contrast-agent 6.15.3 → 7.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bb55239bd37c7b0d2c3adc47d2e47ff25e331694b9be68522a29f8e4ce8c1220
-  data.tar.gz: 41a5a677403dd10c0dcd67673b32e32aa8f8ad04a82d963891f95ceaa25b46a1
+  metadata.gz: bc98145df7f08bc47cbff0f0416a7b43852b8075c6806bd38fbbe0aa27d94adb
+  data.tar.gz: 60885ba415f59b893a5da6101ddc3b9d6deeac5a9d41bb2eb7c459291873b08f
 SHA512:
-  metadata.gz: 94aaa0a8ed0b9fb08fb5c206bee3695cd1cc1f3a8b7752fa8c52abfb563a4e58fac60162ab13c4f06ceb785532ae1a76b93dcc8f348e99d29b112b265a88051b
-  data.tar.gz: 658421a2a8558bac001eb707340f0bc763012d06b9fdcfe1137fb3ceff6f53966d7cc9af9bced07f08411b5e44af1ad5c4f5805b54abaae0ad71dcc81011fbb9
+  metadata.gz: 4a6449786512d444818087fed5d880c061b1108b8e9fbe64e4fd0f3657bac3b53ffb60806a7767a50a9c7a910b5e62e223d6af84be51d8ca9b6e4e5b5ae67d07
+  data.tar.gz: 4f2cb9c1435fbe5fdfbccbc3cc69ba3823de97f617bcff63493087a70a0551852dbe09f7699089cd22dfc509e57c39525420290813cd12ac92ee91164e2910bc

data/ext/cs__assess_fiber_track/cs__assess_fiber_track.c

@@ -62,7 +62,7 @@ VALUE rb_fiber_yield_hook(int argc, const VALUE *argv) {
     return rb_fiber_yield_original(argc, argv);
 }
 
-int install_fiber_hooks() {
+int install_fiber_hooks(void) {
     rb_fiber_new_original = rb_fiber_new;
     patch_via_funchook(&rb_fiber_new_original, &rb_fiber_new_hook);
 

data/ext/cs__assess_fiber_track/cs__assess_fiber_track.h

@@ -28,6 +28,6 @@ VALUE rb_fiber_new_hook(VALUE (*func)(ANYARGS), VALUE obj);
 
 VALUE rb_fiber_yield_hook(int argc, const VALUE *argv);
 
-static int install_fiber_hooks();
+static int install_fiber_hooks(void);
 
 void Init_cs__assess_fiber_track(void);

data/ext/cs__assess_module/cs__assess_module.c

@@ -115,23 +115,4 @@ void Init_cs__assess_module(void) {
 
     contrast_register_patch("Module", "module_eval",
                             contrast_assess_module_module_eval);
-    /*
-     * We patch these for better ancestors handling, and only for older ruby
-     * versions.
-     */
-    //  if (rb_ver_below_three()) {
-    /*
-     * `included` is a private method. We should make it public, patch it,
-     * and make our new method public
-     */
-    //     contrast_register_patch("Module", "included",
-    //                             contrast_assess_module_included);
-    /*
-     * The `prepend` patch may actually be the issue, if we're not properly
-     * passing along the call/context. It could be that my attempt to fix
-     * `included` left this section unreachable.
-     */
-    //     contrast_register_patch("Module", "prepend",
-    //                             contrast_assess_module_prepend);
-    //     }
 }

data/ext/cs__assess_test/cs__assess_tests.c

@@ -1,4 +1,4 @@
-#include "../cs__common/cs__common.h";
+#include "../cs__common/cs__common.h"
 #include "ruby.h"
 #include <ruby/re.h>
 

data/ext/cs__common/cs__common.c

@@ -28,8 +28,12 @@ void patch_via_funchook(void *original_function, void *hook_function) {
 
     void *funchook_lib_handle;
     void *funchook_reference, *(*funchook_create)(void);
+    /* This variables are used to load the funchook dylib */
+    #pragma GCC diagnostic ignored "-Wunused-but-set-variable"
+    #pragma GCC diagnostic push
     int prepareResult, (*funchook_prepare)(void *, void **, void *);
     int installResult, (*funchook_install)(void *, int);
+    #pragma GCC diagnostic pop
 
     funchook_lib_handle =
         dlopen(StringValueCStr(funchook_path), RTLD_NOW | RTLD_GLOBAL);
@@ -55,7 +59,7 @@ void contrast_alias_method(const VALUE target, const char *to,
                ID2SYM(rb_intern(to)), ID2SYM(rb_intern(from)));
 }
 
-VALUE contrast_patcher() {
+VALUE contrast_patcher(void) {
     return patcher;
 }
 
@@ -102,7 +106,7 @@ VALUE contrast_check_and_register_instance_patch(const char *module_name,
                                                  VALUE(c_fn)(const int, VALUE *,
                                                              const VALUE)) {
 
-    VALUE object, method, is_prepended, patch_type;
+    VALUE object, method, is_prepended;
     /* check if method is prepended */
     object = rb_const_get(rb_cObject, rb_intern(module_name));
     method = ID2SYM(rb_intern(method_name));
@@ -119,7 +123,7 @@ VALUE contrast_check_and_register_instance_patch(const char *module_name,
     }
 }
 
-static VALUE
+VALUE
 _contrast_register_patch(const char *module_name, const char *method_name,
                          VALUE(c_fn)(const int, VALUE *, const VALUE),
                          patch_impl patch) {
@@ -175,13 +179,6 @@ _contrast_register_patch(const char *module_name, const char *method_name,
     return SYM2ID(underlying_method_name);
 }
 
-int rb_ver_below_three() {
-    int ruby_version =
-        FIX2INT(rb_funcall(rb_const_get(rb_cObject, rb_intern("RUBY_VERSION")),
-                           rb_intern("to_i"), 0));
-    return ruby_version < 3;
-}
-
 /* used for direct check on object: String.cs__prepended? *args  */
 extern VALUE contrast_check_prepended(VALUE self, VALUE method_name,
                                       VALUE is_instance) {
@@ -200,17 +197,18 @@ extern VALUE contrast_lookout_prepended(VALUE self, VALUE object_name,
     return result;
 }
 
-static VALUE _contrast_check_prepended(VALUE object, VALUE method_name,
+VALUE _contrast_check_prepended(VALUE object, VALUE method_name,
                                        VALUE is_instance) {
-    VALUE entry, ancestors, object_idx, entry_methods;
+    VALUE entry, ancestors, entry_methods;
     VALUE result = Qfalse;
-    int i;
-    int y;
+    VALUE object_idx = Qnil;
+    long y;
+    unsigned long i;
 
     /* get self ancestors */
     ancestors = rb_mod_ancestors(object);
     /* get the size of the array */
-    int length = RARRAY_LEN(ancestors);
+    unsigned long length = RARRAY_LEN(ancestors);
     /* Locate self in ancestors: */
     for (i = 0; i < length; ++i) {
         entry = rb_ary_entry(ancestors, i);
@@ -226,14 +224,14 @@ static VALUE _contrast_check_prepended(VALUE object, VALUE method_name,
     for (i = 0; i < object_idx; ++i) {
         entry = rb_ary_entry(ancestors, i);
         if (is_instance == Qtrue) {
-            entry_methods = rb_class_instance_methods(1, entry, entry);
+            entry_methods = rb_class_instance_methods(1UL, &entry, entry);
         } else {
-            entry_methods = rb_obj_singleton_methods(1, entry, entry);
+            entry_methods = rb_obj_singleton_methods(1UL, &entry, entry);
         }
 
         /* Loop through the instance/singleton methods of the prepended modules
          */
-        int entry_methods_length = RARRAY_LEN(entry_methods);
+        long entry_methods_length = RARRAY_LEN(entry_methods);
         for (y = 0; y <= entry_methods_length; ++y) {
             if (rb_ary_entry(entry_methods, y) == method_name) {
                 result = Qtrue;
@@ -244,6 +242,7 @@ static VALUE _contrast_check_prepended(VALUE object, VALUE method_name,
             break;
         }
     }
+
     return result;
 }
 

data/ext/cs__common/cs__common.h

@@ -10,6 +10,9 @@ typedef enum {
     IMPL_PREPEND_SINGLETON,
 } patch_impl;
 
+/* the unused variable warning is triggered for gcc only */
+#pragma GCC diagnostic ignored "-Wunused-variable"
+#pragma GCC diagnostic push
 static VALUE cs__send_method;
 static VALUE cs__alias_method_sym;
 
@@ -34,14 +37,7 @@ static VALUE rb_sym_alias_instance;
 static VALUE rb_sym_alias_singleton;
 static VALUE rb_sym_prepend_instance;
 static VALUE rb_sym_prepend_singleton;
-
-/*
- * Check if ruby version is < 3.0.0.
- * We are using this for handling ancestors of included modules.
- * Since this is fixed after Ruby 3.0.0 we should remove this after
- * dropping support for older versions, as no longer needed.
- */
-int rb_ver_below_three();
+#pragma GCC diagnostic pop
 
 void patch_via_funchook(void *original_function, void *hook_function);
 
@@ -73,11 +69,11 @@ VALUE contrast_register_prepend_patch(const char *module_name,
                                                 VALUE(c_fn)(const int, VALUE *,
                                                              const VALUE));
 
-static VALUE _contrast_register_patch(const char *module_name, const char *method_name,
+VALUE _contrast_register_patch(const char *module_name, const char *method_name,
                          VALUE(c_fn)(const int, VALUE *, const VALUE),
                          patch_impl patch_impl);
 
-static VALUE _contrast_check_prepended(VALUE self, VALUE method_name, VALUE is_instance);
+VALUE _contrast_check_prepended(VALUE self, VALUE method_name, VALUE is_instance);
 
 extern VALUE contrast_check_prepended(VALUE self, VALUE method_name, VALUE is_instance);
 
@@ -90,7 +86,7 @@ VALUE contrast_check_and_register_instance_patch(const char *module_name,
                                                 VALUE(c_fn)(const int, VALUE *,
                                                             const VALUE));
 
-VALUE contrast_patcher();
+VALUE contrast_patcher(void);
 
 void Init_cs__common(void);
 

data/ext/cs__contrast_patch/cs__contrast_patch.c

@@ -97,8 +97,6 @@ VALUE rescue_func(VALUE arg1) {
      */
     exception = rb_errinfo();
     rb_exc_raise(exception);
-
-    return Qnil;
 }
 
 /**
@@ -109,17 +107,18 @@ VALUE rescue_func(VALUE arg1) {
  *
  **/
 VALUE contrast_patch_call_ensure(const VALUE *args) {
-    // we do not need to ensure that post patch is called if no error was thrown
+    /* we do not need to ensure that post patch is called if no error was thrown */
     if (!RTEST(rb_errinfo())) {
         return Qnil;
     }
 
     int argc;
-    VALUE object, preshift, method_policy, method;
+    VALUE object, preshift, method_policy;
     VALUE *argv;
+    /* VALUE method; */
 
     object = args[0];
-    method = args[1];
+    /* method = args[1]; */
     argc = NUM2INT(args[2]);
     argv = (VALUE *)args[3];
     method_policy = args[4];
@@ -137,8 +136,8 @@ VALUE ensure_wrapper(const VALUE *args) {
     original_args = (VALUE)args[1];
     ensure_args = (VALUE)args[2];
 
-    // this ensure if being treated as a rescue due to issues surrounding
-    // Kernel#throw
+    /* this ensure if being treated as a rescue due to issues surrounding
+       Kernel#throw */
     return rb_ensure(original_method, original_args, contrast_patch_call_ensure,
                      (VALUE)ensure_args);
 }
@@ -154,7 +153,7 @@ VALUE contrast_call_super(const VALUE *args) {
 
 VALUE contrast_run_patches(const VALUE *wrapped_args) {
     VALUE impl, method, method_policy, object, original_args, original_ret,
-        preshift, transformed_ret;
+        preshift;
     int argc;
     VALUE *argv;
     VALUE ensure_args[6];
@@ -257,9 +256,15 @@ VALUE contrast_ensure_function(const VALUE method_policy) {
 
