@contrast/contrast 1.0.15 → 1.0.16

package/dist/audit/languageAnalysisEngine/sendSnapshot.js

@@ -28,7 +28,7 @@ const getTimeout = config => {
         return 300;
     }
 };
-const pollForSnapshotCompletition = async (config, snapshotId, reportSpinner) => {
+const pollForSnapshotCompletion = async (config, snapshotId, reportSpinner) => {
     const client = commonApi.getHttpClient(config);
     const startTime = performance.now();
     const timeout = getTimeout(config);
@@ -63,5 +63,5 @@ const pollForSnapshotCompletition = async (config, snapshotId, reportSpinner) =>
     }
 };
 module.exports = {
-    pollForSnapshotCompletition: pollForSnapshotCompletition
+    pollForSnapshotCompletion
 };

package/dist/audit/report/commonReportingFunctions.js

@@ -132,13 +132,7 @@ function buildBody(cveArray, advice) {
 function getIssueRow(cveArray) {
     orderByHighestPriority(cveArray);
     const cveMessagesList = getIssueCveMsgList(cveArray);
-    const cveNumbers = getSeverityCounts(cveArray);
-    const numAndSeverityTypeDesc = getNumOfAndSeverityType(cveNumbers);
-    return [
-        chalk.bold('Issue'),
-        ':',
-        `${numAndSeverityTypeDesc} ${cveMessagesList.join(', ')}`
-    ];
+    return [chalk.bold('Issue'), ':', `${cveMessagesList.join(', ')}`];
 }
 function gatherRemediationAdvice(guidance, libraryName, libraryVersion) {
     const guidanceModel = new ReportGuidanceModel();
@@ -152,17 +146,6 @@ function gatherRemediationAdvice(guidance, libraryName, libraryVersion) {
 function buildFormattedHeaderNum(contrastHeaderNum) {
     return `CONTRAST-${contrastHeaderNum.toString().padStart(3, '0')}`;
 }
-function getNumOfAndSeverityType(cveNumbers) {
-    const { critical, high, medium, low, note } = cveNumbers;
-    const criticalMsg = critical > 0 ? `${critical} Critical | ` : '';
-    const highMsg = high > 0 ? `${high} High | ` : '';
-    const mediumMsg = medium > 0 ? `${medium} Medium | ` : '';
-    const lowMsg = low > 0 ? `${low} Low | ` : '';
-    const noteMsg = note > 0 ? `${note} Note` : '';
-    return `${criticalMsg} ${highMsg} ${mediumMsg} ${lowMsg} ${noteMsg}`
-        .replace(/\s+/g, ' ')
-        .trim();
-}
 const buildFooter = reportModelStructure => {
     const { critical, high, medium, low, note } = countVulnerableLibrariesBySeverity(reportModelStructure);
     const criticalMessage = chalk
@@ -257,7 +240,6 @@ module.exports = {
     getIssueRow,
     gatherRemediationAdvice,
     buildFormattedHeaderNum,
-    getNumOfAndSeverityType,
     getIssueCveMsgList,
     getSeverityCounts,
     printNoVulnFoundMsg,

