sqreen 1.19.1-java → 1.21.0.beta3-java

data/lib/sqreen/worker.rb

@@ -23,11 +23,15 @@ module Sqreen
           Sqreen.log.debug("Starting Sqreen #{Sqreen::VERSION}")
           prevent_startup = Sqreen.framework.prevent_startup
           if !prevent_startup
-            warn "[#{Process.pid}] Sqreen logging at level #{Sqreen.log.instance_eval { @logger }.level} to #{Sqreen.log.instance_eval { @logger }.instance_eval { @logdev.filename }}"
+            logger = Sqreen.log.instance_eval { @logger }
+            log_level = logger.send(:format_severity, logger.level)
+            log_filename = logger.instance_eval { @logdev.filename }
+            warn "process.pid:#{Process.pid} sqreen.log.level:#{log_level} sqreen.log.location:#{log_filename.inspect}"
             runner = Sqreen::Runner.new(configuration, framework)
             runner.run_watcher
+            Sqreen.log.info("process.pid:#{Process.pid} sqreen.start:true")
           else
-            Sqreen.log.debug("#{prevent_startup} prevented Sqreen startup")
+            Sqreen.log.info("process.pid:#{Process.pid} sqreen.start:false cause:#{prevent_startup}")
           end
         rescue Sqreen::TokenNotFoundException
           Sqreen.log.error "Sorry but we couldn't find your Sqreen token.\nYour application is NOT currently protected by Sqreen.\n\nHave you filled your config/sqreen.yml?\n\n"

