npm - dd-trace - Versions diffs - 3.10.0 → 3.12.0 - Mend

dd-trace 3.10.0 → 3.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (66) hide show

package/LICENSE-3rdparty.csv CHANGED Viewed

@@ -20,6 +20,7 @@ require,lodash.uniq,MIT,Copyright JS Foundation and other contributors
 require,lru-cache,ISC,Copyright (c) 2010-2022 Isaac Z. Schlueter and Contributors
 require,methods,MIT,Copyright 2013-2014 TJ Holowaychuk
 require,module-details-from-path,MIT,Copyright 2016 Thomas Watson Steen
+require,node-abort-controller,MIT,Copyright (c) 2019 Steve Faulkner
 require,opentracing,MIT,Copyright 2016 Resonance Labs Inc
 require,path-to-regexp,MIT,Copyright 2014 Blake Embrey
 require,protobufjs,BSD-3-Clause,Copyright 2016 Daniel Wirtz
@@ -62,4 +63,5 @@ dev,sinon,BSD-3-Clause,Copyright 2010-2017 Christian Johansen
 dev,sinon-chai,WTFPL and BSD-2-Clause,Copyright 2004 Sam Hocevar 2012–2017 Domenic Denicola
 dev,tape,MIT,Copyright James Halliday
 dev,wait-on,MIT,Copyright 2015 Jeff Barczewski
+file,aws-lambda-nodejs-runtime-interface-client,Apache 2.0,Copyright 2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 file,profile.proto,Apache license 2.0,Copyright 2016 Google Inc.

package/index.d.ts CHANGED Viewed

@@ -242,6 +242,11 @@ export declare interface TracerOptions {
    */
   service?: string;
+  /**
+   * Provide service name mappings for each plugin.
+   */
+  serviceMapping?: { [key: string]: string };
   /**
    * The url of the trace agent that the tracer will submit to.
    * Takes priority over hostname and port, if set.
@@ -509,8 +514,29 @@ export declare interface TracerOptions {
     /**
      * Specifies a regex that will redact sensitive data by its value in attack reports.
      */
-    obfuscatorValueRegex?: string
+    obfuscatorValueRegex?: string,
+    /**
+     * Specifies a path to a custom blocking template html file.
+     */
+    blockedTemplateHtml?: string,
+    /**
+     * Specifies a path to a custom blocking template json file.
+     */
+    blockedTemplateJson?: string,
   };
+  /**
+   * Configuration of ASM Remote Configuration
+   */
+  remoteConfig?: {
+    /**
+     * Specifies the remote configuration polling interval in seconds
+     * @default 5
+     */
+    pollInterval?: number,
+  }
 }
 /**
@@ -1208,6 +1234,12 @@ declare namespace plugins {
    */
   interface kafkajs extends Instrumentation {}
+  /**
+   * This plugin automatically instruments the
+   * [ldapjs](https://github.com/ldapjs/node-ldapjs/) module.
+   */
+  interface ldapjs extends Instrumentation {}
   /**
    * This plugin automatically instruments the
    * [mariadb](https://github.com/mariadb-corporation/mariadb-connector-nodejs) module.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "3.10.0",
+  "version": "3.12.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -16,14 +16,16 @@
     "services": "node ./scripts/install_plugin_modules && node packages/dd-trace/test/setup/services",
     "tdd": "node scripts/tdd.js",
     "test": "SERVICES=* yarn services && mocha --colors --exit --expose-gc 'packages/dd-trace/test/setup/node.js' 'packages/*/test/**/*.spec.js'",
-    "test:trace:core": "mocha --colors --exit --expose-gc --file packages/dd-trace/test/setup/core.js --exclude \"packages/dd-trace/test/profiling/**/*.spec.js\" \"packages/dd-trace/test/**/*.spec.js\"",
-    "test:trace:core:ci": "nyc --no-clean --include \"packages/dd-trace/src/**/*.js\" --exclude \"packages/dd-trace/src/profiling/**/*.js\" -- npm run test:trace:core -- --reporter mocha-multi-reporters --reporter-options configFile=mocha-reporter.json",
+    "test:trace:core": "mocha --colors --exit --expose-gc --file packages/dd-trace/test/setup/core.js --exclude \"packages/dd-trace/test/lambda/**/*.spec.js\" --exclude \"packages/dd-trace/test/profiling/**/*.spec.js\" --exclude \"packages/dd-trace/test/appsec/iast/**/*.plugin.spec.js\" \"packages/dd-trace/test/**/*.spec.js\"",
+    "test:trace:core:ci": "nyc --no-clean --include \"packages/dd-trace/src/**/*.js\" --exclude \"packages/dd-trace/src/lambda/**/*.spec.js\" --exclude \"packages/dd-trace/src/profiling/**/*.js\" --exclude \"packages/dd-trace/test/appsec/iast/**/*.plugin.spec.js\" -- npm run test:trace:core -- --reporter mocha-multi-reporters --reporter-options configFile=mocha-reporter.json",
     "test:instrumentations": "mocha --colors --file 'packages/dd-trace/test/setup/core.js' 'packages/datadog-instrumentations/test/**/*.spec.js'",
     "test:instrumentations:ci": "nyc --no-clean --include 'packages/datadog-instrumentations/src/**/*.js' -- npm run test:instrumentations",
     "test:core": "mocha --colors --file packages/datadog-core/test/setup.js 'packages/datadog-core/test/**/*.spec.js'",
     "test:core:ci": "nyc --no-clean --include 'packages/datadog-core/src/**/*.js' -- npm run test:core",
-    "test:plugins": "mocha --colors --exit --file \"packages/dd-trace/test/setup/core.js\" \"packages/datadog-instrumentations/test/@($(echo $PLUGINS)).spec.js\" \"packages/datadog-plugin-@($(echo $PLUGINS))/test/**/*.spec.js\"",
-    "test:plugins:ci": "yarn services && nyc --no-clean --include \"packages/datadog-instrumentations/src/@($(echo $PLUGINS)).js\" --include \"packages/datadog-instrumentations/src/@($(echo $PLUGINS))/**/*.js\" --include \"packages/datadog-plugin-@($(echo $PLUGINS))/src/**/*.js\" -- npm run test:plugins",
+    "test:lambda": "mocha --colors --exit --file \"packages/dd-trace/test/setup/core.js\" \"packages/dd-trace/test/lambda/**/*.spec.js\"",
+    "test:lambda:ci": "nyc --no-clean --include \"packages/dd-trace/src/lambda/**/*.js\" -- npm run test:lambda",
+    "test:plugins": "mocha --colors --exit --file \"packages/dd-trace/test/setup/core.js\" \"packages/datadog-instrumentations/test/@($(echo $PLUGINS)).spec.js\" \"packages/datadog-plugin-@($(echo $PLUGINS))/test/**/*.spec.js\" \"packages/dd-trace/test/appsec/iast/**/*.@($(echo $PLUGINS)).plugin.spec.js\"",
+    "test:plugins:ci": "yarn services && nyc --no-clean --include \"packages/datadog-instrumentations/src/@($(echo $PLUGINS)).js\" --include \"packages/datadog-instrumentations/src/@($(echo $PLUGINS))/**/*.js\" --include \"packages/datadog-plugin-@($(echo $PLUGINS))/src/**/*.js\" --include \"packages/dd-trace/test/appsec/iast/**/*.@($(echo $PLUGINS)).plugin.spec.js\" -- npm run test:plugins",
     "test:plugins:upstream": "node ./packages/dd-trace/test/plugins/suite.js",
     "test:profiler": "mocha --colors --exit --file \"packages/dd-trace/test/setup/core.js\" \"packages/dd-trace/test/profiling/**/*.spec.js\"",
     "test:profiler:ci": "nyc --no-clean --include \"packages/dd-trace/src/profiling/**/*.js\" -- npm run test:profiler",
@@ -59,8 +61,8 @@
   },
   "dependencies": {
     "@datadog/native-appsec": "2.0.0",
-    "@datadog/native-iast-rewriter": "1.0.1",
-    "@datadog/native-iast-taint-tracking": "1.0.0",
+    "@datadog/native-iast-rewriter": "1.1.2",
+    "@datadog/native-iast-taint-tracking": "1.1.0",
     "@datadog/native-metrics": "^1.5.0",
     "@datadog/pprof": "^1.1.1",
     "@datadog/sketches-js": "^2.1.0",
@@ -79,6 +81,7 @@
     "lru-cache": "^7.14.0",
     "methods": "^1.1.2",
     "module-details-from-path": "^1.0.3",
+    "node-abort-controller": "^3.0.1",
     "opentracing": ">=0.12.1",
     "path-to-regexp": "^0.1.2",
     "protobufjs": "^7.1.2",

package/packages/datadog-instrumentations/src/helpers/hooks.js CHANGED Viewed

@@ -46,6 +46,7 @@ module.exports = {
   'koa': () => require('../koa'),
   'koa-router': () => require('../koa'),
   'kafkajs': () => require('../kafkajs'),
+  'ldapjs': () => require('../ldapjs'),
   'limitd-client': () => require('../limitd-client'),
   'mariadb': () => require('../mariadb'),
   'memcached': () => require('../memcached'),

package/packages/datadog-instrumentations/src/helpers/register.js CHANGED Viewed

@@ -57,3 +57,10 @@ function getVersion (moduleBaseDir) {
 function filename (name, file) {
   return [name, file].filter(val => val).join('/')
 }
+module.exports = {
+  filename,
+  getVersion,
+  matchVersion,
+  pathSepExpr
+}

package/packages/datadog-instrumentations/src/http/server.js CHANGED Viewed

@@ -1,5 +1,6 @@
 'use strict'
+const { AbortController } = require('node-abort-controller') // AbortController is not available in node <15
 const {
   channel,
   addHook
@@ -48,9 +49,14 @@ function wrapEmit (emit) {
     if (eventName === 'request') {
       res.req = req
-      startServerCh.publish({ req, res })
+      const abortController = new AbortController()
+      startServerCh.publish({ req, res, abortController })
       try {
+        if (abortController.signal.aborted) {
+          return res.end()
+        }
         return emit.apply(this, arguments)
       } catch (err) {
         errorServerCh.publish(err)

package/packages/datadog-instrumentations/src/ldapjs.js ADDED Viewed

@@ -0,0 +1,91 @@
+'use strict'
+const {
+  channel,
+  addHook,
+  AsyncResource
+} = require('./helpers/instrument')
+const shimmer = require('../../datadog-shimmer')
+function isString (value) {
+  return typeof value === 'string' || value instanceof String
+}
+function getCallbackArgIndex (args) {
+  let callbackIndex = -1
+  for (let i = args.length - 1; i >= 0; i--) {
+    if (typeof args[i] === 'function') {
+      callbackIndex = i
+      break
+    }
+  }
+  return callbackIndex
+}
+function wrapEmitter (corkedEmitter) {
+  const callbackMap = new WeakMap()
+  const addListener = on => function (name, fn) {
+    if (typeof fn === 'function') {
+      let bindedFn = callbackMap.get(fn)
+      if (!bindedFn) {
+        const callbackResource = new AsyncResource('bound-anonymous-fn')
+        bindedFn = callbackResource.bind(fn)
+        callbackMap.set(fn, bindedFn)
+      }
+      arguments[1] = bindedFn
+    }
+    on.apply(this, arguments)
+  }
+  shimmer.wrap(corkedEmitter, 'on', addListener)
+  shimmer.wrap(corkedEmitter, 'addListener', addListener)
+  const removeListener = off => function (name, fn) {
+    if (typeof fn === 'function') {
+      const emitterOn = callbackMap.get(fn)
+      if (emitterOn) {
+        arguments[1] = emitterOn
+      }
+    }
+    off.apply(this, arguments)
+  }
+  shimmer.wrap(corkedEmitter, 'off', removeListener)
+  shimmer.wrap(corkedEmitter, 'removeListener', removeListener)
+}
+addHook({ name: 'ldapjs', versions: ['>=2'] }, ldapjs => {
+  const ldapSearchCh = channel('datadog:ldapjs:client:search')
+  shimmer.wrap(ldapjs.Client.prototype, 'search', search => function (base, options) {
+    if (ldapSearchCh.hasSubscribers) {
+      let filter
+      if (isString(options)) {
+        filter = options
+      } else if (typeof options === 'object' && options.filter) {
+        if (isString(options.filter)) {
+          filter = options.filter
+        }
+      }
+      ldapSearchCh.publish({ base, filter })
+    }
+    return search.apply(this, arguments)
+  })
+  shimmer.wrap(ldapjs.Client.prototype, '_send', _send => function () {
+    const callbackIndex = getCallbackArgIndex(arguments)
+    if (callbackIndex > -1) {
+      const callback = arguments[callbackIndex]
+      arguments[callbackIndex] = shimmer.wrap(callback, function (err, corkedEmitter) {
+        if (typeof corkedEmitter === 'object' && typeof corkedEmitter['on'] === 'function') {
+          wrapEmitter(corkedEmitter)
+        }
+        callback.apply(this, arguments)
+      })
+    }
+    return _send.apply(this, arguments)
+  })
+  return ldapjs
+})

package/packages/datadog-instrumentations/src/mocha.js CHANGED Viewed

@@ -89,6 +89,12 @@ function getTestAsyncResource (test) {
   return testToAr.get(originalFn)
 }
+function getSuitesToRun (originalSuites) {
+  return originalSuites.filter(suite =>
+    !suitesToSkip.includes(getTestSuitePath(suite.file, process.cwd()))
+  )
+}
 function mochaHook (Runner) {
   if (patched.has(Runner)) return Runner
@@ -279,11 +285,6 @@ function mochaHook (Runner) {
       }
     })
-    // We remove the suites that we skip through ITR
-    this.suite.suites = this.suite.suites.filter(suite =>
-      !suitesToSkip.includes(getTestSuitePath(suite.file, process.cwd()))
-    )
     return run.apply(this, arguments)
   })
@@ -323,6 +324,10 @@ addHook({
     if (!itrConfigurationCh.hasSubscribers) {
       return run.apply(this, arguments)
     }
+    this.options.delay = true
+    const runner = run.apply(this, arguments)
     const onReceivedSkippableSuites = ({ err, skippableSuites }) => {
       if (err) {
         log.error(err)
@@ -330,16 +335,18 @@ addHook({
       } else {
         suitesToSkip = skippableSuites
       }
-      run.apply(this, arguments)
+      // We remove the suites that we skip through ITR
+      runner.suite.suites = getSuitesToRun(runner.suite.suites)
+      global.run()
     }
     const onReceivedConfiguration = ({ err }) => {
       if (err) {
         log.error(err)
-        return run.apply(this, arguments)
+        return global.run()
       }
       if (!skippableSuitesCh.hasSubscribers) {
-        return run.apply(this, arguments)
+        return global.run()
       }
       skippableSuitesCh.publish({
@@ -352,6 +359,7 @@ addHook({
         onDone: mochaRunAsyncResource.bind(onReceivedConfiguration)
       })
     })
+    return runner
   })
   return Mocha
 })
@@ -362,6 +370,23 @@ addHook({
   file: 'lib/runner.js'
 }, mochaHook)
+addHook({
+  name: 'mocha',
+  versions: ['>=5.2.0'],
+  file: 'lib/cli/run-helpers.js'
+}, (run) => {
+  shimmer.wrap(run, 'runMocha', runMocha => async function () {
+    const mocha = arguments[0]
+    /**
+     * This attaches `run` to the global context, which we'll call after
+     * our configuration and skippable suites requests
+     */
+    mocha.options.delay = true
+    return runMocha.apply(this, arguments)
+  })
+  return run
+})
 addHook({
   name: 'mocha',
   versions: ['>=5.2.0'],

package/packages/datadog-instrumentations/src/pg.js CHANGED Viewed

@@ -40,9 +40,13 @@ function wrapQuery (query) {
     const callbackResource = new AsyncResource('bound-anonymous-fn')
     const asyncResource = new AsyncResource('bound-anonymous-fn')
     const processId = this.processID
     return asyncResource.runInAsyncScope(() => {
-      startCh.publish({ params: this.connectionParameters, query: pgQuery, processId })
+      startCh.publish({
+        params: this.connectionParameters,
+        originalQuery: pgQuery.text,
+        query: pgQuery,
+        processId
+      })
       const finish = asyncResource.bind(function (error) {
         if (error) {

package/packages/datadog-plugin-http/src/client.js CHANGED Viewed

@@ -117,7 +117,7 @@ function addRequestHeaders (req, span, config) {
     const value = req.getHeader(key)
     if (value) {
-      span.setTag(`${HTTP_REQUEST_HEADERS}.${key}`, value)
+      span.setTag(`${HTTP_REQUEST_HEADERS}.${key}`, Array.isArray(value) ? value.toString() : value)
     }
   })
 }

package/packages/datadog-plugin-http/src/server.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const Plugin = require('../../dd-trace/src/plugins/plugin')
 const { storage } = require('../../datadog-core')
 const web = require('../../dd-trace/src/plugins/util/web')
-const { incomingHttpRequestStart } = require('../../dd-trace/src/appsec/gateway/channels')
+const { incomingHttpRequestStart, incomingHttpRequestEnd } = require('../../dd-trace/src/appsec/gateway/channels')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 class HttpServerPlugin extends Plugin {
@@ -16,7 +16,7 @@ class HttpServerPlugin extends Plugin {
     this._parentStore = undefined
-    this.addSub('apm:http:server:request:start', ({ req, res }) => {
+    this.addSub('apm:http:server:request:start', ({ req, res, abortController }) => {
       const store = storage.getStore()
       const span = web.startSpan(this.tracer, this.config, req, res, 'web.request')
@@ -33,7 +33,7 @@ class HttpServerPlugin extends Plugin {
       }
       if (incomingHttpRequestStart.hasSubscribers) {
-        incomingHttpRequestStart.publish({ req, res })
+        incomingHttpRequestStart.publish({ req, res, abortController })
       }
     })
@@ -52,6 +52,10 @@ class HttpServerPlugin extends Plugin {
       if (!context || !context.res) return // Not created by a http.Server instance.
+      if (incomingHttpRequestEnd.hasSubscribers) {
+        incomingHttpRequestEnd.publish({ req, res: context.res })
+      }
       web.finishAll(context)
     })
   }

package/packages/datadog-plugin-jest/src/index.js CHANGED Viewed

@@ -15,7 +15,7 @@ const {
   TEST_SUITE_ID,
   TEST_COMMAND,
   TEST_ITR_TESTS_SKIPPED,
-  TEST_SESSION_ITR_CODE_COVERAGE_ENABLED,
+  TEST_SESSION_CODE_COVERAGE_ENABLED,
   TEST_SESSION_ITR_SKIPPING_ENABLED,
   TEST_CODE_COVERAGE_LINES_TOTAL
 } = require('../../dd-trace/src/plugins/util/test')
@@ -77,7 +77,7 @@ class JestPlugin extends CiPlugin {
       testSessionSpan.setTag(TEST_STATUS, status)
       testSessionSpan.setTag(TEST_ITR_TESTS_SKIPPED, isSuitesSkipped ? 'true' : 'false')
       testSessionSpan.setTag(TEST_SESSION_ITR_SKIPPING_ENABLED, isSuitesSkippingEnabled ? 'true' : 'false')
-      testSessionSpan.setTag(TEST_SESSION_ITR_CODE_COVERAGE_ENABLED, isCodeCoverageEnabled ? 'true' : 'false')
+      testSessionSpan.setTag(TEST_SESSION_CODE_COVERAGE_ENABLED, isCodeCoverageEnabled ? 'true' : 'false')
       if (testCodeCoverageLinesTotal !== undefined) {
         testSessionSpan.setTag(TEST_CODE_COVERAGE_LINES_TOTAL, testCodeCoverageLinesTotal)

