@contrast/contrast 1.0.12 → 1.0.14

package/dist/audit/report/commonReportingFunctions.js

@@ -1,72 +1,64 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getNumOfAndSeverityType = exports.buildFormattedHeaderNum = exports.gatherRemediationAdvice = exports.buildBody = exports.buildHeader = exports.printFormattedOutput = exports.printVulnerabilityResponse = exports.getReport = exports.createSummaryMessageBottom = exports.createSummaryMessageTop = void 0;
-const commonApi_1 = require("../../utils/commonApi");
-const reportListModel_1 = require("./models/reportListModel");
-const lodash_1 = require("lodash");
-const chalk_1 = __importDefault(require("chalk"));
-const reportUtils_1 = require("./utils/reportUtils");
-const severityCountModel_1 = require("./models/severityCountModel");
-const reportOutputModel_1 = require("./models/reportOutputModel");
-const constants_1 = require("../../constants/constants");
-const cli_table3_1 = __importDefault(require("cli-table3"));
-const reportGuidanceModel_1 = require("./models/reportGuidanceModel");
+const commonApi = require('../../utils/commonApi');
+const { ReportCompositeKey, ReportList, ReportModelStructure } = require('./models/reportListModel');
+const { orderBy } = require('lodash');
+const chalk = require('chalk');
+const { countVulnerableLibrariesBySeverity, orderByHighestPriority, findHighestSeverityCVE, findNameAndVersion, severityCountAllCVEs, findCVESeverity } = require('./utils/reportUtils');
+const { SeverityCountModel } = require('./models/severityCountModel');
+const { ReportOutputBodyModel, ReportOutputHeaderModel, ReportOutputModel } = require('./models/reportOutputModel');
+const { CE_URL, CRITICAL_COLOUR, HIGH_COLOUR, LOW_COLOUR, MEDIUM_COLOUR, NOTE_COLOUR } = require('../../constants/constants');
+const Table = require('cli-table3');
+const { ReportGuidanceModel } = require('./models/reportGuidanceModel');
+const i18n = require('i18n');
 const createSummaryMessageTop = (numberOfVulnerableLibraries, numberOfCves) => {
     numberOfVulnerableLibraries === 1
         ? console.log(`Found 1 vulnerable library containing ${numberOfCves} CVE`)
         : console.log(`Found ${numberOfVulnerableLibraries} vulnerable libraries containing ${numberOfCves} CVEs`);
 };
-exports.createSummaryMessageTop = createSummaryMessageTop;
-const createSummaryMessageBottom = (numberOfVulnerableLibraries) => {
+const createSummaryMessageBottom = numberOfVulnerableLibraries => {
     numberOfVulnerableLibraries === 1
-        ? console.log(`Found 1 vulnerable library`)
-        : console.log(`Found ${numberOfVulnerableLibraries} vulnerable libraries`);
+        ? console.log(`Found 1 vulnerability`)
+        : console.log(`Found ${numberOfVulnerableLibraries} vulnerabilities`);
 };
-exports.createSummaryMessageBottom = createSummaryMessageBottom;
 const getReport = async (config, reportId) => {
-    const client = (0, commonApi_1.getHttpClient)(config);
+    const client = commonApi.getHttpClient(config);
     return client
         .getReportById(config, reportId)
-        .then((res) => {
+        .then(res => {
         if (res.statusCode === 200) {
             return res.body;
         }
         else {
-            console.log(JSON.stringify(res));
-            (0, commonApi_1.handleResponseErrors)(res, 'report');
+            console.log(JSON.stringify(res.statusCode));
+            commonApi.handleResponseErrors(res, 'report');
         }
     })
-        .catch((err) => {
+        .catch(err => {
         console.log(err);
     });
 };
-exports.getReport = getReport;
 const printVulnerabilityResponse = (config, vulnerableLibraries, numberOfVulnerableLibraries, numberOfCves, guidance) => {
     let hasSomeVulnerabilitiesReported = false;