metadata

@@ -1,15 +1,43 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.19.1
+  version: 1.21.0.beta3
 platform: java
 authors:
 - Sqreen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-01 00:00:00.000000000 Z
+date: 2020-09-14 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+  name: sqreen-backport
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.1.0
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.2
+  name: sqreen-kit
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.2
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
     requirements:
@@ -65,11 +93,10 @@ files:
 - lib/sqreen/actions/user_action_class.rb
 - lib/sqreen/actions/users_index.rb
 - lib/sqreen/agent.rb
+- lib/sqreen/agent_message.rb
+- lib/sqreen/aggregated_metric.rb
 - lib/sqreen/attack_blocked.rb
 - lib/sqreen/attack_detected.html
-- lib/sqreen/backport.rb
-- lib/sqreen/backport/clock_gettime.rb
-- lib/sqreen/backport/original_name.rb
 - lib/sqreen/binding_accessor.rb
 - lib/sqreen/binding_accessor/path_elem.rb
 - lib/sqreen/binding_accessor/transforms.rb
@@ -95,7 +122,41 @@ files:
 - lib/sqreen/dependency/rails.rb
 - lib/sqreen/dependency/sentry.rb
 - lib/sqreen/dependency/sinatra.rb
-- lib/sqreen/encoding_sanitizer.rb
+- lib/sqreen/deprecation.rb
+- lib/sqreen/ecosystem.rb
+- lib/sqreen/ecosystem/dispatch_table.rb
+- lib/sqreen/ecosystem/exception_reporting.rb
+- lib/sqreen/ecosystem/http/net_http.rb
+- lib/sqreen/ecosystem/http/rack_request.rb
+- lib/sqreen/ecosystem/loggable.rb
+- lib/sqreen/ecosystem/module_api.rb
+- lib/sqreen/ecosystem/module_api/event_listener.rb
+- lib/sqreen/ecosystem/module_api/instrumentation.rb
+- lib/sqreen/ecosystem/module_api/message_producer.rb
+- lib/sqreen/ecosystem/module_api/signal_producer.rb
+- lib/sqreen/ecosystem/module_api/tracing.rb
+- lib/sqreen/ecosystem/module_api/tracing/client_data.rb
+- lib/sqreen/ecosystem/module_api/tracing/server_data.rb
+- lib/sqreen/ecosystem/module_api/tracing_id_generation.rb
+- lib/sqreen/ecosystem/module_api/transaction_storage.rb
+- lib/sqreen/ecosystem/module_registry.rb
+- lib/sqreen/ecosystem/redis/redis_connection.rb
+- lib/sqreen/ecosystem/tracing/modules/client.rb
+- lib/sqreen/ecosystem/tracing/modules/server.rb
+- lib/sqreen/ecosystem/tracing/sampler.rb
+- lib/sqreen/ecosystem/tracing/sampling_configuration.rb
+- lib/sqreen/ecosystem/tracing/signals/tracing_client.rb
+- lib/sqreen/ecosystem/tracing/signals/tracing_server.rb
+- lib/sqreen/ecosystem/tracing_broker.rb
+- lib/sqreen/ecosystem/tracing_id_setup.rb
+- lib/sqreen/ecosystem/transaction_storage.rb
+- lib/sqreen/ecosystem/util/call_writers_from_init.rb
+- lib/sqreen/ecosystem_integration.rb
+- lib/sqreen/ecosystem_integration/around_callbacks.rb
+- lib/sqreen/ecosystem_integration/instrumentation_service.rb
+- lib/sqreen/ecosystem_integration/request_lifecycle_tracking.rb
+- lib/sqreen/ecosystem_integration/signal_consumption.rb
+- lib/sqreen/endpoint_testing.rb
 - lib/sqreen/error_handling_middleware.rb
 - lib/sqreen/event.rb
 - lib/sqreen/events/attack.rb
@@ -129,8 +190,16 @@ files:
 - lib/sqreen/js/mini_racer_adapter.rb
 - lib/sqreen/js/mini_racer_executable_js.rb
 - lib/sqreen/js/thread_local_exec_js_runnable.rb
+- lib/sqreen/kit/signals/specialized/aggregated_metric.rb
+- lib/sqreen/kit/signals/specialized/attack.rb
+- lib/sqreen/kit/signals/specialized/binning_metric.rb
+- lib/sqreen/kit/signals/specialized/http_trace.rb
+- lib/sqreen/kit/signals/specialized/sdk_track_call.rb
+- lib/sqreen/kit/signals/specialized/sqreen_exception.rb
 - lib/sqreen/legacy.rb
 - lib/sqreen/legacy/instrumentation.rb
+- lib/sqreen/legacy/old_event_submission_strategy.rb
+- lib/sqreen/legacy/waf_redactions.rb
 - lib/sqreen/log.rb
 - lib/sqreen/log/loggable.rb
 - lib/sqreen/logger.rb
@@ -139,6 +208,7 @@ files:
 - lib/sqreen/metrics/base.rb
 - lib/sqreen/metrics/binning.rb
 - lib/sqreen/metrics/collect.rb
+- lib/sqreen/metrics/req_detailed.rb
 - lib/sqreen/metrics/sum.rb
 - lib/sqreen/metrics_store.rb
 - lib/sqreen/metrics_store/already_registered_metric.rb
@@ -201,6 +271,9 @@ files:
 - lib/sqreen/shared_storage.rb
 - lib/sqreen/shared_storage23.rb
 - lib/sqreen/shrink_wrap.rb
+- lib/sqreen/signals/conversions.rb
+- lib/sqreen/signals/http_trace_redaction.rb
+- lib/sqreen/signals/signals_submission_strategy.rb
 - lib/sqreen/signature_verifier.rb
 - lib/sqreen/sinatra_middleware.rb
 - lib/sqreen/sqreen_signed_verifier.rb
@@ -216,6 +289,7 @@ files:
 - lib/sqreen/version.rb
 - lib/sqreen/waf_error.rb
 - lib/sqreen/weave.rb
+- lib/sqreen/weave/budget.rb
 - lib/sqreen/weave/hardcoded.rb
 - lib/sqreen/weave/instrumentor.rb
 - lib/sqreen/weave/legacy.rb
@@ -238,7 +312,9 @@ metadata:
   changelog_uri: https://docs.sqreen.com/ruby/release-notes/
   source_code_uri: https://github.com/sqreen/ruby-agent
   bug_tracker_uri: https://github.com/sqreen/ruby-agent/issues
-post_install_message:
+post_install_message: |2
+      This is a Sqreen beta release and may not work in all situations.
+      Make sure to review CHANGELOG.md for important details.
 rdoc_options: []
 require_paths:
 - lib
@@ -249,12 +325,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project:
-rubygems_version: 2.7.7
+rubygems_version: 2.6.14.1
 signing_key:
 specification_version: 4
 summary: Sqreen Ruby agent

data/lib/sqreen/backport.rb

@@ -1,9 +0,0 @@
-# typed: strong
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-module Sqreen
-  module Backport
-  end
-end

