contrast-agent 6.1.0 → 6.2.0

data/lib/contrast/logger/aliased_logging.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require 'contrast/agent/telemetry/events/exceptions/telemetry_exceptions'
+require 'contrast/agent/telemetry/events/exceptions/obfuscate'
 
 module Contrast
   module Logger
@@ -16,7 +17,7 @@ module Contrast
       # @param data [Object] Any structured data
       def warn message = nil, exception = nil, data = nil, &block
         # build Telemetry Exclusion
-        build_exclusion(ALIASED_WARN, message, exception, data)
+        build_exception(ALIASED_WARN, message, exception, data)
         super(message, exception, data, &block)
       end
 
@@ -25,7 +26,7 @@ module Contrast
       # @param data [Object] Any structured data
       def error message = nil, exception = nil, data = nil, &block
         # build Telemetry Exclusion
-        build_exclusion(ALIASED_ERROR, message, exception, data)
+        build_exception(ALIASED_ERROR, message, exception, data)
         super(message, exception, data, &block)
       end
 
@@ -34,25 +35,31 @@ module Contrast
       # @param data [Object] Any structured data
       def fatal message = nil, exception = nil, data = nil, &block
         # build Telemetry Exclusion
-        build_exclusion(ALIASED_FATAL, message, exception, data)
+        build_exception(ALIASED_FATAL, message, exception, data)
         super(message, exception, data, &block)
       end
 
       private
 
-      def build_exclusion type, message = nil, exception = nil, data = nil
-        start = caller_locations&.find_index { |stack| stack.to_s.include?(type) }
-        stack_trace = start ? caller_locations(start + 1, 20) : caller_locations(20, 20)
-        stack_frame_type = stack_trace[1].path.delete_prefix(Dir.pwd)
-        message_exception_type = exception ? exception.cs__class.to_s : stack_frame_type.split('/').last
+      def build_exception type, message = nil, exception = nil, data = nil
+        stack_trace = get_stack_trace(type)
+        stack_frame_type = Contrast::Agent::Telemetry::TelemetryException::Obfuscate.obfuscate_type(
+            stack_trace[1].path.delete_prefix(Dir.pwd))
         stack_frame_function = stack_trace[1].label
         key = "#{ stack_frame_type }|#{ stack_frame_function }|#{ message }"
         if TELEMETRY_EXCEPTIONS[key]
-          TELEMETRY_EXCEPTIONS.increment key
+          TELEMETRY_EXCEPTIONS.increment(key)
           return
         end
 
-        event_message = create_message(stack_frame_function, stack_frame_type, message_exception_type, data, exception,
+        return if TELEMETRY_EXCEPTIONS.exception_limit?
+
+        message_exception_type = Contrast::Agent::Telemetry::TelemetryException::Obfuscate.obfuscate_exception_type(
+            exception ? exception.cs__class.to_s : stack_frame_type.split('/').last)
+
+        event_message = create_message(stack_frame_function,
+                                       stack_frame_type, message_exception_type,
+                                       data, exception,
                                        message)
         TELEMETRY_EXCEPTIONS[key] = event_message
       rescue StandardError => e
@@ -65,10 +72,10 @@ module Contrast
                                 else
                                   message
                                 end
-        module_name = exception ? exception.cs__class.to_s.split('::').first : nil
-        stack_frame = Contrast::Agent::Telemetry::TelemetryException::StackFrame.build stack_frame_function,
+        module_name = message_exception_type ? message_exception_type.split('::')[0] : nil
+        stack_frame = Contrast::Agent::Telemetry::TelemetryException::StackFrame.build(stack_frame_function,
                                                                                        stack_frame_type,
-                                                                                       module_name
+                                                                                       module_name)
         message_exception = Contrast::Agent::Telemetry::TelemetryException::MessageException.build(
             message_exception_type,
             message_for_exception,
@@ -79,8 +86,13 @@ module Contrast
                else
                  exception.cs__is_a?(Hash) ? exception : {}
                end
-        message = Contrast::Agent::Telemetry::TelemetryException::Message.build tags, [message_exception]
-        Contrast::Agent::Telemetry::TelemetryException::Event.new message
+        message = Contrast::Agent::Telemetry::TelemetryException::Message.build(tags, [message_exception])
+        Contrast::Agent::Telemetry::TelemetryException::Event.new(message)
+      end
+
+      def get_stack_trace type
+        start = caller_locations&.find_index { |stack| stack.to_s.include?(type) }
+        start ? caller_locations(start + 1, 20) : caller_locations(20, 20)
       end
     end
   end

