@contrast/contrast 1.0.15 → 1.0.17

package/dist/index.js

@@ -9,15 +9,15 @@ const processAudit_1 = require("./commands/audit/processAudit");
 const auth_1 = require("./commands/auth/auth");
 const config_1 = require("./commands/config/config");
 const processScan_1 = require("./commands/scan/processScan");
-const constants_1 = __importDefault(require("./constants"));
-const constants_2 = require("./constants/constants");
+const cliConstants_1 = __importDefault(require("./cliConstants"));
+const constants_1 = require("./constants/constants");
 const lambda_1 = require("./lambda/lambda");
 const getConfig_1 = require("./utils/getConfig");
 const versionChecker_1 = require("./common/versionChecker");
 const errorHandling_1 = require("./common/errorHandling");
 const telemetry_1 = require("./telemetry/telemetry");
-const { commandLineDefinitions: { mainUsageGuide, mainDefinition } } = constants_1.default;
-const config = (0, getConfig_1.localConfig)(constants_2.APP_NAME, constants_2.APP_VERSION);
+const { commandLineDefinitions: { mainUsageGuide, mainDefinition } } = cliConstants_1.default;
+const config = (0, getConfig_1.localConfig)(constants_1.APP_NAME, constants_1.APP_VERSION);
 const getMainOption = () => {
     const mainOptions = (0, command_line_args_1.default)(mainDefinition, {
         stopAtFirstUnknown: true,
@@ -40,7 +40,7 @@ const start = async () => {
             if (command === 'version' ||
                 argvMain.includes('--v') ||
                 argvMain.includes('--version')) {
-                console.log(constants_2.APP_VERSION);
+                console.log(constants_1.APP_VERSION);
                 await (0, versionChecker_1.findLatestCLIVersion)(config);
                 return;
             }

package/dist/lambda/help.js

@@ -81,6 +81,7 @@ const lambdaUsageGuide = (0, command_line_usage_1.default)([
             { name: i18n_1.default.__('lambdaHelpOption'), summary: i18n_1.default.__('helpSummary') }
         ]
     },
-    (0, commonHelp_1.commonHelpLinks)()
+    (0, commonHelp_1.commonHelpLinks)()[0],
+    (0, commonHelp_1.commonHelpLinks)()[1]
 ]);
 exports.lambdaUsageGuide = lambdaUsageGuide;

package/dist/lambda/lambda.js

@@ -23,7 +23,7 @@ const oraWrapper_1 = __importDefault(require("../utils/oraWrapper"));
 const analytics_1 = require("./analytics");
 const types_1 = require("./types");
 const constants_2 = require("../constants/constants");
-const chalk_1 = __importDefault(require("chalk"));
+const commonHelp_1 = require("../common/commonHelp");
 const failedStates = [
     'UNSUPPORTED',
     'EXCLUDED',
@@ -110,7 +110,7 @@ const processLambda = async (argv) => {
         }
         await (0, analytics_1.postAnalytics)(endCommandAnalytics).catch((error) => {
         });
-        postRunMessage();
+        (0, commonHelp_1.postRunMessage)('lambda');
         if (errorMsg) {
             process.exit(1);
         }
@@ -193,8 +193,3 @@ const handleLambdaHelp = () => {
     printHelpMessage();
     process.exit(0);
 };
-const postRunMessage = () => {
-    console.log('\n' + chalk_1.default.underline.bold('Other Codesec Features:'));
-    console.log("'contrast scan' to run CodeSec’s industry leading SAST scanner");
-    console.log("'contrast audit' to find vulnerabilities in your open source dependencies\n");
-};

package/dist/scaAnalysis/common/auditReport.js

@@ -5,6 +5,7 @@ const { assignBySeverity } = require('../../scan/formatScanOutput');
 const chalk = require('chalk');
 const { CE_URL } = require('../../constants/constants');
 const common = require('../../common/fail');
+const i18n = require('i18n');
 const processAuditReport = (config, results) => {
     let severityCounts = {};
     if (results !== undefined) {
@@ -66,8 +67,8 @@ const formatScaServicesReport = (config, results) => {
         console.log(table.toString() + '\n');
         printVulnInfo(projectOverviewCount);
         if (config.host !== CE_URL) {
-            console.log('\n' + chalk.bold('View your full dependency tree in Contrast:'));
-            console.log(`${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${config.applicationId}/libs/dependency-tree`);
+            console.log('\n' + chalk.bold(i18n.__('auditServicesMessageForTS')));
+            console.log(`${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${config.applicationId}/libs`);
         }
         return projectOverviewCount;
     }

