Handle absent trace in API Security sampling

Strech · Strech · commit 59dd1d443b98 · 2025-06-18T15:41:45.000+02:00
diff --git a/lib/datadog/appsec/api_security.rb b/lib/datadog/appsec/api_security.rb
@@ -16,7 +16,7 @@ def self.sample?(request, response)
 
       def self.sample_trace?(trace)
         # NOTE: Reads as "if trace is priority sampled or if in standalone mode"
-        trace.priority_sampled? || !Datadog.configuration.apm.tracing.enabled
+        trace&.priority_sampled? || !Datadog.configuration.apm.tracing.enabled
       end
     end
   end
diff --git a/spec/datadog/appsec/api_security_spec.rb b/spec/datadog/appsec/api_security_spec.rb
@@ -56,6 +56,10 @@
       before { allow(trace).to receive(:priority_sampled?).and_return(false) }
 
       it { expect(described_class.sample_trace?(trace)).to be(true) }
+
+      context 'when trace is not present' do
+        it { expect(described_class.sample_trace?(nil)).to be(true) }
+      end
     end
 
     context 'when running in normal mode' do
@@ -77,6 +81,10 @@
 
         it { expect(described_class.sample_trace?(trace)).to be(false) }
       end
+
+      context 'when trace is not present' do
+        it { expect(described_class.sample_trace?(nil)).to be(false) }
+      end
     end
   end
 end
