@contrast/common 1.36.0 → 1.37.0

package/lib/constants.d.ts

@@ -10,7 +10,7 @@ export declare enum Event {
     ASSESS_CRYPTO_ANALYSIS_FINDING = "assess-crypto-analysis-finding",
     LIBRARY = "library",
     LIBRARY_USAGE = "library-usage",
-    PROTECT = "protect",
+    PROTECT_FINDING = "protect-finding",
     ROUTE_COVERAGE_OBSERVATION = "route-coverage-observation",
     SERVER_SETTINGS_UPDATE = "server-settings-update",// UI remote settings updates
     UNINSTALL = "uninstall",// disable all components/features

package/lib/constants.js

@@ -30,7 +30,7 @@ var Event;
     Event["ASSESS_CRYPTO_ANALYSIS_FINDING"] = "assess-crypto-analysis-finding";
     Event["LIBRARY"] = "library";
     Event["LIBRARY_USAGE"] = "library-usage";
-    Event["PROTECT"] = "protect";
+    Event["PROTECT_FINDING"] = "protect-finding";
     Event["ROUTE_COVERAGE_OBSERVATION"] = "route-coverage-observation";
     // state changes
     Event["SERVER_SETTINGS_UPDATE"] = "server-settings-update";

package/lib/types.d.ts

@@ -150,9 +150,8 @@ export interface Result {
     mongoExpansionResult?: boolean;
     path?: string[];
     ruleId: Rule;
-    score: number;
+    score?: number;
     value: string;
-    sinkContext?: any;
 }
 export interface SemanticAnalysisResult extends Result {
     ruleId: SemanticAnalysisRules;
@@ -230,6 +229,7 @@ export interface SourceInfo {
     contentType?: string;
     ip: string;
     httpVersion: string;
+    getHeader(name: string): string | null;
 }
 /**
  * this is known as RequestStore even though, in the future, instrumentation
@@ -346,6 +346,20 @@ export interface RouteInfo {
      */
     normalizedUrl: string;
 }
+export interface ProtectFindingEventArg {
+    store: RequestStore;
+    result: Result;
+    sinkContext?: {
+        name: string;
+        value: any;
+        stacktraceOpts?: {
+            constructorOpt: any;
+            prependFrames: any[];
+        };
+        stack?: any[];
+    };
+    findings?: any;
+}
 /**
  * Agent event emitter for messaging to/from external systems. Use cases are
  * reporting agent findings and broadcasting settings updates.
@@ -358,7 +372,7 @@ export interface Messages extends EventEmitter {
     emit(event: Event.ASSESS_DATAFLOW_FINDING, msg: any): boolean;
     emit(event: Event.LIBRARY, msg: Library): boolean;
     emit(event: Event.LIBRARY_USAGE, msg: LibraryUsage): boolean;
-    emit(event: Event.PROTECT, msg: RequestStore): boolean;
+    emit(event: Event.PROTECT_FINDING, msg: ProtectFindingEventArg): boolean;
     emit(event: Event.ROUTE_COVERAGE_DISCOVERY_FINISHED, routes: RouteInfo[]): boolean;
     emit(event: Event.ROUTE_COVERAGE_OBSERVATION, route: RouteInfo): boolean;
     emit(event: Event.SERVER_SETTINGS_UPDATE, msg: Record<string, any>): boolean;
@@ -369,7 +383,7 @@ export interface Messages extends EventEmitter {
     on(event: Event.ASSESS_DATAFLOW_FINDING, listenter: (msg: any) => void): this;
     on(event: Event.LIBRARY, listener: (msg: Library) => void): this;
     on(event: Event.LIBRARY_USAGE, listener: (msg: LibraryUsage) => void): this;
-    on(event: Event.PROTECT, listener: (msg: RequestStore) => void): this;
+    on(event: Event.PROTECT_FINDING, listener: (msg: ProtectFindingEventArg) => void): this;
     on(event: Event.ROUTE_COVERAGE_DISCOVERY_FINISHED, listener: (routes: RouteInfo[]) => void): this;
     on(event: Event.ROUTE_COVERAGE_OBSERVATION, listener: (route: RouteInfo) => void): this;
     on(event: Event.SERVER_SETTINGS_UPDATE, listener: (msg: Record<string, any>) => void): this;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/common",
-  "version": "1.36.0",
+  "version": "1.37.0",
   "description": "Shared constants and utilities for all Contrast Agent modules",
   "license": "UNLICENSED",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",