data/lib/contrast/logger/cef_log.rb

@@ -30,7 +30,7 @@ module Contrast
           else
             cs__error(*args, **kwargs)
           end
-          args.each { |arg| raise arg if arg && arg.cs__class < Exception }
+          args.each { |arg| raise(arg) if arg && arg.cs__class < Exception }
         end
       end
     end
@@ -69,11 +69,11 @@ module Contrast
         if @_cef_logger
           @_cef_logger.error('Unable to process update to LoggerManager.', e)
         else
-          puts 'Unable to process update to LoggerManager.'
-          raise e if ENV['CONTRAST__AGENT__RUBY_MORE_COWBELL']
+          puts('Unable to process update to LoggerManager.')
+          raise(e) if ENV['CONTRAST__AGENT__RUBY_MORE_COWBELL']
 
-          puts e.message
-          puts e.backtrace.join("\n")
+          puts(e.message)
+          puts(e.backtrace.join("\n"))
         end
         # rubocop:enable Rails/Output
       end
@@ -99,28 +99,28 @@ module Contrast
 
       def virtual_patch_message patch, outcome
         message = "Virtual Patch #{ patch.fetch(:name, '') } - #{ patch[:uuid] } was triggered by this request."
-        log [message, patch, outcome], ::Logger::Severity::DEBUG
+        log([message, patch, outcome], ::Logger::Severity::DEBUG)
       end
 
       def bot_blocking_message matching_bot, outcome
         message = "User agent #{ matching_bot[:user_agent] } matched the disallowed value #{ matching_bot[:bot] }"
-        log [message, matching_bot, outcome], ::Logger::Severity::DEBUG
+        log([message, matching_bot, outcome], ::Logger::Severity::DEBUG)
       end
 
       def ip_denylisted_message remote_ip, block_entry, outcome
         message = "IP Address #{ remote_ip } matched the disallowed value" \
                   "#{ block_entry[:ip] } in the IP Blacklist #{ block_entry[:uuid] }"
-        log [message, block_entry, outcome], ::Logger::Severity::DEBUG
+        log([message, block_entry, outcome], ::Logger::Severity::DEBUG)
       end
 
       def successful_attack rule_id, outcome, input_type = nil, input_value = nil
         if input_type.present? && input_value.present?
           successful_attack_with_input = "#{ input_type } had a value that successfully exploited" \
                                          "#{ rule_id } - #{ input_value }"
-          log [successful_attack_with_input, rule_id, outcome], ::Logger::Severity::WARN
+          log([successful_attack_with_input, rule_id, outcome], ::Logger::Severity::WARN)
         else
           successful_attack_wo_input = "An effective attack was detected against #{ rule_id }"
-          log [successful_attack_wo_input, rule_id, outcome], ::Logger::Severity::WARN
+          log([successful_attack_wo_input, rule_id, outcome], ::Logger::Severity::WARN)
         end
       end
 
@@ -128,10 +128,10 @@ module Contrast
         if input_type.present? && input_value.present?
           ineffective_attack_with_input = "#{ input_type } had a value that matched a signature for, " \
                                           "but did not successfully exploit #{ rule_id } - #{ input_value }"
-          log [ineffective_attack_with_input, rule_id, outcome], ::Logger::Severity::WARN
+          log([ineffective_attack_with_input, rule_id, outcome], ::Logger::Severity::WARN)
         else
           ineffective_attack_wo_input = "An unsuccessful attack was detected against #{ rule_id }"
-          log [ineffective_attack_wo_input, rule_id, outcome], ::Logger::Severity::WARN
+          log([ineffective_attack_wo_input, rule_id, outcome], ::Logger::Severity::WARN)
         end
       end
 
