npm - @contrast/contrast - Versions diffs - 1.0.3 → 1.0.6 - Mend

@contrast/contrast 1.0.3 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (107) hide show

package/.prettierignore +4 -0
package/README.md +20 -14
package/dist/audit/autodetection/autoDetectLanguage.js +32 -0
package/dist/audit/catalogueApplication/catalogueApplication.js +2 -11
package/dist/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +6 -14
package/dist/audit/languageAnalysisEngine/reduceIdentifiedLanguages.js +29 -0
package/dist/audit/languageAnalysisEngine/report/commonReportingFunctions.js +101 -234
package/dist/audit/languageAnalysisEngine/report/models/reportLibraryModel.js +19 -0
package/dist/audit/languageAnalysisEngine/report/models/reportListModel.js +24 -0
package/dist/audit/languageAnalysisEngine/report/models/reportOutputModel.js +24 -0
package/dist/audit/languageAnalysisEngine/report/models/reportSeverityModel.js +12 -0
package/dist/audit/languageAnalysisEngine/report/models/severityCountModel.js +13 -0
package/dist/audit/languageAnalysisEngine/report/reportingFeature.js +24 -129
package/dist/audit/languageAnalysisEngine/report/utils/reportUtils.js +99 -0
package/dist/audit/languageAnalysisEngine/sendSnapshot.js +2 -14
package/dist/commands/audit/auditConfig.js +8 -2
package/dist/commands/audit/auditController.js +14 -5
package/dist/commands/scan/processScan.js +10 -6
package/dist/commands/scan/sca/scaAnalysis.js +49 -0
package/dist/common/HTTPClient.js +18 -26
package/dist/common/errorHandling.js +7 -17
package/dist/common/versionChecker.js +14 -12
package/dist/constants/constants.js +24 -2
package/dist/constants/lambda.js +3 -1
package/dist/constants/locales.js +42 -42
package/dist/constants.js +25 -1
package/dist/index.js +2 -2
package/dist/lambda/help.js +22 -14
package/dist/lambda/lambda.js +6 -0
package/dist/scaAnalysis/common/formatMessage.js +19 -0
package/dist/scaAnalysis/common/treeUpload.js +29 -0
package/dist/scaAnalysis/go/goAnalysis.js +17 -0
package/dist/scaAnalysis/go/goParseDeps.js +158 -0
package/dist/scaAnalysis/go/goReadDepFile.js +23 -0
package/dist/scaAnalysis/java/analysis.js +108 -0
package/dist/scaAnalysis/java/index.js +18 -0
package/dist/scaAnalysis/java/javaBuildDepsParser.js +339 -0
package/dist/scan/autoDetection.js +46 -1
package/dist/scan/fileUtils.js +73 -1
package/dist/scan/formatScanOutput.js +215 -0
package/dist/scan/help.js +3 -1
package/dist/scan/models/groupedResultsModel.js +11 -0
package/dist/scan/models/resultContentModel.js +2 -0
package/dist/scan/models/scanResultsModel.js +11 -0
package/dist/scan/scan.js +27 -126
package/dist/scan/scanConfig.js +1 -1
package/dist/scan/scanController.js +11 -5
package/dist/scan/scanResults.js +15 -19
package/dist/utils/getConfig.js +3 -0
package/dist/utils/oraWrapper.js +5 -1
package/package.json +3 -2
package/src/audit/autodetection/autoDetectLanguage.ts +40 -0
package/src/audit/catalogueApplication/catalogueApplication.js +4 -16
package/src/audit/languageAnalysisEngine/{langugageAnalysisFactory.js → languageAnalysisFactory.js} +11 -21
package/src/audit/languageAnalysisEngine/reduceIdentifiedLanguages.js +72 -0
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.ts +204 -0
package/src/audit/languageAnalysisEngine/report/models/reportLibraryModel.ts +30 -0
package/src/audit/languageAnalysisEngine/report/models/reportListModel.ts +32 -0
package/src/audit/languageAnalysisEngine/report/models/reportOutputModel.ts +29 -0
package/src/audit/languageAnalysisEngine/report/models/reportSeverityModel.ts +13 -0
package/src/audit/languageAnalysisEngine/report/models/severityCountModel.ts +16 -0
package/src/audit/languageAnalysisEngine/report/reportingFeature.ts +56 -0
package/src/audit/languageAnalysisEngine/report/utils/reportUtils.ts +116 -0
package/src/audit/languageAnalysisEngine/sendSnapshot.js +2 -22
package/src/commands/audit/auditConfig.ts +12 -3
package/src/commands/audit/auditController.ts +20 -5
package/src/commands/audit/processAudit.ts +3 -0
package/src/commands/scan/processScan.js +13 -9
package/src/commands/scan/sca/scaAnalysis.js +75 -0
package/src/common/HTTPClient.js +31 -38
package/src/common/errorHandling.ts +7 -25
package/src/common/versionChecker.ts +24 -22
package/src/constants/constants.js +24 -2
package/src/constants/lambda.js +3 -1
package/src/constants/locales.js +47 -56
package/src/constants.js +29 -1
package/src/index.ts +2 -3
package/src/lambda/help.ts +22 -14
package/src/lambda/lambda.ts +8 -0
package/src/scaAnalysis/common/formatMessage.js +20 -0
package/src/scaAnalysis/common/treeUpload.js +30 -0
package/src/scaAnalysis/go/goAnalysis.js +20 -0
package/src/scaAnalysis/go/goParseDeps.js +203 -0
package/src/scaAnalysis/go/goReadDepFile.js +32 -0
package/src/scaAnalysis/java/analysis.js +143 -0
package/src/scaAnalysis/java/index.js +21 -0
package/src/scaAnalysis/java/javaBuildDepsParser.js +404 -0
package/src/scan/autoDetection.js +54 -1
package/src/scan/fileUtils.js +91 -1
package/src/scan/formatScanOutput.ts +250 -0
package/src/scan/help.js +3 -1
package/src/scan/models/groupedResultsModel.ts +20 -0
package/src/scan/models/resultContentModel.ts +86 -0
package/src/scan/models/scanResultsModel.ts +52 -0
package/src/scan/scan.ts +63 -0
package/src/scan/scanConfig.js +1 -1
package/src/scan/scanController.js +15 -7
package/src/scan/scanResults.js +21 -18
package/src/utils/getConfig.ts +10 -0
package/src/utils/oraWrapper.js +6 -1
package/dist/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -17
package/dist/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -81
package/src/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js +0 -27
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.js +0 -303
package/src/audit/languageAnalysisEngine/report/newReportingFeature.js +0 -124
package/src/audit/languageAnalysisEngine/report/reportingFeature.js +0 -190
package/src/scan/scan.js +0 -195

package/src/scan/formatScanOutput.ts ADDED Viewed

@@ -0,0 +1,250 @@
+import {
+  ProjectOverview,
+  ScanResultsInstances,
+  ScanResultsModel
+} from './models/scanResultsModel'
+import i18n from 'i18n'
+import chalk from 'chalk'
+import { ResultContent } from './models/resultContentModel'
+import { GroupedResultsModel } from './models/groupedResultsModel'
+import { sortBy } from 'lodash'
+import Table from 'cli-table3'
+import {
+  CRITICAL_COLOUR,
+  HIGH_COLOUR,
+  LOW_COLOUR,
+  MEDIUM_COLOUR,
+  NOTE_COLOUR
+} from '../constants/constants'
+export function formatScanOutput(scanResults: ScanResultsModel) {
+  const { scanResultsInstances } = scanResults
+  let projectOverview = getProjectOverview(scanResultsInstances)
+  if (scanResultsInstances.content.length === 0) {
+    console.log(i18n.__('scanNoVulnerabilitiesFound'))
+    console.log(i18n.__('scanNoVulnerabilitiesFoundSecureCode'))
+    console.log(i18n.__('scanNoVulnerabilitiesFoundGoodWork'))
+  } else {
+    const message =
+      projectOverview.critical || projectOverview.high
+        ? 'Here are your top priorities to fix'
+        : "No major issues, here's what we found"
+    console.log(chalk.bold(message))
+    console.log()
+    let defaultView = getDefaultView(scanResultsInstances.content)
+    let count = defaultView.length
+    defaultView.forEach(entry => {
+      let table = new Table({
+        chars: {
+          top: '',
+          'top-mid': '',
+          'top-left': '',
+          'top-right': '',
+          bottom: '',
+          'bottom-mid': '',
+          'bottom-left': '',
+          'bottom-right': '',
+          left: '',
+          'left-mid': '',
+          mid: '',
+          'mid-mid': '',
+          right: '',
+          'right-mid': '',
+          middle: ' '
+        },
+        style: { 'padding-left': 0, 'padding-right': 0 },
+        colAligns: ['right'],
+        wordWrap: true,
+        colWidths: [12, 1, 100]
+      })
+      let learnRow: string[] = []
+      let adviceRow = []
+      let headerRow = [
+        chalk
+          .hex(entry.colour)
+          .bold(`CONTRAST-${count.toString().padStart(3, '0')}`),
+        chalk.hex(entry.colour).bold('-'),
+        chalk.hex(entry.colour).bold(`[${entry.severity}] ${entry.ruleId}`) +
+          entry.message
+      ]
+      let codeRow = [
+        chalk.hex('#F6F5F5').bold(`Code`),
+        chalk.hex('#F6F5F5').bold(`:`),
+        chalk.hex('#F6F5F5').bold(`${entry.codePath}`)
+      ]
+      let issueRow = [chalk.bold(`Issue`), chalk.bold(`:`), `${entry.issue}`]
+      table.push(headerRow, codeRow, issueRow)
+      if (entry?.advice) {
+        adviceRow = [
+          chalk.bold('Advice'),
+          chalk.bold(`:`),
+          stripTags(entry.advice)
+        ]
+        table.push(adviceRow)
+      }
+      if (entry?.learn && entry?.learn.length > 0) {
+        learnRow = [
+          chalk.bold('Learn'),
+          chalk.bold(`:`),
+          chalk.hex('#97f7f7').bold.underline(entry.learn[0])
+        ]
+        table.push(learnRow)
+      }
+      count--
+      console.log(table.toString())
+      console.log()
+    })
+  }
+  printVulnInfo(projectOverview)
+}
+function printVulnInfo(projectOverview: any) {
+  const totalVulnerabilities = projectOverview.total
+  const vulMessage =
+    totalVulnerabilities === 1 ? `vulnerability` : `vulnerabilities`
+  console.log(chalk.bold(`Found ${totalVulnerabilities} ${vulMessage}`))
+  console.log(
+    i18n.__(
+      'foundDetailedVulnerabilities',
+      String(projectOverview.critical),
+      String(projectOverview.high),
+      String(projectOverview.medium),
+      String(projectOverview.low),
+      String(projectOverview.note)
+    )
+  )
+}
+export function getProjectOverview(scanResultsInstances: ScanResultsInstances) {
+  let acc: any = {
+    critical: 0,
+    high: 0,
+    medium: 0,
+    low: 0,
+    note: 0,
+    total: 0
+  }
+  if (
+    scanResultsInstances?.content &&
+    scanResultsInstances.content.length > 0
+  ) {
+    scanResultsInstances.content.forEach((i: ResultContent) => {
+      acc[i.severity.toLowerCase()] += 1
+      acc.total += 1
+      return acc
+    })
+  }
+  return acc
+}
+export function formatLinks(objName: string, entry: any[]) {
+  let line = chalk.bold(objName + '  : ')
+  if (entry.length === 1) {
+    console.log(line + chalk.hex('#97DCF7').bold.underline(entry[0]))
+  } else {
+    console.log(line)
+    entry.forEach(link => {
+      console.log(chalk.hex('#97DCF7').bold.underline(link))
+    })
+  }
+}
+export function getDefaultView(content: ResultContent[]) {
+  const groupTypeResults = [] as GroupedResultsModel[]
+  content.forEach(resultEntry => {
+    const groupResultsObj = new GroupedResultsModel(resultEntry.ruleId)
+    groupResultsObj.severity = resultEntry.severity
+    groupResultsObj.ruleId = resultEntry.ruleId
+    groupResultsObj.issue = stripTags(resultEntry.issue)
+    groupResultsObj.advice = resultEntry.advice
+    groupResultsObj.learn = resultEntry.learn
+    groupResultsObj.message = resultEntry.message?.text
+      ? editVulName(resultEntry.message.text) +
+        ':' +
+        getSourceLineNumber(resultEntry)
+      : ''
+    groupResultsObj.codePath = getLocationsSyncInfo(resultEntry)
+    groupTypeResults.push(groupResultsObj)
+    assignBySeverity(resultEntry, groupResultsObj)
+  })
+  return sortBy(groupTypeResults, ['priority']).reverse()
+}
+export function editVulName(message: string) {
+  return message.substring(message.indexOf(' in '))
+}
+export function getLocationsSyncInfo(resultEntry: ResultContent) {
+  const locationsMessage =
+    resultEntry.locations[0]?.physicalLocation?.artifactLocation?.uri || ''
+  const locationsLineNumber =
+    resultEntry.locations[0]?.physicalLocation?.region?.startLine || ''
+  if (!locationsLineNumber) {
+    return '@' + locationsMessage
+  }
+  return '@' + locationsMessage + ':' + locationsLineNumber
+}
+export function getSourceLineNumber(resultEntry: ResultContent) {
+  const locationsLineNumber =
+    resultEntry.locations[0]?.physicalLocation?.region?.startLine || ''
+  let codeFlowLineNumber = getCodeFlowInfo(resultEntry)
+  return codeFlowLineNumber ? codeFlowLineNumber : locationsLineNumber
+}
+export function getCodeFlowInfo(resultEntry: ResultContent) {
+  let result: any
+  resultEntry.codeFlows[0]?.threadFlows.forEach((i: { locations: any[] }) => {
+    return (result = i.locations.find(
+      (locations: { importance: string }) =>
+        locations.importance === 'essential'
+    ))
+  })
+  return result?.location?.physicalLocation?.region?.startLine
+}
+export function stripTags(oldString: string) {
+  return oldString
+    .replace(/\n/g, ' ')
+    .replace(/\s+/g, ' ')
+    .trim()
+}
+export function assignBySeverity(
+  entry: ResultContent,
+  assignedObj: GroupedResultsModel
+) {
+  if (entry.severity.toUpperCase() === 'CRITICAL') {
+    assignedObj.priority = 1
+    assignedObj.colour = CRITICAL_COLOUR
+    return assignedObj
+  } else if (entry.severity.toUpperCase() === 'HIGH') {
+    assignedObj.priority = 2
+    assignedObj.colour = HIGH_COLOUR
+    return assignedObj
+  } else if (entry.severity.toUpperCase() === 'MEDIUM') {
+    assignedObj.priority = 3
+    assignedObj.colour = MEDIUM_COLOUR
+    return assignedObj
+  } else if (entry.severity.toUpperCase() === 'LOW') {
+    assignedObj.priority = 4
+    assignedObj.colour = LOW_COLOUR
+    return assignedObj
+  } else if (entry.severity.toUpperCase() === 'NOTE') {
+    assignedObj.priority = 5
+    assignedObj.colour = NOTE_COLOUR
+    return assignedObj
+  }
+}

