@contrast/contrast 1.0.1 → 1.0.4

package/src/constants/locales.js

@@ -1,4 +1,5 @@
 const { lambda } = require('./lambda')
+const chalk = require('chalk')
 
 const en_locales = () => {
   return {
@@ -13,8 +14,6 @@ const en_locales = () => {
     vulnerabilitiesSuccessMessage: ' Vulnerability data successfully retrieved',
     vulnerabilitiesFailureMessage:
       ' Unable to retrieve library vulnerabilities from Team Server.',
-    reportSuccessMessage: ' Report successfully retrieved',
-    reportFailureMessage: ' Unable to generate library report.',
     catchErrorMessage: 'Contrast UI error: ',
     dependenciesNote:
       'Please Note: We currently only support projects with one .csproj AND *.package.lock.json',
@@ -171,13 +170,19 @@ const en_locales = () => {
     constantsSeverity:
       'Combined with the --report command, allows the user to report libraries with vulnerabilities above a chosen severity level. For example, cve_severity medium only reports libraries with vulnerabilities at medium or higher severity. Values for level are high, medium or low.',
     constantsCount: "The number of CVE's that must be exceeded to fail a build",
-    constantsHeader: 'Contrast CLI',
+    constantsHeader: 'CodeSec by Contrast Security',
     constantsPrerequisitesContentScanLanguages: 'Java & JavaScript supported',
     constantsContrastContent:
-      'Use the Contrast CLI, the fastest and most accurate code scan, to help find and eliminate security bugs in your code.',
+      'Use the Contrast CLI to run a scan (Java, JavaScript and .NET ) or lambda command (Java and Python) to find your vulnerabilities and start securing your code.',
     constantsUsageGuideContentRecommendation:
       'Our recommendation is that this is invoked as part of a CI pipeline so that running the cli is automated as part of your build process.',
     constantsPrerequisitesHeader: 'Pre-requisites',
+    constantsAuthUsageHeader: 'Usage',
+    constantsAuthUsageContents: 'contrast auth',
+    constantsAuthHeaderContents:
+      'Authorize with external identity provider to perform scans on code',
+    configHeader: 'Config',
+    constantsConfigUsageContents: 'view / clear the configuration',
     constantsPrerequisitesContent:
       'To scan a Java project you will need a .jar or .war file for analysis\n' +
       'To scan a Javascript project you will need a .js or.zip file for analysis\n' +
@@ -185,7 +190,7 @@ const en_locales = () => {
     constantsUsage: 'Usage',
     constantsUsageCommandExample: 'contrast [command] [options]',
     constantsUsageCommandInfo:
-      'The file argument is optional. If no file is given, Contrast will search for a .jar, .war, .js, .exe or .zip file in the working directory.\n',
+      'The file argument is optional. If no file is given, Contrast will search for a .jar, .war, .exe or .zip file in the working directory.\n',
     constantsUsageCommandInfo24Hours:
       'Submitted files are encrypted during upload and deleted in 24 hours.',
     constantsAnd: 'AND',
@@ -267,7 +272,9 @@ const en_locales = () => {
       'Add the application code this application should use in the Contrast UI',
     constantsIgnoreCertErrors:
       ' For EOP users with a local Teamserver install, this will bypass the SSL certificate and recognise a self signed certificate.',
-    constantsSave: ' Saves the Scan Results JSON to file.',
+    constantsSave: ' Saves the Scan Results SARIF to file.',
+    scanLabel:
+      "adds a label to the scan - defaults to 'Started by CLI tool at current date'",
     constantsIgnoreDev:
       'Combined with the --report command excludes developer dependencies from the vulnerabilities report. By default all dependencies are included in a report.',
     constantsCommands: 'Commands',
@@ -277,7 +284,7 @@ const en_locales = () => {
     ignoreDevDep: 'No private libraries that are not scoped detected',
     foundExistingProjectScan: 'Found existing project...',
     projectCreatedScan: 'Project created',
-    uploadingScan: 'Uploading...',
+    uploadingScan: 'Uploading file to scan.',
     uploadingScanSuccessful: 'Uploaded file successfully.',
     uploadingScanFail: 'Unable to upload the file.',
     waitingTimedOut: 'Timed out.',
@@ -288,14 +295,15 @@ const en_locales = () => {
     specifyFileScanError:
       'Java Scan requires a .war or .jar file. Javascript Scan requires a .js or .zip file.\nTo start a Scan enter "contrast scan -f <path-to-file>"',
     populateProjectIdMessage: 'project ID is %s',
+    genericServiceError: 'returned with status code %s',
+    projectIdError: 'Your project ID is %s please check this is correct',
     permissionsError:
       'You do not have the correct permissions here. \n Contact support@contrastsecurity.com to get this fixed.',
     scanErrorFileMessage:
       'We only accept the following file types: \nJava - .jar, .war \nJavaScript - .js or .zip files',
     helpAuthSummary:
       'Authenticate Contrast using your Github or Google account',
-    helpScanSummary:
-      'Searches for a .jar, .war, .js or .zip file in the working directory, uploads for analysis and returns the results',
+    helpScanSummary: 'Perform static analysis on binaries / code artifacts',
     helpLambdaSummary: 'Perform scan on AWS Lambda functions',
     helpVersionSummary: 'Displays version of Contrast CLI',
     helpConfigSummary: 'Displays stored credentials',
@@ -306,6 +314,7 @@ const en_locales = () => {
     versionName: 'version',
     configName: 'config',
     helpName: 'help',
+    scanOptionsLanguageSummary: 'Valid values are JAVA, JAVASCRIPT and DOTNET',
     scanOptionsLanguageSummaryOptional:
       'Language of file to send for analysis. ',
     scanOptionsLanguageSummaryRequired:
@@ -313,30 +322,41 @@ const en_locales = () => {
     scanOptionsTimeoutSummary:
       'Time in seconds to wait for scan to complete. Default value is 300 seconds.',
     scanOptionsFileNameSummary:
-      'Path of the file you want to scan. If no file is specified, Contrast searches for a .jar, .war, .js, .exe or .zip file in the working directory.',
+      'Path of the file you want to scan. If no file is specified, Contrast searches for a .jar, .war, .exe or .zip file in the working directory.',
     scanOptionsVerboseSummary: ' Returns extended information to the terminal.',
     authSuccessMessage: 'Authentication successful',
-    runAuthSuccessMessage: 'Now you can use Contrast CLI',
+    runAuthSuccessMessage:
+      "Now you can use Contrast CLI \nRun 'contrast scan' on your file \n" +
+      "or 'contrast help' to learn more about the capabilities.",
     authWaitingMessage: 'Waiting for auth...',
     authTimedOutMessage: 'Auth Timed out, try again',
     zipErrorScan:
       'We only support zip files for JAVASCRIPT language, please set the flag --language JAVASCRIPT',
     unknownFileErrorScan: 'Unsupported file selected for Scan.',
-    foundScanFile: 'found: %s',
+    foundScanFile: 'Found: %s',
     foundDetailedVulnerabilities:
-      '%s Critical %s High %s Medium %s Low %s Note',
+      chalk.bold('%s Critical') +
+      ' | ' +
+      chalk.bold('%s High') +
+      ' | %s Medium | %s Low | %s Note',
     requiredParams: 'All required parameters are not present.',
     timeoutScan: 'Timeout set to 5 minutes.',
     searchingScanFileDirectory: 'Searching for file to scan from %s...',
     scanHeader: 'Contrast Scan CLI',
-    lambdaHeader: 'Contrast lambda help',
+    authHeader: 'Auth',
+    lambdaHeader: 'Contrast Lambda CLI',
     lambdaSummary:
       'Performs static security scan on an AWS Lambda Function.\nProduces CVE (Vulnerable Dependencies) and Least Privilege violations/remediation results.',
     lambdaUsage: 'contrast lambda --function-name <function> [options]',
-    lambdaPrerequisitesContent: 'contrast cli',
-    scanFileNameOption: ' -f, --file',
-    lambdaFunctionNameOption: ' -f, --function-name',
-    lambdaListFunctionsOption: ' -l, --list-functions',
+    lambdaPrerequisitesContent: '',
+    lambdaPrerequisitesContentLambdaLanguages:
+      'Supported runtimes: Java & Python',
+    lambdaPrerequisitesContentLambdaDescriptionTitle: 'AWS Requirements\n',
+    lambdaPrerequisitesContentLambdaDescription:
+      'Make sure you have the AWS credentials configured on your local environment. \nYou need the following AWS permissions configured on your IAM user:\n   - Lambda: GetFunction, GetLayerVersionֿ\n   - IAM: GetRolePolicy, GetPolicy, GetPolicyVersion, ListRolePolicies, ListAttachedRolePolicies',
+    scanFileNameOption: '-f, --file',
+    lambdaFunctionNameOption: '-f, --function-name',
+    lambdaListFunctionsOption: '-l, --list-functions',
     lambdaEndpointOption: '-e, --endpoint-url',
     lambdaRegionOption: '-r, --region',
     lambdaProfileOption: '-p, --profile',
@@ -399,7 +419,19 @@ const en_locales = () => {
       'saves the output in specified format Txt text, sbom',
     scanNoVulnerabilitiesFound: '👏 No vulnerabilities found',
     scanNoFiletypeSpecifiedForSave:
-      'Please specify file type to save results to',
+      'Please specify file type to save results to, accepted value is SARIF',
+    auditSBOMSaveSuccess:
+      '\n Software Bill of Materials (SBOM) saved successfully',
+    auditNoFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold(
+      'No file type specified for --save option to save audit results to. Use audit --help to see valid --save options.'
+    )}`,
+    auditBadFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold(
+      'Bad file type specified for --save option. Use audit --help to see valid --save options.'
+    )}`,
+    auditReportWaiting: 'Waiting for report...',
+    auditReportFail: 'Report Retrieval Failed, please try again',
+    auditReportSuccessMessage: ' Report successfully retrieved',
+    auditReportFailureMessage: ' Unable to generate library report.',
     ...lambda
   }
 }

package/src/constants.js

@@ -20,6 +20,15 @@ const scanOptionDefinitions = [
       '}: ' +
       i18n.__('constantsProjectName')
   },
+  {
+    name: 'language',
+    alias: 'l',
+    description:
+      '{bold ' +
+      i18n.__('constantsOptional') +
+      '}: ' +
+      i18n.__('scanOptionsLanguageSummary')
+  },
   {
     name: 'file',
     alias: 'f',
@@ -75,7 +84,6 @@ const scanOptionDefinitions = [
   },
   {
     name: 'host',
-    alias: 'h',
     description:
       '{bold ' +
       i18n.__('constantsRequired') +
@@ -124,8 +132,14 @@ const scanOptionDefinitions = [
     description:
       '{bold ' + i18n.__('constantsOptional') + '}:' + i18n.__('constantsSave')
   },
+  {
+    name: 'label',
+    description:
+      '{bold ' + i18n.__('constantsOptional') + '}:' + i18n.__('scanLabel')
+  },
   {
     name: 'help',
+    alias: 'h',
     type: Boolean
   },
   {
@@ -135,6 +149,29 @@ const scanOptionDefinitions = [
   }
 ]
 
+const authOptionDefinitions = [
+  {
+    name: 'help',
+    alias: 'h',
+    type: Boolean
+  }
+]
+
+const configOptionDefinitions = [
+  {
+    name: 'help',
+    alias: 'h',
+    type: Boolean,
+    description: 'Help text'
+  },
+  {
+    name: 'clear',
+    alias: 'c',
+    type: Boolean,
+    description: 'Clear the currently stored config'
+  }
+]
+
 const auditOptionDefinitions = [
   {
     name: 'application-id',
@@ -291,6 +328,7 @@ const mainUsageGuide = commandLineUsage([
     header: i18n.__('constantsCommands'),
     content: [
       { name: i18n.__('authName'), summary: i18n.__('helpAuthSummary') },
+      { name: i18n.__('scanName'), summary: i18n.__('helpScanSummary') },
       { name: i18n.__('lambdaName'), summary: i18n.__('helpLambdaSummary') },
       { name: i18n.__('versionName'), summary: i18n.__('helpVersionSummary') },
       { name: i18n.__('configName'), summary: i18n.__('helpConfigSummary') },
@@ -298,7 +336,8 @@ const mainUsageGuide = commandLineUsage([
     ]
   },
   {
-    content: '{underline https://www.contrastsecurity.com}'
+    content:
+      '{underline https://developer.contrastsecurity.com/} \n For technical support head to {underline https://support.contrastsecurity.com}'
   }
 ])
 
@@ -309,6 +348,8 @@ module.exports = {
     mainUsageGuide,
     mainDefinition,
     scanOptionDefinitions,
-    auditOptionDefinitions
+    auditOptionDefinitions,
+    authOptionDefinitions,
+    configOptionDefinitions
   }
 }

package/src/index.ts

@@ -7,7 +7,11 @@ import constants from './constants'
 import { APP_NAME, APP_VERSION } from './constants/constants'
 import { processLambda } from './lambda/lambda'
 import { localConfig } from './utils/getConfig'
-import findLatestCLIVersion from './common/findLatestCLIVersion'
+import {
+  findLatestCLIVersion,
+  isCorrectNodeVersion
+} from './common/versionChecker'
+import { findCommandOnError } from './common/errorHandling'
 
 const {
   commandLineDefinitions: { mainUsageGuide, mainDefinition }
@@ -30,46 +34,74 @@ const getMainOption = () => {
 }
 
 const start = async () => {
-  const { mainOptions, argv: argvMain } = getMainOption()
-  const command =
-    mainOptions.command != undefined ? mainOptions.command.toLowerCase() : ''
-  if (command === 'version') {
-    console.log(APP_VERSION)
-    return
-  }
+  if (await isCorrectNodeVersion(process.version)) {
+    const { mainOptions, argv: argvMain } = getMainOption()
+    const command =
+      mainOptions.command != undefined ? mainOptions.command.toLowerCase() : ''
+    if (
+      command === 'version' ||
+      argvMain.includes('--v') ||
+      argvMain.includes('--version')
+    ) {
+      console.log(APP_VERSION)
+      await findLatestCLIVersion(config.get('updateMessageHidden') as boolean)
+      return
+    }
 
-  await findLatestCLIVersion()
+    // @ts-ignore
+    config.set('numOfRuns', config.get('numOfRuns') + 1)
 
-  if (command === 'config') {
-    return processConfig(argvMain, config)
-  }
+    // @ts-ignore
+    if (config.get('numOfRuns') >= 5) {
+      await findLatestCLIVersion(config.get('updateMessageHidden') as boolean)
+      config.set('numOfRuns', 0)
+    }
 
-  if (command === 'auth') {
-    return await processAuth(config)
-  }
+    if (command === 'config') {
+      return processConfig(argvMain, config)
+    }
 
-  if (command === 'lambda') {
-    return await processLambda(argvMain)
-  }
+    if (command === 'auth') {
+      return await processAuth(argvMain, config)
+    }
 
-  if (command === 'scan') {
-    return await processScan(argvMain)
-  }
+    if (command === 'lambda') {
+      return await processLambda(argvMain)
+    }
 
-  if (command === 'audit') {
-    return await processAudit(argvMain)
-  }
+    if (command === 'scan') {
+      return await processScan(argvMain)
+    }
+
+    if (command === 'audit') {
+      return await processAudit(argvMain)
+    }
+
+    if (
+      command === 'help' ||
+      argvMain.includes('--help') ||
+      Object.keys(mainOptions).length === 0
+    ) {
+      console.log(mainUsageGuide)
+    } else if (mainOptions._unknown !== undefined) {
+      const foundCommand = findCommandOnError(mainOptions._unknown)
 
-  if (
-    command === 'help' ||
-    argvMain.includes('--help') ||
-    Object.keys(mainOptions).length === 0
-  ) {
-    console.log(mainUsageGuide)
+      foundCommand
+        ? console.log(
+            `Unknown Command: Did you mean "${foundCommand}"? \nUse "${foundCommand} --help" for the full list of options`
+          )
+        : console.log(
+            `Unknown Command: ${command} \nUse --help for the full list`
+          )
+    } else {
+      console.log(`Unknown Command: ${command} \nUse --help for the full list`)
+    }
+    process.exit(9)
   } else {
     console.log(
-      'Unknown Command: ' + command + ' \nUse --help for the full list'
+      'Contrast supports Node versions >=16.13.2 <17. Please use one of those versions.'
     )
+    process.exit(9)
   }
 }
 

package/src/lambda/help.ts

@@ -8,7 +8,15 @@ const lambdaUsageGuide = commandLineUsage([
   },
   {
     header: i18n.__('constantsPrerequisitesHeader'),
-    content: [i18n.__('lambdaPrerequisitesContent')]
+    content: [
+      '{bold ' +
+        i18n.__('lambdaPrerequisitesContentLambdaLanguages') +
+        '}\n\n' +
+        '{bold ' +
+        i18n.__('lambdaPrerequisitesContentLambdaDescriptionTitle') +
+        '}' +
+        i18n.__('lambdaPrerequisitesContentLambdaDescription')
+    ]
   },
   {
     header: i18n.__('constantsUsage'),
@@ -18,49 +26,49 @@ const lambdaUsageGuide = commandLineUsage([
     header: i18n.__('constantsOptions'),
     content: [
       {
-        name: i18n.__('lambdaFunctionNameOption'),
+        name: '{bold ' + i18n.__('lambdaFunctionNameOption') + '}',
         summary: i18n.__('lambdaFunctionNameSummery')
       },
       {
-        name: i18n.__('lambdaListFunctionsOption'),
+        name: '{bold ' + i18n.__('lambdaListFunctionsOption') + '}',
         summary: i18n.__('lambdaListFunctionsSummery')
       },
       {
-        name: i18n.__('lambdaEndpointOption'),
+        name: '{bold ' + i18n.__('lambdaEndpointOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaEndpointSummery')
       },
       {
-        name: i18n.__('lambdaRegionOption'),
+        name: '{bold ' + i18n.__('lambdaRegionOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaRegionSummery')
       },
       {
-        name: i18n.__('lambdaProfileOption'),
+        name: '{bold ' + i18n.__('lambdaProfileOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaProfileSummery')
       },
       {
-        name: i18n.__('lambdaJsonOption'),
+        name: '{bold ' + i18n.__('lambdaJsonOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaJsonSummery')
       },
       {
-        name: i18n.__('lambdaVerboseOption'),
+        name: '{bold ' + i18n.__('lambdaVerboseOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaVerbosSummery')
@@ -73,7 +81,7 @@ const lambdaUsageGuide = commandLineUsage([
     ]
   },
   {
-    content: '{underline https://www.contrastsecurity.com}'
+    content: '{underline https://www.contrastsecurity.com/developer/codesec}'
   }
 ])
 

package/src/lambda/lambda.ts

@@ -12,6 +12,8 @@ import { requestScanFunctionPost } from './scanRequest'
 import { getScanResults } from './scanResults'
 import { printResults } from './utils'
 import { getAllLambdas, printAvailableLambdas } from './lambdaUtils'
+import { sleep } from '../utils/requestUtils'
+import ora from '../utils/oraWrapper'
 
 type LambdaOptions = {
   functionName?: string
@@ -123,6 +125,12 @@ const actualProcessLambda = async (lambdaOptions: LambdaOptions) => {
     })
   }
 
+  // Wait to make sure we will have all the results
+  const startGetherResultsSpinner = ora.returnOra(i18n.__('gatherResults'))
+  ora.startSpinner(startGetherResultsSpinner)
+  await sleep(15 * 1000)
+  ora.succeedSpinner(startGetherResultsSpinner, 'Done gathering results')
+
   const resultsResponse = await getScanResults(
     auth,
     params,

package/src/sbom/generateSbom.ts

@@ -0,0 +1,17 @@
+import { getHttpClient } from '../utils/commonApi'
+
+export default function generateSbom(config: any) {
+  const client = getHttpClient(config)
+  return client
+    .getSbom(config)
+    .then((res: { statusCode: number; body: any }) => {
+      if (res.statusCode === 200) {
+        return res.body
+      } else {
+        console.log('Unable to retrieve Software Bill of Materials (SBOM)')
+      }
+    })
+    .catch((err: any) => {
+      console.log(err)
+    })
+}

package/src/scan/help.js

@@ -21,14 +21,16 @@ const scanUsageGuide = commandLineUsage([
     optionList: constants.commandLineDefinitions.scanOptionDefinitions,
     hide: [
       'project-id',
-      'language',
       'organization-id',
       'api-key',
       'authorization',
       'host',
       'proxy',
+      'help',
       'ff',
-      'ignore-cert-errors'
+      'ignore-cert-errors',
+      'verbose',
+      'debug'
     ]
   },
   {

package/src/scan/models/groupedResultsModel.ts

@@ -0,0 +1,18 @@
+export class GroupedResultsModel {
+  ruleId: string
+  lineInfoSet: Set<string>
+  cwe?: string[]
+  owasp?: string[]
+  reference?: string[]
+  recommendation?: string
+  severity?: string
+  advice?: string
+  learn?: string[]
+  issue?: string
+  message?: string
+
+  constructor(ruleId: string) {
+    this.ruleId = ruleId
+    this.lineInfoSet = new Set<string>
+  }
+}

package/src/scan/models/resultContentModel.ts

@@ -0,0 +1,86 @@
+type Importance = 'important' | 'essential'
+
+interface ArtifactLocation {
+  uri: string
+}
+
+interface Region {
+  startLine: number
+  snippet: Snippet
+}
+
+interface Snippet {
+  text: string
+  rendered: Rendered
+}
+
+interface Rendered {
+  text: string
+}
+
+interface PhysicalLocation {
+  artifactLocation: ArtifactLocation
+  region: Region
+}
+
+interface LogicalLocation {
+  fullyQualifiedName: string
+  name: string
+}
+
+export interface Location {
+  physicalLocation: PhysicalLocation
+  logicalLocations?: LogicalLocation[]
+}
+
+export interface ThreadFlowLocation {
+  importance: Importance
+  location: Location
+}
+
+interface ThreadFlow {
+  locations: ThreadFlowLocation[]
+}
+
+interface Message {
+  text: string
+}
+
+export interface CodeFlow {
+  message: Message
+  threadFlows: ThreadFlow[]
+}
+
+export interface ResultContent {
+  message: {text: string};
+  id: string
+  organizationId: string
+  projectId: string
+  firstCreatedTime: string
+  ruleId: string
+  codeFlows: CodeFlow[]
+  lastSeenTime: string
+  locations: Location[]
+  name: string
+  description: string
+  recommendation: string | null
+  risk: string | null
+  category: string
+  confidence: string
+  standards: { [key: string]: string[] }
+  cwe: string[]
+  owasp: string[]
+  reference: string[]
+  sink: string
+  detailsTrigger: string
+  type: RuleType
+  source: string
+  severity: Severity
+  advice: string
+  learn: string[]
+  issue: string
+}
+
+export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'note'
+
+export type RuleType = 'DATA_FLOW' | 'CRYPTO' | 'CONFIG' | 'DEFAULT'

package/src/scan/models/scanResultsModel.ts

@@ -0,0 +1,52 @@
+import { ResultContent } from './resultContentModel'
+
+export class ScanResultsModel {
+  projectOverview: ProjectOverview
+  scanDetail: ScanDetail
+  scanResultsInstances: ScanResultsInstances
+
+  constructor(scan: any) {
+    this.projectOverview = scan.projectOverview as ProjectOverview
+    this.scanDetail = scan.scanDetail as ScanDetail
+    this.scanResultsInstances = scan.scanResultsInstances as ScanResultsInstances
+  }
+}
+
+export interface ProjectOverview {
+  id: string
+  organizationId: string
+  name: string
+  archived: boolean
+  language: string
+  critical: number
+  high: number
+  medium: number
+  low: number
+  note: number
+  lastScanTime: string
+  completedScans: number
+  lastScanId: string
+}
+
+export interface ScanDetail {
+  critical: number
+  high: number
+  medium: number
+  low: number
+  note: number
+  id: string
+  organizationId: string
+  projectId: string
+  codeArtifactId: string
+  status: string
+  createdTime: string
+  startedTime: string
+  completedTime: string
+  language: string
+  label: string
+  errorMessage: string
+}
+
+export interface ScanResultsInstances {
+  content: ResultContent[]
+}