 VALUE contrast_patch_dispatch(const int argc, const VALUE *argv,
                               const patch_impl impl, const VALUE object) {
+    /*
+     * Silence the known variable unused warning detected by compiler.
+     * Since this Variable is set by cases and we check if it is set or not.
+     * To disalbe this remove the -Wno-maybe-uninitialized flag.
+     */
+
     VALUE cs__method, known, method, method_policy;
     VALUE original_args[4];
-    int do_contrast, nested_scope;
+    long do_contrast, nested_scope;
 
     /* Do Contrast analysis, unless our subsequent checks tell us no. */
     do_contrast = 1;
@@ -369,6 +374,8 @@ call_original:
     case IMPL_PREPEND_SINGLETON:
         return contrast_call_super(original_args);
     };
+
+    return Qfalse;
 }
 
 VALUE contrast_alias_instance_patch(const int argc, const VALUE *argv,
@@ -490,21 +497,6 @@ VALUE contrast_patch_prepend(const VALUE self, const VALUE originalModule,
     }
     rb_prepend_module(originalModule, module);
 
-    if (rb_ver_below_three()) {
-        VALUE module_at;
-        VALUE rb_incl_in_mod_ary =
-            rb_funcall(originalModule, rb_intern("included_in"), 0);
-        if (RB_TYPE_P(rb_incl_in_mod_ary, T_ARRAY)) {
-            int i = 0;
-            int size = RARRAY_LEN(rb_incl_in_mod_ary);
-            for (i = 0; i < size; ++i) {
-                module_at = rb_ary_entry(rb_incl_in_mod_ary, i);
-                if (RB_TYPE_P(module_at, T_MODULE)) {
-                    rb_include_module(module_at, module);
-                }
-            }
-        }
-    }
     return Qtrue;
 }
 

data/ext/extconf_common.rb

@@ -2,18 +2,97 @@
 # frozen_string_literal: true
 
 require 'mkmf'
+require 'rbconfig'
 require_relative '../lib/contrast/agent/version'
 
+# The mkmf.rb file uses all passed flags from Ruby configuration (RbConfig::CONFIG) on
+# Ruby build time. Problem with Clang and GCC is that it do not keep up with c89 and finds
+# error on including <ryby.h> as not allowing inline variables.
+#
+# Ruby inlining is a C99 feature that is allowed to be used, because the Ruby configure script
+# can work around the absence of the inline feature with a simple #define:
+#
+# ifndef __cplusplus
+# define inline
+# endif
+#
+# There is difference between using c89 and gnu89, as the latter is extended version of the
+# 1989 standard allowing features like // comments for example. This makes the use of the
+# gnu not favorable since it will skip some checks and would make wholes in the c89 standard
+# support.
+#
+# We can directly append the CFLAGS we need with ENV variable used to create the makefile.
+# MAKEFILE_CONFIG is extension of the RbConfig::CONFIG used to build the Ruby itself.
+# So if we try to run c89 on clang it will brake because of detecting errors from external
+# library used - Ruby itself build with different standard as it seems. This means the
+# Ruby must be compiled beforehand with the compiler forced to C89.
+#
+# This makes the C dialect of choice to be gnu89 with strict pedantic warnings reported as errors,
+# and making the compiler configurable by flags:
+STANDARD_FLAGS = '-std=gnu89'
+CLANG = 'clang'
+
+# TODO: RUBY-999999 Add -pedantic flag, remove all warning flags and see to it that as many as possible become obsolete.
+# Note: Adding -pedantic could raise <ruby.h> warnings, and we are not in control of that code.
+# e.g. error: '_Bool' is a C99 extension [-Werror,-Wc99-extensions] ; empty macros and etc.
+#
+# -Wno-int-conversion => Passing VALUEs as function args but required as unsigned long parameters.
+# -Werror => report all warnings as errors
+# -Wshorten-64-to-32 => is recognized by clang but not in gcc.
+#  Use alternative if viable. [Wno-narrowing]
+# -Wno-maybe-uninitialized is used by clang but not gcc
+#
+#  Note: Clang supports old style function definition e.g. void func () {}
+#  but the gcc is not.
+#  make sure to add parameters type => void func (void) {}.
+#  All Changes must be tested against both clang and gcc.
+WARNING_FLAGS = %w[
+  -Wno-language-extension-token -Wno-incompatible-function-pointer-types
+  -Wno-declaration-after-statement -Wno-variadic-macros -Wno-int-conversion
+  -Wno-incompatible-pointer-types -Wno-narrowing
+].freeze # rubocop:disable Security/Object/Freeze
+
+# Flags that are only recognized by gcc:
+GCC_FLAGS = %w[-Wno-maybe-uninitialized].freeze # rubocop:disable Security/Object/Freeze
+
+# Extend $CFLAGS passed directly to compiler in ruby mkmf
+def extend_cflags
+  $CFLAGS += " #{ [STANDARD_FLAGS, WARNING_FLAGS].flatten.join(' ') }"
+  # Extend with GCC specific flags:
+  unless RbConfig::MAKEFILE_CONFIG['CC'].downcase.include?(CLANG) ||
+        RbConfig::MAKEFILE_CONFIG['CPP'].downcase.include?(CLANG) ||
+        RbConfig::CONFIG['CC'].downcase.include?(CLANG)
+
+    $CFLAGS += " #{ GCC_FLAGS.flatten.join(' ') }"
+  end
+end
+
 def make!
   create_makefile("#{ $TO_MAKE }/#{ $TO_MAKE }")
 end
 
