@contrast/common 1.2.0 → 1.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/constants.d.ts +4 -1
- package/lib/constants.js +3 -0
- package/lib/constants.js.map +1 -1
- package/lib/types.d.ts +11 -9
- package/package.json +2 -2
- package/src/constants.ts +3 -0
- package/src/types.ts +2 -0
package/lib/constants.d.ts
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
export declare enum Event {
|
|
2
2
|
ASSESS = "assess",
|
|
3
3
|
PROTECT = "protect",
|
|
4
|
-
|
|
4
|
+
LIBRARY_USAGE = "library-usage",
|
|
5
|
+
ARCHITECTURE_COMPONENT = "architecture-component",
|
|
6
|
+
SERVER_SETTINGS_UPDATE = "server-settings-update",
|
|
7
|
+
ASSESS_DATAFLOW_FINDING = "assess-dataflow-findings"
|
|
5
8
|
}
|
|
6
9
|
export declare enum ProtectRuleMode {
|
|
7
10
|
OFF = "off",
|
package/lib/constants.js
CHANGED
|
@@ -19,7 +19,10 @@ var Event;
|
|
|
19
19
|
(function (Event) {
|
|
20
20
|
Event["ASSESS"] = "assess";
|
|
21
21
|
Event["PROTECT"] = "protect";
|
|
22
|
+
Event["LIBRARY_USAGE"] = "library-usage";
|
|
23
|
+
Event["ARCHITECTURE_COMPONENT"] = "architecture-component";
|
|
22
24
|
Event["SERVER_SETTINGS_UPDATE"] = "server-settings-update";
|
|
25
|
+
Event["ASSESS_DATAFLOW_FINDING"] = "assess-dataflow-findings";
|
|
23
26
|
})(Event = exports.Event || (exports.Event = {}));
|
|
24
27
|
var ProtectRuleMode;
|
|
25
28
|
(function (ProtectRuleMode) {
|
package/lib/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAEH,IAAY,
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAEH,IAAY,KAOX;AAPD,WAAY,KAAK;IACf,0BAAiB,CAAA;IACjB,4BAAmB,CAAA;IACnB,wCAA+B,CAAA;IAC/B,0DAAiD,CAAA;IACjD,0DAAiD,CAAA;IACjD,6DAAoD,CAAA;AACtD,CAAC,EAPW,KAAK,GAAL,aAAK,KAAL,aAAK,QAOhB;AACD,IAAY,eAKX;AALD,WAAY,eAAe;IACzB,8BAAW,CAAA;IACX,sCAAmB,CAAA;IACnB,kCAAe,CAAA;IACf,4DAAyC,CAAA;AAC3C,CAAC,EALW,eAAe,GAAf,uBAAe,KAAf,uBAAe,QAK1B;AAED,IAAY,IAmBX;AAnBD,WAAY,IAAI;IACd,mCAA2B,CAAA;IAC3B,uCAA+B,CAAA;IAC/B,2EAAmE,CAAA;IACnE,2FAAmF,CAAA;IACnF,yFAAiF,CAAA;IACjF,mCAA2B,CAAA;IAC3B,6CAAqC,CAAA;IACrC,2CAAmC,CAAA;IACnC,uDAA+C,CAAA;IAC/C,yCAAiC,CAAA;IACjC,qGAA6F,CAAA;IAC7F,uCAA+B,CAAA;IAC/B,uCAA+B,CAAA;IAC/B,yCAAiC,CAAA;IACjC,iDAAyC,CAAA;IACzC,+DAAuD,CAAA;IACvD,uCAA+B,CAAA;IAC/B,mBAAW,CAAA;AACb,CAAC,EAnBW,IAAI,GAAJ,YAAI,KAAJ,YAAI,QAmBf;AAED,IAAY,SAuBX;AAvBD,WAAY,SAAS;IACnB,8CAAiC,CAAA;IACjC,0BAAa,CAAA;IACb,wCAA2B,CAAA;IAC3B,0CAA6B,CAAA;IAC7B,8BAAiB,CAAA;IACjB,8CAAiC,CAAA;IACjC,gDAAmC,CAAA;IACnC,wCAA2B,CAAA;IAC3B,wBAAW,CAAA;IACX,8BAAiB,CAAA;IACjB,sCAAyB,CAAA;IACzB,sDAAyC,CAAA;IACzC,8DAAiD,CAAA;IACjD,gDAAmC,CAAA;IACnC,0DAA6C,CAAA;IAC7C,8CAAiC,CAAA;IACjC,oCAAuB,CAAA;IACvB,oCAAuB,CAAA;IACvB,8BAAiB,CAAA;IACjB,gCAAmB,CAAA;IACnB,4CAA+B,CAAA;IAC/B,gCAAmB,CAAA;AACrB,CAAC,EAvBW,SAAS,GAAT,iBAAS,KAAT,iBAAS,QAuBpB;AAEY,QAAA,cAAc,GAAG,CAAC,OAAO,EAAE,oBAAoB,CAAC,CAAC"}
