@contrast/contrast 1.0.6 → 1.0.9

package/dist/audit/javaAnalysisEngine/parseProjectFileContents.js

@@ -1,353 +0,0 @@
-"use strict";
-const i18n = require('i18n');
-let projectType = '';
-const StringBuilder = require('string-builder');
-let sb = new StringBuilder();
-module.exports = exports = ({ language: { projectFilePath }, java }, next, config) => {
-    const { mvnDependancyTreeOutput } = java;
-    if (projectFilePath.endsWith('build.gradle') ||
-        projectFilePath.endsWith('pom.xml')) {
-        if (projectFilePath.endsWith('build.gradle')) {
-            projectType = 'Gradle';
-        }
-        else {
-            projectType = 'Maven';
-        }
-        try {
-            java.mavenDependencyTrees = parseGradle(mvnDependancyTreeOutput, config);
-            next();
-        }
-        catch (err) {
-            next(new Error(i18n.__('javaParseProjectFile') + `${err.message}`));
-            return;
-        }
-    }
-    else {
-        next();
-    }
-};
-const preParser = shavedOutput => {
-    let obj = [];
-    for (let dep in shavedOutput) {
-        obj.push(shavedOutput[dep]
-            .replace('+-', '+---')
-            .replace('[INFO]', '')
-            .replace('\\-', '\\---')
-            .replace(':jar:', ':')
-            .replace(':test', '')
-            .replace(':compile', '')
-            .replace(' +', '+')
-            .replace(' |', '|')
-            .replace(' \\', '\\')
-            .replace(':runtime', ''));
-    }
-    let depTree = [];
-    for (let x in obj) {
-        let nodeLevel = computeRelationToLastElement(obj[x]);
-        let notLastLevel = obj[x].startsWith('|') ||
-            obj[x].startsWith('+') ||
-            obj[x].startsWith('\\');
-        if (notLastLevel) {
-            if (nodeLevel === 0) {
-                depTree.push(obj[x]);
-            }
-            else {
-                let level = computeLevel(nodeLevel);
-                let validatedLevel = addIndentation(nodeLevel === 2 ? 5 : level, obj[x]);
-                depTree.push(validatedLevel);
-            }
-        }
-        else {
-            let level = computeLevel(nodeLevel);
-            let validatedLevel = addIndentation(nodeLevel === 3 ? 5 : level, obj[x]);
-            depTree.push(validatedLevel);
-        }
-    }
-    return depTree;
-};
-const shaveOutput = gradleDependencyTreeOutput => {
-    let shavedOutput = gradleDependencyTreeOutput.split('\n');
-    if (projectType === 'Maven') {
-        shavedOutput = preParser(shavedOutput);
-    }
-    let obj = [];
-    for (let key in shavedOutput) {
-        if (shavedOutput[key].includes('project :')) {
-        }
-        else if (shavedOutput[key].includes('+---') ||
-            shavedOutput[key].includes('\\---')) {
-            obj.push(shavedOutput[key]);
-        }
-    }
-    return obj;
-};
-const computeIndentation = element => {
-    let hasPlus = element.includes('+');
-    let hasSlash = element.includes('\\');
-    if (hasPlus) {
-        return element.substring(element.indexOf('+'));
-    }
-    if (hasSlash) {
-        return element.substring(element.indexOf('\\'));
-    }
-};
-const computeLevel = nodeLevel => {
-    let num = [5, 8, 11, 14, 17, 20];
-    for (let z in num) {
-        if (num[z] === nodeLevel) {
-            let n = parseInt(z);
-            return 5 * (n + 2);
-        }
-    }
-};
-const addIndentation = (number, str) => {
-    str = computeIndentation(str);
-    sb.clear();
-    for (let j = 0; j < number; j++) {
-        sb.append(' ');
-    }
-    sb.append(str);
-    return sb.toString();
-};
-const computeRelationToLastElement = element => {
-    let hasPlus = element.includes('+---');
-    let hasSlash = element.includes('\\---');
-    if (hasPlus) {
-        return element.split('+---')[0].length;
-    }
-    if (hasSlash) {
-        return element.split('\\---')[0].length;
-    }
-};
-const stripElement = element => {
-    return element
-        .replace(/[|]/g, '')
-        .replace('+---', '')
-        .replace('\\---', '')
-        .replace(/[' ']/g, '')
-        .replace('(c)', '')
-        .replace('->', '@')
-        .replace('(*)', '');
-};
-const checkVersion = element => {
-    let version = element.split(':');
-    return version[version.length - 1];
-};
-const createElement = (element, isRoot) => {
-    let tree;
-    let cleanElement = stripElement(element);
-    let splitGroupName = cleanElement.split(':');
-    let validateVersion = false;
-    if (!element.includes('->')) {
-        validateVersion = true;
-    }
-    tree = {
-        artifactID: splitGroupName[1],
-        group: splitGroupName[0],
-        version: validateVersion
-            ? checkVersion(cleanElement)
-            : splitGroupName[splitGroupName.length - 1],
-        scope: 'compile',
-        type: isRoot ? 'direct' : 'transitive',
-        edges: {}
-    };
-    return tree;
-};
-const getElementHeader = element => {
-    let elementHeader = stripElement(element);
-    elementHeader = elementHeader.replace(':', '/');
-    elementHeader = elementHeader.replace(':', '@');
-    return elementHeader;
-};
-const buildElement = (element, rootElement, parentOfCurrent, tree, isRoot) => {
-    let childElement = createElement(element, isRoot);
-    let elementHeader = getElementHeader(element);
-    let levelsArray = [rootElement, parentOfCurrent];
-    const treeNode = getNestedObject(tree, levelsArray);
-    const rootNode = getNestedObject(tree, [rootElement]);
-    if (!rootNode.hasOwnProperty(elementHeader)) {
-        tree[rootElement][elementHeader] = childElement;
-    }
-    treeNode.edges[elementHeader] = elementHeader;
-};
-const hasChildren = (nextNodeLevel, nodeLevel) => {
-    if (nextNodeLevel > nodeLevel) {
-        return true;
-    }
-};
-const lastChild = (nextNodeLevel, nodeLevel) => {
-    if (nextNodeLevel < nodeLevel) {
-        return true;
-    }
-};
-const calculateLevels = (nextNodeLevel, nodeLevel) => {
-    return (nodeLevel - nextNodeLevel) / 5;
-};
-const buildTree = shavedOutput => {
-    let tree = {};
-    let rootElement;
-    let levelNodes = [];
-    shavedOutput.forEach((element, index) => {
-        if (index === 0) {
-            let cleanElement = stripElement(element);
-            let elementHeader = getElementHeader(cleanElement);
-            let splitElement = element.split(' ');
-            let splitGroupName = splitElement[1].split(':');
-            let validateVersion = false;
-            if (!element.includes('->')) {
-                validateVersion = true;
-            }
-            tree[splitGroupName[0]] = {};
-            tree[splitGroupName[0]][elementHeader] = {
-                artifactID: splitGroupName[1],
-                group: splitGroupName[0],
-                version: validateVersion
-                    ? checkVersion(cleanElement)
-                    : splitElement[splitElement.length - 1],
-                scope: 'compile',
-                type: 'direct',
-                edges: {}
-            };
-            rootElement = splitGroupName[0];
-            levelNodes.push(elementHeader);
-        }
-        if (shavedOutput.length - 1 === index) {
-            const parentOfCurrent = levelNodes[levelNodes.length - 1];
-            let nodeLevel = computeRelationToLastElement(element);
-            let validateVersion = false;
-            if (!element.includes('->')) {
-                validateVersion = true;
-            }
-            if (nodeLevel === 0) {
-                let cleanElement = stripElement(element);
-                let elementHeader = getElementHeader(cleanElement);
-                let splitElement = element.split(' ');
-                let splitGroupName = splitElement[1].split(':');
-                tree[rootElement][elementHeader] = {
-                    artifactID: splitGroupName[1],
-                    group: splitGroupName[0],
-                    version: validateVersion
-                        ? checkVersion(cleanElement)
-                        : splitElement[splitElement.length - 1],
-                    scope: 'compile',
-                    type: 'direct',
-                    edges: {}
-                };
-            }
-            else {
-                buildElement(element, rootElement, parentOfCurrent, tree);
-            }
-        }
-        if (index >= 1 && index < shavedOutput.length - 1) {
-            let nodeLevel = computeRelationToLastElement(element);
-            let nextNodeLevel = computeRelationToLastElement(shavedOutput[index + 1]);