package/dist/{constants.js → cliConstants.js}

@@ -10,7 +10,46 @@ i18n.configure({
     },
     defaultLocale: 'en'
 });
+const sharedOptionDefinitions = [
+    {
+        name: 'proxy',
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('constantsProxyServer')
+    },
+    {
+        name: 'key',
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('constantsProxyKey')
+    },
+    {
+        name: 'cacert',
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('constantsProxyCaCert')
+    },
+    {
+        name: 'cert',
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}: ' +
+            i18n.__('constantsProxyCert')
+    },
+    {
+        name: 'ignore-cert-errors',
+        type: Boolean,
+        description: '{bold ' +
+            i18n.__('constantsOptional') +
+            '}:' +
+            i18n.__('constantsIgnoreCertErrors')
+    }
+];
 const scanOptionDefinitions = [
+    ...sharedOptionDefinitions,
     {
         name: 'name',
         alias: 'n',
@@ -88,13 +127,6 @@ const scanOptionDefinitions = [
             '}: ' +
             i18n.__('constantsHostId')
     },
-    {
-        name: 'proxy',
-        description: '{bold ' +
-            i18n.__('constantsOptional') +
-            '}: ' +
-            i18n.__('constantsProxyServer')
-    },
     {
         name: 'fail',
         type: Boolean,
@@ -117,15 +149,7 @@ const scanOptionDefinitions = [
         description: '{bold ' +
             i18n.__('constantsOptional') +
             '}: ' +
-            i18n.__('constantsProxyServer')
-    },
-    {
-        name: 'ignore-cert-errors',
-        type: Boolean,
-        description: '{bold ' +
-            i18n.__('constantsOptional') +
-            '}:' +
-            i18n.__('constantsIgnoreCertErrors')
+            i18n.__('constantsDoNotWaitForScan')
     },
     {
         name: 'verbose',
@@ -190,6 +214,7 @@ const configOptionDefinitions = [
     }
 ];
 const auditOptionDefinitions = [
+    ...sharedOptionDefinitions,
     {
         name: 'application-id',
         description: '{bold ' +
@@ -299,21 +324,6 @@ const auditOptionDefinitions = [
             '}: ' +
             i18n.__('constantsHostId')
     },
-    {
-        name: 'proxy',
-        description: '{bold ' +
-            i18n.__('constantsOptional') +
-            '}: ' +
-            i18n.__('constantsProxyServer')
-    },
-    {
-        name: 'ignore-cert-errors',
-        type: Boolean,
-        description: '{bold ' +
-            i18n.__('constantsOptional') +
-            '}:' +
-            i18n.__('constantsIgnoreCertErrors')
-    },
     {
         name: 'save',
         alias: 's',

package/dist/commands/audit/auditConfig.js

@@ -5,10 +5,10 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.getAuditConfig = void 0;
 const paramHandler_1 = __importDefault(require("../../utils/paramsUtil/paramHandler"));
-const constants_1 = __importDefault(require("../../constants"));
+const cliConstants_1 = __importDefault(require("../../cliConstants"));
 const parsedCLIOptions_1 = require("../../utils/parsedCLIOptions");
 const getAuditConfig = async (contrastConf, command, argv) => {
-    const auditParameters = await (0, parsedCLIOptions_1.getCommandLineArgsCustom)(contrastConf, command, argv, constants_1.default.commandLineDefinitions.auditOptionDefinitions);
+    const auditParameters = await (0, parsedCLIOptions_1.getCommandLineArgsCustom)(contrastConf, command, argv, cliConstants_1.default.commandLineDefinitions.auditOptionDefinitions);
     const paramsAuth = paramHandler_1.default.getAuth(auditParameters);
     return { ...paramsAuth, ...auditParameters };
 };

package/dist/commands/audit/help.js

@@ -6,7 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.auditUsageGuide = void 0;
 const command_line_usage_1 = __importDefault(require("command-line-usage"));
 const i18n_1 = __importDefault(require("i18n"));
-const constants_1 = __importDefault(require("../../constants"));
+const cliConstants_1 = __importDefault(require("../../cliConstants"));
 const commonHelp_1 = require("../../common/commonHelp");
 const auditUsageGuide = (0, command_line_usage_1.default)([
     {
@@ -30,7 +30,7 @@ const auditUsageGuide = (0, command_line_usage_1.default)([
     },
     {
         header: i18n_1.default.__('constantsAuditOptions'),
-        optionList: constants_1.default.commandLineDefinitions.auditOptionDefinitions,
+        optionList: cliConstants_1.default.commandLineDefinitions.auditOptionDefinitions,
         hide: [
             'application-id',
             'application-name',