package/packages/datadog-plugin-mocha/src/index.js CHANGED Viewed

@@ -16,7 +16,7 @@ const {
   TEST_SESSION_ID,
   TEST_COMMAND,
   TEST_ITR_TESTS_SKIPPED,
-  TEST_SESSION_ITR_CODE_COVERAGE_ENABLED,
+  TEST_SESSION_CODE_COVERAGE_ENABLED,
   TEST_SESSION_ITR_SKIPPING_ENABLED
 } = require('../../dd-trace/src/plugins/util/test')
 const { COMPONENT } = require('../../dd-trace/src/constants')
@@ -145,7 +145,7 @@ class MochaPlugin extends CiPlugin {
         this.testSessionSpan.setTag(TEST_STATUS, status)
         this.testSessionSpan.setTag(TEST_ITR_TESTS_SKIPPED, isSuitesSkipped ? 'true' : 'false')
         this.testSessionSpan.setTag(TEST_SESSION_ITR_SKIPPING_ENABLED, isSuitesSkippingEnabled ? 'true' : 'false')
-        this.testSessionSpan.setTag(TEST_SESSION_ITR_CODE_COVERAGE_ENABLED, isCodeCoverageEnabled ? 'true' : 'false')
+        this.testSessionSpan.setTag(TEST_SESSION_CODE_COVERAGE_ENABLED, isCodeCoverageEnabled ? 'true' : 'false')
         this.testSessionSpan.finish()
         finishAllTraceSpans(this.testSessionSpan)

package/packages/datadog-plugin-pg/src/index.js CHANGED Viewed

@@ -26,7 +26,7 @@ class PGPlugin extends DatabasePlugin {
       }
     })
-    query.text = this.injectDbmQuery(query.text)
+    query.text = this.injectDbmQuery(query.text, service)
   }
 }

package/packages/datadog-plugin-router/src/index.js CHANGED Viewed

@@ -29,8 +29,9 @@ class RouterPlugin extends WebPlugin {
         context.middleware.push(span)
       }
-      this._storeStack.push(storage.getStore())
-      this.enter(span)
+      const store = storage.getStore()
+      this._storeStack.push(store)
+      this.enter(span, store)
       web.patch(req)
       web.setRoute(req, context.route)
@@ -53,7 +54,9 @@ class RouterPlugin extends WebPlugin {
     })
     this.addSub(`apm:${this.constructor.name}:middleware:exit`, ({ req }) => {
-      this.enter(this._storeStack.pop())
+      const savedStore = this._storeStack.pop()
+      const span = savedStore && savedStore.span
+      this.enter(span, savedStore)
     })
     this.addSub(`apm:${this.constructor.name}:middleware:error`, ({ req, error }) => {

package/packages/dd-trace/src/appsec/addresses.js CHANGED Viewed

@@ -14,5 +14,7 @@ module.exports = {
   HTTP_INCOMING_RESPONSE_HEADERS: 'server.response.headers.no_cookies',
   // TODO: 'server.response.trailers',
   HTTP_INCOMING_REMOTE_IP: 'server.request.client_ip',
-  HTTP_INCOMING_REMOTE_PORT: 'server.request.client_port'
+  HTTP_INCOMING_REMOTE_PORT: 'server.request.client_port',
+  HTTP_CLIENT_IP: 'http.client_ip'
 }

package/packages/dd-trace/src/appsec/blocking.js ADDED Viewed

@@ -0,0 +1,44 @@
+'use strict'
+const fs = require('fs')
+let templateHtml, templateJson
+function block (req, res, topSpan, abortController) {
+  let type
+  let body
+  // parse the Accept header, ex: Accept: text/html, application/xhtml+xml, application/xml;q=0.9, */*;q=0.8
+  const accept = req.headers.accept && req.headers.accept.split(',').map((str) => str.split(';', 1)[0].trim())
+  if (accept && accept.includes('text/html') && !accept.includes('application/json')) {
+    type = 'text/html'
+    body = templateHtml
+  } else {
+    type = 'application/json'
+    body = templateJson
+  }
+  topSpan.addTags({
+    'appsec.blocked': 'true'
+  })
+  res.statusCode = 403
+  res.setHeader('Content-Type', type)
+  res.setHeader('Content-Length', Buffer.byteLength(body))
+  res.end(body)
+  abortController.abort()
+}
+function loadTemplates (config) {
+  templateHtml = fs.readFileSync(config.appsec.blockedTemplateHtml)
+  templateJson = fs.readFileSync(config.appsec.blockedTemplateJson)
+}
+async function loadTemplatesAsync (config) {
+  templateHtml = await fs.promises.readFile(config.appsec.blockedTemplateHtml)
+  templateJson = await fs.promises.readFile(config.appsec.blockedTemplateJson)
+}
+module.exports = {
+  block, loadTemplates, loadTemplatesAsync
+}

