RubyGems - newrelic_security - Versions diffs - 0.2.0 → 0.4.0 - Mend

newrelic_security 0.2.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (58) hide show

data/lib/newrelic_security/parse-cron/cron_parser.rb ADDED Viewed

@@ -0,0 +1,294 @@
+require 'set'
+require 'date'
+module NewRelic::Security
+  module ParseCron
+    # Parses cron expressions and computes the next occurence of the "job"
+    class CronParser
+      # internal "mutable" time representation
+      class InternalTime
+        attr_accessor :year, :month, :day, :hour, :min, :time_source
+        def initialize(time, time_source = Time)
+          @year = time.year
+          @month = time.month
+          @day = time.day
+          @hour = time.hour
+          @min = time.min
+          @time_source = time_source
+        end
+        def to_time
+          time_source.local(@year, @month, @day, @hour, @min, 0)
+        end
+        def inspect
+          [year, month, day, hour, min].inspect
+        end
+      end
+      SYMBOLS = {
+        "jan" => "1",
+        "feb" => "2",
+        "mar" => "3",
+        "apr" => "4",
+        "may" => "5",
+        "jun" => "6",
+        "jul" => "7",
+        "aug" => "8",
+        "sep" => "9",
+        "oct" => "10",
+        "nov" => "11",
+        "dec" => "12",
+        "sun" => "0",
+        "mon" => "1",
+        "tue" => "2",
+        "wed" => "3",
+        "thu" => "4",
+        "fri" => "5",
+        "sat" => "6"
+      }
+      def initialize(source, time_source = Time)
+        @source = interpret_vixieisms(source)
+        @time_source = time_source
+        validate_source
+      end
+      def interpret_vixieisms(spec)
+        case spec
+        when '@reboot'
+          raise ArgumentError, "Can't predict last/next run of @reboot"
+        when '@yearly', '@annually'
+          '0 0 1 1 *'
+        when '@monthly'
+          '0 0 1 * *'
+        when '@weekly'
+          '0 0 * * 0'
+        when '@daily', '@midnight'
+          '0 0 * * *'
+        when '@hourly'
+          '0 * * * *'
+        else
+          spec
+        end
+      end
+      # returns the next occurence after the given date
+      def next(now = @time_source.now, num = 1)
+        t = InternalTime.new(now, @time_source)
+        unless time_specs[:month][0].include?(t.month)
+          nudge_month(t)
+          t.day = 0
+        end
+        unless interpolate_weekdays(t.year, t.month)[0].include?(t.day)
+          nudge_date(t)
+          t.hour = -1
+        end
+        unless time_specs[:hour][0].include?(t.hour)
+          nudge_hour(t)
+          t.min = -1
+        end
+        # always nudge the minute
+        nudge_minute(t)
+        t = t.to_time
+        if num > 1
+          recursive_calculate(:next, t, num)
+        else
+          t
+        end
+      end
+      # returns the last occurence before the given date
+      def last(now = @time_source.now, num = 1)
+        t = InternalTime.new(now, @time_source)
+        unless time_specs[:month][0].include?(t.month)
+          nudge_month(t, :last)
+          t.day = 32
+        end
+        if t.day == 32 || !interpolate_weekdays(t.year, t.month)[0].include?(t.day)
+          nudge_date(t, :last)
+          t.hour = 24
+        end
+        unless time_specs[:hour][0].include?(t.hour)
+          nudge_hour(t, :last)
+          t.min = 60
+        end
+        # always nudge the minute
+        nudge_minute(t, :last)
+        t = t.to_time
+        if num > 1
+          recursive_calculate(:last, t, num)
+        else
+          t
+        end
+      end
+      SUBELEMENT_REGEX = %r{^(\d+)(-(\d+)(/(\d+))?)?$}
+      def parse_element(elem, allowed_range)
+        values = elem.split(',').map do |subel|
+          if subel =~ /^\*/
+            step = subel.length > 1 ? subel[2..-1].to_i : 1
+            stepped_range(allowed_range, step)
+          else
+            raise ArgumentError, "Bad Vixie-style specification #{subel}" unless SUBELEMENT_REGEX === subel
+            if ::Regexp.last_match(5) # with range
+              stepped_range(::Regexp.last_match(1).to_i..::Regexp.last_match(3).to_i, ::Regexp.last_match(5).to_i)
+            elsif ::Regexp.last_match(3) # range without step
+              stepped_range(::Regexp.last_match(1).to_i..::Regexp.last_match(3).to_i, 1)
+            else # just a numeric
+              [::Regexp.last_match(1).to_i]
+            end
+          end
+        end.flatten.sort
+        [Set.new(values), values, elem]
+      end
+      protected
+      def recursive_calculate(meth, time, num)
+        array = [time]
+        num.-(1).times do |_num|
+          array << send(meth, array.last)
+        end
+        array
+      end
+      # returns a list of days which do both match time_spec[:dom] or time_spec[:dow]
+      def interpolate_weekdays(year, month)
+        @_interpolate_weekdays_cache ||= {}
+        @_interpolate_weekdays_cache["#{year}-#{month}"] ||= interpolate_weekdays_without_cache(year, month)
+      end
+      def interpolate_weekdays_without_cache(year, month)
+        t = Date.new(year, month, 1)
+        valid_mday, _, mday_field = time_specs[:dom]
+        valid_wday, _, wday_field = time_specs[:dow]
+        # Careful, if both DOW and DOM fields are non-wildcard,
+        # then we only need to match *one* for cron to run the job:
+        unless mday_field == '*' and wday_field == '*'
+          valid_mday = [] if mday_field == '*'
+          valid_wday = [] if wday_field == '*'
+        end
+        # Careful: crontabs may use either 0 or 7 for Sunday:
+        valid_wday << 0 if valid_wday.include?(7)
+        result = []
+        while t.month == month
+          result << t.mday if valid_mday.include?(t.mday) || valid_wday.include?(t.wday)
+          t = t.succ
+        end
+        [Set.new(result), result]
+      end
+      def nudge_year(t, dir = :next)
+        t.year = t.year + (dir == :next ? 1 : -1)
+      end
+      def nudge_month(t, dir = :next)
+        spec = time_specs[:month][1]
+        next_value = find_best_next(t.month, spec, dir)
+        t.month = next_value || (dir == :next ? spec.first : spec.last)
+        nudge_year(t, dir) if next_value.nil?
+        # we changed the month, so its likely that the date is incorrect now
+        valid_days = interpolate_weekdays(t.year, t.month)[1]
+        t.day = dir == :next ? valid_days.first : valid_days.last
+      end
+      def date_valid?(t, _dir = :next)
+        interpolate_weekdays(t.year, t.month)[0].include?(t.day)
+      end
+      def nudge_date(t, dir = :next, can_nudge_month = true)
+        spec = interpolate_weekdays(t.year, t.month)[1]
+        next_value = find_best_next(t.day, spec, dir)
+        t.day = next_value || (dir == :next ? spec.first : spec.last)
+        nudge_month(t, dir) if next_value.nil? && can_nudge_month
+      end
+      def nudge_hour(t, dir = :next)
+        spec = time_specs[:hour][1]
+        next_value = find_best_next(t.hour, spec, dir)
+        t.hour = next_value || (dir == :next ? spec.first : spec.last)
+        nudge_date(t, dir) if next_value.nil?
+      end
+      def nudge_minute(t, dir = :next)
+        spec = time_specs[:minute][1]
+        next_value = find_best_next(t.min, spec, dir)
+        t.min = next_value || (dir == :next ? spec.first : spec.last)
+        nudge_hour(t, dir) if next_value.nil?
+      end
+      def time_specs
+        @time_specs ||= begin
+          # tokens now contains the 5 fields
+          tokens = substitute_parse_symbols(@source).split(/\s+/)
+          {
+            :minute => parse_element(tokens[0], 0..59), #minute
+            :hour => parse_element(tokens[1], 0..23), #hour
+            :dom => parse_element(tokens[2], 1..31), #DOM
+            :month => parse_element(tokens[3], 1..12), #mon
+            :dow => parse_element(tokens[4], 0..6) #DOW
+          }
+        end
+      end
+      def substitute_parse_symbols(str)
+        SYMBOLS.inject(str.downcase) do |s, (symbol, replacement)|
+          s.gsub(symbol, replacement)
+        end
+      end
+      def stepped_range(rng, step = 1)
+        len = rng.last - rng.first
+        num = len.div(step)
+        result = (0..num).map { |i| rng.first + (step * i) }
+        result.pop if result[-1] == rng.last and rng.exclude_end?
+        result
+      end
+      # returns the smallest element from allowed which is greater than current
+      # returns nil if no matching value was found
+      def find_best_next(current, allowed, dir)
+        if dir == :next
+          allowed.sort.find { |val| val > current }
+        else
+          allowed.sort.reverse.find { |val| val < current }
+        end
+      end
+      def validate_source
+        raise ArgumentError, 'not a valid cronline' unless @source.respond_to?(:split)
+        source_length = @source.split(/\s+/).length
+        return if source_length >= 5 && source_length <= 6
+        raise ArgumentError, 'not a valid cronline'
+      end
+    end
+  end
+end

data/lib/newrelic_security/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 module NewRelic
   module Security
-    VERSION = "0.2.0"
+    VERSION = "0.4.0"
   end
 end

data/lib/newrelic_security/websocket-client-simple/client.rb CHANGED Viewed

@@ -72,7 +72,11 @@ module NewRelic::Security
                     end
                   end
                 rescue IOError => e
-                  close false
+                  if e.inspect =~ /stream closed in another thread/
+                    close false
+                  else
+                    emit :error, e
+                  end
                 rescue => e
                   emit :error, e
                 end

data/newrelic_security.gemspec CHANGED Viewed

@@ -39,7 +39,7 @@ Gem::Specification.new do |spec|
   ]
   spec.require_paths = ['lib']
-  spec.add_dependency 'newrelic_rpm', '>= 9.12.0'
+  spec.add_dependency 'newrelic_rpm', '>= 9.16.0'
   spec.add_development_dependency 'minitest', "#{RUBY_VERSION >= '2.7.0' ? '~> 5.18' : '4.7.5'}"

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: newrelic_security
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Prateek Sen
-autorequire:
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-10-11 00:00:00.000000000 Z
+date: 2025-01-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: newrelic_rpm
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 9.12.0
+        version: 9.16.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 9.12.0
+        version: 9.16.0
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -170,6 +170,7 @@ files:
 - lib/newrelic_security/agent/control/iast_client.rb
 - lib/newrelic_security/agent/control/iast_data_transfer_request.rb
 - lib/newrelic_security/agent/control/reflected_xss.rb
+- lib/newrelic_security/agent/control/scan_scheduler.rb
 - lib/newrelic_security/agent/control/websocket_client.rb
 - lib/newrelic_security/agent/logging/init_logger.rb
 - lib/newrelic_security/agent/logging/logger.rb
@@ -207,6 +208,9 @@ files:
 - lib/newrelic_security/instrumentation-security/grape/chain.rb
 - lib/newrelic_security/instrumentation-security/grape/instrumentation.rb
 - lib/newrelic_security/instrumentation-security/grape/prepend.rb
+- lib/newrelic_security/instrumentation-security/graphql/chain.rb
+- lib/newrelic_security/instrumentation-security/graphql/instrumentation.rb
+- lib/newrelic_security/instrumentation-security/graphql/prepend.rb
 - lib/newrelic_security/instrumentation-security/grpc/client/chain.rb
 - lib/newrelic_security/instrumentation-security/grpc/client/instrumentation.rb
 - lib/newrelic_security/instrumentation-security/grpc/client/prepend.rb
@@ -257,6 +261,9 @@ files:
 - lib/newrelic_security/instrumentation-security/pty/chain.rb
 - lib/newrelic_security/instrumentation-security/pty/instrumentation.rb
 - lib/newrelic_security/instrumentation-security/pty/prepend.rb
+- lib/newrelic_security/instrumentation-security/rack/chain.rb
+- lib/newrelic_security/instrumentation-security/rack/instrumentation.rb
+- lib/newrelic_security/instrumentation-security/rack/prepend.rb
 - lib/newrelic_security/instrumentation-security/rails/chain.rb
 - lib/newrelic_security/instrumentation-security/rails/instrumentation.rb
 - lib/newrelic_security/instrumentation-security/rails/prepend.rb
@@ -270,6 +277,7 @@ files:
 - lib/newrelic_security/instrumentation-security/sqlite3/instrumentation.rb
 - lib/newrelic_security/instrumentation-security/sqlite3/prepend.rb
 - lib/newrelic_security/newrelic-security-api/api.rb
+- lib/newrelic_security/parse-cron/cron_parser.rb
 - lib/newrelic_security/version.rb
 - lib/newrelic_security/websocket-client-simple/client.rb
 - lib/newrelic_security/websocket-client-simple/event_emitter.rb
@@ -322,7 +330,7 @@ metadata:
   documentation_uri: https://docs.newrelic.com/docs/iast/introduction/
   source_code_uri: https://github.com/newrelic/csec-ruby-agent
   homepage_uri: https://github.com/newrelic/csec-ruby-agent
-post_install_message:
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -338,7 +346,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: 1.3.1
 requirements: []
 rubygems_version: 3.4.19
-signing_key:
+signing_key:
 specification_version: 4
 summary: Extension for newrelic_rpm with security feature
 test_files: []