contrast-agent 5.3.0 → 6.0.0

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 5.3.0
+  version: 6.0.0
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-03-03 00:00:00.000000000 Z
+date: 2022-04-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -161,42 +161,42 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.22.3
+        version: 1.26.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.22.3
+        version: 1.26.1
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.12.0
+        version: 1.13.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.12.0
+        version: 1.13.3
 - !ruby/object:Gem::Dependency
   name: rubocop-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.12.4
+        version: 2.14.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.12.4
+        version: 2.14.2
 - !ruby/object:Gem::Dependency
   name: rubocop-rake
   requirement: !ruby/object:Gem::Requirement
@@ -217,14 +217,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.6.0
+        version: 2.9.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.6.0
+        version: 2.9.0
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement
@@ -277,16 +277,16 @@ dependencies:
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.0.3.5
+        version: '7'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - '='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.0.3.5
+        version: '7'
 - !ruby/object:Gem::Dependency
   name: sinatra
   requirement: !ruby/object:Gem::Requirement
@@ -399,6 +399,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: benchmark-memory
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: climate_control
   requirement: !ruby/object:Gem::Requirement
@@ -617,20 +631,20 @@ executables:
 - contrast_service
 extensions:
 - ext/cs__common/extconf.rb
-- ext/cs__os_information/extconf.rb
 - ext/cs__assess_basic_object/extconf.rb
-- ext/cs__assess_kernel/extconf.rb
-- ext/cs__assess_hash/extconf.rb
-- ext/cs__assess_yield_track/extconf.rb
-- ext/cs__assess_fiber_track/extconf.rb
-- ext/cs__assess_regexp/extconf.rb
-- ext/cs__assess_string/extconf.rb
 - ext/cs__assess_array/extconf.rb
+- ext/cs__assess_string_interpolation26/extconf.rb
 - ext/cs__contrast_patch/extconf.rb
+- ext/cs__assess_fiber_track/extconf.rb
+- ext/cs__assess_marshal_module/extconf.rb
+- ext/cs__os_information/extconf.rb
+- ext/cs__assess_yield_track/extconf.rb
+- ext/cs__assess_string/extconf.rb
+- ext/cs__assess_hash/extconf.rb
 - ext/cs__scope/extconf.rb
-- ext/cs__assess_string_interpolation26/extconf.rb
+- ext/cs__assess_kernel/extconf.rb
 - ext/cs__assess_module/extconf.rb
-- ext/cs__assess_marshal_module/extconf.rb
+- ext/cs__assess_regexp/extconf.rb
 extra_rdoc_files: []
 files:
 - ".clang-format"
@@ -838,6 +852,7 @@ files:
 - lib/contrast/agent/assess/policy/patcher.rb
 - lib/contrast/agent/assess/policy/policy.rb
 - lib/contrast/agent/assess/policy/policy_node.rb
+- lib/contrast/agent/assess/policy/policy_node_utils.rb
 - lib/contrast/agent/assess/policy/policy_scanner.rb
 - lib/contrast/agent/assess/policy/preshift.rb
 - lib/contrast/agent/assess/policy/propagation_method.rb
@@ -845,6 +860,7 @@ files:
 - lib/contrast/agent/assess/policy/propagator.rb
 - lib/contrast/agent/assess/policy/propagator/append.rb
 - lib/contrast/agent/assess/policy/propagator/base.rb
+- lib/contrast/agent/assess/policy/propagator/buffer.rb
 - lib/contrast/agent/assess/policy/propagator/center.rb
 - lib/contrast/agent/assess/policy/propagator/custom.rb
 - lib/contrast/agent/assess/policy/propagator/database_write.rb
@@ -911,7 +927,6 @@ files:
 - lib/contrast/agent/inventory/policy/datastores.rb
 - lib/contrast/agent/inventory/policy/policy.rb
 - lib/contrast/agent/inventory/policy/trigger_node.rb
-- lib/contrast/agent/metric_telemetry_event.rb
 - lib/contrast/agent/middleware.rb
 - lib/contrast/agent/module_data.rb
 - lib/contrast/agent/patching/policy/after_load_patch.rb
@@ -925,6 +940,7 @@ files:
 - lib/contrast/agent/patching/policy/policy.rb
 - lib/contrast/agent/patching/policy/policy_node.rb
 - lib/contrast/agent/patching/policy/trigger_node.rb
+- lib/contrast/agent/protect/exploitable_collection.rb
 - lib/contrast/agent/protect/input_analyzer/input_analyzer.rb
 - lib/contrast/agent/protect/policy/applies_command_injection_rule.rb
 - lib/contrast/agent/protect/policy/applies_deserialization_rule.rb
@@ -939,11 +955,15 @@ files:
 - lib/contrast/agent/protect/rule/base.rb
 - lib/contrast/agent/protect/rule/base_service.rb
 - lib/contrast/agent/protect/rule/cmd_injection.rb
+- lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb
+- lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb
 - lib/contrast/agent/protect/rule/default_scanner.rb
 - lib/contrast/agent/protect/rule/deserialization.rb
 - lib/contrast/agent/protect/rule/http_method_tampering.rb
+- lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb
 - lib/contrast/agent/protect/rule/no_sqli.rb
 - lib/contrast/agent/protect/rule/no_sqli/mongo_no_sql_scanner.rb
+- lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb
 - lib/contrast/agent/protect/rule/path_traversal.rb
 - lib/contrast/agent/protect/rule/sql_sample_builder.rb
 - lib/contrast/agent/protect/rule/sqli.rb
@@ -954,17 +974,28 @@ files:
 - lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb
 - lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb
 - lib/contrast/agent/protect/rule/unsafe_file_upload.rb
+- lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb
+- lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_matcher.rb
 - lib/contrast/agent/protect/rule/xss.rb
 - lib/contrast/agent/protect/rule/xxe.rb
 - lib/contrast/agent/protect/rule/xxe/entity_wrapper.rb
 - lib/contrast/agent/reaction_processor.rb
+- lib/contrast/agent/reporting/attack_result/attack_result.rb
+- lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb
+- lib/contrast/agent/reporting/attack_result/response_type.rb
+- lib/contrast/agent/reporting/attack_result/user_input.rb
 - lib/contrast/agent/reporting/input_analysis/input_analysis.rb
 - lib/contrast/agent/reporting/input_analysis/input_analysis_result.rb
 - lib/contrast/agent/reporting/input_analysis/input_type.rb
 - lib/contrast/agent/reporting/input_analysis/score_level.rb
+- lib/contrast/agent/reporting/masker/masker.rb
+- lib/contrast/agent/reporting/masker/masker_utils.rb
 - lib/contrast/agent/reporting/report.rb
 - lib/contrast/agent/reporting/reporter.rb
+- lib/contrast/agent/reporting/reporting_events/agent_startup.rb
 - lib/contrast/agent/reporting/reporting_events/application_inventory.rb
+- lib/contrast/agent/reporting/reporting_events/application_startup.rb
+- lib/contrast/agent/reporting/reporting_events/application_startup_instrumentation.rb
 - lib/contrast/agent/reporting/reporting_events/application_update.rb
 - lib/contrast/agent/reporting/reporting_events/architecture_component.rb
 - lib/contrast/agent/reporting/reporting_events/discovered_route.rb
@@ -999,7 +1030,9 @@ files:
 - lib/contrast/agent/reporting/reporting_utilities/reporter_client_utils.rb
 - lib/contrast/agent/reporting/reporting_utilities/reporting_storage.rb
 - lib/contrast/agent/reporting/reporting_utilities/response.rb
+- lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb
 - lib/contrast/agent/reporting/reporting_utilities/response_handler.rb
+- lib/contrast/agent/reporting/reporting_utilities/response_handler_mode.rb
 - lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb
 - lib/contrast/agent/reporting/settings/application_settings.rb
 - lib/contrast/agent/reporting/settings/assess.rb
@@ -1008,6 +1041,9 @@ files:
 - lib/contrast/agent/reporting/settings/protect.rb
 - lib/contrast/agent/reporting/settings/protect_server_feature.rb
 - lib/contrast/agent/reporting/settings/reaction.rb
+- lib/contrast/agent/reporting/settings/sampling.rb
+- lib/contrast/agent/reporting/settings/sensitive_data_masking.rb
+- lib/contrast/agent/reporting/settings/sensitive_data_masking_rule.rb
 - lib/contrast/agent/reporting/settings/server_features.rb
 - lib/contrast/agent/request.rb
 - lib/contrast/agent/request_context.rb
@@ -1017,10 +1053,16 @@ files:
 - lib/contrast/agent/rule_set.rb
 - lib/contrast/agent/scope.rb
 - lib/contrast/agent/service_heartbeat.rb
-- lib/contrast/agent/startup_metrics_telemetry_event.rb
 - lib/contrast/agent/static_analysis.rb
-- lib/contrast/agent/telemetry.rb
-- lib/contrast/agent/telemetry_event.rb
+- lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_base.rb
+- lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_event.rb
+- lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message.rb
+- lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_message_exception.rb
+- lib/contrast/agent/telemetry/events/exceptions/telemetry_exception_stack_frame.rb
+- lib/contrast/agent/telemetry/events/metric_telemetry_event.rb
+- lib/contrast/agent/telemetry/events/startup_metrics_telemetry_event.rb
+- lib/contrast/agent/telemetry/events/telemetry_event.rb
+- lib/contrast/agent/telemetry/telemetry.rb
 - lib/contrast/agent/thread.rb
 - lib/contrast/agent/thread_watcher.rb
 - lib/contrast/agent/tracepoint_hook.rb
@@ -1055,6 +1097,7 @@ files:
 - lib/contrast/api/decorators/library_usage_update.rb
 - lib/contrast/api/decorators/message.rb
 - lib/contrast/api/decorators/rasp_rule_sample.rb
+- lib/contrast/api/decorators/response_type.rb
 - lib/contrast/api/decorators/route_coverage.rb
 - lib/contrast/api/decorators/server_features.rb
 - lib/contrast/api/decorators/trace_event.rb
@@ -1148,6 +1191,7 @@ files:
 - lib/contrast/security_exception.rb
 - lib/contrast/tasks/config.rb
 - lib/contrast/tasks/service.rb
+- lib/contrast/utils/assess/object_store.rb
 - lib/contrast/utils/assess/propagation_method_utils.rb
 - lib/contrast/utils/assess/property/tagged_utils.rb
 - lib/contrast/utils/assess/sampling_util.rb
@@ -1164,6 +1208,7 @@ files:
 - lib/contrast/utils/hash_digest_extend.rb
 - lib/contrast/utils/head_dump_utils_extend.rb
 - lib/contrast/utils/heap_dump_util.rb
+- lib/contrast/utils/input_classification.rb
 - lib/contrast/utils/invalid_configuration_util.rb
 - lib/contrast/utils/io_util.rb
 - lib/contrast/utils/job_servers_running.rb
@@ -1218,7 +1263,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 2.7.0
   - - "<"
     - !ruby/object:Gem::Version
       version: 3.2.0