contrast-agent 6.6.3 → 6.7.0

data/lib/contrast/utils/log_utils.rb

@@ -3,7 +3,9 @@
 
 require 'socket'
 require 'contrast/agent/version'
+require 'contrast/utils/object_share'
 require 'contrast/logger/aliased_logging'
+require 'fileutils'
 
 module Contrast
   module Utils
@@ -17,6 +19,17 @@ module Contrast
       PROGNAME         = 'Contrast Agent'
       DATE_TIME_FORMAT = '%Y-%m-%dT%H:%M:%S.%L%z'
 
+      # StringIO is a valid path because it logs directly to a string buffer
+      def write_permission? path
+        return false if path.nil?
+        return true if path.is_a?(StringIO)
+        return File.writable?(path) if File.exist?(path)
+
+        dir_name = File.dirname(File.absolute_path(path))
+        FileUtils.mkdir_p(dir_name) unless Dir.exist?(dir_name)
+        File.writable?(dir_name)
+      end
+
       private
 
       def build path: STDOUT_STR, level_const: DEFAULT_LEVEL, progname: PROGNAME
@@ -47,26 +60,26 @@ module Contrast
       #   TeamServer.
       # @return [String] the path to which to log or STDOUT / STDERR if one of those values provided.
       def find_valid_path log_file
-        config = ::Contrast::CONFIG.root.agent.logger
+        config = ::Contrast::CONFIG.agent.logger
         config_path = config&.path&.length.to_i.positive? ? config.path : nil
         valid_path(config_path || log_file)
       end
 
-      def valid_path path
+      def valid_path path, default_name: DEFAULT_NAME
         path = path.nil? ? Contrast::Utils::ObjectShare::EMPTY_STRING : path
         return path if path == STDOUT_STR
         return path if path == STDERR_STR
 
-        path = DEFAULT_NAME if path.empty?
+        path = default_name if path.empty?
         if write_permission?(path)
           path
-        elsif write_permission?(DEFAULT_NAME)
+        elsif write_permission?(default_name)
           # Log once when the path is invalid. We'll change to this path, so no
           # need to log again.
-          if previous_path != DEFAULT_NAME
-            $stdout.puts("[!] Unable to write to '#{ path }'. Writing to default log '#{ DEFAULT_NAME }' instead.")
+          if previous_path != default_name
+            $stdout.puts("[!] Unable to write to '#{ path }'. Writing to default log '#{ default_name }' instead.")
           end
-          DEFAULT_NAME
+          default_name
         else
           # Log once when the path is invalid. We'll change to this path, so no
           # need to log again.
@@ -81,7 +94,7 @@ module Contrast
       #   TeamServer.
       # @return [::Ougai::Logging::Severity] the level at which to log
       def find_valid_level log_level
-        config = ::Contrast::CONFIG.root.agent.logger
+        config = ::Contrast::CONFIG.agent.logger
         config_level = config&.level&.length&.positive? ? config.level : nil
 
         valid_level(config_level || log_level)
@@ -166,6 +179,18 @@ module Contrast
         end
       end
 
+      def valid_level level
+        level ||= DEFAULT_LEVEL
+        level = level.upcase
+        if VALID_LEVELS.include?(level)
+          Object.cs__const_get("::Logger::Severity::#{ level }")
+        else
+          DEFAULT_LEVEL
+        end
+      rescue StandardError
+        DEFAULT_LEVEL
+      end
+
       # This method will extract the metadata information from context and other places
       #
       # initial structure of the data:
@@ -175,13 +200,10 @@ module Contrast
       # initially here we will use case to add it
       def extract_metadata rule_id = nil, outcome = nil
         message = []
-        sender_info = context&.activity&.http_request&.sender
+        request = context&.activity&.request
+        sender_info = { ip: request&.ip || Contrast::Utils::ObjectShare::EMPTY_STRING, port: request&.port || 0 }
         rule_id ? message << "pri=#{ rule_id } " : 'asd'
-        request_method = if context.request.rack_request.env['REQUEST_METHOD'].length.positive?
-                           context.request.rack_request.env['REQUEST_METHOD']
-                         else
-                           DEFAULT_METADATA
-                         end
+        request_method = assign_request_method(context)
         app_name = ::Contrast::APP_CONTEXT.name # rubocop:disable Security/Module/Name
         attach_request_and_sender_info(message, sender_info)
         message << "request=#{ context.request.url } "
@@ -198,10 +220,10 @@ module Contrast
         src = if needed_header
                 needed_header
               else
-                sender_info.ip.length > 1 ? sender_info.ip : DEFAULT_METADATA
+                sender_info[:ip].length > 1 ? sender_info[:ip] : DEFAULT_METADATA
               end
         message << "src=#{ src }"
-        message << "port=#{ sender_info.port }"
+        message << "port=#{ sender_info[:port] }"
       end
 
       def extract_ip_address
@@ -216,9 +238,17 @@ module Contrast
       end
 
       def extract_sender_ip
-        request_headers = context.activity.http_request.request_headers&.transform_keys(&:to_s)
+        request_headers = context.activity.request.headers&.transform_keys(&:to_s)
         request_headers['X-Forwarded-For']
       end
+
+      def assign_request_method context
+        if context.request.rack_request.env['REQUEST_METHOD'].length.positive?
+          context.request.rack_request.env['REQUEST_METHOD']
+        else
+          DEFAULT_METADATA
+        end
+      end
     end
   end
 end

data/lib/contrast/utils/net_http_base.rb

@@ -26,10 +26,10 @@ module Contrast
         return unless url
 
         addr = URI(url)
-        # the proxy is enabled only if there is provided url even if the enable is set to true
         return if addr.host.nil? || addr.port.nil?
-        return if addr.scheme != 'https' && !addr.host.to_s.include?('localhost') # TODO: RUBY-99999 allow http w/ localhost # rubocop:disable Layout/LineLength
+        return if addr.scheme != 'https' && !addr.host.to_s.include?('localhost')
 
+        # the proxy is enabled only if there is provided url even if the enable is set to true
         proxy_addr = URI(Contrast::API.proxy_url) if proxy_enabled?
         net_http_client = initialize_client(addr, proxy_addr, use_proxy, use_custom_cert)
         return if net_http_client.nil?
@@ -38,7 +38,7 @@ module Contrast
         return unless net_http_client.started?
 
         logger.debug("Starting #{ service_name } connection test")
-        return unless connection_verified?(net_http_client)
+        return unless connection_verified?(net_http_client, url)
 
         logger.debug('Client verified', service: service_name, url: url)
         net_http_client
@@ -49,18 +49,17 @@ module Contrast
 
       # Validates connection with assigned domain.
       # If connection is running, SSL certificate of the endpoint is valid, Ip address is resolvable
-      # and response is received without peer's reset or refuse of connection,
-      # then validation returns true. Error handling is in place so that the work of the agent will continue as
-      # normal without Telemetry.
+      # and response is received without peer's reset or refuse of connection, then validation returns true.
       #
       # @param client [Net::HTTP]
+      # @param url [String]
       # @return [Boolean] true | false
-      def connection_verified? client
+      def connection_verified? client, url
         return @_connection_verified unless @_connection_verified.nil?
         return false if client.nil?
 
         ipaddr = get_ipaddr(client)
-        response = client.request(Net::HTTP::Get.new(client.address))
+        response = client.request(Net::HTTP::Get.new(url))
         verify_cert = client.address.to_s.include?('localhost') ||
             OpenSSL::SSL.verify_certificate_identity(client.peer_cert, client.address)
         resolved = resolved?(client.address, ipaddr)

data/lib/contrast/utils/patching/policy/patch_utils.rb

@@ -117,7 +117,8 @@ module Contrast
           return ret if current_context && !current_context.analyze_request?
 