|
package/lib/types.d.ts
CHANGED
|
@@ -21,10 +21,10 @@ export interface AppInfo {
|
|
|
21
21
|
serverEnvironment: string;
|
|
22
22
|
version: string;
|
|
23
23
|
}
|
|
24
|
-
export
|
|
25
|
-
export
|
|
26
|
-
export
|
|
27
|
-
export
|
|
24
|
+
export type CommonRules = Rule.SQL_INJECTION | Rule.CMD_INJECTION | Rule.PATH_TRAVERSAL | Rule.REFLECTED_XSS | Rule.SSJS_INJECTION | Rule.NOSQL_INJECTION_MONGO | Rule.UNSAFE_FILE_UPLOAD | Rule.NOSQL_INJECTION | Rule.BOT_BLOCKER;
|
|
25
|
+
export type SemanticAnalysisRules = Rule.CMD_INJECTION_SEMANTIC_DANGEROUS_PATHS | Rule.CMD_INJECTION_SEMANTIC_CHAINED_COMMANDS | Rule.XXE | Rule.CMD_INJECTION_COMMAND_BACKDOORS | Rule.PATH_TRAVERSAL_SEMANTIC_FILE_SECURITY_BYPASS;
|
|
26
|
+
export type ServerFeaturePreliminaryRules = Rule.VIRTUAL_PATCH | Rule.IP_DENYLIST;
|
|
27
|
+
export type HardeningRules = Rule.UNTRUSTED_DESERIALIZATION;
|
|
28
28
|
export interface Result {
|
|
29
29
|
blocked: boolean;
|
|
30
30
|
exploitMetadata?: any[] | any;
|
|
@@ -72,19 +72,19 @@ export interface ReqData {
|
|
|
72
72
|
ip: string;
|
|
73
73
|
httpVersion: string;
|
|
74
74
|
}
|
|
75
|
-
export
|
|
75
|
+
export type CommonRulesResultsMap = {
|
|
76
76
|
[rule in CommonRules]: Result[];
|
|
77
77
|
};
|
|
78
|
-
export
|
|
78
|
+
export type SemanticAnalysisResultsMap = {
|
|
79
79
|
[rule in SemanticAnalysisRules]: SemanticAnalysisResult[];
|
|
80
80
|
};
|
|
81
|
-
export
|
|
81
|
+
export type ServerFeaturePreliminaryResultsMap = {
|
|
82
82
|
[rule in ServerFeaturePreliminaryRules]: ServerFeaturePreliminaryResult[];
|
|
83
83
|
};
|
|
84
|
-
export
|
|
84
|
+
export type HardeningResultsMap = {
|
|
85
85
|
[rule in HardeningRules]: HardeningResult[];
|
|
86
86
|
};
|
|
87
|
-
export
|
|
87
|
+
export type ResultMap = CommonRulesResultsMap & SemanticAnalysisResultsMap & ServerFeaturePreliminaryResultsMap & HardeningResultsMap;
|
|
88
88
|
export interface ProtectMessage {
|
|
89
89
|
reqData: ReqData;
|
|
90
90
|
block: (mode: string, ruleId: string) => void;
|
|
@@ -118,7 +118,9 @@ export interface Messages extends EventEmitter {
|
|
|
118
118
|
addListener(event: Event.SERVER_SETTINGS_UPDATE, listener: (msg: Record<string, any>) => void): this;
