@contrast/contrast 1.0.1 → 1.0.2

package/README.md

@@ -1,33 +1,43 @@
-# Contrast Command Line Interface
+# Contrast Free
 
-- [About Contrast CLI](#about-contrast-cli)
-- [Requirements](#requirements)
-- [Step 1 – Install](#step-1--install)
-  - [Installation via Homebrew](#installation-via-homebrew)
-  - [Install NPM / YARN](#install-npm--yarn)
-  - [Install with binaries](#install-with-binaries)
-- [Step 2 – Authenticate](#step-2--authenticate)
-- [Step 3 – Scan](#step-3--scan)
-  - [Usage](#usage)
-  - [Commands](#commands)
-  - [Examples of usage](#examples-of-usage)
-- [Example of Results](#example-of-results)
-  - [Dependencies Vulnerabilities](#dependencies-vulnerabilities)
-  - [Least Privilege](#least-privilege)
+- The fastest and most accurate SAST scanner.
+- Immediate and actionable results — scan code and serverless environments.
+- A frictionless and seamless sign-in process with GitHub or Google Account. From start to finish in minutes.
+- By running a scan on your lambda functions, you can find: Least privilege identity and access management (IAM) vulnerabilities (over permissive policies) and remediation.
 
-## About Contrast CLI
+## Install
 
-Contrast CLI helps you find & fix security issues on AWS lambda functions (supports **Java** and **Python**)  
-By running a scan on your lambda functions, you can find:
+```
+npm install -g @contrast/contrast
+```
+
+## Authenticate
+
+Authenticate by entering contrast auth in the terminal.
+
+In the resulting browser window, log in and authenticate with your GitHub or Google credentials.
+
+## Run a scan
+
+### SAST scan
+
+####Requirements
+Make sure you have the correct file types to scan.
 
-- Least privilege identity and access management (IAM) vulnerabilities (over permissive policies) and remediation
-- The Common Vulnerabilities and Exposures (CVE) from your libraries (Vulnerable Dependencies) and remediation
+- Upload a .jar or .war file to scan a Java project for analysis
+- Upload a .js or .zip file to scan a JavaScript project for analysis
+- Upload a .exe. or .zip file to scan a .NET c# web forms project
 
-## Requirements
+Start scanning
 
-- AWS credentials should be **available** on your local configure (usually `~/.aws/credentials`)
-- You have an option run lambda scan with your aws-profile to pass `--profile`
-- You also can export different credentials
+Use the Contrast scan command `contrast scan`
+
+### Lambda function scan
+
+####Requirements
+
+- Currently supports Java and Python functions on AWS.
+  Configure AWS credentials on your local environment by running the commands with your credentials:
 
 ```shell
 export AWS_DEFAULT_REGION=<YOUR_AWS_REGION>
@@ -35,148 +45,100 @@ export AWS_ACCESS_KEY_ID=<YOUR_ACCESS_KEY_ID>
 export AWS_SECRET_ACCESS_KEY=<YOUR_SECRET_ACCESS_KEY>
 ```
 
-These permissions are required to gather all required information on an AWS Lambda to use the `contrast lambda` command:
-
-- Lambda: [GetFunction](https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunction.html) | [GetLayerVersion](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html)
-- IAM: [GetRolePolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html) | [GetPolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html) | [GetPolicyVersion](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html) | [ListRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html) | [ListAttachedRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html)
-
-Policy example:
-
-```json
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Sid": "VisualEditor0",
-      "Effect": "Allow",
-      "Action": [
-        "iam:GetPolicyVersion",
-        "iam:GetPolicy",
-        "lambda:GetLayerVersion",
-        "lambda:GetFunction",
-        "iam:ListAttachedRolePolicies",
-        "iam:ListRolePolicies",
-        "iam:GetRolePolicy"
-      ],
-      "Resource": [
-        "arn:aws:lambda:*:YOUR_ACCOUNT:layer:*:*",
-        "arn:aws:lambda:*:YOUR_ACCOUNT:function:*",
-        "arn:aws:iam::YOUR_ACCOUNT:role/*",
-        "arn:aws:iam::YOUR_ACCOUNT:policy/*"
-      ]
-    }
-  ]
-}
-```
+- AWS credentials should be available on your local configure (usually **~/.aws/credentials**). You have an option to run a lambda scan with your aws-profile to pass --profile. You also can export different credentials.
 
