@contrast/contrast 1.0.5 → 1.0.8

package/.prettierignore

@@ -1,6 +1 @@
-test/commands/**
 dist/**
-test/errorHandling.spec.ts
-**/models
-**/audit/autodetection/autoDetectLanguage.ts
-**/commands/audit/auditConfig.ts

package/dist/audit/autodetection/autoDetectLanguage.js

@@ -8,14 +8,14 @@ const i18n_1 = __importDefault(require("i18n"));
 const reduceIdentifiedLanguages_1 = require("../languageAnalysisEngine/reduceIdentifiedLanguages");
 const getProjectRootFilenames_1 = require("../languageAnalysisEngine/getProjectRootFilenames");
 function identifyLanguages(config) {
-    const { projectPath } = config;
-    const projectRootFilenames = (0, getProjectRootFilenames_1.getProjectRootFilenames)(projectPath);
+    const { file } = config;
+    const projectRootFilenames = (0, getProjectRootFilenames_1.getProjectRootFilenames)(file);
     const identifiedLanguages = projectRootFilenames.reduce((accumulator, filename) => {
         const deducedLanguages = (0, reduceIdentifiedLanguages_1.deduceLanguage)(filename);
         return [...accumulator, ...deducedLanguages];
     }, []);
     if (Object.keys(identifiedLanguages).length === 0) {
-        throw new Error(i18n_1.default.__('languageAnalysisNoLanguage', projectPath));
+        throw new Error(i18n_1.default.__('languageAnalysisNoLanguage', file));
     }
     return (0, reduceIdentifiedLanguages_1.reduceIdentifiedLanguages)(identifiedLanguages);
 }

package/dist/audit/catalogueApplication/catalogueApplication.js

@@ -1,9 +1,5 @@
 "use strict";
-const i18n = require('i18n');
 const { getHttpClient, handleResponseErrors } = require('../../utils/commonApi');
-const displaySuccessMessage = () => {
-    console.log(i18n.__('catalogueSuccessCommand'));
-};
 const catalogueApplication = async (config) => {
     const client = getHttpClient(config);
     let appId;
@@ -13,6 +9,9 @@ const catalogueApplication = async (config) => {
         if (res.statusCode === 201) {
             appId = res.body.application.app_id;
         }
+        else if (doesMessagesContainAppId(res)) {
+            appId = tryRetrieveAppIdFromMessages(res.body.messages);
+        }
         else {
             handleResponseErrors(res, 'catalogue');
         }
@@ -22,6 +21,25 @@ const catalogueApplication = async (config) => {
     });
     return appId;
 };
+const doesMessagesContainAppId = res => {
+    const regex = /(Application ID =)/;
+    if (res.statusCode === 400 &&
+        res.body.messages.filter(message => regex.exec(message))[0]) {
+        return true;
+    }
+    return false;
+};
+const tryRetrieveAppIdFromMessages = messages => {
+    let appId;
+    messages.forEach(message => {
+        if (message.includes('Application ID')) {
+            appId = message.split('=')[1].replace(/\s+/g, '');
+        }
+    });
+    return appId;
+};
 module.exports = {
-    catalogueApplication: catalogueApplication
+    catalogueApplication: catalogueApplication,
+    doesMessagesContainAppId,
+    tryRetrieveAppIdFromMessages
 };

package/dist/audit/javaAnalysisEngine/parseMavenProjectFileContents.js

@@ -142,10 +142,12 @@ const parseMvn = mvnDependancyTreeOutput => {
     });
     return parsedDepObj;
 };
-exports.shaveConsoleOutputUntilItFindsFirsDigraphMention = shaveConsoleOutputUntilItFindsFirsDigraphMention;
+exports.shaveConsoleOutputUntilItFindsFirsDigraphMention =
+    shaveConsoleOutputUntilItFindsFirsDigraphMention;
 exports.getDigraphObjInfo = getDigraphObjInfo;
 exports.createDigraphObjKey = createDigraphObjKey;
-exports.turnDigraphDependanciesIntoArrOfInnerDep = turnDigraphDependanciesIntoArrOfInnerDep;
+exports.turnDigraphDependanciesIntoArrOfInnerDep =
+    turnDigraphDependanciesIntoArrOfInnerDep;
 exports.hasVersion = hasVersion;
 exports.formatKeyName = formatKeyName;
 exports.createOuterDependanciesAndType = createOuterDependanciesAndType;

