@contrast/contrast 1.0.21 → 1.0.23

package/dist/scaAnalysis/python/index.js

@@ -3,12 +3,7 @@ const { createPythonTSMessage } = require('../common/formatMessage');
 const { getPythonDeps, secondaryParser } = require('./analysis');
 const pythonAnalysis = (config, languageFiles) => {
     const pythonDeps = getPythonDeps(config, languageFiles.PYTHON);
-    if (config.experimental) {
-        return pythonDeps;
-    }
-    else {
-        return createPythonTSMessage(pythonDeps);
-    }
+    return createPythonTSMessage(pythonDeps);
 };
 module.exports = {
     pythonAnalysis

package/dist/scaAnalysis/ruby/analysis.js

@@ -6,16 +6,7 @@ const getRubyDeps = (config, languageFiles) => {
         checkForCorrectFiles(languageFiles);
         const parsedGem = readAndParseGemfile(config.file);
         const parsedLock = readAndParseGemLockFile(config.file);
-        if (config.experimental) {
-            const rubyArray = removeRedundantAndPopulateDefinedElements(parsedLock.sources);
-            let rubyTree = createRubyTree(rubyArray);
-            findChildrenDependencies(rubyTree);
-            processRootDependencies(parsedLock.dependencies, rubyTree);
-            return rubyTree;
-        }
-        else {
-            return { gemfilesDependanceies: parsedGem, gemfileLock: parsedLock };
-        }
+        return { gemfilesDependanceies: parsedGem, gemfileLock: parsedLock };
     }
     catch (err) {
         throw err;

package/dist/scaAnalysis/ruby/index.js

@@ -3,12 +3,7 @@ const analysis = require('./analysis');
 const { createRubyTSMessage } = require('../common/formatMessage');
 const rubyAnalysis = (config, languageFiles) => {
     const rubyDeps = analysis.getRubyDeps(config, languageFiles.RUBY);
-    if (config.experimental) {
-        return rubyDeps;
-    }
-    else {
-        return createRubyTSMessage(rubyDeps);
-    }
+    return createRubyTSMessage(rubyDeps);
 };
 module.exports = {
     rubyAnalysis

