@contrast/agent-bundle 5.42.0 → 5.45.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (468) hide show
  1. package/README.md +1 -10
  2. package/node_modules/@contrast/agent/README.md +1 -10
  3. package/node_modules/@contrast/agent/package.json +12 -12
  4. package/node_modules/@contrast/agent-swc-plugin/package.json +3 -3
  5. package/node_modules/@contrast/agentify/lib/rewrite-hooks.js +3 -3
  6. package/node_modules/@contrast/agentify/lib/utils.js +13 -7
  7. package/node_modules/@contrast/agentify/package.json +17 -17
  8. package/node_modules/@contrast/architecture-components/package.json +6 -6
  9. package/node_modules/@contrast/assess/lib/dataflow/propagation/install/ejs/template.js +1 -1
  10. package/node_modules/@contrast/assess/lib/dataflow/propagation/install/pug/index.js +1 -1
  11. package/node_modules/@contrast/assess/lib/dataflow/sinks/install/http/server-response.js +1 -12
  12. package/node_modules/@contrast/assess/lib/dataflow/sinks/install/restify.js +1 -1
  13. package/node_modules/@contrast/assess/lib/dataflow/sources/install/http.js +1 -1
  14. package/node_modules/@contrast/assess/lib/dataflow/tracker.js +1 -1
  15. package/node_modules/@contrast/assess/lib/get-source-context.js +1 -1
  16. package/node_modules/@contrast/assess/lib/response-scanning/install/http.js +0 -12
  17. package/node_modules/@contrast/assess/package.json +14 -14
  18. package/node_modules/@contrast/code-events/binding.gyp +1 -1
  19. package/node_modules/@contrast/code-events/package.json +11 -9
  20. package/node_modules/@contrast/code-events/prebuilds/darwin-x64+arm64/@contrast+code-events.abi108.node +0 -0
  21. package/node_modules/@contrast/code-events/prebuilds/darwin-x64+arm64/@contrast+code-events.abi115.node +0 -0
  22. package/node_modules/@contrast/code-events/prebuilds/darwin-x64+arm64/@contrast+code-events.abi127.node +0 -0
  23. package/node_modules/@contrast/code-events/prebuilds/darwin-x64+arm64/{@contrast+code-events.abi93.node → @contrast+code-events.abi137.node} +0 -0
  24. package/node_modules/@contrast/code-events/prebuilds/linux-arm64/@contrast+code-events.abi108.armv8.node +0 -0
  25. package/node_modules/@contrast/code-events/prebuilds/linux-arm64/@contrast+code-events.abi115.armv8.node +0 -0
  26. package/node_modules/@contrast/code-events/prebuilds/linux-arm64/@contrast+code-events.abi127.armv8.node +0 -0
  27. package/node_modules/@contrast/code-events/prebuilds/linux-arm64/@contrast+code-events.abi137.armv8.node +0 -0
  28. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi108.glibc.node +0 -0
  29. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi108.musl.node +0 -0
  30. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi115.glibc.node +0 -0
  31. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi115.musl.node +0 -0
  32. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi127.glibc.node +0 -0
  33. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi127.musl.node +0 -0
  34. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi137.glibc.node +0 -0
  35. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi137.musl.node +0 -0
  36. package/node_modules/@contrast/code-events/prebuilds/win32-x64/@contrast+code-events.abi108.node +0 -0
  37. package/node_modules/@contrast/code-events/prebuilds/win32-x64/@contrast+code-events.abi115.node +0 -0
  38. package/node_modules/@contrast/code-events/prebuilds/win32-x64/@contrast+code-events.abi127.node +0 -0
  39. package/node_modules/@contrast/code-events/prebuilds/win32-x64/@contrast+code-events.abi137.node +0 -0
  40. package/node_modules/@contrast/common/lib/constants.d.ts +1 -1
  41. package/node_modules/@contrast/common/lib/constants.js +1 -1
  42. package/node_modules/@contrast/common/lib/index.js +15 -15
  43. package/node_modules/@contrast/common/lib/primordials.d.ts +22 -20
  44. package/node_modules/@contrast/common/lib/types.d.ts +18 -6
  45. package/node_modules/@contrast/common/package.json +2 -2
  46. package/node_modules/@contrast/config/lib/options.js +29 -4
  47. package/node_modules/@contrast/config/package.json +4 -4
  48. package/node_modules/@contrast/core/lib/app-info.js +53 -74
  49. package/node_modules/@contrast/core/lib/index.d.ts +17 -1
  50. package/node_modules/@contrast/core/lib/sensitive-data-masking/index.js +33 -5
  51. package/node_modules/@contrast/core/package.json +10 -9
  52. package/node_modules/@contrast/deadzones/package.json +6 -6
  53. package/node_modules/@contrast/dep-hooks/lib/export-handler-registry.d.ts +17 -13
  54. package/node_modules/@contrast/dep-hooks/lib/export-handler-registry.js +16 -4
  55. package/node_modules/@contrast/dep-hooks/lib/export-hook-descriptor.d.ts +2 -2
  56. package/node_modules/@contrast/dep-hooks/lib/export-hook-descriptor.js +2 -3
  57. package/node_modules/@contrast/dep-hooks/lib/handler-invoker.d.ts +6 -6
  58. package/node_modules/@contrast/dep-hooks/lib/handler-invoker.js +0 -1
  59. package/node_modules/@contrast/dep-hooks/lib/helpers.d.ts +0 -7
  60. package/node_modules/@contrast/dep-hooks/lib/helpers.js +2 -18
  61. package/node_modules/@contrast/dep-hooks/lib/index.d.ts +17 -12
  62. package/node_modules/@contrast/dep-hooks/lib/index.js +5 -3
  63. package/node_modules/@contrast/dep-hooks/lib/package-finder.d.ts +2 -1
  64. package/node_modules/@contrast/dep-hooks/lib/package-finder.js +6 -6
  65. package/node_modules/@contrast/dep-hooks/package.json +4 -3
  66. package/node_modules/@contrast/distringuish/package.json +7 -6
  67. package/node_modules/@contrast/distringuish/prebuilds/darwin-x64+arm64/@contrast+distringuish.abi108.node +0 -0
  68. package/node_modules/@contrast/distringuish/prebuilds/darwin-x64+arm64/@contrast+distringuish.abi115.node +0 -0
  69. package/node_modules/@contrast/distringuish/prebuilds/darwin-x64+arm64/@contrast+distringuish.abi127.node +0 -0
  70. package/node_modules/@contrast/distringuish/prebuilds/darwin-x64+arm64/{@contrast+distringuish.abi93.node → @contrast+distringuish.abi137.node} +0 -0
  71. package/node_modules/@contrast/distringuish/prebuilds/linux-arm64/@contrast+distringuish.abi108.armv8.node +0 -0
  72. package/node_modules/@contrast/distringuish/prebuilds/linux-arm64/@contrast+distringuish.abi115.armv8.node +0 -0
  73. package/node_modules/@contrast/distringuish/prebuilds/linux-arm64/@contrast+distringuish.abi127.armv8.node +0 -0
  74. package/node_modules/@contrast/distringuish/prebuilds/linux-arm64/@contrast+distringuish.abi137.armv8.node +0 -0
  75. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi108.glibc.node +0 -0
