npm - @contrast/contrast - Versions diffs - 1.0.3 → 1.0.4 - Mend

@contrast/contrast 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/.prettierignore +1 -0
package/README.md +20 -14
package/dist/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +2 -12
package/dist/audit/languageAnalysisEngine/report/commonReportingFunctions.js +62 -234
package/dist/audit/languageAnalysisEngine/report/models/reportLibraryModel.js +19 -0
package/dist/audit/languageAnalysisEngine/report/models/reportListModel.js +24 -0
package/dist/audit/languageAnalysisEngine/report/models/reportSeverityModel.js +10 -0
package/dist/audit/languageAnalysisEngine/report/reportingFeature.js +24 -129
package/dist/audit/languageAnalysisEngine/report/utils/reportUtils.js +85 -0
package/dist/audit/languageAnalysisEngine/sendSnapshot.js +3 -1
package/dist/commands/audit/auditController.js +6 -3
package/dist/commands/scan/processScan.js +4 -3
package/dist/common/HTTPClient.js +19 -26
package/dist/common/versionChecker.js +14 -12
package/dist/constants/constants.js +1 -1
package/dist/constants/lambda.js +3 -1
package/dist/constants/locales.js +17 -10
package/dist/constants.js +5 -1
package/dist/index.js +2 -2
package/dist/lambda/help.js +22 -14
package/dist/lambda/lambda.js +6 -0
package/dist/scan/models/groupedResultsModel.js +10 -0
package/dist/scan/models/resultContentModel.js +2 -0
package/dist/scan/models/scanResultsModel.js +11 -0
package/dist/scan/scan.js +90 -95
package/dist/scan/scanConfig.js +1 -1
package/dist/utils/getConfig.js +3 -0
package/package.json +2 -2
package/src/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +2 -16
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.ts +127 -0
package/src/audit/languageAnalysisEngine/report/models/reportLibraryModel.ts +30 -0
package/src/audit/languageAnalysisEngine/report/models/reportListModel.ts +32 -0
package/src/audit/languageAnalysisEngine/report/models/reportSeverityModel.ts +9 -0
package/src/audit/languageAnalysisEngine/report/reportingFeature.ts +56 -0
package/src/audit/languageAnalysisEngine/report/utils/reportUtils.ts +110 -0
package/src/audit/languageAnalysisEngine/sendSnapshot.js +3 -1
package/src/commands/audit/auditController.ts +12 -3
package/src/commands/scan/processScan.js +4 -6
package/src/common/HTTPClient.js +31 -38
package/src/common/errorHandling.ts +0 -1
package/src/common/versionChecker.ts +24 -22
package/src/constants/constants.js +1 -1
package/src/constants/lambda.js +3 -1
package/src/constants/locales.js +20 -10
package/src/constants.js +7 -1
package/src/index.ts +2 -3
package/src/lambda/help.ts +22 -14
package/src/lambda/lambda.ts +8 -0
package/src/scan/models/groupedResultsModel.ts +18 -0
package/src/scan/models/resultContentModel.ts +86 -0
package/src/scan/models/scanResultsModel.ts +52 -0
package/src/scan/scan.ts +192 -0
package/src/scan/scanConfig.js +1 -1
package/src/scan/scanController.js +2 -0
package/src/utils/getConfig.ts +10 -0
package/dist/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -17
package/dist/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -81
package/src/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -27
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.js +0 -303
package/src/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -124
package/src/audit/languageAnalysisEngine/report/reportingFeature.js +0 -190
package/src/scan/scan.js +0 -195

package/dist/audit/languageAnalysisEngine/report/utils/reportUtils.js ADDED Viewed