package/dist/scaAnalysis/scaAnalysis.js

@@ -19,14 +19,8 @@ const { rubyAnalysis } = require('./ruby');
 const { pythonAnalysis } = require('./python');
 const javaAnalysis = require('./java');
 const jsAnalysis = require('./javascript');
-const auditReport = require('./common/auditReport');
-const scaUpload = require('./common/scaServicesUpload');
-const settingsHelper = require('../utils/settingsHelper');
 const chalk = require('chalk');
-const saveResults = require('../scan/saveResults');
-const { convertGenericToTypedReportModelSca } = require('./common/utils/reportUtilsSca');
 const processSca = async (config) => {
-    config = await settingsHelper.getSettings(config);
     const startTime = performance.now();
     let filesFound;
     if (config.help) {
@@ -49,17 +43,7 @@ const processSca = async (config) => {
         switch (Object.keys(filesFound[0])[0]) {
             case JAVA:
                 config.language = JAVA;
-                if (config.mode === 'repo') {
-                    try {
-                        return repoMode.buildRepo(config, filesFound[0]);
-                    }
-                    catch (e) {
-                        throw new Error('Unable to build in repository mode. Check your project file');
-                    }
-                }
-                else {
-                    messageToSend = await javaAnalysis.javaAnalysis(config, filesFound[0]);
-                }
+                messageToSend = await javaAnalysis.javaAnalysis(config, filesFound[0]);
                 break;
             case JAVASCRIPT:
                 messageToSend = await jsAnalysis.jsAnalysis(config, filesFound[0]);
@@ -82,15 +66,9 @@ const processSca = async (config) => {
                 config.language = GO;
                 break;
             case DOTNET:
-                if (config.experimental) {
-                    console.log(`${chalk.bold('\n.NET project found\n')} Language type is unsupported.`);
-                    return;
-                }
-                else {
-                    messageToSend = dotNetAnalysis(config, filesFound[0]);
-                    config.language = DOTNET;
-                    break;
-                }
+                messageToSend = dotNetAnalysis(config, filesFound[0]);
+                config.language = DOTNET;
+                break;
             default:
                 console.log('No supported language detected in project path');
                 return;
@@ -98,42 +76,22 @@ const processSca = async (config) => {
         if (!config.applicationId) {
             config.applicationId = await auditController.dealWithNoAppId(config);
         }
-        if (config.experimental) {
-            console.log('');
-            const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
-            startSpinner(reportSpinner);
-            const { reportArray, reportId } = await scaUpload.scaTreeUpload(messageToSend, config);
-            const reportModelLibraryList = convertGenericToTypedReportModelSca(reportArray);
-            auditReport.processAuditReport(config, reportModelLibraryList);
-            succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
-            if (config.save !== undefined) {
-                await auditSave.auditSave(config, reportId);
-            }
-            else {
-                console.log('Use contrast audit --save to generate an SBOM');
-            }
-            const endTime = performance.now() - startTime;
-            const scanDurationMs = endTime - startTime;
-            console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
+        console.log('');
+        const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
+        startSpinner(reportSpinner);
+        const snapshotResponse = await treeUpload.commonSendSnapShot(messageToSend, config);
+        await pollForSnapshotCompletion(config, snapshotResponse.id, reportSpinner);
+        succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
+        await vulnerabilityReportV2(config, snapshotResponse.id);
+        if (config.save !== undefined) {
+            await auditSave.auditSave(config);
         }
         else {
-            console.log('');
-            const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
-            startSpinner(reportSpinner);
-            const snapshotResponse = await treeUpload.commonSendSnapShot(messageToSend, config);
-            await pollForSnapshotCompletion(config, snapshotResponse.id, reportSpinner);
-            succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
-            await vulnerabilityReportV2(config, snapshotResponse.id);
-            if (config.save !== undefined) {
-                await auditSave.auditSave(config);
-            }
-            else {
-                console.log('\nUse contrast audit --save to generate an SBOM');
-            }
-            const endTime = performance.now() - startTime;
-            const scanDurationMs = endTime - startTime;
-            console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
+            console.log('\nUse contrast audit --save to generate an SBOM');
         }
+        const endTime = performance.now() - startTime;
+        const scanDurationMs = endTime - startTime;
+        console.log(`----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
     }
     else {
         if (filesFound.length === 0) {

package/dist/scan/help.js

@@ -4,6 +4,9 @@ const i18n = require('i18n');
 const constants = require('../cliConstants');
 const { commonHelpLinks } = require('../common/commonHelp');
 const scanUsageGuide = commandLineUsage([
+    {
+        header: i18n.__('constantsHeader')
+    },
     {
         header: i18n.__('scanHeader')
     },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/contrast",
-  "version": "1.0.21",
+  "version": "1.0.23",
   "description": "Contrast Security's command line tool",
   "main": "dist/index.js",
   "bin": {
@@ -27,12 +27,9 @@
     "test": "jest --testPathIgnorePatterns=./test-integration/",
     "test-int": "jest ./test-integration/",
     "test-int-scan": "jest ./test-integration/scan",
-    "test-int-audit": "jest test-integration/audit",
-    "test-int-audit-reports": "jest test-integration/audit/audit-language-reports.spec.js",
     "test-int-scan-errors": "jest test-integration/scan/scanLocalErrors.spec.js",
     "test-int-scan-reports": "jest test-integration/scan/scanReport.spec.js",
-    "test-int-audit-features": "jest test-integration/audit/auditFeatures/",
-    "test-int-audit-experimental": "jest test-integration/audit/audit-experimental.spec.js",
+    "test-int-audit-features": "jest test-integration/audit/auditFeatures",
     "format": "prettier --write \"**/*.{ts,tsx,js,json,md,yml}\" .eslintrc.*",
     "check-format": "prettier --check \"**/*.{ts,tsx,js,json,md,yml}\" .eslintrc.*",
     "coverage-local": "nyc --reporter=text mocha './test/**/*.spec.js'",

