npm - @contrast/contrast - Versions diffs - 1.0.6 → 1.0.7 - Mend

@contrast/contrast 1.0.6 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

package/.prettierignore +0 -6
package/dist/audit/javaAnalysisEngine/parseMavenProjectFileContents.js +4 -2
package/dist/audit/languageAnalysisEngine/checkForMultipleIdentifiedLanguages.js +2 -1
package/dist/audit/languageAnalysisEngine/checkForMultipleIdentifiedProjectFiles.js +2 -1
package/dist/audit/languageAnalysisEngine/checkIdentifiedLanguageHasProjectFile.js +2 -1
package/dist/audit/languageAnalysisEngine/languageAnalysisFactory.js +2 -0
package/dist/audit/languageAnalysisEngine/reduceIdentifiedLanguages.js +10 -1
package/dist/audit/languageAnalysisEngine/report/utils/reportUtils.js +6 -9
package/dist/audit/languageAnalysisEngine/sendSnapshot.js +65 -3
package/dist/commands/audit/processAudit.js +1 -1
package/dist/commands/scan/sca/scaAnalysis.js +13 -2
package/dist/common/HTTPClient.js +50 -15
package/dist/common/errorHandling.js +6 -1
package/dist/common/versionChecker.js +1 -1
package/dist/constants/constants.js +1 -1
package/dist/constants/locales.js +3 -1
package/dist/lambda/analytics.js +11 -0
package/dist/lambda/lambda.js +35 -4
package/dist/lambda/types.js +13 -0
package/dist/scaAnalysis/common/formatMessage.js +17 -1
package/dist/scaAnalysis/java/analysis.js +3 -6
package/dist/scaAnalysis/java/index.js +2 -2
package/dist/scaAnalysis/python/analysis.js +41 -0
package/dist/scaAnalysis/python/index.js +10 -0
package/dist/scaAnalysis/ruby/analysis.js +226 -0
package/dist/scaAnalysis/ruby/index.js +10 -0
package/dist/scan/autoDetection.js +6 -2
package/dist/scan/fileUtils.js +14 -7
package/dist/scan/formatScanOutput.js +9 -11
package/dist/scan/models/groupedResultsModel.js +1 -1
package/dist/scan/models/scanResultsModel.js +3 -1
package/dist/scan/populateProjectIdAndProjectName.js +2 -1
package/dist/scan/scan.js +1 -0
package/dist/scan/scanConfig.js +6 -1
package/dist/scan/scanController.js +16 -3
package/dist/scan/scanResults.js +5 -1
package/dist/utils/commonApi.js +4 -1
package/package.json +11 -7
package/src/audit/catalogueApplication/catalogueApplication.js +0 -1
package/src/audit/javaAnalysisEngine/parseMavenProjectFileContents.js +11 -8
package/src/audit/languageAnalysisEngine/checkForMultipleIdentifiedLanguages.js +2 -1
package/src/audit/languageAnalysisEngine/checkForMultipleIdentifiedProjectFiles.js +2 -1
package/src/audit/languageAnalysisEngine/checkIdentifiedLanguageHasProjectFile.js +2 -1
package/src/audit/languageAnalysisEngine/languageAnalysisFactory.js +8 -0
package/src/audit/languageAnalysisEngine/reduceIdentifiedLanguages.js +10 -9
package/src/audit/languageAnalysisEngine/report/commonReportingFunctions.ts +34 -29
package/src/audit/languageAnalysisEngine/report/models/reportLibraryModel.ts +3 -3
package/src/audit/languageAnalysisEngine/report/models/reportListModel.ts +15 -11
package/src/audit/languageAnalysisEngine/report/models/reportSeverityModel.ts +6 -1
package/src/audit/languageAnalysisEngine/report/utils/reportUtils.ts +43 -27
package/src/audit/languageAnalysisEngine/sendSnapshot.js +78 -3
package/src/commands/audit/processAudit.ts +1 -1
package/src/commands/scan/sca/scaAnalysis.js +13 -5
package/src/common/HTTPClient.js +65 -25
package/src/common/errorHandling.ts +10 -1
package/src/common/versionChecker.ts +1 -1
package/src/constants/constants.js +1 -1
package/src/constants/locales.js +3 -1
package/src/lambda/analytics.ts +9 -0
package/src/lambda/arn.ts +2 -1
package/src/lambda/lambda.ts +37 -17
package/src/lambda/types.ts +35 -0
package/src/lambda/utils.ts +2 -7
package/src/scaAnalysis/common/formatMessage.js +19 -1
package/src/scaAnalysis/go/goAnalysis.js +2 -3
package/src/scaAnalysis/java/analysis.js +5 -6
package/src/scaAnalysis/java/index.js +2 -2
package/src/scaAnalysis/python/analysis.js +48 -0
package/src/scaAnalysis/python/index.js +11 -0
package/src/scaAnalysis/ruby/analysis.js +282 -0
package/src/scaAnalysis/ruby/index.js +11 -0
package/src/scan/autoDetection.js +9 -5
package/src/scan/fileUtils.js +15 -7
package/src/scan/formatScanOutput.ts +11 -12
package/src/scan/models/groupedResultsModel.ts +3 -3
package/src/scan/models/resultContentModel.ts +1 -1
package/src/scan/models/scanResultsModel.ts +5 -2
package/src/scan/populateProjectIdAndProjectName.js +3 -1
package/src/scan/scan.ts +1 -0
package/src/scan/scanConfig.js +5 -1
package/src/scan/scanController.js +18 -4
package/src/scan/scanResults.js +10 -0
package/src/utils/commonApi.js +4 -1

