@contrast/contrast 1.0.10 → 1.0.13

package/dist/common/versionChecker.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isCorrectNodeVersion = exports.findLatestCLIVersion = void 0;
+exports.isCorrectNodeVersion = exports.findLatestCLIVersion = exports.getLatestVersion = void 0;
 const constants_1 = require("../constants/constants");
 const boxen_1 = __importDefault(require("boxen"));
 const chalk_1 = __importDefault(require("chalk"));
@@ -19,14 +19,22 @@ const getLatestVersion = async (config) => {
         }
     }
     catch (e) {
-        return;
+        return undefined;
     }
 };
+exports.getLatestVersion = getLatestVersion;
 async function findLatestCLIVersion(config) {
-    const messageHidden = config.get('updateMessageHidden');
-    if (!messageHidden) {
-        let latestCLIVersion = await getLatestVersion(config);
-        latestCLIVersion = latestCLIVersion.substring(8);
+    const isCI = process.env.CONTRAST_CODESEC_CI
+        ? JSON.parse(process.env.CONTRAST_CODESEC_CI.toLowerCase())
+        : false;
+    if (!isCI) {
+        let latestCLIVersion = await (0, exports.getLatestVersion)(config);
+        if (latestCLIVersion === undefined) {
+            config.set('numOfRuns', 0);
+            console.log('Failed to retrieve latest version info. Continuing execution.');
+            return;
+        }
+        latestCLIVersion = latestCLIVersion.substring(8).replace('\n', '');
         if (semver_1.default.lt(constants_1.APP_VERSION, latestCLIVersion)) {
             const updateAvailableMessage = `Update available ${chalk_1.default.yellow(constants_1.APP_VERSION)} → ${chalk_1.default.green(latestCLIVersion)}`;
             const npmUpdateAvailableCommand = `Run ${chalk_1.default.cyan('npm i @contrast/contrast -g')} to update via npm`;

package/dist/constants/constants.js

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '1.0.10';
+const APP_VERSION = '1.0.13';
 const TIMEOUT = 120000;
 const HIGH_COLOUR = '#ff9900';
 const CRITICAL_COLOUR = '#e35858';
@@ -29,7 +29,7 @@ const AUTH_CALLBACK_URL = 'https://cli-auth-api.contrastsecurity.com';
 const SARIF_FILE = 'SARIF';
 const SBOM_CYCLONE_DX_FILE = 'cyclonedx';
 const SBOM_SPDX_FILE = 'spdx';
-const CE_URL = 'https://ce.contrastsecurity.com/';
+const CE_URL = 'https://ce.contrastsecurity.com';
 module.exports = {
     supportedLanguages: { NODE, DOTNET, JAVA, RUBY, PYTHON, GO, PHP, JAVASCRIPT },
     supportedLanguagesScan: { JAVASCRIPT, DOTNET, JAVA },

