sqreen 1.15.0 → 1.15.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 59d80d2fe6c9c0bd343380d867b4c1b7f878a42890e3cbe5ab005e4e32507abc
-  data.tar.gz: 1e7c0ee1ef948048fb020b3b64377a1476f2b000aaf22df683b5aec38658895e
+  metadata.gz: 87e7db04c8d69640cf2da93b2dc235f5b1a95c8f2847db137c3047eb9f87ac1a
+  data.tar.gz: 690b3963a003fced7eb7e699576a488b006dc63589e372c67b0f808d9b2aafd6
 SHA512:
-  metadata.gz: 8b26544a382b1ef480be8bd92593187584efa7c0b63a05d366f4d53083d6d2f3e71acb168c216985d649281b6004f5bb31ed068b688062531a77cfe0ead4d0e0
-  data.tar.gz: 6331863e48ce18d812ed294b9d1a6fef01a1a805ca2dbab1a20bd76d5837b983bcd022572d751f1e006a68e34a5cf0db2b32a4fc4e7eaf598bf6cd9f7c269ee2
+  metadata.gz: e70942a29b5a702ebd3e023d72ad49a58234510c798e0fbf88dfc99388ddbbb24bc0c25a41f3103df92884d1b9804355e2d724868372f9dc3197bcad134a9fd4
+  data.tar.gz: 5719e61c1bae72c9dbf4257ccce892cf8135b7a887e69dce1320c5955ddae9b575a992ab42a83e28887daaa09187705686579a6cabc53c555d5931f90a812b11

data/lib/sqreen/actions.rb

@@ -2,6 +2,7 @@
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 
 require 'ipaddr'
+require 'sqreen/trie'
 require 'sqreen/log'
 require 'sqreen/exception'
 require 'sqreen/sdk'
@@ -24,21 +25,17 @@ module Sqreen
     class Repository
       include Singleton
 
-      def initialize
-        @actions = {} # indexed by subclass
-        @actions.default_proc = proc { |h, k| h[k] = [] }
+      def add(params, action)
+        action.class.index(params || {}, action)
       end
 
-      def <<(action)
-        @actions[action.class] << action
-      end
-
-      def [](action_class)
-        @actions[action_class]
+      def get(action_class, key)
+        action_class = Base.get_type_class(action_class) unless action_class.class == Class
+        action_class.actions_matching key
       end
 
       def clear
-        @actions.clear
+        Base.known_subclasses.each(&:clear)
       end
     end
 
@@ -68,6 +65,8 @@ module Sqreen
     end
 
     # Base class for actions
+    # subclasses must also implement some methods in their singleton classes
+    # (actions_matching, index and clear)
     class Base
       attr_reader :id, :expiry, :send_response
 
@@ -124,10 +123,27 @@ module Sqreen
           @@subclasses[name]
         end
 
+        def known_subclasses
+          @@subclasses.values
+        end
+
         def known_types
           @@subclasses.keys
         end
 
+        # all actions matching, possibly already expired
+        def actions_matching(_key)
+          raise 'implement in singletons of subclasses'
+        end
+
+        def index(_params, _action)
+          raise 'implement in singletons of subclasses'
+        end
+
+        def clear
+          raise 'implement in singletons of subclasses'
+        end
+
         def inherited(subclass)
           class << subclass
             public :new
@@ -143,43 +159,74 @@ module Sqreen
       end
     end
 
-    module IpRanges
-      attr_reader :ranges
+    module IpRangesIndex
+      def add_prefix(prefix_str, data)
+        @trie_v4 ||= Sqreen::Trie.new
+        @trie_v6 ||= Sqreen::Trie.new(nil, nil, Socket::AF_INET6)
+        prefix = Sqreen::Prefix.from_str(prefix_str, data)
+        trie = prefix.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
+        trie.insert prefix
+      end
+
+      def matching_actions(client_ip)
+        parsed_ip = IPAddr.new(client_ip)
+        trie = parsed_ip.family == Socket::AF_INET6 ? @trie_v6 : @trie_v4
+        found = trie.search_matching(parsed_ip.to_i, parsed_ip.family)
+        return [] unless found.size > 0
+
+        Sqreen.log.debug("Client ip #{client_ip} matches #{found.inspect}")
+        found.map(&:data)
+      end
+
+      def clear
+        @trie_v4 = Sqreen::Trie.new
+        @trie_v6 = Sqreen::Trie.new(nil, nil, Socket::AF_INET6)
+      end
+    end
+
+    module IpRangeIndexedActionClass
+      include IpRangesIndex
+
+      def actions_matching(client_ip)
+         matching_actions client_ip
+      end
+
+      def index(params, action)
+        ranges = parse_ip_ranges params
+
+        ranges.each do |r|
+          add_prefix r, action
+        end
+      end
+
+      private
 
