RubyGems - contrast-agent - Versions diffs - 6.7.0 → 6.8.0 - Mend

contrast-agent 6.7.0 → 6.8.0

Files changed (221) hide show

checksums.yaml +4 -4
data/.gitignore +0 -2
data/.simplecov +0 -1
data/Rakefile +0 -1
data/ext/cs__assess_array/cs__assess_array.c +41 -10
data/ext/cs__assess_array/cs__assess_array.h +4 -1
data/lib/contrast/agent/assess/policy/trigger_method.rb +2 -2
data/lib/contrast/agent/assess/policy/trigger_validation/redos_validator.rb +1 -1
data/lib/contrast/agent/assess/policy/trigger_validation/ssrf_validator.rb +1 -1
data/lib/contrast/agent/assess/policy/trigger_validation/xss_validator.rb +1 -1
data/lib/contrast/agent/excluder.rb +52 -34
data/lib/contrast/agent/exclusion_matcher.rb +21 -9
data/lib/contrast/agent/middleware.rb +4 -4
data/lib/contrast/agent/patching/policy/after_load_patcher.rb +6 -0
data/lib/contrast/agent/protect/input_analyzer/input_analyzer.rb +146 -127
data/lib/contrast/agent/protect/policy/applies_path_traversal_rule.rb +20 -0
data/lib/contrast/agent/protect/policy/rule_applicator.rb +1 -1
data/lib/contrast/agent/protect/rule/base.rb +45 -53
data/lib/contrast/agent/protect/rule/base_service.rb +48 -24
data/lib/contrast/agent/protect/rule/bot_blocker/bot_blocker_input_classification.rb +98 -0
data/lib/contrast/agent/protect/rule/bot_blocker.rb +81 -0
data/lib/contrast/agent/protect/rule/cmd_injection.rb +18 -1
data/lib/contrast/agent/protect/rule/cmdi/cmdi_backdoors.rb +8 -5
data/lib/contrast/agent/protect/rule/cmdi/cmdi_base_rule.rb +22 -22
data/lib/contrast/agent/protect/rule/cmdi/cmdi_chained_command.rb +69 -0
data/lib/contrast/agent/protect/rule/cmdi/cmdi_dangerous_path.rb +68 -0
data/lib/contrast/agent/protect/rule/cmdi/cmdi_input_classification.rb +2 -58
data/lib/contrast/agent/protect/rule/default_scanner.rb +1 -1
data/lib/contrast/agent/protect/rule/deserialization.rb +3 -14
data/lib/contrast/agent/protect/rule/http_method_tampering/http_method_tampering_input_classification.rb +2 -2
data/lib/contrast/agent/protect/rule/http_method_tampering.rb +0 -11
data/lib/contrast/agent/protect/rule/no_sqli/no_sqli_input_classification.rb +29 -34
data/lib/contrast/agent/protect/rule/no_sqli.rb +25 -18
data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_input_classification.rb +61 -0
data/lib/contrast/agent/protect/rule/path_traversal/path_traversal_semantic_security_bypass.rb +114 -0
data/lib/contrast/agent/protect/rule/path_traversal.rb +38 -12
data/lib/contrast/agent/protect/rule/sql_sample_builder.rb +33 -15
data/lib/contrast/agent/protect/rule/sqli/sqli_base_rule.rb +0 -14
data/lib/contrast/agent/protect/rule/sqli/sqli_input_classification.rb +2 -62
data/lib/contrast/agent/protect/rule/sqli.rb +70 -0
data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_input_classification.rb +39 -63
data/lib/contrast/agent/protect/rule/unsafe_file_upload.rb +6 -33
data/lib/contrast/agent/protect/rule/xss/reflected_xss_input_classification.rb +58 -0
data/lib/contrast/agent/protect/rule/xss.rb +14 -20
data/lib/contrast/agent/protect/rule/xxe.rb +4 -24
data/lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb +18 -39
data/lib/contrast/agent/reporting/attack_result/response_type.rb +9 -9