  76. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi108.musl.node +0 -0
  77. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi115.glibc.node +0 -0
  78. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi115.musl.node +0 -0
  79. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi127.glibc.node +0 -0
  80. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi127.musl.node +0 -0
  81. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi137.glibc.node +0 -0
  82. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi137.musl.node +0 -0
  83. package/node_modules/@contrast/distringuish/prebuilds/win32-x64/@contrast+distringuish.abi108.node +0 -0
  84. package/node_modules/@contrast/distringuish/prebuilds/win32-x64/@contrast+distringuish.abi115.node +0 -0
  85. package/node_modules/@contrast/distringuish/prebuilds/win32-x64/@contrast+distringuish.abi127.node +0 -0
  86. package/node_modules/@contrast/distringuish/prebuilds/win32-x64/@contrast+distringuish.abi137.node +0 -0
  87. package/node_modules/@contrast/esm-hooks/lib/debug-methods.mjs +4 -4
  88. package/node_modules/@contrast/esm-hooks/lib/get-file-type.mjs +2 -9
  89. package/node_modules/@contrast/esm-hooks/lib/hooks.mjs +0 -2
  90. package/node_modules/@contrast/esm-hooks/lib/redirects/builtin/fs/promises.mjs +2 -0
  91. package/node_modules/@contrast/esm-hooks/lib/redirects/builtin/fs.mjs +3 -0
  92. package/node_modules/@contrast/esm-hooks/lib/redirects/builtin/util.mjs +1 -0
  93. package/node_modules/@contrast/esm-hooks/package.json +7 -7
  94. package/node_modules/@contrast/fn-inspect/package.json +9 -5
  95. package/node_modules/@contrast/fn-inspect/prebuilds/darwin-x64+arm64/@contrast+fn-inspect.abi108.node +0 -0
  96. package/node_modules/@contrast/fn-inspect/prebuilds/darwin-x64+arm64/@contrast+fn-inspect.abi115.node +0 -0
  97. package/node_modules/@contrast/fn-inspect/prebuilds/darwin-x64+arm64/@contrast+fn-inspect.abi127.node +0 -0
  98. package/node_modules/@contrast/fn-inspect/prebuilds/darwin-x64+arm64/{@contrast+fn-inspect.abi93.node → @contrast+fn-inspect.abi137.node} +0 -0
  99. package/node_modules/@contrast/fn-inspect/prebuilds/linux-arm64/@contrast+fn-inspect.abi108.armv8.node +0 -0
  100. package/node_modules/@contrast/fn-inspect/prebuilds/linux-arm64/@contrast+fn-inspect.abi115.armv8.node +0 -0
  101. package/node_modules/@contrast/fn-inspect/prebuilds/linux-arm64/@contrast+fn-inspect.abi127.armv8.node +0 -0
  102. package/node_modules/@contrast/fn-inspect/prebuilds/linux-arm64/@contrast+fn-inspect.abi137.armv8.node +0 -0
  103. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi108.glibc.node +0 -0
  104. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi108.musl.node +0 -0
  105. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi115.glibc.node +0 -0
  106. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi115.musl.node +0 -0
  107. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi127.glibc.node +0 -0
  108. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi127.musl.node +0 -0
  109. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi137.glibc.node +0 -0
  110. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/{@contrast+fn-inspect.abi93.musl.node → @contrast+fn-inspect.abi137.musl.node} +0 -0
  111. package/node_modules/@contrast/fn-inspect/prebuilds/win32-x64/@contrast+fn-inspect.abi108.node +0 -0
  112. package/node_modules/@contrast/fn-inspect/prebuilds/win32-x64/@contrast+fn-inspect.abi115.node +0 -0
  113. package/node_modules/@contrast/fn-inspect/prebuilds/win32-x64/@contrast+fn-inspect.abi127.node +0 -0
  114. package/node_modules/@contrast/fn-inspect/prebuilds/win32-x64/@contrast+fn-inspect.abi137.node +0 -0
  115. package/node_modules/@contrast/instrumentation/lib/http2.js +0 -11
  116. package/node_modules/@contrast/instrumentation/package.json +6 -6
  117. package/node_modules/@contrast/library-analysis/lib/install/library-reporting/dep.json +312 -224
  118. package/node_modules/@contrast/library-analysis/package.json +6 -6
  119. package/node_modules/@contrast/logger/lib/index.js +18 -8
  120. package/node_modules/@contrast/logger/lib/serializers.js +5 -5
  121. package/node_modules/@contrast/logger/lib/utils.d.ts +0 -6
  122. package/node_modules/@contrast/logger/package.json +4 -4
  123. package/node_modules/@contrast/metrics/lib/index.d.ts +6 -6
  124. package/node_modules/@contrast/metrics/lib/index.js +0 -1
  125. package/node_modules/@contrast/metrics/package.json +7 -7
  126. package/node_modules/@contrast/patcher/package.json +3 -3
  127. package/node_modules/@contrast/perf/package.json +7 -4
  128. package/node_modules/@contrast/protect/lib/hardening/handlers.js +37 -21
  129. package/node_modules/@contrast/protect/lib/index.d.ts +3 -2
  130. package/node_modules/@contrast/protect/lib/index.js +9 -2
  131. package/node_modules/@contrast/protect/lib/input-analysis/handlers.js +275 -233
  132. package/node_modules/@contrast/protect/lib/input-analysis/install/http.js +3 -4
  133. package/node_modules/@contrast/protect/lib/input-tracing/{handlers/index.js → handlers.js} +15 -15
  134. package/node_modules/@contrast/protect/lib/input-tracing/index.js +0 -1
  135. package/node_modules/@contrast/protect/lib/make-source-context.js +5 -7
  136. package/node_modules/@contrast/protect/lib/policy.js +130 -95
  137. package/node_modules/@contrast/protect/lib/semantic-analysis/handlers.js +19 -18
  138. package/node_modules/@contrast/protect/package.json +12 -12
  139. package/node_modules/@contrast/reporter/lib/index.js +1 -1
  140. package/node_modules/@contrast/reporter/lib/reporters/base.d.ts +0 -1
  141. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/index.d.ts +4 -2
  142. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/index.js +14 -14
  143. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/translations.d.ts +43 -6
  144. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/application-activity/translations.js +262 -429
  145. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/server-inventory.d.ts +3 -3
  146. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/index.js +17 -7
  147. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/endpoints/traces/translations.js +12 -13
  148. package/node_modules/@contrast/reporter/lib/reporters/contrast-ui/utils.js +6 -7
  149. package/node_modules/@contrast/reporter/lib/reporters/file.js +1 -1
  150. package/node_modules/@contrast/reporter/lib/reporters/security-logger/index.d.ts +2 -3
  151. package/node_modules/@contrast/reporter/lib/reporters/security-logger/index.js +72 -86
  152. package/node_modules/@contrast/reporter/lib/reporters/security-logger/messages.js +6 -7
  153. package/node_modules/@contrast/reporter/lib/validators.js +0 -1
  154. package/node_modules/@contrast/reporter/node_modules/sonic-boom/.husky/pre-commit +2 -2
  155. package/node_modules/@contrast/reporter/node_modules/sonic-boom/.taprc +5 -0
  156. package/node_modules/@contrast/reporter/node_modules/sonic-boom/README.md +2 -4
  157. package/node_modules/@contrast/reporter/node_modules/sonic-boom/bench.js +5 -36
  158. package/node_modules/@contrast/reporter/node_modules/sonic-boom/index.js +56 -300
  159. package/node_modules/@contrast/reporter/node_modules/sonic-boom/package.json +12 -7
  160. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test.js +1684 -0
  161. package/node_modules/@contrast/reporter/node_modules/sonic-boom/types/index.d.ts +1 -2
  162. package/node_modules/@contrast/reporter/package.json +10 -10
  163. package/node_modules/@contrast/rewriter/lib/index.js +5 -43
  164. package/node_modules/@contrast/rewriter/package.json +8 -8
  165. package/node_modules/@contrast/route-coverage/lib/install/express/express5.js +0 -5
  166. package/node_modules/@contrast/route-coverage/lib/install/restify.js +1 -1
  167. package/node_modules/@contrast/route-coverage/package.json +10 -10
  168. package/node_modules/@contrast/scopes/package.json +6 -6
  169. package/node_modules/@contrast/sec-obs/lib/traces/http.js +1 -1
  170. package/node_modules/@contrast/sec-obs/lib/traces/http.test.js +1 -1
  171. package/node_modules/@contrast/sec-obs/package.json +10 -10
  172. package/node_modules/@contrast/sources/lib/index.js +1 -1
  173. package/node_modules/@contrast/sources/lib/index.test.js +0 -26
  174. package/node_modules/@contrast/sources/package.json +3 -3
  175. package/node_modules/@contrast/telemetry/package.json +6 -6
  176. package/node_modules/@opentelemetry/semantic-conventions/README.md +3 -2
  177. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.d.ts +4350 -2882
  178. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.js +4350 -2882
  179. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_attributes.js.map +1 -1
  180. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_events.d.ts +136 -0
  181. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_events.js +154 -0
  182. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_events.js.map +1 -0
  183. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.d.ts +713 -141
  184. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.js +713 -141
  185. package/node_modules/@opentelemetry/semantic-conventions/build/esm/experimental_metrics.js.map +1 -1
  186. package/node_modules/@opentelemetry/semantic-conventions/build/esm/index-incubating.d.ts +2 -0
  187. package/node_modules/@opentelemetry/semantic-conventions/build/esm/index-incubating.js +2 -0
  188. package/node_modules/@opentelemetry/semantic-conventions/build/esm/index-incubating.js.map +1 -1
  189. package/node_modules/@opentelemetry/semantic-conventions/build/esm/index.d.ts +1 -0
  190. package/node_modules/@opentelemetry/semantic-conventions/build/esm/index.js +1 -0
  191. package/node_modules/@opentelemetry/semantic-conventions/build/esm/index.js.map +1 -1
  192. package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.d.ts +7 -1
  193. package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.js +7 -1
  194. package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_attributes.js.map +1 -1
  195. package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_events.d.ts +5 -0
  196. package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_events.js +23 -0
  197. package/node_modules/@opentelemetry/semantic-conventions/build/esm/stable_events.js.map +1 -0
  198. package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.d.ts +1 -1
  199. package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.js +1 -1
  200. package/node_modules/@opentelemetry/semantic-conventions/build/esm/version.js.map +1 -1
  201. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.d.ts +4350 -2882
  202. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.js +4350 -2882
  203. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_attributes.js.map +1 -1
  204. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_events.d.ts +136 -0
  205. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_events.js +154 -0
  206. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_events.js.map +1 -0
  207. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.d.ts +713 -141
  208. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.js +713 -141
  209. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/experimental_metrics.js.map +1 -1
  210. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/index-incubating.d.ts +2 -0
  211. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/index-incubating.js +2 -0
  212. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/index-incubating.js.map +1 -1
  213. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/index.d.ts +1 -0
  214. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/index.js +1 -0
  215. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/index.js.map +1 -1
  216. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.d.ts +7 -1
  217. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.js +7 -1
  218. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_attributes.js.map +1 -1
  219. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_events.d.ts +5 -0
  220. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_events.js +23 -0
  221. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/stable_events.js.map +1 -0
  222. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.d.ts +1 -1
  223. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.js +1 -1
  224. package/node_modules/@opentelemetry/semantic-conventions/build/esnext/version.js.map +1 -1
  225. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.d.ts +4350 -2882
  226. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.js +4354 -2883
  227. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_attributes.js.map +1 -1
  228. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_events.d.ts +136 -0
  229. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_events.js +157 -0
  230. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_events.js.map +1 -0
  231. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.d.ts +713 -141