-            const parentOfCurrent = levelNodes[levelNodes.length - 1];
-            let isRoot = false;
-            if (nodeLevel === 0) {
-                isRoot = true;
-            }
-            if (isRoot) {
-                let cleanElement = stripElement(element);
-                let elementHeader = getElementHeader(cleanElement);
-                let splitElement = element.split(' ');
-                let splitGroupName = splitElement[1].split(':');
-                let validateVersion = false;
-                if (!element.includes('->')) {
-                    validateVersion = true;
-                }
-                tree[rootElement][elementHeader] = {
-                    artifactID: splitGroupName[1],
-                    group: splitGroupName[0],
-                    version: validateVersion
-                        ? checkVersion(cleanElement)
-                        : splitElement[splitElement.length - 1],
-                    scope: 'compile',
-                    type: 'direct',
-                    edges: {}
-                };
-                levelNodes.push(elementHeader);
-                return;
-            }
-            let elementHeader = getElementHeader(element);
-            buildElement(element, rootElement, parentOfCurrent, tree, isRoot);
-            if (hasChildren(nextNodeLevel, nodeLevel)) {
-                buildElement(element, rootElement, parentOfCurrent, tree, isRoot);
-                levelNodes.push(elementHeader);
-            }
-            if (lastChild(nextNodeLevel, nodeLevel)) {
-                let levelDifference = calculateLevels(nextNodeLevel, nodeLevel);
-                if (levelDifference === 0) {
-                    levelNodes.pop();
-                }
-                else {
-                    let i;
-                    for (i = 0; i < levelDifference; i++) {
-                        levelNodes.pop();
-                    }
-                }
-            }
-        }
-    });
-    return tree;
-};
-const getNestedObject = (nestedObj, pathArr) => {
-    return pathArr.reduce((obj, key) => (obj && obj[key] !== 'undefined' ? obj[key] : undefined), nestedObj);
-};
-const parseSubProject = shavedOutput => {
-    let obj = [];
-    for (let key in shavedOutput) {
-        if (!shavedOutput[key].includes('project')) {
-            obj.push(shavedOutput[key]);
-        }
-    }
-    return obj;
-};
-const validateIndentation = shavedOutput => {
-    let validatedTree = [];
-    shavedOutput.forEach((element, index) => {
-        let nextNodeLevel;
-        let nodeLevel = computeRelationToLastElement(element);
-        if (shavedOutput[index + 1] !== undefined) {
-            nextNodeLevel = computeRelationToLastElement(shavedOutput[index + 1]);
-        }
-        if (index === 0) {
-            validatedTree.push(shavedOutput[index]);
-            validatedTree.push(shavedOutput[index + 1]);
-        }
-        else if (nextNodeLevel > nodeLevel + 5) {
-            return;
-        }
-        else {
-            validatedTree.push(shavedOutput[index + 1]);
-        }
-    });
-    validatedTree.pop();
-    return validatedTree;
-};
-const parseGradle = (gradleDependencyTreeOutput, config) => {
-    let shavedOutput = shaveOutput(gradleDependencyTreeOutput);
-    if (config.subProject) {
-        let subProject = parseSubProject(shavedOutput);
-        let validatedOutput = validateIndentation(subProject);
-        return buildTree(validatedOutput);
-    }
-    else {
-        let validatedOutput = validateIndentation(shavedOutput);
-        return buildTree(validatedOutput);
-    }
-};
-exports.shaveOutput = shaveOutput;
-exports.validateIndentation = validateIndentation;
-exports.stripElement = stripElement;
-exports.getElementHeader = getElementHeader;
-exports.createElement = createElement;
-exports.parseGradle = parseGradle;
-exports.computeRelationToLastElement = computeRelationToLastElement;
-exports.hasChildren = hasChildren;
-exports.lastChild = lastChild;
-exports.calculateLevels = calculateLevels;
-exports.buildElement = buildElement;
-exports.checkVersion = checkVersion;
-exports.computeIndentation = computeIndentation;
-exports.computeLevel = computeLevel;
-exports.addIndentation = addIndentation;