@@ -0,0 +1,85 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.findNameAndVersion = exports.severityCount = exports.convertGenericToTypedLibraries = exports.findHighestSeverityCVE = void 0;
+const reportLibraryModel_1 = require("../models/reportLibraryModel");
+const reportSeverityModel_1 = require("../models/reportSeverityModel");
+const constants_1 = __importDefault(require("../../../languageAnalysisEngine/constants"));
+const { supportedLanguages: { GO } } = constants_1.default;
+function findHighestSeverityCVE(cveArray) {
+    if (cveArray.find(cve => cve.cvss3SeverityCode === 'CRITICAL' || cve.severityCode === 'CRITICAL')) {
+        return new reportSeverityModel_1.ReportSeverityModel('CRITICAL', 1);
+    }
+    else if (cveArray.find(cve => cve.cvss3SeverityCode === 'HIGH' || cve.severityCode === 'HIGH')) {
+        return new reportSeverityModel_1.ReportSeverityModel('HIGH', 2);
+    }
+    else if (cveArray.find(cve => cve.cvss3SeverityCode === 'MEDIUM' || cve.severityCode === 'MEDIUM')) {
+        return new reportSeverityModel_1.ReportSeverityModel('MEDIUM', 3);
+    }
+    else if (cveArray.find(cve => cve.cvss3SeverityCode === 'LOW' || cve.severityCode === 'LOW')) {
+        return new reportSeverityModel_1.ReportSeverityModel('LOW', 4);
+    }
+    else if (cveArray.find(cve => cve.cvss3SeverityCode === 'NOTE' || cve.severityCode === 'NOTE')) {
+        return new reportSeverityModel_1.ReportSeverityModel('NOTE', 5);
+    }
+}
+exports.findHighestSeverityCVE = findHighestSeverityCVE;
+function convertGenericToTypedLibraries(libraries) {
+    return Object.entries(libraries).map(([name, cveArray]) => {
+        return new reportLibraryModel_1.ReportLibraryModel(name, cveArray);
+    });
+}
+exports.convertGenericToTypedLibraries = convertGenericToTypedLibraries;
+function severityCount(vulnerableLibraries) {
+    const severityCount = {
+        critical: 0,
+        high: 0,
+        medium: 0,
+        low: 0,
+        note: 0
+    };
+    vulnerableLibraries.forEach(lib => {
+        lib.cveArray.forEach(cve => {
+            if (cve.cvss3SeverityCode === 'CRITICAL' ||
+                cve.severityCode === 'CRITICAL') {
+                severityCount['critical'] += 1;
+            }
+            else if (cve.cvss3SeverityCode === 'HIGH' ||
+                cve.severityCode === 'HIGH') {
+                severityCount['high'] += 1;
+            }
+            else if (cve.cvss3SeverityCode === 'MEDIUM' ||
+                cve.severityCode === 'MEDIUM') {
+                severityCount['medium'] += 1;
+            }
+            else if (cve.cvss3SeverityCode === 'LOW' ||
+                cve.severityCode === 'LOW') {
+                severityCount['low'] += 1;
+            }
+            else if (cve.cvss3SeverityCode === 'NOTE' ||
+                cve.severityCode === 'NOTE') {
+                severityCount['note'] += 1;
+            }
+        });
+    });
+    return severityCount;
+}
+exports.severityCount = severityCount;
+function findNameAndVersion(library, config) {
+    if (config.language.toUpperCase() === GO) {
+        const nameVersion = library.name.split('@');
+        const name = nameVersion[0];
+        const version = nameVersion[1];
+        return { name, version };
+    }
+    else {
+        const splitLibraryName = library.name.split('/');
+        const nameVersion = splitLibraryName[1].split('@');
+        const name = nameVersion[0];
+        const version = nameVersion[1];
+        return { name, version };
+    }
+}
+exports.findNameAndVersion = findNameAndVersion;

package/dist/audit/languageAnalysisEngine/sendSnapshot.js CHANGED Viewed

@@ -24,7 +24,9 @@ const newSendSnapShot = async (analysis, applicationId) => {
         .sendSnapshot(requestBody, analysis.config)
         .then(res => {
         if (res.statusCode === 201) {
-            displaySnapshotSuccessMessage(analysis.config);
+            if (analysis.config.host !== 'https://ce.contrastsecurity.com/') {
+                displaySnapshotSuccessMessage(analysis.config);
+            }
             return res.body;
         }
         else {

