contrast-agent 4.3.2 → 4.7.0

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 4.3.2
+  version: 4.7.0
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -13,10 +13,10 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-02-13 00:00:00.000000000 Z
+date: 2021-05-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: amazing_print
+  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -30,35 +30,35 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: benchmark-ips
+  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 12.3.3
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: rake-compiler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: climate_control
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -72,7 +72,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: debase
+  name: ruby-debug-ide
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -89,186 +89,186 @@ dependencies:
   name: debride
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.8.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.8.2
 - !ruby/object:Gem::Dependency
-  name: execjs
+  name: fasterer
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.9.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.9.0
 - !ruby/object:Gem::Dependency
-  name: factory_bot
+  name: flay
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.12.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.12.1
 - !ruby/object:Gem::Dependency
-  name: fake_ftp
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.13.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.13.0
 - !ruby/object:Gem::Dependency
-  name: fasterer
+  name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.11.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.11.0
 - !ruby/object:Gem::Dependency
-  name: flay
+  name: rubocop-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.9.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.9.1
 - !ruby/object:Gem::Dependency
-  name: openssl
+  name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.5.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.5.1
 - !ruby/object:Gem::Dependency
-  name: parser
+  name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.6'
+        version: 2.2.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - '='
       - !ruby/object:Gem::Version
-        version: '2.6'
+        version: 2.2.0
 - !ruby/object:Gem::Dependency
-  name: pry
+  name: codecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.5.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.5.2
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: simplecov
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: 0.21.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '3'
+        version: 0.21.2
 - !ruby/object:Gem::Dependency
-  name: rake
+  name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: 6.0.3.5
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: 12.3.3
+        version: 6.0.3.5
 - !ruby/object:Gem::Dependency
-  name: rake-compiler
+  name: sinatra
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '2'
 - !ruby/object:Gem::Dependency
-  name: rspec
+  name: async
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec-benchmark
+  name: execjs
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -282,91 +282,91 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: rspec_junit_formatter
+  name: sqlite3
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.3.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop
+  name: therubyracer
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.6.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-performance
+  name: tilt
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.9.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.9.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rails
+  name: xpath
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.9.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.9.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rake
+  name: benchmark-ips
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.1
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.5.1
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: rubocop-rspec
+  name: climate_control
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.1.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: ruby-debug-ide
+  name: factory_bot
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -380,49 +380,49 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: fake_ftp
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: sinatra
+  name: openssl
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: sqlite3
+  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.9
+        version: '3.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.3.9
+        version: '3.0'
 - !ruby/object:Gem::Dependency
-  name: therubyracer
+  name: rspec-benchmark
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -436,47 +436,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: tilt
+  name: rspec_junit_formatter
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.3.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.3.0
 - !ruby/object:Gem::Dependency
-  name: xpath
+  name: rspec-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '5.0'
