contrast-agent 4.7.0 → 4.10.0

data/lib/contrast/logger/request.rb

@@ -1,7 +1,6 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
 require 'contrast/utils/timer'
 
 module Contrast
@@ -9,9 +8,6 @@ module Contrast
     # Our decorator for the Ougai logger allowing for the logging of the
     # request lifecycle, used to provide context during troubleshooting.
     module Request
-      include Contrast::Components::Interface
-      access_component :config
-
       # Utility method to log the start of a request
       def request_start
         debug('Beginning request analysis')

data/lib/contrast/tasks/config.rb

@@ -7,7 +7,6 @@ module Contrast
   # A Rake task to generate a contrast_security.yaml file with some basic settings
   module Config
     extend Rake::DSL
-    include Contrast::Components::Interface
     DEFAULT_CONFIG = {
         'api' => {
             'url' => 'Enter your Contrast URL ex: https://app.contrastsecurity.com/Contrast',

data/lib/contrast/tasks/service.rb

@@ -1,7 +1,6 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
 require 'contrast/utils/os'
 
 module Contrast
@@ -10,14 +9,10 @@ module Contrast
   # forked from the application
   module Service
     extend Rake::DSL
-    include Contrast::Components::Interface
-
-    access_component :contrast_service
-
     # Start the service if it is not already running
     def self.start_service
       puts 'Starting Contrast Service'
-      service_log = CONTRAST_SERVICE.logger_path
+      service_log = ::Contrast::CONTRAST_SERVICE.logger_path
       if File.writable?(service_log)
         spawn('contrast_service', out: File::NULL, err: service_log)
       else

data/lib/contrast/utils/assess/sampling_util.rb

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 
 require 'singleton'
-require 'contrast/components/interface'
+require 'contrast/components/sampling'
 
 module Contrast
   module Utils
@@ -11,8 +11,7 @@ module Contrast
       class SamplingUtil
         include Singleton
 
-        include Contrast::Components::Interface
-        access_component :sampling
+        extend Contrast::Components::Sampling::InstanceMethods
 
         def initialize
           @requests = {}

data/lib/contrast/utils/assess/tracking_util.rb

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 
 require 'contrast/agent/assess/tracker'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 require 'contrast/utils/duck_utils'
 
 module Contrast
@@ -10,9 +10,7 @@ module Contrast
     module Assess
       # TrackingUtil has methods for determining if a object is being tracked
       class TrackingUtil
-        include Contrast::Components::Interface
-
-        access_component :logging
+        extend Contrast::Components::Logger::InstanceMethods
 
         class << self
           # Public interface to our tracking check, isolating the internals

data/lib/contrast/utils/heap_dump_util.rb

@@ -3,14 +3,16 @@
 
 require 'objspace'
 require 'singleton'
-require 'contrast/components/interface'
+require 'contrast/components/heap_dump'
+require 'contrast/components/logger'
 
 module Contrast
   module Utils
     # Implementation of a heap dump util to automate generation
     class HeapDumpUtil < Contrast::Agent::WorkerThread
-      include Contrast::Components::Interface
-      access_component :heap_dump, :logging
+      extend Contrast::Components::Logger::InstanceMethods
+      include Contrast::Components::Logger::InstanceMethods
+      extend Contrast::Components::HeapDump::InstanceMethods
 
       LOG_ERROR_DUMPS = 'Unable to generate heap dumps'
       FILE_WRITE_FLAGS = 'w'

data/lib/contrast/utils/invalid_configuration_util.rb

@@ -2,15 +2,16 @@
 # frozen_string_literal: true
 
 require 'contrast/agent/assess/policy/trigger_method'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 
 module Contrast
   module Utils
     # This utility allows us to report invalid configurations detected in
     # customer applications, as determined by Configuration Rules at runtime.
     module InvalidConfigurationUtil
-      include Contrast::Components::Interface
-      access_component :analysis, :app_context, :logging, :scope
+      include Contrast::Components::Logger::InstanceMethods
+      include Contrast::Components::Scope::InstanceMethods
 
       CS__PATH = 'path'
       CS__SESSION_ID = 'sessionId'

data/lib/contrast/utils/io_util.rb

@@ -1,15 +1,13 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 
 module Contrast
   module Utils
     # Util for information about an IO
-    class IOUtil
-      include Contrast::Components::Interface
-
-      access_component :logging
+    module IOUtil
+      extend Contrast::Components::Logger::InstanceMethods
 
       # We're only going to call rewind on things that we believe are safe to
       # call it on. This method white lists those cases and returns false in

data/lib/contrast/utils/job_servers_running.rb

@@ -1,13 +1,14 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/components/logger'
+
 module Contrast
   module Utils
     # A module that detects whether any job servers attached to
     # the application are running
     module JobServersRunning
-      include Contrast::Components::Interface
-      access_component :app_context, :logging
+      extend Contrast::Components::Logger::InstanceMethods
 
       class << self
         def job_servers_running?
@@ -31,7 +32,7 @@ module Contrast
             return
           end
 
-          disabled_rake_tasks = APP_CONTEXT.disabled_agent_rake_tasks
+          disabled_rake_tasks = ::Contrast::APP_CONTEXT.disabled_agent_rake_tasks
           has_disabled_task = Rake.application.top_level_tasks.any? do |top_level_task|
             disabled_rake_tasks.include?(top_level_task)
           end

data/lib/contrast/utils/os.rb

@@ -1,7 +1,7 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
+require 'contrast/components/scope'
 
 module Contrast
   module Utils
@@ -9,8 +9,7 @@ module Contrast
     # which will not change at runtime, such as the operating system, the
     # Utility memozies to avoid multiple lookups.
     module OS
-      include Contrast::Components::Interface
-      access_component :scope
+      extend Contrast::Components::Scope::InstanceMethods
 
       class << self
         def running?

data/lib/contrast/utils/ruby_ast_rewriter.rb

@@ -36,36 +36,39 @@ module Contrast
       # the replace within the given node.
       def on_dstr node
         return if node.children.all? { |child_node| child_node.type == :str }
-
         new_content = +'('
-        node.children.each_with_index do |child_node, index|
+        idx = 0
+        while idx < node.children.size
+          #node.children.each_with_index do |child_node, index|
+          child_node = node.children[idx]
           # A begin node looks like #{some_code} in ruby, we do a substring
           # from [2...-1] to get rid of the #{ & trailing }.
           if child_node.type == :begin
             code = child_node.
-                location.
-                expression.
-                source_buffer.
-                source[child_node.location.begin.begin_pos...child_node.location.end.end_pos]
+              location.
+              expression.
+              source_buffer.
+              source[child_node.location.begin.begin_pos...child_node.location.end.end_pos]
             code = code[2...-1]
             new_content += "((#{ code }).to_s)"
 
-          # For interpolations that use class, instance, or global variables,
-          # those are NOT within a begin block, but instead are a ivar, cvar,
-          # or gvar node, not stripping of interpolation markers required.
+            # For interpolations that use class, instance, or global variables,
+            # those are NOT within a begin block, but instead are a ivar, cvar,
+            # or gvar node, not stripping of interpolation markers required.
           elsif VARIABLES.include?(child_node.type)
             variable = child_node.children.first
             new_content << "((#{ variable }).to_s)"
 
-          # When interpolation includes strings before or after an
-          # interpolation they are simple :str nodes, in order to preserve
-          # escaping we need to do a dump of the string value.
+            # When interpolation includes strings before or after an
+            # interpolation they are simple :str nodes, in order to preserve
+            # escaping we need to do a dump of the string value.
           elsif child_node.type == :str
             literal_value = child_node.children.first
             literal_value = literal_value.dump[1...-1]
             new_content <<  "\"#{ literal_value }\""
           end
-          new_content << ' + ' unless index == node.children.length - 1
+          new_content << ' + ' unless idx == node.children.length - 1
+          idx += 1
         end
         new_content << ')'
         if node.location.cs__respond_to?(:heredoc_body)

data/lib/contrast/utils/string_utils.rb

@@ -1,14 +1,13 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 
 module Contrast
   module Utils
     # Utilities for encoding and normalizing strings
     class StringUtils
-      include Contrast::Components::Interface
-      access_component :logging
+      include Contrast::Components::Logger::InstanceMethods
 
       UTF8 = 'utf-8'
       HTTP_PREFIX = 'HTTP_'

data/lib/contrast/utils/tag_util.rb

@@ -7,8 +7,10 @@ module Contrast
     class TagUtil
       class << self
         # Determine if the given array of tags is covered by the other
-        # remaining_ranges: the tags left that haven't been covered by those given
-        # ranges: the tags that are covering the first
+        #
+        # @param remaining_ranges [Array<Contrast::Agent::Assess::Tag>] the tags left that haven't been covered by
+        #   those given
+        # @param ranges Array<Contrast::Agent::Assess::Tag> the tags that are covering the first
         def covered? remaining_ranges, ranges
           return true unless remaining_ranges&.any?
 
@@ -74,14 +76,14 @@ module Contrast
 
         # Given a collection of tags, merge any tags that are continuous
         #
-        # If tags is a hash, it should be in the format label => [tags]
-        # The array of tags will each be merged
+        # If tags is a hash, it should be in the format label => [tags]. The array of tags will each be merged
+        # If tags is an array in the format [tags], the array will be merged
         #
-        # If tags is an array in the format [tags], the array will be
-        # merged
+        # The original object is returned, although setters should not be necessary since tags is a collection in
+        # either case
         #
-        # The original object is returned, although setters should not be
-        # necessary since tags is a collection in either case
+        # @param tags [Hash{String => Array<Contrast::Agent::Assess::Tag>}, Array<Contrast::Agent::Assess::Tag>]
+        # @return [Hash{String => Array<Contrast::Agent::Assess::Tag>}, Array<Contrast::Agent::Assess::Tag>]
         def merge_tags tags
           if tags.is_a?(Hash)
             tags.each_value { |value| smallerize(value) }
@@ -90,6 +92,12 @@ module Contrast
           end
         end
 
+        # Merge the given set of tags such that any overlap combines. For any tag which extends beyond the size of the
+        # target_object, the end will be updated to the target_object's length.
+        #
+        # @param target_object [Object] the thing to which the tags apply
+        # @param tags [Hash{String => Array<Contrast::Agent::Assess::Tag>}, Array<Contrast::Agent::Assess::Tag>]
+        # @return [Hash{String => Array<Contrast::Agent::Assess::Tag>}, Array<Contrast::Agent::Assess::Tag>]
         def size_aware_merge target_object, tags
           max_size = target_object.to_s.length
           tags = merge_tags(tags)
@@ -100,14 +108,12 @@ module Contrast
 
         private
 
-        # Add one new element to the given array
+        # Add one new element to the given array. The addition is done such that the new entry is inserted so that the
+        # range they cover is in order. Any overlapping ranges are merged before returning.
         #
-        # The addition is done such that the new entry(ies)
-        # are inserted so that the range they cover is in order
-        # Any overlapping ranges are merged before returning
-        #
-        # arr: the array to which the element is added
-        # new_element: the element to be added to the array
+        # @param arr [Array<Contrast::Agent::Assess::Tag>]
+        # @param new_element []Contrast::Agent::Assess::Tag]
+        # @return [Array<Contrast::Agent::Assess::Tag>]
         def single_ordered_merge arr, new_element
           idx = 0
           arr.each do |existing|
@@ -122,10 +128,11 @@ module Contrast
           arr.insert(idx, new_element)
         end
 
-        # Given an arry of tags, merge any that overlap
-        # The tag that was higher up is removed from the
-        # list of tags.
-        # ranges like [0-3][3-6]-6-9] that should become [0-9]
+        # Given an arry of tags, merge any that overlap. The tag that was higher up is removed from the list of tags.
+        # ranges like [0-3][3-6]-6-9] become [0-9]
+        #
+        # @param tags [Array<Contrast::Agent::Assess::Tag>]
+        # @return [Array<Contrast::Agent::Assess::Tag>]
         def smallerize tags
           smallered = []
           curr = nil

data/lib/contrast.rb

@@ -4,10 +4,6 @@
 # Used to prevent deprecation warnings from flooding stdout
 ENV['PB_IGNORE_DEPRECATIONS'] = 'true'
 
-# Top-level namespace for Contrast Security agent
-module Contrast
-end
-
 # Some developers override various methods on Object, which can often involve
 # changing expected method parity/behavior which in turn prevents us from being
 # able to reliably use affected methods.
@@ -38,22 +34,36 @@ if RUBY_VERSION >= '3.0.0'
   end
 end
 
