npm - dd-trace - Versions diffs - 3.15.0 → 3.17.0 - Mend

dd-trace 3.15.0 → 3.17.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (180) hide show

package/packages/datadog-plugin-net/src/ipc.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const ClientPlugin = require('../../dd-trace/src/plugins/client')
 class NetIPCPlugin extends ClientPlugin {
-  static get name () { return 'net' }
+  static get id () { return 'net' }
   static get operation () { return 'ipc' }
   start ({ options }) {

package/packages/datadog-plugin-net/src/tcp.js CHANGED Viewed

@@ -1,9 +1,10 @@
 'use strict'
+const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const ClientPlugin = require('../../dd-trace/src/plugins/client')
 class NetTCPPlugin extends ClientPlugin {
-  static get name () { return 'net' }
+  static get id () { return 'net' }
   static get operation () { return 'tcp' }
   constructor (...args) {
@@ -37,7 +38,7 @@ class NetTCPPlugin extends ClientPlugin {
       metrics: {
         'tcp.remote.port': port,
         'tcp.local.port': 0,
-        'out.port': port
+        [CLIENT_PORT_KEY]: port
       }
     })
   }

package/packages/datadog-plugin-next/src/index.js CHANGED Viewed

@@ -6,7 +6,7 @@ const analyticsSampler = require('../../dd-trace/src/analytics_sampler')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 class NextPlugin extends Plugin {
-  static get name () {
+  static get id () {
     return 'next'
   }
@@ -21,7 +21,7 @@ class NextPlugin extends Plugin {
       const span = this.tracer.startSpan('next.request', {
         childOf,
         tags: {
-          [COMPONENT]: this.constructor.name,
+          [COMPONENT]: this.constructor.id,
           'service.name': this.config.service || this.tracer._service,
           'resource.name': req.method,
           'span.type': 'web',
@@ -69,7 +69,7 @@ class NextPlugin extends Plugin {
       const req = this._requests.get(span)
       span.addTags({
-        [COMPONENT]: this.constructor.name,
+        [COMPONENT]: this.constructor.id,
         'resource.name': `${req.method} ${page}`.trim(),
         'next.page': page
       })

package/packages/datadog-plugin-opensearch/src/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const ElasticsearchPlugin = require('../../datadog-plugin-elasticsearch/src')
 class OpenSearchPlugin extends ElasticsearchPlugin {
-  static get name () {
+  static get id () {
     return 'opensearch'
   }
 }

package/packages/datadog-plugin-oracledb/src/index.js CHANGED Viewed

@@ -1,10 +1,11 @@
 'use strict'
+const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const DatabasePlugin = require('../../dd-trace/src/plugins/database')
 const log = require('../../dd-trace/src/log')
 class OracledbPlugin extends DatabasePlugin {
-  static get name () { return 'oracledb' }
+  static get id () { return 'oracledb' }
   static get system () { return 'oracle' }
   start ({ query, connAttrs }) {
@@ -20,7 +21,7 @@ class OracledbPlugin extends DatabasePlugin {
         'db.user': this.config.user,
         'db.instance': url.pathname && url.pathname.substring(1),
         'db.hostname': url.hostname,
-        'db.port': url.port
+        [CLIENT_PORT_KEY]: url.port
       }
     })
   }

package/packages/datadog-plugin-paperplane/src/index.js CHANGED Viewed

@@ -5,7 +5,7 @@ const PaperplaneLoggerPlugin = require('./logger')
 const PaperplaneServerPlugin = require('./server')
 class PaperplanePlugin extends Plugin {
-  static get name () {
+  static get id () {
     return 'paperplane'
   }

package/packages/datadog-plugin-paperplane/src/logger.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const LogPlugin = require('../../dd-trace/src/plugins/log_plugin')
 class PaperplaneLoggerPlugin extends LogPlugin {
-  static get name () {
+  static get id () {
     return 'paperplane'
   }
 }

package/packages/datadog-plugin-paperplane/src/server.js CHANGED Viewed

@@ -4,7 +4,7 @@ const RouterPlugin = require('../../datadog-plugin-router/src')
 const web = require('../../dd-trace/src/plugins/util/web')
 class PaperplaneServerPlugin extends RouterPlugin {
-  static get name () {
+  static get id () {
     return 'paperplane'
   }

package/packages/datadog-plugin-pg/src/index.js CHANGED Viewed

@@ -1,9 +1,10 @@
 'use strict'
+const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const DatabasePlugin = require('../../dd-trace/src/plugins/database')
 class PGPlugin extends DatabasePlugin {
-  static get name () { return 'pg' }
+  static get id () { return 'pg' }
   static get operation () { return 'query' }
   static get system () { return 'postgres' }
@@ -22,7 +23,7 @@ class PGPlugin extends DatabasePlugin {
         'db.name': params.database,
         'db.user': params.user,
         'out.host': params.host,
-        'out.port': params.port
+        [CLIENT_PORT_KEY]: params.port
       }
     })

package/packages/datadog-plugin-pino/src/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const LogPlugin = require('../../dd-trace/src/plugins/log_plugin')
 class PinoPlugin extends LogPlugin {
-  static get name () {
+  static get id () {
     return 'pino'
   }
 }

package/packages/datadog-plugin-playwright/src/index.js CHANGED Viewed

@@ -13,7 +13,7 @@ const { RESOURCE_NAME } = require('../../../ext/tags')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 class PlaywrightPlugin extends CiPlugin {
-  static get name () {
+  static get id () {
     return 'playwright'
   }
@@ -39,13 +39,14 @@ class PlaywrightPlugin extends CiPlugin {
       const testSuiteMetadata = getTestSuiteCommonTags(
         this.command,
         this.frameworkVersion,
-        testSuite
+        testSuite,
+        'playwright'
       )
       const testSuiteSpan = this.tracer.startSpan('playwright.test_suite', {
         childOf: this.testModuleSpan,
         tags: {
-          [COMPONENT]: this.constructor.name,
+          [COMPONENT]: this.constructor.id,
           ...this.testEnvironmentMetadata,
           ...testSuiteMetadata
         }
@@ -87,7 +88,7 @@ class PlaywrightPlugin extends CiPlugin {
           childOf: span,
           startTime: stepStartTime,
           tags: {
-            [COMPONENT]: this.constructor.name,
+            [COMPONENT]: this.constructor.id,
             'playwright.step': step.title,
             [RESOURCE_NAME]: step.title
           }

package/packages/datadog-plugin-redis/src/index.js CHANGED Viewed

@@ -1,10 +1,11 @@
 'use strict'
+const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const CachePlugin = require('../../dd-trace/src/plugins/cache')
 const urlFilter = require('../../dd-trace/src/plugins/util/urlfilter')
 class RedisPlugin extends CachePlugin {
-  static get name () { return 'redis' }
+  static get id () { return 'redis' }
   static get system () { return 'redis' }
   start ({ db, command, args, connectionOptions = {}, connectionName }) {
@@ -20,7 +21,7 @@ class RedisPlugin extends CachePlugin {
         'db.name': db || '0',
         'redis.raw_command': formatCommand(command, args),
         'out.host': connectionOptions.host,
-        'out.port': connectionOptions.port
+        [CLIENT_PORT_KEY]: connectionOptions.port
       }
     })
   }

package/packages/datadog-plugin-restify/src/index.js CHANGED Viewed

@@ -4,7 +4,7 @@ const RouterPlugin = require('../../datadog-plugin-router/src')
 const web = require('../../dd-trace/src/plugins/util/web')
 class RestifyPlugin extends RouterPlugin {
-  static get name () {
+  static get id () {
     return 'restify'
   }

package/packages/datadog-plugin-rhea/src/consumer.js CHANGED Viewed

@@ -4,7 +4,7 @@ const ConsumerPlugin = require('../../dd-trace/src/plugins/consumer')
 const { storage } = require('../../datadog-core')
 class RheaConsumerPlugin extends ConsumerPlugin {
-  static get name () { return 'rhea' }
+  static get id () { return 'rhea' }
   constructor (...args) {
     super(...args)

package/packages/datadog-plugin-rhea/src/index.js CHANGED Viewed

@@ -5,7 +5,7 @@ const ConsumerPlugin = require('./consumer')
 const CompositePlugin = require('../../dd-trace/src/plugins/composite')
 class RheaPlugin extends CompositePlugin {
-  static get name () { return 'rhea' }
+  static get id () { return 'rhea' }
   static get plugins () {
     return {
       producer: ProducerPlugin,

package/packages/datadog-plugin-rhea/src/producer.js CHANGED Viewed

@@ -1,9 +1,10 @@
 'use strict'
+const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const ProducerPlugin = require('../../dd-trace/src/plugins/producer')
 class RheaProducerPlugin extends ProducerPlugin {
-  static get name () { return 'rhea' }
+  static get id () { return 'rhea' }
   static get operation () { return 'send' }
   constructor (...args) {
@@ -24,7 +25,7 @@ class RheaProducerPlugin extends ProducerPlugin {
         'amqp.link.target.address': name,
         'amqp.link.role': 'sender',
         'out.host': host,
-        'out.port': port
+        [CLIENT_PORT_KEY]: port
       }
     })
   }

package/packages/datadog-plugin-router/src/index.js CHANGED Viewed

@@ -7,7 +7,7 @@ const { storage } = require('../../datadog-core')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 class RouterPlugin extends WebPlugin {
-  static get name () {
+  static get id () {
     return 'router'
   }
@@ -17,7 +17,7 @@ class RouterPlugin extends WebPlugin {
     this._storeStack = []
     this._contexts = new WeakMap()
-    this.addSub(`apm:${this.constructor.name}:middleware:enter`, ({ req, name, route }) => {
+    this.addSub(`apm:${this.constructor.id}:middleware:enter`, ({ req, name, route }) => {
       const childOf = this._getActive(req) || this._getStoreSpan()
       if (!childOf) return
@@ -37,7 +37,7 @@ class RouterPlugin extends WebPlugin {
       web.setRoute(req, context.route)
     })
-    this.addSub(`apm:${this.constructor.name}:middleware:next`, ({ req }) => {
+    this.addSub(`apm:${this.constructor.id}:middleware:next`, ({ req }) => {
       const context = this._contexts.get(req)
       if (!context) return
@@ -45,7 +45,7 @@ class RouterPlugin extends WebPlugin {
       context.stack.pop()
     })
-    this.addSub(`apm:${this.constructor.name}:middleware:finish`, ({ req }) => {
+    this.addSub(`apm:${this.constructor.id}:middleware:finish`, ({ req }) => {
       const context = this._contexts.get(req)
       if (!context || context.middleware.length === 0) return
@@ -53,13 +53,13 @@ class RouterPlugin extends WebPlugin {
       context.middleware.pop().finish()
     })
-    this.addSub(`apm:${this.constructor.name}:middleware:exit`, ({ req }) => {
+    this.addSub(`apm:${this.constructor.id}:middleware:exit`, ({ req }) => {
       const savedStore = this._storeStack.pop()
       const span = savedStore && savedStore.span
       this.enter(span, savedStore)
     })
-    this.addSub(`apm:${this.constructor.name}:middleware:error`, ({ req, error }) => {
+    this.addSub(`apm:${this.constructor.id}:middleware:error`, ({ req, error }) => {
       web.addError(req, error)
       if (!this.config.middleware) return
@@ -104,10 +104,10 @@ class RouterPlugin extends WebPlugin {
       return childOf
     }
-    const span = this.tracer.startSpan(`${this.constructor.name}.middleware`, {
+    const span = this.tracer.startSpan(`${this.constructor.id}.middleware`, {
       childOf,
       tags: {
-        [COMPONENT]: this.constructor.name,
+        [COMPONENT]: this.constructor.id,
         'resource.name': name || '<anonymous>'
       }
     })

package/packages/datadog-plugin-sharedb/src/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const ServerPlugin = require('../../dd-trace/src/plugins/server')
 class SharedbPlugin extends ServerPlugin {
-  static get name () { return 'sharedb' }
+  static get id () { return 'sharedb' }
   start ({ actionName, request }) {
     const span = this.startSpan('sharedb.request', {

package/packages/datadog-plugin-tedious/src/index.js CHANGED Viewed

@@ -1,9 +1,10 @@
 'use strict'
+const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const DatabasePlugin = require('../../dd-trace/src/plugins/database')
 class TediousPlugin extends DatabasePlugin {
-  static get name () { return 'tedious' }
+  static get id () { return 'tedious' }
   static get operation () { return 'request' } // TODO: change to match other database plugins
   static get system () { return 'mssql' }
@@ -17,7 +18,7 @@ class TediousPlugin extends DatabasePlugin {
         'db.type': 'mssql',
         'component': 'tedious',
         'out.host': connectionConfig.server,
-        'out.port': connectionConfig.options.port,
+        [CLIENT_PORT_KEY]: connectionConfig.options.port,
         'db.user': connectionConfig.userName || connectionConfig.authentication.options.userName,
         'db.name': connectionConfig.options.database,
         'db.instance': connectionConfig.options.instanceName

package/packages/datadog-plugin-web/src/index.js CHANGED Viewed

@@ -4,7 +4,7 @@ const Plugin = require('../../dd-trace/src/plugins/plugin')
 const web = require('../../dd-trace/src/plugins/util/web')
 class WebPlugin extends Plugin {
-  static get name () {
+  static get id () {
     return 'web'
   }

package/packages/datadog-plugin-winston/src/index.js CHANGED Viewed

@@ -3,7 +3,7 @@
 const LogPlugin = require('../../dd-trace/src/plugins/log_plugin')
 class WinstonPlugin extends LogPlugin {
-  static get name () {
+  static get id () {
     return 'winston'
   }
 }

package/packages/dd-trace/src/appsec/{templates/blocked.html → blocked_templates.js} RENAMED Viewed

@@ -1,4 +1,7 @@
-<!-- Sorry, you’ve been blocked -->
+/* eslint-disable max-len */
+'use strict'
+const html = `<!-- Sorry, you've been blocked -->
 <!DOCTYPE html>
 <html lang="en">
@@ -97,3 +100,18 @@
 </body>
 </html>
+`
+const json = `{
+  "errors": [
+    {
+      "title": "You've been blocked",
+      "detail": "Sorry, you cannot access this page. Please contact the customer service team. Security provided by Datadog."
+    }
+  ]
+}`
+module.exports = {
+  html,
+  json
+}

package/packages/dd-trace/src/appsec/blocking.js CHANGED Viewed

@@ -1,12 +1,10 @@
 'use strict'
 const log = require('../log')
-const fs = require('fs')
+const blockedTemplates = require('./blocked_templates')
-// TODO: move template loading to a proper spot.
-let templateLoaded = false
-let templateHtml = ''
-let templateJson = ''
+let templateHtml = blockedTemplates.html
+let templateJson = blockedTemplates.json
 function block (req, res, rootSpan, abortController) {
   if (res.headersSent) {
@@ -42,29 +40,16 @@ function block (req, res, rootSpan, abortController) {
   }
 }
-function loadTemplates (config) {
-  if (!templateLoaded) {
-    templateHtml = fs.readFileSync(config.appsec.blockedTemplateHtml)
-    templateJson = fs.readFileSync(config.appsec.blockedTemplateJson)
-    templateLoaded = true
+function setTemplates (config) {
+  if (config.appsec.blockedTemplateHtml) {
+    templateHtml = config.appsec.blockedTemplateHtml
   }
-}
-async function loadTemplatesAsync (config) {
-  if (!templateLoaded) {
-    templateHtml = await fs.promises.readFile(config.appsec.blockedTemplateHtml)
-    templateJson = await fs.promises.readFile(config.appsec.blockedTemplateJson)
-    templateLoaded = true
+  if (config.appsec.blockedTemplateJson) {
+    templateJson = config.appsec.blockedTemplateJson
   }
 }
-function resetTemplates () {
-  templateLoaded = false
-}
 module.exports = {
   block,
-  loadTemplates,
-  loadTemplatesAsync,
-  resetTemplates
+  setTemplates
 }

package/packages/dd-trace/src/appsec/gateway/engine/runner.js CHANGED Viewed

@@ -1,6 +1,7 @@
 'use strict'
 const als = require('../als')
+const log = require('../../../log')
 let lock = false // lock to prevent recursive calls to runSubscriptions
@@ -25,7 +26,7 @@ function runSubscriptions (subscriptions, params) {
     try {
       result = subscription.callback.method(params, store)
     } catch (err) {
-      // TODO: log ?
+      log.warn(`Error running subscription ${err}`)
     }
     results.push(result)

package/packages/dd-trace/src/appsec/iast/analyzers/analyzers.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 module.exports = {
   'WEAK_CIPHER_ANALYZER': require('./weak-cipher-analyzer'),
   'WEAK_HASH_ANALYZER': require('./weak-hash-analyzer'),

package/packages/dd-trace/src/appsec/iast/analyzers/path-traversal-analyzer.js CHANGED Viewed

@@ -1,4 +1,6 @@
 'use strict'
+const path = require('path')
 const { getIastContext } = require('../iast-context')
 const { storage } = require('../../../../../datadog-core')
 const InjectionAnalyzer = require('./injection-analyzer')
@@ -37,6 +39,16 @@ class PathTraversalAnalyzer extends InjectionAnalyzer {
       }
       this.analyze(pathArguments)
     })
+    this.exclusionList = [ path.join('node_modules', 'send') + path.sep ]
+  }
+  _isExcluded (location) {
+    let ret = false
+    if (location && location.path) {
+      ret = this.exclusionList.some(elem => location.path.includes(elem))
+    }
+    return ret
   }
   analyze (value) {

package/packages/dd-trace/src/appsec/iast/analyzers/sql-injection-analyzer.js CHANGED Viewed

@@ -6,7 +6,7 @@ class SqlInjectionAnalyzer extends InjectionAnalyzer {
     super('SQL_INJECTION')
     this.addSub('apm:mysql:query:start', ({ sql }) => this.analyze(sql))
     this.addSub('apm:mysql2:query:start', ({ sql }) => this.analyze(sql))
-    this.addSub('apm:pg:query:start', ({ originalQuery }) => this.analyze(originalQuery))
+    this.addSub('apm:pg:query:start', ({ query }) => this.analyze(query.text))
   }
 }

package/packages/dd-trace/src/appsec/iast/analyzers/vulnerability-analyzer.js CHANGED Viewed

@@ -2,7 +2,7 @@
 const Plugin = require('../../../../src/plugins/plugin')
 const { storage } = require('../../../../../datadog-core')
-const log = require('../../../log')
+const iastLog = require('../iast-log')
 const { getFirstNonDDPathAndLine } = require('../path-line')
 const { createVulnerability, addVulnerability } = require('../vulnerability-reporter')
 const { getIastContext } = require('../iast-context')
@@ -19,7 +19,7 @@ class Analyzer extends Plugin {
       try {
         handler(message, name)
       } catch (e) {
-        log.debug(e)
+        iastLog.errorAndPublish(e)
       }
     }
   }
@@ -32,12 +32,18 @@ class Analyzer extends Plugin {
     return false
   }
+  _isExcluded (location) {
+    return false
+  }
   _report (value, context) {
     const evidence = this._getEvidence(value, context)
     const location = this._getLocation()
-    const spanId = context && context.rootSpan && context.rootSpan.context().toSpanId()
-    const vulnerability = createVulnerability(this._type, evidence, spanId, location)
-    addVulnerability(context, vulnerability)
+    if (!this._isExcluded(location)) {
+      const spanId = context && context.rootSpan && context.rootSpan.context().toSpanId()
+      const vulnerability = createVulnerability(this._type, evidence, spanId, location)
+      addVulnerability(context, vulnerability)
+    }
   }
   _reportIfVulnerable (value, context) {

package/packages/dd-trace/src/appsec/iast/iast-log.js ADDED Viewed

@@ -0,0 +1,111 @@
+'use strict'
+const log = require('../../log')
+const telemetryLogs = require('./telemetry/logs')
+const { calculateDDBasePath } = require('../../util')
+const ddBasePath = calculateDDBasePath(__dirname)
+const EOL = '\n'
+const STACK_FRAME_LINE_REGEX = /^\s*at\s/gm
+function sanitize (logEntry, stack) {
+  if (!stack) return logEntry
+  let stackLines = stack.split(EOL)
+  const firstIndex = stackLines.findIndex(l => l.match(STACK_FRAME_LINE_REGEX))
+  const isDDCode = firstIndex > -1 && stackLines[firstIndex].includes(ddBasePath)
+  stackLines = stackLines
+    .filter((line, index) => (isDDCode && index < firstIndex) || line.includes(ddBasePath))
+    .map(line => line.replace(ddBasePath, ''))
+  logEntry.stack_trace = stackLines.join(EOL)
+  if (!isDDCode) {
+    logEntry.message = 'omitted'
+  }
+  return logEntry
+}
+function getTelemetryLog (data, level) {
+  try {
+    data = typeof data === 'function' ? data() : data
+    let message
+    if (typeof data !== 'object' || !data) {
+      message = String(data)
+    } else {
+      message = String(data.message || data)
+    }
+    let logEntry = {
+      message,
+      level
+    }
+    if (data.stack) {
+      logEntry = sanitize(logEntry, data.stack)
+      if (logEntry.stack_trace === '') {
+        return
+      }
+    }
+    return logEntry
+  } catch (e) {
+    log.error(e)
+  }
+}
+const iastLog = {
+  debug (data) {
+    log.debug(data)
+    return this
+  },
+  info (data) {
+    log.info(data)
+    return this
+  },
+  warn (data) {
+    log.warn(data)
+    return this
+  },
+  error (data) {
+    log.error(data)
+    return this
+  },
+  publish (data, level) {
+    if (telemetryLogs.isLevelEnabled(level)) {
+      const telemetryLog = getTelemetryLog(data, level)
+      telemetryLogs.publish(telemetryLog)
+    }
+    return this
+  },
+  debugAndPublish (data) {
+    this.debug(data)
+    return this.publish(data, 'DEBUG')
+  },
+  infoAndPublish (data) {
+    this.info(data)
+    return this.publish(data, 'DEBUG')
+  },
+  warnAndPublish (data) {
+    this.warn(data)
+    return this.publish(data, 'WARN')
+  },
+  errorAndPublish (data) {
+    this.error(data)
+    return this.publish(data, 'ERROR')
+  }
+}
+module.exports = iastLog