {
+          :status => :raise,
+          :exception => e,
+        }
+      end
+
+      def event_properties(identity_params)
+        { 'user' => identity_params }
+      end
+
+      private
+
+      def stringify_keys(hash)
+        Hash[
+          hash.map { |k, v| [k.to_s, v] }
+        ]
+      end
+    end
   end
 end

data/lib/sqreen/configuration.rb

@@ -49,6 +49,8 @@ module Sqreen
       :default => false, :convert => :to_bool },
     { :env => :SQREEN_INITIAL_FEATURES, :name => :initial_features,
       :default => nil },
+    { :env => :SQREEN_IP_HEADER, :name => :ip_header,
+      :default => nil },
 
   ].freeze
 

data/lib/sqreen/events/request_record.rb

@@ -42,9 +42,7 @@ module Sqreen
           end
         end
         if observed[:sdk]
-          res[:observed][:sdk] = observed[:sdk].map do |meth, time, *args|
-            { :name => meth, :time => time, :args => args }
-          end
+          res[:observed][:sdk] = processed_sdk_calls
         end
       end
       res[:local] = payload['local'] if payload['local']
@@ -58,5 +56,44 @@ module Sqreen
       res[:request][:headers] = payload['headers'] if payload['headers']
       res
     end
+
+    private
+
+    def processed_sdk_calls
+      auth_keys = last_identify_id
+
+      observed[:sdk].map do |meth, time, *args|
+        {
+          :name => meth,
+          :time => time,
+          :args => inject_identifiers(args, meth, auth_keys),
+        }
+      end
+    end
+
+    def inject_identifiers(args, meth, auth_keys)
+      return args unless meth == :track && auth_keys
+
+      track_opts = args[1] || {}
+      if track_opts[:user_identifiers].nil?
+        args[1] = track_opts.dup
+        args[1][:user_identifiers] = auth_keys
+      elsif track_opts[:user_identifiers] != auth_keys
+        Sqreen.log.warn 'Sqreen.identify and Sqreen.track have been called ' \
+                          'with different user_identifiers values'
+      end
+
+      args
+    end
+
+    def last_identify_id
+      return nil unless observed[:sdk]
+
+      observed[:sdk].reverse_each do |meth, _time, *args|
+        next unless meth == :identify
+        return args.first if args.respond_to? :first
+      end
+      nil
+    end
   end
 end

data/lib/sqreen/frameworks/generic.rb

@@ -44,16 +44,30 @@ module Sqreen
         ENV['RACK_ENV'] == 'development'
       end
 
-      PREFFERED_IP_HEADERS = %w(HTTP_X_FORWARDED_FOR HTTP_X_REAL_IP
+      PREFERRED_IP_HEADERS = %w[HTTP_X_FORWARDED_FOR HTTP_X_REAL_IP
                                 HTTP_CLIENT_IP HTTP_X_FORWARDED
                                 HTTP_X_CLUSTER_CLIENT_IP HTTP_FORWARDED_FOR
-                                HTTP_FORWARDED HTTP_VIA).freeze
+                                HTTP_FORWARDED HTTP_VIA].freeze
+
+      def preferred_ip_headers
+        @preferred_ip_headers ||=
+          begin
+            header_name = Sqreen.config_get(:ip_header)
+            if header_name
+              env_var = 'HTTP_' + header_name.tr('-', '_').upcase
+              [env_var] + (PREFERRED_IP_HEADERS - [env_var])
+            else
+              PREFERRED_IP_HEADERS
+            end
+          end
+      end
+      private :preferred_ip_headers
 
       def ip_headers
         req = request
         return [] unless req
         ips = []
-        (PREFFERED_IP_HEADERS + ['REMOTE_ADDR']).each do |header|
+        (preferred_ip_headers + ['REMOTE_ADDR']).each do |header|
           v = req.env[header]
           ips << [header, v] unless v.nil?
         end
@@ -79,7 +93,7 @@ module Sqreen
         return nil unless req
         # Look for an external address being forwarded
         split_ips = []
-        PREFFERED_IP_HEADERS.each do |header_name|
+        preferred_ip_headers.each do |header_name|
           forwarded = req.env[header_name]
           ips = split_ip_addresses(forwarded)
           lip = ips.find { |ip| (ip !~ TRUSTED_PROXIES) && valid_ip?(ip) }

data/lib/sqreen/instrumentation.rb

@@ -11,6 +11,7 @@ require 'sqreen/rules_signature'
 require 'sqreen/shared_storage'
 require 'sqreen/rules_callbacks/record_request_context'
 require 'sqreen/rules_callbacks/run_req_start_actions'
+require 'sqreen/rules_callbacks/run_block_user_actions'
 require 'set'
 
