sqreen 1.21.1-java → 1.22.0-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/CHANGELOG.md +7 -0
- data/lib/sqreen/frameworks/generic.rb +12 -0
- data/lib/sqreen/version.rb +1 -1
- data/lib/sqreen/weave/legacy/instrumentation.rb +63 -11
- metadata +7 -8
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: bcd3c75be7987ecc85661f689c667541848198edeab5261e255bc02d2423c4b4
|
|
4
|
+
data.tar.gz: '05923eb03e291f3e81701829b74ce77f3eea258c6b6dedf9c6c702a8112bdcab'
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 67047add0d2b639f78d4af087a628fd4d922f7e3b3dacac29654787a40e5122bdcc0269535187f80cb10afb122c098db8eed288faa24f2a615e743f1b0174bb4
|
|
7
|
+
data.tar.gz: '088347e94c0e70376871a1fa8fc3c01b0e7324f750418b361055b3db3c78fd2ab2a11100ff9bcc4a404c8f19216cb13e9ef41bbd26ad41d6221bc87391870105'
|
data/CHANGELOG.md
CHANGED
|
@@ -400,6 +400,18 @@ module Sqreen
|
|
|
400
400
|
r
|
|
401
401
|
end
|
|
402
402
|
|
|
403
|
+
def body
|
|
404
|
+
return nil unless request.respond_to?(:body)
|
|
405
|
+
return nil unless request.body.respond_to?(:read)
|
|
406
|
+
return nil unless request.body.respond_to?(:rewind)
|
|
407
|
+
|
|
408
|
+
body_io = request.body
|
|
409
|
+
body = body_io.read(4096)
|
|
410
|
+
body_io.rewind
|
|
411
|
+
|
|
412
|
+
body
|
|
413
|
+
end
|
|
414
|
+
|
|
403
415
|
# Expose current working directory
|
|
404
416
|
def cwd
|
|
405
417
|
Dir.getwd
|
data/lib/sqreen/version.rb
CHANGED
|
@@ -96,25 +96,77 @@ class Sqreen::Weave::Legacy::Instrumentation
|
|
|
96
96
|
def instrument!(rules, framework)
|
|
97
97
|
Sqreen::Weave.logger.debug { "#{rules.count} rules, #{framework}" }
|
|
98
98
|
|
|
99
|
+
# TODO: make config able to see if value was user-set or default
|
|
99
100
|
strategy = Sqreen.config_get(:weave_strategy)
|
|
101
|
+
# TODO: factor generic hint system out
|
|
102
|
+
# TODO: factor those hint definitions to dependency
|
|
103
|
+
strategy_hints = []
|
|
100
104
|
if strategy == :prepend && !Module.respond_to?(:prepend)
|
|
101
|
-
Sqreen::Weave.logger.
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
strategy
|
|
105
|
+
Sqreen::Weave.logger.debug { "strategy: #{strategy.inspect} unavailable, falling back to :chain" }
|
|
106
|
+
strategy_hints << [:chain, 'Module.respond_to?(:prepend)', 'false']
|
|
107
|
+
end
|
|
108
|
+
if Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('< 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
|
109
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with scout_apm < 2.5.2, switching to :chain" }
|
|
110
|
+
strategy_hints << [:chain, 'scout_apm', '< 2.5.2']
|
|
111
|
+
end
|
|
112
|
+
if Gem::Specification.select { |s| s.name == 'scout_apm' && Gem::Requirement.new('>= 2.5.2').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
|
113
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with scout_apm >= 2.5.2, switching to :prepend" }
|
|
114
|
+
strategy_hints << [:prepend, 'scout_apm', '>= 2.5.2']
|
|
115
|
+
end
|
|
116
|
+
if Gem::Specification.select { |s| s.name == 'ddtrace' && Gem::Requirement.new('< 0.27').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
|
117
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with ddtrace < 0.27, switching to :chain" }
|
|
118
|
+
strategy_hints << [:chain, 'ddtrace', '< 0.27']
|
|
119
|
+
end
|
|
120
|
+
if Gem::Specification.select { |s| s.name == 'ddtrace' && Gem::Requirement.new('>= 0.27').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
|
121
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with ddtrace >= 0.27, switching to :prepend" }
|
|
122
|
+
strategy_hints << [:prepend, 'ddtrace', '>= 0.27']
|
|
123
|
+
end
|
|
124
|
+
if Gem::Specification.select { |s| s.name == 'skylight' && Gem::Requirement.new('< 5.0.0.beta').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
|
125
|
+
Sqreen::Weave.logger.debug { "strategy: :prepend unavailable with skylight < 5.0.0.beta, switching to :chain" }
|
|
126
|
+
strategy_hints << [:chain, 'skylight', '< 5.0.0.beta']
|
|
127
|
+
end
|
|
128
|
+
if Gem::Specification.select { |s| s.name == 'skylight' && Gem::Requirement.new('>= 5.0.0.beta').satisfied_by?(Gem::Version.new(s.version)) }.any?
