@contrast/agent-bundle 5.40.0 → 5.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/node_modules/@contrast/agent/package.json +12 -11
- package/node_modules/@contrast/agent-swc-plugin/index.js +9 -3
- package/node_modules/@contrast/agent-swc-plugin/methods.js +15 -1
- package/node_modules/@contrast/agent-swc-plugin/package.json +5 -8
- package/node_modules/@contrast/agent-swc-plugin/rewriter.wasm +0 -0
- package/node_modules/@contrast/agentify/lib/index.js +2 -2
- package/node_modules/@contrast/agentify/package.json +15 -14
- package/node_modules/@contrast/architecture-components/package.json +5 -5
- package/node_modules/@contrast/assess/lib/dataflow/propagation/install/util-format.js +44 -21
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/body-parser.js +1 -1
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/koa/koa-bodyparsers.js +3 -1
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/qs6.js +5 -5
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/querystring.js +2 -1
- package/node_modules/@contrast/assess/lib/index.d.ts +0 -1
- package/node_modules/@contrast/assess/lib/make-source-context.js +7 -37
- package/node_modules/@contrast/assess/lib/sampler/common.js +7 -11
- package/node_modules/@contrast/assess/package.json +12 -11
- package/node_modules/@contrast/common/lib/types.d.ts +7 -1
- package/node_modules/@contrast/common/package.json +1 -1
- package/node_modules/@contrast/config/lib/common.js +1 -1
- package/node_modules/@contrast/config/lib/config.js +49 -27
- package/node_modules/@contrast/config/lib/index.d.ts +2 -2
- package/node_modules/@contrast/config/lib/options.js +4 -4
- package/node_modules/@contrast/config/package.json +4 -3
- package/node_modules/@contrast/core/lib/sensitive-data-masking/protect-listener.js +15 -15
- package/node_modules/@contrast/core/package.json +6 -6
- package/node_modules/@contrast/deadzones/package.json +5 -5
- package/node_modules/@contrast/dep-hooks/package.json +3 -3
- package/node_modules/@contrast/esm-hooks/package.json +6 -6
- package/node_modules/@contrast/instrumentation/lib/index.js +0 -1
- package/node_modules/@contrast/instrumentation/package.json +5 -5
- package/node_modules/@contrast/library-analysis/lib/install/library-reporting/dep.json +298 -148
- package/node_modules/@contrast/library-analysis/package.json +4 -4
- package/node_modules/@contrast/logger/lib/serializers.js +2 -2
- package/node_modules/@contrast/logger/package.json +3 -3
- package/node_modules/@contrast/metrics/package.json +6 -6
- package/node_modules/@contrast/patcher/package.json +2 -2
- package/node_modules/@contrast/protect/lib/get-source-context.js +3 -1
- package/node_modules/@contrast/protect/lib/index.js +6 -1
- package/node_modules/@contrast/protect/lib/input-analysis/handlers.js +7 -9
- package/node_modules/@contrast/protect/lib/input-analysis/install/http.js +18 -19
- package/node_modules/@contrast/protect/lib/input-analysis/install/qs6.js +18 -17
- package/node_modules/@contrast/protect/lib/input-analysis/install/universal-cookie4.js +2 -3
- package/node_modules/@contrast/protect/lib/make-source-context.js +22 -66
- package/node_modules/@contrast/protect/lib/semantic-analysis/handlers.js +73 -72
- package/node_modules/@contrast/protect/package.json +11 -11
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/index.js +7 -7
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/translations.d.ts +3 -3
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/translations.js +24 -21
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/index.d.ts +11 -11
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/index.js +76 -86
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/translations.d.ts +1 -2
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/translations.js +8 -2
- package/node_modules/@contrast/reporter/lib/reporters/security-logger/index.d.ts +2 -2
- package/node_modules/@contrast/reporter/lib/reporters/security-logger/index.js +22 -20
- package/node_modules/@contrast/reporter/package.json +7 -7
- package/node_modules/@contrast/rewriter/lib/index.js +2 -2
- package/node_modules/@contrast/rewriter/package.json +6 -6
- package/node_modules/@contrast/route-coverage/lib/index.js +1 -9
- package/node_modules/@contrast/route-coverage/lib/install/express/express5.js +17 -19
- package/node_modules/@contrast/route-coverage/lib/install/hapi.js +9 -2
- package/node_modules/@contrast/route-coverage/package.json +8 -8
- package/node_modules/@contrast/scopes/package.json +5 -5
- package/node_modules/@contrast/sec-obs/lib/traces/http.js +2 -2
- package/node_modules/@contrast/sec-obs/lib/traces/http.test.js +17 -0
- package/node_modules/@contrast/sec-obs/lib/traces/outbound-service-call.js +2 -2
- package/node_modules/@contrast/sec-obs/lib/traces/outbound-service-call.test.js +17 -0
- package/node_modules/@contrast/sec-obs/package.json +9 -9
- package/node_modules/@contrast/sources/lib/index.js +109 -0
- package/node_modules/@contrast/sources/lib/index.test.js +120 -0
- package/node_modules/@contrast/{route-coverage/lib/normalized-url-mapper.js → sources/lib/normalized-uri-mapper.js} +10 -3
- package/node_modules/@contrast/sources/lib/normalized-uri-mapper.test.js +59 -0
- package/node_modules/@contrast/{sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/constants.js → sources/lib/req-data.js} +0 -6
- package/node_modules/@contrast/sources/lib/source-info.js +183 -0
- package/node_modules/@contrast/sources/lib/source-info.test.js +68 -0
- package/node_modules/@contrast/sources/package.json +16 -0
- package/node_modules/@contrast/telemetry/package.json +6 -6
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.d.ts +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.js +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.d.ts +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.js +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.d.ts +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.js +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.d.ts +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.js +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.d.ts +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.js +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.d.ts +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.js +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.d.ts +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.js +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.d.ts +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.js +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.d.ts +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.js +2858 -103
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.d.ts +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.js +420 -102
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.d.ts +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.js +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/version.d.ts +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/version.js +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/version.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/package.json +3 -3
- package/node_modules/@swc/types/index.d.ts +3 -2
- package/node_modules/@swc/types/package.json +1 -1
- package/node_modules/@types/node/README.md +2 -2
