contrast-agent 4.4.0 → 4.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitmodules +1 -1
- data/.simplecov +1 -1
- data/Gemfile +1 -1
- data/LICENSE.txt +1 -1
- data/Rakefile +2 -3
- data/exe/contrast_service +1 -1
- data/ext/build_funchook.rb +4 -4
- data/ext/cs__assess_active_record_named/cs__active_record_named.c +1 -1
- data/ext/cs__assess_active_record_named/extconf.rb +1 -1
- data/ext/cs__assess_array/cs__assess_array.c +1 -1
- data/ext/cs__assess_array/extconf.rb +1 -1
- data/ext/cs__assess_basic_object/cs__assess_basic_object.c +1 -1
- data/ext/cs__assess_basic_object/extconf.rb +1 -1
- data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c +1 -1
- data/ext/cs__assess_fiber_track/extconf.rb +1 -1
- data/ext/cs__assess_hash/cs__assess_hash.c +4 -2
- data/ext/cs__assess_hash/extconf.rb +1 -1
- data/ext/cs__assess_kernel/cs__assess_kernel.c +1 -1
- data/ext/cs__assess_kernel/extconf.rb +1 -1
- data/ext/cs__assess_marshal_module/cs__assess_marshal_module.c +1 -1
- data/ext/cs__assess_marshal_module/extconf.rb +1 -1
- data/ext/cs__assess_module/cs__assess_module.c +1 -1
- data/ext/cs__assess_module/extconf.rb +1 -1
- data/ext/cs__assess_regexp/cs__assess_regexp.c +1 -1
- data/ext/cs__assess_regexp/extconf.rb +1 -1
- data/ext/cs__assess_string/cs__assess_string.c +1 -1
- data/ext/cs__assess_string/extconf.rb +1 -1
- data/ext/cs__assess_string_interpolation26/cs__assess_string_interpolation26.c +1 -1
- data/ext/cs__assess_string_interpolation26/extconf.rb +1 -1
- data/ext/cs__assess_yield_track/cs__assess_yield_track.c +1 -1
- data/ext/cs__assess_yield_track/extconf.rb +1 -1
- data/ext/cs__common/cs__common.c +5 -5
- data/ext/cs__common/cs__common.h +4 -4
- data/ext/cs__common/extconf.rb +1 -1
- data/ext/cs__contrast_patch/cs__contrast_patch.c +22 -25
- data/ext/cs__contrast_patch/extconf.rb +1 -1
- data/ext/cs__protect_kernel/cs__protect_kernel.c +1 -1
- data/ext/cs__protect_kernel/extconf.rb +1 -1
- data/ext/extconf_common.rb +2 -6
- data/lib/contrast-agent.rb +1 -1
- data/lib/contrast.rb +20 -1
- data/lib/contrast/agent.rb +1 -3
- data/lib/contrast/agent/assess.rb +2 -2
- data/lib/contrast/agent/assess/contrast_event.rb +54 -69
- data/lib/contrast/agent/assess/contrast_object.rb +3 -3
- data/lib/contrast/agent/assess/events/event_factory.rb +3 -2
- data/lib/contrast/agent/assess/events/source_event.rb +7 -2
- data/lib/contrast/agent/assess/finalizers/freeze.rb +1 -1
- data/lib/contrast/agent/assess/finalizers/hash.rb +26 -34
- data/lib/contrast/agent/assess/policy/dynamic_source_factory.rb +24 -20
- data/lib/contrast/agent/assess/policy/patcher.rb +11 -18
- data/lib/contrast/agent/assess/policy/policy.rb +1 -1
- data/lib/contrast/agent/assess/policy/policy_node.rb +26 -34
- data/lib/contrast/agent/assess/policy/policy_scanner.rb +1 -1
- data/lib/contrast/agent/assess/policy/preshift.rb +4 -2
- data/lib/contrast/agent/assess/policy/propagation_method.rb +8 -21
- data/lib/contrast/agent/assess/policy/propagation_node.rb +20 -9
- data/lib/contrast/agent/assess/policy/propagator.rb +2 -1
- data/lib/contrast/agent/assess/policy/propagator/append.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/base.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/center.rb +3 -2
- data/lib/contrast/agent/assess/policy/propagator/custom.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/database_write.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/insert.rb +4 -2
- data/lib/contrast/agent/assess/policy/propagator/keep.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/match_data.rb +3 -2
- data/lib/contrast/agent/assess/policy/propagator/next.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/prepend.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/rack_protection.rb +73 -0
- data/lib/contrast/agent/assess/policy/propagator/remove.rb +23 -19
- data/lib/contrast/agent/assess/policy/propagator/replace.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/reverse.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/select.rb +3 -13
- data/lib/contrast/agent/assess/policy/propagator/splat.rb +1 -1
- data/lib/contrast/agent/assess/policy/propagator/split.rb +4 -8
- data/lib/contrast/agent/assess/policy/propagator/substitution.rb +2 -8
- data/lib/contrast/agent/assess/policy/propagator/trim.rb +64 -45
- data/lib/contrast/agent/assess/policy/rewriter_patch.rb +7 -4
- data/lib/contrast/agent/assess/policy/source_method.rb +92 -81
- data/lib/contrast/agent/assess/policy/source_node.rb +1 -1
- data/lib/contrast/agent/assess/policy/source_validation/cross_site_validator.rb +8 -6
- data/lib/contrast/agent/assess/policy/source_validation/source_validation.rb +2 -4
- data/lib/contrast/agent/assess/policy/trigger/reflected_xss.rb +7 -3
- data/lib/contrast/agent/assess/policy/trigger/xpath.rb +7 -8
- data/lib/contrast/agent/assess/policy/trigger_method.rb +102 -74
- data/lib/contrast/agent/assess/policy/trigger_node.rb +5 -4
