@contrast/contrast 1.0.12 → 1.0.13

package/dist/commands/audit/processAudit.js

@@ -1,10 +1,14 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.processAudit = void 0;
 const auditConfig_1 = require("./auditConfig");
 const help_1 = require("./help");
 const scaAnalysis_1 = require("../scan/sca/scaAnalysis");
 const telemetry_1 = require("../../telemetry/telemetry");
+const chalk_1 = __importDefault(require("chalk"));
 const processAudit = async (contrastConf, argv) => {
     if (argv.indexOf('--help') != -1) {
         printHelpMessage();
@@ -12,9 +16,15 @@ const processAudit = async (contrastConf, argv) => {
     }
     const config = await (0, auditConfig_1.getAuditConfig)(contrastConf, 'audit', argv);
     await (0, scaAnalysis_1.processSca)(config);
+    postRunMessage();
     await (0, telemetry_1.sendTelemetryConfigAsObject)(config, 'audit', argv, 'SUCCESS', config.language);
 };
 exports.processAudit = processAudit;
 const printHelpMessage = () => {
     console.log(help_1.auditUsageGuide);
 };
+const postRunMessage = () => {
+    console.log('\n' + chalk_1.default.underline.bold('Other Codesec Features:'));
+    console.log("'contrast scan' to run CodeSec’s industry leading SAST scanner");
+    console.log("'contrast lambda' to secure your AWS serverless functions\n");
+};

package/dist/commands/scan/processScan.js

@@ -7,9 +7,12 @@ const { formatScanOutput } = require('../../scan/formatScanOutput');
 const { processSca } = require('./sca/scaAnalysis');
 const common = require('../../common/fail');
 const { sendTelemetryConfigAsObject } = require('../../telemetry/telemetry');
+const chalk = require('chalk');
+const generalAPI = require('../../utils/generalAPI');
 const processScan = async (contrastConf, argv) => {
     let config = await scanConfig.getScanConfig(contrastConf, 'scan', argv);
     let output = undefined;
+    config.mode = await generalAPI.getMode(config);
     if (config.experimental) {
         await processSca(config, argv);
     }
@@ -24,6 +27,12 @@ const processScan = async (contrastConf, argv) => {
     if (config.fail) {
         common.processFail(config, output);
     }
+    postRunMessage();
+};
+const postRunMessage = () => {
+    console.log('\n' + chalk.underline.bold('Other Codesec Features:'));
+    console.log("'contrast audit' to find vulnerabilities in your open source dependencies");
+    console.log("'contrast lambda' to secure your AWS serverless functions\n");
 };
 module.exports = {
     processScan

package/dist/commands/scan/sca/scaAnalysis.js

@@ -2,6 +2,7 @@
 const autoDetection = require('../../../scan/autoDetection');
 const javaAnalysis = require('../../../scaAnalysis/java');
 const treeUpload = require('../../../scaAnalysis/common/treeUpload');
+const scaUpload = require('../../../scaAnalysis/common/scaServicesUpload');
 const auditController = require('../../audit/auditController');
 const { supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET } } = require('../../../constants/constants');
 const goAnalysis = require('../../../scaAnalysis/go/goAnalysis');
@@ -18,7 +19,9 @@ const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet');
 const { auditUsageGuide } = require('../../audit/help');
 const rootFile = require('../../../audit/languageAnalysisEngine/getProjectRootFilenames');
 const path = require('path');
+const generalAPI = require('../../../utils/generalAPI');
 const processSca = async (config) => {
+    config.mode = await generalAPI.getMode(config);
     const startTime = performance.now();
     let filesFound;
     if (config.help) {

package/dist/common/HTTPClient.js

@@ -130,9 +130,9 @@ HTTPClient.prototype.getScanProjectById = function getScanProjectById(config) {
     options.url = createScanProjectUrl(config);
     return requestUtils.sendRequest({ method: 'get', options });
 };
-HTTPClient.prototype.getGlobalProperties = function getGlobalProperties() {
+HTTPClient.prototype.getGlobalProperties = function getGlobalProperties(host) {
     const options = _.cloneDeep(this.requestOptions);
-    let url = createGlobalPropertiesUrl(options.uri);
+    let url = createGlobalPropertiesUrl(host);
     options.url = url;
     return requestUtils.sendRequest({ method: 'get', options });
 };
@@ -166,6 +166,25 @@ HTTPClient.prototype.sendSnapshot = function sendSnapshot(requestBody, config) {
     options.body = requestBody;
     return requestUtils.sendRequest({ method: 'post', options });
 };
+HTTPClient.prototype.scaServiceIngest = function scaServiceIngest(requestBody, config) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createScaServiceIngestURL(config);
+    options.url = url;
+    options.body = requestBody;
+    return requestUtils.sendRequest({ method: 'post', options });
+};
+HTTPClient.prototype.scaServiceReport = function scaServiceReport(config, reportId) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createScaServiceReportURL(config, reportId);
+    options.url = url;
+    return requestUtils.sendRequest({ method: 'get', options });
+};
+HTTPClient.prototype.scaServiceReportStatus = function scaServiceReport(config, reportId) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createScaServiceReportStatusURL(config, reportId);
+    options.url = url;
+    return requestUtils.sendRequest({ method: 'get', options });
+};
 HTTPClient.prototype.getReportById = function getReportById(config, reportId) {
     const options = _.cloneDeep(this.requestOptions);
     if (config.ignoreDev) {
@@ -301,6 +320,15 @@ const pollForAuthUrl = () => {
 function createSnapshotURL(config) {
     return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/snapshots`;
 }
+function createScaServiceReportURL(config, reportId) {
+    return ``;
+}
+function createScaServiceReportStatusURL(config, reportId) {
+    return ``;
+}
+function createScaServiceIngestURL(config) {
+    return ``;
+}
 const createAppCreateURL = config => {
     return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/create`;
 };

package/dist/common/fail.js

@@ -21,11 +21,15 @@ const isSeverityViolation = (severity, reportResults) => {
             count += reportResults.high + reportResults.critical;
             break;
         case 'medium':
-            count += reportResults.medium + reportResults.low + reportResults.critical;
+            count +=
+                reportResults.medium + reportResults.high + reportResults.critical;
             break;
         case 'low':
             count +=
-                reportResults.high + reportResults.critical + reportResults.medium;
+                reportResults.high +
+                    reportResults.critical +
+                    reportResults.medium +
+                    reportResults.low;
             break;
         case 'note':
             if (reportResults.note == reportResults.total) {
@@ -45,7 +49,7 @@ const failPipeline = (message = '') => {
         i18n.__('snapshotFailureHeader') +
         ' *********************************\n' +
         i18n.__(message));
-    process.exit(1);
+    process.exit(2);
 };
 const parseSeverity = severity => {
     const severities = ['NOTE', 'LOW', 'MEDIUM', 'HIGH', 'CRITICAL'];

