@contrast/agent 4.10.5 → 4.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/VERSION +1 -1
- package/bin/linux/contrast-service +0 -0
- package/bin/mac/contrast-service +0 -0
- package/bin/windows/contrast-service.exe +0 -0
- package/lib/agent.js +9 -2
- package/lib/app-info.js +88 -52
- package/lib/assess/loopback4/route-coverage.js +1 -1
- package/lib/assess/propagators/joi/any.js +8 -9
- package/lib/assess/propagators/joi/object.js +9 -10
- package/lib/assess/propagators/joi/string-base.js +22 -19
- package/lib/assess/sinks/rethinkdb-nosql-injection.js +1 -1
- package/lib/contrast.js +24 -22
- package/lib/core/arch-components/dynamodb.js +7 -3
- package/lib/core/arch-components/dynamodbv3.js +7 -3
- package/lib/core/arch-components/index.js +2 -0
- package/lib/core/arch-components/mongodb.js +6 -6
- package/lib/core/arch-components/mysql.js +9 -6
- package/lib/core/arch-components/postgres.js +10 -11
- package/lib/core/arch-components/rethinkdb.js +4 -4
- package/lib/core/arch-components/sqlite3.js +6 -3
- package/lib/core/arch-components/util.js +4 -2
- package/lib/core/config/options.js +136 -238
- package/lib/hooks/frameworks/base.js +1 -1
- package/lib/hooks/module/helpers.js +1 -1
- package/lib/instrumentation.js +1 -1
- package/lib/libraries.js +119 -135
- package/lib/list-installed.js +13 -0
- package/lib/reporter/models/app-update/index.js +1 -1
- package/lib/reporter/translations/to-protobuf/dtm/agent-startup.js +3 -3
- package/lib/telemetry.js +188 -0
- package/lib/util/traverse.js +7 -3
- package/package.json +11 -9
|
@@ -13,6 +13,7 @@ Copyright: 2022 Contrast Security, Inc
|
|
|
13
13
|
way not consistent with the End User License Agreement.
|
|
14
14
|
*/
|
|
15
15
|
'use strict';
|
|
16
|
+
|
|
16
17
|
const patcher = require('../../hooks/patcher');
|
|
17
18
|
const ModuleHook = require('../../hooks/require');
|
|
18
19
|
const agentEmitter = require('../../agent-emitter');
|
|
@@ -29,10 +30,8 @@ ModuleHook.resolve({ name: 'pg', file: 'lib/client.js' }, (pgClient) =>
|
|
|
29
30
|
waitToConnect(wrapCtx)
|
|
30
31
|
.then(() => {
|
|
31
32
|
try {
|
|
32
|
-
const {
|
|
33
|
-
|
|
34
|
-
port = process.env.PGPORT
|
|
35
|
-
} = wrapCtx.result;
|
|
33
|
+
const { host = process.env.PGHOST, port = process.env.PGPORT } =
|
|
34
|
+
wrapCtx.result;
|
|
36
35
|
|
|
37
36
|
if (!host) {
|
|
38
37
|
return;
|
|
@@ -51,21 +50,21 @@ ModuleHook.resolve({ name: 'pg', file: 'lib/client.js' }, (pgClient) =>
|
|
|
51
50
|
agentEmitter.emit('architectureComponent', {
|
|
52
51
|
vendor: 'PostgreSQL',
|
|
53
52
|
remotePort: port || 0,
|
|
54
|
-
url: new URL(url).toString()
|
|
53
|
+
url: new URL(url).toString(),
|
|
55
54
|
});
|
|
56
55
|
} catch (err) {
|
|
57
56
|
logger.warn(
|
|
58
|
-
'unable to report PostgreSQL architecture component