- data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +5 -4
- data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +2 -3
- data/lib/contrast/agent/assess/policy/trigger_validation/trigger_validation.rb +1 -1
- data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +2 -9
- data/lib/contrast/agent/assess/properties.rb +1 -1
- data/lib/contrast/agent/assess/property/evented.rb +9 -6
- data/lib/contrast/agent/assess/property/tagged.rb +1 -1
- data/lib/contrast/agent/assess/property/updated.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider.rb +1 -1
- data/lib/contrast/agent/assess/rule/provider/hardcoded_key.rb +12 -6
- data/lib/contrast/agent/assess/rule/provider/hardcoded_password.rb +5 -2
- data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +4 -6
- data/lib/contrast/agent/assess/tag.rb +1 -1
- data/lib/contrast/agent/assess/tracker.rb +1 -1
- data/lib/contrast/agent/at_exit_hook.rb +1 -1
- data/lib/contrast/agent/class_reopener.rb +4 -2
- data/lib/contrast/agent/deadzone/policy/deadzone_node.rb +1 -1
- data/lib/contrast/agent/deadzone/policy/policy.rb +7 -3
- data/lib/contrast/agent/disable_reaction.rb +2 -4
- data/lib/contrast/agent/exclusion_matcher.rb +6 -12
- data/lib/contrast/agent/inventory.rb +1 -2
- data/lib/contrast/agent/inventory/dependencies.rb +3 -1
- data/lib/contrast/agent/inventory/dependency_analysis.rb +1 -1
- data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +35 -23
- data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
- data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
- data/lib/contrast/agent/inventory/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/middleware.rb +38 -67
- data/lib/contrast/agent/module_data.rb +4 -4
- data/lib/contrast/agent/patching/policy/after_load_patch.rb +1 -1
- data/lib/contrast/agent/patching/policy/after_load_patcher.rb +9 -4
- data/lib/contrast/agent/patching/policy/method_policy.rb +7 -3
- data/lib/contrast/agent/patching/policy/module_policy.rb +15 -8
- data/lib/contrast/agent/patching/policy/patch.rb +23 -29
- data/lib/contrast/agent/patching/policy/patch_status.rb +7 -8
- data/lib/contrast/agent/patching/policy/patcher.rb +23 -22
- data/lib/contrast/agent/patching/policy/policy.rb +14 -21
- data/lib/contrast/agent/patching/policy/policy_node.rb +15 -5
- data/lib/contrast/agent/patching/policy/trigger_node.rb +22 -9
- data/lib/contrast/agent/protect/policy/applies_command_injection_rule.rb +2 -2
- data/lib/contrast/agent/protect/policy/applies_deserialization_rule.rb +2 -2
- data/lib/contrast/agent/protect/policy/applies_no_sqli_rule.rb +2 -2
- data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +3 -4
- data/lib/contrast/agent/protect/policy/applies_sqli_rule.rb +2 -2
- data/lib/contrast/agent/protect/policy/applies_xxe_rule.rb +6 -10
- data/lib/contrast/agent/protect/policy/policy.rb +1 -1
- data/lib/contrast/agent/protect/policy/rule_applicator.rb +6 -6
- data/lib/contrast/agent/protect/policy/trigger_node.rb +1 -1
- data/lib/contrast/agent/protect/rule.rb +1 -1
- data/lib/contrast/agent/protect/rule/base.rb +19 -33
- data/lib/contrast/agent/protect/rule/base_service.rb +10 -6
- data/lib/contrast/agent/protect/rule/cmd_injection.rb +15 -19
- data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/deserialization.rb +7 -14
- data/lib/contrast/agent/protect/rule/http_method_tampering.rb +4 -15
- data/lib/contrast/agent/protect/rule/no_sqli.rb +7 -3
- data/lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb +2 -4
- data/lib/contrast/agent/protect/rule/path_traversal.rb +6 -6
- data/lib/contrast/agent/protect/rule/sqli.rb +3 -3
- data/lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb +2 -2
- data/lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb +1 -1
- data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +2 -2
- data/lib/contrast/agent/protect/rule/xss.rb +2 -2
- data/lib/contrast/agent/protect/rule/xxe.rb +6 -13
- data/lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb +2 -3
- data/lib/contrast/agent/reaction_processor.rb +12 -11
- data/lib/contrast/agent/request.rb +25 -24
- data/lib/contrast/agent/request_context.rb +13 -23
- data/lib/contrast/agent/request_handler.rb +1 -1
- data/lib/contrast/agent/response.rb +1 -1
- data/lib/contrast/agent/rewriter.rb +6 -4
- data/lib/contrast/agent/rule_set.rb +3 -3
- data/lib/contrast/agent/scope.rb +1 -1
- data/lib/contrast/agent/service_heartbeat.rb +3 -4
- data/lib/contrast/agent/static_analysis.rb +1 -1
- data/lib/contrast/agent/thread.rb +1 -1
- data/lib/contrast/agent/thread_watcher.rb +1 -1
- data/lib/contrast/agent/tracepoint_hook.rb +2 -2
- data/lib/contrast/agent/version.rb +2 -2
- data/lib/contrast/agent/worker_thread.rb +1 -1
- data/lib/contrast/api.rb +1 -1
- data/lib/contrast/api/communication.rb +1 -1
- data/lib/contrast/api/communication/connection_status.rb +1 -1
- data/lib/contrast/api/communication/messaging_queue.rb +1 -1
- data/lib/contrast/api/communication/response_processor.rb +5 -7
- data/lib/contrast/api/communication/service_lifecycle.rb +5 -3
- data/lib/contrast/api/communication/socket.rb +1 -1
- data/lib/contrast/api/communication/socket_client.rb +9 -22
- data/lib/contrast/api/communication/speedracer.rb +6 -10
- data/lib/contrast/api/communication/tcp_socket.rb +1 -1
- data/lib/contrast/api/communication/unix_socket.rb +1 -1
- data/lib/contrast/api/decorators.rb +1 -1
- data/lib/contrast/api/decorators/address.rb +1 -1
- data/lib/contrast/api/decorators/agent_startup.rb +1 -1
- data/lib/contrast/api/decorators/application_settings.rb +1 -1
- data/lib/contrast/api/decorators/application_startup.rb +10 -4
- data/lib/contrast/api/decorators/application_update.rb +1 -1
- data/lib/contrast/api/decorators/http_request.rb +1 -1
- data/lib/contrast/api/decorators/input_analysis.rb +1 -1
- data/lib/contrast/api/decorators/instrumentation_mode.rb +37 -0
- data/lib/contrast/api/decorators/library.rb +9 -7
- data/lib/contrast/api/decorators/library_usage_update.rb +1 -1
- data/lib/contrast/api/decorators/message.rb +4 -4
- data/lib/contrast/api/decorators/rasp_rule_sample.rb +1 -1
- data/lib/contrast/api/decorators/route_coverage.rb +1 -1
- data/lib/contrast/api/decorators/server_features.rb +1 -1
- data/lib/contrast/api/decorators/trace_event.rb +4 -2
- data/lib/contrast/api/decorators/trace_event_object.rb +2 -4
- data/lib/contrast/api/decorators/trace_event_signature.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range.rb +1 -1
- data/lib/contrast/api/decorators/trace_taint_range_tags.rb +2 -7
- data/lib/contrast/api/decorators/user_input.rb +1 -1
- data/lib/contrast/components/agent.rb +14 -15
- data/lib/contrast/components/app_context.rb +7 -7
- data/lib/contrast/components/assess.rb +6 -11
- data/lib/contrast/components/config.rb +3 -2
- data/lib/contrast/components/contrast_service.rb +8 -9
- data/lib/contrast/components/heap_dump.rb +1 -1
- data/lib/contrast/components/interface.rb +4 -3
- data/lib/contrast/components/inventory.rb +1 -1
- data/lib/contrast/components/logger.rb +1 -1
- data/lib/contrast/components/protect.rb +11 -14
- data/lib/contrast/components/sampling.rb +9 -3
- data/lib/contrast/components/scope.rb +2 -1
- data/lib/contrast/components/settings.rb +27 -98
- data/lib/contrast/config.rb +1 -1
- data/lib/contrast/config/agent_configuration.rb +1 -1
- data/lib/contrast/config/application_configuration.rb +1 -1
- data/lib/contrast/config/assess_configuration.rb +1 -1
- data/lib/contrast/config/assess_rules_configuration.rb +2 -4
- data/lib/contrast/config/base_configuration.rb +5 -6
- data/lib/contrast/config/default_value.rb +1 -1
- data/lib/contrast/config/exception_configuration.rb +2 -6
- data/lib/contrast/config/heap_dump_configuration.rb +13 -7
- data/lib/contrast/config/inventory_configuration.rb +1 -1
- data/lib/contrast/config/logger_configuration.rb +2 -6
- data/lib/contrast/config/protect_configuration.rb +1 -1
- data/lib/contrast/config/protect_rule_configuration.rb +23 -1
- data/lib/contrast/config/protect_rules_configuration.rb +1 -1
- data/lib/contrast/config/root_configuration.rb +1 -1
- data/lib/contrast/config/ruby_configuration.rb +1 -1
- data/lib/contrast/config/sampling_configuration.rb +1 -1
- data/lib/contrast/config/server_configuration.rb +1 -1
- data/lib/contrast/config/service_configuration.rb +1 -1
- data/lib/contrast/configuration.rb +4 -15
- data/lib/contrast/delegators/input_analysis.rb +12 -0
- data/lib/contrast/extension/assess.rb +1 -1
- data/lib/contrast/extension/assess/array.rb +2 -7
- data/lib/contrast/extension/assess/erb.rb +2 -8
- data/lib/contrast/extension/assess/eval_trigger.rb +3 -11
- data/lib/contrast/extension/assess/exec_trigger.rb +4 -14
- data/lib/contrast/extension/assess/fiber.rb +3 -13
- data/lib/contrast/extension/assess/hash.rb +1 -1
- data/lib/contrast/extension/assess/kernel.rb +3 -10
- data/lib/contrast/extension/assess/marshal.rb +3 -11
- data/lib/contrast/extension/assess/regexp.rb +2 -7
- data/lib/contrast/extension/assess/string.rb +4 -2
- data/lib/contrast/extension/delegator.rb +1 -1
- data/lib/contrast/extension/inventory.rb +1 -1
- data/lib/contrast/extension/kernel.rb +5 -3
- data/lib/contrast/extension/module.rb +1 -1
- data/lib/contrast/extension/protect.rb +1 -1
- data/lib/contrast/extension/protect/kernel.rb +1 -1
- data/lib/contrast/extension/protect/psych.rb +1 -1
- data/lib/contrast/extension/thread.rb +1 -1
- data/lib/contrast/framework/base_support.rb +1 -1
- data/lib/contrast/framework/manager.rb +5 -9
- data/lib/contrast/framework/platform_version.rb +1 -1
- data/lib/contrast/framework/rack/patch/session_cookie.rb +6 -19
- data/lib/contrast/framework/rack/patch/support.rb +7 -5
- data/lib/contrast/framework/rack/support.rb +1 -1
- data/lib/contrast/framework/rails/patch/action_controller_live_buffer.rb +1 -1
