npm - dd-trace - Versions diffs - 3.2.0 → 3.3.0 - Mend

dd-trace 3.2.0 → 3.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/packages/datadog-plugin-jest/src/index.js CHANGED Viewed

@@ -9,10 +9,15 @@ const {
   getTestEnvironmentMetadata,
   getTestParentSpan,
   getTestCommonTags,
+  getTestSessionCommonTags,
+  getTestSuiteCommonTags,
   TEST_PARAMETERS,
   getCodeOwnersFileEntries,
   getCodeOwnersForFilename,
-  TEST_CODE_OWNERS
+  TEST_CODE_OWNERS,
+  TEST_SESSION_ID,
+  TEST_SUITE_ID,
+  TEST_COMMAND
 } = require('../../dd-trace/src/plugins/util/test')
 // https://github.com/facebook/jest/blob/d6ad15b0f88a05816c2fe034dd6900d28315d570/packages/jest-worker/src/types.ts#L38
@@ -58,12 +63,93 @@ class JestPlugin extends Plugin {
     this.testEnvironmentMetadata = getTestEnvironmentMetadata('jest', this.config)
     this.codeOwnersEntries = getCodeOwnersFileEntries()
-    this.addSub('ci:jest:test:code-coverage', (coverageFiles) => {
+    this.addSub('ci:jest:session:start', (command) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const store = storage.getStore()
+      const childOf = getTestParentSpan(this.tracer)
+      const testSessionSpanMetadata = getTestSessionCommonTags(command, this.tracer._version)
+      const testSessionSpan = this.tracer.startSpan('jest.test_session', {
+        childOf,
+        tags: {
+          ...this.testEnvironmentMetadata,
+          ...testSessionSpanMetadata
+        }
+      })
+      this.enter(testSessionSpan, store)
+    })
+    this.addSub('ci:jest:session:finish', (status) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const testSessionSpan = storage.getStore().span
+      testSessionSpan.setTag(TEST_STATUS, status)
+      testSessionSpan.finish()
+      finishAllTraceSpans(testSessionSpan)
+      this.tracer._exporter._writer.flush()
+    })
+    // Test suites can be run in a different process from jest's main one.
+    // This subscriber changes the configuration objects from jest to inject the trace id
+    // of the test session to the processes that run the test suites.
+    this.addSub('ci:jest:session:configuration', configs => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const testSessionSpan = storage.getStore().span
+      configs.forEach(config => {
+        config._ddTestSessionId = testSessionSpan.context()._traceId.toString(10)
+        config._ddTestCommand = testSessionSpan.context()._tags[TEST_COMMAND]
+      })
+    })
+    this.addSub('ci:jest:test-suite:start', ({ testSuite, testEnvironmentOptions }) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const { _ddTestSessionId: testSessionId, _ddTestCommand: testCommand } = testEnvironmentOptions
+      const store = storage.getStore()
+      const testSessionSpanContext = this.tracer.extract('text_map', {
+        'x-datadog-trace-id': testSessionId,
+        'x-datadog-parent-id': '0000000000000000'
+      })
+      const testSuiteMetadata = getTestSuiteCommonTags(testCommand, this.tracer._version, testSuite)
+      const testSuiteSpan = this.tracer.startSpan('jest.test_suite', {
+        childOf: testSessionSpanContext,
+        tags: {
+          ...this.testEnvironmentMetadata,
+          ...testSuiteMetadata
+        }
+      })
+      this.enter(testSuiteSpan, store)
+    })
+    this.addSub('ci:jest:test-suite:finish', ({ status, errorMessage }) => {
+      if (!this.config.isAgentlessEnabled) {
+        return
+      }
+      const testSuiteSpan = storage.getStore().span
+      testSuiteSpan.setTag(TEST_STATUS, status)
+      if (errorMessage) {
+        testSuiteSpan.setTag('error', new Error(errorMessage))
+      }
+      testSuiteSpan.finish()
+    })
+    this.addSub('ci:jest:test-suite:code-coverage', (coverageFiles) => {
       if (!this.config.isAgentlessEnabled || !this.config.isIntelligentTestRunnerEnabled) {
         return
       }
-      const testSpan = storage.getStore().span
-      this.tracer._exporter.exportCoverage({ testSpan, coverageFiles })
+      const testSuiteSpan = storage.getStore().span
+      this.tracer._exporter.exportCoverage({ span: testSuiteSpan, coverageFiles })
     })
     this.addSub('ci:jest:test:start', (test) => {
@@ -96,7 +182,20 @@ class JestPlugin extends Plugin {
   }
   startTestSpan (test) {
-    const { childOf, ...testSpanMetadata } = getTestSpanMetadata(this.tracer, test)
+    const suiteTags = {}
+    const store = storage.getStore()
+    const testSuiteSpan = store ? store.span : undefined
+    if (testSuiteSpan) {
+      const testSuiteId = testSuiteSpan.context()._spanId.toString(10)
+      suiteTags[TEST_SUITE_ID] = testSuiteId
+      suiteTags[TEST_SESSION_ID] = testSuiteSpan.context()._traceId.toString(10)
+      suiteTags[TEST_COMMAND] = testSuiteSpan.context()._tags[TEST_COMMAND]
+    }
+    const {
+      childOf,
+      ...testSpanMetadata
+    } = getTestSpanMetadata(this.tracer, test)
     const codeOwners = getCodeOwnersForFilename(test.suite, this.codeOwnersEntries)
@@ -109,7 +208,8 @@ class JestPlugin extends Plugin {
         childOf,
         tags: {
           ...this.testEnvironmentMetadata,
-          ...testSpanMetadata
+          ...testSpanMetadata,
+          ...suiteTags
         }
       })

package/packages/datadog-plugin-mocha/src/index.js CHANGED Viewed

@@ -47,7 +47,7 @@ class MochaPlugin extends Plugin {
   constructor (...args) {
     super(...args)
-    this._testSuites = new WeakMap()
+    this._testSuites = new Map()
     this._testNameToParams = {}
     this.testEnvironmentMetadata = getTestEnvironmentMetadata('mocha', this.config)
     this.sourceRoot = process.cwd()
@@ -75,7 +75,11 @@ class MochaPlugin extends Plugin {
         return
       }
       const store = storage.getStore()
-      const testSuiteMetadata = getTestSuiteCommonTags(this.command, this.tracer._version, suite.fullTitle())
+      const testSuiteMetadata = getTestSuiteCommonTags(
+        this.command,
+        this.tracer._version,
+        getTestSuitePath(suite.file, this.sourceRoot)
+      )
       const testSuiteSpan = this.tracer.startSpan('mocha.test_suite', {
         childOf: this.testSessionSpan,
         tags: {
@@ -84,7 +88,7 @@ class MochaPlugin extends Plugin {
         }
       })
       this.enter(testSuiteSpan, store)
-      this._testSuites.set(suite, testSuiteSpan)
+      this._testSuites.set(suite.file, testSuiteSpan)
     })
     this.addSub('ci:mocha:test-suite:finish', (status) => {
@@ -92,7 +96,10 @@ class MochaPlugin extends Plugin {
         return
       }
       const span = storage.getStore().span
-      span.setTag(TEST_STATUS, status)
+      // the test status of the suite may have been set in ci:mocha:test-suite:error already
+      if (!span.context()._tags[TEST_STATUS]) {
+        span.setTag(TEST_STATUS, status)
+      }
       span.finish()
     })
@@ -102,6 +109,7 @@ class MochaPlugin extends Plugin {
       }
       const span = storage.getStore().span
       span.setTag('error', err)
+      span.setTag(TEST_STATUS, 'fail')
     })
     this.addSub('ci:mocha:test:start', (test) => {
@@ -158,15 +166,15 @@ class MochaPlugin extends Plugin {
   startTestSpan (test) {
     const testSuiteTags = {}
-    const testSuiteSpan = this._testSuites.get(test.parent)
+    const testSuiteSpan = this._testSuites.get(test.parent.file)
     if (testSuiteSpan) {
-      const testSuiteId = testSuiteSpan.context()._spanId.toString(16)
+      const testSuiteId = testSuiteSpan.context()._spanId.toString(10)
       testSuiteTags[TEST_SUITE_ID] = testSuiteId
     }
     if (this.testSessionSpan) {
-      const testSessionId = this.testSessionSpan.context()._traceId.toString(16)
+      const testSessionId = this.testSessionSpan.context()._traceId.toString(10)
       testSuiteTags[TEST_SESSION_ID] = testSessionId
       testSuiteTags[TEST_COMMAND] = this.command
     }