- package/node_modules/@types/node/crypto.d.ts +17 -1
- package/node_modules/@types/node/fs/promises.d.ts +7 -3
- package/node_modules/@types/node/fs.d.ts +11 -1
- package/node_modules/@types/node/http.d.ts +4 -19
- package/node_modules/@types/node/http2.d.ts +13 -11
- package/node_modules/@types/node/inspector.d.ts +163 -6
- package/node_modules/@types/node/module.d.ts +24 -0
- package/node_modules/@types/node/package.json +4 -89
- package/node_modules/@types/node/perf_hooks.d.ts +14 -0
- package/node_modules/@types/node/repl.d.ts +11 -1
- package/node_modules/@types/node/sqlite.d.ts +0 -1
- package/node_modules/@types/node/stream/web.d.ts +4 -0
- package/node_modules/@types/node/stream.d.ts +17 -6
- package/node_modules/@types/node/test.d.ts +16 -1
- package/node_modules/@types/node/timers.d.ts +0 -2
- package/node_modules/@types/node/url.d.ts +1 -1
- package/node_modules/@types/node/util.d.ts +6 -2
- package/node_modules/@types/node/worker_threads.d.ts +12 -0
- package/node_modules/@types/node/zlib.d.ts +8 -2
- package/node_modules/axios/CHANGELOG.md +17 -0
- package/node_modules/axios/README.md +1 -4
- package/node_modules/axios/dist/axios.js +39 -5
- package/node_modules/axios/dist/axios.js.map +1 -1
- package/node_modules/axios/dist/axios.min.js +2 -2
- package/node_modules/axios/dist/axios.min.js.map +1 -1
- package/node_modules/axios/dist/browser/axios.cjs +46 -9
- package/node_modules/axios/dist/browser/axios.cjs.map +1 -1
- package/node_modules/axios/dist/esm/axios.js +46 -9
- package/node_modules/axios/dist/esm/axios.js.map +1 -1
- package/node_modules/axios/dist/esm/axios.min.js +2 -2
- package/node_modules/axios/dist/esm/axios.min.js.map +1 -1
- package/node_modules/axios/dist/node/axios.cjs +46 -9
- package/node_modules/axios/dist/node/axios.cjs.map +1 -1
- package/node_modules/axios/index.d.cts +13 -2
- package/node_modules/axios/lib/core/Axios.js +2 -2
- package/node_modules/axios/lib/core/mergeConfig.js +1 -1
- package/node_modules/axios/lib/env/data.js +1 -1
- package/node_modules/axios/lib/helpers/throttle.js +1 -1
- package/node_modules/axios/lib/helpers/toURLEncodedForm.js +4 -3
- package/node_modules/axios/lib/utils.js +36 -0
- package/node_modules/axios/package.json +5 -5
- package/node_modules/deepmerge/.editorconfig +7 -0
- package/node_modules/deepmerge/.eslintcache +1 -0
- package/node_modules/deepmerge/changelog.md +167 -0
- package/node_modules/deepmerge/dist/cjs.js +133 -0
- package/node_modules/deepmerge/dist/umd.js +139 -0
- package/node_modules/deepmerge/index.d.ts +20 -0
- package/node_modules/deepmerge/index.js +106 -0
- package/node_modules/deepmerge/license.txt +21 -0
- package/node_modules/deepmerge/package.json +42 -0
- package/node_modules/deepmerge/readme.md +264 -0
- package/node_modules/deepmerge/rollup.config.js +22 -0
- package/node_modules/follow-redirects/package.json +1 -1
- package/node_modules/form-data/CHANGELOG.md +601 -0
- package/node_modules/form-data/{Readme.md → README.md} +4 -4
- package/node_modules/form-data/lib/form_data.js +2 -6
- package/node_modules/form-data/package.json +22 -6
- package/node_modules/nan/.github/workflows/ci.yml +8 -10
- package/node_modules/nan/.pre-commit-config.yaml +8 -0
- package/node_modules/nan/CHANGELOG.md +5 -1
- package/node_modules/nan/README.md +4 -4
- package/node_modules/nan/nan.h +16 -12
- package/node_modules/nan/nan_callbacks.h +13 -0
- package/node_modules/nan/nan_callbacks_12_inl.h +16 -2
- package/node_modules/nan/nan_callbacks_pre_12_inl.h +6 -2
- package/node_modules/nan/nan_maybe_43_inl.h +1 -1
- package/node_modules/nan/nan_maybe_pre_43_inl.h +1 -1
- package/node_modules/nan/nan_scriptorigin.h +11 -9
- package/node_modules/nan/nan_typedarray_contents.h +1 -1
- package/node_modules/nan/package.json +2 -2
- package/node_modules/undici-types/agent.d.ts +4 -0
- package/node_modules/undici-types/client-stats.d.ts +15 -0
- package/node_modules/undici-types/client.d.ts +6 -3
- package/node_modules/undici-types/mock-agent.d.ts +3 -0
- package/node_modules/undici-types/package.json +1 -1
- package/node_modules/undici-types/pool.d.ts +2 -0
- package/node_modules/undici-types/proxy-agent.d.ts +1 -0
- package/node_modules/yaml/README.md +2 -20
- package/node_modules/yaml/browser/dist/stringify/stringifyString.js +1 -1
- package/node_modules/yaml/dist/stringify/stringifyString.js +1 -1
- package/node_modules/yaml/package.json +2 -1
- package/package.json +3 -2
- package/node_modules/@contrast/agentify/lib/sources.js +0 -95
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/constants.d.ts +0 -385
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/constants.js +0 -270
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/index.d.ts +0 -40
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/index.js +0 -228
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/primordials.d.ts +0 -65
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/primordials.js +0 -66
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/types.d.ts +0 -383
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/types.js +0 -30
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/package.json +0 -23
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/README.md +0 -44
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/common.js +0 -131
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/config.js +0 -290
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/index.d.ts +0 -328
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/index.js +0 -29
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/options.js +0 -836
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/validators.js +0 -23
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/package.json +0 -27
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/README.md +0 -98
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/agent-info.js +0 -36
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/app-info.js +0 -233
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/build-id.js +0 -51
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/capture-stacktrace.js +0 -256
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/contrast-methods.js +0 -155
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/index.d.ts +0 -52
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/ioc/core.js +0 -95
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/is-agent-path.js +0 -37
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/messages.js +0 -28
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/index.js +0 -63
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/protect-listener.js +0 -111
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/server-settings-listener.js +0 -44
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/cloud-provider-metadata.js +0 -146
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/index.js +0 -225
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/linux-os-info.js +0 -137
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/utils.js +0 -35
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/package.json +0 -33
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/README.md +0 -94
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-handler-registry.d.ts +0 -121
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-handler-registry.js +0 -206