  232. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.js +720 -147
  233. package/node_modules/@opentelemetry/semantic-conventions/build/src/experimental_metrics.js.map +1 -1
  234. package/node_modules/@opentelemetry/semantic-conventions/build/src/index-incubating.d.ts +2 -0
  235. package/node_modules/@opentelemetry/semantic-conventions/build/src/index-incubating.js +2 -0
  236. package/node_modules/@opentelemetry/semantic-conventions/build/src/index-incubating.js.map +1 -1
  237. package/node_modules/@opentelemetry/semantic-conventions/build/src/index.d.ts +1 -0
  238. package/node_modules/@opentelemetry/semantic-conventions/build/src/index.js +1 -0
  239. package/node_modules/@opentelemetry/semantic-conventions/build/src/index.js.map +1 -1
  240. package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.d.ts +7 -1
  241. package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.js +10 -4
  242. package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_attributes.js.map +1 -1
  243. package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_events.d.ts +5 -0
  244. package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_events.js +26 -0
  245. package/node_modules/@opentelemetry/semantic-conventions/build/src/stable_events.js.map +1 -0
  246. package/node_modules/@opentelemetry/semantic-conventions/build/src/version.d.ts +1 -1
  247. package/node_modules/@opentelemetry/semantic-conventions/build/src/version.js +1 -1
  248. package/node_modules/@opentelemetry/semantic-conventions/build/src/version.js.map +1 -1
  249. package/node_modules/@opentelemetry/semantic-conventions/package.json +6 -7
  250. package/node_modules/@swc/core/README.md +5 -0
  251. package/node_modules/@swc/core/binding.d.ts +2 -2
  252. package/node_modules/@swc/core/index.d.ts +5 -4
  253. package/node_modules/@swc/core/index.js +2 -2
  254. package/node_modules/@swc/core/package.json +12 -12
  255. package/node_modules/@swc/core-darwin-arm64/package.json +1 -1
  256. package/node_modules/@swc/core-darwin-arm64/swc.darwin-arm64.node +0 -0
  257. package/node_modules/@swc/core-darwin-x64/package.json +1 -1
  258. package/node_modules/@swc/core-darwin-x64/swc.darwin-x64.node +0 -0
  259. package/node_modules/@swc/core-linux-arm64-gnu/package.json +1 -1
  260. package/node_modules/@swc/core-linux-arm64-gnu/swc.linux-arm64-gnu.node +0 -0
  261. package/node_modules/@swc/core-linux-arm64-musl/package.json +1 -1
  262. package/node_modules/@swc/core-linux-arm64-musl/swc.linux-arm64-musl.node +0 -0
  263. package/node_modules/@swc/core-linux-x64-gnu/package.json +1 -1
  264. package/node_modules/@swc/core-linux-x64-gnu/swc.linux-x64-gnu.node +0 -0
  265. package/node_modules/@swc/core-linux-x64-musl/package.json +1 -1
  266. package/node_modules/@swc/core-linux-x64-musl/swc.linux-x64-musl.node +0 -0
  267. package/node_modules/@swc/core-win32-arm64-msvc/package.json +1 -1
  268. package/node_modules/@swc/core-win32-arm64-msvc/swc.win32-arm64-msvc.node +0 -0
  269. package/node_modules/@swc/core-win32-x64-msvc/package.json +1 -1
  270. package/node_modules/@swc/core-win32-x64-msvc/swc.win32-x64-msvc.node +0 -0
  271. package/node_modules/@swc/types/index.d.ts +14 -5
  272. package/node_modules/@swc/types/package.json +2 -2
  273. package/node_modules/@types/node/README.md +1 -1
  274. package/node_modules/@types/node/buffer.d.ts +1 -1
  275. package/node_modules/@types/node/child_process.d.ts +26 -122
  276. package/node_modules/@types/node/crypto.d.ts +44 -10
  277. package/node_modules/@types/node/dns.d.ts +5 -0
  278. package/node_modules/@types/node/fs/promises.d.ts +41 -26
  279. package/node_modules/@types/node/fs.d.ts +52 -35
  280. package/node_modules/@types/node/globals.d.ts +148 -347
  281. package/node_modules/@types/node/http.d.ts +29 -5
  282. package/node_modules/@types/node/https.d.ts +5 -0
  283. package/node_modules/@types/node/index.d.ts +7 -2
  284. package/node_modules/@types/node/inspector.d.ts +187 -4089
  285. package/node_modules/@types/node/inspector.generated.d.ts +4052 -0
  286. package/node_modules/@types/node/module.d.ts +1 -0
  287. package/node_modules/@types/node/net.d.ts +21 -0
  288. package/node_modules/@types/node/package.json +3 -3
  289. package/node_modules/@types/node/sqlite.d.ts +34 -0
  290. package/node_modules/@types/node/test.d.ts +104 -0
  291. package/node_modules/@types/node/tls.d.ts +32 -0
  292. package/node_modules/@types/node/ts5.6/index.d.ts +7 -2
  293. package/node_modules/@types/node/ts5.7/index.d.ts +7 -2
  294. package/node_modules/@types/node/url.d.ts +19 -5
  295. package/node_modules/@types/node/util.d.ts +6 -4
  296. package/node_modules/@types/node/vm.d.ts +73 -10
  297. package/node_modules/@types/node/wasi.d.ts +21 -0
  298. package/node_modules/@types/node/web-globals/abortcontroller.d.ts +34 -0
  299. package/node_modules/@types/node/web-globals/domexception.d.ts +68 -0
  300. package/node_modules/@types/node/{dom-events.d.ts → web-globals/events.d.ts} +47 -52
  301. package/node_modules/@types/node/web-globals/fetch.d.ts +50 -0
  302. package/node_modules/@types/node/web-globals/navigator.d.ts +25 -0
  303. package/node_modules/@types/node/web-globals/storage.d.ts +24 -0
  304. package/node_modules/@types/node/worker_threads.d.ts +51 -3
  305. package/node_modules/axios/CHANGELOG.md +58 -0
  306. package/node_modules/axios/README.md +87 -10
  307. package/node_modules/axios/dist/axios.js +355 -289
  308. package/node_modules/axios/dist/axios.js.map +1 -1
  309. package/node_modules/axios/dist/axios.min.js +2 -2
  310. package/node_modules/axios/dist/axios.min.js.map +1 -1
  311. package/node_modules/axios/dist/browser/axios.cjs +286 -213
  312. package/node_modules/axios/dist/browser/axios.cjs.map +1 -1
  313. package/node_modules/axios/dist/esm/axios.js +286 -213
  314. package/node_modules/axios/dist/esm/axios.js.map +1 -1
  315. package/node_modules/axios/dist/esm/axios.min.js +2 -2
  316. package/node_modules/axios/dist/esm/axios.min.js.map +1 -1
  317. package/node_modules/axios/dist/node/axios.cjs +377 -213
  318. package/node_modules/axios/dist/node/axios.cjs.map +1 -1
  319. package/node_modules/axios/index.d.cts +12 -5
  320. package/node_modules/axios/index.d.ts +13 -4
  321. package/node_modules/axios/lib/adapters/adapters.js +6 -4
  322. package/node_modules/axios/lib/adapters/fetch.js +221 -162
  323. package/node_modules/axios/lib/adapters/http.js +18 -0
  324. package/node_modules/axios/lib/adapters/xhr.js +11 -8
  325. package/node_modules/axios/lib/core/Axios.js +0 -2
