@contrast/contrast 1.0.6 → 1.0.9

package/dist/scan/fileUtils.js

@@ -10,69 +10,87 @@ const findFile = async () => {
         onlyFiles: true
     });
 };
-const findFilesJava = async (languagesFound) => {
+const findFilesJava = async (languagesFound, filePath) => {
     const result = await fg(['**/pom.xml', '**/build.gradle', '**/build.gradle.kts'], {
         dot: false,
         deep: 1,
-        onlyFiles: true
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
     });
     if (result.length > 0) {
-        return languagesFound.push({ java: result });
+        return languagesFound.push({ JAVA: result });
     }
     return languagesFound;
 };
-const findFilesJavascript = async (languagesFound) => {
-    const result = await fg(['**/package.json', '**/yarn.lock', '**/package.lock.json'], {
+const findFilesJavascript = async (languagesFound, filePath) => {
+    const result = await fg(['**/package.json', '**/yarn.lock', '**/package-lock.json'], {
         dot: false,
         deep: 1,
-        onlyFiles: true
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
     });
     if (result.length > 0) {
-        return languagesFound.push({ javascript: result });
+        return languagesFound.push({ JAVASCRIPT: result });
     }
     return languagesFound;
 };
-const findFilesPython = async (languagesFound) => {
+const findFilesPython = async (languagesFound, filePath) => {
     const result = await fg(['**/Pipfile.lock', '**/Pipfile'], {
         dot: false,
         deep: 3,
-        onlyFiles: true
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
     });
     if (result.length > 0) {
-        return languagesFound.push({ python: result });
+        return languagesFound.push({ PYTHON: result });
     }
     return languagesFound;
 };
-const findFilesGo = async (languagesFound) => {
+const findFilesGo = async (languagesFound, filePath) => {
     const result = await fg(['**/go.mod'], {
         dot: false,
         deep: 3,
-        onlyFiles: true
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
     });
     if (result.length > 0) {
-        return languagesFound.push({ go: result });
+        return languagesFound.push({ GO: result });
     }
     return languagesFound;
 };
-const findFilesRuby = async (languagesFound) => {
+const findFilesRuby = async (languagesFound, filePath) => {
     const result = await fg(['**/Gemfile', '**/Gemfile.lock'], {
         dot: false,
         deep: 3,
-        onlyFiles: true
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
     });
     if (result.length > 0) {
-        return languagesFound.push({ ruby: result });
+        return languagesFound.push({ RUBY: result });
     }
     return languagesFound;
 };
-const findFilesPhp = async (languagesFound) => {
+const findFilesPhp = async (languagesFound, filePath) => {
     const result = await fg(['**/composer.json', '**/composer.lock'], {
         dot: false,
         deep: 3,
-        onlyFiles: true
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
     });
     if (result.length > 0) {
-        return languagesFound.push({ php: result });
+        return languagesFound.push({ PHP: result });
+    }
+    return languagesFound;
+};
+const findFilesDotNet = async (languagesFound, filePath) => {
+    const result = await fg(['**/*.csproj', '**/packages.lock.json'], {
+        dot: false,
+        deep: 3,
+        onlyFiles: true,
+        cwd: filePath ? filePath : process.cwd()
+    });
+    if (result.length > 0) {
+        return languagesFound.push({ DOTNET: result });
     }
     return languagesFound;
 };
@@ -90,6 +108,23 @@ const checkFilePermissions = file => {
 const fileExists = path => {
     return fs.existsSync(path);
 };
+const fileIsEmpty = path => {
+    if (fileExists(path) && checkFilePermissions(path)) {
+        try {
+            return fs.readFileSync(path).length === 0;
+        }
+        catch (e) {
+            if (e.message.toString().includes('illegal operation on a directory, read')) {
+                console.log('file provided cannot be a directory');
+            }
+            else {
+                console.log(e.message.toString());
+            }
+            process.exit(0);
+        }
+    }
+    return false;
+};
 module.exports = {
     findFile,
     fileExists,
@@ -99,5 +134,7 @@ module.exports = {
     findFilesPython,
     findFilesGo,
     findFilesPhp,
-    findFilesRuby
+    findFilesRuby,
+    findFilesDotNet,
+    fileIsEmpty
 };