data/lib/contrast/agent/reporting/details/ip_denylist_details.rb +10 -2
data/lib/contrast/agent/reporting/details/virtual_patch_details.rb +8 -2
data/lib/contrast/agent/reporting/input_analysis/details/bot_blocker_details.rb +27 -0
data/lib/contrast/agent/reporting/input_analysis/details/protect_rule_details.rb +15 -0
data/lib/contrast/agent/reporting/input_analysis/input_analysis.rb +1 -2
data/lib/contrast/agent/reporting/input_analysis/input_analysis_result.rb +16 -2
data/lib/contrast/agent/reporting/masker/masker.rb +2 -0
data/lib/contrast/agent/reporting/reporter.rb +1 -14
data/lib/contrast/agent/reporting/reporting_events/application_activity.rb +15 -12
data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_activity.rb +3 -3
data/lib/contrast/agent/reporting/reporting_events/application_defend_attack_sample.rb +1 -2
data/lib/contrast/agent/reporting/reporting_events/application_update.rb +0 -2
data/lib/contrast/agent/reporting/reporting_events/architecture_component.rb +0 -1
data/lib/contrast/agent/reporting/reporting_events/finding.rb +4 -4
data/lib/contrast/agent/reporting/reporting_events/finding_request.rb +0 -5
data/lib/contrast/agent/reporting/reporting_events/library_discovery.rb +0 -1
data/lib/contrast/agent/reporting/reporting_events/poll.rb +1 -11
data/lib/contrast/agent/reporting/reporting_events/route_discovery.rb +0 -1
data/lib/contrast/agent/reporting/reporting_events/route_discovery_observation.rb +0 -1
data/lib/contrast/agent/reporting/reporting_utilities/audit.rb +2 -2
data/lib/contrast/agent/reporting/reporting_utilities/response.rb +1 -1
data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb +0 -3
data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb +1 -0
data/lib/contrast/agent/reporting/settings/code_exclusion.rb +6 -1
data/lib/contrast/agent/reporting/settings/exclusion_base.rb +18 -0
data/lib/contrast/agent/reporting/settings/exclusions.rb +2 -1
data/lib/contrast/agent/reporting/settings/input_exclusion.rb +9 -3
data/lib/contrast/agent/reporting/settings/protect.rb +15 -15
data/lib/contrast/agent/request.rb +2 -14
data/lib/contrast/agent/request_context.rb +6 -9
data/lib/contrast/agent/request_context_extend.rb +9 -148
data/lib/contrast/agent/thread_watcher.rb +3 -18
data/lib/contrast/agent/version.rb +1 -1
data/lib/contrast/agent.rb +0 -11
data/lib/contrast/agent_lib/api/command_injection.rb +46 -0
data/lib/contrast/agent_lib/api/init.rb +101 -0
data/lib/contrast/agent_lib/api/input_tracing.rb +267 -0
data/lib/contrast/agent_lib/api/method_tempering.rb +29 -0
data/lib/contrast/agent_lib/api/panic.rb +87 -0
data/lib/contrast/agent_lib/api/path_semantic_file_security_bypass.rb +40 -0
data/lib/contrast/agent_lib/interface.rb +260 -0
data/lib/contrast/agent_lib/interface_base.rb +118 -0
data/lib/contrast/agent_lib/return_types/eval_result.rb +44 -0
data/lib/contrast/agent_lib/test.rb +29 -0
data/lib/contrast/api/communication/connection_status.rb +5 -5
data/lib/contrast/components/agent.rb +0 -14
data/lib/contrast/components/app_context.rb +0 -2
data/lib/contrast/components/app_context_extend.rb +0 -25
data/lib/contrast/components/config.rb +1 -18
data/lib/contrast/components/protect.rb +4 -1
data/lib/contrast/components/ruby_component.rb +1 -1