-    (0, exports.printFormattedOutput)(config, vulnerableLibraries, numberOfVulnerableLibraries, numberOfCves, guidance);
+    printFormattedOutput(config, vulnerableLibraries, numberOfVulnerableLibraries, numberOfCves, guidance);
     if (Object.keys(vulnerableLibraries).length > 0) {
         hasSomeVulnerabilitiesReported = true;
     }
     return hasSomeVulnerabilitiesReported;
 };
-exports.printVulnerabilityResponse = printVulnerabilityResponse;
 const printFormattedOutput = (config, libraries, numberOfVulnerableLibraries, numberOfCves, guidance) => {
-    (0, exports.createSummaryMessageTop)(numberOfVulnerableLibraries, numberOfCves);
+    createSummaryMessageTop(numberOfVulnerableLibraries, numberOfCves);
     console.log();
-    const report = new reportListModel_1.ReportList();
+    const report = new ReportList();
     for (const library of libraries) {
-        const { name, version } = (0, reportUtils_1.findNameAndVersion)(library, config);
-        const newOutputModel = new reportListModel_1.ReportModelStructure(new reportListModel_1.ReportCompositeKey(name, version, (0, reportUtils_1.findHighestSeverityCVE)(library.cveArray), (0, reportUtils_1.severityCountAllCVEs)(library.cveArray, new severityCountModel_1.SeverityCountModel()).getTotal), library.cveArray);
+        const { name, version } = findNameAndVersion(library, config);
+        const newOutputModel = new ReportModelStructure(new ReportCompositeKey(name, version, findHighestSeverityCVE(library.cveArray), severityCountAllCVEs(library.cveArray, new SeverityCountModel()).getTotal), library.cveArray);
         report.reportOutputList.push(newOutputModel);
     }
-    const outputOrderedByLowestSeverityAndLowestNumOfCvesFirst = (0, lodash_1.orderBy)(report.reportOutputList, [
-        (reportListItem) => {
+    const outputOrderedByLowestSeverityAndLowestNumOfCvesFirst = orderBy(report.reportOutputList, [
+        reportListItem => {
             return reportListItem.compositeKey.highestSeverity.priority;
         },
-        (reportListItem) => {
+        reportListItem => {
             return reportListItem.compositeKey.numberOfSeverities;
         }
     ], ['asc', 'desc']);
@@ -75,83 +67,81 @@ const printFormattedOutput = (config, libraries, numberOfVulnerableLibraries, nu
         contrastHeaderNumCounter++;
         const { libraryName, libraryVersion, highestSeverity } = reportModel.compositeKey;
         const numOfCVEs = reportModel.cveArray.length;
-        const table = new cli_table3_1.default({
-            chars: {
-                top: '',
-                'top-mid': '',
-                'top-left': '',
-                'top-right': '',
-                bottom: '',
-                'bottom-mid': '',
-                'bottom-left': '',
-                'bottom-right': '',
-                left: '',
-                'left-mid': '',
-                mid: '',
-                'mid-mid': '',
-                right: '',
-                'right-mid': '',
-                middle: ' '
-            },
-            style: { 'padding-left': 0, 'padding-right': 0 },
-            colAligns: ['right'],
-            wordWrap: true,
-            colWidths: [12, 1, 100]
-        });
+        const table = getReportTable();
         const header = buildHeader(highestSeverity, contrastHeaderNumCounter, libraryName, libraryVersion, numOfCVEs);
         const advice = gatherRemediationAdvice(guidance, libraryName, libraryVersion);
         const body = buildBody(reportModel.cveArray, advice);
-        const reportOutputModel = new reportOutputModel_1.ReportOutputModel(header, body);
+        const reportOutputModel = new ReportOutputModel(header, body);
         table.push(reportOutputModel.body.issueMessage, reportOutputModel.body.adviceMessage);
         console.log(reportOutputModel.header.vulnMessage, reportOutputModel.header.introducesMessage);
         console.log(table.toString() + '\n');
     }
-    (0, exports.createSummaryMessageBottom)(numberOfVulnerableLibraries);
+    createSummaryMessageBottom(numberOfVulnerableLibraries);
     const { criticalMessage, highMessage, mediumMessage, lowMessage, noteMessage } = buildFooter(outputOrderedByLowestSeverityAndLowestNumOfCvesFirst);
     console.log(`${criticalMessage} | ${highMessage} | ${mediumMessage} | ${lowMessage} | ${noteMessage}`);
-    if (config.host !== constants_1.CE_URL) {
-        console.log('\n' + chalk_1.default.bold('View your full dependency tree in Contrast:'));
+    if (config.host !== CE_URL) {
+        console.log('\n' + chalk.bold('View your full dependency tree in Contrast:'));
         console.log(`${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${config.applicationId}/libs/dependency-tree`);
     }
 };
-exports.printFormattedOutput = printFormattedOutput;
+function getReportTable() {
+    return new Table({
+        chars: {
+            top: '',
+            'top-mid': '',
+            'top-left': '',
+            'top-right': '',
+            bottom: '',
+            'bottom-mid': '',
+            'bottom-left': '',
+            'bottom-right': '',
+            left: '',
+            'left-mid': '',
+            mid: '',
+            'mid-mid': '',
+            right: '',
+            'right-mid': '',
+            middle: ' '
+        },
+        style: { 'padding-left': 0, 'padding-right': 0 },
+        colAligns: ['right'],
+        wordWrap: true,
+        colWidths: [12, 1, 100]
+    });
+}
 function buildHeader(highestSeverity, contrastHeaderNum, libraryName, version, numOfCVEs) {
     const vulnerabilityPluralised = numOfCVEs > 1 ? 'vulnerabilities' : 'vulnerability';
     const formattedHeaderNum = buildFormattedHeaderNum(contrastHeaderNum);
-    const headerColour = chalk_1.default.hex(highestSeverity.outputColour);
+    const headerColour = chalk.hex(highestSeverity.colour);
     const headerNumAndSeverity = headerColour(`${formattedHeaderNum} - [${highestSeverity.severity}]`);
     const libraryNameAndVersion = headerColour.bold(`${libraryName}-${version}`);
     const vulnMessage = `${headerNumAndSeverity} ${libraryNameAndVersion}`;
     const introducesMessage = `introduces ${numOfCVEs} ${vulnerabilityPluralised}`;
-    return new reportOutputModel_1.ReportOutputHeaderModel(vulnMessage, introducesMessage);
+    return new ReportOutputHeaderModel(vulnMessage, introducesMessage);
 }
-exports.buildHeader = buildHeader;
 function buildBody(cveArray, advice) {
-    const cveMessages = [];
-    (0, reportUtils_1.findCVESeveritiesAndOrderByHighestPriority)(cveArray).forEach(reportSeverityModel => {
-        const { outputColour, severity, cveName } = reportSeverityModel;
-        const severityShorthand = chalk_1.default
-            .hex(outputColour)
-            .bold(`[${severity.charAt(0).toUpperCase()}]`);
-        const builtMessage = severityShorthand + cveName;
-        cveMessages.push(builtMessage);
-    });
-    const numAndSeverityType = getNumOfAndSeverityType(cveArray);
-    const issueMessage = [
-        chalk_1.default.bold('Issue'),
-        ':',
-        `${numAndSeverityType} ${cveMessages.join(', ')}`
-    ];
+    let assignPriorityToVulns = cveArray.map(result => findCVESeverity(result));
+    const issueMessage = getIssueRow(assignPriorityToVulns);
     const minOrMax = advice.maximum ? advice.maximum : advice.minimum;
     const displayAdvice = minOrMax
-        ? `Change to version ${chalk_1.default.bold(minOrMax)}`
+        ? `Change to version ${chalk.bold(minOrMax)}`
         : 'No recommendation is available according to our data. Upgrade to the latest stable is the best advice we can give.';
-    const adviceMessage = [chalk_1.default.bold('Advice'), ':', displayAdvice];
-    return new reportOutputModel_1.ReportOutputBodyModel(issueMessage, adviceMessage);
+    const adviceMessage = [chalk.bold('Advice'), ':', displayAdvice];
+    return new ReportOutputBodyModel(issueMessage, adviceMessage);
+}
+function getIssueRow(cveArray) {
+    orderByHighestPriority(cveArray);
+    const cveMessagesList = getIssueCveMsgList(cveArray);
+    const cveNumbers = getSeverityCounts(cveArray);
+    const numAndSeverityTypeDesc = getNumOfAndSeverityType(cveNumbers);
+    return [
+        chalk.bold('Issue'),
+        ':',
+        `${numAndSeverityTypeDesc} ${cveMessagesList.join(', ')}`
+    ];
 }
-exports.buildBody = buildBody;
 function gatherRemediationAdvice(guidance, libraryName, libraryVersion) {
-    const guidanceModel = new reportGuidanceModel_1.ReportGuidanceModel();
+    const guidanceModel = new ReportGuidanceModel();
     const data = guidance[libraryName + '@' + libraryVersion];
     if (data) {
         guidanceModel.minimum = data.minUpgradeVersion;
@@ -159,43 +149,29 @@ function gatherRemediationAdvice(guidance, libraryName, libraryVersion) {
     }
     return guidanceModel;
 }
-exports.gatherRemediationAdvice = gatherRemediationAdvice;
 function buildFormattedHeaderNum(contrastHeaderNum) {
     return `CONTRAST-${contrastHeaderNum.toString().padStart(3, '0')}`;
 }
-exports.buildFormattedHeaderNum = buildFormattedHeaderNum;
-function getNumOfAndSeverityType(cveArray) {
-    const { critical, high, medium, low, note } = (0, reportUtils_1.severityCountAllCVEs)(cveArray, new severityCountModel_1.SeverityCountModel());
-    const criticalNumCheck = critical > 0;
-    const highNumCheck = high > 0;
-    const highDivider = highNumCheck ? '|' : '';
-    const mediumNumCheck = medium > 0;
-    const mediumDivider = mediumNumCheck ? '|' : '';
-    const lowNumCheck = low > 0;
-    const lowDivider = lowNumCheck ? '|' : '';
-    const noteNumCheck = low > 0;
-    const noteDivider = noteNumCheck ? '|' : '';
-    const criticalMessage = criticalNumCheck
-        ? `${critical} Critical ${highDivider}`
-        : '';
-    const highMessage = highNumCheck ? `${high} High ${mediumDivider}` : '';
-    const mediumMessage = mediumNumCheck ? `${medium} Medium ${lowDivider}` : '';
-    const lowMessage = lowNumCheck ? `${low} Low ${noteDivider}` : '';
-    const noteMessage = noteNumCheck ? `${note} Note` : '';
-    return `${criticalMessage} ${highMessage} ${mediumMessage} ${lowMessage} ${noteMessage}`
+function getNumOfAndSeverityType(cveNumbers) {
+    const { critical, high, medium, low, note } = cveNumbers;
+    const criticalMsg = critical > 0 ? `${critical} Critical | ` : '';
+    const highMsg = high > 0 ? `${high} High | ` : '';
+    const mediumMsg = medium > 0 ? `${medium} Medium | ` : '';
+    const lowMsg = low > 0 ? `${low} Low | ` : '';
+    const noteMsg = note > 0 ? `${note} Note` : '';
+    return `${criticalMsg} ${highMsg} ${mediumMsg} ${lowMsg} ${noteMsg}`
         .replace(/\s+/g, ' ')
         .trim();
 }
-exports.getNumOfAndSeverityType = getNumOfAndSeverityType;
-const buildFooter = (reportModelStructure) => {
-    const { critical, high, medium, low, note } = (0, reportUtils_1.countVulnerableLibrariesBySeverity)(reportModelStructure);
-    const criticalMessage = chalk_1.default
-        .hex(constants_1.CRITICAL_COLOUR)
+const buildFooter = reportModelStructure => {
+    const { critical, high, medium, low, note } = countVulnerableLibrariesBySeverity(reportModelStructure);
+    const criticalMessage = chalk
+        .hex(CRITICAL_COLOUR)
         .bold(`${critical} Critical`);
-    const highMessage = chalk_1.default.hex(constants_1.HIGH_COLOUR).bold(`${high} High`);
-    const mediumMessage = chalk_1.default.hex(constants_1.MEDIUM_COLOUR).bold(`${medium} Medium`);
-    const lowMessage = chalk_1.default.hex(constants_1.LOW_COLOUR).bold(`${low} Low`);
-    const noteMessage = chalk_1.default.hex(constants_1.NOTE_COLOUR).bold(`${note} Note`);
+    const highMessage = chalk.hex(HIGH_COLOUR).bold(`${high} High`);
+    const mediumMessage = chalk.hex(MEDIUM_COLOUR).bold(`${medium} Medium`);
+    const lowMessage = chalk.hex(LOW_COLOUR).bold(`${low} Low`);
+    const noteMessage = chalk.hex(NOTE_COLOUR).bold(`${note} Note`);
     return {
         criticalMessage,
         highMessage,
@@ -204,3 +180,86 @@ const buildFooter = (reportModelStructure) => {
         noteMessage
     };
 };
+const getIssueCveMsgList = results => {
+    const cveMessages = [];
+    results.forEach(reportSeverityModel => {
+        const { colour, severity, name } = reportSeverityModel;
+        const severityShorthand = chalk
+            .hex(colour)
+            .bold(`[${severity.charAt(0).toUpperCase()}]`);
+        const builtMessage = severityShorthand + name;
+        cveMessages.push(builtMessage);
+    });
+    return cveMessages;
+};
+const getSeverityCounts = results => {
+    const acc = {
+        critical: 0,
+        high: 0,
+        medium: 0,
+        low: 0,
+        note: 0,
+        total: 0
+    };
+    if (results && results.length > 0) {
+        results.forEach(i => {
+            acc[i.severity.toLowerCase()] += 1;
+            acc.total += 1;
+            return acc;
+        });
+    }
+    return acc;
+};
+const printNoVulnFoundMsg = () => {
+    console.log(i18n.__('scanNoVulnerabilitiesFound'));
+    console.log(i18n.__('scanNoVulnerabilitiesFoundSecureCode'));
+    console.log(i18n.__('scanNoVulnerabilitiesFoundGoodWork'));
+    console.log(chalk.bold(`Found 0 vulnerabilities`));
+    console.log(i18n.__('foundDetailedVulnerabilities', String(0), String(0), String(0), String(0), String(0)));
+};
+const printVulnInfo = projectOverview => {
+    const totalVulnerabilities = projectOverview.total;
+    createSummaryMessageBottom(totalVulnerabilities);
+    const formattedValues = severityFormatted(projectOverview);
+    console.log(i18n.__('foundDetailedVulnerabilities', String(formattedValues.criticalFormatted), String(formattedValues.highFormatted), String(formattedValues.mediumFormatted), String(formattedValues.lowFormatted), String(formattedValues.noteFormatted)));
+};
+const severityFormatted = projectOverview => {
+    const criticalFormatted = chalk
+        .hex(CRITICAL_COLOUR)
+        .bold(`${projectOverview.critical} Critical`);
+    const highFormatted = chalk
+        .hex(HIGH_COLOUR)
+        .bold(`${projectOverview.high} High`);
+    const mediumFormatted = chalk
+        .hex(MEDIUM_COLOUR)
+        .bold(`${projectOverview.medium} Medium`);
+    const lowFormatted = chalk.hex(LOW_COLOUR).bold(`${projectOverview.low} Low`);
+    const noteFormatted = chalk
+        .hex(NOTE_COLOUR)
+        .bold(`${projectOverview.note} Note`);
+    return {
+        criticalFormatted,
+        highFormatted,
+        mediumFormatted,
+        lowFormatted,
+        noteFormatted
+    };
+};
+module.exports = {
+    createSummaryMessageTop,
+    getReport,
+    createSummaryMessageBottom,
+    printVulnerabilityResponse,
+    printFormattedOutput,
+    getReportTable,
+    buildHeader,
+    buildBody,
+    getIssueRow,
+    gatherRemediationAdvice,
+    buildFormattedHeaderNum,
+    getNumOfAndSeverityType,
+    getIssueCveMsgList,
+    getSeverityCounts,
+    printNoVulnFoundMsg,
+    printVulnInfo
+};

package/dist/audit/report/models/reportSeverityModel.js

@@ -2,11 +2,11 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ReportSeverityModel = void 0;
 class ReportSeverityModel {
-    constructor(severity, priority, outputColour, cveName) {
+    constructor(severity, priority, colour, name) {
         this.severity = severity;
         this.priority = priority;
-        this.outputColour = outputColour;
-        this.cveName = cveName;
+        this.colour = colour;
+        this.name = name;
     }
 }
 exports.ReportSeverityModel = ReportSeverityModel;

package/dist/audit/report/reportingFeature.js

@@ -22,15 +22,10 @@ var __importStar = (this && this.__importStar) || function (mod) {
     __setModuleDefault(result, mod);
     return result;
 };
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.vulnerabilityReportV2 = exports.formatVulnerabilityOutput = exports.convertJSDotNetPython = exports.convertKeysToStandardFormat = void 0;
 const commonReportingFunctions_1 = require("./commonReportingFunctions");
 const reportUtils_1 = require("./utils/reportUtils");
-const i18n_1 = __importDefault(require("i18n"));
-const chalk_1 = __importDefault(require("chalk"));
 const constants = __importStar(require("../../constants/constants"));
 const severityCountModel_1 = require("./models/severityCountModel");
 const common = __importStar(require("../../common/fail"));
@@ -67,11 +62,7 @@ function formatVulnerabilityOutput(libraryVulnerabilityResponse, id, config, rem
     const guidance = convertKeysToStandardFormat(config, remediationGuidance);
     const numberOfVulnerableLibraries = vulnerableLibraries.length;
     if (numberOfVulnerableLibraries === 0) {
-        console.log(i18n_1.default.__('scanNoVulnerabilitiesFound'));
-        console.log(i18n_1.default.__('scanNoVulnerabilitiesFoundSecureCode'));
-        console.log(i18n_1.default.__('scanNoVulnerabilitiesFoundGoodWork'));
-        console.log(chalk_1.default.bold(`Found ${numberOfVulnerableLibraries} vulnerabilities`));
-        console.log(i18n_1.default.__('foundDetailedVulnerabilities', String(0), String(0), String(0), String(0), String(0)));
+        (0, commonReportingFunctions_1.printNoVulnFoundMsg)();
         return [false, 0, [new severityCountModel_1.SeverityCountModel()]];
     }
     else {

package/dist/audit/report/utils/reportUtils.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.countVulnerableLibrariesBySeverity = exports.findNameAndVersion = exports.severityCountSingleCVE = exports.severityCountAllCVEs = exports.severityCountAllLibraries = exports.convertGenericToTypedLibraryVulns = exports.findCVESeverity = exports.findCVESeveritiesAndOrderByHighestPriority = exports.findHighestSeverityCVE = void 0;
+exports.countVulnerableLibrariesBySeverity = exports.findNameAndVersion = exports.severityCountSingleCVE = exports.severityCountAllCVEs = exports.severityCountAllLibraries = exports.convertGenericToTypedLibraryVulns = exports.findCVESeverity = exports.orderByHighestPriority = exports.findHighestSeverityCVE = void 0;
 const reportLibraryModel_1 = require("../models/reportLibraryModel");
 const reportSeverityModel_1 = require("../models/reportSeverityModel");
 const constants_1 = __importDefault(require("../../../constants/constants"));
@@ -16,10 +16,10 @@ function findHighestSeverityCVE(cveArray) {
     return (0, lodash_1.orderBy)(mappedToReportSeverityModels, cve => cve?.priority)[0];
 }
 exports.findHighestSeverityCVE = findHighestSeverityCVE;
-function findCVESeveritiesAndOrderByHighestPriority(cves) {
-    return (0, lodash_1.orderBy)(cves.map(cve => findCVESeverity(cve)), ['priority'], ['asc']);
+function orderByHighestPriority(cves) {
+    return (0, lodash_1.orderBy)(cves, ['priority'], ['asc']);
 }
-exports.findCVESeveritiesAndOrderByHighestPriority = findCVESeveritiesAndOrderByHighestPriority;
+exports.orderByHighestPriority = orderByHighestPriority;
 function findCVESeverity(cve) {
     const cveName = cve.name;
     if (cve.cvss3SeverityCode === 'CRITICAL' || cve.severityCode === 'CRITICAL') {

package/dist/commands/audit/processAudit.js

@@ -1,10 +1,14 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.processAudit = void 0;
 const auditConfig_1 = require("./auditConfig");
 const help_1 = require("./help");
 const scaAnalysis_1 = require("../scan/sca/scaAnalysis");
 const telemetry_1 = require("../../telemetry/telemetry");
+const chalk_1 = __importDefault(require("chalk"));
 const processAudit = async (contrastConf, argv) => {
     if (argv.indexOf('--help') != -1) {
         printHelpMessage();
@@ -12,9 +16,15 @@ const processAudit = async (contrastConf, argv) => {
     }
     const config = await (0, auditConfig_1.getAuditConfig)(contrastConf, 'audit', argv);
     await (0, scaAnalysis_1.processSca)(config);
+    postRunMessage();
     await (0, telemetry_1.sendTelemetryConfigAsObject)(config, 'audit', argv, 'SUCCESS', config.language);
 };
 exports.processAudit = processAudit;
 const printHelpMessage = () => {
     console.log(help_1.auditUsageGuide);
 };
+const postRunMessage = () => {
+    console.log('\n' + chalk_1.default.underline.bold('Other Codesec Features:'));
+    console.log("'contrast scan' to run CodeSec’s industry leading SAST scanner");
+    console.log("'contrast lambda' to secure your AWS serverless functions\n");
+};

package/dist/commands/scan/processScan.js

@@ -7,9 +7,12 @@ const { formatScanOutput } = require('../../scan/formatScanOutput');
 const { processSca } = require('./sca/scaAnalysis');
 const common = require('../../common/fail');
 const { sendTelemetryConfigAsObject } = require('../../telemetry/telemetry');
+const chalk = require('chalk');
+const generalAPI = require('../../utils/generalAPI');
 const processScan = async (contrastConf, argv) => {
     let config = await scanConfig.getScanConfig(contrastConf, 'scan', argv);
     let output = undefined;
+    config.mode = await generalAPI.getMode(config);
     if (config.experimental) {
         await processSca(config, argv);
     }
@@ -24,6 +27,12 @@ const processScan = async (contrastConf, argv) => {
     if (config.fail) {
         common.processFail(config, output);
     }
+    postRunMessage();
+};
+const postRunMessage = () => {
+    console.log('\n' + chalk.underline.bold('Other Codesec Features:'));
+    console.log("'contrast audit' to find vulnerabilities in your open source dependencies");
+    console.log("'contrast lambda' to secure your AWS serverless functions\n");
 };
 module.exports = {
     processScan

package/dist/commands/scan/sca/scaAnalysis.js

@@ -18,7 +18,9 @@ const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet');
 const { auditUsageGuide } = require('../../audit/help');
 const rootFile = require('../../../audit/languageAnalysisEngine/getProjectRootFilenames');
 const path = require('path');
+const generalAPI = require('../../../utils/generalAPI');
 const processSca = async (config) => {
+    config.mode = await generalAPI.getMode(config);
     const startTime = performance.now();
     let filesFound;
     if (config.help) {

package/dist/common/HTTPClient.js

@@ -130,9 +130,9 @@ HTTPClient.prototype.getScanProjectById = function getScanProjectById(config) {
     options.url = createScanProjectUrl(config);
     return requestUtils.sendRequest({ method: 'get', options });
 };
-HTTPClient.prototype.getGlobalProperties = function getGlobalProperties() {
+HTTPClient.prototype.getGlobalProperties = function getGlobalProperties(host) {
     const options = _.cloneDeep(this.requestOptions);
-    let url = createGlobalPropertiesUrl(options.uri);
+    let url = createGlobalPropertiesUrl(host);
     options.url = url;
     return requestUtils.sendRequest({ method: 'get', options });
 };
@@ -166,6 +166,25 @@ HTTPClient.prototype.sendSnapshot = function sendSnapshot(requestBody, config) {
     options.body = requestBody;
     return requestUtils.sendRequest({ method: 'post', options });
 };
+HTTPClient.prototype.scaServiceIngest = function scaServiceIngest(requestBody, config) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createScaServiceIngestURL(config);
+    options.url = url;
+    options.body = requestBody;
+    return requestUtils.sendRequest({ method: 'post', options });
+};
+HTTPClient.prototype.scaServiceReport = function scaServiceReport(config, reportId) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createScaServiceReportURL(config, reportId);
+    options.url = url;
+    return requestUtils.sendRequest({ method: 'get', options });
+};
+HTTPClient.prototype.scaServiceReportStatus = function scaServiceReport(config, reportId) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createScaServiceReportStatusURL(config, reportId);
+    options.url = url;
+    return requestUtils.sendRequest({ method: 'get', options });
+};
 HTTPClient.prototype.getReportById = function getReportById(config, reportId) {
     const options = _.cloneDeep(this.requestOptions);
     if (config.ignoreDev) {
@@ -301,6 +320,15 @@ const pollForAuthUrl = () => {
 function createSnapshotURL(config) {
     return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/snapshots`;
 }
+function createScaServiceReportURL(config, reportId) {
+    return ``;
+}
+function createScaServiceReportStatusURL(config, reportId) {
+    return ``;
+}
+function createScaServiceIngestURL(config) {
+    return ``;
+}
 const createAppCreateURL = config => {
     return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/create`;
 };