package/dist/constants/locales.js

@@ -20,7 +20,7 @@ const en_locales = () => {
         unauthenticatedErrorHeader: '401 error - Unauthenticated',
         unauthenticatedErrorMessage: 'Please check the following keys are correct:\n--organization-id, --api-key or --authorization',
         badRequestErrorHeader: '400 error - Bad Request',
-        badRequestErrorMessage: 'Please check the following key is correct: \n--application-id',
+        badRequestErrorMessage: 'Please check your parameters and try again',
         badRequestCatalogueErrorMessage: 'The application name already exists, please use a unique name',
         forbiddenRequestErrorHeader: '403 error - Forbidden',
         forbiddenRequestErrorMessage: 'You do not have permission to access this server.',
@@ -79,8 +79,9 @@ const en_locales = () => {
         constantsHostId: 'Provide the name of the host and optionally the port expressed as "<host>:<port>".',
         constantsApplicationName: 'The name of the application cataloged by Contrast UI',
         constantsCatalogueApplication: 'Provide this if you want to catalogue an application',
+        failOptionErrorMessage: ' FAIL - CVEs have been detected that match at least the cve_severity option specified.',
         constantsLanguage: 'Valid values are JAVA, DOTNET, NODE, PYTHON and RUBY. If there are multiple project configuration files in the project_path, language is also required.  Also, provide this when cataloguing an application',
-        constantsFilePath: `Path of the file you want to perform an SCA audit on. If no folder is specified, Contrast searches for dependency files in the working directory.`,
+        constantsFilePath: `Specify a directory or the file where dependencies are declared. (By default, CodeSec will search for project files in the current directory.)`,
         constantsSilent: 'Silences JSON output.',
         constantsAppGroups: 'Assign your application to one or more pre-existing groups when using the catalogue command. Group lists should be comma separated.',
         constantsVersion: 'Displays CLI Version you are currently on.',
@@ -93,7 +94,8 @@ const en_locales = () => {
         constantsProjectId: 'The ID associated with a scan project. Replace <ProjectID> with the ID for the scan project. To find the ID, select a scan project in Contrast and locate the last number in the URL.',
         constantsReport: 'Display vulnerability information for this application',
         constantsFail: 'Set the process to fail if this option is set in combination with --cve_severity.',
-        failOptionErrorMessage: ' FAIL - CVEs have been detected that match at least the cve_severity or cve_threshold option specified.',
+        failThresholdOptionErrorMessage: 'More than 0 vulnerabilities found',
+        failSeverityOptionErrorMessage: ' FAIL - Results detected vulnerabilities over accepted severity level',
         constantsSeverity: 'Allows the user to report libraries with vulnerabilities above a chosen severity level. For example, cve_severity medium only reports libraries with vulnerabilities at medium or higher severity. Values for level are high, medium or low.',
         constantsCount: 'The number of CVEs that must be exceeded to fail a build',
         constantsHeader: 'CodeSec by Contrast Security',
@@ -211,7 +213,7 @@ const en_locales = () => {
         scanOptionsFileNameSummary: 'Path of the file you want to scan. If no file is specified, Contrast searches for a .jar, .war, .exe or .zip file in the working directory.',
         scanOptionsVerboseSummary: ' Returns extended information to the terminal.',
         authSuccessMessage: 'Authentication successful',
-        runAuthSuccessMessage: "Now you can use CodeSec by Contrast \nRun: \n'contrast scan' on your file \n'contrast audit' on a file or directory,\n'contrast lambda' on an AWS function.\nor 'contrast help' to learn more about the capabilities.",
+        runAuthSuccessMessage: "Now you can use CodeSec by Contrast \nRun: \n'contrast scan' to run CodeSec’s industry leading SAST scanner \n'contrast audit' to find vulnerabilities in your open source dependencies \n'contrast lambda' to secure your AWS serverless functions\nor 'contrast help' to learn more about the capabilities.",
         authWaitingMessage: 'Waiting for auth...',
         authTimedOutMessage: 'Auth Timed out, try again',
         zipErrorScan: 'We only support zip files for JAVASCRIPT language, please set the flag --language JAVASCRIPT',
@@ -276,7 +278,8 @@ const en_locales = () => {
         constantsAuditPrerequisitesContentPHPMessage: `${chalk.bold('PHP:')} composer.json and composer.lock\n`,
         constantsAuditOptions: 'Audit Options',
         auditOptionsSaveDescription: 'Generate and save an SBOM (Software Bill of Materials)\n',
-        auditOptionsSaveOptionsDescription: 'Valid options are: spdx, cyclonedx (cycloneDX is the default format)',
+        auditOptionsSaveOptionsDescription: 'Valid options are: --save spdx and --save cyclonedx (CycloneDX is the default format.)',
+        exceededFreeTier: `It looks like you are really loving CodeSec! \nYou have reached the monthly scan limit on the FREE tier. \nPlease contact sales@contrastsecurity.com to upgrade.`,
         scanNotCompleted: 'Scan not completed. Check for framework and language support here: %s',
         auditNotCompleted: 'audit not completed.  Please try again',
         scanNoVulnerabilitiesFound: '🎉 No vulnerabilities found.',
@@ -292,6 +295,13 @@ const en_locales = () => {
         auditReportFailureMessage: 'Unable to generate library report',
         auditSCAAnalysisBegins: 'Contrast SCA audit started',
         auditSCAAnalysisComplete: 'Contrast audit complete',
+        commonHelpHeader: 'Need More Help?',
+        commonHelpCheckOutHeader: chalk.hex('#9DC184')('Check out:'),
+        commonHelpCheckOutText: ' https://support.contrastsecurity.com',
+        commonHelpLearnMoreHeader: chalk.hex('#9DC184')('Learn more at:'),
+        commonHelpLearnMoreText: ' https://developer.contrastsecurity.com',
+        commonHelpJoinDiscussionHeader: chalk.hex('#9DC184')('Join the discussion:'),
+        commonHelpJoinDiscussionText: ' https://dev.to/codesec',
         ...lambda
     };
 };

package/dist/constants.js

@@ -2,6 +2,8 @@
 const commandLineUsage = require('command-line-usage');
 const i18n = require('i18n');
 const { en_locales } = require('./constants/locales.js');
+const { parseSeverity } = require('./common/fail');
+const { commonHelpLinks } = require('./common/commonHelp');
 i18n.configure({
     staticCatalog: {
         en: en_locales()
@@ -93,6 +95,22 @@ const scanOptionDefinitions = [
             '}: ' +
             i18n.__('constantsProxyServer')
     },
+    {
+        name: 'fail',
+        type: Boolean,
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('failOptionErrorMessage')
+    },
+    {
+        name: 'severity',
+        type: severity => parseSeverity(severity),
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('constantsSeverity')
+    },
     {
         name: 'ff',
         type: Boolean,
@@ -195,6 +213,22 @@ const auditOptionDefinitions = [
             '}: ' +
             i18n.__('constantsFilePath')
     },
+    {
+        name: 'fail',
+        type: Boolean,
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('failOptionErrorMessage')
+    },
+    {
+        name: 'severity',
+        type: severity => parseSeverity(severity),
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('constantsSeverity')
+    },
     {
         name: 'app-groups',
         description: '{bold ' +
@@ -227,6 +261,7 @@ const auditOptionDefinitions = [
     {
         name: 'ignore-dev',
         type: Boolean,
+        alias: 'i',
         description: '{bold ' +
             i18n.__('constantsOptional') +
             '}: ' +
@@ -259,7 +294,6 @@ const auditOptionDefinitions = [
     },
     {
         name: 'host',
-        alias: 'h',
         description: '{bold ' +
             i18n.__('constantsRequired') +
             '}: ' +
@@ -302,6 +336,11 @@ const auditOptionDefinitions = [
             i18n.__('constantsOptional') +
             '}: ' +
             i18n.__('scanOptionsTimeoutSummary')
+    },
+    {
+        name: 'help',
+        alias: 'h',
+        type: Boolean
     }
 ];
 const mainUsageGuide = commandLineUsage([
@@ -328,15 +367,13 @@ const mainUsageGuide = commandLineUsage([
             { name: i18n.__('helpName'), summary: i18n.__('helpSummary') }
         ]
     },
-    {
-        content: '{underline https://developer.contrastsecurity.com/} \n For technical support head to {underline https://support.contrastsecurity.com}'
-    },
     {
         header: i18n.__('configHeader2'),
         content: [
             { name: i18n.__('clearHeader'), summary: i18n.__('clearContent') }
         ]
-    }
+    },
+    commonHelpLinks()
 ]);
 const mainDefinition = [{ name: 'command', defaultOption: true }];
 module.exports = {

package/dist/index.js

@@ -15,6 +15,7 @@ const lambda_1 = require("./lambda/lambda");
 const getConfig_1 = require("./utils/getConfig");
 const versionChecker_1 = require("./common/versionChecker");
 const errorHandling_1 = require("./common/errorHandling");
+const telemetry_1 = require("./telemetry/telemetry");
 const { commandLineDefinitions: { mainUsageGuide, mainDefinition } } = constants_1.default;
 const config = (0, getConfig_1.localConfig)(constants_2.APP_NAME, constants_2.APP_VERSION);
 const getMainOption = () => {
@@ -44,7 +45,7 @@ const start = async () => {
                 return;
             }
             config.set('numOfRuns', config.get('numOfRuns') + 1);
-            if (config.get('numOfRuns') >= 1) {
+            if (config.get('numOfRuns') >= 10) {
                 await (0, versionChecker_1.findLatestCLIVersion)(config);
                 config.set('numOfRuns', 0);
             }
@@ -58,10 +59,10 @@ const start = async () => {
                 return await (0, lambda_1.processLambda)(argvMain);
             }
             if (command === 'scan') {
-                return await (0, processScan_1.processScan)(argvMain);
+                return await (0, processScan_1.processScan)(config, argvMain);
             }
             if (command === 'audit') {
-                return await (0, processAudit_1.processAudit)(argvMain);
+                return await (0, processAudit_1.processAudit)(config, argvMain);
             }
             if (command === 'help' ||
                 argvMain.includes('--help') ||
@@ -73,9 +74,11 @@ const start = async () => {
                 foundCommand
                     ? console.log(`Unknown Command: Did you mean "${foundCommand}"? \nUse "${foundCommand} --help" for the full list of options`)
                     : console.log(`Unknown Command: ${command} \nUse --help for the full list`);
+                await (0, telemetry_1.sendTelemetryConfigAsConfObj)(config, command, argvMain, 'FAILURE', 'undefined');
             }
             else {
                 console.log(`Unknown Command: ${command} \nUse --help for the full list`);
+                await (0, telemetry_1.sendTelemetryConfigAsConfObj)(config, command, argvMain, 'FAILURE', 'undefined');
             }
             process.exit(9);
         }

package/dist/lambda/help.js

@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.lambdaUsageGuide = void 0;
 const command_line_usage_1 = __importDefault(require("command-line-usage"));
 const i18n_1 = __importDefault(require("i18n"));
+const commonHelp_1 = require("../common/commonHelp");
 const lambdaUsageGuide = (0, command_line_usage_1.default)([
     {
         header: i18n_1.default.__('lambdaHeader'),
@@ -80,8 +81,6 @@ const lambdaUsageGuide = (0, command_line_usage_1.default)([
             { name: i18n_1.default.__('lambdaHelpOption'), summary: i18n_1.default.__('helpSummary') }
         ]
     },
-    {
-        content: '{underline https://www.contrastsecurity.com/developer/codesec}'
-    }
+    (0, commonHelp_1.commonHelpLinks)()
 ]);
 exports.lambdaUsageGuide = lambdaUsageGuide;

package/dist/lambda/lambda.js

@@ -23,6 +23,7 @@ const oraWrapper_1 = __importDefault(require("../utils/oraWrapper"));
 const analytics_1 = require("./analytics");
 const types_1 = require("./types");
 const constants_2 = require("../constants/constants");
+const chalk_1 = __importDefault(require("chalk"));
 const failedStates = [
     'UNSUPPORTED',
     'EXCLUDED',
@@ -109,6 +110,7 @@ const processLambda = async (argv) => {
         }
         await (0, analytics_1.postAnalytics)(endCommandAnalytics).catch((error) => {
         });
+        postRunMessage();
         if (errorMsg) {
             process.exit(1);
         }
@@ -191,3 +193,8 @@ const handleLambdaHelp = () => {
     printHelpMessage();
     process.exit(0);
 };
+const postRunMessage = () => {
+    console.log('\n' + chalk_1.default.underline.bold('Other Codesec Features:'));
+    console.log("'contrast scan' to run CodeSec’s industry leading SAST scanner");
+    console.log("'contrast audit' to find vulnerabilities in your open source dependencies\n");
+};

package/dist/scaAnalysis/common/scaParserForGoAndJava.js

@@ -0,0 +1,32 @@
+"use strict";
+const parseDependenciesForSCAServices = dependencyTreeObject => {
+    let parsedDependencyTree = {};
+    let subDeps;
+    for (let tree in dependencyTreeObject) {
+        let unParsedDependencyTree = dependencyTreeObject[tree];
+        for (let dependency in unParsedDependencyTree) {
+            subDeps = parseSubDependencies(unParsedDependencyTree[dependency].edges);
+            let parsedDependency = {
+                name: unParsedDependencyTree[dependency].artifactID,
+                group: unParsedDependencyTree[dependency].group,
+                version: unParsedDependencyTree[dependency].version,
+                directDependency: unParsedDependencyTree[dependency].type === 'direct',
+                isProduction: true,
+                dependencies: subDeps
+            };
+            parsedDependencyTree[dependency] = parsedDependency;
+        }
+    }
+    return parsedDependencyTree;
+};
+const parseSubDependencies = dependencies => {
+    let subDeps = [];
+    for (let x in dependencies) {
+        subDeps.push(dependencies[x]);
+    }
+    return subDeps;
+};
+module.exports = {
+    parseDependenciesForSCAServices,
+    parseSubDependencies
+};

package/dist/scaAnalysis/common/scaServicesUpload.js

@@ -0,0 +1,52 @@
+"use strict";
+const commonApi = require('../../utils/commonApi');
+const { APP_VERSION } = require('../../constants/constants');
+const requestUtils = require('../../utils/requestUtils');
+const scaTreeUpload = async (analysis, config) => {
+    const requestBody = {
+        applicationId: config.applicationId,
+        dependencyTree: analysis,
+        organizationId: config.organizationId,
+        language: 'NODE',
+        tool: {
+            name: 'Contrast Codesec',
+            version: APP_VERSION
+        }
+    };
+    const client = commonApi.getHttpClient(config);
+    const reportID = await client
+        .scaServiceIngest(requestBody, config)
+        .then(res => {
+        if (res.statusCode === 201) {
+            return res.body.libraryIngestJobId;
+        }
+        else {
+            throw new Error(res.statusCode + ` error ingesting dependencies`);
+        }
+    })
+        .catch(err => {
+        throw err;
+    });
+    let keepChecking = true;
+    while (keepChecking) {
+        keepChecking = await client
+            .scaServiceReportStatus(config, reportID)
+            .then(res => {
+            console.log(res.body);
+            if (res.body.status == 'COMPLETED') {
+                client.scaServiceReport(config, reportID).then(res => {
+                    console.log(res.statusCode);
+                    console.log(res.body);
+                });
+                return (keepChecking = false);
+            }
+            else {
+                return (keepChecking = true);
+            }
+        });
+        await requestUtils.sleep(5000);
+    }
+};
+module.exports = {
+    scaTreeUpload
+};

package/dist/scaAnalysis/common/treeUpload.js

@@ -2,11 +2,14 @@
 const commonApi = require('../../utils/commonApi');
 const { APP_VERSION } = require('../../constants/constants');
 const commonSendSnapShot = async (analysis, config) => {
-    const requestBody = {
-        appID: config.applicationId,
-        cliVersion: APP_VERSION,
-        snapshot: analysis
-    };
+    let requestBody = {};
+    config.experimental === true
+        ? (requestBody = sendToSCAServices(config, analysis))
+        : (requestBody = {
+            appID: config.applicationId,
+            cliVersion: APP_VERSION,
+            snapshot: analysis
+        });
     const client = commonApi.getHttpClient(config);
     return client
         .sendSnapshot(requestBody, config)
@@ -22,6 +25,18 @@ const commonSendSnapShot = async (analysis, config) => {
         throw err;
     });
 };
+const sendToSCAServices = (config, analysis) => {
+    return {
+        applicationId: config.applicationId,
+        dependencyTree: analysis,
+        organizationId: config.organizationId,
+        language: config.language,
+        tool: {
+            name: 'Contrast Codesec',
+            version: APP_VERSION
+        }
+    };
+};
 module.exports = {
     commonSendSnapShot
 };

package/dist/scaAnalysis/dotnet/analysis.js

@@ -31,13 +31,25 @@ const readAndParseLockFile = lockFilePath => {
     }
     return lockFile;
 };
+const checkForCorrectFiles = languageFiles => {
+    if (!languageFiles.includes('packages.lock.json')) {
+        throw new Error(i18n.__('languageAnalysisHasNoLockFile', '.NET'));
+    }
+    if (!languageFiles.some(i => i.includes('.csproj'))) {
+        throw new Error(i18n.__('languageAnalysisProjectFileError', '.NET'));
+    }
+};
 const getDotNetDeps = (filePath, languageFiles) => {
-    const projectFile = readAndParseProjectFile(filePath + `/${languageFiles[0]}`);
-    const lockFile = readAndParseLockFile(filePath + `/${languageFiles[1]}`);
+    checkForCorrectFiles(languageFiles);
+    const projectFileName = languageFiles.find(fileName => fileName.includes('.csproj'));
+    const lockFileName = languageFiles.find(fileName => fileName.includes('.json'));
+    const projectFile = readAndParseProjectFile(filePath + `/${projectFileName}`);
+    const lockFile = readAndParseLockFile(filePath + `/${lockFileName}`);
     return { projectFile, lockFile };
 };
 module.exports = {
     getDotNetDeps,
     readAndParseProjectFile,
-    readAndParseLockFile
+    readAndParseLockFile,
+    checkForCorrectFiles
 };

package/dist/scaAnalysis/go/goAnalysis.js

@@ -1,12 +1,18 @@
 "use strict";
 const { createGoTSMessage } = require('../common/formatMessage');
+const { parseDependenciesForSCAServices } = require('../common/scaParserForGoAndJava');
 const goReadDepFile = require('./goReadDepFile');
 const goParseDeps = require('./goParseDeps');
-const goAnalysis = (config, languageFiles) => {
+const goAnalysis = config => {
     try {
         const rawGoDependencies = goReadDepFile.getGoDependencies(config);
         const parsedGoDependencies = goParseDeps.parseGoDependencies(rawGoDependencies);
-        return createGoTSMessage(parsedGoDependencies);
+        if (config.experimental) {
+            return parseDependenciesForSCAServices(parsedGoDependencies);
+        }
+        else {
+            return createGoTSMessage(parsedGoDependencies);
+        }
     }
     catch (e) {
         console.log(e.message.toString());

package/dist/scaAnalysis/java/analysis.js

@@ -5,17 +5,20 @@ const i18n = require('i18n');
 const fs = require('fs');
 const MAVEN = 'maven';
 const GRADLE = 'gradle';
-const determineProjectTypeAndCwd = (files, file) => {
+const determineProjectTypeAndCwd = (files, config) => {
     const projectData = {};
+    if (files.length > 1) {
+        files = files.filter(i => config.fileName.includes(i));
+    }
     if (files[0].includes('pom.xml')) {
         projectData.projectType = MAVEN;
     }
     else if (files[0].includes('build.gradle')) {
         projectData.projectType = GRADLE;
     }
-    projectData.cwd = file
-        ? file.replace('pom.xml', '').replace('build.gradle', '')
-        : file;
+    projectData.cwd = config.file
+        ? config.file.replace('pom.xml', '').replace('build.gradle', '')
+        : config.file;
     return projectData;
 };
 const buildMaven = (config, projectData, timeout) => {
@@ -86,7 +89,7 @@ const getJavaBuildDeps = (config, files) => {
         projectType: undefined
     };
     try {
-        const projectData = determineProjectTypeAndCwd(files, config.file);
+        const projectData = determineProjectTypeAndCwd(files, config);
         if (projectData.projectType === MAVEN) {
             output.mvnDependancyTreeOutput = buildMaven(config, projectData, timeout);
         }
@@ -101,5 +104,6 @@ const getJavaBuildDeps = (config, files) => {
     }
 };
 module.exports = {
-    getJavaBuildDeps
+    getJavaBuildDeps,
+    determineProjectTypeAndCwd
 };

package/dist/scaAnalysis/java/index.js

@@ -2,12 +2,18 @@
 const analysis = require('./analysis');
 const { parseBuildDeps } = require('./javaBuildDepsParser');
 const { createJavaTSMessage } = require('../common/formatMessage');
+const { parseDependenciesForSCAServices } = require('../common/scaParserForGoAndJava');
 const javaAnalysis = (config, languageFiles) => {
     languageFiles.JAVA.forEach(file => {
         file.replace('build.gradle.kts', 'build.gradle');
     });
     const javaDeps = buildJavaTree(config, languageFiles.JAVA);
-    return createJavaTSMessage(javaDeps);
+    if (config.experimental) {
+        return parseDependenciesForSCAServices(javaDeps);
+    }
+    else {
+        return createJavaTSMessage(javaDeps);
+    }
 };
 const buildJavaTree = (config, files) => {
     const javaBuildDeps = analysis.getJavaBuildDeps(config, files);

package/dist/scaAnalysis/java/javaBuildDepsParser.js

@@ -14,13 +14,12 @@ const parseBuildDeps = (config, input) => {
 const preParser = shavedOutput => {
     let obj = [];
     for (let dep in shavedOutput) {
+        shavedOutput[dep] = shaveDependencyType(shavedOutput[dep]);
         obj.push(shavedOutput[dep]
             .replace('+-', '+---')
             .replace('[INFO]', '')
             .replace('\\-', '\\---')
             .replace(':jar:', ':')
-            .replace(':test', '')
-            .replace(':compile', '')
             .replace(' +', '+')
             .replace(' |', '|')
             .replace(' \\', '\\')
@@ -50,6 +49,21 @@ const preParser = shavedOutput => {
     }
     return depTree;
 };
+const shaveDependencyType = dep => {
+    if (dep.endsWith('\r')) {
+        dep = dep.slice(0, -1);
+    }
+    if (dep.endsWith(':test')) {
+        dep = dep.slice(0, -5);
+    }
+    if (dep.endsWith(':compile')) {
+        dep = dep.slice(0, -8);
+    }
+    if (dep.endsWith(':provided')) {
+        dep = dep.slice(0, -9);
+    }
+    return dep;
+};
 const shaveOutput = (gradleDependencyTreeOutput, projectType) => {
     let shavedOutput = gradleDependencyTreeOutput.split('\n');
     if (projectType === 'maven') {
@@ -335,5 +349,7 @@ module.exports = {
     computeRelationToLastElement,
     addIndentation,
     computeLevel,
-    computeIndentation
+    computeIndentation,
+    shaveDependencyType,
+    preParser
 };

package/dist/scaAnalysis/javascript/index.js

@@ -2,6 +2,7 @@
 const analysis = require('./analysis');
 const i18n = require('i18n');
 const formatMessage = require('../common/formatMessage');
+const scaServiceParser = require('./scaServiceParser');
 const jsAnalysis = async (config, languageFiles) => {
     checkForCorrectFiles(languageFiles);
     if (!config.file.endsWith('/')) {
@@ -12,6 +13,9 @@ const jsAnalysis = async (config, languageFiles) => {
 const buildNodeTree = async (config, files) => {
     let analysis = await readFiles(config, files);
     const rawNode = await parseFiles(config, files, analysis);
+    if (config.experimental) {
+        return scaServiceParser.parseJS(rawNode);
+    }
     return formatMessage.createJavaScriptTSMessage(rawNode);
 };
 const readFiles = async (config, files) => {