data/lib/contrast/components/settings.rb +37 -89
data/lib/contrast/config/protect_rule_configuration.rb +7 -7
data/lib/contrast/config/protect_rules_configuration.rb +20 -58
data/lib/contrast/configuration.rb +1 -10
data/lib/contrast/extension/assess/array.rb +9 -0
data/lib/contrast/extension/delegator.rb +2 -0
data/lib/contrast/framework/manager.rb +3 -1
data/lib/contrast/framework/rails/railtie.rb +0 -1
data/lib/contrast/framework/rails/support.rb +0 -1
data/lib/contrast/tasks/config.rb +1 -8
data/lib/contrast/utils/duck_utils.rb +1 -0
data/lib/contrast/utils/input_classification_base.rb +156 -0
data/lib/contrast/utils/os.rb +0 -20
data/lib/contrast/utils/response_utils.rb +0 -16
data/lib/contrast/utils/stack_trace_utils.rb +3 -15
data/lib/contrast/utils/string_utils.rb +10 -7
data/lib/contrast.rb +2 -3
data/resources/protect/policy.json +1 -2
data/ruby-agent.gemspec +2 -5
metadata +42 -112
data/exe/contrast_service +0 -23
data/lib/contrast/agent/protect/rule/cmdi/cmdi_worth_watching.rb +0 -64
data/lib/contrast/agent/protect/rule/sqli/sqli_worth_watching.rb +0 -118
data/lib/contrast/agent/protect/rule/unsafe_file_upload/unsafe_file_upload_matcher.rb +0 -45
data/lib/contrast/agent/reaction_processor.rb +0 -47
data/lib/contrast/agent/service_heartbeat.rb +0 -35
data/lib/contrast/api/communication/messaging_queue.rb +0 -128
data/lib/contrast/api/communication/response_processor.rb +0 -90
data/lib/contrast/api/communication/service_lifecycle.rb +0 -77
data/lib/contrast/api/communication/socket.rb +0 -44
data/lib/contrast/api/communication/socket_client.rb +0 -130
data/lib/contrast/api/communication/speedracer.rb +0 -138
data/lib/contrast/api/communication/tcp_socket.rb +0 -32
data/lib/contrast/api/communication/unix_socket.rb +0 -28
data/lib/contrast/api/communication.rb +0 -20
data/lib/contrast/api/decorators/address.rb +0 -59
data/lib/contrast/api/decorators/agent_startup.rb +0 -56
data/lib/contrast/api/decorators/application_settings.rb +0 -43
data/lib/contrast/api/decorators/application_startup.rb +0 -56
data/lib/contrast/api/decorators/bot_blocker.rb +0 -37
data/lib/contrast/api/decorators/http_request.rb +0 -137
data/lib/contrast/api/decorators/input_analysis.rb +0 -18
data/lib/contrast/api/decorators/instrumentation_mode.rb +0 -35
data/lib/contrast/api/decorators/ip_denylist.rb +0 -37
data/lib/contrast/api/decorators/message.rb +0 -67
data/lib/contrast/api/decorators/rasp_rule_sample.rb +0 -52
data/lib/contrast/api/decorators/response_type.rb +0 -17
data/lib/contrast/api/decorators/server_features.rb +0 -25
data/lib/contrast/api/decorators/user_input.rb +0 -51
data/lib/contrast/api/decorators/virtual_patch.rb +0 -34
data/lib/contrast/api/decorators.rb +0 -22
data/lib/contrast/api/dtm.pb.rb +0 -363
data/lib/contrast/api/settings.pb.rb +0 -500
data/lib/contrast/api.rb +0 -16
data/lib/contrast/components/contrast_service.rb +0 -88
data/lib/contrast/components/service.rb +0 -55
data/lib/contrast/tasks/service.rb +0 -84
data/lib/contrast/utils/input_classification.rb +0 -73
data/lib/protobuf/code_generator.rb +0 -129
data/lib/protobuf/decoder.rb +0 -28
data/lib/protobuf/deprecation.rb +0 -117
data/lib/protobuf/descriptors/google/protobuf/compiler/plugin.pb.rb +0 -79
data/lib/protobuf/descriptors/google/protobuf/descriptor.pb.rb +0 -360
data/lib/protobuf/descriptors.rb +0 -3
data/lib/protobuf/encoder.rb +0 -11
data/lib/protobuf/enum.rb +0 -365
data/lib/protobuf/exceptions.rb +0 -9
data/lib/protobuf/field/base_field.rb +0 -380
data/lib/protobuf/field/base_field_object_definitions.rb +0 -504
data/lib/protobuf/field/bool_field.rb +0 -64
data/lib/protobuf/field/bytes_field.rb +0 -67
data/lib/protobuf/field/double_field.rb +0 -25
data/lib/protobuf/field/enum_field.rb +0 -56
data/lib/protobuf/field/field_array.rb +0 -102
data/lib/protobuf/field/field_hash.rb +0 -122
data/lib/protobuf/field/fixed32_field.rb +0 -25
data/lib/protobuf/field/fixed64_field.rb +0 -28
data/lib/protobuf/field/float_field.rb +0 -43
data/lib/protobuf/field/int32_field.rb +0 -21
data/lib/protobuf/field/int64_field.rb +0 -34
data/lib/protobuf/field/integer_field.rb +0 -23
data/lib/protobuf/field/message_field.rb +0 -51
data/lib/protobuf/field/sfixed32_field.rb +0 -27
data/lib/protobuf/field/sfixed64_field.rb +0 -28
data/lib/protobuf/field/signed_integer_field.rb +0 -29
data/lib/protobuf/field/sint32_field.rb +0 -21
data/lib/protobuf/field/sint64_field.rb +0 -21
data/lib/protobuf/field/string_field.rb +0 -51
data/lib/protobuf/field/uint32_field.rb +0 -21
data/lib/protobuf/field/uint64_field.rb +0 -21
data/lib/protobuf/field/varint_field.rb +0 -77
data/lib/protobuf/field.rb +0 -74
data/lib/protobuf/generators/base.rb +0 -85
data/lib/protobuf/generators/enum_generator.rb +0 -39
data/lib/protobuf/generators/extension_generator.rb +0 -27
data/lib/protobuf/generators/field_generator.rb +0 -193
data/lib/protobuf/generators/file_generator.rb +0 -262
data/lib/protobuf/generators/group_generator.rb +0 -122
data/lib/protobuf/generators/message_generator.rb +0 -104
data/lib/protobuf/generators/option_generator.rb +0 -17
data/lib/protobuf/generators/printable.rb +0 -160
data/lib/protobuf/generators/service_generator.rb +0 -50
data/lib/protobuf/lifecycle.rb +0 -33
data/lib/protobuf/logging.rb +0 -39
data/lib/protobuf/message/fields.rb +0 -233
data/lib/protobuf/message/serialization.rb +0 -85
data/lib/protobuf/message.rb +0 -241
data/lib/protobuf/optionable.rb +0 -72
data/lib/protobuf/tasks/compile.rake +0 -80
data/lib/protobuf/tasks.rb +0 -1
data/lib/protobuf/varint.rb +0 -20
data/lib/protobuf/varint_pure.rb +0 -31
data/lib/protobuf/version.rb +0 -3
data/lib/protobuf/wire_type.rb +0 -10
data/lib/protobuf.rb +0 -91
data/proto/dynamic_discovery.proto +0 -46
data/proto/google/protobuf/compiler/plugin.proto +0 -183
data/proto/google/protobuf/descriptor.proto +0 -911
data/proto/rpc.proto +0 -71
data/service_executables/.gitkeep +0 -0
data/service_executables/VERSION +0 -1
data/service_executables/linux/contrast-service +0 -0
data/service_executables/mac/contrast-service +0 -0

data/lib/contrast/api/decorators/user_input.rb DELETED Viewed

@@ -1,51 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-require 'contrast/utils/string_utils'
-require 'contrast/utils/assess/tracking_util'
-require 'base64'
-module Contrast
-  module Api
-    module Decorators
-      # Used to decorate the {Contrast::Api::Dtm::UserInput} protobuf model.
-      module UserInput
-        UNKNOWN_USER_INPUT = Contrast::Api::Dtm::UserInput.new.tap do |user_input|
-          user_input.input_type = :UNKNOWN
-        end
-        UNKNOWN_USER_INPUT.cs__freeze
-        def self.included klass
-          klass.extend(ClassMethods)
-        end
-        # Used to add class methods to UserInput
-        module ClassMethods
-          def build_from_ia_result ia_result
-            return UNKNOWN_USER_INPUT.dup unless ia_result
-            user_input = new
-            user_input.matcher_ids = ia_result.ids
-            user_input.path = ia_result.path.to_s
-            user_input.key = ia_result.key.to_s
-            user_input.value = ia_result.value.to_s
-            if ia_result.input_type
-              #
-              # InputAnalysis have local Agent implementation, so we need ot take care of difference
-              # if we pass data from wrong place - we need to handle the TypeError in throws
-              begin
-                user_input.input_type = ia_result.input_type.to_i
-              rescue TypeError, NoMethodError => _e
-                user_input.input_type = ia_result.input_type
-              end
-            end
-            user_input
-          end
-        end
-      end
-    end
-  end
-end
-Contrast::Api::Dtm::UserInput.include(Contrast::Api::Decorators::UserInput)

data/lib/contrast/api/decorators/virtual_patch.rb DELETED Viewed

@@ -1,34 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-require 'contrast/api/dtm.pb'
-require 'contrast/utils/string_utils'
-require 'contrast/components/base'
-module Contrast
-  module Api
-    module Decorators
-      # Used to decorate the {Contrast::Api::Dtm::VirtualPatchDetails} protobuf
-      # model so it can own the request which its data is for.
-      module VirtualPatchDetails
-        def self.included klass
-          klass.extend(ClassMethods)
-        end
-        # Used to add class methods to the AgentStartup class on inclusion of the decorator
-        module ClassMethods
-          def build
-            new
-          end
-          # @param result [Contrast::Api::Dtm::VirtualPatchDetails]
-          def to_controlled_hash result
-            { uuid: result.uuid }
-          end
-        end
-      end
-    end
-  end
-end
-Contrast::Api::Dtm::VirtualPatchDetails.include(Contrast::Api::Decorators::VirtualPatchDetails)

data/lib/contrast/api/decorators.rb DELETED Viewed

@@ -1,22 +0,0 @@
-# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
-# frozen_string_literal: true
-module Contrast
-  module Api
-    # Used to decorate protobuf models
-    module Decorators
-    end
-  end
-end
-require 'contrast/api/decorators/message'
-require 'contrast/api/decorators/agent_startup'
-require 'contrast/api/decorators/application_startup'
-require 'contrast/api/decorators/input_analysis'
-require 'contrast/api/decorators/application_settings'
-require 'contrast/api/decorators/server_features'
-require 'contrast/api/decorators/rasp_rule_sample'
-require 'contrast/api/decorators/user_input'
-require 'contrast/api/decorators/address'
-require 'contrast/api/decorators/http_request'
-require 'contrast/api/decorators/response_type'

data/lib/contrast/api/dtm.pb.rb DELETED Viewed

@@ -1,363 +0,0 @@
-# encoding: utf-8
-##
-# This file is auto-generated. DO NOT EDIT!
-#
-require 'protobuf'
-module Contrast
-  module Api
-    module Dtm
-      ::Protobuf::Optionable.inject(self) { ::CSGoogle::Protobuf::FileOptions }
-      ##
-      # Message Classes
-      #
-      class Message < ::Protobuf::Message; end
-      class Poll < ::Protobuf::Message; end
-      class AgentStartup < ::Protobuf::Message; end
-      class ApplicationCreate < ::Protobuf::Message; end
-      class InstrumentationMode < ::Protobuf::Message; end
-      class Address < ::Protobuf::Message; end
-      class HttpRequest < ::Protobuf::Message
-        class Authentication < ::Protobuf::Enum
