contrast-agent 4.7.0 → 4.10.0

data/lib/contrast/framework/rack/patch/session_cookie.rb

@@ -1,7 +1,8 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 
 module Contrast
   module Framework
@@ -11,9 +12,8 @@ module Contrast
         # runtime detection of insecure configurations on individual cookies
         # within the application
         class SessionCookie
-          include Contrast::Components::Interface
-
-          access_component :agent, :analysis, :logging, :scope
+          extend Contrast::Components::Logger::InstanceMethods
+          extend Contrast::Components::Scope::InstanceMethods
 
           CS__SECURE_RULE_NAME = 'secure-flag-missing'
           CS__HTTPONLY_NAME = 'rails-http-only-disabled'
@@ -36,8 +36,8 @@ module Contrast
             end
 
             def analyze options
-              return unless AGENT.enabled?
-              return if ASSESS.forcibly_disabled?
+              return unless ::Contrast::AGENT.enabled?
+              return if ::Contrast::ASSESS.forcibly_disabled?
 
               apply_session_timeout(options)
               apply_httponly(options)

data/lib/contrast/framework/rack/support.rb

@@ -14,7 +14,7 @@ module Contrast
         extend Contrast::Framework::Rack::Patch::Support
         class << self
           def detection_class
-            'don\'t let me be detected'
+            'rack -- don\'t let me be detected'
           end
         end
       end

data/lib/contrast/framework/rails/patch/assess_configuration.rb

@@ -1,7 +1,6 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
 require 'contrast/utils/invalid_configuration_util'
 
 module Contrast
@@ -10,9 +9,7 @@ module Contrast
       module Patch
         # This module is used to analyze rails session storage configuration for assess vulnerabilities
         module AssessConfiguration
-          include Contrast::Components::Interface
-
-          access_component :agent, :analysis, :logging
+          include Contrast::Components::Logger::InstanceMethods
 
           CS__SESSION_TIMEOUT_NAME = 'session-timeout'
           SAFE_SESSION_TIMEOUT = (30 * 60 * 1000)
@@ -23,7 +20,7 @@ module Contrast
             include Contrast::Utils::InvalidConfigurationUtil
 
             def analyze_session_store *args
-              return if ASSESS.forcibly_disabled?
+              return if ::Contrast::ASSESS.forcibly_disabled?
 
               apply_httponly_disabled(*args)
               apply_secure_cookie_disabled(*args)
@@ -52,7 +49,7 @@ module Contrast
             end
 
             def apply_session_timeout *args
-              return if ASSESS.rule_disabled? CS__SESSION_TIMEOUT_NAME
+              return if ::Contrast::ASSESS.rule_disabled? CS__SESSION_TIMEOUT_NAME
               return unless vulnerable_setting?(:expire_after, SAFE_SESSION_TIMEOUT, args,
                                                 comparison_type: :greater_than, safe_default: false)
 
@@ -67,7 +64,7 @@ module Contrast
             end
 
             def apply_secure_cookie_disabled *args
-              return if ASSESS.rule_disabled? CS__SECURE_RULE_NAME
+              return if ::Contrast::ASSESS.rule_disabled? CS__SECURE_RULE_NAME
               return unless vulnerable_setting?(:secure, true, args)
 
               rails_session_settings = args[1]
@@ -81,7 +78,7 @@ module Contrast
             end
 
             def apply_httponly_disabled *args
-              return if ASSESS.rule_disabled? CS__HTTPONLY_RULE_NAME
+              return if ::Contrast::ASSESS.rule_disabled? CS__HTTPONLY_RULE_NAME
               return unless vulnerable_setting?(:httponly, true, args)
 
               rails_session_settings = args[1]

data/lib/contrast/framework/rails/patch/support.rb

@@ -20,47 +20,54 @@ module Contrast
             # (i.e., where we normally patch) we will miss the configuration
             # and will never be able to report session misconfiguration rules.
             Contrast::Framework::Rails::Patch::RailsApplicationConfiguration.instrument
-            require 'contrast/agent/railtie' if ::Rails::VERSION::MAJOR.to_i >= 3
+            require 'contrast/framework/rails/railtie' if ::Rails::VERSION::MAJOR.to_i >= 3
           end
 