package/packages/dd-trace/src/appsec/iast/analyzers/analyzers.js CHANGED Viewed

@@ -1,3 +1,4 @@
 module.exports = {
+  'WEAK_CIPHER_ANALYZER': require('./weak-cipher-analyzer'),
   'WEAK_HASH_ANALYZER': require('./weak-hash-analyzer')
 }

package/packages/dd-trace/src/appsec/iast/analyzers/weak-cipher-analyzer.js ADDED Viewed

@@ -0,0 +1,27 @@
+'use strict'
+const Analyzer = require('./vulnerability-analyzer')
+const INSECURE_CIPHERS = new Set([
+  'des', 'des-cbc', 'des-cfb', 'des-cfb1', 'des-cfb8', 'des-ecb', 'des-ede', 'des-ede-cbc', 'des-ede-cfb',
+  'des-ede-ecb', 'des-ede-ofb', 'des-ede3', 'des-ede3-cbc', 'des-ede3-cfb', 'des-ede3-cfb1', 'des-ede3-cfb8',
+  'des-ede3-ecb', 'des-ede3-ofb', 'des-ofb', 'des3', 'des3-wrap',
+  'rc2', 'rc2-128', 'rc2-40', 'rc2-40-cbc', 'rc2-64', 'rc2-64-cbc', 'rc2-cbc', 'rc2-cfb', 'rc2-ecb', 'rc2-ofb',
+  'blowfish',
+  'rc4', 'rc4-40', 'rc4-hmac-md5'
+].map(algorithm => algorithm.toLowerCase()))
+class WeakCipherAnalyzer extends Analyzer {
+  constructor () {
+    super('WEAK_CIPHER')
+    this.addSub('datadog:crypto:cipher:start', ({ algorithm }) => this.analyze(algorithm))
+  }
+  _isVulnerable (algorithm) {
+    if (algorithm && typeof algorithm === 'string') {
+      return INSECURE_CIPHERS.has(algorithm.toLowerCase())
+    }
+    return false
+  }
+}
+module.exports = new WeakCipherAnalyzer()

package/packages/dd-trace/src/appsec/iast/vulnerability-reporter.js CHANGED Viewed

@@ -1,6 +1,9 @@
 const { MANUAL_KEEP } = require('../../../../../ext/tags')
+const LRU = require('lru-cache')
 const VULNERABILITIES_KEY = 'vulnerabilities'
 const IAST_JSON_TAG_KEY = '_dd.iast.json'
+const VULNERABILITY_HASHES_MAX_SIZE = 1000
+const VULNERABILITY_HASHES = new LRU({ max: VULNERABILITY_HASHES_MAX_SIZE })
 function createVulnerability (type, evidence, spanId, location) {
   if (type && evidence && spanId) {
@@ -94,20 +97,25 @@ function sendVulnerabilities (iastContext) {
   return IAST_JSON_TAG_KEY
 }
+function clearCache () { // only for test purposes
+  VULNERABILITY_HASHES.clear()
+}
 function deduplicateVulnerabilities (vulnerabilities) {
-  const uniqueVulnerabilities = new Set()
-  return vulnerabilities.filter((vulnerability) => {
+  const deduplicated = vulnerabilities.filter((vulnerability) => {
     const key = `${vulnerability.type}${vulnerability.hash}`
-    if (!uniqueVulnerabilities.has(key)) {
-      uniqueVulnerabilities.add(key)
+    if (!VULNERABILITY_HASHES.get(key)) {
+      VULNERABILITY_HASHES.set(key, true)
       return true
     }
     return false
   })
+  return deduplicated
 }
 module.exports = {
   createVulnerability,
   addVulnerability,
-  sendVulnerabilities
+  sendVulnerabilities,
+  clearCache
 }