@contrast/contrast 1.0.0 → 1.0.1

package/.prettierignore

@@ -0,0 +1,2 @@
+test/commands/**
+dist/**

package/README.md

@@ -1,13 +1,33 @@
 # Contrast Command Line Interface
 
-Install Contrast, authenticate, and then start running a Lambda scan.
-This version supports **Java** and **Python** functions on AWS.
+- [About Contrast CLI](#about-contrast-cli)
+- [Requirements](#requirements)
+- [Step 1 – Install](#step-1--install)
+  - [Installation via Homebrew](#installation-via-homebrew)
+  - [Install NPM / YARN](#install-npm--yarn)
+  - [Install with binaries](#install-with-binaries)
+- [Step 2 – Authenticate](#step-2--authenticate)
+- [Step 3 – Scan](#step-3--scan)
+  - [Usage](#usage)
+  - [Commands](#commands)
+  - [Examples of usage](#examples-of-usage)
+- [Example of Results](#example-of-results)
+  - [Dependencies Vulnerabilities](#dependencies-vulnerabilities)
+  - [Least Privilege](#least-privilege)
+
+## About Contrast CLI
+
+Contrast CLI helps you find & fix security issues on AWS lambda functions (supports **Java** and **Python**)  
+By running a scan on your lambda functions, you can find:
+
+- Least privilege identity and access management (IAM) vulnerabilities (over permissive policies) and remediation
+- The Common Vulnerabilities and Exposures (CVE) from your libraries (Vulnerable Dependencies) and remediation
 
 ## Requirements
 
 - AWS credentials should be **available** on your local configure (usually `~/.aws/credentials`)
 - You have an option run lambda scan with your aws-profile to pass `--profile`
-- You also can export differnt credentials
+- You also can export different credentials
 
 ```shell
 export AWS_DEFAULT_REGION=<YOUR_AWS_REGION>
@@ -17,45 +37,48 @@ export AWS_SECRET_ACCESS_KEY=<YOUR_SECRET_ACCESS_KEY>
 
 These permissions are required to gather all required information on an AWS Lambda to use the `contrast lambda` command:
 
-- Lambda: [GetFunction](https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunction.html), [GetLayerVersion](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html)
-- IAM: [GetRolePolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html), [GetPolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html), [GetPolicyVersion](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html), [ListRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html), [ListAttachedRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html)
+- Lambda: [GetFunction](https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunction.html) | [GetLayerVersion](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html)
+- IAM: [GetRolePolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html) | [GetPolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html) | [GetPolicyVersion](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html) | [ListRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html) | [ListAttachedRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html)
 
 Policy example:
-```
+
+```json
 {
-    "Version": "2012-10-17",
-    "Statement": [
-        {
-            "Sid": "VisualEditor0",
-            "Effect": "Allow",
-            "Action": [
-                "iam:GetPolicyVersion",
-                "iam:GetPolicy",
-                "lambda:GetLayerVersion",
-                "lambda:GetFunction",
-                "iam:ListAttachedRolePolicies",
-                "iam:ListRolePolicies",
-                "iam:GetRolePolicy"
-            ],
-            "Resource": [
-                "arn:aws:lambda:*:YOUR_ACCOUNT:layer:*:*",
-                "arn:aws:lambda:*:YOUR_ACCOUNT:function:*",
-                "arn:aws:iam::YOUR_ACCOUNT:role/*",
-                "arn:aws:iam::YOUR_ACCOUNT:policy/*"
-            ]
-        }
-    ]
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Sid": "VisualEditor0",
+      "Effect": "Allow",
+      "Action": [
+        "iam:GetPolicyVersion",
+        "iam:GetPolicy",
+        "lambda:GetLayerVersion",
+        "lambda:GetFunction",
+        "iam:ListAttachedRolePolicies",
+        "iam:ListRolePolicies",
+        "iam:GetRolePolicy"
+      ],
+      "Resource": [
+        "arn:aws:lambda:*:YOUR_ACCOUNT:layer:*:*",
+        "arn:aws:lambda:*:YOUR_ACCOUNT:function:*",
+        "arn:aws:iam::YOUR_ACCOUNT:role/*",
+        "arn:aws:iam::YOUR_ACCOUNT:policy/*"
+      ]
+    }
+  ]
 }
 ```
 
