Skip to content

Fix route processing for AppSec#5987

Merged
y9v merged 2 commits into
masterfrom
appsec-fix-route-processing-for-rails
Jul 3, 2026
Merged

Fix route processing for AppSec#5987
y9v merged 2 commits into
masterfrom
appsec-fix-route-processing-for-rails

Conversation

@y9v

@y9v y9v commented Jul 2, 2026

Copy link
Copy Markdown
Member

What does this PR do?

Motivation:
When Warden invokes Devise::FailureApp directly, the router is bypassed so ActionDispatch::Routing::RouteSet never runs and path_parameters is nil in env. This causes a NoMethodError.

Change log entry
Yes. AppSec: Fix an exception for unauthorized requests when using Devise with Rails.

Additional Notes:
SCRS-2273

How to test the change?
CI.

@y9v y9v self-assigned this Jul 2, 2026
@y9v y9v requested a review from a team as a code owner July 2, 2026 13:24
@dd-octo-sts dd-octo-sts Bot added integrations Involves tracing integrations appsec Application Security monitoring product labels Jul 2, 2026
@datadog-prod-us1-6

datadog-prod-us1-6 Bot commented Jul 2, 2026

Copy link
Copy Markdown

Tests

🎉 All green!

🧪 All tests passed
❄️ No new flaky tests detected

🎯 Code Coverage (details)
Patch Coverage: 100.00%
Overall Coverage: 90.02% (-0.01%)

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: c12beb0 | Docs | Datadog PR Page | Give us feedback!

@Strech Strech left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the fix, I left few minor suggestions

Comment thread lib/datadog/appsec/contrib/rails/gateway/request.rb Outdated
Comment thread spec/datadog/appsec/contrib/rails/gateway/request_spec.rb Outdated
@pr-commenter

pr-commenter Bot commented Jul 3, 2026

Copy link
Copy Markdown

Benchmarks

Benchmark execution time: 2026-07-03 09:20:50

Comparing candidate commit c12beb0 in PR branch appsec-fix-route-processing-for-rails with baseline commit 3ec5c3c in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 48 metrics, 1 unstable metrics.

Explanation

This is an A/B test comparing a candidate commit's performance against that of a baseline commit. Performance changes are noted in the tables below as:

  • 🟩 = significantly better candidate vs. baseline
  • 🟥 = significantly worse candidate vs. baseline

We compute a confidence interval (CI) over the relative difference of means between metrics from the candidate and baseline commits, considering the baseline as the reference.

If the CI is entirely outside the configured SIGNIFICANT_IMPACT_THRESHOLD (or the deprecated UNCONFIDENCE_THRESHOLD), the change is considered significant.

Feel free to reach out to #apm-benchmarking-platform on Slack if you have any questions.

More details about the CI and significant changes

You can imagine this CI as a range of values that is likely to contain the true difference of means between the candidate and baseline commits.

CIs of the difference of means are often centered around 0%, because often changes are not that big:

---------------------------------(------|---^--------)-------------------------------->
                              -0.6%    0%  0.3%     +1.2%
                                 |          |        |
         lower bound of the CI --'          |        |
sample mean (center of the CI) -------------'        |
         upper bound of the CI ----------------------'

As described above, a change is considered significant if the CI is entirely outside the configured SIGNIFICANT_IMPACT_THRESHOLD (or the deprecated UNCONFIDENCE_THRESHOLD).

For instance, for an execution time metric, this confidence interval indicates a significantly worse performance:

----------------------------------------|---------|---(---------^---------)---------->
                                       0%        1%  1.3%      2.2%      3.1%
                                                  |   |         |         |
       significant impact threshold --------------'   |         |         |
                      lower bound of CI --------------'         |         |
       sample mean (center of the CI) --------------------------'         |
                      upper bound of CI ----------------------------------'

@y9v y9v merged commit e0cf4cf into master Jul 3, 2026
587 checks passed
@y9v y9v deleted the appsec-fix-route-processing-for-rails branch July 3, 2026 10:47
@dd-octo-sts dd-octo-sts Bot added this to the 2.37.0 milestone Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

appsec Application Security monitoring product integrations Involves tracing integrations

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants