npm - @contrast/contrast - Versions diffs - 1.0.3 → 1.0.4 - Mend

@contrast/contrast 1.0.3 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/.prettierignore +1 -0
package/README.md +20 -14
package/dist/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +2 -12
package/dist/audit/languageAnalysisEngine/report/commonReportingFunctions.js +62 -234
package/dist/audit/languageAnalysisEngine/report/models/reportLibraryModel.js +19 -0
package/dist/audit/languageAnalysisEngine/report/models/reportListModel.js +24 -0
package/dist/audit/languageAnalysisEngine/report/models/reportSeverityModel.js +10 -0
package/dist/audit/languageAnalysisEngine/report/reportingFeature.js +24 -129
package/dist/audit/languageAnalysisEngine/report/utils/reportUtils.js +85 -0
package/dist/audit/languageAnalysisEngine/sendSnapshot.js +3 -1
package/dist/commands/audit/auditController.js +6 -3
package/dist/commands/scan/processScan.js +4 -3
package/dist/common/HTTPClient.js +19 -26
package/dist/common/versionChecker.js +14 -12
package/dist/constants/constants.js +1 -1
package/dist/constants/lambda.js +3 -1
package/dist/constants/locales.js +17 -10
package/dist/constants.js +5 -1
package/dist/index.js +2 -2
package/dist/lambda/help.js +22 -14
package/dist/lambda/lambda.js +6 -0
package/dist/scan/models/groupedResultsModel.js +10 -0
package/dist/scan/models/resultContentModel.js +2 -0
package/dist/scan/models/scanResultsModel.js +11 -0
package/dist/scan/scan.js +90 -95
package/dist/scan/scanConfig.js +1 -1
package/dist/utils/getConfig.js +3 -0
package/package.json +2 -2
package/src/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +2 -16
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.ts +127 -0
package/src/audit/languageAnalysisEngine/report/models/reportLibraryModel.ts +30 -0
package/src/audit/languageAnalysisEngine/report/models/reportListModel.ts +32 -0
package/src/audit/languageAnalysisEngine/report/models/reportSeverityModel.ts +9 -0
package/src/audit/languageAnalysisEngine/report/reportingFeature.ts +56 -0
package/src/audit/languageAnalysisEngine/report/utils/reportUtils.ts +110 -0
package/src/audit/languageAnalysisEngine/sendSnapshot.js +3 -1
package/src/commands/audit/auditController.ts +12 -3
package/src/commands/scan/processScan.js +4 -6
package/src/common/HTTPClient.js +31 -38
package/src/common/errorHandling.ts +0 -1
package/src/common/versionChecker.ts +24 -22
package/src/constants/constants.js +1 -1
package/src/constants/lambda.js +3 -1
package/src/constants/locales.js +20 -10
package/src/constants.js +7 -1
package/src/index.ts +2 -3
package/src/lambda/help.ts +22 -14
package/src/lambda/lambda.ts +8 -0
package/src/scan/models/groupedResultsModel.ts +18 -0
package/src/scan/models/resultContentModel.ts +86 -0
package/src/scan/models/scanResultsModel.ts +52 -0
package/src/scan/scan.ts +192 -0
package/src/scan/scanConfig.js +1 -1
package/src/scan/scanController.js +2 -0
package/src/utils/getConfig.ts +10 -0
package/dist/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -17
package/dist/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -81
package/src/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -27
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.js +0 -303
package/src/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -124
package/src/audit/languageAnalysisEngine/report/reportingFeature.js +0 -190
package/src/scan/scan.js +0 -195

package/src/scan/scan.js DELETED Viewed

@@ -1,195 +0,0 @@
-const commonApi = require('../utils/commonApi.js')
-const fileUtils = require('../scan/fileUtils')
-const allowedFileTypes = ['.jar', '.war', '.js', '.zip', '.exe']
-const i18n = require('i18n')
-const oraWrapper = require('../utils/oraWrapper')
-const chalk = require('chalk')
-const isFileAllowed = scanOption => {
-  let valid = false
-  allowedFileTypes.forEach(fileType => {
-    if (scanOption.endsWith(fileType)) {
-      valid = true
-    }
-  })
-  return valid
-}
-const stripMustacheTags = oldString => {
-  return oldString
-    .replace(/\n/g, ' ')
-    .replace(/{{.*?}}/g, '\n')
-    .replace(/\$\$LINK_DELIM\$\$/g, '\n')
-    .replace(/\s+/g, ' ')
-    .trim()
-}
-const sendScan = async config => {
-  if (!isFileAllowed(config.file)) {
-    console.log(i18n.__('scanErrorFileMessage'))
-    process.exit(9)
-  } else {
-    fileUtils.checkFilePermissions(config.file)
-    const client = commonApi.getHttpClient(config)
-    const startUploadSpinner = oraWrapper.returnOra(i18n.__('uploadingScan'))
-    oraWrapper.startSpinner(startUploadSpinner)
-    return await client
-      .sendArtifact(config)
-      .then(res => {
-        if (res.statusCode === 201) {
-          oraWrapper.succeedSpinner(
-            startUploadSpinner,
-            i18n.__('uploadingScanSuccessful')
-          )
-          if (config.verbose) {
-            console.log(i18n.__('responseMessage', res.body))
-          }
-          return res.body.id
-        } else {
-          if (config.debug) {
-            console.log(res.statusCode)
-            console.log(config)
-          }
-          oraWrapper.failSpinner(
-            startUploadSpinner,
-            i18n.__('uploadingScanFail')
-          )
-          if (res.statusCode === 403) {
-            console.log(i18n.__('permissionsError'))
-            process.exit(1)
-          }
-          console.log(i18n.__('genericServiceError', res.statusCode))
-          process.exit(1)
-        }
-      })
-      .catch(err => {
-        console.log(err)
-      })
-  }
-}
-const formatScanOutput = (overview, results) => {
-  console.log()
-  if (results.content.length === 0) {
-    console.log(i18n.__('scanNoVulnerabilitiesFound'))
-  } else {
-    let message =
-      overview.critical || overview.high
-        ? 'Here are your top priorities to fix'
-        : "No major issues, here's what we found"
-    console.log(chalk.bold(message))
-    console.log()
-    const groups = getGroups(results.content)
-    groups.forEach(entry => {
-      console.log(
-        chalk.bold(
-          `${entry.severity} | ${entry.ruleId} (${entry.lineInfoSet.size})`
-        )
-      )
-      let count = 1
-      entry.lineInfoSet.forEach(lineInfo => {
-        console.log(`\t ${count}. ${lineInfo}`)
-        count++
-      })
-      if (entry?.cwe && entry?.cwe.length > 0) {
-        formatLinks('cwe', entry.cwe)
-      }
-      if (entry?.reference && entry?.reference.length > 0) {
-        formatLinks('reference', entry.reference)
-      }
-      if (entry?.owasp && entry?.owasp.length > 0) {
-        formatLinks('owasp', entry.owasp)
-      }
-      console.log(chalk.bold('How to fix:'))
-      console.log(entry.recommendation)
-      console.log()
-    })
-    const totalVulnerabilities =
-      overview.critical +
-      overview.high +
-      overview.medium +
-      overview.low +
-      overview.note
-    let vulMessage =
-      totalVulnerabilities === 1 ? `vulnerability` : `vulnerabilities`
-    console.log(chalk.bold(`Found ${totalVulnerabilities} ${vulMessage}`))
-    console.log(
-      i18n.__(
-        'foundDetailedVulnerabilities',
-        overview.critical,
-        overview.high,
-        overview.medium,
-        overview.low,
-        overview.note
-      )
-    )
-  }
-}
-const formatLinks = (objName, entry) => {
-  console.log(chalk.bold(objName + ':'))
-  entry.forEach(link => {
-    console.log(link)
-  })
-  console.log()
-}
-const getGroups = content => {
-  const groupTypeSet = new Set(content.map(({ ruleId }) => ruleId))
-  let groupTypeResults = []
-  groupTypeSet.forEach(groupName => {
-    let groupResultsObj = {
-      ruleId: groupName,
-      lineInfoSet: new Set(),
-      cwe: '',
-      owasp: '',
-      reference: '',
-      recommendation: '',
-      severity: ''
-    }
-    content.forEach(resultEntry => {
-      if (resultEntry.ruleId === groupName) {
-        groupResultsObj.severity = resultEntry.severity
-        groupResultsObj.cwe = resultEntry.cwe
-        groupResultsObj.owasp = resultEntry.owasp
-        groupResultsObj.reference = resultEntry.reference
-        groupResultsObj.recommendation = resultEntry.recommendation
-          ? stripMustacheTags(resultEntry.recommendation)
-          : 'No Recommendations Data Found'
-        groupResultsObj.lineInfoSet.add(formattedCodeLine(resultEntry))
-      }
-    })
-    groupTypeResults.push(groupResultsObj)
-  })
-  return groupTypeResults
-}
-const formattedCodeLine = resultEntry => {
-  let lineUri = resultEntry.locations[0]?.physicalLocation.artifactLocation.uri
-  return lineUri + ' @ ' + setLineNumber(resultEntry)
-}
-const setLineNumber = resultEntry => {
-  return resultEntry.codeFlows?.[0]?.threadFlows[0]?.locations[0]?.location
-    ?.physicalLocation?.region?.startLine
-    ? resultEntry.codeFlows[0]?.threadFlows[0]?.locations[0]?.location
-        ?.physicalLocation?.region?.startLine
-    : resultEntry.locations[0]?.physicalLocation?.region?.startLine
-}
-module.exports = {
-  sendScan: sendScan,
-  getGroups: getGroups,
-  allowedFileTypes: allowedFileTypes,
-  isFileAllowed: isFileAllowed,
-  stripMustacheTags: stripMustacheTags,
-  formatScanOutput: formatScanOutput,
-  formatLinks: formatLinks
-}