           # (See BaseSupport#after_load_patches)
           def after_load_patches
-            Set.new([
-                      Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
-                          'ActionController::Live::Buffer',
-                          'contrast/framework/rails/patch/action_controller_live_buffer',
-                          instrumenting_module: 'Contrast::Framework::Rails::Patch::ActionControllerLiveBuffer'),
-                      Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
-                          'Rails::Application::Configuration',
-                          'contrast/framework/rails/patch/rails_application_configuration',
-                          method_to_instrument: :session_store,
-                          instrumenting_module: 'Contrast::Framework::Rails::Patch::RailsApplicationConfiguration'),
-
-                      # TODO: RUBY-714 remove w/ EOL of 2.5
-                      #
-                      # @deprecated  Everything past here is used for Rewriting and can
-                      #   be removed once we no longer support 2.5.
-                      Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
-                          'ActionController::Railties::Helper::ClassMethods',
-                          'contrast/framework/rails/rewrite/action_controller_railties_helper_inherited',
-                          method_to_instrument: :inherited,
-                          instrumenting_module:
-                            'Contrast::Framework::Rails::Rewrite::ActionControllerRailtiesHelperInherited'),
-                      Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
-                          'ActiveRecord::AttributeMethods::Read::ClassMethods',
-                          'contrast/framework/rails/rewrite/active_record_attribute_methods_read',
-                          instrumenting_module:
-                            'Contrast::Framework::Rails::Rewrite::ActiveRecordAttributeMethodsRead'),
-                      Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
-                          'ActiveRecord::Scoping::Named::ClassMethods',
-                          'contrast/framework/rails/rewrite/active_record_named',
-                          instrumenting_module: 'Contrast::Framework::Rails::Rewrite::ActiveRecordNamed'),
-                      Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
-                          'ActiveRecord::AttributeMethods::TimeZoneConversion::ClassMethods',
-                          'contrast/framework/rails/rewrite/active_record_time_zone_inherited',
-                          method_to_instrument: :inherited,
-                          instrumenting_module: 'Contrast::Framework::Rails::Rewrite::ActiveRecordTimeZoneInherited')
-                    ])
+            patches = Set.new([
+                                Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
+                                    'ActionController::Live::Buffer',
+                                    'contrast/framework/rails/patch/action_controller_live_buffer',
+                                    instrumenting_module:
+                                      'Contrast::Framework::Rails::Patch::ActionControllerLiveBuffer'),
+                                Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
+                                    'Rails::Application::Configuration',
+                                    'contrast/framework/rails/patch/rails_application_configuration',
+                                    method_to_instrument: :session_store,
+                                    instrumenting_module:
+                                      'Contrast::Framework::Rails::Patch::RailsApplicationConfiguration')
+                              ])
+            if RUBY_VERSION < '2.6.0'
+              patches.merge([
+                              # TODO: RUBY-714 remove w/ EOL of 2.5
+                              #
+                              # @deprecated  Everything past here is used for Rewriting and can
+                              #   be removed once we no longer support 2.5.
+                              Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
+                                  'ActionController::Railties::Helper::ClassMethods',
+                                  'contrast/framework/rails/rewrite/action_controller_railties_helper_inherited',
+                                  method_to_instrument: :inherited,
+                                  instrumenting_module:
+                                    'Contrast::Framework::Rails::Rewrite::ActionControllerRailtiesHelperInherited'),
+                              Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
+                                  'ActiveRecord::AttributeMethods::Read::ClassMethods',
+                                  'contrast/framework/rails/rewrite/active_record_attribute_methods_read',
+                                  instrumenting_module:
+                                    'Contrast::Framework::Rails::Rewrite::ActiveRecordAttributeMethodsRead'),
+                              Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
+                                  'ActiveRecord::Scoping::Named::ClassMethods',
+                                  'contrast/framework/rails/rewrite/active_record_named',
+                                  instrumenting_module: 'Contrast::Framework::Rails::Rewrite::ActiveRecordNamed'),
+                              Contrast::Agent::Patching::Policy::AfterLoadPatch.new(
+                                  'ActiveRecord::AttributeMethods::TimeZoneConversion::ClassMethods',
+                                  'contrast/framework/rails/rewrite/active_record_time_zone_inherited',
+                                  method_to_instrument: :inherited,
+                                  instrumenting_module:
+                                    'Contrast::Framework::Rails::Rewrite::ActiveRecordTimeZoneInherited')
+                            ])
+            end
+            patches
           end
         end
       end

data/lib/contrast/framework/rails/railtie.rb

@@ -0,0 +1,34 @@
+# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/utils/job_servers_running'
+require 'contrast/components/logger'
+
+module Contrast
+  module Framework
+    module Rails
+      # A Railtie to allow for the automatic hooking of the Agent into a Rails application.
+      class Railtie < ::Rails::Railtie
+        include Contrast::Components::Logger::InstanceMethods
+
+        initializer 'Contrast Ruby Agent Initializer' do |app|
+          log_rails = defined?(Rails) && defined?(Rails.logger)
+
+          Rails.logger.debug("In railtie ::#{ app.middleware.inspect }") if log_rails
+
+          if ::Contrast::APP_CONTEXT.instrument_middleware_stack?
+            ::Contrast::AGENT.insert_middleware(app)
+          else
+            Rails.logger.debug('Detected a running job server, skipping Contrast middleware insertion.') if log_rails
+            logger.debug('Disabling Contrast for process', p_id: Process.pid)
+          end
+        end
+
+        rake_tasks do
+          load 'contrast/tasks/service.rb'
+          load 'contrast/tasks/config.rb'
+        end
+      end
+    end
+  end
+end

data/lib/contrast/framework/rails/rewrite/active_record_named.rb

@@ -3,7 +3,7 @@
 
 return unless RUBY_VERSION < '2.6.0' # TODO: RUBY-714 remove guard w/ EOL of 2.5
 
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 
 module Contrast
   module Framework
@@ -17,12 +17,12 @@ module Contrast
         # @deprecated Changes to this class are discouraged as this approach is
         #   being phased out with support for those language versions.
         class ActiveRecordNamed
-          include Contrast::Components::Interface
-          access_component :agent, :logging
+          include Contrast::Components::Logger::InstanceMethods
+          extend Contrast::Components::Logger::InstanceMethods
 
           class << self
             def rewrite mod, method_name, body
-              return body unless AGENT.rewrite_interpolation?
+              return body unless ::Contrast::AGENT.rewrite_interpolation?
               return body unless body.is_a?(Proc)
 
               location = body.source_location

data/lib/contrast/framework/rails/support.rb

@@ -13,6 +13,8 @@ module Contrast
       class Support
         extend Contrast::Framework::BaseSupport
         extend Contrast::Framework::Rails::Patch::Support
+        include Contrast::Components::Logger::InstanceMethods
+        extend Contrast::Components::Logger::InstanceMethods
 
         class << self
           RAILS_MODULE_NAME_VERSION = Gem::Version.new('6.0.0')
@@ -49,31 +51,36 @@ module Contrast
           # Find the current route, based on the provided Request wrapper
           #
           # @param request[Contrast::Agent::Request]
-          # @return [Contrast::Api::Dtm::RouteCoverage]
+          # @return [Contrast::Api::Dtm::RouteCoverage, nil]
           def current_route request
             return unless ::Rails.cs__respond_to?(:application)
 
+            # ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
             match, _params, route, path = get_full_route(request.rack_request)
+            unless route
+              logger.warn('Unable to determine the current route of this request')
+              return
+            end
 
             original_url = request.rack_request.path_info
-
+            mounted_app = route&.app&.app
             # Route is either the final rails route, or a router that points to a Sinatra controller.
-            if Contrast::Framework::Sinatra::Support.sinatra_controller?(route.app.app)
-              # Create a request copied from current request, but with the base path removed from path_info.
-              new_req = ::ActionDispatch::Request.new(request.env)
-              new_req.path_info = new_req.path_info.gsub((path << match).join, '')
-
-              return Contrast::Framework::Sinatra::Support.current_route(new_req, route.app.app, original_url)
+            if mounted_app && Contrast::Framework::Sinatra::Support.sinatra_controller?(mounted_app)
+              return mounted_sinatra_route(request, match, path, route, original_url)
+            end
+            if mounted_app && Contrast::Framework::Grape::Support.grape_controller?(mounted_app)
+              return mounted_grape_route(request, match, path, route, original_url)
             end
 
             Contrast::Api::Dtm::RouteCoverage.from_action_dispatch_journey(route, original_url)
-          rescue StandardError => _e
+          rescue StandardError => e
+            logger.warn('Unable to determine the current route of this request', e)
             nil
           end
 
           # Copy a request for modification.
           #
-          # @param [::ActionDispatch::Request] original env.
+          # @param env [::ActionDispatch::Request] original env.
           # @return [::ActionDispatch::Request] a copy of original env with rails env merged.
           def retrieve_request env
             rails_env = ::Rails.application.env_config.merge(env)
@@ -91,18 +98,21 @@ module Contrast
 
           # Determine if route is a Rails engine route.
           #
-          # @param [Object] app or route that points to a ::Rails::Engine
+          # @param route [Object] app or route that points to a ::Rails::Engine
           # @return [bool] whether the router is an engine or not.
           def engine_route? route
+            return false unless route&.app&.app
+
             route.app.is_a?(::ActionDispatch::Routing::Mapper::Constraints) && route.app.app < ::Rails::Engine
           end
 
           # Recursively get final route traversing engines as required.
           #
           # @param request [::Rack::Request] the rack request as will be handed to rails controller.
-          # @param top_router [::ActionDispatch::Journer::Router] the current router relative to the previous.
+          # @param top_router [::ActionDispatch::Journey::Router] the current router relative to the previous.
           # @param path [Array<String>] the chunks of path that have been seen.
-          # @return [Array<array>] the final set of rails route classes.
+          # @return [Array<Object>] the final set of rails route classes.
+          #   ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
           def get_full_route request, top_router = ::Rails.application.routes.router, path = []
             return if (route_matches = top_router.send(:find_routes, request)).empty?
 
@@ -132,6 +142,43 @@ module Contrast
             end
             route_list
           end
+
+          # @param request[Contrast::Agent::Request]
+          # @param match [ActionDispatch::Journey::Path::Pattern::MatchData]
+          # @param path [Array<String>] the path of this request, built out from each nested
+          #   ActionDispatch::Journey::Path::Pattern::MatchData
+          # @param route [::ActionDispatch::Journey::Route]
+          # @param original_url [String] the full url of this request, including the mount
+          # @return [Contrast::Api::Dtm::RouteCoverage, nil]
+          def mounted_sinatra_route request, match, path, route, original_url
+            new_req = unmounted_route(request, match, path)
+            Contrast::Framework::Sinatra::Support.current_route(new_req, route.app.app, original_url)
+          end
+
+          # @param request[Contrast::Agent::Request]
+          # @param match [ActionDispatch::Journey::Path::Pattern::MatchData]
+          # @param path [Array<String>] the path of this request, built out from each nested
+          #   ActionDispatch::Journey::Path::Pattern::MatchData
+          # @param route [::ActionDispatch::Journey::Route]
+          # @param original_url [String] the full url of this request, including the mount
+          # @return [Contrast::Api::Dtm::RouteCoverage, nil]
+          def mounted_grape_route request, match, path, route, original_url
+            new_req = unmounted_route(request, match, path)
+            Contrast::Framework::Grape::Support.current_route(new_req, route.app.app, original_url)
+          end
+
+          # Create a request copied from current request, but with the base path removed from path_info, as that's
+          # the mount.
+          #
+          # @param request[Contrast::Agent::Request]
+          # @param match []
+          # @param path [String] the path of this request
+          # @return [::ActionDispatch::Request]
+          def unmounted_route request, match, path
+            new_req = ::ActionDispatch::Request.new(request.env)
+            new_req.path_info = new_req.path_info.gsub((path << match).join, '')
+            new_req
+          end
         end
       end
     end

data/lib/contrast/framework/sinatra/support.rb

@@ -106,7 +106,7 @@ module Contrast
           def _route_recurse controller, method, route
             return if controller.nil? || controller.cs__class == NilClass
 
