@contrast/common - npm Package Compare versions

Comparing version 1.3.1 to 1.3.2

lib/constants.d.ts

		@@ -7,3 +7,5 @@ export declare enum Event {
		SERVER_SETTINGS_UPDATE = "server-settings-update",
		ASSESS_DATAFLOW_FINDING = "assess-dataflow-findings"
		ASSESS_DATAFLOW_FINDING = "assess-dataflow-findings",
		ROUTE_COVERAGE_DISCOVERY = "router-coverage-discovery",
		ROUTE_COVERAGE_OBSERVATION = "router-coverage-observation"
		}
		@@ -10,0 +12,0 @@ export declare enum ProtectRuleMode {

lib/constants.js

		@@ -26,2 +26,4 @@ "use strict";
		Event["ASSESS_DATAFLOW_FINDING"] = "assess-dataflow-findings";
		Event["ROUTE_COVERAGE_DISCOVERY"] = "router-coverage-discovery";
		Event["ROUTE_COVERAGE_OBSERVATION"] = "router-coverage-observation";
		})(Event = exports.Event \|\| (exports.Event = {}));
		@@ -28,0 +30,0 @@ var ProtectRuleMode;

lib/index.d.ts

		@@ -24,1 +24,16 @@ import { CommonRulesResultsMap, HardeningResultsMap, ResultMap, SemanticAnalysisResultsMap, ServerFeaturePreliminaryResultsMap } from './types';
		};
		export declare function set(obj: Record<string, any>, name: string, value: any): void;
		export declare function mergeRemoteData(config: Record<string, any>, remoteData: Record<string, any>, readers: Record<string, any>, setterFn: (target: Record<string, any>, name: string, value: any) => any, target?: Record<string, any>): Record<string, any>;
		export declare const featureReaders: {
		'agent.logger.level': (remoteData: any) => any;
		'agent.logger.path': (remoteData: any) => any;
		'agent.security_logger.syslog.enable': (remoteData: any) => any;
		'agent.security_logger.syslog.ip': (remoteData: any) => any;
		'agent.security_logger.syslog.port': (remoteData: any) => any;
		'agent.security_logger.syslog.facility': (remoteData: any) => any;
		'agent.security_logger.syslog.severity_exploited': (remoteData: any) => any;
		'agent.security_logger.syslog.severity_blocked': (remoteData: any) => any;
		'agent.security_logger.syslog.severity_probed': (remoteData: any) => any;
		'agent.security_logger.syslog.severity_suspicious': (remoteData: any) => any;
		};
		export declare const settingsReaders: {};