-## Installation via Homebrew
+## Step 1 – Install
+
+### Installation via Homebrew
 
 - `brew tap Contrast-Security-OSS/homebrew-contrast`
 - `brew install contrast`
 
 ### Install NPM / YARN
 
-- `npm i -g @contrast/contrast`
+- `npm install -g @contrast/contrast`
 - `yarn global add @contrast/contrast`
 
 ### Install with binaries
@@ -70,40 +93,90 @@ Policy example:
 | Linux        | [https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/linux/contrast](https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/linux/contrast)             |
 | Windows      | [https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/windows/contrast.exe](https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/windows/contrast.exe) |
 
-## Usage
+## Step 2 – Authenticate
 
-- `contrast [command] [option]`
-- `contrast lambda --function-name <function> [options]`
+Authenticate using your existing [GitHub](https://github.com/) or [Google](https://www.google.com/) account.
 
-## Running a scan on a Lambda function
+```shell
+contrast auth
+```
+
+## Step 3 – Scan
 
-1. `contrast auth`
-   Authenticate by entering contrast auth in the terminal.
-   In the resulting browser window, log in and authenticate with your GitHub or Google credentials.
-2. `contrast lambda --function-name <YOUR_FUNCTION_NAME> --region <AWS_REGION>`
+Use contrast lambda to scan your AWS Lambda functions:
 
-More infromation
+```shell
+contrast lambda --function-name MyFunctionName --region my-aws-region
+```
 
+### Usage
+
+- `contrast [command] [option]`
+- `contrast lambda --list-functions`
+- `contrast lambda --function-name <function> [options]`
 - `contrast lambda --help`
 
-## Commands
+### Commands
 
 - `auth` - Authenticate Contrast using your `Github` or `Google` account
 - `lambda` - Perform scan on AWS Lambda function
+  - `--function-name` - Name of AWS lambda function to scan
+  - `--list-functions` - List all available lambda functions to scan
+  - `--endpoint-url` (optional) - AWS Endpoint override, works like in AWS CLI
+  - `--region` (optional) - Region override, default to AWS_DEAFAULT_REGION env var, works like in AWS CLI
+  - `--profile` (optional) - AWS configuration profile override, works like in AWS CLI
+  - `--json-output` (optional) - Return response in JSON (versus default human readable format)
+  - `--verbose` (optional) - Returns extended information to the terminal
+  - `--help` Displays usage guide
 - `version` - Displays version of Contrast CLI
-- `config` - Displays stored credentials (`–c, --clear` - Removes stored credentials)
+- `config` - Displays stored credentials
+  - `config --clear` - Removes stored credentials
 - `help` - Displays usage guide
 
-## Example of Running
+### Examples of usage
+
+show help for lambda
+
+```shell
+contrast lambda --help
+```
+
+get list of all available functions for scan
+
+```shell
+contrast lambda --list-functions
+```
+
+scan lambda function in specific region
 
 ```shell
-contrast lambda --function-name myFunctionName
 contrast lambda -f myFunctionName --region eu-cental-1
-contrast lambda -f myFunctionName --region eu-cental-1 --profile myDevProfile
-contrast lambda -f myFunctionName -v -j -r eu-cental-1 -p myDevProfile
-contrast lambda --function-name myFunctionName --verbose --json-output --region eu-cental-1 --profile myDevProfile
+```
+
+scan lambda function with different profile
+
+```shell
+contrast lambda -f myFunctionName --profile myDevProfile
+```
+
+scan lambda function with full details in json format
+
+```shell
+contrast lambda -f myFunctionName --json-output
+```
+
+scan lambda function with all possible flags
+
+```shell
+contrast lambda -f myFunctionName --region eu-cental-1 --profile myDevProfile --endpoint-url https://adbb-94-188-169-138.eu.ngrok.io/ --verbose --json-output
 ```
 
