@contrast/agent-bundle 5.40.0 → 5.41.0

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/handler-invoker.js

@@ -1,106 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
-
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-// @ts-check
-'use strict';
-Object.defineProperty(exports, "__esModule", { value: true });
-/**
- * @template {Object} T
- * @typedef {import('./export-hook-descriptor').Handler<T>} Handler
- */
-/** @typedef {import('./package-finder').Metadata} Metadata */
-class HandlerInvoker {
-    /**
-     * @param {import('pino').Logger} logger
-     */
-    constructor(logger) {
-        /** @type {import('pino').Logger} */
-        this.logger = logger;
-        /** @type {WeakMap<Object, WeakSet<Handler<any>>>} */
-        this.seen = new WeakMap();
-    }
-    /**
-     * Filters a collection of handlers to those which have not run for the
-     * provided export.
-     * @template {Object} T
-     * @param {T} xport The exported module
-     * @param {Handler<T>[]} handlers Collection of handlers
-     * @returns {Handler<T>[]}
-     */
-    filter(xport, handlers) {
-        if (!xport || (typeof xport !== 'object' && typeof xport !== 'function')) {
-            return [];
-        }
-        const seen = this.seen.get(xport);
-        if (!seen) {
-            const handlerSet = new WeakSet(handlers);
-            this.seen.set(xport, handlerSet);
-            return handlers;
-        }
-        return handlers.filter((handler) => {
-            if (seen.has(handler)) {
-                return false;
-            }
-            else {
-                seen.add(handler);
-                return true;
-            }
-        });
-    }
-    /**
-     * Invoke all handlers in the provided collection that have not yet been run
-     * for the provided export value.
-     * @template {Object} T
-     * @param {T} xport The exported module
-     * @param {Handler<T>[]} handlers The handlers to invoke
-     * @param {Metadata} metadata Export metadata to pass to the handlers
-     * @returns {T}
-     */
-    invoke(xport, handlers, metadata) {
-        /** @type {Handler<T>[]} */
-        const handlersToRerun = [];
-        const newHandlers = this.filter(xport, handlers);
-        const rv = newHandlers.reduce((acc, handler) => {
-            try {
-                const rerun = () => {
-                    handlersToRerun.push(handler);
-                };
-                this.logger.trace({ metadata }, 'invoking handler: %s', metadata.name);
-                return handler(acc, { rerun, ...metadata }) ?? acc;
-            }
-            catch (err) {
-                this.logger.error({ err, metadata }, 'error invoking handler: %s', metadata.name);
-                return acc;
-            }
-        }, xport);
-        if (typeof rv == 'function' && rv != xport) {
-            // @ts-expect-error
-            this.seen.set(rv, this.seen.get(xport));
-        }
-        for (const handler of handlersToRerun) {
-            this.seen.get(rv)?.delete?.(handler);
-            this.seen.delete(handler);
-        }
-        return rv;
-    }
-    /**
-     * @template {Object} T
-     * @param {T} xport The exported module
-     */
-    reset(xport) {
-        this.seen.delete(xport);
-    }
-}
-module.exports = HandlerInvoker;
-//# sourceMappingURL=handler-invoker.js.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/helpers.d.ts

@@ -1,28 +0,0 @@
-/**
- * Shortens a fully resolved filename to a short path that would be respected by
- * `require`.
- * @example
- * '/long/absolute/path/to/node_modules/package/lib/file.js' => 'package/lib/file'
- *
- * @param {{
- *   name: string;
- *   packageDir: string;
- *   file: string;
- *   main?: string;
- * }} opts
- * @returns {string}
- */
-export function getShortname({ name, packageDir, file, main }: {
-    name: string;
-    packageDir: string;
-    file: string;
-    main?: string;
-}): string;
-/**
- * polyfill for `module.isBuiltin` prior to Node v16.17.0
- * see: https://nodejs.org/docs/latest-v16.x/api/module.html#moduleisbuiltinmodulename
- * @param {string} name
- * @returns {boolean}
- */
-export function isBuiltin(name: string): boolean;
-//# sourceMappingURL=helpers.d.ts.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/helpers.js

@@ -1,66 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
-
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-'use strict';
-Object.defineProperty(exports, "__esModule", { value: true });
-const Module = require('node:module');
-const path = require('node:path');
-const { isString, primordials: { StringPrototypeReplace, StringPrototypeSubstring, RegExpPrototypeTest } } = require('@contrast/common');
-const pathSepRegex = new RegExp(`\\${path.sep}`, 'g');
-/**
- * Shortens a fully resolved filename to a short path that would be respected by
- * `require`.
