@contrast/contrast 1.0.2 → 1.0.5

package/src/index.ts

@@ -7,8 +7,11 @@ import constants from './constants'
 import { APP_NAME, APP_VERSION } from './constants/constants'
 import { processLambda } from './lambda/lambda'
 import { localConfig } from './utils/getConfig'
-import findLatestCLIVersion from './common/findLatestCLIVersion'
-import { approximateCommandOnError } from './common/errorHandling'
+import {
+  findLatestCLIVersion,
+  isCorrectNodeVersion
+} from './common/versionChecker'
+import { findCommandOnError } from './common/errorHandling'
 
 const {
   commandLineDefinitions: { mainUsageGuide, mainDefinition }
@@ -31,49 +34,72 @@ const getMainOption = () => {
 }
 
 const start = async () => {
-  const { mainOptions, argv: argvMain } = getMainOption()
-  const command =
-    mainOptions.command != undefined ? mainOptions.command.toLowerCase() : ''
-  if (
-    command === 'version' ||
-    argvMain.includes('--v') ||
-    argvMain.includes('--version')
-  ) {
-    console.log(APP_VERSION)
-    return
-  }
+  if (await isCorrectNodeVersion(process.version)) {
+    const { mainOptions, argv: argvMain } = getMainOption()
+    const command =
+      mainOptions.command != undefined ? mainOptions.command.toLowerCase() : ''
+    if (
+      command === 'version' ||
+      argvMain.includes('--v') ||
+      argvMain.includes('--version')
+    ) {
+      console.log(APP_VERSION)
+      await findLatestCLIVersion(config.get('updateMessageHidden') as boolean)
+      return
+    }
 
-  await findLatestCLIVersion()
+    // @ts-ignore
+    config.set('numOfRuns', config.get('numOfRuns') + 1)
 
-  if (command === 'config') {
-    return processConfig(argvMain, config)
-  }
+    // @ts-ignore
+    if (config.get('numOfRuns') >= 5) {
+      await findLatestCLIVersion(config.get('updateMessageHidden') as boolean)
+      config.set('numOfRuns', 0)
+    }
 
-  if (command === 'auth') {
-    return await processAuth(config)
-  }
+    if (command === 'config') {
+      return processConfig(argvMain, config)
+    }
 
-  if (command === 'lambda') {
-    return await processLambda(argvMain)
-  }
+    if (command === 'auth') {
+      return await processAuth(argvMain, config)
+    }
 
-  if (command === 'scan') {
-    return await processScan(argvMain)
-  }
+    if (command === 'lambda') {
+      return await processLambda(argvMain)
+    }
 
-  if (command === 'audit') {
-    return await processAudit(argvMain)
-  }
+    if (command === 'scan') {
+      return await processScan(argvMain)
+    }
+
+    if (command === 'audit') {
+      return await processAudit(argvMain)
+    }
 
-  if (
-    command === 'help' ||
-    argvMain.includes('--help') ||
-    Object.keys(mainOptions).length === 0
-  ) {
-    console.log(mainUsageGuide)
+    if (
+      command === 'help' ||
+      argvMain.includes('--help') ||
+      Object.keys(mainOptions).length === 0
+    ) {
+      console.log(mainUsageGuide)
+    } else if (mainOptions._unknown !== undefined) {
+      const foundCommand = findCommandOnError(mainOptions._unknown)
+
+      foundCommand
+        ? console.log(
+            `Unknown Command: Did you mean "${foundCommand}"? \nUse "${foundCommand} --help" for the full list of options`
+          )
+        : console.log(
+            `Unknown Command: ${command} \nUse --help for the full list`
+          )
+    } else {
+      console.log(`Unknown Command: ${command} \nUse --help for the full list`)
+    }
+    process.exit(9)
   } else {
     console.log(
-      'Unknown Command: ' + command + ' \nUse --help for the full list'
+      'Contrast supports Node versions >=16.13.2 <17. Please use one of those versions.'
     )
     process.exit(9)
   }