 ## Example of Results
 
-![image](https://user-images.githubusercontent.com/289035/165555050-e9a709c9-f2a9-4edc-a064-8208445238bc.png)
+### Dependency vulnerabilities
+
+![image](https://user-images.githubusercontent.com/289035/166472066-fa4a179c-cbef-436f-bc8e-9cbb8a4b465e.png)
+
+### Least Privilege
+
+![image](https://user-images.githubusercontent.com/289035/166480331-54ec133f-3379-4023-9fe4-c0db352c5b16.png)

package/dist/audit/AnalysisEngine.js

@@ -0,0 +1,37 @@
+"use strict";
+class AnalysisEngine {
+    constructor(initAnalysis = {}) {
+        this.analyzers = [];
+        this.analysis = { ...initAnalysis };
+    }
+    use(analyzer) {
+        if (Array.isArray(analyzer)) {
+            this.analyzers = [...this.analyzers, ...analyzer];
+            return;
+        }
+        this.analyzers.push(analyzer);
+    }
+    analyze(callback, config) {
+        let i = 0;
+        const next = err => {
+            if (err) {
+                return setImmediate(() => callback(err, this.analysis));
+            }
+            if (i >= this.analyzers.length) {
+                return setImmediate(() => callback(null, this.analysis));
+            }
+            const analyzer = this.analyzers[i];
+            i++;
+            setImmediate(() => {
+                try {
+                    analyzer(this.analysis, next, config);
+                }
+                catch (uncaughtErr) {
+                    next(uncaughtErr);
+                }
+            });
+        };
+        next();
+    }
+}
+module.exports = exports = AnalysisEngine;

package/dist/audit/catalogueApplication/catalogueApplication.js

@@ -0,0 +1,36 @@
+"use strict";
+const i18n = require('i18n');
+const { getHttpClient, handleResponseErrors } = require('../../utils/commonApi');
+const locationOfApp = (config, appId) => {
+    return `${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${appId}`;
+};
+const displaySuccessMessage = (config, appId) => {
+    console.log('\n **************************' +
+        i18n.__('successHeader') +
+        '************************** \n');
+    console.log('\n' + i18n.__('catalogueSuccessCommand') + appId + '\n');
+    console.log(locationOfApp(config, appId));
+    console.log('\n *********************************************************** \n');
+};
+const catalogueApplication = async (config) => {
+    const client = getHttpClient(config);
+    let appId;
+    await client
+        .catalogueCommand(config)
+        .then(res => {
+        if (res.statusCode === 201) {
+            displaySuccessMessage(config, res.body.application.app_id);
+            appId = res.body.application.app_id;
+        }
+        else {
+            handleResponseErrors(res, 'catalogue');
+        }
+    })
+        .catch(err => {
+        console.log(err);
+    });
+    return appId;
+};
+module.exports = {
+    catalogueApplication: catalogueApplication
+};

package/dist/audit/dotnetAnalysisEngine/index.js

@@ -0,0 +1,25 @@
+"use strict";
+const AnalysisEngine = require('../AnalysisEngine');
+const readProjectFileContents = require('./readProjectFileContents');
+const parseProjectFileContents = require('./parseProjectFileContents');
+const readLockFileContents = require('./readLockFileContents');
+const parseLockFileContents = require('./parseLockFileContents');
+const sanitizer = require('./sanitizer');
+const i18n = require('i18n');
+module.exports = exports = (language, config, callback) => {
+    const ae = new AnalysisEngine({ language, config, dotnet: {} });
+    ae.use([
+        readProjectFileContents,
+        parseProjectFileContents,
+        readLockFileContents,
+        parseLockFileContents,
+        sanitizer
+    ]);
+    ae.analyze((err, analysis) => {
+        if (err) {
+            callback(new Error(i18n.__('dotnetAnalysisFailure') + err.message));
+            return;
+        }
+        callback(null, analysis);
+    });
+};