- data/lib/contrast/framework/rails/patch/assess_configuration.rb +8 -3
- data/lib/contrast/framework/rails/patch/rails_application_configuration.rb +4 -4
- data/lib/contrast/framework/rails/patch/support.rb +6 -4
- data/lib/contrast/framework/rails/railtie.rb +32 -0
- data/lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb +5 -2
- data/lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb +3 -1
- data/lib/contrast/framework/rails/rewrite/active_record_named.rb +3 -1
- data/lib/contrast/framework/rails/rewrite/active_record_time_zone_inherited.rb +3 -1
- data/lib/contrast/framework/rails/support.rb +3 -3
- data/lib/contrast/framework/sinatra/support.rb +4 -2
- data/lib/contrast/funchook/funchook.rb +2 -6
- data/lib/contrast/logger/application.rb +13 -10
- data/lib/contrast/logger/format.rb +3 -6
- data/lib/contrast/logger/log.rb +5 -4
- data/lib/contrast/logger/request.rb +2 -3
- data/lib/contrast/logger/time.rb +1 -1
- data/lib/contrast/security_exception.rb +2 -2
- data/lib/contrast/tasks/config.rb +1 -1
- data/lib/contrast/tasks/service.rb +6 -2
- data/lib/contrast/utils/assess/sampling_util.rb +1 -1
- data/lib/contrast/utils/assess/tracking_util.rb +2 -3
- data/lib/contrast/utils/class_util.rb +15 -11
- data/lib/contrast/utils/duck_utils.rb +1 -1
- data/lib/contrast/utils/env_configuration_item.rb +1 -1
- data/lib/contrast/utils/hash_digest.rb +16 -24
- data/lib/contrast/utils/heap_dump_util.rb +1 -1
- data/lib/contrast/utils/invalid_configuration_util.rb +1 -1
- data/lib/contrast/utils/inventory_util.rb +1 -1
- data/lib/contrast/utils/io_util.rb +2 -2
- data/lib/contrast/utils/job_servers_running.rb +10 -5
- data/lib/contrast/utils/object_share.rb +1 -1
- data/lib/contrast/utils/os.rb +3 -2
- data/lib/contrast/utils/preflight_util.rb +1 -1
- data/lib/contrast/utils/resource_loader.rb +1 -1
- data/lib/contrast/utils/ruby_ast_rewriter.rb +3 -2
- data/lib/contrast/utils/sha256_builder.rb +1 -1
- data/lib/contrast/utils/stack_trace_utils.rb +1 -1
- data/lib/contrast/utils/string_utils.rb +1 -1
- data/lib/contrast/utils/tag_util.rb +1 -1
- data/lib/contrast/utils/thread_tracker.rb +1 -1
- data/lib/contrast/utils/timer.rb +1 -1
- data/resources/assess/policy.json +60 -2
- data/resources/deadzone/policy.json +7 -23
- data/ruby-agent.gemspec +22 -20
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- data/sonar-project.properties +9 -0
- metadata +94 -50
- data/lib/contrast/agent/inventory/gemfile_digest_cache.rb +0 -38
- data/lib/contrast/agent/railtie.rb +0 -31
- data/lib/contrast/common_agent_configuration.rb +0 -87
data/ruby-agent.gemspec
CHANGED
@@ -1,4 +1,4 @@
|
|
1
|
-
# Copyright (c)
|
1
|
+
# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
|
2
2
|
# frozen_string_literal: true
|
3
3
|
|
4
4
|
require_relative './lib/contrast/agent/version'
|
@@ -22,7 +22,7 @@ end
|
|
22
22
|
def self.add_dev_dependencies spec
|
23
23
|
add_builders(spec)
|
24
24
|
add_debuggers(spec)
|
25
|
-
add_linters(spec)
|
25
|
+
add_linters(spec) # if RUBY_VERSION >= '2.6.0' # TODO: RUBY-714 remove guard w/ EOL of 2.5
|
26
26
|
add_specs(spec)
|
27
27
|
end
|
28
28
|
|
@@ -41,15 +41,16 @@ end
|
|
41
41
|
|
42
42
|
# Dependencies used for framework testing.
|
43
43
|
def self.add_frameworks spec
|
44
|
-
spec.add_development_dependency '
|
44
|
+
spec.add_development_dependency 'rack-protection', '>= 2'
|
45
|
+
spec.add_development_dependency 'rails', '6.0.3.5'
|
45
46
|
spec.add_development_dependency 'sinatra', '>= 2'
|
46
47
|
end
|
47
48
|
|
48
49
|
# Dependencies used for linting prior to commit.
|
49
50
|
def self.add_linters spec
|
50
|
-
spec.add_development_dependency 'debride'
|
51
|
-
spec.add_development_dependency 'fasterer'
|
52
|
-
spec.add_development_dependency 'flay'
|
51
|
+
spec.add_development_dependency 'debride', '1.8.2'
|
52
|
+
spec.add_development_dependency 'fasterer', '0.9.0'
|
53
|
+
spec.add_development_dependency 'flay', '2.12.1'
|
53
54
|
add_rubocop(spec)
|
54
55
|
end
|
55
56
|
|
@@ -67,28 +68,30 @@ def self.add_specs spec
|
|
67
68
|
spec.add_development_dependency 'rspec', '~> 3.0'
|
68
69
|
spec.add_development_dependency 'rspec-benchmark'
|
69
70
|
spec.add_development_dependency 'rspec_junit_formatter', '0.3.0'
|
71
|
+
spec.add_development_dependency 'rspec-rails', '5.0'
|
72
|
+
spec.add_development_dependency 'tzinfo-data' # Alpine rspec-rails requirement.
|
70
73
|
end
|
71
74
|
|
72
75
|
def self.add_coverage spec
|
73
|
-
spec.add_development_dependency 'codecov'
|
74
|
-
spec.add_development_dependency 'simplecov', '0.
|
76
|
+
spec.add_development_dependency 'codecov', '0.5.2'
|
77
|
+
spec.add_development_dependency 'simplecov', '0.21.2'
|
75
78
|
end
|
76
79
|
|
77
80
|
# Dependencies used to run all of our Rubocop during the linting phase.
|
78
81
|
def self.add_rubocop spec
|
79
|
-
spec.add_development_dependency 'rubocop', '1.
|
80
|
-
spec.add_development_dependency 'rubocop-performance', '1.
|
82
|
+
spec.add_development_dependency 'rubocop', '1.13.0'
|
83
|
+
spec.add_development_dependency 'rubocop-performance', '1.11.0'
|
81
84
|
spec.add_development_dependency 'rubocop-rails', '2.9.1'
|
82
85
|
spec.add_development_dependency 'rubocop-rake', '0.5.1'
|
83
|
-
spec.add_development_dependency 'rubocop-rspec', '2.
|
86
|
+
spec.add_development_dependency 'rubocop-rspec', '2.2.0'
|
84
87
|
end
|
85
88
|
|
86
89
|
# Dependencies not mocked out during RSpec that we test real code of, beyond just frameworks.
|
87
90
|
def self.add_tested_gems spec
|
88
|
-
spec.add_development_dependency '
|
91
|
+
spec.add_development_dependency 'async'
|
89
92
|
spec.add_development_dependency 'execjs'
|
90
|
-
spec.add_development_dependency 'sqlite3'
|
91
|
-
spec.add_development_dependency '
|
93
|
+
spec.add_development_dependency 'sqlite3'
|
94
|
+
spec.add_development_dependency 'rhino'
|
92
95
|
spec.add_development_dependency 'tilt'
|
93
96
|
spec.add_development_dependency 'xpath'
|
94
97
|
end
|
@@ -100,7 +103,7 @@ end
|
|
100
103
|
# corresponding update to the fake gem server data in TeamServer.
|
101
104
|
def self.add_dependencies spec
|
102
105
|
spec.add_dependency 'ougai', '~> 1.8'
|
103
|
-
spec.add_dependency 'parser', '
|
106
|
+
spec.add_dependency 'parser', '>= 2.6' # if RUBY_VERSION < '2.6.0' # TODO: RUBY-714 remove guard w/ EOL of 2.5
|
104
107
|
spec.add_dependency 'protobuf', '~> 3.10'
|
105
108
|
spec.add_dependency 'rack', '~> 2.0'
|
106
109
|
end
|
@@ -152,9 +155,7 @@ Gem::Specification.new do |spec|
|
|
152
155
|
spec.name = 'contrast-agent'
|
153
156
|
spec.version = Contrast::Agent::VERSION
|
154
157
|
|
155
|
-
spec.email = %w[
|
156
|
-
ruby@contrastsecurity.com
|
157
|
-
]
|
158
|
+
spec.email = %w[ruby@contrastsecurity.com]
|
158
159
|
|
159
160
|
spec.summary = 'Contrast Security\'s agent for rack-based applications.'
|
160
161
|
spec.description = 'This gem instantiates a Rack middleware for rack-based ' \
|
@@ -162,7 +163,7 @@ Gem::Specification.new do |spec|
|
|
162
163
|
'Testing and Protection.'
|
163
164
|
spec.homepage = 'https://www.contrastsecurity.com'
|
164
165
|
spec.license = 'CONTRAST SECURITY (see license file)'
|
165
|
-
spec.required_ruby_version = ['>= 2.5.0', '<
|
166
|
+
spec.required_ruby_version = ['>= 2.5.0', '< 3.1.0']
|
166
167
|
|
167
168
|
spec.bindir = 'exe'
|
168
169
|
spec.executables = ['contrast_service']
|
@@ -171,7 +172,8 @@ Gem::Specification.new do |spec|
|
|
171
172
|
spec.require_paths = ['lib']
|
172
173
|
|
173
174
|
unless File.exist?(File.join(Dir.pwd, 'contrast_security.yaml'))
|
174
|
-
spec.post_install_message = 'To generate the required contrast_security.yaml file you can run:
|
175
|
+
spec.post_install_message = 'To generate the required contrast_security.yaml file you can run: '\
|
176
|
+
'bundle exec rake contrast:config:create'
|
175
177
|
end
|
176
178
|
|
177
179
|
add_authors(spec)
|
data/service_executables/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.
|
1
|
+
2.20.2
|
Binary file
|
Binary file
|
@@ -0,0 +1,9 @@
|
|
1
|
+
sonar.projectKey=Contrast-Security-Inc_ruby-agent
|
2
|
+
sonar.organization=contrast-security-inc
|
3
|
+
|
4
|
+
# Ignore C/CPP/ObjC files
|
5
|
+
sonar.c.file.suffixes=-
|
6
|
+
sonar.cpp.file.suffixes=-
|
7
|
+
sonar.objc.file.suffixes=-
|
8
|
+
|
9
|
+
sonar.ruby.coverage.reportPaths=coverage/coverage-formatted.json
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: contrast-agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.