package/packages/dd-trace/src/appsec/callbacks/ddwaf.js CHANGED Viewed

@@ -61,7 +61,7 @@ class WAFCallback {
           subscribedAddresses.add(address)
-          Gateway.manager.addSubscription({ addresses: [ address ], callback })
+          Gateway.manager.addSubscription({ addresses: [address], callback })
         }
       }
     }

package/packages/dd-trace/src/appsec/gateway/engine/engine.js CHANGED Viewed

@@ -28,7 +28,7 @@ class SubscriptionManager {
       const list = this.addressToSubscriptions.get(address)
       if (list === undefined) {
-        this.addressToSubscriptions.set(address, [ subscription ])
+        this.addressToSubscriptions.set(address, [subscription])
       } else {
         list.push(subscription)
       }

package/packages/dd-trace/src/appsec/gateway/engine/index.js CHANGED Viewed

@@ -22,6 +22,10 @@ function getContext () {
   return store && store.get('context')
 }
+function needsAddress (address) {
+  return manager.addresses.has(address)
+}
 function propagate (data, context = getContext()) {
   if (!context) return
@@ -30,7 +34,7 @@ function propagate (data, context = getContext()) {
   for (let i = 0; i < keys.length; ++i) {
     const key = keys[i]
-    if (manager.addresses.has(key)) {
+    if (needsAddress(key)) {
       context.setValue(key, data[key])
     }
   }
@@ -42,5 +46,6 @@ module.exports = {
   manager,
   startContext,
   getContext,
+  needsAddress,
   propagate
 }

package/packages/dd-trace/src/appsec/gateway/engine/runner.js CHANGED Viewed

@@ -26,7 +26,6 @@ function runSubscriptions (subscriptions, params) {
       result = subscription.callback.method(params, store)
     } catch (err) {
       // TODO: log ?
-      result = {}
     }
     results.push(result)

package/packages/dd-trace/src/appsec/iast/analyzers/analyzers.js CHANGED Viewed

@@ -2,5 +2,6 @@ module.exports = {
   'WEAK_CIPHER_ANALYZER': require('./weak-cipher-analyzer'),
   'WEAK_HASH_ANALYZER': require('./weak-hash-analyzer'),
   'SQL_INJECTION_ANALYZER': require('./sql-injection-analyzer'),
-  'COMMAND_INJECTION_ANALYZER': require('./command-injection-analyzer')
+  'COMMAND_INJECTION_ANALYZER': require('./command-injection-analyzer'),
+  'LDAP_ANALYZER': require('./ldap-injection-analyzer')
 }

package/packages/dd-trace/src/appsec/iast/analyzers/ldap-injection-analyzer.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict'
+const InjectionAnalyzer = require('./injection-analyzer')
+class LdapInjectionAnalyzer extends InjectionAnalyzer {
+  constructor () {
+    super('LDAP_INJECTION')
+    this.addSub('datadog:ldapjs:client:search', ({ base, filter }) => this.analyzeAll(base, filter))
+  }
+}
+module.exports = new LdapInjectionAnalyzer()

package/packages/dd-trace/src/appsec/iast/analyzers/sql-injection-analyzer.js CHANGED Viewed

@@ -6,7 +6,7 @@ class SqlInjectionAnalyzer extends InjectionAnalyzer {
     super('SQL_INJECTION')
     this.addSub('apm:mysql:query:start', ({ sql }) => this.analyze(sql))
     this.addSub('apm:mysql2:query:start', ({ sql }) => this.analyze(sql))
-    this.addSub('apm:pg:query:start', ({ query }) => query && this.analyze(query.text))
+    this.addSub('apm:pg:query:start', ({ originalQuery }) => this.analyze(originalQuery))
   }
 }