-            route_patterns = controller.routes.fetch(method, []).map(&:first)
+            route_patterns = controller.routes.fetch(method) { [] }.map(&:first)
             route_pattern = route_patterns&.find do |matcher|
               matcher.params(route) # ::Mustermann::Sinatra match.
             end

data/lib/contrast/funchook/funchook.rb

@@ -1,11 +1,12 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+
 # This module is used to find funchook library and determine availability
 module Funchook
-  include Contrast::Components::Interface
-  access_component :logging
+  extend Contrast::Components::Logger::InstanceMethods
+
   attr_accessor :path
 
   # Possible platform library files

data/lib/contrast/logger/application.rb

@@ -1,16 +1,11 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
-
 module Contrast
   module Logger
     # Our decorator for the Ougai logger allowing for the logging of the
     # application environment, used to provide context during troubleshooting.
     module Application
-      include Contrast::Components::Interface
-      access_component :config
-
       ENV_KEYS = %w[HOME PWD RACK_ENV RAILS_ENV RUBY_VERSION GEM_HOME GEM_PATH].cs__freeze
       # Utility method to log some current ruby and rails information from environment
       def application_environment
@@ -31,7 +26,7 @@ module Contrast
       def application_configuration
         return unless info?
 
-        loggable = CONFIG.loggable
+        loggable = ::Contrast::CONFIG.loggable
         info('Current configuration', configuration: loggable)
         env_keys = ENV.keys.select do |env_key|
           env_key&.to_s&.start_with?(Contrast::Components::Config::CONTRAST_ENV_MARKER)

data/lib/contrast/logger/log.rb

@@ -5,21 +5,106 @@ require 'logger'
 require 'ougai'
 require 'singleton'
 
-require 'contrast/components/interface'
 require 'contrast/extension/module'
 require 'contrast/logger/application'
 require 'contrast/logger/format'
 require 'contrast/logger/request'
 require 'contrast/logger/time'
+require 'contrast/components/config'
 
 module Contrast
+  # This module allows us to dynamically weave timing into our code, so that only when the time is actually needed do
+  # we pay the penalty for that timing block
+  module TraceTiming
+    def methods_to_time
+      @_methods_to_time ||= []
+    end
+
+    # Store info about methods for later patching.
+    METHOD_INFO = Struct.new(:clazz, :method_name, :custom_msg, :aliased)
+
+    # Add a method to the list of methods to be trace timed if logger set to TRACE. Enables trace timing after if
+    # logger set to TRACE.
+    #
+    # @params: clazz [Class] the class of the method to time.
+    # @params: method [Symbol] the method to time.
+    # @params: method [String] optional custom logging message.
+    def add_method_to_trace_timing clazz, method, msg = nil
+      methods_to_time.append(METHOD_INFO.new(clazz, method, msg, false))
+      enable_trace_timing if logger.level == ::Ougai::Logging::TRACE
+    end
+
+    # Add a method to the list of methods to be trace timed if logger set to TRACE. Enables trace timing after if
+    # logger set to TRACE.
+    #
+    # @params: method_spec [METHOD_INFO] specs about the method to be timed.
+    # @params: class_method [Boolean] whether this is or isn't a class/module method.
+    def trace_time_class_method meth_spec, class_method
+      untimed_func_symbol = "untimed_#{ meth_spec.method_name }".to_sym
+      send_to = class_method ? meth_spec.clazz.cs__singleton_class : meth_spec.clazz
+      meth_spec.clazz.class_eval do
+        include Contrast::Components::Logger::InstanceMethods
+        extend Contrast::Components::Logger::InstanceMethods
+
+        send_to.send(:alias_method, untimed_func_symbol, meth_spec.method_name)
+        meth_spec.aliased = true
+
+        log_message = "Elapsed time for #{ meth_spec.method_name }."
+        log_message = meth_spec.custom_message if meth_spec.custom_msg
+
+        send_to.send(:define_method, meth_spec.method_name) do |*args, **kwargs, &block| # rubocop:disable Performance/Kernel/DefineMethod
+          start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
+          rv = if kwargs.empty?
+                 send(untimed_func_symbol, *args, &block)
+               else
+                 send(untimed_func_symbol, *args, **kwargs, &block)
+               end
+          delta = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start
+          logger.trace(log_message, elapsed: delta * 1000)
+          rv
+        end
+      end
+    end
+
+    # Enable trace timing of methods specified in @_methods_to_time via aliasing.
+    def enable_trace_timing
+      methods_to_time.each do |meth_spec|
+        next if meth_spec.aliased
+
+        is_class_method = meth_spec.clazz.singleton_methods(false).include?(meth_spec.method_name)
+        trace_time_class_method meth_spec, is_class_method
+      end
+    end
+  end
+end
+
+module Contrast
+  # Used as a wrapper around our logging. The module option specifically adds in a new method for error that raises the
+  # logged exception, used in testing so that we can see if anything unexpected happens without it being swallowed
+  # while still providing safe options for customers.
   module Logger
-    # This class functions to serve as a wrapper around our logging, as we need
-    # to be able to dynamically update level based on updates to TeamServer.
+    # For development set following env var to raise logged exceptions instead of just logging.
+    if ENV['CONTRAST__AGENT__RUBY_MORE_COWBELL']
+      Ougai::Logger.class_eval do
+        alias_method :cs__error, :error
+        alias_method :cs__warn, :warn
+
+        def error *args, **kwargs
+          if kwargs.empty?
+            cs__error(*args)
+          else
+            cs__error(*args, **kwargs)
+          end
+          args.each { |arg| raise arg if arg && arg.cs__class < Exception }
+        end
+      end
+    end
+
+    # This class functions to serve as a wrapper around our logging, as we need to be able to dynamically update
+    # level based on updates to TeamServer.
     class Log
       include Singleton
-      include Contrast::Components::Interface
-      access_component :config
+      include ::Contrast::TraceTiming
 