|
|
59
|
-
err
|
|
57
|
+
'unable to report PostgreSQL architecture component, err: %o',
|
|
58
|
+
err,
|
|
60
59
|
);
|
|
61
60
|
}
|
|
62
61
|
})
|
|
63
62
|
.catch((err) => {
|
|
64
63
|
logger.warn(
|
|
65
|
-
'unable to report PostgreSQL architecture component
|
|
66
|
-
err
|
|
64
|
+
'unable to report PostgreSQL architecture component, err: %o',
|
|
65
|
+
err,
|
|
67
66
|
);
|
|
68
67
|
});
|
|
69
|
-
}
|
|
70
|
-
})
|
|
68
|
+
},
|
|
69
|
+
}),
|
|
71
70
|
);
|
|
@@ -36,7 +36,7 @@ ModuleHook.resolve({ name: 'rethinkdb' }, (rethinkdb) => {
|
|
|
36
36
|
agentEmitter.emit('architectureComponent', {
|
|
37
37
|
vendor: 'RethinkDB',
|
|
38
38
|
url,
|
|
39
|
-
remotePort: res.port
|
|
39
|
+
remotePort: res.port,
|
|
40
40
|
});
|
|
41
41
|
} else {
|
|
42
42
|
logger.warn('unable to open RethinkDB connection');
|
|
@@ -44,10 +44,10 @@ ModuleHook.resolve({ name: 'rethinkdb' }, (rethinkdb) => {
|
|
|
44
44
|
})
|
|
45
45
|
.catch((err) => {
|
|
46
46
|
logger.warn(
|
|
47
|
-
'unable to report RethinkDB architecture component
|
|
48
|
-
err
|
|
47
|
+
'unable to report RethinkDB architecture component, err: %o',
|
|
48
|
+
err,
|
|
49
49
|
);
|
|
50
50
|
});
|
|
51
|
-
}
|
|
51
|
+
},
|
|
52
52
|
});
|
|
53
53
|
});
|
|
@@ -31,11 +31,14 @@ ModuleHook.resolve({ name: 'sqlite3' }, (sqlite3) => {
|
|
|
31
31
|
vendor: 'SQLite3',
|
|
32
32
|
url: wrapCtx.args[0],
|
|
33
33
|
remoteHost: '',
|
|
34
|
-
remotePort: 0
|
|
34
|
+
remotePort: 0,
|
|
35
35
|
});
|
|
36
36
|
} catch (err) {
|
|
37
|
-
logger.warn(
|
|
37
|
+
logger.warn(
|
|
38
|
+
'unable to report SQLite3 architecture component, err: %o',
|
|
39
|
+
err,
|
|
40
|
+
);
|
|
38
41
|
}
|
|
39
|
-
}
|
|
42
|
+
},
|
|
40
43
|
});
|
|
41
44
|
});
|
|
@@ -12,6 +12,8 @@ Copyright: 2022 Contrast Security, Inc
|
|
|
12
12
|
engineered, modified, repackaged, sold, redistributed or otherwise used in a
|
|
13
13
|
way not consistent with the End User License Agreement.
|
|
14
14
|
*/
|
|
15
|
+
'use strict';
|
|
16
|
+
|
|
15
17
|
const MYSQL = 'mysql.connect.arch_component';
|
|
16
18
|
const POSTGRES = 'pg.Client.arch_component';
|
|
17
19
|
|
|
@@ -19,7 +21,7 @@ module.exports = function waitToConnect(ctx, count = 0) {
|
|
|
19
21
|
return new Promise((resolve, reject) => {
|
|
20
22
|
const maxAttempts = 10 * 60; // i.e., 1 min.
|
|
21
23
|
const checkConnection = setInterval(
|
|
22
|
-
function(ctx, resolve, reject) {
|
|
24
|
+
function (ctx, resolve, reject) {
|
|
23
25
|
if (count >= maxAttempts) {
|
|
24
26
|
clearInterval(checkConnection);
|
|
25
27
|
reject();
|
|
@@ -43,7 +45,7 @@ module.exports = function waitToConnect(ctx, count = 0) {
|
|
|
43
45
|
100,
|
|
44
46
|
ctx,
|
|
45
47
|
resolve,
|
|
46
|
-
reject
|
|
48
|
+
reject,
|
|
47
49
|
);
|
|
48
50
|
});
|
|
49
51
|
};
|