This is a pre-release of the upcoming 7.0.0 release and is intended for early access and validation for those wanting to try out the new release directly from GitHub prior to finalized release being published to rubygems.org.
Add support for CSP nonces when using our API to insert the browser agent
We now support passing in a nonce to our API method browser_timing_header to allow the browser agent to run on applications using CSP nonces. This allows users to inject the browser agent themselves and use the nonce required for the script to run. In order to utilize this new feature, you must disable auto instrumentation for the browser agent, and use the API method browser_timing_header to pass the nonce in and inject the script manually.
Removed MD5 use in the SQL sampler
In order to allow the agent to run in FIPS compliant environments, the usage of MD5 for aggregating slow sql traces has been replaced with SHA1.
Enable server-side configuration of distributed tracing
distributed_tracing.enabled may now be set in server-side application configuration.
Bugfix: Fix for missing part of a previous bugfix
Our previous fix of "nil Middlewares injection now prevented and gracefully handled in Sinatra" released in 7.0.0 was partially overwritten by some of the other changes in that release. This release adds back those missing sections of the bugfix, and should resolve the issue for sinatra users.
Update known conflicts with use of Module#Prepend
With our release of v7.0.0, we updated our instrumentation to use Module#Prepend by default, instead of method chaining. We have received reports of conflicts and added a check for these known conflicts. If a known conflict with prepend is detected while using the default value of 'auto' for gem instrumentation, the agent will instead install method chaining instrumentation in order to avoid this conflict. This check can be bypassed by setting the instrumentation method for the gem to 'prepend'.
Bugfix: Updated support for ActiveRecord 6.1+ instrumentation
Previously, the agent depended on connection_id to be present in the Active Support instrumentation for sql.active_record
to get the current ActiveRecord connection. As of Rails 6.1, connection_id has been dropped in favor of providing the connection
object through the connection value exclusively. This resulted in datastore spans displaying fallback behavior, including showing
"ActiveRecord" as the database vendor.
Bugfix: Updated support for Resque's FORK_PER_JOB option
Support for Resque's FORK_PER_JOB flag within the Ruby agent was incomplete and nonfunctional. The agent should now behave
correctly when running in a non-forking Resque worker process.
Bugfix: Added check for ruby2_keywords in add_transaction_tracer
Thanks @beauraF for the contribution! Previously, the add_transaction_tracer was not updated when we added support for ruby 3. In order to correctly support **kwargs, ruby2_keywords was added to correctly update the method signature to use **kwargs in ruby versions that support that.
Confirmed support for yajl 1.4.0
Thanks to @creaturenex for the contribution! yajl-ruby 1.4.0 was added to our test suite and confirmed all tests pass, showing the agent supports this version as well.
v7.0.0
Ruby Agent 6.x to 7.x Migration Guide Available
Please see our Ruby Agent 6.x to 7.x migration guide for helpful strategies and tips for migrating from earlier versions of the Ruby agent to 7.0.0. We cover new configuration settings, diagnosiing and installing SSL CA certificates and deprecated items and their replacements in this guide.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
3 years ago
Bumps newrelic_rpm from 6.15.0 to 7.1.0.
Release notes
Sourced from newrelic_rpm's releases.
Changelog
Sourced from newrelic_rpm's changelog.
... (truncated)
Commits
c1049d7Merge pull request #695 from newrelic/devc689265use https in debian mirror url466523dMerge pull request #696 from newrelic/update_mysql_5.5_mirrorc164921update debian-security mirror link in GHA6deb5f6Merge pull request #689 from newrelic/update_version_7101ef4082Merge pull request #666 from ChaelCodes/update-contrib-guide7909dcaUpdated contributing guide to fix broken link and add setup instructions3f5fa49Merge pull request #690 from newrelic/update_puma_test_matrix95908faupdate rack and puma versions in multiverse88e4b4fupdate version to 7.1.0Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)