@aikidosec/runtime - npm Package Compare versions

Comparing version 1.5.11 to 1.5.12

lambda/index.js

 "use strict";
-const AgentSingleton_1 = require("../agent/AgentSingleton");
 const protect_1 = require("../agent/protect");
-process.on("SIGTERM", () => {
-    const agent = (0, AgentSingleton_1.getInstance)();
-    if (!agent) {
-        return;
-    }
-    agent.flushStats(1000);
-});
 module.exports = (0, protect_1.lambda)();

package.json

 {
   "name": "@aikidosec/runtime",
-  "version": "1.5.11",
+  "version": "1.5.12",
   "description": "Aikido runtime protects your application against NoSQL injections and more",
@@ -5,0 +5,0 @@ "repository": "https://github.com/AikidoSec/runtime-node",

sources/Lambda.js

@@ -74,2 +74,5 @@ "use strict";
     const agent = (0, AgentSingleton_1.getInstance)();
+    let lastFlushStatsAt = undefined;
+    const flushEveryMS = 10 * 60 * 1000;
+    // eslint-disable-next-line max-lines-per-function
     return async (event, context) => {
@@ -113,14 +116,22 @@ var _a, _b, _c, _d;
         }
-        const result = await (0, Context_1.runWithContext)(agentContext, async () => {
-            return await asyncHandler(event, context);
-        });
-        if (agent) {
-            agent.getInspectionStatistics().onRequest({
-                blocked: agent.shouldBlock(),
-                attackDetected: !!agentContext.attackDetected,
+        try {
+            return await (0, Context_1.runWithContext)(agentContext, async () => {
+                return await asyncHandler(event, context);
             });
         }
-        return result;
+        finally {
+            if (agent) {
+                agent.getInspectionStatistics().onRequest({
+                    blocked: agent.shouldBlock(),
+                    attackDetected: !!agentContext.attackDetected,
+                });
+                if (lastFlushStatsAt === undefined ||
+                    lastFlushStatsAt + flushEveryMS < Date.now()) {
+                    agent.flushStats(1000);
+                    lastFlushStatsAt = Date.now();
+                }
+            }
+        }
     };
 }
 exports.createLambdaWrapper = createLambdaWrapper;

vulnerabilities/path-traversal/detectPathTraversal.js

@@ -10,4 +10,9 @@ "use strict";
     }
+    if (userInput.length > filePath.length) {
+        // We ignore cases where the user input is longer than the file path.
+        // Because the user input can't be part of the file path.
+        return false;
+    }
     return filePath.includes(userInput) && (0, containsUnsafePathParts_1.containsUnsafePathParts)(filePath);
 }
 exports.detectPathTraversal = detectPathTraversal;

vulnerabilities/shell-injection/detectShellInjection.js

@@ -12,2 +12,7 @@ "use strict";
     }
+    if (userInput.length > command.length) {
+        // We ignore cases where the user input is longer than the command.
+        // Because the user input can't be part of the command.
+        return false;
+    }
     if (!command.includes(userInput)) {
@@ -14,0 +19,0 @@ return false;

vulnerabilities/sql-injection/detectSQLInjection.js

@@ -13,2 +13,7 @@ "use strict";
     }
+    if (userInput.length > query.length) {
+        // We ignore cases where the user input is longer than the query.
+        // Because the user input can't be part of the query.
+        return false;
+    }
     if (!(0, queryContainsUserInput_1.queryContainsUserInput)(query, userInput)) {
@@ -15,0 +20,0 @@ // If the user input is not part of the query, return false (No need to check)

No alert changes

Improved metrics

Total package byte prevSize

175159

increased by0.49%

Lines of code

3791

increased by0.48%

No dependency changes