package/dist/commands/audit/auditController.js CHANGED Viewed

@@ -7,7 +7,7 @@ exports.startAudit = void 0;
 const catalogueApplication_1 = require("../../audit/catalogueApplication/catalogueApplication");
 const commonApi_1 = __importDefault(require("../../audit/languageAnalysisEngine/commonApi"));
 const identifyLanguageAE = require('./../../audit/languageAnalysisEngine');
-const languageFactory = require('./../../audit/languageAnalysisEngine/langugageAnalysisFactory');
+const languageFactory = require('../../audit/languageAnalysisEngine/languageAnalysisFactory');
 const dealWithNoAppId = async (config) => {
     let appID;
     try {
@@ -17,9 +17,12 @@ const dealWithNoAppId = async (config) => {
         }
     }
     catch (e) {
-        console.log(e);
+        if (e.toString().includes('tunneling socket could not be established')) {
+            console.log(e.message);
+            console.log('There seems to be an issue with your proxy, please check and try again');
+        }
+        process.exit(1);
     }
-    console.log(appID);
     return appID;
 };
 const startAudit = async (config) => {

package/dist/commands/scan/processScan.js CHANGED Viewed

@@ -1,14 +1,15 @@
 "use strict";
 const { startScan } = require('../../scan/scanController');
-const { formatScanOutput } = require('../../scan/scan');
 const { scanUsageGuide } = require('../../scan/help');
 const scanConfig = require('../../scan/scanConfig');
 const { saveScanFile } = require('../../utils/saveFile');
+const { ScanResultsModel } = require('../../scan/models/scanResultsModel');
+const { formatScanOutput } = require('../../scan/scan');
 const processScan = async (argvMain) => {
     let config = scanConfig.getScanConfig(argvMain);
-    let scanResults = await startScan(config);
+    let scanResults = new ScanResultsModel(await startScan(config));
     if (scanResults) {
-        formatScanOutput(scanResults?.projectOverview, scanResults?.scanResultsInstances);
+        formatScanOutput(scanResults);
     }
     if (config.save !== undefined) {
         await saveScanFile(config, scanResults);

package/dist/common/HTTPClient.js CHANGED Viewed

@@ -77,7 +77,9 @@ HTTPClient.prototype.getScanId = function getScanId(config, codeArtifactId) {
     options.url = url;
     options.body = {
         codeArtifactId: codeArtifactId,
-        label: `Started by CLI tool at ${new Date().toString()}`
+        label: config.label
+            ? config.label
+            : `Started by CLI tool at ${new Date().toString()}`
     };
     return requestUtils.sendRequest({ method: 'post', options });
 };
@@ -143,28 +145,28 @@ HTTPClient.prototype.catalogueCommand = function catalogueCommand(config) {
     return requestUtils.sendRequest({ method: 'post', options });
 };
 HTTPClient.prototype.sendSnapshot = function sendSnapshot(requestBody, config) {
+    if (config.language.toUpperCase() === 'RUBY') {
+        console.log('sendSnapshot requestBody', requestBody.snapshot.ruby);
+    }
     const options = _.cloneDeep(this.requestOptions);
     let url = createSnapshotURL(config);
     options.url = url;
     options.body = requestBody;
     return requestUtils.sendRequest({ method: 'post', options });
 };
-HTTPClient.prototype.getReport = function getReport(config) {
-    const options = _.cloneDeep(this.requestOptions);
-    let url = createReportUrl(config);
-    options.url = url;
-    return requestUtils.sendRequest({ method: 'get', options });
-};
-HTTPClient.prototype.getSpecificReport = function getSpecificReport(config, reportId) {
+HTTPClient.prototype.getReportById = function getReportById(config, reportId) {
     const options = _.cloneDeep(this.requestOptions);
-    let url = createSpecificReportUrl(config, reportId);
-    options.url = url;
+    if (config.ignoreDev) {
+        options.url = createSpecificReportWithProdUrl(config, reportId);
+    }
+    else {
+        options.url = createSpecificReportUrl(config, reportId);
+    }
     return requestUtils.sendRequest({ method: 'get', options });
 };
-HTTPClient.prototype.getLibraryVulnerabilities = function getLibraryVulnerabilities(requestBody, config) {
+HTTPClient.prototype.getLibraryVulnerabilities = function getLibraryVulnerabilities(config, requestBody) {
     const options = _.cloneDeep(this.requestOptions);
-    let url = createLibraryVulnerabilitiesUrl(config);
-    options.url = url;
+    options.url = createLibraryVulnerabilitiesUrl(config);
     options.body = requestBody;
     return requestUtils.sendRequest({ method: 'put', options });
 };
@@ -174,12 +176,6 @@ HTTPClient.prototype.getAppId = function getAppId(config) {
     options.url = url;
     return requestUtils.sendRequest({ method: 'get', options });
 };
-HTTPClient.prototype.getDependencyTree = function getReport(orgUuid, appId, reportId) {
-    const options = _.cloneDeep(this.requestOptions);
-    let url = createGetDependencyTree(options.uri, orgUuid, appId, reportId);
-    options.url = url;
-    return requestUtils.sendRequest({ method: 'get', options });
-};
 function getServerlessHost(config = {}) {
     const originalHost = config?.host || config?.get('host');
     const host = originalHost?.endsWith('/')
@@ -271,18 +267,15 @@ const createAppNameUrl = config => {
 function createLibraryVulnerabilitiesUrl(config) {
     return `${config.host}/Contrast/api/ng/${config.organizationId}/libraries/artifactsByGroupNameVersion`;
 }
-function createReportUrl(config) {
-    return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/reports`;
-}
 function createSpecificReportUrl(config, reportId) {
-    return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/reports/${reportId}?nodesToInclude=PROD`;
+    return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/reports/${reportId}`;
+}
+function createSpecificReportWithProdUrl(config, reportId) {
+    return createSpecificReportUrl(config, reportId).concat(`?nodesToInclude=PROD`);
 }
 function createDataUrl() {
     return `https://ardy.contrastsecurity.com/production`;
 }
-const createGetDependencyTree = (protocol, orgUuid, appId, reportId) => {
-    return `${protocol}/Contrast/api/ng/sca/organizations/${orgUuid}/applications/${appId}/reports/${reportId}`;
-};
 function createSbomCycloneDXUrl(config) {
     return `${config.host}/Contrast/api/ng/${config.organizationId}/applications/${config.applicationId}/libraries/sbom/cyclonedx`;
 }

package/dist/common/versionChecker.js CHANGED Viewed

@@ -9,18 +9,20 @@ const constants_1 = require("../constants/constants");
 const boxen_1 = __importDefault(require("boxen"));
 const chalk_1 = __importDefault(require("chalk"));
 const semver_1 = __importDefault(require("semver"));
-async function findLatestCLIVersion() {
-    const latestCLIVersion = await (0, latest_version_1.default)('@contrast/contrast');
-    if (semver_1.default.lt(constants_1.APP_VERSION, latestCLIVersion)) {
-        const updateAvailableMessage = `Update available ${chalk_1.default.yellow(constants_1.APP_VERSION)} → ${chalk_1.default.green(latestCLIVersion)}`;
-        const npmUpdateAvailableCommand = `Run ${chalk_1.default.cyan('npm i @contrast/contrast -g')} to update via npm`;
-        const homebrewUpdateAvailableCommand = `Run ${chalk_1.default.cyan('brew install contrastsecurity/tap/contrast')} to update via brew`;
-        console.log((0, boxen_1.default)(`${updateAvailableMessage}\n${npmUpdateAvailableCommand}\n\n${homebrewUpdateAvailableCommand}`, {
-            titleAlignment: 'center',
-            margin: 1,
-            padding: 1,
-            align: 'center'
-        }));
+async function findLatestCLIVersion(updateMessageHidden) {
+    if (!updateMessageHidden) {
+        const latestCLIVersion = await (0, latest_version_1.default)('@contrast/contrast');
+        if (semver_1.default.lt(constants_1.APP_VERSION, latestCLIVersion)) {
+            const updateAvailableMessage = `Update available ${chalk_1.default.yellow(constants_1.APP_VERSION)} → ${chalk_1.default.green(latestCLIVersion)}`;
+            const npmUpdateAvailableCommand = `Run ${chalk_1.default.cyan('npm i @contrast/contrast -g')} to update via npm`;
+            const homebrewUpdateAvailableCommand = `Run ${chalk_1.default.cyan('brew install contrastsecurity/tap/contrast')} to update via brew`;
+            console.log((0, boxen_1.default)(`${updateAvailableMessage}\n${npmUpdateAvailableCommand}\n\n${homebrewUpdateAvailableCommand}`, {
+                titleAlignment: 'center',
+                margin: 1,
+                padding: 1,
+                align: 'center'
+            }));
+        }
     }
 }
 exports.findLatestCLIVersion = findLatestCLIVersion;