package/dist/commands/auth/auth.js

@@ -8,7 +8,7 @@ const i18n = require('i18n');
 const { returnOra, startSpinner, failSpinner, succeedSpinner } = require('../../utils/oraWrapper');
 const { TIMEOUT, AUTH_UI_URL } = require('../../constants/constants');
 const parsedCLIOptions = require('../../utils/parsedCLIOptions');
-const constants = require('../../constants');
+const constants = require('../../cliConstants');
 const commandLineUsage = require('command-line-usage');
 const processAuth = async (argv, config) => {
     let authParams = await parsedCLIOptions.getCommandLineArgsCustom(config, 'auth', argv, constants.commandLineDefinitions.authOptionDefinitions);

package/dist/commands/config/config.js

@@ -1,6 +1,6 @@
 "use strict";
 const parsedCLIOptions = require('../../utils/parsedCLIOptions');
-const constants = require('../../constants');
+const constants = require('../../cliConstants');
 const commandLineUsage = require('command-line-usage');
 const i18n = require('i18n');
 const processConfig = async (argv, config) => {

package/dist/commands/scan/sca/scaAnalysis.js

@@ -1,26 +1,28 @@
 "use strict";
+const { supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET } } = require('../../../constants/constants');
+const { pollForSnapshotCompletion } = require('../../../audit/languageAnalysisEngine/sendSnapshot');
+const { returnOra, startSpinner, succeedSpinner } = require('../../../utils/oraWrapper');
+const { vulnerabilityReportV2 } = require('../../../audit/report/reportingFeature');
 const autoDetection = require('../../../scan/autoDetection');
-const javaAnalysis = require('../../../scaAnalysis/java');
 const treeUpload = require('../../../scaAnalysis/common/treeUpload');
 const auditController = require('../../audit/auditController');
-const { supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET } } = require('../../../constants/constants');
-const goAnalysis = require('../../../scaAnalysis/go/goAnalysis');
-const phpAnalysis = require('../../../scaAnalysis/php/index');
-const { rubyAnalysis } = require('../../../scaAnalysis/ruby');
-const { pythonAnalysis } = require('../../../scaAnalysis/python');
-const javascriptAnalysis = require('../../../scaAnalysis/javascript');
-const { pollForSnapshotCompletition } = require('../../../audit/languageAnalysisEngine/sendSnapshot');
-const { returnOra, startSpinner, succeedSpinner } = require('../../../utils/oraWrapper');
+const rootFile = require('../../../audit/languageAnalysisEngine/getProjectRootFilenames');
+const path = require('path');
 const i18n = require('i18n');
-const { vulnerabilityReportV2 } = require('../../../audit/report/reportingFeature');
 const auditSave = require('../../../audit/save');
-const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet');
 const { auditUsageGuide } = require('../../audit/help');
-const rootFile = require('../../../audit/languageAnalysisEngine/getProjectRootFilenames');
-const path = require('path');
+const { buildRepo } = require('../../../scaAnalysis/repoMode/index');
+const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet');
+const { goAnalysis } = require('../../../scaAnalysis/go/goAnalysis');
+const { phpAnalysis } = require('../../../scaAnalysis/php/index');
+const { rubyAnalysis } = require('../../../scaAnalysis/ruby');
+const { pythonAnalysis } = require('../../../scaAnalysis/python');
+const javaAnalysis = require('../../../scaAnalysis/java');
+const jsAnalysis = require('../../../scaAnalysis/javascript');
 const auditReport = require('../../../scaAnalysis/common/auditReport');
 const scaUpload = require('../../../scaAnalysis/common/scaServicesUpload');
 const settingsHelper = require('../../../utils/settingsHelper');
+const chalk = require('chalk');
 const processSca = async (config) => {
     config = await settingsHelper.getSettings(config);
     const startTime = performance.now();
@@ -39,6 +41,15 @@ const processSca = async (config) => {
     if (filesFound.length > 1 && pathWithFile) {
         filesFound = filesFound.filter(i => Object.values(i)[0].includes(path.basename(config.fileName)));
     }
+    if (config.mode === 'repo') {
+        try {
+            return buildRepo(config, filesFound[0]);
+        }
+        catch (e) {
+            console.log('Unable to build in repository mode. Check your project file');
+            process.exit(0);
+        }
+    }
     let messageToSend = undefined;
     if (filesFound.length === 1) {
         switch (Object.keys(filesFound[0])[0]) {
@@ -47,7 +58,7 @@ const processSca = async (config) => {
                 config.language = JAVA;
                 break;
             case JAVASCRIPT:
-                messageToSend = await javascriptAnalysis.jsAnalysis(config, filesFound[0]);
+                messageToSend = await jsAnalysis.jsAnalysis(config, filesFound[0]);
                 config.language = NODE;
                 break;
             case PYTHON:
@@ -59,11 +70,11 @@ const processSca = async (config) => {
                 config.language = RUBY;
                 break;
             case PHP:
-                messageToSend = phpAnalysis.phpAnalysis(config, filesFound[0]);
+                messageToSend = phpAnalysis(config, filesFound[0]);
                 config.language = PHP;
                 break;
             case GO:
-                messageToSend = goAnalysis.goAnalysis(config, filesFound[0]);
+                messageToSend = goAnalysis(config, filesFound[0]);
                 config.language = GO;
                 break;
             case DOTNET:
@@ -96,7 +107,7 @@ const processSca = async (config) => {
             const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
             startSpinner(reportSpinner);
             const snapshotResponse = await treeUpload.commonSendSnapShot(messageToSend, config);
-            await pollForSnapshotCompletition(config, snapshotResponse.id, reportSpinner);
+            await pollForSnapshotCompletion(config, snapshotResponse.id, reportSpinner);
             succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
             await vulnerabilityReportV2(config, snapshotResponse.id);
             if (config.save !== undefined) {
@@ -114,9 +125,11 @@ const processSca = async (config) => {
             throw new Error();
         }
         else {
-            throw new Error(`multiple language files detected \n` +
-                JSON.stringify(filesFound) +
-                `\nplease use --file to audit one language only. Example: contrast audit --file package-lock.json`);
+            console.log(chalk.bold(`\nMultiple language files detected \n`));
+            filesFound.forEach(file => {
+                console.log(`${Object.keys(file)[0]} : `, Object.values(file)[0]);
+            });
+            throw new Error(`Please use --file to audit one language only. \nExample: contrast audit --file package-lock.json`);
         }
     }
 };

