RubyGems - contrast-agent - Versions diffs - 4.8.0 → 4.9.0 - Mend

contrast-agent 4.8.0 → 4.9.0

Files changed (118) hide show

checksums.yaml +4 -4
data/.gitignore +6 -1
data/.simplecov +1 -0
data/lib/contrast.rb +24 -14
data/lib/contrast/agent/assess/contrast_event.rb +1 -4
data/lib/contrast/agent/assess/finalizers/hash.rb +2 -4
data/lib/contrast/agent/assess/policy/patcher.rb +6 -4
data/lib/contrast/agent/assess/policy/policy.rb +1 -1
data/lib/contrast/agent/assess/policy/policy_scanner.rb +3 -5
data/lib/contrast/agent/assess/policy/preshift.rb +4 -4
data/lib/contrast/agent/assess/policy/propagation_method.rb +4 -4
data/lib/contrast/agent/assess/policy/propagator/database_write.rb +3 -6
data/lib/contrast/agent/assess/policy/propagator/split.rb +9 -6
data/lib/contrast/agent/assess/policy/propagator/substitution.rb +2 -3
data/lib/contrast/agent/assess/policy/rewriter_patch.rb +7 -7
data/lib/contrast/agent/assess/policy/source_method.rb +6 -6
data/lib/contrast/agent/assess/policy/trigger/xpath.rb +0 -3
data/lib/contrast/agent/assess/policy/trigger_method.rb +2 -3
data/lib/contrast/agent/assess/policy/trigger_node.rb +1 -1
data/lib/contrast/agent/assess/rule/provider/hardcoded_value_rule.rb +4 -4
data/lib/contrast/agent/at_exit_hook.rb +3 -3
data/lib/contrast/agent/class_reopener.rb +6 -5
data/lib/contrast/agent/disable_reaction.rb +3 -4
data/lib/contrast/agent/exclusion_matcher.rb +2 -3
data/lib/contrast/agent/inventory/dependency_analysis.rb +2 -6
data/lib/contrast/agent/inventory/dependency_usage_analysis.rb +3 -5
data/lib/contrast/agent/inventory/policy/datastores.rb +3 -4
data/lib/contrast/agent/inventory/policy/policy.rb +1 -1
data/lib/contrast/agent/middleware.rb +14 -13
data/lib/contrast/agent/patching/policy/after_load_patch.rb +3 -3
data/lib/contrast/agent/patching/policy/after_load_patcher.rb +3 -4
data/lib/contrast/agent/patching/policy/patch.rb +8 -8
data/lib/contrast/agent/patching/policy/patcher.rb +6 -6
data/lib/contrast/agent/patching/policy/policy.rb +2 -4
data/lib/contrast/agent/patching/policy/policy_node.rb +2 -3
data/lib/contrast/agent/protect/policy/policy.rb +1 -1
data/lib/contrast/agent/protect/policy/rule_applicator.rb +3 -5
data/lib/contrast/agent/protect/rule/base.rb +10 -10
data/lib/contrast/agent/protect/rule/cmd_injection.rb +4 -5
data/lib/contrast/agent/protect/rule/path_traversal.rb +1 -5
data/lib/contrast/agent/reaction_processor.rb +2 -3
data/lib/contrast/agent/request.rb +4 -3
data/lib/contrast/agent/request_context.rb +9 -9
data/lib/contrast/agent/request_handler.rb +5 -3
data/lib/contrast/agent/response.rb +2 -3
data/lib/contrast/agent/rewriter.rb +4 -3
data/lib/contrast/agent/rule_set.rb +5 -4
data/lib/contrast/agent/service_heartbeat.rb +2 -3
data/lib/contrast/agent/static_analysis.rb +6 -5
data/lib/contrast/agent/thread.rb +2 -4
data/lib/contrast/agent/thread_watcher.rb +3 -4
data/lib/contrast/agent/tracepoint_hook.rb +4 -4
data/lib/contrast/agent/version.rb +1 -1
data/lib/contrast/api/communication/messaging_queue.rb +4 -5
data/lib/contrast/api/communication/response_processor.rb +11 -11
data/lib/contrast/api/communication/service_lifecycle.rb +5 -4
data/lib/contrast/api/communication/socket_client.rb +18 -14
data/lib/contrast/api/communication/speedracer.rb +5 -6
data/lib/contrast/api/decorators/address.rb +2 -3
data/lib/contrast/api/decorators/agent_startup.rb +7 -9
data/lib/contrast/api/decorators/application_startup.rb +8 -10
data/lib/contrast/api/decorators/application_update.rb +0 -4
data/lib/contrast/api/decorators/http_request.rb +3 -7
data/lib/contrast/api/decorators/instrumentation_mode.rb +3 -5
data/lib/contrast/api/decorators/message.rb +7 -7
data/lib/contrast/api/decorators/trace_event_object.rb +2 -3
data/lib/contrast/components/agent.rb +10 -15
data/lib/contrast/components/app_context.rb +7 -11
data/lib/contrast/components/assess.rb +16 -16
data/lib/contrast/components/base.rb +40 -0
data/lib/contrast/components/config.rb +0 -2
data/lib/contrast/components/contrast_service.rb +6 -11
data/lib/contrast/components/heap_dump.rb +5 -4
data/lib/contrast/components/inventory.rb +2 -7
data/lib/contrast/components/logger.rb +1 -2
data/lib/contrast/components/protect.rb +10 -13
data/lib/contrast/components/sampling.rb +5 -5
data/lib/contrast/components/scope.rb +0 -4
data/lib/contrast/components/settings.rb +1 -5
data/lib/contrast/configuration.rb +3 -4
data/lib/contrast/extension/assess/array.rb +2 -4
data/lib/contrast/extension/assess/eval_trigger.rb +2 -3
data/lib/contrast/extension/assess/fiber.rb +6 -5
data/lib/contrast/extension/assess/hash.rb +3 -3
data/lib/contrast/extension/assess/kernel.rb +2 -4
data/lib/contrast/extension/assess/marshal.rb +4 -4
data/lib/contrast/extension/assess/regexp.rb +5 -4
data/lib/contrast/extension/assess/string.rb +6 -6
data/lib/contrast/extension/kernel.rb +2 -4
data/lib/contrast/extension/protect/kernel.rb +0 -5
data/lib/contrast/framework/manager.rb +2 -3
data/lib/contrast/framework/rack/patch/session_cookie.rb +6 -6
data/lib/contrast/framework/rails/patch/assess_configuration.rb +5 -7
data/lib/contrast/framework/rails/patch/support.rb +40 -36
data/lib/contrast/framework/rails/railtie.rb +8 -6
data/lib/contrast/framework/rails/rewrite/active_record_named.rb +3 -4
data/lib/contrast/funchook/funchook.rb +4 -3
data/lib/contrast/logger/application.rb +1 -6
data/lib/contrast/logger/log.rb +22 -6
data/lib/contrast/logger/request.rb +0 -4
data/lib/contrast/tasks/service.rb +1 -6
data/lib/contrast/utils/assess/sampling_util.rb +2 -3
data/lib/contrast/utils/assess/tracking_util.rb +2 -4
data/lib/contrast/utils/heap_dump_util.rb +5 -3
data/lib/contrast/utils/invalid_configuration_util.rb +4 -3
data/lib/contrast/utils/inventory_util.rb +2 -3
data/lib/contrast/utils/io_util.rb +2 -4
data/lib/contrast/utils/job_servers_running.rb +4 -3
data/lib/contrast/utils/os.rb +2 -3
data/lib/contrast/utils/string_utils.rb +2 -3
data/lib/contrast/utils/tag_util.rb +25 -19
data/ruby-agent.gemspec +4 -2
data/service_executables/VERSION +1 -1
data/service_executables/linux/contrast-service +0 -0
data/service_executables/mac/contrast-service +0 -0
metadata +28 -15
data/lib/contrast/components/interface.rb +0 -196
data/lib/contrast/delegators/input_analysis.rb +0 -12

data/lib/contrast/agent/patching/policy/patcher.rb CHANGED Viewed

@@ -7,7 +7,8 @@ require 'monitor'
 require 'contrast/agent/patching/policy/patch_status'
 require 'contrast/agent/patching/policy/method_policy'
 require 'contrast/agent/patching/policy/module_policy'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 require 'contrast/utils/class_util'
 # assess
@@ -43,9 +44,8 @@ module Contrast
         # and how.
         module Patcher
           extend Contrast::Agent::Patching::Policy::AfterLoadPatcher
-          include Contrast::Components::Interface
-          access_component :agent, :analysis, :logging, :scope
+          extend Contrast::Components::Logger::InstanceMethods
+          extend Contrast::Components::Scope::InstanceMethods
           class << self
             # Hook to install the Contrast changes needed to allow for the
@@ -82,7 +82,7 @@ module Contrast
               with_contrast_scope do
                 mod_name = mod.cs__name
                 return unless Contrast::Utils::ClassUtil.truly_defined?(mod_name)
-                return if AGENT.skip_instrumentation?(mod_name)
+                return if ::Contrast::AGENT.skip_instrumentation?(mod_name)
                 load_patches_for_module(mod_name)
@@ -156,7 +156,7 @@ module Contrast
               logger.trace_with_time('Running patching') do
                 patched = []
                 all_module_names.each do |patchable_name|
-                  next if AGENT.skip_instrumentation?(patchable_name)
+                  next if ::Contrast::AGENT.skip_instrumentation?(patchable_name)
                   patchable_mod = patchable(patchable_name)
                   next unless patchable_mod

data/lib/contrast/agent/patching/policy/policy.rb CHANGED Viewed

@@ -5,7 +5,7 @@ require 'json'
 require 'singleton'
 require 'contrast'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 require 'contrast/agent/patching/policy/module_policy'
 require 'contrast/agent/patching/policy/method_policy'
@@ -19,7 +19,7 @@ module Contrast
         # @abstract
         class Policy
           include Singleton
-          include Contrast::Components::Interface
+          include Contrast::Components::Logger::InstanceMethods
           # Indicates the folder in `resources` where this policy lives.
           def self.policy_folder
@@ -36,8 +36,6 @@ module Contrast
             raise(NoMethodError, 'specify the concrete node type for this poilcy')
           end
-          access_component :analysis, :logging
           attr_reader :sources, :propagators, :triggers, :providers
           SOURCES_KEY =          'sources'

data/lib/contrast/agent/patching/policy/policy_node.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
-require 'contrast/components/interface'
+require 'contrast/components/scope'
 module Contrast
   module Agent
@@ -12,8 +12,7 @@ module Contrast
         #
         # @abstract
         class PolicyNode
-          include Contrast::Components::Interface
-          access_component :analysis, :scope
+          include Contrast::Components::Scope::InstanceMethods
           attr_accessor :class_name, :instance_method, :method_name, :method_visibility
           attr_reader :properties, :method_scope

data/lib/contrast/agent/protect/policy/policy.rb CHANGED Viewed

@@ -24,7 +24,7 @@ module Contrast
           end
           def disabled_globally?
-            PROTECT.forcibly_disabled?
+            ::Contrast::PROTECT.forcibly_disabled?
           end
           def node_type

data/lib/contrast/agent/protect/policy/rule_applicator.rb CHANGED Viewed

@@ -1,7 +1,7 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 module Contrast
   module Agent
@@ -11,9 +11,7 @@ module Contrast
         # form of the Applicator, which will override specific implementations
         # in order to properly invoke its Rule.
         module RuleApplicator
-          include Contrast::Components::Interface
-          access_component :analysis, :logging
+          include Contrast::Components::Logger::InstanceMethods
           # Calls the actual invocation for this applicator, if required. Will
           # attempt to transform the data as required prior to invocation and
@@ -82,7 +80,7 @@ module Contrast
           #
           # @return [Contrast::Agent::Protect::Rule::Base]
           def rule
-            PROTECT.rule rule_name
+            ::Contrast::PROTECT.rule rule_name
           end
           # Should we skip analysis for this rule for this method invocation?

data/lib/contrast/agent/protect/rule/base.rb CHANGED Viewed

@@ -1,7 +1,8 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 module Contrast
   module Agent
@@ -12,9 +13,8 @@ module Contrast
         #
         # @abstract Subclass and override {#prefilter}, {#infilter}, {#find_attacker}, {#postfilter} to implement
         class Base
-          include Contrast::Components::Interface
-          access_component :agent, :analysis, :logging, :scope, :settings
+          include Contrast::Components::Logger::InstanceMethods
+          include Contrast::Components::Scope::InstanceMethods
           UNKNOWN_USER_INPUT = Contrast::Api::Dtm::UserInput.new.tap do |user_input|
             user_input.input_type = :UNKNOWN
@@ -37,7 +37,7 @@ module Contrast
           attr_reader :mode
           def initialize
-            PROTECT.rules[rule_name] = self
+            ::Contrast::PROTECT.rules[rule_name] = self
             @mode = mode_from_settings
           end
@@ -48,11 +48,11 @@ module Contrast
           def enabled?
             # 1. it is not enabled because protect is not enabled
-            return false unless AGENT.enabled?
-            return false unless PROTECT.enabled?
+            return false unless ::Contrast::AGENT.enabled?
+            return false unless ::Contrast::PROTECT.enabled?
             # 2. it is not enabled because it is in the list of disabled protect rules
-            return false if PROTECT.rule_config&.disabled_rules&.include?(rule_name)
+            return false if ::Contrast::PROTECT.rule_config&.disabled_rules&.include?(rule_name)
             # 3. it is enabled so long as its mode is not NO_ACTION
             @mode != Contrast::Api::Settings::ProtectionRule::Mode::NO_ACTION
@@ -176,7 +176,7 @@ module Contrast
           protected
           def mode_from_settings
-            PROTECT.rule_mode(rule_name).tap do |mode|
+            ::Contrast::PROTECT.rule_mode(rule_name).tap do |mode|
               logger.trace('Retrieving rule mode', rule: rule_name, mode: mode)
             end
           end
@@ -191,7 +191,7 @@ module Contrast
           # @return [Boolean] if an exclusion was applicable to this request
           #   for this rule
           def protect_excluded_by_code?
-            exclusions = SETTINGS.code_exclusions
+            exclusions = ::Contrast::SETTINGS.code_exclusions
             return false unless exclusions
             for_rule = exclusions.select { |ex| ex.protection_rule?(rule_name) }

data/lib/contrast/agent/protect/rule/cmd_injection.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 require 'contrast/agent/protect/rule/base_service'
 require 'contrast/utils/stack_trace_utils'
 require 'contrast/utils/object_share'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 module Contrast
   module Agent
@@ -12,8 +12,7 @@ module Contrast
       module Rule
         # The Ruby implementation of the Protect Command Injection rule.
         class CmdInjection < Contrast::Agent::Protect::Rule::BaseService
-          include Contrast::Components::Interface
-          access_component :app_context, :logging
+          include Contrast::Components::Logger::InstanceMethods
           NAME = 'cmd-injection'
           CHAINED_COMMAND_CHARS = /[;&|<>]/.cs__freeze
@@ -28,7 +27,7 @@ module Contrast
             ia_results = gather_ia_results(context)
             return if ia_results.empty?
-            if APP_CONTEXT.in_new_process?
+            if ::Contrast::APP_CONTEXT.in_new_process?
               logger.trace('Running cmd-injection infilter within new process - creating new context')
               context = Contrast::Agent::RequestContext.new(context.request.rack_request)
               Contrast::Agent::REQUEST_TRACKER.update_current_context(context)
@@ -124,7 +123,7 @@ module Contrast
           # @return [Boolean] if the agent should report all command
           #   executions.
           def report_any_command_execution?
-            PROTECT.report_any_command_execution?
+            ::Contrast::PROTECT.report_any_command_execution?
           end
         end
       end

data/lib/contrast/agent/protect/rule/path_traversal.rb CHANGED Viewed

@@ -2,7 +2,6 @@
 # frozen_string_literal: true
 require 'contrast/agent/protect/rule/base_service'
-require 'contrast/components/interface'
 require 'contrast/utils/stack_trace_utils'
 module Contrast
@@ -12,9 +11,6 @@ module Contrast
         # This class handles our implementation of the Path Traversal
         # Protect rule.
         class PathTraversal < Contrast::Agent::Protect::Rule::BaseService
-          include Contrast::Components::Interface
-          access_component :agent, :analysis
           NAME = 'path-traversal'
           SYSTEM_PATHS = %w[
             /proc/self
@@ -96,7 +92,7 @@ module Contrast
           end
           def custom_code_access_sysfile_enabled?
-            PROTECT.report_custom_code_sysfile_access?
+            ::Contrast::PROTECT.report_custom_code_sysfile_access?
           end
           def custom_code_accessing_system_file? input

data/lib/contrast/agent/reaction_processor.rb CHANGED Viewed

@@ -2,7 +2,7 @@
 # frozen_string_literal: true
 require 'contrast/agent/disable_reaction'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 module Contrast
   module Agent
@@ -10,8 +10,7 @@ module Contrast
     # from the Agent/Service, we must provide a mechanism for the TeamServer to direct the Agent to take a specific
     # action. This action is referred to as a Reaction. This class is how we handle those Reaction messages.
     class ReactionProcessor
-      include Contrast::Components::Interface
-      access_component :logging
+      extend Contrast::Components::Logger::InstanceMethods
       # Process the given Reactions from the application settings based on what
       # TeamServer has indicated. Each Reaction will result in a log message

data/lib/contrast/agent/request.rb CHANGED Viewed

@@ -7,7 +7,8 @@ require 'timeout'
 require 'contrast/utils/object_share'
 require 'contrast/utils/string_utils'
 require 'contrast/utils/hash_digest'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 module Contrast
   module Agent
@@ -16,8 +17,8 @@ module Contrast
     # data in a format that the Agent expects, caching those transformations in
     # order to avoid repeatedly creating Strings & thrashing GC.
     class Request
-      include Contrast::Components::Interface
-      access_component :agent, :logging, :scope
+      include Contrast::Components::Logger::InstanceMethods
+      include Contrast::Components::Scope::InstanceMethods
       extend Forwardable

data/lib/contrast/agent/request_context.rb CHANGED Viewed

@@ -5,8 +5,8 @@ require 'contrast/utils/timer'
 require 'contrast/agent/request'
 require 'contrast/agent/response'
 require 'contrast/utils/inventory_util'
-require 'contrast/components/interface'
-require 'contrast/delegators/input_analysis'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 module Contrast
   module Agent
@@ -26,8 +26,8 @@ module Contrast
     # @attr_reader route [Contrast::Api::Dtm::RouteCoverage] the route, used for findings, of this request
     # @attr_reader observed_route [Contrast::Api::Dtm::ObservedRoute] the route, used for coverage, of this request
     class RequestContext
-      include Contrast::Components::Interface
-      access_component :agent, :analysis, :logging, :scope
+      include Contrast::Components::Logger::InstanceMethods
+      include Contrast::Components::Scope::InstanceMethods
       EMPTY_INPUT_ANALYSIS_PB = Contrast::Api::Settings::InputAnalysis.new
@@ -63,11 +63,11 @@ module Contrast
           @sample = true
-          if ASSESS.enabled?
+          if ::Contrast::ASSESS.enabled?
             @sample_request, @sample_response = Contrast::Utils::Assess::SamplingUtil.instance.sample?(@request)
           end
-          @sample_response &&= ASSESS.scan_response?
+          @sample_response &&= ::Contrast::ASSESS.scan_response?
           append_route_coverage(Contrast::Agent.framework_manager.get_route_dtm(@request))
         end
@@ -120,8 +120,8 @@ module Contrast
       end
       def service_extract_request
-        return false unless AGENT.enabled?
-        return false unless PROTECT.enabled?
+        return false unless ::Contrast::AGENT.enabled?
+        return false unless ::Contrast::PROTECT.enabled?
         return false if @do_not_track
         service_response = Contrast::Agent.messaging_queue.send_event_immediately(@activity.http_request)
@@ -201,7 +201,7 @@ module Contrast
         attack_results_by_rule = {}
         agent_settings.input_analysis.results.each do |ia_result|
           rule_id = ia_result.rule_id
-          rule = PROTECT.rule(rule_id)
+          rule = ::Contrast::PROTECT.rule(rule_id)
           next unless rule
           logger.debug('Building attack result from Contrast Service input analysis result', result: ia_result.inspect)

