@aikidosec/runtime - npm Package Compare versions

Comparing version 1.5.16 to 1.5.17

agent/Agent.js

@@ -25,3 +25,3 @@ "use strict";
         this.sendHeartbeatEveryMS = 30 * 60 * 1000;
-        this.checkIfHeartbeatIsNeededEveryMS = 10 * 60 * 1000;
+        this.checkIfHeartbeatIsNeededEveryMS = 60 * 1000;
         this.lastHeartbeat = Date.now();
@@ -139,4 +139,11 @@ this.reportedInitialStats = false;
     updateServiceConfig(response) {
-        if (response.success && response.endpoints) {
-            this.serviceConfig = new ServiceConfig_1.ServiceConfig(response.endpoints);
+        if (response.success) {
+            if (response.endpoints) {
+                this.serviceConfig = new ServiceConfig_1.ServiceConfig(response.endpoints);
+            }
+            const minimumHeartbeatIntervalMS = 2 * 60 * 1000;
+            if (typeof response.heartbeatIntervalInMS === "number" &&
+                response.heartbeatIntervalInMS >= minimumHeartbeatIntervalMS) {
+                this.sendHeartbeatEveryMS = response.heartbeatIntervalInMS;
+            }
         }
@@ -143,0 +150,0 @@ }

agent/api/ReportingAPI.d.ts

@@ -12,2 +12,3 @@ import { Event } from "./Event";
     endpoints?: Endpoint[];
+    heartbeatIntervalInMS?: number;
 } | {
@@ -14,0 +15,0 @@ success: false;

agent/InspectionStatistics.d.ts

@@ -44,6 +44,6 @@ type SinkCompressedTimings = {
     interceptorThrewError(sink: string): void;
-    onRequest({ attackDetected, blocked, }: {
-        attackDetected: boolean;
+    onDetectedAttack({ blocked }: {
         blocked: boolean;
     }): void;
+    onRequest(): void;
     onInspectedCall({ sink, blocked, attackDetected, durationInMs, withoutContext, }: {
@@ -50,0 +50,0 @@ sink: string;

agent/InspectionStatistics.js

@@ -91,11 +91,11 @@ "use strict";
     }
-    onRequest({ attackDetected, blocked, }) {
-        this.requests.total += 1;
-        if (attackDetected) {
-            this.requests.attacksDetected.total += 1;
-            if (blocked) {
-                this.requests.attacksDetected.blocked += 1;
-            }
+    onDetectedAttack({ blocked }) {
+        this.requests.attacksDetected.total += 1;
+        if (blocked) {
+            this.requests.attacksDetected.blocked += 1;
         }
     }
+    onRequest() {
+        this.requests.total += 1;
+    }
     onInspectedCall({ sink, blocked, attackDetected, durationInMs, withoutContext, }) {
@@ -102,0 +102,0 @@ this.ensureSinkStats(sink);

package.json

 {
   "name": "@aikidosec/runtime",
-  "version": "1.5.16",
+  "version": "1.5.17",
   "description": "Aikido runtime protects your application against NoSQL injections and more",
@@ -5,0 +5,0 @@ "repository": "https://github.com/AikidoSec/runtime-node",

sources/Express.d.ts

 import { Hooks } from "../agent/hooks/Hooks";
 import { Wrapper } from "../agent/Wrapper";
 export declare class Express implements Wrapper {
-    private addMiddleware;
+    private addMiddlewareToRoute;
+    private addMiddlewareToUse;
     wrap(hooks: Hooks): void;
 }

