@contrast/agent-bundle 5.40.0 → 5.42.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/node_modules/@contrast/agent/package.json +12 -11
- package/node_modules/@contrast/agent-swc-plugin/index.js +9 -3
- package/node_modules/@contrast/agent-swc-plugin/methods.js +15 -1
- package/node_modules/@contrast/agent-swc-plugin/package.json +5 -8
- package/node_modules/@contrast/agent-swc-plugin/rewriter.wasm +0 -0
- package/node_modules/@contrast/agentify/lib/index.js +2 -2
- package/node_modules/@contrast/agentify/package.json +15 -14
- package/node_modules/@contrast/architecture-components/package.json +5 -5
- package/node_modules/@contrast/assess/lib/dataflow/propagation/install/util-format.js +44 -21
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/body-parser.js +1 -1
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/koa/koa-bodyparsers.js +3 -1
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/qs6.js +5 -5
- package/node_modules/@contrast/assess/lib/dataflow/sources/install/querystring.js +2 -1
- package/node_modules/@contrast/assess/lib/index.d.ts +0 -1
- package/node_modules/@contrast/assess/lib/make-source-context.js +7 -37
- package/node_modules/@contrast/assess/lib/sampler/common.js +7 -11
- package/node_modules/@contrast/assess/package.json +12 -11
- package/node_modules/@contrast/common/lib/types.d.ts +7 -1
- package/node_modules/@contrast/common/package.json +1 -1
- package/node_modules/@contrast/config/lib/common.js +1 -1
- package/node_modules/@contrast/config/lib/config.js +49 -27
- package/node_modules/@contrast/config/lib/index.d.ts +2 -2
- package/node_modules/@contrast/config/lib/options.js +4 -4
- package/node_modules/@contrast/config/package.json +4 -3
- package/node_modules/@contrast/core/lib/sensitive-data-masking/protect-listener.js +15 -15
- package/node_modules/@contrast/core/package.json +6 -6
- package/node_modules/@contrast/deadzones/package.json +5 -5
- package/node_modules/@contrast/dep-hooks/package.json +3 -3
- package/node_modules/@contrast/esm-hooks/package.json +6 -6
- package/node_modules/@contrast/instrumentation/lib/index.js +0 -1
- package/node_modules/@contrast/instrumentation/package.json +5 -5
- package/node_modules/@contrast/library-analysis/lib/install/library-reporting/dep.json +298 -148
- package/node_modules/@contrast/library-analysis/package.json +4 -4
- package/node_modules/@contrast/logger/lib/serializers.js +2 -2
- package/node_modules/@contrast/logger/package.json +3 -3
- package/node_modules/@contrast/metrics/package.json +6 -6
- package/node_modules/@contrast/patcher/package.json +2 -2
- package/node_modules/@contrast/protect/lib/get-source-context.js +3 -1
- package/node_modules/@contrast/protect/lib/index.js +6 -1
- package/node_modules/@contrast/protect/lib/input-analysis/handlers.js +7 -9
- package/node_modules/@contrast/protect/lib/input-analysis/install/http.js +18 -19
- package/node_modules/@contrast/protect/lib/input-analysis/install/qs6.js +18 -17
- package/node_modules/@contrast/protect/lib/input-analysis/install/universal-cookie4.js +2 -3
- package/node_modules/@contrast/protect/lib/make-source-context.js +22 -66
- package/node_modules/@contrast/protect/lib/semantic-analysis/handlers.js +73 -72
- package/node_modules/@contrast/protect/package.json +11 -11
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/index.js +7 -7
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/translations.d.ts +3 -3
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/translations.js +24 -21
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/index.d.ts +11 -11
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/index.js +76 -86
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/translations.d.ts +1 -2
- package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/translations.js +8 -2
- package/node_modules/@contrast/reporter/lib/reporters/security-logger/index.d.ts +2 -2
- package/node_modules/@contrast/reporter/lib/reporters/security-logger/index.js +22 -20
- package/node_modules/@contrast/reporter/package.json +7 -7
- package/node_modules/@contrast/rewriter/lib/index.js +2 -2
- package/node_modules/@contrast/rewriter/package.json +6 -6
- package/node_modules/@contrast/route-coverage/lib/index.js +1 -9
- package/node_modules/@contrast/route-coverage/lib/install/express/express5.js +17 -19
- package/node_modules/@contrast/route-coverage/lib/install/hapi.js +9 -2
- package/node_modules/@contrast/route-coverage/package.json +8 -8
- package/node_modules/@contrast/scopes/package.json +5 -5
- package/node_modules/@contrast/sec-obs/lib/traces/http.js +2 -2
- package/node_modules/@contrast/sec-obs/lib/traces/http.test.js +17 -0
- package/node_modules/@contrast/sec-obs/lib/traces/outbound-service-call.js +2 -2