lib/index.js

		@@ -31,3 +31,3 @@ "use strict";
		Object.defineProperty(exports, "__esModule", { value: true });
		exports.groupResultsMap = exports.callChildComponentMethodsSync = exports.traverseKeys = exports.traverseValues = exports.traverseKeysAndValues = exports.encodeString = exports.isNonEmptyObject = exports.isString = void 0;
		exports.settingsReaders = exports.featureReaders = exports.mergeRemoteData = exports.set = exports.groupResultsMap = exports.callChildComponentMethodsSync = exports.traverseKeys = exports.traverseValues = exports.traverseKeysAndValues = exports.encodeString = exports.isNonEmptyObject = exports.isString = void 0;
		const constants_1 = require("./constants");
		@@ -171,2 +171,65 @@ __exportStar(require("./constants"), exports);
		exports.groupResultsMap = groupResultsMap;
		function set(obj, name, value) {
		const props = name.split('.');
		const lastProp = props.pop();
		for (const p of props) {
		if (!obj[p])
		obj[p] = {};
		obj = obj[p];
		}
		obj[lastProp] = value;
		}
		exports.set = set;
		function mergeRemoteData(config, remoteData, readers, setterFn, target) {
		const targetConfig = target \|\| config;
		for (const [name, readerFn] of Object.entries(readers)) {
		const remoteValue = readerFn(remoteData);
		if (['DEFAULT', 'ContrastUI'].includes(config._sources[name]) && remoteValue != null) {
		setterFn(targetConfig, name, remoteValue);
		}
		}
		return targetConfig;
		}
		exports.mergeRemoteData = mergeRemoteData;
		exports.featureReaders = {
		'agent.logger.level': (remoteData) => remoteData.features?.logLevel,
		'agent.logger.path': (remoteData) => remoteData.features?.logFile,
		'agent.security_logger.syslog.enable': (remoteData) => remoteData.features?.defend?.syslog?.syslogEnabled,
		'agent.security_logger.syslog.ip': (remoteData) => remoteData.features?.defend?.syslog?.syslogIpAddress,
		'agent.security_logger.syslog.port': (remoteData) => remoteData.features?.defend?.syslog?.syslogPortNumber,
		'agent.security_logger.syslog.facility': (remoteData) => remoteData.features?.defend?.syslog?.syslogFacilityCode,
		'agent.security_logger.syslog.severity_exploited': (remoteData) => remoteData.features?.defend?.syslog?.syslogSeverityExploited,
		'agent.security_logger.syslog.severity_blocked': (remoteData) => remoteData.features?.defend?.syslog?.syslogSeverityBlocked,
		'agent.security_logger.syslog.severity_probed': (remoteData) => remoteData.features?.defend?.syslog?.syslogSeverityProbed,
		'agent.security_logger.syslog.severity_suspicious': (remoteData) => remoteData.features?.defend?.syslog?.syslogSeveritySuspicious,
		};
		exports.settingsReaders = [
		'protect.rules.cmd-injection.mode',
		'protect.rules.cmd-injection-command-backdoors.mode',
		'protect.rules.cmd-injection-semantic-chained-commands.mode',
		'protect.rules.cmd-injection-semantic-dangerous-paths.mode',
		'protect.rules.method-tampering.mode',
		'protect.rules.nosql-injection.mode',
		'protect.rules.nosql-injection-mongo.mode',
		'protect.rules.path-traversal.mode',
		'protect.rules.path-traversal-semantic-file-security-bypass.mode',
		'protect.rules.reflected-xss.mode',
		'protect.rules.sql-injection.mode',
		'protect.rules.ssjs-injection.mode',
		'protect.rules.unsafe-file-upload.mode',
		'protect.rules.untrusted-deserialization.mode',
		'protect.rules.xxe.mode',
		].reduce((acc, name) => {
		const ruleId = name.split('.')[2];
		return Object.assign(acc, {
		[name]: (remoteData) => {
		const remoteSetting = remoteData.settings?.defend?.protectionRules?.find((r) => r.id == ruleId);
		switch (remoteSetting?.mode) {
		case 'OFF': return constants_1.ProtectRuleMode.OFF;
		case 'MONITORING': return constants_1.ProtectRuleMode.MONITOR;
		case 'BLOCKING': return remoteSetting.blockAtEntry ? constants_1.ProtectRuleMode.BLOCK_AT_PERIMETER : constants_1.ProtectRuleMode.BLOCK;
		}
		}
		});
		}, {});
		//# sourceMappingURL=index.js.map

package.json

		{
		"name": "@contrast/common",
		"version": "1.3.1",
		"version": "1.3.2",
		"description": "Shared constants and utilities for all Contrast Agent modules",
		@@ -5,0 +5,0 @@ "license": "UNLICENSED",

src/constants.ts

		@@ -23,3 +23,6 @@ /*
		ASSESS_DATAFLOW_FINDING = 'assess-dataflow-findings',
		ROUTE_COVERAGE_DISCOVERY = 'router-coverage-discovery',
		ROUTE_COVERAGE_OBSERVATION = 'router-coverage-observation'
		}

		export enum ProtectRuleMode {
		@@ -79,1 +82,2 @@ OFF = 'off',
		export const BLOCKING_MODES = ['block', 'block_at_perimeter'];

