Ruby agent release notes

Release date: September 17, 2020

Language versions currently supported: 2.5 - 2.7

New and improved:

  • Added support for Unicorn 4 and 5.

  • Improved Object tracking to account for frozen Objects.

  • Improved gemspec filtering to prevent precompiled files from being packaged in the gem.

  • Added warning if common config YAML contains invalid syntax when parsing.

  • Agent now logs full configuration state including ENV and YAML values.

Release date: August 24, 2020

Language versions currently supported: 2.5 - 2.7

New and improved:

  • Added logging for request start.

  • Added logging for request end.

  • Updated Unsafe File Upload detection to correctly handle auto-generaged Rack::Multipart tempfile.

  • Added support for Rails engine routes for route coverage.

  • Removed the Kernel#require tracker.

  • Refactored dataflow tracing to function along side of, rather than directly on, String instances, reducing pollution of existing name and method spaces.

  • Updated RuboCop compliance.

Release date: July 29, 2020

Language versions currently supported: 2.5 - 2.7

Bug fixes:

  • False positive in our usage of rack.session cookie in Sinatra applications (RUBY-959)

Release date: July 24, 2020

Language versions currently supported: 2.5 - 2.7

New and improved:

  • Updated Speedracer version to 2.9.5/20200723-1734.d8d4139 (RUBY-957)

Language versions currently supported: 2.5-2.7

Agent versions released during the past month: 3.12.1, 3.12.2, 3.13.0

New and improved:

  • Replaced google-protobuf with protobuf.

  • Improved logging to include Thread Id as well as Process Id.

  • Removed custom Contrast::InternalException in favor of common exception types to improve error handling.

Important notes:

  • The change of dependency from google-protobuf to protobuf, removes the need to execute the bundle config force_ruby_platform true command before installation.

  • In 2020, the cucumber project forked protobuf for their own use in a way that is incompatible with the main branch. As such, you cannot run any project using cucumber-messages above version 8.0.0 as it depends on the incompatible protobuf-cucumber.

Bug fixes:

  • Improved handling of logging to unwritable destinations.

  • Improved handling of propagation to children of the String class.

  • Improved handling of propagation through Regular Expression where the result of a match is nil.

Language versions currently supported: 2.5-2.7

Agent versions released during the past month: 3.12.0

New and improved:

  • Caching of settings to improve performance and reduce memory impact

Important notes:

  • Deprecation of CSRF Assess and Protect rules

Language versions currently supported: 2.5 - 2.7

Agent versions released during the past month: 3.10.1, 3.10.2, 3.11.0

New and improved:

  • Improved Stack Trace capturing

  • Improved library analysis performance leading to a decrease in first request penalty

Important notes:

  • The Agent now supports TRACE level logging. Those running with DEBUG logging should see a significant decrease in logged events

Language versions currently supported: 2.4 - 2.7

Agent versions released during the past month: 3.8.1, 3.8.2, 3.8.3, 3.8.4, 3.8.5, 3.9.0

New and improved:

  • Enhanced module definition detection using TracePoint

Important notes:

  • This will be the last on-premises release bundled with a gem that supports Ruby 2.4.

  • It is recommended to use RubyGems at this point.