- * @example
- * '/long/absolute/path/to/node_modules/package/lib/file.js' => 'package/lib/file'
- *
- * @param {{
- *   name: string;
- *   packageDir: string;
- *   file: string;
- *   main?: string;
- * }} opts
- * @returns {string}
- */
-function getShortname({ name, packageDir, file, main }) {
-    const mainPath = StringPrototypeReplace.call(path.join(packageDir, isString(main) ? main : ''), pathSepRegex, '\\$&');
-    const mainPathRegex = new RegExp(`^${mainPath}\\${path.sep}?(index)?(\\.js(on)?)?$`);
-    let normalizedFilename = path.normalize(file);
-    if (RegExpPrototypeTest.call(mainPathRegex, normalizedFilename)) {
-        return name;
-    }
-    else {
-        normalizedFilename = StringPrototypeReplace.call(normalizedFilename, path.normalize(packageDir), name);
-        normalizedFilename = StringPrototypeReplace.call(normalizedFilename, pathSepRegex, '/');
-        normalizedFilename = StringPrototypeReplace.call(normalizedFilename, /\/?(index)?\.js$/, '');
-        return normalizedFilename;
-    }
-}
-/**
- * polyfill for `module.isBuiltin` prior to Node v16.17.0
- * see: https://nodejs.org/docs/latest-v16.x/api/module.html#moduleisbuiltinmodulename
- * @param {string} name
- * @returns {boolean}
- */
-function isBuiltin(name) {
-    if (name.startsWith('node:')) {
-        name = StringPrototypeSubstring.call(name, 5);
-    }
-    // @ts-expect-error we've set the node version to 14 before this was added.
-    return Module.isBuiltin?.(name) ?? Module.builtinModules.includes(name);
-}
-module.exports = {
-    getShortname,
-    isBuiltin,
-};
-//# sourceMappingURL=helpers.js.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/index.d.ts

@@ -1,115 +0,0 @@
-declare function _exports(core: {
-    readonly logger: import('@contrast/logger').Logger;
-    readonly messages: import('@contrast/common').Messages;
-    depHooks: DepHooks;
-}): DepHooks;
-declare namespace _exports {
-    export { DepHooks };
-    export { LoadArgs, Metadata };
-}
-export = _exports;
-export type LoadArgs = {
-    request: string;
-    parent: Module;
-};
-export type Metadata = import('./package-finder').Metadata;
-/**
- * @typedef {Object} LoadArgs
- * @property {string} request
- * @property {Module} parent
- */
-/** @typedef {import('./package-finder').Metadata} Metadata */
-/**
- * Allows clients to register function handlers which run as a 'post-hook' at
- * require-time.
- */
-declare class DepHooks {
-    /**
-     * @param {Object} opts
-     * @param {import('pino').Logger} opts.logger
-     * @param {import('@contrast/common').Messages} opts.messages
-     */
-    constructor({ logger, messages }: {
-        logger: import('pino').Logger;
-        messages: import('@contrast/common').Messages;
-    });
-    /** @type {import('pino').Logger} */
-    logger: import('pino').Logger;
-    /** @type {import('@contrast/common').Messages} */
-    messages: import('@contrast/common').Messages;
-    /** @type {HandlerInvoker} */
-    invoker: HandlerInvoker;
-    /** @type {ExportHandlerRegistry} */
-    registry: ExportHandlerRegistry;
-    /** @type {WeakMap<Object, Object>} */
-    requiredModules: WeakMap<Object, Object>;
-    /** @type {Set<string>} */
-    resets: Set<string>;
-    /**
-     * Registers handlers to run afer the described module is required.
-     * @template {Object} T
-     * @param {ExportHookDescriptor.Descriptor | string} descriptor describes the module to hook
-     * @param {ExportHookDescriptor.Handler<T>[]} handlers the function hooks to execute after require
-     */
-    register<T extends Object>(descriptor: ExportHookDescriptor.Descriptor | string, ...handlers: ExportHookDescriptor.Handler<T>[]): void;
-    /** Alias for `DepHooks#resolve` */
-    resolve: <T extends Object>(descriptor: ExportHookDescriptor.Descriptor | string, ...handlers: ExportHookDescriptor.Handler<T>[]) => void;
-    /**
-     * Provided with an export, a collection of handlers, and metadata, will
-     * invoke only the handlers which have not yet run on the export instance.
-     * @template {Object} T
-     * @param {T} xport the exported value of a required module
-     * @param {ExportHookDescriptor.Handler<T>[]} handlers the function hooks to execute on require
-     * @param {Metadata} metadata the export's metadata
-     * @returns {T}
-     */
-    runRequireHandlers<T_1 extends Object>(xport: T_1, handlers: ExportHookDescriptor.Handler<T_1>[], metadata: Metadata): T_1;
-    /**
-     * Checks if module name exists in resets set. If so, it will remove it from
-     * the  set as well as remove it from the invoker WeakMap. This will force
-     * instrumentation handlers to re-run. This use case is only used for testing
-     * of the node agent in certain cases.
-     * @template {Object} T
-     * @param {string} request the string passed to require()
-     * @param {T} xport the exported value of a required module
-     */
-    maybeClearHandlers<T_2 extends Object>(request: string, xport: T_2): void;
-    /**
-     * Instruments the Module._load method (invoked by require) to run registered handlers _after_ the modules
-     * have loaded/compiled. Any value returned by the handlers will replace the return value of Module._load
-     * and thus replace the export. This only works when the modules are required, but not imported. This is
-     * due to how Node's ModuleWrap works, as it sets the export from the cjsExportCache and not from the return
-     * value of Module._load like require does. In order to replace a target CJS export that is imported, we
-     * also need to patch _compile (see below). We cannot replace the value of a built-in that is imported, but
-     * we haven't had the need (we only really need to do that if an export is a function we need to patch e.g.
-     * fastify, or connect middleware). We don't limit the Module._load patch to patching only built-ins, because
-     * we need to support dep-hook handlers that need to run multiple times (via rerun option method that is
-     * passed to handlers).
-     *
-     * This also instruments the _compile instance method with very similar logic to to the Module._load patch.
-     * By patching _compile, we can set the value of module.exports directly in an earlier in the stage of CJS
-     * module loading which occurs before the module is cached. This way we _can_ replace the export if the target
-     * module is imported. The _compile function gets called exactly once per loaded module (excluding built-ins).
-     *
-     * @see https://github.com/nodejs/node/blob/main/lib/internal/modules/cjs/loader.js
-     * @see https://github.com/nodejs/node/blob/main/lib/internal/modules/esm/translators.js
-     */
-    install(): void;
-    originalLoad: any;
-    originalCompile: any;
-    /**
-     * Resets Module's _load method to the original value.
-     */
-    uninstall(): void;
-    /**
-     * Resets the seen handlers for a given module - they will be re-run on next
-     * require.
-     * @param {string} request the string passed to require()
-     */
-    reset(request: string): void;
-}
-import Module = require("module");
-import HandlerInvoker = require("./handler-invoker");
-import ExportHandlerRegistry = require("./export-handler-registry");
-import ExportHookDescriptor = require("./export-hook-descriptor");
-//# sourceMappingURL=index.d.ts.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/index.js

@@ -1,208 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
-
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-// @ts-check
-'use strict';
-Object.defineProperty(exports, "__esModule", { value: true });
-const Module = require('node:module');
-const ExportHandlerRegistry = require('./export-handler-registry');
-const ExportHookDescriptor = require('./export-hook-descriptor');
-const HandlerInvoker = require('./handler-invoker');
-/**
- * @typedef {Object} LoadArgs
- * @property {string} request
- * @property {Module} parent
- */
-/** @typedef {import('./package-finder').Metadata} Metadata */
-/**
- * Allows clients to register function handlers which run as a 'post-hook' at
- * require-time.
- */
-class DepHooks {
-    /**
-     * @param {Object} opts
-     * @param {import('pino').Logger} opts.logger
-     * @param {import('@contrast/common').Messages} opts.messages
-     */
-    constructor({ logger, messages }) {
-        /** Alias for `DepHooks#resolve` */
-        this.resolve = this.register;
-        /** @type {import('pino').Logger} */
-        this.logger = logger;
-        /** @type {import('@contrast/common').Messages} */
-        this.messages = messages;
-        /** @type {HandlerInvoker} */
-        this.invoker = new HandlerInvoker(logger);
-        /** @type {ExportHandlerRegistry} */
-        this.registry = new ExportHandlerRegistry({ logger, messages });
-        /** @type {WeakMap<Object, Object>} */
-        this.requiredModules = new WeakMap();
-        /** @type {Set<string>} */
-        this.resets = new Set();
-    }
-    /**
-     * Registers handlers to run afer the described module is required.
-     * @template {Object} T
-     * @param {ExportHookDescriptor.Descriptor | string} descriptor describes the module to hook
-     * @param {ExportHookDescriptor.Handler<T>[]} handlers the function hooks to execute after require
-     */
-    register(descriptor, ...handlers) {
-        const info = ExportHookDescriptor.create(descriptor, handlers);
-        this.registry.update(info);
-    }
-    /**
-     * Provided with an export, a collection of handlers, and metadata, will
-     * invoke only the handlers which have not yet run on the export instance.
-     * @template {Object} T
-     * @param {T} xport the exported value of a required module
-     * @param {ExportHookDescriptor.Handler<T>[]} handlers the function hooks to execute on require
-     * @param {Metadata} metadata the export's metadata
-     * @returns {T}
-     */
-    runRequireHandlers(xport, handlers, metadata) {
-        return this.invoker.invoke(xport, handlers, metadata);
-    }
-    /**
-     * Checks if module name exists in resets set. If so, it will remove it from
-     * the  set as well as remove it from the invoker WeakMap. This will force
-     * instrumentation handlers to re-run. This use case is only used for testing
-     * of the node agent in certain cases.
-     * @template {Object} T
-     * @param {string} request the string passed to require()
-     * @param {T} xport the exported value of a required module
-     */
-    maybeClearHandlers(request, xport) {
-        if (this.resets.has(request)) {
-            this.resets.delete(request);
-            this.invoker.reset(xport);
-        }
-    }
-    /**
-     * Instruments the Module._load method (invoked by require) to run registered handlers _after_ the modules
-     * have loaded/compiled. Any value returned by the handlers will replace the return value of Module._load
-     * and thus replace the export. This only works when the modules are required, but not imported. This is
-     * due to how Node's ModuleWrap works, as it sets the export from the cjsExportCache and not from the return
-     * value of Module._load like require does. In order to replace a target CJS export that is imported, we
-     * also need to patch _compile (see below). We cannot replace the value of a built-in that is imported, but
-     * we haven't had the need (we only really need to do that if an export is a function we need to patch e.g.
-     * fastify, or connect middleware). We don't limit the Module._load patch to patching only built-ins, because
-     * we need to support dep-hook handlers that need to run multiple times (via rerun option method that is
-     * passed to handlers).
-     *
-     * This also instruments the _compile instance method with very similar logic to to the Module._load patch.
-     * By patching _compile, we can set the value of module.exports directly in an earlier in the stage of CJS
-     * module loading which occurs before the module is cached. This way we _can_ replace the export if the target
-     * module is imported. The _compile function gets called exactly once per loaded module (excluding built-ins).
-     *
-     * @see https://github.com/nodejs/node/blob/main/lib/internal/modules/cjs/loader.js
-     * @see https://github.com/nodejs/node/blob/main/lib/internal/modules/esm/translators.js
-     */
-    install() {
-        const self = this;
-        /** @type LoadArgs[] */
-        const loadStack = [];
-        // don't define these prior to install(), since it will interfere with other
-        // components that also need to instrument it e.g. agentify's rewrite-hooks.
