contrast-agent 4.10.0 → 4.13.1

data/lib/contrast/agent/assess/policy/propagator/match_data.rb

@@ -15,7 +15,7 @@ module Contrast
                 case ret
                 when Array
                   idx = 0
-                  while idx < ret.size
+                  while idx < ret.length
                     return_value = ret[idx]
                     index = idx
                     idx += 1
@@ -34,7 +34,7 @@ module Contrast
 
               def captures_tagger propagation_node, preshift, ret, _block
                 idx = 0
-                while idx < ret.size
+                while idx < ret.length
                   return_value = ret[idx]
                   index = idx
                   idx += 1
@@ -48,7 +48,7 @@ module Contrast
 
               def to_a_tagger propagation_node, preshift, ret, _block
                 idx = 0
-                while idx < ret.size
+                while idx < ret.length
                   return_value = ret[idx]
                   index = idx
                   idx += 1
@@ -61,7 +61,7 @@ module Contrast
 
               def values_at_tagger propagation_node, preshift, ret, _block
                 idx = 0
-                while idx < ret.size
+                while idx < ret.length
                   return_value = ret[idx]
                   return_index = idx
                   idx += 1

data/lib/contrast/agent/assess/policy/propagator/remove.rb

@@ -26,7 +26,6 @@ module Contrast
                 return unless (properties = Contrast::Agent::Assess::Tracker.properties!(target))
 
                 source_string = source.is_a?(String) ? source : source.to_s
-
                 # If the lengths are the same, we should just copy the tags because nothing was removed, but a new
                 # instance could have been created. copy_from will handle the case where the source is the target.
                 if source_string.length == target.length
@@ -34,10 +33,7 @@ module Contrast
                   return
                 end
 
-                source_chars = source_string.chars
                 source_idx = 0
-
-                target_chars = target.chars
                 target_idx = 0
 
                 remove_ranges = []
@@ -45,10 +41,9 @@ module Contrast
 
                 # loop over the target, the result of the delete every range of characters that it differs from the
                 # source represents a section that was deleted. these sections need to have their tags updated
-                target_len = target_chars.length
-                while target_idx < target_len
-                  target_char = target_chars[target_idx]
-                  source_char = source_chars[source_idx]
+                while target_idx < target.length
+                  target_char = target[target_idx]
+                  source_char = source_string[source_idx]
                   if target_char == source_char
                     target_idx += 1
                     if start
@@ -63,7 +58,7 @@ module Contrast
 
                 # once we're done looping over the target, anything left over is extra from the source that was
                 # deleted. tags applying to it need to be removed.
-                remove_ranges << (source_idx...source_chars.length) if source_idx != source_chars.length
+                remove_ranges << (source_idx...source_string.length) if source_idx != source_string.length
 
                 # handle deleting the removed ranges
                 properties.delete_tags_at_ranges(remove_ranges)

data/lib/contrast/agent/assess/policy/source_method.rb

@@ -6,6 +6,7 @@ require 'contrast/agent/assess/policy/source_validation/source_validation'
 require 'contrast/components/logger'
 require 'contrast/utils/object_share'
 require 'contrast/utils/sha256_builder'
+require 'contrast/utils/assess/source_method_utils'
 
 module Contrast
   module Agent
@@ -16,6 +17,7 @@ module Contrast
         # used in Assess vulnerability detection.
         module SourceMethod
           extend Contrast::Components::Logger::InstanceMethods
+          extend Contrast::Utils::Assess::SourceMethodUtils
 
           PARAMETER_TYPE     = 'PARAMETER'
           PARAMETER_KEY_TYPE = 'PARAMETER_KEY'
@@ -133,15 +135,6 @@ module Contrast
                   !Contrast::Agent::Assess::Tracker.trackable?(key)
             end
 
-            # Safely duplicate the target, or return nil
-            #
-            # @param target [Object] the thing to check for duplication
-            def safe_dup target
-              target.dup
-            rescue StandardError => _e
-              nil
-            end
-
             # Hash is designed to keep one instance of the string key in it. We need to remove the existing one and
             # replace it with our new tracked one.
             def handle_hash_key target, to_replace
@@ -174,68 +167,6 @@ module Contrast
               properties.build_event(source_node, target, object, ret, args, source_type, source_name)
             end
 
-            # Find the name of the source
-            #
-            # @param source_node [Contrast::Agent::Assess::Policy::SourceNode] the node to direct applying this source
-            #   event
-            # @param object [Object] the Object on which the method was invoked
-            # @param ret [Object] the Return of the invoked method
-            # @param args [Array<Object>] the Arguments with which the method was invoked
-            # @return [String, nil] the human readable name of the target to which this source event applies, or nil if
-            #   none provided by the node
-            def determine_source_name source_node, object, ret, *args
-              return source_node.get_property('dynamic_source_name') if source_node.type == 'UNTRUSTED_DATABASE'
-
-              source_node_source = source_node.sources[0]
-              case source_node_source
-              when nil
-                nil
-              when Contrast::Utils::ObjectShare::RETURN_KEY
-                ret
-              when Contrast::Utils::ObjectShare::OBJECT_KEY
-                object
-              else
-                args[source_node_source]
-              end
-            end
-
-            # Determine if we should analyze this method invocation for a Source or not. We should if we have enough
-            # information to build the context of this invocation, we're not disabled, and we can't immediately
-            # determine the invocation was done safely.
-            #
-            # @param method_policy [Contrast::Agent::Patching::Policy::MethodPolicy] the policy that applies to the
-            #   method being called
-            # @param object [Object] the Object on which the method was invoked
-            # @param ret [Object] the Return of the invoked method
-            # @param args [Array<Object>] the Arguments with which the method was invoked
-            # @return [boolean] if the invocation of this method should be analyzed
-            def analyze? method_policy, object, ret, args
-              return false unless method_policy&.source_node
-              return false unless ::Contrast::ASSESS.enabled?
-              return false unless Contrast::Agent::REQUEST_TRACKER.current&.analyze_request?
-
-              !safe_invocation?(method_policy.source_node, object, ret, args)
-            end
-
-            # Determine if the method was invoked safely.
-            #
-            # @param source_node [Contrast::Agent::Assess::Policy::SourceNode] the node to direct applying this source
-            #   event
-            # @param _object [Object] the Object on which the method was invoked
-            # @param _ret [Object] the Return of the invoked method
-            # @param args [Array<Object>] the Arguments with which the method was invoked
-            # @return [boolean] if the invocation of this method was safe
-            def safe_invocation? source_node, _object, _ret, args
-              # According the the Rack Specification https://github.com/rack/rack/blob/master/SPEC.rdoc, any header
-              # from the Request will start with HTTP_. As such, only Headers with that key should be considered for
-              # tracking, as the others have come from the Framework or Middleware stashing in the ENV. Rails, for
-              # instance, uses action_dispatch. to store several values. Technically, you can't call
-              # Rack::Request#get_header without a parameter, and that parameter should be a String, but trust no one.
-              source_node.id == 'Assess:Source:Rack::Request::Env#get_header' &&
-                  args&.any? &&
-                  !args[0].to_s.start_with?('HTTP_')
-            end
-
             # Find the literal target of the propagation
             #
             # @param source_node [Contrast::Agent::Assess::Policy::SourceNode] the node to direct applying this source

data/lib/contrast/agent/assess/policy/trigger_method.rb

@@ -6,6 +6,7 @@ require 'contrast/agent/assess/policy/trigger_validation/trigger_validation'
 require 'contrast/components/logger'
 require 'contrast/utils/object_share'
 require 'contrast/utils/sha256_builder'
+require 'contrast/utils/assess/trigger_method_utils'
 
 module Contrast
   module Agent
@@ -17,6 +18,7 @@ module Contrast
         # report is issued to the Service.
         module TriggerMethod
           extend Contrast::Components::Logger::InstanceMethods
+          extend Contrast::Utils::Assess::TriggerMethodUtils
 
           # The level of TeamServer compliance our traces meet when in the abnormal condition of being dataflow rules
           # without routes.
@@ -84,6 +86,8 @@ module Contrast
             # activity message does not exist, b/c we're invoked outside of a request context, build an activity and
             # immediately report it with the finding.
             #
+            # TODO: RUBY-1351
+            #
             # @param finding [Contrast::Api::Dtm::Finding] the Finding to report.
             # @param request [Contrast::Agent::Request] our wrapper around the Rack::Request.
             def report_finding finding, request = nil
@@ -108,64 +112,10 @@ module Contrast
 
