@contrast/contrast 1.0.15 → 1.0.17

package/dist/commands/scan/sca/scaAnalysis.js

@@ -1,26 +1,29 @@
 "use strict";
+const { supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET } } = require('../../../constants/constants');
+const { pollForSnapshotCompletion } = require('../../../audit/languageAnalysisEngine/sendSnapshot');
+const { returnOra, startSpinner, succeedSpinner } = require('../../../utils/oraWrapper');
+const { vulnerabilityReportV2 } = require('../../../audit/report/reportingFeature');
 const autoDetection = require('../../../scan/autoDetection');
-const javaAnalysis = require('../../../scaAnalysis/java');
 const treeUpload = require('../../../scaAnalysis/common/treeUpload');
 const auditController = require('../../audit/auditController');
-const { supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET } } = require('../../../constants/constants');
-const goAnalysis = require('../../../scaAnalysis/go/goAnalysis');
-const phpAnalysis = require('../../../scaAnalysis/php/index');
-const { rubyAnalysis } = require('../../../scaAnalysis/ruby');
-const { pythonAnalysis } = require('../../../scaAnalysis/python');
-const javascriptAnalysis = require('../../../scaAnalysis/javascript');
-const { pollForSnapshotCompletition } = require('../../../audit/languageAnalysisEngine/sendSnapshot');
-const { returnOra, startSpinner, succeedSpinner } = require('../../../utils/oraWrapper');
+const rootFile = require('../../../audit/languageAnalysisEngine/getProjectRootFilenames');
+const path = require('path');
 const i18n = require('i18n');
-const { vulnerabilityReportV2 } = require('../../../audit/report/reportingFeature');
 const auditSave = require('../../../audit/save');
-const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet');
 const { auditUsageGuide } = require('../../audit/help');
-const rootFile = require('../../../audit/languageAnalysisEngine/getProjectRootFilenames');
-const path = require('path');
+const repoMode = require('../../../scaAnalysis/repoMode/index');
+const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet');
+const { goAnalysis } = require('../../../scaAnalysis/go/goAnalysis');
+const { phpAnalysis } = require('../../../scaAnalysis/php/index');
+const { rubyAnalysis } = require('../../../scaAnalysis/ruby');
+const { pythonAnalysis } = require('../../../scaAnalysis/python');
+const javaAnalysis = require('../../../scaAnalysis/java');
+const jsAnalysis = require('../../../scaAnalysis/javascript');
 const auditReport = require('../../../scaAnalysis/common/auditReport');
 const scaUpload = require('../../../scaAnalysis/common/scaServicesUpload');
 const settingsHelper = require('../../../utils/settingsHelper');
+const chalk = require('chalk');
+const saveResults = require('../../../scan/saveResults');
 const processSca = async (config) => {
     config = await settingsHelper.getSettings(config);
     const startTime = performance.now();
@@ -35,88 +38,114 @@ const processSca = async (config) => {
     config.file = pathWithFile
         ? rootFile.getDirectoryFromPathGiven(config.file).concat('/')
         : config.file;
-    filesFound = await autoDetection.autoDetectAuditFilesAndLanguages(config.file);
-    if (filesFound.length > 1 && pathWithFile) {
-        filesFound = filesFound.filter(i => Object.values(i)[0].includes(path.basename(config.fileName)));
+    if (config.fingerprint && config.experimental) {
+        let fingerprint = await autoDetection.autoDetectFingerprintInfo(config.file);
+        let idArray = fingerprint.map(x => x.id);
+        await saveResults.writeResultsToFile(fingerprint, 'fingerPrintInfo.json');
+        console.log(idArray);
     }
-    let messageToSend = undefined;
-    if (filesFound.length === 1) {
-        switch (Object.keys(filesFound[0])[0]) {
-            case JAVA:
-                messageToSend = javaAnalysis.javaAnalysis(config, filesFound[0]);
-                config.language = JAVA;
-                break;
-            case JAVASCRIPT:
-                messageToSend = await javascriptAnalysis.jsAnalysis(config, filesFound[0]);
-                config.language = NODE;
-                break;
-            case PYTHON:
-                messageToSend = pythonAnalysis(config, filesFound[0]);
