sqreen 1.22.0 → 1.24.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +25 -0
- data/bin/sqreen +43 -0
- data/lib/sqreen/actions.rb +1 -1
- data/lib/sqreen/actions/actions_index.rb +5 -1
- data/lib/sqreen/actions/base.rb +1 -1
- data/lib/sqreen/actions/block_ip.rb +1 -1
- data/lib/sqreen/actions/block_user.rb +1 -1
- data/lib/sqreen/actions/ip_range_indexed_action_class.rb +1 -1
- data/lib/sqreen/actions/ip_ranges_index.rb +1 -1
- data/lib/sqreen/actions/redirect_ip.rb +1 -1
- data/lib/sqreen/actions/redirect_user.rb +1 -1
- data/lib/sqreen/actions/repository.rb +1 -1
- data/lib/sqreen/actions/unknown_action_type.rb +1 -1
- data/lib/sqreen/actions/user_action_class.rb +1 -1
- data/lib/sqreen/actions/users_index.rb +5 -1
- data/lib/sqreen/agent_message.rb +5 -0
- data/lib/sqreen/aggregated_metric.rb +5 -0
- data/lib/sqreen/attack_blocked.rb +1 -1
- data/lib/sqreen/binding_accessor.rb +1 -1
- data/lib/sqreen/binding_accessor/path_elem.rb +1 -1
- data/lib/sqreen/binding_accessor/transforms.rb +1 -1
- data/lib/sqreen/call_countable.rb +1 -1
- data/lib/sqreen/capped_queue.rb +1 -1
- data/lib/sqreen/cb.rb +1 -1
- data/lib/sqreen/condition_evaluator.rb +1 -1
- data/lib/sqreen/conditionable.rb +1 -1
- data/lib/sqreen/configuration.rb +2 -0
- data/lib/sqreen/context.rb +1 -1
- data/lib/sqreen/default_cb.rb +1 -1
- data/lib/sqreen/deferred_logger.rb +1 -1
- data/lib/sqreen/deliveries.rb +1 -1
- data/lib/sqreen/deliveries/batch.rb +1 -1
- data/lib/sqreen/deliveries/simple.rb +1 -1
- data/lib/sqreen/dependency.rb +1 -1
- data/lib/sqreen/dependency/new_relic.rb +1 -1
- data/lib/sqreen/deprecation.rb +1 -1
- data/lib/sqreen/ecosystem.rb +5 -0
- data/lib/sqreen/ecosystem/databases/database_connection_data.rb +5 -0
- data/lib/sqreen/ecosystem/databases/mongo.rb +5 -0
- data/lib/sqreen/ecosystem/databases/mysql.rb +5 -0
- data/lib/sqreen/ecosystem/databases/postgres.rb +5 -0
- data/lib/sqreen/ecosystem/databases/redis.rb +5 -0
- data/lib/sqreen/ecosystem/dispatch_table.rb +5 -0
- data/lib/sqreen/ecosystem/exception_reporting.rb +5 -0
- data/lib/sqreen/ecosystem/http/net_http.rb +5 -0
- data/lib/sqreen/ecosystem/http/rack_request.rb +5 -0
- data/lib/sqreen/ecosystem/loggable.rb +5 -0
- data/lib/sqreen/ecosystem/messaging/bunny.rb +5 -0
- data/lib/sqreen/ecosystem/messaging/kafka.rb +5 -0
- data/lib/sqreen/ecosystem/messaging/kinesis.rb +5 -0
- data/lib/sqreen/ecosystem/messaging/sqs.rb +5 -0
- data/lib/sqreen/ecosystem/module_api.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/event_listener.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/instrumentation.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/message_producer.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/signal_producer.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing/client_data.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing/consumer_data.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing/messaging_data.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing/producer_data.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing/server_data.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/tracing_id_generation.rb +5 -0
- data/lib/sqreen/ecosystem/module_api/transaction_storage.rb +5 -0