data/lib/sqreen/backport/clock_gettime.rb

@@ -1,74 +0,0 @@
-# typed: ignore
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-require 'sqreen/backport'
-
-module Sqreen
-  module Backport
-    module ClockGettime
-      class << self
-        def supported?
-          Process.respond_to?(:clock_gettime)
-        end
-      end
-
-      unless supported?
-        require 'ffi'
-
-        class Timespec < FFI::Struct
-          layout :tv_sec => :time_t, :tv_nsec => :long
-        end
-
-        module LibC
-          extend FFI::Library
-          ffi_lib FFI::Library::LIBC
-
-          # TODO: FFI::NotFoundError
-
-          if RUBY_PLATFORM =~ /darwin/
-            attach_function :mach_absolute_time, [], :uint64
-          end
-
-          attach_function :clock_gettime, [:int, :pointer], :int
-        end
-
-        module Constants
-          case RUBY_PLATFORM
-          when /darwin/
-            CLOCK_REALTIME = 0
-            CLOCK_MONOTONIC = 6
-            CLOCK_PROCESS_CPUTIME_ID = 12
-            CLOCK_THERAD_CPUTIME_ID = 16
-          when /linux/
-            CLOCK_REALTIME = 0
-            CLOCK_MONOTONIC = 1
-            CLOCK_PROCESS_CPUTIME_ID = 2
-            CLOCK_THREAD_CPUTIME_ID = 3
-          end
-        end
-
-        def clock_gettime(clock_id, unit = :float_second)
-          unless unit == :float_second
-            raise "Process.clock_gettime: unsupported unit #{unit.inspect}"
-          end
-
-          t = Timespec.new
-          ret = LibC.clock_gettime(clock_id, t.pointer)
-
-          raise SystemCallError, "Errno #{FFI.errno}" if ret == -1
-
-          t[:tv_sec].to_f + t[:tv_nsec].to_f / 1_000_000_000
-        end
-      end
-    end
-  end
-end
-
-unless Sqreen::Backport::ClockGettime.supported?
-  Process.instance_eval do
-    extend Sqreen::Backport::ClockGettime
-    include Sqreen::Backport::ClockGettime::Constants
-  end
-end

data/lib/sqreen/backport/original_name.rb

@@ -1,88 +0,0 @@
-# typed: false
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-module Sqreen
-  module Backport
-    module OriginalName
-      HAS_UNBOUND_METHOD_ORIGINAL_NAME = ::UnboundMethod.instance_methods(false).include?(:original_name)
-      HAS_METHOD_ORIGINAL_NAME = ::Method.instance_methods(false).include?(:original_name)
-
-      def original_name
-        self.class.get_original_name(owner, original_name_key) || self.original_name = name
-      end
-
-      private
-
-      def original_name=(name)
-        self.class.set_original_name(owner, original_name_key, name)
-      end
-
-      def original_name_key
-        return hash if is_a?(::UnboundMethod)
-
-        owner.instance_method(name).hash
-      end
-
-      class << self
-        def supported?
-          !::Kernel.const_defined?(:JRUBY_VERSION) && HAS_UNBOUND_METHOD_ORIGINAL_NAME && HAS_METHOD_ORIGINAL_NAME
-        end
-
-        def included(klass)
-          klass.extend(ClassMethods)
-        end
-
-        def prepended(klass)
-          klass.extend(ClassMethods)
-        end
-      end
-
-      class Store < ::Hash; end
-
-      module ClassMethods
-        def original_names(owner)
-          owner.instance_eval { @__sqreen_backport_original_names ||= Store.new }
-        end
-
-        def get_original_name(owner, key)
-          original_names(owner)[key]
-        end
-
-        def set_original_name(owner, key, name)
-          original_names(owner)[key] ||= name
-        end
-      end
-    end
-  end
-end
-
-class UnboundMethod
-  if Sqreen::Backport::OriginalName::HAS_UNBOUND_METHOD_ORIGINAL_NAME
-    prepend Sqreen::Backport::OriginalName
-  else
-    include Sqreen::Backport::OriginalName
-  end
-end unless Sqreen::Backport::OriginalName.supported?
-
-class Method
-  if Sqreen::Backport::OriginalName::HAS_METHOD_ORIGINAL_NAME
-    prepend Sqreen::Backport::OriginalName
-  else
-    include Sqreen::Backport::OriginalName
-  end
-end unless Sqreen::Backport::OriginalName.supported?
-
-class Module
-  alias_method(:alias_method_without_original_name, :alias_method)
-
-  def alias_method_with_original_name(newname, oldname)
-    alias_method_without_original_name(newname, oldname).tap do
-      instance_method(newname).send(:original_name=, :"#{oldname}")
-    end
-  end
-
-  alias_method_with_original_name(:alias_method_without_original_name, :alias_method)
-  alias_method_with_original_name(:alias_method, :alias_method_with_original_name)
-end unless Sqreen::Backport::OriginalName.supported?

data/lib/sqreen/encoding_sanitizer.rb

@@ -1,27 +0,0 @@
-# typed: true
-
-# Copyright (c) 2015 Sqreen. All Rights Reserved.
-# Please refer to our terms for more information: https://www.sqreen.com/terms.html
-
-module Sqreen
-  class EncodingSanitizer
-    def self.sanitize(obj)
-      case obj
-      when String
-        sanitize_string(obj)
-      when Array
-        obj.map { |e| sanitize(e) }
-      when Hash
-        obj.each_with_object({}) { |(k, v), h| h[k] = sanitize(v) }
-      else
-        obj
-      end
-    end
-
-    def self.sanitize_string(s)
-      return s if s.encoding.name == 'UTF-8' && s.valid_encoding?
-
-      s.encode('UTF-16', :invalid => :replace, :undef => :replace).encode('UTF-8')
-    end
-  end
-end