package/dist/scaAnalysis/common/scaParserForGoAndJava.js

@@ -11,7 +11,7 @@ const parseDependenciesForSCAServices = dependencyTreeObject => {
                 group: unParsedDependencyTree[dependency].group,
                 version: unParsedDependencyTree[dependency].version,
                 directDependency: unParsedDependencyTree[dependency].type === 'direct',
-                isProduction: true,
+                productionDependency: true,
                 dependencies: subDeps
             };
             parsedDependencyTree[dependency] = parsedDependency;

package/dist/scaAnalysis/java/analysis.js

@@ -1,8 +1,11 @@
 "use strict";
 const child_process = require('child_process');
+const spawn = require('cross-spawn');
 const path = require('path');
 const i18n = require('i18n');
 const fs = require('fs');
+const readLine = require('readline');
+const paramHandler = require('../../utils/paramsUtil/paramHandler');
 const MAVEN = 'maven';
 const GRADLE = 'gradle';
 const determineProjectTypeAndCwd = (files, config) => {
@@ -23,15 +26,20 @@ const determineProjectTypeAndCwd = (files, config) => {
 };
 const buildMaven = (config, projectData, timeout) => {
     let cmdStdout;
-    let mvn_settings = '';
     try {
+        let command = 'mvn';
+        let args = ['dependency:tree', '-B'];
         if (config.mavenSettingsPath) {
-            mvn_settings = ' -s ' + config.mavenSettingsPath;
+            args.push('-s');
+            args.push(config.mavenSettingsPath);
         }
-        cmdStdout = child_process.execSync('mvn dependency:tree -B' + mvn_settings, {
+        cmdStdout = spawn
+            .sync(command, args, {
+            env: process.env,
             cwd: projectData.cwd,
             timeout
-        });
+        })
+            .stdout.toString();
         return cmdStdout.toString();
     }
     catch (err) {
@@ -103,7 +111,34 @@ const getJavaBuildDeps = (config, files) => {
         console.log(err.message.toString());
     }
 };
+const agreementPrompt = async (config) => {
+    const rl = readLine.createInterface({
+        input: process.stdin,
+        output: process.stdout
+    });
+    return new Promise((resolve, reject) => {
+        rl.question('❔ Do you want to continue? Type Y or N', async (input) => {
+            if (input.toLowerCase() === 'yes' || input.toLowerCase() === 'y') {
+                config.javaAgreement = paramHandler.setAgreement(true);
+                rl.close();
+                resolve(config);
+            }
+            else if (input.toLowerCase() === 'no' || input.toLowerCase() === 'n') {
+                rl.close();
+                resolve(process.exit(1));
+            }
+            else {
+                rl.close();
+                console.log('Invalid Input: Exiting');
+                resolve(process.exit(1));
+            }
+        });
+    }).catch(e => {
+        throw e;
+    });
+};
 module.exports = {
     getJavaBuildDeps,
-    determineProjectTypeAndCwd
+    determineProjectTypeAndCwd,
+    agreementPrompt
 };

package/dist/scaAnalysis/java/index.js

@@ -3,10 +3,13 @@ const analysis = require('./analysis');
 const { parseBuildDeps } = require('./javaBuildDepsParser');
 const { createJavaTSMessage } = require('../common/formatMessage');
 const { parseDependenciesForSCAServices } = require('../common/scaParserForGoAndJava');
-const javaAnalysis = (config, languageFiles) => {
+const chalk = require('chalk');
+const _ = require('lodash');
+const javaAnalysis = async (config, languageFiles) => {
     languageFiles.JAVA.forEach(file => {
         file.replace('build.gradle.kts', 'build.gradle');
     });
+    await getAgreement(config);
     const javaDeps = buildJavaTree(config, languageFiles.JAVA);
     if (config.experimental) {
         return parseDependenciesForSCAServices(javaDeps);
@@ -15,10 +18,20 @@ const javaAnalysis = (config, languageFiles) => {
         return createJavaTSMessage(javaDeps);
     }
 };
+const getAgreement = async (config) => {
+    console.log(chalk.bold('Java project detected'));
+    console.log('Java analysis uses maven / gradle which are potentially susceptible to command injection. Be sure that the code you are running Contrast CLI on is trusted before continuing.');
+    if (_.isNil(!process.env.CI) && _.isNil(!config.javaAgreement)) {
+        console.log('should print');
+        return await analysis.agreementPrompt(config);
+    }
+    return config;
+};
 const buildJavaTree = (config, files) => {
     const javaBuildDeps = analysis.getJavaBuildDeps(config, files);
     return parseBuildDeps(config, javaBuildDeps);
 };
 module.exports = {
-    javaAnalysis
+    javaAnalysis,
+    getAgreement
 };

