You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This PR fixes several logic issues and removes code that was duplicated
dozens of times.
Move _iast_instrument_starlette_url to _handlers
Since `iast/_patch.py` and `iast/_patch_modules.py` had overlapping
responsibilities and it was unclear what each file was for, the
functions that serve as the entry point for starting IAST have been
moved to main.py.
The new class that handles all the logic for wrapping functions and
modules now lives in patch_modules.
On one hand, we had the function `try_wrap_function_wrapper` defined
twice — once for AppSec and once for IAST:
The **AppSec** version used `ModuleWatchdog`:
```python
# ddtrace/appsec/_common_module_patches.py
def try_wrap_function_wrapper(module_name: str, name: str, wrapper: Callable) -> None:
@ModuleWatchdog.after_module_imported(module_name)
def _(module):
try:
wrap_object(module, name, FunctionWrapper, (wrapper,))
except (ImportError, AttributeError):
log.debug("ASM patching. Module %s.%s does not exist", module_name, name)
```
Whereas the **IAST** version used `wrapt` directly:
```python
# ddtrace/appsec/_iast/_patch.py
def try_wrap_function_wrapper(module: Text, name: Text, wrapper: Callable):
try:
wrap_object(module, name, FunctionWrapper, (wrapper,))
except (ImportError, AttributeError):
iast_instrumentation_wrapt_debug_log(f"Module {module}.{name} not exists")
```
Additionally, the IAST version was sometimes called like this:
```python
try_wrap_function_wrapper(("_%s" % MD5_DEF), "MD5Type.digest", wrapped_md5_function)
```
And other times using `wrapt.when_imported`:
```python
@when_imported("django.shortcuts")
def _(m):
try_wrap_function_wrapper(m, "redirect", _unvalidated_redirect_for_django)
```
These two patterns were repeated dozens of times, and now all of this
logic has been centralized in the class
`ddtrace.appsec._iast._patch_modules.WrapModulesForIAST`.
## Checklist
- [x] PR author has checked that all the criteria below are met
- The PR description includes an overview of the change
- The PR description articulates the motivation for the change
- The change includes tests OR the PR description describes a testing
strategy
- The PR description notes risks associated with the change, if any
- Newly-added code is easy to change
- The change follows the [library release note
guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html)
- The change includes or references documentation updates if necessary
- Backport labels are set (if
[applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting))
## Reviewer Checklist
- [x] Reviewer has checked that all the criteria below are met
- Title is accurate
- All changes are related to the pull request's stated goal
- Avoids breaking
[API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces)
changes
- Testing strategy adequately addresses listed risks
- Newly-added code is easy to change
- Release note makes sense to a user of the library
- If necessary, author has acknowledged and discussed the performance
implications of this PR as reported in the benchmarks PR comment
- Backport labels are set in a manner that is consistent with the
[release branch maintenance
policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)
0 commit comments