package/dist/common/versionChecker.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isCorrectNodeVersion = exports.findLatestCLIVersion = void 0;
+exports.isCorrectNodeVersion = exports.findLatestCLIVersion = exports.getLatestVersion = void 0;
 const constants_1 = require("../constants/constants");
 const boxen_1 = __importDefault(require("boxen"));
 const chalk_1 = __importDefault(require("chalk"));
@@ -19,16 +19,22 @@ const getLatestVersion = async (config) => {
         }
     }
     catch (e) {
-        return;
+        return undefined;
     }
 };
+exports.getLatestVersion = getLatestVersion;
 async function findLatestCLIVersion(config) {
     const isCI = process.env.CONTRAST_CODESEC_CI
-        ? JSON.parse(process.env.CONTRAST_CODESEC_CI)
+        ? JSON.parse(process.env.CONTRAST_CODESEC_CI.toLowerCase())
         : false;
     if (!isCI) {
-        let latestCLIVersion = await getLatestVersion(config);
-        latestCLIVersion = latestCLIVersion.substring(8);
+        let latestCLIVersion = await (0, exports.getLatestVersion)(config);
+        if (latestCLIVersion === undefined) {
+            config.set('numOfRuns', 0);
+            console.log('Failed to retrieve latest version info. Continuing execution.');
+            return;
+        }
+        latestCLIVersion = latestCLIVersion.substring(8).replace('\n', '');
         if (semver_1.default.lt(constants_1.APP_VERSION, latestCLIVersion)) {
             const updateAvailableMessage = `Update available ${chalk_1.default.yellow(constants_1.APP_VERSION)} → ${chalk_1.default.green(latestCLIVersion)}`;
             const npmUpdateAvailableCommand = `Run ${chalk_1.default.cyan('npm i @contrast/contrast -g')} to update via npm`;

package/dist/constants/constants.js

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '1.0.12';
+const APP_VERSION = '1.0.13';
 const TIMEOUT = 120000;
 const HIGH_COLOUR = '#ff9900';
 const CRITICAL_COLOUR = '#e35858';

package/dist/constants/locales.js

@@ -20,7 +20,7 @@ const en_locales = () => {
         unauthenticatedErrorHeader: '401 error - Unauthenticated',
         unauthenticatedErrorMessage: 'Please check the following keys are correct:\n--organization-id, --api-key or --authorization',
         badRequestErrorHeader: '400 error - Bad Request',
-        badRequestErrorMessage: 'Please check the following key is correct: \n--application-id',
+        badRequestErrorMessage: 'Please check your parameters and try again',
         badRequestCatalogueErrorMessage: 'The application name already exists, please use a unique name',
         forbiddenRequestErrorHeader: '403 error - Forbidden',
         forbiddenRequestErrorMessage: 'You do not have permission to access this server.',
@@ -213,7 +213,7 @@ const en_locales = () => {
         scanOptionsFileNameSummary: 'Path of the file you want to scan. If no file is specified, Contrast searches for a .jar, .war, .exe or .zip file in the working directory.',
         scanOptionsVerboseSummary: ' Returns extended information to the terminal.',
         authSuccessMessage: 'Authentication successful',
-        runAuthSuccessMessage: "Now you can use CodeSec by Contrast \nRun: \n'contrast scan' on your file \n'contrast audit' on a file or directory,\n'contrast lambda' on an AWS function.\nor 'contrast help' to learn more about the capabilities.",
+        runAuthSuccessMessage: "Now you can use CodeSec by Contrast \nRun: \n'contrast scan' to run CodeSec’s industry leading SAST scanner \n'contrast audit' to find vulnerabilities in your open source dependencies \n'contrast lambda' to secure your AWS serverless functions\nor 'contrast help' to learn more about the capabilities.",
         authWaitingMessage: 'Waiting for auth...',
         authTimedOutMessage: 'Auth Timed out, try again',
         zipErrorScan: 'We only support zip files for JAVASCRIPT language, please set the flag --language JAVASCRIPT',

package/dist/index.js

@@ -45,7 +45,7 @@ const start = async () => {
                 return;
             }
             config.set('numOfRuns', config.get('numOfRuns') + 1);
-            if (config.get('numOfRuns') >= 1) {
+            if (config.get('numOfRuns') >= 10) {
                 await (0, versionChecker_1.findLatestCLIVersion)(config);
                 config.set('numOfRuns', 0);
             }

package/dist/lambda/lambda.js

@@ -23,6 +23,7 @@ const oraWrapper_1 = __importDefault(require("../utils/oraWrapper"));
 const analytics_1 = require("./analytics");
 const types_1 = require("./types");
 const constants_2 = require("../constants/constants");
+const chalk_1 = __importDefault(require("chalk"));
 const failedStates = [
     'UNSUPPORTED',
     'EXCLUDED',
@@ -109,6 +110,7 @@ const processLambda = async (argv) => {
         }
         await (0, analytics_1.postAnalytics)(endCommandAnalytics).catch((error) => {
         });
+        postRunMessage();
         if (errorMsg) {
             process.exit(1);
         }
@@ -191,3 +193,8 @@ const handleLambdaHelp = () => {
     printHelpMessage();
     process.exit(0);
 };
+const postRunMessage = () => {
+    console.log('\n' + chalk_1.default.underline.bold('Other Codesec Features:'));
+    console.log("'contrast scan' to run CodeSec’s industry leading SAST scanner");
+    console.log("'contrast audit' to find vulnerabilities in your open source dependencies\n");
+};

package/dist/scaAnalysis/common/scaServicesUpload.js

@@ -0,0 +1,52 @@
+"use strict";
+const commonApi = require('../../utils/commonApi');
+const { APP_VERSION } = require('../../constants/constants');
+const requestUtils = require('../../utils/requestUtils');
+const scaTreeUpload = async (analysis, config) => {
+    const requestBody = {
+        applicationId: config.applicationId,
+        dependencyTree: analysis,
+        organizationId: config.organizationId,
+        language: 'NODE',
+        tool: {
+            name: 'Contrast Codesec',
+            version: APP_VERSION
+        }
+    };
+    const client = commonApi.getHttpClient(config);
+    const reportID = await client
+        .scaServiceIngest(requestBody, config)
+        .then(res => {
+        if (res.statusCode === 201) {
+            return res.body.libraryIngestJobId;
+        }
+        else {
+            throw new Error(res.statusCode + ` error ingesting dependencies`);
+        }
+    })
+        .catch(err => {
+        throw err;
+    });
+    let keepChecking = true;
+    while (keepChecking) {
+        keepChecking = await client
+            .scaServiceReportStatus(config, reportID)
+            .then(res => {
+            console.log(res.body);
+            if (res.body.status == 'COMPLETED') {
+                client.scaServiceReport(config, reportID).then(res => {
+                    console.log(res.statusCode);
+                    console.log(res.body);
+                });
+                return (keepChecking = false);
+            }
+            else {
+                return (keepChecking = true);
+            }
+        });
+        await requestUtils.sleep(5000);
+    }
+};
+module.exports = {
+    scaTreeUpload
+};

package/dist/scaAnalysis/javascript/index.js

@@ -2,6 +2,7 @@
 const analysis = require('./analysis');
 const i18n = require('i18n');
 const formatMessage = require('../common/formatMessage');
+const scaServiceParser = require('./scaServiceParser');
 const jsAnalysis = async (config, languageFiles) => {
     checkForCorrectFiles(languageFiles);
     if (!config.file.endsWith('/')) {
@@ -12,6 +13,9 @@ const jsAnalysis = async (config, languageFiles) => {
 const buildNodeTree = async (config, files) => {
     let analysis = await readFiles(config, files);
     const rawNode = await parseFiles(config, files, analysis);
+    if (config.experimental) {
+        return scaServiceParser.parseJS(rawNode);
+    }
     return formatMessage.createJavaScriptTSMessage(rawNode);
 };
 const readFiles = async (config, files) => {

