@contrast/agentify 1.30.0 → 1.31.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/rewrite-hooks.js +1 -1
- package/lib/rewrite-is-deadzoned.js +70 -9
- package/lib/rewrite-is-deadzoned.test.js +85 -0
- package/package.json +14 -14
package/lib/rewrite-hooks.js
CHANGED
|
@@ -37,7 +37,7 @@ const DEADZONED_PATHS = [
|
|
|
37
37
|
'browserify',
|
|
38
38
|
'bson',
|
|
39
39
|
'bunyan',
|
|
40
|
-
'@cyclonedx
|
|
40
|
+
'@cyclonedx',
|
|
41
41
|
'coffeescript',
|
|
42
42
|
'compression',
|
|
43
43
|
'etag',
|
|
@@ -61,21 +61,82 @@ const DEADZONED_PATHS = [
|
|
|
61
61
|
'node-webpack',
|
|
62
62
|
'pem',
|
|
63
63
|
'react',
|
|
64
|
-
'react-dom',
|
|
65
|
-
'react-dom/server',
|
|
64
|
+
'react-dom', // doesn't this cover the next line?
|
|
65
|
+
//'react-dom/server',
|
|
66
66
|
'requirejs',
|
|
67
67
|
'semver',
|
|
68
68
|
'strong-remoting',
|
|
69
69
|
'type-is',
|
|
70
70
|
'uglify-js',
|
|
71
|
-
]
|
|
71
|
+
];
|
|
72
|
+
|
|
73
|
+
// maybe make the value an object for more complex strategies in the future
|
|
74
|
+
// NOTE: they key should appear in the list above as well. if it's not there
|
|
75
|
+
// then this object will never be checked.
|
|
76
|
+
const CUSTOM_REWRITERS = {
|
|
77
|
+
'acorn': 'no-propagation',
|
|
78
|
+
'archiver': 'no-propagation',
|
|
79
|
+
'babel-core': 'no-propagation',
|
|
80
|
+
'@babel': 'no-propagation',
|
|
81
|
+
'bcryptjs': 'no-propagation',
|
|
82
|
+
'bson': 'no-propagation',
|
|
83
|
+
'coffeescript': 'no-propagation',
|
|
84
|
+
'jsrsasign': 'no-propagation',
|
|
85
|
+
'less': 'no-propagation',
|
|
86
|
+
'@cyclonedx': 'no-propagation',
|
|
87
|
+
};
|
|
88
|
+
|
|
89
|
+
const nodeModules = `${sep}node_modules${sep}`;
|
|
90
|
+
|
|
91
|
+
function rewriteIsDeadzoned(absolutePath) {
|
|
92
|
+
// we should only match the last node_modules folder
|
|
93
|
+
const startingPoint = absolutePath.lastIndexOf(nodeModules) + nodeModules.length;
|
|
72
94
|
|
|
73
|
-
module.exports = function rewriteIsDeadzoned(filename) {
|
|
74
|
-
// make all windows separators into unix separators
|
|
75
95
|
for (const path of DEADZONED_PATHS) {
|
|
76
|
-
const start =
|
|
77
|
-
|
|
96
|
+
const start = absolutePath.indexOf(path, startingPoint);
|
|
97
|
+
// we return the name of the deadzoned module if it is found
|
|
98
|
+
if (start >= 0 && (start + path.length === absolutePath.length || absolutePath[start + path.length] === sep)) {
|
|
99
|
+
return path;
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
|
|
103
|
+
return undefined;
|
|
104
|
+
}
|
|
105
|
+
|
|
106
|
+
// the next function is used if/when we implement custom rewrite strategies.
|
|
107
|
+
// NODE-3512 implements that and this was taken from there.
|
|
108
|
+
|
|
109
|
+
/**
|
|
110
|
+
* Returns an array with a package name and that package's rewrite strategy.
|
|
111
|
+
* The package name is only returned the package strategy is not 'default'.
|
|
112
|
+
* Strategies:
|
|
113
|
+
* - 'default': rewrite the module using the original, default rewriter
|
|
114
|
+
* - 'deadzone': do not rewrite the module
|
|
115
|
+
* - 'no-propagation': rewrite the module with the no-propagation rewriter
|
|
116
|
+
*
|
|
117
|
+
* why does this return the package name? mostly just because it had to extract
|
|
118
|
+
* it from the path, so returning means the caller doesn't have to.
|
|
119
|
+
*
|
|
120
|
+
* @param {string} absolutePath
|
|
121
|
+
* @returns {[string | undefined, 'default' | 'deadzone' | 'no-propagation']}
|
|
122
|
+
*/
|
|
123
|
+
function getPackageRewriteStrategy(absolutePath) {
|
|
124
|
+
const pkg = rewriteIsDeadzoned(absolutePath);
|
|
125
|
+
if (!pkg) {
|
|
126
|
+
return [undefined, 'default'];
|
|
78
127
|
}
|
|
79
128
|
|
|
80
|
-
|
|
129
|
+
const strategy = CUSTOM_REWRITERS[pkg];
|
|
130
|
+
if (strategy && process.env.CSI_USE_CUSTOM_REWRITERS) {
|
|
131
|
+
return [pkg, strategy];
|
|
132
|
+
}
|
|
133
|
+
|
|
134
|
+
return [pkg, 'deadzone'];
|
|
135
|
+
}
|
|
136
|
+
|
|
137
|
+
module.exports = {
|
|
138
|
+
DEADZONED_PATHS,
|
|
139
|
+
CUSTOM_REWRITERS,
|
|
140
|
+
rewriteIsDeadzoned,
|
|
141
|
+
getPackageRewriteStrategy,
|
|
81
142
|
};
|
|
@@ -0,0 +1,85 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { normalize } = require('node:path');
|
|
4
|
+
const { deepEqual } = require('node:assert').strict;
|
|
5
|
+
|
|
6
|
+
const {
|
|
7
|
+
getPackageRewriteStrategy, DEADZONED_PATHS, CUSTOM_REWRITERS
|
|
8
|
+
} = require('./rewrite-is-deadzoned');
|
|
9
|
+
|
|
10
|
+
describe('verify getPackageRewriteStrategy()', function() {
|
|
11
|
+
before(function() {
|
|
12
|
+
process.env.CSI_USE_CUSTOM_REWRITERS = '1';
|
|
13
|
+
});
|
|
14
|
+
after(function() {
|
|
15
|
+
delete process.env.CSI_USE_CUSTOM_REWRITERS;
|
|
16
|
+
});
|
|
17
|
+
|
|
18
|
+
// test deadzoned paths and custom rewriters
|
|
19
|
+
for (const path of DEADZONED_PATHS) {
|
|
20
|
+
if (CUSTOM_REWRITERS[path]) {
|
|
21
|
+
it(`should return "${CUSTOM_REWRITERS[path]}" for ${path}`, function() {
|
|
22
|
+
const p = normalize(`/path/to/node_modules/${path}`);
|
|
23
|
+
const result = getPackageRewriteStrategy(p);
|
|
24
|
+
deepEqual(result, [path, CUSTOM_REWRITERS[path]]);
|
|
25
|
+
});
|
|
26
|
+
it(`should return "${CUSTOM_REWRITERS[path]}" for ${path} with additional elements`, function() {
|
|
27
|
+
const p = normalize(`/path/to/node_modules/${path}/server`);
|
|
28
|
+
const result = getPackageRewriteStrategy(p);
|
|
29
|
+
deepEqual(result, [path, CUSTOM_REWRITERS[path]]);
|
|
30
|
+
});
|
|
31
|
+
it(`should return "${CUSTOM_REWRITERS[path]}" for ${path} with specific .js file`, function() {
|
|
32
|
+
const p = normalize(`/path/to/node_modules/${path}/core/index.js`);
|
|
33
|
+
const result = getPackageRewriteStrategy(p);
|
|
34
|
+
deepEqual(result, [path, CUSTOM_REWRITERS[path]]);
|
|
35
|
+
});
|
|
36
|
+
} else {
|
|
37
|
+
it(`should return "deadzone" for ${path}`, function() {
|
|
38
|
+
const p = normalize(`/path/to/node_modules/${path}`);
|
|
39
|
+
const result = getPackageRewriteStrategy(p);
|
|
40
|
+
deepEqual(result, [path, 'deadzone']);
|
|
41
|
+
});
|
|
42
|
+
it(`should return "deadzone" for ${path} with additional elements`, function() {
|
|
43
|
+
const p = normalize(`/path/to/node_modules/${path}/server`);
|
|
44
|
+
const result = getPackageRewriteStrategy(p);
|
|
45
|
+
deepEqual(result, [path, 'deadzone']);
|
|
46
|
+
});
|
|
47
|
+
it(`should return "deadzone" for ${path} with specific .js file`, function() {
|
|
48
|
+
const p = normalize(`/path/to/node_modules/${path}/core/index.js`);
|
|
49
|
+