             private
 
-            # A request is reportable if it is not from ActionController::Live
-            #
-            # @param env [Hash] the env of the Request
-            # @return [Boolean]
-            def reportable? env
-              !(defined?(ActionController::Live) &&
-                env &&
-                env['action_controller.instance'].cs__class.included_modules.include?(ActionController::Live))
-            end
-
-            # Find the request for this finding. This assumes, for now, that if there is an active request, then that
-            # is the request to report. Otherwise, we'll use the first request found in the events of the
-            # source_object.
-            #
-            # @param source [Object,nil] some Object used as the source of a trigger event
-            # @return [Contrast::Agent::Request,nil] the request from which the dataflow on the request originated.
-            def find_request source
-              return Contrast::Agent::REQUEST_TRACKER.current.request if Contrast::Agent::REQUEST_TRACKER.current
-              return unless (properties = Contrast::Agent::Assess::Tracker.properties(source))
-
-              properties.events.each do |event|
-                next unless event.cs__is_a?(Contrast::Agent::Assess::Events::SourceEvent)
-
-                return event.request if event.request
-              end
-              nil
-            end
-
             def settings
               Contrast::Agent::FeatureState.instance
             end
 
-            # This is our method that actually checks the taint on the object our trigger_node targets.
-            #
-            # @param trigger_node [Contrast::Agent::Assess::Policy::TriggerNode] the node to direct applying this
-            #   trigger event
-            # @param source [Object] the source of the Trigger Event
-            # @param object [Object] the Object on which the method was invoked
-            # @param ret [Object] the Return of the invoked method
-            # @param args [Array<Object>] the Arguments with which the method was invoked
-            def apply_trigger trigger_node, source, object, ret, *args
-              return unless trigger_node
-              return if trigger_node.rule_disabled?
-              return if trigger_node.dataflow? && source.nil?
-
-              if trigger_node.regexp_rule?
-                apply_regexp_rule(trigger_node, source, object, ret, *args)
-              elsif trigger_node.custom_trigger?
-                trigger_node.apply_custom_trigger(trigger_node, source, object, ret, *args)
-              elsif trigger_node.dataflow?
-                apply_dataflow_rule(trigger_node, source, object, ret, *args)
-              else # trigger rule - just calling the method is dangerous
-                build_finding(trigger_node, source, object, ret, *args)
-              end
-            rescue StandardError => e
-              logger.warn('Unable to apply trigger', e, node_id: trigger_node.id)
-            end
-
             # Given the marker from the trigger_node (the pointer indicating the entity from which the taint
             # originated), return the entity on which this trigger needs to operate.
             #
@@ -199,59 +149,6 @@ module Contrast
               end
             end
 
-            # This is our method that actually checks the taint on the object our trigger_node targets for our Regexp
-            # based rules.
-            #
-            # @param trigger_node [Contrast::Agent::Assess::Policy::TriggerNode] the node to direct applying this
-            #   trigger event
-            # @param source [Object] the source of the Trigger Event
-            # @param object [Object] the Object on which the method was invoked
-            # @param ret [Object] the Return of the invoked method
-            # @param args [Array<Object>] the Arguments with which the method was invoked
-            def apply_regexp_rule trigger_node, source, object, ret, *args
-              return unless source.is_a?(String)
-              return if trigger_node.good_value && source.match?(trigger_node.good_value)
-              return if trigger_node.bad_value && source !~ trigger_node.bad_value
-
-              build_finding(trigger_node, source, object, ret, *args)
-            end
-
-            # This is our method that actually checks the taint on the object our trigger_node targets for our Dataflow
-            # based rules.
-            #
-            # @param trigger_node [Contrast::Agent::Assess::Policy::TriggerNode] the node to direct applying this
-            #   trigger event
-            # @param source [Object] the source of the Trigger Event
-            # @param object [Object] the Object on which the method was invoked
-            # @param ret [Object] the Return of the invoked method
-            # @param args [Array<Object>] the Arguments with which the method was invoked
-            def apply_dataflow_rule trigger_node, source, object, ret, *args
-              return unless source
-
-              if Contrast::Agent::Assess::Tracker.trackable?(source)
-                return unless Contrast::Agent::Assess::Tracker.tracked?(source)
-                return unless trigger_node.violated?(source)
-
-                build_finding(trigger_node, source, object, ret, *args)
-              elsif Contrast::Utils::DuckUtils.iterable_hash?(source)
-                source.each_pair do |key, value|
-                  apply_dataflow_rule(trigger_node, key, object, ret, *args)
-                  apply_dataflow_rule(trigger_node, value, object, ret, *args)
-                end
-              elsif Contrast::Utils::DuckUtils.iterable_enumerable?(source)
-                source.each do |value|
-                  apply_dataflow_rule(trigger_node, value, object, ret, *args)
-                end
-              else
-                logger.debug('Trigger source is untrackable. Unable to inspect.',
-                             node_id: trigger_node.id,
-                             source_id: source.__id__,
-                             source_type: source.cs__class.to_s,
-                             frozen: source.cs__frozen?)
-                logger.trace(source.to_s[0..99])
-              end
-            end
-
             def append_events finding, trigger_node, source, object, ret, args
               append_from_source(finding, source)
               finding.events << Contrast::Agent::Assess::Events::EventFactory.build(trigger_node, source, object, ret,