package/dist/scaAnalysis/javascript/scaServiceParser.js

@@ -0,0 +1,109 @@
+"use strict";
+const parseJS = rawNode => {
+    let dependencyTree = {};
+    let combinedPackageJSONDep = {
+        ...rawNode.packageJSON?.dependencies,
+        ...rawNode.packageJSON?.devDependencies
+    };
+    let analyseLock = chooseLockFile(rawNode);
+    if (analyseLock.type === 'yarn') {
+        dependencyTree = yarnCreateDepTree(dependencyTree, combinedPackageJSONDep, analyseLock.lockFile, rawNode);
+    }
+    if (analyseLock.type === 'npm') {
+        dependencyTree = npmCreateDepTree(dependencyTree, combinedPackageJSONDep, analyseLock.lockFile, rawNode);
+    }
+    return dependencyTree;
+};
+const npmCreateDepTree = (dependencyTree, combinedPackageJSONDep, packageLock, rawNode) => {
+    for (const [key, value] of Object.entries(packageLock)) {
+        dependencyTree[key] = {
+            name: key,
+            version: getResolvedVersion(key, packageLock),
+            group: null,
+            isProduction: checkIfInPackageJSON(rawNode.packageJSON.dependencies, key),
+            directDependency: checkIfInPackageJSON(combinedPackageJSONDep, key),
+            dependencies: createNPMChildDependencies(packageLock, key)
+        };
+    }
+    return dependencyTree;
+};
+const yarnCreateDepTree = (dependencyTree, combinedPackageJSONDep, packageLock, rawNode) => {
+    for (const [key, value] of Object.entries(packageLock)) {
+        let gav = getNameFromGAV(key);
+        let nag = getDepNameWithoutVersion(key);
+        dependencyTree[key] = {
+            name: gav,
+            version: getResolvedVersion(key, packageLock),
+            group: null,
+            isProduction: checkIfInPackageJSON(rawNode.packageJSON.dependencies, nag),
+            directDependency: checkIfInPackageJSON(combinedPackageJSONDep, nag),
+            dependencies: createChildDependencies(packageLock, key)
+        };
+    }
+    return dependencyTree;
+};
+const chooseLockFile = rawNode => {
+    if (rawNode?.yarn?.yarnLockFile !== undefined) {
+        return { lockFile: rawNode?.yarn?.yarnLockFile?.object, type: 'yarn' };
+    }
+    else if (rawNode.npmLockFile !== undefined) {
+        return { lockFile: rawNode?.npmLockFile?.dependencies, type: 'npm' };
+    }
+    else {
+        return undefined;
+    }
+};
+const createKeyName = (dep, version) => {
+    return dep + '@' + version;
+};
+const checkIfInPackageJSON = (list, dep) => {
+    return Object.keys(list).includes(dep);
+};
+const createChildDependencies = (lockFileDep, currentDep) => {
+    let depArray = [];
+    if (lockFileDep[currentDep]?.dependencies) {
+        for (const [key, value] of Object.entries(lockFileDep[currentDep]?.dependencies)) {
+            depArray.push(createKeyName(key, value));
+        }
+    }
+    return depArray;
+};
+const createNPMChildDependencies = (lockFileDep, currentDep) => {
+    let depArray = [];
+    if (lockFileDep[currentDep]?.requires) {
+        for (const [key, value] of Object.entries(lockFileDep[currentDep]?.requires)) {
+            depArray.push(key);
+        }
+    }
+    return depArray;
+};
+const getDepNameWithoutVersion = depKey => {
+    let dependency = depKey.split('@');
+    if (dependency.length - 1 > 1) {
+        return '@' + dependency[1];
+    }
+    return dependency[0];
+};
+const getNameFromGAV = depKey => {
+    let dependency = depKey.split('/');
+    if (dependency.length == 2) {
+        dependency = getDepNameWithoutVersion(dependency[1]);
+        return dependency;
+    }
+    if (dependency.length == 1) {
+        dependency = getDepNameWithoutVersion(depKey);
+        return dependency;
+    }
+    return depKey;
+};
+const getResolvedVersion = (depKey, packageLock) => {
+    return packageLock[depKey]?.version;
+};
+module.exports = {
+    parseJS,
+    checkIfInPackageJSON,
+    getNameFromGAV,
+    getResolvedVersion,
+    chooseLockFile,
+    createNPMChildDependencies
+};

package/dist/scaAnalysis/ruby/analysis.js

@@ -1,6 +1,26 @@
 "use strict";
 const fs = require('fs');
 const i18n = require('i18n');
+const getRubyDeps = (config, languageFiles) => {
+    try {
+        checkForCorrectFiles(languageFiles);
+        const parsedGem = readAndParseGemfile(config.file);
+        const parsedLock = readAndParseGemLockFile(config.file);
+        if (config.experimental) {
+            const rubyArray = removeRedundantAndPopulateDefinedElements(parsedLock.sources);
+            let rubyTree = createRubyTree(rubyArray);
+            findChildrenDependencies(rubyTree);
+            processRootDependencies(parsedLock.dependencies, rubyTree);
+            return rubyTree;
+        }
+        else {
+            return { gemfilesDependanceies: parsedGem, gemfileLock: parsedLock };
+        }
+    }
+    catch (err) {
+        throw err;
+    }
+};
 const readAndParseGemfile = file => {
     const gemFile = fs.readFileSync(file + '/Gemfile', 'utf8');
     const rubyArray = gemFile.split('\n');
@@ -189,16 +209,89 @@ const buildSourceDependencyWithVersion = (whitespaceRegx, dependencyRegEx, line,
     }
     return dependencies;
 };
-const getRubyDeps = (config, languageFiles) => {
-    try {
-        checkForCorrectFiles(languageFiles);
-        const parsedGem = readAndParseGemfile(config.file);
-        const parsedLock = readAndParseGemLockFile(config.file);
-        return { gemfilesDependanceies: parsedGem, gemfileLock: parsedLock };
+const processRootDependencies = (rootDependencies, rubyTree) => {
+    const getParentObjectByName = queryToken => Object.values(rubyTree).filter(({ name }) => name === queryToken);
+    for (let parent in rootDependencies) {
+        let parentObject = getParentObjectByName(parent);
+        if (parentObject[0]) {
+            let gav = parentObject[0].group +
+                '/' +
+                parentObject[0].name +
+                '@' +
+                parentObject[0].version;
+            rubyTree[gav] = parentObject[0];
+            rubyTree[gav].directDependency = true;
+        }
     }
-    catch (err) {
-        throw err;
+    return rubyTree;
+};
+const createRubyTree = rubyArray => {
+    let rubyTree = {};
+    for (let x in rubyArray) {
+        let version = rubyArray[x].resolved;
+        let gav = rubyArray[x].group + '/' + rubyArray[x].name + '@' + version;
+        rubyTree[gav] = rubyArray[x];
+        rubyTree[gav].directDependency = false;
+        rubyTree[gav].version = version;
+        if (!rubyTree[gav].dependencies) {
+            rubyTree[gav].dependencies = [];
+        }
+        delete rubyTree[gav].resolved;
     }
+    return rubyTree;
+};
+const findChildrenDependencies = rubyTree => {
+    for (let dep in rubyTree) {
+        let unResolvedChildDepsKey = Object.keys(rubyTree[dep].dependencies);
+        rubyTree[dep].dependencies = resolveVersionOfChildDependencies(unResolvedChildDepsKey, rubyTree);
+    }
+};
+const resolveVersionOfChildDependencies = (unResolvedChildDepsKey, rubyObject) => {
+    const getParentObjectByName = queryToken => Object.values(rubyObject).filter(({ name }) => name === queryToken);
+    let resolvedChildrenDependencies = [];
+    for (let childDep in unResolvedChildDepsKey) {
+        let childDependencyName = unResolvedChildDepsKey[childDep];
+        let parent = getParentObjectByName(childDependencyName);
+        resolvedChildrenDependencies.push('null/' + childDependencyName + '@' + parent[0].version);
+    }
+    return resolvedChildrenDependencies;
+};
+const removeRedundantAndPopulateDefinedElements = deps => {
+    return deps.map(element => {
+        if (element.sourceType === 'GIT') {
+            delete element.sourceType;
+            delete element.remote;
+            delete element.platform;
+            element.group = null;
+            element.isProduction = true;
+        }
+        if (element.sourceType === 'GEM') {
+            element.group = null;
+            element.isProduction = true;
+            delete element.sourceType;
+            delete element.remote;
+            delete element.platform;
+        }
+        if (element.sourceType === 'PATH') {
+            element.group = null;
+            element.isProduction = true;
+            delete element.platform;
+            delete element.sourceType;
+            delete element.remote;
+        }
+        if (element.sourceType === 'BUNDLED WITH') {
+            element.group = null;
+            element.isProduction = true;
+            delete element.sourceType;
+            delete element.remote;
+            delete element.branch;
+            delete element.revision;
+            delete element.depthLevel;
+            delete element.specs;
+            delete element.platform;
+        }
+        return element;
+    });
 };
 const checkForCorrectFiles = languageFiles => {
     if (!languageFiles.includes('Gemfile.lock')) {
@@ -224,5 +317,9 @@ module.exports = {
     getPatchLevel,
     formatSourceArr,
     getSourceArray,
-    checkForCorrectFiles
+    checkForCorrectFiles,
+    removeRedundantAndPopulateDefinedElements,
+    createRubyTree,
+    findChildrenDependencies,
+    processRootDependencies
 };

package/dist/scaAnalysis/ruby/index.js

@@ -3,7 +3,12 @@ const analysis = require('./analysis');
 const { createRubyTSMessage } = require('../common/formatMessage');
 const rubyAnalysis = (config, languageFiles) => {
     const rubyDeps = analysis.getRubyDeps(config, languageFiles.RUBY);
-    return createRubyTSMessage(rubyDeps);
+    if (config.experimental) {
+        return rubyDeps;
+    }
+    else {
+        return createRubyTSMessage(rubyDeps);
+    }
 };
 module.exports = {
     rubyAnalysis

package/dist/scan/scanResults.js

@@ -66,7 +66,7 @@ const returnScanResults = async (config, codeArtifactId, newProject, timeout, st
             if (requestUtils.millisToSeconds(endTime) > timeout) {
                 oraFunctions.failSpinner(startScanSpinner, 'Contrast Scan timed out at the specified ' + timeout + ' seconds.');
                 const isCI = process.env.CONTRAST_CODESEC_CI
-                    ? JSON.parse(process.env.CONTRAST_CODESEC_CI)
+                    ? JSON.parse(process.env.CONTRAST_CODESEC_CI.toLowerCase())
                     : false;
                 if (!isCI) {
                     const retry = await retryScanPrompt();

package/dist/{audit/languageAnalysisEngine/util → utils}/generalAPI.js

@@ -1,12 +1,13 @@
 "use strict";
 const { featuresTeamServer } = require('./capabilities');
 const semver = require('semver');
-const { handleResponseErrors } = require('../../../common/errorHandling');
-const { getHttpClient } = require('../../../utils/commonApi');
+const { handleResponseErrors } = require('../common/errorHandling');
+const commonApi = require('./commonApi');
+const { isNil } = require('lodash');
 const getGlobalProperties = async (config) => {
-    const client = getHttpClient(config);
+    const client = commonApi.getHttpClient(config);
     return client
-        .getGlobalProperties(config)
+        .getGlobalProperties(config.host)
         .then(res => {
         if (res.statusCode === 200) {
             return res.body;
@@ -19,6 +20,13 @@ const getGlobalProperties = async (config) => {
         console.log(err);
     });
 };
+const getMode = async (config) => {
+    const features = await getGlobalProperties(config);
+    if (!isNil(features?.mode)) {
+        return features.mode;
+    }
+    return '';
+};
 const getFeatures = version => {
     const featuresEnabled = [];
     featuresTeamServer.forEach(feature => {
@@ -35,5 +43,6 @@ const isFeatureEnabled = (features, featureName) => {
 module.exports = {
     getGlobalProperties,
     getFeatures,
-    isFeatureEnabled
+    isFeatureEnabled,
+    getMode
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/contrast",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "Contrast Security's command line tool",
   "main": "dist/index.js",
   "bin": {