- package/node_modules/@contrast/sec-obs/lib/traces/outbound-service-call.test.js +17 -0
- package/node_modules/@contrast/sec-obs/package.json +9 -9
- package/node_modules/@contrast/sources/lib/index.js +109 -0
- package/node_modules/@contrast/sources/lib/index.test.js +120 -0
- package/node_modules/@contrast/{route-coverage/lib/normalized-url-mapper.js → sources/lib/normalized-uri-mapper.js} +10 -3
- package/node_modules/@contrast/sources/lib/normalized-uri-mapper.test.js +59 -0
- package/node_modules/@contrast/{sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/constants.js → sources/lib/req-data.js} +0 -6
- package/node_modules/@contrast/sources/lib/source-info.js +183 -0
- package/node_modules/@contrast/sources/lib/source-info.test.js +68 -0
- package/node_modules/@contrast/sources/package.json +16 -0
- package/node_modules/@contrast/telemetry/package.json +6 -6
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.d.ts +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.js +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.d.ts +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.js +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.d.ts +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.js +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.d.ts +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.js +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.d.ts +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.js +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.d.ts +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.js +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.d.ts +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.js +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.d.ts +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.js +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.d.ts +2831 -77
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.js +2858 -103
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.d.ts +415 -98
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.js +420 -102
- package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.d.ts +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.js +106 -0
- package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/version.d.ts +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/version.js +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/build/src/version.js.map +1 -1
- package/node_modules/@opentelemetry/semantic-conventions/package.json +3 -3
- package/node_modules/@swc/types/index.d.ts +3 -2
- package/node_modules/@swc/types/package.json +1 -1
- package/node_modules/@types/node/README.md +2 -2
- package/node_modules/@types/node/crypto.d.ts +17 -1
- package/node_modules/@types/node/fs/promises.d.ts +7 -3
- package/node_modules/@types/node/fs.d.ts +11 -1
- package/node_modules/@types/node/http.d.ts +4 -19
- package/node_modules/@types/node/http2.d.ts +13 -11
- package/node_modules/@types/node/inspector.d.ts +163 -6
- package/node_modules/@types/node/module.d.ts +24 -0
- package/node_modules/@types/node/package.json +4 -89
- package/node_modules/@types/node/perf_hooks.d.ts +14 -0
- package/node_modules/@types/node/repl.d.ts +11 -1
- package/node_modules/@types/node/sqlite.d.ts +0 -1
- package/node_modules/@types/node/stream/web.d.ts +4 -0
- package/node_modules/@types/node/stream.d.ts +17 -6
- package/node_modules/@types/node/test.d.ts +16 -1
- package/node_modules/@types/node/timers.d.ts +0 -2
- package/node_modules/@types/node/url.d.ts +1 -1
- package/node_modules/@types/node/util.d.ts +6 -2
- package/node_modules/@types/node/worker_threads.d.ts +12 -0
- package/node_modules/@types/node/zlib.d.ts +8 -2
- package/node_modules/axios/CHANGELOG.md +17 -0
- package/node_modules/axios/README.md +1 -4
- package/node_modules/axios/dist/axios.js +39 -5
- package/node_modules/axios/dist/axios.js.map +1 -1
- package/node_modules/axios/dist/axios.min.js +2 -2
- package/node_modules/axios/dist/axios.min.js.map +1 -1
- package/node_modules/axios/dist/browser/axios.cjs +46 -9
- package/node_modules/axios/dist/browser/axios.cjs.map +1 -1
- package/node_modules/axios/dist/esm/axios.js +46 -9
- package/node_modules/axios/dist/esm/axios.js.map +1 -1
- package/node_modules/axios/dist/esm/axios.min.js +2 -2
- package/node_modules/axios/dist/esm/axios.min.js.map +1 -1
- package/node_modules/axios/dist/node/axios.cjs +46 -9
- package/node_modules/axios/dist/node/axios.cjs.map +1 -1
- package/node_modules/axios/index.d.cts +13 -2
- package/node_modules/axios/lib/core/Axios.js +2 -2
- package/node_modules/axios/lib/core/mergeConfig.js +1 -1
- package/node_modules/axios/lib/env/data.js +1 -1
- package/node_modules/axios/lib/helpers/throttle.js +1 -1
