dd-trace 3.1.0 → 3.3.0

package/packages/datadog-instrumentations/src/mocha.js

@@ -19,7 +19,31 @@ const patched = new WeakSet()
 
 const testToAr = new WeakMap()
 const originalFns = new WeakMap()
-const testSuiteToAr = new WeakMap()
+const testFileToSuiteAr = new Map()
+
+function getSuitesByTestFile (root) {
+  const suitesByTestFile = {}
+  function getSuites (suite) {
+    if (suite.file) {
+      if (suitesByTestFile[suite.file]) {
+        suitesByTestFile[suite.file].push(suite)
+      } else {
+        suitesByTestFile[suite.file] = [suite]
+      }
+    }
+    suite.suites.forEach(suite => {
+      getSuites(suite)
+    })
+  }
+  getSuites(root)
+
+  const numSuitesByTestFile = Object.keys(suitesByTestFile).reduce((acc, testFile) => {
+    acc[testFile] = suitesByTestFile[testFile].length
+    return acc
+  }, {})
+
+  return { suitesByTestFile, numSuitesByTestFile }
+}
 
 function getTestStatus (test) {
   if (test.pending) {
@@ -56,6 +80,8 @@ function mochaHook (Runner) {
       return run.apply(this, arguments)
     }
 
+    const { suitesByTestFile, numSuitesByTestFile } = getSuitesByTestFile(this.suite)
+
     const testRunAsyncResource = new AsyncResource('bound-anonymous-fn')
 
     this.once('end', testRunAsyncResource.bind(function () {
@@ -65,6 +91,7 @@ function mochaHook (Runner) {
       } else if (this.failures !== 0) {
         status = 'fail'
       }
+      testFileToSuiteAr.clear()
       testRunFinishCh.publish(status)
     }))
 
@@ -75,34 +102,45 @@ function mochaHook (Runner) {
     }))
 
     this.on('suite', function (suite) {
-      if (suite.root) {
+      if (suite.root || !suite.tests.length) {
         return
       }
-      const asyncResource = new AsyncResource('bound-anonymous-fn')
-
-      testSuiteToAr.set(suite, asyncResource)
-
-      asyncResource.runInAsyncScope(() => {
-        testSuiteStartCh.publish(suite)
-      })
+      let asyncResource = testFileToSuiteAr.get(suite.file)
+      if (!asyncResource) {
+        asyncResource = new AsyncResource('bound-anonymous-fn')
+        testFileToSuiteAr.set(suite.file, asyncResource)
+        asyncResource.runInAsyncScope(() => {
+          testSuiteStartCh.publish(suite)
+        })
+      }
     })
 
     this.on('suite end', function (suite) {
       if (suite.root) {
         return
       }
+      const suitesInTestFile = suitesByTestFile[suite.file]
+
+      const isLastSuite = --numSuitesByTestFile[suite.file] === 0
+      if (!isLastSuite) {
+        return
+      }
+
       let status = 'pass'
-      if (suite.pending) {
+      if (suitesInTestFile.every(suite => suite.pending)) {
         status = 'skip'
       } else {
-        suite.eachTest(test => {
-          if (test.state === 'failed' || test.timedOut) {
-            status = 'fail'
-          }
+        // has to check every test in the test file
+        suitesInTestFile.forEach(suite => {
+          suite.eachTest(test => {
+            if (test.state === 'failed' || test.timedOut) {
+              status = 'fail'
+            }
+          })
         })
       }
 
-      const asyncResource = testSuiteToAr.get(suite)
+      const asyncResource = testFileToSuiteAr.get(suite.file)
       asyncResource.runInAsyncScope(() => {
         // get suite status
         testSuiteFinishCh.publish(status)
@@ -125,7 +163,7 @@ function mochaHook (Runner) {
       const status = getTestStatus(test)
 
