contrast-agent 4.2.0 → 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (106) hide show
  1. checksums.yaml +4 -4
  2. data/Rakefile +1 -0
  3. data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +22 -10
  4. data/ext/cs__assess_marshal_module/cs__assess_marshal_module.h +4 -3
  5. data/lib/contrast/agent/assess/contrast_event.rb +49 -130
  6. data/lib/contrast/agent/assess/contrast_object.rb +51 -0
  7. data/lib/contrast/agent/assess/events/source_event.rb +4 -9
  8. data/lib/contrast/agent/assess/policy/patcher.rb +4 -3
  9. data/lib/contrast/agent/assess/policy/policy_node.rb +31 -59
  10. data/lib/contrast/agent/assess/policy/preshift.rb +3 -3
  11. data/lib/contrast/agent/assess/policy/propagation_method.rb +13 -19
  12. data/lib/contrast/agent/assess/policy/propagation_node.rb +12 -24
  13. data/lib/contrast/agent/assess/policy/propagator/append.rb +1 -2
  14. data/lib/contrast/agent/assess/policy/propagator/center.rb +1 -2
  15. data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
  16. data/lib/contrast/agent/assess/policy/propagator/database_write.rb +1 -3
  17. data/lib/contrast/agent/assess/policy/propagator/insert.rb +1 -2
  18. data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -2
  19. data/lib/contrast/agent/assess/policy/propagator/match_data.rb +3 -2
  20. data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -2
  21. data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -2
  22. data/lib/contrast/agent/assess/policy/propagator/remove.rb +2 -4
  23. data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -2
  24. data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -2
  25. data/lib/contrast/agent/assess/policy/propagator/select.rb +3 -4
  26. data/lib/contrast/agent/assess/policy/propagator/splat.rb +2 -4
  27. data/lib/contrast/agent/assess/policy/propagator/split.rb +73 -117
  28. data/lib/contrast/agent/assess/policy/propagator/substitution.rb +11 -11
  29. data/lib/contrast/agent/assess/policy/propagator/trim.rb +3 -7
  30. data/lib/contrast/agent/assess/policy/source_method.rb +2 -14
  31. data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +5 -8
  32. data/lib/contrast/agent/assess/policy/trigger/xpath.rb +1 -1
  33. data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
  34. data/lib/contrast/agent/assess/property/tagged.rb +21 -15
  35. data/lib/contrast/agent/assess/rule/redos.rb +1 -1
  36. data/lib/contrast/agent/assess/tracker.rb +16 -18
  37. data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +7 -0
  38. data/lib/contrast/agent/middleware.rb +50 -1
  39. data/lib/contrast/agent/patching/policy/method_policy.rb +1 -1
  40. data/lib/contrast/agent/patching/policy/patch.rb +4 -4
  41. data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +47 -1
  42. data/lib/contrast/agent/protect/policy/rule_applicator.rb +53 -0
  43. data/lib/contrast/agent/protect/rule/base.rb +63 -14
  44. data/lib/contrast/agent/protect/rule/cmd_injection.rb +3 -3
  45. data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -4
  46. data/lib/contrast/agent/protect/rule/deserialization.rb +4 -1
  47. data/lib/contrast/agent/protect/rule/no_sqli.rb +3 -3
  48. data/lib/contrast/agent/protect/rule/sqli.rb +3 -3
  49. data/lib/contrast/agent/protect/rule/xxe.rb +32 -11
  50. data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +10 -6
  51. data/lib/contrast/agent/reaction_processor.rb +1 -1
  52. data/lib/contrast/agent/response.rb +5 -5
  53. data/lib/contrast/agent/rewriter.rb +3 -3
  54. data/lib/contrast/agent/scope.rb +33 -13
  55. data/lib/contrast/agent/static_analysis.rb +13 -7
  56. data/lib/contrast/agent/version.rb +1 -1
  57. data/lib/contrast/api/decorators/library.rb +1 -0