package/src/common/HTTPClient.js CHANGED Viewed

@@ -22,7 +22,8 @@ function HTTPClient(config) {
       Authorization: authToken,
       'API-Key': apiKey,
       SuperAuthorization: superAuthToken,
-      'Super-API-Key': superApiKey
+      'Super-API-Key': superApiKey,
+      'User-Agent': 'contrast-cli-v2'
     }
   }
@@ -33,7 +34,7 @@ function HTTPClient(config) {
   this.maybeAddCertsToRequest(config)
 }
-HTTPClient.prototype.maybeAddCertsToRequest = function(config) {
+HTTPClient.prototype.maybeAddCertsToRequest = function (config) {
   // cacert
   const caCertFilePath = config.cacert
   if (caCertFilePath) {
@@ -91,13 +92,30 @@ HTTPClient.prototype.getSpecificScanResult = function getSpecificScanResult(
   return requestUtils.sendRequest({ method: 'get', options })
 }
-HTTPClient.prototype.getSpecificScanResultSarif = function getSpecificScanResultSarif(
+HTTPClient.prototype.getSpecificScanResultSarif =
+  function getSpecificScanResultSarif(config, scanId) {
+    const options = _.cloneDeep(this.requestOptions)
+    options.url = createRawOutputURL(config, scanId)
+    return requestUtils.sendRequest({ method: 'get', options })
+  }
+HTTPClient.prototype.createNewEvent = function createNewEvent(
   config,
-  scanId
+  scanId,
+  newProject
 ) {
   const options = _.cloneDeep(this.requestOptions)
-  options.url = createRawOutputURL(config, scanId)
-  return requestUtils.sendRequest({ method: 'get', options })
+  options.url = createEventCollectorURL(config, scanId)
+  options.body = {
+    eventSource: process.env.CODESEC_INVOCATION_ENVIRONMENT,
+    trackingProperties: {
+      projectNameSource: config.projectNameSource,
+      waitedForResults: !config.ff,
+      newProject
+    }
+  }
+  return requestUtils.sendRequest({ method: 'post', options })
 }
 HTTPClient.prototype.getScanId = function getScanId(config, codeArtifactId) {
@@ -190,9 +208,6 @@ HTTPClient.prototype.catalogueCommand = function catalogueCommand(config) {
 }
 HTTPClient.prototype.sendSnapshot = function sendSnapshot(requestBody, config) {
-  if (config.language.toUpperCase() === 'RUBY') {
-    //console.log('sendSnapshot requestBody', requestBody.snapshot.ruby)
-  }
   const options = _.cloneDeep(this.requestOptions)
   let url = createSnapshotURL(config)
   options.url = url
@@ -210,17 +225,24 @@ HTTPClient.prototype.getReportById = function getReportById(config, reportId) {
   return requestUtils.sendRequest({ method: 'get', options })
 }
-HTTPClient.prototype.getLibraryVulnerabilities = function getLibraryVulnerabilities(
+HTTPClient.prototype.getReportStatusById = function getReportStatusById(
   config,
-  requestBody
+  snapshotId
 ) {
   const options = _.cloneDeep(this.requestOptions)
-  options.url = createLibraryVulnerabilitiesUrl(config)
-  options.body = requestBody
-  return requestUtils.sendRequest({ method: 'put', options })
+  options.url = createSpecificReportStatusURL(config, snapshotId)
+  return requestUtils.sendRequest({ method: 'get', options })
 }
+HTTPClient.prototype.getLibraryVulnerabilities =
+  function getLibraryVulnerabilities(config, requestBody) {
+    const options = _.cloneDeep(this.requestOptions)
+    options.url = createLibraryVulnerabilitiesUrl(config)
+    options.body = requestBody
+    return requestUtils.sendRequest({ method: 'put', options })