package/dist/common/HTTPClient.js

@@ -34,7 +34,7 @@ HTTPClient.prototype.maybeAddCertsToRequest = function (config) {
     if (caCertFilePath) {
         const caFileContent = fs.readFileSync(caCertFilePath);
         if (caFileContent instanceof Error) {
-            throw new Error(`Unable to read CA from config option contrast.api.certificate.ca_file='${caCertFilePath}', msg: ${caFileContent.message}`);
+            throw new Error(`Unable to read CA from ${caCertFilePath}, msg: ${caFileContent.message}`);
         }
         this.requestOptions.ca = caFileContent;
     }
@@ -332,7 +332,9 @@ function createSnapshotURL(config) {
     return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/snapshots`;
 }
 function createScaServiceReportURL(config, reportId) {
-    return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/applications/${config.applicationId}/reports/${reportId}`;
+    let baseUrl = `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/applications/${config.applicationId}/reports/${reportId}`;
+    baseUrl = config.ignoreDev ? baseUrl.concat('?nodesToInclude=PROD') : baseUrl;
+    return baseUrl;
 }
 function createScaServiceReportStatusURL(config, reportId) {
     return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/ingests/${reportId}/status`;

package/dist/constants/constants.js

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '1.0.15';
+const APP_VERSION = '1.0.16';
 const TIMEOUT = 120000;
 const HIGH_COLOUR = '#ff9900';
 const CRITICAL_COLOUR = '#e35858';

