npm - @contrast/core - Versions diffs - 1.41.1 → 1.42.0 - Mend

@contrast/core 1.41.1 → 1.42.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/lib/index.d.ts +1 -0
package/lib/system-info/index.js +22 -4
package/lib/system-info/linux-os-info.js +134 -0
package/lib/system-info/linux-os-info.test.js +121 -0
package/package.json +5 -5

package/lib/index.d.ts CHANGED Viewed

@@ -30,6 +30,7 @@ interface CreateSnapshotOpts {
 }
 export interface Core {
+  threadTransferData: any;
   agentName: string;
   agentVersion: string;
   reportingInstance: string;

package/lib/system-info/index.js CHANGED Viewed

@@ -19,6 +19,7 @@ const fs = require('fs/promises');
 const os = require('os');
 const { getCloudProviderMetadata } = require('./cloud-provider-metadata');
 const { primordials: { StringPrototypeConcat, StringPrototypeMatch } } = require('@contrast/common');
+const getLinuxOsInfo = require('./linux-os-info');
 const MOUNTINFO_REGEX = /\/docker\/containers\/(.*?)\//;
 const CGROUP_REGEX = /:\/docker\/([^/]+)$/;
@@ -33,7 +34,7 @@ function isUsingPM2(pkg) {
   return result;
 }
-async function isDocker() {
+async function getDockerInfo() {
   try {
     const result = await fs.readFile('/proc/self/mountinfo', 'utf8');
     const matches = StringPrototypeMatch.call(result, MOUNTINFO_REGEX);
@@ -60,6 +61,10 @@ async function isDocker() {
   return { isDocker: false, containerID: null };
 }
+function getKubernetesInfo() {
+  return { isKubernetes: !!process.env.KUBERNETES_SERVICE_HOST };
+}
 module.exports = function(core) {
   const {
     agentName,
@@ -77,6 +82,16 @@ module.exports = function(core) {
     const totalmem = os.totalmem();
     const freemem = os.freemem();
+    let linuxOsInfo = undefined;
+    const osInfo = await getLinuxOsInfo();
+    if (osInfo && osInfo.file) {
+      linuxOsInfo = {
+        Id: osInfo.id,
+        VersionId: osInfo.version_id,
+      };
+    }
     /** @type {import('@contrast/common').SystemInfo} */
     const info = {
       ReportDate: new Date().toISOString(),
@@ -107,16 +122,19 @@ module.exports = function(core) {
         CPU: {
           Type: cpus[0].model,
           Count: cpus.length,
-        }
+        },
+        // Id, VersionId if linux, else null
+        ...linuxOsInfo,
       },
       Host: {
-        Docker: await isDocker(),
+        Docker: await getDockerInfo(),
+        Kubernetes: getKubernetesInfo(),
         PM2: isUsingPM2(appInfo.pkg),
         Memory: {
           Total: StringPrototypeConcat.call((totalmem / 1e6).toFixed(0), ' MB'),
           Free: StringPrototypeConcat.call((freemem / 1e6).toFixed(0), ' MB'),
           Used: StringPrototypeConcat.call(((totalmem - freemem) / 1e6).toFixed(0), ' MB'),
-        }
+        },
       },
       Application: appInfo.pkg,
       Cloud: {