+  }
 HTTPClient.prototype.getAppId = function getAppId(config) {
   const options = _.cloneDeep(this.requestOptions)
   let url = createAppNameUrl(config)
@@ -295,17 +317,13 @@ HTTPClient.prototype.getScanResources = async function getScanResources(
   return requestUtils.sendRequest({ method: 'get', options })
 }
-HTTPClient.prototype.getFunctionScanResults = async function getFunctionScanResults(
-  config,
-  params,
-  scanId,
-  functionArn
-) {
-  const url = createScanResultsGetUrl(config, params, scanId, functionArn)
-  const options = { ...this.requestOptions, url }
+HTTPClient.prototype.getFunctionScanResults =
+  async function getFunctionScanResults(config, params, scanId, functionArn) {
+    const url = createScanResultsGetUrl(config, params, scanId, functionArn)
+    const options = { ...this.requestOptions, url }
-  return requestUtils.sendRequest({ method: 'get', options })
-}
+    return requestUtils.sendRequest({ method: 'get', options })
+  }
 HTTPClient.prototype.checkLibrary = function checkLibrary(data) {
   const options = _.cloneDeep(this.requestOptions)
@@ -321,6 +339,20 @@ HTTPClient.prototype.getSbom = function getSbom(config) {
   return requestUtils.sendRequest({ method: 'get', options })
 }
+// analytics
+HTTPClient.prototype.postAnalyticsFunction = function (config, provider, body) {
+  const url = createAnalyticsFunctionPostUrl(config, provider)
+  const options = { ...this.requestOptions, body, url }
+  return requestUtils.sendRequest({ method: 'post', options })
+}
+const createAnalyticsFunctionPostUrl = (config, provider) => {
+  const url = getServerlessHost(config)
+  return `${url}/organizations/${config.organizationId}/providers/${provider}/analytics`
+}
 // scan
 const createGetScanIdURL = config => {
   return `${config.host}/Contrast/api/sast/v1/organizations/${config.organizationId}/projects/${config.projectId}/scans/`
@@ -350,6 +382,10 @@ function createScanProjectUrl(config) {
   return `${config.host}/Contrast/api/sast/v1/organizations/${config.organizationId}/projects/${config.projectId}`
 }
+const createEventCollectorURL = (config, scanId) => {
+  return `${config.host}/Contrast/api/sast/organizations/${config.organizationId}/projects/${config.projectId}/scans/${scanId}/events`
+}
 const createGlobalPropertiesUrl = protocol => {
   return `${protocol}/Contrast/api/ng/global/properties`
 }
@@ -384,6 +420,10 @@ function createSpecificReportWithProdUrl(config, reportId) {
   )
 }
+function createSpecificReportStatusURL(config, reportId) {
+  return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/snapshots/${reportId}/status`
+}
 function createDataUrl() {
   return `https://ardy.contrastsecurity.com/production`
 }

package/src/common/errorHandling.ts CHANGED Viewed

@@ -64,6 +64,14 @@ const proxyError = () => {
   generalError('proxyErrorHeader', 'proxyErrorMessage')
 }
+const maxAppError = () => {
+  generalError(
+    'No applications remaining',
+    'You have reached the maximum number of application you can create.'
+  )
+  process.exit(1)
+}
 const failOptionError = () => {
   console.log(
     '\n ******************************** ' +
@@ -140,5 +148,6 @@ export {
   findCommandOnError,
   snapshotFailureError,
   vulnerabilitiesFailureError,
-  reportFailureError
+  reportFailureError,
+  maxAppError
 }

