npm - @contrast/contrast - Versions diffs - 1.0.1 → 1.0.4 - Mend

@contrast/contrast 1.0.1 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (94) hide show

package/.prettierignore +2 -0
package/README.md +103 -133
package/dist/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +26 -11
package/dist/audit/languageAnalysisEngine/report/commonReportingFunctions.js +62 -234
package/dist/audit/languageAnalysisEngine/report/models/reportLibraryModel.js +19 -0
package/dist/audit/languageAnalysisEngine/report/models/reportListModel.js +24 -0
package/dist/audit/languageAnalysisEngine/report/models/reportSeverityModel.js +10 -0
package/dist/audit/languageAnalysisEngine/report/reportingFeature.js +24 -129
package/dist/audit/languageAnalysisEngine/report/utils/reportUtils.js +85 -0
package/dist/audit/languageAnalysisEngine/sendSnapshot.js +3 -1
package/dist/commands/audit/auditController.js +6 -3
package/dist/commands/audit/saveFile.js +11 -0
package/dist/commands/auth/auth.js +19 -1
package/dist/commands/config/config.js +19 -8
package/dist/commands/scan/processScan.js +8 -25
package/dist/common/HTTPClient.js +30 -26
package/dist/common/errorHandling.js +17 -1
package/dist/common/versionChecker.js +32 -0
package/dist/constants/constants.js +4 -2
package/dist/constants/lambda.js +3 -1
package/dist/constants/locales.js +41 -18
package/dist/constants.js +39 -3
package/dist/index.js +49 -28
package/dist/lambda/help.js +22 -14
package/dist/lambda/lambda.js +6 -0
package/dist/sbom/generateSbom.js +20 -0
package/dist/scan/help.js +4 -2
package/dist/scan/models/groupedResultsModel.js +10 -0
package/dist/scan/models/resultContentModel.js +2 -0
package/dist/scan/models/scanResultsModel.js +11 -0
package/dist/scan/populateProjectIdAndProjectName.js +1 -0
package/dist/scan/saveResults.js +9 -10
package/dist/scan/scan.js +99 -74
package/dist/scan/scanConfig.js +20 -1
package/dist/scan/scanController.js +7 -2
package/dist/scan/scanResults.js +6 -0
package/dist/utils/getConfig.js +3 -0
package/dist/utils/paramsUtil/commandlineParams.js +1 -1
package/dist/utils/requestUtils.js +1 -1
package/dist/utils/saveFile.js +19 -0
package/package.json +2 -2
package/src/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +33 -15
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.ts +127 -0
package/src/audit/languageAnalysisEngine/report/models/reportLibraryModel.ts +30 -0
package/src/audit/languageAnalysisEngine/report/models/reportListModel.ts +32 -0
package/src/audit/languageAnalysisEngine/report/models/reportSeverityModel.ts +9 -0
package/src/audit/languageAnalysisEngine/report/reportingFeature.ts +56 -0
package/src/audit/languageAnalysisEngine/report/utils/reportUtils.ts +110 -0
package/src/audit/languageAnalysisEngine/sendSnapshot.js +3 -1
package/src/commands/audit/auditController.ts +12 -3
package/src/commands/audit/processAudit.ts +0 -1
package/src/commands/audit/saveFile.ts +6 -0
package/src/commands/auth/auth.js +25 -1
package/src/commands/config/config.js +22 -8
package/src/commands/scan/processScan.js +8 -29
package/src/common/HTTPClient.js +42 -36
package/src/common/errorHandling.ts +29 -2
package/src/common/versionChecker.ts +41 -0
package/src/constants/constants.js +5 -4
package/src/constants/lambda.js +3 -1
package/src/constants/locales.js +51 -19
package/src/constants.js +44 -3
package/src/index.ts +63 -31
package/src/lambda/help.ts +22 -14
package/src/lambda/lambda.ts +8 -0
package/src/sbom/generateSbom.ts +17 -0
package/src/scan/help.js +4 -2
package/src/scan/models/groupedResultsModel.ts +18 -0
package/src/scan/models/resultContentModel.ts +86 -0
package/src/scan/models/scanResultsModel.ts +52 -0
package/src/scan/populateProjectIdAndProjectName.js +1 -0
package/src/scan/saveResults.js +8 -9
package/src/scan/scan.ts +192 -0
package/src/scan/scanConfig.js +26 -1
package/src/scan/scanController.js +11 -2
package/src/scan/scanResults.js +11 -0
package/src/utils/getConfig.ts +12 -0
package/src/utils/paramsUtil/commandlineParams.js +1 -1
package/src/utils/requestUtils.js +1 -1
package/src/utils/saveFile.js +19 -0
package/dist/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -17
package/dist/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -81
package/dist/common/findLatestCLIVersion.js +0 -23
package/dist/lambda/scanDetail.js +0 -30
package/dist/scan/fileFinder.js +0 -15
package/dist/utils/fileUtils.js +0 -31
package/dist/utils/paramsUtil/genericCommandLineParams.js +0 -12
package/dist/utils/paramsUtil/yamlParams.js +0 -6
package/src/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -27
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.js +0 -303
package/src/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -124
package/src/audit/languageAnalysisEngine/report/reportingFeature.js +0 -190
package/src/common/findLatestCLIVersion.ts +0 -27
package/src/scan/scan.js +0 -162

package/src/scan/scan.js DELETED Viewed

@@ -1,162 +0,0 @@
-const commonApi = require('../utils/commonApi.js')
-const fileUtils = require('../scan/fileUtils')
-const allowedFileTypes = ['.jar', '.war', '.js', '.zip', '.exe']
-const i18n = require('i18n')
-const oraWrapper = require('../utils/oraWrapper')
-const chalk = require('chalk')
-const isFileAllowed = scanOption => {
-  let valid = false
-  allowedFileTypes.forEach(fileType => {
-    if (scanOption.endsWith(fileType)) {
-      valid = true
-    }
-  })
-  return valid
-}
-const stripMustacheTags = oldString => {
-  return oldString
-    .replace(/\n/g, ' ')
-    .replace(/{{.*?}}/g, '\n')
-    .replace(/\s+/g, ' ')
-    .trim()
-}
-const sendScan = async config => {
-  if (!isFileAllowed(config.file)) {
-    console.log(i18n.__('scanErrorFileMessage'))
-    process.exit(9)
-  } else {
-    fileUtils.checkFilePermissions(config.file)
-    const client = commonApi.getHttpClient(config)
-    const startUploadSpinner = oraWrapper.returnOra(i18n.__('uploadingScan'))
-    oraWrapper.startSpinner(startUploadSpinner)
-    return await client
-      .sendArtifact(config)
-      .then(res => {
-        if (res.statusCode === 201) {
-          oraWrapper.succeedSpinner(
-            startUploadSpinner,
-            i18n.__('uploadingScanSuccessful')
-          )
-          if (config.verbose) {
-            console.log(i18n.__('responseMessage', res.body))
-          }
-          return res.body.id
-        } else {
-          if (config.debug) {
-            console.log(res.statusCode)
-            console.log(config)
-          }
-          oraWrapper.failSpinner(
-            startUploadSpinner,
-            i18n.__('uploadingScanFail')
-          )
-          if (res.statusCode === 403) {
-            console.log(i18n.__('permissionsError'))
-          }
-          process.exit(1)
-        }
-      })
-      .catch(err => {
-        console.log(err)
-      })
-  }
-}
-const formatScanOutput = (overview, results) => {
-  console.log()
-  //check for no vulnerabilities and show a different message
-  if (results.content.length === 0) {
-    console.log(i18n.__('scanNoVulnerabilitiesFound'))
-  } else {
-    console.log(chalk.bold('Here are your top priorities to fix'))
-    console.log()
-    const groups = getGroups(results.content)
-    groups.forEach(entry => {
-      console.log(
-        chalk.bold(
-          `${entry.severity} | ${entry.ruleId} (${entry.lineInfoSet.size})`
-        )
-      )
-      let count = 1
-      entry.lineInfoSet.forEach(lineInfo => {
-        console.log(`\t ${count}. ${lineInfo}`)
-        count++
-      })
-      console.log(chalk.bold('How to fix:'))
-      console.log(entry.recommendation)
-      console.log()
-    })
-    const totalVulnerabilities =
-      overview.critical +
-      overview.high +
-      overview.medium +
-      overview.low +
-      overview.note
-    console.log(chalk.bold(`Found ${totalVulnerabilities} vulnerabilities`))
-    console.log(
-      i18n.__(
-        'foundDetailedVulnerabilities',
-        overview.critical,
-        overview.high,
-        overview.medium,
-        overview.low,
-        overview.note
-      )
-    )
-  }
-}
-const getGroups = content => {
-  const groupTypeSet = new Set(content.map(({ ruleId }) => ruleId))
-  let groupTypeResults = []
-  groupTypeSet.forEach(groupName => {
-    let groupResultsObj = {
-      ruleId: groupName,
-      lineInfoSet: new Set(),
-      recommendation: '',
-      severity: ''
-    }
-    content.forEach(resultEntry => {
-      if (resultEntry.ruleId === groupName) {
-        groupResultsObj.severity = resultEntry.severity
-        groupResultsObj.recommendation = resultEntry.recommendation
-          ? stripMustacheTags(resultEntry.recommendation)
-          : ''
-        groupResultsObj.lineInfoSet.add(formattedCodeLine(resultEntry))
-      }
-    })
-    groupTypeResults.push(groupResultsObj)
-  })
-  return groupTypeResults
-}
-const formattedCodeLine = resultEntry => {
-  let lineUri = resultEntry.locations[0]?.physicalLocation.artifactLocation.uri
-  return lineUri + ' @ ' + setLineNumber(resultEntry)
-}
-const setLineNumber = resultEntry => {
-  return resultEntry.codeFlows?.[0]?.threadFlows[0]?.locations[0]?.location
-    ?.physicalLocation?.region?.startLine
-    ? resultEntry.codeFlows[0]?.threadFlows[0]?.locations[0]?.location
-        ?.physicalLocation?.region?.startLine
-    : resultEntry.locations[0]?.physicalLocation?.region?.startLine
-}
-module.exports = {
-  sendScan: sendScan,
-  getGroups: getGroups,
-  allowedFileTypes: allowedFileTypes,
-  isFileAllowed: isFileAllowed,
-  stripMustacheTags: stripMustacheTags,
-  formatScanOutput: formatScanOutput
-}