  326. package/node_modules/axios/lib/core/AxiosError.js +10 -3
  327. package/node_modules/axios/lib/core/dispatchRequest.js +1 -1
  328. package/node_modules/axios/lib/defaults/index.js +1 -1
  329. package/node_modules/axios/lib/env/data.js +1 -1
  330. package/node_modules/axios/lib/helpers/buildURL.js +1 -3
  331. package/node_modules/axios/lib/helpers/estimateDataURLDecodedBytes.js +73 -0
  332. package/node_modules/axios/lib/helpers/resolveConfig.js +13 -9
  333. package/node_modules/axios/lib/utils.js +5 -3
  334. package/node_modules/axios/package.json +18 -12
  335. package/node_modules/balanced-match/.github/FUNDING.yml +2 -0
  336. package/node_modules/balanced-match/LICENSE.md +21 -0
  337. package/node_modules/balanced-match/README.md +97 -0
  338. package/node_modules/balanced-match/index.js +62 -0
  339. package/node_modules/balanced-match/package.json +48 -0
  340. package/node_modules/brace-expansion/.github/FUNDING.yml +2 -0
  341. package/node_modules/brace-expansion/LICENSE +21 -0
  342. package/node_modules/brace-expansion/README.md +135 -0
  343. package/node_modules/brace-expansion/index.js +203 -0
  344. package/node_modules/brace-expansion/package.json +49 -0
  345. package/node_modules/detect-libc/lib/detect-libc.js +59 -13
  346. package/node_modules/detect-libc/lib/elf.js +39 -0
  347. package/node_modules/detect-libc/lib/filesystem.js +18 -8
  348. package/node_modules/detect-libc/package.json +3 -2
  349. package/node_modules/minimatch/LICENSE +15 -0
  350. package/node_modules/minimatch/README.md +454 -0
  351. package/node_modules/minimatch/dist/commonjs/assert-valid-pattern.d.ts +2 -0
  352. package/node_modules/minimatch/dist/commonjs/assert-valid-pattern.d.ts.map +1 -0
  353. package/node_modules/minimatch/dist/commonjs/assert-valid-pattern.js +14 -0
  354. package/node_modules/minimatch/dist/commonjs/assert-valid-pattern.js.map +1 -0
  355. package/node_modules/minimatch/dist/commonjs/ast.d.ts +20 -0
  356. package/node_modules/minimatch/dist/commonjs/ast.d.ts.map +1 -0
  357. package/node_modules/minimatch/dist/commonjs/ast.js +592 -0
  358. package/node_modules/minimatch/dist/commonjs/ast.js.map +1 -0
  359. package/node_modules/minimatch/dist/commonjs/brace-expressions.d.ts +8 -0
  360. package/node_modules/minimatch/dist/commonjs/brace-expressions.d.ts.map +1 -0
  361. package/node_modules/minimatch/dist/commonjs/brace-expressions.js +152 -0
  362. package/node_modules/minimatch/dist/commonjs/brace-expressions.js.map +1 -0
  363. package/node_modules/minimatch/dist/commonjs/escape.d.ts +12 -0
  364. package/node_modules/minimatch/dist/commonjs/escape.d.ts.map +1 -0
  365. package/node_modules/minimatch/dist/commonjs/escape.js +22 -0
  366. package/node_modules/minimatch/dist/commonjs/escape.js.map +1 -0
  367. package/node_modules/minimatch/dist/commonjs/index.d.ts +94 -0
  368. package/node_modules/minimatch/dist/commonjs/index.d.ts.map +1 -0
  369. package/node_modules/minimatch/dist/commonjs/index.js +1017 -0
  370. package/node_modules/minimatch/dist/commonjs/index.js.map +1 -0
  371. package/node_modules/minimatch/dist/commonjs/package.json +3 -0
  372. package/node_modules/minimatch/dist/commonjs/unescape.d.ts +17 -0
  373. package/node_modules/minimatch/dist/commonjs/unescape.d.ts.map +1 -0
  374. package/node_modules/minimatch/dist/commonjs/unescape.js +24 -0
  375. package/node_modules/minimatch/dist/commonjs/unescape.js.map +1 -0
  376. package/node_modules/minimatch/dist/esm/assert-valid-pattern.d.ts +2 -0
  377. package/node_modules/minimatch/dist/esm/assert-valid-pattern.d.ts.map +1 -0
  378. package/node_modules/minimatch/dist/esm/assert-valid-pattern.js +10 -0
  379. package/node_modules/minimatch/dist/esm/assert-valid-pattern.js.map +1 -0
  380. package/node_modules/minimatch/dist/esm/ast.d.ts +20 -0
  381. package/node_modules/minimatch/dist/esm/ast.d.ts.map +1 -0
  382. package/node_modules/minimatch/dist/esm/ast.js +588 -0
  383. package/node_modules/minimatch/dist/esm/ast.js.map +1 -0
  384. package/node_modules/minimatch/dist/esm/brace-expressions.d.ts +8 -0
  385. package/node_modules/minimatch/dist/esm/brace-expressions.d.ts.map +1 -0
  386. package/node_modules/minimatch/dist/esm/brace-expressions.js +148 -0
  387. package/node_modules/minimatch/dist/esm/brace-expressions.js.map +1 -0
  388. package/node_modules/minimatch/dist/esm/escape.d.ts +12 -0
  389. package/node_modules/minimatch/dist/esm/escape.d.ts.map +1 -0
  390. package/node_modules/minimatch/dist/esm/escape.js +18 -0
  391. package/node_modules/minimatch/dist/esm/escape.js.map +1 -0
  392. package/node_modules/minimatch/dist/esm/index.d.ts +94 -0
  393. package/node_modules/minimatch/dist/esm/index.d.ts.map +1 -0
  394. package/node_modules/minimatch/dist/esm/index.js +1001 -0
  395. package/node_modules/minimatch/dist/esm/index.js.map +1 -0
  396. package/node_modules/minimatch/dist/esm/package.json +3 -0
  397. package/node_modules/minimatch/dist/esm/unescape.d.ts +17 -0
  398. package/node_modules/minimatch/dist/esm/unescape.d.ts.map +1 -0
  399. package/node_modules/minimatch/dist/esm/unescape.js +20 -0
  400. package/node_modules/minimatch/dist/esm/unescape.js.map +1 -0
  401. package/node_modules/minimatch/package.json +82 -0
  402. package/node_modules/node-abi/LICENSE +21 -0
  403. package/node_modules/node-abi/README.md +54 -0
  404. package/node_modules/node-abi/abi_registry.json +408 -0
  405. package/node_modules/node-abi/getNextTarget.js +13 -0
  406. package/node_modules/node-abi/index.js +161 -0
  407. package/node_modules/node-abi/package.json +46 -0
  408. package/node_modules/node-addon-api/README.md +25 -249
  409. package/node_modules/node-addon-api/common.gypi +1 -0
  410. package/node_modules/node-addon-api/index.js +2 -0
  411. package/node_modules/node-addon-api/napi-inl.h +592 -166
  412. package/node_modules/node-addon-api/napi.h +167 -59
  413. package/node_modules/node-addon-api/node_addon_api.gyp +10 -0
  414. package/node_modules/node-addon-api/noexcept.gypi +1 -1
  415. package/node_modules/node-addon-api/package.json +13 -13
  416. package/node_modules/node-addon-api/tools/conversion.js +1 -1
  417. package/node_modules/protobufjs/dist/light/protobuf.js +2 -2
  418. package/node_modules/protobufjs/dist/light/protobuf.min.js +2 -2
  419. package/node_modules/protobufjs/dist/minimal/protobuf.js +2 -2
  420. package/node_modules/protobufjs/dist/minimal/protobuf.min.js +2 -2
  421. package/node_modules/protobufjs/dist/protobuf.js +2 -2
