contrast-agent 4.3.2 → 4.4.0

data/lib/contrast/utils/invalid_configuration_util.rb

@@ -26,19 +26,9 @@ module Contrast
       def cs__report_finding rule_id, user_provided_options, call_location
         with_contrast_scope do
           finding = Contrast::Api::Dtm::Finding.new
-          finding.rule_id = rule_id
-          path = call_location.path
-          # just get the file name, not the full path
-          path = path.split(Contrast::Utils::ObjectShare::SLASH).last
-          session_id = user_provided_options[:key].to_s if user_provided_options
-
           finding.version = Contrast::Agent::Assess::Policy::TriggerMethod::CURRENT_FINDING_VERSION
-          finding.properties[CS__SESSION_ID] = Contrast::Utils::StringUtils.force_utf8(session_id)
-          finding.properties[CS__PATH] = Contrast::Utils::StringUtils.force_utf8(path)
-          file_path = call_location.absolute_path
-          snippet = file_snippet(file_path, call_location)
-          finding.properties[CS__SNIPPET] = Contrast::Utils::StringUtils.force_utf8(snippet)
-
+          finding.rule_id = rule_id
+          set_properties(finding, user_provided_options, call_location)
           hash = Contrast::Utils::HashDigest.generate_config_hash(finding)
           finding.hash_code = Contrast::Utils::StringUtils.force_utf8(hash)
           finding.preflight = Contrast::Utils::PreflightUtil.create_preflight(finding)
@@ -50,6 +40,25 @@ module Contrast
 
       private
 
+      # Set the properties needed to report and subsequently render this finding on the finding given.
+      #
+      # @param finding [Contrast::Api::Dtm::Finding] the configuration finding to populate
+      # @param user_provided_options [Hash] the configuration value(s) which
+      #   violated the rule
+      # @param call_location [Thread::Backtrace::Location] the location where
+      #   the bad configuration was set
+      def set_properties finding, user_provided_options, call_location
+        path = call_location.path
+        # just get the file name, not the full path
+        path = path.split(Contrast::Utils::ObjectShare::SLASH).last
+        session_id = user_provided_options[:key].to_s if user_provided_options
+        finding.properties[CS__SESSION_ID] = Contrast::Utils::StringUtils.force_utf8(session_id)
+        finding.properties[CS__PATH] = Contrast::Utils::StringUtils.force_utf8(path)
+        file_path = call_location.absolute_path
+        snippet = file_snippet(file_path, call_location)
+        finding.properties[CS__SNIPPET] = Contrast::Utils::StringUtils.force_utf8(snippet)
+      end
+
       def file_snippet file_path, call_location
         idx = call_location&.lineno
         if file_path && idx && File.exist?(file_path)

data/resources/assess/policy.json

@@ -1173,26 +1173,20 @@
           "instance_method": true,
           "method_visibility": "public",
           "method_name":"match",
-          "source":"P0",
-          "trigger_class": "Contrast::Agent::Assess::Rule::Redos",
-          "trigger_method": "regexp_complexity_check"
+          "source":"P0"
 
         }, {
           "class_name":"String",
           "instance_method": true,
           "method_visibility": "public",
           "method_name":"=~",
-          "source":"O",
-          "trigger_class": "Contrast::Agent::Assess::Rule::Redos",
-          "trigger_method": "regexp_complexity_check"
+          "source":"O"
         }, {
           "class_name":"Regexp",
           "instance_method": true,
           "method_visibility": "public",
           "method_name":"=~",
-          "source":"P0",
-          "trigger_class": "Contrast::Agent::Assess::Rule::Redos",
-          "trigger_method": "regexp_complexity_check"
+          "source":"P0"
 
