sqreen 1.24.0 → 1.25.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b43caee6a7702bfde6a56f9a3d9ad735de10b5a214ce5d097c3c26c3527f5918
-  data.tar.gz: 803451b19b5277384c9e74b186e00e0a1d0d8a8a77cb5483cf486088a1705b0d
+  metadata.gz: 91d799812d8133a1915b8174bc71b1986028bbea556ed445cc8bd8c240176d96
+  data.tar.gz: d7f9e221109affd64736c772f030ba618dba20cdbaac1b5369772e2d151b12ff
 SHA512:
-  metadata.gz: 2d35106412544c74a99bcf5eb39b1bc33d95720efbce196e139c15f40c1259b1aaf4646cab127849b9235d3f1cf0ce421c01859eb1c4bc6076683d3f7beeef33
-  data.tar.gz: b0f5452dda0d2702397968e103313bf910bb996c09064354be78fcabb6492dbb15d898aa1caf5835307a5f21b878550fae59826fbc347382772cba1823cefea2
+  metadata.gz: 996a203e716bb890c32c00d75b89e534e78e7fad75dc1ec05acf1089cfc2865ab1d907ea5f364dacd377cbf3e102f3a1ca14ac246a1960a3986334cb5f3de698
+  data.tar.gz: 8af17107b023e921b9a660126cc368eb43893724b35c7af76afb6461c623e8d80c9d35f5537af9078b51df8d8f84d6a44b361595249e6db514e64c5e24594bd7

data/CHANGELOG.md

@@ -1,3 +1,25 @@
+## 1.25.0
+
+* Switch from old sq_mini_racer to upstream mini_racer
+* Support Ruby 3.1
+* Restrict compatiblity to Ruby 2.6 and up
+
+## 1.24.3
+
+* Fix WAF exception reporting corner case
+
+## 1.24.2
+
+* Fix kwargs for rule callbacks on Ruby 3+
+* Fix properties propagation for custom events
+* Fix Devise key type mismatch for signup
+
+## 1.24.1
+
+* Add Datadog trace keeping through sampling
+* Improve Datadog correlation compatibility with Sinatra
+* Improve attack event correlation with Datadog spans
+
 ## 1.24.0
 
 * Add Sqreen event correlation with Datadog traces

data/lib/sqreen/dependency/sinatra.rb

@@ -61,6 +61,26 @@ module Sqreen
             u.append(p)
           end
         end
+
+        insert_datadog_middleware(builder, *args, &block)
+      end
+
+      def insert_datadog_middleware(builder, *args, &block)
+        return unless defined?(Datadog) && Datadog.respond_to?(:configuration) && Datadog.configuration.instrumented_integrations.key?(:sinatra)
+
+        Datadog.configure do |c|
+          sinatra_config = Datadog.configuration[:sinatra]
+
+          c.use(
+            :rack,
+            service_name: sinatra_config[:service_name],
+            distributed_tracing: sinatra_config[:distributed_tracing],
+          ) unless Datadog.configuration.instrumented_integrations.key?(:rack)
+        end
+
+        insert_middleware(builder, Datadog::Contrib::Rack::TraceMiddleware, args, block) do |p, u|
+          u.insert(0, p)
+        end
       end
 
       def wrap_middleware(middleware, *args, &block)

data/lib/sqreen/graft/hook.ruby_3.rb

@@ -112,7 +112,7 @@ module Sqreen
 
                   flow = catch(Ball.new) do |ball|
                     Timer.new(c.name, &timed_callbacks_proc).measure(ignore: chrono) do
-                      c.call(CallbackCall.new(c, remaining, hooked_call.instance, hooked_call.args_passed), ball)
+                      c.call(CallbackCall.new(c, remaining, hooked_call.instance, kwargs.empty? ? hooked_call.args_passed : hooked_call.args_passed + [kwargs]), ball)
                     end
                   end
 

data/lib/sqreen/js/js_service.rb

@@ -33,7 +33,7 @@ module Sqreen
       private
 
       def detect_adapter
-        @online = try_sq_mini_racer || try_rhino
+        @online = try_sq_mini_racer || try_mini_racer || try_rhino
 
         Sqreen.log.info "JS engine online: #{variant}" if @online
       end
@@ -53,6 +53,21 @@ module Sqreen
         false
       end
 