  422. package/node_modules/protobufjs/dist/protobuf.min.js +2 -2
  423. package/node_modules/protobufjs/google/protobuf/descriptor.json +2 -2
  424. package/node_modules/protobufjs/google/protobuf/descriptor.proto +2 -1
  425. package/node_modules/protobufjs/package.json +1 -1
  426. package/node_modules/undici-types/diagnostics-channel.d.ts +9 -0
  427. package/node_modules/undici-types/dispatcher.d.ts +3 -2
  428. package/node_modules/undici-types/env-http-proxy-agent.d.ts +2 -1
  429. package/node_modules/undici-types/eventsource.d.ts +3 -3
  430. package/node_modules/undici-types/fetch.d.ts +1 -0
  431. package/node_modules/undici-types/handlers.d.ts +1 -1
  432. package/node_modules/undici-types/mock-client.d.ts +2 -0
  433. package/node_modules/undici-types/mock-interceptor.d.ts +2 -0
  434. package/node_modules/undici-types/mock-pool.d.ts +2 -0
  435. package/node_modules/undici-types/package.json +1 -1
  436. package/node_modules/undici-types/retry-handler.d.ts +9 -0
  437. package/node_modules/undici-types/webidl.d.ts +29 -15
  438. package/node_modules/undici-types/websocket.d.ts +3 -1
  439. package/package.json +3 -3
  440. package/node_modules/@contrast/code-events/prebuilds/linux-arm64/@contrast+code-events.abi93.armv8.node +0 -0
  441. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi93.glibc.node +0 -0
  442. package/node_modules/@contrast/code-events/prebuilds/linux-x64/@contrast+code-events.abi93.musl.node +0 -0
  443. package/node_modules/@contrast/code-events/prebuilds/win32-x64/@contrast+code-events.abi93.node +0 -0
  444. package/node_modules/@contrast/core/lib/sensitive-data-masking/protect-listener.js +0 -111
  445. package/node_modules/@contrast/distringuish/prebuilds/linux-arm64/@contrast+distringuish.abi93.armv8.node +0 -0
  446. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi93.glibc.node +0 -0
  447. package/node_modules/@contrast/distringuish/prebuilds/linux-x64/@contrast+distringuish.abi93.musl.node +0 -0
  448. package/node_modules/@contrast/distringuish/prebuilds/win32-x64/@contrast+distringuish.abi93.node +0 -0
  449. package/node_modules/@contrast/fn-inspect/prebuilds/linux-arm64/@contrast+fn-inspect.abi93.armv8.node +0 -0
  450. package/node_modules/@contrast/fn-inspect/prebuilds/linux-x64/@contrast+fn-inspect.abi93.glibc.node +0 -0
  451. package/node_modules/@contrast/fn-inspect/prebuilds/win32-x64/@contrast+fn-inspect.abi93.node +0 -0
  452. package/node_modules/@contrast/perf/lib/index.test.js +0 -547
  453. package/node_modules/@contrast/perf/lib/tsconfig.json +0 -31
  454. package/node_modules/@contrast/protect/lib/input-tracing/install/spdy.js +0 -63
  455. package/node_modules/@contrast/reporter/node_modules/sonic-boom/.taprc.yaml +0 -11
  456. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/destroy.test.js +0 -49
  457. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/end.test.js +0 -98
  458. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/flush-sync.test.js +0 -140
  459. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/flush.test.js +0 -419
  460. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/fsync.test.js +0 -63
  461. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/helper.js +0 -42
  462. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/minlength.test.js +0 -35
  463. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/mode.test.js +0 -116
  464. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/reopen.test.js +0 -239
  465. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/retry.test.js +0 -414
  466. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/sync.test.js +0 -261
  467. package/node_modules/@contrast/reporter/node_modules/sonic-boom/test/write.test.js +0 -465
  468. package/node_modules/node-addon-api/tools/eslint-format.js +0 -79
package/node_modules/@contrast/library-analysis/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@contrast/library-analysis",
3
- "version": "1.45.0",
3
+ "version": "1.47.1",
4
4
  "description": "Handles library reporting and library usage analysis",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -14,17 +14,17 @@
14
14
  "types": "lib/index.d.ts",
15
15
  "engines": {
16
16
  "npm": ">=6.13.7 <7 || >= 8.3.1",
17
- "node": ">= 16.9.1"
17
+ "node": ">= 18.7.0"
18
18
  },
19
19
  "scripts": {
20
20
  "test": "bash ../scripts/test.sh"
21
21
  },
22
22
  "dependencies": {
23
- "@contrast/code-events": "^3.1.0",
24
- "@contrast/common": "1.35.0",
25
- "@contrast/config": "1.50.0",
23
+ "@contrast/code-events": "^4.0.2",
24
+ "@contrast/common": "1.37.0",
25
+ "@contrast/config": "1.52.1",
26
26
  "@contrast/find-package-json": "^1.1.0",
27
- "@contrast/logger": "1.28.0",
27
+ "@contrast/logger": "1.30.1",
28
28
  "semver": "^7.6.0"
29
29
  }
30
30
  }
package/node_modules/@contrast/logger/lib/index.js CHANGED
@@ -29,18 +29,29 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
29
29
  }) : function(o, v) {
30
30
  o["default"] = v;
31
31
  });
32
- var __importStar = (this && this.__importStar) || function (mod) {
33
- if (mod && mod.__esModule) return mod;
34
- var result = {};
35
- if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
36
- __setModuleDefault(result, mod);
37
- return result;
38
- };
32
+ var __importStar = (this && this.__importStar) || (function () {
33
+ var ownKeys = function(o) {
34
+ ownKeys = Object.getOwnPropertyNames || function (o) {
35
+ var ar = [];
36
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
37
+ return ar;
38
+ };
39
+ return ownKeys(o);
40
+ };
41
+ return function (mod) {
42
+ if (mod && mod.__esModule) return mod;
43
+ var result = {};
44
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
45
+ __setModuleDefault(result, mod);
46
+ return result;
47
+ };
48
+ })();
39
49
  var __importDefault = (this && this.__importDefault) || function (mod) {
40
50
  return (mod && mod.__esModule) ? mod : { "default": mod };
41
51
  };
42
52
  Object.defineProperty(exports, "__esModule", { value: true });
43
53
  exports.kChildren = void 0;
54
+ exports.default = init;
44
55
  const node_fs_1 = __importDefault(require("node:fs"));
45
56
  const node_path_1 = __importDefault(require("node:path"));
46
57
  const node_os_1 = require("node:os");
@@ -128,5 +139,4 @@ function init(core, opts = {}) {
128
139
  }
129
140
  return logger;
130
141
  }
131
- exports.default = init;
132
142
  //# sourceMappingURL=index.js.map
package/node_modules/@contrast/logger/lib/serializers.js CHANGED
@@ -14,7 +14,11 @@
14
14
  * way not consistent with the End User License Agreement.
15
15
  */
16
16
  Object.defineProperty(exports, "__esModule", { value: true });
17
- exports.res = exports.req = exports.metrics = exports.err = exports.config = void 0;
17
+ exports.err = void 0;
18
+ exports.config = config;
19
+ exports.metrics = metrics;
20
+ exports.req = req;
21
+ exports.res = res;
18
22
  const common_1 = require("@contrast/common");
19
23
  const pino_1 = require("pino");
20
24
  /**
@@ -34,7 +38,6 @@ function config(config) {
34
38
  }
35
39
  return safeCopy;
36
40
  }
37
- exports.config = config;
38
41
  /**
39
42
  * Hides the `stdout` and `stderr` fields from child_process errors since they
40
43
  * are extremely verbose.
@@ -44,7 +47,6 @@ exports.err = pino_1.stdSerializers.wrapErrorSerializer(({ stdout, stderr, ...er
44
47
  function metrics({ start, timeout, ...metrics }) {
45
48
  return metrics;
46
49
  }
47
- exports.metrics = metrics;
48
50
  /**
49
51
  * Serializes requests for the contrast-ui http logger.
50
52
  */
@@ -60,7 +62,6 @@ function req(config) {
60
62
  contentLength: config.headers?.['Content-Length'] // only present on response.config
61
63
  };
62
64
  }
63
- exports.req = req;
64
65
  /**
65
66
  * Serializes response for the contrast-ui http logger.
66
67
  */
@@ -71,5 +72,4 @@ function res(response) {
71
72
  data: response.data !== '' ? response.data : undefined,
72
73
  };
73
74
  }
74
- exports.res = res;
75
75
  //# sourceMappingURL=serializers.js.map
package/node_modules/@contrast/logger/lib/utils.d.ts CHANGED
@@ -1,9 +1,3 @@
1
- /// <reference types="node" />
2
- /// <reference types="mocha" />
3
- /// <reference types="node" />
4
- /// <reference types="node" />
5
- /// <reference types="node" />
6
- /// <reference types="node" />
7
1
  /**
8
2
  * @deprecated this is a relic from when we used transports.
9
3
  *
package/node_modules/@contrast/logger/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@contrast/logger",
3
- "version": "1.28.0",
3
+ "version": "1.30.1",
4
4
  "description": "Centralized logging for Contrast agent services",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -14,15 +14,15 @@
14
14
  "types": "lib/index.d.ts",
15
15
  "engines": {
16
16
  "npm": ">=6.13.7 <7 || >= 8.3.1",
17
- "node": ">= 16.9.1"
17
+ "node": ">= 18.7.0"
18
18
  },
19
19
  "scripts": {
20
20
  "build": "tsc --build src/",
21
21
  "test": "bash ../scripts/test.sh"
22
22
  },
23
23
  "dependencies": {
24
- "@contrast/common": "1.35.0",
25
- "@contrast/config": "1.50.0",
24
+ "@contrast/common": "1.37.0",
25
+ "@contrast/config": "1.52.1",
26
26
  "pino": "^8.15.0"
27
27
  }
28
28
  }
package/node_modules/@contrast/metrics/lib/index.d.ts CHANGED
@@ -1,9 +1,9 @@
1
1
  declare function _exports(core: {
2
- config: import('@contrast/config').Config;
3
- depHooks: import('@contrast/dep-hooks').DepHooks;
4
- logger: import('@contrast/logger').Logger;
5
- patcher: import('@contrast/patcher').Patcher;
6
- metrics?: import("@contrast/common").Installable | undefined;
7
- }): import('@contrast/common').Installable;
2
+ config: import("@contrast/config").Config;
3
+ depHooks: import("@contrast/dep-hooks").DepHooks;
4
+ logger: import("@contrast/logger").Logger;
5
+ patcher: import("@contrast/patcher").Patcher;
6
+ metrics?: import("@contrast/common").Installable;
7
+ }): import("@contrast/common").Installable;
8
8
  export = _exports;
9
9
  //# sourceMappingURL=index.d.ts.map
package/node_modules/@contrast/metrics/lib/index.js CHANGED
@@ -13,7 +13,6 @@
13
13
  * way not consistent with the End User License Agreement.
14
14
  */
15
15
  'use strict';
16
- Object.defineProperty(exports, "__esModule", { value: true });
17
16
  const { randomUUID } = require('node:crypto');
18
17
  const { kServerResponse } = require('node:_http_server');
19
18
  const { symbols: { kMetrics } } = require('@contrast/common');
package/node_modules/@contrast/metrics/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@contrast/metrics",
3
- "version": "1.32.0",
3
+ "version": "1.34.1",
4
4
  "description": "Records and logs route latency",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -14,17 +14,17 @@
14
14
  "types": "lib/index.d.ts",
15
15
  "engines": {
16
16
  "npm": ">=6.13.7 <7 || >=8.3.1",
17
- "node": ">= 16.9.1"
17
+ "node": ">= 18.7.0"
18
18
  },
19
19
  "scripts": {
20
20
  "build": "tsc --build src/",
21
21
  "test": "bash ../scripts/test.sh"
22
22
  },
23
23
  "dependencies": {
24
- "@contrast/common": "1.35.0",
25
- "@contrast/config": "1.50.0",
26
- "@contrast/dep-hooks": "1.24.0",
27
- "@contrast/logger": "1.28.0",
28
- "@contrast/patcher": "1.27.0"
24
+ "@contrast/common": "1.37.0",
25
+ "@contrast/config": "1.52.1",
26
+ "@contrast/dep-hooks": "1.26.1",
27
+ "@contrast/logger": "1.30.1",
28
+ "@contrast/patcher": "1.29.1"
29
29
  }
30
30
  }
package/node_modules/@contrast/patcher/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@contrast/patcher",
3
- "version": "1.27.0",
3
+ "version": "1.29.1",
4
4
  "description": "Advanced monkey patching--registers hooks to run in and around functions",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -14,12 +14,12 @@
14
14
  "types": "lib/index.d.ts",
15
15
  "engines": {
16
16
  "npm": ">=6.13.7 <7 || >= 8.3.1",
17
- "node": ">= 16.9.1"
17
+ "node": ">= 18.7.0"
18
18
  },
19
19
  "scripts": {
20
20
  "test": "bash ../scripts/test.sh"
21
21
  },
22
22
  "dependencies": {
23
- "@contrast/logger": "1.28.0"
23
+ "@contrast/logger": "1.30.1"
24
24
  }
25
25
  }
package/node_modules/@contrast/perf/package.json CHANGED
@@ -1,21 +1,24 @@
1
1
  {
2
2
  "name": "@contrast/perf",
3
- "version": "1.3.1",
3
+ "version": "1.4.0",
4
4
  "description": "Performance measurement",
5
5
  "license": "SEE LICENSE IN LICENSE",
6
6
  "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
7
7
  "type": "commonjs",
8
8
  "types": "types/index.d.ts",
9
9
  "files": [
10
- "lib/"
10
+ "lib/",
11
+ "!*.test.*",
12
+ "!tsconfig.*",
13
+ "!*.map"
11
14
  ],
12
15
  "main": "lib/index.js",
13
16
  "engines": {
14
17
  "npm": ">=6.13.7 <7 || >= 8.3.1",
15
- "node": ">= 16.9.1"
18
+ "node": ">= 18.7.0"
16
19
  },
17
20
  "scripts": {
18
- "test": "../scripts/test.sh"
21
+ "test": "bash ../scripts/test.sh"
19
22
  },
20
23
  "dependencies": {
21
24
  "sonic-boom": "^4.1.0"
package/node_modules/@contrast/protect/lib/hardening/handlers.js CHANGED
@@ -18,6 +18,7 @@
18
18
  const {
19
19
  BLOCKING_MODES,
20
20
  isString,
21
+ InputType,
21
22
  Rule: { UNTRUSTED_DESERIALIZATION }
22
23
  } = require('@contrast/common');
23
24
 
@@ -25,6 +26,7 @@ const NODE_SERIALIZE_RCE_TOKEN = '_$$ND_FUNC$$_';
25
26
 
26
27
  module.exports = function(core) {
27
28
  const {
29
+ protect,
28
30
  protect: {
29
31
  hardening,
30
32
  throwSecurityException,
@@ -40,32 +42,46 @@ module.exports = function(core) {
40
42
  return results;
41
43
  }
42
44
 
43
- hardening.handleUntrustedDeserialization = function(sourceContext, sinkContext) {
44
- const ruleId = UNTRUSTED_DESERIALIZATION;
45
- const mode = sourceContext.policy[ruleId];
46
- const { name, value, stacktraceOpts } = sinkContext;
45
+ function handleFindings(sourceContext, sinkContext, ruleId, result, findings, mode) {
46
+ const { stacktraceOpts } = sinkContext;
47
47
 
48
- if (mode === 'off') return;
48
+ captureStacktrace(sinkContext, stacktraceOpts);
49
+ getResults(sourceContext, ruleId).push(result);
49
50
 
50
- if (name === 'node-serialize.unserialize') {
51
- if (!isString(value) || !value.indexOf(NODE_SERIALIZE_RCE_TOKEN)) return;
51
+ let blockInfo;
52
+ if (BLOCKING_MODES.includes(mode)) {
53
+ result.blocked = true;
54
+ blockInfo = [mode, ruleId];
55
+ sourceContext.securityException = blockInfo;
56
+ }
52
57
 
53
- const blocked = BLOCKING_MODES.includes(mode);
54
- const results = getResults(sourceContext, ruleId);
58
+ protect.reportFinding({ findings, result, sinkContext });
55
59
 
56
- captureStacktrace(sinkContext, stacktraceOpts);
57
- results.push({
58
- value: sinkContext.value,
59
- blocked,
60
- exploitMetadata: [{ deserializer: name, command: false }],
61
- sinkContext,
62
- });
60
+ if (blockInfo) throwSecurityException(sourceContext);
61
+ }
63
62
 
64
- if (blocked) {
65
- sourceContext.securityException = [mode, ruleId];
66
- throwSecurityException(sourceContext);
67
- }
68
- }
63
+ hardening.handleUntrustedDeserialization = function (sourceContext, sinkContext) {
64
+ const ruleId = UNTRUSTED_DESERIALIZATION;
65
+ const mode = sourceContext.policy.getRuleMode(ruleId);
66
+ const { name, value } = sinkContext;
67
+
68
+ if (
69
+ mode === 'off' ||
70
+ name !== 'node-serialize.unserialize' ||
71
+ !isString(value) ||
72
+ !value.indexOf(NODE_SERIALIZE_RCE_TOKEN)
73
+ ) return;
74
+
75
+ const result = {
76
+ value: sinkContext.value,
77
+ ruleId: UNTRUSTED_DESERIALIZATION,
78
+ blocked: false,
79
+ exploited: true,
80
+ inputType: InputType.UNKNOWN,
81
+ };
82
+ const findings = { deserializer: name, command: false };
83
+
84
+ handleFindings(sourceContext, sinkContext, ruleId, result, findings, mode);
69
85
  };
70
86
 
71
87
  return hardening;
package/node_modules/@contrast/protect/lib/index.d.ts CHANGED
@@ -13,7 +13,7 @@
13
13
  * way not consistent with the End User License Agreement.
14
14
  */
15
15
 
16
- import { ReqData, ProtectMessage, ResultMap, ProtectRuleMode, Blocker } from '@contrast/common';
16
+ import { ReqData, ProtectMessage, ResultMap, ProtectRuleMode, Blocker, ProtectFindingEventArg } from '@contrast/common';
17
17
  import { IncomingMessage, ServerResponse } from 'node:http';
18
18
  import * as http from 'node:http';
19
19
  import * as https from 'node:https';
@@ -60,7 +60,8 @@ export interface Protect {
60
60
  makeSourceContext: (req: IncomingMessage, res: ServerResponse) => ProtectRequestStore,
61
61
  throwSecurityException: (sourceContext: ProtectRequestStore) => void,
62
62
  policy: ProtectPolicy,
63
- getPolicy(): ProtectPolicy, // creates copy for request scope
63
+ getPolicy: () => ProtectPolicy, // creates copy for request scope
64
+ reportFindings: (e: ProtectFindingEventArg) => void,
64
65
  inputAnalysis: {
65
66
  handleConnect: (sourceContext: ProtectRequestStore, connectInputs: ConnectInputs) => undefined | [string, string],
66
67
  handleRequestEnd: (sourceContext: ProtectRequestStore) => void, //NYI
package/node_modules/@contrast/protect/lib/index.js CHANGED
@@ -16,7 +16,7 @@
16
16
  'use strict';
17
17
 
18
18
  const { isMainThread } = require('node:worker_threads');
19
- const { callChildComponentMethodsSync } = require('@contrast/common');
19
+ const { callChildComponentMethodsSync, Event } = require('@contrast/common');
20
20
  const { ConfigSource } = require('@contrast/config');
21
21
 
22
22
  module.exports = function(core) {
@@ -37,7 +37,7 @@ module.exports = function(core) {
37
37
  require('./hardening')(core);
38
38
  require('./semantic-analysis')(core);
39
39
 
40
- protect.install = function() {
40
+ protect.install = function install() {
41
41
  // only force instrumentation if assess is explicitly enabled in local config
42
42
  const forceInstrumentation =
43
43
  config.preinstrument &&
@@ -60,6 +60,13 @@ module.exports = function(core) {
60
60
  ctx.store.protect = protect.makeSourceContext(ctx);
61
61
  });
62
62
 
63
+ protect.reportFinding = function reportFinding(data) {
64
+ core.messages.emit(Event.PROTECT_FINDING, {
65
+ store: core.scopes.sources.getStore(),
66
+ ...data,
67
+ });
68
+ };
69
+
63
70
  return protect;
64
71
  };
65
72