         }
       ]

data/resources/deadzone/policy.json

@@ -205,6 +205,12 @@
       "method_visibility": "public",
       "method_name":"exists?",
       "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/request/session.rb#L201"
+    }, {
+      "class_name":"ActionView::Template",
+      "instance_method":true,
+      "method_visibility": "private",
+      "method_name":"method_name",
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionview/lib/action_view/template.rb#L368"
     }
   ]
 }

data/ruby-agent.gemspec

@@ -20,39 +20,77 @@ end
 
 # Add those dependencies required to develop or test the Agent
 def self.add_dev_dependencies spec
-  spec.add_development_dependency 'amazing_print'
-  spec.add_development_dependency 'benchmark-ips'
+  add_builders(spec)
+  add_debuggers(spec)
+  add_linters(spec)
+  add_specs(spec)
+end
+
+# Dependencies used to build the agent during development.
+def self.add_builders spec
   spec.add_development_dependency 'bundler'
-  spec.add_development_dependency 'climate_control' # mock ENV
-  spec.add_development_dependency 'debase'
+  spec.add_development_dependency 'rake', '>= 12.3.3'
+  spec.add_development_dependency 'rake-compiler', '~> 0'
+end
+
+# Dependencies used for local debugging during development.
+def self.add_debuggers spec
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'ruby-debug-ide'
+end
+
+# Dependencies used for framework testing.
+def self.add_frameworks spec
+  spec.add_development_dependency 'rails', '>= 3'
+  spec.add_development_dependency 'sinatra', '>= 2'
+end
+
+# Dependencies used for linting prior to commit.
+def self.add_linters spec
   spec.add_development_dependency 'debride'
-  spec.add_development_dependency 'execjs'
-  spec.add_development_dependency 'factory_bot'
-  spec.add_development_dependency 'fake_ftp'
   spec.add_development_dependency 'fasterer'
   spec.add_development_dependency 'flay'
+  add_rubocop(spec)
+end
+
+# Dependencies used to run our current RSpec test suite.
+def self.add_specs spec
+  add_coverage(spec)
+  add_frameworks(spec)
+  add_tested_gems(spec)
+
+  spec.add_development_dependency 'benchmark-ips'
+  spec.add_development_dependency 'climate_control' # mock ENV
+  spec.add_development_dependency 'factory_bot'
+  spec.add_development_dependency 'fake_ftp'
   spec.add_development_dependency 'openssl'
-  spec.add_development_dependency 'parser', '~> 2.6'
-  spec.add_development_dependency 'pry'
-  spec.add_development_dependency 'rails', '>= 3'
-  spec.add_development_dependency 'rake', '>= 12.3.3'
-  spec.add_development_dependency 'rake-compiler', '~> 0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rspec-benchmark'
   spec.add_development_dependency 'rspec_junit_formatter', '0.3.0'
+end
+
+def self.add_coverage spec
+  spec.add_development_dependency 'codecov'
+  spec.add_development_dependency 'simplecov', '0.20.0'
+end
+
+# Dependencies used to run all of our Rubocop during the linting phase.
+def self.add_rubocop spec
   spec.add_development_dependency 'rubocop', '1.6.1'
   spec.add_development_dependency 'rubocop-performance', '1.9.1'
   spec.add_development_dependency 'rubocop-rails', '2.9.1'
   spec.add_development_dependency 'rubocop-rake', '0.5.1'
   spec.add_development_dependency 'rubocop-rspec', '2.1.0'
-  spec.add_development_dependency 'ruby-debug-ide'
-  spec.add_development_dependency 'simplecov', '0.20.0'
-  spec.add_development_dependency 'sinatra', '>= 2'
+end
+
+# Dependencies not mocked out during RSpec that we test real code of, beyond just frameworks.
+def self.add_tested_gems spec
+  spec.add_development_dependency 'debase'
+  spec.add_development_dependency 'execjs'
   spec.add_development_dependency 'sqlite3', '1.3.9'
   spec.add_development_dependency 'therubyracer'
   spec.add_development_dependency 'tilt'
   spec.add_development_dependency 'xpath'
-  spec.add_development_dependency 'yarjuf', '~> 2.0'
 end
 