           trigger_node = method_policy.trigger_node
-          if trigger_node
+
+          if trigger_node && !trigger_node.nil?
             Contrast::Agent::Assess::Policy::TriggerMethod.apply_trigger_rule(trigger_node, object, ret, args)
           end
           if method_policy.source_node
@@ -135,7 +136,7 @@ module Contrast
         rescue StandardError => e
           logger.error('Unable to assess method call.', e)
         rescue Exception => e # rubocop:disable Lint/RescueException
-          logger.error('Unable to assess method call.', e)
+          logger.error('Unable to assess method call due to exception.', e)
           raise(e)
         ensure
           ret.rewind if Contrast::Utils::IOUtil.should_rewind?(ret)

data/lib/contrast/utils/stack_trace_utils.rb

@@ -50,31 +50,6 @@ module Contrast
           build_protect_stack(Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack)
         end
 
-        # Translate a caller array to an array of TraceStacks for TeamServer to
-        # display, excluding any Contrast code found.
-        #
-        # @param stack [Array<String>] the output of Kernel.caller
-        # @return [Array<Contrast::Api::Dtm::TraceStack]
-        def build_assess_stack_array stack
-          converted = []
-          return converted unless stack
-
-          i = 0
-          while i < stack.length
-            caller_location = stack[i]
-            i += 1
-            next if caller_location.include?(AGENT_CLASS_MARKER)
-
-            # To play nice with the way that TeamServer is rendering these
-            # values, we only populate the file_name field with exactly what we
-            # want them to display
-            element = Contrast::Api::Dtm::TraceStack.new
-            element.file_name = caller_location
-            converted << element
-          end
-          converted
-        end
-
         private
 
         def reject_caller_entries stack

data/lib/contrast/utils/string_utils.rb

@@ -37,12 +37,21 @@ module Contrast
         end
 
         # Truncate a string to 255 characters max length
+        #
+        # @param str [String] the string tt truncate
+        # @param default [String] what to default to
+        # @return [String]
         def truncate str, default = Contrast::Utils::ObjectShare::EMPTY_STRING
           return default if str.nil?
 
           str.to_s[0..255]
         end
 
+        # Cast the given object, which should be a String, into a UTF-8 String for reporting. All given objects will be
+        # cast to their to_s form, except nil which will become the ObjectShare::EMPTY_STRING, and then cast.
+        #
+        # @param str [String, Object, nil]
+        # @return [String]
         def force_utf8 str
           return Contrast::Utils::ObjectShare::EMPTY_STRING unless str
 

data/lib/contrast/utils/telemetry_client.rb

@@ -34,18 +34,12 @@ module Contrast
       def build_request event
         return unless valid_event?(event)
 
-        string_body = if event.cs__is_a?(Contrast::Agent::Telemetry::TelemetryException::Event)
-                        [event.to_controlled_hash]
-                      else
-                        [event.to_hash]
-                      end
-
         header = {
             'User-Agent' => "<#{ Contrast::Utils::ObjectShare::RUBY }>-<#{ Contrast::Agent::VERSION }>",
             'Content-Type' => 'application/json'
         }
         request = Net::HTTP::Post.new(build_path(event), header)
-        request.body = string_body.to_json
+        request.body = get_event_json(event)
         request
       end
 
@@ -97,6 +91,18 @@ module Contrast
         path = endpoint == EXCEPTIONS ? Contrast::Agent::Telemetry::TelemetryException::Event.path : event.path
         "#{ Contrast::Agent::Telemetry::Base::URL }#{ endpoint }#{ path }"
       end
+
+      # Helper Method to get json representation of Telemetry Event data, handles error on to_json
+      #
+      # @param event [Contrast::Agent::Telemetry::Event, Array<Contrast::Agent::Telemetry::TelemetryException::Event>]
+      # @return [String] - JSON
+      def get_event_json event
+        hsh = [event.to_controlled_hash]
+        hsh.to_json
+      rescue Exception => e # rubocop:disable Lint/RescueException
+        logger.error('Unable to convert TelemetryEvent to JSON string', e, hsh)
+        raise(e)
+      end
     end
   end
 end

data/lib/contrast.rb

@@ -53,13 +53,9 @@ if RUBY_VERSION >= '3.0.0' && RUBY_VERSION < '3.1.0'
   end
 end
 