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-hook-descriptor.d.ts +0 -72
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-hook-descriptor.js +0 -88
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/handler-invoker.d.ts +0 -46
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/handler-invoker.js +0 -106
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/helpers.d.ts +0 -28
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/helpers.js +0 -66
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/index.d.ts +0 -115
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/index.js +0 -208
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/package-finder.d.ts +0 -43
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/package-finder.js +0 -79
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/package.json +0 -29
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/README.md +0 -270
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/index.d.ts +0 -16
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/index.js +0 -132
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/serializers.d.ts +0 -33
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/serializers.js +0 -75
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/utils.d.ts +0 -15
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/utils.js +0 -34
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/package.json +0 -28
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/README.md +0 -51
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/lib/index.d.ts +0 -101
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/lib/index.js +0 -544
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/package.json +0 -25
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/README.md +0 -6
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/lib/cache.js +0 -318
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/lib/index.js +0 -216
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/lib/rewrite-is-deadzoned.js +0 -143
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/package.json +0 -30
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/constants.js +0 -26
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/index.d.ts +0 -46
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/index.js +0 -70
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/bluebird.js +0 -128
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/index.js +0 -34
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb-core.js +0 -83
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb3.js +0 -89
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb4.js +0 -80
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb6.js +0 -46
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mysql.js +0 -151
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/redis.js +0 -79
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/utils.js +0 -35
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/package.json +0 -28
- package/node_modules/@types/node/ts5.1/compatibility/disposable.d.ts +0 -12
- package/node_modules/@types/node/ts5.1/index.d.ts +0 -98
- package/node_modules/form-data/README.md.bak +0 -355
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
{
|
|
2
|
-
"name": "@contrast/core",
|
|
3
|
-
"version": "1.53.0",
|
|
4
|
-
"description": "Preconfigured Contrast agent core services and models",
|
|
5
|
-
"license": "SEE LICENSE IN LICENSE",
|
|
6
|
-
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|
|
7
|
-
"files": [
|
|
8
|
-
"lib/",
|
|
9
|
-
"!*.test.*",
|
|
10
|
-
"!tsconfig.*",
|
|
11
|
-
"!*.map"
|
|
12
|
-
],
|
|
13
|
-
"types": "lib/index.d.ts",
|
|
14
|
-
"engines": {
|
|
15
|
-
"npm": ">=6.13.7 <7 || >= 8.3.1",
|
|
16
|
-
"node": ">= 16.9.1"
|
|
17
|
-
},
|
|
18
|
-
"scripts": {
|
|
19
|
-
"test": "bash ../scripts/test.sh"
|
|
20
|
-
},
|
|
21
|
-
"dependencies": {
|
|
22
|
-
"@contrast/common": "1.33.0",
|
|
23
|
-
"@contrast/config": "1.48.0",
|
|
24
|
-
"@contrast/find-package-json": "^1.1.0",
|
|
25
|
-
"@contrast/fn-inspect": "^4.3.0",
|
|
26
|
-
"@contrast/logger": "1.26.0",
|
|
27
|
-
"@contrast/patcher": "1.25.0",
|
|
28
|
-
"@contrast/perf": "1.3.1",
|
|
29
|
-
"@tsxper/crc32": "^2.1.3",
|
|
30
|
-
"axios": "^1.7.4",
|
|
31
|
-
"semver": "^7.6.0"
|
|
32
|
-
}
|
|
33
|
-
}
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
Copyright: 2025 Contrast Security, Inc
|
|
2
|
-
Contact: support@contrastsecurity.com
|
|
3
|
-
License: Commercial
|
|
4
|
-
|
|
5
|
-
NOTICE: This Software and the patented inventions embodied within may only be
|
|
6
|
-
used as part of Contrast Security’s commercial offerings. Even though it is
|
|
7
|
-
made available through public repositories, use of this Software is subject to
|
|
8
|
-
the applicable End User Licensing Agreement found at
|
|
9
|
-
https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
|
|
10
|
-
between Contrast Security and the End User. The Software may not be reverse
|
|
11
|
-
engineered, modified, repackaged, sold, redistributed or otherwise used in a
|
|
12
|
-
way not consistent with the End User License Agreement.
|
|
@@ -1,94 +0,0 @@
|
|
|
1
|
-
# @contrast/dep-hooks
|
|
2
|
-
|
|
3
|
-
Intercept calls to `require` in order to modify or replace exports.
|
|
4
|
-
|
|
5
|
-
## Usage
|
|
6
|
-
|
|
7
|
-
### Class: `DepHooks`
|
|
8
|
-
|
|
9
|
-
#### Instantiation
|
|
10
|
-
|
|
11
|
-
```javascript
|
|
12
|
-
const DepHooks = require('./lib');
|
|
13
|
-
const depHooks = new DepHooks();
|
|
14
|
-
```
|
|
15
|
-
|
|
16
|
-
The `DepHooks` constructor accepts a [`pino`](https://github.com/pinojs/pino)
|
|
17
|
-
logger as an argument.
|
|
18
|
-
|
|
19
|
-
#### `.resolve(descriptor, ...handlers)`
|
|
20
|
-
|
|
21
|
-
Options:
|
|
22
|
-
|
|
23
|
-
- `descriptor`: This can be a string or an object describing the module you want
|
|
24
|
-
to intercept. If a string is used, or if the version field of the descriptor
|
|
25
|
-
isn't set, all versions of the described module will be matched. Descriptors
|
|
26
|
-
can have a `name`, `version`, and `file` property.
|
|
27
|
-
|
|
28
|
-
- `handlers`: The remaning arguments are the handlers which will be invoked when
|
|
29
|
-
the described module is `require`'d. Each handler is passed the exported
|
|
30
|
-
module and metadata including the module's root directory and its name and
|
|
31
|
-
version as seen in its `package.json` file. If a handler returns a truthy
|
|
32
|
-
value, then that value will replace the return value of `require`.
|
|
33
|
-
|
|
34
|
-
_**Note:**_ Registered handlers run _once_ per unique instance of an export
|
|
35
|
-
matching a descriptor.
|
|
36
|
-
|
|
37
|
-
#### `.install()`
|
|
38
|
-
|
|
39
|
-
This will monkey-patch `Module.prototype.require` so that exports can be
|
|
40
|
-
intercepted. The monkey-patching will only happen once regardless of how many
|
|
41
|
-
times this is invoked.
|
|
42
|
-
|
|
43
|
-
#### `.uninstall()`
|
|
44
|
-
|
|
45
|
-
This will reset `Module.prototype.require` to its value before being
|
|
46
|
-
monkey-patched by the instance.
|
|
47
|
-
|
|
48
|
-
## Examples
|
|
49
|
-
|
|
50
|
-
**Use case:** For `express` versions greater than or equal to 4, intercept the
|
|
51
|
-
export of the package's `lib/view.js` file (relative to the package's base
|
|
52
|
-
directory) and apply a tag to the exported function.
|
|
53
|
-
|
|
54
|
-
```javascript
|
|
55
|
-
const DepHooks = require('./lib');
|
|
56
|
-
const depHooks = new DepHooks();
|
|
57
|
-
depHooks.resolve(
|
|
58
|
-
{
|
|
59
|
-
name: 'express',
|
|
60
|
-
version: '>=4',
|
|
61
|
-
file: 'lib/view.js',
|
|
62
|
-
},
|
|
63
|
-
(xport, metadata) => {
|
|
64
|
-
// Read from the package.json:
|
|
65
|
-
// - metadata.name
|
|
66
|
-
// - metadata.version
|
|
67
|
-
// Absolute path to file:
|
|
68
|
-
// - metadata.packageDir
|
|
69
|
-
|
|
70
|
-
// xport === function View() { /*...*/ }
|
|
71
|
-
xport['I was intercepted'] = true;
|
|
72
|
-
},
|
|
73
|
-
);
|
|
74
|
-
```
|
|
75
|
-
|
|
76
|
-
**Use case:** Intercept all versions of `body-parser` and replace the exported
|
|
77
|
-
functions.
|
|
78
|
-
|
|
79
|
-
```javascript
|
|
80
|
-
const DepHooks = require('./lib');
|
|
81
|
-
const depHooks = new DepHooks();
|
|
82
|
-
depHooks.resolve({ name: 'body-parser' }, (xport, metadata) => {
|
|
83
|
-
// Read from the package.json:
|
|
84
|
-
// - metadata.name
|
|
85
|
-
// - metadata.version
|
|
86
|
-
// Absolute path to file:
|
|
87
|
-
// - metadata.packageDir
|
|
88
|
-
|
|
89
|
-
// xport === function bodyParser() { /*...*/ }
|
|
90
|
-
return function bodyParserReplacement() {
|
|
91
|
-
/*...*/
|
|
92
|
-
};
|
|
93
|
-
});
|
|
94
|
-
```
|
|
@@ -1,121 +0,0 @@
|
|
|
1
|
-
export = ExportHandlerRegistry;
|
|
2
|
-
/**
|
|
3
|
-
* @template {Object} T
|
|
4
|
-
* @typedef {import('./export-hook-descriptor')<T>} ExportHookDescriptor
|
|
5
|
-
*/
|
|
6
|
-
/**
|
|
7
|
-
* @template {Object} T
|
|
8
|
-
* @typedef {import('./export-hook-descriptor').Handler<T>} Handler
|
|
9
|
-
*/
|
|
10
|
-
/**
|
|
11
|
-
* @template {Object} T
|
|
12
|
-
* @typedef {Object} HandlerData
|
|
13
|
-
* @property {Handler<T>[]} handlers
|
|
14
|
-
* @property {PackageFinder.Metadata} metadata
|
|
15
|
-
*/
|
|
16
|
-
declare class ExportHandlerRegistry {
|
|
17
|
-
/**
|
|
18
|
-
* @param {Object} core
|
|
19
|
-
* @param {import('pino').Logger} core.logger
|
|
20
|
-
* @param {import('@contrast/common').Messages} core.messages
|
|
21
|
-
*/
|
|
22
|
-
constructor({ logger, messages }: {
|
|
23
|
-
logger: import('pino').Logger;
|
|
24
|
-
messages: import('@contrast/common').Messages;
|
|
25
|
-
});
|
|
26
|
-
/** @type {import('pino').Logger} */
|
|
27
|
-
logger: import('pino').Logger;
|
|
28
|
-
/** @type {import('@contrast/common').Messages} */
|
|
29
|
-
messages: import('@contrast/common').Messages;
|
|
30
|
-
/**
|
|
31
|
-
* Contains all registered hooks that have been added by `.update()`
|
|
32
|
-
* Keyed by `shortname`.
|
|
33
|
-
* @type {Record<string, ExportHookDescriptor<any>[]>}
|
|
34
|
-
*/
|
|
35
|
-
registered: Record<string, ExportHookDescriptor<any>[]>;
|
|
36
|
-
/**
|
|
37
|
-
* Contains all modules that have been resolved and are in require cache
|
|
38
|
-
* Keyed by absolute filename.
|
|
39
|
-
* @type {Record<string, HandlerData<any>>}
|
|
40
|
-
*/
|
|
41
|
-
resolved: Record<string, HandlerData<any>>;
|
|
42
|
-
/**
|
|
43
|
-
* Keep track of package versions targeted by registered hooks.
|
|
44
|
-
* This is used to help to detect when unsupported package versions are loaded.
|
|
45
|
-
* ```
|
|
46
|
-
* Map(1) { '@some/lib' => Set(3) { '2', '3', '>=5 <9' } }
|
|
47
|
-
* ```
|
|
48
|
-
* @type {Map<string, Set<string>>}
|
|
49
|
-
*/
|
|
50
|
-
hookedLibVersions: Map<string, Set<string>>;
|
|
51
|
-
/**
|
|
52
|
-
* Keep track of which unspported libs we've logged/reported.
|
|
53
|
-
* ```
|
|
54
|
-
* Set(2) { 'mongodb@45.67.89', 'express@0.0.1' }
|
|
55
|
-
* ```
|
|
56
|
-
* @type {Set<string>}
|
|
57
|
-
*/
|
|
58
|
-
unsupportedLibsDetected: Set<string>;
|
|
59
|
-
/**
|
|
60
|
-
* Update the registry with the handler info for the given module name.
|
|
61
|
-
* This gets called when an agent registers a handler for a given module.
|
|
62
|
-
* @template {Object} T
|
|
63
|
-
* @param {ExportHookDescriptor<T>} info
|
|
64
|
-
* @returns {ExportHookDescriptor<T>[]}
|
|
65
|
-
*/
|
|
66
|
-
update<T extends Object>(info: import("./export-hook-descriptor")<T>): import("./export-hook-descriptor")<T>[];
|
|
67
|
-
/**
|
|
68
|
-
* Defined as a class method to allow easy stubbing in tests.
|
|
69
|
-
* @param {string} request the string passed to require()
|
|
70
|
-
* @param {Module} parent the module executing require()
|
|
71
|
-
* @param {boolean} isMain indicates whether the module executing require() is the entry point
|
|
72
|
-
* @returns {string} fully resolved filename of the required module
|
|
73
|
-
*/
|
|
74
|
-
resolveFilename(request: string, parent: Module, isMain: boolean): string;
|
|
75
|
-
/**
|
|
76
|
-
* Defined as a class method to allow easy stubbing in tests.
|
|
77
|
-
* @param {string} filename fully resolved filename of the required module
|
|
78
|
-
* @returns {PackageFinder.Metadata?}
|
|
79
|
-
*/
|
|
80
|
-
resolveMetadata(filename: string): PackageFinder.Metadata | null;
|
|
81
|
-
/**
|
|
82
|
-
* Iterates all descriptors pertaining to the currently-loading export. It
|
|
83
|
-
* builds into the set of resolved paths the metadata and handlers for each
|
|
84
|
-
* handler that is applicable to the export.