 # How to override a class method:
@@ -245,6 +246,10 @@ module Sqreen
     def self.define_callback_method(meth, original_meth, klass_name)
       @sqreen_multi_instr ||= nil
       proc do |*args, &block|
+        record_req_hp = @@record_request_hookpoints.include?([klass_name, meth]) &&
+          Sqreen::PerformanceNotifications.listen_for?
+        Sqreen::PerformanceNotifications::BinnedMetrics.start_request if record_req_hp
+
         budget = nil
         skip_call = Thread.current[:sqreen_in_use]
         begin
@@ -370,6 +375,7 @@ module Sqreen
               next unless ret.is_a? Hash
               case ret[:status]
               when :raise, 'raise'
+                raise ret[:exception] if ret.key?(:exception)
                 raise Sqreen::AttackBlocked, "Sqreen blocked a security threat (type: #{ret[:rule_name]}). No action is required."
               when :override, 'override'
                 result = ret[:new_return_value]
@@ -379,10 +385,11 @@ module Sqreen
             end
             result
           ensure
-            if @@record_request_hookpoints.include?([klass_name, meth]) && Sqreen::PerformanceNotifications.listen_for?
+            if record_req_hp
               Sqreen::PerformanceNotifications.instrument('Callbacks/hooks_reporting/pre') do
                 Sqreen::PerformanceNotifications::LogPerformance.next_request
                 Sqreen::PerformanceNotifications::NewRelic.next_request
+                Sqreen::PerformanceNotifications::BinnedMetrics.finish_request
               end
             end
             Thread.current[:sqreen_in_use] = false
@@ -439,6 +446,8 @@ module Sqreen
         end
         alias_method meth, saved_meth_name
         send(method_kind, meth)
+
+        remove_method saved_meth_name
       end
     end
 
@@ -450,6 +459,15 @@ module Sqreen
       saved_meth_name = get_saved_method_name(meth)
       new_method      = "#{meth}_modified".to_sym
 
+      # do not include ancestors o/wise we might get a saved method from a
+      # superclass which is never called because the original name
+      # (instrumented) method of the superclass has been overridden
+      private_meths = klass_name.private_instance_methods(false)
+      if private_meths.include?(saved_meth_name)
+        Sqreen.log.debug { "#{saved_meth_name} found #{klass_name}##{meth} already instrumented" }
+        return saved_meth_name
+      end
+
       p = Instrumentation.define_callback_method(meth, saved_meth_name,
                                                  klass_name)
       method_kind = nil
@@ -664,7 +682,9 @@ module Sqreen
     # @return [Array<Sqreen::CB>]
     def hardcoded_callbacks(framework)
       [
-        Sqreen::Rules::RunReqStartActions.new(framework)
+        Sqreen::Rules::RunReqStartActions.new(framework),
+        Sqreen::Rules::RunBlockUserActions.new(Sqreen, :identify, 0),
+        Sqreen::Rules::RunBlockUserActions.new(Sqreen, :auth_track, 1),
       ]
     end
 

data/lib/sqreen/metrics.rb

@@ -4,3 +4,4 @@
 require 'sqreen/metrics/collect'
 require 'sqreen/metrics/average'
 require 'sqreen/metrics/sum'
+require 'sqreen/metrics/binning'

data/lib/sqreen/metrics/binning.rb

@@ -0,0 +1,74 @@
+# Copyright (c) 2018 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'sqreen/metrics/base'
+
+module Sqreen
+  module Metric
+    # Takes numbers as samples and bins them (effectively, rounds them).
+    class Binning < Base
+      # upper bound of i-th bin is factor * base^(i-1)
+      def initialize(base, factor)
+        super()
+        @base = base
+        @factor = factor
+        log_base = Math.log(base)
+        log_factor = Math.log(factor)
+        @inv_log_base = 1 / log_base
+        @add_parcel = - log_factor / log_base
+        new_sample(Time.now.utc)
+      end
+
+      def update(_at, _key, x)
+        h = @sample[OBSERVATION_KEY]
+        bin = bin_no(x)
+        h[bin] += 1
+      end
+
+      def next_sample(time)
+        return nil if @sample[OBSERVATION_KEY].empty?
+        super(time)
+      end
+
+      protected
+
+      # these two are called by next_sample
+
+      def finalize_sample(time)
+        @sample[FINISH_KEY] = time
+        h = @sample[OBSERVATION_KEY]
+        @sample[OBSERVATION_KEY] = { 'u' => @factor, 'b' => @base, 'v' => h }
+      end
+
+      def new_sample(time)
+        @sample = {
+          OBSERVATION_KEY => Hash.new { |hash, key| hash[key] = 0 },
+          START_KEY => time,
+        }
+      end
+
+      private
+
+      def bin_no(x)
+        res = 2 + (@inv_log_base * Math.log(x) + @add_parcel).floor
+        res < 1 ? 1 : res
+      end
+    end
+
+    # overrides the constructor
+    class ParameterizedBinning < Binning
+      def initialize
+        raise 'Not configured' unless self.class.base && self.class.factor
+        super(self.class.base, self.class.factor)
+      end
+
+      class << self
+        attr_reader :base, :factor
+        def parameters(opts)
+          @base = opts[:base]
+          @factor = opts[:factor]
+        end
+      end
+    end
+  end
+end

data/lib/sqreen/metrics_store.rb

@@ -33,7 +33,7 @@ module Sqreen
 
     # Definition contains a name,period and aggregate at least
     # @param definition [Hash] a metric definition
-    # @param klass [Object] Override metric class (used in testing)
+    # @param mklass [Object] Override metric object (used in testing)
     def create_metric(definition, mklass = nil)
       name = definition[NAME_KEY]
       kind = definition[KIND_KEY]
@@ -47,6 +47,10 @@ module Sqreen
       metric
     end
 
+    def metric?(name)
+      @metrics.key?(name)
+    end
+
     def update(name, at, key, value)
       at = at.utc
       metric, period, start = @metrics[name]
@@ -71,7 +75,7 @@ module Sqreen
     def next_sample(name, at)
       metric = @metrics[name][0]
       r = metric.next_sample(at)
-      @metrics[name][2] = at
+      @metrics[name][2] = at # start
       if r
         r[NAME_KEY] = name
         obs = r[Metric::OBSERVATION_KEY]