package/dist/scaAnalysis/javascript/scaServiceParser.js

@@ -20,7 +20,7 @@ const npmCreateDepTree = (dependencyTree, combinedPackageJSONDep, packageLock, r
             name: key,
             version: getResolvedVersion(key, packageLock),
             group: null,
-            isProduction: checkIfInPackageJSON(rawNode.packageJSON.dependencies, key),
+            productionDependency: checkIfInPackageJSON(rawNode.packageJSON.dependencies, key),
             directDependency: checkIfInPackageJSON(combinedPackageJSONDep, key),
             dependencies: createNPMChildDependencies(packageLock, key)
         };
@@ -35,7 +35,7 @@ const yarnCreateDepTree = (dependencyTree, combinedPackageJSONDep, packageLock,
             name: gav,
             version: getResolvedVersion(key, packageLock),
             group: null,
-            isProduction: checkIfInPackageJSON(rawNode.packageJSON.dependencies, nag),
+            productionDependency: checkIfInPackageJSON(rawNode.packageJSON.dependencies, nag),
             directDependency: checkIfInPackageJSON(combinedPackageJSONDep, nag),
             dependencies: createChildDependencies(packageLock, key)
         };

package/dist/scaAnalysis/php/phpNewServicesMapper.js

@@ -5,7 +5,7 @@ const parsePHPLockFileForScaServices = phpLockFile => {
     const packagesDev = keyBy(phpLockFile['packages-dev'], 'name');
     return merge(buildDepTree(packages, true), buildDepTree(packagesDev, false));
 };
-const buildDepTree = (packages, isProduction) => {
+const buildDepTree = (packages, productionDependency) => {
     const dependencyTree = {};
     for (const packagesKey in packages) {
         const currentObj = packages[packagesKey];
@@ -16,7 +16,7 @@ const buildDepTree = (packages, isProduction) => {
             name: name,
             version: currentObj.version,
             directDependency: true,
-            isProduction: isProduction,
+            productionDependency: productionDependency,
             dependencies: []
         };
         const mergedChildDeps = merge(buildSubDepsIntoFlatStructure(currentObj.require), buildSubDepsIntoFlatStructure(currentObj['require-dev']));
@@ -39,7 +39,7 @@ const buildSubDepsIntoFlatStructure = childDeps => {
             name: name,
             version: version,
             directDependency: false,
-            isProduction: false,
+            productionDependency: false,
             dependencies: []
         };
     }

package/dist/scaAnalysis/python/analysis.js

@@ -32,7 +32,7 @@ const scaPythonParser = pythonDependencies => {
         pythonParsedDeps[key].version = pythonDependencies[key].version.replace('==', '');
         pythonParsedDeps[key].group = null;
         pythonParsedDeps[key].name = key;
-        pythonParsedDeps[key].isProduction = true;
+        pythonParsedDeps[key].productionDependency = true;
         pythonParsedDeps[key].dependencies = [];
         pythonParsedDeps[key].directDependency = true;
     }

