newrelic 12.5.1 → 12.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/NEWS.md +57 -0
- package/THIRD_PARTY_NOTICES.md +9 -39
- package/lib/collector/facts.js +2 -2
- package/lib/collector/http-agents.js +4 -1
- package/lib/collector/parse-response.js +1 -0
- package/lib/config/default.js +141 -0
- package/lib/instrumentation/amqplib/nr-hooks.js +1 -1
- package/lib/instrumentation/when/index.js +2 -6
- package/lib/serverless/aws-lambda.js +3 -1
- package/lib/shim/shim.js +8 -22
- package/lib/transaction/tracer/index.js +5 -0
- package/lib/util/label-parser.js +1 -0
- package/package.json +8 -10
package/NEWS.md
CHANGED
|
@@ -1,3 +1,60 @@
|
|
|
1
|
+
### v12.6.0 (2024-10-30)
|
|
2
|
+
|
|
3
|
+
#### Features
|
|
4
|
+
|
|
5
|
+
* Added ARN and provider to Lambda segments ([#2674](https://github.com/newrelic/node-newrelic/pull/2674)) ([a23294c](https://github.com/newrelic/node-newrelic/commit/a23294c2d2cc665de5df1a0f3c9099dedbfbb896))
|
|
6
|
+
* Added IAST configurations for scan scheduling and restrictions ([#2645](https://github.com/newrelic/node-newrelic/pull/2645)) ([13a627a](https://github.com/newrelic/node-newrelic/commit/13a627a1a1529dd8f8c93d0b9f582457c019a63e))
|
|
7
|
+
|
|
8
|
+
#### Documentation
|
|
9
|
+
|
|
10
|
+
* Updated compatibility report ([#2673](https://github.com/newrelic/node-newrelic/pull/2673)) ([e4d0503](https://github.com/newrelic/node-newrelic/commit/e4d0503934f7de45d3cdb6dbb4640a66cf8d8421))
|
|
11
|
+
|
|
12
|
+
#### Miscellaneous chores
|
|
13
|
+
|
|
14
|
+
* Replaced static openssl cert usage with in-process cert ([#2671](https://github.com/newrelic/node-newrelic/pull/2671)) ([72872f4](https://github.com/newrelic/node-newrelic/commit/72872f4313fd9bc6d2b358a735dc76b9cda1a489))
|
|
15
|
+
|
|
16
|
+
### v12.5.2 (2024-10-23)
|
|
17
|
+
|
|
18
|
+
#### Features
|
|
19
|
+
|
|
20
|
+
* Updated shim/when instrumentation to use tracer to run in context ([#2642](https://github.com/newrelic/node-newrelic/pull/2642)) ([1a80ad5](https://github.com/newrelic/node-newrelic/commit/1a80ad56a6d502182a0db368f40443467f7943df))
|
|
21
|
+
|
|
22
|
+
#### Bug fixes
|
|
23
|
+
|
|
24
|
+
* Fixed amqplib instrumentation via ESM ([#2668](https://github.com/newrelic/node-newrelic/pull/2668)) ([a36deba](https://github.com/newrelic/node-newrelic/commit/a36deba7ba7b46c4947fcb83db0a4f97bd4c0bf1))
|
|
25
|
+
|
|
26
|
+
#### Documentation
|
|
27
|
+
|
|
28
|
+
* Remove SECURITY.md ([#2633](https://github.com/newrelic/node-newrelic/pull/2633)) ([41002cd](https://github.com/newrelic/node-newrelic/commit/41002cd1c423c378bfbe024ebe7dae03d02d2949))
|
|
29
|
+
* Updated compatibility report ([#2670](https://github.com/newrelic/node-newrelic/pull/2670)) ([281c0fa](https://github.com/newrelic/node-newrelic/commit/281c0fa3be096a0ef3eef25b0f51df7ae8bf50bf))
|
|
30
|
+
* Updated match custom-assertion jsdoc ([#2636](https://github.com/newrelic/node-newrelic/pull/2636)) ([c37abe5](https://github.com/newrelic/node-newrelic/commit/c37abe5eb4528493bb3950e376bf780d6cd29023))
|
|
31
|
+
|
|
32
|
+
#### Miscellaneous chores
|
|
33
|
+
|
|
34
|
+
* Upgraded `import-in-the-middle` to work around a bug introduced in 1.11.1 ([#2618](https://github.com/newrelic/node-newrelic/pull/2618)) ([9ad476a](https://github.com/newrelic/node-newrelic/commit/9ad476a765eee472f510239b4265d10f0a50c666))
|
|
35
|
+
|
|
36
|
+
#### Tests
|
|
37
|
+
|
|
38
|
+
* Migrated `aws-sdk-v2` and `aws-sdk-v3` tests to `node:test` ([#2620](https://github.com/newrelic/node-newrelic/pull/2620)) ([e0dc015](https://github.com/newrelic/node-newrelic/commit/e0dc01571087c3d53434d2d21d77206592137b66))
|
|
39
|
+
* Migrated `test/unit/shim` to `node:test` ([#2599](https://github.com/newrelic/node-newrelic/pull/2599)) ([8d1acff](https://github.com/newrelic/node-newrelic/commit/8d1acffabf29ba6e0b5e20a675b87a81f893fc0a))
|
|
40
|
+
* Migrated `test/versioned/amqplib` to `node:test` ([#2612](https://github.com/newrelic/node-newrelic/pull/2612)) ([7bdada6](https://github.com/newrelic/node-newrelic/commit/7bdada678c18997c268cf19c56262b870bae5673))