- data/lib/sqreen/ecosystem/module_registry.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/modules/client.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/modules/consumer.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/modules/determine_ip.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/modules/producer.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/modules/server.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/sampler.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/sampling_configuration.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/signals/tracing_client.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/signals/tracing_consumer.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/signals/tracing_producer.rb +5 -0
- data/lib/sqreen/ecosystem/tracing/signals/tracing_server.rb +5 -0
- data/lib/sqreen/ecosystem/tracing_broker.rb +5 -0
- data/lib/sqreen/ecosystem/tracing_id_setup.rb +5 -0
- data/lib/sqreen/ecosystem/transaction_storage.rb +5 -0
- data/lib/sqreen/ecosystem/util/call_writers_from_init.rb +5 -0
- data/lib/sqreen/ecosystem_integration.rb +5 -0
- data/lib/sqreen/ecosystem_integration/around_callbacks.rb +5 -0
- data/lib/sqreen/ecosystem_integration/instrumentation_service.rb +5 -0
- data/lib/sqreen/ecosystem_integration/request_lifecycle_tracking.rb +5 -0
- data/lib/sqreen/ecosystem_integration/signal_consumption.rb +6 -8
- data/lib/sqreen/endpoint_testing.rb +5 -0
- data/lib/sqreen/error_handling_middleware.rb +1 -1
- data/lib/sqreen/event.rb +1 -1
- data/lib/sqreen/events/attack.rb +9 -1
- data/lib/sqreen/events/remote_exception.rb +1 -1
- data/lib/sqreen/events/request_record.rb +1 -1
- data/lib/sqreen/exception.rb +1 -1
- data/lib/sqreen/formatter_with_tid.rb +1 -1
- data/lib/sqreen/framework_cb.rb +1 -1
- data/lib/sqreen/frameworks/generic.rb +18 -1
- data/lib/sqreen/frameworks/sqreen_test.rb +1 -1
- data/lib/sqreen/graft.rb +1 -1
- data/lib/sqreen/graft/call.rb +1 -1
- data/lib/sqreen/graft/callback.rb +1 -1
- data/lib/sqreen/graft/hook.rb +8 -294
- data/lib/sqreen/graft/hook.ruby_2.rb +305 -0
- data/lib/sqreen/graft/hook.ruby_3.rb +305 -0
- data/lib/sqreen/graft/hook_point.rb +7 -7
- data/lib/sqreen/graft/hook_point.ruby_2.rb +18 -0
- data/lib/sqreen/graft/hook_point.ruby_3.rb +19 -0
- data/lib/sqreen/graft/hook_point_error.rb +1 -1
- data/lib/sqreen/invalid_signature_exception.rb +1 -1
- data/lib/sqreen/js.rb +1 -1
- data/lib/sqreen/js/call_context.rb +1 -1
- data/lib/sqreen/js/context_pool.rb +8 -6
- data/lib/sqreen/js/exec_js_runnable.rb +1 -1
- data/lib/sqreen/js/execjs_adapter.rb +1 -1
- data/lib/sqreen/js/executable_js.rb +1 -1
- data/lib/sqreen/js/js_service_adapter.rb +1 -1
- data/lib/sqreen/js/mini_racer_adapter.rb +2 -1
- data/lib/sqreen/js/mini_racer_executable_js.rb +2 -0
- data/lib/sqreen/js/thread_local_exec_js_runnable.rb +1 -1
- data/lib/sqreen/legacy.rb +1 -1
- data/lib/sqreen/log/loggable.rb +1 -1
- data/lib/sqreen/logger.rb +1 -1
- data/lib/sqreen/metrics.rb +1 -1
- data/lib/sqreen/metrics/average.rb +1 -1
- data/lib/sqreen/metrics/base.rb +1 -1
- data/lib/sqreen/metrics/binning.rb +1 -1
- data/lib/sqreen/metrics/collect.rb +1 -1
- data/lib/sqreen/metrics/sum.rb +1 -1
