@contrast/agent 4.4.0-beta.0 → 4.5.2

package/bin/VERSION

@@ -1 +1 @@
-2.26.0
+2.27.3

package/lib/assess/hapi/route-coverage.js

@@ -151,9 +151,9 @@ class RouteCoverage {
    */
   createSignature({ method, path }) {
     let signature = 'server.route({ method: ';
-    Array.isArray(method)
-      ? (signature += `["${method.join('", "')}"]`)
-      : (signature += `"${method}"`);
+    signature += Array.isArray(method)
+      ? `["${method.join('", "')}"]`
+      : `"${method}"`;
 
     signature += `, path: "${path}" })`;
     return signature;

package/lib/assess/membrane/index.js

@@ -280,10 +280,6 @@ class Membrane {
       return this.wrapArray(target, metadata);
     }
 
-    // Object.defineProperty(target, util.inspect.custom, {
-    //   target: typeof target === 'string' ? () => `'${target}'` : () => target
-    // });
-
     return this.wrapObject(target, metadata);
   }
 }
@@ -310,12 +306,10 @@ function makeHandler(membrane, metadata) {
       // https://www.ecma-international.org/ecma-262/7.0/#sec-proxy-object-internal-methods-and-internal-slots-get-p-receiver
       // satisfy invariant
       const desc = Object.getOwnPropertyDescriptor(tar, prop);
-      // if (desc && (desc.writable || desc.set || desc.configurable)) {
       if (desc && desc.configurable) {
         r = membrane.wrap(r, copyMetadata(tar, prop, metadata));
-      } else {
-        // invariant case; can't wrap
-      }
+      } // else: invariant case; can't wrap
+
       return r;
     },
 

package/lib/assess/membrane/source-membrane.js

@@ -294,10 +294,9 @@ module.exports = class SourceMembrane extends Membrane {
     if (!(metadata.sourceType && metadata.path)) {
       return false;
     }
-    const koaQueryString = metadata.path.match(/(\w+)=/);
-    if (koaQueryString) {
-      // get 1st capture group, fall back to `metadata.path` if for some reason this does not exist
-      metadata.path = koaQueryString[1] || metadata.path;
+    const koaQueryString = metadata.path.split('=');
+    if (koaQueryString[1]) {
+      metadata.path = koaQueryString[0];
     }
     return true;
   }

package/lib/assess/models/base-event.js

@@ -166,7 +166,7 @@ class BaseEvent {
  * @return {BaseEvent[]} sorted list of events
  */
 function sortEvents(events) {
-  const sorted = events.sort((a, b) => {
+  events.sort((a, b) => {
     let parentsfactor = 0;
     if (a.parents.length > b.parents.length) {
       parentsfactor = -1;
@@ -184,7 +184,7 @@ function sortEvents(events) {
     return parentsfactor + timefactor;
   });
 
-  return sorted;
+  return events;
 }
 
 module.exports = BaseEvent;

package/lib/assess/models/call-context.js

@@ -153,9 +153,6 @@ module.exports = class CallContext {
       return value.toString();
     }
 
-    // FIXME
-    // if value === JSON, if value === Buffer, etc to put proper constructor name for static methods?
-
     const constructorName = _.get(value, 'constructor.name', 'null');
 
     if (constructorName === 'Object' && value) {

package/lib/assess/models/tag-range/index.js

@@ -14,7 +14,6 @@ Copyright: 2021 Contrast Security, Inc
 */
 'use strict';
 
-const _ = require('lodash');
 const logger = require('../../../core/logger')('contrast:tagRange');
 
 const Relationships = require('./relationships');
@@ -27,14 +26,13 @@ const DEFAULT_TAG = 'untrusted';
  */
 class TagRange {
   /**
-   * Validates the arguments to the contructor call.
-   * @param {number} start The starting index to track.
-   * @param {number} stop  The stopping index to track.
-   * @param {string} tag   The name of the tag.
+   * @param {number} start The starting index of string tracking on the data having the tag.
+   * @param {number} stop  The stopping index of string tracking on the data having the tag.
+   * @param {string?} tag  The name of the tag (default is "untrusted").
    */
-  static validate(start, stop, tag = DEFAULT_TAG) {
-    const bothFinite = _.isFinite(start) && _.isFinite(stop);
-    if (start > stop || !bothFinite) {
+  constructor(start, stop, tag = DEFAULT_TAG) {
+    // Validates the arguments to the contructor call.
+    if (!(start <= stop && start >= 0)) {
       logger.debug(
         'could not create tag %s with invalid range start: %s, stop %s.',
         tag,
@@ -42,15 +40,7 @@ class TagRange {
         stop
       );
     }
-  }
 
-  /**
-   * @param {number} start The starting index of string tracking on the data having the tag.
-   * @param {number} stop  The stopping index of string tracking on the data having the tag.
-   * @param {string?} tag  The name of the tag (default is "untrusted").
-   */
-  constructor(start, stop, tag = DEFAULT_TAG) {
-    TagRange.validate(start, stop, tag);
     /** @type {string} */
     this.tag = tag;
     /** @type {number} */