package/src/audit/report/commonReportingFunctions.js

@@ -247,7 +247,7 @@ function buildBody(cveArray, advice) {
   //todo different advice based on remediationGuidance being available or now
   // console.log(advice)
 
-  const minOrMax = advice.maximum ? advice.maximum : advice.minimum
+  const minOrMax = advice.minimum ? advice.minimum : advice.maximum
   const displayAdvice = minOrMax
     ? `Change to version ${chalk.bold(minOrMax)}`
     : 'No recommendation is available according to our data. Upgrade to the latest stable is the best advice we can give.'

package/src/audit/save.js

@@ -23,18 +23,20 @@ async function auditSave(config, reportId) {
   }
 
   if (fileFormat) {
-    if (config.experimental) {
-      save.saveFile(
+    if (config.legacy === false) {
+      const sbomResponse = await sbom.generateSCASbom(
         config,
         fileFormat,
-        await sbom.generateSCASbom(config, fileFormat, reportId)
+        reportId
       )
+      if (sbomResponse) {
+        save.saveFile(config, fileFormat, sbomResponse)
+      }
     } else {
-      save.saveFile(
-        config,
-        fileFormat,
-        await sbom.generateSbom(config, fileFormat)
-      )
+      const sbomResponse = await sbom.generateSbom(config, fileFormat)
+      if (sbomResponse) {
+        save.saveFile(config, fileFormat, sbomResponse)
+      }
     }
     const filename = `${config.applicationId}-sbom-${fileFormat}.json`
     if (fs.existsSync(filename)) {
@@ -42,7 +44,7 @@ async function auditSave(config, reportId) {
     } else {
       console.log(
         chalk.yellow.bold(
-          `\n Unable to save ${filename} Software Bill of Materials (SBOM)`
+          `\nUnable to save ${filename} Software Bill of Materials (SBOM)`
         )
       )
     }

package/src/cliConstants.js

@@ -212,6 +212,7 @@ const scanOptionDefinitions = [
 
 const authOptionDefinitions = [
   ...sharedConnectionOptionDefinitions,
+  ...sharedCertOptionDefinitions,
   {
     name: 'help',
     alias: 'h',
@@ -427,11 +428,11 @@ const mainUsageGuide = commandLineUsage([
     header: i18n.__('constantsCommands'),
     content: [
       { name: i18n.__('authName'), summary: i18n.__('helpAuthSummary') },
+      { name: i18n.__('configName'), summary: i18n.__('helpConfigSummary') },
+      { name: i18n.__('versionName'), summary: i18n.__('helpVersionSummary') },
+      { name: i18n.__('auditName'), summary: i18n.__('helpAuditSummary') },
       { name: i18n.__('scanName'), summary: i18n.__('helpScanSummary') },
       { name: i18n.__('lambdaName'), summary: i18n.__('helpLambdaSummary') },
-      { name: i18n.__('auditName'), summary: i18n.__('helpAuditSummary') },
-      { name: i18n.__('versionName'), summary: i18n.__('helpVersionSummary') },
-      { name: i18n.__('configName'), summary: i18n.__('helpConfigSummary') },
       { name: i18n.__('helpName'), summary: i18n.__('helpSummary') },
       { name: i18n.__('learnName'), summary: i18n.__('helpLearnSummary') }
     ]

package/src/commands/audit/help.js

@@ -4,6 +4,9 @@ const constants = require('../../cliConstants')
 const { commonHelpLinks } = require('../../common/commonHelp')
 
 const auditUsageGuide = commandLineUsage([
+  {
+    header: i18n.__('constantsHeader')
+  },
   {
     header: i18n.__('auditHeader'),
     content: [i18n.__('auditHeaderMessage')]
@@ -48,7 +51,6 @@ const auditUsageGuide = commandLineUsage([
       'code',
       'maven-settings-path',
       'language',
-      'experimental',
       'app-groups',
       'metadata',
       'track',

package/src/commands/audit/processAudit.js

@@ -10,11 +10,8 @@ const processAudit = async (contrastConf, argvMain) => {
     process.exit(0)
   }
 
-  const config = await auditConfig.getAuditConfig(
-    contrastConf,
-    'audit',
-    argvMain
-  )
+  let config = await auditConfig.getAuditConfig(contrastConf, 'audit', argvMain)
+
   await scaController.processSca(config)
   if (!config.fingerprint) {
     postRunMessage('audit')

package/src/commands/auth/auth.js

@@ -101,6 +101,11 @@ const authUsageGuide = commandLineUsage([
   {
     header: i18n.__('constantsAuthUsageHeader'),
     content: [i18n.__('constantsAuthUsageContents')]
+  },
+  {
+    header: i18n.__('constantsAdvancedOptions'),
+    optionList: constants.commandLineDefinitions.authOptionDefinitions,
+    hide: ['organization-id', 'api-key', 'authorization', 'host']
   }
 ])
 

package/src/commands/learn/processLearn.js

@@ -1,7 +1,7 @@
 const { openLearnPage } = require('./learn')
 
 async function processLearn() {
-  console.log('Opening develop central...')
+  console.log('Opening Contrast’s Secure Code Learning Hub...')
   console.log(
     'If the page does not open you can open it directly via https://www.contrastsecurity.com/developer/learn'
   )

package/src/common/HTTPClient.js

@@ -254,6 +254,13 @@ HTTPClient.prototype.scaServiceIngests = function scaServiceIngests(config) {
   return requestUtils.sendRequest({ method: 'get', options })
 }
 
+HTTPClient.prototype.scaServiceHealth = function scaServiceIngests(config) {
+  const options = _.cloneDeep(this.requestOptions)
+  let url = createScaServiceHealthURL(config)
+  options.url = url
+  return requestUtils.sendRequest({ method: 'get', options })
+}
+
 HTTPClient.prototype.getReportById = function getReportById(config, reportId) {
   const options = _.cloneDeep(this.requestOptions)
   if (config.ignoreDev) {
@@ -474,6 +481,10 @@ function createScaServiceIngestsURL(config) {
   return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/applications/${config.applicationId}/libraries/ingests`
 }
 
+function createScaServiceHealthURL(config) {
+  return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/health`
+}
+
 function createScaServiceIngestURL(config) {
   let baseUrl = `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/applications/${config.applicationId}/libraries/ingests/tree`
   baseUrl = config.track ? baseUrl.concat('?persist=true') : baseUrl

package/src/constants/constants.js

@@ -14,7 +14,7 @@ const HIGH = 'HIGH'
 const CRITICAL = 'CRITICAL'
 // App
 const APP_NAME = 'contrast'
-const APP_VERSION = '1.0.21'
+const APP_VERSION = '1.0.23'
 const TIMEOUT = 120000
 const HIGH_COLOUR = '#ff9900'
 const CRITICAL_COLOUR = '#e35858'

package/src/constants/lambda.js

@@ -66,6 +66,7 @@ const lambda = {
     'Scanning a function of an inactive account is not supported',
   not_supported_runtime:
     'Scanning resource of runtime "{{runtime}}" is not supported.\nSupported runtimes: {{supportedRuntimes}}',
+  not_supported_lambda: 'This function cannot be scanned',
   not_supported_onboard_account:
     'Scanning a function of onboard account is not supported',
   scan_lock:

package/src/constants/locales.js

@@ -1,5 +1,6 @@
 const { lambda } = require('./lambda')
 const chalk = require('chalk')
+const { APP_VERSION } = require('./constants')
 
 const en_locales = () => {
   return {
@@ -83,7 +84,7 @@ const en_locales = () => {
       ' FAIL - Results detected vulnerabilities over accepted severity level',
     constantsSeverity:
       'Use with "contrast scan --fail --severity high" or "contrast audit --fail --severity high". Set the severity level to detect vulnerabilities or dependencies. Severity levels are critical, high, medium, low or note.',
-    constantsHeader: 'Contrast CLI',
+    constantsHeader: `Contrast CLI @ v${APP_VERSION}`,
     configHeader2: 'Config options',
     clearHeader: '-c, --clear',
     clearContent: 'Removes stored credentials',
@@ -160,13 +161,13 @@ const en_locales = () => {
     scanErrorFileMessage:
       'We only accept the following file types: \nJava - .jar, .war \nJavaScript - .js or .zip files',
     helpAuthSummary:
-      'Authenticate Contrast using your Github or Google account',
+      'Authenticate Contrast using your Github or Google account OR include credentials if you are an existing licensed Contrast user.',
     helpAuditSummary:
-      'Searches for a suitable file in the working directory to perform a security audit of dependencies and returns the results. [Contrast audit --help (for options).]',
+      'Searches for a suitable file in the working directory to perform a security audit of dependencies and returns the results. \n[audit --help for options] Java, .NET, Node, Ruby, Python, Go, PHP are supported. ',
     helpScanSummary:
-      'Searches for a .jar, .war, .js, or .zip file in the working directory, uploads files for analysis, and returns the results. [For further help/options, enter scan --help]',
+      'Searches for a .jar, .war, .js, or .zip file in the working directory, uploads files for analysis, and returns the results. \n[scan --help for options] Java, .NET, .NET Core, JavaScript are supported. ',
     helpLambdaSummary:
-      'Performs a static security scan on an AWS lambda function. lambda --help (for options)',
+      'Performs a static security scan on an AWS lambda function. [lambda --help for options] AWS Lambda - Java & Python are supported. ',
     helpVersionSummary: 'Displays version of Contrast CLI',
     helpConfigSummary: 'Displays stored credentials',
     helpSummary: 'Displays usage guide',
@@ -178,7 +179,7 @@ const en_locales = () => {
     configName: 'config',
     helpName: 'help',
     learnName: 'learn',
-    helpLearnSummary: 'launches Contrast’s Secure Code Learning Hub.',
+    helpLearnSummary: 'Launches Contrast’s Secure Code Learning Hub.',
     fingerprintName:
       'assess repo to see how many languages it can detect. For use in pipeline only.',
     depthOption:
@@ -202,7 +203,7 @@ const en_locales = () => {
       chalk.bold('\ncontrast audit') +
       ' to find vulnerabilities in your open source dependencies.' +
       '\nSupports Java, .NET, Node, Ruby, Python, Go and PHP.' +
-      '\nOur CLI runs native build tools to generate a complete dependency tree.' +
+      '\n\nOur CLI runs native build tools to generate a complete dependency tree.' +
       '\nIf you are running on untrusted code, consider running in a sandbox.\n' +
       chalk.bold('\ncontrast lambda') +
       ' to secure your AWS serverless functions. \nSupports Java and Python \n' +
@@ -216,7 +217,7 @@ const en_locales = () => {
     searchingScanFileDirectory: 'Searching for file to scan from %s...',
     searchingAuditFileDirectory:
       'Searching for package manager files from %s...',
-    scanHeader: 'Contrast Scan CLI',
+    scanHeader: `Contrast Scan CLI`,
     authHeader: 'Auth',
     lambdaHeader: 'Contrast Lambda CLI',
     lambdaSummary:
@@ -257,7 +258,7 @@ const en_locales = () => {
       'An error has occurred when trying to get the Project Id please check your internet connection or provide the Project Id manually',
     internalServerErrorHeader: '500 error - Internal server error',
     resourceLockedErrorHeader: '423 error - Resource is locked',
-    auditHeader: 'Contrast audit help',
+    auditHeader: 'Contrast Audit CLI',
     auditHeaderMessage:
       "Use 'contrast audit' to analyze a project’s dependencies for vulnerabilities.",
     constantsAuditPrerequisitesContentSupportedLanguages:
@@ -329,18 +330,18 @@ const en_locales = () => {
     commonHelpJoinDiscussionText:
       ' https://www.contrastsecurity.com/developer/community',
     commonHelpLearnHeader:
-      chalk.hex('#ffe599')('\rWant to UP your game?') +
+      chalk.hex('#ffe599')('\r  Want to UP your game?') +
       " type 'contrast learn'",
-    commonHelpLearnText: `\n🎓 Advance your security knowledge and become an ${chalk.hex(
+    commonHelpLearnText: `\n💰 Advance your security knowledge and become an ${chalk.hex(
       '#ffd966'
     )('All-star coder')} ⭐  with ${chalk.bold(
       'Contrast Secure Code Learning Hub.'
     )} 😺`,
     authCommand: {
       credentialsAccepted: {
-        title: 'Credentials accepted',
-        body: 'Now run contrast audit, lambda or scan',
-        extra: 'Or contrast help for full list of commands'
+        title: '✔ Credentials successfully saved',
+        body: `\n${chalk.bold('Contrast CLI')}`,
+        extra: 'Scan, secure and ship your code in minutes.'
       },
       credentialsMissing: {
         title: 'Credentials missing',