+      # returns array of prefixes in string form
       def parse_ip_ranges(params)
         ranges = params['ip_cidr']
         unless ranges && ranges.is_a?(Array) && !ranges.empty?
           raise 'no non-empty ip_cidr array present'
         end
 
-        @ranges = ranges.map &IPAddr.method(:new)
-      end
-
-      def matches_ip?(client_ip)
-        parsed_ip = IPAddr.new client_ip
-        found = ranges.find { |r| r.include? parsed_ip }
-        return false unless found
-
-        Sqreen.log.debug("Client ip #{client_ip} matches #{found.inspect}")
-        true
+        ranges
       end
     end
 
     # Block a list of IP address ranges. Standard "raise" behavior.
     class BlockIp < Base
-      include IpRanges
+      extend IpRangeIndexedActionClass
+
       self.type_name = 'block_ip'
 
       def initialize(id, opts, params = {})
+        # no need to store the ranges for this action, the index filter the class
         super(id, opts)
-        parse_ip_ranges params
       end
 
       def do_run(client_ip)
-        return nil unless matches_ip? client_ip
         e = Sqreen::AttackBlocked.new("Blocked client's IP #{client_ip} " \
-          "(action: #{id} covering range(s) #{ranges}). No action is required")
-        { :status => :raise, :exception => e }
+          "(action: #{id}). No action is required")
+        { :status => :raise, :exception => e, :skip_rem_cbs => true }
       end
 
       def event_properties(client_ip)
@@ -190,7 +237,8 @@ module Sqreen
     # Block a list of IP address ranges by forcefully redirecting the user
     # to a specific URL.
     class RedirectIp < Base
-      include IpRanges
+      extend IpRangeIndexedActionClass
+
       self.type_name = 'redirect_ip'
 
       attr_reader :redirect_url
@@ -199,16 +247,15 @@ module Sqreen
         super(id, opts)
         @redirect_url = params['url']
         raise "no url provided for action #{id}" unless @redirect_url
-        parse_ip_ranges params
       end
 
       def do_run(client_ip)
-        return nil unless matches_ip? client_ip
         Sqreen.log.info "Will request redirect for client with IP #{client_ip} " \
-          "(action: #{id} covering range(s) #{ranges})."
+          "(action: #{id})."
         {
           :status => :skip,
           :new_return_value => [303, { 'Location' => @redirect_url }, ['']],
+          :skip_rem_cbs => true,
         }
       end
 
@@ -222,15 +269,45 @@ module Sqreen
     class BlockUser < Base
       self.type_name = 'block_user'
 
+      class << self
+        def actions_matching(identity_params)
+          key = stringify_keys(identity_params)
+          actions = @idx[key]
+          actions || []
+        end
+
+        def index(params, action)
+          @idx ||= {}
+          users = params['users']
+          raise ::Sqreen::Exception, 'nil "users" param for block_user action' if users.nil?
+          raise ::Sqreen::Exception, '"users" param must be an array' unless users.is_a? Array
+
+          users.each do |u|
+            @idx[u] ||= []
+            @idx[u] << action
+          end
+        end
+
+        def clear
+          @idx = {}
+        end
+
+        private
+
+        def stringify_keys(hash)
+          Hash[
+            hash.map { |k, v| [k.to_s, v] }
+          ]
+        end
+      end
+
+      # BlockUser proper definition continues
+
       def initialize(id, opts, params = {})
         super(id, opts)
-        @users = params['users']
-        raise ::Sqreen::Exception, 'nil "users" param for block_user action' if @users.nil?
-        raise ::Sqreen::Exception, '"users" param must be an array' unless @users.is_a? Array
       end
 
       def do_run(identity_params)
-        return unless @users.include? stringify_keys(identity_params)
         Sqreen.log.info(
           "Will raise due to user being blocked by action #{id}. " \
           "Blocked user identity: #{identity_params}"
@@ -250,14 +327,6 @@ module Sqreen
       def event_properties(identity_params)
         { 'user' => identity_params }
       end
-
-      private
-
-      def stringify_keys(hash)
-        Hash[
-          hash.map { |k, v| [k.to_s, v] }
-        ]
-      end
     end
   end
 end

data/lib/sqreen/callback_tree.rb

@@ -25,15 +25,15 @@ module Sqreen
 
       if cb.pre?
         methods[0] ||= []
-        methods[0] << cb
+        add_to_array(methods[0], cb)
       end
       if cb.post?
         methods[1] ||= []
-        methods[1] << cb
+        add_to_array(methods[1], cb)
       end
       if cb.failing?
         methods[2] ||= []
-        methods[2] << cb
+        add_to_array(methods[2], cb)
       end
     end
 
@@ -88,5 +88,18 @@ module Sqreen
         end
       end
     end
+
+    private
+
+    def add_to_array(arr, cb)
+      # find last element with prio equal or smaller; insert after
+      pos = arr.size
+      arr.reverse_each do |arr_cb|
+        break if arr_cb.priority <= cb.priority
+        pos -= 1
+      end
+
+      arr.insert(pos, cb)
+    end
   end
 end

data/lib/sqreen/callbacks.rb

@@ -36,6 +36,8 @@ module Sqreen
     #
     #  CB can also declare that they are whitelisted and should not be run at the moment.
 
+    DEFAULT_PRIORITY = 100
+
     attr_reader :klass, :method
     attr_reader :overtimeable
 
@@ -55,6 +57,11 @@ module Sqreen
       false
     end
 
+    # the lower, the closer to the beginning of the list
+    def priority
+      DEFAULT_PRIORITY
+    end
+
     def pre?
       @has_pre
     end

data/lib/sqreen/instrumentation.rb

@@ -95,6 +95,7 @@ module Sqreen
               res[:rule_name] = rule
             end
             returns << res
+            break if res.is_a?(Hash) && res[:skip_rem_cbs]
           rescue StandardError => e
             Sqreen.log.warn { "we catch an exception: #{e.inspect}" }
             Sqreen.log.debug e.backtrace
@@ -710,6 +711,7 @@ module Sqreen
         add_callback(rcb)
       end
 
+      # add hardcoded callbacks, observing priority
       hardcoded_callbacks(framework).each { |cb| add_callback(cb) }
 
       Sqreen.instrumentation_ready = true

data/lib/sqreen/js/mini_racer_adapter.rb

@@ -85,9 +85,9 @@ module Sqreen
           ctx.add_code(@code_id, @code) unless ctx.has_code?(@code_id)
 
           begin
-            json_args = "[#{arguments.map(&method(:fixup_bad_encoding)).map(&:to_json).join(',')}]"
+            json_args = convert_arguments(arguments)
             ctx.eval_unsafe(
-                 "sqreen_data['#{@code_id}']['#{cb_name}'].apply(this, #{json_args})", nil, budget)
+              "sqreen_data['#{@code_id}']['#{cb_name}'].apply(this, #{json_args})", nil, budget)
           rescue @module::ScriptTerminatedError
             nil
           end
@@ -100,9 +100,31 @@ module Sqreen
 
       private
 
-      def fixup_bad_encoding(arg)
-        # NOTE: we don't fix encoding problems in deeper structures
+      def convert_arguments(args)
+        JSON.generate(args)
+      rescue JSON::GeneratorError, Encoding::UndefinedConversionError
+        fixed_args = fixup_bad_encoding(args)
+        JSON.generate(fixed_args)
+      end
+
+      def fixup_bad_encoding(arg, max_depth = 100)
+        return nil if max_depth <= 0
+
+        if arg.is_a?(Array)
+          return arg.map { |it| fixup_bad_encoding(it, max_depth - 1) }
+        end
+
+        if arg.is_a?(Hash)
+          return Hash[
+            arg.map do |k, v|
+              [fixup_bad_encoding(k, max_depth - 1),
+               fixup_bad_encoding(v, max_depth - 1)]
+            end
+          ]
+        end
+
         return arg unless arg.is_a?(String)
+
         unless arg.valid_encoding?
           return arg.dup.force_encoding(Encoding::ISO_8859_1)
         end

data/lib/sqreen/rule_attributes.rb

@@ -19,6 +19,7 @@ module Sqreen
       METRICS = 'metrics'.freeze
       CONDITIONS = 'conditions'.freeze
       CALL_COUNT_INTERVAL = 'call_count_interval'.freeze
+      PRIORITY = 'priority'.freeze
 
       freeze
     end

data/lib/sqreen/rule_callback.rb

@@ -47,6 +47,10 @@ module Sqreen
         @rule[Attrs::RULESPACK_ID]
       end
 
+      def priority
+        @rule[Attrs::PRIORITY] || super
+      end
+
       # Recommend taking an action (optionnally adding more data/context)
       #
       # This will format the requested action and optionnally

data/lib/sqreen/rules_callbacks/blacklist_ips.rb

@@ -23,7 +23,7 @@ module Sqreen
         return unless found
         Sqreen.log.debug { "Found blacklisted IP #{ip} - found: #{found}" }
         record_observation('blacklisted', found, 1)
-        advise_action(:raise)
+        advise_action(:raise, :skip_rem_cbs => true)
       end
 
       protected

data/lib/sqreen/rules_callbacks/run_block_user_actions.rb

@@ -14,7 +14,7 @@ module Sqreen
       end
 
       def post(_retval, _inst, args, _budget = nil)
-        actions = actions_repo[Sqreen::Actions::BlockUser]
+        actions = actions_repo.get('block_user', args[@auth_keys_idx])
 
         actions.each do |action|
           res = action.run args[@auth_keys_idx]

data/lib/sqreen/rules_callbacks/run_req_start_actions.rb

@@ -9,6 +9,8 @@ module Sqreen
   module Rules
     # Runs actions concerned with whether the request ought to be served
     class RunReqStartActions < FrameworkCB
+      PRIORITY = 95
+
       def initialize(framework)
         if defined?(Sqreen::Frameworks::SinatraFramework) &&
            framework.is_a?(Sqreen::Frameworks::SinatraFramework)
@@ -30,13 +32,17 @@ module Sqreen
         framework && !framework.whitelisted_match.nil?
       end
 
+      def priority
+        PRIORITY
+      end
+
       def pre(_inst, _args, _budget = nil, &_block)
         return unless framework
         ip = framework.client_ip
         return unless ip
 
-        actions = actions_repo[Sqreen::Actions::BlockIp] +
-                  actions_repo[Sqreen::Actions::RedirectIp]
+        actions = actions_repo.get(Sqreen::Actions::BlockIp, ip) +
+                  actions_repo.get(Sqreen::Actions::RedirectIp, ip)
 
         actions.each do |act|
           res = run_client_ip_action(act, ip)

data/lib/sqreen/runner.rb

@@ -445,9 +445,14 @@ module Sqreen
     def load_actions(hashes)
       unsupported = Set.new
 
+      repos = Sqreen::Actions::Repository.instance
+      repos.clear
+
       actions = hashes.map do |h|
         begin
-          Sqreen::Actions.deserialize_action(h)
+          act = Sqreen::Actions.deserialize_action(h)
+          repos.add h['parameters'], act
+          act
         rescue Sqreen::Actions::UnknownActionType => e
           Sqreen.log.warn("Unsupported action type: #{e.action_type}")
           unsupported << e.action_type
@@ -458,11 +463,7 @@ module Sqreen
       end
 
       actions = actions.reject(&:nil?)
-      Sqreen.log.debug("Will add #{actions.size} valid actions")
-
-      repos = Sqreen::Actions::Repository.instance
-      repos.clear
-      actions.each { |action| repos << action }
+      Sqreen.log.debug("Added #{actions.size} valid actions")
 