package/dist/constants/locales.js

@@ -90,7 +90,7 @@ const en_locales = () => {
         constantsHelp: 'Display this usage guide.',
         constantsGradleMultiProject: 'Specify the sub project within your gradle application.',
         constantsScan: 'Upload java binaries to the static scan service',
-        constantsWaitForScan: 'Waits for the result of the scan',
+        constantsDoNotWaitForScan: 'Do not wait for the result of the scan',
         constantsProjectName: 'Contrast project name. If not specified, Contrast uses contrast.settings to identify the project or creates a project.',
         constantsProjectId: 'The ID associated with a scan project. Replace <ProjectID> with the ID for the scan project. To find the ID, select a scan project in Contrast and locate the last number in the URL.',
         constantsReport: 'Display vulnerability information for this application',
@@ -133,38 +133,15 @@ const en_locales = () => {
         constantsHowToRunDev1: 'Begin with contrast auth to authenticate the CLI to perform actions',
         constantsHowToRunDev2: 'After successful auth try the following command: contrast scan -f "<file>"',
         constantsHowToRunDev3: 'Allowable languages are java (.jar and .war) and javascript (.js or .zip), if the language is not autodetected please use --language to specify',
-        constantsHowToRunContent1: 'You can run the tool on the command line and manually add the parameters, or you can put the parameters in a YAML file.',
-        constantsHowToRunContent2: 'If you are assessing an application that has not been instrumented by a Contrast agent you must first use the tool to register the application (Catalogue command). This will give you an application ID that you can then use in the Run Command.',
-        constantsHowToRunContent3: 'Allowable language values are JAVA, NODE, PYTHON, RUBY and GO.',
-        constantsManualInputHeader: 'Manual Input of Command:',
-        constantsManualInputCatalogue: 'Catalogue Command:',
-        constantsManualInputCatalogueInstruction: 'To analyse a new application not already instrumented by Contrast, run the following command:',
-        constantsManualInputCatalogueRun: 'After you run this command, you are provided a new application ID in the console. Use this ID in the Run command:',
-        constantsManualInputCatalogueRunTitle: 'Run Command:',
-        constantsManualInputCatalogueRunInstruction: 'To analyse an application catalogued by Contrast, run the following command:',
-        constantsYaml: 'Yaml:',
-        constantsYamlRunCommand: 'After you catalogue your application go to Run Command above.',
         constantsOptions: 'Options',
-        constantsCatalogueCommand: '%s YourApiKey %s YourAuthorizationKey %s YourOrganizationId %s YourHost %s YourApplicationName %s YourApplicationLanguage',
-        constantsRunCommand: '%s YourApiKey %s YourAuthorizationKey %s YourOrganizationId %s YourHost %s YourApplicationId',
         constantsSpecialCharacterWarning: 'Please Note: Parameters may need to be quoted to avoid issues with special characters.',
-        yamlCatalogueCommand: '%s PathToYaml',
-        yamlCommand: '%s PathToYaml',
-        agentProxyAndTlsEnabledError: 'Please Note: We currently do not support having a proxy server and TLS enabled at the same time.',
-        TlsHeader: 'TLS',
-        TlsBody: 'To enable TLS please use the YAML file with the following parameters:',
-        TlsKey: 'key: pathToKey',
-        TlsCert: 'cert: pathToCert',
-        TlsCaCert: 'cacert: pathToCaCert',
+        constantsProxyKey: 'Path to the Certificate Key',
+        constantsProxyCert: 'Path to the Cert file',
+        constantsProxyCaCert: 'Path to the CaCert file',
         goReadProjectFile: 'Failed to read the project file @ "%s" because: "%s"',
-        goAnalysisError: 'GO analysis failed because: ',
-        goParseProjectFile: 'Failed to parse go mod graph output because: ',
-        mavenNotInstalledError: "'mvn' is not available. Please ensure you have Maven installed and available on your path.",
         mavenDependencyTreeNonZero: 'Building maven dependancy tree failed with a non 0 exit code',
         gradleWrapperUnavailable: 'Gradle wrapper not found in root of project. Please ensure gradlew or gradlew.bat is in root of the project.',
         gradleDependencyTreeNonZero: "Building gradle dependancy tree failed with a non 0 exit code. \n Please check you have the correct version of Java installed to compile your project? \n If running against a muti module project ensure you are using the '--sub-project' flag",
-        yamlPathCamelCaseError: 'Warning: The "yamlPath" parameter will be deprecated in a future release. Please look at our documentation for further guidance.',
-        constantsSbom: 'Generate the Software Bill of Materials (SBOM) for the given application',
         constantsMetadata: 'Define a set of key=value pairs (which conforms to RFC 2253) for specifying user-defined metadata associated with the application.',
         constantsTags: 'Apply labels to an application. Labels must be formatted as a comma-delimited list. Example - label1,label2,label3',
         constantsCode: 'Add the application code this application should use in the Contrast UI',
@@ -174,9 +151,7 @@ const en_locales = () => {
         constantsIgnoreDev: 'Excludes developer dependencies from the results. All dependencies are included by default.',
         constantsCommands: 'Commands',
         constantsScanOptions: 'Scan Options',
-        sbomError: 'All required parameters are not present.',
         sbomRetrievalError: 'Unable to retrieve Software Bill of Materials (SBOM)',
-        ignoreDevDep: 'No private libraries that are not scoped detected',
         foundExistingProjectScan: 'Found existing project...',
         projectCreatedScan: 'Project created',
         uploadingScan: 'Uploading file to scan.',
@@ -190,7 +165,6 @@ const en_locales = () => {
         specifyFileAuditNotFound: 'No files found for library analysis',
         populateProjectIdMessage: 'project ID is %s',
         genericServiceError: 'returned with status code %s',
-        projectIdError: 'Your project ID is %s please check this is correct',
         permissionsError: 'You do not have the correct permissions here. \n Contact support@contrastsecurity.com to get this fixed.',
         scanErrorFileMessage: 'We only accept the following file types: \nJava - .jar, .war \nJavaScript - .js or .zip files',
         helpAuthSummary: 'Authenticate Contrast using your Github or Google account',
@@ -299,6 +273,7 @@ const en_locales = () => {
         auditSBOMSaveSuccess: '\n Software Bill of Materials (SBOM) saved successfully',
         auditNoFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold('No file type specified for --save option to save audit results to. Use audit --help to see valid --save options.')}`,
         auditBadFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold('Bad file type specified for --save option. Use audit --help to see valid --save options.')}`,
+        auditServicesMessageForTS: 'View your vulnerable library list or full dependency tree in Contrast:',
         auditReportWaiting: 'Waiting for report...',
         auditReportFail: 'Report Retrieval Failed, please try again',
         auditReportSuccessMessage: 'Report successfully retrieved',