|
4
|
+
version: 4.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- galen.palmer@contrastsecurity.com
|
@@ -13,7 +13,7 @@ authors:
|
|
13
13
|
autorequire:
|
14
14
|
bindir: exe
|
15
15
|
cert_chain: []
|
16
|
-
date: 2021-
|
16
|
+
date: 2021-05-20 00:00:00.000000000 Z
|
17
17
|
dependencies:
|
18
18
|
- !ruby/object:Gem::Dependency
|
19
19
|
name: bundler
|
@@ -89,72 +89,72 @@ dependencies:
|
|
89
89
|
name: debride
|
90
90
|
requirement: !ruby/object:Gem::Requirement
|
91
91
|
requirements:
|
92
|
-
- -
|
92
|
+
- - '='
|
93
93
|
- !ruby/object:Gem::Version
|
94
|
-
version:
|
94
|
+
version: 1.8.2
|
95
95
|
type: :development
|
96
96
|
prerelease: false
|
97
97
|
version_requirements: !ruby/object:Gem::Requirement
|
98
98
|
requirements:
|
99
|
-
- -
|
99
|
+
- - '='
|
100
100
|
- !ruby/object:Gem::Version
|
101
|
-
version:
|
101
|
+
version: 1.8.2
|
102
102
|
- !ruby/object:Gem::Dependency
|
103
103
|
name: fasterer
|
104
104
|
requirement: !ruby/object:Gem::Requirement
|
105
105
|
requirements:
|
106
|
-
- -
|
106
|
+
- - '='
|
107
107
|
- !ruby/object:Gem::Version
|
108
|
-
version:
|
108
|
+
version: 0.9.0
|
109
109
|
type: :development
|
110
110
|
prerelease: false
|
111
111
|
version_requirements: !ruby/object:Gem::Requirement
|
112
112
|
requirements:
|
113
|
-
- -
|
113
|
+
- - '='
|
114
114
|
- !ruby/object:Gem::Version
|
115
|
-
version:
|
115
|
+
version: 0.9.0
|
116
116
|
- !ruby/object:Gem::Dependency
|
117
117
|
name: flay
|
118
118
|
requirement: !ruby/object:Gem::Requirement
|
119
119
|
requirements:
|
120
|
-
- -
|
120
|
+
- - '='
|
121
121
|
- !ruby/object:Gem::Version
|
122
|
-
version:
|
122
|
+
version: 2.12.1
|
123
123
|
type: :development
|
124
124
|
prerelease: false
|
125
125
|
version_requirements: !ruby/object:Gem::Requirement
|
126
126
|
requirements:
|
127
|
-
- -
|
127
|
+
- - '='
|
128
128
|
- !ruby/object:Gem::Version
|
129
|
-
version:
|
129
|
+
version: 2.12.1
|
130
130
|
- !ruby/object:Gem::Dependency
|
131
131
|
name: rubocop
|
132
132
|
requirement: !ruby/object:Gem::Requirement
|
133
133
|
requirements:
|
134
134
|
- - '='
|
135
135
|
- !ruby/object:Gem::Version
|
136
|
-
version: 1.
|
136
|
+
version: 1.13.0
|
137
137
|
type: :development
|
138
138
|
prerelease: false
|
139
139
|
version_requirements: !ruby/object:Gem::Requirement
|
140
140
|
requirements:
|
141
141
|
- - '='
|
142
142
|
- !ruby/object:Gem::Version
|
143
|
-
version: 1.
|
143
|
+
version: 1.13.0
|
144
144
|
- !ruby/object:Gem::Dependency
|
145
145
|
name: rubocop-performance
|
146
146
|
requirement: !ruby/object:Gem::Requirement
|
147
147
|
requirements:
|
148
148
|
- - '='
|
149
149
|
- !ruby/object:Gem::Version
|
150
|
-
version: 1.
|
150
|
+
version: 1.11.0
|
151
151
|
type: :development
|
152
152
|
prerelease: false
|
153
153
|
version_requirements: !ruby/object:Gem::Requirement
|
154
154
|
requirements:
|
155
155
|
- - '='
|
156
156
|
- !ruby/object:Gem::Version
|
157
|
-
version: 1.
|
157
|
+
version: 1.11.0
|
158
158
|
- !ruby/object:Gem::Dependency
|
159
159
|
name: rubocop-rails
|
160
160
|
requirement: !ruby/object:Gem::Requirement
|
@@ -189,56 +189,70 @@ dependencies:
|
|
189
189
|
requirements:
|
190
190
|
- - '='
|
191
191
|
- !ruby/object:Gem::Version
|
192
|
-
version: 2.
|
192
|
+
version: 2.2.0
|
193
193
|
type: :development
|
194
194
|
prerelease: false
|
195
195
|
version_requirements: !ruby/object:Gem::Requirement
|
196
196
|
requirements:
|
197
197
|
- - '='
|
198
198
|
- !ruby/object:Gem::Version
|
199
|
-
version: 2.
|
199
|
+
version: 2.2.0
|
200
200
|
- !ruby/object:Gem::Dependency
|
201
201
|
name: codecov
|
202
202
|
requirement: !ruby/object:Gem::Requirement
|
203
203
|
requirements:
|
204
|
-
- -
|
204
|
+
- - '='
|
205
205
|
- !ruby/object:Gem::Version
|
206
|
-
version:
|
206
|
+
version: 0.5.2
|
207
207
|
type: :development
|
208
208
|
prerelease: false
|
209
209
|
version_requirements: !ruby/object:Gem::Requirement
|
210
210
|
requirements:
|
211
|
-
- -
|
211
|
+
- - '='
|
212
212
|
- !ruby/object:Gem::Version
|
213
|
-
version:
|
213
|
+
version: 0.5.2
|
214
214
|
- !ruby/object:Gem::Dependency
|
215
215
|
name: simplecov
|
216
216
|
requirement: !ruby/object:Gem::Requirement
|
217
217
|
requirements:
|
218
218
|
- - '='
|
219
219
|
- !ruby/object:Gem::Version
|
220
|
-
version: 0.
|
220
|
+
version: 0.21.2
|
221
221
|
type: :development
|
222
222
|
prerelease: false
|
223
223
|
version_requirements: !ruby/object:Gem::Requirement
|
224
224
|
requirements:
|
225
225
|
- - '='
|
226
226
|
- !ruby/object:Gem::Version
|
227
|
-
version: 0.