-## Step 1 – Install
+- These permissions are required to gather all required information on an AWS Lambda to use the `contrast lambda` command:
 
-### Installation via Homebrew
+  - Lambda: [GetFunction](https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunction.html) | [GetLayerVersion](https://docs.aws.amazon.com/lambda/latest/dg/API_GetLayerVersion.html)
+  - IAM: [GetRolePolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetRolePolicy.html) | [GetPolicy](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicy.html) | [GetPolicyVersion](https://docs.aws.amazon.com/IAM/latest/APIReference/API_GetPolicyVersion.html) | [ListRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListRolePolicies.html) | [ListAttachedRolePolicies](https://docs.aws.amazon.com/IAM/latest/APIReference/API_ListAttachedRolePolicies.html)
 
-- `brew tap Contrast-Security-OSS/homebrew-contrast`
-- `brew install contrast`
+### Start scanning
 
-### Install NPM / YARN
+Use contrast lambda to scan your AWS Lambda functions.
+`contrast lambda --function-name MyFunctionName --region my-aws-region`
 
-- `npm install -g @contrast/contrast`
-- `yarn global add @contrast/contrast`
+## Contrast Free commands
 
-### Install with binaries
+### auth
 
-- Go to [https://pkg.contrastsecurity.com/ui/repos/tree/General/cli](https://pkg.contrastsecurity.com/ui/repos/tree/General/cli)
-- Select your operating system and download the package
-- You must allow **execute permissions** on the file depending on your OS
+Authenticate Contrast using your GitHub or Google account. A new browser window will open for login.
 
-| Architecture | Link                                                                                                                                                                           |
-| ------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| macOS        | [https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/mac/contrast](https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/mac/contrast)                 |
-| Linux        | [https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/linux/contrast](https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/linux/contrast)             |
-| Windows      | [https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/windows/contrast.exe](https://pkg.contrastsecurity.com/ui/repos/tree/General/cli/1.0.0/windows/contrast.exe) |
+**Usage:** `contrast auth`
 
-## Step 2 – Authenticate
+### config
 
-Authenticate using your existing [GitHub](https://github.com/) or [Google](https://www.google.com/) account.
+Displays stored credentials.
 
-```shell
-contrast auth
-```
+**Usage:** `contrast config`
 
-## Step 3 – Scan
+**Options:**
 
-Use contrast lambda to scan your AWS Lambda functions:
+- **-c, --clear** - Removes stored credentials.
 
-```shell
-contrast lambda --function-name MyFunctionName --region my-aws-region
-```
+### scan
 
-### Usage
+Performs a security SAST scan.
 
-- `contrast [command] [option]`
-- `contrast lambda --list-functions`
-- `contrast lambda --function-name <function> [options]`
-- `contrast lambda --help`
+**Usage:** `contrast scan [option]`
 
-### Commands
+**Options:**
 
-- `auth` - Authenticate Contrast using your `Github` or `Google` account
-- `lambda` - Perform scan on AWS Lambda function
-  - `--function-name` - Name of AWS lambda function to scan
-  - `--list-functions` - List all available lambda functions to scan
-  - `--endpoint-url` (optional) - AWS Endpoint override, works like in AWS CLI
-  - `--region` (optional) - Region override, default to AWS_DEAFAULT_REGION env var, works like in AWS CLI
-  - `--profile` (optional) - AWS configuration profile override, works like in AWS CLI
-  - `--json-output` (optional) - Return response in JSON (versus default human readable format)
-  - `--verbose` (optional) - Returns extended information to the terminal
-  - `--help` Displays usage guide
-- `version` - Displays version of Contrast CLI
-- `config` - Displays stored credentials
-  - `config --clear` - Removes stored credentials
-- `help` - Displays usage guide
+- **contrast scan --file** Path of the file you want to scan. Contrast searches for a .jar, .war, .js. or .zip file in the working directory if a file is not specified.
+  Alias: **--f**
 
-### Examples of usage
+- **contrast scan --name**
+  Contrast project name. If not specified, Contrast uses contrast.settings to identify the project or creates a project.
+  Alias: **–n**
+- **contrast scan --save**
+  Download the results to a Static Analysis Results Interchange Format (SARIF) file.
+  Alias: **-s**
 
-show help for lambda
+- **contrast scan --timeout**
+  Time in seconds to wait for the scan to complete. Default value is 300 seconds.
+  Alias: **-t**
 
-```shell
-contrast lambda --help
-```
+### lambda
 
-get list of all available functions for scan
+Name of AWS lambda function to scan.
 