-require 'contrast/components/agent'
-require 'contrast/components/api'
-require 'contrast/components/app_context'
 require 'contrast/components/assess'
 require 'contrast/components/config'
 require 'contrast/components/contrast_service'
-require 'contrast/components/inventory'
 require 'contrast/components/logger'
 require 'contrast/components/protect'
 require 'contrast/components/sampling'
@@ -73,15 +69,15 @@ require 'protobuf' # TODO: RUBY-1438
 module Contrast
   CONFIG = Contrast::Components::Config::Interface.new
   SCOPE = Contrast::Components::Scope::Interface.new
-  API = CONFIG.root.api
+  API = CONFIG.api
   SETTINGS = Contrast::Components::Settings::Interface.new
-  ASSESS = Contrast::Components::Assess::Interface.new
+  ASSESS = CONFIG.assess
   PROTECT = Contrast::Components::Protect::Interface.new
-  INVENTORY = CONFIG.root.inventory
-  AGENT = CONFIG.root.agent
+  INVENTORY = CONFIG.inventory
+  AGENT = CONFIG.agent
   LOGGER = AGENT.logger
   CONTRAST_SERVICE = Contrast::Components::ContrastService::Interface.new
-  APP_CONTEXT = CONFIG.root.application
+  APP_CONTEXT = CONFIG.application
 end
 
 module Contrast
@@ -95,7 +91,6 @@ require 'contrast/agent/version'
 
