sqreen 1.24.2 → 1.25.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dea2ca186e8470cf1cec16ca8ab33156c1002d28004c3a68c2296e2ec5d9b7ed
-  data.tar.gz: 2722948150517f7f7c29c73fa9f49acac18266e2cc286e70907b8ff91ba535d1
+  metadata.gz: 6328da058ba9dbd5f216152de2a9751d3d967a2f4d65304032137849a8b10d25
+  data.tar.gz: 7835057ef1b3c18d6995136c6d7c10ed6168bb9f42be32d91959518bcbe287cf
 SHA512:
-  metadata.gz: 1ecf19e0200c0c1d9012f8140996e5c1918be31a9dcca081f302cdf05e818fe5137199489d30486eca18b814e6d98bfeda5efb1ee8103efe08d158fca5f12717
-  data.tar.gz: 6f01d3300a326c1504917cfe2e1a25f46020f936a5400d6b347a9a1d1001f616912fb58bffe466539ecb47ef259e233a9cc5652f6da2a1739e5c4cdd5f01949b
+  metadata.gz: d2a151b0bdc36e3ff4872c533e3e701cce5a70c9dbf9758b2ee53cf7026317f6dc49e85741a92c61c38cd0128575741e27b7b6995cd5d0fd66289ee883300975
+  data.tar.gz: 28c72b896a9cf0b5a7bd49cb1ebb5ef0fe2cb99a349f91f70f02b667ffc8346c1d47e940bac3ec6823240c95935204bb96aedd8d666ae13d01a5017d082a00f7

data/CHANGELOG.md

@@ -1,3 +1,18 @@
+## 1.25.1
+
+* Add compatibility with ddtrace 1.0
+* Fix issue on WAF garbage collection
+
+## 1.25.0
+
+* Switch from old sq_mini_racer to upstream mini_racer
+* Support Ruby 3.1
+* Restrict compatiblity to Ruby 2.6 and up
+
+## 1.24.3
+
+* Fix WAF exception reporting corner case
+
 ## 1.24.2
 
 * Fix kwargs for rule callbacks on Ruby 3+

data/lib/sqreen/dependency/sinatra.rb

@@ -66,6 +66,7 @@ module Sqreen
       end
 
       def insert_datadog_middleware(builder, *args, &block)
+        return unless defined?(Datadog) && defined?(Datadog::Tracing)
         return unless defined?(Datadog) && Datadog.respond_to?(:configuration) && Datadog.configuration.instrumented_integrations.key?(:sinatra)
 
         Datadog.configure do |c|

data/lib/sqreen/frameworks/generic.rb

@@ -182,9 +182,21 @@ module Sqreen
       end
 
       def datadog_span
-        return unless defined?(Datadog) && (tracer = Datadog.tracer)
+        return unless defined?(Datadog)
 
-        tracer.active_span
+        if defined?(Datadog::Tracing) && Datadog::Tracing.respond_to?(:active_span)
+          Datadog::Tracing.active_span
+        elsif Datadog.respond_to?(:tracer) && Datadog.tracer
+          Datadog.tracer.active_span
+        end
+      end
+
+      def datadog_trace
+        return unless defined?(Datadog)
+
+        if defined?(Datadog::Tracing) && Datadog::Tracing.respond_to?(:active_trace)
+          Datadog::Tracing.active_trace
+        end
       end
 
       def response_infos

data/lib/sqreen/js/js_service.rb

@@ -33,7 +33,7 @@ module Sqreen
       private
 
       def detect_adapter
-        @online = try_sq_mini_racer || try_rhino
+        @online = try_sq_mini_racer || try_mini_racer || try_rhino
 
         Sqreen.log.info "JS engine online: #{variant}" if @online
       end
@@ -53,6 +53,21 @@ module Sqreen
         false
       end
 