-                config.language = PYTHON;
-                break;
-            case RUBY:
-                messageToSend = rubyAnalysis(config, filesFound[0]);
-                config.language = RUBY;
-                break;
-            case PHP:
-                messageToSend = phpAnalysis.phpAnalysis(config, filesFound[0]);
-                config.language = PHP;
-                break;
-            case GO:
-                messageToSend = goAnalysis.goAnalysis(config, filesFound[0]);
-                config.language = GO;
-                break;
-            case DOTNET:
-                messageToSend = dotNetAnalysis(config, filesFound[0]);
-                config.language = DOTNET;
-                break;
-            default:
-                console.log('No supported language detected in project path');
-                return;
-        }
-        if (!config.applicationId) {
-            config.applicationId = await auditController.dealWithNoAppId(config);
+    else {
+        filesFound = await autoDetection.autoDetectAuditFilesAndLanguages(config.file);
+        if (filesFound.length > 1 && pathWithFile) {
+            filesFound = filesFound.filter(i => Object.values(i)[0].includes(path.basename(config.fileName)));
         }
-        if (config.experimental) {
-            console.log('');
-            const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
-            startSpinner(reportSpinner);
-            const [reports, reportId] = await scaUpload.scaTreeUpload(messageToSend, config);
-            auditReport.processAuditReport(config, reports[0]);
-            succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
-            if (config.save !== undefined) {
-                await auditSave.auditSave(config, reportId);
+        let messageToSend = undefined;
+        if (filesFound.length === 1) {
+            switch (Object.keys(filesFound[0])[0]) {
+                case JAVA:
+                    config.language = JAVA;
+                    if (config.mode === 'repo') {
+                        try {
+                            return repoMode.buildRepo(config, filesFound[0]);
+                        }
+                        catch (e) {
+                            throw new Error('Unable to build in repository mode. Check your project file');
+                        }
+                    }
+                    else {
+                        messageToSend = await javaAnalysis.javaAnalysis(config, filesFound[0]);
+                    }
+                    break;
+                case JAVASCRIPT:
+                    messageToSend = await jsAnalysis.jsAnalysis(config, filesFound[0]);
+                    config.language = NODE;
+                    break;
+                case PYTHON:
+                    messageToSend = pythonAnalysis(config, filesFound[0]);
+                    config.language = PYTHON;
+                    break;
+                case RUBY:
+                    messageToSend = rubyAnalysis(config, filesFound[0]);
+                    config.language = RUBY;
+                    break;
+                case PHP:
+                    messageToSend = phpAnalysis(config, filesFound[0]);
+                    config.language = PHP;
+                    break;
+                case GO:
+                    messageToSend = goAnalysis(config, filesFound[0]);
+                    config.language = GO;
+                    break;
+                case DOTNET:
+                    messageToSend = dotNetAnalysis(config, filesFound[0]);
+                    config.language = DOTNET;
+                    break;
+                default:
+                    console.log('No supported language detected in project path');
+                    return;
             }
-            const endTime = performance.now() - startTime;
-            const scanDurationMs = endTime - startTime;
-            console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
-        }
-        else {
-            console.log('');
-            const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
-            startSpinner(reportSpinner);
-            const snapshotResponse = await treeUpload.commonSendSnapShot(messageToSend, config);
