npm - dd-trace - Versions diffs - 5.57.1 → 5.59.0 - Mend

dd-trace 5.57.1 → 5.59.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (206) hide show

package/packages/datadog-plugin-cypress/src/support.js CHANGED Viewed

@@ -1,5 +1,5 @@
-/* eslint-disable unicorn/no-abusive-eslint-disable */
-/* eslint-disable */
+'use strict'
 let isEarlyFlakeDetectionEnabled = false
 let isKnownTestsEnabled = false
 let knownTestsForSuite = []
@@ -20,7 +20,7 @@ let originalWindow
 function safeGetRum (window) {
   try {
     return window.DD_RUM
-  } catch (e) {
+  } catch {
     return null
   }
 }
@@ -30,12 +30,13 @@ function isNewTest (test) {
 }
 function getTestProperties (testName) {
-  // We neeed to do it in this way because of compatibility with older versions as '?' is not supported in older versions of Cypress
-  const properties = testManagementTests[testName] && testManagementTests[testName].properties || {};
+  // TODO: Use optional chaining when we drop support for older Cypress versions, which will happen when dd-trace@5 is
+  // EoL. Until then, this files needs to support Node.js 16.
+  const properties = testManagementTests[testName] && testManagementTests[testName].properties || {}
-  const { attempt_to_fix: isAttemptToFix, disabled: isDisabled, quarantined: isQuarantined } = properties;
+  const { attempt_to_fix: isAttemptToFix, disabled: isDisabled, quarantined: isQuarantined } = properties
-  return { isAttemptToFix, isDisabled, isQuarantined };
+  return { isAttemptToFix, isDisabled, isQuarantined }
 }
 function retryTest (test, suiteTests, numRetries, tags) {
@@ -63,11 +64,9 @@ Cypress.mocha.getRunner().runTests = function (suite, fn) {
     const { isAttemptToFix } = getTestProperties(testName)
-    if (isTestManagementEnabled) {
-      if (isAttemptToFix && !test.isPending()) {
-        test._ddIsAttemptToFix = true
-        retryTest(test, suite.tests, testManagementAttemptToFixRetries, ['_ddIsAttemptToFix'])
-      }
+    if (isTestManagementEnabled && isAttemptToFix && !test.isPending()) {
+      test._ddIsAttemptToFix = true
+      retryTest(test, suite.tests, testManagementAttemptToFixRetries, ['_ddIsAttemptToFix'])
     }
     if (isImpactedTestsEnabled && isModifiedTest) {
       test._ddIsModified = true
@@ -80,15 +79,13 @@ Cypress.mocha.getRunner().runTests = function (suite, fn) {
         )
       }
     }
-    if (isKnownTestsEnabled) {
-      if (!test._ddIsNew && !test.isPending() && isNewTest(test)) {
-        test._ddIsNew = true
-        if (isImpactedTestsEnabled && isModifiedTest) {
-          test._ddIsModified = true
-        }
-        if (isEarlyFlakeDetectionEnabled && !isAttemptToFix && !isModifiedTest) {
-          retryTest(test, suite.tests, earlyFlakeDetectionNumRetries, ['_ddIsNew', '_ddIsEfdRetry'])
-        }
+    if (isKnownTestsEnabled && !test._ddIsNew && !test.isPending() && isNewTest(test)) {
+      test._ddIsNew = true
+      if (isImpactedTestsEnabled && isModifiedTest) {
+        test._ddIsModified = true
+      }
+      if (isEarlyFlakeDetectionEnabled && !isAttemptToFix && !isModifiedTest) {
+        retryTest(test, suite.tests, earlyFlakeDetectionNumRetries, ['_ddIsNew', '_ddIsEfdRetry'])
       }
     }
   })
@@ -135,12 +132,11 @@ after(() => {
     if (safeGetRum(originalWindow)) {
       originalWindow.dispatchEvent(new Event('beforeunload'))
     }
-  } catch (e) {
+  } catch {
     // ignore error. It's usually a multi origin issue.
   }
 })
 afterEach(function () {
   const currentTest = Cypress.mocha.getRunner().suite.ctx.currentTest
   const testInfo = {
@@ -156,7 +152,7 @@ afterEach(function () {
   }
   try {
     testInfo.testSourceLine = Cypress.mocha.getRunner().currentRunnable.invocationDetails.line
-  } catch (e) {}
+  } catch {}
   if (safeGetRum(originalWindow)) {
     testInfo.isRUMActive = true
@@ -164,7 +160,7 @@ afterEach(function () {
   let coverage
   try {
     coverage = originalWindow.__coverage__
-  } catch (e) {
+  } catch {
     // ignore error and continue
   }
   cy.task('dd:afterEach', { test: testInfo, coverage })

package/packages/datadog-plugin-google-cloud-vertexai/src/utils.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 function extractModel (instance) {
   const model = instance.model || instance.resourcePath || instance.publisherModelEndpoint
   return model?.split('/').pop()

package/packages/datadog-plugin-graphql/src/tools/index.js CHANGED Viewed

@@ -1,5 +1,3 @@
-/* eslint-disable unicorn/no-abusive-eslint-disable */
-/* eslint-disable */
 // file mostly untouched from apollo-graphql
 "use strict";

package/packages/datadog-plugin-graphql/src/tools/signature.js CHANGED Viewed

@@ -1,5 +1,3 @@
-/* eslint-disable unicorn/no-abusive-eslint-disable */
-/* eslint-disable */
 // file mostly untouched from apollo-graphql
 "use strict";

package/packages/datadog-plugin-graphql/src/tools/transforms.js CHANGED Viewed

@@ -1,5 +1,3 @@
-/* eslint-disable unicorn/no-abusive-eslint-disable */
-/* eslint-disable */
 // file mostly untouched from apollo-graphql
 "use strict";

package/packages/datadog-plugin-graphql/src/utils.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 function extractErrorIntoSpanEvent (config, span, exc) {
   const attributes = {}

package/packages/datadog-plugin-hono/src/index.js ADDED Viewed

@@ -0,0 +1,28 @@
+'use strict'
+const RouterPlugin = require('../../datadog-plugin-router/src')
+const web = require('../../dd-trace/src/plugins/util/web')
+class HonoPlugin extends RouterPlugin {
+  static get id () {
+    return 'hono'
+  }
+  constructor (...args) {
+    super(...args)
+    this.addSub('apm:hono:request:handle', ({ req }) => {
+      this.setFramework(req, 'hono', this.config)
+    })
+    this.addSub('apm:hono:request:route', ({ req, route }) => {
+      web.setRoute(req, route)
+    })
+    this.addSub('apm:hono:request:error', ({ req, error }) => {
+      web.addError(req, error)
+    })
+  }
+}
+module.exports = HonoPlugin

package/packages/datadog-plugin-http/src/client.js CHANGED Viewed

@@ -89,7 +89,8 @@ class HttpClientPlugin extends ClientPlugin {
     return parentStore
   }
-  finish ({ req, res, span }) {
+  finish (ctx) {
+    const { req, res, span } = ctx
     if (!span) return
     if (res) {
       const status = res.status || res.statusCode
@@ -109,9 +110,7 @@ class HttpClientPlugin extends ClientPlugin {
     this.config.hooks.request(span, req, res)
-    this.tagPeerService(span)
-    span.finish()
+    super.finish(ctx)
   }
   error ({ span, error, args, customRequestTimeout }) {

package/packages/datadog-plugin-http2/src/client.js CHANGED Viewed

@@ -73,7 +73,9 @@ class Http2ClientPlugin extends ClientPlugin {
     return message.currentStore
   }
-  bindAsyncStart ({ eventName, eventData, currentStore, parentStore }) {
+  bindAsyncStart (ctx) {
+    const { eventName, eventData, currentStore, parentStore } = ctx
     // Plugin wasn't enabled when the request started.
     if (!currentStore) return storage('legacy').getStore()
@@ -82,10 +84,10 @@ class Http2ClientPlugin extends ClientPlugin {
         this._onResponse(currentStore, eventData)
         return parentStore
       case 'error':
-        this._onError(currentStore, eventData)
+        this._onError(currentStore, eventData, ctx)
         return parentStore
       case 'close':
-        this._onClose(currentStore, eventData)
+        this._onClose(ctx)
         return parentStore
     }
@@ -108,14 +110,13 @@ class Http2ClientPlugin extends ClientPlugin {
     addHeaderTags(store.span, headers, HTTP_RESPONSE_HEADERS, this.config)
   }
-  _onError ({ span }, error) {
+  _onError ({ span }, error, ctx) {
     span.setTag('error', error)
-    span.finish()
+    super.finish(ctx)
   }
-  _onClose ({ span }) {
-    this.tagPeerService(span)
-    span.finish()
+  _onClose (ctx) {
+    super.finish(ctx)
   }
 }