       // if there are afterEach to be run, we don't finish the test yet
-      if (!test.parent._afterEach.length) {
+      if (asyncResource && !test.parent._afterEach.length) {
         asyncResource.runInAsyncScope(() => {
           testFinishCh.publish(status)
         })
@@ -148,34 +186,38 @@ function mochaHook (Runner) {
     })
 
     this.on('fail', (testOrHook, err) => {
+      const testFile = testOrHook.file
       let test = testOrHook
       const isHook = testOrHook.type === 'hook'
       if (isHook && testOrHook.ctx) {
         test = testOrHook.ctx.currentTest
       }
-      let asyncResource
+      let testAsyncResource
       if (test) {
-        asyncResource = getTestAsyncResource(test)
+        testAsyncResource = getTestAsyncResource(test)
       }
-      if (asyncResource) {
-        asyncResource.runInAsyncScope(() => {
+      if (testAsyncResource) {
+        testAsyncResource.runInAsyncScope(() => {
           if (isHook) {
-            err.message = `${testOrHook.title}: ${err.message}`
+            err.message = `${testOrHook.fullTitle()}: ${err.message}`
             errorCh.publish(err)
             // if it's a hook and it has failed, 'test end' will not be called
             testFinishCh.publish('fail')
           } else {
             errorCh.publish(err)
           }
-          // we propagate the error to the suite
-          const testSuiteAsyncResource = testSuiteToAr.get(test.parent)
-          if (testSuiteAsyncResource) {
-            const testSuiteError = new Error(`Test "${test.fullTitle()}" failed with message "${err.message}"`)
-            testSuiteError.stack = err.stack
-            testSuiteAsyncResource.runInAsyncScope(() => {
-              testSuiteErrorCh.publish(testSuiteError)
-            })
-          }
+        })
+      }
+      const testSuiteAsyncResource = testFileToSuiteAr.get(testFile)
+
+      if (testSuiteAsyncResource) {
+        // we propagate the error to the suite
+        const testSuiteError = new Error(
+          `"${testOrHook.parent.fullTitle()}" failed with message "${err.message}"`
+        )
+        testSuiteError.stack = err.stack
+        testSuiteAsyncResource.runInAsyncScope(() => {
+          testSuiteErrorCh.publish(testSuiteError)
         })
       }
     })
@@ -189,7 +231,11 @@ function mochaHook (Runner) {
       } else {
         // if there is no async resource, the test has been skipped through `test.skip``
         const skippedTestAsyncResource = new AsyncResource('bound-anonymous-fn')
-        testToAr.set(test, skippedTestAsyncResource)
+        if (test.fn) {
+          testToAr.set(test.fn, skippedTestAsyncResource)
+        } else {
+          testToAr.set(test, skippedTestAsyncResource)
+        }
         skippedTestAsyncResource.runInAsyncScope(() => {
           skipCh.publish(test)
         })

package/packages/datadog-instrumentations/src/net.js

@@ -49,6 +49,19 @@ addHook({ name: 'net' }, net => {
         setupListeners(this, 'tcp', asyncResource)
       }
 
+      const emit = this.emit
+      this.emit = function (eventName) {
+        switch (eventName) {
+          case 'ready':
+          case 'connect':
+            return callbackResource.runInAsyncScope(() => {
+              return emit.apply(this, arguments)
+            })
+          default:
+            return emit.apply(this, arguments)
+        }
+      }
+
       try {
         return connect.apply(this, arguments)
       } catch (err) {

package/packages/datadog-instrumentations/src/next.js

@@ -65,21 +65,25 @@ function wrapFindPageComponents (findPageComponents) {
     const result = findPageComponents.apply(this, arguments)
 
     if (result) {
-      pageLoadChannel.publish({ page: pathname })
+      pageLoadChannel.publish({ page: getPagePath(pathname) })
     }
 
     return result
   }
 }
 
+function getPagePath (page) {
+  return typeof page === 'object' ? page.pathname : page
+}
+
 function getPageFromPath (page, dynamicRoutes = []) {
   for (const dynamicRoute of dynamicRoutes) {
     if (dynamicRoute.page.startsWith('/api') && dynamicRoute.match(page)) {
-      return dynamicRoute.page
+      return getPagePath(dynamicRoute.page)
     }
   }
 
-  return page
+  return getPagePath(page)
 }
 
 function instrument (req, res, handler) {

package/packages/datadog-plugin-jest/src/index.js

@@ -9,10 +9,15 @@ const {
   getTestEnvironmentMetadata,
   getTestParentSpan,
   getTestCommonTags,
+  getTestSessionCommonTags,
+  getTestSuiteCommonTags,
   TEST_PARAMETERS,
   getCodeOwnersFileEntries,
   getCodeOwnersForFilename,
-  TEST_CODE_OWNERS
+  TEST_CODE_OWNERS,
+  TEST_SESSION_ID,
+  TEST_SUITE_ID,
+  TEST_COMMAND
 } = require('../../dd-trace/src/plugins/util/test')
 
