New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Load IAST security agent when security.agent.enabled is true #1664
Conversation
….agent.enabled is true
…ning in security agent
configuration that was agreed upon.
…ection not array of onRequire, onResolved, onError hooks. For every instrumentation you will get a unique shim instance unless you specify `shimName` which will store a reference to a shim instance that can be shared(koa needs this as the modules layer instrumentation on itself).
…code to functions, use optional chaining for deep access of keys on objects
…adds a new api.getLinkingMetadata call
…unction on the original symbol or current object
…ly a wrapped callback to make sure it is not wrapped more than once
Codecov Report
@@ Coverage Diff @@
## main #1664 +/- ##
==========================================
+ Coverage 96.76% 96.79% +0.02%
==========================================
Files 200 200
Lines 39148 39178 +30
Branches 24 24
==========================================
+ Hits 37883 37921 +38
+ Misses 1265 1257 -8
Flags with carried forward coverage won't be shown. Click here to find out more.
... and 2 files with indirect coverage changes 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
? 14 | ||
: 15 | ||
: 7 | ||
console.log(Object.keys(metrics)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove console.log
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tested this locally by running the versioned tests for the security agent. Additionally, I setup an ESM express app with no vulnerabilities and the security agent turned on as a sanity check (there were no issues seeing data in the ui), if you would like me to test with a vulnerability, I can update my app to confirm that vulnerability shows up in ESM.
Description
This PR has been the staging branch for all things security agent related. Some things to highlight:
security.agent.enabled
is true@newrelic/security-agent
. This will prob pin the agent for the foreseeable futureHow to Test
npm run versioned:security:major
ornpm run versioned:security