package/src/scan/help.js CHANGED Viewed

@@ -30,7 +30,9 @@ const scanUsageGuide = commandLineUsage([
       'ff',
       'ignore-cert-errors',
       'verbose',
-      'debug'
+      'debug',
+      'experimental',
+      'application-name'
     ]
   },
   {

package/src/scan/models/groupedResultsModel.ts ADDED Viewed

@@ -0,0 +1,20 @@
+export class GroupedResultsModel {
+  ruleId: string
+  codePathSet: Set<string>
+  cwe?: string[]
+  reference?: string[]
+  severity?: string
+  advice?: string
+  learn?: string[]
+  issue?: string
+  priority?: number
+  message?: string | undefined
+  colour: string;
+  codePath?: string;
+  constructor(ruleId: string) {
+    this.ruleId = ruleId
+    this.colour = '#999999'
+    this.codePathSet = new Set<string>
+  }
+}

package/src/scan/models/resultContentModel.ts ADDED Viewed

@@ -0,0 +1,86 @@
+type Importance = 'important' | 'essential'
+interface ArtifactLocation {
+  uri: string
+}
+interface Region {
+  startLine: string
+  snippet: Snippet
+}
+interface Snippet {
+  text: string
+  rendered: Rendered
+}
+interface Rendered {
+  text: string
+}
+interface PhysicalLocation {
+  artifactLocation: ArtifactLocation
+  region: Region
+}
+interface LogicalLocation {
+  fullyQualifiedName: string
+  name: string
+}
+export interface Location {
+  physicalLocation: PhysicalLocation
+  logicalLocations?: LogicalLocation[]
+}
+export interface ThreadFlowLocation {
+  importance: Importance
+  location: Location
+}
+interface ThreadFlow {
+  locations: ThreadFlowLocation[]
+}
+interface Message {
+  text: string
+}
+export interface CodeFlow {
+  message: Message
+  threadFlows: ThreadFlow[]
+}
+export interface ResultContent {
+  message?: {text :string};
+  id: string
+  organizationId: string
+  projectId: string
+  firstCreatedTime: string
+  ruleId: string
+  codeFlows: CodeFlow[]
+  lastSeenTime: string
+  locations: Location[]
+  name: string
+  description: string
+  recommendation: string | null
+  risk: string | null
+  category: string
+  confidence: string
+  standards: { [key: string]: string[] }
+  cwe: string[]
+  owasp: string[]
+  reference: string[]
+  sink: string
+  detailsTrigger: string
+  type: RuleType
+  source: string
+  severity: Severity
+  advice: string
+  learn: string[]
+  issue: string
+}
+export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'note'
+export type RuleType = 'DATA_FLOW' | 'CRYPTO' | 'CONFIG' | 'DEFAULT'

package/src/scan/models/scanResultsModel.ts ADDED Viewed

@@ -0,0 +1,52 @@
+import { ResultContent } from './resultContentModel'
+export class ScanResultsModel {
+  projectOverview: ProjectOverview
+  scanDetail: ScanDetail
+  scanResultsInstances: ScanResultsInstances
+  constructor(scan: any) {
+    this.projectOverview = scan.projectOverview as ProjectOverview
+    this.scanDetail = scan.scanDetail as ScanDetail
+    this.scanResultsInstances = scan.scanResultsInstances as ScanResultsInstances
+  }
+}
+export interface ProjectOverview {
+  id: string
+  organizationId: string
+  name: string
+  archived: boolean
+  language: string
+  critical: number
+  high: number
+  medium: number
+  low: number
+  note: number
+  lastScanTime: string
+  completedScans: number
+  lastScanId: string
+}
+export interface ScanDetail {
+  critical: number
+  high: number
+  medium: number
+  low: number
+  note: number
+  id: string
+  organizationId: string
+  projectId: string
+  codeArtifactId: string
+  status: string
+  createdTime: string
+  startedTime: string
+  completedTime: string
+  language: string
+  label: string
+  errorMessage: string
+}
+export interface ScanResultsInstances {
+  content: ResultContent[]
+}

