# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true require 'contrast/components/interface' require 'contrast/utils/gemfile_reader' require 'contrast/api/decorators/application_update' module Contrast module Agent # this module handles one time static analysis tasks class StaticAnalysis include Singleton include Contrast::Components::Interface access_component :logging, :analysis, :scope class << self # After the first request is complete, we do a one-time manual catchup to review and # report the already-loaded gems. def catchup @_catchup ||= begin with_contrast_scope do Contrast::Utils::GemfileReader.instance.map_loaded_classes send_inventory_message true end end rescue StandardError => e logger.warn('Unable to run post-initialization static analysis', e) end def send_inventory_message return unless INVENTORY.enabled? app_update_msg = Contrast::Api::Dtm::ApplicationUpdate.build Contrast::Utils::InventoryUtil.append_db_config(app_update_msg) Contrast::Agent.messaging_queue.send_event_eventually(app_update_msg) end end end end end