data/lib/sqreen/performance_notifications/binned_metrics.rb

@@ -0,0 +1,119 @@
+# Copyright (c) 2018 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'sqreen/performance_notifications'
+
+module Sqreen
+  #
+  module PerformanceNotifications
+    # Logs callback performance
+    class BinnedMetrics
+      EVENT_REQ = 'req'.freeze # request total time
+      EVENT_TOTAL_TIME = 'sq'.freeze # sqreen total overhead callback time
+
+      EVT_NAME_REGEXP = %r{\ACallbacks/([^/]+)/([^/]+)\z}
+
+      # @param metrics_store [Sqreen::MetricsStore]
+      def initialize(metrics_store, period)
+        @metrics_store = metrics_store
+        @period = period
+        @subid = nil
+      end
+
+      def enable
+        return unless @subid.nil?
+
+        metrics_store.create_metric(
+          'name' => EVENT_REQ, 'period' => period, 'kind' => 'ParameterizedBinning'
+        )
+        metrics_store.create_metric(
+          'name' => EVENT_TOTAL_TIME, 'period' => period, 'kind' => 'ParameterizedBinning'
+        )
+
+        @subid = Sqreen::PerformanceNotifications.subscribe(&method(:log))
+      end
+
+      def disable
+        return if @subid.nil?
+        Sqreen::PerformanceNotifications.unsubscribe(@subid)
+        @subid = nil
+      end
+
+      def log(event, start, finish, _meta)
+        return unless event =~ EVT_NAME_REGEXP
+        rule, cb = Regexp.last_match.captures
+
+        metric_name = "sq.#{rule}.#{cb}"
+        ensure_metric(metric_name)
+
+        finish_time = SQREEN_MONO_TIME ? Time.now.utc : finish
+        time_millis = (finish - start) * 1000
+        SharedStorage[:sqreen_request_time] += time_millis
+        metrics_store.update(metric_name, finish_time, nil, time_millis)
+      end
+
+      def start_request
+        SharedStorage[:request_start_time] = PerformanceNotifications.time
+        SharedStorage[:sqreen_request_time] = 0.0
+      end
+
+      def finish_request
+        start_time = SharedStorage[:request_start_time]
+        finish_time = PerformanceNotifications.time
+        duration_millis = (finish_time - start_time) * 1000
+
+        finish_time_obj = SQREEN_MONO_TIME ? Time.now.utc : finish_time
+        # format of evt is [cat, key, value, timestamp]
+        Sqreen.observations_queue.push(
+          [EVENT_REQ, nil, duration_millis, finish_time_obj]
+        )
+        Sqreen.observations_queue.push(
+          [EVENT_TOTAL_TIME, nil,
+           SharedStorage[:sqreen_request_time], finish_time_obj]
+        )
+      end
+
+      private
+
+      # @return [Sqreen::MetricsStore]
+      attr_reader :metrics_store
+      attr_reader :period
+
+      def ensure_metric(metric_name)
+        return if metrics_store.metric?(metric_name)
+        metrics_store.create_metric(
+          'name' => metric_name, 'period' => period, 'kind' => 'ParameterizedBinning'
+        )
+      end
+
+      @instance = nil
+      class << self
+        # @return [Sqreen::PerformanceNotifications::BinnedMetrics]
+        attr_reader :instance
+        def enable(metrics_store, period = 60, base = 2.0, factor = 0.1)
+          disable
+          Sqreen::Metric::ParameterizedBinning.parameters(
+            :base => base, :factor => factor
+          )
+          @instance = new(metrics_store, period).tap(&:enable)
+        end
+
+        def disable
+          return unless instance
+          instance.disable
+          @instance = nil
+        end
+
+        def start_request
+          return unless instance
+          instance.start_request
+        end
+
+        def finish_request
+          return unless instance
+          instance.finish_request
+        end
+      end
+    end
+  end
+end

data/lib/sqreen/rules_callbacks/run_block_user_actions.rb

@@ -0,0 +1,34 @@
+# Copyright (c) 2018 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'sqreen/rule_callback'
+require 'sqreen/actions'
+
+module Sqreen
+  module Rules
+    # Runs the block_user actions (for hooking Sqreen.{identify,auth_user})
+    class RunBlockUserActions < CB
+      def initialize(klass, method, auth_keys_idx)
+        super(klass, method)
+        @auth_keys_idx = auth_keys_idx
+      end
+
+      def post(_retval, _inst, args, _budget = nil)
+        actions = actions_repo[Sqreen::Actions::BlockUser]
+
+        actions.each do |action|
+          res = action.run args[@auth_keys_idx]
+          return res unless res.nil?
+        end
+        nil
+      end
+
+      private
+
+      # @return [Sqreen::Actions::Repository]
+      def actions_repo
+        Sqreen::Actions::Repository.instance
+      end
+    end
+  end
+end

data/lib/sqreen/runner.rb

@@ -17,6 +17,7 @@ require 'sqreen/metrics_store'
 require 'sqreen/deliveries/simple'
 require 'sqreen/deliveries/batch'
 require 'sqreen/performance_notifications/metrics'
+require 'sqreen/performance_notifications/binned_metrics'
 require 'sqreen/instrumentation'
 require 'sqreen/call_countable'
 
@@ -30,6 +31,11 @@ module Sqreen
 
   METRICS_EVENT = 'metrics'.freeze
 
+  PERF_METRICS_PERIOD = 60 # 1 min
+  DEFAULT_PERF_LEVEL = 0 # disabled
+  DEFAULT_PERF_UNIT = 0.1 # ms
+  DEFAULT_PERF_BASE = 2.0
+
   class << self
     attr_reader :features
     def update_features(features)
@@ -204,6 +210,20 @@ module Sqreen
       end
     end
 