package/dist/common/errorHandling.js

@@ -47,8 +47,7 @@ const reportFailureError = () => {
     console.log(i18n_1.default.__('auditReportFailureMessage'));
 };
 exports.reportFailureError = reportFailureError;
-const genericError = (missingCliOption) => {
-    console.log(missingCliOption);
+const genericError = () => {
     console.error(i18n_1.default.__('genericErrorMessage'));
     process.exit(1);
 };

package/dist/common/fail.js

@@ -21,11 +21,15 @@ const isSeverityViolation = (severity, reportResults) => {
             count += reportResults.high + reportResults.critical;
             break;
         case 'medium':
-            count += reportResults.medium + reportResults.low + reportResults.critical;
+            count +=
+                reportResults.medium + reportResults.high + reportResults.critical;
             break;
         case 'low':
             count +=
-                reportResults.high + reportResults.critical + reportResults.medium;
+                reportResults.high +
+                    reportResults.critical +
+                    reportResults.medium +
+                    reportResults.low;
             break;
         case 'note':
             if (reportResults.note == reportResults.total) {
@@ -45,7 +49,7 @@ const failPipeline = (message = '') => {
         i18n.__('snapshotFailureHeader') +
         ' *********************************\n' +
         i18n.__(message));
-    process.exit(1);
+    process.exit(2);
 };
 const parseSeverity = severity => {
     const severities = ['NOTE', 'LOW', 'MEDIUM', 'HIGH', 'CRITICAL'];

package/dist/common/versionChecker.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.isCorrectNodeVersion = exports.findLatestCLIVersion = void 0;
+exports.isCorrectNodeVersion = exports.findLatestCLIVersion = exports.getLatestVersion = void 0;
 const constants_1 = require("../constants/constants");
 const boxen_1 = __importDefault(require("boxen"));
 const chalk_1 = __importDefault(require("chalk"));
@@ -19,16 +19,22 @@ const getLatestVersion = async (config) => {
         }
     }
     catch (e) {
-        return;
+        return undefined;
     }
 };
+exports.getLatestVersion = getLatestVersion;
 async function findLatestCLIVersion(config) {
     const isCI = process.env.CONTRAST_CODESEC_CI
-        ? JSON.parse(process.env.CONTRAST_CODESEC_CI)
+        ? JSON.parse(process.env.CONTRAST_CODESEC_CI.toLowerCase())
         : false;
     if (!isCI) {
-        let latestCLIVersion = await getLatestVersion(config);
-        latestCLIVersion = latestCLIVersion.substring(8);
+        let latestCLIVersion = await (0, exports.getLatestVersion)(config);
+        if (latestCLIVersion === undefined) {
+            config.set('numOfRuns', 0);
+            console.log('Failed to retrieve latest version info. Continuing execution.');
+            return;
+        }
+        latestCLIVersion = latestCLIVersion.substring(8).replace('\n', '');
         if (semver_1.default.lt(constants_1.APP_VERSION, latestCLIVersion)) {
             const updateAvailableMessage = `Update available ${chalk_1.default.yellow(constants_1.APP_VERSION)} → ${chalk_1.default.green(latestCLIVersion)}`;
             const npmUpdateAvailableCommand = `Run ${chalk_1.default.cyan('npm i @contrast/contrast -g')} to update via npm`;