@contrast/agent 5.0.0 → 5.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/lib/esm-loader.mjs +10 -0
- package/lib/initialize.mjs +7 -5
- package/package.json +5 -5
package/README.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Contrast Security Node.js Agent
|
|
2
2
|
|
|
3
3
|
This package will enable instrumentation of your Node.js application for
|
|
4
|
-
security
|
|
4
|
+
security analysis and runtime protection by [Contrast Security](https://www.contrastsecurity.com).
|
|
5
5
|
|
|
6
6
|
Unlike legacy application security testing solutions, Contrast produces accurate
|
|
7
7
|
results without dependence on application security experts. Accuracy comes from
|
package/lib/esm-loader.mjs
CHANGED
|
@@ -139,6 +139,16 @@ if (Module.register && flag === '--import') {
|
|
|
139
139
|
// get relative URL
|
|
140
140
|
const url = new URL('./esm-hooks.mjs', import.meta.url);
|
|
141
141
|
await Module.register(url.href, import.meta.url, { data: { port: port2 }, transferList: [port2] });
|
|
142
|
+
|
|
143
|
+
// we only need to do this if there is a background thread.
|
|
144
|
+
// The esmHooks component of the main agent will send TS settings update to the loader agent via the port.
|
|
145
|
+
// To get the loader agent components to update we just need to forward the settings using `.messages` emitter.
|
|
146
|
+
core.messages.on(Event.SERVER_SETTINGS_UPDATE, (msg) => {
|
|
147
|
+
core.threadInfo.port.postMessage({
|
|
148
|
+
type: Event.SERVER_SETTINGS_UPDATE,
|
|
149
|
+
...msg,
|
|
150
|
+
});
|
|
151
|
+
});
|
|
142
152
|
}
|
|
143
153
|
|
|
144
154
|
// it's not possible to conditionally export, but exporting undefined
|
package/lib/initialize.mjs
CHANGED
|
@@ -122,11 +122,13 @@ async function executor(core) {
|
|
|
122
122
|
};
|
|
123
123
|
|
|
124
124
|
core.npmVersionRange = npmEngine;
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
125
|
+
if (isMainThread) {
|
|
126
|
+
require('@contrast/assess')(core);
|
|
127
|
+
require('@contrast/architecture-components')(core);
|
|
128
|
+
require('@contrast/library-analysis')(core);
|
|
129
|
+
require('@contrast/route-coverage')(core);
|
|
130
|
+
require('@contrast/protect')(core); // protect loads last; the other features are all passive
|
|
131
|
+
}
|
|
130
132
|
|
|
131
133
|
return core; // should this return core or just null/undefined?
|
|
132
134
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/agent",
|
|
3
|
-
"version": "5.0.
|
|
3
|
+
"version": "5.0.2",
|
|
4
4
|
"description": "Assess and Protect agents for Node.js",
|
|
5
5
|
"license": "SEE LICENSE IN LICENSE",
|
|
6
6
|
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|
|
@@ -21,13 +21,13 @@
|
|
|
21
21
|
"test": "../scripts/test.sh"
|
|
22
22
|
},
|
|
23
23
|
"dependencies": {
|
|
24
|
-
"@contrast/agentify": "1.18.
|
|
24
|
+
"@contrast/agentify": "1.18.2",
|
|
25
25
|
"@contrast/architecture-components": "1.14.0",
|
|
26
|
-
"@contrast/assess": "1.20.
|
|
26
|
+
"@contrast/assess": "1.20.1",
|
|
27
27
|
"@contrast/library-analysis": "1.15.1",
|
|
28
|
-
"@contrast/protect": "1.30.
|
|
28
|
+
"@contrast/protect": "1.30.1",
|
|
29
29
|
"@contrast/route-coverage": "1.14.0",
|
|
30
|
-
"@contrast/telemetry": "1.2.
|
|
30
|
+
"@contrast/telemetry": "1.2.1",
|
|
31
31
|
"semver": "^7.3.7"
|
|
32
32
|
}
|
|
33
33
|
}
|