 # shared utils
 require 'contrast/utils/timer'
-require 'contrast/utils/preflight_util'
 
 require 'contrast/utils/assess/sampling_util'
 require 'contrast/agent'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: contrast-agent
 version: !ruby/object:Gem::Version
-  version: 6.6.3
+  version: 6.7.0
 platform: ruby
 authors:
 - galen.palmer@contrastsecurity.com
@@ -13,7 +13,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-07-19 00:00:00.000000000 Z
+date: 2022-08-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -665,22 +665,22 @@ executables:
 - contrast_service
 extensions:
 - ext/cs__common/extconf.rb
-- ext/cs__tests/extconf.rb
-- ext/cs__assess_module/extconf.rb
-- ext/cs__assess_array/extconf.rb
 - ext/cs__assess_hash/extconf.rb
 - ext/cs__assess_basic_object/extconf.rb
-- ext/cs__assess_regexp/extconf.rb
-- ext/cs__os_information/extconf.rb
-- ext/cs__assess_test/extconf.rb
 - ext/cs__assess_string/extconf.rb
-- ext/cs__contrast_patch/extconf.rb
+- ext/cs__assess_regexp/extconf.rb
+- ext/cs__assess_yield_track/extconf.rb
 - ext/cs__assess_string_interpolation/extconf.rb
 - ext/cs__scope/extconf.rb
+- ext/cs__contrast_patch/extconf.rb
+- ext/cs__assess_module/extconf.rb
+- ext/cs__assess_kernel/extconf.rb
 - ext/cs__assess_marshal_module/extconf.rb
+- ext/cs__assess_test/extconf.rb
+- ext/cs__os_information/extconf.rb
+- ext/cs__assess_array/extconf.rb
+- ext/cs__tests/extconf.rb
 - ext/cs__assess_fiber_track/extconf.rb
-- ext/cs__assess_yield_track/extconf.rb
-- ext/cs__assess_kernel/extconf.rb
 extra_rdoc_files: []
 files:
 - ".clang-format"
@@ -960,6 +960,7 @@ files:
 - lib/contrast/agent/deadzone/policy/deadzone_node.rb
 - lib/contrast/agent/deadzone/policy/policy.rb
 - lib/contrast/agent/disable_reaction.rb
+- lib/contrast/agent/excluder.rb
 - lib/contrast/agent/exclusion_matcher.rb
 - lib/contrast/agent/inventory.rb
 - lib/contrast/agent/inventory/database_config.rb
@@ -997,6 +998,8 @@ files:
 - lib/contrast/agent/protect/rule/base.rb
 - lib/contrast/agent/protect/rule/base_service.rb
 - lib/contrast/agent/protect/rule/cmd_injection.rb
+- lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb
+- lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb
 - lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb
 - lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb
 - lib/contrast/agent/protect/rule/default_scanner.rb
@@ -1012,7 +1015,9 @@ files:
 - lib/contrast/agent/protect/rule/sqli/default_sql_scanner.rb
 - lib/contrast/agent/protect/rule/sqli/mysql_sql_scanner.rb
 - lib/contrast/agent/protect/rule/sqli/postgres_sql_scanner.rb
+- lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb
 - lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb
+- lib/contrast/agent/protect/rule/sqli/sqli_semantic/sqli_dangerous_functions.rb
 - lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb
 - lib/contrast/agent/protect/rule/sqli/sqlite_sql_scanner.rb
 - lib/contrast/agent/protect/rule/unsafe_file_upload.rb
@@ -1026,6 +1031,24 @@ files:
 - lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb
 - lib/contrast/agent/reporting/attack_result/response_type.rb
 - lib/contrast/agent/reporting/attack_result/user_input.rb
+- lib/contrast/agent/reporting/details/bot_blocker_details.rb
+- lib/contrast/agent/reporting/details/cmd_injection_details.rb
+- lib/contrast/agent/reporting/details/details.rb
+- lib/contrast/agent/reporting/details/http_method_tempering_details.rb
+- lib/contrast/agent/reporting/details/ip_denylist_details.rb
+- lib/contrast/agent/reporting/details/no_sqli_details.rb
+- lib/contrast/agent/reporting/details/path_traversal_details.rb
+- lib/contrast/agent/reporting/details/path_traversal_semantic_analysis_details.rb
+- lib/contrast/agent/reporting/details/protect_rule_details.rb
+- lib/contrast/agent/reporting/details/sqli_dangerous_functions.rb
+- lib/contrast/agent/reporting/details/sqli_details.rb
+- lib/contrast/agent/reporting/details/untrusted_deserialization_details.rb
+- lib/contrast/agent/reporting/details/virtual_patch_details.rb
+- lib/contrast/agent/reporting/details/xss_details.rb
+- lib/contrast/agent/reporting/details/xss_match.rb
+- lib/contrast/agent/reporting/details/xxe_details.rb
+- lib/contrast/agent/reporting/details/xxe_match.rb
+- lib/contrast/agent/reporting/details/xxe_wrapper.rb
 - lib/contrast/agent/reporting/input_analysis/input_analysis.rb
 - lib/contrast/agent/reporting/input_analysis/input_analysis_result.rb