-          define :UNAUTHENTICATED, 0
-          define :AUTHENTICATED, 1
-          define :LOGIN_FAIL, 2
-          define :LOGIN_SUCCESS, 3
-          define :LOGIN_UNKNOWN, 4
-        end
-        class DocumentType < ::Protobuf::Enum
-          define :NORMAL, 0
-          define :JSON, 1
-          define :XML, 2
-        end
-      end
-      class SimplePair < ::Protobuf::Message; end
-      class Pair < ::Protobuf::Message; end
-      class AttackResult < ::Protobuf::Message
-        class ResponseType < ::Protobuf::Enum
-          define :NO_ACTION, 0
-          define :BLOCKED, 1
-          define :MONITORED, 2
-          define :PROBED, 3
-          define :BLOCKED_AT_PERIMETER, 4
-          define :AGGREGATED, 5
-        end
-      end
-      class RaspRuleSample < ::Protobuf::Message; end
-      class BotBlockerDetails < ::Protobuf::Message; end
-      class CmdInjectionDetails < ::Protobuf::Message; end
-      class HttpMethodTamperingDetails < ::Protobuf::Message; end
-      class UntrustedDeserializationDetails < ::Protobuf::Message; end
-      class IpDenylistDetails < ::Protobuf::Message; end
-      class PathTraversalDetails < ::Protobuf::Message; end
-      class PathTraversalSemanticAnalysisDetails < ::Protobuf::Message
-        class Finding < ::Protobuf::Enum
-          define :CUSTOM_CODE_ACCESSING_SYSTEM_FILES, 0
-          define :COMMON_FILE_EXPLOITS, 1
-        end
-      end
-      class ReDosDetails < ::Protobuf::Message; end
-      class SqlInjectionDetails < ::Protobuf::Message; end
-      class NoSqlInjectionDetails < ::Protobuf::Message; end
-      class SsrfDetails < ::Protobuf::Message; end
-      class VirtualPatchDetails < ::Protobuf::Message; end
-      class XssDetails < ::Protobuf::Message; end
-      class XssMatch < ::Protobuf::Message; end
-      class XxeDetails < ::Protobuf::Message; end
-      class XxeMatch < ::Protobuf::Message; end
-      class XxeWrapper < ::Protobuf::Message; end
-      class UserInput < ::Protobuf::Message
-        class InputType < ::Protobuf::Enum
-          define :UNDEFINED_TYPE, 0
-          define :BODY, 1
-          define :COOKIE_NAME, 2
-          define :COOKIE_VALUE, 3
-          define :HEADER, 4
-          define :PARAMETER_NAME, 5
-          define :PARAMETER_VALUE, 6
-          define :QUERYSTRING, 7
-          define :URI, 8
-          define :SOCKET, 9
-          define :JSON_VALUE, 10
-          define :JSON_ARRAYED_VALUE, 11
-          define :MULTIPART_CONTENT_TYPE, 16
-          define :MULTIPART_VALUE, 17
-          define :MULTIPART_FIELD_NAME, 18
-          define :MULTIPART_NAME, 19
-          define :XML_VALUE, 20
-          define :DWR_VALUE, 21
-          define :METHOD, 22
-          define :REQUEST, 23
-          define :URL_PARAMETER, 24
-          define :UNKNOWN, 99
-        end
-      end
-      class StackTraceElement < ::Protobuf::Message; end
-      ##
-      # File Options
-      #
-      set_option :go_package, "bitbucket.org/contrastsecurity/go-speedracer-go/from_agent"
-      ##
-      # Message Fields
-      #
-      class Message
-        optional :string, :client_id, 1
-        optional :int32, :client_number, 2, :deprecated => true
-        optional :int32, :client_total, 3, :deprecated => true
-        optional :int64, :pid, 8
-        optional :int64, :ppid, 9
-        optional :int32, :message_count, 4
-        optional :int64, :timestamp_ms, 5
-        optional :string, :app_name, 6
-        optional :string, :app_language, 7
-        optional :string, :app_path, 28
-        optional ::Contrast::Api::Dtm::AgentStartup, :agent_startup, 11
-        optional ::Contrast::Api::Dtm::ApplicationCreate, :application_create, 12
-        optional ::Contrast::Api::Dtm::HttpRequest, :prefilter, 20
-        optional ::Contrast::Api::Dtm::Poll, :poll, 27
-      end
-      class AgentStartup
-        optional :string, :version, 2, :deprecated => true
-        optional :string, :environment, 3