-```shell
-contrast lambda --list-functions
-```
-
-scan lambda function in specific region
+**Usage:** `contrast lambda --function-name`
 
-```shell
-contrast lambda -f myFunctionName --region eu-cental-1
-```
+**Options:**
 
-scan lambda function with different profile
+- **contrast lambda --function-name --endpoint-url**
+  AWS Endpoint override. Similar to AWS CLI.
+  Alias: **-e**
 
-```shell
-contrast lambda -f myFunctionName --profile myDevProfile
-```
+- **contrast lambda --function-name --region**
+  Region override. Defaults to AWS_DEFAULT_REGION. Similar to AWS CLI.
+  Alias: **-r**
 
-scan lambda function with full details in json format
+- **contrast lambda --function-name --profile**
+  AWS configuration profile override. Similar to AWS CLI.
+  Alias: **-p**
 
-```shell
-contrast lambda -f myFunctionName --json-output
-```
+- **contrast lambda --function-name --json**
+  Return response in JSON (versus default human-readable format).
+  Alias: **-j**
 
-scan lambda function with all possible flags
+- **contrast lambda -–function-name -–verbose**
+  Returns extended information to the terminal.
+  Alias: **-v**
 
-```shell
-contrast lambda -f myFunctionName --region eu-cental-1 --profile myDevProfile --endpoint-url https://adbb-94-188-169-138.eu.ngrok.io/ --verbose --json-output
-```
+- **contrast lambda -–function-name --list-functions**
+  Lists all available lambda functions to scan.
 
-## Example of Results
+- **contrast lambda --function-name -–help**
+  Displays usage guide.
+  Alias: **-h**
 
-### Dependency vulnerabilities
+### help
 
-![image](https://user-images.githubusercontent.com/289035/166472066-fa4a179c-cbef-436f-bc8e-9cbb8a4b465e.png)
+Displays usage guide. To list detailed help for any CLI command, add the -h or --help flag to the command.
+**Usage:** `contrast scan --help`
+Alias: **-h**
 
-### Least Privilege
+### version
 
-![image](https://user-images.githubusercontent.com/289035/166480331-54ec133f-3379-4023-9fe4-c0db352c5b16.png)
+Displays version of Contrast CLI.
+**Usage:** `contrast version` Alias: **-v**, **--version**

package/dist/common/errorHandling.js

@@ -3,8 +3,9 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.libraryAnalysisError = exports.handleResponseErrors = exports.getErrorMessage = exports.generalError = exports.hostWarningError = exports.failOptionError = exports.proxyError = exports.forbiddenError = exports.badRequestError = exports.unauthenticatedError = exports.genericError = void 0;
+exports.approximateCommandOnError = exports.libraryAnalysisError = exports.handleResponseErrors = exports.getErrorMessage = exports.generalError = exports.hostWarningError = exports.failOptionError = exports.proxyError = exports.forbiddenError = exports.badRequestError = exports.unauthenticatedError = exports.genericError = void 0;
 const i18n_1 = __importDefault(require("i18n"));
+const lodash_1 = require("lodash");
 const handleResponseErrors = (res, api) => {
     if (res.statusCode === 400) {
         api === 'catalogue' ? badRequestError(true) : badRequestError(false);
@@ -106,3 +107,32 @@ const generalError = (header, message) => {
     console.log(finalMessage);
 };
 exports.generalError = generalError;
+const approximateCommandOnError = (unknownOptions) => {
+    const commandKeywords = {
+        auth: 'auth',
+        audit: 'audit',
+        scan: 'scan',
+        lambda: 'lambda',
+        config: 'config'
+    };
+    const sortedUnknownOptions = (0, lodash_1.sortBy)(unknownOptions, param => param === 'auth' ||
+        param === 'audit' ||
+        param === 'scan' ||
+        param === 'lambda' ||
+        param === 'config'
+        ? 0
+        : 1);
+    const foundCommands = sortedUnknownOptions.filter(command => commandKeywords[command]);
+    const parsedUnknownOptions = sortedUnknownOptions
+        .toString()
+        .replace(/,/g, ' ');
+    const approximateParams = parsedUnknownOptions
+        .replace(new RegExp(foundCommands.join('|'), 'g'), '')
+        .trim();
+    const approximateCommand = `${foundCommands[0]} ${approximateParams}`;
+    return {
+        approximateCommand,
+        approximateCommandKeyword: foundCommands[0]
+    };
+};
+exports.approximateCommandOnError = approximateCommandOnError;