- package/node_modules/axios/lib/helpers/toURLEncodedForm.js +4 -3
- package/node_modules/axios/lib/utils.js +36 -0
- package/node_modules/axios/package.json +5 -5
- package/node_modules/deepmerge/.editorconfig +7 -0
- package/node_modules/deepmerge/.eslintcache +1 -0
- package/node_modules/deepmerge/changelog.md +167 -0
- package/node_modules/deepmerge/dist/cjs.js +133 -0
- package/node_modules/deepmerge/dist/umd.js +139 -0
- package/node_modules/deepmerge/index.d.ts +20 -0
- package/node_modules/deepmerge/index.js +106 -0
- package/node_modules/deepmerge/license.txt +21 -0
- package/node_modules/deepmerge/package.json +42 -0
- package/node_modules/deepmerge/readme.md +264 -0
- package/node_modules/deepmerge/rollup.config.js +22 -0
- package/node_modules/follow-redirects/package.json +1 -1
- package/node_modules/form-data/CHANGELOG.md +601 -0
- package/node_modules/form-data/{Readme.md → README.md} +4 -4
- package/node_modules/form-data/lib/form_data.js +2 -6
- package/node_modules/form-data/package.json +22 -6
- package/node_modules/nan/.github/workflows/ci.yml +8 -10
- package/node_modules/nan/.pre-commit-config.yaml +8 -0
- package/node_modules/nan/CHANGELOG.md +5 -1
- package/node_modules/nan/README.md +4 -4
- package/node_modules/nan/nan.h +16 -12
- package/node_modules/nan/nan_callbacks.h +13 -0
- package/node_modules/nan/nan_callbacks_12_inl.h +16 -2
- package/node_modules/nan/nan_callbacks_pre_12_inl.h +6 -2
- package/node_modules/nan/nan_maybe_43_inl.h +1 -1
- package/node_modules/nan/nan_maybe_pre_43_inl.h +1 -1
- package/node_modules/nan/nan_scriptorigin.h +11 -9
- package/node_modules/nan/nan_typedarray_contents.h +1 -1
- package/node_modules/nan/package.json +2 -2
- package/node_modules/undici-types/agent.d.ts +4 -0
- package/node_modules/undici-types/client-stats.d.ts +15 -0
- package/node_modules/undici-types/client.d.ts +6 -3
- package/node_modules/undici-types/mock-agent.d.ts +3 -0
- package/node_modules/undici-types/package.json +1 -1
- package/node_modules/undici-types/pool.d.ts +2 -0
- package/node_modules/undici-types/proxy-agent.d.ts +1 -0
- package/node_modules/yaml/README.md +2 -20
- package/node_modules/yaml/browser/dist/stringify/stringifyString.js +1 -1
- package/node_modules/yaml/dist/stringify/stringifyString.js +1 -1
- package/node_modules/yaml/package.json +2 -1
- package/package.json +3 -2
- package/node_modules/@contrast/agentify/lib/sources.js +0 -95
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/constants.d.ts +0 -385
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/constants.js +0 -270
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/index.d.ts +0 -40
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/index.js +0 -228
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/primordials.d.ts +0 -65
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/primordials.js +0 -66
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/types.d.ts +0 -383
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/lib/types.js +0 -30
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/common/package.json +0 -23
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/README.md +0 -44
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/common.js +0 -131
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/config.js +0 -290
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/index.d.ts +0 -328
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/index.js +0 -29
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/options.js +0 -836
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/lib/validators.js +0 -23
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/config/package.json +0 -27
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/README.md +0 -98
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/agent-info.js +0 -36
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/app-info.js +0 -233
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/build-id.js +0 -51
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/capture-stacktrace.js +0 -256
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/contrast-methods.js +0 -155
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/index.d.ts +0 -52
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/ioc/core.js +0 -95
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/is-agent-path.js +0 -37
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/messages.js +0 -28
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/index.js +0 -63
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/protect-listener.js +0 -111
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/sensitive-data-masking/server-settings-listener.js +0 -44
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/cloud-provider-metadata.js +0 -146