package/src/scan/scan.ts ADDED Viewed

@@ -0,0 +1,63 @@
+import commonApi from '../utils/commonApi.js'
+import fileUtils from '../scan/fileUtils'
+import i18n from 'i18n'
+import oraWrapper from '../utils/oraWrapper'
+export const allowedFileTypes = ['.jar', '.war', '.js', '.zip', '.exe']
+export const isFileAllowed = (scanOption: string) => {
+  let valid = false
+  allowedFileTypes.forEach(fileType => {
+    if (scanOption.endsWith(fileType)) {
+      valid = true
+    }
+  })
+  return valid
+}
+export const sendScan = async (config: any) => {
+  if (!isFileAllowed(config.file)) {
+    console.log(i18n.__('scanErrorFileMessage'))
+    process.exit(9)
+  } else {
+    fileUtils.checkFilePermissions(config.file)
+    const client = commonApi.getHttpClient(config)
+    const startUploadSpinner = oraWrapper.returnOra(i18n.__('uploadingScan'))
+    oraWrapper.startSpinner(startUploadSpinner)
+    return await client
+      .sendArtifact(config)
+      .then(res => {
+        if (res.statusCode === 201) {
+          oraWrapper.succeedSpinner(
+            startUploadSpinner,
+            i18n.__('uploadingScanSuccessful')
+          )
+          if (config.verbose) {
+            console.log(i18n.__('responseMessage', res.body))
+          }
+          return res.body.id
+        } else {
+          if (config.debug) {
+            console.log(config)
+            oraWrapper.failSpinner(
+              startUploadSpinner,
+              i18n.__('uploadingScanFail')
+            )
+            console.log(i18n.__('genericServiceError', res.statusCode))
+          }
+          if (res.statusCode === 403) {
+            console.log(i18n.__('permissionsError'))
+            process.exit(1)
+          }
+          oraWrapper.stopSpinner(startUploadSpinner)
+          console.log('Contrast Scan Finished')
+          process.exit(1)
+        }
+      })
+      .catch(err => {
+        console.log(err)
+      })
+  }
+}

package/src/scan/scanConfig.js CHANGED Viewed

@@ -26,7 +26,7 @@ const getScanConfig = argv => {
     if (!Object.values(supportedLanguages).includes(scanParams.language)) {
       console.log(`Did not recognise --language ${scanParams.language}`)
       console.log(i18n.__('constantsHowToRunDev3'))
-      process.exit(0)
+      process.exit(1)
     }
   }

package/src/scan/scanController.js CHANGED Viewed

@@ -2,7 +2,8 @@ const i18n = require('i18n')
 const {
   returnOra,
   startSpinner,
-  succeedSpinner
+  succeedSpinner,
+  stopSpinner
 } = require('../utils/oraWrapper')
 const populateProjectIdAndProjectName = require('./populateProjectIdAndProjectName')
 const scan = require('./scan')
@@ -56,18 +57,25 @@ const startScan = async configToUse => {
       getTimeout(configToUse),
       startScanSpinner
     )
     const scanResultsInstances = await scanResults.returnScanResultsInstances(
       configToUse,
       scanDetail.id
     )
     const endTime = performance.now()
     const scanDurationMs = endTime - startTime
-    succeedSpinner(startScanSpinner, 'Contrast Scan complete')
-    console.log(
-      `----- Scan completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`
-    )
-    const projectOverview = await scanResults.returnScanProjectById(configToUse)
-    return { projectOverview, scanDetail, scanResultsInstances }
+    if (scanResultsInstances.statusCode !== 200) {
+      stopSpinner(startScanSpinner)
+      console.log('Result Service is unavailable, please try again later')
+      process.exit(1)
+    } else {
+      succeedSpinner(startScanSpinner, 'Contrast Scan complete')
+      console.log(
+        `----- Scan completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`
+      )
+      return { scanDetail, scanResultsInstances: scanResultsInstances.body }
+    }
   }
 }