package/src/common/versionChecker.ts CHANGED Viewed

@@ -37,5 +37,5 @@ export async function findLatestCLIVersion(updateMessageHidden: boolean) {
 }
 export async function isCorrectNodeVersion(currentVersion: string) {
-  return semver.satisfies(currentVersion, '>=16.13.2 <17')
+  return semver.satisfies(currentVersion, '>=16')
 }

package/src/constants/constants.js CHANGED Viewed

@@ -13,7 +13,7 @@ const MEDIUM = 'MEDIUM'
 const HIGH = 'HIGH'
 const CRITICAL = 'CRITICAL'
 const APP_NAME = 'contrast'
-const APP_VERSION = '1.0.6'
+const APP_VERSION = '1.0.7'
 const TIMEOUT = 120000
 const HIGH_COLOUR = '#ff9900'
 const CRITICAL_COLOUR = '#e35858'

package/src/constants/locales.js CHANGED Viewed

@@ -146,7 +146,7 @@ const en_locales = () => {
     constantsHeader: 'CodeSec by Contrast Security',
     constantsPrerequisitesContentScanLanguages: 'Java & JavaScript supported',
     constantsContrastContent:
-      'Use the Contrast CLI to run a scan (Java, JavaScript and .NET ) or lambda command (Java and Python) to find your vulnerabilities and start securing your code.',
+      "Use the 'contrast' command for fast and accurate security analysis of your applications and APIs (Java, JavaScript and .NET ) as well as serverless functions (AWS lambda, Java and Python).",
     constantsUsageGuideContentRecommendation:
       'Our recommendation is that this is invoked as part of a CI pipeline so that running the cli is automated as part of your build process.',
     constantsPrerequisitesHeader: 'Pre-requisites',
@@ -356,6 +356,7 @@ const en_locales = () => {
     scanZipError:
       'A .zip archive can be used for Javascript Scan. Archive found %s does not contain .JS files for Scan.',
     fileNotExist: 'File specified does not exist, please check and try again.',
+    scanFileIsEmpty: 'File specified is empty. Please choose another.',
     fileHasWhiteSpacesError:
       'File cannot have spaces, please rename or choose another file to Scan.',
     zipFileException: 'Error reading zip file',
@@ -395,6 +396,7 @@ const en_locales = () => {
       'saves the output in specified format Txt text, sbom',
     scanNotCompleted:
       'Scan not completed. Check for framework and language support here: %s',
+    auditNotCompleted: 'audit not completed.  Please try again',
     scanNoVulnerabilitiesFound: '👏 No vulnerabilities found',
     scanNoVulnerabilitiesFoundSecureCode: '👍 Your code looks secure.',
     scanNoVulnerabilitiesFoundGoodWork: '👏 Keep up the good work.',

package/src/lambda/analytics.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import { getHttpClient } from '../utils/commonApi'
+import { getAuth } from '../utils/paramsUtil/paramHandler'
+import { AnalyticsOption } from './types'
+export const postAnalytics = (data: AnalyticsOption, provider = 'aws') => {
+  const config = getAuth()
+  const client = getHttpClient(config)
+  return client.postAnalyticsFunction(config, provider, data)
+}

package/src/lambda/arn.ts CHANGED Viewed

@@ -10,7 +10,8 @@ type ARN = {
   resourceId?: string
 }
-const ARN_REGEX = /arn:(?<partition>[^:\n]*):(?<service>[^:\n]*):(?<region>[^:\n]*):(?<accountId>[^:\n]*):(?<ignore>(?<resource>[^:/\n]*)[:/])?(?<resourceId>.*)/
+const ARN_REGEX =
+  /arn:(?<partition>[^:\n]*):(?<service>[^:\n]*):(?<region>[^:\n]*):(?<accountId>[^:\n]*):(?<ignore>(?<resource>[^:/\n]*)[:/])?(?<resourceId>.*)/
 const parseARN = (arn: string | undefined) => {
   if (!arn) {

