From 358046af6763de8adc31d97f3852b0e446d9873e Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Wed, 31 Jul 2024 14:35:16 +0530 Subject: [PATCH 01/22] added changes for graphql support --- v3/integrations/nrgraphqlgo/nrgraphqlgo.go | 6 ++++++ v3/newrelic/internal_txn.go | 7 +++++-- v3/newrelic/transaction.go | 4 ++-- 3 files changed, 13 insertions(+), 4 deletions(-) diff --git a/v3/integrations/nrgraphqlgo/nrgraphqlgo.go b/v3/integrations/nrgraphqlgo/nrgraphqlgo.go index 06a5dfbdd..005453f6a 100644 --- a/v3/integrations/nrgraphqlgo/nrgraphqlgo.go +++ b/v3/integrations/nrgraphqlgo/nrgraphqlgo.go @@ -82,6 +82,8 @@ func (Extension) ValidationDidStart(ctx context.Context) (context.Context, graph func (Extension) ExecutionDidStart(ctx context.Context) (context.Context, graphql.ExecutionFinishFunc) { txn := newrelic.FromContext(ctx) seg := txn.StartSegment("Execution") + csecData := newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE", "") + txn.SetCsecAttributes("CSEC_DATA", csecData) return ctx, func(res *graphql.Result) { // noticing here also captures those during resolve for _, err := range res.Errors { @@ -94,7 +96,11 @@ func (Extension) ExecutionDidStart(ctx context.Context) (context.Context, graphq // ResolveFieldDidStart is called at the start of the resolving of a field func (Extension) ResolveFieldDidStart(ctx context.Context, i *graphql.ResolveInfo) (context.Context, graphql.ResolveFieldFinishFunc) { seg := newrelic.FromContext(ctx).StartSegment("ResolveField:" + i.FieldName) + txn := newrelic.FromContext(ctx) + a := txn.GetCsecAttributes()["CSEC_DATA"] + newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE_LINKER", a) return ctx, func(interface{}, error) { + newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE_END", "") seg.End() } } diff --git a/v3/newrelic/internal_txn.go b/v3/newrelic/internal_txn.go index 32060485b..fe82adf74 100644 --- a/v3/newrelic/internal_txn.go +++ b/v3/newrelic/internal_txn.go @@ -1387,13 +1387,16 @@ func (txn *txn) setCsecData() { } } -func (txn *txn) getCsecAttributes() any { +func (txn *txn) getCsecAttributes() map[string]any { txn.Lock() defer txn.Unlock() + if txn.csecAttributes == nil { + return map[string]any{} + } return txn.csecAttributes } -func (txn *txn) setCsecAttributes(key, value string) { +func (txn *txn) setCsecAttributes(key string, value any) { txn.Lock() defer txn.Unlock() if txn.csecAttributes == nil { diff --git a/v3/newrelic/transaction.go b/v3/newrelic/transaction.go index 8a17c985b..89ca645b7 100644 --- a/v3/newrelic/transaction.go +++ b/v3/newrelic/transaction.go @@ -545,14 +545,14 @@ func (txn *Transaction) IsSampled() bool { return txn.thread.IsSampled() } -func (txn *Transaction) GetCsecAttributes() any { +func (txn *Transaction) GetCsecAttributes() map[string]any { if txn == nil || txn.thread == nil { return nil } return txn.thread.getCsecAttributes() } -func (txn *Transaction) SetCsecAttributes(key, value string) { +func (txn *Transaction) SetCsecAttributes(key string, value any) { if txn == nil || txn.thread == nil { return } From bdf534c288d20e194c0601475cb357f9852f9ffd Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Tue, 20 Aug 2024 09:48:57 +0530 Subject: [PATCH 02/22] typo fix --- v3/integrations/nrsecurityagent/nrsecurityagent.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 224d1fe7f..bf249940a 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -63,7 +63,7 @@ func InitSecurityAgent(app *newrelic.Application, opts ...ConfigOption) error { appConfig, isValid := app.Config() if !isValid { - return fmt.Errorf("Newrelic application value cannot be read; did you call newrelic.NewApplication?") + return fmt.Errorf("Newrelic application value cannot be read; did you call newrelic.NewApplication?") } app.UpdateSecurityConfig(c.Security) if !appConfig.HighSecurity && isSecurityAgentEnabled() { From 575534cc7e386829ec0f664a2cfe16ff92871629 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Fri, 30 Aug 2024 09:10:45 +0530 Subject: [PATCH 03/22] Added new config parameters default value --- v3/integrations/nrsecurityagent/nrsecurityagent.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 224d1fe7f..bfef4c473 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -31,6 +31,10 @@ func defaultSecurityConfig() SecurityConfig { cfg.Security.Agent.Enabled = true cfg.Security.Detection.Rxss.Enabled = true cfg.Security.Request.BodyLimit = 300 + cfg.Security.SkipIastScan.Parameters.Header = make([]string, 0) + cfg.Security.SkipIastScan.Parameters.Body = make([]string, 0) + cfg.Security.SkipIastScan.Parameters.Query = make([]string, 0) + cfg.Security.SkipIastScan.API = make([]string, 0) return cfg } From 9ca2ab873baaab55f6aa9d0444ddae5cf55b82be Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Wed, 18 Sep 2024 09:53:53 +0530 Subject: [PATCH 04/22] update config tags --- v3/integrations/nrsecurityagent/nrsecurityagent.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index bfef4c473..a107e35d7 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -31,10 +31,10 @@ func defaultSecurityConfig() SecurityConfig { cfg.Security.Agent.Enabled = true cfg.Security.Detection.Rxss.Enabled = true cfg.Security.Request.BodyLimit = 300 - cfg.Security.SkipIastScan.Parameters.Header = make([]string, 0) - cfg.Security.SkipIastScan.Parameters.Body = make([]string, 0) - cfg.Security.SkipIastScan.Parameters.Query = make([]string, 0) - cfg.Security.SkipIastScan.API = make([]string, 0) + cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Header = make([]string, 0) + cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Body = make([]string, 0) + cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Query = make([]string, 0) + cfg.Security.ExcludeFromIastScan.API = make([]string, 0) return cfg } From fa52607585c6b813f0dc1df2d807eb14e8fd559a Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 11:25:22 +0530 Subject: [PATCH 05/22] added trace if in inbound request --- v3/newrelic/transaction.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/v3/newrelic/transaction.go b/v3/newrelic/transaction.go index 8a17c985b..c432f0f32 100644 --- a/v3/newrelic/transaction.go +++ b/v3/newrelic/transaction.go @@ -269,7 +269,7 @@ func (txn *Transaction) SetWebRequest(r WebRequest) { return } if IsSecurityAgentPresent() { - secureAgent.SendEvent("INBOUND", r, txn.GetCsecAttributes()) + secureAgent.SendEvent("INBOUND", r, txn.GetCsecAttributes(), txn.GetLinkingMetadata().TraceID) } txn.thread.logAPIError(txn.thread.SetWebRequest(r), "set web request", nil) } From dd739e5371724ad04feb7a9c004ff5d8339506da Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 11:30:24 +0530 Subject: [PATCH 06/22] update default config value --- v3/integrations/nrsecurityagent/nrsecurityagent.go | 1 + 1 file changed, 1 insertion(+) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 19e812708..f9d110f70 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -35,6 +35,7 @@ func defaultSecurityConfig() SecurityConfig { cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Body = make([]string, 0) cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Query = make([]string, 0) cfg.Security.ExcludeFromIastScan.API = make([]string, 0) + cfg.Security.ScanControllers.IastScanRequestRateLimit = 3600 return cfg } From 75625f20caa562111017d257f9ee849f88858e7f Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 11:52:53 +0530 Subject: [PATCH 07/22] Added new env variables for security agent config --- .../nrsecurityagent/nrsecurityagent.go | 35 ++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index f9d110f70..ac8a05726 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -114,8 +114,24 @@ func ConfigSecurityFromYaml() ConfigOption { // NEW_RELIC_SECURITY_VALIDATOR_SERVICE_URL provides URL for the security validator service // NEW_RELIC_SECURITY_MODE scanning mode: "IAST" for now // NEW_RELIC_SECURITY_AGENT_ENABLED (boolean) -// NEW_RELIC_SECURITY_DETECTION_RXSS_ENABLED (boolean) // NEW_RELIC_SECURITY_REQUEST_BODY_LIMIT (integer) set limit on read request body in kb. By default, this is "300" +// +// NEW_RELIC_SECURITY_SCAN_SCHEDULER_DELAY (integer) The delay field indicated time in minutes before the IAST scan starts after the application starts. By default is 0 min. +// NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION (integer) The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. By default is forever. +// NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE (string) The schedule field specifies a cron expression that defines when the IAST scan should run. +// NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES (boolean) always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. +// NEW_RELIC_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. +// +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF (boolean) +// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS (boolean) func ConfigSecurityFromEnvironment() ConfigOption { return func(cfg *SecurityConfig) { @@ -150,6 +166,23 @@ func ConfigSecurityFromEnvironment() ConfigOption { assignBool(&cfg.Security.Agent.Enabled, "NEW_RELIC_SECURITY_AGENT_ENABLED") assignBool(&cfg.Security.Detection.Rxss.Enabled, "NEW_RELIC_SECURITY_DETECTION_RXSS_ENABLED") assignInt(&cfg.Security.Request.BodyLimit, "NEW_RELIC_SECURITY_REQUEST_BODY_LIMIT") + + assignInt(&cfg.Security.ScanSchedule.Delay, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_DELAY") + assignInt(&cfg.Security.ScanSchedule.Duration, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION") + assignString(&cfg.Security.ScanSchedule.Schedule, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE") + assignBool(&cfg.Security.ScanSchedule.AllowIastSampleCollection, "NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES") + assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_IAST_SCAN_REQUEST_RATE_LIMIT") + + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.SQLInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.NosqlInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.LdapInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.JavascriptInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.CommandInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.XpathInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Ssrf, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Rxss, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS") } } From 