+# -----------------------------------------------------------------------
+# | MOVING CODE BELLOW THIS SECTION MAY BRAKE MAKEFILE. ORDER MATTERS!  |
+# ----------------------------------------------------------------------
+
 def ext_path
   # __dir__ is relative to the file you're reading.
   # this file you're reading is presently within $APP_ROOT/ext/.
   __dir__
 end
 
+# We need to first build funchook which relies on ext_path method. This enables the require of
+# funchook.h file. Then we can pass CFLAGS and extend makefile flags and invoke make!
 require_relative './build_funchook'
 
+# Extended flags are mainly tested with clang and gcc. Experience with other compilers may vary.
+# To that end if something brakes on client side we must have a mechanism to go back to previous
+# non strict gnu89 standard and be able to maintain the build.
+# We can disable newly added changes with this setting CONTRAST_USE_C89=false.
+extend_cflags unless ENV['CONTRAST__USE_GNU89'] == 'false'
+
+# use same C compiler if set.
+RbConfig::CONFIG['CC'] = RbConfig::MAKEFILE_CONFIG['CC'] = ENV['CC'] if ENV['CC']
+
+# Generate Makefile.
 make!

data/lib/contrast/agent/assess/policy/source_method.rb

@@ -91,6 +91,7 @@ module Contrast
                   process_source(source_node, value, source_data, source_type, source_name, *args)
                 end
               end
+              nil
             rescue StandardError => e
               logger.warn('Unable to apply source', e, node_id: source_node.id)
             end

data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb

@@ -32,7 +32,8 @@ module Contrast
         FORBIDDEN_NO_ACTION_MSG = 'Report access was forbidden because the supplied credentials failed ' \
                                   'to authenticate the Agent'
         UNPROCESSABLE_ENTITY_MSG = 'Reporter received Unprocessable Entity response. Disabling permanently.'
-        RETRY_AFTER_MSG = "There are too many requests of this type being sent by this Agent. #{ SUSPEND_MSG }"
+        RETRY_AFTER_MSG = 'There are too many requests of this type being sent by this Agent. ' \
+                          "#{ SUSPEND_MSG }".cs__freeze
 
         def last_response_code
           @_last_response_code ||= ''

data/lib/contrast/agent/version.rb

@@ -3,6 +3,6 @@
 
 module Contrast
   module Agent
-    VERSION = '6.15.3'
+    VERSION = '7.0.0'
   end
 end

data/lib/contrast/components/api.rb

@@ -18,7 +18,7 @@ module Contrast
         include Contrast::Config::BaseConfiguration
 
         CANON_NAME = 'api'
-        PROXY_NAME = "#{ CANON_NAME }.proxy"
+        PROXY_NAME = "#{ CANON_NAME }.proxy".cs__freeze
         CONFIG_VALUES = %w[api_key user_name service_key url].cs__freeze
 