package/packages/datadog-plugin-jest/src/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
 const { storage } = require('../../datadog-core')
 const { getEnvironmentVariable } = require('../../dd-trace/src/config-helper')

package/packages/datadog-plugin-jest/src/util.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const { readFileSync } = require('fs')
 const { parse, extract } = require('jest-docblock')

package/packages/datadog-plugin-kafkajs/src/batch-consumer.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const ConsumerPlugin = require('../../dd-trace/src/plugins/consumer')
 const { getMessageSize } = require('../../dd-trace/src/datastreams')
 const { convertToTextMap } = require('./utils')

package/packages/datadog-plugin-langchain/src/handlers/chain.js CHANGED Viewed

@@ -13,7 +13,7 @@ class LangChainChainHandler extends LangChainHandler {
     for (const idx in inputs) {
       const input = inputs[idx]
-      if (typeof input === 'object') {
+      if (input !== null && typeof input === 'object') {
         for (const [key, value] of Object.entries(input)) {
         // these are mappings to the python client names, ie lc_kwargs
         // only present on BaseMessage types

package/packages/datadog-plugin-langchain/src/handlers/language_models/chat_model.js CHANGED Viewed

@@ -27,7 +27,7 @@ class LangChainChatModelHandler extends LangChainLanguageModelHandler {
     const identifyingParams = (typeof instance._identifyingParams === 'function' && instance._identifyingParams()) || {}
     for (const [param, val] of Object.entries(identifyingParams)) {
       if (param.toLowerCase().includes('apikey') || param.toLowerCase().includes('apitoken')) continue
-      if (typeof val === 'object') {
+      if (val !== null && typeof val === 'object') {
         for (const [key, value] of Object.entries(val)) {
           tags[`langchain.request.${provider}.parameters.${param}.${key}`] = value
         }

package/packages/datadog-plugin-langchain/src/handlers/language_models/llm.js CHANGED Viewed

@@ -18,7 +18,7 @@ class LangChainLLMHandler extends LangChainLanguageModelHandler {
     const identifyingParams = (typeof instance._identifyingParams === 'function' && instance._identifyingParams()) || {}
     for (const [param, val] of Object.entries(identifyingParams)) {
       if (param.toLowerCase().includes('apikey') || param.toLowerCase().includes('apitoken')) continue
-      if (typeof val === 'object') {
+      if (val !== null && typeof val === 'object') {
         for (const [key, value] of Object.entries(val)) {
           tags[`langchain.request.${provider}.parameters.${param}.${key}`] = value
         }

package/packages/datadog-plugin-langchain/src/tracing.js CHANGED Viewed

@@ -40,9 +40,14 @@ class BaseLangChainTracingPlugin extends TracingPlugin {
     // Runnable interfaces have an `lc_namespace` property
     const ns = ctx.self.lc_namespace || ctx.namespace
-    const resource = ctx.resource = [...ns, ctx.self.constructor.name].join('.')
-    const handler = this.handlers[type]
+    const resourceParts = [...ns, ctx.self.constructor.name]
+    if (type === 'tool') {
+      resourceParts.push(ctx.instance.name)
+    }
+    const resource = ctx.resource = resourceParts.join('.')
+    const handler = this.handlers[type] || this.handlers.default
     const instance = ctx.instance
     const apiKey = handler.extractApiKey(instance)
@@ -78,7 +83,7 @@ class BaseLangChainTracingPlugin extends TracingPlugin {
     const { type } = ctx
-    const handler = this.handlers[type]
+    const handler = this.handlers[type] || this.handlers.default
     const tags = handler.getSpanEndTags(ctx, span) || {}
     span.addTags(tags)
@@ -139,11 +144,38 @@ class EmbeddingsEmbedDocumentsPlugin extends BaseLangChainTracingPlugin {
   }
 }
+class ToolInvokePlugin extends BaseLangChainTracingPlugin {
+  static get id () { return 'langchain_tool_invoke' }
+  static get lcType () { return 'tool' }
+  static get prefix () {
+    return 'tracing:orchestrion:@langchain/core:Tool_invoke'
+  }
+}
+class VectorStoreSimilaritySearchPlugin extends BaseLangChainTracingPlugin {
+  static get id () { return 'langchain_vectorstore_similarity_search' }
+  static get lcType () { return 'similarity_search' }
+  static get prefix () {
+    return 'tracing:orchestrion:@langchain/core:VectorStore_similaritySearch'
+  }
+}
+class VectorStoreSimilaritySearchWithScorePlugin extends BaseLangChainTracingPlugin {
+  static get id () { return 'langchain_vectorstore_similarity_search_with_score' }
+  static get lcType () { return 'similarity_search' }
+  static get prefix () {
+    return 'tracing:orchestrion:@langchain/core:VectorStore_similaritySearchWithScore'
+  }
+}
 module.exports = [
   RunnableSequenceInvokePlugin,
   RunnableSequenceBatchPlugin,
   BaseChatModelGeneratePlugin,
   BaseLLMGeneratePlugin,
   EmbeddingsEmbedQueryPlugin,
-  EmbeddingsEmbedDocumentsPlugin
+  EmbeddingsEmbedDocumentsPlugin,
+  ToolInvokePlugin,
+  VectorStoreSimilaritySearchPlugin,
+  VectorStoreSimilaritySearchWithScorePlugin
 ]

package/packages/datadog-plugin-nyc/src/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
 class NycPlugin extends CiPlugin {

package/packages/datadog-plugin-oracledb/src/connection-parser.js ADDED Viewed

@@ -0,0 +1,37 @@
+'use strict'
+const { URL } = require('url')
+const log = require('../../dd-trace/src/log')
+function parseOracleDescriptor (descriptor) {
+  const hostnameMatch = descriptor.match(/HOST\s*=\s*([^)]+)/i)
+  const hostname = hostnameMatch?.[1] || 'localhost' // Default Oracle hostname
+  const portMatch = descriptor.match(/PORT\s*=\s*([^)]+)/i)
+  const port = portMatch?.[1] || '1521' // Default Oracle port
+  const sidMatch = descriptor.match(/SID\s*=\s*([^)]+)/i)
+  const dbInstance = sidMatch?.[1] || descriptor.match(/SERVICE_NAME\s*=\s*([^)]+)/i)?.[1] || 'XEPDB1' // Default Oracle service name
+  return { hostname, port, dbInstance }
+}
+module.exports = function getDBInformation (connAttrs) {
+  // Users can pass either connectString or connectionString
+  const connectString = ((connAttrs.connectString || connAttrs.connectionString) ?? '').trim()
+  if (connectString.startsWith('(')) {
+    return parseOracleDescriptor(connectString)
+  }
+  try {
+    const url = new URL(`oracle://${connectString}`)
+    return {
+      hostname: url.hostname || 'localhost', // Default Oracle hostname
+      port: url.port || '1521', // Default Oracle port
+      dbInstance: url.pathname && url.pathname.slice(1) || 'XEPDB1' // Default Oracle service name
+    }
+  } catch (error) {
+    log.error('Invalid oracle connection string', error)
+    return {}
+  }
+}

package/packages/datadog-plugin-oracledb/src/index.js CHANGED Viewed

@@ -2,17 +2,25 @@
 const { CLIENT_PORT_KEY } = require('../../dd-trace/src/constants')
 const DatabasePlugin = require('../../dd-trace/src/plugins/database')
-const log = require('../../dd-trace/src/log')
+let parser
 class OracledbPlugin extends DatabasePlugin {
   static get id () { return 'oracledb' }
   static get system () { return 'oracle' }
   static get peerServicePrecursors () { return ['db.instance', 'db.hostname'] }
-  start ({ query, connAttrs }) {
+  start ({ query, connAttrs, port, hostname, dbInstance }) {
     const service = this.serviceName({ pluginConfig: this.config, params: connAttrs })
-    // Users can pass either connectString or connectionString
-    const url = getUrl(connAttrs.connectString || connAttrs.connectionString)
+    if (hostname === undefined) {
+      // Lazy load for performance. This is not needed in v6 and up
+      parser ??= require('./connection-parser')
+      const dbInfo = parser(connAttrs)
+      hostname = dbInfo.hostname
+      port ??= dbInfo.port
+      dbInstance ??= dbInfo.dbInstance
+    }
     this.startSpan(this.operationName(), {
       service,
@@ -21,22 +29,12 @@ class OracledbPlugin extends DatabasePlugin {
       kind: 'client',
       meta: {
         'db.user': this.config.user,
-        'db.instance': url.pathname && url.pathname.slice(1),
-        'db.hostname': url.hostname,
-        [CLIENT_PORT_KEY]: url.port
+        'db.instance': dbInstance,
+        'db.hostname': hostname,
+        [CLIENT_PORT_KEY]: port,
       }
     })
   }
 }
-// TODO: Avoid creating an error since it's a heavy operation.
-function getUrl (connectString) {
-  try {
-    return new URL(`http://${connectString}`)
-  } catch (e) {
-    log.error('Invalid oracle connection string', e)
-    return {}
-  }
-}
 module.exports = OracledbPlugin