 // https://github.com/facebook/jest/blob/d6ad15b0f88a05816c2fe034dd6900d28315d570/packages/jest-worker/src/types.ts#L38
@@ -58,12 +63,93 @@ class JestPlugin extends Plugin {
     this.testEnvironmentMetadata = getTestEnvironmentMetadata('jest', this.config)
     this.codeOwnersEntries = getCodeOwnersFileEntries()
 
-    this.addSub('ci:jest:test:code-coverage', (coverageFiles) => {
+    this.addSub('ci:jest:session:start', (command) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const store = storage.getStore()
+      const childOf = getTestParentSpan(this.tracer)
+      const testSessionSpanMetadata = getTestSessionCommonTags(command, this.tracer._version)
+
+      const testSessionSpan = this.tracer.startSpan('jest.test_session', {
+        childOf,
+        tags: {
+          ...this.testEnvironmentMetadata,
+          ...testSessionSpanMetadata
+        }
+      })
+      this.enter(testSessionSpan, store)
+    })
+
+    this.addSub('ci:jest:session:finish', (status) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const testSessionSpan = storage.getStore().span
+      testSessionSpan.setTag(TEST_STATUS, status)
+      testSessionSpan.finish()
+      finishAllTraceSpans(testSessionSpan)
+      this.tracer._exporter._writer.flush()
+    })
+
+    // Test suites can be run in a different process from jest's main one.
+    // This subscriber changes the configuration objects from jest to inject the trace id
+    // of the test session to the processes that run the test suites.
+    this.addSub('ci:jest:session:configuration', configs => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const testSessionSpan = storage.getStore().span
+      configs.forEach(config => {
+        config._ddTestSessionId = testSessionSpan.context()._traceId.toString(10)
+        config._ddTestCommand = testSessionSpan.context()._tags[TEST_COMMAND]
+      })
+    })
+
+    this.addSub('ci:jest:test-suite:start', ({ testSuite, testEnvironmentOptions }) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+
+      const { _ddTestSessionId: testSessionId, _ddTestCommand: testCommand } = testEnvironmentOptions
+
+      const store = storage.getStore()
+
+      const testSessionSpanContext = this.tracer.extract('text_map', {
+        'x-datadog-trace-id': testSessionId,
+        'x-datadog-parent-id': '0000000000000000'
+      })
+
+      const testSuiteMetadata = getTestSuiteCommonTags(testCommand, this.tracer._version, testSuite)
+
+      const testSuiteSpan = this.tracer.startSpan('jest.test_suite', {
+        childOf: testSessionSpanContext,
+        tags: {
+          ...this.testEnvironmentMetadata,
+          ...testSuiteMetadata
+        }
+      })
+      this.enter(testSuiteSpan, store)
+    })
+
+    this.addSub('ci:jest:test-suite:finish', ({ status, errorMessage }) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const testSuiteSpan = storage.getStore().span
+      testSuiteSpan.setTag(TEST_STATUS, status)
+      if (errorMessage) {
+        testSuiteSpan.setTag('error', new Error(errorMessage))
+      }
+      testSuiteSpan.finish()
+    })
+
+    this.addSub('ci:jest:test-suite:code-coverage', (coverageFiles) => {
       if (!this.config.isAgentlessEnabled || !this.config.isIntelligentTestRunnerEnabled) {
         return
       }
-      const testSpan = storage.getStore().span
-      this.tracer._exporter.exportCoverage({ testSpan, coverageFiles })
+      const testSuiteSpan = storage.getStore().span
+      this.tracer._exporter.exportCoverage({ span: testSuiteSpan, coverageFiles })
     })
 
     this.addSub('ci:jest:test:start', (test) => {
@@ -96,7 +182,20 @@ class JestPlugin extends Plugin {
   }
 