-        optional :string, :tags, 4, :deprecated => true
-        optional :string, :server_name, 5
-        optional :string, :server_path, 6
-        optional :string, :server_type, 7
-        optional :string, :server_version, 8
-        optional :int32, :heartbeat_ms, 9
-        optional :string, :server_tags, 10
-        optional :string, :application_tags, 11
-        optional :string, :library_tags, 12
-        optional :string, :finding_tags, 13
-        optional :string, :agent_version, 14
-      end
-      class ApplicationCreate
-        optional :string, :group, 1
-        optional :string, :app_version, 2
-        optional :string, :tags, 3, :deprecated => true
-        optional :string, :code, 4
-        optional :string, :metadata, 5
-        optional :string, :session_id, 6
-        optional :string, :session_metadata, 7
-        optional ::Contrast::Api::Dtm::InstrumentationMode, :mode, 10
-      end
-      class InstrumentationMode
-        optional :bool, :protect, 1
-        optional :bool, :assess, 2
-      end
-      class Address
-        optional :string, :ip, 1
-        optional :string, :host, 2
-        optional :int32, :port, 3
-      end
-      class HttpRequest
-        optional :string, :uuid, 1
-        optional :int64, :timestamp_ms, 2
-        optional ::Contrast::Api::Dtm::Address, :sender, 3
-        optional ::Contrast::Api::Dtm::Address, :receiver, 4
-        optional :string, :protocol, 5
-        optional :string, :version, 6
-        optional :string, :method, 7
-        optional :string, :raw, 8
-        optional :bool, :parsed_connection, 9
-        optional :string, :uri, 10
-        optional :string, :normalized_uri, 11
-        optional :string, :context, 12
-        optional :string, :path, 13
-        optional :string, :query_string, 14
-        map :string, ::Contrast::Api::Dtm::Pair, :normalized_request_params, 16
-        repeated ::Contrast::Api::Dtm::SimplePair, :multipart_headers, 51
-        map :string, :string, :request_headers, 20
-        optional :bool, :parsed_request_headers, 21
-        map :string, ::Contrast::Api::Dtm::Pair, :normalized_request_headers, 22, :deprecated => true
-        map :string, ::Contrast::Api::Dtm::Pair, :normalized_cookies, 23
-        optional :string, :request_body, 30, :deprecated => true
-        optional :bool, :parsed_request_body, 31
-        optional ::Contrast::Api::Dtm::HttpRequest::DocumentType, :document_type, 32
-        optional :bytes, :request_body_binary, 33
-        optional ::Contrast::Api::Dtm::HttpRequest::Authentication, :authentication, 40
-        optional :string, :principal, 41
-        optional :string, :server_info, 50
-      end
-      class SimplePair
-        optional :string, :key, 1
-        optional :string, :value, 2
-      end
-      class Pair
-        optional :string, :key, 1
-        repeated :string, :values, 2
-      end
-      class AttackResult
-        optional ::Contrast::Api::Dtm::AttackResult::ResponseType, :response, 1
-        optional :string, :rule_id, 2
-        repeated ::Contrast::Api::Dtm::RaspRuleSample, :samples, 6
-        optional :string, :tags, 7, :deprecated => true
-        optional :int64, :acc_updated_ms, 16
-        optional :int32, :acc_limit, 17
-        optional :int64, :acc_window_ms, 18
-        optional :int32, :acc_count, 19
-        optional :string, :acc_mode, 21
-        optional :string, :acc_msg, 22
-      end
-      class RaspRuleSample
-        optional :int64, :timestamp_ms, 2
-        repeated ::Contrast::Api::Dtm::StackTraceElement, :stack_trace_elements, 4
-        optional ::Contrast::Api::Dtm::UserInput, :user_input, 5
-        optional ::Contrast::Api::Dtm::BotBlockerDetails, :bot_blocker, 17
-        optional ::Contrast::Api::Dtm::CmdInjectionDetails, :cmdi, 18
-        optional ::Contrast::Api::Dtm::UntrustedDeserializationDetails, :untrusted_deserialization, 21
-        optional ::Contrast::Api::Dtm::IpDenylistDetails, :ip_denylist, 45