|
|
41
|
+
* Migrated `test/versioned/express` to `node:test` ([#2609](https://github.com/newrelic/node-newrelic/pull/2609)) ([bd2f1a5](https://github.com/newrelic/node-newrelic/commit/bd2f1a53f8e03810e3c0aa5d042b6b256ec7346b))
|
|
42
|
+
* Migrated bluebird versioned tests to `node:test` ([#2635](https://github.com/newrelic/node-newrelic/pull/2635)) ([6e28fad](https://github.com/newrelic/node-newrelic/commit/6e28fad70390ffaf4df7ccbc96c88f79bb5d2fe2))
|
|
43
|
+
* Migrated last group of unit tests to `node:test` ([#2624](https://github.com/newrelic/node-newrelic/pull/2624)) ([386f546](https://github.com/newrelic/node-newrelic/commit/386f54682128d0dda8ad073a57cd45109c927fe1))
|
|
44
|
+
* Migrated unit tests to `node:test` ([#2623](https://github.com/newrelic/node-newrelic/pull/2623)) ([86231b7](https://github.com/newrelic/node-newrelic/commit/86231b7dec5bc5807ae26a88a7b8f2ff1535d9c4))
|
|
45
|
+
* Updated tests that relied on `tspl` by awating the `plan.completed` instead of calling `end` to avoid flaky tests ([#2610](https://github.com/newrelic/node-newrelic/pull/2610)) ([935ac14](https://github.com/newrelic/node-newrelic/commit/935ac14dbff7d11e797d290fb24a0d791ac9a61a))
|
|
46
|
+
* Updated tests that used the context manager directly and instead use the tracer to access the segment context ([#2643](https://github.com/newrelic/node-newrelic/pull/2643)) ([b917b3e](https://github.com/newrelic/node-newrelic/commit/b917b3ea9416eaf64bf365f6f46a0d4eafdfc437))
|
|
47
|
+
* Updated the mininum version of pg-native in pg-esm tests to align with the pg tests ([#2616](https://github.com/newrelic/node-newrelic/pull/2616)) ([16be714](https://github.com/newrelic/node-newrelic/commit/16be71404dcea903f3f7b7d4d238cc0a416d7b79))
|
|
48
|
+
* Migrated `bunyan`, `pino`, and `winston` tests to `node:test` ([#2634](https://github.com/newrelic/node-newrelic/pull/2634)) ([69c1ab8](https://github.com/newrelic/node-newrelic/commit/69c1ab8951f8cd405986e879399dff716f839a78))
|
|
49
|
+
* Migrated `fastify` tests to `node:test` ([#2632](https://github.com/newrelic/node-newrelic/pull/2632)) ([b522477](https://github.com/newrelic/node-newrelic/commit/b522477168c2049b12bcfd39ae485f9e5374f724))
|
|
50
|
+
* Migrated block of unit tests to `node:test` ([#2607](https://github.com/newrelic/node-newrelic/pull/2607)) ([e33807b](https://github.com/newrelic/node-newrelic/commit/e33807b817852bb7cdc93c9b171250df17a3b867))
|
|
51
|
+
* Migrated block of unit tests to `node:test` ([#2604](https://github.com/newrelic/node-newrelic/pull/2604)) ([cd90ce1](https://github.com/newrelic/node-newrelic/commit/cd90ce11908edc4376a704153f44d4f3ddfb6866))
|
|
52
|
+
* Migrated block of unit tests to `node:test` ([#2593](https://github.com/newrelic/node-newrelic/pull/2593)) ([6d4d49e](https://github.com/newrelic/node-newrelic/commit/6d4d49e075d8c4c687d4730b65aa39177e384ce5))
|
|
53
|
+
|
|
54
|
+
#### Continuous integration
|
|
55
|
+
|
|
56
|
+
* Added delay to site extension publishing to wait for NPM ([#2665](https://github.com/newrelic/node-newrelic/pull/2665)) ([e412020](https://github.com/newrelic/node-newrelic/commit/e412020865bab187d8c7d274cdc6973946286a1f))
|
|
57
|
+
|
|
1
58
|
### v12.5.1 (2024-09-23)
|
|
2
59
|
|
|
3
60
|
#### Bug fixes
|
package/THIRD_PARTY_NOTICES.md
CHANGED
|
@@ -68,7 +68,6 @@ code, the source code can be found at [https://github.com/newrelic/node-newrelic
|
|
|
68
68
|
* [lint-staged](#lint-staged)
|
|
69
69
|
* [lockfile-lint](#lockfile-lint)
|
|
70
70
|
* [nock](#nock)
|
|
71
|
-
* [proxy](#proxy)
|
|
72
71
|
* [proxyquire](#proxyquire)
|
|
73
72
|
* [rimraf](#rimraf)
|
|
74
73
|
* [self-cert](#self-cert)
|
|
@@ -93,7 +92,7 @@ code, the source code can be found at [https://github.com/newrelic/node-newrelic
|
|
|
93
92
|
|
|
94
93
|
### @grpc/grpc-js
|
|
95
94
|
|
|
96
|
-
This product includes source derived from [@grpc/grpc-js](https://github.com/grpc/grpc-node/tree/master/packages/grpc-js) ([v1.