package/dist/audit/javaAnalysisEngine/readProjectFileContents.js

@@ -1,98 +0,0 @@
-"use strict";
-const child_process = require('child_process');
-const fs = require('fs');
-const i18n = require('i18n');
-const path = require('path');
-module.exports = exports = ({ language: { projectFilePath }, java }, next, config) => {
-    let cmdStdout;
-    let cwd;
-    let timeout;
-    let javaProject = '';
-    let mvn_settings = '';
-    const maven = 'Maven';
-    const gradle = 'Gradle';
-    try {
-        if (projectFilePath.includes('pom.xml')) {
-            javaProject = maven;
-            cwd = projectFilePath.replace('pom.xml', '');
-        }
-        else if (projectFilePath.includes('build.gradle')) {
-            javaProject = gradle;
-            cwd = projectFilePath.replace('build.gradle', '');
-        }
-        timeout = 960000;
-        if (javaProject === maven) {
-            if (config.mavenSettingsPath) {
-                mvn_settings = ' -s ' + config.mavenSettingsPath;
-            }
-            if (config.betaUnifiedJavaParser) {
-                cmdStdout = child_process.execSync('mvn dependency:tree -B' + mvn_settings, {
-                    cwd,
-                    timeout
-                });
-            }
-            else {
-                cmdStdout = child_process.execSync('mvn dependency:tree -DoutputType=dot -B' + mvn_settings, {
-                    cwd,
-                    timeout
-                });
-            }
-            java.mvnDependancyTreeOutput = cmdStdout.toString();
-        }
-        else if (javaProject === gradle) {
-            if (config.subProject) {
-                cmdStdout = child_process.execSync('.' +
-                    path.sep +
-                    'gradlew :' +
-                    config.subProject +
-                    ':dependencies --configuration runtimeClasspath', {
-                    cwd,
-                    timeout
-                });
-            }
-            else {
-                cmdStdout = child_process.execSync('.' +
-                    path.sep +
-                    'gradlew dependencies --configuration runtimeClasspath', {
-                    cwd,
-                    timeout
-                });
-            }
-            if (cmdStdout
-                .toString()
-                .includes("runtimeClasspath - Runtime classpath of source set 'main'.\n" +
-                'No dependencies')) {
-                cmdStdout = child_process.execSync('.' + path.sep + 'gradlew dependencies', {
-                    cwd,
-                    timeout
-                });
-            }
-            java.mvnDependancyTreeOutput = cmdStdout.toString();
-        }
-        next();
-    }
-    catch (err) {
-        if (javaProject === maven) {
-            try {
-                child_process.execSync('mvn --version', {
-                    cwd,
-                    timeout
-                });
-                next(new Error(i18n.__('mavenDependencyTreeNonZero', cwd, `${err.message}`)));
-            }
-            catch (mvnErr) {
-                next(new Error(i18n.__('mavenNotInstalledError', cwd, `${mvnErr.message}`)));
-            }
-        }
-        else if (javaProject === gradle) {
-            if (fs.existsSync(cwd + 'gradlew') ||
-                fs.existsSync(cwd + 'gradlew.bat')) {
-                next(new Error(i18n.__('gradleDependencyTreeNonZero', cwd, `${err.message}`)));
-            }
-            else {
-                next(new Error(i18n.__('gradleWrapperUnavailable', cwd, `${err.message}`)));
-            }
-        }
-        return;
-    }
-};

package/dist/audit/javaAnalysisEngine/sanitizer.js

@@ -1,5 +0,0 @@
-"use strict";
-module.exports = exports = ({ java }, next) => {
-    delete java.mvnDependancyTreeOutput;
-    next();
-};