package/dist/index.js

@@ -9,15 +9,15 @@ const processAudit_1 = require("./commands/audit/processAudit");
 const auth_1 = require("./commands/auth/auth");
 const config_1 = require("./commands/config/config");
 const processScan_1 = require("./commands/scan/processScan");
-const constants_1 = __importDefault(require("./constants"));
-const constants_2 = require("./constants/constants");
+const cliConstants_1 = __importDefault(require("./cliConstants"));
+const constants_1 = require("./constants/constants");
 const lambda_1 = require("./lambda/lambda");
 const getConfig_1 = require("./utils/getConfig");
 const versionChecker_1 = require("./common/versionChecker");
 const errorHandling_1 = require("./common/errorHandling");
 const telemetry_1 = require("./telemetry/telemetry");
-const { commandLineDefinitions: { mainUsageGuide, mainDefinition } } = constants_1.default;
-const config = (0, getConfig_1.localConfig)(constants_2.APP_NAME, constants_2.APP_VERSION);
+const { commandLineDefinitions: { mainUsageGuide, mainDefinition } } = cliConstants_1.default;
+const config = (0, getConfig_1.localConfig)(constants_1.APP_NAME, constants_1.APP_VERSION);
 const getMainOption = () => {
     const mainOptions = (0, command_line_args_1.default)(mainDefinition, {
         stopAtFirstUnknown: true,
@@ -40,7 +40,7 @@ const start = async () => {
             if (command === 'version' ||
                 argvMain.includes('--v') ||
                 argvMain.includes('--version')) {
-                console.log(constants_2.APP_VERSION);
+                console.log(constants_1.APP_VERSION);
                 await (0, versionChecker_1.findLatestCLIVersion)(config);
                 return;
             }