data/lib/contrast/agent/assess/policy/trigger_node.rb

@@ -14,7 +14,7 @@ module Contrast
         # specifically for those methods which result in the trigger of a
         # vulnerability (indicate points in the application where uncontrolled
         # user input can do damage).
-        class TriggerNode < PolicyNode
+        class TriggerNode < PolicyNode # rubocop:disable Metrics/ClassLength
           JSON_BAD_VALUE = 'bad_value'
           JSON_GOOD_VALUE = 'good_value'
           JSON_DISALLOWED_TAGS = 'disallowed_tags'
@@ -104,8 +104,7 @@ module Contrast
 
             properties = Contrast::Agent::Assess::Tracker.properties(source)
             # find the ranges that violate the rule (untrusted, etc)
-            vulnerable_ranges = ranges_with_all_tags(Contrast::Utils::StringUtils.ret_length(source), properties,
-                                                     required_tags)
+            vulnerable_ranges = ranges_with_all_tags(properties, required_tags)
             # if there aren't any vulnerable ranges, nope out
             return false if vulnerable_ranges.empty?
 
@@ -170,49 +169,56 @@ module Contrast
 
             tags.each do |tag|
               raise(ArgumentError, "Rule #{ rule_id } had an invalid tag. #{ tag } is not a known value.") unless
-                  Contrast::Api::Decorators::TraceTaintRangeTags::VALID_TAGS.include?(tag) ||
-                      Contrast::Api::Decorators::TraceTaintRangeTags::VALID_SOURCE_TAGS.include?(tag)
+                Contrast::Api::Decorators::TraceTaintRangeTags::VALID_TAGS.include?(tag) ||
+                    Contrast::Api::Decorators::TraceTaintRangeTags::VALID_SOURCE_TAGS.include?(tag)
             end
           end
 
           # Find the ranges that satisfy all of the given tags.
           #
-          # @param length [Integer] the length of the object which may have the
-          #   given tags -- used as the maximum index to search for all of the
-          #   tags.
           # @param properties [Contrast::Agent::Assess::Properties] the
           #   properties to check for the tags
           # @param required_tags [Set<String>] the list of tags on which to match
           # @return [Array<Contrast::Agent::Assess::Tag>] the ranges satisfied
           #   by the given conditions
-          def ranges_with_all_tags length, properties, required_tags
+          def ranges_with_all_tags properties, required_tags
             return Contrast::Utils::ObjectShare::EMPTY_ARRAY unless matches_tags?(properties, required_tags)
 
-            ranges = []
             chunking = false
+            ranges = []
+            # find the start and end range of required tags:
+            search_ranges = find_required_ranges properties, required_tags
+            start_range = search_ranges.first
+            end_range = search_ranges.last + 1
+
             # find all the indicies on the source that have all the given tags
-            (0..length).each do |idx|
-              tags_at = properties.tags_at(idx).to_a
+            while start_range < end_range
+
+              tags_at = properties.tags_at(start_range).to_a
               # only those that have all the required tags in the tags_at
               # satisfy the requirement
               satisfied = tags_at.any? && required_tags.all? { |tag| tags_at.any? { |found| found.label == tag } }
               # if this range matches all the required tags and we're already
               # chunking, meaning the previous range matched, do nothing
-              next if satisfied && chunking
+              if satisfied && chunking
+                start_range += 1
+                next
+              end
 
               # if we are satisfied and we were not chunking, this represents
               # the start of the next range, so create a new entry.
               if satisfied
-                ranges << Contrast::Agent::Assess::Tag.new('required', 0, idx)
+                ranges << Contrast::Agent::Assess::Tag.new('required', 0, start_range)
                 chunking = true
-              # if we are chunking and not satisfied, this represents the end
-              # of the range, meaning the last index is what satisfied the
-              # range. Because the range is exclusive end, we can just use this
-              # index.
+                # if we are chunking and not satisfied, this represents the end
+                # of the range, meaning the last index is what satisfied the
+                # range. Because the range is exclusive end, we can just use this
+                # index.
               elsif chunking
-                ranges[-1]&.update_end(idx)
+                ranges[-1]&.update_end(start_range)
                 chunking = false
               end
+              start_range += 1
             end
             ranges
           end
@@ -265,6 +271,33 @@ module Contrast
 
             true
           end
+
+          # Range finder helper for #ranges_with_all_tags
+          #
+          # @param properties [Contrast::Agent::Assess::Properties] the properties to check for the tags
+          # @param required_tags [Set<String>] the list of tags on which to match
+          # @return [Array] of required tags ranges to search
+          def find_required_ranges properties, required_tags
+            start_range = 0
+            end_range = 0
+            required_tags_arr = required_tags.to_a
+            idx = 0
+
+            while idx < required_tags_arr.length
+              # find the start and end range of required tags:
+              start_temp = properties.fetch_tag(required_tags_arr[idx])[0].start_idx
+              end_temp = properties.fetch_tag(required_tags_arr[idx])[0].end_idx
+              # first iteration only
+              start_range = start_temp if idx.zero?
+              end_range = end_temp if idx.zero?
+
+              # find the tag with smallest ranges
+              start_range = start_temp if start_range < start_temp
+              end_range = end_temp if end_range > end_temp
+              idx += 1
+            end
+            [start_range, end_range]
+          end
         end
       end
     end

data/lib/contrast/agent/assess/property/tagged.rb

@@ -5,6 +5,7 @@ require 'contrast/agent/assess/tag'
 require 'contrast/utils/object_share'
 require 'contrast/utils/string_utils'
 require 'contrast/utils/tag_util'
+require 'contrast/utils/assess/property/tagged_utils'
 
 module Contrast
   module Agent
@@ -13,6 +14,7 @@ module Contrast
         # This module serves to hold the functionality required for the
         # management of our dataflow tags.
         module Tagged
+          include Contrast::Utils::Assess::TaggedUtils
           # Is any tag present?
           # Creating Tags is expensive and we check for Tags all the time on
           # untracked things. ALWAYS!!! call this method before checking if an
@@ -45,125 +47,6 @@ module Contrast
             false
           end
 
-          # Find all of the ranges that span a given index. This is used
-          # in propagation when we need to shift tags about. For instance, in
-          # the append method when we need to see if any tag at the end needs
-          # to be expanded out to the size of the new String.
-          #
-          # Note: Tags do not know their key, so this is only the range covered
-          #
-          # @param idx [Integer] the index to check for tags
-          # @return [Array<Contrast::Agent::Assess::Tag>] a set of all the Tags
-          #   covering the given index. This is only the ranges, not the names.
-          def tags_at idx
-            return Contrast::Utils::ObjectShare::EMPTY_ARRAY unless tracked?
-
-            at = []
-            tags.each_value do |tag_array|
-              tag_array.each do |tag|
-                if tag.covers?(idx)
-                  at << tag
-                elsif tag.above?(idx)
-                  break
-                end
-              end
-            end
-            at
-          end
-
-          # given a range, select all tags in that range the selected tags are
-          # shifted such that the start index of the new tag (0) aligns with
-          # the given start index in the range
-          #
-          # current tags: 5-15
-          # range       : 5-10
-          # result      : 0-05
-          #
-          # Note that we disable Lint/DuplicateBranch in this branch in order
-          # list out all tag range cases in the proper order to make this
-          # easier to understand
-          #
-          # @param range [Range] the span to check, inclusive to exclusive
-          # @return [Hash{String => Contrast::Agent::Assess::Tag}] the hash of
-          #   key to tags
-          def tags_at_range range
-            return Contrast::Utils::ObjectShare::EMPTY_HASH unless tracked?
-
-            at = Hash.new { |h, k| h[k] = [] }
-            tags.each_pair do |key, value|
-              add = nil
-              value.each do |tag|
-                within_range = resize_to_range(tag, range)
-                if within_range
-                  add ||= []
-                  add << within_range
-                end
-              end
-              next unless add&.any?
-
-              at[key] = add
-            end
-            at
-          end
-
-          # Given a tag name and range object, add a new tag to this
-          # collection. If the given range touches an existing tag,
-          # we'll combine the two, adjusting the existing one and
-          # dropping this new one.
-          #
-          # @param label [String] the name of the tag
-          # @param range [Range] the Range that the tag covers, inclusive to
-          #   exclusive
-          def add_tag label, range
-            length = range.end - range.begin
-            tag = Contrast::Agent::Assess::Tag.new(label, length, range.begin)
-            existing = fetch_tag(label)
-            tags[label] = Contrast::Utils::TagUtil.ordered_merge(existing, tag)
-          end
-
-          def set_tags label, tag_ranges
-            tags[label] = tag_ranges
-          end
-
-          # Remove all tags with a given label
-          def delete_tags label
-            tags.delete(label) if tracked?
-          end
-
-          # Reset the tag hash
-          def clear_tags
-            tags.clear if tracked?
-          end
-
-          # Returns a list of all current tag labels, most likely to be used for
-          # a splat operation
-          def tag_keys
-            return Contrast::Utils::ObjectShare::EMPTY_ARRAY unless tracked?
-
-            tags.keys
-          end
-
-          # Calls merge to combine touching or overlapping tags
-          # Deletes empty tags
-          def cleanup_tags
-            return unless tracked?
-
-            Contrast::Utils::TagUtil.merge_tags(tags)
-            tags.delete_if { |_, value| value.empty? }
-          end
-
-          # We'll use this as a helper method to retrieve tags from the hash.
-          # Because the hash auto-populates an empty array when we try to
-          # access a tag in it, we cannot use the [] method without side
-          # effect. To get around this, we'll use a fetch work around.
-          #
-          # @param label [Symbol] the label to look up
-          # @return [Array<Contrast::Agent::Assess::Tag>] all the tags with
-          #   that label
-          def fetch_tag label
-            tags.fetch(label, nil) if tracked?
-          end
-
           # Remove all tags within the given ranges.
           # This does not delete an entire tag if part of that tag is
           # outside this range, meaning we may reduce sizes of tags
@@ -218,19 +101,6 @@ module Contrast
             end
           end
 