 - lib/contrast/agent/reporting/input_analysis/input_type.rb
@@ -1060,6 +1083,7 @@ files:
 - lib/contrast/agent/reporting/reporting_events/finding_event_source.rb
 - lib/contrast/agent/reporting/reporting_events/finding_event_stack.rb
 - lib/contrast/agent/reporting/reporting_events/finding_event_taint_range.rb
+- lib/contrast/agent/reporting/reporting_events/finding_event_taint_range_tags.rb
 - lib/contrast/agent/reporting/reporting_events/finding_request.rb
 - lib/contrast/agent/reporting/reporting_events/library_discovery.rb
 - lib/contrast/agent/reporting/reporting_events/library_usage_observation.rb
@@ -1074,10 +1098,8 @@ files:
 - lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb
 - lib/contrast/agent/reporting/reporting_events/server_activity.rb
 - lib/contrast/agent/reporting/reporting_events/server_reporting_event.rb
-- lib/contrast/agent/reporting/reporting_events/trace_event_source.rb
 - lib/contrast/agent/reporting/reporting_utilities/audit.rb
 - lib/contrast/agent/reporting/reporting_utilities/build_preflight.rb
-- lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb
 - lib/contrast/agent/reporting/reporting_utilities/endpoints.rb
 - lib/contrast/agent/reporting/reporting_utilities/headers.rb
 - lib/contrast/agent/reporting/reporting_utilities/reporter_client.rb
@@ -1150,14 +1172,11 @@ files:
 - lib/contrast/api/communication/tcp_socket.rb
 - lib/contrast/api/communication/unix_socket.rb
 - lib/contrast/api/decorators.rb
-- lib/contrast/api/decorators/activity.rb
 - lib/contrast/api/decorators/address.rb
 - lib/contrast/api/decorators/agent_startup.rb
 - lib/contrast/api/decorators/application_settings.rb
 - lib/contrast/api/decorators/application_startup.rb
-- lib/contrast/api/decorators/architecture_component.rb
 - lib/contrast/api/decorators/bot_blocker.rb
-- lib/contrast/api/decorators/finding.rb
 - lib/contrast/api/decorators/http_request.rb
 - lib/contrast/api/decorators/input_analysis.rb
 - lib/contrast/api/decorators/instrumentation_mode.rb
@@ -1165,13 +1184,7 @@ files:
 - lib/contrast/api/decorators/message.rb
 - lib/contrast/api/decorators/rasp_rule_sample.rb
 - lib/contrast/api/decorators/response_type.rb
-- lib/contrast/api/decorators/route_coverage.rb
 - lib/contrast/api/decorators/server_features.rb
-- lib/contrast/api/decorators/trace_event.rb
-- lib/contrast/api/decorators/trace_event_object.rb
-- lib/contrast/api/decorators/trace_event_signature.rb
-- lib/contrast/api/decorators/trace_taint_range.rb
-- lib/contrast/api/decorators/trace_taint_range_tags.rb
 - lib/contrast/api/decorators/user_input.rb
 - lib/contrast/api/decorators/virtual_patch.rb
 - lib/contrast/api/dtm.pb.rb
@@ -1181,6 +1194,7 @@ files:
 - lib/contrast/components/app_context.rb
 - lib/contrast/components/app_context_extend.rb
 - lib/contrast/components/assess.rb
+- lib/contrast/components/assess_rules.rb
 - lib/contrast/components/base.rb
 - lib/contrast/components/config.rb
 - lib/contrast/components/contrast_service.rb
@@ -1188,13 +1202,14 @@ files:
 - lib/contrast/components/inventory.rb
 - lib/contrast/components/logger.rb
 - lib/contrast/components/protect.rb
+- lib/contrast/components/ruby_component.rb
 - lib/contrast/components/sampling.rb
 - lib/contrast/components/scope.rb
+- lib/contrast/components/security_logger.rb
+- lib/contrast/components/service.rb
 - lib/contrast/components/settings.rb
 - lib/contrast/config.rb
 - lib/contrast/config/api_proxy_configuration.rb
-- lib/contrast/config/assess_configuration.rb
-- lib/contrast/config/assess_rules_configuration.rb
 - lib/contrast/config/base_configuration.rb
 - lib/contrast/config/certification_configuration.rb
 - lib/contrast/config/env_variables.rb
@@ -1202,10 +1217,7 @@ files:
 - lib/contrast/config/protect_rule_configuration.rb
 - lib/contrast/config/protect_rules_configuration.rb
 - lib/contrast/config/request_audit_configuration.rb
-- lib/contrast/config/root_configuration.rb
-- lib/contrast/config/ruby_configuration.rb
 - lib/contrast/config/server_configuration.rb
-- lib/contrast/config/service_configuration.rb
 - lib/contrast/configuration.rb
 - lib/contrast/extension/assess.rb
 - lib/contrast/extension/assess/array.rb
@@ -1281,7 +1293,6 @@ files:
 - lib/contrast/utils/os.rb
 - lib/contrast/utils/patching/policy/patch_utils.rb
 - lib/contrast/utils/patching/policy/patcher_utils.rb
-- lib/contrast/utils/preflight_util.rb
 - lib/contrast/utils/request_utils.rb
 - lib/contrast/utils/resource_loader.rb
 - lib/contrast/utils/response_utils.rb