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/index.js +0 -225
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/linux-os-info.js +0 -137
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/lib/system-info/utils.js +0 -35
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/core/package.json +0 -33
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/README.md +0 -94
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-handler-registry.d.ts +0 -121
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-handler-registry.js +0 -206
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-hook-descriptor.d.ts +0 -72
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/export-hook-descriptor.js +0 -88
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/handler-invoker.d.ts +0 -46
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/handler-invoker.js +0 -106
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/helpers.d.ts +0 -28
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/helpers.js +0 -66
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/index.d.ts +0 -115
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/index.js +0 -208
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/package-finder.d.ts +0 -43
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/lib/package-finder.js +0 -79
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/dep-hooks/package.json +0 -29
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/README.md +0 -270
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/index.d.ts +0 -16
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/index.js +0 -132
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/serializers.d.ts +0 -33
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/serializers.js +0 -75
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/utils.d.ts +0 -15
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/lib/utils.js +0 -34
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/logger/package.json +0 -28
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/README.md +0 -51
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/lib/index.d.ts +0 -101
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/lib/index.js +0 -544
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/patcher/package.json +0 -25
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/README.md +0 -6
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/lib/cache.js +0 -318
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/lib/index.js +0 -216
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/lib/rewrite-is-deadzoned.js +0 -143
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/rewriter/package.json +0 -30
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/LICENSE +0 -12
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/constants.js +0 -26
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/index.d.ts +0 -46
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/index.js +0 -70
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/bluebird.js +0 -128
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/index.js +0 -34
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb-core.js +0 -83
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb3.js +0 -89
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb4.js +0 -80
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mongodb6.js +0 -46
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/mysql.js +0 -151
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/install/redis.js +0 -79
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/lib/utils.js +0 -35
- package/node_modules/@contrast/sec-obs/node_modules/@contrast/scopes/package.json +0 -28
- package/node_modules/@types/node/ts5.1/compatibility/disposable.d.ts +0 -12
- package/node_modules/@types/node/ts5.1/index.d.ts +0 -98
- package/node_modules/form-data/README.md.bak +0 -355
|
@@ -0,0 +1,183 @@
|
|
|
1
|
+
/*
|
|
2
|
+
* Copyright: 2025 Contrast Security, Inc
|
|
3
|
+
* Contact: support@contrastsecurity.com
|
|
4
|
+
* License: Commercial
|
|
5
|
+
|
|
6
|
+
* NOTICE: This Software and the patented inventions embodied within may only be
|
|
7
|
+
* used as part of Contrast Security’s commercial offerings. Even though it is
|
|
8
|
+
* made available through public repositories, use of this Software is subject to
|
|
9
|
+
* the applicable End User Licensing Agreement found at
|
|
10
|
+
* https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
|
|
11
|
+
* between Contrast Security and the End User. The Software may not be reverse
|
|
12
|
+
* engineered, modified, repackaged, sold, redistributed or otherwise used in a
|
|
13
|
+
* way not consistent with the End User License Agreement.
|
|
14
|
+
*/
|
|
15
|
+
|
|
16
|
+
'use strict';
|
|
17
|
+
|
|
18
|
+
const {
|
|
19
|
+
primordials: {
|
|
20
|
+
RegExpPrototypeExec,
|
|
21
|
+
StringPrototypeReplace,
|
|
22
|
+
StringPrototypeSlice,
|
|
23
|
+
StringPrototypeSplit,
|
|
24
|
+
StringPrototypeToLowerCase,
|
|
25
|
+
}
|
|
26
|
+
} = require('@contrast/common');
|
|
27
|
+
|
|
28
|
+
const NormalizationPatterns = {
|
|
29
|
+
UUID: [/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i, '{uuid}'],
|
|
30
|
+
NUMERICAL: [/^\d+$/i, '{n}'],
|
|
31
|
+
HASH: [/([a-fA-F0-9]{2}){16,}/, '{hash}'],
|
|
32
|
+
// we can extend these as needed
|
|
33
|
+
};
|
|
34
|
+
|
|
35
|
+
class HttpSourceInfo {
|
|
36
|
+
/**
|
|
37
|
+
* @param {object} param
|
|
38
|
+
* @param {string} param.serverType
|
|
39
|
+
* @param {any} param.normalizedUriMapper
|
|
40
|
+
* @param {IncomingMessage} param.raw
|
|
41
|
+
*/
|
|
42
|
+
constructor({
|
|
43
|
+
serverType,
|
|
44
|
+
normalizedUriMapper,
|
|
45
|
+
raw,
|
|
46
|
+
}) {
|
|
47
|
+
this._headerLookupCache = {};
|
|
48
|
+
this._normalizedUri = null;
|
|
49
|
+
this._normalizedUriMasked = null;
|
|
50
|
+
this._normalizedUriSegments = [];
|
|
51
|
+
this._normalizedUriMapper = normalizedUriMapper;
|
|
52
|
+
//
|
|
53
|
+
this.httpVersion = raw.httpVersion;
|
|
54
|
+
this.ip = raw.socket.remoteAddress ? StringPrototypeReplace.call(raw.socket.remoteAddress, /::ffff:/, '') : undefined;
|
|
55
|
+
this.port = raw.socket.address?.()?.port || 0;
|
|
56
|
+
this.protocol = serverType == 'http' ? 'http' : 'https'; // todo
|
|
57
|
+
this.serverType = serverType;
|
|
58
|
+
this.time = Date.now();
|
|
59
|
+
this.method = StringPrototypeToLowerCase.call(raw.method);
|
|
60
|
+
this.rawHeaders = [];
|
|
61
|
+
|
|
62
|
+
for (let i = 0; i < raw.rawHeaders.length; i += 2) {
|
|
63
|
+
const iNext = i + 1;
|
|
64
|
+
const headerName = StringPrototypeToLowerCase.call(raw.rawHeaders[i]);
|
|
65
|
+
|
|
66
|
+
headerName == 'content-type' && (this.contentType = raw.rawHeaders[iNext]);
|
|
67
|
+
|
|
68
|
+
this.rawHeaders[i] = headerName;
|
|
69
|
+
this.rawHeaders[iNext] = headerName == 'content-type' ?
|
|
70
|
+
StringPrototypeToLowerCase.call(raw.rawHeaders[iNext]) :
|
|
71
|
+
raw.rawHeaders[iNext];
|
|
72
|
+
|
|
73
|
+
if (
|
|
74
|
+
headerName == 'upgrade' &&
|
|
75
|
+
StringPrototypeToLowerCase.call(this.rawHeaders[iNext]) == 'websocket'
|
|
76
|
+
) {
|
|
77
|
+
this.protocol = 'ws';
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
const idx = raw.url.indexOf('?');
|
|
82
|
+
if (idx >= 0) {
|
|
83
|
+
this.uriPath = StringPrototypeSlice.call(raw.url, 0, idx);
|
|
84
|
+
this.queries = StringPrototypeSlice.call(raw.url, idx + 1);
|
|
85
|
+
} else {
|
|
86
|
+
this.uriPath = raw.url;
|
|
87
|
+
this.queries = '';
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
/**
|
|
92
|
+
* Looks through rawHeaders to find it. Caches results to avoid subsequent lookups.