 - !ruby/object:Gem::Dependency
-  name: yarjuf
+  name: tzinfo-data
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: ougai
   requirement: !ruby/object:Gem::Requirement
@@ -495,14 +495,14 @@ dependencies:
   name: parser
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '2.6'
 - !ruby/object:Gem::Dependency
@@ -541,20 +541,20 @@ executables:
 - contrast_service
 extensions:
 - ext/cs__common/extconf.rb
-- ext/cs__assess_active_record_named/extconf.rb
 - ext/cs__assess_string/extconf.rb
-- ext/cs__assess_kernel/extconf.rb
-- ext/cs__assess_basic_object/extconf.rb
+- ext/cs__protect_kernel/extconf.rb
 - ext/cs__assess_regexp/extconf.rb
+- ext/cs__contrast_patch/extconf.rb
+- ext/cs__assess_array/extconf.rb
 - ext/cs__assess_yield_track/extconf.rb
 - ext/cs__assess_fiber_track/extconf.rb
+- ext/cs__assess_marshal_module/extconf.rb
+- ext/cs__assess_basic_object/extconf.rb
+- ext/cs__assess_module/extconf.rb
+- ext/cs__assess_kernel/extconf.rb
 - ext/cs__assess_hash/extconf.rb
-- ext/cs__assess_array/extconf.rb
+- ext/cs__assess_active_record_named/extconf.rb
 - ext/cs__assess_string_interpolation26/extconf.rb
-- ext/cs__assess_module/extconf.rb
-- ext/cs__assess_marshal_module/extconf.rb
-- ext/cs__contrast_patch/extconf.rb
-- ext/cs__protect_kernel/extconf.rb
 extra_rdoc_files: []
 files:
 - ".clang-format"
@@ -792,6 +792,7 @@ files:
 - lib/contrast/agent/assess/policy/trigger/xpath.rb
 - lib/contrast/agent/assess/policy/trigger_method.rb
 - lib/contrast/agent/assess/policy/trigger_node.rb
+- lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb
 - lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb
 - lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb
 - lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb
@@ -799,13 +800,10 @@ files:
 - lib/contrast/agent/assess/property/evented.rb
 - lib/contrast/agent/assess/property/tagged.rb
 - lib/contrast/agent/assess/property/updated.rb
-- lib/contrast/agent/assess/rule.rb
-- lib/contrast/agent/assess/rule/base.rb
 - lib/contrast/agent/assess/rule/provider.rb
 - lib/contrast/agent/assess/rule/provider/hardcoded_key.rb
 - lib/contrast/agent/assess/rule/provider/hardcoded_password.rb
 - lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb
-- lib/contrast/agent/assess/rule/redos.rb
 - lib/contrast/agent/assess/tag.rb
 - lib/contrast/agent/assess/tracker.rb
 - lib/contrast/agent/at_exit_hook.rb
@@ -818,7 +816,6 @@ files:
 - lib/contrast/agent/inventory/dependencies.rb
 - lib/contrast/agent/inventory/dependency_analysis.rb
 - lib/contrast/agent/inventory/dependency_usage_analysis.rb
-- lib/contrast/agent/inventory/gemfile_digest_cache.rb
 - lib/contrast/agent/inventory/policy/datastores.rb
 - lib/contrast/agent/inventory/policy/policy.rb
 - lib/contrast/agent/inventory/policy/trigger_node.rb
@@ -892,10 +889,13 @@ files:
 - lib/contrast/api/communication/unix_socket.rb
 - lib/contrast/api/decorators.rb
 - lib/contrast/api/decorators/address.rb
+- lib/contrast/api/decorators/agent_startup.rb
 - lib/contrast/api/decorators/application_settings.rb
+- lib/contrast/api/decorators/application_startup.rb
 - lib/contrast/api/decorators/application_update.rb
 - lib/contrast/api/decorators/http_request.rb
 - lib/contrast/api/decorators/input_analysis.rb
+- lib/contrast/api/decorators/instrumentation_mode.rb
 - lib/contrast/api/decorators/library.rb
 - lib/contrast/api/decorators/library_usage_update.rb
 - lib/contrast/api/decorators/message.rb
@@ -910,7 +910,6 @@ files:
 - lib/contrast/api/decorators/user_input.rb
 - lib/contrast/api/dtm.pb.rb
 - lib/contrast/api/settings.pb.rb
-- lib/contrast/common_agent_configuration.rb
 - lib/contrast/components/agent.rb
 - lib/contrast/components/app_context.rb
 - lib/contrast/components/assess.rb
@@ -944,6 +943,7 @@ files:
 - lib/contrast/config/server_configuration.rb
 - lib/contrast/config/service_configuration.rb
 - lib/contrast/configuration.rb
+- lib/contrast/delegators/input_analysis.rb
 - lib/contrast/extension/assess.rb
 - lib/contrast/extension/assess/array.rb
 - lib/contrast/extension/assess/erb.rb
@@ -978,8 +978,6 @@ files:
 - lib/contrast/framework/rails/rewrite/active_record_named.rb
 - lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb
 - lib/contrast/framework/rails/support.rb
-- lib/contrast/framework/sinatra/patch/base.rb
-- lib/contrast/framework/sinatra/patch/support.rb
 - lib/contrast/framework/sinatra/support.rb
 - lib/contrast/funchook/funchook.rb
 - lib/contrast/logger/application.rb
@@ -1004,7 +1002,6 @@ files:
 - lib/contrast/utils/object_share.rb
 - lib/contrast/utils/os.rb
 - lib/contrast/utils/preflight_util.rb
-- lib/contrast/utils/prevent_serialization.rb
 - lib/contrast/utils/resource_loader.rb
 - lib/contrast/utils/ruby_ast_rewriter.rb
 - lib/contrast/utils/sha256_builder.rb
@@ -1024,6 +1021,7 @@ files:
 - service_executables/linux/contrast-service
 - service_executables/mac/contrast-service
 - shared_libraries/.gitkeep
+- sonar-project.properties
 homepage: https://www.contrastsecurity.com
 licenses:
 - CONTRAST SECURITY (see license file)
@@ -1044,14 +1042,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 2.5.0
   - - "<"
     - !ruby/object:Gem::Version
-      version: 2.8.0
+      version: 3.1.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Contrast Security's agent for rack-based applications.