only legacy code creates package version metric

Don't create package major version supportability metric when package info
for vulnerability management is collected using composer - this results in
a lot of metrics (one metric for each package) which is not very useful.
Agent will only generate a handful metrics for packages that are instrumented,
and, if composer is enabled, the major version value will be from package info
collected using composer api. Otherwise legacy method  will be used to obtain
the major version value (retrieve from the package itself by accessing static
VERSION constant or calling to get_version method).

[WIP] - unit tests updates pending...

agent/fw_drupal8.c

@@ -689,8 +689,8 @@ void nr_drupal_version() {
     if (NRINI(vulnerability_management_package_detection_enabled)) {
       nr_txn_add_php_package(NRPRG(txn), PHP_PACKAGE_NAME, version);
     }
-    nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                    version);
+    nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
+                                                    version, nr_fw_support_add_package_supportability_metric);
   }
 
   nr_php_zval_free(&zval_version);

agent/fw_laravel.c

@@ -963,8 +963,8 @@ NR_PHP_WRAPPER(nr_laravel_application_construct) {
     // Add php package to transaction
     nr_txn_add_php_package(NRPRG(txn), PHP_PACKAGE_NAME, version);
   }
-  nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                  version);
+  nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
+                                                  version, nr_fw_support_add_package_supportability_metric);
 
   if (version) {
     nrl_debug(NRL_FRAMEWORK, "Laravel version is " NRP_FMT, NRP_PHP(version));

agent/fw_slim.c

@@ -163,8 +163,8 @@ NR_PHP_WRAPPER(nr_slim_application_construct) {
     nr_txn_add_php_package(NRPRG(txn), PHP_PACKAGE_NAME, version);
   }
 
-  nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                  version);
+  nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
+                                                  version, nr_fw_support_add_package_supportability_metric);
 
   nr_free(version);
   nr_php_scope_release(&this_var);

agent/fw_wordpress.c

@@ -813,8 +813,8 @@ void nr_wordpress_version() {
       if (NRINI(vulnerability_management_package_detection_enabled)) {
         nr_txn_add_php_package(NRPRG(txn), PHP_PACKAGE_NAME, version);
       }
-      nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                      version);
+      nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
+                                                      version, nr_fw_support_add_package_supportability_metric);
     }
     zval_dtor(&retval);
   }

agent/lib_aws_sdk_php.c

@@ -69,8 +69,8 @@ void nr_lib_aws_sdk_php_handle_version() {
     /* Add php package to transaction */
     nr_txn_add_php_package(NRPRG(txn), PHP_PACKAGE_NAME, version);
   }
-  nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                  version);
+  nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
+                                                  version, nr_fw_support_add_package_supportability_metric);
   nr_php_zval_free(&zval_version);
 }
 

agent/lib_composer.c

@@ -214,8 +214,6 @@ static void nr_execute_handle_autoload_composer_get_packages_information(
             nr_txn_add_php_package(NRPRG(txn), NRSAFESTR(Z_STRVAL_P(value)),
                                   NRSAFESTR(version));
           }
-          nr_fw_support_add_package_supportability_metric(
-              NRPRG(txn), NRSAFESTR(Z_STRVAL_P(value)), NRSAFESTR(version));
         }
       }
       ZEND_HASH_FOREACH_END();
@@ -244,9 +242,6 @@ static void nr_execute_handle_autoload_composer_get_packages_information(
                          NRSAFESTR(Z_STRVAL_P(package_version)));
         nr_txn_add_php_package_from_source(NRPRG(txn), NRSAFESTR(ZSTR_VAL(package_name)),
                             NRSAFESTR(Z_STRVAL_P(package_version)), NR_PHP_PACKAGE_SOURCE_COMPOSER);
-        nr_fw_support_add_package_supportability_metric(
-            NRPRG(txn), NRSAFESTR(ZSTR_VAL(package_name)),
-            NRSAFESTR(Z_STRVAL_P(package_version)));
       }
     }
     ZEND_HASH_FOREACH_END();

agent/lib_guzzle6.c

@@ -366,8 +366,8 @@ NR_PHP_WRAPPER_START(nr_guzzle6_client_construct) {
   if (NULL == version) {
     version = nr_php_get_object_constant(this_var, "MAJOR_VERSION");
   }
-  nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                  version);
+  nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
+                                                  version, nr_fw_support_add_package_supportability_metric);
   nr_free(version);
 
   (void)wraprec;

agent/lib_monolog.c

@@ -378,8 +378,8 @@ NR_PHP_WRAPPER(nr_monolog_logger_addrecord) {
         = nr_monolog_get_timestamp(api, argc, NR_EXECUTE_ORIG_ARGS TSRMLS_CC);
     char version[MAJOR_VERSION_LENGTH];
     snprintf(version, sizeof(version), "%d", api);
-    nr_fw_support_add_package_supportability_metric(NRPRG(txn),
-                                                    PHP_PACKAGE_NAME, version);
+    nr_txn_add_package_major_version_supportability_metric(NRPRG(txn),
+                                                    PHP_PACKAGE_NAME, version, nr_fw_support_add_package_supportability_metric);
   }
 
   /* Record the log event */

agent/lib_predis.c

@@ -654,8 +654,7 @@ NR_PHP_WRAPPER(nr_predis_client_construct) {
     // Add php package to transaction
     nr_txn_add_php_package(NRPRG(txn), PHP_PACKAGE_NAME, version);
   }
-  nr_fw_support_add_package_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME,
-                                                  version);
+  nr_txn_add_package_major_version_supportability_metric(NRPRG(txn), PHP_PACKAGE_NAME, version, nr_fw_support_add_package_supportability_metric);
   nr_free(version);
 
   /*

axiom/nr_php_packages.h

@@ -10,6 +10,7 @@
 #include "util_random.h"
 #include "util_vector.h"
 #include "util_hashmap.h"
+#include "util_strings.h"
 
 #define PHP_PACKAGE_VERSION_UNKNOWN " "
 
@@ -140,6 +141,26 @@ static inline int nr_php_packages_has_package(nr_php_packages_t* h,
   return 0;
 }
 
+/*
+ * Purpose : Retrieve a pointer to php package from the collection
+ *
+ * Params  : 1. A pointer to nr_php_packages_t
+ *           2. The name of the package to retrieve
+ *
+ * Returns : Returns pointer to php package if the package exists or NULL
+ */
+static inline nr_php_package_t* nr_php_packages_get_package(nr_php_packages_t* php_packages,
+                                              const char* package_name) {
+  if (NULL == package_name) {
+    return NULL;
+  }
+
+  if (nrlikely(NULL != php_packages && NULL != php_packages->data)) {
+    return (nr_php_package_t*)nr_hashmap_get(php_packages->data, package_name, nr_strlen(package_name));
+  }
+  return NULL;
+}
+
 /*
  * Purpose : Converts a package to a json
  *

axiom/nr_txn.c

@@ -3518,3 +3518,24 @@ void nr_txn_add_php_package(nrtxn_t* txn,
   nr_txn_add_php_package_from_source(txn, package_name, package_version,
                                      NR_PHP_PACKAGE_SOURCE_LEGACY);
 }
+
+void nr_txn_add_package_major_version_supportability_metric(
+    nrtxn_t* txn,
+    const char* package_name,
+    const char* fallback_version,
+    void (*add_metric_callback)(nrtxn_t*, const char*, const char*)) {
+  const char* version = fallback_version;
+
+  if (NULL == txn || NULL == package_name) {
+    return;
+  }
+
+  if (txn->composer_info.composer_detected && NULL != txn->php_packages) {
+    nr_php_package_t *p = nr_php_packages_get_package(txn->php_packages, package_name);
+    if (p) {
+      version = p->package_version;
+    }
+  }
+
+  add_metric_callback(txn, package_name, version);
+}

axiom/nr_txn.h

@@ -1197,4 +1197,22 @@ void nr_txn_add_php_package(nrtxn_t* txn,
                             char* package_name,
                             char* package_version);
 
+/*
+ * Purpose : Add php package major version supportability metric.
+ *           This function will look for package version in php_packages
+ *           and fall back to the version provided if php_packages don't
+ *           contain package_name.
+ *
+ * Params  : 1. The transaction
+ *           2. Package name
+ *           3. Fallback package version
+ *           4. Function to add metric (nr_fw_support_add_package_supportability_metric)
+ *
+ */
+extern void nr_txn_add_package_major_version_supportability_metric(
+    nrtxn_t* txn,
+    const char* package_name,
+    const char* fallback_version,
+    void (*add_metric_callback)(nrtxn_t*, const char*, const char*));
+
 #endif /* NR_TXN_HDR */

tests/integration/autoloader/test_autoloader_with_composer_enabled.php

@@ -6,9 +6,8 @@
 
 /*DESCRIPTION
 Test detection of autoloader when Composer is used. Supportability metrics for
-Autoloader and Composer libraries should be present. Additionally, package
-supportability metrics should be present for each package detected. Package
-harvest should contain all packages reported by composer.
+Autoloader and Composer libraries should be present. Package harvest should
+contain all packages reported by composer.
 */
 
 /*INI
@@ -23,8 +22,6 @@
 /*EXPECT_METRICS_EXIST
 Supportability/library/Autoloader/detected, 1
 Supportability/library/Composer/detected, 1
-Supportability/PHP/package/vendor1/package1/1/detected, 1
-Supportability/PHP/package/vendor2/package2/2/detected, 1
 */
 
 /*EXPECT_TRACED_ERRORS null*/