package/src/index.ts

@@ -16,7 +16,6 @@ import {
 } from './common/versionChecker'
 import { findCommandOnError } from './common/errorHandling'
 import { sendTelemetryConfigAsConfObj } from './telemetry/telemetry'
-import { openLearnPage } from './commands/learn/learn'
 import { processLearn } from './commands/learn/processLearn'
 const {
   commandLineDefinitions: { mainUsageGuide, mainDefinition }

package/src/lambda/help.ts

@@ -3,6 +3,9 @@ import i18n from 'i18n'
 import { commonHelpLinks } from '../common/commonHelp'
 
 const lambdaUsageGuide = commandLineUsage([
+  {
+    header: i18n.__('constantsHeader')
+  },
   {
     header: i18n.__('lambdaHeader'),
     content: [i18n.__('lambdaSummary')]

package/src/lambda/scanRequest.ts

@@ -14,12 +14,22 @@ import { ApiParams, LambdaOptions } from './lambda'
 import { log, prettyPrintJson } from './logUtils'
 import { CliError } from './cliError'
 import { ERRORS } from './constants'
+import { sleep } from '../utils/requestUtils'
 
-const sendScanPostRequest = async (
+const MAX_RETRIES = 2
+
+const sendScanPostRequest: (
   config: any,
   params: ApiParams,
   functionsEvent: unknown,
-  showProgress = false
+  showProgress?: boolean,
+  retryNumber?: number
+) => any = async (
+  config,
+  params,
+  functionsEvent,
+  showProgress = false,
+  retryNumber = 0
 ) => {
   const client = getHttpClient(config)
 
