Class: Threatstack::Events::DependencyEvent

Inherits:
BaseEvent
  • Object
show all
Includes:
Constants
Defined in:
lib/events/models/dependency_event.rb

Overview

Dependency event model that inherits the common attributes and adds its own specifics

Constant Summary

Constants included from Constants

Constants::AGENT_ID, Constants::AGENT_INSTANCE_ID, Constants::AGENT_NAME, Constants::AGENT_VERSION, Constants::APPSEC_BASE_URL, Constants::APPSEC_EVENTS_URL, Constants::ATTACK, Constants::AWS_METADATA_URL, Constants::BLOCK_PATH_TRAVERSAL, Constants::BLOCK_SQLI, Constants::BLOCK_XSS, Constants::CGI_VARIABLES, Constants::DEPENDENCIES, Constants::DETECTED_NOT_BLOCKED, Constants::DETECT_ATTACKS_ONLY, Constants::DETECT_PATH_TRAVERSAL, Constants::DISABLED, Constants::DROP_FIELDS, Constants::ENVIRONMENT, Constants::EVENTS_PER_REQ, Constants::FILTER_BY_PATH, Constants::INSTRUMENTATION, Constants::IPV4, Constants::IPV6, Constants::JOB_INTERVAL, Constants::LOG_COLORS, Constants::LOG_LEVEL, Constants::MANUAL_INIT, Constants::MAX_QUEUED_EVENTS, Constants::PATH_TRAVERSAL, Constants::REDACTED, Constants::REQUEST_BLOCKED, Constants::ROOT_DIR, Constants::RUBY, Constants::SQLI, Constants::TRUTHY, Constants::XSS

Instance Attribute Summary collapse

Attributes inherited from BaseEvent

#agent_type, #event_id, #event_type, #timestamp

Instance Method Summary collapse

Methods included from Constants

app_root_dir, env, is_truthy

Methods inherited from BaseEvent

#to_core_hash, #to_json_string

Constructor Details

#initialize(args = {}) ⇒ DependencyEvent

Returns a new instance of DependencyEvent.

Parameters:

  • args (Hash) (defaults to: {})
    String

    args.event_id

    String

    args.timestamp



22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
 
# File 'lib/events/models/dependency_event.rb', line 22

def initialize(args = {})
  logger = Threatstack::Utils::TSLogger.create 'DependencyEvent'
  logger.debug 'Creating dependency event...'
  args[:event_type] = DEPENDENCIES
  begin
    gemfile_path = File.join(ROOT_DIR, 'Gemfile')
    lockfile_path = File.join(ROOT_DIR, 'Gemfile.lock')
    @name = File.basename ROOT_DIR
    # build dependency list
    @dependencies = Bundler::Definition.build(gemfile_path, lockfile_path, nil).
      dependencies.each_with_object({}) do |dep, obj|
      dep.groups.each do
        begin
          obj[dep.name] = dep.to_spec.version.to_s
        rescue ScriptError => sce
          logger.error "ScriptError: #{sce.inspect}"
        rescue StandardError => ste
          logger.error "StandardError: #{ste.inspect}"
        end
      end
    end
    # build dependency graph
    @graph = Gem.loaded_specs.each_with_object({}) do |(k, v), obj|
      requires = v.dependencies.each_with_object({}) do |dep, h|
        h[dep.name] = dep.requirement.requirements.join
      end
      begin
        obj[k] = { :version => v.version.to_s, :requires => requires }
      rescue ScriptError => sce
        logger.error "ScriptError: #{sce.inspect}"
      rescue StandardError => ste
        logger.error "StandardError: #{ste.inspect}"
      end
    end if Gem.respond_to? :loaded_specs
    logger.debug "Name: #{@name}"
    logger.debug "Dependencies: #{@dependencies}"
    logger.debug "Graph: #{@graph}"
  rescue ScriptError => sce
    logger.error "General ScriptError: #{sce.inspect}"
  rescue StandardError => ste
    logger.error "General StandardError: #{ste.inspect}"
  end
  super args
end

Instance Attribute Details

#dependenciesObject

Returns the value of attribute dependencies.



16
17
18
 
# File 'lib/events/models/dependency_event.rb', line 16

def dependencies
  @dependencies
end

#graphObject

Returns the value of attribute graph.



17
18
19
 
# File 'lib/events/models/dependency_event.rb', line 17

def graph
  @graph
end

#nameObject

Returns the value of attribute name.



15
16
17
 
# File 'lib/events/models/dependency_event.rb', line 15

def name
  @name
end

Instance Method Details

#to_hashObject 



67
68
69
70
71
72
73
74
75
76
77
 
# File 'lib/events/models/dependency_event.rb', line 67

def to_hash
  hash = to_core_hash
  hash[:module_name] = AGENT_NAME
  hash[:package_type] = RUBY
  hash[:payload] = {
    :name => @name,
    :dependencies => @dependencies,
    :graph => @graph
  }
  hash
end