src/index.ts

		@@ -16,3 +16,3 @@ /*

		import { Rule } from './constants';
		import { Rule, ProtectRuleMode } from './constants';
		import { CommonRulesResultsMap, HardeningResultsMap, ResultMap, SemanticAnalysisResultsMap, ServerFeaturePreliminaryResultsMap } from './types';
		@@ -182,1 +182,72 @@
		}

		export function set(obj: Record<string, any>, name: string, value: any) {
		const props = name.split('.');
		const lastProp = props.pop() as string;
		for (const p of props) {
		if (!obj[p]) obj[p] = {};
		obj = obj[p];
		}
		obj[lastProp] = value;
		}

		export function mergeRemoteData(
		config: Record<string, any>,
		remoteData: Record<string, any>,
		readers: Record<string, any>,
		setterFn: (target: Record<string, any>, name: string, value: any) => any,
		target?: Record<string, any>
		) {
		const targetConfig = target \|\| config;
		for (const [name, readerFn] of Object.entries(readers)) {
		const remoteValue = readerFn(remoteData);
		if (['DEFAULT', 'ContrastUI'].includes(config._sources[name]) && remoteValue != null) {
		setterFn(targetConfig, name, remoteValue);
		}
		}

		return targetConfig;
		}

		export const featureReaders = {
		'agent.logger.level': (remoteData: any) => remoteData.features?.logLevel,
		'agent.logger.path': (remoteData: any) => remoteData.features?.logFile,
		'agent.security_logger.syslog.enable': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogEnabled,
		'agent.security_logger.syslog.ip': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogIpAddress,
		'agent.security_logger.syslog.port': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogPortNumber,
		'agent.security_logger.syslog.facility': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogFacilityCode,
		'agent.security_logger.syslog.severity_exploited': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogSeverityExploited,
		'agent.security_logger.syslog.severity_blocked': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogSeverityBlocked,
		'agent.security_logger.syslog.severity_probed': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogSeverityProbed,
		'agent.security_logger.syslog.severity_suspicious': (remoteData: any) => remoteData.features?.defend?.syslog?.syslogSeveritySuspicious,
		};

		export const settingsReaders = [
		'protect.rules.cmd-injection.mode',
		'protect.rules.cmd-injection-command-backdoors.mode',
		'protect.rules.cmd-injection-semantic-chained-commands.mode',
		'protect.rules.cmd-injection-semantic-dangerous-paths.mode',
		'protect.rules.method-tampering.mode',
		'protect.rules.nosql-injection.mode',
		'protect.rules.nosql-injection-mongo.mode',
		'protect.rules.path-traversal.mode',
		'protect.rules.path-traversal-semantic-file-security-bypass.mode',
		'protect.rules.reflected-xss.mode',
		'protect.rules.sql-injection.mode',
		'protect.rules.ssjs-injection.mode',
		'protect.rules.unsafe-file-upload.mode',
		'protect.rules.untrusted-deserialization.mode',
		'protect.rules.xxe.mode',
		].reduce((acc, name) => {
		const ruleId = name.split('.')[2];
		return Object.assign(acc, {
		[name]: (remoteData: any) => {
		const remoteSetting = remoteData.settings?.defend?.protectionRules?.find((r: any) => r.id == ruleId);
		switch (remoteSetting?.mode) {
		case 'OFF': return ProtectRuleMode.OFF;
		case 'MONITORING': return ProtectRuleMode.MONITOR;
		case 'BLOCKING': return remoteSetting.blockAtEntry ? ProtectRuleMode.BLOCK_AT_PERIMETER : ProtectRuleMode.BLOCK;
		}
		}
		});
		}, {});

lib/constants.js.map

Sorry, the diff of this file is not supported yet

lib/index.js.map

Sorry, the diff of this file is not supported yet

@contrast/common - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics