npm - @contrast/agent-bundle - Versions diffs - 5.40.0 → 5.41.0 - Mend

@contrast/agent-bundle 5.40.0 → 5.41.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (258) hide show

package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb4.js DELETED Viewed

@@ -1,80 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-'use strict';
-const { PATCH_TYPES: { ASYNC_CONTEXT } } = require('../constants');
-const { resolveCallbackIndex } = require('../utils');
-/**
- * Exports a function handling the patching of `mongodb` versions 4 and 5.
- * @param {Object} core the core Contrast object in v5
- */
-module.exports = function (core) {
-  const { depHooks, patcher, logger, scopes: { wrap } } = core;
-  const mongoDBCursor = { name: 'mongodb', file: 'lib/cursor/abstract_cursor.js', version: '>=4 <6' };
-  const mongoDBCommand = { name: 'mongodb', file: 'lib/operations/command.js', version: '>=4 <6' };
-  function install() {
-    depHooks.resolve(mongoDBCommand, (command) => {
-      const methods = ['executeCommand'];
-      methods.forEach((method) => {
-        patcher.patch(command.CommandOperation.prototype, method, {
-          name: `mongodb.CommandOperation.prototype.${method}`,
-          patchType: ASYNC_CONTEXT,
-          pre: methodHook()
-        });
-      });
-    });
-    depHooks.resolve(
-      mongoDBCursor,
-      (cursor) => {
-        const methods = ['hasNext', 'next', 'tryNext', 'forEach', 'toArray', 'close'];
-        methods.forEach((method) => {
-          patcher.patch(cursor.AbstractCursor.prototype, method, {
-            name: `mongodb.AbstractCursor.prototype.${method}`,
-            patchType: ASYNC_CONTEXT,
-            pre: methodHook(),
-          });
-        });
-      });
-  }
-  /**
-   * Returns a function/hook to be used with a given mongodb-core/mongodb method
-   * @param {string} name the method for hooking
-   * @return {function} a preHook for the given mongodb-core method
-   */
-  function methodHook() {
-    /**
-      * Binds callback (when present) to the relevant AsyncStorage.
-      * @param {object} data the argument for the preHook
-      * @param {object} data.args the arguments passed to hooked method
-      */
-    return function ({ args, funcKey, name }) {
-      try {
-        const indexOfCallback = resolveCallbackIndex(args);
-        args[indexOfCallback] = wrap(args[indexOfCallback]);
-      } catch (err) {
-        logger.warn({ err, funcKey }, 'An error occurred in %s', name);
-      }
-    };
-  }
-  return {
-    install
-  };
-};

package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb6.js DELETED Viewed

@@ -1,46 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-'use strict';
-const { PATCH_TYPES: { ASYNC_CONTEXT } } = require('../constants');
-const { resolveCallbackIndex } = require('../utils');
-module.exports = function (core) {
-  const { depHooks, patcher, logger, scopes: { wrap } } = core;
-  function install() {
-    depHooks.resolve(
-      { name: 'mongodb', file: 'lib/cursor/abstract_cursor.js', version: '>=6 <7' },
-      ({ AbstractCursor }) => {
-        patcher.patch(AbstractCursor.prototype, 'forEach', {
-          name: 'mongodb.AbstractCursor.prototype.forEach',
-          patchType: ASYNC_CONTEXT,
-          pre({ args, funcKey, name }) {
-            try {
-              const indexOfCallback = resolveCallbackIndex(args);
-              args[indexOfCallback] = wrap(args[indexOfCallback]);
-            } catch (err) {
-              logger.warn({ err, funcKey }, 'An error occurred in %s', name);
-            }
-          },
-        });
-      });
-  }
-  return {
-    install
-  };
-};

package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mysql.js DELETED Viewed

