Fix detection of stacks originating from dd-trace (#5773)

When an error is logged, its message is redacted unless it's originating
from with the tracer.

Previously it would only detect it as coming from within the tracer if
the filepath was within the `packages` directory. This meant that some
errors originating from the tracer would be redacted even though they
shouldn't.

This problem can be traced back to the following PR:

    #3593

Co-authored-by: Ugaitz Urien <ugaitz.urien@datadoghq.com>

Author: watson

packages/dd-trace/src/util.js

@@ -61,12 +61,10 @@ function globMatch (pattern, subject) {
   return true
 }
 
-// TODO: this adds stack traces relative to packages/
-// shouldn't paths be relative to the root of dd-trace?
 function calculateDDBasePath (dirname) {
   const dirSteps = dirname.split(path.sep)
   const packagesIndex = dirSteps.lastIndexOf('packages')
-  return dirSteps.slice(0, packagesIndex + 1).join(path.sep) + path.sep
+  return dirSteps.slice(0, packagesIndex).join(path.sep) + path.sep
 }
 
 function normalizeProfilingEnabledValue (configValue) {

packages/dd-trace/test/appsec/iast/analyzers/vulnerability-analyzer.spec.js

@@ -7,7 +7,7 @@ describe('vulnerability-analyzer', () => {
   const VULNERABLE_VALUE = 'VULNERABLE_VALUE'
   const VULNERABILITY = 'VULNERABILITY'
   const VULNERABILITY_LOCATION_FROM_SOURCEMAP = {
-    path: 'VULNERABILITY_LOCATION_FROM_SOURCEMAP', line: 42, method: 'callFn'
+    path: 'VULNERABILITY_LOCATION_FROM_SOURCEMAP', line: 42, class: 'process', method: 'processImmediate'
   }
   const ANALYZER_TYPE = 'TEST_ANALYZER'
   const SPAN_ID = '123456'

packages/dd-trace/test/appsec/iast/utils.js

@@ -65,6 +65,7 @@ function testInRequest (app, tests) {
 
 function testOutsideRequestHasVulnerability (fnToTest, vulnerability, plugins, timeout) {
   beforeEach(async () => {
+    vulnerabilityReporter.clearCache()
     await agent.load(plugins)
   })
   afterEach(() => {