npm - dd-trace - Versions diffs - 4.36.0 → 4.38.0 - Mend

dd-trace 4.36.0 → 4.38.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (40) hide show

package/packages/datadog-instrumentations/src/lodash.js ADDED Viewed

@@ -0,0 +1,31 @@
+'use strict'
+const { channel, addHook } = require('./helpers/instrument')
+const shimmer = require('../../datadog-shimmer')
+addHook({ name: 'lodash', versions: ['>=4'] }, lodash => {
+  const lodashOperationCh = channel('datadog:lodash:operation')
+  const instrumentedLodashFn = ['trim', 'trimStart', 'trimEnd', 'toLower', 'toUpper', 'join']
+  shimmer.massWrap(
+    lodash,
+    instrumentedLodashFn,
+    lodashFn => {
+      return function () {
+        if (!lodashOperationCh.hasSubscribers) {
+          return lodashFn.apply(this, arguments)
+        }
+        const result = lodashFn.apply(this, arguments)
+        const message = { operation: lodashFn.name, arguments, result }
+        lodashOperationCh.publish(message)
+        return message.result
+      }
+    }
+  )
+  return lodash
+})

package/packages/datadog-instrumentations/src/playwright.js CHANGED Viewed

@@ -297,7 +297,12 @@ function dispatcherRunWrapper (run) {
 }
 function dispatcherRunWrapperNew (run) {
-  return function () {
+  return function (testGroups) {
+    if (!this._allTests) {
+      // Removed in https://github.com/microsoft/playwright/commit/1e52c37b254a441cccf332520f60225a5acc14c7
+      // Not available from >=1.44.0
+      this._allTests = testGroups.map(g => g.tests).flat()
+    }
     remainingTestsByFile = getTestsBySuiteFromTestGroups(arguments[0])
     return run.apply(this, arguments)
   }

package/packages/datadog-plugin-aws-sdk/src/services/index.js CHANGED Viewed

@@ -7,6 +7,9 @@ exports.kinesis = require('./kinesis')
 exports.lambda = require('./lambda')
 exports.redshift = require('./redshift')
 exports.s3 = require('./s3')
+exports.sfn = require('./sfn')
 exports.sns = require('./sns')
 exports.sqs = require('./sqs')
+exports.states = require('./states')
+exports.stepfunctions = require('./stepfunctions')
 exports.default = require('./default')

package/packages/datadog-plugin-aws-sdk/src/services/sfn.js ADDED Viewed

@@ -0,0 +1,7 @@
+'use strict'
+const Stepfunctions = require('./stepfunctions')
+class Sfn extends Stepfunctions {
+  static get id () { return 'sfn' }
+}
+module.exports = Sfn

package/packages/datadog-plugin-aws-sdk/src/services/states.js ADDED Viewed

@@ -0,0 +1,7 @@
+'use strict'
+const Stepfunctions = require('./stepfunctions')
+class States extends Stepfunctions {
+  static get id () { return 'states' }
+}
+module.exports = States

package/packages/datadog-plugin-aws-sdk/src/services/stepfunctions.js ADDED Viewed

@@ -0,0 +1,64 @@
+'use strict'
+const log = require('../../../dd-trace/src/log')
+const BaseAwsSdkPlugin = require('../base')
+class Stepfunctions extends BaseAwsSdkPlugin {
+  static get id () { return 'stepfunctions' }
+  // This is the shape of StartExecutionInput, as defined in
+  // https://github.com/aws/aws-sdk-js/blob/master/apis/states-2016-11-23.normal.json
+  // "StartExecutionInput": {
+  //   "type": "structure",
+  //   "required": [
+  //     "stateMachineArn"
+  //   ],
+  //   "members": {
+  //     "stateMachineArn": {
+  //       "shape": "Arn",
+  //     },
+  //     "name": {
+  //       "shape": "Name",
+  //     },
+  //     "input": {
+  //       "shape": "SensitiveData",
+  //     },
+  //     "traceHeader": {
+  //       "shape": "TraceHeader",
+  //     }
+  //   }
+  generateTags (params, operation, response) {
+    if (!params) return {}
+    const tags = { 'resource.name': params.name ? `${operation} ${params.name}` : `${operation}` }
+    if (operation === 'startExecution' || operation === 'startSyncExecution') {
+      tags.statemachinearn = `${params.stateMachineArn}`
+    }
+    return tags
+  }
+  requestInject (span, request) {
+    const operation = request.operation
+    if (operation === 'startExecution' || operation === 'startSyncExecution') {
+      if (!request.params || !request.params.input) {
+        return
+      }
+      const input = request.params.input
+      try {
+        const inputObj = JSON.parse(input)
+        if (inputObj && typeof inputObj === 'object') {
+          // We've parsed the input JSON string
+          inputObj._datadog = {}
+          this.tracer.inject(span, 'text_map', inputObj._datadog)
+          const newInput = JSON.stringify(inputObj)
+          request.params.input = newInput
+        }
+      } catch (e) {
+        log.info('Unable to treat input as JSON')
+      }
+    }
+  }
+}
+module.exports = Stepfunctions

package/packages/datadog-plugin-cucumber/src/index.js CHANGED Viewed

@@ -18,7 +18,14 @@ const {
   TEST_SOURCE_FILE,
   TEST_EARLY_FLAKE_ENABLED,
   TEST_IS_NEW,
-  TEST_IS_RETRY
+  TEST_IS_RETRY,
+  TEST_SUITE_ID,
+  TEST_SESSION_ID,
+  TEST_COMMAND,
+  TEST_MODULE,
+  TEST_MODULE_ID,
+  TEST_SUITE,
+  CUCUMBER_IS_PARALLEL
 } = require('../../dd-trace/src/plugins/util/test')
 const { RESOURCE_NAME } = require('../../../ext/tags')
 const { COMPONENT, ERROR_MESSAGE } = require('../../dd-trace/src/constants')
@@ -32,6 +39,22 @@ const {
   TELEMETRY_ITR_UNSKIPPABLE,
   TELEMETRY_CODE_COVERAGE_NUM_FILES
 } = require('../../dd-trace/src/ci-visibility/telemetry')
+const id = require('../../dd-trace/src/id')
+const isCucumberWorker = !!process.env.CUCUMBER_WORKER_ID
+function getTestSuiteTags (testSuiteSpan) {
+  const suiteTags = {
+    [TEST_SUITE_ID]: testSuiteSpan.context().toSpanId(),
+    [TEST_SESSION_ID]: testSuiteSpan.context().toTraceId(),
+    [TEST_COMMAND]: testSuiteSpan.context()._tags[TEST_COMMAND],
+    [TEST_MODULE]: 'cucumber'
+  }
+  if (testSuiteSpan.context()._parentId) {
+    suiteTags[TEST_MODULE_ID] = testSuiteSpan.context()._parentId.toString(10)
+  }
+  return suiteTags
+}
 class CucumberPlugin extends CiPlugin {
   static get id () {
@@ -43,6 +66,8 @@ class CucumberPlugin extends CiPlugin {
     this.sourceRoot = process.cwd()
+    this.testSuiteSpanByPath = {}
     this.addSub('ci:cucumber:session:finish', ({
       status,
       isSuitesSkipped,
@@ -50,7 +75,8 @@ class CucumberPlugin extends CiPlugin {
       testCodeCoverageLinesTotal,
       hasUnskippableSuites,
       hasForcedToRunSuites,
-      isEarlyFlakeDetectionEnabled
+      isEarlyFlakeDetectionEnabled,
+      isParallel
     }) => {
       const { isSuitesSkippingEnabled, isCodeCoverageEnabled } = this.libraryConfig || {}
       addIntelligentTestRunnerSpanTags(
@@ -70,6 +96,9 @@ class CucumberPlugin extends CiPlugin {
       if (isEarlyFlakeDetectionEnabled) {
         this.testSessionSpan.setTag(TEST_EARLY_FLAKE_ENABLED, 'true')
       }
+      if (isParallel) {
+        this.testSessionSpan.setTag(CUCUMBER_IS_PARALLEL, 'true')
+      }
       this.testSessionSpan.setTag(TEST_STATUS, status)
       this.testModuleSpan.setTag(TEST_STATUS, status)
@@ -101,7 +130,7 @@ class CucumberPlugin extends CiPlugin {
       if (itrCorrelationId) {
         testSuiteMetadata[ITR_CORRELATION_ID] = itrCorrelationId
       }
-      this.testSuiteSpan = this.tracer.startSpan('cucumber.test_suite', {
+      const testSuiteSpan = this.tracer.startSpan('cucumber.test_suite', {
         childOf: this.testModuleSpan,
         tags: {
           [COMPONENT]: this.constructor.id,
@@ -109,25 +138,29 @@ class CucumberPlugin extends CiPlugin {
           ...testSuiteMetadata
         }
       })
+      this.testSuiteSpanByPath[testSuitePath] = testSuiteSpan
       this.telemetry.ciVisEvent(TELEMETRY_EVENT_CREATED, 'suite')
       if (this.libraryConfig?.isCodeCoverageEnabled) {
         this.telemetry.ciVisEvent(TELEMETRY_CODE_COVERAGE_STARTED, 'suite', { library: 'istanbul' })
       }
     })
-    this.addSub('ci:cucumber:test-suite:finish', status => {
-      this.testSuiteSpan.setTag(TEST_STATUS, status)
-      this.testSuiteSpan.finish()
+    this.addSub('ci:cucumber:test-suite:finish', ({ status, testSuitePath }) => {
+      const testSuiteSpan = this.testSuiteSpanByPath[testSuitePath]
+      testSuiteSpan.setTag(TEST_STATUS, status)
+      testSuiteSpan.finish()
       this.telemetry.ciVisEvent(TELEMETRY_EVENT_FINISHED, 'suite')
     })
-    this.addSub('ci:cucumber:test-suite:code-coverage', ({ coverageFiles, suiteFile }) => {
+    this.addSub('ci:cucumber:test-suite:code-coverage', ({ coverageFiles, suiteFile, testSuitePath }) => {
       if (!this.libraryConfig?.isCodeCoverageEnabled) {
         return
       }
       if (!coverageFiles.length) {
         this.telemetry.count(TELEMETRY_CODE_COVERAGE_EMPTY)
       }
+      const testSuiteSpan = this.testSuiteSpanByPath[testSuitePath]
       const relativeCoverageFiles = [...coverageFiles, suiteFile]
         .map(filename => getTestSuitePath(filename, this.repositoryRoot))
@@ -135,8 +168,8 @@ class CucumberPlugin extends CiPlugin {
       this.telemetry.distribution(TELEMETRY_CODE_COVERAGE_NUM_FILES, {}, relativeCoverageFiles.length)
       const formattedCoverage = {
-        sessionId: this.testSuiteSpan.context()._traceId,
-        suiteId: this.testSuiteSpan.context()._spanId,
+        sessionId: testSuiteSpan.context()._traceId,
+        suiteId: testSuiteSpan.context()._spanId,
         files: relativeCoverageFiles
       }
@@ -144,7 +177,7 @@ class CucumberPlugin extends CiPlugin {
       this.telemetry.ciVisEvent(TELEMETRY_CODE_COVERAGE_FINISHED, 'suite', { library: 'istanbul' })
     })
-    this.addSub('ci:cucumber:test:start', ({ testName, testFileAbsolutePath, testSourceLine }) => {
+    this.addSub('ci:cucumber:test:start', ({ testName, testFileAbsolutePath, testSourceLine, isParallel }) => {
       const store = storage.getStore()
       const testSuite = getTestSuitePath(testFileAbsolutePath, this.sourceRoot)
       const testSourceFile = getTestSuitePath(testFileAbsolutePath, this.repositoryRoot)
@@ -153,6 +186,10 @@ class CucumberPlugin extends CiPlugin {
         [TEST_SOURCE_START]: testSourceLine,
         [TEST_SOURCE_FILE]: testSourceFile
       }
+      if (isParallel) {
+        extraTags[CUCUMBER_IS_PARALLEL] = 'true'
+      }
       const testSpan = this.startTestSpan(testName, testSuite, extraTags)
       this.enter(testSpan, store)
@@ -172,6 +209,36 @@ class CucumberPlugin extends CiPlugin {
       this.enter(span, store)
     })
+    this.addSub('ci:cucumber:worker-report:trace', (traces) => {
+      const formattedTraces = JSON.parse(traces).map(trace =>
+        trace.map(span => ({
+          ...span,
+          span_id: id(span.span_id),
+          trace_id: id(span.trace_id),
+          parent_id: id(span.parent_id)
+        }))
+      )
+      // We have to update the test session, test module and test suite ids
+      // before we export them in the main process
+      formattedTraces.forEach(trace => {
+        trace.forEach(span => {
+          if (span.name === 'cucumber.test') {
+            const testSuite = span.meta[TEST_SUITE]
+            const testSuiteSpan = this.testSuiteSpanByPath[testSuite]
+            const testSuiteTags = getTestSuiteTags(testSuiteSpan)
+            span.meta = {
+              ...span.meta,
+              ...testSuiteTags
+            }
+          }
+        })
+        this.tracer._exporter.export(trace)
+      })
+    })
     this.addSub('ci:cucumber:test:finish', ({ isStep, status, skipReason, errorMessage, isNew, isEfdRetry }) => {
       const span = storage.getStore().span
       const statusTag = isStep ? 'step.status' : TEST_STATUS
@@ -201,6 +268,10 @@ class CucumberPlugin extends CiPlugin {
           { hasCodeOwners: !!span.context()._tags[TEST_CODE_OWNERS] }
         )
         finishAllTraceSpans(span)
+        // If it's a worker, flushing is cheap, as it's just sending data to the main process
+        if (isCucumberWorker) {
+          this.tracer._exporter.flush()
+        }
       }
     })
@@ -213,10 +284,11 @@ class CucumberPlugin extends CiPlugin {
   }
   startTestSpan (testName, testSuite, extraTags) {
+    const testSuiteSpan = this.testSuiteSpanByPath[testSuite]
     return super.startTestSpan(
       testName,
       testSuite,
-      this.testSuiteSpan,
+      testSuiteSpan,
       extraTags
     )
   }

package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-base-analyzer.js CHANGED Viewed

@@ -48,6 +48,7 @@ class HardcodedBaseAnalyzer extends Analyzer {
           file,
           line: match.location.line,
           column: match.location.column,
+          ident: match.location.ident,
           data: match.ruleId
         }))
     }

package/packages/dd-trace/src/appsec/iast/analyzers/hardcoded-password-analyzer.js CHANGED Viewed

@@ -9,6 +9,10 @@ class HardcodedPasswordAnalyzer extends HardcodedBaseAnalyzer {
   constructor () {
     super(HARDCODED_PASSWORD, allRules)
   }
+  _getEvidence (value) {
+    return { value: `${value.ident}` }
+  }
 }
 module.exports = new HardcodedPasswordAnalyzer()

package/packages/dd-trace/src/appsec/iast/iast-log.js CHANGED Viewed

@@ -2,35 +2,9 @@
 const dc = require('dc-polyfill')
 const log = require('../../log')
-const { calculateDDBasePath } = require('../../util')
 const telemetryLog = dc.channel('datadog:telemetry:log')
-const ddBasePath = calculateDDBasePath(__dirname)
-const EOL = '\n'
-const STACK_FRAME_LINE_REGEX = /^\s*at\s/gm
-function sanitize (logEntry, stack) {
-  if (!stack) return logEntry
-  let stackLines = stack.split(EOL)
-  const firstIndex = stackLines.findIndex(l => l.match(STACK_FRAME_LINE_REGEX))
-  const isDDCode = firstIndex > -1 && stackLines[firstIndex].includes(ddBasePath)
-  stackLines = stackLines
-    .filter((line, index) => (isDDCode && index < firstIndex) || line.includes(ddBasePath))
-    .map(line => line.replace(ddBasePath, ''))
-  logEntry.stack_trace = stackLines.join(EOL)
-  if (!isDDCode) {
-    logEntry.message = 'omitted'
-  }
-  return logEntry
-}
 function getTelemetryLog (data, level) {
   try {
     data = typeof data === 'function' ? data() : data
@@ -42,18 +16,13 @@ function getTelemetryLog (data, level) {
       message = String(data.message || data)
     }
-    let logEntry = {
+    const logEntry = {
       message,
       level
     }
     if (data.stack) {
-      logEntry = sanitize(logEntry, data.stack)
-      if (logEntry.stack_trace === '') {
-        return
-      }
+      logEntry.stack_trace = data.stack
     }
     return logEntry
   } catch (e) {
     log.error(e)

package/packages/dd-trace/src/appsec/iast/taint-tracking/csi-methods.js CHANGED Viewed

@@ -2,6 +2,7 @@
 const csiMethods = [
   { src: 'concat' },
+  { src: 'join' },
   { src: 'parse' },
   { src: 'plusOperator', operator: true },
   { src: 'random' },
@@ -9,6 +10,8 @@ const csiMethods = [
   { src: 'slice' },
   { src: 'substr' },
   { src: 'substring' },
+  { src: 'toLowerCase', dst: 'stringCase' },
+  { src: 'toUpperCase', dst: 'stringCase' },
   { src: 'trim' },
   { src: 'trimEnd' },
   { src: 'trimStart', dst: 'trim' }

package/packages/dd-trace/src/appsec/iast/taint-tracking/operations.js CHANGED Viewed

@@ -1,13 +1,20 @@
 'use strict'
+const dc = require('dc-polyfill')
 const TaintedUtils = require('@datadog/native-iast-taint-tracking')
 const { IAST_TRANSACTION_ID } = require('../iast-context')
 const iastTelemetry = require('../telemetry')
 const { REQUEST_TAINTED } = require('../telemetry/iast-metric')
 const { isInfoAllowed } = require('../telemetry/verbosity')
-const { getTaintTrackingImpl, getTaintTrackingNoop } = require('./taint-tracking-impl')
+const {
+  getTaintTrackingImpl,
+  getTaintTrackingNoop,
+  lodashTaintTrackingHandler
+} = require('./taint-tracking-impl')
 const { taintObject } = require('./operations-taint-object')
+const lodashOperationCh = dc.channel('datadog:lodash:operation')
 function createTransaction (id, iastContext) {
   if (id && iastContext) {
     iastContext[IAST_TRANSACTION_ID] = TaintedUtils.createTransaction(id)
@@ -92,10 +99,12 @@ function enableTaintOperations (telemetryVerbosity) {
   }
   global._ddiast = getTaintTrackingImpl(telemetryVerbosity)
+  lodashOperationCh.subscribe(lodashTaintTrackingHandler)
 }
 function disableTaintOperations () {
   global._ddiast = getTaintTrackingNoop()
+  lodashOperationCh.unsubscribe(lodashTaintTrackingHandler)
 }
 function setMaxTransactions (transactions) {

package/packages/dd-trace/src/appsec/iast/taint-tracking/taint-tracking-impl.js CHANGED Viewed

@@ -18,6 +18,7 @@ function noop (res) { return res }
 // Otherwise you may end up rewriting a method and not providing its rewritten implementation
 const TaintTrackingNoop = {
   concat: noop,
+  join: noop,
   parse: noop,
   plusOperator: noop,
   random: noop,
@@ -25,6 +26,7 @@ const TaintTrackingNoop = {
   slice: noop,
   substr: noop,
   substring: noop,
+  stringCase: noop,
   trim: noop,
   trimEnd: noop
 }
@@ -113,6 +115,13 @@ function csiMethodsOverrides (getContext) {
       return res
     },
+    stringCase: getCsiFn(
+      (transactionId, res, target) => TaintedUtils.stringCase(transactionId, res, target),
+      getContext,
+      String.prototype.toLowerCase,
+      String.prototype.toUpperCase
+    ),
     trim: getCsiFn(
       (transactionId, res, target) => TaintedUtils.trim(transactionId, res, target),
       getContext,
@@ -147,6 +156,22 @@ function csiMethodsOverrides (getContext) {
         }
       }
+      return res
+    },
+    join: function (res, fn, target, separator) {
+      if (fn === Array.prototype.join) {
+        try {
+          const iastContext = getContext()
+          const transactionId = getTransactionId(iastContext)
+          if (transactionId) {
+            res = TaintedUtils.arrayJoin(transactionId, res, target, separator)
+          }
+        } catch (e) {
+          iastLog.error(e)
+        }
+      }
       return res
     }
   }
@@ -176,7 +201,36 @@ function getTaintTrackingNoop () {
   return getTaintTrackingImpl(null, true)
 }
+const lodashFns = {
+  join: TaintedUtils.arrayJoin,
+  toLower: TaintedUtils.stringCase,
+  toUpper: TaintedUtils.stringCase,
+  trim: TaintedUtils.trim,
+  trimEnd: TaintedUtils.trimEnd,
+  trimStart: TaintedUtils.trim
+}
+function getLodashTaintedUtilFn (lodashFn) {
+  return lodashFns[lodashFn] || ((transactionId, result) => result)
+}
+function lodashTaintTrackingHandler (message) {
+  try {
+    if (!message.result) return
+    const context = getContextDefault()
+    const transactionId = getTransactionId(context)
+    if (transactionId) {
+      message.result = getLodashTaintedUtilFn(message.operation)(transactionId, message.result, ...message.arguments)
+    }
+  } catch (e) {
+    iastLog.error(`Error invoking CSI lodash ${message.operation}`)
+      .errorAndPublish(e)
+  }
+}
 module.exports = {
   getTaintTrackingImpl,
-  getTaintTrackingNoop
+  getTaintTrackingNoop,
+  lodashTaintTrackingHandler
 }