package/dist/scaAnalysis/common/auditReport.js

@@ -5,6 +5,7 @@ const { assignBySeverity } = require('../../scan/formatScanOutput');
 const chalk = require('chalk');
 const { CE_URL } = require('../../constants/constants');
 const common = require('../../common/fail');
+const i18n = require('i18n');
 const processAuditReport = (config, results) => {
     let severityCounts = {};
     if (results !== undefined) {
@@ -66,8 +67,8 @@ const formatScaServicesReport = (config, results) => {
         console.log(table.toString() + '\n');
         printVulnInfo(projectOverviewCount);
         if (config.host !== CE_URL) {
-            console.log('\n' + chalk.bold('View your full dependency tree in Contrast:'));
-            console.log(`${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${config.applicationId}/libs/dependency-tree`);
+            console.log('\n' + chalk.bold(i18n.__('auditServicesMessageForTS')));
+            console.log(`${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${config.applicationId}/libs`);
         }
         return projectOverviewCount;
     }

package/dist/scaAnalysis/common/scaParserForGoAndJava.js

@@ -11,7 +11,7 @@ const parseDependenciesForSCAServices = dependencyTreeObject => {
                 group: unParsedDependencyTree[dependency].group,
                 version: unParsedDependencyTree[dependency].version,
                 directDependency: unParsedDependencyTree[dependency].type === 'direct',
-                isProduction: true,
+                productionDependency: true,
                 dependencies: subDeps
             };
             parsedDependencyTree[dependency] = parsedDependency;

package/dist/scaAnalysis/javascript/scaServiceParser.js

@@ -20,7 +20,7 @@ const npmCreateDepTree = (dependencyTree, combinedPackageJSONDep, packageLock, r
             name: key,
             version: getResolvedVersion(key, packageLock),
             group: null,
-            isProduction: checkIfInPackageJSON(rawNode.packageJSON.dependencies, key),
+            productionDependency: checkIfInPackageJSON(rawNode.packageJSON.dependencies, key),
             directDependency: checkIfInPackageJSON(combinedPackageJSONDep, key),
             dependencies: createNPMChildDependencies(packageLock, key)
         };
@@ -35,7 +35,7 @@ const yarnCreateDepTree = (dependencyTree, combinedPackageJSONDep, packageLock,
             name: gav,
             version: getResolvedVersion(key, packageLock),
             group: null,
-            isProduction: checkIfInPackageJSON(rawNode.packageJSON.dependencies, nag),
+            productionDependency: checkIfInPackageJSON(rawNode.packageJSON.dependencies, nag),
             directDependency: checkIfInPackageJSON(combinedPackageJSONDep, nag),
             dependencies: createChildDependencies(packageLock, key)
         };

package/dist/scaAnalysis/php/phpNewServicesMapper.js

@@ -5,7 +5,7 @@ const parsePHPLockFileForScaServices = phpLockFile => {
     const packagesDev = keyBy(phpLockFile['packages-dev'], 'name');
     return merge(buildDepTree(packages, true), buildDepTree(packagesDev, false));
 };
-const buildDepTree = (packages, isProduction) => {
+const buildDepTree = (packages, productionDependency) => {
     const dependencyTree = {};
     for (const packagesKey in packages) {
         const currentObj = packages[packagesKey];
@@ -16,7 +16,7 @@ const buildDepTree = (packages, isProduction) => {
             name: name,
             version: currentObj.version,
             directDependency: true,
-            isProduction: isProduction,
+            productionDependency: productionDependency,
             dependencies: []
         };
         const mergedChildDeps = merge(buildSubDepsIntoFlatStructure(currentObj.require), buildSubDepsIntoFlatStructure(currentObj['require-dev']));
@@ -39,7 +39,7 @@ const buildSubDepsIntoFlatStructure = childDeps => {
             name: name,
             version: version,
             directDependency: false,
-            isProduction: false,
+            productionDependency: false,
             dependencies: []
         };
     }

