Merge branch 'main' into jb/update-private-docs

Author: jsonbailey

.github/actions/setup/action.yml

@@ -15,6 +15,7 @@ runs:
     - uses: ruby/setup-ruby@v1
       with:
         ruby-version: ${{ inputs.version }}
+        bundler: 2
 
     - name: Install dependencies
       if: ${{ inputs.install-dependencies == 'true' }}

.release-please-manifest.json

@@ -1,3 +1,3 @@
 {
-  ".": "8.11.1"
+  ".": "8.11.2"
 }

CHANGELOG.md

@@ -2,6 +2,14 @@
 
 All notable changes to the LaunchDarkly Ruby SDK will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org).
 
+## [8.11.2](https://github.com/launchdarkly/ruby-server-sdk/compare/8.11.1...8.11.2) (2025-12-05)
+
+
+### Bug Fixes
+
+* Fix diagnostic logging for connection results in stream ([#343](https://github.com/launchdarkly/ruby-server-sdk/issues/343)) ([d49eaa8](https://github.com/launchdarkly/ruby-server-sdk/commit/d49eaa895ca370c219439e726771e17154709aa3))
+* Prevent command injection in FileDataSourceImpl ([#341](https://github.com/launchdarkly/ruby-server-sdk/issues/341)) ([9ca4b98](https://github.com/launchdarkly/ruby-server-sdk/commit/9ca4b985c58c62f7b8b454d43a8548924fd4715f))
+
 ## [8.11.1](https://github.com/launchdarkly/ruby-server-sdk/compare/8.11.0...8.11.1) (2025-10-10)
 
 

PROVENANCE.md

@@ -9,7 +9,7 @@ To verify SLSA provenance attestations, we recommend using [slsa-verifier](https
 <!-- x-release-please-start-version -->
 ```
 # Set the version of the SDK to verify
-SDK_VERSION=8.11.1
+SDK_VERSION=8.11.2
 ```
 <!-- x-release-please-end -->
 

lib/ldclient-rb/events.rb

@@ -233,7 +233,7 @@ class EventDispatcher
     def initialize(inbox, sdk_key, config, diagnostic_accumulator, event_sender)
       @sdk_key = sdk_key
       @config = config
-      @diagnostic_accumulator = config.diagnostic_opt_out? ? nil : diagnostic_accumulator
+      @diagnostic_accumulator = diagnostic_accumulator
       @event_sender = event_sender
       @sampler = LaunchDarkly::Impl::Sampler.new(Random.new)
 

lib/ldclient-rb/impl/data_source/stream.rb

@@ -29,6 +29,7 @@ class StreamProcessor
         def initialize(sdk_key, config, diagnostic_accumulator = nil)
           @sdk_key = sdk_key
           @config = config
+          @diagnostic_accumulator = diagnostic_accumulator
           @data_source_update_sink = config.data_source_update_sink
           @feature_store = config.feature_store
           @initialized = Concurrent::AtomicBoolean.new(false)

lib/ldclient-rb/impl/integrations/file_data_source.rb

@@ -102,7 +102,7 @@ def load_file(path, all_data)
             @last_version += 1
           }
 
-          parsed = parse_content(IO.read(path))
+          parsed = parse_content(File.read(path))
           (parsed[:flags] || {}).each do |key, flag|
             flag[:version] = version
             add_item(all_data, Impl::DataStore::FEATURES, flag)

lib/ldclient-rb/version.rb

@@ -1,3 +1,3 @@
 module LaunchDarkly
-  VERSION = "8.11.1" # x-release-please-version
+  VERSION = "8.11.2" # x-release-please-version
 end