-# component interface for class creation
-# config gets built as a consequence of this require
-require 'contrast/components/interface'
+require 'contrast/components/agent'
+require 'contrast/components/app_context'
+require 'contrast/components/assess'
+require 'contrast/components/config'
+require 'contrast/components/contrast_service'
+require 'contrast/components/inventory'
+require 'contrast/components/logger'
+require 'contrast/components/protect'
+require 'contrast/components/sampling'
+require 'contrast/components/scope'
+require 'contrast/components/settings'
+
+module Contrast
+  SCOPE = Contrast::Components::Scope::Interface.new
+  CONFIG = Contrast::Components::Config::Interface.new
+  SETTINGS = Contrast::Components::Settings::Interface.new
+  ASSESS = Contrast::Components::Assess::Interface.new
+  PROTECT = Contrast::Components::Protect::Interface.new
+  INVENTORY = Contrast::Components::Inventory::Interface.new
+  LOGGER = Contrast::Components::Logger::Interface.new
+  AGENT = Contrast::Components::Agent::Interface.new
+  CONTRAST_SERVICE = Contrast::Components::ContrastService::Interface.new
+  APP_CONTEXT = Contrast::Components::AppContext::Interface.new
+end
 
 # This needs to be required very early, after component interfaces, and before instrumentation attempts
 require 'contrast/funchook/funchook'
 
-# shared configuration support
-require 'contrast/config'
-require 'contrast/configuration'
-
 require 'contrast/agent/version'
 
-# errors and exceptions
-require 'contrast/security_exception'
-
 # shared utils
 require 'contrast/utils/timer'
 require 'contrast/utils/preflight_util'