@@ -140,10 +140,10 @@ module Contrast
         if input_type.present? && input_value.present?
           suspicious_attack_with = "#{ input_type } included a potential attack value that was detected" \
                                    "as suspicious using #{ rule_id } - #{ input_value }"
-          log [suspicious_attack_with, rule_id, outcome], ::Logger::WARN
+          log([suspicious_attack_with, rule_id, outcome], ::Logger::WARN)
         elsif input_value.present?
           suspicious_attack_without = "Suspicious activity indicates a potential attack using #{ rule_id }"
-          log [suspicious_attack_without, rule_id, outcome], ::Logger::WARN
+          log([suspicious_attack_without, rule_id, outcome], ::Logger::WARN)
         end
       end
     end

data/lib/contrast/logger/format.rb

@@ -10,6 +10,7 @@ module Contrast
     # Our format for the Ougai logger allowing for custom log format that
     # extends the behavior of the default Ougai logger
     class Format < Ougai::Formatters::Bunyan
+      NO_REQUEST_HASH = { request_id: -1 }.cs__freeze
       LOG_TRACKER = Contrast::Utils::ThreadTracker.new
       # Our override of the _call method to add in the extra data that we want,
       # based on
@@ -49,7 +50,6 @@ module Contrast
         hash
       end
 
-      NO_REQUEST_HASH = { request_id: -1 }.cs__freeze
       def request_hash
         @request_tracker_defined ||= defined?(Contrast::Agent) && defined?(Contrast::Agent::REQUEST_TRACKER)
         return NO_REQUEST_HASH unless @request_tracker_defined

data/lib/contrast/logger/log.rb

@@ -44,8 +44,8 @@ module Contrast
       untimed_func_symbol = "untimed_#{ meth_spec.method_name }".to_sym
       send_to = class_method ? meth_spec.clazz.cs__singleton_class : meth_spec.clazz
       meth_spec.clazz.class_eval do
-        include Contrast::Components::Logger::InstanceMethods
-        extend Contrast::Components::Logger::InstanceMethods
+        include(Contrast::Components::Logger::InstanceMethods)
+        extend(Contrast::Components::Logger::InstanceMethods)
 
         send_to.send(:alias_method, untimed_func_symbol, meth_spec.method_name)
         meth_spec.aliased = true
@@ -73,7 +73,7 @@ module Contrast
         next if meth_spec.aliased
 
         is_class_method = meth_spec.clazz.singleton_methods(false).include?(meth_spec.method_name)
-        trace_time_class_method meth_spec, is_class_method
+        trace_time_class_method(meth_spec, is_class_method)
       end
     end
   end
@@ -96,7 +96,7 @@ module Contrast
           else
             cs__error(*args, **kwargs)
           end
-          args.each { |arg| raise arg if arg && arg.cs__class < Exception }
+          args.each { |arg| raise(arg) if arg && arg.cs__class < Exception }
         end
       end
     end
@@ -142,11 +142,11 @@ module Contrast
         if logger
           logger.error('Unable to process update to LoggerManager.', e)
         else
-          puts 'Unable to process update to LoggerManager.'
-          raise e if ENV['CONTRAST__AGENT__RUBY_MORE_COWBELL']
+          puts('Unable to process update to LoggerManager.')
+          raise(e) if ENV['CONTRAST__AGENT__RUBY_MORE_COWBELL']
 
-          puts e.message
-          puts e.backtrace.join("\n")
+          puts(e.message)
+          puts(e.backtrace.join("\n"))
         end
       end
 

data/lib/contrast/tasks/config.rb

@@ -75,7 +75,7 @@ module Contrast
         missing = []
         api_hash = config.root.api.to_hash
         api_hash.each_key do |key|
-          value = mask_keys api_hash, key
+          value = mask_keys(api_hash, key)
           if value.is_a?(Contrast::Config::ApiProxyConfiguration)
             Contrast::Config.validate_proxy(value)
           elsif value.is_a?(Contrast::Config::CertificationConfiguration)
@@ -92,31 +92,31 @@ module Contrast
       end
 
       def self.validate_proxy config
-        puts "Proxy Enabled: #{ config.enable }"
+        puts("Proxy Enabled: #{ config.enable }")
         return unless config.enable
 
-        puts "Proxy URL: #{ config.url }"
+        puts("Proxy URL: #{ config.url }")
         abort('Proxy Enabled but no Proxy URL given') unless config.url
       end
 
       def self.validate_cert config
-        puts "Certification Enabled: #{ config.enable }"
+        puts("Certification Enabled: #{ config.enable }")
         return unless config.enable
 
-        puts "CA File: #{ config.ca_file }"
+        puts("CA File: #{ config.ca_file }")
         abort('CA file path not provided') unless config.ca_file
-        puts "Cert File: #{ config.cert_file }"
+        puts("Cert File: #{ config.cert_file }")
         abort('Cert file path not provided') unless config.cert_file
-        puts "Key File: #{ config.key_file }"
+        puts("Key File: #{ config.key_file }")
         abort('Key file path not provided') unless config.key_file
       end
 
       def self.validate_audit config
-        puts "Request Audit Enabled: #{ config.enable }"
+        puts("Request Audit Enabled: #{ config.enable }")
         return unless config.enable
 
         config.each do |k, v|
-          puts "#{ k }::#{ v }"
+          puts("#{ k }::#{ v }")
         end
       end
 
@@ -125,7 +125,7 @@ module Contrast
         reporter = Contrast::Agent::Reporter.new
         reporter_headers = reporter.client.headers.to_hash
         reporter_headers.each_key do |key|
-          value = mask_keys reporter_headers, key
+          value = mask_keys(reporter_headers, key)
           missing << key if value.nil?
         end
         abort("Missing required header values: #{ missing.join(', ') }") unless missing.empty?
@@ -135,13 +135,13 @@ module Contrast
       def self.test_connection reporter
         connection = reporter.connection
         abort('Failed to Initialize Connection please check error logs for details') unless connection
-        abort('Failed to Start Client please check error logs for details') unless reporter.client.startup! connection
+        abort('Failed to Start Client please check error logs for details') unless reporter.client.startup!(connection)
       end
 
       def self.mask_keys hash, key
         value = hash[key]
         redacted_value = Contrast::Configuration::REDACTED if SKIP_LOG.include?(key.to_s)
-        puts "#{ key }::#{ redacted_value || value }" unless value.is_a?(Contrast::Config::BaseConfiguration)
+        puts("#{ key }::#{ redacted_value || value }") unless value.is_a?(Contrast::Config::BaseConfiguration)
         value
       end
     end

data/lib/contrast/tasks/service.rb

@@ -11,7 +11,7 @@ module Contrast
     extend Rake::DSL
     # Start the service if it is not already running
     def self.start_service
-      puts 'Starting Contrast Service'
+      puts('Starting Contrast Service')
       service_log = ::Contrast::CONTRAST_SERVICE.logger_path
       if File.writable?(service_log)
         spawn('contrast_service', out: File::NULL, err: service_log)
@@ -23,7 +23,7 @@ module Contrast
         sleep(0.05) until Contrast::Utils::OS.running?
       end
       watcher.join(1)
-      puts Contrast::Utils::OS.running? ? 'Contrast Service started successfully.' : 'Contrast Service did not start.'
+      puts(Contrast::Utils::OS.running? ? 'Contrast Service started successfully.' : 'Contrast Service did not start.')
     end
 
     # Stop the service if it is running

data/lib/contrast/utils/assess/tracking_util.rb

@@ -50,9 +50,9 @@ module Contrast
 
             idx += 1
             if Contrast::Utils::DuckUtils.iterable_hash?(obj)
-              handle_hash obj, idx
+              handle_hash(obj, idx)
             elsif Contrast::Utils::DuckUtils.iterable_enumerable?(obj)
-              handle_enumerable obj, idx
+              handle_enumerable(obj, idx)
             else
               Contrast::Agent::Assess::Tracker.tracked?(obj)
             end
@@ -79,9 +79,9 @@ module Contrast
 
             idx += 1
             if Contrast::Utils::DuckUtils.iterable_hash?(obj)
-              handle_hash obj, idx
+              handle_hash(obj, idx)
             elsif Contrast::Utils::DuckUtils.iterable_enumerable?(obj)
-              handle_enumerable obj, idx
+              handle_enumerable(obj, idx)
             else
               Contrast::Agent::Assess::Tracker.trackable?(obj)
             end

data/lib/contrast/utils/class_util.rb

@@ -33,7 +33,7 @@ module Contrast
         #   need to check
         # @return [Boolean] if this method specifically was prepended
         def prepended_method? mod, method_policy
-          target_module = determine_target_class mod, method_policy.instance_method
+          target_module = determine_target_class(mod, method_policy.instance_method)
           ancestors = target_module.ancestors
           return false unless prepended?(target_module, ancestors)
 