300abd18efac18278e165261d6692c253aa1d2c4 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 12:00:46 +0530 Subject: [PATCH 08/22] Added required config functions --- .../nrsecurityagent/nrsecurityagent.go | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index ac8a05726..19a98d550 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -220,3 +220,43 @@ func ConfigSecurityRequestBodyLimit(bodyLimit int) ConfigOption { cfg.Security.Request.BodyLimit = bodyLimit } } + +// ConfigScanScheduleDelay is used to set delay for scan schedule. +// The delay field indicated time in minutes before the IAST scan starts after the application starts +func ConfigScanScheduleDelay(delay int) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.Scan.Schedule.Delay = delay + } +} + +// ConfigScanScheduleDuration is used to set duration for scan schedule. +// The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. +func ConfigScanScheduleDuration(duration int) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.Scan.Schedule.Duration = duration + } +} + +// ConfigScanScheduleSetSchedule is used to set schedule for scan schedule. +// The schedule field specifies a cron expression that defines when the IAST scan should run. +func ConfigScanScheduleSetSchedule(schedule string) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.Scan.Schedule.Schedule = schedule + } +} + +// ConfigScanScheduleAllowIastSampleCollection is used to allow or disallow IAST sample collection +// always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. +func ConfigScanScheduleAllowIastSampleCollection(isAllowed bool) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.Scan.Schedule.AllowIastSampleCollection = isAllowed + } +} + +// ConfigScanControllersIastScanRequestRateLimit is used to set IAST scan request rate limit. +// The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute +func ConfigIastScanRequestRateLimit(limit int) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.Scan.Controllers.IastScanRequestRateLimit = limit + } +} From c397790e605faf5b2d7de8c23a10986d6c51fe9d Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 12:08:03 +0530 Subject: [PATCH 09/22] update env name --- .../nrsecurityagent/nrsecurityagent.go | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 19a98d550..8b0dfe799 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -120,18 +120,18 @@ func ConfigSecurityFromYaml() ConfigOption { // NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION (integer) The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. By default is forever. // NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE (string) The schedule field specifies a cron expression that defines when the IAST scan should run. // NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES (boolean) always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. -// NEW_RELIC_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. +// NEW_RELIC_SECURITY_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. // -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF (boolean) -// NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS (boolean) func ConfigSecurityFromEnvironment() ConfigOption { return func(cfg *SecurityConfig) { @@ -171,18 +171,18 @@ func ConfigSecurityFromEnvironment() ConfigOption { assignInt(&cfg.Security.ScanSchedule.Duration, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION") assignString(&cfg.Security.ScanSchedule.Schedule, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE") assignBool(&cfg.Security.ScanSchedule.AllowIastSampleCollection, "NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES") - assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_IAST_SCAN_REQUEST_RATE_LIMIT") + assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_SECURITY_IAST_SCAN_REQUEST_RATE_LIMIT") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.SQLInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.NosqlInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.LdapInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.JavascriptInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.CommandInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.XpathInjection, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Ssrf, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Rxss, "NEW_RELIC_IAST_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.SQLInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.NosqlInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.LdapInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.JavascriptInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.CommandInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.XpathInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Ssrf, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Rxss, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS") } } From ceff172a0185d9ea9dcad33630acd0ff792a59c7 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 12:29:06 +0530 Subject: [PATCH 10/22] minor typo fix --- v3/integrations/nrsecurityagent/nrsecurityagent.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 8b0dfe799..a2c47e708 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -225,7 +225,7 @@ func ConfigSecurityRequestBodyLimit(bodyLimit int) ConfigOption { // The delay field indicated time in minutes before the IAST scan starts after the application starts func ConfigScanScheduleDelay(delay int) ConfigOption { return func(cfg *SecurityConfig) { - cfg.Security.Scan.Schedule.Delay = delay + cfg.Security.ScanSchedule.Delay = delay } } @@ -233,7 +233,7 @@ func ConfigScanScheduleDelay(delay int) ConfigOption { // The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. func ConfigScanScheduleDuration(duration int) ConfigOption { return func(cfg *SecurityConfig) { - cfg.Security.Scan.Schedule.Duration = duration + cfg.Security.ScanSchedule.Duration = duration } } @@ -241,7 +241,7 @@ func ConfigScanScheduleDuration(duration int) ConfigOption { // The schedule field specifies a cron expression that defines when the IAST scan should run. func ConfigScanScheduleSetSchedule(schedule string) ConfigOption { return func(cfg *SecurityConfig) { - cfg.Security.Scan.Schedule.Schedule = schedule + cfg.Security.ScanSchedule.Schedule = schedule } } @@ -249,7 +249,7 @@ func ConfigScanScheduleSetSchedule(schedule string) ConfigOption { // always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. func ConfigScanScheduleAllowIastSampleCollection(isAllowed bool) ConfigOption { return func(cfg *SecurityConfig) { - cfg.Security.Scan.Schedule.AllowIastSampleCollection = isAllowed + cfg.Security.ScanSchedule.AllowIastSampleCollection = isAllowed } } @@ -257,6 +257,6 @@ func ConfigScanScheduleAllowIastSampleCollection(isAllowed bool) ConfigOption { // The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute func ConfigIastScanRequestRateLimit(limit int) ConfigOption { return func(cfg *SecurityConfig) { - cfg.Security.Scan.Controllers.IastScanRequestRateLimit = limit + cfg.Security.ScanControllers.IastScanRequestRateLimit = limit } } From dabb0403f4487e28b9ad9c17b4160bc05b4da3ec Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 21 Oct 2024 13:03:32 +0530 Subject: [PATCH 11/22] update env var name --- v3/integrations/nrsecurityagent/nrsecurityagent.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index a2c47e708..89d434551 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -120,7 +120,7 @@ func ConfigSecurityFromYaml() ConfigOption { // NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION (integer) The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. By default is forever. // NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE (string) The schedule field specifies a cron expression that defines when the IAST scan should run. // NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES (boolean) always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. -// NEW_RELIC_SECURITY_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. +// NEW_RELIC_SECURITY_SCAN_CONTROLLERS_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. // // NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) // NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) @@ -171,7 +171,7 @@ func ConfigSecurityFromEnvironment() ConfigOption { assignInt(&cfg.Security.ScanSchedule.Duration, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION") assignString(&cfg.Security.ScanSchedule.Schedule, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE") assignBool(&cfg.Security.ScanSchedule.AllowIastSampleCollection, "NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES") - assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_SECURITY_IAST_SCAN_REQUEST_RATE_LIMIT") + assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_SECURITY_SCAN_CONTROLLERS_IAST_SCAN_REQUEST_RATE_LIMIT") assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS") assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS") From 535a77e792dce2f25d00c97e2393666539d42ddb Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 28 Oct 2024 11:01:27 +0530 Subject: [PATCH 12/22] Added new env variables --- .../nrsecurityagent/nrsecurityagent.go | 71 +++++++++++-------- 1 file changed, 43 insertions(+), 28 deletions(-) diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 89d434551..79269f9be 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -8,6 +8,7 @@ import ( "io/ioutil" "os" "strconv" + "strings" securityAgent "github.com/newrelic/csec-go-agent" "github.com/newrelic/go-agent/v3/internal" @@ -116,22 +117,22 @@ func ConfigSecurityFromYaml() ConfigOption { // NEW_RELIC_SECURITY_AGENT_ENABLED (boolean) // NEW_RELIC_SECURITY_REQUEST_BODY_LIMIT (integer) set limit on read request body in kb. By default, this is "300" // -// NEW_RELIC_SECURITY_SCAN_SCHEDULER_DELAY (integer) The delay field indicated time in minutes before the IAST scan starts after the application starts. By default is 0 min. -// NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION (integer) The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. By default is forever. -// NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE (string) The schedule field specifies a cron expression that defines when the IAST scan should run. -// NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES (boolean) always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. +// NEW_RELIC_SECURITY_SCAN_SCHEDULE_DELAY (integer) The delay field indicated time in minutes before the IAST scan starts after the application starts. By default is 0 min. +// NEW_RELIC_SECURITY_SCAN_SCHEDULE_DURATION (integer) The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. By default is forever. +// NEW_RELIC_SECURITY_SCAN_SCHEDULE_SCHEDULE (string) The schedule field specifies a cron expression that defines when the IAST scan should run. +// NEW_RELIC_SECURITY_SCAN_SCHEDULE_ALWAYS_SAMPLE_TRACES (boolean) always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. // NEW_RELIC_SECURITY_SCAN_CONTROLLERS_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. // -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF (boolean) -// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_SQL_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_NOSQL_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_LDAP_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_JAVASCRIPT_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_COMMAND_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_XPATH_INJECTION (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_SSRF (boolean) +// NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_RXSS (boolean) func ConfigSecurityFromEnvironment() ConfigOption { return func(cfg *SecurityConfig) { @@ -167,22 +168,36 @@ func ConfigSecurityFromEnvironment() ConfigOption { assignBool(&cfg.Security.Detection.Rxss.Enabled, "NEW_RELIC_SECURITY_DETECTION_RXSS_ENABLED") assignInt(&cfg.Security.Request.BodyLimit, "NEW_RELIC_SECURITY_REQUEST_BODY_LIMIT") - assignInt(&cfg.Security.ScanSchedule.Delay, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_DELAY") - assignInt(&cfg.Security.ScanSchedule.Duration, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_DURATION") - assignString(&cfg.Security.ScanSchedule.Schedule, "NEW_RELIC_SECURITY_SCAN_SCHEDULER_SCHEDULE") - assignBool(&cfg.Security.ScanSchedule.AllowIastSampleCollection, "NEW_RELIC_SECURITY_ALWAYS_SAMPLE_TRACES") + assignInt(&cfg.Security.ScanSchedule.Delay, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_DELAY") + assignInt(&cfg.Security.ScanSchedule.Duration, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_DURATION") + assignString(&cfg.Security.ScanSchedule.Schedule, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_SCHEDULE") + assignBool(&cfg.Security.ScanSchedule.AllowIastSampleCollection, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_ALWAYS_SAMPLE_TRACES") assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_SECURITY_SCAN_CONTROLLERS_IAST_SCAN_REQUEST_RATE_LIMIT") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INSECURE_SETTINGS") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_INVALID_FILE_ACCESS") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.SQLInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SQL_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.NosqlInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_NOSQL_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.LdapInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_LDAP_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.JavascriptInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_JAVASCRIPT_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.CommandInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_COMMAND_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.XpathInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_XPATH_INJECTION") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Ssrf, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_SSRF") - assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Rxss, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_DETECTION_CATEGORY_RXSS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INSECURE_SETTINGS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INVALID_FILE_ACCESS") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.SQLInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_SQL_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.NosqlInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_NOSQL_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.LdapInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_LDAP_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.JavascriptInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_JAVASCRIPT_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.CommandInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_COMMAND_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.XpathInjection, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_XPATH_INJECTION") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Ssrf, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_SSRF") + assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.Rxss, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_RXSS") + + if env := os.Getenv("NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_API"); env != "" { + cfg.Security.ExcludeFromIastScan.API = strings.Split(env, ",") + } + if env := os.Getenv("NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_HTTP_REQUEST_PARAMETERS_HEADER"); env != "" { + cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Header = strings.Split(env, ",") + } + if env := os.Getenv("NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_HTTP_REQUEST_PARAMETERS_QUERY"); env != "" { + cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Query = strings.Split(env, ",") + } + if env := os.Getenv("NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_HTTP_REQUEST_PARAMETERS_BODY"); env != "" { + cfg.Security.ExcludeFromIastScan.HttpRequestParameters.Body = strings.Split(env, ",") + } + } } From c6a6f345d70ad10a3799ffe074630603a3a57b1d Mon Sep 17 00:00:00 2001 From: Steve Willoughby Date: Tue, 29 Oct 2024 17:14:07 -0700 Subject: [PATCH 13/22] fix missing license files --- .../logcontext-v2/nrslog/LICENSE.txt | 206 ++++++++++++++++++ v3/integrations/nramqp/LICENSE.txt | 206 ++++++++++++++++++ v3/integrations/nrfasthttp/LICENSE.txt | 206 ++++++++++++++++++ v3/integrations/nrmssql/LICENSE.txt | 206 ++++++++++++++++++ 4 files changed, 824 insertions(+) create mode 100644 v3/integrations/logcontext-v2/nrslog/LICENSE.txt create mode 100644 v3/integrations/nramqp/LICENSE.txt create mode 100644 v3/integrations/nrfasthttp/LICENSE.txt create mode 100644 v3/integrations/nrmssql/LICENSE.txt diff --git a/v3/integrations/logcontext-v2/nrslog/LICENSE.txt b/v3/integrations/logcontext-v2/nrslog/LICENSE.txt new file mode 100644 index 000000000..cee548c2d --- /dev/null +++ b/v3/integrations/logcontext-v2/nrslog/LICENSE.txt @@ -0,0 +1,206 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + +Versions 3.8.0 and above for this project are licensed under Apache 2.0. For +prior versions of this project, please see the LICENCE.txt file in the root +directory of that version for more information. diff --git a/v3/integrations/nramqp/LICENSE.txt b/v3/integrations/nramqp/LICENSE.txt new file mode 100644 index 000000000..cee548c2d --- /dev/null +++ b/v3/integrations/nramqp/LICENSE.txt @@ -0,0 +1,206 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + +Versions 3.8.0 and above for this project are licensed under Apache 2.0. For +prior versions of this project, please see the LICENCE.txt file in the root +directory of that version for more information. diff --git a/v3/integrations/nrfasthttp/LICENSE.txt b/v3/integrations/nrfasthttp/LICENSE.txt new file mode 100644 index 000000000..cee548c2d --- /dev/null +++ b/v3/integrations/nrfasthttp/LICENSE.txt @@ -0,0 +1,206 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + +Versions 3.8.0 and above for this project are licensed under Apache 2.0. For +prior versions of this project, please see the LICENCE.txt file in the root +directory of that version for more information. diff --git a/v3/integrations/nrmssql/LICENSE.txt b/v3/integrations/nrmssql/LICENSE.txt new file mode 100644 index 000000000..cee548c2d --- /dev/null +++ b/v3/integrations/nrmssql/LICENSE.txt @@ -0,0 +1,206 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + +Versions 3.8.0 and above for this project are licensed under Apache 2.0. For +prior versions of this project, please see the LICENCE.txt file in the root +directory of that version for more information. From 45f11f2df66e70f6f9d44982c9472ff53c862ad5 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Wed, 30 Oct 2024 09:27:11 +0530 Subject: [PATCH 14/22] update security agent version --- v3/integrations/nrsecurityagent/go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/v3/integrations/nrsecurityagent/go.mod b/v3/integrations/nrsecurityagent/go.mod index b85d8cea1..9d7e8b9f9 100644 --- a/v3/integrations/nrsecurityagent/go.mod +++ b/v3/integrations/nrsecurityagent/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrsecurityagent go 1.21 require ( - github.com/newrelic/csec-go-agent v1.4.0 + github.com/newrelic/csec-go-agent v1.5.0 github.com/newrelic/go-agent/v3 v3.35.0 