npm - @contrast/agent - Versions diffs - 4.10.4 → 4.10.5 - Mend

@contrast/agent 4.10.4 → 4.10.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/bin/VERSION +1 -1
package/bin/linux/contrast-service +0 -0
package/bin/mac/contrast-service +0 -0
package/bin/windows/contrast-service.exe +0 -0
package/esm.mjs +45 -3
package/lib/util/traverse.js +40 -9
package/package.json +1 -1

package/bin/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 2.28.12
1	+ 2.28.13

package/bin/linux/contrast-service CHANGED Viewed

Binary file

package/bin/mac/contrast-service CHANGED Viewed

Binary file

package/bin/windows/contrast-service.exe CHANGED Viewed

Binary file

package/esm.mjs CHANGED Viewed

@@ -24,13 +24,45 @@ if (enabled) {
 await loader.resetArgs(process.argv[0], process.argv[1]);
 const { readFile } = require('fs').promises;
+const path = require('path');
 const agent = require(`./lib/agent.js`);
 const logger = require(`./lib/core/logger/index.js`)('contrast:esm-loaders');
 const rewriter = require(`./lib/core/rewrite/index.js`)(agent);
 const helpers = require(`./lib/hooks/module/helpers.js`);
+const parent = require('parent-package-json');
 const loadedFromCache = new Set();
+function getType(url) {
+  const {protocol, pathname} = new URL(url);
+  let parentType = 'commonjs';
+  try {
+    parentType = parent(pathname).parse().type;
+  } catch (err) {
+    // Node assumes `commonjs ` if there's no `type` set in package.json
+  }
+  if (protocol === 'node:') {
+    return 'builtin';
+  }
+  if (protocol === 'file:') {
+    const ext = path.extname(pathname);
+    if (
+      ext === '.mjs' ||
+      (ext === '.js' && parentType === 'module')
+    ){
+        return 'module';
+      }
+    else if (
+      ext === '.cjs' ||
+      (ext === '.js' && parentType !== 'module')
+    ){
+        return 'commonjs';
+      }
+  }
+  return 'unknown';
+}
 /**
  * The `getSource` hook is used to provide a custom method for retrieving source
  * code. In our case, we check for previously rewritten ESM files in our cache
@@ -110,15 +142,25 @@ export async function transformSource(source, context, defaultTransformSource) {
  * @returns {Promise<{ format: string, source: string | SharedArrayBuffer | Uint8Array }>}
  */
 export async function load(url, context, defaultLoad) {
+  const type = getType(url);
+  if (type === 'builtin' || type === 'unknown') {
+    logger.debug(
+      'Skipping rewrite for %s module %s, loading original code',
+      type,
+      url
+    );
+    return defaultLoad(url, context, defaultLoad);
+  }
   const filename = fileURLToPath(url);
   try {
     const cached = helpers.find(agent, filename);
     const source = cached || await readFile(filename, 'utf8');
-    const result = rewriter.rewriteFile(source, filename, { sourceType: 'module' });
+    const result = rewriter.rewriteFile(source, filename, { sourceType: type === 'commonjs' ? 'script' : 'module' });
     helpers.cacheWithSourceMap(agent, filename, result);
-    return { format: context.format, source: result.code };
+    return { format: type, source: result.code };
   } catch (err) {
     logger.error(
       'Failed to load rewritten code for %s, err: %o, rewritten code %s, loading original code.',

package/lib/util/traverse.js CHANGED Viewed

@@ -59,7 +59,7 @@ class Path extends Stack {
     super.push({
       key,
-      array
+      array,
     });
   }
 }
@@ -74,7 +74,16 @@ class Visitor {
     this.cache = new WeakSet();
   }
-  visit(key, value) {
+  visit(key, value, isMaxDepthReached) {
+    if (isMaxDepthReached) {
+      this.updateStacks(
+        { counter: this.counter, path: this.path },
+        null,
+        null,
+        isMaxDepthReached,
+      );
+      return;
+    }
     // skip circular objects
     if (typeof value === 'object' && value !== null) {
       if (this.cache.has(value)) {
@@ -96,7 +105,11 @@ class Visitor {
     return newVal || value;
   }
-  updateStacks(stacks, key, value) {
+  updateStacks(stacks, key, value, isMaxDepthReached) {
+    if (isMaxDepthReached) {
+      stacks.counter.pop();
+      stacks.path.pop();
+    }
     // We're decending into the object, so here we're
     // just building up the stacks.
@@ -123,7 +136,7 @@ class Visitor {
         return this.updateStacks(
           { counter: this.counter, path: this.path },
           key,
-          value
+          value,
         );
       }
       return;
@@ -136,16 +149,34 @@ function traverse(obj, fn, visitor, maxDepth) {
     maxDepth = visitor;
     visitor = undefined;
   }
   visitor =
     visitor ||
-    new Visitor(function(key, value, depth, paths) {
+    new Visitor(function (key, value, depth, paths) {
       fn(key, value, depth, paths);
     }, maxDepth);
-  JSON.stringify(obj, function(k, v) {
-    // if  is traversable and empty, call traverse on value and pass in existing visitor
-    return visitor.visit(k, v);
+  traverseObject(obj, visitor, maxDepth);
+}
+function traverseObject(obj, visitor, remainingDepth = Infinity) {
+  if (!obj) {
+    return;
+  }
+  if (visitor.path.length() < 1) {
+    visitor.visit('', obj);
+  }
+  // This is done just to reset the stack, without changing the current impletion
+  if (remainingDepth == 0) {
+    visitor.visit(null, null, true);
+    return;
+  }
+  Object.entries(obj).forEach(([key, value]) => {
+    visitor.visit(key, value);
+    if (value && typeof value === 'object') {
+      traverseObject(value, visitor, remainingDepth - 1);
+    }
   });
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/agent",
-  "version": "4.10.4",
+  "version": "4.10.5",
   "description": "Node.js security instrumentation by Contrast Security",
   "keywords": [
     "security",