@contrast/common - npm Package Compare versions

Comparing version 1.15.1 to 1.16.0

lib/constants.d.ts

 export declare enum Event {
-    ASSESS = "assess",
-    PROTECT = "protect",
-    LIBRARY_USAGE = "library-usage",
-    LIBRARY = "library",
+    RESPONSE_FINISH = "response-finish",
+    ROUTE_COVERAGE_DISCOVERY_FINISHED = "route-coverage-discovery-finished",
     ARCHITECTURE_COMPONENT = "architecture-component",
-    SERVER_SETTINGS_UPDATE = "server-settings-update",
     ASSESS_DATAFLOW_FINDING = "assess-dataflow-findings",
@@ -12,6 +9,9 @@ ASSESS_DATAFLOW_SAFE_POSITIVE = "assess-dataflow-safe-positive",
     ASSESS_SESSION_CONFIGURATION_FINDING = "assess-session-configuration-findings",
-    RESPONSE_FINISH = "response-finish",
+    ASSESS_CRYPTO_ANALYSIS_FINDING = "assess-crypto-analysis-finding",
+    LIBRARY = "library",
+    LIBRARY_USAGE = "library-usage",
+    PROTECT = "protect",
     ROUTE_COVERAGE_DISCOVERY = "route-coverage-discovery",
-    ROUTE_COVERAGE_DISCOVERY_FINISHED = "route-coverage-discovery-finished",
-    ROUTE_COVERAGE_OBSERVATION = "route-coverage-observation"
+    ROUTE_COVERAGE_OBSERVATION = "route-coverage-observation",
+    SERVER_SETTINGS_UPDATE = "server-settings-update"
 }
@@ -30,2 +30,5 @@ export declare enum ProtectRuleMode {
     CMD_INJECTION_SEMANTIC_DANGEROUS_PATHS = "cmd-injection-semantic-dangerous-paths",
+    CRYPTO_BAD_MAC = "crypto-bad-mac",
+    CRYPTO_BAD_CIPHERS = "crypto-bad-ciphers",
+    CRYPTO_WEAK_RANDOMNESS = "crypto-weak-randomness",
     IP_DENYLIST = "ip-denylist",
@@ -40,2 +43,3 @@ METHOD_TAMPERING = "method-tampering",
     SSJS_INJECTION = "ssjs-injection",
+    SSRF = "ssrf",
     UNSAFE_CODE_EXECUTION = "unsafe-code-execution",
@@ -45,3 +49,4 @@ UNSAFE_FILE_UPLOAD = "unsafe-file-upload",
     VIRTUAL_PATCH = "virtual-patch",
-    XXE = "xxe"
+    XXE = "xxe",
+    UNVALIDATED_REDIRECT = "unvalidated-redirect"
 }
@@ -48,0 +53,0 @@ export declare enum ResponseScanningRule {

lib/constants.js

@@ -20,8 +20,7 @@ "use strict";
 (function (Event) {
-    Event["ASSESS"] = "assess";
-    Event["PROTECT"] = "protect";
-    Event["LIBRARY_USAGE"] = "library-usage";
-    Event["LIBRARY"] = "library";
+    // lifecycle
+    Event["RESPONSE_FINISH"] = "response-finish";
+    Event["ROUTE_COVERAGE_DISCOVERY_FINISHED"] = "route-coverage-discovery-finished";
+    // reports
     Event["ARCHITECTURE_COMPONENT"] = "architecture-component";
-    Event["SERVER_SETTINGS_UPDATE"] = "server-settings-update";
     Event["ASSESS_DATAFLOW_FINDING"] = "assess-dataflow-findings";
@@ -31,6 +30,10 @@ Event["ASSESS_DATAFLOW_SAFE_POSITIVE"] = "assess-dataflow-safe-positive";
     Event["ASSESS_SESSION_CONFIGURATION_FINDING"] = "assess-session-configuration-findings";
-    Event["RESPONSE_FINISH"] = "response-finish";
+    Event["ASSESS_CRYPTO_ANALYSIS_FINDING"] = "assess-crypto-analysis-finding";
+    Event["LIBRARY"] = "library";
+    Event["LIBRARY_USAGE"] = "library-usage";
+    Event["PROTECT"] = "protect";
     Event["ROUTE_COVERAGE_DISCOVERY"] = "route-coverage-discovery";
-    Event["ROUTE_COVERAGE_DISCOVERY_FINISHED"] = "route-coverage-discovery-finished";
     Event["ROUTE_COVERAGE_OBSERVATION"] = "route-coverage-observation";
+    // state changes
+    Event["SERVER_SETTINGS_UPDATE"] = "server-settings-update";
 })(Event = exports.Event || (exports.Event = {}));
@@ -51,2 +54,5 @@ var ProtectRuleMode;
     Rule["CMD_INJECTION_SEMANTIC_DANGEROUS_PATHS"] = "cmd-injection-semantic-dangerous-paths";
+    Rule["CRYPTO_BAD_MAC"] = "crypto-bad-mac";
+    Rule["CRYPTO_BAD_CIPHERS"] = "crypto-bad-ciphers";
+    Rule["CRYPTO_WEAK_RANDOMNESS"] = "crypto-weak-randomness";
     Rule["IP_DENYLIST"] = "ip-denylist";
@@ -61,2 +67,3 @@ Rule["METHOD_TAMPERING"] = "method-tampering";
     Rule["SSJS_INJECTION"] = "ssjs-injection";
+    Rule["SSRF"] = "ssrf";
     Rule["UNSAFE_CODE_EXECUTION"] = "unsafe-code-execution";
@@ -67,2 +74,3 @@ Rule["UNSAFE_FILE_UPLOAD"] = "unsafe-file-upload";
     Rule["XXE"] = "xxe";
+    Rule["UNVALIDATED_REDIRECT"] = "unvalidated-redirect";
 })(Rule = exports.Rule || (exports.Rule = {}));
@@ -69,0 +77,0 @@ var ResponseScanningRule;

lib/types.d.ts

@@ -229,6 +229,11 @@ /// <reference types="node" />
     /**
-     * Normalized URL for a route.
+     * URL for a route.
      * @example "prefix/route/path"
      */
     url: string;
+    /**
+     * Normalized URL for a route.
+     * @example "prefix/:id/path"
+     */
+    normalizedUrl: string;
 }
@@ -264,13 +269,2 @@ /**
 }
-/**
- * Agent event emitter for broadcasting internal lifecycle events.
- *
- * The final, generic, overloads for emit/on matches any calls that don't match
- * one of the more specific definitions.
- */
-export interface Lifecycle extends EventEmitter {
-    emit(event: Event, ...args: any[]): boolean;
-    on(event: Event.RESPONSE_FINISH, listener: (msg: RequestStore) => void): this;
-    on(event: Event, listener: (...args: any[]) => void): this;
-}
 //# sourceMappingURL=types.d.ts.map

package.json

 {
   "name": "@contrast/common",
-  "version": "1.15.1",
+  "version": "1.16.0",
   "description": "Shared constants and utilities for all Contrast Agent modules",
@@ -5,0 +5,0 @@ "license": "UNLICENSED",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

81884

increased by0.24%

Lines of code

1214

increased by0.58%

No dependency changes