contrast-agent 6.5.0 → 6.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bdb8bbd08206dafbb18eee844e1487701c419d27c1df8e4b58c4c226b1995d5c
-  data.tar.gz: 57bbfe5e3dca05729f95f2994246e74d59f7eecc2f7fe434e265fa5c60cc3734
+  metadata.gz: 0ba6de8e82da25931f2fd6d90f515451c33521c02c0fd00e0120ea05701bdc23
+  data.tar.gz: 953297f4f0908bcdcf4791f91869dcf69312f44fe05e743e1e681ce9d3aa9b6f
 SHA512:
-  metadata.gz: 5f6d80b48529b52719fb7aa4608e0cd42f8ec613e61138d7f7a977652054f9a24f05a78c0d79821749bc4cc1d86b0878009e93f65be47155e47c9e1ec084780d
-  data.tar.gz: ad3d855319ebf15f1af37cac9507c2774af76a6151d7e9a4559c9de23891bcc41f0642729087165b19d20ee4891e327895f9e0d9c9c5d4e402e3a4b901b44484
+  metadata.gz: f7e96583d53e23400fd53fd24aed86c728e0d9b8d79a17179cc1bb96a50ad002e047805b10cea0eaa362802c494ff0b45463a16b53a008e9921723cd9e6e43f9
+  data.tar.gz: f3c7c2a5b575233f4f8d3e9058b281352133625ab42d50b3c6590c7178728ceda8c494953890a0d50e1413ad5f1e50c04595cc035d5f3ed247611f3a1401095e

data/lib/contrast/agent/assess/policy/source_method.rb

@@ -38,19 +38,20 @@ module Contrast
             # @param ret [Object] the Return of the invoked method
             # @param args [Array<Object>] the Arguments with which the method was invoked
             def apply_source method_policy, object, ret, args
-              return unless analyze?(method_policy, object, ret, args)
-              return if event_limit?(method_policy)
-              return unless (source_node = method_policy.source_node)
+              logger.trace_with_time('Elapsed time for Contrast::Agent::Assess::Policy::SourceMethod#apply_source') do
+                return unless analyze?(method_policy, object, ret, args)
+                return if event_limit?(method_policy)
+                return unless (source_node = method_policy.source_node)
 
-              # used to hold the object and ret
-              source_data = Contrast::Agent::Assess::Events::EventData.new(nil, nil, object, ret, nil)
+                # used to hold the object and ret
+                source_data = Contrast::Agent::Assess::Events::EventData.new(nil, nil, object, ret, nil)
 
-              return unless (target = determine_target(source_node, source_data, args))
-              return if target.cs__frozen? && !Contrast::Agent::Assess::Tracker.trackable?(target)
+                return unless (target = determine_target(source_node, source_data, args))
+                return if target.cs__frozen? && !Contrast::Agent::Assess::Tracker.trackable?(target)
 
-              process_source(source_node, target, source_data, source_node.type, nil, *args)
+                process_source(source_node, target, source_data, source_node.type, nil, *args)
+              end
             end
-            Contrast::Components::Logger.add_trace_log_timing_for(SourceMethod, :apply_source)
 
             private
 

data/lib/contrast/agent/inventory/database_config.rb

@@ -66,7 +66,8 @@ module Contrast
                                        # TODO: RUBY-99999 - Remove when Rails 6.0 is not supported
                                        ActiveRecord::Base.connection_config
                                      end
-          rescue StandardError
+          rescue StandardError => e
+            logger.error('Unable to detect db config connection', e)
             nil
           end
 

data/lib/contrast/agent/inventory/policy/datastores.rb

@@ -21,7 +21,7 @@ module Contrast
             DATA_STORE_MARKER = 'data_store'
 
             def report_data_store _method, _exception, properties, object, _args
-              return unless ::Contrast::INVENTORY.enabled
+              return unless ::Contrast::INVENTORY.enable
 
               marker = properties[DATA_STORE_MARKER]
               return unless marker

data/lib/contrast/agent/middleware.rb

@@ -61,13 +61,14 @@ module Contrast
       # @return [Array,Rack::Response] the Response of this and subsequent Middlewares to be passed back to the user up
       #   the Rack framework.
       def call env
-        return app.call(env) unless ::Contrast::AGENT.enabled?
+        logger.trace_with_time('Elapsed time for Contrast::Agent::Middleware#call') do
+          return app.call(env) unless ::Contrast::AGENT.enabled?
 
-        Contrast::Agent.heapdump_util.start_thread!
-        handle_first_request
-        call_with_agent(env)
+          Contrast::Agent.heapdump_util.start_thread!
+          handle_first_request
+          call_with_agent(env)
+        end
       end
-      ::Contrast::Components::Logger.add_trace_log_timing_for(::Contrast::Agent::Middleware, :call)
 
       private
 

data/lib/contrast/agent/protect/rule/base.rb

@@ -38,7 +38,7 @@ module Contrast
           attr_reader :mode
 
           def initialize
-            ::Contrast::PROTECT.rules[rule_name] = self
+            ::Contrast::PROTECT.defend_rules[rule_name] = self
             @mode = mode_from_settings
           end
 

data/lib/contrast/agent/reporting/reporting_utilities/audit.rb

@@ -26,12 +26,12 @@ module Contrast
         #   event field of Contrast::Agent::Reporting::ReportingEvent
         # @param response_data [Net::HTTP::Response]
         def audit_event event, response_data = nil
-          return unless ::Contrast::API.request_audit_requests? || ::Contrast::API.request_audit_responses?
+          return unless ::Contrast::API.request_audit_requests || ::Contrast::API.request_audit_responses
 
           file_name = event.cs__respond_to?(:file_name) ? event.file_name : event.cs__class.cs__name.to_s.downcase
           data = event.to_controlled_hash.to_json
           log_data(:request, file_name, data) if data
-          return unless ::Contrast::API.request_audit_responses?
+          return unless ::Contrast::API.request_audit_responses
 
           data = response_data&.body || 'There is no available response'
           log_data(:response, file_name, data)
@@ -94,7 +94,7 @@ module Contrast
         # Retrieves the configuration value if the request audit is enabled
         # @return [Boolean]
         def enabled?
-          ::Contrast::API.request_audit_enable?
+          ::Contrast::API.request_audit_enable
         end
 
         # The boolean values for the requests and the responses should be taken under
@@ -107,13 +107,13 @@ module Contrast
         # Retrieve the configuration value if the audit for requests is enabled
         # @return [Boolean]
         def enabled_for_requests?
-          ::Contrast::API.request_audit_requests?
+          ::Contrast::API.request_audit_requests
         end
 
         # Retrieve the configuration value if the audit for responses is enabled
         # @return [Boolean]
         def enabled_for_responses?
-          ::Contrast::API.request_audit_requests?
+          ::Contrast::API.request_audit_requests
         end
 
         # Retrieve the configuration value for the path of the audits

data/lib/contrast/agent/reporting/reporting_utilities/headers.rb

@@ -24,7 +24,7 @@ module Contrast
           @app_language = RUBY
           @app_path = Base64.strict_encode64(Contrast::APP_CONTEXT.path)
           @app_version = Contrast::APP_CONTEXT.app_version
-          @authorization = Base64.strict_encode64("#{ Contrast::API.username }:#{ Contrast::API.service_key }")
+          @authorization = Base64.strict_encode64("#{ Contrast::API.user_name }:#{ Contrast::API.service_key }")
           @server_name = Base64.strict_encode64(Contrast::APP_CONTEXT.server_name)
           @server_path = Base64.strict_encode64(Contrast::APP_CONTEXT.server_path)
           @server_type = Base64.strict_encode64(Contrast::APP_CONTEXT.server_type)

data/lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb

@@ -59,7 +59,7 @@ module Contrast
 
           request = build_request(event)
           response = connection.request(request)
-          audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable?
+          audit&.audit_event(event, response) if ::Contrast::API.request_audit_enable
           process_settings_response(response)
           process_preflight_response(event, response, connection)
           response

data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb

@@ -185,7 +185,7 @@ module Contrast
             ::Contrast::SETTINGS.build_protect_rules if ::Contrast::PROTECT.enabled?
             ::Contrast::AGENT.reset_ruleset
             logger.info('Current rule settings:')
-            ::Contrast::PROTECT.rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
+            ::Contrast::PROTECT.defend_rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
             logger.info('Disabled Assess Rules', rules: ::Contrast::ASSESS.disabled_rules)
           end
         end

data/lib/contrast/agent/version.rb

@@ -3,6 +3,6 @@
 
 module Contrast
   module Agent
-    VERSION = '6.5.0'
+    VERSION = '6.6.1'
   end
 end

data/lib/contrast/api/communication/response_processor.rb

@@ -80,7 +80,7 @@ module Contrast
 
             logger.info('Current rule settings:')
 
-            ::Contrast::PROTECT.rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
+            ::Contrast::PROTECT.defend_rules.each { |k, v| logger.info('Protect Rule mode set', rule: k, mode: v.mode) }
             logger.info('Disabled Assess Rules', rules: ::Contrast::ASSESS.disabled_rules)
           end
         end

data/lib/contrast/components/agent.rb

@@ -125,7 +125,7 @@ module Contrast
         def retrieve_protect_ruleset
           return {} unless enabled? && ::Contrast::PROTECT.enabled?
 
-          ::Contrast::PROTECT.rules
+          ::Contrast::PROTECT.defend_rules
         end
       end
     end

data/lib/contrast/components/api.rb

@@ -3,6 +3,9 @@
 
 require 'contrast/components/base'
 require 'contrast/components/config'
+require 'contrast/config/api_proxy_configuration'
+require 'contrast/config/request_audit_configuration'
+require 'contrast/config/certification_configuration'
 
 module Contrast
   module Components
@@ -12,50 +15,86 @@ module Contrast
       # parent_configuration_spec.yaml.
       class Interface
         include Contrast::Components::ComponentBase
+        include Contrast::Config::BaseConfiguration
+
+        # @return [String]
+        attr_accessor :api_key
+        # @return [String]
+        attr_accessor :user_name
+        # @return [String]
+        attr_accessor :service_key
+        attr_writer :url
+
+        DEFAULT_URL = 'https://app.contrastsecurity.com/Contrast'
+
+        def initialize hsh = {}
+          return unless hsh
+
+          @api_key = hsh[:api_key]
+          @url = hsh[:url]
+          @user_name = hsh[:user_name]
+          @service_key = hsh[:service_key]
+          @_proxy = Contrast::Config::ApiProxyConfiguration.new(hsh[:proxy])
+          @_request_audit = Contrast::Config::RequestAuditConfiguration.new(hsh[:request_audit])
+          @_certificate = Contrast::Config::CertificationConfiguration.new(hsh[:certificate])
+        end
 
-        def api_url
-          @_api_url ||= begin
-            tmp = ::Contrast::CONFIG.root.api.url
-            tmp += '/Contrast' unless tmp.end_with?('/Contrast')
-            tmp
-          end
+        def url
+          @url.nil? ? DEFAULT_URL : @url
         end
 
-        def api_key
-          @_api_key ||= ::Contrast::CONFIG.root.api.api_key
+        # @return [Contrast::Config::ApiProxyConfiguration]
+        def proxy
+          return @_proxy unless @_proxy.nil?
+
+          @_proxy = Contrast::Config::ApiProxyConfiguration.new
         end
 
-        def service_key
-          @_service_key ||= ::Contrast::CONFIG.root.api.service_key
+        # @return [Contrast::Config::RequestAuditConfiguration]
+        def request_audit
+          return @_request_audit unless @_request_audit.nil?
+
+          @_request_audit = Contrast::Config::RequestAuditConfiguration.new
         end
 
-        def username
-          @_username ||= ::Contrast::CONFIG.root.api.user_name
+        # @return [Contrast::Config::CertificationConfiguration]
+        def certificate
+          return @_certificate unless @_certificate.nil?
+
+          @_certificate = Contrast::Config::CertificationConfiguration.new
         end
 
-        def proxy_enabled?
-          return @_proxy_enabled unless @_proxy_enabled.nil?
+        def api_url
+          @_api_url ||= begin
+            tmp = Contrast::CONFIG.root.api.url
+            tmp += '/Contrast' unless tmp.end_with?('/Contrast')
+            tmp
+          end
+        end
 
-          @_proxy_enabled = true?(::Contrast::CONFIG.root.api.proxy.enable)
+        def proxy_enable
+          return @_proxy_enable unless @_proxy_enable.nil?
+
+          @_proxy_enable = true?(::Contrast::CONFIG.root.api.proxy.enable)
         end
 
         def proxy_url
-          @_proxy_url ||= ::Contrast::CONFIG.root.api.proxy.url
+          proxy.url
         end
 
-        def request_audit_enable?
+        def request_audit_enable
           return @_request_audit_enable unless @_request_audit_enable.nil?
 
           @_request_audit_enable = true?(::Contrast::CONFIG.root.api.request_audit.enable)
         end
 
-        def request_audit_requests?
+        def request_audit_requests
           return @_request_audit_requests unless @_request_audit_requests.nil?
 
           @_request_audit_requests = true?(::Contrast::CONFIG.root.api.request_audit.requests)
         end
 
-        def request_audit_responses?
+        def request_audit_responses
           return @_request_audit_responses unless @_request_audit_responses.nil?
 
           @_request_audit_responses = true?(::Contrast::CONFIG.root.api.request_audit.responses)
@@ -65,10 +104,8 @@ module Contrast
           @_request_audit_path ||= ::Contrast::CONFIG.root.api.request_audit.path.to_s
         end
 
-        def certification_enabled?
-          return @_certification_enabled unless @_certification_enabled.nil?
-
-          @_certification_enabled = certification_truly_enabled?(::Contrast::CONFIG.root.api.certificate)
+        def certification_enable
+          @_certification_enable ||= certification_truly_enabled?(::Contrast::CONFIG.root.api.certificate)
         end
 
         def certification_ca_file

data/lib/contrast/components/logger.rb

@@ -16,16 +16,6 @@ module Contrast
         def cef_logger
           @_cef_logger ||= Contrast::Logger::CEFLog.instance.tap(&:build_logger)
         end
-
-        def add_trace_perf_logging_for sym, custom_message = nil
-          logger.add_trace_perf_logging(self, sym, custom_message)
-        end
-      end
-
-      class << self
-        def add_trace_log_timing_for clazz, method_name, custom_message = nil
-          Contrast::Logger::Log.instance.add_method_to_trace_timing(clazz, method_name, custom_message)
-        end
       end
 
       # So This class here follows the update for the configuration

data/lib/contrast/components/protect.rb

@@ -2,6 +2,8 @@
 # frozen_string_literal: true
 
 require 'contrast/components/base'
+require 'contrast/config/exception_configuration'
+require 'contrast/config/protect_rule_configuration'
 
 module Contrast
   module Components
@@ -10,6 +12,39 @@ module Contrast
       # its parent_configuration_spec.yaml.  Specifically, this allows for querying the state of the Protect product.
       class Interface
         include Contrast::Components::ComponentBase
+        include Contrast::Config::BaseConfiguration
+
+        # @return [Boolean, nil]
+        attr_accessor :enable
+
+        def initialize hsh = {}
+          return unless hsh
+
+          @_exceptions = Contrast::Config::ExceptionConfiguration.new(hsh[:exceptions])
+          @_rules = Contrast::Config::ProtectRulesConfiguration.new(hsh[:rules])
+          @enable = hsh[:enable]
+        end
+
+        # @return [Contrast::Config::ExceptionConfiguration]
+        def exceptions
+          @_exceptions ||= Contrast::Config::ExceptionConfiguration.new
+        end
+
+        # Name is kept the same - rules to correspond to config,
+        # mapping. - root.protect.rules
+        #
+        # @return [Contrast::Config::ProtectRulesConfiguration]
+        def rules
+          @_rules ||= Contrast::Config::ProtectRulesConfiguration.new
+        end
+
+        def rules= new_rules
+          @_rules = new_rules
+        end
+
+        def exceptions= new_exceptions
+          @_exceptions = new_exceptions
+        end
 
         def enabled?
           # config overrides if forcibly set
@@ -23,7 +58,12 @@ module Contrast
           ::Contrast::CONFIG.root.protect.rules
         end
 