package/src/scan/scanResults.js CHANGED Viewed

@@ -3,6 +3,7 @@ const requestUtils = require('../../src/utils/requestUtils')
 const oraFunctions = require('../utils/oraWrapper')
 const _ = require('lodash')
 const i18n = require('i18n')
+const oraWrapper = require('../utils/oraWrapper')
 const getScanId = async (config, codeArtifactId, client) => {
   return client
@@ -47,17 +48,27 @@ const returnScanResults = async (
         }
         if (result.body.status === 'FAILED') {
           complete = true
-          oraFunctions.failSpinner(startScanSpinner, 'Contrast Scan Failed.')
-          console.log(result.body.errorMessage)
+          if (config.debug) {
+            oraFunctions.failSpinner(
+              startScanSpinner,
+              i18n.__(
+                'scanNotCompleted',
+                'https://docs.contrastsecurity.com/en/binary-package-preparation.html'
+              )
+            )
+          }
           if (
-            result.body.errorMessage ===
+            result?.body?.errorMessage ===
             'Unable to determine language for code artifact'
           ) {
+            console.log(result.body.errorMessage)
             console.log(
               'Try scanning again using --language param. ',
               i18n.__('scanOptionsLanguageSummary')
             )
           }
+          oraWrapper.stopSpinner(startScanSpinner)
+          console.log('Contrast Scan Finished')
           process.exit(1)
         }
       }
@@ -80,23 +91,16 @@ const returnScanResultsInstances = async (config, scanId) => {
   try {
     result = await client.getScanResultsInstances(config, scanId)
     if (JSON.stringify(result.statusCode) == 200) {
-      return result.body
+      return { body: result.body, statusCode: result.statusCode }
     }
-  } catch (e) {
-    console.log(e.message.toString())
-  }
-}
-const returnScanProjectById = async config => {
-  const client = commonApi.getHttpClient(config)
-  let result
-  try {
-    result = await client.getScanProjectById(config)
-    if (JSON.stringify(result.statusCode) == 200) {
-      return result.body
+    if (JSON.stringify(result.statusCode) == 503) {
+      return { statusCode: result.statusCode }
     }
   } catch (e) {
-    console.log(e.message.toString())
+    if (config.debug) {
+      console.log(e.message.toString())
+    }
   }
 }
@@ -104,6 +108,5 @@ module.exports = {
   getScanId: getScanId,
   returnScanResults: returnScanResults,
   pollScanResults: pollScanResults,
-  returnScanResultsInstances: returnScanResultsInstances,
-  returnScanProjectById: returnScanProjectById
+  returnScanResultsInstances: returnScanResultsInstances
 }

package/src/utils/getConfig.ts CHANGED Viewed

@@ -7,6 +7,7 @@ type ContrastConfOptions = Partial<{
   orgId: string
   authHeader: string
   numOfRuns: number
+  updateMessageHidden: boolean
 }>
 type ContrastConf = Conf<ContrastConfOptions>
@@ -17,6 +18,15 @@ const localConfig = (name: string, version: string) => {
   })
   config.set('version', version)
+  if (process.env.CONTRAST_CODSEC_DISABLE_UPDATE_MESSAGE) {
+    config.set(
+      'updateMessageHidden',
+      JSON.parse(
+        process.env.CONTRAST_CODSEC_DISABLE_UPDATE_MESSAGE.toLowerCase()
+      )
+    )
+  }
   if (!config.has('host')) {
     config.set('host', 'https://ce.contrastsecurity.com/')
   }

package/src/utils/oraWrapper.js CHANGED Viewed

@@ -8,6 +8,10 @@ const startSpinner = spinner => {
   spinner.start()
 }
+const stopSpinner = spinner => {
+  spinner.stop()
+}
 const succeedSpinner = (spinner, text) => {
   spinner.succeed(text)
 }
@@ -20,5 +24,6 @@ module.exports = {
   returnOra,
   startSpinner,
   succeedSpinner,
-  failSpinner
+  failSpinner,
+  stopSpinner
 }

package/dist/audit/languageAnalysisEngine/report/checkIgnoreDevDep.js DELETED Viewed

@@ -1,17 +0,0 @@
-"use strict";
-const { getGlobalProperties, getFeatures, isFeatureEnabled } = require('../util/generalAPI');
-const { CLI_IGNORE_DEV_DEPS } = require('../util/capabilities');
-const checkDevDeps = async (config) => {
-    const shouldIgnoreDev = config.ignoreDev;
-    const globalProperties = await getGlobalProperties();
-    const features = getFeatures(globalProperties.internal_version);
-    const isfeatureEnabled = isFeatureEnabled(features, CLI_IGNORE_DEV_DEPS);
-    let ignoreDevUrl = false;
-    if (shouldIgnoreDev) {
-        ignoreDevUrl = isfeatureEnabled;
-    }
-    return ignoreDevUrl;
-};
-module.exports = {
-    checkDevDeps
-};