sqreen 1.19.0 → 1.20.1

data/lib/sqreen/version.rb

@@ -4,5 +4,5 @@
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 
 module Sqreen
-  VERSION = '1.19.0'.freeze
+  VERSION = '1.20.1'.freeze
 end

data/lib/sqreen/weave/legacy/instrumentation.rb

@@ -269,7 +269,7 @@ class Sqreen::Weave::Legacy::Instrumentation
     hook.add do
       if callback.pre?
         before(rule, rank: priority, mandatory: !callback.overtimeable, flow: block, ignore: ignore) do |call, b|
-          return unless Thread.current[:sqreen_http_request]
+          next unless Thread.current[:sqreen_http_request]
 
           i = call.instance
           a = call.args
@@ -296,13 +296,13 @@ class Sqreen::Weave::Legacy::Instrumentation
           when :raise, 'raise'
             throw(b, b.raise(ret[:exception])) if ret.key?(:exception)
             throw(b, b.raise(Sqreen::AttackBlocked.new("Sqreen blocked a security threat (type: #{callback.rule_name}). No action is required.")))
-          end unless ret.nil?
+          end unless ret.nil? || !ret.is_a?(Hash)
         end
       end
 
       if callback.post?
         after(rule, rank: -priority, mandatory: !callback.overtimeable, flow: block, ignore: ignore) do |call, b|
-          return unless Thread.current[:sqreen_http_request]
+          next unless Thread.current[:sqreen_http_request]
 
           i = call.instance
           v = call.returned
@@ -328,13 +328,13 @@ class Sqreen::Weave::Legacy::Instrumentation
           when :raise, 'raise'
             throw(b, b.raise(ret[:exception])) if ret.key?(:exception)
             throw(b, b.raise(Sqreen::AttackBlocked.new("Sqreen blocked a security threat (type: #{callback.rule_name}). No action is required.")))
-          end unless ret.nil?
+          end unless ret.nil? || !ret.is_a?(Hash)
         end
       end
 
       if callback.failing?
         raised(rule, rank: priority, mandatory: !callback.overtimeable, flow: block, ignore: ignore) do |call, b|
-          return unless Thread.current[:sqreen_http_request]
+          next unless Thread.current[:sqreen_http_request]
 
           i = call.instance
           e = call.raised
@@ -354,7 +354,7 @@ class Sqreen::Weave::Legacy::Instrumentation
           end
           Sqreen::Weave.logger.debug { "#{rule} klass=#{callback.klass} method=#{callback.method} when=#failing instance=#{i} => return=#{ret.inspect}" }
 
-          raise e if ret.nil?
+          throw(b, b.raise(e)) if ret.nil? || !ret.is_a?(Hash)
 
           case ret[:status]
           when :override, 'override'
@@ -368,7 +368,7 @@ class Sqreen::Weave::Legacy::Instrumentation
             throw(b, b.raise(e))
           else
             throw(b, b.raise(e))
-          end unless ret.nil?
+          end unless ret.nil? || !ret.is_a?(Hash)
         end
       end
     end.install

metadata

@@ -1,15 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.19.0
+  version: 1.20.1
 platform: ruby
 authors:
 - Sqreen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-29 00:00:00.000000000 Z
+date: 2020-06-24 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: sqreen-backport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  name: sqreen-kit
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.1
 - !ruby/object:Gem::Dependency
   name: sq_mini_racer
   requirement: !ruby/object:Gem::Requirement
@@ -65,11 +93,10 @@ files:
 - lib/sqreen/actions/user_action_class.rb
 - lib/sqreen/actions/users_index.rb
 - lib/sqreen/agent.rb
+- lib/sqreen/agent_message.rb
+- lib/sqreen/aggregated_metric.rb
 - lib/sqreen/attack_blocked.rb
 - lib/sqreen/attack_detected.html
-- lib/sqreen/backport.rb
-- lib/sqreen/backport/clock_gettime.rb
-- lib/sqreen/backport/original_name.rb
 - lib/sqreen/binding_accessor.rb
 - lib/sqreen/binding_accessor/path_elem.rb
 - lib/sqreen/binding_accessor/transforms.rb
@@ -96,6 +123,7 @@ files:
 - lib/sqreen/dependency/sentry.rb
 - lib/sqreen/dependency/sinatra.rb
 - lib/sqreen/encoding_sanitizer.rb
+- lib/sqreen/endpoint_testing.rb
 - lib/sqreen/error_handling_middleware.rb
 - lib/sqreen/event.rb
 - lib/sqreen/events/attack.rb
@@ -129,8 +157,16 @@ files:
 - lib/sqreen/js/mini_racer_adapter.rb
 - lib/sqreen/js/mini_racer_executable_js.rb
 - lib/sqreen/js/thread_local_exec_js_runnable.rb
+- lib/sqreen/kit/signals/specialized/aggregated_metric.rb
+- lib/sqreen/kit/signals/specialized/attack.rb
+- lib/sqreen/kit/signals/specialized/binning_metric.rb
+- lib/sqreen/kit/signals/specialized/http_trace.rb
+- lib/sqreen/kit/signals/specialized/sdk_track_call.rb
+- lib/sqreen/kit/signals/specialized/sqreen_exception.rb
 - lib/sqreen/legacy.rb
 - lib/sqreen/legacy/instrumentation.rb
+- lib/sqreen/legacy/old_event_submission_strategy.rb
+- lib/sqreen/legacy/waf_redactions.rb
 - lib/sqreen/log.rb
 - lib/sqreen/log/loggable.rb
 - lib/sqreen/logger.rb
@@ -201,6 +237,9 @@ files:
 - lib/sqreen/shared_storage.rb
 - lib/sqreen/shared_storage23.rb
 - lib/sqreen/shrink_wrap.rb
+- lib/sqreen/signals/conversions.rb
+- lib/sqreen/signals/http_trace_redaction.rb
+- lib/sqreen/signals/signals_submission_strategy.rb
 - lib/sqreen/signature_verifier.rb
 - lib/sqreen/sinatra_middleware.rb
 - lib/sqreen/sqreen_signed_verifier.rb
@@ -232,7 +271,12 @@ files:
 homepage: https://www.sqreen.com/
 licenses:
 - Sqreen
-metadata: {}
+metadata:
+  homepage_uri: https://sqreen.com
+  documentation_uri: https://docs.sqreen.com/
+  changelog_uri: https://docs.sqreen.com/ruby/release-notes/
+  source_code_uri: https://github.com/sqreen/ruby-agent
+  bug_tracker_uri: https://github.com/sqreen/ruby-agent/issues
 post_install_message: 
 rdoc_options: []
 require_paths:

data/lib/sqreen/backport.rb

@@ -1,9 +0,0 @@
-# typed: strong
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-module Sqreen
-  module Backport
-  end
-end