package/lib/system-info/linux-os-info.js ADDED Viewed

@@ -0,0 +1,134 @@
+/* eslint-disable header/header */
+/**
+ * MIT License
+ *
+ * Copyright (c) 2018 Samuel Carreira
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * This code is modified from https://github.com/bmacnaughton/linux-os-info, a
+ * fork of https://github.com/samuelcarreira/linux-release-info.
+ */
+/*
+ * Copyright: 2024 Contrast Security, Inc
+ * Contact: support@contrastsecurity.com
+ * License: Commercial
+ * NOTICE: This Software and the patented inventions embodied within may only be
+ * used as part of Contrast Security’s commercial offerings. Even though it is
+ * made available through public repositories, use of this Software is subject to
+ * the applicable End User Licensing Agreement found at
+ * https://www.contrastsecurity.com/enduser-terms-0317a or as otherwise agreed
+ * between Contrast Security and the End User. The Software may not be reverse
+ * engineered, modified, repackaged, sold, redistributed or otherwise used in a
+ * way not consistent with the End User License Agreement.
+ */
+'use strict';
+const fsp = require('node:fs/promises');
+const os = require('node:os');
+//
+// the key pieces of information from os-release are:
+// - id: 'ubuntu' or 'alpine' or 'arch' etc.
+// - version_id: ubuntu '22.04', alpine '3.20.3', arch '20241110.0.278197'
+// - version: ubuntu '24.04.1 LTS (Noble Numbat)', alpine undefined, arch undefined
+// NOTE: only ubuntu omits the patch field of the version in version ID. ubuntu
+// includes a version field that has that information, but that's not present in
+// most other distributions.
+// the alpine-release file only contains the version string
+// so fill in the basics based on that.
+function addEtcAlpineReleaseToOutputData(data, outputData) {
+  if (data[data.length - 1] === '\n') {
+    data = data.slice(0, -1);
+  }
+  outputData.name = 'Alpine';
+  outputData.id = 'alpine';
+  outputData.version = data;
+  outputData.version_id = data;
+}
+const defaultList = [
+  { path: '/etc/os-release', parser: addOsReleaseToOutputData },
+  { path: '/usr/lib/os-release', parser: addOsReleaseToOutputData },
+  { path: '/etc/alpine-release', parser: addEtcAlpineReleaseToOutputData }
+];
+/**
+ * Get OS release info with information from '/etc/os-release', '/usr/lib/os-release',
+ * or '/etc/alpine-release'. The information in that file is distribution-dependent.
+ *
+ * @returns Promise<Object> - where object is null if not Linux, or an object with
+ * the a file property and the key-value pairs from the file. Any quotes around the
+ * values are removed.
+ *
+ * the file property in the info object will be filled in with one of:
+ *   - the file path (above) used
+ *   - undefined if no file was found/could be read
+ */
+async function linuxOsInfo(opts = {}) {
+  // allow searching for other files and parsers.
+  const list = Array.isArray(opts.list) ? opts.list : defaultList;
+  if (os.type() !== 'Linux') {
+    return null;
+  }
+  let i = 0;
+  while (i < list.length) {
+    try {
+      const file = list[i].path;
+      const data = await fsp.readFile(file, 'utf8');
+      const outputData = { file };
+      list[i].parser(data, outputData);
+      return outputData;
+    } catch (e) {
+      i += 1;
+      continue;
+    }
+  }
+  // no file could be found and read
+  return { file: undefined };
+}
+function addOsReleaseToOutputData(data, outputData) {
+  const lines = data.split('\n');
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const index = line.indexOf('=');
+    // only look at lines with a key of length 1 or greater
+    if (index < 1) {
+      continue;
+    }
+    // lowercase key. all the keys i've seen have been UPPERCASE but it's safer
+    // to normalize them.
+    const key = line.slice(0, index).toLowerCase();
+    // remove quotes around value. this handles a quoted value with embedded
+    // quotes even though i've never seen that in the wild.
+    let value = line.slice(index + 1).trim();
+    if (value[0] === '"' && value[value.length - 1] === '"') {
+      value = value.slice(1, -1);
+      value = value.replace(/\\"/g, '"');
+    }
+    outputData[key] = value;
+  }
+}
+module.exports = linuxOsInfo;

package/lib/system-info/linux-os-info.test.js ADDED Viewed

@@ -0,0 +1,121 @@
+'use strict';
+const fsp = require('node:fs/promises');
+const os = require('node:os');
+const { expect } = require('chai');
+const sinon = require('sinon');
+/**
+# cat /etc/os-release
+NAME="Alpine Linux"
+ID=alpine
+VERSION_ID=3.20.3
+PRETTY_NAME="Alpine Linux v3.20"
+HOME_URL="https://alpinelinux.org/"
+BUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"
+# cat /etc/alpine-release
+3.20.3
+# cat /etc/os-release
+PRETTY_NAME="Ubuntu 22.04.3 LTS"
+NAME="Ubuntu"
+VERSION_ID="22.04"
+VERSION="22.04.3 LTS (Jammy Jellyfish)"
+VERSION_CODENAME=jammy
+ID=ubuntu
+ID_LIKE=debian
+HOME_URL="https://www.ubuntu.com/"
+SUPPORT_URL="https://help.ubuntu.com/"
+BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
+PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
+UBUNTU_CODENAME=jammy
+ */
+const linuxOsInfo = require('./linux-os-info');
+describe('linux-os-info', function() {
+  let fsStub;
+  let osStub;
+  beforeEach(function() {
+    fsStub = sinon.stub(fsp, 'readFile');
+    // fake up so test passes on windows.
+    osStub = sinon.stub(os, 'type').returns('Linux');
+  });
+  afterEach(function() {
+    fsStub.restore();
+    osStub.restore();
+  });
+  it('should return info for Ubuntu', async function() {
+    fsStub.withArgs('/etc/os-release').resolves('PRETTY_NAME="Ubuntu 22.04.3 LTS"\nNAME="Ubuntu"\nVERSION_ID="22.04"\nVERSION="22.04.3 LTS (Jammy Jellyfish)"\nVERSION_CODENAME=jammy\nID=ubuntu\nID_LIKE=debian\nHOME_URL="https://www.ubuntu.com/"\nSUPPORT_URL="https://help.ubuntu.com/"\nBUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"\nPRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"\nUBUNTU_CODENAME=jammy\n');
+    fsStub.withArgs('/etc/alpine-release').rejects(new Error('ENOENT'));
+    const result = await linuxOsInfo();
+    expect(result).to.deep.equal({
+      file: '/etc/os-release',
+      pretty_name: 'Ubuntu 22.04.3 LTS',
+      name: 'Ubuntu',
+      id: 'ubuntu',
+      version_id: '22.04',
+      version: '22.04.3 LTS (Jammy Jellyfish)',
+      version_codename: 'jammy',
+      id_like: 'debian',
+      home_url: 'https://www.ubuntu.com/',
+      support_url: 'https://help.ubuntu.com/',
+      bug_report_url: 'https://bugs.launchpad.net/ubuntu/',
+      privacy_policy_url: 'https://www.ubuntu.com/legal/terms-and-policies/privacy-policy',
+      ubuntu_codename: 'jammy',
+    });
+  });
+  it('should return info for Alpine without an os-release file', async function() {
+    fsStub.withArgs('/etc/os-release').rejects(new Error('ENOENT'));
+    fsStub.withArgs('/usr/lib/os-release').rejects(new Error('ENOENT'));
+    fsStub.withArgs('/etc/alpine-release').resolves('3.20.3\n');
+    const result = await linuxOsInfo();
+    expect(result).to.deep.equal({
+      file: '/etc/alpine-release',
+      name: 'Alpine',
+      id: 'alpine',
+      version: '3.20.3',
+      version_id: '3.20.3',
+    });
+  });
+  it('should return info for Alpine with an os-release file', async function() {
+    fsStub.withArgs('/etc/os-release').resolves('NAME="Alpine Linux"\nID=alpine\nVERSION_ID=3.20.3\nPRETTY_NAME="Alpine Linux v3.20"\nHOME_URL="https://alpinelinux.org/"\nBUG_REPORT_URL="https://gitlab.alpinelinux.org/alpine/aports/-/issues"\n');
+    fsStub.withArgs('/usr/lib/os-release').rejects(new Error('ENOENT'));
+    fsStub.withArgs('/etc/alpine-release').resolves('3.20.3\n');
+    const result = await linuxOsInfo();
+    expect(result).to.deep.equal({
+      file: '/etc/os-release',
+      name: 'Alpine Linux',
+      id: 'alpine',
+      version_id: '3.20.3',
+      pretty_name: 'Alpine Linux v3.20',
+      home_url: 'https://alpinelinux.org/',
+      bug_report_url: 'https://gitlab.alpinelinux.org/alpine/aports/-/issues',
+    });
+  });
+  it('should return info when no os-release or alpine-release files are found', async function() {
+    fsStub.withArgs('/etc/os-release').rejects(new Error('ENOENT'));
+    fsStub.withArgs('/usr/lib/os-release').rejects(new Error('ENOENT'));
+    fsStub.withArgs('/etc/alpine-release').rejects(new Error('ENOENT'));
+    const result = await linuxOsInfo();
+    // no file found
+    expect(result).deep.equal({ file: undefined });
+  });
+  it('should return null for non-linux systems', async function() {
+    osStub.returns('Windows_NT');
+    const result = await linuxOsInfo();
+    expect(result).to.be.null;
+  });
+});

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/core",
-  "version": "1.41.1",
+  "version": "1.42.0",
   "description": "Preconfigured Contrast agent core services and models",
   "license": "SEE LICENSE IN LICENSE",
   "author": "Contrast Security <nodejs@contrastsecurity.com> (https://www.contrastsecurity.com)",
@@ -16,12 +16,12 @@
     "test": "../scripts/test.sh"
   },
   "dependencies": {
-    "@contrast/common": "1.26.0",
-    "@contrast/config": "1.36.0",
+    "@contrast/common": "1.27.0",
+    "@contrast/config": "1.37.0",
     "@contrast/find-package-json": "^1.1.0",
     "@contrast/fn-inspect": "^4.3.0",
-    "@contrast/logger": "1.14.0",
-    "@contrast/patcher": "1.13.0",
+    "@contrast/logger": "1.15.0",
+    "@contrast/patcher": "1.14.0",
     "axios": "^1.7.4",
     "semver": "^7.6.0"
   }