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/hardcoded-password-analyzer.js ADDED Viewed

@@ -0,0 +1,13 @@
+'use strict'
+module.exports = function extractSensitiveRanges (evidence, valuePattern) {
+  const { value } = evidence
+  if (valuePattern.test(value)) {
+    return [{
+      start: 0,
+      end: value.length
+    }]
+  }
+  return []
+}

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-handler.js CHANGED Viewed

@@ -6,6 +6,7 @@ const vulnerabilities = require('../../vulnerabilities')
 const { contains, intersects, remove } = require('./range-utils')
 const commandSensitiveAnalyzer = require('./sensitive-analyzers/command-sensitive-analyzer')
+const hardcodedPasswordAnalyzer = require('./sensitive-analyzers/hardcoded-password-analyzer')
 const headerSensitiveAnalyzer = require('./sensitive-analyzers/header-sensitive-analyzer')
 const jsonSensitiveAnalyzer = require('./sensitive-analyzers/json-sensitive-analyzer')
 const ldapSensitiveAnalyzer = require('./sensitive-analyzers/ldap-sensitive-analyzer')
@@ -31,6 +32,9 @@ class SensitiveHandler {
     this._sensitiveAnalyzers.set(vulnerabilities.HEADER_INJECTION, (evidence) => {
       return headerSensitiveAnalyzer(evidence, this._namePattern, this._valuePattern)
     })
+    this._sensitiveAnalyzers.set(vulnerabilities.HARDCODED_PASSWORD, (evidence) => {
+      return hardcodedPasswordAnalyzer(evidence, this._valuePattern)
+    })
   }
   isSensibleName (name) {
@@ -51,7 +55,9 @@ class SensitiveHandler {
     const sensitiveAnalyzer = this._sensitiveAnalyzers.get(vulnerabilityType)
     if (sensitiveAnalyzer) {
       const sensitiveRanges = sensitiveAnalyzer(evidence)
-      return this.toRedactedJson(evidence, sensitiveRanges, sourcesIndexes, sources)
+      if (evidence.ranges || sensitiveRanges?.length) {
+        return this.toRedactedJson(evidence, sensitiveRanges, sourcesIndexes, sources)
+      }
     }
     return null
   }
@@ -67,7 +73,7 @@ class SensitiveHandler {
     let nextTaintedIndex = 0
     let sourceIndex
-    let nextTainted = ranges.shift()
+    let nextTainted = ranges?.shift()
     let nextSensitive = sensitive.shift()
     for (let i = 0; i < value.length; i++) {

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/index.js CHANGED Viewed

@@ -49,6 +49,10 @@ class VulnerabilityFormatter {
       evidence.ranges = ranges
     }
+    if (!evidence.ranges) {
+      return { value: evidence.value }
+    }
     evidence.ranges.forEach((range, rangeIndex) => {
       if (fromIndex < range.start) {
         valueParts.push({ value: evidence.value.substring(fromIndex, range.start) })
@@ -65,12 +69,8 @@ class VulnerabilityFormatter {
   }
   formatEvidence (type, evidence, sourcesIndexes, sources) {
-    if (!evidence.ranges && !evidence.rangesToApply) {
-      if (typeof evidence.value === 'undefined') {
-        return undefined
-      } else {
-        return { value: evidence.value }
-      }
+    if (typeof evidence.value === 'undefined') {
+      return undefined
     }
     return this._redactVulnearbilities