@@ -60,13 +60,13 @@ module Contrast
           # Only treat object like a string if it actually is a string+ some subclasses of String override string
           # methods we depend on
           if object.cs__class == String
-            return @string_cache[object] if @string_cache.key? object
+            return @string_cache[object] if @string_cache.key?(object)
 
             @string_cache[object] = to_cached_string(object) || object.dup
           else
-            return @lru_cache[object.__id__] if @lru_cache.key? object.__id__
+            return @lru_cache[object.__id__] if @lru_cache.key?(object.__id__)
 
-            @lru_cache[object.__id__] = convert_object object
+            @lru_cache[object.__id__] = convert_object(object)
           end
         end
 

data/lib/contrast/utils/findings.rb

@@ -34,7 +34,7 @@ module Contrast
       # @param ret [Object] the Return of the invoked method
       # @param args [Array<Object>] the Arguments with which the method was invoked
       def collect_finding trigger_node, source, object, ret, *args
-        push trigger_node, source, object, ret, args
+        push(trigger_node, source, object, ret, args)
         logger.trace('Finding collected', node_id: trigger_node.id,
                                           source_id: source.__id__,
                                           rule: trigger_node.rule_id)
@@ -52,11 +52,11 @@ module Contrast
 
         while @_collection.any?
           finding = @_collection.pop
-          Contrast::Agent::Assess::Policy::TriggerMethod.build_finding finding[:trigger_node],
+          Contrast::Agent::Assess::Policy::TriggerMethod.build_finding(finding[:trigger_node],
                                                                        finding[:source],
                                                                        finding[:object],
                                                                        finding[:ret],
-                                                                       finding[:args]
+                                                                       finding[:args])
         end
         true
       end

data/lib/contrast/utils/hash_digest.rb

@@ -15,8 +15,8 @@ module Contrast
     class HashDigest < Digest::Class
       include Digest::Instance
       extend Contrast::Utils::HashDigestExtend
-
       CONTENT_LENGTH_HEADER = 'Content-Length'
+      CHARS = %w[a b c d e f g].cs__freeze
       CRYPTO_RULES = %w[crypto-bad-ciphers crypto-bad-mac].cs__freeze
       CONFIG_PATH_KEY = 'path'
       CONFIG_SESSION_ID_KEY = 'sessionId'
@@ -24,6 +24,11 @@ module Contrast
       CLASS_CONSTANT_NAME_KEY = 'name'
       CLASS_LINE_NO_KEY = 'lineNo'
 
+      def initialize
+        super
+        @crc32 = 0
+      end
+
       # Update to CRC checksum the finding route and verb if finding route
       # [Contrast::Api::Dtm::RouteCoverage] is available else update the passed
       # request or Contrast::REQUEST_TRACKER.current.request uri and used request
@@ -77,7 +82,6 @@ module Contrast
         end
       end
 
-      CHARS = %w[a b c d e f g].cs__freeze
       # This method converts and integer value for length into a string value
       # that we can hash on, based on the logarithmic value of the length, and
       # updates the current hash with that value.
@@ -86,11 +90,6 @@ module Contrast
         update(CHARS[Math.log10(chr.to_s.length).to_i] || CHARS[-1])
       end
 
-      def initialize
-        super
-        @crc32 = 0
-      end
-
       # Converts  given string to CRC checksum. CRC32 checksum ensures that If error
       # of a single bit occurs, the CRC checksum will fail, regardless of any other
       # property of the transmitted data, including its length. Called several times

data/lib/contrast/utils/head_dump_utils_extend.rb

@@ -13,7 +13,7 @@ module Contrast
         delay  = control[:delay]
         clean  = control[:clean]
 