|
|
119
119
|
emit(event: Event.PROTECT, msg: RequestStore): boolean;
|
|
120
120
|
emit(event: Event.SERVER_SETTINGS_UPDATE, msg: Record<string, any>): boolean;
|
|
121
|
+
on(event: Event.ARCHITECTURE_COMPONENT, listener: (msg: Record<string, any>) => void): this;
|
|
121
122
|
on(event: Event.PROTECT, listener: (msg: RequestStore) => void): this;
|
|
123
|
+
on(event: Event.LIBRARY_USAGE, listener: (msg: Record<string, any>) => void): this;
|
|
122
124
|
on(event: Event.SERVER_SETTINGS_UPDATE, listener: (msg: Record<string, any>) => void): this;
|
|
123
125
|
prependListener(event: Event.PROTECT, listener: (msg: RequestStore) => void): this;
|
|
124
126
|
prependOnceListener(event: Event.PROTECT, listener: (msg: RequestStore) => void): this;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@contrast/common",
|
|
3
|
-
"version": "1.
|
|
3
|
+
"version": "1.3.1",
|
|
4
4
|
"description": "Shared constants and utilities for all Contrast Agent modules",
|
|
5
5
|
"license": "UNLICENSED",
|
|
6
6
|
"author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
|
|
@@ -14,4 +14,4 @@
|
|
|
14
14
|
"build": "tsc --build src/",
|
|
15
15
|
"test": "../scripts/test.sh"
|
|
16
16
|
}
|
|
17
|
-
}
|
|
17
|
+
}
|
package/src/constants.ts
CHANGED
|
@@ -16,7 +16,10 @@
|
|
|
16
16
|
export enum Event {
|
|
17
17
|
ASSESS = 'assess',
|
|
18
18
|
PROTECT = 'protect',
|
|
19
|
+
LIBRARY_USAGE = 'library-usage',
|
|
20
|
+
ARCHITECTURE_COMPONENT = 'architecture-component',
|
|
19
21
|
SERVER_SETTINGS_UPDATE = 'server-settings-update',
|
|
22
|
+
ASSESS_DATAFLOW_FINDING = 'assess-dataflow-findings',
|
|
20
23
|
}
|
|
21
24
|
export enum ProtectRuleMode {
|
|
22
25
|
OFF = 'off',
|
package/src/types.ts
CHANGED
|
@@ -167,7 +167,9 @@ export interface Messages extends EventEmitter {
|
|
|
167
167
|
emit(event: Event.PROTECT, msg: RequestStore): boolean;
|
|
168
168
|
emit(event: Event.SERVER_SETTINGS_UPDATE, msg: Record<string, any>): boolean;
|
|
169
169
|
|
|
170
|
+
on(event: Event.ARCHITECTURE_COMPONENT, listener: (msg: Record<string, any>) => void): this;
|
|
170
171
|
on(event: Event.PROTECT, listener: (msg: RequestStore) => void): this;
|
|
172
|
+
on(event: Event.LIBRARY_USAGE, listener: (msg: Record<string, any>) => void): this
|
|
171
173
|
on(event: Event.SERVER_SETTINGS_UPDATE, listener: (msg: Record<string, any>) => void): this;
|
|
172
174
|
|
|
173
175
|
prependListener(event: Event.PROTECT, listener: (msg: RequestStore) => void,): this;
|