package/dist/scaAnalysis/python/analysis.js

@@ -32,7 +32,7 @@ const scaPythonParser = pythonDependencies => {
         pythonParsedDeps[key].version = pythonDependencies[key].version.replace('==', '');
         pythonParsedDeps[key].group = null;
         pythonParsedDeps[key].name = key;
-        pythonParsedDeps[key].isProduction = true;
+        pythonParsedDeps[key].productionDependency = true;
         pythonParsedDeps[key].dependencies = [];
         pythonParsedDeps[key].directDependency = true;
     }

package/dist/scaAnalysis/repoMode/gradleParser.js

@@ -0,0 +1,75 @@
+"use strict";
+const g2js = require('gradle-to-js/lib/parser');
+const readBuildGradleFile = async (project) => {
+    const gradleFilePath = project.cwd + '/build.gradle';
+    return await g2js.parseFile(gradleFilePath);
+};
+const filterGav = (groupId, artifactId, version, gradleJson) => {
+    if (groupId === '') {
+        if (artifactId.includes(':')) {
+            groupId = artifactId.split(':')[0].replace("'", '');
+        }
+    }
+    if (version === '') {
+        if (artifactId.includes(':')) {
+            artifactId.split(':').length > 2
+                ? (version = artifactId.split(':')[2].replace("'", ''))
+                : (version = null);
+        }
+    }
+    if (artifactId.split(':').length > 1) {
+        artifactId = artifactId.split(':')[1].replace("'", '');
+    }
+    if (version === null) {
+        version = getVersion(gradleJson, groupId);
+    }
+    return { groupId, artifactId, version };
+};
+const parseGradleJson = gradleJson => {
+    let deps = gradleJson.dependencies;
+    let dependencyTree = {};
+    if (deps === undefined) {
+        console.log('Unable to find any dependencies in your project file.');
+        process.exit(0);
+    }
+    for (let a in deps) {
+        let dependencyType = deps[a].type;
+        if (dependencyType === 'implementation') {
+            let groupId = deps[a].group;
+            let artifactId = deps[a].name;
+            let version = deps[a].version;
+            let filteredGav = filterGav(groupId, artifactId, version, gradleJson);
+            let depName = filteredGav.groupId +
+                '/' +
+                filteredGav.artifactId +
+                '@' +
+                filteredGav.version;
+            let parsedDependency = {
+                name: filteredGav.artifactId,
+                group: filteredGav.groupId,
+                version: filteredGav.version,
+                directDependency: true,
+                isProduction: true,
+                dependencies: []
+            };
+            dependencyTree[depName] = parsedDependency;
+        }
+    }
+    return dependencyTree;
+};
+const getVersion = (gradleJson, dependencyWithoutVersion) => {
+    let parentVersion = gradleJson.plugins[0].version;
+    let parentGroupName = gradleJson.plugins[0].id;
+    if (parentGroupName === dependencyWithoutVersion) {
+        return parentVersion;
+    }
+    else {
+        return null;
+    }
+};
+module.exports = {
+    readBuildGradleFile,
+    parseGradleJson,
+    getVersion,
+    filterGav
+};

package/dist/scaAnalysis/repoMode/index.js

@@ -0,0 +1,21 @@
+"use strict";
+const mavenParser = require('./mavenParser');
+const gradleParser = require('./gradleParser');
+const { determineProjectTypeAndCwd } = require('../java/analysis');
+const buildRepo = async (config, languageFiles) => {
+    const project = determineProjectTypeAndCwd(languageFiles.JAVA, config);
+    if (project.projectType === 'maven') {
+        let jsonPomFile = mavenParser.readPomFile(project);
+        mavenParser.parsePomFile(jsonPomFile);
+    }
+    else if (project.projectType === 'gradle') {
+        const gradleJson = gradleParser.readBuildGradleFile(project);
+        gradleParser.parseGradleJson(await gradleJson);
+    }
+    else {
+        console.log('Unable to read project files.');
+    }
+};
+module.exports = {
+    buildRepo
+};