-        logger.info <<~WARNING
+        logger.info(<<~WARNING)
           *****************************************************
           ********      HEAP DUMP HAS BEEN ENABLED     ********
           *** APPLICATION PROCESS WILL EXIT UPON COMPLETION ***

data/lib/contrast/utils/invalid_configuration_util.rb

@@ -50,7 +50,7 @@ module Contrast
         new_preflight_message.data = "#{ rule_id },#{ hash_code }"
         new_preflight.messages << new_preflight_message
 
-        ruby_finding = Contrast::Agent::Reporting::Finding.new rule_id
+        ruby_finding = Contrast::Agent::Reporting::Finding.new(rule_id)
         ruby_finding.hash_code = hash_code
         set_new_finding_properties(ruby_finding, user_provided_options, call_location)
         Contrast::Agent.reporter&.send_event(new_preflight)

data/lib/contrast/utils/log_utils.rb

@@ -64,13 +64,13 @@ module Contrast
           # Log once when the path is invalid. We'll change to this path, so no
           # need to log again.
           if previous_path != DEFAULT_NAME
-            $stdout.puts "[!] Unable to write to '#{ path }'. Writing to default log '#{ DEFAULT_NAME }' instead."
+            $stdout.puts("[!] Unable to write to '#{ path }'. Writing to default log '#{ DEFAULT_NAME }' instead.")
           end
           DEFAULT_NAME
         else
           # Log once when the path is invalid. We'll change to this path, so no
           # need to log again.
-          $stdout.puts "[!] Unable to write to '#{ path }'. Writing to standard out instead."
+          $stdout.puts("[!] Unable to write to '#{ path }'. Writing to standard out instead.")
           STDOUT_STR
         end
       end
@@ -141,7 +141,7 @@ module Contrast
                  end
         logger.progname = PROGNAME
         logger.level = level_const
-        change_logger_formatter logger
+        change_logger_formatter(logger)
         logger
       end
 
@@ -183,7 +183,7 @@ module Contrast
                            DEFAULT_METADATA
                          end
         app_name = ::Contrast::APP_CONTEXT.app_name
-        attach_request_and_sender_info message, sender_info
+        attach_request_and_sender_info(message, sender_info)
         message << "request=#{ context.request.url } "
         message << "requestMethod=#{ request_method } "
         message << "app=#{ app_name } "

data/lib/contrast/utils/lru_cache.rb

@@ -6,7 +6,7 @@ module Contrast
     # A LRU(Least Recently Used) Cache store.
     class LRUCache
       def initialize capacity = 500
-        raise StandardError 'Capacity must be bigger than 0' if capacity <= 0
+        raise(StandardError('Capacity must be bigger than 0')) if capacity <= 0
 
         @capacity = capacity
         @cache = {}

data/lib/contrast/utils/metrics_hash.rb

@@ -29,7 +29,7 @@ module Contrast
         value_val = value.dup
         key_val.strip! if key_val.cs__is_a?(String)
         value_val.strip! if value_val.cs__is_a?(String)
-        return unless valid_pair? key_val, value_val
+        return unless valid_pair?(key_val, value_val)
 
         key_val.downcase!
         key_val.strip!

data/lib/contrast/utils/middleware_utils.rb

@@ -37,12 +37,12 @@ module Contrast
       def handle_exception exception
         if security_exception?(exception)
           exception_control = ::Contrast::AGENT.exception_control
-          raise exception unless exception_control[:enable]
+          raise(exception) unless exception_control[:enable]
 
           [exception_control[:status], {}, [exception_control[:message]]]
         else
           logger.debug('Re-throwing original error', exception)
-          raise exception
+          raise(exception)
         end
       end
 
@@ -69,8 +69,8 @@ module Contrast
         return unless Contrast::Agent::Telemetry::Base.enabled?
         return unless Contrast::Utils::Telemetry.create_telemetry_file
 
-        logger.info Contrast::Utils::Telemetry.disclaimer
-        $stdout.print Contrast::Utils::Telemetry.disclaimer
+        logger.info(Contrast::Utils::Telemetry.disclaimer)
+        $stdout.print(Contrast::Utils::Telemetry.disclaimer)
         true
       end
 