  58. data/lib/contrast/api/decorators/library_usage_update.rb +1 -0
  59. data/lib/contrast/api/decorators/trace_event.rb +19 -31
  60. data/lib/contrast/api/decorators/trace_event_object.rb +11 -3
  61. data/lib/contrast/api/decorators/trace_event_signature.rb +27 -5
  62. data/lib/contrast/api/decorators/user_input.rb +2 -1
  63. data/lib/contrast/common_agent_configuration.rb +1 -1
  64. data/lib/contrast/components/assess.rb +36 -0
  65. data/lib/contrast/components/interface.rb +5 -3
  66. data/lib/contrast/components/scope.rb +23 -0
  67. data/lib/contrast/components/settings.rb +3 -3
  68. data/lib/contrast/config/assess_configuration.rb +2 -1
  69. data/lib/contrast/extension/assess/array.rb +1 -2
  70. data/lib/contrast/extension/assess/erb.rb +1 -3
  71. data/lib/contrast/extension/assess/exec_trigger.rb +1 -1
  72. data/lib/contrast/extension/assess/fiber.rb +2 -3
  73. data/lib/contrast/extension/assess/hash.rb +4 -2
  74. data/lib/contrast/extension/assess/kernel.rb +1 -2
  75. data/lib/contrast/extension/assess/marshal.rb +34 -26
  76. data/lib/contrast/extension/assess/regexp.rb +3 -8
  77. data/lib/contrast/extension/assess/string.rb +1 -2
  78. data/lib/contrast/framework/base_support.rb +51 -53
  79. data/lib/contrast/framework/manager.rb +3 -2
  80. data/lib/contrast/framework/rack/patch/session_cookie.rb +1 -1
  81. data/lib/contrast/framework/rack/support.rb +2 -1
  82. data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -1
  83. data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +1 -1
  84. data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +1 -1
  85. data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +1 -1
  86. data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +1 -1
  87. data/lib/contrast/framework/rails/support.rb +2 -1
  88. data/lib/contrast/framework/sinatra/support.rb +3 -2
  89. data/lib/contrast/logger/application.rb +0 -3
  90. data/lib/contrast/utils/duck_utils.rb +1 -1
  91. data/lib/contrast/utils/heap_dump_util.rb +1 -1
  92. data/lib/contrast/utils/object_share.rb +3 -3
  93. data/lib/contrast/utils/preflight_util.rb +1 -1
  94. data/lib/contrast/utils/prevent_serialization.rb +1 -1
  95. data/lib/contrast/utils/resource_loader.rb +1 -1
  96. data/lib/contrast/utils/sha256_builder.rb +2 -2
  97. data/lib/contrast/utils/string_utils.rb +1 -1
  98. data/lib/contrast/utils/tag_util.rb +9 -13
  99. data/resources/assess/policy.json +9 -9
  100. data/resources/deadzone/policy.json +156 -0
  101. data/resources/protect/policy.json +12 -0
  102. data/ruby-agent.gemspec +9 -6
  103. data/service_executables/VERSION +1 -1
  104. data/service_executables/linux/contrast-service +0 -0
  105. data/service_executables/mac/contrast-service +0 -0
  106. metadata +68 -25
@@ -41,9 +41,6 @@ module Contrast
41
41
  hash[conversion.key] = conversion.dot_path_array.join('.')
42
42
  end
43
43
  info('Set by environment', overrides: env_translations)
44
- rescue StandardError => e
45
- puts e
46
- sleep(5)
47
44
  end
48
45
 
49
46
  def application_libraries
@@ -4,7 +4,7 @@
4
4
  module Contrast
5
5
  module Utils
6
6
  # Utility methods for identifying instances that can be used interchangeably
7
- class DuckUtils
7
+ module DuckUtils
8
8
  class << self
9
9
  # Determine if the given object, or the object to which it delegates,
10
10
  # responds to the given method.
@@ -106,7 +106,7 @@ module Contrast
106
106
  logger.info('******** HEAP DUMP HAS CONCLUDED ********')
107
107
  logger.info('*** APPLICATION PROCESS WILL EXIT SHORTLY ***')
108
108
  logger.info('*****************************************************')
109
- exit # We weren't kidding!
109
+ exit # rubocop:disable Rails/Exit We weren't kidding!