-        optional ::Contrast::Api::Dtm::PathTraversalDetails, :path_traversal, 26
-        optional ::Contrast::Api::Dtm::ReDosDetails, :re_dos, 27
-        optional ::Contrast::Api::Dtm::SqlInjectionDetails, :sqli, 28
-        optional ::Contrast::Api::Dtm::SsrfDetails, :ssrf, 29
-        optional ::Contrast::Api::Dtm::VirtualPatchDetails, :virtual_patch, 30
-        optional ::Contrast::Api::Dtm::XssDetails, :xss, 31
-        optional ::Contrast::Api::Dtm::XxeDetails, :xxe, 32
-        optional ::Contrast::Api::Dtm::NoSqlInjectionDetails, :no_sqli, 33
-        optional ::Contrast::Api::Dtm::HttpMethodTamperingDetails, :method_tampering, 34
-        optional ::Contrast::Api::Dtm::PathTraversalSemanticAnalysisDetails, :path_traversal_semantic, 43
-      end
-      class BotBlockerDetails
-        optional :string, :bot, 1
-        optional :string, :user_agent, 2
-      end
-      class CmdInjectionDetails
-        optional :string, :command, 1
-        optional :int32, :start_idx, 2
-        optional :int32, :end_idx, 3
-      end
-      class HttpMethodTamperingDetails
-        optional :string, :method, 1
-        optional :int32, :response_code, 2
-      end
-      class UntrustedDeserializationDetails
-        optional :bool, :command, 1
-        optional :string, :deserializer, 2
-      end
-      class IpDenylistDetails
-        optional :string, :ip, 1
-        optional :string, :uuid, 2
-      end
-      class PathTraversalDetails
-        optional :string, :path, 1
-      end
-      class PathTraversalSemanticAnalysisDetails
-        optional :string, :path, 1
-        repeated ::Contrast::Api::Dtm::PathTraversalSemanticAnalysisDetails::Finding, :findings, 2
-      end
-      class ReDosDetails
-        optional :int32, :times_accessed, 1
-        optional :int64, :execution_time_ms, 2
-        optional :string, :pattern, 3
-        optional :string, :offending_string, 4
-      end
-      class SqlInjectionDetails
-        optional :int32, :start_idx, 1
-        optional :int32, :end_idx, 2
-        optional :int32, :boundary_overrun_idx, 3
-        optional :int32, :input_boundary_idx, 4
-        optional :string, :query, 5
-      end
-      class NoSqlInjectionDetails
-        optional :int32, :start_idx, 1
-        optional :int32, :end_idx, 2
-        optional :int32, :boundary_overrun_idx, 3
-        optional :int32, :input_boundary_idx, 4
-        optional :string, :query, 5
-      end
-      class SsrfDetails
-        optional :string, :url, 1
-      end
-      class VirtualPatchDetails
-        optional :string, :uuid, 1
-      end
-      class XssDetails
-        optional :string, :input, 1
-        repeated ::Contrast::Api::Dtm::XssMatch, :matches, 2
-      end
-      class XssMatch
-        optional :int64, :evidence_start_ms, 1
-        optional :string, :evidence, 2
-        optional :int32, :offset, 3
-      end
-      class XxeDetails
-        optional :string, :xml, 1
-        repeated ::Contrast::Api::Dtm::XxeMatch, :declared_entities, 2
-        repeated ::Contrast::Api::Dtm::XxeWrapper, :entities_resolved, 3
-      end
-      class XxeMatch
-        optional :int32, :start_idx, 1
-        optional :int32, :end_idx, 2
-      end
-      class XxeWrapper
-        optional :string, :system_id, 1
-        optional :string, :public_id, 2
-      end
-      class UserInput
-        optional :string, :path, 2
-        optional :string, :key, 3
-        optional :string, :value, 4
-        optional ::Contrast::Api::Dtm::UserInput::InputType, :input_type, 5
-        optional ::Contrast::Api::Dtm::HttpRequest::DocumentType, :document_type, 6
-        repeated :string, :matcher_ids, 7
-      end
-      class StackTraceElement
-        optional :string, :declaring_class, 1
-        optional :string, :method_name, 2
-        optional :string, :file_name, 3
-        optional :int32, :line_number, 4
-      end
-    end
-  end
-end