|
|
93
|
+
* @param {string} name needs to be lowercase
|
|
94
|
+
* @returns {string}
|
|
95
|
+
*/
|
|
96
|
+
getHeader(name) {
|
|
97
|
+
if (name in this._headerLookupCache) return this._headerLookupCache[name];
|
|
98
|
+
|
|
99
|
+
for (let i = 0; i < this.rawHeaders.length; i += 2) {
|
|
100
|
+
if (name == this.rawHeaders[i]) {
|
|
101
|
+
return (this._headerLookupCache[name] = this.rawHeaders[i + 1]);
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
|
|
105
|
+
return null;
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
/**
|
|
109
|
+
* The normalizedUri is a computed field
|
|
110
|
+
*/
|
|
111
|
+
get normalizedUri() {
|
|
112
|
+
const r = Reflect.get(this, '_normalizedUri');
|
|
113
|
+
if (!r) this.generateNormalizedUri();
|
|
114
|
+
return Reflect.get(this, '_normalizedUri');
|
|
115
|
+
}
|
|
116
|
+
|
|
117
|
+
set normalizedUri(value) {
|
|
118
|
+
Reflect.set(this, '_normalizedUri', value);
|
|
119
|
+
}
|
|
120
|
+
|
|
121
|
+
generateNormalizedUri() {
|
|
122
|
+
let normalizedUri;
|
|
123
|
+
|
|
124
|
+
// leverage route discovery data to try to find route template
|
|
125
|
+
normalizedUri = this._normalizedUriMapper?.map?.(this.uriPath);
|
|
126
|
+
|
|
127
|
+
if (normalizedUri) {
|
|
128
|
+
// if we can map to the template we can use it for masked value too
|
|
129
|
+
this._normalizedUri = normalizedUri;
|
|
130
|
+
this._normalizedUriMasked = normalizedUri;
|
|
131
|
+
} else {
|
|
132
|
+
// if we can't find the template then test against common
|
|
133
|
+
// regular expressions to normalize/mask each segment per spec
|
|
134
|
+
const arr = StringPrototypeSplit.call(this.uriPath, '/');
|
|
135
|
+
let maskedUri = '';
|
|
136
|
+
|
|
137
|
+
normalizedUri = '';
|
|
138
|
+
|
|
139
|
+
for (let idx = 1; idx < arr.length; idx++) {
|
|
140
|
+
let normalSeg = arr[idx];
|
|
141
|
+
let maskedSeg = normalSeg;
|
|
142
|
+
|
|
143
|
+
let isPattern;
|
|
144
|
+
|
|
145
|
+
for (const [rx, substitution] of Object.values(NormalizationPatterns)) {
|
|
146
|
+
isPattern = !!RegExpPrototypeExec.call(rx, normalSeg);
|
|
147
|
+
if (isPattern) {
|
|
148
|
+
normalSeg = maskedSeg = substitution;
|
|
149
|
+
break;
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
|
|
153
|
+
if (!isPattern) {
|
|
154
|
+
if (idx > 1) {
|
|
155
|
+
maskedSeg = `${StringPrototypeSlice.call(normalSeg, 0, 2)}xxxx`;
|
|
156
|
+
} else {
|
|
157
|
+
// no masking/normalizing for first seg (called "context" in spec)
|
|
158
|
+
maskedSeg = arr[idx];
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
maskedUri += `/${maskedSeg}`;
|
|
163
|
+
normalizedUri += `/${normalSeg}`;
|
|
164
|
+
}
|
|
165
|
+
|
|
166
|
+
this._normalizedUri = normalizedUri;
|
|
167
|
+
this._normalizedUriMasked = maskedUri;
|
|
168
|
+
}
|
|
169
|
+
}
|
|
170
|
+
|
|
171
|
+
get normalizedUriMasked() {
|
|
172
|
+
const r = Reflect.get(this, '_normalizedUriMasked');
|
|
173
|
+
if (!r) this.generateNormalizedUri();
|
|
174
|
+
return Reflect.get(this, '_normalizedUriMasked');
|
|
175
|
+
}
|
|
176
|
+
|
|
177
|
+
set normalizedUriMasked(value) {
|
|
178
|
+
Reflect.set(this, '_normalizedUriMasked', value);
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
|
|
182
|
+
module.exports.HttpSourceInfo = HttpSourceInfo;
|
|
183
|
+
module.exports.NORMALIZE_PATTERNS = NormalizationPatterns;
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { expect } = require('chai');
|
|
4
|
+
const mocks = require('@contrast/test/mocks');
|
|
5
|
+
|
|
6
|
+
const { HttpSourceInfo } = require('./source-info');
|
|
7
|
+
|
|
8
|
+