   startTestSpan (test) {
-    const { childOf, ...testSpanMetadata } = getTestSpanMetadata(this.tracer, test)
+    const suiteTags = {}
+    const store = storage.getStore()
+    const testSuiteSpan = store ? store.span : undefined
+    if (testSuiteSpan) {
+      const testSuiteId = testSuiteSpan.context()._spanId.toString(10)
+      suiteTags[TEST_SUITE_ID] = testSuiteId
+      suiteTags[TEST_SESSION_ID] = testSuiteSpan.context()._traceId.toString(10)
+      suiteTags[TEST_COMMAND] = testSuiteSpan.context()._tags[TEST_COMMAND]
+    }
+
+    const {
+      childOf,
+      ...testSpanMetadata
+    } = getTestSpanMetadata(this.tracer, test)
 
     const codeOwners = getCodeOwnersForFilename(test.suite, this.codeOwnersEntries)
 
@@ -109,7 +208,8 @@ class JestPlugin extends Plugin {
         childOf,
         tags: {
           ...this.testEnvironmentMetadata,
-          ...testSpanMetadata
+          ...testSpanMetadata,
+          ...suiteTags
         }
       })
 

package/packages/datadog-plugin-mocha/src/index.js

@@ -47,7 +47,7 @@ class MochaPlugin extends Plugin {
   constructor (...args) {
     super(...args)
 
-    this._testSuites = new WeakMap()
+    this._testSuites = new Map()
     this._testNameToParams = {}
     this.testEnvironmentMetadata = getTestEnvironmentMetadata('mocha', this.config)
     this.sourceRoot = process.cwd()
@@ -75,7 +75,11 @@ class MochaPlugin extends Plugin {
         return
       }
       const store = storage.getStore()
-      const testSuiteMetadata = getTestSuiteCommonTags(this.command, this.tracer._version, suite.fullTitle())
+      const testSuiteMetadata = getTestSuiteCommonTags(
+        this.command,
+        this.tracer._version,
+        getTestSuitePath(suite.file, this.sourceRoot)
+      )
       const testSuiteSpan = this.tracer.startSpan('mocha.test_suite', {
         childOf: this.testSessionSpan,
         tags: {
@@ -84,7 +88,7 @@ class MochaPlugin extends Plugin {
         }
       })
       this.enter(testSuiteSpan, store)
-      this._testSuites.set(suite, testSuiteSpan)
+      this._testSuites.set(suite.file, testSuiteSpan)
     })
 
     this.addSub('ci:mocha:test-suite:finish', (status) => {
@@ -92,7 +96,10 @@ class MochaPlugin extends Plugin {
         return
       }
       const span = storage.getStore().span
-      span.setTag(TEST_STATUS, status)
+      // the test status of the suite may have been set in ci:mocha:test-suite:error already
+      if (!span.context()._tags[TEST_STATUS]) {
+        span.setTag(TEST_STATUS, status)
+      }
       span.finish()
     })
 
@@ -102,6 +109,7 @@ class MochaPlugin extends Plugin {
       }
       const span = storage.getStore().span
       span.setTag('error', err)
+      span.setTag(TEST_STATUS, 'fail')
     })
 
     this.addSub('ci:mocha:test:start', (test) => {
@@ -158,15 +166,15 @@ class MochaPlugin extends Plugin {
 
   startTestSpan (test) {
     const testSuiteTags = {}
-    const testSuiteSpan = this._testSuites.get(test.parent)
+    const testSuiteSpan = this._testSuites.get(test.parent.file)
 
     if (testSuiteSpan) {
-      const testSuiteId = testSuiteSpan.context()._spanId.toString(16)
+      const testSuiteId = testSuiteSpan.context()._spanId.toString(10)
       testSuiteTags[TEST_SUITE_ID] = testSuiteId
     }
 
     if (this.testSessionSpan) {
-      const testSessionId = this.testSessionSpan.context()._traceId.toString(16)
+      const testSessionId = this.testSessionSpan.context()._traceId.toString(10)
       testSuiteTags[TEST_SESSION_ID] = testSessionId
       testSuiteTags[TEST_COMMAND] = this.command
     }

package/packages/datadog-plugin-mongodb-core/src/index.js

@@ -73,21 +73,21 @@ function truncate (input) {
   return input.slice(0, Math.min(input.length, 10000))
 }
 
-function simplify (input) {
-  return isBSON(input) ? input.toHexString() : input
-}
-
 function shouldSimplify (input) {
-  return !isObject(input) || isBSON(input)
+  return !isObject(input)
 }
 
 function shouldHide (input) {
-  return Buffer.isBuffer(input) || typeof input === 'function'
+  return Buffer.isBuffer(input) || typeof input === 'function' || isBinary(input)
 }
 
 function limitDepth (input) {
+  if (isBSON(input)) {
+    input = input.toJSON()
+  }
+
   if (shouldHide(input)) return '?'
-  if (shouldSimplify(input)) return simplify(input)
+  if (shouldSimplify(input)) return input
 
   const output = {}
   const queue = [{
@@ -104,11 +104,16 @@ function limitDepth (input) {
     for (const key in input) {
       if (typeof input[key] === 'function') continue
 
-      const child = input[key]
+      let child = input[key]
+
+      if (isBSON(child)) {
+        child = child.toJSON()
+      }
+
       if (depth >= 10 || shouldHide(child)) {
         output[key] = '?'
       } else if (shouldSimplify(child)) {
-        output[key] = simplify(child)
+        output[key] = child
       } else {
         queue.push({
           input: child,
@@ -127,7 +132,11 @@ function isObject (val) {
 }
 
 function isBSON (val) {
-  return val && val._bsontype
+  return val && val._bsontype && !isBinary(val)
+}
+
+function isBinary (val) {
+  return val && val._bsontype === 'Binary'
 }
 
 module.exports = MongodbCorePlugin

package/packages/dd-trace/src/appsec/iast/analyzers/analyzers.js

@@ -0,0 +1,4 @@
+module.exports = {
+  'WEAK_CIPHER_ANALYZER': require('./weak-cipher-analyzer'),
+  'WEAK_HASH_ANALYZER': require('./weak-hash-analyzer')
+}

package/packages/dd-trace/src/appsec/iast/analyzers/index.js

@@ -0,0 +1,20 @@
+'use strict'
+
+const analyzers = require('./analyzers')
+
+function enableAllAnalyzers () {
+  for (const analyzer in analyzers) {
+    analyzers[analyzer].configure(true)
+  }
+}
+
+function disableAllAnalyzers () {
+  for (const analyzer in analyzers) {
+    analyzers[analyzer].configure(false)
+  }
+}
+
+module.exports = {
+  enableAllAnalyzers,
+  disableAllAnalyzers
+}

package/packages/dd-trace/src/appsec/iast/analyzers/vulnerability-analyzer.js

@@ -0,0 +1,48 @@
+'use strict'
+
+const Plugin = require('../../../../src/plugins/plugin')
+const { storage } = require('../../../../../datadog-core')
+const { getFirstNonDDPathAndLine } = require('./../path-line')
+const { createVulnerability, addVulnerability } = require('../vulnerability-reporter')
+const { getIastContext } = require('../iast-context')
+const overheadController = require('../overhead-controller')
+
+class Analyzer extends Plugin {
+  constructor (type) {
+    super()
+    this._type = type
+  }
+
+  _isVulnerable (value, context) {
+    return false
+  }
+
+  _report (value, context) {
+    const evidence = this._getEvidence(value)
+    const location = this._getLocation()
+    const spanId = context && context.rootSpan && context.rootSpan.context().toSpanId()
+    const vulnerability = createVulnerability(this._type, evidence, spanId, location)
+    addVulnerability(context, vulnerability)
+  }
+
+  _getEvidence (value) {
+    return { value }
+  }
+
+  _getLocation () {
+    return getFirstNonDDPathAndLine()
+  }
+
+  analyze (value) {
+    const iastContext = getIastContext(storage.getStore())
+    if (iastContext && this._isVulnerable(value, iastContext) && this._checkOCE(iastContext)) {
+      this._report(value, iastContext)
+    }
+  }
+
+  _checkOCE (context) {
+    return overheadController.hasQuota(overheadController.OPERATIONS.REPORT_VULNERABILITY, context)
+  }
+}
+
+module.exports = Analyzer

package/packages/dd-trace/src/appsec/iast/analyzers/weak-cipher-analyzer.js

@@ -0,0 +1,27 @@
+'use strict'
+const Analyzer = require('./vulnerability-analyzer')
+
+const INSECURE_CIPHERS = new Set([
+  'des', 'des-cbc', 'des-cfb', 'des-cfb1', 'des-cfb8', 'des-ecb', 'des-ede', 'des-ede-cbc', 'des-ede-cfb',
+  'des-ede-ecb', 'des-ede-ofb', 'des-ede3', 'des-ede3-cbc', 'des-ede3-cfb', 'des-ede3-cfb1', 'des-ede3-cfb8',
+  'des-ede3-ecb', 'des-ede3-ofb', 'des-ofb', 'des3', 'des3-wrap',
+  'rc2', 'rc2-128', 'rc2-40', 'rc2-40-cbc', 'rc2-64', 'rc2-64-cbc', 'rc2-cbc', 'rc2-cfb', 'rc2-ecb', 'rc2-ofb',
+  'blowfish',
+  'rc4', 'rc4-40', 'rc4-hmac-md5'
+].map(algorithm => algorithm.toLowerCase()))
+
+class WeakCipherAnalyzer extends Analyzer {
+  constructor () {
+    super('WEAK_CIPHER')
+    this.addSub('datadog:crypto:cipher:start', ({ algorithm }) => this.analyze(algorithm))
+  }
+
+  _isVulnerable (algorithm) {
+    if (algorithm && typeof algorithm === 'string') {
+      return INSECURE_CIPHERS.has(algorithm.toLowerCase())
+    }
+    return false
+  }
+}
+
+module.exports = new WeakCipherAnalyzer()

package/packages/dd-trace/src/appsec/iast/analyzers/weak-hash-analyzer.js

@@ -0,0 +1,24 @@
+'use strict'
+const Analyzer = require('./vulnerability-analyzer')
+
+const INSECURE_HASH_ALGORITHMS = new Set([
+  'md4', 'md4WithRSAEncryption', 'RSA-MD4',
+  'RSA-MD5', 'md5', 'md5-sha1', 'ssl3-md5', 'md5WithRSAEncryption',
+  'RSA-SHA1', 'RSA-SHA1-2', 'sha1', 'md5-sha1', 'sha1WithRSAEncryption', 'ssl3-sha1'
+].map(algorithm => algorithm.toLowerCase()))
+
+class WeakHashAnalyzer extends Analyzer {
+  constructor () {
+    super('WEAK_HASH')
+    this.addSub('datadog:crypto:hashing:start', ({ algorithm }) => this.analyze(algorithm))
+  }
+
+  _isVulnerable (algorithm) {
+    if (typeof algorithm === 'string') {
+      return INSECURE_HASH_ALGORITHMS.has(algorithm.toLowerCase())
+    }
+    return false
+  }
+}
+
+module.exports = new WeakHashAnalyzer()

package/packages/dd-trace/src/appsec/iast/iast-context.js

@@ -0,0 +1,50 @@
+const IAST_CONTEXT_KEY = Symbol('_dd.iast.context')
+
+function getIastContext (store) {
+  return store && store[IAST_CONTEXT_KEY]
+}
+
+/* TODO Fix storage problem when the close event is called without
+        finish event to remove `topContext` references
+  We have to save the context in two places, because
+  clean can be called when the storage store is not available
+ */
+function saveIastContext (store, topContext, context) {
+  if (store && topContext) {
+    store[IAST_CONTEXT_KEY] = context
+    topContext[IAST_CONTEXT_KEY] = context
+    return store[IAST_CONTEXT_KEY]
+  }
+}
+
+/* TODO Fix storage problem when the close event is called without
+        finish event to remove `topContext` references
+  iastContext is currently saved in store and request rootContext
+  to fix problems with `close` without `finish` events
+*/
+function cleanIastContext (store, context, iastContext) {
+  if (store) {
+    if (!iastContext) {
+      iastContext = store[IAST_CONTEXT_KEY]
+    }
+    store[IAST_CONTEXT_KEY] = null
+  }
+  if (context) {
+    if (!iastContext) {
+      iastContext = context[IAST_CONTEXT_KEY]
+    }
+    context[IAST_CONTEXT_KEY] = null
+  }
+  if (iastContext) {
+    Object.keys(iastContext).forEach(key => delete iastContext[key])
+    return true
+  }
+  return false
+}
+
+module.exports = {
+  getIastContext,
+  saveIastContext,
+  cleanIastContext,
+  IAST_CONTEXT_KEY
+}