sources/Express.js

@@ -6,13 +6,16 @@ "use strict";
 const http_1 = require("http");
-function createMiddleware(agent) {
-    return (req, resp, next) => {
-        let route = undefined;
-        if (typeof req.route.path === "string") {
+// eslint-disable-next-line max-lines-per-function
+function createMiddleware(agent, path) {
+    // eslint-disable-next-line max-lines-per-function
+    const middleware = (req, resp, next) => {
+        var _a, _b;
+        let route = path;
+        if (typeof ((_a = req.route) === null || _a === void 0 ? void 0 : _a.path) === "string") {
             route = req.route.path;
         }
-        else if (req.route.path instanceof RegExp) {
+        else if (((_b = req.route) === null || _b === void 0 ? void 0 : _b.path) instanceof RegExp) {
             route = req.route.path.toString();
         }
         if (route) {
-            agent.onRouteExecute(req.method, req.route.path);
+            agent.onRouteExecute(req.method, route);
         }
@@ -39,8 +42,20 @@ (0, Context_1.runWithContext)({
             finally {
+                if (!req.__AIKIDO__) {
+                    req.__AIKIDO__ = {
+                        requestCounted: false,
+                        attackDetected: false,
+                    };
+                }
+                if (!req.__AIKIDO__.requestCounted) {
+                    agent.getInspectionStatistics().onRequest();
+                    req.__AIKIDO__.requestCounted = true;
+                }
                 const context = (0, Context_1.getContext)();
-                if (context) {
-                    agent.getInspectionStatistics().onRequest({
+                if (context &&
+                    context.attackDetected &&
+                    !req.__AIKIDO__.attackDetected) {
+                    agent.getInspectionStatistics().onDetectedAttack({
                         blocked: agent.shouldBlock(),
-                        attackDetected: !!context.attackDetected,
                     });
+                    req.__AIKIDO__.attackDetected = true;
                 }
@@ -50,2 +65,3 @@ }
     };
+    return middleware;
 }
@@ -65,8 +81,14 @@ class Express {
     // Without having to change the user's code
-    addMiddleware(args, agent) {
+    addMiddlewareToRoute(args, agent) {
         const handler = args.pop();
-        args.push(createMiddleware(agent));
+        args.push(createMiddleware(agent, undefined));
         args.push(handler);
         return args;
     }
+    addMiddlewareToUse(args, agent) {
+        if (args.length > 0 && typeof args[0] === "string") {
+            return [args[0], createMiddleware(agent, args[0]), ...args.slice(1)];
+        }
+        return [createMiddleware(agent, undefined), ...args];
+    }
     wrap(hooks) {
@@ -77,6 +99,13 @@ const express = hooks.addPackage("express").withVersion("^4.0.0");
         expressMethodNames.forEach((method) => {
-            route.modifyArguments(method, (args, subject, agent) => this.addMiddleware(args, agent));
+            route.modifyArguments(method, (args, subject, agent) => {
+                return this.addMiddlewareToRoute(args, agent);
+            });
         });
+        express
+            .addSubject((exports) => {
+            return exports.application;
+        })
+            .modifyArguments("use", (args, subject, agent) => this.addMiddlewareToUse(args, agent));
     }
 }
 exports.Express = Express;

sources/FunctionsFramework.js

@@ -30,6 +30,7 @@ "use strict";
                 if (agent && context) {
-                    agent.getInspectionStatistics().onRequest({
-                        blocked: agent.shouldBlock(),
-                        attackDetected: !!context.attackDetected,
-                    });
+                    const stats = agent.getInspectionStatistics();
+                    stats.onRequest();
+                    if (context.attackDetected) {
+                        stats.onDetectedAttack({ blocked: agent.shouldBlock() });
+                    }
                     if (lastFlushStatsAt === undefined ||
@@ -36,0 +37,0 @@ lastFlushStatsAt + flushEveryMS < Date.now()) {

sources/Lambda.js

@@ -126,6 +126,7 @@ "use strict";
             if (agent) {
-                agent.getInspectionStatistics().onRequest({
-                    blocked: agent.shouldBlock(),
-                    attackDetected: !!agentContext.attackDetected,
-                });
+                const stats = agent.getInspectionStatistics();
+                stats.onRequest();
+                if (agentContext.attackDetected) {
+                    stats.onDetectedAttack({ blocked: agent.shouldBlock() });
+                }
                 if (lastFlushStatsAt === undefined ||
@@ -132,0 +133,0 @@ lastFlushStatsAt + flushEveryMS < Date.now()) {

No alert changes

Improved metrics

Total package byte prevSize

208616

increased by0.84%

Lines of code

4687

increased by0.86%

No dependency changes