- data/lib/sqreen/metrics_store.rb +1 -1
- data/lib/sqreen/metrics_store/already_registered_metric.rb +1 -1
- data/lib/sqreen/metrics_store/unknown_metric.rb +1 -1
- data/lib/sqreen/metrics_store/unregistered_metric.rb +1 -1
- data/lib/sqreen/middleware.rb +1 -1
- data/lib/sqreen/node.rb +1 -1
- data/lib/sqreen/not_implemented_yet.rb +1 -1
- data/lib/sqreen/null_logger.rb +1 -1
- data/lib/sqreen/payload_creator/header_section.rb +1 -1
- data/lib/sqreen/performance_notifications.rb +1 -1
- data/lib/sqreen/performance_notifications/binned_metrics.rb +1 -1
- data/lib/sqreen/performance_notifications/log.rb +1 -1
- data/lib/sqreen/performance_notifications/log_performance.rb +1 -1
- data/lib/sqreen/performance_notifications/metrics.rb +1 -1
- data/lib/sqreen/prefix.rb +1 -1
- data/lib/sqreen/rails_middleware.rb +1 -1
- data/lib/sqreen/remote_command.rb +1 -1
- data/lib/sqreen/remote_command/failure_output.rb +1 -1
- data/lib/sqreen/rules/attrs.rb +1 -1
- data/lib/sqreen/rules/execjs_cb.rb +1 -0
- data/lib/sqreen/rules/run_user_actions.rb +1 -1
- data/lib/sqreen/run_when_called_cb.rb +1 -1
- data/lib/sqreen/runner.rb +11 -0
- data/lib/sqreen/safe_json.rb +1 -1
- data/lib/sqreen/sensitive_data_redactor.rb +2 -2
- data/lib/sqreen/serializer.rb +1 -1
- data/lib/sqreen/shared_storage.rb +1 -1
- data/lib/sqreen/shrink_wrap.rb +1 -1
- data/lib/sqreen/signals/conversions.rb +22 -2
- data/lib/sqreen/signals/http_trace_redaction.rb +5 -0
- data/lib/sqreen/signals/signals_submission_strategy.rb +5 -0
- data/lib/sqreen/signature_verifier.rb +1 -1
- data/lib/sqreen/sinatra_middleware.rb +1 -1
- data/lib/sqreen/sqreen_signed_verifier.rb +1 -1
- data/lib/sqreen/token_invalid_exception.rb +1 -1
- data/lib/sqreen/token_not_found_exception.rb +1 -1
- data/lib/sqreen/trie.rb +1 -1
- data/lib/sqreen/unauthorized.rb +1 -1
- data/lib/sqreen/util.rb +1 -1
- data/lib/sqreen/util/capped_array.rb +1 -1
- data/lib/sqreen/util/capped_hash.rb +1 -1
- data/lib/sqreen/util/capped_string.rb +1 -1
- data/lib/sqreen/util/capper.rb +1 -1
- data/lib/sqreen/version.rb +2 -2
- data/lib/sqreen/waf_error.rb +1 -1
- data/lib/sqreen/weave.rb +1 -1
- data/lib/sqreen/weave/budget.rb +1 -1
- data/lib/sqreen/weave/hardcoded.rb +1 -1
- data/lib/sqreen/weave/instrumentor.rb +1 -1
- data/lib/sqreen/weave/legacy.rb +1 -1
- data/lib/sqreen/weave/legacy/instrumentation.rb +62 -7
- data/lib/sqreen/web_server/generic.rb +1 -1
- data/lib/sqreen/web_server/webrick.rb +1 -1
- data/lib/sqreen/worker.rb +1 -1
- metadata +24 -12
data/lib/sqreen/safe_json.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: ignore
|
2
2
|
|
3
3
|
# Copyright (c) 2015 Sqreen. All Rights Reserved.
|
4
4
|
# Please refer to our terms for more information: https://www.sqreen.com/terms.html
|
@@ -11,7 +11,7 @@ require 'sqreen/log'
|
|
11
11
|
module Sqreen
|
12
12
|
# For redacting sensitive data and avoid having it sent to our servers
|
13
13
|
class SensitiveDataRedactor
|
14
|
-
DEFAULT_SENSITIVE_KEYS = Set.new(%w[password secret passwd authorization api_key apikey access_token]).freeze
|
14
|
+
DEFAULT_SENSITIVE_KEYS = Set.new(%w[password password2 password_confirmation secret passwd authorization api_key apikey token access_token jwt_token cvv cvv2]).freeze