data/lib/sqreen/backport/clock_gettime.rb

@@ -1,74 +0,0 @@
-# typed: ignore
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-require 'sqreen/backport'
-
-module Sqreen
-  module Backport
-    module ClockGettime
-      class << self
-        def supported?
-          Process.respond_to?(:clock_gettime)
-        end
-      end
-
-      unless supported?
-        require 'ffi'
-
-        class Timespec < FFI::Struct
-          layout :tv_sec => :time_t, :tv_nsec => :long
-        end
-
-        module LibC
-          extend FFI::Library
-          ffi_lib FFI::Library::LIBC
-
-          # TODO: FFI::NotFoundError
-
-          if RUBY_PLATFORM =~ /darwin/
-            attach_function :mach_absolute_time, [], :uint64
-          end
-
-          attach_function :clock_gettime, [:int, :pointer], :int
-        end
-
-        module Constants
-          case RUBY_PLATFORM
-          when /darwin/
-            CLOCK_REALTIME = 0
-            CLOCK_MONOTONIC = 6
-            CLOCK_PROCESS_CPUTIME_ID = 12
-            CLOCK_THERAD_CPUTIME_ID = 16
-          when /linux/
-            CLOCK_REALTIME = 0
-            CLOCK_MONOTONIC = 1
-            CLOCK_PROCESS_CPUTIME_ID = 2
-            CLOCK_THREAD_CPUTIME_ID = 3
-          end
-        end
-
-        def clock_gettime(clock_id, unit = :float_second)
-          unless unit == :float_second
-            raise "Process.clock_gettime: unsupported unit #{unit.inspect}"
-          end
-
-          t = Timespec.new
-          ret = LibC.clock_gettime(clock_id, t.pointer)
-
-          raise SystemCallError, "Errno #{FFI.errno}" if ret == -1
-
-          t[:tv_sec].to_f + t[:tv_nsec].to_f / 1_000_000_000
-        end
-      end
-    end
-  end
-end
-
-unless Sqreen::Backport::ClockGettime.supported?
-  Process.instance_eval do
-    extend Sqreen::Backport::ClockGettime
-    include Sqreen::Backport::ClockGettime::Constants
-  end
-end

data/lib/sqreen/backport/original_name.rb

@@ -1,88 +0,0 @@
-# typed: false
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-module Sqreen
-  module Backport
-    module OriginalName
-      HAS_UNBOUND_METHOD_ORIGINAL_NAME = ::UnboundMethod.instance_methods(false).include?(:original_name)
-      HAS_METHOD_ORIGINAL_NAME = ::Method.instance_methods(false).include?(:original_name)
-
-      def original_name
-        self.class.get_original_name(owner, original_name_key) || self.original_name = name
-      end
-
-      private
-
-      def original_name=(name)
-        self.class.set_original_name(owner, original_name_key, name)
-      end
-
-      def original_name_key
-        return hash if is_a?(::UnboundMethod)
-
-        owner.instance_method(name).hash
-      end
-
-      class << self
-        def supported?
-          !::Kernel.const_defined?(:JRUBY_VERSION) && HAS_UNBOUND_METHOD_ORIGINAL_NAME && HAS_METHOD_ORIGINAL_NAME
-        end
-
-        def included(klass)
-          klass.extend(ClassMethods)
-        end
-
-        def prepended(klass)
-          klass.extend(ClassMethods)
-        end
-      end
-
-      class Store < ::Hash; end
-
-      module ClassMethods
-        def original_names(owner)
-          owner.instance_eval { @__sqreen_backport_original_names ||= Store.new }
-        end
-
-        def get_original_name(owner, key)
-          original_names(owner)[key]
-        end
-
-        def set_original_name(owner, key, name)
-          original_names(owner)[key] ||= name
-        end
-      end
-    end
-  end
-end
-
-class UnboundMethod
-  if Sqreen::Backport::OriginalName::HAS_UNBOUND_METHOD_ORIGINAL_NAME
-    prepend Sqreen::Backport::OriginalName
-  else
-    include Sqreen::Backport::OriginalName
-  end
-end unless Sqreen::Backport::OriginalName.supported?
-
-class Method
-  if Sqreen::Backport::OriginalName::HAS_METHOD_ORIGINAL_NAME
-    prepend Sqreen::Backport::OriginalName
-  else
-    include Sqreen::Backport::OriginalName
-  end
-end unless Sqreen::Backport::OriginalName.supported?
-
-class Module
-  alias_method(:alias_method_without_original_name, :alias_method)
-
-  def alias_method_with_original_name(newname, oldname)
-    alias_method_without_original_name(newname, oldname).tap do
-      instance_method(newname).send(:original_name=, :"#{oldname}")
-    end
-  end
-
-  alias_method_with_original_name(:alias_method_without_original_name, :alias_method)
-  alias_method_with_original_name(:alias_method, :alias_method_with_original_name)
-end unless Sqreen::Backport::OriginalName.supported?