contrast-agent 6.5.1 → 6.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/contrast/agent/inventory/database_config.rb +2 -1
- data/lib/contrast/agent/inventory/policy/datastores.rb +1 -1
- data/lib/contrast/agent/version.rb +1 -1
- data/lib/contrast/framework/rails/support.rb +3 -2
- data/resources/deadzone/policy.json +7 -0
- data/service_executables/VERSION +1 -1
- data/service_executables/linux/contrast-service +0 -0
- data/service_executables/mac/contrast-service +0 -0
- metadata +12 -12
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b9901918f58625ea7f9366f73110afcdd5f05e119261ba9a08f24f36903fe897
|
|
4
|
+
data.tar.gz: c618ebc74b006529e2317cd62ba59fabbba9d0c8fbf24c7988dfd98ec627b04e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d2f584a6658ab0e316b41021575888d9ecc1eaacf79d971492fd2e6317609bfd0cb3a762a64d620b08fc18c76e2434d05cc3d82f8d587c86cdae5116df6cae61
|
|
7
|
+
data.tar.gz: df8f941fe730188be0bc3b69bd9a9d6d60f9695be8ee8e8eb0b6e35ab1207d97debba28220ff796bec702ad3b158f53f00f87a58f1c14939092ed843bef66715
|
|
@@ -21,7 +21,7 @@ module Contrast
|
|
|
21
21
|
DATA_STORE_MARKER = 'data_store'
|
|
22
22
|
|
|
23
23
|
def report_data_store _method, _exception, properties, object, _args
|
|
24
|
-
return unless ::Contrast::INVENTORY.
|
|
24
|
+
return unless ::Contrast::INVENTORY.enable
|
|
25
25
|
|
|
26
26
|
marker = properties[DATA_STORE_MARKER]
|
|
27
27
|
return unless marker
|
|
@@ -59,7 +59,7 @@ module Contrast
|
|
|
59
59
|
# ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
|
|
60
60
|
match, _params, route, path = get_full_route(request.rack_request)
|
|
61
61
|
unless route
|
|
62
|
-
logger.warn(
|
|
62
|
+
logger.warn("Unable to determine the current route of this request: #{ request.rack_request }")
|
|
63
63
|
return
|
|
64
64
|
end
|
|
65
65
|
|
|
@@ -90,7 +90,7 @@ module Contrast
|
|
|
90
90
|
# ActionDispatch::Journey::Path::Pattern::MatchData, Hash, ActionDispatch::Journey::Route, Array<String>
|
|
91
91
|
match, _params, route, path = get_full_route(request.rack_request)
|
|
92
92
|
unless route
|
|
93
|
-
logger.warn(
|
|
93
|
+
logger.warn("Unable to determine the current route of this request: #{ request.rack_request }")
|
|
94
94
|
return
|
|
95
95
|
end
|
|
96
96
|
|
|
@@ -182,6 +182,7 @@ module Contrast
|
|
|
182
182
|
route_list += find_all_routes(route.app.app, [])
|
|
183
183
|
end
|
|
184
184
|
end
|
|
185
|
+
logger.debug("Routes Found: #{ route_list }")
|
|
185
186
|
route_list
|
|
186
187
|
end
|
|
187
188
|
|
|
@@ -313,6 +313,13 @@
|
|
|
313
313
|
"method_visibility": "public",
|
|
314
314
|
"method_name":"exists?",
|
|
315
315
|
"code": "https://github.com/rails/rails/blob/v6.0.3.4/actionpack/lib/action_dispatch/request/session.rb#L201"
|
|
316
|
+
}, {
|
|
317
|
+
"class_name":"OmniAuth::Strategies::OAuth2",
|
|
318
|
+
"instance_method":true,
|
|
319
|
+
"method_visibility": "public",
|
|
320
|
+
"method_name":"request_phase",
|
|
321
|
+
"code": "https://github.com/omniauth/omniauth-oauth2/blob/v1.7.2/lib/omniauth/strategies/oauth2.rb#L58",
|
|
322
|
+
"note": "Prevent XSS False Positive from redirect as Omniauth handles security of URL & params"
|
|
316
323
|
}
|
|
317
324
|
]
|
|
318
325
|
}
|
data/service_executables/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.28.
|
|
1
|
+
2.28.22
|
|
Binary file
|
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: contrast-agent
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- galen.palmer@contrastsecurity.com
|
|
@@ -13,7 +13,7 @@ authors:
|
|
|
13
13
|
autorequire:
|
|
14
14
|
bindir: exe
|
|
15
15
|
cert_chain: []
|
|
16
|
-
date: 2022-07-
|
|
16
|
+
date: 2022-07-13 00:00:00.000000000 Z
|
|
17
17
|
dependencies:
|
|
18
18
|
- !ruby/object:Gem::Dependency
|
|
19
19
|
name: bundler
|
|
@@ -665,22 +665,22 @@ executables:
|
|
|
665
665
|
- contrast_service
|
|
666
666
|
extensions:
|
|
667
667
|
- ext/cs__common/extconf.rb
|
|
668
|
+
- ext/cs__assess_fiber_track/extconf.rb
|
|
669
|
+
- ext/cs__assess_string/extconf.rb
|
|
670
|
+
- ext/cs__assess_module/extconf.rb
|
|
671
|
+
- ext/cs__assess_test/extconf.rb
|
|
672
|
+
- ext/cs__assess_kernel/extconf.rb
|
|
668
673
|
- ext/cs__assess_yield_track/extconf.rb
|
|
674
|
+
- ext/cs__assess_hash/extconf.rb
|
|
669
675
|
- ext/cs__os_information/extconf.rb
|
|
670
676
|
- ext/cs__contrast_patch/extconf.rb
|
|
671
|
-
- ext/cs__assess_array/extconf.rb
|
|
672
|
-
- ext/cs__assess_test/extconf.rb
|
|
673
|
-
- ext/cs__assess_string_interpolation/extconf.rb
|
|
674
|
-
- ext/cs__assess_fiber_track/extconf.rb
|
|
675
677
|
- ext/cs__assess_marshal_module/extconf.rb
|
|
676
|
-
- ext/cs__assess_basic_object/extconf.rb
|
|
677
678
|
- ext/cs__assess_regexp/extconf.rb
|
|
678
|
-
- ext/
|
|
679
|
-
- ext/cs__tests/extconf.rb
|
|
680
|
-
- ext/cs__assess_module/extconf.rb
|
|
681
|
-
- ext/cs__assess_hash/extconf.rb
|
|
682
|
-
- ext/cs__assess_kernel/extconf.rb
|
|
679
|
+
- ext/cs__assess_array/extconf.rb
|
|
683
680
|
- ext/cs__scope/extconf.rb
|
|
681
|
+
- ext/cs__assess_basic_object/extconf.rb
|
|
682
|
+
- ext/cs__tests/extconf.rb
|
|
683
|
+
- ext/cs__assess_string_interpolation/extconf.rb
|
|
684
684
|
extra_rdoc_files: []
|
|
685
685
|
files:
|
|
686
686
|
- ".clang-format"
|