       unsupported
     end

data/lib/sqreen/trie.rb

@@ -0,0 +1,274 @@
+require 'ipaddr'
+
+module Sqreen
+  Trie = Struct.new(:head, :num_active_nodes, :family) do
+    attr_reader :max_num_bits
+
+    def initialize(*args)
+      super
+      self.family ||= Socket::AF_INET
+      self.num_active_nodes = 0
+      @max_num_bits = family == Socket::AF_INET ? 32 : 128
+    end
+
+    def insert(arg_prefix)
+      raise 'family mismatch' if arg_prefix.family != family
+
+      if head.nil?
+        node = Node.new(
+            arg_prefix.bitlen, # bit
+            arg_prefix,
+            nil, nil, nil, #l , r, parent
+        )
+        self.head = node
+        self.num_active_nodes += 1
+        return node
+      end
+
+      arg_addr = arg_prefix.address
+      arg_bitlen = arg_prefix.bitlen
+      xcur = self.head
+
+      # descend until we find the end of the tree or go past the
+      # bitlen of the prefix we're adding
+      while xcur.bit < arg_bitlen || xcur.empty?
+        if bit_set?(arg_addr, xcur.bit)
+          break if xcur.r.nil?
+          xcur = xcur.r
+        else
+          break if xcur.l.nil?
+          xcur = xcur.l
+        end
+      end
+
+      trie_addr = xcur.prefix.address
+
+      # find first bit that differs between addr and trie_addr
+      cmp_bit_end = [arg_bitlen, xcur.bit].min # after last to be compared
+
+      differ_bit = (0...cmp_bit_end).find do |i|
+        bit_set?(arg_addr, i) ^ bit_set?(trie_addr, i)
+      end
+      differ_bit = cmp_bit_end if differ_bit.nil?
+
+      # go up till we find the parent before the bits differ
+      xparent = xcur.parent
+      while !xparent.nil? && xparent.bit >= differ_bit
+        xcur = xparent
+        xparent = xcur.parent
+      end
+
+      # case 1: replace current node's prefix
+      if differ_bit == arg_bitlen && xcur.bit == arg_bitlen
+        xcur.prefix = arg_prefix
+        return xcur
+      end
+
+      xnew = Node.new(arg_prefix.bitlen, arg_prefix, nil, nil, nil)
+      self.num_active_nodes += 1
+
+      # case 2: append below found node
+      if xcur.bit == differ_bit
+        xnew.parent = xcur
+        if bit_set?(arg_addr, xcur.bit)
+          xcur.r = xnew
+        else
+          xcur.l = xnew
+        end
+
+        return xnew
+      end
+
+      # case 3: take place of found node
+      if arg_bitlen == differ_bit
+        if bit_set?(trie_addr, arg_bitlen)
+          xnew.r = xcur
+        else
+          xnew.l = xcur
+        end
+
+        xnew.parent = xcur.parent
+
+        if xcur.parent.nil?
+          self.head = xnew
+        elsif xcur.parent.r.equal?(xcur)
+          xcur.parent.r = xnew
+        else
+          xcur.parent.l = xnew
+        end
+
+        xcur.parent = xnew
+
+        return xnew
+      end
+
+      # case 4: need to add intermediate node to be parent of the
+      #         both xnew and xcur
+
+      # last arg is the parent of the new node
+      xglue = Node.new(differ_bit, nil, nil, nil, xcur.parent)
+      self.num_active_nodes += 1
+
+      if bit_set?(arg_addr, differ_bit)
+        xglue.r = xnew
+        xglue.l = xcur
+      else
+        xglue.r = xcur
+        xglue.l = xnew
+      end
+
+      xnew.parent = xglue
+
+      if xcur.parent.nil?
+        self.head = xglue
+      elsif xcur.equal?(xcur.parent.r)
+        xcur.parent.r = xglue
+      else
+        xcur.parent.l = xglue
+      end
+
+      xcur.parent = xglue
+
+      xnew
+    end
+
+    # generate pdf with `dot -Tpdf <input> > foo.pdf`
+    def to_dot(header = true)
+      res = ''
+      res = "graph trie {\n" if header
+
+      next_name = 'a'
+      obj_label_map = Hash.new do |h, k|
+        h[k] = next_name
+        next_name = next_name.next
+        h[k]
+      end
+
+      head.walk(max_num_bits, true) do |node|
+        node_name = obj_label_map[node.object_id]
+
+        if node.empty?
+          label = "<glue at bit #{node.bit}>"
+        else