package/dist/constants/constants.js

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '1.0.1';
+const APP_VERSION = '1.0.2';
 const TIMEOUT = 120000;
 const AUTH_UI_URL = 'https://cli-auth.contrastsecurity.com';
 const AUTH_CALLBACK_URL = 'https://cli-auth-api.contrastsecurity.com';

package/dist/constants/locales.js

@@ -1,5 +1,6 @@
 "use strict";
 const { lambda } = require('./lambda');
+const chalk = require('chalk');
 const en_locales = () => {
     return {
         successHeader: 'SUCCESS',
@@ -187,6 +188,7 @@ const en_locales = () => {
         noFileFoundScan: "We could't find a suitable file in your directories (we go 3 deep)",
         specifyFileScanError: 'Java Scan requires a .war or .jar file. Javascript Scan requires a .js or .zip file.\nTo start a Scan enter "contrast scan -f <path-to-file>"',
         populateProjectIdMessage: 'project ID is %s',
+        genericServiceError: 'returned with status code %s',
         permissionsError: 'You do not have the correct permissions here. \n Contact support@contrastsecurity.com to get this fixed.',
         scanErrorFileMessage: 'We only accept the following file types: \nJava - .jar, .war \nJavaScript - .js or .zip files',
         helpAuthSummary: 'Authenticate Contrast using your Github or Google account',
@@ -207,13 +209,17 @@ const en_locales = () => {
         scanOptionsFileNameSummary: 'Path of the file you want to scan. If no file is specified, Contrast searches for a .jar, .war, .js, .exe or .zip file in the working directory.',
         scanOptionsVerboseSummary: ' Returns extended information to the terminal.',
         authSuccessMessage: 'Authentication successful',
-        runAuthSuccessMessage: 'Now you can use Contrast CLI',
+        runAuthSuccessMessage: "Now you can use Contrast CLI \nRun 'contrast scan' on your file \n" +
+            "or 'contrast help' to learn more about the capabilities.",
         authWaitingMessage: 'Waiting for auth...',
         authTimedOutMessage: 'Auth Timed out, try again',
         zipErrorScan: 'We only support zip files for JAVASCRIPT language, please set the flag --language JAVASCRIPT',
         unknownFileErrorScan: 'Unsupported file selected for Scan.',
         foundScanFile: 'found: %s',
-        foundDetailedVulnerabilities: '%s Critical %s High %s Medium %s Low %s Note',
+        foundDetailedVulnerabilities: chalk.bold('%s Critical') +
+            ' | ' +
+            chalk.bold('%s High') +
+            ' | %s Medium | %s Low | %s Note',
         requiredParams: 'All required parameters are not present.',
         timeoutScan: 'Timeout set to 5 minutes.',
         searchingScanFileDirectory: 'Searching for file to scan from %s...',

package/dist/index.js

@@ -30,7 +30,9 @@ const getMainOption = () => {
 const start = async () => {
     const { mainOptions, argv: argvMain } = getMainOption();
     const command = mainOptions.command != undefined ? mainOptions.command.toLowerCase() : '';
-    if (command === 'version') {
+    if (command === 'version' ||
+        argvMain.includes('--v') ||
+        argvMain.includes('--version')) {
         console.log(constants_2.APP_VERSION);
         return;
     }
@@ -57,6 +59,7 @@ const start = async () => {
     }
     else {
         console.log('Unknown Command: ' + command + ' \nUse --help for the full list');
+        process.exit(9);
     }
 };
 start();

package/dist/scan/scan.js

@@ -18,6 +18,7 @@ const stripMustacheTags = oldString => {
     return oldString
         .replace(/\n/g, ' ')
         .replace(/{{.*?}}/g, '\n')
+        .replace(/\$\$LINK_DELIM\$\$/g, '\n')
         .replace(/\s+/g, ' ')
         .trim();
 };
@@ -50,6 +51,7 @@ const sendScan = async (config) => {
                 if (res.statusCode === 403) {
                     console.log(i18n.__('permissionsError'));
                 }
+                console.log(i18n.__('genericServiceError', res.statusCode));
                 process.exit(1);
             }
         })
@@ -64,7 +66,10 @@ const formatScanOutput = (overview, results) => {
         console.log(i18n.__('scanNoVulnerabilitiesFound'));
     }
     else {
-        console.log(chalk.bold('Here are your top priorities to fix'));
+        let message = overview.critical || overview.high
+            ? 'Here are your top priorities to fix'
+            : "No major issues, here's what we found";
+        console.log(chalk.bold(message));
         console.log();
         const groups = getGroups(results.content);
         groups.forEach(entry => {
@@ -102,7 +107,7 @@ const getGroups = content => {
                 groupResultsObj.severity = resultEntry.severity;
                 groupResultsObj.recommendation = resultEntry.recommendation
                     ? stripMustacheTags(resultEntry.recommendation)
-                    : '';
+                    : 'No Recommendations Data Found';
                 groupResultsObj.lineInfoSet.add(formattedCodeLine(resultEntry));
             }
         });

package/dist/scan/scanResults.js

@@ -40,6 +40,7 @@ const returnScanResults = async (config, codeArtifactId, timeout, startScanSpinn
                 if (result.body.status === 'FAILED') {
                     complete = true;
                     oraFunctions.failSpinner(startScanSpinner, 'Contrast Scan Failed.');
+                    console.log(result.body.errorMessage);
                     process.exit(1);
                 }
             }

package/dist/utils/paramsUtil/commandlineParams.js

@@ -1,5 +1,5 @@
 "use strict";
-const getAuth = parsedCLIOptions => {
+const getAuth = (parsedCLIOptions = {}) => {
     let params = {};
     params.apiKey = parsedCLIOptions['apiKey'];
     params.authorization = parsedCLIOptions['authorization'];

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/contrast",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Contrast Security's command line tool",
   "main": "dist/index.js",
   "bin": {

package/src/common/errorHandling.ts

@@ -1,4 +1,5 @@
 import i18n from 'i18n'
+import { sortBy } from 'lodash'
 
 const handleResponseErrors = (res: any, api: string) => {
   if (res.statusCode === 400) {
@@ -104,7 +105,7 @@ const getErrorMessage = (header: string, message?: string) => {
   const multiLine = message?.includes('\n')
   let finalMessage = ''
 
-  // i18n split the line if it includes "\n"
+  // i18n split the line if it includes '\n'
   if (multiLine) {
     finalMessage = `\n${message}`
   } else if (message) {
@@ -119,6 +120,45 @@ const generalError = (header: string, message?: string) => {
   console.log(finalMessage)
 }
 
+const approximateCommandOnError = (unknownOptions: string[]) => {
+  const commandKeywords = {
+    auth: 'auth',
+    audit: 'audit',
+    scan: 'scan',
+    lambda: 'lambda',
+    config: 'config'
+  }
+  const sortedUnknownOptions = sortBy(unknownOptions, param =>
+    param === 'auth' ||
+    param === 'audit' ||
+    param === 'scan' ||
+    param === 'lambda' ||
+    param === 'config'
+      ? 0
+      : 1
+  )
+
+  const foundCommands = sortedUnknownOptions.filter(
+    // @ts-ignore
+    command => commandKeywords[command]
+  )
+
+  const parsedUnknownOptions = sortedUnknownOptions
+    .toString()
+    .replace(/,/g, ' ')
+
+  const approximateParams = parsedUnknownOptions
+    .replace(new RegExp(foundCommands.join('|'), 'g'), '')
+    .trim()
+
+  const approximateCommand = `${foundCommands[0]} ${approximateParams}`
+
+  return {
+    approximateCommand,
+    approximateCommandKeyword: foundCommands[0]
+  }
+}
+
 export {
   genericError,
   unauthenticatedError,
@@ -130,5 +170,6 @@ export {
   generalError,
   getErrorMessage,
   handleResponseErrors,
-  libraryAnalysisError
+  libraryAnalysisError,
+  approximateCommandOnError
 }

package/src/constants/constants.js

@@ -15,7 +15,7 @@ const HIGH = 'HIGH'
 const CRITICAL = 'CRITICAL'
 
 const APP_NAME = 'contrast'
-const APP_VERSION = '1.0.1'
+const APP_VERSION = '1.0.2'
 const TIMEOUT = 120000
 const AUTH_UI_URL = 'https://cli-auth.contrastsecurity.com'
 const AUTH_CALLBACK_URL = 'https://cli-auth-api.contrastsecurity.com'

package/src/constants/locales.js

@@ -1,4 +1,5 @@
 const { lambda } = require('./lambda')
+const chalk = require('chalk')
 
 const en_locales = () => {
   return {
@@ -288,6 +289,7 @@ const en_locales = () => {
     specifyFileScanError:
       'Java Scan requires a .war or .jar file. Javascript Scan requires a .js or .zip file.\nTo start a Scan enter "contrast scan -f <path-to-file>"',
     populateProjectIdMessage: 'project ID is %s',
+    genericServiceError: 'returned with status code %s',
     permissionsError:
       'You do not have the correct permissions here. \n Contact support@contrastsecurity.com to get this fixed.',
     scanErrorFileMessage:
@@ -316,7 +318,9 @@ const en_locales = () => {
       'Path of the file you want to scan. If no file is specified, Contrast searches for a .jar, .war, .js, .exe or .zip file in the working directory.',
     scanOptionsVerboseSummary: ' Returns extended information to the terminal.',
     authSuccessMessage: 'Authentication successful',
-    runAuthSuccessMessage: 'Now you can use Contrast CLI',
+    runAuthSuccessMessage:
+      "Now you can use Contrast CLI \nRun 'contrast scan' on your file \n" +
+      "or 'contrast help' to learn more about the capabilities.",
     authWaitingMessage: 'Waiting for auth...',
     authTimedOutMessage: 'Auth Timed out, try again',
     zipErrorScan:
@@ -324,7 +328,10 @@ const en_locales = () => {
     unknownFileErrorScan: 'Unsupported file selected for Scan.',
     foundScanFile: 'found: %s',
     foundDetailedVulnerabilities:
-      '%s Critical %s High %s Medium %s Low %s Note',
+      chalk.bold('%s Critical') +
+      ' | ' +
+      chalk.bold('%s High') +
+      ' | %s Medium | %s Low | %s Note',
     requiredParams: 'All required parameters are not present.',
     timeoutScan: 'Timeout set to 5 minutes.',
     searchingScanFileDirectory: 'Searching for file to scan from %s...',

package/src/index.ts

@@ -8,6 +8,7 @@ import { APP_NAME, APP_VERSION } from './constants/constants'
 import { processLambda } from './lambda/lambda'
 import { localConfig } from './utils/getConfig'
 import findLatestCLIVersion from './common/findLatestCLIVersion'
+import { approximateCommandOnError } from './common/errorHandling'
 
 const {
   commandLineDefinitions: { mainUsageGuide, mainDefinition }
@@ -33,7 +34,11 @@ const start = async () => {
   const { mainOptions, argv: argvMain } = getMainOption()
   const command =
     mainOptions.command != undefined ? mainOptions.command.toLowerCase() : ''
-  if (command === 'version') {
+  if (
+    command === 'version' ||
+    argvMain.includes('--v') ||
+    argvMain.includes('--version')
+  ) {
     console.log(APP_VERSION)
     return
   }
@@ -70,6 +75,7 @@ const start = async () => {
     console.log(
       'Unknown Command: ' + command + ' \nUse --help for the full list'
     )
+    process.exit(9)
   }
 }
 

package/src/scan/scan.js

@@ -19,6 +19,7 @@ const stripMustacheTags = oldString => {
   return oldString
     .replace(/\n/g, ' ')
     .replace(/{{.*?}}/g, '\n')
+    .replace(/\$\$LINK_DELIM\$\$/g, '\n')
     .replace(/\s+/g, ' ')
     .trim()
 }
@@ -58,6 +59,7 @@ const sendScan = async config => {
           if (res.statusCode === 403) {
             console.log(i18n.__('permissionsError'))
           }
+          console.log(i18n.__('genericServiceError', res.statusCode))
           process.exit(1)
         }
       })
@@ -69,12 +71,15 @@ const sendScan = async config => {
 
 const formatScanOutput = (overview, results) => {
   console.log()
-  //check for no vulnerabilities and show a different message
 
   if (results.content.length === 0) {
     console.log(i18n.__('scanNoVulnerabilitiesFound'))
   } else {
-    console.log(chalk.bold('Here are your top priorities to fix'))
+    let message =
+      overview.critical || overview.high
+        ? 'Here are your top priorities to fix'
+        : "No major issues, here's what we found"
+    console.log(chalk.bold(message))
     console.log()
 
     const groups = getGroups(results.content)
@@ -130,7 +135,7 @@ const getGroups = content => {
         groupResultsObj.severity = resultEntry.severity
         groupResultsObj.recommendation = resultEntry.recommendation
           ? stripMustacheTags(resultEntry.recommendation)
-          : ''
+          : 'No Recommendations Data Found'
         groupResultsObj.lineInfoSet.add(formattedCodeLine(resultEntry))
       }
     })

package/src/scan/scanResults.js

@@ -47,6 +47,7 @@ const returnScanResults = async (
         if (result.body.status === 'FAILED') {
           complete = true
           oraFunctions.failSpinner(startScanSpinner, 'Contrast Scan Failed.')
+          console.log(result.body.errorMessage)
           process.exit(1)
         }
       }

package/src/utils/paramsUtil/commandlineParams.js

@@ -1,4 +1,4 @@
-const getAuth = parsedCLIOptions => {
+const getAuth = (parsedCLIOptions = {}) => {
   let params = {}
   params.apiKey = parsedCLIOptions['apiKey']
   params.authorization = parsedCLIOptions['authorization']

package/dist/lambda/scanDetail.js

@@ -1,30 +0,0 @@
-'use strict'
-Object.defineProperty(exports, '__esModule', { value: true })
-exports.pollScanDetail = void 0
-const requestUtils_1 = require('../utils/requestUtils')
-const pollScanDetail = async (
-  config,
-  params,
-  scanId,
-  httpClient,
-  pollCount,
-  showProgress = false
-) => {
-  await (0, requestUtils_1.sleep)(5000)
-  return httpClient.getFunctionScan(config, params, scanId).then(res => {
-    const { resultsCount = 0 } = res?.body?.data?.scan || {}
-    if (showProgress) {
-      process.stdout.write(
-        `\rScanning (${resultsCount} results found so far)${'.'.repeat(
-          pollCount
-        )}`
-      )
-    }
-    if (res.statusCode === 200) {
-      return res
-    } else {
-      throw Error(`Failed to get scan detail: ${res.statusCode} ${res.body}`)
-    }
-  })
-}
-exports.pollScanDetail = pollScanDetail

package/dist/scan/fileFinder.js

@@ -1,15 +0,0 @@
-'use strict'
-const fg = require('fast-glob')
-const i18n = require('i18n')
-const findFile = async () => {
-  console.log(i18n.__('searchingScanFileDirectory', process.cwd()))
-  const entries = fg(['**/*.jar', '**/*.war', '**/*.zip', '**/*.dll'], {
-    dot: false,
-    deep: 3,
-    onlyFiles: true
-  })
-  return entries
-}
-module.exports = {
-  findFile
-}

package/dist/utils/fileUtils.js

@@ -1,31 +0,0 @@
-"use strict";
-const fg = require('fast-glob');
-const fs = require('fs');
-const i18n = require('i18n');
-const findFile = async () => {
-    console.log(i18n.__('searchingScanFileDirectory', process.cwd()));
-    return fg(['**/*.jar', '**/*.war', '**/*.zip', '**/*.dll'], {
-        dot: false,
-        deep: 3,
-        onlyFiles: true
-    });
-};
-const checkFilePermissions = file => {
-    let readableFile = false;
-    try {
-        fs.accessSync(file, fs.constants.R_OK);
-        return (readableFile = true);
-    }
-    catch (err) {
-        console.log('Invalid permissions found on ', file);
-        process.exit(0);
-    }
-};
-const fileExists = path => {
-    return fs.existsSync(path);
-};
-module.exports = {
-    findFile,
-    fileExists,
-    checkFilePermissions
-};

package/dist/utils/paramsUtil/genericCommandLineParams.js

@@ -1,12 +0,0 @@
-"use strict";
-const cliOptions = require('../parsedCLIOptions');
-const getGenericCommandLineParams = () => {
-    return cliOptions.getCommandLineArgsGeneric();
-};
-const getSpecificCommandLineParams = (parameterList, optionDefinition) => {
-    return cliOptions.getCommandLineArgsCustom(parameterList, optionDefinition);
-};
-module.exports = {
-    getSpecificCommandLineParams,
-    getGenericCommandLineParams
-};

package/dist/utils/paramsUtil/yamlParams.js

@@ -1,6 +0,0 @@
-'use strict'
-const fs = require('fs')
-const yaml = require('js-yaml')
-const getAuth = yamlPath => {
-  const yamlParams = yaml.load(fs.readFileSync(yamlPath, 'utf8'))
-}