         # @return [String]

data/lib/contrast/components/assess_rules.rb

@@ -16,7 +16,7 @@ module Contrast
 
         SPEC_KEY = :disabled_rules.cs__freeze
         CANON_NAME = 'assess.rules'
-        NAME_PREFIX = "#{ CONTRAST }.#{ CANON_NAME }"
+        NAME_PREFIX = "#{ CONTRAST }.#{ CANON_NAME }".cs__freeze
 
         # @return [Array, nil] list of disabled assess rules
         attr_accessor :disabled_rules

data/lib/contrast/components/sampling.rb

@@ -103,7 +103,7 @@ module Contrast
         include Contrast::Config::BaseConfiguration
 
         CANON_NAME = 'assess.sampling'
-        NAME_PREFIX = "#{ CONTRAST }.#{ CANON_NAME }"
+        NAME_PREFIX = "#{ CONTRAST }.#{ CANON_NAME }".cs__freeze
         CONFIG_VALUES = %w[enable baseline request_frequency response_frequency window_ms].cs__freeze
 
         # @return [Integer, nil]

data/lib/contrast/utils/middleware_utils.rb

@@ -11,12 +11,12 @@ module Contrast
     module MiddlewareUtils
       private
 
-      # TODO: RUBY-1609 update this part of the method for Ruby Version and Year
-      LANGUAGE_DEPRECATION_VERSION = '2.7'
-      LANGUAGE_DEPRECATION_YEAR = '2023'
+      LANGUAGE_DEPRECATION_VERSION = '3.0'
+      LANGUAGE_DEPRECATION_YEAR = '2024'
       LANGUAGE_DEPRECATION_WARNING =
         "[Contrast Security] [DEPRECATION] Support for Ruby #{ LANGUAGE_DEPRECATION_VERSION } will be removed in " \
-        "April #{ LANGUAGE_DEPRECATION_YEAR }. Please contact Customer Support prior if you require continued support."
+        "April #{ LANGUAGE_DEPRECATION_YEAR }. Please contact Customer Support prior if you require continued" \
+        'support.'.cs__freeze
 
       def setup_agent
         # Generate new config file if one is not already created:

data/lib/contrast/utils/object_share.rb

@@ -55,9 +55,9 @@ module Contrast
       EMPTY_HASH = {}.freeze
 
       # RegExps
-      DIGIT_REGEXP =       /[[:digit:]]/.freeze
-      WHITE_SPACE_REGEXP = /\s/.freeze
-      NOT_WHITE_SPACE_REGEXP = /[^\s]/.freeze
+      DIGIT_REGEXP =       /[[:digit:]]/
+      WHITE_SPACE_REGEXP = /\s/
+      NOT_WHITE_SPACE_REGEXP = /[^\s]/
 
       # Messages
       OVERRIDE_MESSAGE = 'A security filter prevented original response from being returned.'

data/lib/contrast.rb

@@ -102,19 +102,3 @@ if RUBY_VERSION >= '3.0.0' && RUBY_VERSION < '3.1.0'
   Class.alias_method(:prepend, :cs__orig_prepend)
   Class.remove_method(:cs__orig_prepend)
 end
-
-if RUBY_VERSION < '3.0.0'
-  # Better handles ancestors for older ruby versions.
-  # This is called from C, tread lightly.
-  class Module
-    @_included_in = []
-    # Returns array with modules including this instance
-    def included_in
-      @_included_in ||= [] unless cs__frozen?
-    end
-
-    def self.included_in
-      @_included_in ||= [] unless cs__frozen?
-    end
-  end
-end

data/ruby-agent.gemspec

@@ -51,7 +51,7 @@ end
 def self.add_frameworks spec
   spec.add_development_dependency 'grape', '~> 1.5', '>= 1.5.2'
   spec.add_development_dependency 'rack-protection', '>= 2'
-  spec.add_development_dependency 'rails', '~> 7'
+  spec.add_development_dependency 'rails', '>= 6', '~> 7'
   spec.add_development_dependency 'sinatra', '>= 2'
 end
 