|
|
95
|
+
This product includes source derived from [@grpc/grpc-js](https://github.com/grpc/grpc-node/tree/master/packages/grpc-js) ([v1.12.2](https://github.com/grpc/grpc-node/tree/master/packages/grpc-js/tree/v1.12.2)), distributed under the [Apache-2.0 License](https://github.com/grpc/grpc-node/tree/master/packages/grpc-js/blob/v1.12.2/LICENSE):
|
|
97
96
|
|
|
98
97
|
```
|
|
99
98
|
Apache License
|
|
@@ -646,7 +645,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
|
646
645
|
|
|
647
646
|
### import-in-the-middle
|
|
648
647
|
|
|
649
|
-
This product includes source derived from [import-in-the-middle](https://github.com/nodejs/import-in-the-middle) ([v1.11.
|
|
648
|
+
This product includes source derived from [import-in-the-middle](https://github.com/nodejs/import-in-the-middle) ([v1.11.2](https://github.com/nodejs/import-in-the-middle/tree/v1.11.2)), distributed under the [Apache-2.0 License](https://github.com/nodejs/import-in-the-middle/blob/v1.11.2/LICENSE):
|
|
650
649
|
|
|
651
650
|
```
|
|
652
651
|
Apache License
|
|
@@ -1043,7 +1042,7 @@ IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
|
1043
1042
|
|
|
1044
1043
|
### winston-transport
|
|
1045
1044
|
|
|
1046
|
-
This product includes source derived from [winston-transport](https://github.com/winstonjs/winston-transport) ([v4.
|
|
1045
|
+
This product includes source derived from [winston-transport](https://github.com/winstonjs/winston-transport) ([v4.8.0](https://github.com/winstonjs/winston-transport/tree/v4.8.0)), distributed under the [MIT License](https://github.com/winstonjs/winston-transport/blob/v4.8.0/LICENSE):
|
|
1047
1046
|
|
|
1048
1047
|
```
|
|
1049
1048
|
The MIT License (MIT)
|
|
@@ -1076,7 +1075,7 @@ SOFTWARE.
|
|
|
1076
1075
|
|
|
1077
1076
|
### @aws-sdk/client-s3
|
|
1078
1077
|
|
|
1079
|
-
This product includes source derived from [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3) ([v3.
|
|
1078
|
+
This product includes source derived from [@aws-sdk/client-s3](https://github.com/aws/aws-sdk-js-v3) ([v3.676.0](https://github.com/aws/aws-sdk-js-v3/tree/v3.676.0)), distributed under the [Apache-2.0 License](https://github.com/aws/aws-sdk-js-v3/blob/v3.676.0/LICENSE):
|
|
1080
1079
|
|
|
1081
1080
|
```
|
|
1082
1081
|
Apache License
|
|
@@ -1285,7 +1284,7 @@ This product includes source derived from [@aws-sdk/client-s3](https://github.co
|
|
|
1285
1284
|
|
|
1286
1285
|
### @aws-sdk/s3-request-presigner
|
|
1287
1286
|
|
|
1288
|
-
This product includes source derived from [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3) ([v3.
|
|
1287
|
+
This product includes source derived from [@aws-sdk/s3-request-presigner](https://github.com/aws/aws-sdk-js-v3) ([v3.676.0](https://github.com/aws/aws-sdk-js-v3/tree/v3.676.0)), distributed under the [Apache-2.0 License](https://github.com/aws/aws-sdk-js-v3/blob/v3.676.0/LICENSE):
|
|
1289
1288
|
|
|
1290
1289
|
```
|
|
1291
1290
|
Apache License
|
|
@@ -2208,7 +2207,7 @@ THE SOFTWARE.
|
|
|
2208
2207
|
|
|
2209
2208
|
### @slack/bolt
|
|
2210
2209
|
|
|
2211
|
-
This product includes source derived from [@slack/bolt](https://github.com/slackapi/bolt) ([v3.
|
|
2210
|
+
This product includes source derived from [@slack/bolt](https://github.com/slackapi/bolt) ([v3.22.0](https://github.com/slackapi/bolt/tree/v3.22.0)), distributed under the [MIT License](https://github.com/slackapi/bolt/blob/v3.22.0/LICENSE):
|
|
2212
2211
|
|
|
2213
2212
|
```
|
|
2214
2213
|
The MIT License (MIT)
|
|
@@ -2922,7 +2921,7 @@ This product includes source derived from [aws-sdk](https://github.com/aws/aws-s
|
|
|
2922
2921
|
|
|
2923
2922
|
### borp
|
|
2924
2923
|
|
|
2925
|
-
This product includes source derived from [borp](https://github.com/mcollina/borp) ([v0.
|
|
2924
|
+
This product includes source derived from [borp](https://github.com/mcollina/borp) ([v0.18.0](https://github.com/mcollina/borp/tree/v0.18.0)), distributed under the [MIT License](https://github.com/mcollina/borp/blob/v0.18.0/LICENSE):
|
|
2926
2925
|
|
|
2927
2926
|
```
|
|
2928
2927
|
MIT License
|
|
@@ -3372,7 +3371,7 @@ THE SOFTWARE.
|
|
|
3372
3371
|
|
|
3373
3372
|
### express
|
|
3374
3373
|
|
|
3375
|
-
This product includes source derived from [express](https://github.com/expressjs/express) ([v4.21.
|
|
3374
|
+
This product includes source derived from [express](https://github.com/expressjs/express) ([v4.21.1](https://github.com/expressjs/express/tree/v4.21.1)), distributed under the [MIT License](https://github.com/expressjs/express/blob/v4.21.1/LICENSE):
|
|
3376
3375
|
|
|
3377
3376
|
```
|
|
3378
3377
|
(The MIT License)
|
|
@@ -3508,7 +3507,7 @@ SOFTWARE.
|
|
|
3508
3507
|
|
|
3509
3508
|
### jsdoc
|
|
3510
3509
|
|
|
3511
|
-
This product includes source derived from [jsdoc](https://github.com/jsdoc/jsdoc) ([v4.0.
|
|
3510
|
+
This product includes source derived from [jsdoc](https://github.com/jsdoc/jsdoc) ([v4.0.4](https://github.com/jsdoc/jsdoc/tree/v4.0.4)), distributed under the [Apache-2.0 License](https://github.com/jsdoc/jsdoc/blob/v4.0.4/LICENSE.md):
|
|
3512
3511
|
|
|
3513
3512
|
```
|
|
3514
3513
|
# License
|
|
@@ -3947,35 +3946,6 @@ SOFTWARE.
|
|
|
3947
3946
|
|
|
3948
3947
|
```
|
|
3949
3948
|
|
|
3950
|
-
### proxy
|
|
3951
|
-
|
|
3952
|
-
This product includes source derived from [proxy](https://github.com/TooTallNate/proxy-agents) ([v2.2.0](https://github.com/TooTallNate/proxy-agents/tree/v2.2.0)), distributed under the [MIT License](https://github.com/TooTallNate/proxy-agents/blob/v2.2.0/LICENSE):
|
|
3953
|
-
|
|
3954
|
-
```
|
|
3955
|
-
(The MIT License)
|
|
3956
|
-
|
|
3957
|
-
Copyright (c) 2013 Nathan Rajlich <nathan@tootallnate.net>
|
|
3958
|
-
|
|
3959
|
-
Permission is hereby granted, free of charge, to any person obtaining
|
|
3960
|
-
a copy of this software and associated documentation files (the
|
|
3961
|
-
'Software'), to deal in the Software without restriction, including
|
|
3962
|
-
without limitation the rights to use, copy, modify, merge, publish,
|
|
3963
|
-
distribute, sublicense, and/or sell copies of the Software, and to
|
|
3964
|
-
permit persons to whom the Software is furnished to do so, subject to
|
|
3965
|
-
the following conditions:
|
|
3966
|
-
|
|
3967
|
-
The above copyright notice and this permission notice shall be
|
|
3968
|
-
included in all copies or substantial portions of the Software.
|
|
3969
|
-
|
|
3970
|
-
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
|
|
3971
|
-
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
3972
|
-
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
3973
|
-
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
|
|
3974
|
-
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
|
|
3975
|
-
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
|
|
3976
|
-
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|
3977
|
-
```
|
|
3978
|
-
|
|
3979
3949
|
### proxyquire
|
|
3980
3950
|
|
|
3981
3951
|
This product includes source derived from [proxyquire](https://github.com/thlorenz/proxyquire) ([v1.8.0](https://github.com/thlorenz/proxyquire/tree/v1.8.0)), distributed under the [MIT License](https://github.com/thlorenz/proxyquire/blob/v1.8.0/LICENSE):
|
package/lib/collector/facts.js
CHANGED
|
@@ -6,13 +6,13 @@
|
|
|
6
6
|
'use strict'
|
|
7
7
|
|
|
8
8
|
const fetchSystemInfo = require('../system-info')
|
|
9
|
-
const
|
|
9
|
+
const defaultLogger = require('../logger').child({ component: 'facts' })
|
|
10
10
|
const os = require('os')
|
|
11
11
|
const parseLabels = require('../util/label-parser')
|
|
12
12
|
|
|
13
13
|
module.exports = facts
|
|
14
14
|
|
|
15
|
-
async function facts(agent, callback) {
|
|
15
|
+
async function facts(agent, callback, { logger = defaultLogger } = {}) {
|
|
16
16
|
const startTime = Date.now()
|
|
17
17
|
|
|
18
18
|
const systemInfoPromise = new Promise((resolve) => {
|
|
@@ -53,11 +53,14 @@ exports.proxyAgent = function proxyAgent(config) {
|
|
|
53
53
|
}
|
|
54
54
|
const proxyUrl = proxyOptions(config)
|
|
55
55
|
|
|
56
|
+
// Tests may supply 127.0.0.1 as the host, but SNI requires a hostname.
|
|
57
|
+
const servername = config.host
|
|
56
58
|
const proxyOpts = {
|
|
57
59
|
secureEndpoint: config.ssl,
|
|
58
60
|
auth: proxyUrl.auth,
|
|
59
61
|
ca: config?.certificates?.length ? config.certificates : [],
|
|
60
|
-
keepAlive: true
|
|
62
|
+
keepAlive: true,
|
|
63
|
+
servername
|
|
61
64
|
}
|
|
62
65
|
|
|
63
66
|
logger.info(`using proxy: ${proxyUrl}`)
|
|
@@ -55,6 +55,7 @@ module.exports = function parse(name, response, callback) {
|
|
|
55
55
|
logger.trace(json, 'Deserialized from collector:')
|
|
56
56
|
|
|
57
57
|
payload = json.return_value || payload
|
|
58
|
+
// This is ignoring any `validations` present on the returned JSON.
|
|
58
59
|
} catch (err) {
|
|
59
60
|
logger.warn(err, 'Could not parse response from the collector: %s', body)
|
|
60
61
|
}
|
package/lib/config/default.js
CHANGED
|
@@ -1318,6 +1318,147 @@ defaultConfig.definition = () => ({
|
|
|
1318
1318
|
default: true
|
|
1319
1319
|
}
|
|
1320
1320
|
}
|
|
1321
|
+
},
|
|
1322
|
+
|
|
1323
|
+
/**
|
|
1324
|
+
* Unique test identifier when runnning IAST with CI/CD
|
|
1325
|
+
*/
|
|
1326
|
+
iast_test_identifier: '',
|
|
1327
|
+
|
|
1328
|
+
/**
|
|
1329
|
+
* IAST scan controllers to get more control over IAST analysis
|
|
1330
|
+
*/
|
|
1331
|
+
scan_controllers: {
|
|
1332
|
+
/**
|
|
1333
|
+
* The maximum number of analysis probes or requests
|
|
1334
|
+
* that can be sent to the application in one minute.
|
|
1335
|
+
*/
|
|
1336
|
+
iast_scan_request_rate_limit: {
|
|
1337
|
+
formatter: int,
|
|
1338
|
+
default: 3600
|
|
1339
|
+
},
|
|
1340
|
+
/**
|
|
1341
|
+
* The number of application instances for a specific entity where IAST analysis is performed.
|
|
1342
|
+
* Values are 0 or 1, 0 signifies run on all application instances
|
|
1343
|
+
*/
|
|
1344
|
+
scan_instance_count: {
|
|
1345
|
+
formatter: int,
|
|
1346
|
+
default: 0
|
|
1347
|
+
}
|
|
1348
|
+
},
|
|
1349
|
+
/**
|
|
1350
|
+
* Schedule start and stop of IAST scan
|
|
1351
|
+
*/
|
|
1352
|
+
scan_schedule: {
|
|
1353
|
+
/**
|
|
1354
|
+
* The delay field specifies the time in minutes
|
|
1355
|
+
* before an IAST scan begins after the application starts
|
|
1356
|
+
*/
|
|
1357
|
+
delay: {
|
|
1358
|
+
formatter: int,
|
|
1359
|
+
default: 0
|
|
1360
|
+
},
|
|
1361
|
+
/**
|
|
1362
|
+
* The duration field specifies the amount of
|
|
1363
|
+
* time in minutes that the IAST scan will run
|
|
1364
|
+
*/
|
|
1365
|
+
duration: {
|
|
1366
|
+
formatter: int,
|
|
1367
|
+
default: 0
|
|
1368
|
+
},
|
|
1369
|
+
/**
|
|
1370
|
+
* The schedule field specifies a unix cron expression that defines when the IAST scan should run.
|
|
1371
|
+
* By default, schedule is disabled
|
|
1372
|
+
*
|
|
1373
|
+
*/
|
|
1374
|
+
schedule: '',
|
|
1375
|
+
/**
|
|
1376
|
+
* Allows IAST to actively collect trace data in the background
|
|
1377
|
+
* and the security agent will use this collected data to perform
|
|
1378
|
+
* an IAST scan at the scheduled time
|
|
1379
|
+
*/
|
|
1380
|
+
always_sample_traces: {
|
|
1381
|
+
formatter: boolean,
|
|
1382
|
+
default: false
|
|
1383
|
+
}
|
|
1384
|
+
},
|
|
1385
|
+
|
|
1386
|
+
/**
|
|
1387
|
+
* The exclude from IAST scan setting allows to exclude specific APIs,
|
|
1388
|
+
* vulnerability categories, and parameters from IAST analysis.
|
|
1389
|
+
*/
|
|
1390
|
+
exclude_from_iast_scan: {
|
|
1391
|
+
/**
|
|
1392
|
+
* Ignore specific APIs from IAST analysis.
|
|
1393
|
+
* The regex pattern should provide a full match for the URL without the endpoint.
|
|
1394
|
+
*/
|
|
1395
|
+
api: {
|
|
1396
|
+
formatter: array,
|
|
1397
|
+
default: []
|
|
1398
|
+
},
|
|
1399
|
+
/**
|
|
1400
|
+
* Ignore specific HTTP request parameters from IAST analysis.
|
|
1401
|
+
*/
|
|
1402
|
+
http_request_parameters: {
|
|
1403
|
+
header: {
|
|
1404
|
+
formatter: array,
|
|
1405
|
+
default: []
|
|
1406
|
+
},
|
|
1407
|
+
query: {
|
|
1408
|
+
formatter: array,
|
|
1409
|
+
default: []
|
|
1410
|
+
},
|
|
1411
|
+
body: {
|
|
1412
|
+
formatter: array,
|
|
1413
|
+
default: []
|
|
1414
|
+
}
|
|
1415
|
+
},
|
|
1416
|
+
/**
|
|
1417
|
+
* Allows users to specify categories of vulnerabilities
|
|
1418
|
+
* for which IAST analysis will be applied or ignored.
|
|
1419
|
+
*/
|
|
1420
|
+
iast_detection_category: {
|
|
1421
|
+
insecure_settings: {
|
|
1422
|
+
formatter: boolean,
|
|
1423
|
+
default: false
|
|
1424
|
+
},
|
|
1425
|
+
invalid_file_access: {
|
|
1426
|
+
formatter: boolean,
|
|
1427
|
+
default: false
|
|
1428
|
+
},
|
|
1429
|
+
sql_injection: {
|
|
1430
|
+
formatter: boolean,
|
|
1431
|
+
default: false
|
|
1432
|
+
},
|
|
1433
|
+
nosql_injection: {
|
|
1434
|
+
formatter: boolean,
|
|
1435
|
+
default: false
|
|
1436
|
+
},
|
|
1437
|
+
ldap_injection: {
|
|
1438
|
+
formatter: boolean,
|
|
1439
|
+
default: false
|
|
1440
|
+
},
|
|
1441
|
+
javascript_injection: {
|
|
1442
|
+
formatter: boolean,
|
|
1443
|
+
default: false
|
|
1444
|
+
},
|
|
1445
|
+
command_injection: {
|
|
1446
|
+
formatter: boolean,
|
|
1447
|
+
default: false
|
|
1448
|
+
},
|
|
1449
|
+
xpath_injection: {
|
|
1450
|
+
formatter: boolean,
|
|
1451
|
+
default: false
|
|
1452
|
+
},
|
|
1453
|
+
ssrf: {
|
|
1454
|
+
formatter: boolean,
|
|
1455
|
+
default: false
|
|
1456
|
+
},
|
|
1457
|
+
rxss: {
|
|
1458
|
+
formatter: boolean,
|
|
1459
|
+
default: false
|
|
1460
|
+
}
|
|
1461
|
+
}
|
|
1321
1462
|
}
|
|
1322
1463
|
},
|
|
1323
1464
|
|
|
@@ -21,7 +21,6 @@ const Contextualizer = require('./contextualizer')
|
|
|
21
21
|
*/
|
|
22
22
|
module.exports = function initialize(shim, when) {
|
|
23
23
|
const agent = shim.agent
|
|
24
|
-
const contextManager = agent._contextManager
|
|
25
24
|
const spec = WHEN_SPEC
|
|
26
25
|
|
|
27
26
|
// Wrap library-level methods.
|
|
@@ -82,7 +81,7 @@ module.exports = function initialize(shim, when) {
|
|
|
82
81
|
return Promise(executor) // eslint-disable-line new-cap
|
|
83
82
|
}
|
|
84
83
|
|
|
85
|
-
const parent =
|
|
84
|
+
const parent = agent.tracer.getSegment()
|
|
86
85
|
let promise = null
|
|
87
86
|
if (
|
|
88
87
|
!parent ||
|
|
@@ -108,14 +107,11 @@ module.exports = function initialize(shim, when) {
|
|
|
108
107
|
const segment = _createSegment(segmentName)
|
|
109
108
|
Contextualizer.link(null, promise, segment)
|
|
110
109
|
|
|
111
|
-
segment.start()
|
|
112
110
|
try {
|
|
113
111
|
// Must run after promise is defined so that `__NR_wrapper` can be set.
|
|
114
|
-
|
|
112
|
+
agent.tracer.bindFunction(executor, segment, true).apply(context.self, context.args)
|
|
115
113
|
} catch (e) {
|
|
116
114
|
context.args[1](e)
|
|
117
|
-
} finally {
|
|
118
|
-
segment.touch()
|
|
119
115
|
}
|
|
120
116
|
}
|
|
121
117
|
|
|
@@ -249,7 +249,9 @@ class AwsLambda {
|
|
|
249
249
|
_getAwsAgentAttributes(event, context) {
|
|
250
250
|
const attributes = {
|
|
251
251
|
'aws.lambda.arn': context.invokedFunctionArn,
|
|
252
|
-
'aws.requestId': context.awsRequestId
|
|
252
|
+
'aws.requestId': context.awsRequestId,
|
|
253
|
+
'cloud.resource_id': context.invokedFunctionArn,
|
|
254
|
+
'cloud.platform': 'aws_lambda'
|
|
253
255
|
}
|
|
254
256
|
|
|
255
257
|
const eventSourceInfo = this._detectEventType(event)
|
package/lib/shim/shim.js
CHANGED
|
@@ -1083,7 +1083,7 @@ function getSegment(obj) {
|
|
|
1083
1083
|
return obj[symbols.segment]
|
|
1084
1084
|
}
|
|
1085
1085
|
|
|
1086
|
-
return this.
|
|
1086
|
+
return this.tracer.getSegment()
|
|
1087
1087
|
}
|
|
1088
1088
|
|
|
1089
1089
|
/**
|
|
@@ -1172,32 +1172,18 @@ function applySegment(func, segment, full, context, args, inContextCB) {
|
|
|
1172
1172
|
|
|
1173
1173
|
this.logger.trace('Applying segment %s', segment.name)
|
|
1174
1174
|
|
|
1175
|
-
|
|
1176
|
-
|
|
1177
|
-
|
|
1178
|
-
|
|
1179
|
-
if (full) {
|
|
1180
|
-
segment.start()
|
|
1181
|
-
}
|
|
1182
|
-
|
|
1175
|
+
/**
|
|
1176
|
+
*
|
|
1177
|
+
*/
|
|
1178
|
+
function runInContextCb() {
|
|
1183
1179
|
if (typeof inContextCB === 'function') {
|
|
1184
1180
|
inContextCB(segment)
|
|
1185
1181
|
}
|
|
1186
1182
|
|
|
1187
|
-
|
|
1188
|
-
|
|
1189
|
-
} catch (error) {
|
|
1190
|
-
if (prevSegment === null && process.domain != null) {
|
|
1191
|
-
process.domain[symbols.segment] = contextManager.getContext()
|
|
1192
|
-
}
|
|
1183
|
+
return fnApply.call(func, this, arguments)
|
|
1184
|
+
}
|
|
1193
1185
|
|
|
1194
|
-
|
|
1195
|
-
} finally {
|
|
1196
|
-
if (full) {
|
|
1197
|
-
segment.touch()
|
|
1198
|
-
}
|
|
1199
|
-
}
|
|
1200
|
-
})
|
|
1186
|
+
return this.tracer.bindFunction(runInContextCb, segment, full).apply(context, args)
|
|
1201
1187
|
}
|
|
1202
1188
|
/* eslint-enable max-params */
|
|
1203
1189
|
|
|
@@ -26,6 +26,7 @@ function Tracer(agent, contextManager) {
|
|
|
26
26
|
|
|
27
27
|
Tracer.prototype.getTransaction = getTransaction
|
|
28
28
|
Tracer.prototype.getSegment = getSegment
|
|
29
|
+
Tracer.prototype.setSegment = setSegment
|
|
29
30
|
Tracer.prototype.getSpanContext = getSpanContext
|
|
30
31
|
Tracer.prototype.createSegment = createSegment
|
|
31
32
|
Tracer.prototype.addSegment = addSegment
|
|
@@ -57,6 +58,10 @@ function getSegment() {
|
|
|
57
58
|
return this._contextManager.getContext()
|
|
58
59
|
}
|
|
59
60
|
|
|
61
|
+
function setSegment(segment) {
|
|
62
|
+
this._contextManager.setContext(segment)
|
|
63
|
+
}
|
|
64
|
+
|
|
60
65
|
// TODO: Remove/replace external uses to tracer.getSpanContext()
|
|
61
66
|
function getSpanContext() {
|
|
62
67
|
const currentSegment = this.getSegment()
|
package/lib/util/label-parser.js
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "newrelic",
|
|
3
|
-
"version": "12.
