Update libsqreen library to 11.0.1 fixing fingerprint generation

DataDog · Sep 20, 2024 · c2cd812 · c2cd812
1 parent 5867971
commit c2cd812
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 3 deletions.
diff --git a/dd-java-agent/appsec/build.gradle b/dd-java-agent/appsec/build.gradle
@@ -15,7 +15,7 @@ dependencies {
   implementation project(':internal-api')
   implementation project(':communication')
   implementation project(':telemetry')
-  implementation group: 'io.sqreen', name: 'libsqreen', version: '11.0.0'
+  implementation group: 'io.sqreen', name: 'libsqreen', version: '11.0.1'
   implementation libs.moshi
 
   testImplementation libs.bytebuddy

diff --git a/...ent/appsec/src/test/groovy/com/datadog/appsec/powerwaf/PowerWAFModuleSpecification.groovy b/...ent/appsec/src/test/groovy/com/datadog/appsec/powerwaf/PowerWAFModuleSpecification.groovy
@@ -1490,6 +1490,7 @@ class PowerWAFModuleSpecification extends DDSpecification {
   void 'http endpoint fingerprint support'() {
     given:
     final flow = Mock(ChangeableFlow)
+    final fingerprint = '_dd.appsec.fp.http.endpoint'
     setupWithStubConfigService 'fingerprint_config.json'
     dataListener = pwafModule.dataSubscriptions.first()
     ctx.closeAdditive()
@@ -1508,12 +1509,15 @@ class PowerWAFModuleSpecification extends DDSpecification {
 
     then:
     1 * flow.setAction({ it.blocking })
-    ctx.derivativeKeys.contains('_dd.appsec.fp.http.endpoint')
+    1 * ctx.reportDerivatives({ Map<String, String> map ->
+      map.containsKey(fingerprint) && map.get(fingerprint).matches('http-get-.*')
+    })
   }
 
   void 'http session fingerprint support'() {
     given:
     final flow = Mock(ChangeableFlow)
+    final fingerprint = '_dd.appsec.fp.session'
     final sessionId = UUID.randomUUID().toString()
     setupWithStubConfigService 'fingerprint_config.json'
     dataListener = pwafModule.dataSubscriptions.first()
@@ -1530,7 +1534,9 @@ class PowerWAFModuleSpecification extends DDSpecification {
     ctx.closeAdditive()
 
     then:
-    ctx.derivativeKeys.contains('_dd.appsec.fp.session')
+    1 * ctx.reportDerivatives({ Map<String, String> map ->
+      map.containsKey(fingerprint) && map.get(fingerprint).matches('ssn-.*')
+    })
   }
 
   private Map<String, Object> getDefaultConfig() {