package/dist/audit/dotnetAnalysisEngine/parseLockFileContents.js

@@ -0,0 +1,35 @@
+"use strict";
+const i18n = require('i18n');
+module.exports = exports = ({ language: { lockFilePath }, dotnet }, next) => {
+    const { rawLockFileContents } = dotnet;
+    if (!rawLockFileContents) {
+        next();
+        return;
+    }
+    try {
+        let count = 0;
+        dotnet.lockFile = JSON.parse(rawLockFileContents);
+        for (const dependenciesNode in dotnet.lockFile.dependencies) {
+            for (const innerNode in dotnet.lockFile.dependencies[dependenciesNode]) {
+                const nodeValidation = JSON.stringify(dotnet.lockFile.dependencies[dependenciesNode][innerNode]);
+                if (nodeValidation.includes('"type":"Project"')) {
+                    count += 1;
+                    delete dotnet.lockFile.dependencies[dependenciesNode][innerNode];
+                    dotnet.additionalInfo = 'dependenciesNote';
+                }
+            }
+        }
+        if (count > 0) {
+            const multiLevelProjectWarning = () => {
+                console.log('');
+                console.log(i18n.__('dependenciesNote'));
+            };
+            setTimeout(multiLevelProjectWarning, 7000);
+        }
+    }
+    catch (err) {
+        next(new Error(i18n.__('dotnetParseLockfile', lockFilePath) + `${err.message}`));
+        return;
+    }
+    next();
+};

package/dist/audit/dotnetAnalysisEngine/parseProjectFileContents.js

@@ -0,0 +1,15 @@
+"use strict";
+const xml2js = require('xml2js');
+const i18n = require('i18n');
+module.exports = exports = ({ language: { projectFilePath }, dotnet }, next) => {
+    const { rawProjectFileContents } = dotnet;
+    const parser = new xml2js.Parser({ explicitArray: false, mergeAttrs: true });
+    parser.parseString(rawProjectFileContents, (err, projectFileXML) => {
+        if (err) {
+            next(new Error(i18n.__('dotnetParseProjectFile', projectFilePath) + `${err}`));
+            return;
+        }
+        dotnet.projectFile = projectFileXML;
+        next();
+    });
+};

package/dist/audit/dotnetAnalysisEngine/readLockFileContents.js

@@ -0,0 +1,18 @@
+"use strict";
+const fs = require('fs');
+const i18n = require('i18n');
+module.exports = exports = (analysis, next) => {
+    const { language: { lockFilePath }, dotnet } = analysis;
+    if (!lockFilePath) {
+        next();
+        return;
+    }
+    try {
+        dotnet.rawLockFileContents = fs.readFileSync(lockFilePath);
+    }
+    catch (err) {
+        next(new Error(i18n.__('dotnetReadLockfile', lockFilePath) + `${err.message}`));
+        return;
+    }
+    next();
+};

package/dist/audit/dotnetAnalysisEngine/readProjectFileContents.js

@@ -0,0 +1,14 @@
+"use strict";
+const fs = require('fs');
+const i18n = require('i18n');
+module.exports = exports = (analysis, next) => {
+    const { language: { projectFilePath }, dotnet } = analysis;
+    try {
+        dotnet.rawProjectFileContents = fs.readFileSync(projectFilePath);
+    }
+    catch (err) {
+        next(new Error(i18n.__('dotnetReadProjectFile', projectFilePath) + `${err.message}`));
+        return;
+    }
+    next();
+};

package/dist/audit/dotnetAnalysisEngine/sanitizer.js

@@ -0,0 +1,9 @@
+"use strict";
+module.exports = exports = ({ dotnet }, next) => {
+    delete dotnet.rawProjectFileContents;
+    delete dotnet.parsedProjectFileContents;
+    delete dotnet.projectFileXML;
+    delete dotnet.packageReferences;
+    delete dotnet.rawLockFileContents;
+    next();
+};

package/dist/audit/goAnalysisEngine/index.js

@@ -0,0 +1,17 @@
+"use strict";
+const AnalysisEngine = require('../AnalysisEngine');
+const readProjectFileContents = require('./readProjectFileContents');
+const parseProjectFileContents = require('./parseProjectFileContents');
+const sanitizer = require('./sanitizer');
+const i18n = require('i18n');
+module.exports = exports = (language, config, callback) => {
+    const ae = new AnalysisEngine({ language, config, go: {} });
+    ae.use([readProjectFileContents, parseProjectFileContents, sanitizer]);
+    ae.analyze((err, analysis) => {
+        if (err) {
+            callback(new Error(i18n.__('goAnalysisError') + `${err.message}`));
+            return;
+        }
+        callback(null, analysis);
+    });
+};