@@ -1,151 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-'use strict';
-const { ASYNC_CONTEXT } = require('../constants').PATCH_TYPES;
-/**
- * Exports a function handling the patching of `mysql` and `mysql2` packages
- * @param {Object} core the core Contrast object in v5
- * @param {Object} core.depHooks instance of @contrast/depHooks
- * @param {Object} core.patcher instance of @contrast/patcher
- * @param {Object} core.logger instance of @contrast/logger
- * @param {Object} core.scopes instance of @contrast/scopes
- * @param {Function} core.scopes.wrap reference to scopes.wrap function
- */
-module.exports = ({ depHooks, patcher, logger, scopes: { wrap } }) => {
-  function install() {
-    depHooks.resolve({ name: 'mysql', version: '<3', file: 'lib/protocol/sequences/Sequence.js' }, patchSequence);
-    // Note: This may not be necessary, though comments in source code re domains
-    // suggest asyncStorage issues may be possible:
-    // https://github.com/mysqljs/mysql/blob/master/lib/Pool.js#L231
-    depHooks.resolve({ name: 'mysql', version: '<3', file: 'lib/Pool.js' }, patchPool);
-    depHooks.resolve({ name: 'mysql2', version: '<4', file: 'lib/commands/query.js' }, patchQuery);
-  }
-  /**
-   * Patches the Sequence constructor which the protocol classes inherit.
-   * This _must return_ the patched value to set the export in require hook.
-   * @param {function} sequenceCtor Sequence constructor fn
-   * @returns {function}
-   */
-  function patchSequence(sequenceCtor) {
-    return patcher.patch(sequenceCtor, {
-      name: 'mysql/lib/protocol/sequences/Sequence',
-      patchType: ASYNC_CONTEXT,
-      post: sequencePostHook(),
-    });
-  }
-  /**
-   * Patches Pool.prototype.getConnection.
-   * @param {function} poolCtor Pool constructor fn
-   */
-  function patchPool(poolCtor) {
-    patcher.patch(poolCtor.prototype, 'getConnection', {
-      name: 'mysql/lib/Pool.prototype.getConnection',
-      patchType: ASYNC_CONTEXT,
-      pre: poolPreHook(),
-    });
-  }
-  /**
-   * Patches the Query constructor.
-   * This _must return_ the patched value to set the export in require hook.
-   * @param {function} queryCtor Query constructor fn
-   * @returns {function}
-   */
-  function patchQuery(queryCtor) {
-    return patcher.patch(queryCtor, {
-      name: 'mysql2/lib/commands/query',
-      patchType: ASYNC_CONTEXT,
-      pre: queryPreHook(),
-    });
-  }
-  function sequencePostHook() {
-    /**
-     * Typically in a constructor the data.result would be the instance. But mysql
-     * has the subclasses e.g. Query, do Sequence.call(this, cb). In this case the
-     * data.obj is the instance.
-     * @param {object} data the argument for the postHook
-     * @param {object} data.obj sequence instance
-     */
-    return function ({ obj, funcKey, name }) {
-      try {
-        if (obj && obj._callback && typeof obj._callback === 'function') {
-          obj._callback = wrap(obj._callback);
-        }
-      } catch (err) {
-        logger.warn(
-          { err, funcKey },
-          'An error occurred in %s',
-          name
-        );
-      }
-    };
-  }
-  function poolPreHook() {
-    /**
-     * Binds callback (when present) to the relevant AsyncStorage.
-     * @param {object} data the argument for the preHook
-     * @param {object} data.args getConnection arguments
-     */
-    return function ({ args, funcKey, name }) {
-      try {
-        if (args.length && typeof args[0] === 'function') {
-          args[0] = wrap(args[0]);
-        }
-      } catch (err) {
-        logger.warn(
-          { err, funcKey },
-          'An error occurred in %s',
-          name
-        );
-      }
-    };
-  }
-  function queryPreHook() {
-    /**
-     * Binds callback (when present) to the context the constructor is called in.
-     * @param {object} data the argument for the preHook
-     * @param {object} data.args the arguments passed to the Query constructor
-     */
-    return function ({ args, funcKey, name }) {
-      try {
-        if (args.length && args[1] && typeof args[1] === 'function') {
-          args[1] = wrap(args[1]);
-        }
-      } catch (err) {
-        logger.warn({ err, funcKey }, 'An error occurred in %s', name);
-      }
-    };
-  }
-  return {
-    install,
-    hooks: {
-      sequencePostHook,
-      poolPreHook,
-      queryPreHook
-    },
-  };
-};

package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/redis.js DELETED Viewed

@@ -1,79 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-'use strict';
-const { ASYNC_CONTEXT } = require('../constants').PATCH_TYPES;
-/**
- * Redis doesn't properly support async hooks
- * In their code they bind a callback to a domain
- * but since this isn't an AsyncResource it loses
- * context when using async hooks
- *
- * https://github.com/NodeRedis/node-redis/blob/master/index.js#L807
- *
- * Exports a function handling the patching of `redis` package
- * @param {Object} core the core Contrast object in v5
- * @param {Object} core.depHooks instance of @contrast/depHooks
- * @param {Object} core.patcher instance of @contrast/patcher
- * @param {Object} hooks the relevant hooks that are to be used in the patching, found in ./hooks.js
- * @param {function} sendCommandPreHook - a pre hook for the internal_send_command method
- */
-module.exports = ({ depHooks, patcher, logger, scopes: { wrap } }) => {
-  function install() {
-    depHooks.resolve({ name: 'redis', version: '<5' }, patchRedis);
-  }
-  /**
-   * Patches redis.RedisClient.prototype.internal_send_command, if present.
-   * The redis object changes from v3.*.* onwards and no such patch is needed there.
-   * @param {Object} redis Redis object
-   */
-  function patchRedis(redis) {
-    if (redis.RedisClient?.prototype?.internal_send_command) {
-      patcher.patch(redis.RedisClient.prototype, 'internal_send_command', {
-        name: 'redis.RedisClient.internal_send_command',
-        patchType: ASYNC_CONTEXT,
-        pre: sendCommandPreHook(),
-      });
-    }
-  }
-  function sendCommandPreHook() {
-    /**
-     * Binds callback (when present) to the relevant AsyncStorage.
-     * @param {object} data the argument for the preHook
-     * @param {object} data.args the arguments passed to `.internal_send_command` method
-     */
-    return function ({ args, funcKey, name }) {
-      try {
-        if (
-          args.length &&
-          args[0].callback &&
-          typeof args[0].callback === 'function'
-        ) {
-          args[0].callback = wrap(args[0].callback);
-        }
-      } catch (err) {
-        logger.warn({ err, funcKey }, 'An error occurred in %s', name);
-      }
-    };
-  }
-  return {
-    install
-  };
-};

package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/utils.js DELETED Viewed

@@ -1,35 +0,0 @@
-/*
- * Copyright: 2025 Contrast Security, Inc
- * Contact: support@contrastsecurity.com
- * License: Commercial
- * NOTICE: This Software and the patented inventions embodied within may only be
- * used as part of Contrast Security’s commercial offerings. Even though it is
- * made available through public repositories, use of this Software is subject to
- * the applicable End User Licensing Agreement found at
- * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
- * between Contrast Security and the End User. The Software may not be reverse
- * engineered, modified, repackaged, sold, redistributed or otherwise used in a
- * way not consistent with the End User License Agreement.
- */
-'use strict';
-const resolveCallbackIndex = (argList) => {
-  if (!argList || !argList.length) {
-    return -1;
-  }
-  // Work backwards
-  for (let i = argList.length - 1; 0 <= i; i--) {
-    if (typeof argList[i] === 'function') {
-      return i;
-    }
-  }
-  return -1;
-};
-module.exports = {
-  resolveCallbackIndex
-};

package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/package.json DELETED Viewed

@@ -1,28 +0,0 @@
-{
-  "name": "@contrast/scopes",
-  "version": "1.23.0",
-  "description": "Handles AsyncLocalStorage scopes",
-  "license": "SEE LICENSE IN LICENSE",
-  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
-  "files": [
-    "lib/",
-    "!*.test.*",
-    "!tsconfig.*",
-    "!*.map"
-  ],
-  "main": "lib/index.js",
-  "types": "lib/index.d.ts",
-  "engines": {
-    "npm": ">=6.13.7 <7 || >= 8.3.1",
-    "node": ">= 16.9.1"
-  },
-  "scripts": {
-    "test": "bash ../scripts/test.sh"
-  },
-  "dependencies": {
-    "@contrast/core": "1.53.0",
-    "@contrast/dep-hooks": "1.22.0",
-    "@contrast/logger": "1.26.0",
-    "@contrast/patcher": "1.25.0"
-  }
-}