lib/contrast/agent.rb in contrast-agent-3.10.2 vs lib/contrast/agent.rb in contrast-agent-3.11.0

@@ -1,15 +1,29 @@
 # Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
 cs__scoped_require 'English'
 
+# Config interface, also cruft around logger interfaces etc.
+# this comes early bc legacy.
+cs__scoped_require 'contrast/agent/feature_state'
+
 # This must precede other Contrast C extensions
 cs__scoped_require 'cs__common/cs__common'
 
+# defining instrumentation, this must precede core extensions
+# because they need to register their patches
+cs__scoped_require 'contrast/agent/patching/policy/patcher'
+cs__scoped_require 'contrast/agent/patching/policy/patch'
+
+# core extensions
+cs__scoped_require 'contrast/extensions/ruby_core/assess'
 cs__scoped_require 'contrast/extensions/ruby_core/delegator'
+cs__scoped_require 'contrast/extensions/ruby_core/inventory'
 cs__scoped_require 'contrast/extensions/ruby_core/module'
+cs__scoped_require 'contrast/extensions/ruby_core/protect'
+cs__scoped_require 'contrast/extensions/ruby_core/protect/kernel'
 
 cs__scoped_require 'contrast/utils/object_share'
 cs__scoped_require 'contrast/utils/boolean_util'
 cs__scoped_require 'contrast/utils/string_utils'
 cs__scoped_require 'contrast/utils/io_util'
@@ -18,24 +32,15 @@
 cs__scoped_require 'contrast/common_agent_configuration'
 
 cs__scoped_require 'contrast/utils/hash_digest'
 cs__scoped_require 'contrast/utils/invalid_configuration_util'
 
-cs__scoped_require 'contrast/utils/cache'
-
 # scoping
 cs__scoped_require 'contrast/agent/scope'
 
 cs__scoped_require 'contrast/utils/thread_tracker'
 
-cs__scoped_require 'contrast/api'
-
-cs__scoped_require 'contrast/utils/resource_loader'
-cs__scoped_require 'contrast/utils/duck_utils'
-cs__scoped_require 'contrast/agent/tracepoint_hook'
-cs__scoped_require 'contrast/agent/at_exit_hook'
-
 # Framework support
 cs__scoped_require 'contrast/framework/manager'
 
 module Contrast
   # Top namespace of the Agent section. Holds tracking contexts that will be
@@ -48,20 +53,21 @@
       @_framework_manager ||= Contrast::Framework::Manager.new
     end
   end
 end
 
-# keep tracker of logger updates
-cs__scoped_require 'contrast/agent/logger_manager'
+cs__scoped_require 'contrast/api'
 
+cs__scoped_require 'contrast/utils/resource_loader'
+cs__scoped_require 'contrast/utils/duck_utils'
+cs__scoped_require 'contrast/agent/tracepoint_hook'
+cs__scoped_require 'contrast/agent/at_exit_hook'
+
 # communication with contrast service
 cs__scoped_require 'contrast/agent/exclusion_matcher'
 cs__scoped_require 'contrast/agent/socket_client'
 
-# config interface
-cs__scoped_require 'contrast/agent/feature_state'
-
 # threads that handle contrast scope
 cs__scoped_require 'contrast/agent/thread'
 
 # keep track of attacks
 cs__scoped_require 'contrast/agent/request_context'
@@ -70,10 +76,10 @@
 
 # Unconditional early-framework patches.
 # These happen regardless of analysis mode, & should be lightweight.
 cs__scoped_require 'contrast/utils/rack_assess_session_cookie'
 cs__scoped_require 'contrast/utils/rails_assess_configuration'
-# Also: should document the necessity of patching this ASAP.
+
 # In Rails, session configuration occurs extremely early & only once.
 # If we defer our patching of the rails session configuration too long
 # (i.e., where we normally patch) we will miss the configuration
 # and will never be able to report session misconfiguration rules.
 cs__scoped_require 'contrast/extensions/framework/rails/configuration' if defined?(Rails)