contrast-agent 3.15.0 → 4.3.0

data/resources/deadzone/policy.json

@@ -55,6 +55,162 @@
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"commit_session"
+    }, {
+      "class_name":"Rack::Session::Abstract::Persisted",
+      "instance_method":true,
+      "method_visibility": "private",
+      "method_name":"session_exists?",
+      "code": "https://github.com/rack/rack/blob/master/lib/rack/session/abstract/id.rb#L334"
+    }, {
+      "class_name":"ActionDispatch::Http::MimeNegotiation",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"formats",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/mime_negotiation.rb#L63"
+    }, {
+      "class_name":"ActionDispatch::FileHandler",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"match?",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/static.rb#L30"
+    }, {
+      "class_name":"ActionDispatch::Journey::Router",
+      "instance_method":true,
+      "method_visibility": "private",
+      "method_name":"find_routes",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/journey/router.rb#L107"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"controler_class_for",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L84"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"engine_script_name=",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L158"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"remote_ip",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L286"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"request_id",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L302"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"local?",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L409"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookie_jar",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L11"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"have_cookie_jar?",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L24"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"key_generator",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L32"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"signed_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L36"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"encrypted_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L40"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"encrypted_signed_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L44"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"authenticated_encrypted_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L48"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"use_authenticated_cookie_encryption",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L52"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"encrypted_cookie_cipher",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L56"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"signed_cookie_digest",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L60"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"secret_key_base",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L64"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_serializer",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L68"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_digest",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L72"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_rotations",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L76"
+    }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"use_cookies_with_metadata",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L80"
+    }, {
+      "class_name":"ActionDispatch::Request::Session",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"exists?",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/request/session.rb#L201"
+    }, {
+      "class_name":"ActionView::Template",
+      "instance_method":true,
+      "method_visibility": "private",
+      "method_name":"method_name",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionview/lib/action_view/template.rb#L368"
     }
   ]
 }

data/resources/protect/policy.json

@@ -379,6 +379,18 @@
           "method_visibility": "public",
           "applicator_method": "apply_rule__io",
           "properties": {}
+        },{
+          "class_name": "Nokogiri::XML::Document",
+          "method_name": "parse",
+          "instance_method": false,
+          "method_visibility": "public",
+          "properties": {}
+        }, {
+          "class_name": "Nokogiri::XML::SAX::Parser",
+          "method_name": "parse",
+          "instance_method": true,
+          "method_visibility": "public",
+          "properties": {}
         },{
           "class_name": "Nokogiri::XML::SAX::Parser",
           "method_name": "parse_memory",

data/ruby-agent.gemspec

@@ -14,12 +14,14 @@ def self.add_authors spec
     donald.propst@contrastsecurity.com
     alex.macdonald@contrastsecurity.com
     mark.petersen@contrastsecurity.com
+    joshua.reed@contrastsecurity.com
   ]
 end
 
 # Add those dependencies required to develop or test the Agent
 def self.add_dev_dependencies spec
   spec.add_development_dependency 'amazing_print'
+  spec.add_development_dependency 'benchmark-ips'
   spec.add_development_dependency 'bundler'
   spec.add_development_dependency 'climate_control' # mock ENV
   spec.add_development_dependency 'debase'
@@ -28,20 +30,23 @@ def self.add_dev_dependencies spec
   spec.add_development_dependency 'factory_bot'
   spec.add_development_dependency 'fake_ftp'
   spec.add_development_dependency 'fasterer'
+  spec.add_development_dependency 'flay'
   spec.add_development_dependency 'openssl'
   spec.add_development_dependency 'parser', '~> 2.6'
   spec.add_development_dependency 'pry'
   spec.add_development_dependency 'rails', '>= 3'
-  spec.add_development_dependency 'rake', '~> 10.0'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
   spec.add_development_dependency 'rake-compiler', '~> 0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rspec-benchmark'
   spec.add_development_dependency 'rspec_junit_formatter', '0.3.0'
-  spec.add_development_dependency 'rubocop', '0.89.1'
-  spec.add_development_dependency 'rubocop-performance', '1.7.1'
-  spec.add_development_dependency 'rubocop-rspec', '1.42.0'
+  spec.add_development_dependency 'rubocop', '1.6.1'
+  spec.add_development_dependency 'rubocop-performance', '1.9.1'
+  spec.add_development_dependency 'rubocop-rails', '2.9.1'
+  spec.add_development_dependency 'rubocop-rake', '0.5.1'
+  spec.add_development_dependency 'rubocop-rspec', '2.1.0'
   spec.add_development_dependency 'ruby-debug-ide'
-  spec.add_development_dependency 'simplecov', '~> 0.18'
+  spec.add_development_dependency 'simplecov', '0.20.0'
   spec.add_development_dependency 'sinatra', '>= 2'
   spec.add_development_dependency 'sqlite3', '1.3.9'
   spec.add_development_dependency 'therubyracer'
@@ -57,7 +62,7 @@ end
 # corresponding update to the fake gem server data in TeamServer.
 def self.add_dependencies spec
   spec.add_dependency 'ougai', '~> 1.8'
-  spec.add_dependency 'parser', '~> 2.6'
+  spec.add_dependency 'parser', '~> 2.6' # TODO: RUBY-714 remove w/ EOL of 2.5
   spec.add_dependency 'protobuf', '~> 3.10'
   spec.add_dependency 'rack', '~> 2.0'
 end

