appsignal

Ruby gem 2.6: The GDPR release!

Tom de Bruijn

Tom de Bruijn on

Ruby gem 2.6:
The GDPR release!

We just released AppSignal for Ruby gem version 2.6.0 2.6.1 which allows filtering of more data and adds a "revision" config option for APP_REVISION!

Shipped today with the Ruby gem is also an Elixir package release containing many of the same enhancements.

Request headers list

With this release it's possible to specify which HTTP request headers AppSignal stores on transactions and sends to the AppSignal servers. This feature was added in light of the new General Data Protection Regulation (GDPR).

Which request headers to process is determined through the request_headers whitelist option. If unset, it falls back to a collection of headers that don't contain personal data. This means headers such as REMOTE_ADDR, REFERER and a few more will not be sent to AppSignal by default. When upgrading from Ruby gem 2.5 and earlier, you'll notice that newly added samples won't contain these headers containing potential personal data unless you specify otherwise.

Here's an example with our Ruby gem 2.6 defaults:

yaml
# config/appsignal.yml production: request_headers: [ "HTTP_ACCEPT", "HTTP_ACCEPT_CHARSET", "HTTP_ACCEPT_ENCODING", "HTTP_ACCEPT_LANGUAGE", "HTTP_CACHE_CONTROL", "HTTP_CONNECTION", "CONTENT_LENGTH", "PATH_INFO", "HTTP_RANGE", "REQUEST_METHOD", "REQUEST_URI", "SERVER_NAME", "SERVER_PORT", "SERVER_PROTOCOL", ]

Or when using environment variables for configuration:

sh
export APPSIGNAL_REQUEST_HEADERS=HTTP_ACCEPT,HTTP_ACCEPT_CHARSET,HTTP_ACCEPT_ENCODING,HTTP_ACCEPT_LANGUAGE,HTTP_CACHE_CONTROL,HTTP_CONNECTION,CONTENT_LENGTH,PATH_INFO,HTTP_RANGE,REQUEST_METHOD,REQUEST_URI,SERVER_NAME,SERVER_PORT,SERVER_PROTOCOL

Filter session data

It was always possible to filter parameter values, but not session data. Thanks to @dwilkins this is now possible!

Using the filter_session_data config option it's possible to specify which session data keys should be filtered out and replaced with [FILTERED] instead. Use this option to make sure you're not sending any sensitive or personal data to our servers.

yaml
# config/appsignal.yml production: filter_session_data: - name - email - api_token - token

Or when using environment variables for configuration:

sh
export APPSIGNAL_FILTER_SESSION_DATA=name,email,api_token,token

Revision config option

We've supported the APP_REVISION environment variable for a while to notify AppSignal of new deploys. This variable sets the app revision at runtime. The main advantage is that it's possible to report multiple revisions at the same time from different hosts, such as during a deploy or when another host doesn't have to be deployed.

In this version we've added support for a configuration option for it in appsignal.yml. This means the APP_REVISION environment variable is no longer a requirement to use this method, but instead all your configuration can exist in the same config file.

For more information about deploy markers and the revision config option, see our documentation page about deploy markers.

Other improvements

Please see the changelog for more details about these improvements, deprecations and other changes. And as always: get in touch if you encounter problems after upgrading. We're happy to help!

Image credit: MPD01605 CC BY-SA 2.0 via WikiMedia Commons

Tom de Bruijn

Tom de Bruijn

Tom is a developer at AppSignal, organizer, and writer from Amsterdam, The Netherlands.

All articles by Tom de Bruijn

Become our next author!

Find out more

AppSignal monitors your apps

AppSignal provides insights for Ruby, Rails, Elixir, Phoenix, Node.js, Express and many other frameworks and libraries. We are located in beautiful Amsterdam. We love stroopwafels. If you do too, let us know. We might send you some!

Discover AppSignal
AppSignal monitors your apps