|
|
85
|
-
* @template {Object} T
|
|
86
|
-
* @param {PackageFinder.Metadata} metadata module metadata
|
|
87
|
-
* @param {ExportHookDescriptor<T>[]} registered list of registered hooks
|
|
88
|
-
*/
|
|
89
|
-
buildFromRegistry<T_1 extends Object>(metadata: PackageFinder.Metadata, registered: import("./export-hook-descriptor")<T_1>[]): void;
|
|
90
|
-
/**
|
|
91
|
-
* Returns registered handlers and the module metadata for a module that has
|
|
92
|
-
* registration for the version that is being required.
|
|
93
|
-
* @template {Object} T
|
|
94
|
-
* @param {PackageFinder.Metadata} metadata module metadata
|
|
95
|
-
* @return {HandlerData<T>=}
|
|
96
|
-
*/
|
|
97
|
-
findModuleHandlerData<T_2 extends Object>(metadata: PackageFinder.Metadata): HandlerData<T_2> | undefined;
|
|
98
|
-
/**
|
|
99
|
-
* When an export is returned from a `require`, we want to resolve the name
|
|
100
|
-
* used as the param, e.g. "http" in `require('http')`, to a set of
|
|
101
|
-
* metadata and handlers that have been registered for exports by that name.
|
|
102
|
-
* @template {Object} T
|
|
103
|
-
* @param {string} request the string passed to require()
|
|
104
|
-
* @param {Module} parent the module executing require()
|
|
105
|
-
* @param {boolean} isMain indicates whether the module executing require() is the entry point
|
|
106
|
-
* @return {HandlerData<T>=}
|
|
107
|
-
*/
|
|
108
|
-
query<T_3 extends Object>(request: string, parent: Module, isMain: boolean): HandlerData<T_3> | undefined;
|
|
109
|
-
}
|
|
110
|
-
declare namespace ExportHandlerRegistry {
|
|
111
|
-
export { ExportHookDescriptor, Handler, HandlerData };
|
|
112
|
-
}
|
|
113
|
-
type ExportHookDescriptor<T extends Object> = import('./export-hook-descriptor')<T>;
|
|
114
|
-
type HandlerData<T extends Object> = {
|
|
115
|
-
handlers: Handler<T>[];
|
|
116
|
-
metadata: PackageFinder.Metadata;
|
|
117
|
-
};
|
|
118
|
-
import Module = require("module");
|
|
119
|
-
import PackageFinder = require("./package-finder");
|
|
120
|
-
type Handler<T extends Object> = import('./export-hook-descriptor').Handler<T>;
|
|
121
|
-
//# sourceMappingURL=export-handler-registry.d.ts.map
|
|
@@ -1,206 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
* Copyright: 2025 Contrast Security, Inc
|
|
3
|
-
* Contact: support@contrastsecurity.com
|
|
4
|
-
* License: Commercial
|
|
5
|
-
|
|
6
|
-
* NOTICE: This Software and the patented inventions embodied within may only be
|
|
7
|
-
* used as part of Contrast Security’s commercial offerings. Even though it is
|
|
8
|
-
* made available through public repositories, use of this Software is subject to
|
|
9
|
-
* the applicable End User Licensing Agreement found at
|
|
10
|
-
* https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
|
|
11
|
-
* between Contrast Security and the End User. The Software may not be reverse
|
|
12
|
-
* engineered, modified, repackaged, sold, redistributed or otherwise used in a
|
|
13
|
-
* way not consistent with the End User License Agreement.
|
|
14
|
-
*/
|
|
15
|
-
// @ts-check
|
|
16
|
-
'use strict';
|
|
17
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
-
const Module = require('node:module');
|
|
19
|
-
const semver = require('semver');
|
|
20
|
-
const { Event } = require('@contrast/common');
|
|
21
|
-
const PackageFinder = require('./package-finder');
|
|
22
|
-
/**
|
|
23
|
-
* @template {Object} T
|
|
24
|
-
* @typedef {import('./export-hook-descriptor')<T>} ExportHookDescriptor
|
|
25
|
-
*/
|
|
26
|
-
/**
|
|
27
|
-
* @template {Object} T
|
|
28
|
-
* @typedef {import('./export-hook-descriptor').Handler<T>} Handler
|
|
29
|
-
*/
|
|
30
|
-
/**
|
|
31
|
-
* @template {Object} T
|
|
32
|
-
* @typedef {Object} HandlerData
|
|
33
|
-
* @property {Handler<T>[]} handlers
|
|
34
|
-
* @property {PackageFinder.Metadata} metadata
|
|
35
|
-
*/
|
|
36
|
-
class ExportHandlerRegistry {
|
|
37
|
-
/**
|
|
38
|
-
* @param {Object} core
|
|
39
|
-
* @param {import('pino').Logger} core.logger
|
|
40
|
-
* @param {import('@contrast/common').Messages} core.messages
|
|
41
|
-
*/
|
|
42
|
-
constructor({ logger, messages }) {
|
|
43
|
-
/** @type {import('pino').Logger} */
|
|
44
|
-
this.logger = logger;
|
|
45
|
-
/** @type {import('@contrast/common').Messages} */
|
|
46
|
-
this.messages = messages;
|
|
47
|
-
/**
|
|
48
|
-
* Contains all registered hooks that have been added by `.update()`
|
|
49
|
-
* Keyed by `shortname`.
|
|
50
|
-
* @type {Record<string, ExportHookDescriptor<any>[]>}
|
|
51
|
-
*/
|
|
52
|
-
this.registered = {};
|
|
53
|
-
/**
|
|
54
|
-
* Contains all modules that have been resolved and are in require cache
|
|
55
|
-
* Keyed by absolute filename.
|
|
56
|
-
* @type {Record<string, HandlerData<any>>}
|
|
57
|
-
*/
|
|
58
|
-
this.resolved = {};
|
|
59
|
-
/**
|
|
60
|
-
* Keep track of package versions targeted by registered hooks.
|
|
61
|
-
* This is used to help to detect when unsupported package versions are loaded.
|
|
62
|
-
* ```
|
|
63
|
-
* Map(1) { '@some/lib' => Set(3) { '2', '3', '>=5 <9' } }
|
|
64
|
-
* ```
|
|
65
|
-
* @type {Map<string, Set<string>>}
|
|
66
|
-
*/
|
|
67
|
-
this.hookedLibVersions = new Map();
|
|
68
|
-
/**
|
|
69
|
-
* Keep track of which unspported libs we've logged/reported.
|
|
70
|
-
* ```
|
|
71
|
-
* Set(2) { 'mongodb@45.67.89', 'express@0.0.1' }
|
|
72
|
-
* ```
|
|
73
|
-
* @type {Set<string>}
|
|
74
|
-
*/
|
|
75
|
-
this.unsupportedLibsDetected = new Set();
|
|
76
|
-
}
|
|
77
|
-
/**
|
|
78
|
-
* Update the registry with the handler info for the given module name.
|
|
79
|
-
* This gets called when an agent registers a handler for a given module.
|
|
80
|
-
* @template {Object} T
|
|
81
|
-
* @param {ExportHookDescriptor<T>} info
|
|
82
|
-
* @returns {ExportHookDescriptor<T>[]}
|
|
83
|
-
*/
|
|
84
|
-
update(info) {
|
|
85
|
-
if (!this.registered[info.shortname]) {
|
|
86
|
-
this.registered[info.shortname] = [info];
|
|
87
|
-
}
|
|
88
|
-
else {
|
|
89
|
-
this.registered[info.shortname].push(info);
|
|
90
|
-
}
|
|
91
|
-
if (!this.hookedLibVersions.has(info.name)) {
|
|
92
|
-
this.hookedLibVersions.set(info.name, new Set([info.version]));
|
|
93
|
-
}
|
|
94
|
-
else {
|
|
95
|
-
// @ts-expect-error we've validated this above
|
|
96
|
-
this.hookedLibVersions.get(info.name).add(info.version);
|
|
97
|
-
}
|
|
98
|
-
return this.registered[info.shortname];
|
|
99
|
-
}
|
|
100
|
-
/**
|
|
101
|
-
* Defined as a class method to allow easy stubbing in tests.
|
|
102
|
-
* @param {string} request the string passed to require()
|
|
103
|
-
* @param {Module} parent the module executing require()
|
|
104
|
-
* @param {boolean} isMain indicates whether the module executing require() is the entry point
|
|
105
|
-
* @returns {string} fully resolved filename of the required module
|
|
106
|
-
*/
|
|
107
|
-
resolveFilename(request, parent, isMain) {
|
|
108
|
-
return Reflect.get(Module, '_resolveFilename').apply(Module, [
|
|
109
|
-
request,
|
|
110
|
-
parent,
|
|
111
|
-
isMain,
|
|
112
|
-
]);
|
|
113
|
-
}
|
|
114
|
-
/**
|
|
115
|
-
* Defined as a class method to allow easy stubbing in tests.
|
|
116
|
-
* @param {string} filename fully resolved filename of the required module
|
|
117
|
-
* @returns {PackageFinder.Metadata?}
|
|
118
|
-
*/
|
|
119
|
-
resolveMetadata(filename) {
|
|
120
|
-
return PackageFinder.resolveMetadata(filename, this.logger);
|
|
121
|
-
}
|
|
122
|
-
/**
|
|
123
|
-
* Iterates all descriptors pertaining to the currently-loading export. It
|
|
124
|
-
* builds into the set of resolved paths the metadata and handlers for each
|
|
125
|
-
* handler that is applicable to the export.
|
|
126
|
-
* @template {Object} T
|
|
127
|
-
* @param {PackageFinder.Metadata} metadata module metadata
|
|
128
|
-
* @param {ExportHookDescriptor<T>[]} registered list of registered hooks
|
|
129
|
-
*/
|
|
130
|
-
buildFromRegistry(metadata, registered) {
|
|
131
|
-
for (const descriptor of registered) {
|
|
132
|
-
const satisfies = semver.satisfies(metadata.version, descriptor.version, {
|
|
133
|
-
includePrerelease: true,
|
|
134
|
-
});
|
|
135
|
-
if (!satisfies)
|
|
136
|
-
continue;
|
|
137
|
-
const { handlers } = descriptor;
|
|
138
|
-
if (!this.resolved[metadata.file]) {
|
|
139
|
-
this.resolved[metadata.file] = { metadata, handlers };
|
|
140
|
-
}
|
|
141
|
-
else {
|
|
142
|
-
handlers.forEach((handler) => {
|
|
143
|
-
if (this.resolved[metadata.file].handlers.indexOf(handler) < 0) {
|
|
144
|
-
this.resolved[metadata.file].handlers.push(handler);
|
|
145
|
-
}
|
|
146
|
-
});
|
|
147
|
-
}
|
|
148
|
-
}
|
|
149
|
-
}
|
|
150
|
-
/**
|
|
151
|
-
* Returns registered handlers and the module metadata for a module that has
|
|
152
|
-
* registration for the version that is being required.
|
|
153
|
-
* @template {Object} T
|
|
154
|
-
* @param {PackageFinder.Metadata} metadata module metadata
|
|
155
|
-
* @return {HandlerData<T>=}
|
|
156
|
-
*/
|
|
157
|
-
findModuleHandlerData(metadata) {
|
|
158
|
-
const data = this.resolved[metadata.file];
|
|
159
|
-
// Need to check the version of the instrumentation handler to the one getting required
|
|
160
|
-
// to decide if we need they are version applicable
|
|
161
|
-
if (metadata.version === data?.metadata.version) {
|
|
162
|
-
return data;
|
|
163
|
-
}
|
|
164
|
-
}
|
|
165
|
-
/**
|
|
166
|
-
* When an export is returned from a `require`, we want to resolve the name
|
|
167
|
-
* used as the param, e.g. "http" in `require('http')`, to a set of
|
|
168
|
-
* metadata and handlers that have been registered for exports by that name.
|
|
169
|
-
* @template {Object} T
|
|
170
|
-
* @param {string} request the string passed to require()
|
|
171
|
-
* @param {Module} parent the module executing require()
|
|
172
|
-
* @param {boolean} isMain indicates whether the module executing require() is the entry point
|
|
173
|
-
* @return {HandlerData<T>=}
|
|
174
|
-
*/
|
|
175
|
-
query(request, parent, isMain) {
|
|
176
|
-
const filename = this.resolveFilename(request, parent, isMain);
|
|
177
|
-
const metadata = this.resolveMetadata(filename);
|
|
178
|
-
if (!metadata)
|
|
179
|
-
return;
|
|
180
|
-
const versions = this.hookedLibVersions.get(metadata.name);
|
|
181
|
-
// no hooks registred for this package - exit early
|
|
182
|
-
if (!versions)
|
|
183
|
-
return;
|
|
184
|
-
const pkgKey = `${metadata.name}@${metadata.version}`;
|
|
185
|
-
let supported = false;
|
|
186
|
-
for (const version of versions) {
|
|
187
|
-
if (semver.satisfies(metadata.version, version)) {
|
|
188
|
-
supported = true;
|
|
189
|
-
break;
|
|
190
|
-
}
|
|
191
|
-
}
|
|
192
|
-
// make sure we only log/report once
|
|
193
|
-
if (!supported && !this.unsupportedLibsDetected.has(pkgKey)) {
|
|
194
|
-
this.unsupportedLibsDetected.add(pkgKey);
|
|
195
|
-
this.logger.trace({ metadata }, 'skipping handlers since package %s does not match any registered versions', pkgKey);
|
|
196
|
-
this.messages.emit(Event.UNSUPPORTED_LIBRARY, metadata);
|
|
197
|
-
}
|
|
198
|
-
const registered = this.registered[metadata.shortname];
|
|
199
|
-
if (!registered)
|
|
200
|
-
return;
|
|
201
|
-
this.buildFromRegistry(metadata, registered);
|
|
202
|
-
return this.findModuleHandlerData(metadata);
|
|
203
|
-
}
|
|
204
|
-
}
|
|
205
|
-
module.exports = ExportHandlerRegistry;
|
|
206
|
-
//# sourceMappingURL=export-handler-registry.js.map
|
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
export = ExportHookDescriptor;
|
|
2
|
-
/** @typedef {import('./package-finder').Metadata} Metadata */
|
|
3
|
-
/**
|
|
4
|
-
* @typedef {Object} HookControls
|
|
5
|
-
* @property {() => void} rerun
|
|
6
|
-
*/
|
|
7
|
-
/**
|
|
8
|
-
* @template {Object} T
|
|
9
|
-
* @callback Handler
|
|
10
|
-
* @param {T} mod
|
|
11
|
-
* @param {Metadata & HookControls} metadata
|
|
12
|
-
* @returns {T | void}
|
|
13
|
-
*/
|
|
14
|
-
/**
|
|
15
|
-
* @typedef {Object} Descriptor
|
|
16
|
-
* @property {string} name module name, as passed to `require`, to handle.
|
|
17
|
-
* @property {string=} file if provided, the file under the module's root that we want to hook. otherwise, the module's `main` will be hooked.
|
|
18
|
-
* @property {string} version if provided, hooks will only execute against an installed module that matches the semver version range
|
|
19
|
-
*/
|
|
20
|
-
/**
|
|
21
|
-
* Export information and function handlers that should be invoked on require
|
|
22
|
-
* for a given module.
|
|
23
|
-
* @template {Object} [T=any]
|
|
24
|
-
*/
|
|
25
|
-
declare class ExportHookDescriptor<T extends Object = any> {
|
|
26
|
-
/**
|
|
27
|
-
* A static factory function for creating descriptors with different params.
|
|
28
|
-
* @template {Object} T
|
|
29
|
-
* @param {Descriptor | string} descriptor export info and handlers
|
|
30
|
-
* @param {Handler<T>[]=} handlers
|
|
31
|
-
* @returns {ExportHookDescriptor<T>}
|
|
32
|
-
*/
|
|
33
|
-
static create<T_1 extends Object>(descriptor: Descriptor | string, handlers?: Handler<T_1>[] | undefined): ExportHookDescriptor<T_1>;
|
|
34
|
-
/**
|
|
35
|
-
* @param {Descriptor} options
|
|
36
|
-
* @param {Handler<T>[]} handlers
|
|
37
|
-
*/
|
|
38
|
-
constructor({ name, file, version }: Descriptor, handlers: Handler<T>[]);
|
|
39
|
-
/** @type {string} */
|
|
40
|
-
name: string;
|
|
41
|
-
/** @type {string=} */
|
|
42
|
-
file: string | undefined;
|
|
43
|
-
/** @type {string} */
|
|
44
|
-
shortname: string;
|
|
45
|
-
/** @type {string} */
|
|
46
|
-
version: string;
|
|
47
|
-
/** @type {Handler<T>[]} */
|
|
48
|
-
handlers: Handler<T>[];
|
|
49
|
-
}
|
|
50
|
-
declare namespace ExportHookDescriptor {
|
|
51
|
-
export { Metadata, HookControls, Handler, Descriptor };
|
|
52
|
-
}
|
|
53
|
-
type Handler<T extends Object> = (mod: T, metadata: Metadata & HookControls) => T | void;
|
|
54
|
-
type Metadata = import('./package-finder').Metadata;
|
|
55
|
-
type HookControls = {
|
|
56
|
-
rerun: () => void;
|
|
57
|
-
};
|
|
58
|
-
type Descriptor = {
|
|
59
|
-
/**
|
|
60
|
-
* module name, as passed to `require`, to handle.
|
|
61
|
-
*/
|
|
62
|
-
name: string;
|
|
63
|
-
/**
|
|
64
|
-
* if provided, the file under the module's root that we want to hook. otherwise, the module's `main` will be hooked.
|
|
65
|
-
*/
|
|
66
|
-
file?: string | undefined;
|
|
67
|
-
/**
|
|
68
|
-
* if provided, hooks will only execute against an installed module that matches the semver version range
|
|
69
|
-
*/
|
|
70
|
-
version: string;
|
|
71
|
-
};
|
|
72
|
-
//# sourceMappingURL=export-hook-descriptor.d.ts.map
|
|
@@ -1,88 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
* Copyright: 2025 Contrast Security, Inc
|
|
3
|
-
* Contact: support@contrastsecurity.com
|
|
4
|
-
* License: Commercial
|
|
5
|
-
|
|
6
|
-
* NOTICE: This Software and the patented inventions embodied within may only be
|
|
7
|
-
* used as part of Contrast Security’s commercial offerings. Even though it is
|
|
8
|
-
* made available through public repositories, use of this Software is subject to
|
|
9
|
-
* the applicable End User Licensing Agreement found at
|
|
10
|
-
* https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
|
|
11
|
-
* between Contrast Security and the End User. The Software may not be reverse
|
|
12
|
-
* engineered, modified, repackaged, sold, redistributed or otherwise used in a
|
|
13
|
-
* way not consistent with the End User License Agreement.
|
|
14
|
-
*/
|
|
15
|
-
// @ts-check
|
|
16
|
-
'use strict';
|
|
17
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
-
const path = require('node:path');
|
|
19
|
-
const semver = require('semver');
|
|
20
|
-
const { isBuiltin } = require('./helpers');
|
|
21
|
-
const { primordials: { StringPrototypeReplace } } = require('@contrast/common');
|
|
22
|
-
/** @typedef {import('./package-finder').Metadata} Metadata */
|
|
23
|
-
/**
|
|
24
|
-
* @typedef {Object} HookControls
|
|
25
|
-
* @property {() => void} rerun
|
|
26
|
-
*/
|
|
27
|
-
/**
|
|
28
|
-
* @template {Object} T
|
|
29
|
-
* @callback Handler
|
|
30
|
-
* @param {T} mod
|
|
31
|
-
* @param {Metadata & HookControls} metadata
|
|
32
|
-
* @returns {T | void}
|
|
33
|
-
*/
|
|
34
|
-
/**
|
|
35
|
-
* @typedef {Object} Descriptor
|
|
36
|
-
* @property {string} name module name, as passed to `require`, to handle.
|
|
37
|
-
* @property {string=} file if provided, the file under the module's root that we want to hook. otherwise, the module's `main` will be hooked.
|
|
38
|
-
* @property {string} version if provided, hooks will only execute against an installed module that matches the semver version range
|
|
39
|
-
*/
|
|
40
|
-
/**
|
|
41
|
-
* Export information and function handlers that should be invoked on require
|
|
42
|
-
* for a given module.
|
|
43
|
-
* @template {Object} [T=any]
|
|
44
|
-
*/
|
|
45
|
-
class ExportHookDescriptor {
|
|
46
|
-
/**
|
|
47
|
-
* @param {Descriptor} options
|
|
48
|
-
* @param {Handler<T>[]} handlers
|
|
49
|
-
*/
|
|
50
|
-
constructor({ name, file, version }, handlers) {
|
|
51
|
-
/** @type {string} */
|
|
52
|
-
// @ts-ignore ts does not handle method overloads well
|
|
53
|
-
this.name = isBuiltin(name) ? StringPrototypeReplace.call(name, /^(node:)?/, 'node:') : name;
|
|
54
|
-
/** @type {string=} */
|
|
55
|
-
// @ts-ignore ts does not handle method overloads well
|
|
56
|
-
this.file = file ? StringPrototypeReplace.call(file, /\/?(index)?(\.js)?$/, '') : undefined;
|
|
57
|
-
/** @type {string} */
|
|
58
|
-
this.shortname = this.file ? path.posix.join(this.name, this.file) : this.name;
|
|
59
|
-
/** @type {string} */
|
|
60
|
-
this.version = version;
|
|
61
|
-
/** @type {Handler<T>[]} */
|
|
62
|
-
this.handlers = handlers;
|
|
63
|
-
}
|
|
64
|
-
/**
|
|
65
|
-
* A static factory function for creating descriptors with different params.
|
|
66
|
-
* @template {Object} T
|
|
67
|
-
* @param {Descriptor | string} descriptor export info and handlers
|
|
68
|
-
* @param {Handler<T>[]=} handlers
|
|
69
|
-
* @returns {ExportHookDescriptor<T>}
|
|
70
|
-
*/
|
|
71
|
-
static create(descriptor, handlers = []) {
|
|
72
|
-
if (!descriptor) {
|
|
73
|
-
throw new Error('Required option missing: `name`');
|
|
74
|
-
}
|
|
75
|
-
if (typeof descriptor === 'string') {
|
|
76
|
-
descriptor = { name: descriptor, version: '*' };
|
|
77
|
-
}
|
|
78
|
-
if (!descriptor.name) {
|
|
79
|
-
throw new Error('Required option missing: `name`');
|
|
80
|
-
}
|
|
81
|
-
if (!semver.validRange(descriptor.version)) {
|
|
82
|
-
throw new Error(`Invalid version range provided: "${descriptor.version}"`);
|
|
83
|
-
}
|
|
84
|
-
return Reflect.construct(ExportHookDescriptor, [descriptor, handlers]);
|
|
85
|
-
}
|
|
86
|
-
}
|
|
87
|
-
module.exports = ExportHookDescriptor;
|
|
88
|
-
//# sourceMappingURL=export-hook-descriptor.js.map
|
package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/handler-invoker.d.ts
DELETED
|
@@ -1,46 +0,0 @@
|
|
|
1
|
-
export = HandlerInvoker;
|
|
2
|
-
/**
|
|
3
|
-
* @template {Object} T
|
|
4
|
-
* @typedef {import('./export-hook-descriptor').Handler<T>} Handler
|
|
5
|
-
*/
|
|
6
|
-
/** @typedef {import('./package-finder').Metadata} Metadata */
|
|
7
|
-
declare class HandlerInvoker {
|
|
8
|
-
/**
|
|
9
|
-
* @param {import('pino').Logger} logger
|
|
10
|
-
*/
|
|
11
|
-
constructor(logger: import('pino').Logger);
|
|
12
|
-
/** @type {import('pino').Logger} */
|
|
13
|
-
logger: import('pino').Logger;
|
|
14
|
-
/** @type {WeakMap<Object, WeakSet<Handler<any>>>} */
|
|
15
|
-
seen: WeakMap<Object, WeakSet<Handler<any>>>;
|
|
16
|
-
/**
|
|
17
|
-
* Filters a collection of handlers to those which have not run for the
|
|
18
|
-
* provided export.
|
|
19
|
-
* @template {Object} T
|
|
20
|
-
* @param {T} xport The exported module
|
|
21
|
-
* @param {Handler<T>[]} handlers Collection of handlers
|
|
22
|
-
* @returns {Handler<T>[]}
|
|
23
|
-
*/
|
|
24
|
-
filter<T extends Object>(xport: T, handlers: Handler<T>[]): Handler<T>[];
|
|
25
|
-
/**
|
|
26
|
-
* Invoke all handlers in the provided collection that have not yet been run
|
|
27
|
-
* for the provided export value.
|
|
28
|
-
* @template {Object} T
|
|
29
|
-
* @param {T} xport The exported module
|
|
30
|
-
* @param {Handler<T>[]} handlers The handlers to invoke
|
|
31
|
-
* @param {Metadata} metadata Export metadata to pass to the handlers
|
|
32
|
-
* @returns {T}
|
|
33
|
-
*/
|
|
34
|
-
invoke<T_1 extends Object>(xport: T_1, handlers: Handler<T_1>[], metadata: Metadata): T_1;
|
|
35
|
-
/**
|
|
36
|
-
* @template {Object} T
|
|
37
|
-
* @param {T} xport The exported module
|
|
38
|
-
*/
|
|
39
|
-
reset<T_2 extends Object>(xport: T_2): void;
|
|
40
|
-
}
|
|
41
|
-
declare namespace HandlerInvoker {
|
|
42
|
-
export { Handler, Metadata };
|
|
43
|
-
}
|
|
44
|
-
type Handler<T extends Object> = import('./export-hook-descriptor').Handler<T>;
|
|
45
|
-
type Metadata = import('./package-finder').Metadata;
|
|
46
|
-
//# sourceMappingURL=handler-invoker.d.ts.map
|