package/src/lambda/lambda.ts CHANGED Viewed

@@ -14,18 +14,8 @@ import { printResults } from './utils'
 import { getAllLambdas, printAvailableLambdas } from './lambdaUtils'
 import { sleep } from '../utils/requestUtils'
 import ora from '../utils/oraWrapper'
-type LambdaOptions = {
-  functionName?: string
-  listFunctions?: boolean
-  region?: string
-  endpointUrl?: string
-  profile?: string
-  help?: boolean
-  verbose?: boolean
-  jsonOutput?: boolean
-  _unknown?: string[]
-}
+import { postAnalytics } from './analytics'
+import { LambdaOptions, AnalyticsOption, StatusType, EventType } from './types'
 type ApiParams = {
   organizationId: string
@@ -74,10 +64,20 @@ const getLambdaOptions = (argv: string[]) => {
 }
 const processLambda = async (argv: string[]) => {
+  let errorMsg
+  let scanInfo: { functionArn: string; scanId: string } | undefined
+  const commandSessionId = Date.now().toString(36)
   try {
     const lambdaOptions = getLambdaOptions(argv)
     const { help } = lambdaOptions
+    const startCommandAnalytics: AnalyticsOption = {
+      arguments: lambdaOptions,
+      sessionId: commandSessionId,
+      eventType: EventType.START
+    }
+    postAnalytics(startCommandAnalytics).catch((error: Error) => {
+      /* ignore */
+    })
     if (help) {
       return handleLambdaHelp()
     }
@@ -87,15 +87,33 @@ const processLambda = async (argv: string[]) => {
     if (lambdaOptions.listFunctions) {
       await getAvailableFunctions(lambdaOptions)
     } else {
-      await actualProcessLambda(lambdaOptions)
+      scanInfo = await actualProcessLambda(lambdaOptions)
     }
   } catch (error) {
     if (error instanceof CliError) {
-      console.error(error.getErrorMessage())
+      errorMsg = error.getErrorMessage()
     } else if (error instanceof Error) {
-      console.error(error.message)
+      errorMsg = error.message
+    }
+  } finally {
+    const endCommandAnalytics: AnalyticsOption = {
+      sessionId: commandSessionId,
+      eventType: EventType.END,
+      status: errorMsg ? StatusType.FAILED : StatusType.SUCCESS
+    }
+    if (errorMsg) {
+      endCommandAnalytics.errorMsg = errorMsg
+      console.error(errorMsg)
+    }
+    if (scanInfo) {
+      endCommandAnalytics.scanFunctionData = scanInfo
+    }
+    await postAnalytics(endCommandAnalytics).catch((error: Error) => {
+      /* ignore */
+    })
+    if (errorMsg) {
+      process.exit(1)
     }
-    process.exit(1)
   }
 }
@@ -162,6 +180,8 @@ const actualProcessLambda = async (lambdaOptions: LambdaOptions) => {
   if (results?.length) {
     printResults(results)
   }
+  return { functionArn, scanId }
 }
 const validateRequiredLambdaParams = (options: LambdaOptions) => {

package/src/lambda/types.ts ADDED Viewed

@@ -0,0 +1,35 @@
+export enum StatusType {
+  FAILED = 'failed',
+  SUCCESS = 'success'
+}
+export enum EventType {
+  START = 'start_command_session',
+  END = 'end_command_session'
+}
+export type LambdaOptions = {
+  functionName?: string
+  listFunctions?: boolean
+  region?: string
+  endpointUrl?: string
+  profile?: string
+  help?: boolean
+  verbose?: boolean
+  jsonOutput?: boolean
+  _unknown?: string[]
+}
+type ScanFunctionData = {
+  functionArn: string
+  scanId: string
+}
+export type AnalyticsOption = {
+  sessionId: string
+  eventType: EventType
+  arguments?: LambdaOptions
+  scanFunctionData?: ScanFunctionData
+  status?: StatusType
+  errorMsg?: string
+}

package/src/lambda/utils.ts CHANGED Viewed

@@ -19,13 +19,8 @@ class PrintVulnerability {
   whatHappened: string
   constructor(index: number, vulnerability: any, group?: any[]) {
-    const {
-      severityText,
-      title,
-      description,
-      remediation,
-      categoryText
-    } = vulnerability
+    const { severityText, title, description, remediation, categoryText } =
+      vulnerability
     this.group = group
     this.vulnerability = vulnerability

package/src/scaAnalysis/common/formatMessage.js CHANGED Viewed

@@ -14,7 +14,25 @@ const createGoTSMessage = goTree => {
   }
 }
+const createRubyTSMessage = rubyTree => {
+  return {
+    ruby: {
+      rubyDependencyTrees: rubyTree
+    }
+  }
+}
+const createPythonTSMessage = pythonTree => {
+  return {
+    python: {
+      pythonDependencyTrees: pythonTree
+    }
+  }
+}
 module.exports = {
   createJavaTSMessage,
-  createGoTSMessage
+  createGoTSMessage,
+  createRubyTSMessage,
+  createPythonTSMessage
 }