110
110
  end
111
111
  end
112
112
  end
@@ -1,13 +1,13 @@
1
1
  # Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
2
2
  # frozen_string_literal: true
3
3
 
4
- # rubocop:disable Object/Freeze
4
+ # rubocop:disable Security/Object/Freeze
5
5
  module Contrast
6
6
  module Utils
7
7
  # A utility class where a series of commonly used Strings and other
8
8
  # commonly used objects can be store and frozen to prevent unnecessary
9
9
  # duplication.
10
- class ObjectShare
10
+ module ObjectShare
11
11
  # Strings
12
12
  ASTERISK = '*'
13
13
  BACK_SLASH = '\\'
@@ -76,4 +76,4 @@ module Contrast
76
76
  end
77
77
  end
78
78
  end
79
- # rubocop:enable Object/Freeze
79
+ # rubocop:enable Security/Object/Freeze
@@ -4,7 +4,7 @@
4
4
  module Contrast
5
5
  module Utils
6
6
  # Utility for generating preflight message token
7
- class PreflightUtil
7
+ module PreflightUtil
8
8
  def self.create_preflight finding
9
9
  "#{ finding.rule_id },#{ finding.hash_code }"
10
10
  end
@@ -7,7 +7,7 @@ module Contrast
7
7
  #
8
8
  # Marshal is pretty cool. It does a lot of things well. What it doesn't
9
9
  # mess around with though is StringIO. And what we don't want to do is
10
- # serialize ourselves out with Marshal#dump.
10
+ # serialize ourselves out with Marshal.dump.
11
11
  #
12
12
  # Unfortunately, we have to mess around w/ that. To isolate our things from
13
13
  # user dumped Strings (and so that we can marshal findings), we have
@@ -4,7 +4,7 @@
4
4
  module Contrast
5
5
  module Utils
6
6
  # ResourceLoader can attempt to read a file from a predefined resource directory
7
- class ResourceLoader
7
+ module ResourceLoader
8
8
  RESOURCES = 'resources'
9
9
 
10
10
  # __FILE__/../../../resources
@@ -29,8 +29,8 @@ module Contrast
29
29
 
30
30
  # Generate a SHA256 hash of the combined source code of this Gem
31
31
  def sha256 path
32
- return nil unless path
33
- return nil unless File.exist?(path) && !File.directory?(path)
32
+ return unless path
33
+ return unless File.exist?(path) && !File.directory?(path)
34
34
 
35
35
  @sha256_cache[path] ||= Digest::SHA256.file(path).to_s
36
36
  end
@@ -74,7 +74,7 @@ module Contrast
74
74
  # @return [String] a copy of the given String, upper cased, trimmed,
75
75
  # dashes replaced with underscore, and HTTP trimmed
76
76
  def self.normalized_key str
77
- return nil unless str
77
+ return unless str
78
78
 
79
79
  str = str.to_s
80
80
  @_normalized_keys ||= {}
@@ -19,16 +19,15 @@ module Contrast
19
19
 
20
20
  relationship = tag.compare_range(range.start_idx, range.end_idx)
21
21
  case relationship
22
- when Contrast::Agent::Assess::Tag::BELOW
23
22
  # since the tags are ordered, if we're below, nope out
24
- return false
25
- when Contrast::Agent::Assess::Tag::LOW_SPAN
26
- # if we ever get a low span, that means a low part
27
- # won't be covered. there's no need to continue
28
- return false
29
- when Contrast::Agent::Assess::Tag::WITHOUT
30
- # if we ever get a without, that means a low part won't
31
- # be covered. there's no need to continue
23
+ when Contrast::Agent::Assess::Tag::BELOW,
24
+ # if we ever get a low span, that means a low part
25
+ # won't be covered. there's no need to continue
26
+ Contrast::Agent::Assess::Tag::LOW_SPAN,
27
+ # if we ever get a without, that means a low part won't
28
+ # be covered. there's no need to continue
29
+ Contrast::Agent::Assess::Tag::WITHOUT
30
+
32
31
  return false
33
32
  when Contrast::Agent::Assess::Tag::WITHIN
34
33
  # if we're within, then 0 out this tag since it is
@@ -131,10 +130,7 @@ module Contrast
131
130
  smallered = []
132
131
  curr = nil
133
132
  tags.each do |tag|
134
- if curr.nil?