data/lib/contrast/agent/request_handler.rb CHANGED Viewed

@@ -1,20 +1,22 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 module Contrast
   module Agent
     # This class is instantiated when we receive a request and the agent is enabled to process
     # that request. It holds the ruleset that we perform filtering operations on (currently
     # prefilter and postfilter).
     class RequestHandler
-      include Contrast::Components::Interface
-      access_component :agent, :logging, :scope
+      include Contrast::Components::Logger::InstanceMethods
       attr_reader :ruleset, :context
       def initialize context
         @context = context
-        @ruleset = AGENT.ruleset
+        @ruleset = ::Contrast::AGENT.ruleset
       end
       def send_activity_messages

data/lib/contrast/agent/response.rb CHANGED Viewed

@@ -7,7 +7,7 @@ require 'timeout'
 require 'contrast/utils/object_share'
 require 'contrast/utils/string_utils'
 require 'contrast/utils/hash_digest'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
 module Contrast
   module Agent
@@ -16,8 +16,7 @@ module Contrast
     # data in a format that the Agent expects, caching those transformations in
     # order to avoid repeatedly creating Strings & thrashing GC.
     class Response
-      include Contrast::Components::Interface
-      access_component :logging
+      include Contrast::Components::Logger::InstanceMethods
       extend Forwardable

data/lib/contrast/agent/rewriter.rb CHANGED Viewed

@@ -7,7 +7,8 @@ return unless RUBY_VERSION < '2.6.0' # TODO: RUBY-714 remove guard w/ EOL of 2.5
 require 'contrast/agent/class_reopener'
 require 'contrast/agent/patching/policy/patch_status'
-require 'contrast/components/interface'
+require 'contrast/components/logger'
+require 'contrast/components/scope'
 require 'contrast/utils/ruby_ast_rewriter'
 module Contrast
@@ -19,8 +20,8 @@ module Contrast
     # @deprecated Changes to this class are discouraged as this approach is
     #   being phased out with support for those language versions.
     class Rewriter
-      include Contrast::Components::Interface
-      access_component :logging, :scope
+      extend Contrast::Components::Logger::InstanceMethods
+      extend Contrast::Components::Scope::InstanceMethods
       SELF_DEFINITION = 'def self.'
       DEFINITION = 'def '

data/lib/contrast/agent/rule_set.rb CHANGED Viewed

@@ -1,13 +1,14 @@
 # Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
+require 'contrast/components/logger'
 module Contrast
   module Agent
     # This class is responsible for holding our ruleset and performing filtering operations on all
     # rules when asked by the middleware.
     class RuleSet < Set
-      include Contrast::Components::Interface
-      access_component :analysis, :logging
+      include Contrast::Components::Logger::InstanceMethods
       # The filtering that needs to happen before the application gets access to the request object.
       # The main action here is snapshotting the request as provided to the application from the
@@ -16,7 +17,7 @@ module Contrast
       def prefilter
         context = Contrast::Agent::REQUEST_TRACKER.current
         # TODO: RUBY-801 We shouldn't be responsible for knowing what modes are enabled
-        return unless context&.analyze_request? || PROTECT.enabled?
+        return unless context&.analyze_request? || ::Contrast::PROTECT.enabled?
         logger.trace_with_time('Running prefilter...') do
           map { |rule| rule.prefilter(context) }
@@ -33,7 +34,7 @@ module Contrast
       def postfilter
         context = Contrast::Agent::REQUEST_TRACKER.current
         # TODO: RUBY-801 We shouldn't be responsible for knowing what modes are enabled
-        return unless context&.analyze_response? || PROTECT.enabled?
+        return unless context&.analyze_response? || ::Contrast::PROTECT.enabled?
         logger.trace_with_time('Running postfilter...') do
           map { |rule| rule.postfilter(context) }