package/dist/audit/languageAnalysisEngine/checkForMultipleIdentifiedLanguages.js

@@ -21,4 +21,5 @@ const checkForMultipleIdentifiedLanguages = identifiedLanguages => {
         throw new Error(errMsg);
     }
 };
-exports.checkForMultipleIdentifiedLanguages = checkForMultipleIdentifiedLanguages;
+exports.checkForMultipleIdentifiedLanguages =
+    checkForMultipleIdentifiedLanguages;

package/dist/audit/languageAnalysisEngine/checkForMultipleIdentifiedProjectFiles.js

@@ -21,4 +21,5 @@ const checkForMultipleIdentifiedProjectFiles = identifiedLanguages => {
         }
     }
 };
-exports.checkForMultipleIdentifiedProjectFiles = checkForMultipleIdentifiedProjectFiles;
+exports.checkForMultipleIdentifiedProjectFiles =
+    checkForMultipleIdentifiedProjectFiles;

package/dist/audit/languageAnalysisEngine/checkIdentifiedLanguageHasProjectFile.js

@@ -20,4 +20,5 @@ const checkIdentifiedLanguageHasProjectFile = identifiedLanguages => {
         }
     }
 };
-exports.checkIdentifiedLanguageHasProjectFile = checkIdentifiedLanguageHasProjectFile;
+exports.checkIdentifiedLanguageHasProjectFile =
+    checkIdentifiedLanguageHasProjectFile;

package/dist/audit/languageAnalysisEngine/getIdentifiedLanguageInfo.js

@@ -1,23 +1,23 @@
 "use strict";
 const path = require('path');
 module.exports = exports = (analysis, next) => {
-    const { projectPath, languageAnalysis } = analysis;
-    languageAnalysis.identifiedLanguageInfo = getIdentifiedLanguageInfo(projectPath, languageAnalysis.identifiedLanguages);
+    const { file, languageAnalysis } = analysis;
+    languageAnalysis.identifiedLanguageInfo = getIdentifiedLanguageInfo(file, languageAnalysis.identifiedLanguages);
     next();
 };
-const getIdentifiedLanguageInfo = (projectPath, identifiedLanguages) => {
+const getIdentifiedLanguageInfo = (file, identifiedLanguages) => {
     const [language] = Object.keys(identifiedLanguages);
     const { projectFilenames: [projectFilename], lockFilenames: [lockFilename] } = Object.values(identifiedLanguages)[0];
     let identifiedLanguageInfo = {
         language,
         projectFilename,
-        projectFilePath: path.join(projectPath, projectFilename)
+        projectFilePath: path.join(file, projectFilename)
     };
     if (lockFilename) {
         identifiedLanguageInfo = {
             ...identifiedLanguageInfo,
             lockFilename,
-            lockFilePath: path.join(projectPath, lockFilename)
+            lockFilePath: path.join(file, lockFilename)
         };
     }
     return identifiedLanguageInfo;