135
- curr = tag
136
- smallered << curr
137
- elsif tag.start_idx <= curr.end_idx
133
+ if curr && tag.start_idx <= curr.end_idx
138
134
  curr.update_end(tag.end_idx) if tag.end_idx > curr.end_idx
139
135
  else
140
136
  curr = tag
@@ -640,7 +640,7 @@
640
640
  "action": "CUSTOM",
641
641
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Substitution",
642
642
  "patch_method": "gsub_tagger",
643
- "source": "O,P",
643
+ "source": "O,P1",
644
644
  "target": "R"
645
645
  }, {
646
646
  "class_name": "String",
@@ -650,7 +650,7 @@
650
650
  "action": "CUSTOM",
651
651
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Substitution",
652
652
  "patch_method": "gsub_tagger",
653
- "source": "O,P",
653
+ "source": "O,P1",
654
654
  "target": "O"
655
655
  }, {
656
656
  "class_name": "String",
@@ -660,7 +660,7 @@
660
660
  "action": "CUSTOM",
661
661
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Substitution",
662
662
  "patch_method": "sub_tagger",
663
- "source": "O,P",
663
+ "source": "O,P1",
664
664
  "target": "R"
665
665
  }, {
666
666
  "class_name": "String",
@@ -670,7 +670,7 @@
670
670
  "action": "CUSTOM",
671
671
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Substitution",
672
672
  "patch_method": "sub_tagger",
673
- "source": "O,P",
673
+ "source": "O,P1",
674
674
  "target": "O"
675
675
  }, {
676
676
  "class_name": "String",
@@ -680,7 +680,7 @@
680
680
  "action": "CUSTOM",
681
681
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Trim",
682
682
  "patch_method": "tr_tagger",
683
- "source": "O,P",
683
+ "source": "O,P1",
684
684
  "target": "R"
685
685
  }, {
686
686
  "class_name": "String",
@@ -690,7 +690,7 @@
690
690
  "action": "CUSTOM",
691
691
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Trim",
692
692
  "patch_method": "tr_tagger",
693
- "source": "O,P",
693
+ "source": "O,P1",
694
694
  "target": "O"
695
695
  }, {
696
696
  "class_name": "String",
@@ -700,7 +700,7 @@
700
700
  "action": "CUSTOM",
701
701
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Trim",
702
702
  "patch_method": "tr_s_tagger",
703
- "source": "O,P",
703
+ "source": "O,P1",
704
704
  "target": "R"
705
705
  }, {
706
706
  "class_name": "String",
@@ -710,7 +710,7 @@
710
710
  "action": "CUSTOM",
711
711
  "patch_class": "Contrast::Agent::Assess::Policy::Propagator::Trim",
712
712
  "patch_method": "tr_s_tagger",
713
- "source": "O,P",
713
+ "source": "O,P1",
714
714
  "target": "O"
715
715
  }, {
716
716
  "class_name": "String",
@@ -984,7 +984,7 @@
984
984
  "action": "CUSTOM",
985
985
  "patch_class": "Contrast::Extension::Assess::KernelPropagator",
986
986
  "patch_method": "sprintf_tagger",
987
- "source": "O,P",
987
+ "source": "O,P1",
988
988
  "target": "R"
989
989
  }, {
990
990
  "class_name":"ActiveRecord::ConnectionAdapters::Quoting",
@@ -55,6 +55,162 @@
55
55
  "instance_method":true,
56
56
  "method_visibility": "public",
57
57
  "method_name":"commit_session"
58
+ }, {
59
+ "class_name":"Rack::Session::Abstract::Persisted",
60
+ "instance_method":true,
61
+ "method_visibility": "private",
62
+ "method_name":"session_exists?",
63
+ "code": "https://github.com/rack/rack/blob/master/lib/rack/session/abstract/id.rb#L334"
64
+ }, {
65
+ "class_name":"ActionDispatch::Http::MimeNegotiation",
66
+ "instance_method":true,
67
+ "method_visibility": "public",
68
+ "method_name":"formats",
69
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/mime_negotiation.rb#L63"
70
+ }, {
71
+ "class_name":"ActionDispatch::FileHandler",
72
+ "instance_method":true,
73
+ "method_visibility": "public",
74
+ "method_name":"match?",
75
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/static.rb#L30"
76
+ }, {
77
+ "class_name":"ActionDispatch::Journey::Router",
78
+ "instance_method":true,
79
+ "method_visibility": "private",
80
+ "method_name":"find_routes",
81
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/journey/router.rb#L107"
82
+ }, {
83
+ "class_name":"ActionDispatch::Request",