package/src/lambda/help.ts

@@ -8,7 +8,15 @@ const lambdaUsageGuide = commandLineUsage([
   },
   {
     header: i18n.__('constantsPrerequisitesHeader'),
-    content: [i18n.__('lambdaPrerequisitesContent')]
+    content: [
+      '{bold ' +
+        i18n.__('lambdaPrerequisitesContentLambdaLanguages') +
+        '}\n\n' +
+        '{bold ' +
+        i18n.__('lambdaPrerequisitesContentLambdaDescriptionTitle') +
+        '}' +
+        i18n.__('lambdaPrerequisitesContentLambdaDescription')
+    ]
   },
   {
     header: i18n.__('constantsUsage'),
@@ -18,49 +26,49 @@ const lambdaUsageGuide = commandLineUsage([
     header: i18n.__('constantsOptions'),
     content: [
       {
-        name: i18n.__('lambdaFunctionNameOption'),
+        name: '{bold ' + i18n.__('lambdaFunctionNameOption') + '}',
         summary: i18n.__('lambdaFunctionNameSummery')
       },
       {
-        name: i18n.__('lambdaListFunctionsOption'),
+        name: '{bold ' + i18n.__('lambdaListFunctionsOption') + '}',
         summary: i18n.__('lambdaListFunctionsSummery')
       },
       {
-        name: i18n.__('lambdaEndpointOption'),
+        name: '{bold ' + i18n.__('lambdaEndpointOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaEndpointSummery')
       },
       {
-        name: i18n.__('lambdaRegionOption'),
+        name: '{bold ' + i18n.__('lambdaRegionOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaRegionSummery')
       },
       {
-        name: i18n.__('lambdaProfileOption'),
+        name: '{bold ' + i18n.__('lambdaProfileOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaProfileSummery')
       },
       {
-        name: i18n.__('lambdaJsonOption'),
+        name: '{bold ' + i18n.__('lambdaJsonOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaJsonSummery')
       },
       {
-        name: i18n.__('lambdaVerboseOption'),
+        name: '{bold ' + i18n.__('lambdaVerboseOption') + '}',
         summary:
-          '{italic ' +
+          '{bold ' +
           i18n.__('constantsOptional') +
           '}: ' +
           i18n.__('lambdaVerbosSummery')
@@ -73,7 +81,7 @@ const lambdaUsageGuide = commandLineUsage([
     ]
   },
   {
-    content: '{underline https://www.contrastsecurity.com}'
+    content: '{underline https://www.contrastsecurity.com/developer/codesec}'
   }
 ])
 

package/src/lambda/lambda.ts

@@ -12,6 +12,8 @@ import { requestScanFunctionPost } from './scanRequest'
 import { getScanResults } from './scanResults'
 import { printResults } from './utils'
 import { getAllLambdas, printAvailableLambdas } from './lambdaUtils'
+import { sleep } from '../utils/requestUtils'
+import ora from '../utils/oraWrapper'
 
 type LambdaOptions = {
   functionName?: string
@@ -123,6 +125,12 @@ const actualProcessLambda = async (lambdaOptions: LambdaOptions) => {
     })
   }
 
+  // Wait to make sure we will have all the results
+  const startGetherResultsSpinner = ora.returnOra(i18n.__('gatherResults'))
+  ora.startSpinner(startGetherResultsSpinner)
+  await sleep(15 * 1000)
+  ora.succeedSpinner(startGetherResultsSpinner, 'Done gathering results')
+
   const resultsResponse = await getScanResults(
     auth,
     params,

package/src/sbom/generateSbom.ts

@@ -0,0 +1,17 @@
+import { getHttpClient } from '../utils/commonApi'
+
+export default function generateSbom(config: any) {
+  const client = getHttpClient(config)
+  return client
+    .getSbom(config)
+    .then((res: { statusCode: number; body: any }) => {
+      if (res.statusCode === 200) {
+        return res.body
+      } else {
+        console.log('Unable to retrieve Software Bill of Materials (SBOM)')
+      }
+    })
+    .catch((err: any) => {
+      console.log(err)
+    })
+}

package/src/scaAnalysis/common/formatMessage.js

@@ -0,0 +1,10 @@
+const createJavaTSMessage = javaTree => {
+  return {
+    java: {
+      mavenDependencyTrees: javaTree
+    }
+  }
+}
+module.exports = {
+  createJavaTSMessage
+}

package/src/scaAnalysis/common/treeUpload.js

@@ -0,0 +1,34 @@
+const { getHttpClient } = require('../../utils/commonApi')
+const { handleResponseErrors } = require('../../common/errorHandling')
+const { APP_VERSION } = require('../../constants/constants')
+
+const commonSendSnapShot = async (analysis, config) => {
+  const requestBody = {
+    appID: config.applicationId,
+    cliVersion: APP_VERSION,
+    snapshot: analysis
+  }
+
+  //console.log(JSON.stringify(analysis))
+
+  //console.log(JSON.stringify(requestBody))
+  const client = getHttpClient(config)
+  return client
+    .sendSnapshot(requestBody, config)
+    .then(res => {
+      if (res.statusCode === 201) {
+        console.log('snapshot processed successfully')
+        return res.body
+      } else {
+        console.log(res.statusCode)
+        handleResponseErrors(res, 'snapshot')
+      }
+    })
+    .catch(err => {
+      console.log(err)
+    })
+}
+
+module.exports = {
+  commonSendSnapShot
+}

package/src/scaAnalysis/java/analysis.js

@@ -0,0 +1,159 @@
+const child_process = require('child_process')
+const path = require('path')
+const i18n = require('i18n')
+const fs = require('fs')
+
+const MAVEN = 'maven'
+const GRADLE = 'gradle'
+
+const determineProjectTypeAndCwd = (files, projectPath) => {
+  const projectData = {}
+
+  if (files[0].includes('pom.xml')) {
+    projectData.projectType = MAVEN
+    projectData.cwd = projectPath
+      ? projectPath
+      : files[0].replace('pom.xml', '')
+  } else if (files[0].includes('build.gradle')) {
+    projectData.projectType = GRADLE
+    projectData.cwd = projectPath
+      ? projectPath
+      : files[0].replace('pom.xml', '')
+  }
+
+  return projectData
+}
+
+const buildMaven = async (config, projectData, timeout) => {
+  let cmdStdout
+  let mvn_settings = ''
+
+  try {
+    // Allow users to provide a custom location for their settings.xml
+    if (config.mavenSettingsPath) {
+      mvn_settings = ' -s ' + config.mavenSettingsPath
+    }
+    cmdStdout = child_process.execSync(
+      'mvn dependency:tree -B' + mvn_settings,
+      {
+        cwd: projectData.cwd,
+        timeout
+      }
+    )
+    // output.mvnDependancyTreeOutput = cmdStdout.toString()
+    // console.log(cmdStdout.toString())
+    return cmdStdout.toString()
+  } catch (err) {
+    try {
+      child_process.execSync('mvn --version', {
+        cwd: projectData.cwd,
+        timeout
+      })
+      throw new Error(
+        i18n.__('mavenDependencyTreeNonZero', projectData.cwd, `${err.message}`)
+      )
+    } catch (mvnErr) {
+      throw new Error(
+        i18n.__('mavenNotInstalledError', projectData.cwd, `${mvnErr.message}`)
+      )
+    }
+  }
+}
+
+const buildGradle = (config, projectData, timeout) => {
+  let cmdStdout
+  let output = {}
+
+  try {
+    // path.sep is user here to either execute as "./gradlew" for UNIX/Linux/MacOS
+    // & ".\gradlew" for Windows
+    // Check if the user has specified a sub-project
+    if (config.subProject) {
+      cmdStdout = child_process.execSync(
+        '.' +
+          path.sep +
+          'gradlew :' +
+          config.subProject +
+          ':dependencies --configuration runtimeClasspath',
+        {
+          cwd: projectData.cwd,
+          timeout
+        }
+      )
+    } else {
+      cmdStdout = child_process.execSync(
+        '.' +
+          path.sep +
+          'gradlew dependencies --configuration runtimeClasspath',
+        {
+          cwd: projectData.cwd,
+          timeout
+        }
+      )
+    }
+    if (
+      cmdStdout
+        .toString()
+        .includes(
+          "runtimeClasspath - Runtime classpath of source set 'main'.\n" +
+            'No dependencies'
+        )
+    ) {
+      cmdStdout = child_process.execSync(
+        '.' + path.sep + 'gradlew dependencies',
+        {
+          cwd: projectData.cwd,
+          timeout
+        }
+      )
+    }
+    output.mvnDependancyTreeOutput = cmdStdout.toString()
+    return output
+  } catch (err) {
+    if (
+      fs.existsSync(projectData.cwd + 'gradlew') ||
+      fs.existsSync(projectData.cwd + 'gradlew.bat')
+    ) {
+      throw new Error(
+        i18n.__(
+          'gradleDependencyTreeNonZero',
+          projectData.cwd,
+          `${err.message}`
+        )
+      )
+    } else {
+      throw new Error(
+        i18n.__('gradleWrapperUnavailable', projectData.cwd, `${err.message}`)
+      )
+    }
+  }
+}
+
+const getJavaBuildDeps = async (config, files) => {
+  const timeout = 960000
+  let output = {
+    mvnDependancyTreeOutput: undefined,
+    projectType: undefined
+  }
+
+  try {
+    const projectData = determineProjectTypeAndCwd(files, config.projectPath)
+    if (projectData.projectType === MAVEN) {
+      output.mvnDependancyTreeOutput = await buildMaven(
+        config,
+        projectData,
+        timeout
+      )
+    } else if (projectData.projectType === GRADLE) {
+      output.mvnDependancyTreeOutput = buildGradle(config, projectData, timeout)
+    }
+    output.projectType = projectData.projectType
+    return output
+  } catch (err) {
+    //
+  }
+}
+
+module.exports = {
+  getJavaBuildDeps
+}

package/src/scaAnalysis/java/index.js

@@ -0,0 +1,21 @@
+const { getJavaBuildDeps } = require('./analysis')
+const { parseBuildDeps } = require('./javaBuildDepsParser')
+const { createJavaTSMessage } = require('../common/formatMessage')
+
+const javaAnalysis = async (config, languageFiles) => {
+  languageFiles.java.forEach(file => {
+    file.replace('build.gradle.kts', 'build.gradle')
+  })
+
+  const javaDeps = await buildJavaTree(config, languageFiles.java)
+  return createJavaTSMessage(javaDeps)
+}
+
+const buildJavaTree = async (config, files) => {
+  const javaBuildDeps = await getJavaBuildDeps(config, files)
+  return parseBuildDeps(config, javaBuildDeps)
+}
+
+module.exports = {
+  javaAnalysis
+}