@contrast/agent 4.17.0 → 4.17.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -215,7 +215,7 @@ class CLIRewriter {
|
|
|
215
215
|
|
|
216
216
|
const content = await readFile(filename, 'utf8');
|
|
217
217
|
const rewriteData = this.rewriter.rewriteFile(content, filename, {
|
|
218
|
-
sourceType: type
|
|
218
|
+
sourceType: type === 'commonjs' ? 'script' : 'module'
|
|
219
219
|
});
|
|
220
220
|
|
|
221
221
|
if (rewriteData.code) {
|
package/lib/protect/service.js
CHANGED
|
@@ -202,9 +202,11 @@ class ProtectService {
|
|
|
202
202
|
headers: req.rawHeaders.map((h, ix) => (ix & 1 ? h : h.toLowerCase()))
|
|
203
203
|
};
|
|
204
204
|
|
|
205
|
+
arg.uriPath = req.url;
|
|
205
206
|
const questionMark = req.url.indexOf('?');
|
|
206
207
|
if (questionMark >= 0) {
|
|
207
208
|
arg.queries = req.url.slice(questionMark + 1);
|
|
209
|
+
arg.uriPath = req.url.slice(0, questionMark);
|
|
208
210
|
}
|
|
209
211
|
|
|
210
212
|
const findings = this.agentLib.scoreRequestConnect(rules, arg, evalOptions);
|
package/lib/util/trace-util.js
CHANGED
|
@@ -46,12 +46,13 @@ function getRequest(agent, ruleId) {
|
|
|
46
46
|
}
|
|
47
47
|
|
|
48
48
|
const ruleCount = context.rules[ruleId];
|
|
49
|
-
|
|
50
49
|
const { sampling } = agent.config.assess;
|
|
51
|
-
if (sampling && sampling.enable && ruleCount
|
|
52
|
-
|
|
53
|
-
return request;
|
|
50
|
+
if (sampling && sampling.enable && ruleCount >= sampling.baseline) {
|
|
51
|
+
return;
|
|
54
52
|
}
|
|
53
|
+
|
|
54
|
+
context.rules[ruleId]++;
|
|
55
|
+
return request;
|
|
55
56
|
}
|
|
56
57
|
|
|
57
58
|
/**
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/agent",
|
|
3
|
-
"version": "4.17.
|
|
3
|
+
"version": "4.17.1",
|
|
4
4
|
"description": "Node.js security instrumentation by Contrast Security",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"security",
|
|
@@ -76,7 +76,7 @@
|
|
|
76
76
|
"@babel/template": "^7.10.4",
|
|
77
77
|
"@babel/traverse": "^7.12.1",
|
|
78
78
|
"@babel/types": "^7.12.1",
|
|
79
|
-
"@contrast/agent-lib": "^
|
|
79
|
+
"@contrast/agent-lib": "^4.0.0",
|
|
80
80
|
"@contrast/distringuish-prebuilt": "^2.2.0",
|
|
81
81
|
"@contrast/flat": "^4.1.1",
|
|
82
82
|
"@contrast/fn-inspect": "^2.4.4",
|
|
@@ -138,7 +138,7 @@
|
|
|
138
138
|
"csv-writer": "^1.2.0",
|
|
139
139
|
"deasync": "^0.1.24",
|
|
140
140
|
"dustjs-linkedin": "^3.0.1",
|
|
141
|
-
"ejs": "^3.1.
|
|
141
|
+
"ejs": "^3.1.7",
|
|
142
142
|
"escape-html": "^1.0.3",
|
|
143
143
|
"eslint": "^8.9.0",
|
|
144
144
|
"eslint-plugin-mocha": "^10.0.3",
|