Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
opentelemetry-helpers-sql-obfuscation
Advanced tools
opentelemetry-helpers-sql-obfuscation
- 0.2.1
- Rubygems
OpenTelemetry Instrumentation Helpers: SQL Obfuscation
This Ruby gem contains logic to obfuscate SQL. It's intended for use by by gem authors instrumenting SQL adapter libraries, such as mysql2, pg, and trilogy.
The logic is largely drawn from the New Relic Ruby agent's SQL Obfuscation Helpers module.
Usage
Add the gem to your instrumentation's gemspec file:
# opentelemetry-instrumentation-your-gem.gemspec
spec.add_dependency 'opentelemetry-helpers-sql-obfuscation'
Add the gem to your instrumentation's Gemfile:
# Gemfile
group :test, :development do
gem 'opentelemetry-helpers-sql-obfuscation', path: '../../helpers/sql-obfuscation'
end
Make sure the Instrumentation class for your gem contains configuration options for:
:obfuscation_limit: the length at which the SQL string will not be obfuscated Example:option :obfuscation_limit, default: 2000, validate: :integer
If you want to add support for a new adapter, update the following constants to include keys for your adapter:
DIALECT_COMPONENTSCLEANUP_REGEX
You must also add a new constant that calls the generate_regex method with your adapter's DIALECT_COMPONENTS that is named like <ADAPTER>_COMPONENTS_REGEX, such as: MYSQL_COMPONENTS_REGEX.
Check New Relic's SQL Obfuscation Helpers module to see if regular expressions for your adapter already exist.
Examples
To obfuscate sql in your library:
OpenTelemetry::Helpers::SqlObfuscation.obfuscate_sql(sql, obfuscation_limit: config[:obfuscation_limit], adapter: :postgres)
How can I get involved?
The opentelemetry-helpers-sql-obfuscation gem source is on github, along with related gems including opentelemetry-instrumentation-pg and opentelemetry-instrumentation-trilogy.
The OpenTelemetry Ruby gems are maintained by the OpenTelemetry Ruby special interest group (SIG). You can get involved by joining us on our GitHub Discussions, Slack Channel or attending our weekly meeting. See the meeting calendar for dates and times. For more information on this and other language SIGs, see the OpenTelemetry community page.
License
The opentelemetry-helpers-sql-obfuscation gem is distributed under the Apache 2.0 license. See LICENSE for more information.
FAQs
Unknown package
We found that opentelemetry-helpers-sql-obfuscation demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 27 Nov 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024