+    def config_binned_metrics(level, base, factor)
+      level = level.to_i
+      if level <= 0
+        Sqreen.log.debug('Disabling binned metrics')
+        PerformanceNotifications::BinnedMetrics.disable
+      else
+        Sqreen.log.warn("Unknown value for perf_level: #{level}. Treating as 1") unless level == 1
+        PerformanceNotifications::BinnedMetrics.enable(
+          metrics_engine, PERF_METRICS_PERIOD, base.to_f, factor.to_f
+        )
+      end
+    end
+
+
     def setup_instrumentation(context_infos = {})
       Sqreen.log.info 'setup instrumentation'
       rulespack_id, rules = load_rules(context_infos)
@@ -282,6 +302,9 @@ module Sqreen
       Sqreen.update_features(features)
       session.request_compression = features['request_compression'] if session
       self.performance_metrics_period = features['performance_metrics_period']
+      config_binned_metrics(features['perf_level'] || DEFAULT_PERF_LEVEL,
+                            features['perf_base'] || DEFAULT_PERF_BASE,
+                            features['perf_unit'] || DEFAULT_PERF_UNIT)
       self.call_counts_metrics_period = features['call_counts_metrics_period']
       hd = features['heartbeat_delay'].to_i
       self.heartbeat_delay = hd if hd > 0

data/lib/sqreen/sdk.rb

@@ -36,13 +36,13 @@ module Sqreen
     # For internal usage. Users are to call track() instead.
     def internal_track(event_name, options = {})
       properties = options[:properties]
-      authentication_keys = options[:user_identifiers]
+      user_identifiers = options[:user_identifiers]
       timestamp = options[:timestamp] || Time.now.utc
       # Not in SDK v0
       # request = options[:request]
 
       args = {}
-      args[:authentication_keys] = authentication_keys if authentication_keys
+      args[:user_identifiers] = user_identifiers if user_identifiers
       args[:properties] = properties if properties
 
       Sqreen.framework.observe(

data/lib/sqreen/shared_storage.rb

@@ -33,3 +33,8 @@ end
 
 # Change SharedStorage.get if ruby is actually newer
 require 'sqreen/shared_storage23' if RUBY_VERSION >= '2.3.0'
+
+class << Sqreen::SharedStorage
+  alias [] get
+  alias []= set
+end

data/lib/sqreen/version.rb

@@ -1,5 +1,5 @@
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 module Sqreen
-  VERSION = '1.12.0'.freeze
+  VERSION = '1.13.0'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.12.0
+  version: 1.13.0
 platform: ruby
 authors:
 - Sqreen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-05-31 00:00:00.000000000 Z
+date: 2018-07-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: execjs
@@ -81,12 +81,14 @@ files:
 - lib/sqreen/metrics.rb
 - lib/sqreen/metrics/average.rb
 - lib/sqreen/metrics/base.rb
+- lib/sqreen/metrics/binning.rb
 - lib/sqreen/metrics/collect.rb
 - lib/sqreen/metrics/sum.rb
 - lib/sqreen/metrics_store.rb
 - lib/sqreen/middleware.rb
 - lib/sqreen/payload_creator.rb
 - lib/sqreen/performance_notifications.rb
+- lib/sqreen/performance_notifications/binned_metrics.rb
 - lib/sqreen/performance_notifications/log.rb
 - lib/sqreen/performance_notifications/log_performance.rb
 - lib/sqreen/performance_notifications/metrics.rb
@@ -111,6 +113,7 @@ files:
 - lib/sqreen/rules_callbacks/record_request_context.rb
 - lib/sqreen/rules_callbacks/reflected_xss.rb
 - lib/sqreen/rules_callbacks/regexp_rule.rb
+- lib/sqreen/rules_callbacks/run_block_user_actions.rb
 - lib/sqreen/rules_callbacks/run_req_start_actions.rb
 - lib/sqreen/rules_callbacks/shell_env.rb
 - lib/sqreen/rules_callbacks/url_matches.rb