 # Add those dependencies required to run the Agent in customer applications.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 4.3.2
+  version: 4.4.0
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -13,10 +13,10 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-02-13 00:00:00.000000000 Z
+date: 2021-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: amazing_print
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -30,35 +30,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: benchmark-ips
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake-compiler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: climate_control
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -72,7 +72,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: debase
+  name: ruby-debug-ide
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -100,7 +100,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: execjs
+  name: fasterer
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -114,7 +114,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: factory_bot
+  name: flay
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -128,77 +128,77 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: fake_ftp
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.6.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.6.1
 - !ruby/object:Gem::Dependency
-  name: fasterer
+  name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.9.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.9.1
 - !ruby/object:Gem::Dependency
-  name: flay
+  name: rubocop-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.9.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.9.1
 - !ruby/object:Gem::Dependency
-  name: openssl
+  name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.5.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.5.1
 - !ruby/object:Gem::Dependency
-  name: parser
+  name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.6'
+        version: 2.1.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.6'
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: codecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -212,63 +212,49 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: 0.20.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: 0.20.0
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 12.3.3
-- !ruby/object:Gem::Dependency
-  name: rake-compiler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0'
+        version: '3'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: sinatra
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '2'
 - !ruby/object:Gem::Dependency
-  name: rspec-benchmark
+  name: debase
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -282,91 +268,77 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec_junit_formatter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.3.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.3.0
-- !ruby/object:Gem::Dependency
-  name: rubocop
+  name: execjs
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-performance
+  name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.9.1
+        version: 1.3.9
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.9.1
+        version: 1.3.9
 - !ruby/object:Gem::Dependency
-  name: rubocop-rails
+  name: therubyracer
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.9.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.9.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rake
+  name: tilt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rspec
+  name: xpath
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: ruby-debug-ide
+  name: benchmark-ips
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -380,49 +352,49 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: climate_control
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: sinatra
+  name: factory_bot
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: fake_ftp
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.9
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.3.9
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: therubyracer
+  name: openssl
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -436,21 +408,21 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: tilt
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: xpath
+  name: rspec-benchmark
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -464,19 +436,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: yarjuf
+  name: rspec_junit_formatter
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 0.3.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 0.3.0
 - !ruby/object:Gem::Dependency
   name: ougai
   requirement: !ruby/object:Gem::Requirement
@@ -792,6 +764,7 @@ files:
 - lib/contrast/agent/assess/policy/trigger/xpath.rb
 - lib/contrast/agent/assess/policy/trigger_method.rb
 - lib/contrast/agent/assess/policy/trigger_node.rb
+- lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb
 - lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb
 - lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb
 - lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb
@@ -799,13 +772,10 @@ files:
 - lib/contrast/agent/assess/property/evented.rb
 - lib/contrast/agent/assess/property/tagged.rb
 - lib/contrast/agent/assess/property/updated.rb
-- lib/contrast/agent/assess/rule.rb
-- lib/contrast/agent/assess/rule/base.rb
 - lib/contrast/agent/assess/rule/provider.rb
 - lib/contrast/agent/assess/rule/provider/hardcoded_key.rb
 - lib/contrast/agent/assess/rule/provider/hardcoded_password.rb
 - lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb
-- lib/contrast/agent/assess/rule/redos.rb
 - lib/contrast/agent/assess/tag.rb
 - lib/contrast/agent/assess/tracker.rb
 - lib/contrast/agent/at_exit_hook.rb
@@ -892,7 +862,9 @@ files:
 - lib/contrast/api/communication/unix_socket.rb
 - lib/contrast/api/decorators.rb
 - lib/contrast/api/decorators/address.rb
+- lib/contrast/api/decorators/agent_startup.rb
 - lib/contrast/api/decorators/application_settings.rb
+- lib/contrast/api/decorators/application_startup.rb
 - lib/contrast/api/decorators/application_update.rb
 - lib/contrast/api/decorators/http_request.rb
 - lib/contrast/api/decorators/input_analysis.rb
@@ -978,8 +950,6 @@ files:
 - lib/contrast/framework/rails/rewrite/active_record_named.rb
 - lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb
 - lib/contrast/framework/rails/support.rb
-- lib/contrast/framework/sinatra/patch/base.rb
-- lib/contrast/framework/sinatra/patch/support.rb
 - lib/contrast/framework/sinatra/support.rb
 - lib/contrast/funchook/funchook.rb
 - lib/contrast/logger/application.rb
@@ -1004,7 +974,6 @@ files:
 - lib/contrast/utils/object_share.rb
 - lib/contrast/utils/os.rb
 - lib/contrast/utils/preflight_util.rb
-- lib/contrast/utils/prevent_serialization.rb
 - lib/contrast/utils/resource_loader.rb
 - lib/contrast/utils/ruby_ast_rewriter.rb
 - lib/contrast/utils/sha256_builder.rb