package/dist/audit/languageAnalysisEngine/getProjectRootFilenames.js

@@ -3,9 +3,9 @@ const fs = require('fs');
 const path = require('path');
 const i18n = require('i18n');
 module.exports = exports = (analysis, next) => {
-    const { projectPath, languageAnalysis } = analysis;
+    const { file, languageAnalysis } = analysis;
     try {
-        languageAnalysis.projectRootFilenames = getProjectRootFilenames(projectPath);
+        languageAnalysis.projectRootFilenames = getProjectRootFilenames(file);
     }
     catch (err) {
         next(err);
@@ -13,27 +13,27 @@ module.exports = exports = (analysis, next) => {
     }
     next();
 };
-const getProjectRootFilenames = projectPath => {
+const getProjectRootFilenames = file => {
     let projectStats = null;
     try {
-        projectStats = fs.statSync(projectPath);
+        projectStats = fs.statSync(file);
     }
     catch (err) {
-        throw new Error(i18n.__('languageAnalysisProjectRootFileNameFailure', projectPath) +
+        throw new Error(i18n.__('languageAnalysisProjectRootFileNameFailure', file) +
             `${err.message}`);
     }
     if (projectStats.isDirectory()) {
         try {
-            return fs.readdirSync(projectPath);
+            return fs.readdirSync(file);
         }
         catch (err) {
-            throw new Error(i18n.__('languageAnalysisProjectRootFileNameReadError', projectPath) +
+            throw new Error(i18n.__('languageAnalysisProjectRootFileNameReadError', file) +
                 `${err.message}`);
         }
     }
     if (projectStats.isFile()) {
-        return [path.basename(projectPath)];
+        return [path.basename(file)];
     }
-    throw new Error(i18n.__('languageAnalysisProjectRootFileNameMissingError'), projectPath);
+    throw new Error(i18n.__('languageAnalysisProjectRootFileNameMissingError'), file);
 };
 exports.getProjectRootFilenames = getProjectRootFilenames;

package/dist/audit/languageAnalysisEngine/index.js

@@ -9,9 +9,9 @@ const checkIdentifiedLanguageHasProjectFile = require('./checkIdentifiedLanguage
 const checkIdentifiedLanguageHasLockFile = require('./checkIdentifiedLanguageHasLockFile');
 const getIdentifiedLanguageInfo = require('./getIdentifiedLanguageInfo');
 const { libraryAnalysisError } = require('../../common/errorHandling');
-module.exports = exports = (projectPath, callback, appId, config) => {
+module.exports = exports = (file, callback, appId, config) => {
     const ae = new AnalysisEngine({
-        projectPath,
+        file,
         appId,
         languageAnalysis: { appId: appId },
         config

package/dist/audit/languageAnalysisEngine/languageAnalysisFactory.js

@@ -10,11 +10,9 @@ const phpAE = require('../phpAnalysisEngine');
 const goAE = require('../goAnalysisEngine');
 const { vulnerabilityReport } = require('./report/reportingFeature');
 const { newSendSnapShot } = require('../languageAnalysisEngine/sendSnapshot');
-const fs = require('fs');
-const chalk = require('chalk');
-const saveFile = require('../../commands/audit/saveFile').default;
-const generateSbom = require('../../sbom/generateSbom').default;
-const { failSpinner, returnOra, startSpinner, succeedSpinner } = require('../../utils/oraWrapper');
+const { returnOra, startSpinner, succeedSpinner } = require('../../utils/oraWrapper');
+const { pollForSnapshotCompletition } = require('./sendSnapshot');
+const auditSave = require('../save');
 module.exports = exports = (err, analysis) => {
     const { identifiedLanguageInfo } = analysis.languageAnalysis;
     const catalogueAppId = analysis.languageAnalysis.appId;
@@ -39,9 +37,10 @@ module.exports = exports = (err, analysis) => {
         const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'));
         startSpinner(reportSpinner);
         const snapshotResponse = await newSendSnapShot(analysis, catalogueAppId);
-        succeedSpinner(reportSpinner, 'Contrast SCA analysis complete');
+        await pollForSnapshotCompletition(analysis.config, snapshotResponse.id, reportSpinner);
+        succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'));
         await vulnerabilityReport(analysis, catalogueAppId, snapshotResponse.id);
-        await auditSave(config);
+        await auditSave.auditSave(config);
     };
     if (identifiedLanguageInfo.language === DOTNET) {
         dotnetAE(identifiedLanguageInfo, analysis.config, langCallback);
@@ -65,23 +64,3 @@ module.exports = exports = (err, analysis) => {
         goAE(identifiedLanguageInfo, analysis.config, langCallback);
     }
 };
-async function auditSave(config) {
-    if (config.save) {
-        if (config.save.toLowerCase() === 'sbom') {
-            saveFile(config, await generateSbom(config));
-            const filename = `${config.applicationId}-sbom-cyclonedx.json`;
-            if (fs.existsSync(filename)) {
-                console.log(i18n.__('auditSBOMSaveSuccess') + ` - ${filename}`);
-            }
-            else {
-                console.log(chalk.yellow.bold(`\n Unable to save ${filename} Software Bill of Materials (SBOM)`));
-            }
-        }
-        else {
-            console.log(i18n.__('auditBadFiletypeSpecifiedForSave'));
-        }
-    }
-    else if (config.save === null) {
-        console.log(i18n.__('auditNoFiletypeSpecifiedForSave'));
-    }
-}

package/dist/audit/languageAnalysisEngine/reduceIdentifiedLanguages.js

@@ -36,11 +36,30 @@ const deduceLanguageScaAnalysis = filenames => {
         }
         if (isNodeProjectFilename(filename)) {
             deducedLanguages.push(filename);
-            language = NODE;
+            language = JAVASCRIPT;
+        }
+        if (isRubyProjectFilename(filename)) {
+            deducedLanguages.push(filename);
+            language = RUBY;
+        }
+        if (isPythonProjectFilename(filename)) {
+            deducedLanguages.push(filename);
+            language = PYTHON;
+        }
+        if (isPhpProjectFilename(filename)) {
+            deducedLanguages.push({ language: PHP, projectFilename: filename });
+            language = PHP;
         }
         if (isNodeLockFilename(filename)) {
             deducedLanguages.push(filename);
-            language = node;
+            language = JAVASCRIPT;
+        }
+        if (isPhpLockFilename(filename)) {
+            deducedLanguages.push({ language: PHP, lockFilename: filename });
+        }
+        if (isGoProjectFilename(filename)) {
+            deducedLanguages.push({ language: GO, projectFilename: filename });
+            language = GO;
         }
     });
     let identifiedLanguages = { [language]: deducedLanguages };
@@ -103,18 +122,19 @@ const reduceIdentifiedLanguages = identifiedLanguages => identifiedLanguages.red
     return accumulator;
 }, {});
 module.exports = exports = (analysis, next) => {
-    const { projectPath, languageAnalysis, config } = analysis;
+    const { file, languageAnalysis, config } = analysis;
     let identifiedLanguages = languageAnalysis.projectRootFilenames.reduce((accumulator, filename) => {
         const deducedLanguages = deduceLanguage(filename);
         return [...accumulator, ...deducedLanguages];
     }, []);
     if (Object.keys(identifiedLanguages).length === 0) {
-        next(new Error(i18n.__('languageAnalysisNoLanguage', projectPath)));
+        next(new Error(i18n.__('languageAnalysisNoLanguage', file)));
         return;
     }
     let language = config.language;
     if (language === undefined) {
-        languageAnalysis.identifiedLanguages = reduceIdentifiedLanguages(identifiedLanguages);
+        languageAnalysis.identifiedLanguages =
+            reduceIdentifiedLanguages(identifiedLanguages);
     }
     else {
         let refinedIdentifiedLanguages = [];

package/dist/audit/languageAnalysisEngine/report/commonReportingFunctions.js

@@ -3,16 +3,19 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.printFormattedOutput = exports.printVulnerabilityResponse = exports.getReport = exports.createLibraryHeader = void 0;
+exports.getNumOfAndSeverityType = exports.buildFormattedHeaderNum = exports.buildBody = exports.buildHeader = exports.printFormattedOutput = exports.printVulnerabilityResponse = exports.getReport = exports.createLibraryHeader = void 0;
 const commonApi_1 = require("../../../utils/commonApi");
 const reportListModel_1 = require("./models/reportListModel");
 const lodash_1 = require("lodash");
 const chalk_1 = __importDefault(require("chalk"));
 const reportUtils_1 = require("./utils/reportUtils");
+const severityCountModel_1 = require("./models/severityCountModel");
+const reportOutputModel_1 = require("./models/reportOutputModel");
+const constants_1 = require("../../../constants/constants");
 const createLibraryHeader = (id, numberOfVulnerableLibraries, numberOfCves) => {
     numberOfVulnerableLibraries === 1
-        ? console.log(` Found 1 vulnerable library containing ${numberOfCves} CVE's`)
-        : console.log(` Found ${numberOfVulnerableLibraries} vulnerable libraries containing ${numberOfCves} CVE's `);
+        ? console.log(`Found 1 vulnerable library containing ${numberOfCves} CVEs`)
+        : console.log(`Found ${numberOfVulnerableLibraries} vulnerable libraries containing ${numberOfCves} CVEs `);
 };
 exports.createLibraryHeader = createLibraryHeader;
 const getReport = async (config, reportId) => {
@@ -24,10 +27,6 @@ const getReport = async (config, reportId) => {
             return res.body;
         }
         else {
-            console.log('config-------------------');
-            console.log(config);
-            console.log('reportId----------------');
-            console.log(reportId);
             console.log(JSON.stringify(res));
             (0, commonApi_1.handleResponseErrors)(res, 'report');
         }
@@ -50,22 +49,102 @@ const printFormattedOutput = (libraries, config) => {
     const report = new reportListModel_1.ReportList();
     for (const library of libraries) {
         const { name, version } = (0, reportUtils_1.findNameAndVersion)(library, config);
-        const newOutputModel = new reportListModel_1.ReportModelStructure(new reportListModel_1.ReportCompositeKey(name, version, (0, reportUtils_1.findHighestSeverityCVE)(library.cveArray)), library.cveArray);
+        const newOutputModel = new reportListModel_1.ReportModelStructure(new reportListModel_1.ReportCompositeKey(name, version, (0, reportUtils_1.findHighestSeverityCVE)(library.cveArray), (0, reportUtils_1.severityCountAllCVEs)(library.cveArray, new severityCountModel_1.SeverityCountModel()).getTotal), library.cveArray);
         report.reportOutputList.push(newOutputModel);
     }
-    const orderedOutputList = (0, lodash_1.orderBy)(report.reportOutputList, reportListItem => reportListItem.compositeKey.highestSeverity.priority);
-    for (const reportModel of orderedOutputList) {
-        const name = reportModel.compositeKey.libraryName;
-        const version = reportModel.compositeKey.libraryVersion;
-        const highestSeverity = reportModel.compositeKey.highestSeverity.severity;
+    const outputOrderedByLowestSeverityAndLowestNumOfCvesFirst = (0, lodash_1.orderBy)(report.reportOutputList, [
+        (reportListItem) => {
+            return reportListItem.compositeKey.highestSeverity.priority;
+        },
+        (reportListItem) => {
+            return reportListItem.compositeKey.numberOfSeverities;
+        }
+    ], ['desc']);
+    let contrastHeaderNumCounter = outputOrderedByLowestSeverityAndLowestNumOfCvesFirst.length + 1;
+    for (const reportModel of outputOrderedByLowestSeverityAndLowestNumOfCvesFirst) {
+        contrastHeaderNumCounter--;
+        const { libraryName, libraryVersion, highestSeverity } = reportModel.compositeKey;
         const numOfCVEs = reportModel.cveArray.length;
-        const cveNames = [];
-        reportModel.cveArray.forEach(cve => cveNames.push(cve.name));
-        const boldHeader = chalk_1.default.bold(`${highestSeverity} | Vulnerable Library`);
-        const cvePluralised = numOfCVEs > 1 ? 'CVEs' : 'CVE';
-        console.log(`\n ${boldHeader} ${name} (${version}) has ${numOfCVEs} known ${cvePluralised}`);
-        console.log(` ${cveNames.join(', ')}`);
-        console.log(chalk_1.default.bold(' How to fix: Update to latest version'));
+        const header = buildHeader(highestSeverity, contrastHeaderNumCounter, libraryName, libraryVersion, numOfCVEs);
+        const body = buildBody(reportModel.cveArray);
+        const reportOutputModel = new reportOutputModel_1.ReportOutputModel(header, body);
+        console.log(reportOutputModel.header.vulnMessage, reportOutputModel.header.introducesMessage);
+        console.log(reportOutputModel.body.issueMessage);
+        console.log(reportOutputModel.body.adviceMessage + '\n');
+    }
+    const { criticalMessage, highMessage, mediumMessage, lowMessage, noteMessage, total } = buildFooter(libraries);
+    if (total > 1) {
+        console.log(`${criticalMessage} | ${highMessage} | ${mediumMessage} | ${lowMessage} | ${noteMessage}`);
     }
 };
 exports.printFormattedOutput = printFormattedOutput;
+function buildHeader(highestSeverity, contrastHeaderNum, libraryName, version, numOfCVEs) {
+    const vulnerabilityPluralised = numOfCVEs > 1 ? 'vulnerabilities' : 'vulnerability';
+    const formattedHeaderNum = buildFormattedHeaderNum(contrastHeaderNum);
+    const vulnMessage = chalk_1.default
+        .hex(highestSeverity.outputColour)
+        .bold(`${formattedHeaderNum} - [${highestSeverity.severity}] ${libraryName}-${version}`);
+    const introducesMessage = chalk_1.default.bold(`introduces ${numOfCVEs} ${vulnerabilityPluralised}`);
+    return new reportOutputModel_1.ReportOutputHeaderModel(vulnMessage, introducesMessage);
+}
+exports.buildHeader = buildHeader;
+function buildBody(cveArray) {
+    const cveMessages = [];
+    (0, reportUtils_1.findCVESeveritiesAndOrderByHighestPriority)(cveArray).forEach(reportSeverityModel => {
+        const { outputColour, severity, cveName } = reportSeverityModel;
+        const severityShorthand = chalk_1.default
+            .hex(outputColour)
+            .bold(`[${severity.charAt(0).toUpperCase()}]`);
+        const builtMessage = `${severityShorthand} ${cveName}`;
+        cveMessages.push(builtMessage);
+    });
+    const numAndSeverityType = getNumOfAndSeverityType(cveArray);
+    const issueMessage = ` ${chalk_1.default.bold('Issue')}  : ${numAndSeverityType} ${cveMessages.join(', ')}.`;
+    const adviceMessage = ` ${chalk_1.default.bold('Advice')} : ${chalk_1.default.bold('Update to latest version')}.`;
+    return new reportOutputModel_1.ReportOutputBodyModel(issueMessage, adviceMessage);
+}
+exports.buildBody = buildBody;
+const buildFooter = (libraries) => {
+    const { critical, high, medium, low, note, getTotal } = (0, reportUtils_1.severityCountAllLibraries)(libraries);
+    const criticalMessage = chalk_1.default
+        .hex(constants_1.CRITICAL_COLOUR)
+        .bold(`${critical} Critical`);
+    const highMessage = chalk_1.default.hex(constants_1.HIGH_COLOUR).bold(`${high} High`);
+    const mediumMessage = chalk_1.default.hex(constants_1.MEDIUM_COLOUR).bold(`${medium} Medium`);
+    const lowMessage = chalk_1.default.hex(constants_1.LOW_COLOUR).bold(`${low} Low`);
+    const noteMessage = chalk_1.default.hex(constants_1.NOTE_COLOUR).bold(`${note} Note`);
+    return {
+        criticalMessage,
+        highMessage,
+        mediumMessage,
+        lowMessage,
+        noteMessage,
+        total: getTotal
+    };
+};
+function buildFormattedHeaderNum(contrastHeaderNum) {
+    let formattedHeaderNum;
+    if (contrastHeaderNum < 10) {
+        formattedHeaderNum = `00${contrastHeaderNum}`;
+    }
+    else if (contrastHeaderNum >= 10 && contrastHeaderNum < 100) {
+        formattedHeaderNum = `0${contrastHeaderNum}`;
+    }
+    else if (contrastHeaderNum >= 100) {
+        formattedHeaderNum = contrastHeaderNum;
+    }
+    return `CONTRAST-${formattedHeaderNum}`;
+}
+exports.buildFormattedHeaderNum = buildFormattedHeaderNum;
+function getNumOfAndSeverityType(cveArray) {
+    const { critical, high, medium, low, note } = (0, reportUtils_1.severityCountAllCVEs)(cveArray, new severityCountModel_1.SeverityCountModel());
+    const criticalMessage = critical > 0 ? `${critical} Critical` : '';
+    const highMessage = high > 0 ? `${high} High` : '';
+    const mediumMessage = medium > 0 ? `${medium} Medium` : '';
+    const lowMessage = low > 0 ? `${low} Low` : '';
+    const noteMessage = note > 0 ? `${note} Note` : '';
+    return `${criticalMessage} ${highMessage} ${mediumMessage} ${lowMessage} ${noteMessage}`
+        .replace(/\s+/g, ' ')
+        .trim();
+}
+exports.getNumOfAndSeverityType = getNumOfAndSeverityType;

package/dist/audit/languageAnalysisEngine/report/models/reportListModel.js

@@ -15,10 +15,11 @@ class ReportModelStructure {
 }
 exports.ReportModelStructure = ReportModelStructure;
 class ReportCompositeKey {
-    constructor(libraryName, libraryVersion, highestSeverity) {
+    constructor(libraryName, libraryVersion, highestSeverity, numberOfSeverities) {
         this.libraryName = libraryName;
         this.libraryVersion = libraryVersion;
         this.highestSeverity = highestSeverity;
+        this.numberOfSeverities = numberOfSeverities;
     }
 }
 exports.ReportCompositeKey = ReportCompositeKey;

package/dist/audit/languageAnalysisEngine/report/models/reportOutputModel.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ReportOutputBodyModel = exports.ReportOutputHeaderModel = exports.ReportOutputModel = void 0;
+class ReportOutputModel {
+    constructor(header, body) {
+        this.header = header;
+        this.body = body;
+    }
+}
+exports.ReportOutputModel = ReportOutputModel;
+class ReportOutputHeaderModel {
+    constructor(vulnMessage, introducesMessage) {
+        this.vulnMessage = vulnMessage;
+        this.introducesMessage = introducesMessage;
+    }
+}
+exports.ReportOutputHeaderModel = ReportOutputHeaderModel;
+class ReportOutputBodyModel {
+    constructor(bodyIssueMessage, bodyAdviceMessage) {
+        this.issueMessage = bodyIssueMessage;
+        this.adviceMessage = bodyAdviceMessage;
+    }
+}
+exports.ReportOutputBodyModel = ReportOutputBodyModel;

package/dist/audit/languageAnalysisEngine/report/models/reportSeverityModel.js

@@ -2,9 +2,11 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.ReportSeverityModel = void 0;
 class ReportSeverityModel {
-    constructor(severity, priority) {
+    constructor(severity, priority, outputColour, cveName) {
         this.severity = severity;
         this.priority = priority;
+        this.outputColour = outputColour;
+        this.cveName = cveName;
     }
 }
 exports.ReportSeverityModel = ReportSeverityModel;

package/dist/audit/languageAnalysisEngine/report/models/severityCountModel.js

@@ -0,0 +1,16 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SeverityCountModel = void 0;
+class SeverityCountModel {
+    constructor() {
+        this.critical = 0;
+        this.high = 0;
+        this.medium = 0;
+        this.low = 0;
+        this.note = 0;
+    }
+    get getTotal() {
+        return this.critical + this.high + this.medium + this.low + this.note;
+    }
+}
+exports.SeverityCountModel = SeverityCountModel;

package/dist/audit/languageAnalysisEngine/report/reportingFeature.js

@@ -1,28 +1,49 @@
 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.formatVulnerabilityOutput = exports.vulnerabilityReport = void 0;
+exports.vulnerabilityReportV2 = exports.formatVulnerabilityOutput = exports.vulnerabilityReport = void 0;
 const commonReportingFunctions_1 = require("./commonReportingFunctions");
 const reportUtils_1 = require("./utils/reportUtils");
+const i18n_1 = __importDefault(require("i18n"));
+const chalk_1 = __importDefault(require("chalk"));
 async function vulnerabilityReport(analysis, applicationId, reportId) {
     const reportResponse = await (0, commonReportingFunctions_1.getReport)(analysis.config, reportId);
     if (reportResponse !== undefined) {
         const id = applicationId;
-        const name = analysis.config.applicationName;
-        formatVulnerabilityOutput(reportResponse.vulnerabilities, id, name, analysis.config);
+        formatVulnerabilityOutput(reportResponse.vulnerabilities, id, analysis.config);
     }
 }
 exports.vulnerabilityReport = vulnerabilityReport;
-function formatVulnerabilityOutput(libraryVulnerabilityResponse, id, name, config) {
-    const vulnerableLibraries = (0, reportUtils_1.convertGenericToTypedLibraries)(libraryVulnerabilityResponse);
+function formatVulnerabilityOutput(libraryVulnerabilityResponse, id, config) {
+    const vulnerableLibraries = (0, reportUtils_1.convertGenericToTypedLibraryVulns)(libraryVulnerabilityResponse);
     const numberOfVulnerableLibraries = vulnerableLibraries.length;
-    let numberOfCves = 0;
-    vulnerableLibraries.forEach(lib => (numberOfCves += lib.cveArray.length));
-    (0, commonReportingFunctions_1.createLibraryHeader)(id, numberOfVulnerableLibraries, numberOfCves);
-    const hasSomeVulnerabilitiesReported = (0, commonReportingFunctions_1.printVulnerabilityResponse)(vulnerableLibraries, config);
-    return [
-        hasSomeVulnerabilitiesReported,
-        numberOfCves,
-        (0, reportUtils_1.severityCount)(vulnerableLibraries)
-    ];
+    if (numberOfVulnerableLibraries === 0) {
+        console.log(i18n_1.default.__('scanNoVulnerabilitiesFound'));
+        console.log(i18n_1.default.__('scanNoVulnerabilitiesFoundSecureCode'));
+        console.log(i18n_1.default.__('scanNoVulnerabilitiesFoundGoodWork'));
+        console.log(chalk_1.default.bold(`Found ${numberOfVulnerableLibraries} vulnerabilities`));
+        console.log(i18n_1.default.__('foundDetailedVulnerabilities', String(0), String(0), String(0), String(0), String(0)));
+    }
+    else {
+        let numberOfCves = 0;
+        vulnerableLibraries.forEach(lib => (numberOfCves += lib.cveArray.length));
+        (0, commonReportingFunctions_1.createLibraryHeader)(id, numberOfVulnerableLibraries, numberOfCves);
+        const hasSomeVulnerabilitiesReported = (0, commonReportingFunctions_1.printVulnerabilityResponse)(vulnerableLibraries, config);
+        return [
+            hasSomeVulnerabilitiesReported,
+            numberOfCves,
+            (0, reportUtils_1.severityCountAllLibraries)(vulnerableLibraries)
+        ];
+    }
 }
 exports.formatVulnerabilityOutput = formatVulnerabilityOutput;
+async function vulnerabilityReportV2(config, reportId) {
+    const reportResponse = await (0, commonReportingFunctions_1.getReport)(config, reportId);
+    if (reportResponse !== undefined) {
+        const name = config.applicationName;
+        formatVulnerabilityOutput(reportResponse.vulnerabilities, config.applicationId, config);
+    }
+}
+exports.vulnerabilityReportV2 = vulnerabilityReportV2;