const result = getPackageRewriteStrategy(p);
|
|
50
|
+
deepEqual(result, [path, 'deadzone']);
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
|
|
55
|
+
// test default (not deadzoned or custom) paths
|
|
56
|
+
for (const path of ['xyzzy', 'fubar', 'seven']) {
|
|
57
|
+
it(`should return "default" for ${path}`, function() {
|
|
58
|
+
const p = normalize(`/path/to/node_modules/${path}`);
|
|
59
|
+
const result = getPackageRewriteStrategy(p);
|
|
60
|
+
deepEqual(result, [undefined, 'default']);
|
|
61
|
+
});
|
|
62
|
+
it(`should return "default" for ${path} with additional elements`, function() {
|
|
63
|
+
const p = normalize(`/path/to/node_modules/${path}/server`);
|
|
64
|
+
const result = getPackageRewriteStrategy(p);
|
|
65
|
+
deepEqual(result, [undefined, 'default']);
|
|
66
|
+
});
|
|
67
|
+
it(`should return "default" for ${path} with specific .js file`, function() {
|
|
68
|
+
const p = normalize(`/path/to/node_modules/${path}/core/index.js`);
|
|
69
|
+
const result = getPackageRewriteStrategy(p);
|
|
70
|
+
deepEqual(result, [undefined, 'default']);
|
|
71
|
+
});
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
const doubleCheck = [
|
|
75
|
+
'/home/bruce/github/csi/node-mono/node_modules/@cyclonedx/cyclonedx-library/dist.node/serialize/xml/types.js'
|
|
76
|
+
];
|
|
77
|
+
|
|
78
|
+
for (let path of doubleCheck) {
|
|
79
|
+
path = normalize(path);
|
|
80
|
+
it(`should return "no-propagation" for ${path}`, function() {
|
|
81
|
+
const result = getPackageRewriteStrategy(path);
|
|
82
|
+
deepEqual(result, ['@cyclonedx', 'no-propagation']);
|
|
83
|
+
});
|
|
84
|
+
}
|
|
85
|
+
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/agentify",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.31.0",
|
|
4
4
|
"description": "Configures Contrast agent services and instrumentation within an application",
|
|
5
5
|
"license": "SEE LICENSE IN LICENSE",
|
|
6
6
|
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|
|
@@ -17,20 +17,20 @@
|
|
|
17
17
|
"test": "../scripts/test.sh"
|
|
18
18
|
},
|
|
19
19
|
"dependencies": {
|
|
20
|
-
"@contrast/common": "1.
|
|
21
|
-
"@contrast/config": "1.
|
|
22
|
-
"@contrast/core": "1.
|
|
23
|
-
"@contrast/deadzones": "1.
|
|
24
|
-
"@contrast/dep-hooks": "1.
|
|
25
|
-
"@contrast/esm-hooks": "2.
|
|
20
|
+
"@contrast/common": "1.25.0",
|
|
21
|
+
"@contrast/config": "1.32.0",
|
|
22
|
+
"@contrast/core": "1.36.0",
|
|
23
|
+
"@contrast/deadzones": "1.6.0",
|
|
24
|
+
"@contrast/dep-hooks": "1.4.0",
|
|
25
|
+
"@contrast/esm-hooks": "2.10.0",
|
|
26
26
|
"@contrast/find-package-json": "^1.1.0",
|
|
27
|
-
"@contrast/instrumentation": "1.
|
|
28
|
-
"@contrast/logger": "1.
|
|
29
|
-
"@contrast/metrics": "1.
|
|
30
|
-
"@contrast/patcher": "1.
|
|
31
|
-
"@contrast/reporter": "1.
|
|
32
|
-
"@contrast/rewriter": "1.
|
|
33
|
-
"@contrast/scopes": "1.
|
|
27
|
+
"@contrast/instrumentation": "1.14.0",
|
|
28
|
+
"@contrast/logger": "1.9.0",
|
|
29
|
+
"@contrast/metrics": "1.12.0",
|
|
30
|
+
"@contrast/patcher": "1.8.0",
|
|
31
|
+
"@contrast/reporter": "1.31.0",
|
|
32
|
+
"@contrast/rewriter": "1.12.0",
|
|
33
|
+
"@contrast/scopes": "1.5.0",
|
|
34
34
|
"semver": "^7.6.0"
|
|
35
35
|
}
|
|
36
36
|
}
|