@contrast/agent 4.19.2 → 4.19.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/changelog.config.js
CHANGED
|
@@ -17,7 +17,7 @@ Copyright: 2022 Contrast Security, Inc
|
|
|
17
17
|
module.exports = {
|
|
18
18
|
jira: {
|
|
19
19
|
baseUrl: `https://${process.env.JIRA_HOST}`,
|
|
20
|
-
ticketIDPattern: /(NODE
|
|
20
|
+
ticketIDPattern: /(NODE-?\s?[0-9]{4})/i,
|
|
21
21
|
excludeIssueTypes: ['Sub-task', 'Release'],
|
|
22
22
|
api: {
|
|
23
23
|
host: process.env.JIRA_HOST,
|
|
@@ -33,7 +33,7 @@ module.exports = {
|
|
|
33
33
|
### Jira Tickets
|
|
34
34
|
---------------------
|
|
35
35
|
<% blockTickets.forEach(ticket => { -%>
|
|
36
|
-
*
|
|
36
|
+
* [<%= ticket.fields.issuetype.name %>] - <%- ticket.fields.summary %>
|
|
37
37
|
[<%= ticket.key %>](<%= jira.baseUrl + '/browse/' + ticket.key %>)
|
|
38
38
|
<% }); -%>
|
|
39
39
|
<% if (!blockTickets.length) {%> ~ None ~ <% } %>
|
|
@@ -109,14 +109,18 @@ module.exports = class CallContext {
|
|
|
109
109
|
}
|
|
110
110
|
|
|
111
111
|
if (arg && typeof arg === 'object') {
|
|
112
|
-
for (
|
|
112
|
+
for (const key in arg) {
|
|
113
113
|
if (tracker.getData(arg[key])) {
|
|
114
114
|
const start = CallContext.valueString(arg).indexOf(arg[key]);
|
|
115
|
+
if (start === -1) {
|
|
116
|
+
// If tracked string is not in the abbreviated stringified obj, disable highlighting
|
|
117
|
+
return new TagRange(0, 0, 'disable-highlighting');
|
|
118
|
+
}
|
|
115
119
|
return new TagRange(start, start + arg[key].length - 1, 'untrusted');
|
|
116
120
|
}
|
|
117
121
|
}
|
|
118
122
|
}
|
|
119
|
-
return {}
|
|
123
|
+
return {};
|
|
120
124
|
}
|
|
121
125
|
|
|
122
126
|
set result(result) {
|
|
@@ -12,6 +12,8 @@ Copyright: 2022 Contrast Security, Inc
|
|
|
12
12
|
engineered, modified, repackaged, sold, redistributed or otherwise used in a
|
|
13
13
|
way not consistent with the End User License Agreement.
|
|
14
14
|
*/
|
|
15
|
+
'use strict';
|
|
16
|
+
|
|
15
17
|
const { TAGS } = require('../../constants');
|
|
16
18
|
|
|
17
19
|
/**
|
|
@@ -23,10 +25,11 @@ class EventTag {
|
|
|
23
25
|
*/
|
|
24
26
|
constructor(tagRange) {
|
|
25
27
|
this.tag = TAGS[tagRange.tag] || 'CUSTOM';
|
|
28
|
+
this.offset = this.tag === 'disable-highlighting' ? 0 : 1;
|
|
26
29
|
// agent tracks ranges as [start,stop] (inclusive,inclusive)
|
|
27
30
|
// but TS interprets as [start,stop) (inclusive,exclusive)
|
|
28
31
|
// so we need to add 1 to stop
|
|
29
|
-
this.range = `${tagRange.start}:${tagRange.stop +
|
|
32
|
+
this.range = `${tagRange.start}:${tagRange.stop + this.offset}`;
|
|
30
33
|
}
|
|
31
34
|
}
|
|
32
35
|
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/agent",
|
|
3
|
-
"version": "4.19.
|
|
3
|
+
"version": "4.19.3",
|
|
4
4
|
"description": "Node.js security instrumentation by Contrast Security",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"security",
|
|
@@ -200,7 +200,6 @@
|
|
|
200
200
|
},
|
|
201
201
|
"bundleDependencies": [
|
|
202
202
|
"winston",
|
|
203
|
-
"winston-syslog",
|
|
204
203
|
"winston-daily-rotate-file"
|
|
205
204
|
]
|
|
206
205
|
}
|