-            await pollForSnapshotCompletition(config, snapshotResponse.id, reportSpinner);
-            succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
-            await vulnerabilityReportV2(config, snapshotResponse.id);
-            if (config.save !== undefined) {
-                await auditSave.auditSave(config);
+            if (!config.applicationId) {
+                config.applicationId = await auditController.dealWithNoAppId(config);
+            }
+            if (config.experimental) {
+                console.log('');
+                const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
+                startSpinner(reportSpinner);
+                const [reports, reportId] = await scaUpload.scaTreeUpload(messageToSend, config);
+                auditReport.processAuditReport(config, reports[0]);
+                succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
+                if (config.save !== undefined) {
+                    await auditSave.auditSave(config, reportId);
+                }
+                else {
+                    console.log('Use contrast audit --save to generate an SBOM');
+                }
+                const endTime = performance.now() - startTime;
+                const scanDurationMs = endTime - startTime;
+                console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
+            }
+            else {
+                console.log('');
+                const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
+                startSpinner(reportSpinner);
+                const snapshotResponse = await treeUpload.commonSendSnapShot(messageToSend, config);
+                await pollForSnapshotCompletion(config, snapshotResponse.id, reportSpinner);
+                succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
+                await vulnerabilityReportV2(config, snapshotResponse.id);
+                if (config.save !== undefined) {
+                    await auditSave.auditSave(config);
+                }
+                else {
+                    console.log('\nUse contrast audit --save to generate an SBOM');
+                }
+                const endTime = performance.now() - startTime;
+                const scanDurationMs = endTime - startTime;
+                console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
             }
-            const endTime = performance.now() - startTime;
-            const scanDurationMs = endTime - startTime;
-            console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
-        }
-    }
-    else {
-        if (filesFound.length === 0) {
-            console.log(i18n.__('languageAnalysisNoLanguage'));
-            console.log(i18n.__('languageAnalysisNoLanguageHelpLine'));
-            throw new Error();
         }
         else {
-            throw new Error(`multiple language files detected \n` +
-                JSON.stringify(filesFound) +
-                `\nplease use --file to audit one language only. Example: contrast audit --file package-lock.json`);
+            if (filesFound.length === 0) {
+                console.log(i18n.__('languageAnalysisNoLanguage'));
+                console.log(i18n.__('languageAnalysisNoLanguageHelpLine'));
+                throw new Error();
+            }
+            else {
+                console.log(chalk.bold(`\nMultiple language files detected \n`));
+                filesFound.forEach(file => {
+                    console.log(`${Object.keys(file)[0]} : `, Object.values(file)[0]);
+                });
+                throw new Error(`Please use --file to audit one language only. \nExample: contrast audit --file package-lock.json`);
+            }
         }
     }
 };

package/dist/common/HTTPClient.js

@@ -34,7 +34,7 @@ HTTPClient.prototype.maybeAddCertsToRequest = function (config) {
     if (caCertFilePath) {
         const caFileContent = fs.readFileSync(caCertFilePath);
         if (caFileContent instanceof Error) {
-            throw new Error(`Unable to read CA from config option contrast.api.certificate.ca_file='${caCertFilePath}', msg: ${caFileContent.message}`);
+            throw new Error(`Unable to read CA from ${caCertFilePath}, msg: ${caFileContent.message}`);