-        self.originalLoad = Reflect.get(Module, '_load');
-        self.originalCompile = Reflect.get(Module.prototype, '_compile');
-        this.logger.trace('Applying Module.prototype dep-hooks overrides');
-        /**
-         * @this {Module}
-         * @param {string} request the string passed to require()
-         * @param {Module} parent the module executing require()
-         * @param {boolean} isMain indicates whether the module executing require() is the entry point
-         */
-        function __loadOverride(request, parent, isMain) {
-            let exportHandlerInfo;
-            let xport;
-            loadStack.push({ request, parent });
-            try {
-                exportHandlerInfo = self.registry.query(request, parent, isMain);
-                xport = Reflect.apply(self.originalLoad, this, [request, parent, isMain]);
-                if (exportHandlerInfo) {
-                    self.maybeClearHandlers(request, xport);
-                    const xportSubstitution = self.runRequireHandlers(self.requiredModules.get(xport) ?? xport, exportHandlerInfo.handlers, exportHandlerInfo.metadata);
-                    self.requiredModules.set(xport, xportSubstitution);
-                }
-            }
-            finally {
-                loadStack.pop();
-            }
-            return self.requiredModules.get(xport) ?? xport;
-        }
-        /**
-         * @this {Module}
-         * @param {string} content
-         * @param {string} filename
-         * @param {string} format
-         */
-        function __compileOverride(content, filename, format) {
-            // run original which this sets the value of this.exports
-            const ret = Reflect.apply(self.originalCompile, this, [content, filename, format]);
-            const xports = this.exports;
-            // registry works based on request and parent arguments passed to Module._load.
-            // so use the values the _load hook captured in loadStack
-            const { request, parent } = loadStack[loadStack.length - 1];
-            try {
-                const exportHandlerInfo = self.registry.query(request, parent, false);
-                if (exportHandlerInfo) {
-                    self.maybeClearHandlers(request, xports);
-                    const xportSubstitution = self.runRequireHandlers(self.requiredModules.get(xports) ?? xports, exportHandlerInfo.handlers, exportHandlerInfo.metadata);
-                    self.requiredModules.set(xports, xportSubstitution);
-                    // set the value of the exports. this value will be cached
-                    this.exports = self.requiredModules.get(xports) ?? xports;
-                }
-            }
-            catch {
-                //
-            }
-            return ret;
-        }
-        Reflect.set(Module, '_load', __loadOverride);
-        Reflect.set(Module.prototype, '_compile', __compileOverride);
-    }
-    /**
-     * Resets Module's _load method to the original value.
-     */
-    uninstall() {
-        this.logger.trace('Removing dep-hook Module patches');
-        this.originalLoad && Reflect.set(Module, '_load', this.originalLoad);
-        this.originalCompile && Reflect.set(Module.prototype, '_compile', this.originalCompile);
-    }
-    /**
-     * Resets the seen handlers for a given module - they will be re-run on next
-     * require.
-     * @param {string} request the string passed to require()
-     */
-    reset(request) {
-        this.resets.add(request);
-    }
-}
-/**
- * @param {{
- *  readonly logger: import('@contrast/logger').Logger;
- *  readonly messages: import('@contrast/common').Messages;
- *  depHooks: DepHooks;
- * }} core
- * @returns {DepHooks}
- */
-module.exports = function init(core) {
-    core.depHooks = new DepHooks({
-        logger: core.logger.child({ name: 'contrast:dep-hooks' }),
-        messages: core.messages,
-    });
-    return core.depHooks;
-};
-module.exports.DepHooks = DepHooks;
-//# sourceMappingURL=index.js.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/package-finder.d.ts

@@ -1,43 +0,0 @@
-export type Metadata = {
-    /**
-     * the name of the module being required as indicated by its package.json
-     */
-    name: string;
-    /**
-     * shortened version of the module name + file being required
-     */
-    shortname: string;
-    /**
-     * the version of the module being required as indicated by its package.json
-     */
-    version: string;
-    /**
-     * the location of the module being required
-     */
-    packageDir: string;
-    /**
-     * the absolute filename of the module file being required
-     */
-    file: string;
-    /**
-     * `main` field from the package being required's package.json
-     */
-    main?: string | undefined;
-};
-/**
- * @typedef {Object} Metadata
- * @property {string} name the name of the module being required as indicated by its package.json
- * @property {string} shortname shortened version of the module name + file being required
- * @property {string} version the version of the module being required as indicated by its package.json
- * @property {string} packageDir the location of the module being required
- * @property {string} file the absolute filename of the module file being required
- * @property {string=} main `main` field from the package being required's package.json
- */
-/**
- * Resolves the metadata of a package given it's resolved name.