|
|
3
|
+
"version": "12.6.0",
|
|
4
4
|
"author": "New Relic Node.js agent team <nodejs@newrelic.com>",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"contributors": [
|
|
@@ -161,17 +161,16 @@
|
|
|
161
161
|
"bench": "node ./bin/run-bench.js",
|
|
162
162
|
"docker-env": "./bin/docker-env-vars.sh",
|
|
163
163
|
"docs": "rm -rf ./out && jsdoc -c ./jsdoc-conf.jsonc --private -r .",
|
|
164
|
-
"integration": "npm run prepare-test && npm run sub-install && time c8 -o ./coverage/integration borp --timeout 600000 --reporter ./test/lib/test-reporter.mjs
|
|
165
|
-
"integration:esm": "NODE_OPTIONS='--loader=./esm-loader.mjs' time c8 -o ./coverage/integration-esm borp --reporter ./test/lib/test-reporter.mjs
|
|
166
|
-
"prepare-test": "npm run
|
|
164
|
+
"integration": "npm run prepare-test && npm run sub-install && BORP_CONF_FILE=.borp.int.yaml time c8 -o ./coverage/integration borp --timeout 600000 --reporter ./test/lib/test-reporter.mjs",
|
|
165
|
+
"integration:esm": "NODE_OPTIONS='--loader=./esm-loader.mjs' BORP_CONF_FILE=.borp.int-esm.yaml time c8 -o ./coverage/integration-esm borp --reporter ./test/lib/test-reporter.mjs",
|
|
166
|
+
"prepare-test": "npm run docker-env",
|
|
167
167
|
"lint": "eslint ./*.{js,mjs} lib test bin",
|
|
168
168
|
"lint:fix": "eslint --fix, ./*.{js,mjs} lib test bin",
|
|
169
169
|
"public-docs": "jsdoc -c ./jsdoc-conf.jsonc",
|
|
170
170
|
"publish-docs": "./bin/publish-docs.sh",
|
|
171
171
|
"services": "DOCKER_PLATFORM=linux/$(uname -m) docker compose up -d --wait",
|
|
172
172
|
"services:stop": "docker compose down",
|
|
173
|
-
"smoke": "
|
|
174
|
-
"ssl": "./bin/ssl.sh",
|
|
173
|
+
"smoke": "time borp --timeout 180000 --reporter ./test/lib/test-reporter.mjs 'test/smoke/**/*.{test,tap}.js'",
|
|
175
174
|
"sub-install": "node test/bin/install_sub_deps",
|
|
176
175
|
"test": "npm run integration && npm run unit",
|
|
177
176
|
"third-party-updates": "oss third-party manifest --includeOptDeps && oss third-party notices --includeOptDeps && git add THIRD_PARTY_NOTICES.md third_party_manifest.json",
|
|
@@ -195,13 +194,13 @@
|
|
|
195
194
|
"newrelic-naming-rules": "./bin/test-naming-rules.js"
|
|
196
195
|
},
|
|
197
196
|
"dependencies": {
|
|
198
|
-
"@grpc/grpc-js": "^1.
|
|
197
|
+
"@grpc/grpc-js": "^1.12.2",
|
|
199
198
|
"@grpc/proto-loader": "^0.7.5",
|
|
200
199
|
"@newrelic/security-agent": "^2.0.0",
|
|
201
200
|
"@tyriar/fibonacci-heap": "^2.0.7",
|
|
202
201
|
"concat-stream": "^2.0.0",
|
|
203
202
|
"https-proxy-agent": "^7.0.1",
|
|
204
|
-
"import-in-the-middle": "^1.
|
|
203
|
+
"import-in-the-middle": "^1.11.2",
|
|
205
204
|
"json-bigint": "^1.0.0",
|
|
206
205
|
"json-stringify-safe": "^5.0.0",
|
|
207
206
|
"module-details-from-path": "^1.0.3",
|
|
@@ -230,7 +229,7 @@
|
|
|
230
229
|
"ajv": "^6.12.6",
|
|
231
230
|
"async": "^3.2.4",
|
|
232
231
|
"aws-sdk": "^2.1604.0",
|
|
233
|
-
"borp": "^0.
|
|
232
|
+
"borp": "^0.18.0",
|
|
234
233
|
"c8": "^8.0.1",
|
|
235
234
|
"clean-jsdoc-theme": "^4.2.18",
|
|
236
235
|
"commander": "^7.0.0",
|
|
@@ -253,7 +252,6 @@
|
|
|
253
252
|
"lint-staged": "^11.0.0",
|
|
254
253
|
"lockfile-lint": "^4.9.6",
|
|
255
254
|
"nock": "11.8.0",
|
|
256
|
-
"proxy": "^2.1.1",
|
|
257
255
|
"proxyquire": "^1.8.0",
|
|
258
256
|
"rimraf": "^2.6.3",
|
|
259
257
|
"self-cert": "^2.0.0",
|