|
15
15
|
DEFAULT_REGEX = /\A(?:\d[ -]*?){13,16}\z/
|
16
16
|
MASK = '<Redacted by Sqreen>'.freeze
|
17
17
|
|
data/lib/sqreen/serializer.rb
CHANGED
data/lib/sqreen/shrink_wrap.rb
CHANGED
@@ -1,3 +1,8 @@
|
|
1
|
+
# typed: ignore
|
2
|
+
|
3
|
+
# Copyright (c) 2015 Sqreen. All Rights Reserved.
|
4
|
+
# Please refer to our terms for more information: https://www.sqreen.com/terms.html
|
5
|
+
|
1
6
|
require 'sqreen/version'
|
2
7
|
require 'sqreen/rules/rule_cb'
|
3
8
|
require 'sqreen/metrics/base'
|
@@ -39,11 +44,17 @@ module Sqreen
|
|
39
44
|
# XXX: not used because we don't use Sqreen::Attack
|
40
45
|
def convert_attack(attack)
|
41
46
|
# no need to set actor/context as we only include them in request records/traces
|
47
|
+
location_h = {}
|
48
|
+
location_h.merge!(stack_trace: attack.backtrace) if attack.backtrace
|
49
|
+
location_h.merge!(datadog_trace_id: datadog_trace_id) if attack.datadog_trace_id
|
50
|
+
location_h.merge!(datadog_span_id: datadog_span_id) if attack.datadog_span_id
|
51
|
+
location = Kit::Signals::Location.new(location_h) unless location_h.empty?
|
52
|
+
|
42
53
|
Kit::Signals::Specialized::Attack.new(
|
43
54
|
signal_name: "sq.agent.attack.#{attack.attack_type}",
|
44
55
|
source: "sqreen:rule:#{attack.rulespack_id}:#{attack.rule_name}",
|
45
56
|
time: attack.time,
|
46
|
-
location:
|
57
|
+
location: location,
|
47
58
|
payload: Kit::Signals::Specialized::Attack::Payload.new(
|
48
59
|
test: attack.test?,
|
49
60
|
block: attack.block?,
|
@@ -54,11 +65,17 @@ module Sqreen
|
|
54
65
|
|
55
66
|
# see Sqreen::Rules::RuleCB.record_event
|
56
67
|
def convert_unstructured_attack(payload)
|
68
|
+
location_h = {}
|
69
|
+
location_h.merge!(stack_trace: payload[:backtrace]) if payload[:backtrace]
|
70
|
+
location_h.merge!(datadog_trace_id: payload[:datadog_trace_id]) if payload[:datadog_span_id]
|
71
|
+
location_h.merge!(datadog_span_id: payload[:datadog_span_id]) if payload[:datadog_span_id]
|
72
|
+
location = Kit::Signals::Location.new(location_h) unless location_h.empty?
|
73
|
+
|
57
74
|
Kit::Signals::Specialized::Attack.new(
|
58
75
|
signal_name: "sq.agent.attack.#{payload[:attack_type]}",
|
59
76
|
source: "sqreen:rule:#{payload[:rulespack_id]}:#{payload[:rule_name]}",
|
60
77
|
time: payload[:time],
|
61
|
-
location:
|
78
|
+
location: location,
|
62
79
|
payload: Kit::Signals::Specialized::Attack::Payload.new(
|
63
80
|
test: payload[:test],
|
64
81
|
block: payload[:block],
|
@@ -229,6 +246,9 @@ module Sqreen
|
|
229
246
|
status: resp_payload[:status],
|
230
247
|
content_length: resp_payload[:content_length],
|
231
248
|
content_type: resp_payload[:content_type],
|
249
|
+
# datadog
|
250
|
+
datadog_trace_id: req_payload[:datadog_trace_id],
|
251
|
+
datadog_span_id: req_payload[:datadog_span_id],
|
232
252
|
}
|
233
253
|
)
|
234
254
|
end
|
data/lib/sqreen/trie.rb
CHANGED
data/lib/sqreen/unauthorized.rb
CHANGED
data/lib/sqreen/util.rb
CHANGED
data/lib/sqreen/util/capper.rb
CHANGED
data/lib/sqreen/version.rb
CHANGED
data/lib/sqreen/waf_error.rb
CHANGED
data/lib/sqreen/weave.rb
CHANGED
data/lib/sqreen/weave/budget.rb
CHANGED
data/lib/sqreen/weave/legacy.rb
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# typed:
|
1
|
+
# typed: ignore
|
2
2
|
|
3
3
|
# Copyright (c) 2015 Sqreen. All Rights Reserved.
|
4
4
|
# Please refer to our terms for more information: https://www.sqreen.com/terms.html
|
@@ -106,29 +106,49 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
106
106
|
strategy_hints << [:chain, 'Module.respond_to?(:prepend)', 'false']
|
107
107
|
end
|
108
108
|
if Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('< 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
109
|
-
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with scout_apm < 2.5.2,
|
109
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with scout_apm < 2.5.2, hinting at :chain" }
|
110
110
|
strategy_hints << [:chain, 'scout_apm', '< 2.5.2']
|
111
111
|
end
|
112
112
|
if Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('>= 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
113
|
-
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with scout_apm >= 2.5.2,
|
113
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with scout_apm >= 2.5.2, hinting at :prepend" }
|
114
114
|
strategy_hints << [:prepend, 'scout_apm', '>= 2.5.2']
|
115
115
|
end
|
116
116
|
if Gem::Specification.select { |s| s.name == 'ddtrace' && Gem::Requirement.new('< 0.27').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
117
|
-
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with ddtrace < 0.27,
|
117
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with ddtrace < 0.27, hinting at :chain" }
|
118
118
|
strategy_hints << [:chain, 'ddtrace', '< 0.27']
|
119
119
|
end
|
120
120
|
if Gem::Specification.select { |s| s.name == 'ddtrace' && Gem::Requirement.new('>= 0.27').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
121
|
-
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with ddtrace >= 0.27,
|
121
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with ddtrace >= 0.27, hinting at :prepend" }
|
122
122
|
strategy_hints << [:prepend, 'ddtrace', '>= 0.27']
|
123
123
|
end
|
124
124
|
if Gem::Specification.select { |s| s.name == 'skylight' && Gem::Requirement.new('< 5.0.0.beta').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
125
|
-
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with skylight < 5.0.0.beta,
|
125
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with skylight < 5.0.0.beta, hinting at :chain" }
|
126
126
|
strategy_hints << [:chain, 'skylight', '< 5.0.0.beta']
|
127
127
|
end
|
128
128
|
if Gem::Specification.select { |s| s.name == 'skylight' && Gem::Requirement.new('>= 5.0.0.beta').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
129
|
-
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with skylight >= 5.0.0.beta,
|
129
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with skylight >= 5.0.0.beta, hinting at :prepend" }
|
130
130
|
strategy_hints << [:prepend, 'skylight', '>= 5.0.0.beta']
|
131
131
|
end
|
132
|
+
if Gem::Specification.select { |s| s.name == 'elastic-apm' && Gem::Requirement.new('< 4.0.a').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
133
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with elastic-apm < 4.0, hinting at :chain" }
|
134
|
+
strategy_hints << [:chain, 'elastic-apm', '< 4.0.a']
|
135
|
+
end
|
136
|
+
if Gem::Specification.select { |s| s.name == 'elastic-apm' && Gem::Requirement.new('>= 4.0').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
137
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with elastic-apm >= 4.0, hinting at :prepend" }
|
138
|
+
strategy_hints << [:prepend, 'elastic-apm', '>= 4.0.a']
|
139
|
+
end
|
140
|
+
if Gem::Specification.select { |s| s.name == 'airbrake' && Gem::Requirement.new('>= 11.0.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
141
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with airbrake >= 11.0.2, hinting at :prepend" }
|
142
|
+
strategy_hints << [:prepend, 'airbrake', '>= 11.0.2']
|
143
|
+
end
|
144
|
+
if Gem::Specification.select { |s| s.name == 'newrelic_rpm' && Gem::Requirement.new('>= 6.14').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
145
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with newrelic_rpm >= 6.14, hinting at :prepend" }
|
146
|
+
strategy_hints << [:prepend, 'newrelic_rpm', '>= 6.14']
|
147
|
+
end
|
148
|
+
if Gem::Specification.select { |s| s.name =~ /^opentelemetry/ }.any?