@@ -50,6 +60,21 @@ const sendScanPostRequest = async (
       })
       errorCode = false
       break
+    case 'not_supported_lambda':
+      description = i18n.__(errorCode)
+      errorCode = false
+      break
+    default:
+      if (retryNumber < MAX_RETRIES) {
+        await sleep(3 * 1000)
+        return sendScanPostRequest(
+          config,
+          params,
+          functionsEvent,
+          showProgress,
+          retryNumber + 1
+        )
+      }
   }
 
   throw new CliError(ERRORS.FAILED_TO_START_SCAN, {

package/src/sbom/generateSbom.ts

@@ -7,8 +7,15 @@ export const generateSbom = (config: any, type: string) => {
     .then((res: { statusCode: number; body: any }) => {
       if (res.statusCode === 200) {
         return res.body
+      } else if (res.statusCode === 403) {
+        console.log('\nUnable to retrieve Software Bill of Materials (SBOM)')
+        console.log(
+          `Please ensure OSS is enabled for your organization - org-id ${config.organizationId} and app ${config.applicationId}`
+        )
+        return undefined
       } else {
         console.log('Unable to retrieve Software Bill of Materials (SBOM)')
+        return undefined
       }
     })
     .catch((err: any) => {
@@ -29,6 +36,7 @@ export const generateSCASbom = (
         return res.body
       } else {
         console.log('Unable to retrieve Software Bill of Materials (SBOM)')
+        return undefined
       }
     })
     .catch((err: any) => {

package/src/scaAnalysis/common/commonReportingFunctionsSca.js

@@ -217,9 +217,9 @@ function getIssueRow(cveArray) {
 }
 
 function getAdviceRow(advice) {
-  const latestOrClosest = advice.latestStableVersion
-    ? advice.latestStableVersion
-    : advice.closestStableVersion
+  const latestOrClosest = advice.closestStableVersion
+    ? advice.closestStableVersion
+    : advice.latestStableVersion
   const displayAdvice = latestOrClosest
     ? `Change to version ${chalk.bold(latestOrClosest)}`
     : 'No recommendation is available according to our data. Upgrade to the latest stable is the best advice we can give.'

package/src/scaAnalysis/common/treeUpload.js

@@ -3,13 +3,11 @@ const { APP_VERSION } = require('../../constants/constants')
 
 const commonSendSnapShot = async (analysis, config) => {
   let requestBody = {}
-  config.experimental === true
-    ? (requestBody = sendToSCAServices(config, analysis))
-    : (requestBody = {
-        appID: config.applicationId,
-        cliVersion: APP_VERSION,
-        snapshot: analysis
-      })
+  requestBody = {
+    appID: config.applicationId,
+    cliVersion: APP_VERSION,
+    snapshot: analysis
+  }
 
   const client = commonApi.getHttpClient(config)
   return client
@@ -18,6 +16,13 @@ const commonSendSnapShot = async (analysis, config) => {
       if (res.statusCode === 201) {
         return res.body
       } else {
+        if (res.statusCode === 403) {
+          throw new Error(
+            `🛑 Contrast audit failed \nPlease check you have the right permissions and the application ${
+              config.applicationName ? config.applicationName : ''
+            } has not been archived.`.replace(/ +(?= )/g, '')
+          )
+        }
         throw new Error(res.statusCode + ` error processing dependencies`)
       }
     })
@@ -26,19 +31,6 @@ const commonSendSnapShot = async (analysis, config) => {
     })
 }
 
-const sendToSCAServices = (config, analysis) => {
-  return {
-    applicationId: config.applicationId,
-    dependencyTree: analysis,
-    organizationId: config.organizationId,
-    language: config.language,
-    tool: {
-      name: 'Contrast Codesec',
-      version: APP_VERSION
-    }
-  }
-}
-
 module.exports = {
   commonSendSnapShot
 }

package/src/scaAnalysis/go/goAnalysis.js

@@ -10,12 +10,7 @@ const goAnalysis = config => {
     const rawGoDependencies = goReadDepFile.getGoDependencies(config)
     const parsedGoDependencies =
       goParseDeps.parseGoDependencies(rawGoDependencies)
-
-    if (config.experimental) {
-      return parseDependenciesForSCAServices(parsedGoDependencies)
-    } else {
-      return createGoTSMessage(parsedGoDependencies)
-    }
+    return createGoTSMessage(parsedGoDependencies)
   } catch (e) {
     console.log(e.message.toString())
   }