+      def try_mini_racer
+        gem = Gem.loaded_specs['mini_racer']
+        unless gem
+          Sqreen.log.info "mini_racer gem not detected"
+          return false
+        end
+
+        require 'mini_racer'
+        require 'sqreen/js/mini_racer_adapter'
+        @adapter = MiniRacerAdapter.new(false)
+      rescue LoadError => e
+        Sqreen.log.warn "Failed loading mini_racer: #{e}"
+        false
+      end
+
       def try_rhino
         gem = Gem.loaded_specs['therubyrhino']
         unless gem

data/lib/sqreen/js/mini_racer_adapter.rb

@@ -34,7 +34,7 @@ module Sqreen
 
       def self.static_init
         return if @done_static_init
-        Sqreen::MiniRacer::Platform.set_flags! :noconcurrent_recompilation
+        Sqreen::MiniRacer::Platform.set_flags! :noconcurrent_recompilation if @vendored
         @done_static_init = true
       end
     end

data/lib/sqreen/js/mini_racer_executable_js.rb

@@ -118,7 +118,7 @@ module Sqreen
 
               # garbage collections max 1 in every 4 calls (avg)
               if heap_stats[:total_heap_size] > @gc_threshold_in_bytes
-                low_memory_notification
+                low_memory_notification if respond_to?(:low_memory_notification)
                 @gc_load += 4
               else
                 @gc_load = [0, @gc_load - 1].max

data/lib/sqreen/rules/devise_signup_track_cb.rb

@@ -20,7 +20,7 @@ module Sqreen
         keys = args[1].class.authentication_keys
         ip = framework.client_ip
         category = 'auto-signup'
-        data = data.select { |k, _| keys.include?(k) }
+        data = data.select { |k, _| keys.map(&:to_s).include?(k.to_s) }
 
         if data.empty?
           Sqreen.log.debug { "#{category} from #{ip} but keys empty" }

data/lib/sqreen/rules/rule_cb.rb

@@ -70,6 +70,15 @@ module Sqreen
         if payload_tpl.include?('context')
           payload[:backtrace] = Sqreen::Context.new.bt
         end
+        if framework.respond_to?(:datadog_span) && (datadog_span = framework.datadog_span)
+          Sqreen::Weave.logger.debug { "attack datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
+          payload.merge!(
+            :datadog_trace_id => datadog_span.trace_id,
+            :datadog_span_id => datadog_span.span_id,
+          )
+          datadog_span.set_tag(Datadog::Ext::ManualTracing::TAG_KEEP, true)
+          datadog_span.set_tag('sqreen.event', true)
+        end
         framework.observe(:attacks, payload, payload_tpl)
       end
 

data/lib/sqreen/rules/waf_cb.rb

@@ -146,7 +146,7 @@ module Sqreen
             error_code: ERROR_CODES[e.error],
           }.tap do |r|
             r[:error_data] = e.data if e.data
-            r[:args] = e.args if e.arg
+            r[:args] = e.args if e.args
           end,
         }
       end

data/lib/sqreen/signals/conversions.rb

@@ -197,12 +197,13 @@ module Sqreen
         # see Sqreen::RequestRecord.processed_sdk_calls
         def convert_track(call_info)
           options = call_info[:args][1] || {}
+          args = options[:args] || {}
           Kit::Signals::Specialized::SdkTrackCall.new(
             signal_name: "sq.sdk.#{call_info[:args][0]}",
             time: call_info[:time],
             payload: Kit::Signals::Specialized::SdkTrackCall::Payload.new(
-              properties: options[:properties],
-              user_identifiers: options[:user_identifiers]
+              properties: args[:properties],
+              user_identifiers: args[:user_identifiers]
             )
           )
         end

data/lib/sqreen/version.rb

@@ -4,5 +4,5 @@
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 
 module Sqreen
-  VERSION = '1.24.0'.freeze
+  VERSION = '1.25.0'.freeze
 end

data/lib/sqreen/weave/legacy/instrumentation.rb

@@ -244,8 +244,7 @@ class Sqreen::Weave::Legacy::Instrumentation
 
         # shrinkwrap_timer = Sqreen::Graft::Timer.new('weave,shrinkwrap')
         # shrinkwrap_timer.start
-        if defined?(Datadog)
-          datadog_span = Datadog.tracer.active_root_span
+        if defined?(Datadog) && Datadog.tracer && (datadog_span = Datadog.tracer.active_root_span)
           Sqreen::Weave.logger.debug { "request datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
         end
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.24.0
+  version: 1.25.0
 platform: ruby
 authors:
 - Sqreen
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-04-30 00:00:00.000000000 Z
+date: 1980-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sqreen-backport
@@ -30,34 +30,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.3
+        version: 0.2.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.2.3
+        version: 0.2.4
 - !ruby/object:Gem::Dependency
-  name: sq_mini_racer
+  name: mini_racer
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.a
+        version: 0.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.a
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
   name: libsqreen
   requirement: !ruby/object:Gem::Requirement
@@ -347,14 +341,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.2.26
 signing_key:
 specification_version: 4
 summary: Sqreen Ruby agent