spec/impl/data_source/stream_spec.rb

@@ -67,5 +67,71 @@ module LaunchDarkly
         expect(listener.statuses[1].last_error.kind).to eq(Interfaces::DataSource::ErrorInfo::INVALID_DATA)
       end
     end
+
+    describe '#log_connection_result' do
+      it "logs successful connection when diagnostic_accumulator is provided" do
+        diagnostic_accumulator = double("DiagnosticAccumulator")
+        expect(diagnostic_accumulator).to receive(:record_stream_init).with(
+          kind_of(Integer),
+          false,
+          kind_of(Integer)
+        )
+
+        processor = subject.new("sdk_key", config, diagnostic_accumulator)
+        processor.send(:log_connection_started)
+        processor.send(:log_connection_result, true)
+      end
+
+      it "logs failed connection when diagnostic_accumulator is provided" do
+        diagnostic_accumulator = double("DiagnosticAccumulator")
+        expect(diagnostic_accumulator).to receive(:record_stream_init).with(
+          kind_of(Integer),
+          true,
+          kind_of(Integer)
+        )
+
+        processor = subject.new("sdk_key", config, diagnostic_accumulator)
+        processor.send(:log_connection_started)
+        processor.send(:log_connection_result, false)
+      end
+
+      it "logs connection metrics with correct timestamp and duration" do
+        diagnostic_accumulator = double("DiagnosticAccumulator")
+
+        processor = subject.new("sdk_key", config, diagnostic_accumulator)
+
+        expect(diagnostic_accumulator).to receive(:record_stream_init) do |timestamp, failed, duration|
+          expect(timestamp).to be_a(Integer)
+          expect(timestamp).to be > 0
+          expect(failed).to eq(false)
+          expect(duration).to be_a(Integer)
+          expect(duration).to be >= 0
+        end
+
+        processor.send(:log_connection_started)
+        sleep(0.01) # Small delay to ensure measurable duration
+        processor.send(:log_connection_result, true)
+      end
+
+      it "only logs once per connection attempt" do
+        diagnostic_accumulator = double("DiagnosticAccumulator")
+        expect(diagnostic_accumulator).to receive(:record_stream_init).once
+
+        processor = subject.new("sdk_key", config, diagnostic_accumulator)
+        processor.send(:log_connection_started)
+        processor.send(:log_connection_result, true)
+        # Second call should not trigger another log
+        processor.send(:log_connection_result, true)
+      end
+
+      it "works gracefully when no diagnostic_accumulator is provided" do
+        processor = subject.new("sdk_key", config, nil)
+
+        expect {
+          processor.send(:log_connection_started)
+          processor.send(:log_connection_result, true)
+        }.not_to raise_error
+      end
+    end
   end
 end

spec/integrations/file_data_source_spec.rb

@@ -191,6 +191,34 @@ def with_data_source(options, initialize_to_valid = false)
         end
       end
 
+      it "does not execute commands via malicious filenames" do
+        # This tests that filenames containing shell metacharacters are treated as literal paths
+        # and do not result in command execution. The file reading should use safe methods
+        # that don't pass paths through a shell.
+        marker_file = File.join(@tmp_dir, "command_injection_marker")
+
+        # Various command injection attempts - if any command executed, it would create the marker file
+        malicious_paths = [
+          "|touch #{marker_file}",
+          ";touch #{marker_file}",
+          "$(touch #{marker_file})",
+          "`touch #{marker_file}`",
+          "& touch #{marker_file}",
+          "\ntouch #{marker_file}\n",
+        ]
+
+        malicious_paths.each do |malicious_path|
+          with_data_source({ paths: [malicious_path] }) do |ds|
+            event = ds.start
+            expect(event.set?).to eq(true)
+            # Should fail to initialize because the file doesn't exist (treated as literal path)
+            expect(ds.initialized?).to eq(false)
+            # Most importantly: no command should have been executed
+            expect(File.exist?(marker_file)).to eq(false), "Command injection detected with path: #{malicious_path}"
+          end
+        end
+      end
+
       it "sets start event and initialized on successful load" do
         file = make_temp_file(all_properties_json)
         with_data_source({ paths: [ file.path ] }) do |ds|