github.com/newrelic/go-agent/v3/integrations/nrsqlite3 v1.2.0 gopkg.in/yaml.v2 v2.4.0 From f0da02c8f7df50399f8f03998ee234817fdd7684 Mon Sep 17 00:00:00 2001 From: Steve Willoughby Date: Thu, 7 Nov 2024 13:14:13 -0800 Subject: [PATCH 15/22] removed special handling of panic(nil) --- v3/newrelic/internal_test.go | 2 ++ v3/newrelic/internal_txn.go | 21 +++++------------- v3/newrelic/internal_txn_test.go | 37 ++++++++++++++++++++++++++++++++ 3 files changed, 44 insertions(+), 16 deletions(-) diff --git a/v3/newrelic/internal_test.go b/v3/newrelic/internal_test.go index a1deb7878..acbc953de 100644 --- a/v3/newrelic/internal_test.go +++ b/v3/newrelic/internal_test.go @@ -753,6 +753,7 @@ func TestPanicInt(t *testing.T) { app.ExpectMetrics(t, backgroundErrorMetrics) } +/* superseded now by TestPanicNilRecovery. func TestPanicNil(t *testing.T) { app := testApp(nil, func(cfg *Config) { enableRecordPanics(cfg) @@ -769,6 +770,7 @@ func TestPanicNil(t *testing.T) { app.ExpectErrorEvents(t, []internal.WantEvent{}) app.ExpectMetrics(t, backgroundMetrics) } +*/ func TestResponseCodeError(t *testing.T) { app := testApp(nil, ConfigDistributedTracerEnabled(false), t) diff --git a/v3/newrelic/internal_txn.go b/v3/newrelic/internal_txn.go index 545083ca9..4a2523684 100644 --- a/v3/newrelic/internal_txn.go +++ b/v3/newrelic/internal_txn.go @@ -10,7 +10,6 @@ import ( "net/http" "net/url" "reflect" - "runtime" "runtime/debug" "sync" "time" @@ -446,16 +445,11 @@ func (thd *thread) End(recovered interface{}) error { txn.finished = true - // It used to be the case that panic(nil) would cause recover() to return nil, - // which we test for here. However, that is no longer the case, hence the extra - // check at this point to stop panic(nil) from propagating here. (as of Go 1.21) if recovered != nil { - if _, isNilPanic := recovered.(*runtime.PanicNilError); !isNilPanic { - e := txnErrorFromPanic(time.Now(), recovered) - e.Stack = getStackTrace() - thd.noticeErrorInternal(e, nil, false) - log.Println(string(debug.Stack())) - } + e := txnErrorFromPanic(time.Now(), recovered) + e.Stack = getStackTrace() + thd.noticeErrorInternal(e, nil, false) + log.Println(string(debug.Stack())) } txn.markEnd(time.Now(), thd.thread) @@ -547,13 +541,8 @@ func (thd *thread) End(recovered interface{}) error { } } - // Note that if a consumer uses `panic(nil)`, the panic will not - // propagate. Update: well, not anymore. Go now returns an actual - // non-nil value in this case. if recovered != nil { - if _, isNilPanic := recovered.(*runtime.PanicNilError); !isNilPanic { - panic(recovered) - } + panic(recovered) } return nil diff --git a/v3/newrelic/internal_txn_test.go b/v3/newrelic/internal_txn_test.go index bbe42c9d0..04d37bc28 100644 --- a/v3/newrelic/internal_txn_test.go +++ b/v3/newrelic/internal_txn_test.go @@ -7,6 +7,7 @@ import ( "errors" "net/http" "reflect" + "runtime" "testing" "time" @@ -981,3 +982,39 @@ func TestErrAttrsAddedWhenPanic(t *testing.T) { }, }) } + +func TestPanicNilRecovery(t *testing.T) { + cfgFnRecordPanics := func(cfg *Config) { + cfg.DistributedTracer.Enabled = true + cfg.ErrorCollector.RecordPanics = true + } + app := testApp(replyFn, cfgFnRecordPanics, t) + func() { + defer func() { + recovered := recover() + if recovered == nil { + t.Error("code did not panic as expected") + } else if _, isNil := recovered.(*runtime.PanicNilError); !isNil { + t.Errorf("code did not panic with nil as expected; got %v (type %T) instead", recovered, recovered) + } + }() + txn := app.StartTransaction("hello") + defer txn.End() + panic(nil) + }() + app.ExpectSpanEvents(t, []internal.WantEvent{ + { + AgentAttributes: map[string]interface{}{ + SpanAttributeErrorClass: "panic", + SpanAttributeErrorMessage: "panic called with nil argument", + }, + Intrinsics: map[string]interface{}{ + "category": internal.MatchAnything, + "timestamp": internal.MatchAnything, + "name": "OtherTransaction/Go/hello", + "transaction.name": "OtherTransaction/Go/hello", + "nr.entryPoint": true, + }, + }, + }) +} From 9ea8dd4df3d2931fd648b8bd91d6534b78351363 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Fri, 29 Nov 2024 10:45:53 +0530 Subject: [PATCH 16/22] added required optimizations for go routine id --- v3/integrations/nrecho-v3/nrecho.go | 2 +- v3/integrations/nrecho-v4/nrecho.go | 2 +- v3/integrations/nrgin/nrgin.go | 4 +++- v3/integrations/nrgorilla/nrgorilla.go | 2 +- v3/integrations/nrhttprouter/nrhttprouter.go | 4 +++- v3/newrelic/instrumentation.go | 2 +- v3/newrelic/internal_response_writer.go | 3 +-- v3/newrelic/transaction.go | 2 +- 8 files changed, 12 insertions(+), 9 deletions(-) diff --git a/v3/integrations/nrecho-v3/nrecho.go b/v3/integrations/nrecho-v3/nrecho.go index 6a9b1c579..29d629c46 100644 --- a/v3/integrations/nrecho-v3/nrecho.go +++ b/v3/integrations/nrecho-v3/nrecho.go @@ -105,7 +105,7 @@ func Middleware(app *newrelic.Application) func(echo.HandlerFunc) echo.HandlerFu txn.SetWebResponse(nil).WriteHeader(http.StatusInternalServerError) } if newrelic.IsSecurityAgentPresent() { - newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", c.Response().Header()) + newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", c.Response().Header(), txn.GetLinkingMetadata().TraceID) } } diff --git a/v3/integrations/nrecho-v4/nrecho.go b/v3/integrations/nrecho-v4/nrecho.go index c6fe94c98..ed4ff5984 100644 --- a/v3/integrations/nrecho-v4/nrecho.go +++ b/v3/integrations/nrecho-v4/nrecho.go @@ -128,7 +128,7 @@ func Middleware(app *newrelic.Application, opts ...ConfigOption) func(echo.Handl txn.SetWebResponse(nil).WriteHeader(http.StatusInternalServerError) } if newrelic.IsSecurityAgentPresent() { - newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", c.Response().Header()) + newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", c.Response().Header(), txn.GetLinkingMetadata().TraceID) } } diff --git a/v3/integrations/nrgin/nrgin.go b/v3/integrations/nrgin/nrgin.go index f9021e215..34edee9a4 100644 --- a/v3/integrations/nrgin/nrgin.go +++ b/v3/integrations/nrgin/nrgin.go @@ -165,6 +165,7 @@ func WrapRouter(engine *gin.Engine) { } func middleware(app *newrelic.Application, useNewNames bool) gin.HandlerFunc { return func(c *gin.Context) { + traceID := "" if app != nil { name := c.Request.Method + " " + getName(c, useNewNames) @@ -185,10 +186,11 @@ func middleware(app *newrelic.Application, useNewNames bool) gin.HandlerFunc { defer repl.flushHeader() c.Set(internal.GinTransactionContextKey, txn) + traceID = txn.GetLinkingMetadata().TraceID } c.Next() if newrelic.IsSecurityAgentPresent() { - newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", c.Writer.Header()) + newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", c.Writer.Header(), traceID) } } } diff --git a/v3/integrations/nrgorilla/nrgorilla.go b/v3/integrations/nrgorilla/nrgorilla.go index bdcd56c27..da976278e 100644 --- a/v3/integrations/nrgorilla/nrgorilla.go +++ b/v3/integrations/nrgorilla/nrgorilla.go @@ -124,7 +124,7 @@ func Middleware(app *newrelic.Application) mux.MiddlewareFunc { r = newrelic.RequestWithTransactionContext(r, txn) next.ServeHTTP(w, r) if newrelic.IsSecurityAgentPresent() { - newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", w.Header()) + newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", w.Header(), txn.GetLinkingMetadata().TraceID) } }) } diff --git a/v3/integrations/nrhttprouter/nrhttprouter.go b/v3/integrations/nrhttprouter/nrhttprouter.go index 5292551b3..c5f3c2c07 100644 --- a/v3/integrations/nrhttprouter/nrhttprouter.go +++ b/v3/integrations/nrhttprouter/nrhttprouter.go @@ -145,6 +145,7 @@ func (r *Router) HandlerFunc(method, path string, handler http.HandlerFunc) { // ServeHTTP replaces httprouter.Router.ServeHTTP. func (r *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) { + traceID := "" if nil != r.application { h, _, _ := r.Router.Lookup(req.Method, req.URL.Path) if nil == h { @@ -155,11 +156,12 @@ func (r *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) { txn.SetWebRequestHTTP(req) w = txn.SetWebResponse(w) + traceID = txn.GetLinkingMetadata().TraceID } } r.Router.ServeHTTP(w, req) if newrelic.IsSecurityAgentPresent() { - newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", w.Header()) + newrelic.GetSecurityAgentInterface().SendEvent("RESPONSE_HEADER", w.Header(), traceID) } } diff --git a/v3/newrelic/instrumentation.go b/v3/newrelic/instrumentation.go index 0540900d4..a86f858da 100644 --- a/v3/newrelic/instrumentation.go +++ b/v3/newrelic/instrumentation.go @@ -85,7 +85,7 @@ func WrapHandle(app *Application, pattern string, handler http.Handler, options handler.ServeHTTP(w, r) if IsSecurityAgentPresent() { - secureAgent.SendEvent("RESPONSE_HEADER", w.Header()) + secureAgent.SendEvent("RESPONSE_HEADER", w.Header(), txn.GetLinkingMetadata().TraceID) } }) } diff --git a/v3/newrelic/internal_response_writer.go b/v3/newrelic/internal_response_writer.go index ba5427c79..95ef872c8 100644 --- a/v3/newrelic/internal_response_writer.go +++ b/v3/newrelic/internal_response_writer.go @@ -29,9 +29,8 @@ func (rw *replacementResponseWriter) Write(b []byte) (n int, err error) { n, err = rw.original.Write(b) headersJustWritten(rw.thd, http.StatusOK, hdr) - if IsSecurityAgentPresent() { - secureAgent.SendEvent("INBOUND_WRITE", string(b), hdr) + secureAgent.SendEvent("INBOUND_WRITE", string(b), hdr, rw.thd.GetLinkingMetadata().TraceID) } return } diff --git a/v3/newrelic/transaction.go b/v3/newrelic/transaction.go index c432f0f32..5357c3ef5 100644 --- a/v3/newrelic/transaction.go +++ b/v3/newrelic/transaction.go @@ -43,7 +43,7 @@ func (txn *Transaction) End() { } } if txn.thread.IsWeb && IsSecurityAgentPresent() { - secureAgent.SendEvent("INBOUND_END", "") + secureAgent.SendEvent("INBOUND_END", txn.GetLinkingMetadata().TraceID) } txn.thread.logAPIError(txn.thread.End(r), "end transaction", nil) } From ce8ee8e2d38e8a6a720525a7b99cecf2f4176b04 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Thu, 12 Dec 2024 