|
227
|
+
version: 0.21.2
|
228
228
|
- !ruby/object:Gem::Dependency
|
229
|
-
name:
|
229
|
+
name: rack-protection
|
230
230
|
requirement: !ruby/object:Gem::Requirement
|
231
231
|
requirements:
|
232
232
|
- - ">="
|
233
233
|
- !ruby/object:Gem::Version
|
234
|
-
version: '
|
234
|
+
version: '2'
|
235
235
|
type: :development
|
236
236
|
prerelease: false
|
237
237
|
version_requirements: !ruby/object:Gem::Requirement
|
238
238
|
requirements:
|
239
239
|
- - ">="
|
240
240
|
- !ruby/object:Gem::Version
|
241
|
-
version: '
|
241
|
+
version: '2'
|
242
|
+
- !ruby/object:Gem::Dependency
|
243
|
+
name: rails
|
244
|
+
requirement: !ruby/object:Gem::Requirement
|
245
|
+
requirements:
|
246
|
+
- - '='
|
247
|
+
- !ruby/object:Gem::Version
|
248
|
+
version: 6.0.3.5
|
249
|
+
type: :development
|
250
|
+
prerelease: false
|
251
|
+
version_requirements: !ruby/object:Gem::Requirement
|
252
|
+
requirements:
|
253
|
+
- - '='
|
254
|
+
- !ruby/object:Gem::Version
|
255
|
+
version: 6.0.3.5
|
242
256
|
- !ruby/object:Gem::Dependency
|
243
257
|
name: sinatra
|
244
258
|
requirement: !ruby/object:Gem::Requirement
|
@@ -254,7 +268,7 @@ dependencies:
|
|
254
268
|
- !ruby/object:Gem::Version
|
255
269
|
version: '2'
|
256
270
|
- !ruby/object:Gem::Dependency
|
257
|
-
name:
|
271
|
+
name: async
|
258
272
|
requirement: !ruby/object:Gem::Requirement
|
259
273
|
requirements:
|
260
274
|
- - ">="
|
@@ -285,18 +299,18 @@ dependencies:
|
|
285
299
|
name: sqlite3
|
286
300
|
requirement: !ruby/object:Gem::Requirement
|
287
301
|
requirements:
|
288
|
-
- -
|
302
|
+
- - ">="
|
289
303
|
- !ruby/object:Gem::Version
|
290
|
-
version:
|
304
|
+
version: '0'
|
291
305
|
type: :development
|
292
306
|
prerelease: false
|
293
307
|
version_requirements: !ruby/object:Gem::Requirement
|
294
308
|
requirements:
|
295
|
-
- -
|
309
|
+
- - ">="
|
296
310
|
- !ruby/object:Gem::Version
|
297
|
-
version:
|
311
|
+
version: '0'
|
298
312
|
- !ruby/object:Gem::Dependency
|
299
|
-
name:
|
313
|
+
name: rhino
|
300
314
|
requirement: !ruby/object:Gem::Requirement
|
301
315
|
requirements:
|
302
316
|
- - ">="
|
@@ -449,6 +463,34 @@ dependencies:
|
|
449
463
|
- - '='
|
450
464
|
- !ruby/object:Gem::Version
|
451
465
|
version: 0.3.0
|
466
|
+
- !ruby/object:Gem::Dependency
|
467
|
+
name: rspec-rails
|
468
|
+
requirement: !ruby/object:Gem::Requirement
|
469
|
+
requirements:
|
470
|
+
- - '='
|
471
|
+
- !ruby/object:Gem::Version
|
472
|
+
version: '5.0'
|
473
|
+
type: :development
|
474
|
+
prerelease: false
|
475
|
+
version_requirements: !ruby/object:Gem::Requirement
|
476
|
+
requirements:
|
477
|
+
- - '='
|
478
|
+
- !ruby/object:Gem::Version
|
479
|
+
version: '5.0'
|
480
|
+
- !ruby/object:Gem::Dependency
|
481
|
+
name: tzinfo-data
|
482
|
+
requirement: !ruby/object:Gem::Requirement
|
483
|
+
requirements:
|
484
|
+
- - ">="
|
485
|
+
- !ruby/object:Gem::Version
|
486
|
+
version: '0'
|
487
|
+
type: :development
|
488
|
+
prerelease: false
|
489
|
+
version_requirements: !ruby/object:Gem::Requirement
|
490
|
+
requirements:
|
491
|
+
- - ">="
|
492
|
+
- !ruby/object:Gem::Version
|
493
|
+
version: '0'
|
452
494
|
- !ruby/object:Gem::Dependency
|
453
495
|
name: ougai
|
454
496
|
requirement: !ruby/object:Gem::Requirement
|
@@ -467,14 +509,14 @@ dependencies:
|
|
467
509
|
name: parser
|
468
510
|
requirement: !ruby/object:Gem::Requirement
|
469
511
|
requirements:
|
470
|
-
- - "
|
512
|
+
- - ">="
|
471
513
|
- !ruby/object:Gem::Version
|
472
514
|
version: '2.6'
|
473
515
|
type: :runtime
|
474
516
|
prerelease: false
|
475
517
|
version_requirements: !ruby/object:Gem::Requirement
|
476
518
|
requirements:
|
477
|
-
- - "
|
519
|
+
- - ">="
|
478
520
|
- !ruby/object:Gem::Version
|
479
521
|
version: '2.6'
|
480
522
|
- !ruby/object:Gem::Dependency
|
@@ -513,20 +555,20 @@ executables:
|
|
513
555
|
- contrast_service
|
514
556
|
extensions:
|
515
557
|
- ext/cs__common/extconf.rb
|
516
|
-
- ext/cs__assess_active_record_named/extconf.rb
|
517
558
|
- ext/cs__assess_string/extconf.rb
|
518
559
|
- ext/cs__assess_kernel/extconf.rb
|
519
|
-
- ext/
|
520
|
-
- ext/
|
521
|
-
- ext/
|
560
|
+
- ext/cs__protect_kernel/extconf.rb
|
561
|
+
- ext/cs__assess_module/extconf.rb
|
562
|
+
- ext/cs__assess_active_record_named/extconf.rb
|
522
563
|
- ext/cs__assess_fiber_track/extconf.rb
|
523
|
-
- ext/cs__assess_hash/extconf.rb
|
524
564
|
- ext/cs__assess_array/extconf.rb
|
565
|
+
- ext/cs__contrast_patch/extconf.rb
|
525
566
|
- ext/cs__assess_string_interpolation26/extconf.rb
|