|
|
129
|
+
Sqreen::Weave.logger.debug { "strategy: :chain unavailable with skylight >= 5.0.0.beta, switching to :prepend" }
|
|
130
|
+
strategy_hints << [:prepend, 'skylight', '>= 5.0.0.beta']
|
|
131
|
+
end
|
|
132
|
+
if strategy_hints.map(&:first).uniq.count > 1
|
|
133
|
+
raise Sqreen::Exception, "conflicting instrumentation strategies: #{strategy_hints.inspect}"
|
|
134
|
+
end
|
|
135
|
+
if strategy_hints.map(&:first).uniq.count == 1 && strategy != strategy_hints.first.first
|
|
136
|
+
was = strategy
|
|
137
|
+
strategy = strategy_hints.first.first
|
|
138
|
+
Sqreen::Weave.logger.warn { "strategy: #{strategy.inspect} was: #{was.inspect} hints: #{strategy_hints.inspect}" }
|
|
139
|
+
else
|
|
140
|
+
Sqreen::Weave.logger.info { "strategy: #{strategy.inspect}" }
|
|
106
141
|
end
|
|
107
|
-
Sqreen::Weave.logger.debug { "strategy: #{strategy.inspect}" }
|
|
108
142
|
|
|
109
143
|
### set up rule signature verifier
|
|
110
144
|
verifier = nil
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
145
|
+
# TODO: check for JRuby via dependency
|
|
146
|
+
# TODO: reinstate signatures for JRuby
|
|
147
|
+
if Sqreen.config_get(:rules_verify_signature) == true && !defined?(::JRUBY_VERSION)
|
|
114
148
|
verifier = Sqreen::SqreenSignedVerifier.new
|
|
115
|
-
Sqreen::Weave.logger.debug('
|
|
149
|
+
Sqreen::Weave.logger.debug('rules: signature status: enabled')
|
|
116
150
|
else
|
|
117
|
-
Sqreen::Weave.logger.debug('
|
|
151
|
+
Sqreen::Weave.logger.debug('rules: signature status: disabled')
|
|
152
|
+
end
|
|
153
|
+
|
|
154
|
+
if verifier
|
|
155
|
+
invalid_rules = rules.reject do |rule|
|
|
156
|
+
valid = verifier.verify(rule)
|
|
157
|
+
|
|
158
|
+
if valid
|
|
159
|
+
Sqreen::Weave.logger.debug { "rule: #{rule['name']} signed: true result: ok" }
|
|
160
|
+
else
|
|
161
|
+
Sqreen::Weave.logger.error { "rule: #{rule['name']} singed: true result: fail" }
|
|
162
|
+
end
|
|
163
|
+
end
|
|
164
|
+
if invalid_rules.any?
|
|
165
|
+
Sqreen::Weave.logger.error { "weave: instrument status: abort reason: signature result: fail" }
|
|
166
|
+
raise Sqreen::Exception, "Signature error: rules: #{invalid_rules.map { |r| r['name'] }.inspect}"
|
|
167
|
+
else
|
|
168
|
+
Sqreen::Weave.logger.info { "weave: instrument rules: signed result: ok" }
|
|
169
|
+
end
|
|
118
170
|
end
|
|
119
171
|
|
|
120
172
|
### force clean instrumentation callback list
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sqreen
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.22.0
|
|
5
5
|
platform: java
|
|
6
6
|
authors:
|
|
7
7
|
- Sqreen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-11-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -17,8 +17,8 @@ dependencies:
|
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
18
|
version: 0.1.0
|
|
19
19
|
name: sqreen-backport
|
|
20
|
-
prerelease: false
|
|
21
20
|
type: :runtime
|
|
21
|
+
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
@@ -31,8 +31,8 @@ dependencies:
|
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 0.2.2
|
|
33
33
|
name: sqreen-kit
|
|
34
|
-
prerelease: false
|
|
35
34
|
type: :runtime
|
|
35
|
+
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
@@ -45,8 +45,8 @@ dependencies:
|
|
|
45
45
|
- !ruby/object:Gem::Version
|
|
46
46
|
version: '0'
|
|
47
47
|
name: therubyrhino
|
|
48
|
-
prerelease: false
|
|
49
48
|
type: :runtime
|
|
49
|
+
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - ">="
|
|
@@ -59,8 +59,8 @@ dependencies:
|
|
|
59
59
|
- !ruby/object:Gem::Version
|
|
60
60
|
version: 0.3.0
|
|
61
61
|
name: execjs
|
|
62
|
-
prerelease: false
|
|
63
62
|
type: :runtime
|
|
63
|
+
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - ">="
|
|
@@ -342,8 +342,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
342
342
|
- !ruby/object:Gem::Version
|
|
343
343
|
version: '0'
|
|
344
344
|
requirements: []
|
|
345
|
-
|
|
346
|
-
rubygems_version: 2.6.14.1
|
|
345
|
+
rubygems_version: 3.0.6
|
|
347
346
|
signing_key:
|
|
348
347
|
specification_version: 4
|
|
349
348
|
summary: Sqreen Ruby agent
|