package/dist/audit/languageAnalysisEngine/checkForMultipleIdentifiedLanguages.js

@@ -1,24 +0,0 @@
-"use strict";
-const i18n = require('i18n');
-module.exports = exports = (analysis, next) => {
-    const { languageAnalysis } = analysis;
-    try {
-        checkForMultipleIdentifiedLanguages(languageAnalysis.identifiedLanguages);
-    }
-    catch (err) {
-        next(err);
-        return;
-    }
-    next();
-};
-const checkForMultipleIdentifiedLanguages = identifiedLanguages => {
-    if (Object.keys(identifiedLanguages).length > 1) {
-        let errMsg = i18n.__('languageAnalysisMultipleLanguages1');
-        for (const [language, { projectFilenames }] of Object.entries(identifiedLanguages)) {
-            errMsg += `\t${language}: ${projectFilenames.join(', ')}\n`;
-        }
-        errMsg += i18n.__('languageAnalysisMultipleLanguages2', "'project_path'");
-        throw new Error(errMsg);
-    }
-};
-exports.checkForMultipleIdentifiedLanguages = checkForMultipleIdentifiedLanguages;

package/dist/audit/languageAnalysisEngine/checkForMultipleIdentifiedProjectFiles.js

@@ -1,24 +0,0 @@
-"use strict";
-const i18n = require('i18n');
-module.exports = exports = (analysis, next) => {
-    const { languageAnalysis } = analysis;
-    try {
-        checkForMultipleIdentifiedProjectFiles(languageAnalysis.identifiedLanguages);
-    }
-    catch (err) {
-        next(err);
-        return;
-    }
-    next();
-};
-const checkForMultipleIdentifiedProjectFiles = identifiedLanguages => {
-    if (Object.keys(identifiedLanguages).length == 1) {
-        let { projectFilenames } = Object.values(identifiedLanguages)[0];
-        if (projectFilenames.length > 1) {
-            const [language] = Object.keys(identifiedLanguages);
-            projectFilenames = projectFilenames.join(', ');
-            throw new Error(i18n.__('languageAnalysisProjectFiles', language, projectFilenames, "'project_path'"));
-        }
-    }
-};
-exports.checkForMultipleIdentifiedProjectFiles = checkForMultipleIdentifiedProjectFiles;

package/dist/audit/languageAnalysisEngine/checkIdentifiedLanguageHasLockFile.js

@@ -1,35 +0,0 @@
-"use strict";
-const i18n = require('i18n');
-module.exports = exports = (analysis, next) => {
-    try {
-        const { languageAnalysis } = analysis;
-        if (Object.getOwnPropertyNames(languageAnalysis.identifiedLanguages)[0] ===
-            'JAVA' ||
-            Object.getOwnPropertyNames(languageAnalysis.identifiedLanguages)[0] ===
-                'GO') {
-            next();
-            return;
-        }
-        checkForLockFile(languageAnalysis.identifiedLanguages);
-    }
-    catch (err) {
-        next(err);
-        return;
-    }
-    next();
-    return;
-};
-const checkForLockFile = identifiedLanguages => {
-    if (Object.keys(identifiedLanguages).length == 1) {
-        let { lockFilenames } = Object.values(identifiedLanguages)[0];
-        if (lockFilenames.length == 0) {
-            const [language] = Object.keys(identifiedLanguages);
-            throw new Error(i18n.__('languageAnalysisHasNoLockFile', language));
-        }
-        if (lockFilenames.length > 1) {
-            const [language] = Object.keys(identifiedLanguages);
-            throw new Error(i18n.__('languageAnalysisHasMultipleLockFiles', language, String(lockFilenames)));
-        }
-    }
-};
-exports.checkForLockFile = checkForLockFile;

package/dist/audit/languageAnalysisEngine/checkIdentifiedLanguageHasProjectFile.js

@@ -1,23 +0,0 @@
-"use strict";
-const i18n = require('i18n');
-module.exports = exports = (analysis, next) => {
-    const { languageAnalysis } = analysis;
-    try {
-        checkIdentifiedLanguageHasProjectFile(languageAnalysis.identifiedLanguages);
-    }
-    catch (err) {
-        next(err);
-        return;
-    }
-    next();
-};
-const checkIdentifiedLanguageHasProjectFile = identifiedLanguages => {
-    if (Object.keys(identifiedLanguages).length == 1) {
-        let { projectFilenames } = Object.values(identifiedLanguages)[0];
-        if (projectFilenames.length == 0) {
-            const [language] = Object.keys(identifiedLanguages);
-            throw new Error(i18n.__('languageAnalysisProjectFileError', language));
-        }
-    }
-};
-exports.checkIdentifiedLanguageHasProjectFile = checkIdentifiedLanguageHasProjectFile;

