ESM support for iast

[uurien]

What does this PR do?

With application is configured with support for ESM (using --loader or initialize.mjs) and IAST is enabled, the app files are rewritten in the same way that they are rewritten when they are required.

Motivation

Support ESM for IAST taint tracking.

Plugin Checklist

• Unit tests.

Additional Notes

This will work only when Module.register is supported: >= 20.8.0 or ^18.19.0

APPSEC-11290

[github-actions]

Overall package size

Self size: 8.56 MB
Deduped: 94.96 MB
No deduping: 95.48 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.4.0 | 29.44 MB | 29.44 MB | | @datadog/native-appsec | 8.4.0 | 19.25 MB | 19.26 MB | | @datadog/native-iast-taint-tracking | 3.2.0 | 13.9 MB | 13.91 MB | | @datadog/pprof | 5.5.0 | 9.8 MB | 10.17 MB | | protobufjs | 7.2.5 | 2.77 MB | 5.16 MB | | @datadog/native-iast-rewriter | 2.8.0 | 2.6 MB | 2.74 MB | | @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB | | @datadog/native-metrics | 3.1.0 | 1.06 MB | 1.46 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.11.2 | 112.74 kB | 826.22 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB | | semver | 7.6.3 | 95.82 kB | 95.82 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.1 | 51.46 kB | 51.46 kB | | shell-quote | 1.8.1 | 44.96 kB | 44.96 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.3.1 | 25.21 kB | 25.21 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | ttl-set | 1.0.0 | 4.61 kB | 9.69 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[pr-commenter]

Benchmarks

Benchmark execution time: 2025-01-29 16:22:06

Comparing candidate commit 4a3d954 in PR branch ugaitz/partial-esm-support-iast with baseline commit c0550a0 in branch master.

Found 1 performance improvements and 0 performance regressions! Performance is the same for 901 metrics, 26 unstable metrics.

scenario:plugin-graphql-with-depth-on-max-18

• 🟩 max_rss_usage [-62.891MB; -56.453MB] or [-6.481%; -5.818%]

[codecov]

Codecov Report

Attention: Patch coverage is 93.47826% with 3 lines in your changes missing coverage. Please review.

Project coverage is 81.07%. Comparing base (c0550a0) to head (4a3d954).

Files with missing lines	Patch %	Lines
...d-trace/src/appsec/iast/taint-tracking/rewriter.js	92.30%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #5012      +/-   ##
==========================================
+ Coverage   81.05%   81.07%   +0.02%     
==========================================
  Files         478      479       +1     
  Lines       21308    21349      +41     
==========================================
+ Hits        17271    17309      +38     
- Misses       4037     4040       +3     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[iunanua]

🤪