84
+ "instance_method":true,
85
+ "method_visibility": "public",
86
+ "method_name":"controler_class_for",
87
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L84"
88
+ }, {
89
+ "class_name":"ActionDispatch::Request",
90
+ "instance_method":true,
91
+ "method_visibility": "public",
92
+ "method_name":"engine_script_name=",
93
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L158"
94
+ }, {
95
+ "class_name":"ActionDispatch::Request",
96
+ "instance_method":true,
97
+ "method_visibility": "public",
98
+ "method_name":"remote_ip",
99
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L286"
100
+ }, {
101
+ "class_name":"ActionDispatch::Request",
102
+ "instance_method":true,
103
+ "method_visibility": "public",
104
+ "method_name":"request_id",
105
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L302"
106
+ }, {
107
+ "class_name":"ActionDispatch::Request",
108
+ "instance_method":true,
109
+ "method_visibility": "public",
110
+ "method_name":"local?",
111
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/http/request.rb#L409"
112
+ }, {
113
+ "class_name":"ActionDispatch::Request",
114
+ "instance_method":true,
115
+ "method_visibility": "public",
116
+ "method_name":"cookie_jar",
117
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L11"
118
+ }, {
119
+ "class_name":"ActionDispatch::Request",
120
+ "instance_method":true,
121
+ "method_visibility": "public",
122
+ "method_name":"have_cookie_jar?",
123
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L24"
124
+ }, {
125
+ "class_name":"ActionDispatch::Request",
126
+ "instance_method":true,
127
+ "method_visibility": "public",
128
+ "method_name":"key_generator",
129
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L32"
130
+ }, {
131
+ "class_name":"ActionDispatch::Request",
132
+ "instance_method":true,
133
+ "method_visibility": "public",
134
+ "method_name":"signed_cookie_salt",
135
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L36"
136
+ }, {
137
+ "class_name":"ActionDispatch::Request",
138
+ "instance_method":true,
139
+ "method_visibility": "public",
140
+ "method_name":"encrypted_cookie_salt",
141
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L40"
142
+ }, {
143
+ "class_name":"ActionDispatch::Request",
144
+ "instance_method":true,
145
+ "method_visibility": "public",
146
+ "method_name":"encrypted_signed_cookie_salt",
147
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L44"
148
+ }, {
149
+ "class_name":"ActionDispatch::Request",
150
+ "instance_method":true,
151
+ "method_visibility": "public",
152
+ "method_name":"authenticated_encrypted_cookie_salt",
153
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L48"
154
+ }, {
155
+ "class_name":"ActionDispatch::Request",
156
+ "instance_method":true,
157
+ "method_visibility": "public",
158
+ "method_name":"use_authenticated_cookie_encryption",
159
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L52"
160
+ }, {
161
+ "class_name":"ActionDispatch::Request",
162
+ "instance_method":true,
163
+ "method_visibility": "public",
164
+ "method_name":"encrypted_cookie_cipher",
165
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L56"
166
+ }, {
167
+ "class_name":"ActionDispatch::Request",
168
+ "instance_method":true,
169
+ "method_visibility": "public",
170
+ "method_name":"signed_cookie_digest",
171
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L60"
172
+ }, {
173
+ "class_name":"ActionDispatch::Request",
174
+ "instance_method":true,
175
+ "method_visibility": "public",
176
+ "method_name":"secret_key_base",
177
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L64"
178
+ }, {
179
+ "class_name":"ActionDispatch::Request",
180
+ "instance_method":true,
181
+ "method_visibility": "public",
182
+ "method_name":"cookies_serializer",
183
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L68"
184
+ }, {
185
+ "class_name":"ActionDispatch::Request",
186
+ "instance_method":true,
187
+ "method_visibility": "public",
188
+ "method_name":"cookies_digest",
189
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L72"
190
+ }, {
191
+ "class_name":"ActionDispatch::Request",
192
+ "instance_method":true,
193
+ "method_visibility": "public",
194
+ "method_name":"cookies_rotations",
195
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L76"
196
+ }, {
197
+ "class_name":"ActionDispatch::Request",
198
+ "instance_method":true,
199
+ "method_visibility": "public",
200
+ "method_name":"use_cookies_with_metadata",
201
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L80"
202
+ }, {
203
+ "class_name":"ActionDispatch::Request::Session",
204
+ "instance_method":true,
205
+ "method_visibility": "public",
206
+ "method_name":"exists?",
207
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/request/session.rb#L201"
208
+ }, {
209
+ "class_name":"ActionView::Template",
210
+ "instance_method":true,
211
+ "method_visibility": "private",
212
+ "method_name":"method_name",
213
+ "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionview/lib/action_view/template.rb#L368"
58
214
  }
59
215
  ]
60
216
  }
@@ -379,6 +379,18 @@
379
379
  "method_visibility": "public",
380
380
  "applicator_method": "apply_rule__io",
381
381
  "properties": {}
382
+ },{
383
+ "class_name": "Nokogiri::XML::Document",
384
+ "method_name": "parse",
385
+ "instance_method": false,
386
+ "method_visibility": "public",
387
+ "properties": {}
388
+ }, {
389
+ "class_name": "Nokogiri::XML::SAX::Parser",
390
+ "method_name": "parse",
391
+ "instance_method": true,
392
+ "method_visibility": "public",
393
+ "properties": {}
382
394
  },{
383
395
  "class_name": "Nokogiri::XML::SAX::Parser",
384
396
  "method_name": "parse_memory",
@@ -21,6 +21,7 @@ end
21
21
  # Add those dependencies required to develop or test the Agent
22
22
  def self.add_dev_dependencies spec
23
23
  spec.add_development_dependency 'amazing_print'
24
+ spec.add_development_dependency 'benchmark-ips'
24
25
  spec.add_development_dependency 'bundler'
25
26
  spec.add_development_dependency 'climate_control' # mock ENV
26
27
  spec.add_development_dependency 'debase'
@@ -34,16 +35,18 @@ def self.add_dev_dependencies spec
34
35
  spec.add_development_dependency 'parser', '~> 2.6'
35
36
  spec.add_development_dependency 'pry'
36
37
  spec.add_development_dependency 'rails', '>= 3'
37
- spec.add_development_dependency 'rake', '~> 10.0'
38
+ spec.add_development_dependency 'rake', '>= 12.3.3'
38
39
  spec.add_development_dependency 'rake-compiler', '~> 0'
39
40
  spec.add_development_dependency 'rspec', '~> 3.0'
40
41
  spec.add_development_dependency 'rspec-benchmark'
41
42
  spec.add_development_dependency 'rspec_junit_formatter', '0.3.0'
42
- spec.add_development_dependency 'rubocop', '0.93.1'
43
- spec.add_development_dependency 'rubocop-performance', '1.8.1'
44
- spec.add_development_dependency 'rubocop-rspec', '1.43.2'
43
+ spec.add_development_dependency 'rubocop', '1.6.1'
44
+ spec.add_development_dependency 'rubocop-performance', '1.9.1'
45
+ spec.add_development_dependency 'rubocop-rails', '2.9.1'
46
+ spec.add_development_dependency 'rubocop-rake', '0.5.1'
47
+ spec.add_development_dependency 'rubocop-rspec', '2.1.0'
45
48
  spec.add_development_dependency 'ruby-debug-ide'
46
- spec.add_development_dependency 'simplecov', '~> 0.18'
49
+ spec.add_development_dependency 'simplecov', '0.20.0'
47
50
  spec.add_development_dependency 'sinatra', '>= 2'
48
51
  spec.add_development_dependency 'sqlite3', '1.3.9'
49
52
  spec.add_development_dependency 'therubyracer'
@@ -59,7 +62,7 @@ end
59
62
  # corresponding update to the fake gem server data in TeamServer.
60
63
  def self.add_dependencies spec
61
64
  spec.add_dependency 'ougai', '~> 1.8'
62
- spec.add_dependency 'parser', '~> 2.6'
65
+ spec.add_dependency 'parser', '~> 2.6' # TODO: RUBY-714 remove w/ EOL of 2.5
63
66
  spec.add_dependency 'protobuf', '~> 3.10'
64
67
  spec.add_dependency 'rack', '~> 2.0'
65
68
  end
@@ -1 +1 @@
1
- 2.16.0
1
+ 2.17.2