package/dist/scaAnalysis/repoMode/gradleParser.js

@@ -0,0 +1,75 @@
+"use strict";
+const g2js = require('gradle-to-js/lib/parser');
+const readBuildGradleFile = async (project) => {
+    const gradleFilePath = project.cwd + '/build.gradle';
+    return await g2js.parseFile(gradleFilePath);
+};
+const filterGav = (groupId, artifactId, version, gradleJson) => {
+    if (groupId === '') {
+        if (artifactId.includes(':')) {
+            groupId = artifactId.split(':')[0].replace("'", '');
+        }
+    }
+    if (version === '') {
+        if (artifactId.includes(':')) {
+            artifactId.split(':').length > 2
+                ? (version = artifactId.split(':')[2].replace("'", ''))
+                : (version = null);
+        }
+    }
+    if (artifactId.split(':').length > 1) {
+        artifactId = artifactId.split(':')[1].replace("'", '');
+    }
+    if (version === null) {
+        version = getVersion(gradleJson, groupId);
+    }
+    return { groupId, artifactId, version };
+};
+const parseGradleJson = gradleJson => {
+    let deps = gradleJson.dependencies;
+    let dependencyTree = {};
+    if (deps === undefined) {
+        console.log('Unable to find any dependencies in your project file.');
+        process.exit(0);
+    }
+    for (let a in deps) {
+        let dependencyType = deps[a].type;
+        if (dependencyType === 'implementation') {
+            let groupId = deps[a].group;
+            let artifactId = deps[a].name;
+            let version = deps[a].version;
+            let filteredGav = filterGav(groupId, artifactId, version, gradleJson);
+            let depName = filteredGav.groupId +
+                '/' +
+                filteredGav.artifactId +
+                '@' +
+                filteredGav.version;
+            let parsedDependency = {
+                name: filteredGav.artifactId,
+                group: filteredGav.groupId,
+                version: filteredGav.version,
+                directDependency: true,
+                isProduction: true,
+                dependencies: []
+            };
+            dependencyTree[depName] = parsedDependency;
+        }
+    }
+    return dependencyTree;
+};
+const getVersion = (gradleJson, dependencyWithoutVersion) => {
+    let parentVersion = gradleJson.plugins[0].version;
+    let parentGroupName = gradleJson.plugins[0].id;
+    if (parentGroupName === dependencyWithoutVersion) {
+        return parentVersion;
+    }
+    else {
+        return null;
+    }
+};
+module.exports = {
+    readBuildGradleFile,
+    parseGradleJson,
+    getVersion,
+    filterGav
+};

package/dist/scaAnalysis/repoMode/index.js

@@ -0,0 +1,21 @@
+"use strict";
+const mavenParser = require('./mavenParser');
+const gradleParser = require('./gradleParser');
+const { determineProjectTypeAndCwd } = require('../java/analysis');
+const buildRepo = async (config, languageFiles) => {
+    const project = determineProjectTypeAndCwd(languageFiles.JAVA, config);
+    if (project.projectType === 'maven') {
+        let jsonPomFile = mavenParser.readPomFile(project);
+        mavenParser.parsePomFile(jsonPomFile);
+    }
+    else if (project.projectType === 'gradle') {
+        const gradleJson = gradleParser.readBuildGradleFile(project);
+        gradleParser.parseGradleJson(await gradleJson);
+    }
+    else {
+        console.log('Unable to read project files.');
+    }
+};
+module.exports = {
+    buildRepo
+};

package/dist/scaAnalysis/repoMode/mavenParser.js

@@ -0,0 +1,76 @@
+"use strict";
+const fs = require('fs');
+const xml2js = require('xml2js');
+const readPomFile = project => {
+    const mavenFilePath = project.cwd + '/pom.xml';
+    const projectFile = fs.readFileSync(mavenFilePath);
+    let jsonPomFile;
+    xml2js.parseString(projectFile, (err, result) => {
+        if (err) {
+            throw err;
+        }
+        const json = JSON.stringify(result, null);
+        jsonPomFile = JSON.parse(json);
+    });
+    return jsonPomFile;
+};
+const getFromVersionsTag = (dependencyName, versionIdentifier, jsonPomFile) => {
+    let formattedVersion = versionIdentifier.replace(/[{}]/g, '').replace('$', '');
+    if (jsonPomFile.project.properties[0].hasOwnProperty([formattedVersion])) {
+        return jsonPomFile.project.properties[0][formattedVersion][0];
+    }
+    else {
+        return null;
+    }
+};
+const parsePomFile = jsonPomFile => {
+    let dependencyTree = {};
+    let parsedVersion;
+    let dependencies;
+    jsonPomFile.project.hasOwnProperty('dependencies')
+        ? (dependencies = jsonPomFile.project.dependencies[0].dependency)
+        : (dependencies =
+            jsonPomFile.project.dependencyManagement[0].dependencies[0].dependency);
+    for (let x in dependencies) {
+        let dependencyObject = dependencies[x];
+        if (!dependencyObject.hasOwnProperty('version')) {
+            parsedVersion = getVersion(jsonPomFile, dependencyObject);
+        }
+        else {
+            dependencyObject.version[0].includes('${versions.')
+                ? (parsedVersion = getFromVersionsTag(dependencyObject.artifactId[0], dependencyObject.version[0], jsonPomFile))
+                : (parsedVersion = dependencyObject.version[0]);
+        }
+        let depName = dependencyObject.groupId +
+            '/' +
+            dependencyObject.artifactId +
+            '@' +
+            parsedVersion;
+        let parsedDependency = {
+            name: dependencyObject.artifactId[0],
+            group: dependencyObject.groupId[0],
+            version: parsedVersion,
+            directDependency: true,
+            productionDependency: true,
+            dependencies: []
+        };
+        dependencyTree[depName] = parsedDependency;
+    }
+    return dependencyTree;
+};
+const getVersion = (pomFile, dependencyWithoutVersion) => {
+    let parentVersion = pomFile.project.parent[0].version[0];
+    let parentGroupName = pomFile.project.parent[0].groupId[0];
+    if (parentGroupName === dependencyWithoutVersion.groupId[0]) {
+        return parentVersion;
+    }
+    else {
+        return null;
+    }
+};
+module.exports = {
+    readPomFile,
+    getVersion,
+    parsePomFile,
+    getFromVersionsTag
+};