09:38:54 +0530 Subject: [PATCH 17/22] Added IsSecurityAgentPresent in case for graphql --- v3/integrations/nrgraphqlgo/nrgraphqlgo.go | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/v3/integrations/nrgraphqlgo/nrgraphqlgo.go b/v3/integrations/nrgraphqlgo/nrgraphqlgo.go index 504d1778c..f6c20bf9e 100644 --- a/v3/integrations/nrgraphqlgo/nrgraphqlgo.go +++ b/v3/integrations/nrgraphqlgo/nrgraphqlgo.go @@ -79,8 +79,10 @@ func (Extension) ValidationDidStart(ctx context.Context) (context.Context, graph func (Extension) ExecutionDidStart(ctx context.Context) (context.Context, graphql.ExecutionFinishFunc) { txn := newrelic.FromContext(ctx) seg := txn.StartSegment("Execution") - csecData := newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE", "") - txn.SetCsecAttributes("CSEC_DATA", csecData) + if newrelic.IsSecurityAgentPresent() { + csecData := newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE", "") + txn.SetCsecAttributes("CSEC_DATA", csecData) + } return ctx, func(res *graphql.Result) { // noticing here also captures those during resolve for _, err := range res.Errors { @@ -93,11 +95,16 @@ func (Extension) ExecutionDidStart(ctx context.Context) (context.Context, graphq // ResolveFieldDidStart is called at the start of the resolving of a field func (Extension) ResolveFieldDidStart(ctx context.Context, i *graphql.ResolveInfo) (context.Context, graphql.ResolveFieldFinishFunc) { seg := newrelic.FromContext(ctx).StartSegment("ResolveField:" + i.FieldName) - txn := newrelic.FromContext(ctx) - a := txn.GetCsecAttributes()["CSEC_DATA"] - newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE_LINKER", a) + if newrelic.IsSecurityAgentPresent() { + txn := newrelic.FromContext(ctx) + csecData := txn.GetCsecAttributes()["CSEC_DATA"] + newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE_LINKER", csecData) + } + return ctx, func(interface{}, error) { - newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE_END", "") + if newrelic.IsSecurityAgentPresent() { + newrelic.GetSecurityAgentInterface().SendEvent("NEW_GOROUTINE_END", "") + } seg.End() } } From e25deb3b5d3725c26555cc6697450616351d2280 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Fri, 13 Dec 2024 09:40:40 +0530 Subject: [PATCH 18/22] Fix regression issue --- v3/integrations/nrgraphqlgo/nrgraphqlgo.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/v3/integrations/nrgraphqlgo/nrgraphqlgo.go b/v3/integrations/nrgraphqlgo/nrgraphqlgo.go index f6c20bf9e..1c2669d07 100644 --- a/v3/integrations/nrgraphqlgo/nrgraphqlgo.go +++ b/v3/integrations/nrgraphqlgo/nrgraphqlgo.go @@ -42,7 +42,10 @@ type Extension struct{} var _ graphql.Extension = Extension{} // Init is used to help you initialize the extension - in this case, a noop -func (Extension) Init(ctx context.Context, _ *graphql.Params) context.Context { +func (Extension) Init(ctx context.Context, params *graphql.Params) context.Context { + if params != nil && newrelic.IsSecurityAgentPresent() { + newrelic.GetSecurityAgentInterface().SendEvent("GRAPHQL", params.RequestString != "", len(params.VariableValues) != 0) + } return ctx } From 0bbc4752702c030481fae8d576c411726d647f32 Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Mon, 16 Dec 2024 11:43:51 +0530 Subject: [PATCH 19/22] update csec-go-agent version --- v3/integrations/nrsecurityagent/go.mod | 2 +- .../nrsecurityagent/nrsecurityagent.go | 20 +++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/v3/integrations/nrsecurityagent/go.mod b/v3/integrations/nrsecurityagent/go.mod index 9d7e8b9f9..21e63e373 100644 --- a/v3/integrations/nrsecurityagent/go.mod +++ b/v3/integrations/nrsecurityagent/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrsecurityagent go 1.21 require ( - github.com/newrelic/csec-go-agent v1.5.0 + github.com/newrelic/csec-go-agent v1.6.0 github.com/newrelic/go-agent/v3 v3.35.0 github.com/newrelic/go-agent/v3/integrations/nrsqlite3 v1.2.0 gopkg.in/yaml.v2 v2.4.0 diff --git a/v3/integrations/nrsecurityagent/nrsecurityagent.go b/v3/integrations/nrsecurityagent/nrsecurityagent.go index 79269f9be..018fcfbfd 100644 --- a/v3/integrations/nrsecurityagent/nrsecurityagent.go +++ b/v3/integrations/nrsecurityagent/nrsecurityagent.go @@ -116,12 +116,14 @@ func ConfigSecurityFromYaml() ConfigOption { // NEW_RELIC_SECURITY_MODE scanning mode: "IAST" for now // NEW_RELIC_SECURITY_AGENT_ENABLED (boolean) // NEW_RELIC_SECURITY_REQUEST_BODY_LIMIT (integer) set limit on read request body in kb. By default, this is "300" +// NEW_RELIC_SECURITY_IAST_TEST_IDENTIFIER (string) This configuration allows users to specify a unique test identifier when running IAST Scan with CI/CD // // NEW_RELIC_SECURITY_SCAN_SCHEDULE_DELAY (integer) The delay field indicated time in minutes before the IAST scan starts after the application starts. By default is 0 min. // NEW_RELIC_SECURITY_SCAN_SCHEDULE_DURATION (integer) The duration field specifies the duration of the IAST scan in minutes. This determines how long the scan will run. By default is forever. // NEW_RELIC_SECURITY_SCAN_SCHEDULE_SCHEDULE (string) The schedule field specifies a cron expression that defines when the IAST scan should run. // NEW_RELIC_SECURITY_SCAN_SCHEDULE_ALWAYS_SAMPLE_TRACES (boolean) always_sample_traces permits IAST to actively gather trace data in the background, and the collected data will be used by Security Agent to perform an IAST Scan at the scheduled time. // NEW_RELIC_SECURITY_SCAN_CONTROLLERS_IAST_SCAN_REQUEST_RATE_LIMIT (integer) The IAST Scan Rate Limit settings limit the maximum number of analysis probes or requests that can be sent to the application in a minute, By default is 3600. +// NEW_RELIC_SECURITY_SCAN_CONTROLLERS_SCAN_INSTANCE_COUNT (integer) This configuration allows users to the number of application instances for a specific entity where IAST analysis is performed. // // NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INSECURE_SETTINGS (boolean) // NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INVALID_FILE_ACCESS (boolean) @@ -167,12 +169,14 @@ func ConfigSecurityFromEnvironment() ConfigOption { assignBool(&cfg.Security.Agent.Enabled, "NEW_RELIC_SECURITY_AGENT_ENABLED") assignBool(&cfg.Security.Detection.Rxss.Enabled, "NEW_RELIC_SECURITY_DETECTION_RXSS_ENABLED") assignInt(&cfg.Security.Request.BodyLimit, "NEW_RELIC_SECURITY_REQUEST_BODY_LIMIT") + assignString(&cfg.Security.IastTestIdentifier, "NEW_RELIC_SECURITY_IAST_TEST_IDENTIFIER") assignInt(&cfg.Security.ScanSchedule.Delay, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_DELAY") assignInt(&cfg.Security.ScanSchedule.Duration, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_DURATION") assignString(&cfg.Security.ScanSchedule.Schedule, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_SCHEDULE") assignBool(&cfg.Security.ScanSchedule.AllowIastSampleCollection, "NEW_RELIC_SECURITY_SCAN_SCHEDULE_ALWAYS_SAMPLE_TRACES") assignInt(&cfg.Security.ScanControllers.IastScanRequestRateLimit, "NEW_RELIC_SECURITY_SCAN_CONTROLLERS_IAST_SCAN_REQUEST_RATE_LIMIT") + assignInt(&cfg.Security.ScanControllers.ScanInstanceCount, "NEW_RELIC_SECURITY_SCAN_CONTROLLERS_SCAN_INSTANCE_COUNT") assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InsecureSettings, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INSECURE_SETTINGS") assignBool(&cfg.Security.ExcludeFromIastScan.IastDetectionCategory.InvalidFileAccess, "NEW_RELIC_SECURITY_EXCLUDE_FROM_IAST_SCAN_IAST_DETECTION_CATEGORY_INVALID_FILE_ACCESS") @@ -215,6 +219,14 @@ func ConfigSecurityValidatorServiceEndPointUrl(url string) ConfigOption { } } +// ConfigSecurityIastTestIdentifier sets the iast test identifier. +// This configuration allows users to specify a unique test identifier when running IAST Scan with CI/CD. +func ConfigSecurityIastTestIdentifier(testIdentifier string) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.IastTestIdentifier = testIdentifier + } +} + // ConfigSecurityDetectionDisableRxss is used to enable or disable RXSS validation. func ConfigSecurityDetectionDisableRxss(isDisable bool) ConfigOption { return func(cfg *SecurityConfig) { @@ -275,3 +287,11 @@ func ConfigIastScanRequestRateLimit(limit int) ConfigOption { cfg.Security.ScanControllers.IastScanRequestRateLimit = limit } } + +// ConfigScanIstanceCount is used to set scan instance count. +// This configuration allows users to the number of application instances for a specific entity where IAST analysis is performed. +func ConfigScanInstanceCount(limit int) ConfigOption { + return func(cfg *SecurityConfig) { + cfg.Security.ScanControllers.ScanInstanceCount = limit + } +} From 230dfb0cc32302dbe1aa5765da2d25ed3597ee2c Mon Sep 17 00:00:00 2001 From: Aayush garg Date: Thu, 19 Dec 2024 09:45:08 +0530 Subject: [PATCH 20/22] Added latest config file for security agent in readme. --- v3/integrations/nrsecurityagent/README.md | 81 ++++++++++++++++++++--- 1 file changed, 72 insertions(+), 9 deletions(-) diff --git a/v3/integrations/nrsecurityagent/README.md b/v3/integrations/nrsecurityagent/README.md index 7ad9fb5b0..14548b9cd 100644 --- a/v3/integrations/nrsecurityagent/README.md +++ b/v3/integrations/nrsecurityagent/README.md @@ -40,22 +40,85 @@ NEW_RELIC_SECURITY_CONFIG_PATH={YOUR_PATH}/myappsecurity.yaml The YAML file should have these contents (adjust as needed for your application): ``` +# Determines whether the security data is sent to New Relic or not. When this is disabled and agent.enabled is +# true, the security module will run but data will not be sent. Default is false. enabled: true - # NR security provides two modes IAST and RASP - # Default is IAST +# New Relic Security provides two modes: IAST and RASP +# Default is IAST. Due to the invasive nature of IAST scanning, DO NOT enable this mode in either a +# production environment or an environment where production data is processed. mode: IAST - # New Relic’s SaaS connection URLs +# New Relic Security's SaaS connection URL validator_service_url: wss://csec.nr-data.net - # Following category of security events - # can be disabled from generating. +# These are the category of security events that can be detected. Set to false to disable detection of +# individual event types. Default is true for each event type. +# This config is deprecated, detection: - rxss: - enabled: true -request: - body_limit:1 + rci: + enabled: true + rxss: + enabled: true + deserialization: + enabled: true + +# Unique test identifier when runnning IAST with CI/CD +iast_test_identifier: "" + +# IAST scan controllers to get more control over IAST analysis +scan_controllers: + # maximum number of replay requests IAST Agent + # can fire in a minute. Default is 3600. Minimum is 12 and maximum is 3600 + iast_scan_request_rate_limit: 3600 + # The number of application instances for a specific entity where IAST analysis is performed. + # Values are 0 or 1, 0 signifies run on all application instances + scan_instance_count: 0 + +# The scan_schedule configuration allows to specify when IAST scans should be executed +scan_schedule: + # The delay field specifies the delay in minutes before the IAST scan starts. + # This allows to schedule the scan to start at a later time. In minutes, default is 0 min + delay: 0 + # The duration field specifies the duration of the IAST scan in minutes. + # This determines how long the scan will run. In minutes, default is forever + duration: 0 + # The schedule field specifies a cron expression that defines when the IAST scan should start. + schedule: "" + # Allow continuously sample collection of IAST events regardless of scan schedule. Default is false + always_sample_traces: false + +# The exclude_from_iast_scan configuration allows to specify APIs, parameters, +# and categories that should not be scanned by Security Agents. +exclude_from_iast_scan: + # The api field specifies list of APIs using regular expression (regex) patterns that follow the syntax of Perl 5. + # The regex pattern should provide a complete match for the URL without the endpoint. + api: [] + # The http_request_parameters configuration allows users to specify headers, query parameters, + # and body keys that should be excluded from IAST scans. + http_request_parameters: + # A list of HTTP header keys. If a request includes any headers with these keys, + # the corresponding IAST scan will be skipped. + header: [] + # A list of query parameter keys. The presence of these parameters in the request's query string + # will lead to skipping the IAST scan. + query: [] + # A list of keys within the request body. If these keys are found in the body content, + # the IAST scan will be omitted. + body: [] + # The iast_detection_category configuration allows to specify which categories + # of vulnerabilities should not be detected by Security Agents. + iast_detection_category: + insecure_settings: false + invalid_file_access: false + sql_injection: false + nosql_injection: false + ldap_injection: false + javascript_injection: false + command_injection: false + xpath_injection: false + ssrf: false + rxss: false ``` * Based on additional packages imported by the user application, add suitable instrumentation package imports. From b54156b5fb3fde12c32eb0b183e76fcb345ceb3c Mon Sep 17 00:00:00 2001 From: Steve Willoughby Date: Thu, 16 Jan 2025 09:26:39 -0800 Subject: [PATCH 21/22] release --- v3/integrations/logcontext-v2/logWriter/go.mod | 2 +- v3/integrations/logcontext-v2/nrlogrus/go.mod | 2 +- v3/integrations/logcontext-v2/nrslog/go.mod | 2 +- v3/integrations/logcontext-v2/nrwriter/go.mod | 2 +- v3/integrations/logcontext-v2/nrzap/go.mod | 2 +- v3/integrations/logcontext-v2/nrzerolog/go.mod | 2 +- v3/integrations/logcontext-v2/zerologWriter/go.mod | 2 +- v3/integrations/logcontext/nrlogrusplugin/go.mod | 2 +- v3/integrations/nramqp/go.mod | 2 +- v3/integrations/nrawsbedrock/go.mod | 4 ++-- v3/integrations/nrawssdk-v1/go.mod | 2 +- v3/integrations/nrawssdk-v2/go.mod | 2 +- v3/integrations/nrb3/go.mod | 2 +- v3/integrations/nrecho-v3/go.mod | 2 +- v3/integrations/nrecho-v4/go.mod | 2 +- v3/integrations/nrelasticsearch-v7/go.mod | 2 +- .../nrfasthttp/examples/client-fasthttp/go.mod | 2 +- .../nrfasthttp/examples/server-fasthttp/go.mod | 2 +- v3/integrations/nrfasthttp/go.mod | 2 +- v3/integrations/nrgin/go.mod | 2 +- v3/integrations/nrgorilla/go.mod | 2 +- v3/integrations/nrgraphgophers/go.mod | 2 +- v3/integrations/nrgraphqlgo/example/go.mod | 2 +- v3/integrations/nrgraphqlgo/go.mod | 2 +- v3/integrations/nrgrpc/go.mod | 8 ++++---- v3/integrations/nrhttprouter/go.mod | 2 +- v3/integrations/nrlambda/go.mod | 2 +- v3/integrations/nrlogrus/go.mod | 2 +- v3/integrations/nrlogxi/go.mod | 2 +- v3/integrations/nrmicro/go.mod | 6 +++--- v3/integrations/nrmongo/go.mod | 2 +- v3/integrations/nrmssql/go.mod | 2 +- v3/integrations/nrmysql/go.mod | 2 +- v3/integrations/nrnats/go.mod | 6 ++++-- v3/integrations/nrnats/test/go.mod | 2 +- v3/integrations/nropenai/go.mod | 2 +- v3/integrations/nrpgx/example/sqlx/go.mod | 2 +- v3/integrations/nrpgx/go.mod | 2 +- v3/integrations/nrpgx5/go.mod | 4 +++- v3/integrations/nrpkgerrors/go.mod | 2 +- v3/integrations/nrpq/example/sqlx/go.mod | 2 +- v3/integrations/nrpq/go.mod | 2 +- v3/integrations/nrredis-v7/go.mod | 2 +- v3/integrations/nrredis-v8/go.mod | 2 +- v3/integrations/nrredis-v9/go.mod | 2 +- v3/integrations/nrsarama/go.mod | 4 +++- v3/integrations/nrsecurityagent/go.mod | 2 +- v3/integrations/nrslog/go.mod | 2 +- v3/integrations/nrsnowflake/go.mod | 2 +- v3/integrations/nrsqlite3/go.mod | 2 +- v3/integrations/nrstan/examples/go.mod | 2 +- v3/integrations/nrstan/go.mod | 4 ++-- v3/integrations/nrstan/test/go.mod | 4 ++-- v3/integrations/nrzap/go.mod | 2 +- v3/integrations/nrzerolog/go.mod | 2 +- v3/newrelic/version.go | 2 +- 56 files changed, 71 insertions(+), 65 deletions(-) diff --git a/v3/integrations/logcontext-v2/logWriter/go.mod b/v3/integrations/logcontext-v2/logWriter/go.mod index 23918979c..bdbcda240 100644 --- a/v3/integrations/logcontext-v2/logWriter/go.mod +++ b/v3/integrations/logcontext-v2/logWriter/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/logWriter go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrwriter v1.0.0 ) diff --git a/v3/integrations/logcontext-v2/nrlogrus/go.mod b/v3/integrations/logcontext-v2/nrlogrus/go.mod index 2a3725f4a..f10f76dc7 100644 --- a/v3/integrations/logcontext-v2/nrlogrus/go.mod +++ b/v3/integrations/logcontext-v2/nrlogrus/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrlogrus go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/sirupsen/logrus v1.8.1 ) diff --git a/v3/integrations/logcontext-v2/nrslog/go.mod b/v3/integrations/logcontext-v2/nrslog/go.mod index 9469f90b7..0dc5ec35e 100644 --- a/v3/integrations/logcontext-v2/nrslog/go.mod +++ b/v3/integrations/logcontext-v2/nrslog/go.mod @@ -2,7 +2,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrslog go 1.21 -require github.com/newrelic/go-agent/v3 v3.35.0 +require github.com/newrelic/go-agent/v3 v3.36.0 replace github.com/newrelic/go-agent/v3 => ../../.. diff --git a/v3/integrations/logcontext-v2/nrwriter/go.mod b/v3/integrations/logcontext-v2/nrwriter/go.mod index dba650407..02365f42d 100644 --- a/v3/integrations/logcontext-v2/nrwriter/go.mod +++ b/v3/integrations/logcontext-v2/nrwriter/go.mod @@ -2,7 +2,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrwriter go 1.21 -require github.com/newrelic/go-agent/v3 v3.35.0 +require github.com/newrelic/go-agent/v3 v3.36.0 replace github.com/newrelic/go-agent/v3 => ../../.. diff --git a/v3/integrations/logcontext-v2/nrzap/go.mod b/v3/integrations/logcontext-v2/nrzap/go.mod index 8d59be20c..416fcbb0d 100644 --- a/v3/integrations/logcontext-v2/nrzap/go.mod +++ b/v3/integrations/logcontext-v2/nrzap/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrzap go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 go.uber.org/zap v1.24.0 ) diff --git a/v3/integrations/logcontext-v2/nrzerolog/go.mod b/v3/integrations/logcontext-v2/nrzerolog/go.mod index 9f54d885d..7a8a7c4cb 100644 --- a/v3/integrations/logcontext-v2/nrzerolog/go.mod +++ b/v3/integrations/logcontext-v2/nrzerolog/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrzerolog go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/rs/zerolog v1.26.1 ) diff --git a/v3/integrations/logcontext-v2/zerologWriter/go.mod b/v3/integrations/logcontext-v2/zerologWriter/go.mod index 6cd22edfa..34c762fb2 100644 --- a/v3/integrations/logcontext-v2/zerologWriter/go.mod +++ b/v3/integrations/logcontext-v2/zerologWriter/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext-v2/zerologWriter go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrwriter v1.0.0 github.com/rs/zerolog v1.27.0 ) diff --git a/v3/integrations/logcontext/nrlogrusplugin/go.mod b/v3/integrations/logcontext/nrlogrusplugin/go.mod index 795ead899..d351d9259 100644 --- a/v3/integrations/logcontext/nrlogrusplugin/go.mod +++ b/v3/integrations/logcontext/nrlogrusplugin/go.mod @@ -5,7 +5,7 @@ module github.com/newrelic/go-agent/v3/integrations/logcontext/nrlogrusplugin go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 // v1.4.0 is required for for the log.WithContext. github.com/sirupsen/logrus v1.4.0 ) diff --git a/v3/integrations/nramqp/go.mod b/v3/integrations/nramqp/go.mod index 8975d5a50..37631d2dc 100644 --- a/v3/integrations/nramqp/go.mod +++ b/v3/integrations/nramqp/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nramqp go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/rabbitmq/amqp091-go v1.9.0 ) replace github.com/newrelic/go-agent/v3 => ../.. diff --git a/v3/integrations/nrawsbedrock/go.mod b/v3/integrations/nrawsbedrock/go.mod index 95fb67d97..5ab131aeb 100644 --- a/v3/integrations/nrawsbedrock/go.mod +++ b/v3/integrations/nrawsbedrock/go.mod @@ -7,8 +7,8 @@ require ( github.com/aws/aws-sdk-go-v2/config v1.27.4 github.com/aws/aws-sdk-go-v2/service/bedrock v1.7.3 github.com/aws/aws-sdk-go-v2/service/bedrockruntime v1.7.1 - github.com/google/uuid v1.3.