- * @param {string=} file Absolute path to the module file
- * @param {import('pino').Logger=} logger
- * @returns {Metadata?}
- */
-export function resolveMetadata(file?: string | undefined, logger?: import('pino').Logger | undefined): Metadata | null;
-//# sourceMappingURL=package-finder.d.ts.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/package-finder.js

@@ -1,79 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
-
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-// @ts-check
-'use strict';
-Object.defineProperty(exports, "__esModule", { value: true });
-const path = require('node:path');
-const { findPackageJsonSync } = require('@contrast/find-package-json');
-const { getShortname, isBuiltin } = require('./helpers');
-const { primordials: { StringPrototypeReplace, StringPrototypeSubstring, JSONParse, FsReadFileSync } } = require('@contrast/common');
-/**
- * @typedef {Object} Metadata
- * @property {string} name the name of the module being required as indicated by its package.json
- * @property {string} shortname shortened version of the module name + file being required
- * @property {string} version the version of the module being required as indicated by its package.json
- * @property {string} packageDir the location of the module being required
- * @property {string} file the absolute filename of the module file being required
- * @property {string=} main `main` field from the package being required's package.json
- */
-/**
- * Resolves the metadata of a package given it's resolved name.
- * @param {string=} file Absolute path to the module file
- * @param {import('pino').Logger=} logger
- * @returns {Metadata?}
- */
-function resolveMetadata(file, logger) {
-    if (!file) {
-        return null;
-    }
-    if (isBuiltin(file)) {
-        // @ts-ignore ts does not handle method overloads well
-        file = StringPrototypeReplace.call(file, /^(node:)?/, 'node:');
-        return {
-            name: file,
-            version: StringPrototypeSubstring.call(process.version, 1),
-            packageDir: file,
-            file,
-            shortname: file,
-        };
-    }
-    const resolved = path.dirname(file);
-    const pdj = findPackageJsonSync({ cwd: resolved });
-    if (!pdj) {
-        logger?.error('unable to find package.json for %s', file);
-        return null;
-    }
-    try {
-        const json = FsReadFileSync(pdj, 'utf8');
-        const { name, version, main } = JSONParse(json);
-        const packageDir = path.dirname(pdj);
-        return {
-            name,
-            version,
-            packageDir,
-            file,
-            shortname: getShortname({ name, packageDir, file, main }),
-            main,
-        };
-    }
-    catch (err) {
-        logger?.error({ err }, 'unable to parse %s', pdj);
-        return null;
-    }
-}
-module.exports = {
-    resolveMetadata,
-};
-//# sourceMappingURL=package-finder.js.map

package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/package.json

@@ -1,29 +0,0 @@
-{
-  "name": "@contrast/dep-hooks",
-  "version": "1.22.0",
-  "description": "Post hooks for Module.prototype.require",
-  "license": "SEE LICENSE IN LICENSE",
-  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
-  "files": [
-    "lib/",
-    "!*.test.*",
-    "!tsconfig.*",
-    "!*.map"
-  ],
-  "main": "lib/index.js",
-  "types": "lib/index.d.ts",
-  "engines": {
-    "npm": ">=6.13.7 <7 || >=8.3.1",
-    "node": ">=16.9.1"
-  },
-  "scripts": {
-    "build": "tsc --build src/",
-    "test": "bash ../scripts/test.sh"
-  },
-  "dependencies": {
-    "@contrast/common": "1.33.0",
-    "@contrast/find-package-json": "^1.1.0",
-    "@contrast/logger": "1.26.0",
-    "semver": "^7.6.3"
-  }
-}