package/dist/audit/languageAnalysisEngine/constants.js

@@ -1,20 +0,0 @@
-"use strict";
-const NODE = 'NODE';
-const JAVASCRIPT = 'JAVASCRIPT';
-const DOTNET = 'DOTNET';
-const JAVA = 'JAVA';
-const RUBY = 'RUBY';
-const PYTHON = 'PYTHON';
-const GO = 'GO';
-const PHP = 'PHP';
-const LOW = 'LOW';
-const MEDIUM = 'MEDIUM';
-const HIGH = 'HIGH';
-const CRITICAL = 'CRITICAL';
-module.exports = {
-    supportedLanguages: { NODE, DOTNET, JAVA, RUBY, PYTHON, GO, PHP, JAVASCRIPT },
-    LOW: LOW,
-    MEDIUM: MEDIUM,
-    HIGH: HIGH,
-    CRITICAL: CRITICAL
-};

package/dist/audit/languageAnalysisEngine/getIdentifiedLanguageInfo.js

@@ -1,25 +0,0 @@
-"use strict";
-const path = require('path');
-module.exports = exports = (analysis, next) => {
-    const { projectPath, languageAnalysis } = analysis;
-    languageAnalysis.identifiedLanguageInfo = getIdentifiedLanguageInfo(projectPath, languageAnalysis.identifiedLanguages);
-    next();
-};
-const getIdentifiedLanguageInfo = (projectPath, identifiedLanguages) => {
-    const [language] = Object.keys(identifiedLanguages);
-    const { projectFilenames: [projectFilename], lockFilenames: [lockFilename] } = Object.values(identifiedLanguages)[0];
-    let identifiedLanguageInfo = {
-        language,
-        projectFilename,
-        projectFilePath: path.join(projectPath, projectFilename)
-    };
-    if (lockFilename) {
-        identifiedLanguageInfo = {
-            ...identifiedLanguageInfo,
-            lockFilename,
-            lockFilePath: path.join(projectPath, lockFilename)
-        };
-    }
-    return identifiedLanguageInfo;
-};
-exports.getIdentifiedLanguageInfo = getIdentifiedLanguageInfo;

package/dist/audit/languageAnalysisEngine/index.js

@@ -1,39 +0,0 @@
-"use strict";
-const AnalysisEngine = require('./../AnalysisEngine');
-const i18n = require('i18n');
-const getProjectRootFilenames = require('./getProjectRootFilenames');
-const reduceIdentifiedLanguages = require('./reduceIdentifiedLanguages');
-const checkForMultipleIdentifiedLanguages = require('./checkForMultipleIdentifiedLanguages');
-const checkForMultipleIdentifiedProjectFiles = require('./checkForMultipleIdentifiedProjectFiles');
-const checkIdentifiedLanguageHasProjectFile = require('./checkIdentifiedLanguageHasProjectFile');
-const checkIdentifiedLanguageHasLockFile = require('./checkIdentifiedLanguageHasLockFile');
-const getIdentifiedLanguageInfo = require('./getIdentifiedLanguageInfo');
-const { libraryAnalysisError } = require('../../common/errorHandling');
-module.exports = exports = (projectPath, callback, appId, config) => {
-    const ae = new AnalysisEngine({
-        projectPath,
-        appId,
-        languageAnalysis: { appId: appId },
-        config
-    });
-    ae.use([
-        getProjectRootFilenames,
-        reduceIdentifiedLanguages,
-        checkForMultipleIdentifiedLanguages,
-        checkForMultipleIdentifiedProjectFiles,
-        checkIdentifiedLanguageHasProjectFile,
-        checkIdentifiedLanguageHasLockFile,
-        getIdentifiedLanguageInfo
-    ]);
-    ae.analyze((err, analysis) => {
-        if (err) {
-            console.log('*******************' +
-                i18n.__('languageAnalysisFailureMessage') +
-                '****************');
-            console.error(`${err.message}`);
-            libraryAnalysisError();
-            process.exit(1);
-        }
-        callback(null, analysis);
-    });
-};