-        def rules
+        # Returns Protect array of all initialized
+        # protect rules.
+        #
+        # @return defend_rules[Hash<Contrast::SETTINGS.protect_state.rules>]
+        #
+        def defend_rules
           ::Contrast::SETTINGS.protect_state.rules
         end
 

data/lib/contrast/components/sampling.rb

@@ -91,6 +91,35 @@ module Contrast
         include Constants
         include ClassMethods
       end
+
+      class Interface # :nodoc:
+        include InstanceMethods
+        include Contrast::Config::BaseConfiguration
+
+        # @return [Integer, nil]
+        attr_reader :baseline
+        # @return [Integer, nil]
+        attr_reader :request_frequency
+        # @return [Integer, nil]
+        attr_reader :response_frequency
+        # @return [Integer, nil]
+        attr_reader :window_ms
+
+        def initialize hsh = {}
+          return unless hsh
+
+          @enable = hsh[:enable]
+          @baseline = hsh[:baseline]
+          @request_frequency = hsh[:request_frequency]
+          @response_frequency = hsh[:response_frequency]
+          @window_ms = hsh[:window_ms]
+        end
+
+        # @return [Boolean, false]
+        def enable
+          !!@enable
+        end
+      end
     end
   end
 end

data/lib/contrast/config/assess_configuration.rb

@@ -1,6 +1,8 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/components/sampling'
+
 module Contrast
   module Config
     # Common Configuration settings. Those in this section pertain to the
@@ -28,7 +30,7 @@ module Contrast
         @enable_scan_response = hsh[:enable_scan_response]
         @enable_dynamic_sources = hsh[:enable_dynamic_sources]
         @enable_original_object = hsh[:enable_original_object]
-        @sampling = Contrast::Config::SamplingConfiguration.new(hsh[:sampling])
+        @sampling = Contrast::Components::Sampling::Interface.new(hsh[:sampling])
         @rules = Contrast::Config::AssessRulesConfiguration.new(hsh[:rules])
         @stacktraces = hsh[:stacktraces]
         @max_context_source_events = hsh[:max_context_source_events]
@@ -52,9 +54,9 @@ module Contrast
         @enable_original_object.nil? ? true : @enable_original_object
       end
 
-      # @return [Contrast::Config::SamplingConfiguration]
+      # @return [Contrast::Components::Sampling::Interface]
       def sampling
-        @sampling ||= Contrast::Config::SamplingConfiguration.new
+        @sampling ||= Contrast::Components::Sampling::Interface.new
       end
 
       # @return [Contrast::Config::AssessRulesConfiguration]

data/lib/contrast/config/root_configuration.rb

@@ -3,14 +3,14 @@
 
 require 'contrast/components/agent'
 require 'contrast/components/inventory'
-
+require 'contrast/components/protect'
 module Contrast
   module Config
     # The base of the Common Configuration settings.
     class RootConfiguration
       include Contrast::Config::BaseConfiguration
 
-      # @return [Contrast::Config::ApiConfiguration]
+      # @return [Contrast::Components::Api::Interface]
       attr_writer :api
       # @return [Contrast::Components::Agent::Interface]
       attr_writer :agent
@@ -22,7 +22,7 @@ module Contrast
       attr_writer :assess
       # @return [Contrast::Components::Inventory::Interface]
       attr_writer :inventory
-      # @return [Contrast::Config::ProtectConfiguration]
+      # @return [Contrast::Components::Protect::Interface]
       attr_writer :protect
       # @return [Contrast::Config::ServiceConfiguration]
       attr_writer :service
@@ -33,20 +33,20 @@ module Contrast
       def initialize hsh = {}
         raise(ArgumentError, 'Expected a hash') unless hsh.is_a?(Hash)
 
-        @api = Contrast::Config::ApiConfiguration.new(hsh[:api])
+        @api = Contrast::Components::Api::Interface.new(hsh[:api])
         @enable = hsh[:enable]
         @agent = Contrast::Components::Agent::Interface.new(hsh[:agent])
         @application = Contrast::Config::ApplicationConfiguration.new(hsh[:application])
         @server = Contrast::Config::ServerConfiguration.new(hsh[:server])
         @assess = Contrast::Config::AssessConfiguration.new(hsh[:assess])
         @inventory = Contrast::Components::Inventory::Interface.new(hsh[:inventory])
-        @protect = Contrast::Config::ProtectConfiguration.new(hsh[:protect])
+        @protect = Contrast::Components::Protect::Interface.new(hsh[:protect])
         @service = Contrast::Config::ServiceConfiguration.new(hsh[:service])
       end
 
-      # @return [Contrast::Config::ApiConfiguration]
+      # @return [Contrast::Components::Api::Interface]
       def api
-        @api ||= Contrast::Config::ApiConfiguration.new
+        @api ||= Contrast::Components::Api::Interface.new
       end
 
       # @return [Contrast::Components::Agent::Interface]
@@ -74,9 +74,9 @@ module Contrast
         @inventory ||= Contrast::Components::Inventory::Interface.new
       end
 
-      # @return [Contrast::Config::ProtectConfiguration]
+      # @return [Contrast::Components::Protect::Interface]
       def protect
-        @protect ||= Contrast::Config::ProtectConfiguration.new
+        @protect ||= Contrast::Components::Protect::Interface.new
       end
 
       # @return [Contrast::Config::ServiceConfiguration]

data/lib/contrast/config.rb

@@ -16,12 +16,9 @@ require 'contrast/config/exception_configuration'
 require 'contrast/config/assess_rules_configuration'
 require 'contrast/config/protect_rule_configuration'
 require 'contrast/config/protect_rules_configuration'
-require 'contrast/config/sampling_configuration'
 
 require 'contrast/config/ruby_configuration'
-require 'contrast/config/api_configuration'
 require 'contrast/config/application_configuration'
 require 'contrast/config/server_configuration'
 require 'contrast/config/assess_configuration'
-require 'contrast/config/protect_configuration'
 require 'contrast/config/root_configuration'

data/lib/contrast/framework/rails/support.rb

@@ -59,7 +59,7 @@ module Contrast
             # ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
             match, _params, route, path = get_full_route(request.rack_request)
             unless route
-              logger.warn('Unable to determine the current route of this request')
+              logger.warn("Unable to determine the current route of this request: #{ request.rack_request }")
               return
             end
 
@@ -90,7 +90,7 @@ module Contrast
             # ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
             match, _params, route, path = get_full_route(request.rack_request)
             unless route
-              logger.warn('Unable to determine the current route of this request')
+              logger.warn("Unable to determine the current route of this request: #{ request.rack_request }")
               return
             end
 
@@ -182,6 +182,7 @@ module Contrast
                 route_list += find_all_routes(route.app.app, [])
               end
             end
+            logger.debug("Routes Found: #{ route_list }")
             route_list
           end
 

data/lib/contrast/logger/application.rb

@@ -12,7 +12,8 @@ module Contrast
         return unless info?
 
         info('Process environment information', p_id: Process.pid, pp_id: Process.ppid,
-                                                agent_version: Contrast::Agent::VERSION)
+                                                agent_version: Contrast::Agent::VERSION,
+                                                ruby_version: RUBY_VERSION)
         ENV.each do |env_key, env_value|
           env_key = env_key.to_s
           next unless ENV_KEYS.include?(env_key) ||

data/lib/contrast/logger/log.rb

@@ -13,72 +13,6 @@ require 'contrast/logger/time'
 require 'contrast/components/config'
 require 'contrast/utils/log_utils'
 
-module Contrast
-  # This module allows us to dynamically weave timing into our code, so that only when the time is actually needed do
-  # we pay the penalty for that timing block
-  module TraceTiming
-    def methods_to_time
-      @_methods_to_time ||= []
-    end
-
-    # Store info about methods for later patching.
-    METHOD_INFO = Struct.new(:clazz, :method_name, :custom_msg, :aliased)
-
-    # Add a method to the list of methods to be trace timed if logger set to TRACE. Enables trace timing after if
-    # logger set to TRACE.
-    #
-    # @param: clazz [Class] the class of the method to time.
-    # @param: method [Symbol] the method to time.
-    # @param: method [String] optional custom logging message.
-    def add_method_to_trace_timing clazz, method, msg = nil
-      methods_to_time.append(METHOD_INFO.new(clazz, method, msg, false))
-      enable_trace_timing if logger.level == ::Ougai::Logging::TRACE
-    end
-
-    # Add a method to the list of methods to be trace timed if logger set to TRACE. Enables trace timing after if
-    # logger set to TRACE.
-    #
-    # @param: meth_spec [METHOD_INFO] specs about the method to be timed.
-    # @param: class_method [Boolean] whether this is or isn't a class/module method.
-    def trace_time_class_method meth_spec, class_method # rubocop:disable Metrics/AbcSize
-      untimed_func_symbol = "untimed_#{ meth_spec.method_name }".to_sym
-      send_to = class_method ? meth_spec.clazz.cs__singleton_class : meth_spec.clazz
-      meth_spec.clazz.class_eval do
-        include(Contrast::Components::Logger::InstanceMethods)
-        extend(Contrast::Components::Logger::InstanceMethods)
-
-        send_to.send(:alias_method, untimed_func_symbol, meth_spec.method_name)
-        meth_spec.aliased = true
-
-        log_message = "Elapsed time for #{ meth_spec.method_name }."
-        log_message = meth_spec.custom_message if meth_spec.custom_msg
-
-        send_to.send(:define_method, meth_spec.method_name) do |*args, **kwargs, &block| # rubocop:disable Performance/Kernel/DefineMethod
-          start = Process.clock_gettime(Process::CLOCK_MONOTONIC)
-          rv = if kwargs.empty?
-                 send(untimed_func_symbol, *args, &block)
-               else
-                 send(untimed_func_symbol, *args, **kwargs, &block)
-               end
-          delta = Process.clock_gettime(Process::CLOCK_MONOTONIC) - start
-          logger.trace(log_message, elapsed: delta * 1000)
-          rv
-        end
-      end
-    end
-
-    # Enable trace timing of methods specified in @_methods_to_time via aliasing.
-    def enable_trace_timing
-      methods_to_time.each do |meth_spec|
-        next if meth_spec.aliased
-
-        is_class_method = meth_spec.clazz.singleton_methods(false).include?(meth_spec.method_name)
-        trace_time_class_method(meth_spec, is_class_method)
-      end
-    end
-  end
-end
-
 module Contrast
   # Used as a wrapper around our logging. The module option specifically adds in a new method for error that raises the
   # logged exception, used in testing so that we can see if anything unexpected happens without it being swallowed
@@ -105,7 +39,6 @@ module Contrast
     # level based on updates to TeamServer.
     class Log
       include Singleton
-      include ::Contrast::TraceTiming
       include Contrast::Utils::LogUtils
 
       attr_reader :previous_path, :previous_level
@@ -132,8 +65,6 @@ module Contrast
         @previous_path  = current_path
         @previous_level = current_level_const
 
-        enable_trace_timing if current_level_const == ::Ougai::Logging::TRACE
-
         progname = Contrast::CONFIG.root.agent.logger.progname
         @_logger = build(path: current_path, level_const: current_level_const, progname: progname)
         # If we're logging to a new path, then let's start it w/ our helpful

data/lib/contrast/logger/time.rb

@@ -8,31 +8,38 @@ module Contrast
     module Time
       # Log the message at the given level.
       #
-      # @param level [String] the name of the method to use. Should be one of
-      #   trace, debug, info, warn, error
+      # @param level [String] the name of the method to use. Should be one of trace, debug, info, warn, error
       # @param message [String] the message to log
       def with_level level, message
         send(level.to_sym, message)
       end
 
-      # Log, at the debug level, the action with a message including the time
-      # it took for the wrapped function to complete.
+      # Log, at the debug level, the action with a message including the time it took for the wrapped function to
+      # complete. If not logging to debug, simply yield the given block.
       #
-      # @param msgs [Array<Object>] the arguments to pass to the logger.
-      #   msgs[0] will be modified to include the elapsed time.
+      # @param msgs [Array<Object>] the arguments to pass to the logger. msgs[0] will be modified to include the elapsed
+      #   time.
       # @param block [Block, Proc] the block to execute
       def debug_with_time *msgs, &block
-        log_with_time(:debug, *msgs, &block)
+        if debug?
+          log_with_time(:debug, *msgs, &block)
+        elsif block
+          yield
+        end
       end
 
-      # Log, at the trace level, the action with a message including the time
-      # it took for the wrapped function to complete.
+      # Log, at the trace level, the action with a message including the time it took for the wrapped function to
+      # complete. If not logging to debug, simply yield the given block.
       #
-      # @param msgs [Array<Object>] the arguments to pass to the logger.
-      #   msgs[0] will be modified to include the elapsed time.
+      # @param msgs [Array<Object>] the arguments to pass to the logger. msgs[0] will be modified to include the elapsed
+      #   time.
       # @param block [Block, Proc] the block to execute
       def trace_with_time *msgs, &block
-        log_with_time(:trace, *msgs, &block)
+        if trace?
+          log_with_time(:trace, *msgs, &block)
+        elsif block
+          yield
+        end
       end
 
       private

data/lib/contrast/utils/net_http_base.rb

@@ -131,7 +131,7 @@ module Contrast
                             end
         return initialize_client if addr.host.to_s.include?('localhost') # TODO: RUBY-99999 allow http w/ localhost
 
-        assign_cert(initialize_client) if use_custom_cert && Contrast::API.certification_enabled?
+        assign_cert(initialize_client) if use_custom_cert && Contrast::API.certification_enable
         initialize_client.use_ssl = true
         initialize_client.verify_mode = OpenSSL::SSL::VERIFY_PEER
         initialize_client.verify_depth = 5
@@ -150,7 +150,7 @@ module Contrast
       def proxy_enabled?
         return @_proxy_enabled unless @_proxy_enabled.nil?
 
-        @_proxy_enabled = Contrast::API.proxy_enabled? && !Contrast::API.proxy_url.nil?
+        @_proxy_enabled = Contrast::API.proxy_enable && !Contrast::API.proxy_url.nil?
       end
 
       # Retrieve the IP address from the client.

data/lib/contrast.rb

@@ -71,9 +71,9 @@ require 'contrast/agent/telemetry/events/exceptions/telemetry_exception_event'
 require 'protobuf' # TODO: RUBY-1438
 
 module Contrast
-  API = Contrast::Components::Api::Interface.new
-  SCOPE = Contrast::Components::Scope::Interface.new
   CONFIG = Contrast::Components::Config::Interface.new
+  SCOPE = Contrast::Components::Scope::Interface.new
+  API = CONFIG.root.api
   SETTINGS = Contrast::Components::Settings::Interface.new
   ASSESS = Contrast::Components::Assess::Interface.new
   PROTECT = Contrast::Components::Protect::Interface.new

data/resources/assess/policy.json

@@ -1096,6 +1096,17 @@
       "tags":["SQL_ENCODED"],
       "untags":["SQL_DECODED"]
     },
+    {
+      "class_name":"ActiveRecord::ConnectionAdapters::Quoting",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name":"quote",
+      "source": "P0",
+      "target": "R",
+      "action": "SPLAT",
+      "tags":["SQL_ENCODED"],
+      "untags":["SQL_DECODED"]
+    },
     {
       "class_name":"IO",
       "method_name":"initialize",

data/resources/deadzone/policy.json

@@ -1,7 +1,7 @@
 {
   "deadzones":[
     {
-      "class_name":"Rspec::Core::Example",
+      "class_name":"RSpec::Core::Example",
       "instance_method":true,
       "method_visibility": "private",
       "method_name":"finish"
@@ -49,19 +49,20 @@
       "class_name":"Rack::Session::Cookie",
       "instance_method":true,
       "method_visibility": "public",
-      "method_name":"commit_session"
+      "method_name":"set_session"
     }, {
       "class_name":"Rack::Session::Abstract::Persisted",
       "instance_method":true,
       "method_visibility": "private",
       "method_name":"session_exists?",
-      "code": "https://github.com/rack/rack/blob/master/lib/rack/session/abstract/id.rb#L334"
+      "code": "https://github.com/rack/rack-session/blob/main/lib/rack/session/abstract/id.rb#L339"
     }, {
       "class_name":"ActionDispatch::FileHandler",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"match?",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/static.rb#L30"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/static.rb#L30",
+      "note": "Removable once Rails 6.0 is no longer supported"
     }, {
       "class_name":"ActionDispatch::Http::MimeNegotiation",
       "instance_method":true,
@@ -109,97 +110,216 @@
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"cookie_jar",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L11"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L11",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookie_jar",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L11"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"have_cookie_jar?",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L24"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L24",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"have_cookie_jar?",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L24"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"key_generator",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L32"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L32",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"key_generator",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L32"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"signed_cookie_salt",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L36"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L36",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"signed_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L36"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"encrypted_cookie_salt",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L40"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L40",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"encrypted_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L40"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"encrypted_signed_cookie_salt",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L44"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L44",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"encrypted_signed_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L44"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"authenticated_encrypted_cookie_salt",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L48"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L48",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"authenticated_encrypted_cookie_salt",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L48"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"use_authenticated_cookie_encryption",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L52"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L52",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "new": true,
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method": true,
+      "method_visibility": "public",
+      "method_name": "use_authenticated_cookie_encryption",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L52"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"encrypted_cookie_cipher",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L56"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L56",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"encrypted_cookie_cipher",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L56"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"signed_cookie_digest",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L60"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L60",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"signed_cookie_digest",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L60"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"secret_key_base",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L64"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L64",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"secret_key_base",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L64"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"cookies_serializer",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L68"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L68",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_serializer",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L68"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"cookies_digest",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L72"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L72",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_digest",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L76"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_same_site_protection",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L72"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"cookies_rotations",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L76"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L76",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"cookies_rotations",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L80"
     }, {
       "class_name":"ActionDispatch::Request",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"use_cookies_with_metadata",
-      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L80"
+      "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/middleware/cookies.rb#L80",
+      "note": "Removable once Rails 6.1 is no longer supported"
+    }, {
+      "class_name":"ActionDispatch::RequestCookieMethods",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"use_cookies_with_metadata",
+      "code": "https://github.com/rails/rails/blob/v7.0.3/actionpack/lib/action_dispatch/middleware/cookies.rb#L84"
     }, {
       "class_name":"ActionDispatch::Request::Session",
       "instance_method":true,
       "method_visibility": "public",
       "method_name":"exists?",
       "code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/request/session.rb#L201"
+    }, {
+      "class_name":"OmniAuth::Strategies::OAuth2",
+      "instance_method":true,
+      "method_visibility": "public",
+      "method_name":"request_phase",
+      "code": "https://github.com/omniauth/omniauth-oauth2/blob/v1.7.2/lib/omniauth/strategies/oauth2.rb#L58",
+      "note": "Prevent XSS False Positive from redirect as Omniauth handles security of URL & params"
     }
   ]
 }

data/service_executables/VERSION

@@ -1 +1 @@
-2.28.20
+2.28.22

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 6.5.0
+  version: 6.6.1
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-06-29 00:00:00.000000000 Z
+date: 2022-07-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -665,22 +665,22 @@ executables:
 - contrast_service
 extensions:
 - ext/cs__common/extconf.rb
+- ext/cs__assess_fiber_track/extconf.rb
+- ext/cs__assess_string/extconf.rb
+- ext/cs__assess_module/extconf.rb
+- ext/cs__assess_test/extconf.rb
+- ext/cs__assess_kernel/extconf.rb
 - ext/cs__assess_yield_track/extconf.rb
+- ext/cs__assess_hash/extconf.rb
 - ext/cs__os_information/extconf.rb
 - ext/cs__contrast_patch/extconf.rb
-- ext/cs__assess_array/extconf.rb
-- ext/cs__assess_test/extconf.rb
-- ext/cs__assess_string_interpolation/extconf.rb
-- ext/cs__assess_fiber_track/extconf.rb
 - ext/cs__assess_marshal_module/extconf.rb
-- ext/cs__assess_basic_object/extconf.rb
 - ext/cs__assess_regexp/extconf.rb
-- ext/cs__assess_string/extconf.rb
-- ext/cs__tests/extconf.rb
-- ext/cs__assess_module/extconf.rb
-- ext/cs__assess_hash/extconf.rb
-- ext/cs__assess_kernel/extconf.rb
+- ext/cs__assess_array/extconf.rb
 - ext/cs__scope/extconf.rb
+- ext/cs__assess_basic_object/extconf.rb
+- ext/cs__tests/extconf.rb
+- ext/cs__assess_string_interpolation/extconf.rb
 extra_rdoc_files: []
 files:
 - ".clang-format"
@@ -1192,7 +1192,6 @@ files:
 - lib/contrast/components/scope.rb
 - lib/contrast/components/settings.rb
 - lib/contrast/config.rb
-- lib/contrast/config/api_configuration.rb
 - lib/contrast/config/api_proxy_configuration.rb
 - lib/contrast/config/application_configuration.rb
 - lib/contrast/config/assess_configuration.rb
@@ -1201,13 +1200,11 @@ files:
 - lib/contrast/config/certification_configuration.rb
 - lib/contrast/config/env_variables.rb
 - lib/contrast/config/exception_configuration.rb
-- lib/contrast/config/protect_configuration.rb
 - lib/contrast/config/protect_rule_configuration.rb
 - lib/contrast/config/protect_rules_configuration.rb
 - lib/contrast/config/request_audit_configuration.rb
 - lib/contrast/config/root_configuration.rb
 - lib/contrast/config/ruby_configuration.rb
-- lib/contrast/config/sampling_configuration.rb
 - lib/contrast/config/server_configuration.rb
 - lib/contrast/config/service_configuration.rb
 - lib/contrast/configuration.rb

