@contrast/agent 5.6.0 → 5.6.2

package/lib/esm-loader.mjs

@@ -16,11 +16,12 @@
 import Module from 'node:module';
 const require = Module.createRequire(import.meta.url);
 const { startAgent } = require('./start-agent');
+
 let load, resolve;
 
-try {
-  const core = await startAgent({ type: 'esm' });
-  ({ load, resolve } = core.esmHooks.hooks); // remove when all LTS versions support register
-} catch (err) { } // eslint-disable-line no-empty
+const core = await startAgent({ type: 'esm' });
+if (core?.esmHooks?.hooks) {
+  ({ load, resolve } = core.esmHooks.hooks);
+}
 
-export { load, resolve }; // remove when all LTS versions support register
+export { load, resolve }; // can remove when all LTS versions support register

package/lib/index.js

@@ -15,8 +15,7 @@
 
 'use strict';
 
-const { startAgent } = require('./start-agent');
-
-try {
-  startAgent({ type: 'cjs' });
-} catch (err) {} // eslint-disable-line no-empty
+(async () => {
+  const { startAgent } = require('./start-agent');
+  await startAgent({ type: 'cjs' });
+})();

package/lib/start-agent.js

@@ -17,49 +17,37 @@
 
 const process = require('process');
 const { isMainThread } = require('node:worker_threads');
-const semver = require('semver');
 const _agentify = require('@contrast/agentify');
 const {
   name: agentName,
   version: agentVersion,
   engines: {
-    node: nodeEngine,
-    npm: npmEngine
+    node: nodeEngines,
+    npm: npmVersionRange
   }
 } = require('../package.json');
 
 function initCore() {
-  if (!semver.satisfies(process.version, nodeEngine)) {
-    let validRanges = '';
-    nodeEngine.split('||').forEach((range) => {
-      const minVersion = semver.minVersion(range).toString();
-      const maxVersion = range.split('<').pop()
-        .trim();
-      validRanges += `${minVersion} and ${maxVersion}, `;
-    });
-    throw new Error(`Contrast only officially supports Node LTS versions between ${validRanges}but detected ${process.version}.`);
-  }
-
-  checkImportVsLoaderVsNodeVersion();
-
-  const core = { agentName, agentVersion };
-
-  core.startupValidation = {
-    /**
-     *  This will run after we onboard to the UI and pick up any remote settings.
-     */
-    install() {
-      if (
-        !core.config.getEffectiveValue('assess.enable') &&
-        !core.config.getEffectiveValue('protect.enable')
-      ) {
-        throw new Error('Neither Assess nor Protect are enabled. Check local configuration and UI settings');
+  const core = {
+    agentName,
+    agentVersion,
+    nodeEngines,
+    npmVersionRange,
+    startupValidation: {
+      /**
+       *  This will run after we onboard to the UI and pick up any remote settings. See install order below.
+       */
+      install() {
+        if (
+          !core.config.getEffectiveValue('assess.enable') &&
+          !core.config.getEffectiveValue('protect.enable')
+        ) {
+          throw new Error('Neither Assess nor Protect are enabled. Check local configuration and UI settings');
+        }
       }
     }
   };
 
-  core.npmVersionRange = npmEngine;
-
   if (process.env.CSI_EXPOSE_CORE) {
     global[Symbol.for('contrast:core')] = core;
   }
@@ -75,74 +63,40 @@ function loadFeatures(core) {
   require('@contrast/protect')(core);
 }
 
