Bugfix: never use redirect host when accessing preconnect endpoint
When connecting to New Relic, the Ruby Agent uses the value in Agent.config[:host] to post a request to the New Relic preconnect endpoint. This endpoint returns a "redirect host" which is the URL to which agents send data from that point on.
Previously, if the agent needed to reconnect to the collector, it would incorrectly use this redirect host to call the preconnect
endpoint, when it should have used the original configured value in Agent.config[:host]. The agent now uses the correct host
for all calls to preconnect.
Bugfix: calling add_custom_attributes no longer modifies the params of the caller
The previous agent's improvements to recording attributes at the span level had an unexpected
side-effect of modifying the params passed to the API call as duplicated attributes were deleted
in the process. This is now fixed and params passed in are no longer modified.
Thanks to Pete Johns (@johnsyweb) for the PR that resolves this bug.
Bugfix: http.url query parameters spans are now obfuscated
Previously, the agent was recording the full URL of the external requests, including
the query and fragment parts of the URL as part of the attributes on the external request
span. This has been fixed so that the URL is obfuscated to filter out potentially sensitive data.
Use system SSL certificates by default
The Ruby agent previously used a root SSL/TLS certificate bundle by default. Now the agent will attempt to use
the default system certificates, but will fall back to the bundled certs if there is an issue (and log that this occurred).
Bugfix: reduce allocations for segment attributes
Previously, every segment received an Attributes object on initialization. The agent now lazily creates attributes
on segments, resulting in a significant reduction in object allocations for a typical transaction.
Bugfix: eliminate errors around Rake::VERSION with Rails
When running a Rails application with rake tasks, customers could see the following error:
Prevent connecting agent thread from hanging on shutdown
A bug in Net::HTTP's Gzip decoder can cause the (un-catchable)
thread-kill exception to be replaced with a (catchable) Zlib exception,
which prevents a connecting agent thread from exiting during shutdown,
causing the Ruby process to hang indefinitely.
This workaround checks for an aborting thread in the #connect exception handler
and re-raises the exception, allowing a killed thread to continue exiting.
Thanks to Will Jordan (@wjordan) for chasing this one down and patching with tests.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Bumps newrelic_rpm from 6.12.0.367 to 6.13.0.
Release notes
Sourced from newrelic_rpm's releases.
Changelog
Sourced from newrelic_rpm's changelog.
Commits
65b06c1
Merge pull request #433 from newrelic/dev079c159
Release workflow fixes (#432)ecb51a6
Merge pull request #429 from newrelic/dev9a277a0
Remove reference to repo-specific CoC from gemspec (#426)02e8f1c
Update test running instructions (#428)b6a053b
Merge pull request #427 from newrelic/catch_cache_reserve_error4c6ecf5
simply reports a cache reserve failure error for bundle install cache so test...8e9eadd
Merge pull request #425 from newrelic/dev6b93d3f
Update gem credentials step (#420)ee7a61a
Pin timers gem to 4.1.1. for Sidekiq ~> 3.5.3 multiverse (#421)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)