package/dist/constants/constants.js CHANGED Viewed

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '1.0.3';
+const APP_VERSION = '1.0.4';
 const TIMEOUT = 120000;
 const AUTH_UI_URL = 'https://cli-auth.contrastsecurity.com';
 const AUTH_CALLBACK_URL = 'https://cli-auth-api.contrastsecurity.com';

package/dist/constants/lambda.js CHANGED Viewed

@@ -25,9 +25,11 @@ const lambda = {
     loadingFunctionList: 'Loading lambda function list',
     functionsFound: '{{count}} functions found',
     noFunctionsFound: 'No functions found',
-    failedToLoadFunctions: 'Faled to load lambda functions',
+    failedToLoadFunctions: 'Failed to load lambda functions',
     availableForScan: '{{icon}} {{count}} available for scan',
     runtimeCount: '----- {{runtime}} ({{count}}) -----',
+    gatherResults: 'Gathering results...',
+    doneGatherResults: 'Done gathering results',
     whatHappenedTitle: 'What happened:',
     whatHappenedItem: '{{policy}} have:\n{{comments}}\n',
     recommendation: 'Recommendation:',

package/dist/constants/locales.js CHANGED Viewed

@@ -10,8 +10,6 @@ const en_locales = () => {
         snapshotHostMessage: " No host supplied. Using default host 'app.contrastsecurity.com'. Please ensure this is correct.",
         vulnerabilitiesSuccessMessage: ' Vulnerability data successfully retrieved',
         vulnerabilitiesFailureMessage: ' Unable to retrieve library vulnerabilities from Team Server.',
-        reportSuccessMessage: ' Report successfully retrieved',
-        reportFailureMessage: ' Unable to generate library report.',
         catchErrorMessage: 'Contrast UI error: ',
         dependenciesNote: 'Please Note: We currently only support projects with one .csproj AND *.package.lock.json',
         languageAnalysisFailureMessage: 'LANGUAGE ANALYSIS FAILED',
@@ -111,7 +109,7 @@ const en_locales = () => {
         constantsCount: "The number of CVE's that must be exceeded to fail a build",
         constantsHeader: 'CodeSec by Contrast Security',
         constantsPrerequisitesContentScanLanguages: 'Java & JavaScript supported',
-        constantsContrastContent: 'Use the Contrast CLI to run a scan(Java, JavaScript and .NET ) or lambda command (Java and Python) to find your vulnerabilities and start securing your code.',
+        constantsContrastContent: 'Use the Contrast CLI to run a scan (Java, JavaScript and .NET ) or lambda command (Java and Python) to find your vulnerabilities and start securing your code.',
         constantsUsageGuideContentRecommendation: 'Our recommendation is that this is invoked as part of a CI pipeline so that running the cli is automated as part of your build process.',
         constantsPrerequisitesHeader: 'Pre-requisites',
         constantsAuthUsageHeader: 'Usage',
@@ -175,7 +173,8 @@ const en_locales = () => {
         constantsTags: 'Apply labels to an application. Labels must be formatted as a comma-delimited list. Example - label1,label2,label3',
         constantsCode: 'Add the application code this application should use in the Contrast UI',
         constantsIgnoreCertErrors: ' For EOP users with a local Teamserver install, this will bypass the SSL certificate and recognise a self signed certificate.',
-        constantsSave: ' Saves the Scan Results JSON to file.',
+        constantsSave: ' Saves the Scan Results SARIF to file.',
+        scanLabel: "adds a label to the scan - defaults to 'Started by CLI tool at current date'",
         constantsIgnoreDev: 'Combined with the --report command excludes developer dependencies from the vulnerabilities report. By default all dependencies are included in a report.',
         constantsCommands: 'Commands',