data/lib/contrast/agent/reporting/reporting_events/trace_event_source.rb

@@ -1,30 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-
-require 'json'
-require 'contrast/components/logger'
-require 'contrast/utils/object_share'
-
-module Contrast
-  module Agent
-    module Reporting
-      # This is the new Trace Event Source class which will include all the needed information for the new reporting
-      # system to relay this information in the Route Observation messages.
-      class TraceEventSource
-        attr_accessor :name, :type
-
-        def initialize
-          @name = Contrast::Utils::ObjectShare::EMPTY_STRING
-          @type = Contrast::Utils::ObjectShare::EMPTY_STRING
-        end
-
-        def to_controlled_hash
-          {
-              name: @name,
-              type: @type
-          }
-        end
-      end
-    end
-  end
-end

data/lib/contrast/agent/reporting/reporting_utilities/dtm_message.rb

@@ -1,43 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-
-require 'contrast/agent/reporting/reporting_events/application_activity'
-require 'contrast/api/dtm.pb'
-
-module Contrast
-  module Agent
-    module Reporting
-      # Util module for checking DTM message type. It temporarily allows for the conversion from a DTM to an
-      # EventReport.
-      # TODO: RUBY-1438 -- remove
-      module DtmMessage
-        class << self
-          # @param dtm [Contrast::Api::Dtm::Finding,Object]
-          # @return [Boolean]
-          def finding? dtm
-            dtm.cs__is_a?(Contrast::Api::Dtm::Finding)
-          end
-
-          # @param dtm [Contrast::Api::Dtm::Finding,Object]
-          # @return [Boolean]
-          def activity? dtm
-            dtm.cs__is_a?(Contrast::Api::Dtm::Activity)
-          end
-
-          # Converts DTM message to Reporting Event for those messages that have conversion methods crated. We use this
-          # as we work to move away from requiring the Service.
-          #
-          # @param dtm [Contrast::Api::Dtm]
-          # @return event [Contrast::Agent::Reporting::ReportingEvent, nil]
-          def dtm_to_event dtm
-            # For the others, we convert them.
-            return Contrast::Agent::Reporting::Finding.convert(dtm) if finding?(dtm)
-            return Contrast::Agent::Reporting::ApplicationActivity.convert(dtm) if activity?(dtm)
-
-            nil
-          end
-        end
-      end
-    end
-  end
-end

data/lib/contrast/api/decorators/activity.rb

@@ -1,33 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-
-require 'contrast/utils/string_utils'
-
-module Contrast
-  module Api
-    module Decorators
-      # Used to decorate the {Contrast::Api::Dtm::Activity} protobuf model
-      # to handle conversion between framework route classes and the dtm.
-      module Activity
-        def self.included klass
-          klass.extend(ClassMethods)
-        end
-
-        # Class methods for Activity
-        module ClassMethods
-          def source_or_string obj
-            if obj.cs__is_a?(Regexp)
-              obj.source
-            elsif obj.cs__respond_to?(:safe_string)
-              obj.safe_string
-            else
-              obj.to_s
-            end
-          end
-        end
-      end
-    end
-  end
-end
-
-Contrast::Api::Dtm::Activity.include(Contrast::Api::Decorators::Activity)