data/resources/assess/policy.json

@@ -34,6 +34,23 @@
       "type": "BODY",
       "tags":["NO_NEWLINES", "CROSS_SITE"]
     }, {
+      "class_name":"ActionDispatch::Request",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name": "body",
+      "source": "P0",
+      "target": "R",
+      "type": "BODY",
+      "tags":["NO_NEWLINES", "CROSS_SITE"]
+    },  {
+      "class_name":"ActionDispatch::Cookies::CookieJar",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name": "[]",
+      "target": "R",
+      "type": "COOKIE",
+      "tags":["NO_NEWLINES", "CROSS_SITE"]
+    },  {
       "class_name":"Rack::Request::Helpers",
       "instance_method": true,
       "method_visibility": "public",
@@ -129,10 +146,45 @@
       "target":"R",
       "type":"PARAMETER",
       "tags":["CROSS_SITE"]
+    }, {
+      "class_name":"Grape::Env",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name":"[]",
+      "source": "P0",
+      "target":"R",
+      "type":"HEADER",
+      "tags":["CROSS_SITE"]
+    }, {
+      "class_name":"Grape::Request",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name":"headers",
+      "source": "P0",
+      "target":"R",
+      "type":"HEADER",
+      "tags":["NO_NEWLINES", "CROSS_SITE"]
+    }, {
+      "class_name":"Grape::Request",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name":"body",
+      "target":"R",
+      "type":"BODY",
+      "tags":["CROSS_SITE"]
+    }, {
+      "class_name":"Grape::Validations::Base",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name":"validate!",
+      "source": "P0",
+      "target":"R",
+      "type":"PARAMETER",
+      "tags":["CROSS_SITE"]
     }
   ],
   "propagators":[
-    {
+     {
       "class_name":"String",
       "instance_method": true,
       "method_visibility": "public",
@@ -140,7 +192,7 @@
       "source":"O",
       "target":"R",
       "action":"KEEP"
-    },     {
+    }, {
       "class_name": "String",
       "instance_method": true,
       "method_visibility": "public",
@@ -722,6 +774,24 @@
       "patch_method": "select_tagger",
       "source": "O",
       "target": "R"
+    },{
+      "class_name":"CGI::Util",
+      "method_name":"unescape",
+      "instance_method": true,
+      "method_visibility": "public",
+      "source":"P0",
+      "target":"R",
+      "action":"SPLAT",
+      "tags":[],
+      "untags":[]
+    }, {
+      "class_name":"StringIO",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name": "read",
+      "source": "O",
+      "target": "R",
+      "action": "SPLAT"
     }, {
       "class_name":"CGI::Util",
       "method_name":"escapeHTML",
@@ -742,6 +812,16 @@
       "action":"SPLAT",
       "tags":["HTML_ENCODED"],
       "untags":["HTML_DECODED"]
+    }, {
+      "class_name":"Rack::Utils",
+      "method_name":"escape_html",
+      "instance_method": false,
+      "method_visibility": "public",
+      "source":"P0",
+      "target":"R",
+      "action":"SPLAT",
+      "tags":["HTML_ENCODED"],
+      "untags":["HTML_DECODED"]
     }, {
       "class_name":"CGI::Util",
       "method_name":"h",
@@ -1026,6 +1106,61 @@
        "action": "CUSTOM",
        "patch_class": "ERBPropagator",
        "patch_method": "result_tagger"
+    },
+    {
+      "class_name": "ActionView::Helpers::SanitizeHelper",
+      "method_name": "sanitize",
+      "method_visibility": "public",
+      "instance_method": true,
+      "source": "P0",
+      "target": "R",
+      "action": "REMOVE",
+      "tags":["HTML_ENCODED"],
+      "untags":["HTML_DECODED"]
+    },
+    {
+      "class_name": "ActionView::Helpers::SanitizeHelper",
+      "method_name": "strip_tags",
+      "method_visibility": "public",
+      "instance_method": true,
+      "source": "P0",
+      "target": "R",
+      "action": "REMOVE",
+      "tags":["HTML_ENCODED"],
+      "untags":["HTML_DECODED"]
+    },
+    {
+      "class_name": "Rack::Protection::EscapedParams",
+      "method_name": "escape_string",
+      "method_visibility": "public",
+      "instance_method": true,
+      "source": "P0",
+      "target": "R",
+      "action": "CUSTOM",
+      "patch_class": "Contrast::Agent::Assess::Policy::Propagator::RackProtection",
+      "patch_method": "escaped_params"
+    },
+    {
+      "class_name": "Rails::Html::FullSanitizer",
+      "method_name": "sanitize",
+      "method_visibility": "public",
+      "instance_method": true,
+      "source": "P0",
+      "target": "R",
+      "action": "REMOVE",
+      "tags":["HTML_ENCODED"],
+      "untags":["HTML_DECODED"]
+    },
+    {
+      "class_name": "Rails::Html::SafeListSanitizer",
+      "method_name": "sanitize",
+      "method_visibility": "public",
+      "instance_method": true,
+      "source": "P0",
+      "target": "R",
+      "action": "REMOVE",
+      "tags":["HTML_ENCODED"],
+      "untags":["HTML_DECODED"]
     }
   ],
   "rules":[
@@ -1232,6 +1367,18 @@
           "instance_method": true,
           "method_visibility": "public",
           "source":"P0"
+        }, {
+          "class_name":"Rack::Response",
+          "method_name":"body=",
+          "instance_method": true,
+          "method_visibility": "public",
+          "source":"P0"
+        }, {
+          "class_name":"Rack::Response",
+          "method_name":"write",
+          "instance_method": true,
+          "method_visibility": "public",
+          "source":"P0"
         }, {
           "class_name":"Sinatra::Helpers",
           "method_name":"body",
@@ -1292,12 +1439,108 @@
           "method_visibility": "public",
           "method_name":"async_exec",
           "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::Relation::Calculations",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"calculate",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::FinderMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"exists?",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::FinderMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"find_by",
+          "source":"P0"
         }, {
           "class_name":"ActiveRecord::Querying",
           "instance_method": false,
           "method_visibility": "public",
           "method_name":"select",
           "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"from",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"group",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"having",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"joins",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"lock",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"select",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"reselect",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"where",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"rewhere",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::QueryMethods::WhereChain",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"not",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::Relation",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"delete_by",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::Relation",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"destroy_by",
+          "source":"P0"
+        }, {
+          "class_name":"ActiveRecord::Relation",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name":"update_all",
+          "source":"P0"
         }
       ]
     }, {
@@ -1630,6 +1873,13 @@
           "method_visibility": "public",
           "method_name": "redirect_to",
           "source": "P0"
+        },
+        {
+          "class_name": "Grape::DSL::InsideRoute",
+          "instance_method": true,
+          "method_visibility": "public",
+          "method_name": "redirect",
+          "source": "P0"
         }
       ]
     }, {