data/lib/contrast/config/api_configuration.rb

@@ -1,56 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-
-require 'contrast/config/api_proxy_configuration'
-require 'contrast/config/certification_configuration'
-require 'contrast/config/request_audit_configuration'
-
-module Contrast
-  module Config
-    # Api keys configuration
-    class ApiConfiguration
-      include Contrast::Config::BaseConfiguration
-
-      # @return [String]
-      attr_accessor :api_key
-      # @return [String]
-      attr_accessor :user_name
-      # @return [String]
-      attr_accessor :service_key
-      attr_writer :url, :proxy, :request_audit, :certificate
-
-      DEFAULT_URL = 'https://app.contrastsecurity.com/Contrast'
-
-      def initialize hsh = {}
-        return unless hsh
-
-        @api_key = hsh[:api_key]
-        @url = hsh[:url]
-        @user_name = hsh[:user_name]
-        @service_key = hsh[:service_key]
-        @proxy = Contrast::Config::ApiProxyConfiguration.new(hsh[:proxy])
-        @request_audit = Contrast::Config::RequestAuditConfiguration.new(hsh[:request_audit])
-        @certificate = Contrast::Config::CertificationConfiguration.new(hsh[:certificate])
-      end
-
-      def url
-        @url.nil? ? DEFAULT_URL : @url
-      end
-
-      # @return [Contrast::Config::ApiProxyConfiguration]
-      def proxy
-        @proxy ||= Contrast::Config::ApiProxyConfiguration.new
-      end
-
-      # @return [Contrast::Config::RequestAuditConfiguration]
-      def request_audit
-        @request_audit ||= Contrast::Config::RequestAuditConfiguration.new
-      end
-
-      # @return [Contrast::Config::CertificationConfiguration]
-      def certificate
-        @certificate ||= Contrast::Config::CertificationConfiguration.new
-      end
-    end
-  end
-end

data/lib/contrast/config/protect_configuration.rb

@@ -1,33 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-
-module Contrast
-  module Config
-    # Common Configuration settings. Those in this section pertain to the protect functionality of the Agent.
-    class ProtectConfiguration
-      include Contrast::Config::BaseConfiguration
-
-      # @return [Boolean, nil]
-      attr_accessor :enable
-      attr_writer :exceptions, :rules
-
-      def initialize hsh = {}
-        return unless hsh
-
-        @exceptions = Contrast::Config::ExceptionConfiguration.new(hsh[:exceptions])
-        @rules = Contrast::Config::ProtectRulesConfiguration.new(hsh[:rules])
-        @enable = hsh[:enable]
-      end
-
-      # @return [Contrast::Config::ExceptionConfiguration]
-      def exceptions
-        @exceptions ||= Contrast::Config::ExceptionConfiguration.new
-      end
-
-      # @return [Contrast::Config::ProtectRulesConfiguration]
-      def rules
-        @rules ||= Contrast::Config::ProtectRulesConfiguration.new
-      end
-    end
-  end
-end

data/lib/contrast/config/sampling_configuration.rb

@@ -1,35 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-
-module Contrast
-  module Config
-    # Common Configuration settings. Those in this section pertain to the sampling functionality of the Agent.
-    class SamplingConfiguration
-      include Contrast::Config::BaseConfiguration
-
-      # @return [Integer, nil]
-      attr_reader :baseline
-      # @return [Integer, nil]
-      attr_reader :request_frequency
-      # @return [Integer, nil]
-      attr_reader :response_frequency
-      # @return [Integer, nil]
-      attr_reader :window_ms
-
-      def initialize hsh = {}
-        return unless hsh
-
-        @enable = hsh[:enable]
-        @baseline = hsh[:baseline]
-        @request_frequency = hsh[:request_frequency]
-        @response_frequency = hsh[:response_frequency]
-        @window_ms = hsh[:window_ms]
-      end
-
-      # @return [Boolean, false]
-      def enable
-        !!@enable
-      end
-    end
-  end
-end