+          ip_addr = IPAddr.new(node.prefix.address, node.prefix.family)
+          label = ip_addr.to_s + '/' + node.prefix.bitlen.to_s
+        end
+        res += "#{node_name} [label=\"#{label}\"]\n"
+        res += "#{node_name} -- #{obj_label_map[node.l.object_id]} [label=\"l\"]\n" if node.l
+        res += "#{node_name} -- #{obj_label_map[node.r.object_id]} [label=\"r\"]\n" if node.r
+      end
+      res += "}\n" if header
+      res
+    end
+
+    def search_best(addr, family)
+      nodes = search_common(addr, family)
+      for i in (nodes.size - 1).downto(0)
+        xcur = nodes[i]
+        return node_to_ip_addr(xcur) if xcur.prefix.matches?(addr, family)
+      end
+
+      nil
+    end
+
+    def search_matching(addr, family)
+      nodes = search_common(addr, family)
+      nodes.select { |xcur| xcur.prefix.matches?(addr, family) }
+           .map { |xcur| node_to_ip_addr(xcur) }
+           .reverse
+    end
+
+    private
+
+    def node_to_ip_addr(node)
+      ret = IPAddr.new(node.prefix.address, node.prefix.family)
+      ret.singleton_class.send(:define_method, :data) { node.prefix.data }
+      ret
+    end
+
+    def bit_set?(addr, i)
+      addr[max_num_bits - i - 1] == 1
+    end
+
+    def search_common(addr, family)
+      raise 'family mismatch' unless family == self.family
+
+      xstack = []
+
+      xcur = head
+      while !xcur.nil?
+        unless xcur.empty?
+          xstack << xcur
+        end
+
+        xcur = bit_set?(addr, xcur.bit) ? xcur.r : xcur.l
+      end
+
+      xstack
+    end
+  end
+
+  Prefix = Struct.new(:family, :bitlen, :address, :data) do # addr is integer
+    def initialize(*args)
+      super
+      raise ArgumentError, 'no family given' unless family
+      raise ArgumentError, 'no bitlen given' unless bitlen
+      raise ArgumentError, 'no address given' unless address
+    end
+
+    def matches?(addr, family)
+      raise 'family mismatch' unless family == self.family
+      shift_amount = (family == Socket::AF_INET ? 32 : 128) - self.bitlen
+      (addr ^ self.address) >> shift_amount == 0
+    end
+  end
+
+  def Prefix.from_str(str, data = nil)
+    ip_addr = IPAddr.new(str)
+    if str =~ /\/(\d+)$/
+      bitlen = $~[1].to_i
+    else
+      bitlen = ip_addr.family == Socket::AF_INET6 ? 128 : 32
+    end
+    Prefix.new(ip_addr.family, bitlen, ip_addr.to_i, data)
+  end
+
+  # bit starts at 0 (most significant)
+  Node = Struct.new(:bit, :prefix, :l, :r, :parent) do
+    def initialize(*args)
+      super
+      raise ArgumentError, 'no bit given' if bit.nil?
+    end
+
+    def empty?
+      prefix.nil?
+    end
+
+    # cover the whole tree
+    def walk(max_bits, empty_nodes = false)
+      xstack = Array.new(max_bits + 1)
+      sidx = 0 # stack index
+      xhead = self
+      xcur = xhead
+      while !xcur.nil?
+        yield xcur unless xcur.empty? && !empty_nodes
+
+        if xcur.l
+          if xcur.r
+            xstack[sidx] = xcur.r
+            sidx += 1
+          end
+          xcur = xcur.l
+        elsif xcur.r
+          xcur = xcur.r
+        elsif sidx.nonzero?
+          sidx -= 1
+          xcur = xstack[sidx]
+        else
+          xcur = nil
+        end
+      end
+    end
+  end
+
+end

data/lib/sqreen/version.rb

@@ -1,5 +1,5 @@
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.io/terms.html
 module Sqreen
-  VERSION = '1.15.0'.freeze
+  VERSION = '1.15.1'.freeze
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sqreen
 version: !ruby/object:Gem::Version
-  version: 1.15.0
+  version: 1.15.1
 platform: ruby
 authors:
 - Sqreen
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-24 00:00:00.000000000 Z
+date: 2018-10-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sq_mini_racer
@@ -117,6 +117,7 @@ files:
 - lib/sqreen/session.rb
 - lib/sqreen/shared_storage.rb
 - lib/sqreen/shared_storage23.rb
+- lib/sqreen/trie.rb
 - lib/sqreen/version.rb
 homepage: https://www.sqreen.io/
 licenses: []