@contrast/agent-bundle 5.45.1 → 5.46.0

package/node_modules/@contrast/library-analysis/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/library-analysis",
-  "version": "1.47.1",
+  "version": "1.48.0",
   "description": "Handles library reporting and library usage analysis",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -22,9 +22,9 @@
   "dependencies": {
     "@contrast/code-events": "^4.0.2",
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
+    "@contrast/config": "1.53.0",
     "@contrast/find-package-json": "^1.1.0",
-    "@contrast/logger": "1.30.1",
+    "@contrast/logger": "1.31.0",
     "semver": "^7.6.0"
   }
 }

package/node_modules/@contrast/logger/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/logger",
-  "version": "1.30.1",
+  "version": "1.31.0",
   "description": "Centralized logging for Contrast agent services",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -22,7 +22,7 @@
   },
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
+    "@contrast/config": "1.53.0",
     "pino": "^8.15.0"
   }
 }

package/node_modules/@contrast/metrics/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/metrics",
-  "version": "1.34.1",
+  "version": "1.35.0",
   "description": "Records and logs route latency",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -22,9 +22,9 @@
   },
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/dep-hooks": "1.26.1",
-    "@contrast/logger": "1.30.1",
-    "@contrast/patcher": "1.29.1"
+    "@contrast/config": "1.53.0",
+    "@contrast/dep-hooks": "1.27.0",
+    "@contrast/logger": "1.31.0",
+    "@contrast/patcher": "1.30.0"
   }
 }

package/node_modules/@contrast/patcher/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/patcher",
-  "version": "1.29.1",
+  "version": "1.30.0",
   "description": "Advanced monkey patching--registers hooks to run in and around functions",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -20,6 +20,6 @@
     "test": "bash ../scripts/test.sh"
   },
   "dependencies": {
-    "@contrast/logger": "1.30.1"
+    "@contrast/logger": "1.31.0"
   }
 }

package/node_modules/@contrast/protect/lib/input-analysis/handlers.js

@@ -665,7 +665,6 @@ module.exports = Core.makeComponent({
       // Detecting probes
       const rulesMask = sourceContext.policy.getRulesMask();
       if (rulesMask == 0 || !config.protect.probe_analysis.enable) return;
-      const probeReports = [];
       const { resultsMap } = sourceContext;
       const probesRules = [Rule.CMD_INJECTION, Rule.PATH_TRAVERSAL, Rule.SQL_INJECTION, Rule.XXE];
       const probes = {};
@@ -734,7 +733,6 @@ module.exports = Core.makeComponent({
           }) || [];
           alibResult.forEach(result => {
             results.push({ value, ...result });
-            probeReports.push({ value, ...result });
             valueToResultByRuleId[value] = resultByRuleId;
           });
         });
@@ -756,16 +754,7 @@ module.exports = Core.makeComponent({
           probes[key] = probe;
         });
 
-      Object.values(probes).forEach(probe => {
-        if (!resultsMap[probe.ruleId]) {
-          resultsMap[probe.ruleId] = [];
-        }
-
-        resultsMap[probe.ruleId].push(probe);
-        probeReports.push(probe);
-      });
-
-      for (const result of probeReports) {
+      for (const result of Object.values(probes)) {
         core.protect.reportFinding({ result });
       }
     };

package/node_modules/@contrast/protect/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/protect",
-  "version": "1.68.0",
+  "version": "1.69.0",
   "description": "Contrast service providing framework-agnostic Protect support",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -22,15 +22,15 @@
   "dependencies": {
     "@contrast/agent-lib": "^9.1.0",
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/core": "1.57.1",
-    "@contrast/dep-hooks": "1.26.1",
-    "@contrast/esm-hooks": "2.32.0",
-    "@contrast/instrumentation": "1.36.1",
-    "@contrast/logger": "1.30.1",
-    "@contrast/patcher": "1.29.1",
-    "@contrast/rewriter": "1.34.0",
-    "@contrast/scopes": "1.27.1",
+    "@contrast/config": "1.53.0",
+    "@contrast/core": "1.58.0",
+    "@contrast/dep-hooks": "1.27.0",
+    "@contrast/esm-hooks": "2.33.0",
+    "@contrast/instrumentation": "1.37.0",
+    "@contrast/logger": "1.31.0",
+    "@contrast/patcher": "1.30.0",
+    "@contrast/rewriter": "1.35.0",
+    "@contrast/scopes": "1.28.0",
     "async-hook-domain": "^4.0.1",
     "ipaddr.js": "^2.0.1",
     "on-finished": "^2.4.1",

package/node_modules/@contrast/reporter/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/reporter",
-  "version": "1.55.1",
+  "version": "1.56.0",
   "description": "Subscribes to agent messages and reports them",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -22,11 +22,11 @@
   },
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/core": "1.57.1",
-    "@contrast/logger": "1.30.1",
+    "@contrast/config": "1.53.0",
+    "@contrast/core": "1.58.0",
+    "@contrast/logger": "1.31.0",
     "@contrast/perf": "1.4.0",
-    "@contrast/scopes": "1.27.1",
+    "@contrast/scopes": "1.28.0",
     "axios": "^1.12.2",
     "crc-32": "^1.2.2",
     "safe-stable-stringify": "^2.4.1",

package/node_modules/@contrast/rewriter/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/rewriter",
-  "version": "1.34.0",
+  "version": "1.35.0",
   "description": "A transpilation tool mainly used for instrumentation",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -22,9 +22,9 @@
   "dependencies": {
     "@contrast/agent-swc-plugin": "3.2.0",
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/core": "1.57.1",
-    "@contrast/logger": "1.30.1",
+    "@contrast/config": "1.53.0",
+    "@contrast/core": "1.58.0",
+    "@contrast/logger": "1.31.0",
     "@swc/core": "1.13.3"
   }
 }

package/node_modules/@contrast/route-coverage/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/route-coverage",
-  "version": "1.49.1",
+  "version": "1.50.0",
   "description": "Handles route discovery and observation",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -21,13 +21,13 @@
   },
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/core": "1.57.1",
-    "@contrast/dep-hooks": "1.26.1",
+    "@contrast/config": "1.53.0",
+    "@contrast/core": "1.58.0",
+    "@contrast/dep-hooks": "1.27.0",
     "@contrast/fn-inspect": "^5.0.2",
-    "@contrast/logger": "1.30.1",
-    "@contrast/patcher": "1.29.1",
-    "@contrast/scopes": "1.27.1",
+    "@contrast/logger": "1.31.0",
+    "@contrast/patcher": "1.30.0",
+    "@contrast/scopes": "1.28.0",
     "semver": "^7.6.0"
   }
 }

package/node_modules/@contrast/scopes/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/scopes",
-  "version": "1.27.1",
+  "version": "1.28.0",
   "description": "Handles AsyncLocalStorage scopes",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -20,9 +20,9 @@
     "test": "bash ../scripts/test.sh"
   },
   "dependencies": {
-    "@contrast/core": "1.57.1",
-    "@contrast/dep-hooks": "1.26.1",
-    "@contrast/logger": "1.30.1",
-    "@contrast/patcher": "1.29.1"
+    "@contrast/core": "1.58.0",
+    "@contrast/dep-hooks": "1.27.0",
+    "@contrast/logger": "1.31.0",
+    "@contrast/patcher": "1.30.0"
   }
 }

package/node_modules/@contrast/sec-obs/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/sec-obs",
-  "version": "1.1.1",
+  "version": "1.2.0",
   "description": "Contrast service providing framework-agnostic Observability support",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -18,13 +18,13 @@
   },
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/core": "1.57.1",
-    "@contrast/dep-hooks": "1.26.1",
-    "@contrast/logger": "1.30.1",
-    "@contrast/patcher": "1.29.1",
-    "@contrast/rewriter": "1.34.0",
-    "@contrast/scopes": "1.27.1",
+    "@contrast/config": "1.53.0",
+    "@contrast/core": "1.58.0",
+    "@contrast/dep-hooks": "1.27.0",
+    "@contrast/logger": "1.31.0",
+    "@contrast/patcher": "1.30.0",
+    "@contrast/rewriter": "1.35.0",
+    "@contrast/scopes": "1.28.0",
     "@opentelemetry/api": "^1.9.0",
     "@opentelemetry/exporter-metrics-otlp-http": "^0.57.1",
     "@opentelemetry/exporter-trace-otlp-http": "^0.57.1",

package/node_modules/@contrast/sources/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/sources",
-  "version": "1.3.1",
+  "version": "1.4.0",
   "description": "Instruments to have incoming messages run in async-local request scope.",
   "main": "lib/index.js",
   "scripts": {
@@ -10,7 +10,7 @@
   "license": "ISC",
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/core": "1.57.1",
+    "@contrast/core": "1.58.0",
     "on-finished": "^2.4.1"
   }
 }

package/node_modules/@contrast/telemetry/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/telemetry",
-  "version": "1.32.1",
+  "version": "1.33.0",
   "description": "Telemetry reporting for the Contrast Node.js agent.",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -20,9 +20,9 @@
   },
   "dependencies": {
     "@contrast/common": "1.37.0",
-    "@contrast/config": "1.52.1",
-    "@contrast/core": "1.57.1",
-    "@contrast/logger": "1.30.1",
+    "@contrast/config": "1.53.0",
+    "@contrast/core": "1.58.0",
+    "@contrast/logger": "1.31.0",
     "axios": "^1.12.2",
     "getmac": "^6.3.0"
   }

package/node_modules/@types/node/README.md

@@ -8,7 +8,7 @@ This package contains type definitions for node (https://nodejs.org/).
 Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node.
 
 ### Additional Details
- * Last updated: Thu, 18 Sep 2025 00:04:03 GMT
+ * Last updated: Thu, 02 Oct 2025 02:06:47 GMT
  * Dependencies: [undici-types](https://npmjs.com/package/undici-types)
 
 # Credits

package/node_modules/@types/node/assert/strict.d.ts

@@ -1,8 +1,111 @@
+/**
+ * In strict assertion mode, non-strict methods behave like their corresponding
+ * strict methods. For example, `assert.deepEqual()` will behave like
+ * `assert.deepStrictEqual()`.
+ *
+ * In strict assertion mode, error messages for objects display a diff. In legacy
+ * assertion mode, error messages for objects display the objects, often truncated.
+ *
+ * To use strict assertion mode:
+ *
+ * ```js
+ * import { strict as assert } from 'node:assert';
+ * ```
+ *
+ * ```js
+ * import assert from 'node:assert/strict';
+ * ```
+ *
+ * Example error diff:
+ *
+ * ```js
+ * import { strict as assert } from 'node:assert';
+ *
+ * assert.deepEqual([[[1, 2, 3]], 4, 5], [[[1, 2, '3']], 4, 5]);
+ * // AssertionError: Expected inputs to be strictly deep-equal:
+ * // + actual - expected ... Lines skipped
+ * //
+ * //   [
+ * //     [
+ * // ...
+ * //       2,
+ * // +     3
+ * // -     '3'
+ * //     ],
+ * // ...
+ * //     5
+ * //   ]
+ * ```
+ *
+ * To deactivate the colors, use the `NO_COLOR` or `NODE_DISABLE_COLORS`
+ * environment variables. This will also deactivate the colors in the REPL. For
+ * more on color support in terminal environments, read the tty
+ * [`getColorDepth()`](https://nodejs.org/docs/latest-v24.x/api/tty.html#writestreamgetcolordepthenv) documentation.
+ * @since v15.0.0
+ * @see [source](https://github.com/nodejs/node/blob/v24.x/lib/assert/strict.js)
+ */
 declare module "assert/strict" {
-    import { strict } from "node:assert";
+    import {
+        Assert,
+        AssertionError,
+        AssertionErrorOptions,
+        AssertOptions,
+        AssertPredicate,
+        AssertStrict,
+        CallTracker,
+        CallTrackerCall,
+        CallTrackerReportInformation,
+        deepStrictEqual,
+        doesNotMatch,
+        doesNotReject,
+        doesNotThrow,
+        fail,
+        ifError,
+        match,
+        notDeepStrictEqual,
+        notStrictEqual,
+        ok,
+        partialDeepStrictEqual,
+        rejects,
+        strictEqual,
+        throws,
+    } from "node:assert";
+    function strict(value: unknown, message?: string | Error): asserts value;
+    namespace strict {
+        export {
+            Assert,
+            AssertionError,
+            AssertionErrorOptions,
+            AssertOptions,
+            AssertPredicate,
+            AssertStrict,
+            CallTracker,
+            CallTrackerCall,
+            CallTrackerReportInformation,
+            deepStrictEqual,
+            deepStrictEqual as deepEqual,
+            doesNotMatch,
+            doesNotReject,
+            doesNotThrow,
+            fail,
+            ifError,
+            match,
+            notDeepStrictEqual,
+            notDeepStrictEqual as notDeepEqual,
+            notStrictEqual,
+            notStrictEqual as notEqual,
+            ok,
+            partialDeepStrictEqual,
+            rejects,
+            strict,
+            strictEqual,
+            strictEqual as equal,
+            throws,
+        };
+    }
     export = strict;
 }
 declare module "node:assert/strict" {
-    import { strict } from "node:assert";
+    import strict = require("assert/strict");
     export = strict;
 }