package/dist/audit/goAnalysisEngine/parseProjectFileContents.js

@@ -0,0 +1,164 @@
+"use strict";
+const i18n = require('i18n');
+const crypto = require('crypto');
+module.exports = exports = ({ go }, next) => {
+    const { modGraphOutput } = go;
+    try {
+        go.goDependencyTrees = parseGo(modGraphOutput);
+    }
+    catch (err) {
+        next(new Error(i18n.__('goParseProjectFile') + `${err.message}`));
+        return;
+    }
+    next();
+};
+const splitAllLinesIntoArray = modGraphOutput => {
+    return modGraphOutput.split(/\r\n|\r|\n/);
+};
+const parseGo = modGraphOutput => {
+    let splitLines = splitAllLinesIntoArray(modGraphOutput);
+    const directDepNames = getDirectDepNames(splitLines);
+    const uniqueTransitiveDepNames = getAllUniqueTransitiveDepNames(splitLines, directDepNames);
+    let rootNodes = createRootNodes(splitLines);
+    createTransitiveDeps(uniqueTransitiveDepNames, splitLines, rootNodes);
+    return rootNodes;
+};
+const getAllDepsOfADepAsEdge = (dep, deps) => {
+    let edges = {};
+    const depRows = deps.filter(line => {
+        return line.startsWith(dep);
+    });
+    depRows.forEach(dep => {
+        const edgeName = dep.split(' ')[1];
+        edges[edgeName] = edgeName;
+    });
+    return edges;
+};
+const getAllDepsOfADepAsName = (dep, deps) => {
+    let edges = [];
+    const depRows = deps.filter(line => {
+        return line.startsWith(dep);
+    });
+    depRows.forEach(dep => {
+        const edgeName = dep.split(' ')[1];
+        edges.push(edgeName);
+    });
+    return edges;
+};
+const createRootNodes = deps => {
+    let rootDep = {};
+    const rootDeps = getRootDeps(deps);
+    const edges = rootDeps.map(dep => {
+        return dep.split(' ')[1];
+    });
+    rootDep[rootDeps[0].split(' ')[0]] = {};
+    edges.forEach(edge => {
+        const splitEdge = edge.split('@');
+        const splitGroupName = splitEdge[0].split('/');
+        const name = splitGroupName.pop();
+        const lastSlash = splitEdge[0].lastIndexOf('/');
+        let group = splitEdge[0].substring(0, lastSlash);
+        const hash = getHash(splitEdge[0]);
+        group = checkGroupExists(group, name);
+        const edgesOfDep = getAllDepsOfADepAsEdge(edge, deps);
+        rootDep[rootDeps[0].split(' ')[0]][edge] = {
+            artifactID: name,
+            group: group,
+            version: splitEdge[1],
+            scope: '"compile',
+            type: 'direct',
+            hash: hash,
+            edges: edgesOfDep
+        };
+    });
+    return rootDep;
+};
+const getRootDeps = deps => {
+    const rootDeps = deps.filter(dep => {
+        const parentDep = dep.split(' ')[0];
+        if (parentDep.split('@v').length === 1) {
+            return dep;
+        }
+    });
+    return rootDeps;
+};
+const getHash = library => {
+    let shaSum = crypto.createHash('sha1');
+    shaSum.update(library);
+    return shaSum.digest('hex');
+};
+const getDirectDepNames = deps => {
+    const directDepNames = [];
+    deps.forEach(dep => {
+        const parentDep = dep.split(' ')[0];
+        if (parentDep.split('@v').length === 1) {
+            dep.split(' ')[1] !== undefined
+                ? directDepNames.push(dep.split(' ')[1])
+                : null;
+        }
+    });
+    return directDepNames;
+};
+const getAllUniqueTransitiveDepNames = (deps, directDepNames) => {
+    let uniqueDeps = [];
+    deps.forEach(dep => {
+        const parentDep = dep.split(' ')[0];
+        if (parentDep.split('@v').length !== 1) {
+            if (!directDepNames.includes(parentDep)) {
+                if (!uniqueDeps.includes(parentDep)) {
+                    parentDep.length > 1 ? uniqueDeps.push(parentDep) : null;
+                }
+            }
+        }
+    });
+    return uniqueDeps;
+};
+const checkGroupExists = (group, name) => {
+    if (group === null || group === '') {
+        return name;
+    }
+    return group;
+};
+const createTransitiveDeps = (transitiveDeps, splitLines, rootNodes) => {
+    transitiveDeps.forEach(dep => {
+        const splitEdge = dep.split('@');
+        const splitGroupName = splitEdge[0].split('/');
+        const name = splitGroupName.pop();
+        const lastSlash = splitEdge[0].lastIndexOf('/');
+        let group = splitEdge[0].substring(0, lastSlash);
+        const hash = getHash(splitEdge[0]);
+        group = checkGroupExists(group, name);
+        const transitiveDep = {
+            artifactID: name,
+            group: group,
+            version: splitEdge[1],
+            scope: 'compile',
+            type: 'transitive',
+            hash: hash,
+            edges: {}
+        };
+        const edges = getAllDepsOfADepAsEdge(dep, splitLines);
+        transitiveDep.edges = edges;
+        const edgesAsName = getAllDepsOfADepAsName(dep, splitLines);
+        edgesAsName.forEach(dep => {
+            const splitEdge = dep.split('@');
+            const splitGroupName = splitEdge[0].split('/');
+            const name = splitGroupName.pop();
+            const lastSlash = splitEdge[0].lastIndexOf('/');
+            let group = splitEdge[0].substring(0, lastSlash);
+            const hash = getHash(splitEdge[0]);
+            group = checkGroupExists(group, name);
+            const transitiveDep = {
+                artifactID: name,
+                group: group,
+                version: splitEdge[1],
+                scope: 'compile',
+                type: 'transitive',
+                hash: hash,
+                edges: {}
+            };
+            rootNodes[Object.keys(rootNodes)[0]][dep] = transitiveDep;
+        });
+        rootNodes[Object.keys(rootNodes)[0]][dep] = transitiveDep;
+    });
+};

package/dist/audit/goAnalysisEngine/readProjectFileContents.js

@@ -0,0 +1,21 @@
+"use strict";
+const child_process = require('child_process');
+const i18n = require('i18n');
+module.exports = exports = async ({ language: { projectFilePath }, go }, next) => {
+    let cmdStdout;
+    let cwd;
+    try {
+        cwd = projectFilePath.replace('go.mod', '');
+        cmdStdout = child_process.execSync('go mod graph', { cwd });
+        go.modGraphOutput = cmdStdout.toString();
+        next();
+    }
+    catch (err) {
+        if (err.message === 'spawnSync /bin/sh ENOENT') {
+            err.message =
+                '\n\n*************** No transitive dependencies ***************\n\nWe are unable to build a dependency tree view from your repository as there were no transitive dependencies found.';
+        }
+        next(new Error(i18n.__('goReadProjectFile', cwd, `${err.message ? err.message : ''}`)));
+        return;
+    }
+};

package/dist/audit/goAnalysisEngine/sanitizer.js

@@ -0,0 +1,5 @@
+"use strict";
+module.exports = exports = ({ go }, next) => {
+    delete go.modGraphOutput;
+    next();
+};

package/dist/audit/javaAnalysisEngine/index.js

@@ -0,0 +1,34 @@
+"use strict";
+const AnalysisEngine = require('../AnalysisEngine');
+const readProjectFileContents = require('./readProjectFileContents');
+const parseMavenProjectFileContents = require('./parseMavenProjectFileContents');
+const parseProjectFileContents = require('./parseProjectFileContents');
+const sanitizer = require('./sanitizer');
+const i18n = require('i18n');
+module.exports = exports = (language, config, callback) => {
+    const ae = new AnalysisEngine({ language, config, java: {} });
+    language.projectFilePath = language.projectFilePath.replace('build.gradle.kts', 'build.gradle');
+    if (config['beta_unified_java_parser']) {
+        console.log('Using new parser...');
+        ae.use([readProjectFileContents, parseProjectFileContents, sanitizer]);
+    }
+    else if (language.projectFilePath.endsWith('pom.xml') &&
+        !config['beta_unified_java_parser']) {
+        ae.use([readProjectFileContents, parseMavenProjectFileContents, sanitizer]);
+    }
+    else {
+        ae.use([
+            readProjectFileContents,
+            parseMavenProjectFileContents,
+            parseProjectFileContents,
+            sanitizer
+        ]);
+    }
+    ae.analyze((err, analysis) => {
+        if (err) {
+            console.log(i18n.__('javaAnalysisError'), err.message);
+            return;
+        }
+        callback(null, analysis, config);
+    }, config);
+};