-/**
- * check to see if we're running with the correct flag (--loader or --import)
- * for the right version of node. we do not function correctly when --loader
- * is used for node >= 18 or when --import is used for node < 18.
- */
-function checkImportVsLoaderVsNodeVersion() {
-  // allow testing to ignore these restrictions
-  const noValidate = process.env.CSI_EXPOSE_CORE === 'no-validate';
-  let msg;
-
-  const { execArgv, version } = process;
-  // eslint-disable-next-line newline-per-chained-call
-  const [major, minor] = version.slice(1).split('.').map(Number);
-  for (let i = 0; i < execArgv.length; i++) {
-    const loader = execArgv[i];
-    const agent = execArgv[i + 1];
-    if (['--import', '--loader', '--experimental-loader'].includes(loader) && agent?.startsWith('@contrast/agent')) {
-      if (noValidate) {
-        return;
-      }
-      if (loader === '--import') {
-        // loader is --import
-        if (major === 18 && minor >= 19 || major >= 20) {
-          return;
-        }
-        if (major <= 18 && minor < 19) {
-          msg = 'Contrast requires node versions less than 18.19.0 use the --loader flag for ESM support';
-        }
-      } else {
-        // loader is either --loader or --experimental-loader (same thing)
-        if (major >= 20 || major === 18 && minor >= 19) {
-          msg = 'Contrast requires node versions >= 18.19.0 use the --import flag for ESM support';
-        }
-      }
-      break;
-    }
-  }
-
-  if (msg) throw new Error(msg);
-}
-
-async function startAgent({ type = 'cjs' } = {}) {
+function startAgent({ type = 'cjs' } = {}) {
   if (isMainThread) {
-    const core = initCore();
-    const agentify = _agentify(core);
-
-    return agentify(loadFeatures, {
-      installOrder: [
-        'reporter',
-        'startupValidation',
-        'contrastMethods',
-        'deadzones',
-        'scopes',
-        'sources',
-        'architectureComponents',
-        'assess',
-        'protect',
-        'depHooks',
-        'routeCoverage',
-        'libraryAnalysis',
-        'heapSnapshots',
-        'metrics',
-        'rewriteHooks',
-        'functionHooks',
-        'esmHooks',
-      ],
-      type
-    });
+    try {
+      const core = initCore();
+      const agentify = _agentify(core);
+
+      return agentify(loadFeatures, {
+        installOrder: [
+          'reporter',
+          'startupValidation',
+          'contrastMethods',
+          'deadzones',
+          'scopes',
+          'sources',
+          'architectureComponents',
+          'assess',
+          'protect',
+          'depHooks',
+          'routeCoverage',
+          'libraryAnalysis',
+          'heapSnapshots',
+          'metrics',
+          'rewriteHooks',
+          'functionHooks',
+          'esmHooks',
+        ],
+        type
+      });
+    } catch (err) {
+      // agentify should catch any startup errors and handle necessary logging,
+      // but this is just in case a fatal error occurs during composition.
+      console.error('Startup error was not handled by agentify. Application Will be run without instrumentation.');
+      console.error(err);
+    }
   } else {
     console.warn('Not in main thread. Thread continuing without instrumentation.');
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/agent",
-  "version": "5.6.0",
+  "version": "5.6.2",
   "description": "Assess and Protect agents for Node.js",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -15,19 +15,18 @@
   "types": "lib/index.d.ts",
   "engines": {
     "npm": ">=6.13.7 <7 || >= 8.3.1",
-    "node": ">=14.15.0 <15 || >=16.9.1 <17 || >=18.7.0 <19 || >=20.6.0 <21"
+    "node": ">=14.18.0 <15 || >=16.9.1 <17 || >=18.7.0 <19 || >=20.6.0 <21"
   },
   "scripts": {
     "test": "../scripts/test.sh"
   },
   "dependencies": {
-    "@contrast/agentify": "1.24.0",
-    "@contrast/architecture-components": "1.18.0",
-    "@contrast/assess": "1.27.0",
-    "@contrast/library-analysis": "1.19.0",
-    "@contrast/protect": "1.35.0",
-    "@contrast/route-coverage": "1.18.0",
-    "@contrast/telemetry": "1.6.0",
-    "semver": "^7.3.7"
+    "@contrast/agentify": "1.24.2",
+    "@contrast/architecture-components": "1.18.1",
+    "@contrast/assess": "1.27.2",
+    "@contrast/library-analysis": "1.19.1",
+    "@contrast/protect": "1.35.2",
+    "@contrast/route-coverage": "1.19.0",
+    "@contrast/telemetry": "1.6.2"
   }
 }