         }
         this.requestOptions.ca = caFileContent;
     }
@@ -332,7 +332,9 @@ function createSnapshotURL(config) {
     return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/snapshots`;
 }
 function createScaServiceReportURL(config, reportId) {
-    return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/applications/${config.applicationId}/reports/${reportId}`;
+    let baseUrl = `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/applications/${config.applicationId}/reports/${reportId}`;
+    baseUrl = config.ignoreDev ? baseUrl.concat('?nodesToInclude=PROD') : baseUrl;
+    return baseUrl;
 }
 function createScaServiceReportStatusURL(config, reportId) {
     return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/ingests/${reportId}/status`;

package/dist/common/commonHelp.js

@@ -1,19 +1,37 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
+const i18n = require('i18n');
+const chalk = require('chalk');
+const commonHelpLinks = () => {
+    return [
+        {
+            header: i18n.__('commonHelpHeader'),
+            content: [
+                i18n.__('commonHelpCheckOutHeader') + i18n.__('commonHelpCheckOutText'),
+                i18n.__('commonHelpLearnMoreHeader') +
+                    i18n.__('commonHelpLearnMoreText'),
+                i18n.__('commonHelpJoinDiscussionHeader') +
+                    i18n.__('commonHelpJoinDiscussionText')
+            ]
+        },
+        {
+            header: i18n.__('commonHelpEnterpriseHeader'),
+            content: [
+                i18n.__('commonHelpLearnMoreEnterpriseHeader') +
+                    i18n.__('commonHelpLearnMoreEnterpriseText')
+            ]
+        }
+    ];
+};
+const postRunMessage = commandName => {
+    console.log('\n' + chalk.underline.bold('Other Features:'));
+    if (commandName !== 'scan')
+        console.log("'contrast scan' to run Contrasts’ industry leading SAST scanner");
+    if (commandName !== 'audit')
+        console.log("'contrast audit' to find vulnerabilities in your open source dependencies");
+    if (commandName !== 'lambda')
+        console.log("'contrast lambda' to secure your AWS serverless functions");
+};
+module.exports = {
+    commonHelpLinks,
+    postRunMessage
 };
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.commonHelpLinks = void 0;
-const i18n_1 = __importDefault(require("i18n"));
-function commonHelpLinks() {
-    return {
-        header: i18n_1.default.__('commonHelpHeader'),
-        content: [
-            i18n_1.default.__('commonHelpCheckOutHeader') + i18n_1.default.__('commonHelpCheckOutText'),
-            i18n_1.default.__('commonHelpLearnMoreHeader') + i18n_1.default.__('commonHelpLearnMoreText'),
-            i18n_1.default.__('commonHelpJoinDiscussionHeader') +
-                i18n_1.default.__('commonHelpJoinDiscussionText')
-        ]
-    };
-}
-exports.commonHelpLinks = commonHelpLinks;

package/dist/common/errorHandling.js

@@ -1,107 +1,63 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.maxAppError = exports.reportFailureError = exports.vulnerabilitiesFailureError = exports.snapshotFailureError = exports.findCommandOnError = exports.libraryAnalysisError = exports.handleResponseErrors = exports.getErrorMessage = exports.generalError = exports.failOptionError = exports.proxyError = exports.forbiddenError = exports.badRequestError = exports.unauthenticatedError = exports.genericError = void 0;
-const i18n_1 = __importDefault(require("i18n"));
-const handleResponseErrors = (res, api) => {
-    if (res.statusCode === 400) {
-        api === 'catalogue' ? badRequestError(true) : badRequestError(false);
-    }
-    else if (res.statusCode === 401) {
-        unauthenticatedError();
-    }
-    else if (res.statusCode === 403) {
-        forbiddenError();
-    }
-    else if (res.statusCode === 407) {
-        proxyError();
-    }
-    else {
-        if (api === 'snapshot' || api === 'catalogue') {
-            snapshotFailureError();
-        }
-        if (api === 'vulnerabilities') {
-            vulnerabilitiesFailureError();
-        }
-        if (api === 'report') {
-            reportFailureError();
-        }
-    }
-};
-exports.handleResponseErrors = handleResponseErrors;