describe('sources SourceInfo', function () {
|
|
9
|
+
[
|
|
10
|
+
{
|
|
11
|
+
uriPath: '/index',
|
|
12
|
+
expectedNormalized: '/index',
|
|
13
|
+
expectedNormalizedMasked: '/index',
|
|
14
|
+
},
|
|
15
|
+
{
|
|
16
|
+
uriPath: '/orders/abc-123',
|
|
17
|
+
expectedNormalized: '/orders/abc-123',
|
|
18
|
+
expectedNormalizedMasked: '/orders/abxxxx',
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
uriPath: '/orders/abc-123/item/123',
|
|
22
|
+
expectedNormalized: '/orders/abc-123/item/{n}',
|
|
23
|
+
expectedNormalizedMasked: '/orders/abxxxx/itxxxx/{n}',
|
|
24
|
+
},
|
|
25
|
+
{
|
|
26
|
+
uriPath: '/orders/1234',
|
|
27
|
+
expectedNormalized: '/orders/{n}',
|
|
28
|
+
expectedNormalizedMasked: '/orders/{n}',
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
uriPath: '/orders/93a0862a-09be-4292-bc6a-50d38dded69c',
|
|
32
|
+
expectedNormalized: '/orders/{uuid}',
|
|
33
|
+
expectedNormalizedMasked: '/orders/{uuid}',
|
|
34
|
+
},
|
|
35
|
+
{
|
|
36
|
+
uriPath: '/orders/0f1e2d3c4b5a6f7e8d9c0b1a2f3e4d5c',
|
|
37
|
+
expectedNormalized: '/orders/{hash}',
|
|
38
|
+
expectedNormalizedMasked: '/orders/{hash}',
|
|
39
|
+
},
|
|
40
|
+
].forEach(({
|
|
41
|
+
uriPath,
|
|
42
|
+
expectedNormalized,
|
|
43
|
+
expectedNormalizedMasked,
|
|
44
|
+
}) => {
|
|
45
|
+
it(`normalizedUri and normalizedUriMasked are built correctly: ${uriPath}`, function () {
|
|
46
|
+
const req = mocks.incomingMessage();
|
|
47
|
+
req.url = `${uriPath}?${req.queries}`;
|
|
48
|
+
|
|
49
|
+
const info = new HttpSourceInfo({
|
|
50
|
+
serverType: 'http',
|
|
51
|
+
raw: req
|
|
52
|
+
});
|
|
53
|
+
expect(info.normalizedUri).to.equal(expectedNormalized);
|
|
54
|
+
expect(info.normalizedUriMasked).to.equal(expectedNormalizedMasked);
|
|
55
|
+
});
|
|
56
|
+
});
|
|
57
|
+
|
|
58
|
+
it('trims IPv6 prefixes from mapped IPv4 addresses', function () {
|
|
59
|
+
const req = mocks.incomingMessage();
|
|
60
|
+
req.socket.remoteAddress = '::ffff:127.0.0.1';
|
|
61
|
+
|
|
62
|
+
const info = new HttpSourceInfo({
|
|
63
|
+
serverType: 'http',
|
|
64
|
+
raw: req
|
|
65
|
+
});
|
|
66
|
+
expect(info.ip).to.equal('127.0.0.1');
|
|
67
|
+
});
|
|
68
|
+
});
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@contrast/sources",
|
|
3
|
+
"version": "1.1.0",
|
|
4
|
+
"description": "Instruments to have incoming messages run in async-local request scope.",
|
|
5
|
+
"main": "lib/index.js",
|
|
6
|
+
"scripts": {
|
|
7
|
+
"test": "echo \"Error: no test specified\" && exit 1"
|
|
8
|
+
},
|
|
9
|
+
"author": "",
|
|
10
|
+
"license": "ISC",
|
|
11
|
+
"dependencies": {
|
|
12
|
+
"@contrast/common": "1.35.0",
|
|
13
|
+
"@contrast/core": "1.55.0",
|
|
14
|
+
"on-finished": "^2.4.1"
|
|
15
|
+
}
|
|
16
|
+
}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/telemetry",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.30.0",
|
|
4
4
|
"description": "Telemetry reporting for the Contrast Node.js agent.",
|
|
5
5
|
"license": "SEE LICENSE IN LICENSE",
|
|
6
6
|
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|
|
@@ -19,11 +19,11 @@
|
|
|
19
19
|
"test": "bash ../scripts/test.sh"
|
|
20
20
|
},
|
|
21
21
|
"dependencies": {
|
|
22
|
-
"@contrast/common": "1.
|
|
23
|
-
"@contrast/config": "1.
|
|
24
|
-
"@contrast/core": "1.
|
|
25
|
-
"@contrast/logger": "1.
|
|
26
|
-
"axios": "^1.
|
|
22
|
+
"@contrast/common": "1.35.0",
|
|
23
|
+
"@contrast/config": "1.50.0",
|
|
24
|
+
"@contrast/core": "1.55.0",
|
|
25
|
+
"@contrast/logger": "1.28.0",
|
|
26
|
+
"axios": "^1.11.0",
|
|
27
27
|
"getmac": "^6.3.0"
|
|
28
28
|
}
|
|
29
29
|
}
|