-          # Because of the auto-fill thing, we should not allow direct access to
-          # the tags hash. Instead, the methods above should be used to do
-          # operations like add, delete, and fetch.
-          #
-          # CONTRAST-22914
-          # please do NOT expose this w/ an attr_reader / accessor. there are
-          # helper methods in this class that safely access the hash. the tags
-          # method is private to avoid the side effect of a direct lookup with
-          # `[]` adding an empty array to the hash.
-          def tags
-            @_tags ||= Hash.new { |h, k| h[k] = [] }
-          end
-
           # Remove the tag ranges covering the given range
           def remove_tags range
             return unless tracked?
@@ -334,6 +204,19 @@ module Contrast
 
           private
 
+          # Because of the auto-fill thing, we should not allow direct access to
+          # the tags hash. Instead, the methods above should be used to do
+          # operations like add, delete, and fetch.
+          #
+          # CONTRAST-22914
+          # please do NOT expose this w/ an attr_reader / accessor. there are
+          # helper methods in this class that safely access the hash. the tags
+          # method is private to avoid the side effect of a direct lookup with
+          # `[]` adding an empty array to the hash.
+          def tags
+            @_tags ||= Hash.new { |h, k| h[k] = [] }
+          end
+
           # Given a tag, compare it to a given range and, if any part of that tag is within the range, return a new tag
           # covering the union of the original tag and the range. This new tag will start at the
           # max(tag.start, range.start) and end at min(tag.end, range.end)

data/lib/contrast/agent/deadzone/policy/policy.rb

@@ -35,6 +35,12 @@ module Contrast
             end
           end
 
+          def validate
+            return if class_name
+
+            raise(ArgumentError, "#{ node_class } #{ id } did not have a proper class name. Unable to create.")
+          end
+
           def module_names
             @_module_names ||= Set.new(deadzones.map(&:class_name))
           end

data/lib/contrast/agent/inventory/dependency_usage_analysis.rb

@@ -60,7 +60,7 @@ module Contrast
 
           digest = Contrast::Utils::Sha256Builder.instance.build_from_spec(spec)
           unless digest
-            logger.debug('Unable to resolve digest for gem spec', spec: spec.to_s)
+            logger.debug('Unable to resolve digest for gem spec', spec: spec.to_s) if logger.debug?
             return
           end
           report_path = adjust_path_for_reporting(path, spec)
@@ -71,6 +71,7 @@ module Contrast
 
         # Populate the library_usages field of the Activity message using the data stored in the @gemdigest_cache.
         #
+        # TODO: RUBY-1355
         # @param activity [Contrast::Api::Dtm::Activity] the message to which to append the usage data
         def generate_library_usage activity
           return unless enabled?