+const i18n = require('i18n');
 const libraryAnalysisError = () => {
-    console.log(i18n_1.default.__('libraryAnalysisError'));
+    console.log(i18n.__('libraryAnalysisError'));
 };
-exports.libraryAnalysisError = libraryAnalysisError;
 const snapshotFailureError = () => {
-    console.log(i18n_1.default.__('snapshotFailureMessage'));
+    console.log(i18n.__('snapshotFailureMessage'));
 };
-exports.snapshotFailureError = snapshotFailureError;
 const vulnerabilitiesFailureError = () => {
-    console.log(i18n_1.default.__('vulnerabilitiesFailureMessage'));
+    console.log(i18n.__('vulnerabilitiesFailureMessage'));
 };
-exports.vulnerabilitiesFailureError = vulnerabilitiesFailureError;
 const reportFailureError = () => {
-    console.log(i18n_1.default.__('auditReportFailureMessage'));
+    console.log(i18n.__('auditReportFailureMessage'));
 };
-exports.reportFailureError = reportFailureError;
 const genericError = () => {
-    console.error(i18n_1.default.__('genericErrorMessage'));
+    console.error(i18n.__('genericErrorMessage'));
     process.exit(1);
 };
-exports.genericError = genericError;
 const unauthenticatedError = () => {
     generalError('unauthenticatedErrorHeader', 'unauthenticatedErrorMessage');
 };
-exports.unauthenticatedError = unauthenticatedError;
-const badRequestError = (catalogue) => {
+const badRequestError = catalogue => {
     catalogue === true
         ? generalError('badRequestErrorHeader', 'badRequestCatalogueErrorMessage')
         : generalError('badRequestErrorHeader', 'badRequestErrorMessage');
 };
-exports.badRequestError = badRequestError;
 const forbiddenError = () => {
     generalError('forbiddenRequestErrorHeader', 'forbiddenRequestErrorMessage');
     process.exit(1);
 };
-exports.forbiddenError = forbiddenError;
 const proxyError = () => {
     generalError('proxyErrorHeader', 'proxyErrorMessage');
 };
-exports.proxyError = proxyError;
 const maxAppError = () => {
     generalError('No applications remaining', 'You have reached the maximum number of application you can create.');
     process.exit(1);
 };
-exports.maxAppError = maxAppError;
 const failOptionError = () => {
     console.log('\n ******************************** ' +
-        i18n_1.default.__('snapshotFailureHeader') +
+        i18n.__('snapshotFailureHeader') +
         ' ********************************\n' +
-        i18n_1.default.__('failOptionErrorMessage'));
+        i18n.__('failOptionErrorMessage'));
 };
-exports.failOptionError = failOptionError;
 const getErrorMessage = (header, message) => {
-    const title = `******************************** ${i18n_1.default.__(header)} ********************************`;
+    const title = `******************************** ${i18n.__(header)} ********************************`;
     const multiLine = message?.includes('\n');
     let finalMessage = '';
     if (multiLine) {
         finalMessage = `\n${message}`;
     }
     else if (message) {
-        finalMessage = `\n${i18n_1.default.__(message)}`;
+        finalMessage = `\n${i18n.__(message)}`;
     }
     return `${title}${finalMessage}`;
 };
-exports.getErrorMessage = getErrorMessage;
 const generalError = (header, message) => {
     const finalMessage = getErrorMessage(header, message);
     console.log(finalMessage);
 };
-exports.generalError = generalError;
-const findCommandOnError = (unknownOptions) => {
+const findCommandOnError = unknownOptions => {
     const commandKeywords = {
         auth: 'auth',
         audit: 'audit',
@@ -115,4 +71,19 @@ const findCommandOnError = (unknownOptions) => {
         return foundCommands[0];
     }
 };
-exports.findCommandOnError = findCommandOnError;
+module.exports = {
+    genericError,
+    unauthenticatedError,
+    badRequestError,
+    forbiddenError,
+    proxyError,
+    failOptionError,
+    generalError,
+    getErrorMessage,
+    libraryAnalysisError,
+    findCommandOnError,
+    snapshotFailureError,
+    vulnerabilitiesFailureError,
+    reportFailureError,
+    maxAppError
+};

package/dist/common/versionChecker.js

@@ -1,20 +1,15 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.isCorrectNodeVersion = exports.findLatestCLIVersion = exports.getLatestVersion = void 0;
-const constants_1 = require("../constants/constants");
-const boxen_1 = __importDefault(require("boxen"));
-const chalk_1 = __importDefault(require("chalk"));
-const semver_1 = __importDefault(require("semver"));
-const commonApi_1 = __importDefault(require("../utils/commonApi"));
-const http2_1 = require("http2");
+const { APP_VERSION } = require('../constants/constants');
+const boxen = require('boxen');
+const chalk = require('chalk');
+const semver = require('semver');
+const commonApi = require('../utils/commonApi');
+const { constants } = require('http2');
 const getLatestVersion = async (config) => {
-    const client = commonApi_1.default.getHttpClient(config);
+    const client = commonApi.getHttpClient(config);
     try {
         const res = await client.getLatestVersion();
-        if (res.statusCode === http2_1.constants.HTTP_STATUS_OK) {
+        if (res.statusCode === constants.HTTP_STATUS_OK) {
             return res.body;
         }
     }
@@ -22,24 +17,23 @@ const getLatestVersion = async (config) => {
         return undefined;
     }
 };
-exports.getLatestVersion = getLatestVersion;
-async function findLatestCLIVersion(config) {
+const findLatestCLIVersion = async (config) => {
     const isCI = process.env.CONTRAST_CODESEC_CI
         ? JSON.parse(process.env.CONTRAST_CODESEC_CI.toLowerCase())
         : false;
     if (!isCI) {
-        let latestCLIVersion = await (0, exports.getLatestVersion)(config);
+        let latestCLIVersion = await getLatestVersion(config);
         if (latestCLIVersion === undefined) {
             config.set('numOfRuns', 0);
             console.log('Failed to retrieve latest version info. Continuing execution.');
             return;
         }
         latestCLIVersion = latestCLIVersion.substring(8).replace('\n', '');
-        if (semver_1.default.lt(constants_1.APP_VERSION, latestCLIVersion)) {
-            const updateAvailableMessage = `Update available ${chalk_1.default.yellow(constants_1.APP_VERSION)} → ${chalk_1.default.green(latestCLIVersion)}`;
-            const npmUpdateAvailableCommand = `Run ${chalk_1.default.cyan('npm i @contrast/contrast -g')} to update via npm`;
-            const homebrewUpdateAvailableCommand = `Run ${chalk_1.default.cyan('brew install contrastsecurity/tap/contrast')} to update via brew`;
-            console.log((0, boxen_1.default)(`${updateAvailableMessage}\n${npmUpdateAvailableCommand}\n\n${homebrewUpdateAvailableCommand}`, {
+        if (semver.lt(APP_VERSION, latestCLIVersion)) {
+            const updateAvailableMessage = `Update available ${chalk.yellow(APP_VERSION)} → ${chalk.green(latestCLIVersion)}`;
+            const npmUpdateAvailableCommand = `Run ${chalk.cyan('npm i @contrast/contrast -g')} to update via npm`;
+            const homebrewUpdateAvailableCommand = `Run ${chalk.cyan('brew install contrastsecurity/tap/contrast')} to update via brew`;
+            console.log(boxen(`${updateAvailableMessage}\n${npmUpdateAvailableCommand}\n\n${homebrewUpdateAvailableCommand}`, {
                 titleAlignment: 'center',
                 margin: 1,
                 padding: 1,
@@ -47,9 +41,12 @@ async function findLatestCLIVersion(config) {
             }));
         }
     }
-}
-exports.findLatestCLIVersion = findLatestCLIVersion;
-async function isCorrectNodeVersion(currentVersion) {
-    return semver_1.default.satisfies(currentVersion, '>=16');
-}
-exports.isCorrectNodeVersion = isCorrectNodeVersion;
+};
+const isCorrectNodeVersion = async (currentVersion) => {
+    return semver.satisfies(currentVersion, '>=16');
+};
+module.exports = {
+    getLatestVersion,
+    findLatestCLIVersion,
+    isCorrectNodeVersion
+};

package/dist/constants/constants.js

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '1.0.15';
+const APP_VERSION = '1.0.17';
 const TIMEOUT = 120000;
 const HIGH_COLOUR = '#ff9900';
 const CRITICAL_COLOUR = '#e35858';

package/dist/constants/locales.js

@@ -90,7 +90,7 @@ const en_locales = () => {
         constantsHelp: 'Display this usage guide.',
         constantsGradleMultiProject: 'Specify the sub project within your gradle application.',
         constantsScan: 'Upload java binaries to the static scan service',