+      def try_mini_racer
+        gem = Gem.loaded_specs['mini_racer']
+        unless gem
+          Sqreen.log.info "mini_racer gem not detected"
+          return false
+        end
+
+        require 'mini_racer'
+        require 'sqreen/js/mini_racer_adapter'
+        @adapter = MiniRacerAdapter.new(false)
+      rescue LoadError => e
+        Sqreen.log.warn "Failed loading mini_racer: #{e}"
+        false
+      end
+
       def try_rhino
         gem = Gem.loaded_specs['therubyrhino']
         unless gem

data/lib/sqreen/js/mini_racer_adapter.rb

@@ -34,7 +34,7 @@ module Sqreen
 
       def self.static_init
         return if @done_static_init
-        Sqreen::MiniRacer::Platform.set_flags! :noconcurrent_recompilation
+        Sqreen::MiniRacer::Platform.set_flags! :noconcurrent_recompilation if @vendored
         @done_static_init = true
       end
     end

data/lib/sqreen/js/mini_racer_executable_js.rb

@@ -118,7 +118,7 @@ module Sqreen
 
               # garbage collections max 1 in every 4 calls (avg)
               if heap_stats[:total_heap_size] > @gc_threshold_in_bytes
-                low_memory_notification
+                low_memory_notification if respond_to?(:low_memory_notification)
                 @gc_load += 4
               else
                 @gc_load = [0, @gc_load - 1].max

data/lib/sqreen/rules/rule_cb.rb

@@ -76,7 +76,11 @@ module Sqreen
             :datadog_trace_id => datadog_span.trace_id,
             :datadog_span_id => datadog_span.span_id,
           )
-          datadog_span.set_tag(Datadog::Ext::ManualTracing::TAG_KEEP, true)
+          if (datadog_trace = framework.datadog_trace)
+            datadog_trace.keep!
+          else
+            datadog_span.set_tag(Datadog::Ext::ManualTracing::TAG_KEEP, true)
+          end
           datadog_span.set_tag('sqreen.event', true)
         end
         framework.observe(:attacks, payload, payload_tpl)

data/lib/sqreen/rules/waf_cb.rb

@@ -126,7 +126,7 @@ module Sqreen
         lambda do |object_id|
           return unless WAFCB.libsqreen?
 
-          ::LibSqreen::WAF.delete(waf_rule_name)
+          ::LibSqreen::WAF.delete(rule_name)
           Sqreen.log.debug("WAF rule #{rule_name} deleted, from #<#{name}:0x#{object_id.to_s(16).rjust(16, '0')}>")
         end
       end
@@ -146,7 +146,7 @@ module Sqreen
             error_code: ERROR_CODES[e.error],
           }.tap do |r|
             r[:error_data] = e.data if e.data
-            r[:args] = e.args if e.arg
+            r[:args] = e.args if e.args
           end,
         }
       end

data/lib/sqreen/version.rb

@@ -4,5 +4,5 @@
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 
 module Sqreen
-  VERSION = '1.24.2'.freeze
+  VERSION = '1.25.1'.freeze
 end

data/lib/sqreen/weave/legacy/instrumentation.rb

@@ -244,8 +244,17 @@ class Sqreen::Weave::Legacy::Instrumentation
 
         # shrinkwrap_timer = Sqreen::Graft::Timer.new('weave,shrinkwrap')
         # shrinkwrap_timer.start
-        if defined?(Datadog) && Datadog.tracer && (datadog_span = Datadog.tracer.active_root_span)
-          Sqreen::Weave.logger.debug { "request datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
+        if defined?(Datadog)
+          if defined?(Datadog::Tracing) && Datadog::Tracing.respond_to?(:active_trace)
+            datadog_active_trace = Datadog::Tracing.active_trace
+            datadog_span = datadog_active_trace.send(:root_span) if datadog_active_trace
+          elsif Datadog.respond_to?(:tracer) && Datadog.tracer
+            datadog_span = Datadog.tracer.active_root_span
+          end
+
+          if datadog_span
+            Sqreen::Weave.logger.debug { "request datadog:true span_id:#{datadog_span.span_id} parent_id:#{datadog_span.parent_id} trace_id:#{datadog_span.trace_id}" }
+          end
         end
 
         request_timer = Sqreen::Graft::Timer.new("request")

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.24.2
+  version: 1.25.1
 platform: ruby
 authors:
 - Sqreen
@@ -39,25 +39,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 0.2.4
 - !ruby/object:Gem::Dependency
-  name: sq_mini_racer
+  name: mini_racer
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.a
+        version: 0.4.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-    - - "<"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.a
+        version: 0.4.0
 - !ruby/object:Gem::Dependency
   name: libsqreen
   requirement: !ruby/object:Gem::Requirement
@@ -347,7 +341,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.0'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="