Skip to content

Fix APISecurity::RouteExtractor for Rails 8.1.1+ #5042

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
y9v merged 7 commits into from
Nov 13, 2025
Merged

Fix APISecurity::RouteExtractor for Rails 8.1.1+ #5042

y9v merged 7 commits into from
Nov 13, 2025

Conversation

@y9v
Copy link
Member

@y9v y9v commented Nov 12, 2025
edited
Loading

What does this PR do?

This PR:

  • fixes route extraction for Rails 8.1.1+
  • adds a rescue to APISecurity::RouteExtractor.route_pattern with telemetry error reporting
  • changes the slow path for Rails to always wrap the rack request to router request class
  • adds explicit string conversion for route pattern value to APISecurity::Sampler

Motivation:
#5040

Rails 8.1.1 removes the action_dispatch.route_uri_pattern from request.env and replaces it with action_dispatch.route:
rails/rails@6fd05c9

Change log entry
Yes. AppSec: Fix route extraction error for Rails 8.1.1+.

Additional Notes:
None.

How to test the change?
CI and manual testing.

@y9v y9v self-assigned this Nov 12, 2025
@y9v y9v requested review from a team as code owners November 12, 2025 13:01
@github-actions github-actions bot added the appsec Application Security monitoring product label Nov 12, 2025
@pr-commenter
Copy link

pr-commenter bot commented Nov 12, 2025
edited
Loading

Benchmarks

Benchmark execution time: 2025-11-12 17:02:36

Comparing candidate commit a693370 in PR branch fix-api-security-route-extractor-for-rails-8-1-1 with baseline commit e0ab5b7 in branch master.

Found 2 performance improvements and 5 performance regressions! Performance is the same for 37 metrics, 2 unstable metrics.

scenario:line instrumentation - targeted

  • 🟥 throughput [-10242.344op/s; -9733.947op/s] or [-6.787%; -6.450%]

scenario:line instrumentation - untargeted

  • 🟥 throughput [-4494.546op/s; -4365.642op/s] or [-7.723%; -7.502%]

scenario:method instrumentation

  • 🟥 throughput [-12683.003op/s; -12233.694op/s] or [-7.312%; -7.053%]

scenario:profiling - Allocations (baseline)

  • 🟥 throughput [-505440.426op/s; -491189.705op/s] or [-9.617%; -9.346%]

scenario:tracing - Propagation - Datadog

  • 🟩 throughput [+2136.898op/s; +2209.683op/s] or [+7.387%; +7.639%]

scenario:tracing - Propagation - Trace Context

  • 🟥 throughput [-4807.122op/s; -4700.574op/s] or [-12.683%; -12.402%]

scenario:tracing - Tracing.log_correlation

  • 🟩 throughput [+7426.408op/s; +7722.851op/s] or [+7.402%; +7.697%]

@datadog-official
Copy link

datadog-official bot commented Nov 12, 2025
edited by datadog-datadog-prod-us1 bot
Loading

✅ Tests

🎉 All green!

❄️ No new flaky tests detected
🧪 All tests passed

🎯 Code Coverage
Patch Coverage: 101.69%
Total Coverage: 98.58% (+0.05%)

View detailed report

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: a693370 | Docs | Datadog PR Page | Was this helpful? Give us feedback!

Strech
Strech reviewed Nov 12, 2025
View reviewed changes
p-datadog
p-datadog reviewed Nov 12, 2025
View reviewed changes
Strech
Strech approved these changes Nov 12, 2025
View reviewed changes
Copy link
Member

@Strech Strech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for taking care 🤗

@y9v y9v merged commit e4ed440 into master Nov 13, 2025
554 checks passed
@y9v y9v deleted the fix-api-security-route-extractor-for-rails-8-1-1 branch November 13, 2025 09:26
@github-actions github-actions bot added this to the 2.23.0 milestone Nov 13, 2025
@Strech Strech mentioned this pull request Dec 11, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TonyCTHsu TonyCTHsu TonyCTHsu left review comments

@p-datadog p-datadog p-datadog left review comments

@Strech Strech Strech approved these changes

Assignees

@y9v y9v

Labels

appsec Application Security monitoring product

Projects

None yet

Milestone

2.23.0

Development

Successfully merging this pull request may close these issues.

5 participants

@y9v @Strech @TonyCTHsu @p-datadog