@@ -80,7 +80,7 @@ module Contrast
         end
       rescue Contrast::SecurityException => e
         logger.trace('Security Exception raised during application lifecycle to prevent an attack', e)
-        raise e
+        raise(e)
       end
     end
   end

data/lib/contrast/utils/net_http_base.rb

@@ -31,14 +31,14 @@ module Contrast
         return if addr.scheme != 'https' && !addr.host.to_s.include?('localhost') # TODO: RUBY-99999 allow http w/ localhost # rubocop:disable Layout/LineLength
 
         proxy_addr = URI(Contrast::API.proxy_url) if proxy_enabled?
-        net_http_client = initialize_client addr, proxy_addr, use_proxy, use_custom_cert
+        net_http_client = initialize_client(addr, proxy_addr, use_proxy, use_custom_cert)
         return if net_http_client.nil?
 
         net_http_client.start
         return unless net_http_client.started?
 
         logger.debug("Starting #{ service_name } connection test")
-        return unless connection_verified? net_http_client
+        return unless connection_verified?(net_http_client)
 
         logger.debug('Client verified', service: service_name, url: url)
         net_http_client
@@ -63,7 +63,7 @@ module Contrast
         response = client.request(Net::HTTP::Get.new(client.address))
         verify_cert = client.address.to_s.include?('localhost') ||
             OpenSSL::SSL.verify_certificate_identity(client.peer_cert, client.address)
-        resolved = resolved? client.address, ipaddr
+        resolved = resolved?(client.address, ipaddr)
         @_connection_verified = if resolved && response && verify_cert
                                   true
                                 else
@@ -91,7 +91,7 @@ module Contrast
       def resolved? address, ipaddr
         return @_resolved unless @_resolved.nil?
 
-        @_resolved = if (addresses = Resolv.getaddresses address)
+        @_resolved = if (addresses = Resolv.getaddresses(address))
                        addresses.any? { |addr| addr.include?(ipaddr) }
                      else
                        false

data/lib/contrast/utils/os.rb

@@ -42,7 +42,7 @@ module Contrast
         end
 
         def mac?
-          @_mac = RUBY_PLATFORM.include? 'darwin' if @_mac.nil?
+          @_mac = RUBY_PLATFORM.include?('darwin') if @_mac.nil?
           @_mac
         end
 

data/lib/contrast/utils/patching/policy/patch_utils.rb

@@ -58,7 +58,7 @@ module Contrast
         rescue Contrast::SecurityException => e
           # We were told to block something, so we gotta. Don't catch this one, let it get back to our Middleware or
           # even all the way out to the framework
-          raise e
+          raise(e)
         rescue StandardError => e
           # Anything else was our bad and we gotta catch that to allow for normal application flow
           logger.error('Unable to apply pre patch to method.', e)
@@ -155,7 +155,7 @@ module Contrast
         rescue Exception => e # rubocop:disable Lint/RescueException
           logger.error('Unable to assess method call.', e)
           handle_return(propagated_ret, source_ret, ret)
-          raise e
+          raise(e)
         end
 
         # Generic invocation of the Inventory or Protect patch which apply to the given method.

data/lib/contrast/utils/request_utils.rb

@@ -31,7 +31,7 @@ module Contrast
             k = Contrast::Utils::StringUtils.force_utf8(k)
             nested_prefix = prefix.nil? ? k : "#{ prefix }[#{ k }]"
             hash[k] = Contrast::Utils::ObjectShare::EMPTY_STRING
-            hash.merge! normalize_params(v, prefix: nested_prefix)
+            hash.merge!(normalize_params(v, prefix: nested_prefix))
           end
           res[prefix] = Contrast::Utils::ObjectShare::EMPTY_STRING if prefix
           res
@@ -39,7 +39,7 @@ module Contrast
           idx = 0
           res = {}
           while idx < val.length
-            res.merge! normalize_params(val[idx], prefix: "#{ prefix }[#{ idx }]")
+            res.merge!(normalize_params(val[idx], prefix: "#{ prefix }[#{ idx }]"))
             idx += 1
           end
           res[prefix] = Contrast::Utils::ObjectShare::EMPTY_STRING if prefix