package/src/scaAnalysis/go/goAnalysis.js CHANGED Viewed

@@ -5,9 +5,8 @@ const goParseDeps = require('./goParseDeps')
 const goAnalysis = (config, languageFiles) => {
   try {
     const rawGoDependencies = goReadDepFile.getGoDependencies(config)
-    const parsedGoDependencies = goParseDeps.parseGoDependencies(
-      rawGoDependencies
-    )
+    const parsedGoDependencies =
+      goParseDeps.parseGoDependencies(rawGoDependencies)
     return createGoTSMessage(parsedGoDependencies)
   } catch (e) {

package/src/scaAnalysis/java/analysis.js CHANGED Viewed

@@ -11,16 +11,15 @@ const determineProjectTypeAndCwd = (files, projectPath) => {
   if (files[0].includes('pom.xml')) {
     projectData.projectType = MAVEN
-    projectData.cwd = projectPath
-      ? projectPath
-      : files[0].replace('pom.xml', '')
   } else if (files[0].includes('build.gradle')) {
     projectData.projectType = GRADLE
-    projectData.cwd = projectPath
-      ? projectPath
-      : files[0].replace('pom.xml', '')
   }
+  //clean up the path to be a folder not a file
+  projectData.cwd = projectPath
+    ? projectPath.replace('pom.xml', '').replace('build.gradle', '')
+    : projectPath
   return projectData
 }

package/src/scaAnalysis/java/index.js CHANGED Viewed

@@ -3,11 +3,11 @@ const { parseBuildDeps } = require('./javaBuildDepsParser')
 const { createJavaTSMessage } = require('../common/formatMessage')
 const javaAnalysis = (config, languageFiles) => {
-  languageFiles.java.forEach(file => {
+  languageFiles.JAVA.forEach(file => {
     file.replace('build.gradle.kts', 'build.gradle')
   })
-  const javaDeps = buildJavaTree(config, languageFiles.java)
+  const javaDeps = buildJavaTree(config, languageFiles.JAVA)
   return createJavaTSMessage(javaDeps)
 }

package/src/scaAnalysis/python/analysis.js ADDED Viewed

@@ -0,0 +1,48 @@
+const multiReplace = require('string-multiple-replace')
+const fs = require('fs')
+const readAndParseProjectFile = projectPath => {
+  const filePath = filePathForWindows(projectPath + '/Pipfile')
+  const pipFile = fs.readFileSync(filePath, 'utf8')
+  const matcherObj = { '"': '' }
+  const sequencer = ['"']
+  const parsedPipfile = multiReplace(pipFile, matcherObj, sequencer)
+  const pythonArray = parsedPipfile.split('\n')
+  return pythonArray.filter(element => element !== '' && !element.includes('#'))
+}
+const readAndParseLockFile = projectPath => {
+  const filePath = filePathForWindows(projectPath + '/Pipfile.lock')
+  const lockFile = fs.readFileSync(filePath, 'utf8')
+  let parsedPipLock = JSON.parse(lockFile)
+  parsedPipLock['defaults'] = parsedPipLock['default']
+  return parsedPipLock
+}
+const getPythonDeps = config => {
+  try {
+    const parseProject = readAndParseProjectFile(config.projectPath)
+    const parsePip = readAndParseLockFile(config.projectPath)
+    return { pipfileLock: parseProject, pipfilDependanceies: parsePip }
+  } catch (err) {
+    console.log(err.message.toString())
+    process.exit(1)
+  }
+}
+const filePathForWindows = path => {
+  if (process.platform === 'win32') {
+    path = path.replace(/\//g, '\\')
+  }
+  return path
+}
+module.exports = {
+  getPythonDeps,
+  readAndParseProjectFile,
+  readAndParseLockFile
+}

package/src/scaAnalysis/python/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+const { createPythonTSMessage } = require('../common/formatMessage')
+const { getPythonDeps } = require('./analysis')
+const pythonAnalysis = (config, languageFiles) => {
+  const pythonDeps = getPythonDeps(config, languageFiles.PYTHON)
+  return createPythonTSMessage(pythonDeps)
+}
+module.exports = {
+  pythonAnalysis
+}