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/google/uuid v1.6.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrawssdk-v1/go.mod b/v3/integrations/nrawssdk-v1/go.mod index b6b2b12f4..5591725f4 100644 --- a/v3/integrations/nrawssdk-v1/go.mod +++ b/v3/integrations/nrawssdk-v1/go.mod @@ -8,7 +8,7 @@ go 1.21 require ( // v1.15.0 is the first aws-sdk-go version with module support. github.com/aws/aws-sdk-go v1.34.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrawssdk-v2/go.mod b/v3/integrations/nrawssdk-v2/go.mod index 81be27b79..54980587d 100644 --- a/v3/integrations/nrawssdk-v2/go.mod +++ b/v3/integrations/nrawssdk-v2/go.mod @@ -14,7 +14,7 @@ require ( github.com/aws/aws-sdk-go-v2/service/s3 v1.61.0 github.com/aws/aws-sdk-go-v2/service/sqs v1.34.6 github.com/aws/smithy-go v1.20.4 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrb3/go.mod b/v3/integrations/nrb3/go.mod index 0a70b6f14..ce6630230 100644 --- a/v3/integrations/nrb3/go.mod +++ b/v3/integrations/nrb3/go.mod @@ -2,7 +2,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrb3 go 1.21 -require github.com/newrelic/go-agent/v3 v3.35.0 +require github.com/newrelic/go-agent/v3 v3.36.0 replace github.com/newrelic/go-agent/v3 => ../.. diff --git a/v3/integrations/nrecho-v3/go.mod b/v3/integrations/nrecho-v3/go.mod index 471de541b..7ff8e4847 100644 --- a/v3/integrations/nrecho-v3/go.mod +++ b/v3/integrations/nrecho-v3/go.mod @@ -8,7 +8,7 @@ require ( // v3.1.0 is the earliest v3 version of Echo that works with modules due // to the github.com/rsc/letsencrypt import of v3.0.0. github.com/labstack/echo v3.1.0+incompatible - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrecho-v4/go.mod b/v3/integrations/nrecho-v4/go.mod index 0b34cc68a..ba2ff683d 100644 --- a/v3/integrations/nrecho-v4/go.mod +++ b/v3/integrations/nrecho-v4/go.mod @@ -6,7 +6,7 @@ go 1.21 require ( github.com/labstack/echo/v4 v4.9.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrelasticsearch-v7/go.mod b/v3/integrations/nrelasticsearch-v7/go.mod index 7c665b72a..827249907 100644 --- a/v3/integrations/nrelasticsearch-v7/go.mod +++ b/v3/integrations/nrelasticsearch-v7/go.mod @@ -6,7 +6,7 @@ go 1.21 require ( github.com/elastic/go-elasticsearch/v7 v7.17.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrfasthttp/examples/client-fasthttp/go.mod b/v3/integrations/nrfasthttp/examples/client-fasthttp/go.mod index d48e28fba..b716c3d98 100644 --- a/v3/integrations/nrfasthttp/examples/client-fasthttp/go.mod +++ b/v3/integrations/nrfasthttp/examples/client-fasthttp/go.mod @@ -3,7 +3,7 @@ module client-example go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrfasthttp v1.0.0 github.com/valyala/fasthttp v1.49.0 ) diff --git a/v3/integrations/nrfasthttp/examples/server-fasthttp/go.mod b/v3/integrations/nrfasthttp/examples/server-fasthttp/go.mod index 3eef72e99..be1cde658 100644 --- a/v3/integrations/nrfasthttp/examples/server-fasthttp/go.mod +++ b/v3/integrations/nrfasthttp/examples/server-fasthttp/go.mod @@ -3,7 +3,7 @@ module server-example go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrfasthttp v1.0.0 github.com/valyala/fasthttp v1.49.0 ) diff --git a/v3/integrations/nrfasthttp/go.mod b/v3/integrations/nrfasthttp/go.mod index a1dd0773e..2b2c9ce4a 100644 --- a/v3/integrations/nrfasthttp/go.mod +++ b/v3/integrations/nrfasthttp/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrfasthttp go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/valyala/fasthttp v1.49.0 ) diff --git a/v3/integrations/nrgin/go.mod b/v3/integrations/nrgin/go.mod index 1d2223632..9f5ae53ed 100644 --- a/v3/integrations/nrgin/go.mod +++ b/v3/integrations/nrgin/go.mod @@ -6,7 +6,7 @@ go 1.21 require ( github.com/gin-gonic/gin v1.9.1 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrgorilla/go.mod b/v3/integrations/nrgorilla/go.mod index c98397fb6..5dfb080dc 100644 --- a/v3/integrations/nrgorilla/go.mod +++ b/v3/integrations/nrgorilla/go.mod @@ -7,7 +7,7 @@ go 1.21 require ( // v1.7.0 is the earliest version of Gorilla using modules. github.com/gorilla/mux v1.7.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrgraphgophers/go.mod b/v3/integrations/nrgraphgophers/go.mod index 8e9a24de6..46a99e03d 100644 --- a/v3/integrations/nrgraphgophers/go.mod +++ b/v3/integrations/nrgraphgophers/go.mod @@ -7,7 +7,7 @@ go 1.21 require ( // graphql-go has no tagged releases as of Jan 2020. github.com/graph-gophers/graphql-go v1.3.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrgraphqlgo/example/go.mod b/v3/integrations/nrgraphqlgo/example/go.mod index 7e09ca397..d753e7d06 100644 --- a/v3/integrations/nrgraphqlgo/example/go.mod +++ b/v3/integrations/nrgraphqlgo/example/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/graphql-go/graphql v0.8.1 github.com/graphql-go/graphql-go-handler v0.2.3 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrgraphqlgo v1.0.0 ) diff --git a/v3/integrations/nrgraphqlgo/go.mod b/v3/integrations/nrgraphqlgo/go.mod index 398e5bad1..1200e64cd 100644 --- a/v3/integrations/nrgraphqlgo/go.mod +++ b/v3/integrations/nrgraphqlgo/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/graphql-go/graphql v0.8.1 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrgrpc/go.mod b/v3/integrations/nrgrpc/go.mod index ad827aac2..c41413267 100644 --- a/v3/integrations/nrgrpc/go.mod +++ b/v3/integrations/nrgrpc/go.mod @@ -5,12 +5,12 @@ go 1.21 require ( // protobuf v1.3.0 is the earliest version using modules, we use v1.3.1 // because all dependencies were removed in this version. - github.com/golang/protobuf v1.5.3 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/golang/protobuf v1.5.4 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrsecurityagent v1.1.0 // v1.15.0 is the earliest version of grpc using modules. - google.golang.org/grpc v1.56.3 - google.golang.org/protobuf v1.33.0 + google.golang.org/grpc v1.65.0 + google.golang.org/protobuf v1.34.2 ) diff --git a/v3/integrations/nrhttprouter/go.mod b/v3/integrations/nrhttprouter/go.mod index bb18f867e..413647f1b 100644 --- a/v3/integrations/nrhttprouter/go.mod +++ b/v3/integrations/nrhttprouter/go.mod @@ -7,7 +7,7 @@ go 1.21 require ( // v1.3.0 is the earliest version of httprouter using modules. github.com/julienschmidt/httprouter v1.3.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrlambda/go.mod b/v3/integrations/nrlambda/go.mod index 9b43a7bea..66a780928 100644 --- a/v3/integrations/nrlambda/go.mod +++ b/v3/integrations/nrlambda/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/aws/aws-lambda-go v1.41.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrlogrus/go.mod b/v3/integrations/nrlogrus/go.mod index 39763cf75..635cb207d 100644 --- a/v3/integrations/nrlogrus/go.mod +++ b/v3/integrations/nrlogrus/go.mod @@ -5,7 +5,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrlogrus go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/logcontext-v2/nrlogrus v1.0.0 // v1.1.0 is required for the Logger.GetLevel method, and is the earliest // version of logrus using modules. diff --git a/v3/integrations/nrlogxi/go.mod b/v3/integrations/nrlogxi/go.mod index 6cc7eb097..62df3aa91 100644 --- a/v3/integrations/nrlogxi/go.mod +++ b/v3/integrations/nrlogxi/go.mod @@ -7,7 +7,7 @@ go 1.21 require ( // 'v1', at commit aebf8a7d67ab, is the only logxi release. github.com/mgutz/logxi v0.0.0-20161027140823-aebf8a7d67ab - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrmicro/go.mod b/v3/integrations/nrmicro/go.mod index de7e5982e..198e947ae 100644 --- a/v3/integrations/nrmicro/go.mod +++ b/v3/integrations/nrmicro/go.mod @@ -4,13 +4,13 @@ module github.com/newrelic/go-agent/v3/integrations/nrmicro // https://github.com/micro/go-micro/blob/master/go.mod go 1.21 -toolchain go1.22.3 +toolchain go1.23.4 require ( github.com/golang/protobuf v1.5.4 github.com/micro/go-micro v1.8.0 - github.com/newrelic/go-agent/v3 v3.35.0 - google.golang.org/protobuf v1.34.1 + github.com/newrelic/go-agent/v3 v3.36.0 + google.golang.org/protobuf v1.36.2 ) diff --git a/v3/integrations/nrmongo/go.mod b/v3/integrations/nrmongo/go.mod index 10dcccdef..40d3f7e55 100644 --- a/v3/integrations/nrmongo/go.mod +++ b/v3/integrations/nrmongo/go.mod @@ -5,7 +5,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrmongo go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 // mongo-driver does not support modules as of Nov 2019. go.mongodb.org/mongo-driver v1.10.2 ) diff --git a/v3/integrations/nrmssql/go.mod b/v3/integrations/nrmssql/go.mod index 21ac02623..9dc94301f 100644 --- a/v3/integrations/nrmssql/go.mod +++ b/v3/integrations/nrmssql/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/microsoft/go-mssqldb v0.19.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrmysql/go.mod b/v3/integrations/nrmysql/go.mod index ce742df64..b138567a1 100644 --- a/v3/integrations/nrmysql/go.mod +++ b/v3/integrations/nrmysql/go.mod @@ -7,7 +7,7 @@ require ( // v1.5.0 is the first mysql version to support gomod github.com/go-sql-driver/mysql v1.6.0 // v3.3.0 includes the new location of ParseQuery - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrnats/go.mod b/v3/integrations/nrnats/go.mod index 455d82348..1d4a43bb5 100644 --- a/v3/integrations/nrnats/go.mod +++ b/v3/integrations/nrnats/go.mod @@ -4,10 +4,12 @@ module github.com/newrelic/go-agent/v3/integrations/nrnats // https://github.com/nats-io/nats.go/blob/master/.travis.yml go 1.21 +toolchain go1.23.4 + require ( github.com/nats-io/nats-server v1.4.1 - github.com/nats-io/nats.go v1.28.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/nats-io/nats.go v1.36.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrnats/test/go.mod b/v3/integrations/nrnats/test/go.mod index 93cefa3b4..dd4ba151f 100644 --- a/v3/integrations/nrnats/test/go.mod +++ b/v3/integrations/nrnats/test/go.mod @@ -8,7 +8,7 @@ replace github.com/newrelic/go-agent/v3/integrations/nrnats v1.0.0 => ../ require ( github.com/nats-io/nats-server v1.4.1 github.com/nats-io/nats.go v1.17.