We just released AppSignal for Ruby gem version 2.6.0 2.6.1 which allows filtering of more data and adds a "revision" config option for APP_REVISION!
Shipped today with the Ruby gem is also an Elixir package release containing many of the same enhancements.
Request headers list
With this release it's possible to specify which HTTP request headers AppSignal stores on transactions and sends to the AppSignal servers. This feature was added in light of the new General Data Protection Regulation (GDPR).
Which request headers to process is determined through the request_headers whitelist option. If unset, it falls back to a collection of headers that don't contain personal data. This means headers such as REMOTE_ADDR, REFERER and a few more will not be sent to AppSignal by default. When upgrading from Ruby gem 2.5 and earlier, you'll notice that newly added samples won't contain these headers containing potential personal data unless you specify otherwise.
Here's an example with our Ruby gem 2.6 defaults:
1# config/appsignal.yml
2production:
3 request_headers:
4 [
5 "HTTP_ACCEPT",
6 "HTTP_ACCEPT_CHARSET",
7 "HTTP_ACCEPT_ENCODING",
8 "HTTP_ACCEPT_LANGUAGE",
9 "HTTP_CACHE_CONTROL",
10 "HTTP_CONNECTION",
11 "CONTENT_LENGTH",
12 "PATH_INFO",
13 "HTTP_RANGE",
14 "REQUEST_METHOD",
15 "REQUEST_URI",
16 "SERVER_NAME",
17 "SERVER_PORT",
18 "SERVER_PROTOCOL",
19 ]
Or when using environment variables for configuration:
1export APPSIGNAL_REQUEST_HEADERS=HTTP_ACCEPT,HTTP_ACCEPT_CHARSET,HTTP_ACCEPT_ENCODING,HTTP_ACCEPT_LANGUAGE,HTTP_CACHE_CONTROL,HTTP_CONNECTION,CONTENT_LENGTH,PATH_INFO,HTTP_RANGE,REQUEST_METHOD,REQUEST_URI,SERVER_NAME,SERVER_PORT,SERVER_PROTOCOLFilter session data
It was always possible to filter parameter values, but not session data. Thanks to @dwilkins this is now possible!
Using the filter_session_data config option it's possible to specify which session data keys should be filtered out and replaced with [FILTERED] instead. Use this option to make sure you're not sending any sensitive or personal data to our servers.
1# config/appsignal.yml
2production:
3 filter_session_data:
4 - name
5 - email
6 - api_token
7 - token
Or when using environment variables for configuration:
1export APPSIGNAL_FILTER_SESSION_DATA=name,email,api_token,tokenRevision config option
We've supported the APP_REVISION environment variable for a while to notify AppSignal of new deploys. This variable sets the app revision at runtime. The main advantage is that it's possible to report multiple revisions at the same time from different hosts, such as during a deploy or when another host doesn't have to be deployed.
In this version we've added support for a configuration option for it in appsignal.yml. This means the APP_REVISION environment variable is no longer a requirement to use this method, but instead all your configuration can exist in the same config file.
For more information about deploy markers and the revision config option, see our documentation page about deploy markers.
Other improvements
- Fix empty action name issue
- Avoid generating unique action names for Padrino
- Reduce memory usage by enabling frozen strings by default
Please see the changelog for more details about these improvements, deprecations and other changes. And as always: get in touch if you encounter problems after upgrading. We're happy to help!
Image credit: MPD01605 CC BY-SA 2.0 via WikiMedia Commons