package/dist/scaAnalysis/ruby/analysis.js

@@ -263,25 +263,25 @@ const removeRedundantAndPopulateDefinedElements = deps => {
             delete element.remote;
             delete element.platform;
             element.group = null;
-            element.isProduction = true;
+            element.productionDependency = true;
         }
         if (element.sourceType === 'GEM') {
             element.group = null;
-            element.isProduction = true;
+            element.productionDependency = true;
             delete element.sourceType;
             delete element.remote;
             delete element.platform;
         }
         if (element.sourceType === 'PATH') {
             element.group = null;
-            element.isProduction = true;
+            element.productionDependency = true;
             delete element.platform;
             delete element.sourceType;
             delete element.remote;
         }
         if (element.sourceType === 'BUNDLED WITH') {
             element.group = null;
-            element.isProduction = true;
+            element.productionDependency = true;
             delete element.sourceType;
             delete element.remote;
             delete element.branch;

package/dist/scan/autoDetection.js

@@ -1,8 +1,16 @@
 "use strict";
 const i18n = require('i18n');
 const fileFinder = require('./fileUtils');
-const rootFile = require('../audit/languageAnalysisEngine/getProjectRootFilenames');
-const path = require('path');
+const autoDetectFingerprintInfo = async (filePath) => {
+    let complexObj = await fileFinder.findAllFiles(filePath);
+    let result = [];
+    let count = 0;
+    complexObj.forEach(i => {
+        count++;
+        result.push({ filePath: i, id: count.toString() });
+    });
+    return result;
+};
 const autoDetectFileAndLanguage = async (configToUse) => {
     const entries = await fileFinder.findFile();
     if (entries.length === 1) {
@@ -78,5 +86,6 @@ module.exports = {
     autoDetectFileAndLanguage,
     errorOnFileDetection,
     autoDetectAuditFilesAndLanguages,
-    errorOnAuditFileDetection
+    errorOnAuditFileDetection,
+    autoDetectFingerprintInfo
 };

package/dist/scan/fileUtils.js

@@ -10,6 +10,28 @@ const findFile = async () => {
         onlyFiles: true
     });
 };
+const findAllFiles = async (filePath) => {
+    const result = await fg([
+        '**/pom.xml',
+        '**/build.gradle',
+        '**/build.gradle.kts',
+        '**/package.json',
+        '**/Pipfile',
+        '**/*.csproj',
+        '**/Gemfile',
+        '**/go.mod'
+    ], {
+        dot: false,
+        deep: 2,
+        onlyFiles: true,
+        absolute: true,
+        cwd: filePath ? filePath : process.cwd()
+    });
+    if (result.length > 0) {
+        return result;
+    }
+    return [];
+};
 const findFilesJava = async (languagesFound, filePath) => {
     const result = await fg(['**/pom.xml', '**/build.gradle', '**/build.gradle.kts'], {
         dot: false,
@@ -136,5 +158,6 @@ module.exports = {
     findFilesPhp,
     findFilesRuby,
     findFilesDotNet,
-    fileIsEmpty
+    fileIsEmpty,
+    findAllFiles
 };

package/dist/scan/help.js

@@ -1,7 +1,7 @@
 "use strict";
 const commandLineUsage = require('command-line-usage');
 const i18n = require('i18n');
-const constants = require('../constants');
+const constants = require('../cliConstants');
 const { commonHelpLinks } = require('../common/commonHelp');
 const scanUsageGuide = commandLineUsage([
     {
@@ -36,7 +36,8 @@ const scanUsageGuide = commandLineUsage([
             'application-name'
         ]
     },
-    commonHelpLinks()
+    commonHelpLinks()[0],
+    commonHelpLinks()[1]
 ]);
 module.exports = {
     scanUsageGuide