-        constantsWaitForScan: 'Waits for the result of the scan',
+        constantsDoNotWaitForScan: 'Do not wait for the result of the scan',
         constantsProjectName: 'Contrast project name. If not specified, Contrast uses contrast.settings to identify the project or creates a project.',
         constantsProjectId: 'The ID associated with a scan project. Replace <ProjectID> with the ID for the scan project. To find the ID, select a scan project in Contrast and locate the last number in the URL.',
         constantsReport: 'Display vulnerability information for this application',
@@ -133,38 +133,15 @@ const en_locales = () => {
         constantsHowToRunDev1: 'Begin with contrast auth to authenticate the CLI to perform actions',
         constantsHowToRunDev2: 'After successful auth try the following command: contrast scan -f "<file>"',
         constantsHowToRunDev3: 'Allowable languages are java (.jar and .war) and javascript (.js or .zip), if the language is not autodetected please use --language to specify',
-        constantsHowToRunContent1: 'You can run the tool on the command line and manually add the parameters, or you can put the parameters in a YAML file.',
-        constantsHowToRunContent2: 'If you are assessing an application that has not been instrumented by a Contrast agent you must first use the tool to register the application (Catalogue command). This will give you an application ID that you can then use in the Run Command.',
-        constantsHowToRunContent3: 'Allowable language values are JAVA, NODE, PYTHON, RUBY and GO.',
-        constantsManualInputHeader: 'Manual Input of Command:',
-        constantsManualInputCatalogue: 'Catalogue Command:',
-        constantsManualInputCatalogueInstruction: 'To analyse a new application not already instrumented by Contrast, run the following command:',
-        constantsManualInputCatalogueRun: 'After you run this command, you are provided a new application ID in the console. Use this ID in the Run command:',
-        constantsManualInputCatalogueRunTitle: 'Run Command:',
-        constantsManualInputCatalogueRunInstruction: 'To analyse an application catalogued by Contrast, run the following command:',
-        constantsYaml: 'Yaml:',
-        constantsYamlRunCommand: 'After you catalogue your application go to Run Command above.',
         constantsOptions: 'Options',
-        constantsCatalogueCommand: '%s YourApiKey %s YourAuthorizationKey %s YourOrganizationId %s YourHost %s YourApplicationName %s YourApplicationLanguage',
-        constantsRunCommand: '%s YourApiKey %s YourAuthorizationKey %s YourOrganizationId %s YourHost %s YourApplicationId',
         constantsSpecialCharacterWarning: 'Please Note: Parameters may need to be quoted to avoid issues with special characters.',
-        yamlCatalogueCommand: '%s PathToYaml',
-        yamlCommand: '%s PathToYaml',
-        agentProxyAndTlsEnabledError: 'Please Note: We currently do not support having a proxy server and TLS enabled at the same time.',
-        TlsHeader: 'TLS',
-        TlsBody: 'To enable TLS please use the YAML file with the following parameters:',
-        TlsKey: 'key: pathToKey',
-        TlsCert: 'cert: pathToCert',
-        TlsCaCert: 'cacert: pathToCaCert',
+        constantsProxyKey: 'Path to the Certificate Key',
+        constantsProxyCert: 'Path to the Cert file',
+        constantsProxyCaCert: 'Path to the CaCert file',
         goReadProjectFile: 'Failed to read the project file @ "%s" because: "%s"',
-        goAnalysisError: 'GO analysis failed because: ',
-        goParseProjectFile: 'Failed to parse go mod graph output because: ',
-        mavenNotInstalledError: "'mvn' is not available. Please ensure you have Maven installed and available on your path.",
-        mavenDependencyTreeNonZero: 'Building maven dependancy tree failed with a non 0 exit code',
+        mavenDependencyTreeNonZero: 'Building maven dependency tree failed with a non 0 exit code',
         gradleWrapperUnavailable: 'Gradle wrapper not found in root of project. Please ensure gradlew or gradlew.bat is in root of the project.',