|
149
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with opentelemetry, hinting at :prepend" }
|
150
|
+
strategy_hints << [:prepend, 'opentelemetry']
|
151
|
+
end
|
132
152
|
if strategy_hints.map(&:first).uniq.count > 1
|
133
153
|
raise Sqreen::Exception, "conflicting instrumentation strategies: #{strategy_hints.inspect}"
|
134
154
|
end
|
@@ -160,6 +180,8 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
160
180
|
else
|
161
181
|
Sqreen::Weave.logger.error { "rule: #{rule['name']} singed: true result: fail" }
|
162
182
|
end
|
183
|
+
|
184
|
+
valid
|
163
185
|
end
|
164
186
|
if invalid_rules.any?
|
165
187
|
Sqreen::Weave.logger.error { "weave: instrument status: abort reason: signature result: fail" }
|
@@ -210,6 +232,8 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
210
232
|
@hooks << add_callback('weave,hardcoded', hard_callback, strategy)
|
211
233
|
end
|
212
234
|
|
235
|
+
@hooks << install_graphql_hook
|
236
|
+
|
213
237
|
metrics_engine = self.metrics_engine
|
214
238
|
|
215
239
|
request_hook = Sqreen::Graft::Hook['Sqreen::ShrinkWrap#call', strategy]
|
@@ -220,6 +244,10 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
220
244
|
|
221
245
|
# shrinkwrap_timer = Sqreen::Graft::Timer.new('weave,shrinkwrap')
|
222
246
|
# shrinkwrap_timer.start
|
247
|
+
if defined?(Datadog)
|
248
|
+
datadog_span = Datadog.tracer.active_root_span
|
249
|
+
Sqreen::Weave.logger.debug { "request datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
|
250
|
+
end
|
223
251
|
|
224
252
|
request_timer = Sqreen::Graft::Timer.new("request")
|
225
253
|
request_timer.start
|
@@ -245,6 +273,7 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
245
273
|
timed_level: timed_level,
|
246
274
|
skipped_callbacks: [],
|
247
275
|
# timed_shrinkwrap: shrinkwrap_timer,
|
276
|
+
datadog_span: datadog_span,
|
248
277
|
}
|
249
278
|
|
250
279
|
# shrinkwrap_timer.stop
|
@@ -546,4 +575,30 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
546
575
|
Sqreen::Rules::RunUserActions.new(Sqreen, :auth_track, 1),
|
547
576
|
]
|
548
577
|
end
|
578
|
+
|
579
|
+
def install_graphql_hook
|
580
|
+
hook = Sqreen::Graft::Hook['GraphQL::Execution::Multiplex.run_queries']
|
581
|
+
|
582
|
+
hook.add do
|
583
|
+
before('weave,test,graphql', mandatory: true) do |call|
|
584
|
+
find_args = proc do |*items|
|
585
|
+
args = []
|
586
|
+
items.each do |e|
|
587
|
+
args << e if e.is_a?(GraphQL::Language::Nodes::Argument)
|
588
|
+
args += find_args.call(*e.children)
|
589
|
+
end
|
590
|
+
args
|
591
|
+
end
|
592
|
+
queries = call.args[1]
|
593
|
+
qdocs = queries.map { |q| [q.query_string, q.document] }
|
594
|
+
qargs = qdocs.map do |q, doc|
|
595
|
+
next if doc.nil?
|
596
|
+
[q, find_args.call(*doc.children).map { |arg| { arg.name => arg.value } }.reduce(&:merge)]
|
597
|
+
end
|
598
|
+
Sqreen.framework.graphql_args = Hash[*qargs.flatten(1)]
|
599
|
+
end
|
600
|
+
end.install
|
601
|
+
|
602
|
+
hook
|
603
|
+
end
|
549
604
|
end
|
data/lib/sqreen/worker.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: sqreen
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.24.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Sqreen
|
8
|
-
autorequire:
|
8
|
+
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-04-30 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sqreen-backport
|
@@ -30,28 +30,34 @@ dependencies:
|
|
30
30
|
requirements:
|
31
31
|
- - "~>"
|
32
32
|
- !ruby/object:Gem::Version
|
33
|
-
version: 0.2.
|
33
|
+
version: 0.2.3
|
34
34
|
type: :runtime
|
35
35
|
prerelease: false
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
37
37
|
requirements:
|
38
38
|
- - "~>"
|
39
39
|
- !ruby/object:Gem::Version
|
40
|
-
version: 0.2.
|
40
|
+
version: 0.2.3
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: sq_mini_racer
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
44
44
|
requirements:
|
45
45
|
- - "~>"
|
46
46
|
- !ruby/object:Gem::Version
|
47
|
-
version: 0.2
|
47
|
+
version: '0.2'
|
48
|
+
- - "<"
|
49
|
+
- !ruby/object:Gem::Version
|
50
|
+
version: 0.5.a
|
48
51
|
type: :runtime
|
49
52
|
prerelease: false
|
50
53
|
version_requirements: !ruby/object:Gem::Requirement
|
51
54
|
requirements:
|
52
55
|
- - "~>"
|
53
56
|
- !ruby/object:Gem::Version
|
54
|
-
version: 0.2
|
57
|
+
version: '0.2'
|
58
|
+
- - "<"
|
59
|
+
- !ruby/object:Gem::Version
|
60
|
+
version: 0.5.a
|
55
61
|
- !ruby/object:Gem::Dependency
|
56
62
|
name: libsqreen
|
57
63
|
requirement: !ruby/object:Gem::Requirement
|
@@ -69,7 +75,8 @@ dependencies:
|
|
69
75
|
description: Sqreen is a SaaS based Application protection and monitoring platform
|
70
76
|
that integrates directly into your Ruby applications. Learn more at https://sqreen.com.
|
71
77
|
email: contact@sqreen.com
|
72
|
-
executables:
|
78
|
+
executables:
|
79
|
+
- sqreen
|
73
80
|
extensions: []
|
74
81
|
extra_rdoc_files: []
|
75
82
|
files:
|
@@ -78,6 +85,7 @@ files:
|
|
78
85
|
- LICENSE
|
79
86
|
- README.md
|
80
87
|
- Rakefile
|
88
|
+
- bin/sqreen
|
81
89
|
- lib/sqreen.rb
|
82
90
|
- lib/sqreen/actions.rb
|
83
91
|
- lib/sqreen/actions/actions_index.rb
|
@@ -192,7 +200,11 @@ files:
|
|
192
200
|
- lib/sqreen/graft/call.rb
|
193
201
|
- lib/sqreen/graft/callback.rb
|
194
202
|
- lib/sqreen/graft/hook.rb
|
203
|
+
- lib/sqreen/graft/hook.ruby_2.rb
|
204
|
+
- lib/sqreen/graft/hook.ruby_3.rb
|
195
205
|
- lib/sqreen/graft/hook_point.rb
|
206
|
+
- lib/sqreen/graft/hook_point.ruby_2.rb
|
207
|
+
- lib/sqreen/graft/hook_point.ruby_3.rb
|
196
208
|
- lib/sqreen/graft/hook_point_error.rb
|
197
209
|
- lib/sqreen/invalid_signature_exception.rb
|
198
210
|
- lib/sqreen/js.rb
|
@@ -327,7 +339,7 @@ metadata:
|
|
327
339
|
changelog_uri: https://docs.sqreen.com/ruby/release-notes/
|
328
340
|
source_code_uri: https://github.com/sqreen/ruby-agent
|
329
341
|
bug_tracker_uri: https://github.com/sqreen/ruby-agent/issues
|
330
|
-
post_install_message:
|
342
|
+
post_install_message:
|
331
343
|
rdoc_options: []
|
332
344
|
require_paths:
|
333
345
|
- lib
|
@@ -335,15 +347,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
335
347
|
requirements:
|
336
348
|
- - ">="
|
337
349
|
- !ruby/object:Gem::Version
|
338
|
-
version:
|
350
|
+
version: '2.0'
|
339
351
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
340
352
|
requirements:
|
341
353
|
- - ">="
|
342
354
|
- !ruby/object:Gem::Version
|
343
355
|
version: '0'
|
344
356
|
requirements: []
|
345
|
-
rubygems_version: 3.
|
346
|
-
signing_key:
|
357
|
+
rubygems_version: 3.2.3
|
358
|
+
signing_key:
|
347
359
|
specification_version: 4
|
348
360
|
summary: Sqreen Ruby agent
|
349
361
|
test_files: []
|