package/dist/scan/saveResults.js

@@ -3,7 +3,7 @@ const fs = require('fs');
 const writeResultsToFile = async (responseBody, name = 'results.sarif') => {
     try {
         fs.writeFileSync(name, JSON.stringify(responseBody, null, 2));
-        console.log(`Scan Results saved to ${name}`);
+        return name;
     }
     catch (err) {
         console.log('Error writing Scan Results to file');

package/dist/scan/scanConfig.js

@@ -1,6 +1,6 @@
 "use strict";
 const paramHandler = require('../utils/paramsUtil/paramHandler');
-const constants = require('../constants.js');
+const constants = require('../cliConstants.js');
 const path = require('path');
 const { supportedLanguagesScan } = require('../constants/constants');
 const i18n = require('i18n');

package/dist/utils/commonApi.js

@@ -1,6 +1,6 @@
 "use strict";
 const HttpClient = require('./../common/HTTPClient');
-const { badRequestError, unauthenticatedError, forbiddenError, proxyError, genericError, maxAppError } = require('../common/errorHandling');
+const { badRequestError, unauthenticatedError, forbiddenError, proxyError, genericError, maxAppError, snapshotFailureError, vulnerabilitiesFailureError, reportFailureError } = require('../common/errorHandling');
 const handleResponseErrors = (res, api) => {
     if (res.statusCode === 400) {
         api === 'catalogue' ? badRequestError(true) : badRequestError(false);
@@ -18,6 +18,15 @@ const handleResponseErrors = (res, api) => {
         maxAppError();
     }
     else {
+        if (api === 'snapshot' || api === 'catalogue') {
+            snapshotFailureError();
+        }
+        if (api === 'vulnerabilities') {
+            vulnerabilitiesFailureError();
+        }
+        if (api === 'report') {
+            reportFailureError();
+        }
         console.log(res.statusCode);
         genericError(res);
     }

package/dist/utils/generalAPI.js

@@ -1,7 +1,6 @@
 "use strict";
 const { featuresTeamServer } = require('./capabilities');
 const semver = require('semver');
-const { handleResponseErrors } = require('../common/errorHandling');
 const commonApi = require('./commonApi');
 const { isNil } = require('lodash');
 const getGlobalProperties = async (config) => {
@@ -13,7 +12,7 @@ const getGlobalProperties = async (config) => {
             return res.body;
         }
         else {
-            handleResponseErrors(res, 'globalProperties');
+            commonApi.handleResponseErrors(res, 'globalProperties');
         }
     })
         .catch(err => {

package/dist/utils/paramsUtil/configStoreParams.js

@@ -15,4 +15,15 @@ const getAuth = () => {
     }
     return ContrastConfToUse;
 };
-module.exports = { getAuth: getAuth };
+const getAgreement = () => {
+    const ContrastConf = config.localConfig(APP_NAME, APP_VERSION);
+    let ContrastConfToUse = {};
+    ContrastConfToUse.javaAgreement = ContrastConf.get('javaAgreement');
+    return ContrastConfToUse;
+};
+const setAgreement = agreement => {
+    const ContrastConf = config.localConfig(APP_NAME, APP_VERSION);
+    ContrastConf.set('javaAgreement', agreement);
+    return agreement;
+};
+module.exports = { getAuth, getAgreement, setAgreement };

package/dist/utils/paramsUtil/paramHandler.js

@@ -22,4 +22,10 @@ const getAuth = params => {
         process.exit(1);
     }
 };
-module.exports = { getAuth: getAuth };
+const getAgreement = () => {
+    return configStoreParams.getAgreement();
+};
+const setAgreement = answer => {
+    return configStoreParams.setAgreement(answer);
+};
+module.exports = { getAuth, getAgreement, setAgreement };

package/dist/utils/saveFile.js

@@ -8,7 +8,8 @@ const saveScanFile = async (config, scanResults) => {
         const scanId = scanResults.scanDetail.id;
         const client = commonApi.getHttpClient(config);
         const rawResults = await client.getSpecificScanResultSarif(config, scanId);
-        await saveResults.writeResultsToFile(rawResults?.body);
+        const name = await saveResults.writeResultsToFile(rawResults?.body);
+        console.log(`Scan Results saved to ${name}`);
     }
     else {
         console.log(i18n.__('scanNoFiletypeSpecifiedForSave'));