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrnats v1.0.0 ) diff --git a/v3/integrations/nropenai/go.mod b/v3/integrations/nropenai/go.mod index 4b640f4b7..2d23bf859 100644 --- a/v3/integrations/nropenai/go.mod +++ b/v3/integrations/nropenai/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/google/uuid v1.6.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/pkoukk/tiktoken-go v0.1.6 github.com/sashabaranov/go-openai v1.20.2 ) diff --git a/v3/integrations/nrpgx/example/sqlx/go.mod b/v3/integrations/nrpgx/example/sqlx/go.mod index 7310a84b2..20f20a6b7 100644 --- a/v3/integrations/nrpgx/example/sqlx/go.mod +++ b/v3/integrations/nrpgx/example/sqlx/go.mod @@ -4,7 +4,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrpgx/example/sqlx go 1.21 require ( github.com/jmoiron/sqlx v1.2.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrpgx v0.0.0 ) replace github.com/newrelic/go-agent/v3/integrations/nrpgx => ../../ diff --git a/v3/integrations/nrpgx/go.mod b/v3/integrations/nrpgx/go.mod index a72b45d81..c032bb1d8 100644 --- a/v3/integrations/nrpgx/go.mod +++ b/v3/integrations/nrpgx/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/jackc/pgx v3.6.2+incompatible github.com/jackc/pgx/v4 v4.18.2 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrpgx5/go.mod b/v3/integrations/nrpgx5/go.mod index aa16f192c..06763870c 100644 --- a/v3/integrations/nrpgx5/go.mod +++ b/v3/integrations/nrpgx5/go.mod @@ -2,10 +2,12 @@ module github.com/newrelic/go-agent/v3/integrations/nrpgx5 go 1.21 +toolchain go1.23.4 + require ( github.com/egon12/pgsnap v0.0.0-20221022154027-2847f0124ed8 github.com/jackc/pgx/v5 v5.5.4 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/stretchr/testify v1.8.1 ) diff --git a/v3/integrations/nrpkgerrors/go.mod b/v3/integrations/nrpkgerrors/go.mod index 0939765ca..b2d258022 100644 --- a/v3/integrations/nrpkgerrors/go.mod +++ b/v3/integrations/nrpkgerrors/go.mod @@ -5,7 +5,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrpkgerrors go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 // v0.8.0 was the last release in 2016, and when // major development on pkg/errors stopped. github.com/pkg/errors v0.8.0 diff --git a/v3/integrations/nrpq/example/sqlx/go.mod b/v3/integrations/nrpq/example/sqlx/go.mod index 5b51f64b1..074017c9f 100644 --- a/v3/integrations/nrpq/example/sqlx/go.mod +++ b/v3/integrations/nrpq/example/sqlx/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/jmoiron/sqlx v1.2.0 github.com/lib/pq v1.1.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrpq v0.0.0 ) replace github.com/newrelic/go-agent/v3/integrations/nrpq => ../../ diff --git a/v3/integrations/nrpq/go.mod b/v3/integrations/nrpq/go.mod index 979641e33..f167ccaad 100644 --- a/v3/integrations/nrpq/go.mod +++ b/v3/integrations/nrpq/go.mod @@ -6,7 +6,7 @@ require ( // NewConnector dsn parsing tests expect v1.1.0 error return behavior. github.com/lib/pq v1.1.0 // v3.3.0 includes the new location of ParseQuery - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrredis-v7/go.mod b/v3/integrations/nrredis-v7/go.mod index b8a899dd8..85c860dd5 100644 --- a/v3/integrations/nrredis-v7/go.mod +++ b/v3/integrations/nrredis-v7/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/go-redis/redis/v7 v7.0.0-beta.5 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrredis-v8/go.mod b/v3/integrations/nrredis-v8/go.mod index cbafc42fa..268b9dd83 100644 --- a/v3/integrations/nrredis-v8/go.mod +++ b/v3/integrations/nrredis-v8/go.mod @@ -5,7 +5,7 @@ go 1.21 require ( github.com/go-redis/redis/v8 v8.4.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrredis-v9/go.mod b/v3/integrations/nrredis-v9/go.mod index 0aeddc3bf..b9dd9cab5 100644 --- a/v3/integrations/nrredis-v9/go.mod +++ b/v3/integrations/nrredis-v9/go.mod @@ -4,7 +4,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrredis-v9 go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/redis/go-redis/v9 v9.0.2 ) diff --git a/v3/integrations/nrsarama/go.mod b/v3/integrations/nrsarama/go.mod index 39577ab09..e1ba449cc 100644 --- a/v3/integrations/nrsarama/go.mod +++ b/v3/integrations/nrsarama/go.mod @@ -2,9 +2,11 @@ module github.com/newrelic/go-agent/v3/integrations/nrsarama go 1.21 +toolchain go1.23.4 + require ( github.com/Shopify/sarama v1.38.1 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/stretchr/testify v1.8.1 ) diff --git a/v3/integrations/nrsecurityagent/go.mod b/v3/integrations/nrsecurityagent/go.mod index 21e63e373..a2eca34e3 100644 --- a/v3/integrations/nrsecurityagent/go.mod +++ b/v3/integrations/nrsecurityagent/go.mod @@ -4,7 +4,7 @@ go 1.21 require ( github.com/newrelic/csec-go-agent v1.6.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrsqlite3 v1.2.0 gopkg.in/yaml.v2 v2.4.0 ) diff --git a/v3/integrations/nrslog/go.mod b/v3/integrations/nrslog/go.mod index 39a7a016f..9477b0517 100644 --- a/v3/integrations/nrslog/go.mod +++ b/v3/integrations/nrslog/go.mod @@ -4,7 +4,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrslog go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/stretchr/testify v1.9.0 ) diff --git a/v3/integrations/nrsnowflake/go.mod b/v3/integrations/nrsnowflake/go.mod index e66019fc3..f91663a7f 100644 --- a/v3/integrations/nrsnowflake/go.mod +++ b/v3/integrations/nrsnowflake/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrsnowflake go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/snowflakedb/gosnowflake v1.6.19 ) diff --git a/v3/integrations/nrsqlite3/go.mod b/v3/integrations/nrsqlite3/go.mod index 846de8eb3..f0f596a61 100644 --- a/v3/integrations/nrsqlite3/go.mod +++ b/v3/integrations/nrsqlite3/go.mod @@ -7,7 +7,7 @@ go 1.21 require ( github.com/mattn/go-sqlite3 v1.0.0 // v3.3.0 includes the new location of ParseQuery - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrstan/examples/go.mod b/v3/integrations/nrstan/examples/go.mod index 893e5a164..c2152ab2a 100644 --- a/v3/integrations/nrstan/examples/go.mod +++ b/v3/integrations/nrstan/examples/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrstan/examples go 1.21 require ( github.com/nats-io/stan.go v0.5.0 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrnats v0.0.0 github.com/newrelic/go-agent/v3/integrations/nrstan v0.0.0 ) diff --git a/v3/integrations/nrstan/go.mod b/v3/integrations/nrstan/go.mod index 96a277ef3..f9efe8d18 100644 --- a/v3/integrations/nrstan/go.mod +++ b/v3/integrations/nrstan/go.mod @@ -4,11 +4,11 @@ module github.com/newrelic/go-agent/v3/integrations/nrstan // https://github.com/nats-io/stan.go/blob/master/.travis.yml go 1.21 -toolchain go1.22.3 +toolchain go1.23.4 require ( github.com/nats-io/stan.go v0.10.4 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 ) diff --git a/v3/integrations/nrstan/test/go.mod b/v3/integrations/nrstan/test/go.mod index edf8935a4..5494f8611 100644 --- a/v3/integrations/nrstan/test/go.mod +++ b/v3/integrations/nrstan/test/go.mod @@ -4,12 +4,12 @@ module github.com/newrelic/go-agent/v3/integrations/nrstan/test // github.com/nats-io/nats-streaming-server in nrstan. go 1.21 -toolchain go1.22.3 +toolchain go1.23.4 require ( github.com/nats-io/nats-streaming-server v0.25.6 github.com/nats-io/stan.go v0.10.4 - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/newrelic/go-agent/v3/integrations/nrstan v0.0.0 ) diff --git a/v3/integrations/nrzap/go.mod b/v3/integrations/nrzap/go.mod index c21e20b26..ead8500ac 100644 --- a/v3/integrations/nrzap/go.mod +++ b/v3/integrations/nrzap/go.mod @@ -5,7 +5,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrzap go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 // v1.12.0 is the earliest version of zap using modules. go.uber.org/zap v1.12.0 ) diff --git a/v3/integrations/nrzerolog/go.mod b/v3/integrations/nrzerolog/go.mod index b8be9873a..5c01e5398 100644 --- a/v3/integrations/nrzerolog/go.mod +++ b/v3/integrations/nrzerolog/go.mod @@ -3,7 +3,7 @@ module github.com/newrelic/go-agent/v3/integrations/nrzerolog go 1.21 require ( - github.com/newrelic/go-agent/v3 v3.35.0 + github.com/newrelic/go-agent/v3 v3.36.0 github.com/rs/zerolog v1.28.0 ) replace github.com/newrelic/go-agent/v3 => ../.. diff --git a/v3/newrelic/version.go b/v3/newrelic/version.go index eb4982544..0d80ae73b 100644 --- a/v3/newrelic/version.go +++ b/v3/newrelic/version.go @@ -11,7 +11,7 @@ import ( const ( // Version is the full string version of this Go Agent. - Version = "3.35.1" + Version = "3.36.0" ) var ( From 17919e9d6355619b453f89605640063a3db5a8d1 Mon Sep 17 00:00:00 2001 From: Steve Willoughby Date: Thu, 16 Jan 2025 09:46:05 -0800 Subject: [PATCH 22/22] release notes --- CHANGELOG.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c3bc2c904..c04cb8e1d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,23 @@ +## 3.36.0 +### Enhanced + - Internal improvements to securityagent integration to better support trace handling and other support for security analysis of applications under test, now v1.3.4; affects the following other integrations: + - nrecho, now v1.1.4 + - nrecho-v4, now v1.1.3 + - nrgin, now v1.3.3 + - nrgorilla, now v1.2.3 + - nrgraphqlgo, now v1.0.2 + - nrhttprouter, now v1.1.3 + +### Fixed + - Added missing license files. + - Fixed module dependencies in nrgrpc integration, now v1.4.5 + - Corrects handling of `panic(nil)` to no longer try to keep pre-Go-1.21 behavior but to allow newer language semantics for that condition. Fixes [issue 975](https://github.com/newrelic/go-agent/issues/975). + + +### Support statement +We use the latest version of the Go language. At minimum, you should be using no version of Go older than what is supported by the Go team themselves. +See the [Go agent EOL Policy](/docs/apm/agents/go-agent/get-started/go-agent-eol-policy) for details about supported versions of the Go agent and third-party components. + ## 3.35.1 ### Fixed - Security Agent Bug Hotfix: Do not update the security agent unti the go agent has completed its connect process [PR](https://github.com/newrelic/go-agent/pull/978)