-        gradleDependencyTreeNonZero: "Building gradle dependancy tree failed with a non 0 exit code. \n Please check you have the correct version of Java installed to compile your project? \n If running against a muti module project ensure you are using the '--sub-project' flag",
-        yamlPathCamelCaseError: 'Warning: The "yamlPath" parameter will be deprecated in a future release. Please look at our documentation for further guidance.',
-        constantsSbom: 'Generate the Software Bill of Materials (SBOM) for the given application',
+        gradleDependencyTreeNonZero: "Building gradle dependency tree failed with a non 0 exit code. \n Please check you have the correct version of Java installed to compile your project? \n If running against a muti module project ensure you are using the '--sub-project' flag",
         constantsMetadata: 'Define a set of key=value pairs (which conforms to RFC 2253) for specifying user-defined metadata associated with the application.',
         constantsTags: 'Apply labels to an application. Labels must be formatted as a comma-delimited list. Example - label1,label2,label3',
         constantsCode: 'Add the application code this application should use in the Contrast UI',
@@ -174,9 +151,7 @@ const en_locales = () => {
         constantsIgnoreDev: 'Excludes developer dependencies from the results. All dependencies are included by default.',
         constantsCommands: 'Commands',
         constantsScanOptions: 'Scan Options',
-        sbomError: 'All required parameters are not present.',
         sbomRetrievalError: 'Unable to retrieve Software Bill of Materials (SBOM)',
-        ignoreDevDep: 'No private libraries that are not scoped detected',
         foundExistingProjectScan: 'Found existing project...',
         projectCreatedScan: 'Project created',
         uploadingScan: 'Uploading file to scan.',
@@ -190,7 +165,6 @@ const en_locales = () => {
         specifyFileAuditNotFound: 'No files found for library analysis',
         populateProjectIdMessage: 'project ID is %s',
         genericServiceError: 'returned with status code %s',
-        projectIdError: 'Your project ID is %s please check this is correct',
         permissionsError: 'You do not have the correct permissions here. \n Contact support@contrastsecurity.com to get this fixed.',
         scanErrorFileMessage: 'We only accept the following file types: \nJava - .jar, .war \nJavaScript - .js or .zip files',
         helpAuthSummary: 'Authenticate Contrast using your Github or Google account',
@@ -299,6 +273,7 @@ const en_locales = () => {
         auditSBOMSaveSuccess: '\n Software Bill of Materials (SBOM) saved successfully',
         auditNoFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold('No file type specified for --save option to save audit results to. Use audit --help to see valid --save options.')}`,
         auditBadFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold('Bad file type specified for --save option. Use audit --help to see valid --save options.')}`,
+        auditServicesMessageForTS: 'View your vulnerable library list or full dependency tree in Contrast:',
         auditReportWaiting: 'Waiting for report...',
         auditReportFail: 'Report Retrieval Failed, please try again',
         auditReportSuccessMessage: 'Report successfully retrieved',
@@ -306,10 +281,13 @@ const en_locales = () => {
         auditSCAAnalysisBegins: 'Contrast SCA audit started',
         auditSCAAnalysisComplete: 'Contrast audit complete',
         commonHelpHeader: 'Need More Help?',
+        commonHelpEnterpriseHeader: 'Existing Contrast user?',
         commonHelpCheckOutHeader: chalk.hex('#9DC184')('Check out:'),
         commonHelpCheckOutText: ' https://support.contrastsecurity.com',
         commonHelpLearnMoreHeader: chalk.hex('#9DC184')('Learn more at:'),
-        commonHelpLearnMoreText: ' https://developer.contrastsecurity.com',
+        commonHelpLearnMoreEnterpriseHeader: chalk.hex('#9DC184')('Read our docs:'),
+        commonHelpLearnMoreText: ' https://www.contrastsecurity.com/developer ',
+        commonHelpLearnMoreEnterpriseText: ' https://docs.contrastsecurity.com/en/run-contrast-cli.html ',
         commonHelpJoinDiscussionHeader: chalk.hex('#9DC184')('Join the discussion:'),
         commonHelpJoinDiscussionText: ' https://dev.to/codesec',
         ...lambda