data/service_executables/VERSION

@@ -1 +1 @@
-2.12.0
+2.17.2

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 3.15.0
+  version: 4.3.0
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -9,10 +9,11 @@ authors:
 - donald.propst@contrastsecurity.com
 - alex.macdonald@contrastsecurity.com
 - mark.petersen@contrastsecurity.com
+- joshua.reed@contrastsecurity.com
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-09-18 00:00:00.000000000 Z
+date: 2021-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: amazing_print
@@ -28,6 +29,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: benchmark-ips
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -140,6 +155,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: flay
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: openssl
   requirement: !ruby/object:Gem::Requirement
@@ -200,16 +229,16 @@ dependencies:
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
   name: rake-compiler
   requirement: !ruby/object:Gem::Requirement
@@ -272,42 +301,70 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.89.1
+        version: 1.6.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.89.1
+        version: 1.6.1
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.7.1
+        version: 1.9.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 1.9.1
+- !ruby/object:Gem::Dependency
+  name: rubocop-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 2.9.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.7.1
+        version: 2.9.1
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '='
+      - !ruby/object:Gem::Version
+        version: 0.5.1
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.42.0
+        version: 2.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.42.0
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: ruby-debug-ide
   requirement: !ruby/object:Gem::Requirement
@@ -326,16 +383,16 @@ dependencies:
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.18'
+        version: 0.20.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.18'
+        version: 0.20.0
 - !ruby/object:Gem::Dependency
   name: sinatra
   requirement: !ruby/object:Gem::Requirement
@@ -484,20 +541,20 @@ executables:
 - contrast_service
 extensions:
 - ext/cs__common/extconf.rb
-- ext/cs__assess_yield_track/extconf.rb
-- ext/cs__assess_module/extconf.rb
-- ext/cs__assess_active_record_named/extconf.rb
+- ext/cs__assess_string_interpolation26/extconf.rb
 - ext/cs__contrast_patch/extconf.rb
-- ext/cs__assess_string/extconf.rb
-- ext/cs__assess_fiber_track/extconf.rb
-- ext/cs__assess_regexp/extconf.rb
-- ext/cs__assess_kernel/extconf.rb
-- ext/cs__assess_hash/extconf.rb
+- ext/cs__assess_module/extconf.rb
 - ext/cs__assess_marshal_module/extconf.rb
+- ext/cs__assess_hash/extconf.rb
 - ext/cs__assess_array/extconf.rb
-- ext/cs__protect_kernel/extconf.rb
 - ext/cs__assess_basic_object/extconf.rb
-- ext/cs__assess_string_interpolation26/extconf.rb
+- ext/cs__protect_kernel/extconf.rb
+- ext/cs__assess_string/extconf.rb
+- ext/cs__assess_active_record_named/extconf.rb
+- ext/cs__assess_regexp/extconf.rb
+- ext/cs__assess_yield_track/extconf.rb
+- ext/cs__assess_fiber_track/extconf.rb
+- ext/cs__assess_kernel/extconf.rb
 extra_rdoc_files: []
 files:
 - ".clang-format"
@@ -694,6 +751,7 @@ files:
 - lib/contrast/agent.rb
 - lib/contrast/agent/assess.rb
 - lib/contrast/agent/assess/contrast_event.rb
+- lib/contrast/agent/assess/contrast_object.rb
 - lib/contrast/agent/assess/events/event_factory.rb
 - lib/contrast/agent/assess/events/source_event.rb
 - lib/contrast/agent/assess/finalizers/freeze.rb
@@ -756,6 +814,11 @@ files:
 - lib/contrast/agent/deadzone/policy/policy.rb
 - lib/contrast/agent/disable_reaction.rb
 - lib/contrast/agent/exclusion_matcher.rb
+- lib/contrast/agent/inventory.rb
+- lib/contrast/agent/inventory/dependencies.rb
+- lib/contrast/agent/inventory/dependency_analysis.rb
+- lib/contrast/agent/inventory/dependency_usage_analysis.rb
+- lib/contrast/agent/inventory/gemfile_digest_cache.rb
 - lib/contrast/agent/inventory/policy/datastores.rb
 - lib/contrast/agent/inventory/policy/policy.rb
 - lib/contrast/agent/inventory/policy/trigger_node.rb
@@ -833,6 +896,8 @@ files:
 - lib/contrast/api/decorators/application_update.rb
 - lib/contrast/api/decorators/http_request.rb
 - lib/contrast/api/decorators/input_analysis.rb
+- lib/contrast/api/decorators/library.rb
+- lib/contrast/api/decorators/library_usage_update.rb
 - lib/contrast/api/decorators/message.rb
 - lib/contrast/api/decorators/rasp_rule_sample.rb
 - lib/contrast/api/decorators/route_coverage.rb
@@ -927,11 +992,9 @@ files:
 - lib/contrast/tasks/service.rb
 - lib/contrast/utils/assess/sampling_util.rb
 - lib/contrast/utils/assess/tracking_util.rb
-- lib/contrast/utils/boolean_util.rb
 - lib/contrast/utils/class_util.rb
 - lib/contrast/utils/duck_utils.rb
 - lib/contrast/utils/env_configuration_item.rb
-- lib/contrast/utils/gemfile_reader.rb
 - lib/contrast/utils/hash_digest.rb
 - lib/contrast/utils/heap_dump_util.rb
 - lib/contrast/utils/invalid_configuration_util.rb