package/packages/datadog-plugin-protobufjs/src/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const SchemaPlugin = require('../../dd-trace/src/plugins/schema')
 const SchemaExtractor = require('./schema_iterator')

package/packages/datadog-plugin-protobufjs/src/schema_iterator.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const PROTOBUF = 'protobuf'
 const {
   SCHEMA_DEFINITION,

package/packages/datadog-plugin-selenium/src/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
 const { storage } = require('../../datadog-core')

package/packages/datadog-plugin-tedious/src/index.js CHANGED Viewed

@@ -8,27 +8,28 @@ class TediousPlugin extends DatabasePlugin {
   static get operation () { return 'request' } // TODO: change to match other database plugins
   static get system () { return 'mssql' }
-  start (payload) {
+  bindStart (ctx) {
     const service = this.serviceName({ pluginConfig: this.config, system: this.system })
     const span = this.startSpan(this.operationName(), {
       service,
-      resource: payload.queryOrProcedure,
+      resource: ctx.queryOrProcedure,
       type: 'sql',
       kind: 'client',
       meta: {
         'db.type': 'mssql',
         component: 'tedious',
-        'out.host': payload.connectionConfig.server,
-        [CLIENT_PORT_KEY]: payload.connectionConfig.options.port,
-        'db.user': payload.connectionConfig.userName || payload.connectionConfig.authentication.options.userName,
-        'db.name': payload.connectionConfig.options.database,
-        'db.instance': payload.connectionConfig.options.instanceName
+        'out.host': ctx.connectionConfig.server,
+        [CLIENT_PORT_KEY]: ctx.connectionConfig.options.port,
+        'db.user': ctx.connectionConfig.userName || ctx.connectionConfig.authentication.options.userName,
+        'db.name': ctx.connectionConfig.options.database,
+        'db.instance': ctx.connectionConfig.options.instanceName
       }
-    })
+    }, ctx)
     // SQL Server includes comments when caching queries
     // For that reason we allow service mode but not full mode
-    payload.sql = this.injectDbmQuery(span, payload.queryOrProcedure, service, true)
+    ctx.sql = this.injectDbmQuery(span, ctx.queryOrProcedure, service, true)
+    return ctx.currentStore
   }
 }

package/packages/datadog-plugin-vitest/src/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
 const { storage } = require('../../datadog-core')
 const { getEnvironmentVariable } = require('../../dd-trace/src/config-helper')

package/packages/dd-trace/src/appsec/iast/analyzers/injection-analyzer.js CHANGED Viewed

@@ -7,7 +7,7 @@ class InjectionAnalyzer extends Analyzer {
   _isVulnerable (value, iastContext) {
     let ranges = value && getRanges(iastContext, value)
     if (ranges?.length > 0) {
-      ranges = this._filterSecureRanges(ranges)
+      ranges = this._filterSecureRanges(ranges, value)
       if (!ranges?.length) {
         this._incrementSuppressedMetric(iastContext)
       }
@@ -27,11 +27,13 @@ class InjectionAnalyzer extends Analyzer {
     return ranges?.some(range => range.iinfo.type !== SQL_ROW_VALUE)
   }
-  _filterSecureRanges (ranges) {
-    return ranges?.filter(range => !this._isRangeSecure(range))
+  _filterSecureRanges (ranges, value) {
+    return ranges?.filter(range => !this._isRangeSecure(range, value))
   }
-  _isRangeSecure (range) {
+  _isRangeSecure (range, _value) {
+    // _value is not necessary in this method, but could be used in overridden methods
+    // added here for visibility
     const { secureMarks } = range
     return (secureMarks & this._secureMark) === this._secureMark
   }

package/packages/dd-trace/src/appsec/iast/analyzers/ssrf-analyzer.js CHANGED Viewed

@@ -23,6 +23,15 @@ class SSRFAnalyzer extends InjectionAnalyzer {
       }
     })
   }
+  _isRangeSecure (range, value) {
+    const fragmentIndex = value.indexOf('#')
+    if (fragmentIndex !== -1 && range.start >= fragmentIndex) {
+      return true
+    }
+    return super._isRangeSecure(range, value)
+  }
 }
 module.exports = new SSRFAnalyzer()

package/packages/dd-trace/src/appsec/iast/iast-context.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const IAST_CONTEXT_KEY = Symbol('_dd.iast.context')
 const IAST_TRANSACTION_ID = Symbol('_dd.iast.transactionId')
@@ -52,7 +54,9 @@ function cleanIastContext (store, context, iastContext) {
     context[IAST_CONTEXT_KEY] = null
   }
   if (iastContext) {
-    Object.keys(iastContext).forEach(key => delete iastContext[key])
+    if (typeof iastContext === 'object') { // eslint-disable-line eslint-rules/eslint-safe-typeof-object
+      Object.keys(iastContext).forEach(key => delete iastContext[key])
+    }
     return true
   }
   return false

package/packages/dd-trace/src/appsec/iast/index.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 const vulnerabilityReporter = require('./vulnerability-reporter')
 const { enableAllAnalyzers, disableAllAnalyzers } = require('./analyzers')
 const web = require('../../plugins/util/web')

package/packages/dd-trace/src/appsec/iast/overhead-controller.js CHANGED Viewed

@@ -1,6 +1,6 @@
 'use strict'
-const LRUCache = require('lru-cache')
+const { LRUCache } = require('lru-cache')
 const web = require('../../plugins/util/web')
 const vulnerabilities = require('./vulnerabilities')

package/packages/dd-trace/src/appsec/iast/taint-tracking/operations-taint-object.js CHANGED Viewed

@@ -28,7 +28,10 @@ function taintObject (iastContext, object, type) {
           } else {
             result = tainted
           }
-        } else if (typeof value === 'object' && !visited.has(value)) {
+        } else if (
+          // eslint-disable-next-line eslint-rules/eslint-safe-typeof-object
+          typeof value === 'object' && !visited.has(value)
+        ) {
           visited.add(value)
           for (const key of Object.keys(value)) {
@@ -69,7 +72,7 @@ function traverseAndTaint (node, path, cache, transactionId) {
     return tainted
   }
-  if (typeof node === 'object') {
+  if (typeof node === 'object') { // eslint-disable-line eslint-rules/eslint-safe-typeof-object
     const keys = Array.isArray(node) ? node.keys() : Object.keys(node)
     for (const key of keys) {

package/packages/dd-trace/src/appsec/iast/taint-tracking/rewriter-esm.mjs CHANGED Viewed

@@ -1,5 +1,3 @@
-'use strict'
 import path from 'path'
 import { URL } from 'url'
 import { getName } from '../telemetry/verbosity.js'

package/packages/dd-trace/src/appsec/iast/taint-tracking/rewriter.js CHANGED Viewed

@@ -1,5 +1,7 @@
 'use strict'
+/* eslint n/no-unsupported-features/node-builtins: ['error', { ignores: ['module.register'] }] */
 const Module = require('module')
 const { pathToFileURL } = require('url')
 const { MessageChannel } = require('worker_threads')

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-regex.js CHANGED Viewed

@@ -1,3 +1,5 @@
+'use strict'
 // eslint-disable-next-line @stylistic/max-len
 const DEFAULT_IAST_REDACTION_NAME_PATTERN = '(?:p(?:ass)?w(?:or)?d|pass(?:_?phrase)?|secret|(?:api_?|private_?|public_?|access_?|secret_?)key(?:_?id)?|token|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?|(?:sur|last)name|user(?:name)?|address|e?mail)'
 // eslint-disable-next-line @stylistic/max-len

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/index.js CHANGED Viewed

@@ -45,6 +45,7 @@ class VulnerabilityFormatter {
     if (evidence.value == null) return { valueParts }
+    // eslint-disable-next-line eslint-rules/eslint-safe-typeof-object
     if (typeof evidence.value === 'object' && evidence.rangesToApply) {
       const { value, ranges } = stringifyWithRanges(evidence.value, evidence.rangesToApply)
       evidence.value = value