         constantsScanOptions: 'Scan Options',
@@ -184,7 +183,7 @@ const en_locales = () => {
         ignoreDevDep: 'No private libraries that are not scoped detected',
         foundExistingProjectScan: 'Found existing project...',
         projectCreatedScan: 'Project created',
-        uploadingScan: 'Uploading...',
+        uploadingScan: 'Uploading file to scan.',
         uploadingScanSuccessful: 'Uploaded file successfully.',
         uploadingScanFail: 'Unable to upload the file.',
         waitingTimedOut: 'Timed out.',
@@ -194,6 +193,7 @@ const en_locales = () => {
         specifyFileScanError: 'Java Scan requires a .war or .jar file. Javascript Scan requires a .js or .zip file.\nTo start a Scan enter "contrast scan -f <path-to-file>"',
         populateProjectIdMessage: 'project ID is %s',
         genericServiceError: 'returned with status code %s',
+        projectIdError: 'Your project ID is %s please check this is correct',
         permissionsError: 'You do not have the correct permissions here. \n Contact support@contrastsecurity.com to get this fixed.',
         scanErrorFileMessage: 'We only accept the following file types: \nJava - .jar, .war \nJavaScript - .js or .zip files',
         helpAuthSummary: 'Authenticate Contrast using your Github or Google account',
@@ -231,13 +231,16 @@ const en_locales = () => {
         searchingScanFileDirectory: 'Searching for file to scan from %s...',
         scanHeader: 'Contrast Scan CLI',
         authHeader: 'Auth',
-        lambdaHeader: 'Contrast lambda help',
+        lambdaHeader: 'Contrast Lambda CLI',
         lambdaSummary: 'Performs static security scan on an AWS Lambda Function.\nProduces CVE (Vulnerable Dependencies) and Least Privilege violations/remediation results.',
         lambdaUsage: 'contrast lambda --function-name <function> [options]',
-        lambdaPrerequisitesContent: 'contrast cli',
-        scanFileNameOption: ' -f, --file',
-        lambdaFunctionNameOption: ' -f, --function-name',
-        lambdaListFunctionsOption: ' -l, --list-functions',
+        lambdaPrerequisitesContent: '',
+        lambdaPrerequisitesContentLambdaLanguages: 'Supported runtimes: Java & Python',
+        lambdaPrerequisitesContentLambdaDescriptionTitle: 'AWS Requirements\n',
+        lambdaPrerequisitesContentLambdaDescription: 'Make sure you have the AWS credentials configured on your local environment. \nYou need the following AWS permissions configured on your IAM user:\n   - Lambda: GetFunction, GetLayerVersionֿ\n   - IAM: GetRolePolicy, GetPolicy, GetPolicyVersion, ListRolePolicies, ListAttachedRolePolicies',
+        scanFileNameOption: '-f, --file',
+        lambdaFunctionNameOption: '-f, --function-name',
+        lambdaListFunctionsOption: '-l, --list-functions',
         lambdaEndpointOption: '-e, --endpoint-url',
         lambdaRegionOption: '-r, --region',
         lambdaProfileOption: '-p, --profile',
@@ -290,6 +293,10 @@ const en_locales = () => {
         auditSBOMSaveSuccess: '\n Software Bill of Materials (SBOM) saved successfully',
         auditNoFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold('No file type specified for --save option to save audit results to. Use audit --help to see valid --save options.')}`,
         auditBadFiletypeSpecifiedForSave: `\n ${chalk.yellow.bold('Bad file type specified for --save option. Use audit --help to see valid --save options.')}`,
+        auditReportWaiting: 'Waiting for report...',
+        auditReportFail: 'Report Retrieval Failed, please try again',
+        auditReportSuccessMessage: ' Report successfully retrieved',
+        auditReportFailureMessage: ' Unable to generate library report.',
         ...lambda
     };
 };