526
|
-
- ext/
|
567
|
+
- ext/cs__assess_regexp/extconf.rb
|
527
568
|
- ext/cs__assess_marshal_module/extconf.rb
|
528
|
-
- ext/
|
529
|
-
- ext/
|
569
|
+
- ext/cs__assess_basic_object/extconf.rb
|
570
|
+
- ext/cs__assess_hash/extconf.rb
|
571
|
+
- ext/cs__assess_yield_track/extconf.rb
|
530
572
|
extra_rdoc_files: []
|
531
573
|
files:
|
532
574
|
- ".clang-format"
|
@@ -747,6 +789,7 @@ files:
|
|
747
789
|
- lib/contrast/agent/assess/policy/propagator/match_data.rb
|
748
790
|
- lib/contrast/agent/assess/policy/propagator/next.rb
|
749
791
|
- lib/contrast/agent/assess/policy/propagator/prepend.rb
|
792
|
+
- lib/contrast/agent/assess/policy/propagator/rack_protection.rb
|
750
793
|
- lib/contrast/agent/assess/policy/propagator/remove.rb
|
751
794
|
- lib/contrast/agent/assess/policy/propagator/replace.rb
|
752
795
|
- lib/contrast/agent/assess/policy/propagator/reverse.rb
|
@@ -788,7 +831,6 @@ files:
|
|
788
831
|
- lib/contrast/agent/inventory/dependencies.rb
|
789
832
|
- lib/contrast/agent/inventory/dependency_analysis.rb
|
790
833
|
- lib/contrast/agent/inventory/dependency_usage_analysis.rb
|
791
|
-
- lib/contrast/agent/inventory/gemfile_digest_cache.rb
|
792
834
|
- lib/contrast/agent/inventory/policy/datastores.rb
|
793
835
|
- lib/contrast/agent/inventory/policy/policy.rb
|
794
836
|
- lib/contrast/agent/inventory/policy/trigger_node.rb
|
@@ -832,7 +874,6 @@ files:
|
|
832
874
|
- lib/contrast/agent/protect/rule/xss.rb
|
833
875
|
- lib/contrast/agent/protect/rule/xxe.rb
|
834
876
|
- lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb
|
835
|
-
- lib/contrast/agent/railtie.rb
|
836
877
|
- lib/contrast/agent/reaction_processor.rb
|
837
878
|
- lib/contrast/agent/request.rb
|
838
879
|
- lib/contrast/agent/request_context.rb
|
@@ -868,6 +909,7 @@ files:
|
|
868
909
|
- lib/contrast/api/decorators/application_update.rb
|
869
910
|
- lib/contrast/api/decorators/http_request.rb
|
870
911
|
- lib/contrast/api/decorators/input_analysis.rb
|
912
|
+
- lib/contrast/api/decorators/instrumentation_mode.rb
|
871
913
|
- lib/contrast/api/decorators/library.rb
|
872
914
|
- lib/contrast/api/decorators/library_usage_update.rb
|
873
915
|
- lib/contrast/api/decorators/message.rb
|
@@ -882,7 +924,6 @@ files:
|
|
882
924
|
- lib/contrast/api/decorators/user_input.rb
|
883
925
|
- lib/contrast/api/dtm.pb.rb
|
884
926
|
- lib/contrast/api/settings.pb.rb
|
885
|
-
- lib/contrast/common_agent_configuration.rb
|
886
927
|
- lib/contrast/components/agent.rb
|
887
928
|
- lib/contrast/components/app_context.rb
|
888
929
|
- lib/contrast/components/assess.rb
|
@@ -916,6 +957,7 @@ files:
|
|
916
957
|
- lib/contrast/config/server_configuration.rb
|
917
958
|
- lib/contrast/config/service_configuration.rb
|
918
959
|
- lib/contrast/configuration.rb
|
960
|
+
- lib/contrast/delegators/input_analysis.rb
|
919
961
|
- lib/contrast/extension/assess.rb
|
920
962
|
- lib/contrast/extension/assess/array.rb
|
921
963
|
- lib/contrast/extension/assess/erb.rb
|
@@ -945,6 +987,7 @@ files:
|
|
945
987
|
- lib/contrast/framework/rails/patch/assess_configuration.rb
|
946
988
|
- lib/contrast/framework/rails/patch/rails_application_configuration.rb
|
947
989
|
- lib/contrast/framework/rails/patch/support.rb
|
990
|
+
- lib/contrast/framework/rails/railtie.rb
|
948
991
|
- lib/contrast/framework/rails/rewrite/action_controller_railties_helper_inherited.rb
|
949
992
|
- lib/contrast/framework/rails/rewrite/active_record_attribute_methods_read.rb
|
950
993
|
- lib/contrast/framework/rails/rewrite/active_record_named.rb
|
@@ -993,6 +1036,7 @@ files:
|
|
993
1036
|
- service_executables/linux/contrast-service
|
994
1037
|
- service_executables/mac/contrast-service
|
995
1038
|
- shared_libraries/.gitkeep
|
1039
|
+
- sonar-project.properties
|
996
1040
|
homepage: https://www.contrastsecurity.com
|
997
1041
|
licenses:
|
998
1042
|
- CONTRAST SECURITY (see license file)
|
@@ -1013,14 +1057,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
1013
1057
|
version: 2.5.0
|
1014
1058
|
- - "<"
|
1015
1059
|
- !ruby/object:Gem::Version
|
1016
|
-
version:
|
1060
|
+
version: 3.1.0
|
1017
1061
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
1018
1062
|
requirements:
|
1019
1063
|
- - ">="
|
1020
1064
|
- !ruby/object:Gem::Version
|
1021
1065
|
version: '0'
|
1022
1066
|
requirements: []
|
1023
|
-
rubygems_version: 3.
|
1067
|
+
rubygems_version: 3.1.6
|
1024
1068
|
signing_key:
|
1025
1069
|
specification_version: 4
|
1026
1070
|
summary: Contrast Security's agent for rack-based applications.
|