       DEFAULT_NAME     = 'contrast.log'
       DEFAULT_LEVEL    = ::Ougai::Logging::Severity::INFO
@@ -33,8 +118,8 @@ module Contrast
         update
       end
 
-      # Given new settings from TeamServer, update our logging to use the new
-      # file and level, assuming they weren't set by local configuration.
+      # Given new settings from TeamServer, update our logging to use the new file and level, assuming they weren't
+      # set by local configuration.
       #
       # @param log_file [String] the file to which to log, as provided by TeamServer settings
       # @param log_level [String] the level at which to log, as provided by TeamServer settings
@@ -51,6 +136,8 @@ module Contrast
         @previous_path  = current_path
         @previous_level = current_level_const
 
+        enable_trace_timing if current_level_const == ::Ougai::Logging::TRACE
+
         @_logger = build(path: current_path, level_const: current_level_const)
         # If we're logging to a new path, then let's start it w/ our helpful
         # data gathering messages
@@ -60,6 +147,9 @@ module Contrast
           logger.error('Unable to process update to LoggerManager.', e)
         else
           puts 'Unable to process update to LoggerManager.'
+          raise e if ENV['CONTRAST__AGENT__RUBY_MORE_COWBELL']
+
+          puts e.message
           puts e.backtrace.join("\n")
         end
       end
@@ -107,8 +197,8 @@ module Contrast
       #   TeamServer.
       # @return [String] the path to which to log or STDOUT / STDERR if one of those values provided.
       def find_valid_path log_file
-        config = CONFIG.root.agent.logger
-        config_path = config.path&.length.to_i.positive? ? config.path : nil
+        config = ::Contrast::CONFIG.root.agent.logger
+        config_path = config&.path&.length.to_i.positive? ? config.path : nil
         valid_path(config_path || log_file)
       end
 
@@ -141,8 +231,9 @@ module Contrast
       #   TeamServer.
       # @return [::Ougai::Logging::Severity] the level at which to log
       def find_valid_level log_level
-        config = CONFIG.root.agent.logger
-        config_level = config.level&.length&.positive? ? config.level : nil
+        config = ::Contrast::CONFIG.root.agent.logger
+        config_level = config&.level&.length&.positive? ? config.level : nil
+
         valid_level(config_level || log_level)
       end
 
@@ -158,8 +249,7 @@ module Contrast
         DEFAULT_LEVEL
       end
 
-      # Log that the Agent log has changed and include some default information
-      # at the start of the log.
+      # Log that the Agent log has changed and include some default information at the start of the log.
       def log_update
         logger.debug('Initialized new contrast agent logger')
         logger.debug_with_time('middleware: log environment') do