package/dist/constants.js CHANGED Viewed

@@ -116,6 +116,10 @@ const scanOptionDefinitions = [
         alias: 's',
         description: '{bold ' + i18n.__('constantsOptional') + '}:' + i18n.__('constantsSave')
     },
+    {
+        name: 'label',
+        description: '{bold ' + i18n.__('constantsOptional') + '}:' + i18n.__('scanLabel')
+    },
     {
         name: 'help',
         alias: 'h',
@@ -294,7 +298,7 @@ const mainUsageGuide = commandLineUsage([
         ]
     },
     {
-        content: '{underline https://www.contrastsecurity.com}'
+        content: '{underline https://developer.contrastsecurity.com/} \n For technical support head to {underline https://support.contrastsecurity.com}'
     }
 ]);
 const mainDefinition = [{ name: 'command', defaultOption: true }];

package/dist/index.js CHANGED Viewed

@@ -36,12 +36,12 @@ const start = async () => {
             argvMain.includes('--v') ||
             argvMain.includes('--version')) {
             console.log(constants_2.APP_VERSION);
-            await (0, versionChecker_1.findLatestCLIVersion)();
+            await (0, versionChecker_1.findLatestCLIVersion)(config.get('updateMessageHidden'));
             return;
         }
         config.set('numOfRuns', config.get('numOfRuns') + 1);
         if (config.get('numOfRuns') >= 5) {
-            await (0, versionChecker_1.findLatestCLIVersion)();
+            await (0, versionChecker_1.findLatestCLIVersion)(config.get('updateMessageHidden'));
             config.set('numOfRuns', 0);
         }
         if (command === 'config') {