@@ -80,7 +80,7 @@ def self.add_specs spec
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rspec-benchmark'
   spec.add_development_dependency 'rspec_junit_formatter', '0.3.0'
-  spec.add_development_dependency 'rspec-rails', '5.0'
+  spec.add_development_dependency 'rspec-rails', '6.0'
   spec.add_development_dependency 'tzinfo-data' # Alpine rspec-rails requirement.
   spec.add_development_dependency 'warning'
   spec.add_development_dependency 'typhoeus', '~> 1.4'
@@ -102,11 +102,7 @@ end
 
 # Dependencies not mocked out during RSpec that we test real code of, beyond just frameworks.
 def self.add_tested_gems spec
-  if RUBY_VERSION < '3.0.0'
-    spec.add_development_dependency 'async', '~> 1.30.3'
-  else
-    spec.add_development_dependency 'async'
-  end
+  spec.add_development_dependency 'async'
   spec.add_development_dependency 'execjs'
   spec.add_development_dependency 'rhino'
   spec.add_development_dependency 'sqlite3'
@@ -181,7 +177,7 @@ Gem::Specification.new do |spec|
                       'Testing and Protection.'
   spec.homepage     = 'https://www.contrastsecurity.com'
   spec.license      = 'CONTRAST SECURITY (see license file)'
-  spec.required_ruby_version = ['>= 2.7.0', '< 3.3.0']
+  spec.required_ruby_version = ['>= 3.0.0', '< 3.3.0']
 
   spec.bindir        = 'exe'
   # Keep cs__common first, it handles funchook.h right now.

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 6.15.3
+  version: 7.0.0
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-02-23 00:00:00.000000000 Z
+date: 2023-04-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -277,6 +277,9 @@ dependencies:
   name: rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6'
     - - "~>"
       - !ruby/object:Gem::Version
         version: '7'
@@ -284,6 +287,9 @@ dependencies:
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6'
     - - "~>"
       - !ruby/object:Gem::Version
         version: '7'
@@ -305,16 +311,16 @@ dependencies:
   name: async
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.30.3
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 1.30.3
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: execjs
   requirement: !ruby/object:Gem::Requirement
@@ -531,14 +537,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: tzinfo-data
   requirement: !ruby/object:Gem::Requirement
@@ -678,22 +684,22 @@ email:
 executables: []
 extensions:
 - ext/cs__common/extconf.rb
-- ext/cs__assess_marshal_module/extconf.rb
-- ext/cs__assess_yield_track/extconf.rb
-- ext/cs__scope/extconf.rb
-- ext/cs__assess_kernel/extconf.rb
 - ext/cs__assess_array/extconf.rb
-- ext/cs__os_information/extconf.rb
-- ext/cs__assess_string/extconf.rb
+- ext/cs__assess_basic_object/extconf.rb
+- ext/cs__assess_fiber_track/extconf.rb
 - ext/cs__assess_hash/extconf.rb
-- ext/cs__assess_regexp/extconf.rb
+- ext/cs__assess_kernel/extconf.rb
+- ext/cs__assess_marshal_module/extconf.rb
 - ext/cs__assess_module/extconf.rb
+- ext/cs__assess_regexp/extconf.rb
+- ext/cs__assess_string/extconf.rb
 - ext/cs__assess_string_interpolation/extconf.rb
-- ext/cs__tests/extconf.rb
 - ext/cs__assess_test/extconf.rb
-- ext/cs__assess_fiber_track/extconf.rb
-- ext/cs__assess_basic_object/extconf.rb
+- ext/cs__assess_yield_track/extconf.rb
 - ext/cs__contrast_patch/extconf.rb
+- ext/cs__os_information/extconf.rb
+- ext/cs__scope/extconf.rb
+- ext/cs__tests/extconf.rb
 extra_rdoc_files: []
 files:
 - ".clang-format"
@@ -1342,7 +1348,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.7.0
+      version: 3.0.0
   - - "<"
     - !ruby/object:Gem::Version
       version: 3.3.0
@@ -1352,7 +1358,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.2.33
 signing_key: 
 specification_version: 4
 summary: Contrast Security's agent for rack-based applications.