package/dist/lambda/help.js CHANGED Viewed

@@ -13,7 +13,15 @@ const lambdaUsageGuide = (0, command_line_usage_1.default)([
     },
     {
         header: i18n_1.default.__('constantsPrerequisitesHeader'),
-        content: [i18n_1.default.__('lambdaPrerequisitesContent')]
+        content: [
+            '{bold ' +
+                i18n_1.default.__('lambdaPrerequisitesContentLambdaLanguages') +
+                '}\n\n' +
+                '{bold ' +
+                i18n_1.default.__('lambdaPrerequisitesContentLambdaDescriptionTitle') +
+                '}' +
+                i18n_1.default.__('lambdaPrerequisitesContentLambdaDescription')
+        ]
     },
     {
         header: i18n_1.default.__('constantsUsage'),
@@ -23,44 +31,44 @@ const lambdaUsageGuide = (0, command_line_usage_1.default)([
         header: i18n_1.default.__('constantsOptions'),
         content: [
             {
-                name: i18n_1.default.__('lambdaFunctionNameOption'),
+                name: '{bold ' + i18n_1.default.__('lambdaFunctionNameOption') + '}',
                 summary: i18n_1.default.__('lambdaFunctionNameSummery')
             },
             {
-                name: i18n_1.default.__('lambdaListFunctionsOption'),
+                name: '{bold ' + i18n_1.default.__('lambdaListFunctionsOption') + '}',
                 summary: i18n_1.default.__('lambdaListFunctionsSummery')
             },
             {
-                name: i18n_1.default.__('lambdaEndpointOption'),
-                summary: '{italic ' +
+                name: '{bold ' + i18n_1.default.__('lambdaEndpointOption') + '}',
+                summary: '{bold ' +
                     i18n_1.default.__('constantsOptional') +
                     '}: ' +
                     i18n_1.default.__('lambdaEndpointSummery')
             },
             {
-                name: i18n_1.default.__('lambdaRegionOption'),
-                summary: '{italic ' +
+                name: '{bold ' + i18n_1.default.__('lambdaRegionOption') + '}',
+                summary: '{bold ' +
                     i18n_1.default.__('constantsOptional') +
                     '}: ' +
                     i18n_1.default.__('lambdaRegionSummery')
             },
             {
-                name: i18n_1.default.__('lambdaProfileOption'),
-                summary: '{italic ' +
+                name: '{bold ' + i18n_1.default.__('lambdaProfileOption') + '}',
+                summary: '{bold ' +
                     i18n_1.default.__('constantsOptional') +
                     '}: ' +
                     i18n_1.default.__('lambdaProfileSummery')
             },
             {
-                name: i18n_1.default.__('lambdaJsonOption'),
-                summary: '{italic ' +
+                name: '{bold ' + i18n_1.default.__('lambdaJsonOption') + '}',
+                summary: '{bold ' +
                     i18n_1.default.__('constantsOptional') +
                     '}: ' +
                     i18n_1.default.__('lambdaJsonSummery')
             },
             {
-                name: i18n_1.default.__('lambdaVerboseOption'),
-                summary: '{italic ' +
+                name: '{bold ' + i18n_1.default.__('lambdaVerboseOption') + '}',
+                summary: '{bold ' +
                     i18n_1.default.__('constantsOptional') +
                     '}: ' +
                     i18n_1.default.__('lambdaVerbosSummery')
@@ -73,7 +81,7 @@ const lambdaUsageGuide = (0, command_line_usage_1.default)([
         ]
     },
     {
-        content: '{underline https://www.contrastsecurity.com}'
+        content: '{underline https://www.contrastsecurity.com/developer/codesec}'
     }
 ]);
 exports.lambdaUsageGuide = lambdaUsageGuide;

package/dist/lambda/lambda.js CHANGED Viewed

@@ -18,6 +18,8 @@ const scanRequest_1 = require("./scanRequest");
 const scanResults_1 = require("./scanResults");
 const utils_1 = require("./utils");
 const lambdaUtils_1 = require("./lambdaUtils");
+const requestUtils_1 = require("../utils/requestUtils");
+const oraWrapper_1 = __importDefault(require("../utils/oraWrapper"));
 const failedStates = [
     'UNSUPPORTED',
     'EXCLUDED',
@@ -101,6 +103,10 @@ const actualProcessLambda = async (lambdaOptions) => {
             description: failedScan.stateReasonText
         });
     }
+    const startGetherResultsSpinner = oraWrapper_1.default.returnOra(i18n_1.default.__('gatherResults'));
+    oraWrapper_1.default.startSpinner(startGetherResultsSpinner);
+    await (0, requestUtils_1.sleep)(15 * 1000);
+    oraWrapper_1.default.succeedSpinner(startGetherResultsSpinner, 'Done gathering results');
     const resultsResponse = await (0, scanResults_1.getScanResults)(auth, params, scanId, functionArn);
     if (jsonOutput) {
         console.log(JSON.stringify(resultsResponse?.data?.results, null, 2));

package/dist/scan/models/groupedResultsModel.js ADDED Viewed

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GroupedResultsModel = void 0;
+class GroupedResultsModel {
+    constructor(ruleId) {
+        this.ruleId = ruleId;
+        this.lineInfoSet = new Set;
+    }
+}
+exports.GroupedResultsModel = GroupedResultsModel;

package/dist/scan/models/resultContentModel.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/scan/models/scanResultsModel.js ADDED Viewed

@@ -0,0 +1,11 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ScanResultsModel = void 0;
+class ScanResultsModel {
+    constructor(scan) {
+        this.projectOverview = scan.projectOverview;
+        this.scanDetail = scan.scanDetail;
+        this.scanResultsInstances = scan.scanResultsInstances;
+    }
+}
+exports.ScanResultsModel = ScanResultsModel;