package/dist/scan/formatScanOutput.js

@@ -12,7 +12,7 @@ const cli_table3_1 = __importDefault(require("cli-table3"));
 const constants_1 = require("../constants/constants");
 function formatScanOutput(scanResults) {
     const { scanResultsInstances } = scanResults;
-    let projectOverview = getProjectOverview(scanResultsInstances);
+    const projectOverview = getProjectOverview(scanResultsInstances);
     if (scanResultsInstances.content.length === 0) {
         console.log(i18n_1.default.__('scanNoVulnerabilitiesFound'));
         console.log(i18n_1.default.__('scanNoVulnerabilitiesFoundSecureCode'));
@@ -25,8 +25,9 @@ function formatScanOutput(scanResults) {
         console.log(chalk_1.default.bold(message));
         console.log();
         let defaultView = getDefaultView(scanResultsInstances.content);
-        let count = defaultView.length;
+        let count = 0;
         defaultView.forEach(entry => {
+            count++;
             let table = new cli_table3_1.default({
                 chars: {
                     top: '',
@@ -52,7 +53,7 @@ function formatScanOutput(scanResults) {
             });
             let learnRow = [];
             let adviceRow = [];
-            let headerRow = [
+            const headerRow = [
                 chalk_1.default
                     .hex(entry.colour)
                     .bold(`CONTRAST-${count.toString().padStart(3, '0')}`),
@@ -60,12 +61,13 @@ function formatScanOutput(scanResults) {
                 chalk_1.default.hex(entry.colour).bold(`[${entry.severity}] ${entry.ruleId}`) +
                     entry.message
             ];
-            let codeRow = [
+            const codePath = entry.codePath?.replace(/^@/, '');
+            const codeRow = [
                 chalk_1.default.hex('#F6F5F5').bold(`Code`),
                 chalk_1.default.hex('#F6F5F5').bold(`:`),
-                chalk_1.default.hex('#F6F5F5').bold(`${entry.codePath}`)
+                chalk_1.default.hex('#F6F5F5').bold(`${codePath}`)
             ];
-            let issueRow = [chalk_1.default.bold(`Issue`), chalk_1.default.bold(`:`), `${entry.issue}`];
+            const issueRow = [chalk_1.default.bold(`Issue`), chalk_1.default.bold(`:`), `${entry.issue}`];
             table.push(headerRow, codeRow, issueRow);
             if (entry?.advice) {
                 adviceRow = [
@@ -83,7 +85,6 @@ function formatScanOutput(scanResults) {
                 ];
                 table.push(learnRow);
             }
-            count--;
             console.log(table.toString());
             console.log();
         });
@@ -98,7 +99,7 @@ function printVulnInfo(projectOverview) {
     console.log(i18n_1.default.__('foundDetailedVulnerabilities', String(projectOverview.critical), String(projectOverview.high), String(projectOverview.medium), String(projectOverview.low), String(projectOverview.note)));
 }
 function getProjectOverview(scanResultsInstances) {
-    let acc = {
+    const acc = {
         critical: 0,
         high: 0,
         medium: 0,
@@ -118,7 +119,7 @@ function getProjectOverview(scanResultsInstances) {
 }
 exports.getProjectOverview = getProjectOverview;
 function formatLinks(objName, entry) {
-    let line = chalk_1.default.bold(objName + '  : ');
+    const line = chalk_1.default.bold(objName + '  : ');
     if (entry.length === 1) {
         console.log(line + chalk_1.default.hex('#97DCF7').bold.underline(entry[0]));
     }
@@ -148,7 +149,7 @@ function getDefaultView(content) {
         groupTypeResults.push(groupResultsObj);
         assignBySeverity(resultEntry, groupResultsObj);
     });
-    return (0, lodash_1.sortBy)(groupTypeResults, ['priority']).reverse();
+    return (0, lodash_1.sortBy)(groupTypeResults, ['priority']);
 }
 exports.getDefaultView = getDefaultView;
 function editVulName(message) {
@@ -179,10 +180,7 @@ function getCodeFlowInfo(resultEntry) {
 }
 exports.getCodeFlowInfo = getCodeFlowInfo;
 function stripTags(oldString) {
-    return oldString
-        .replace(/\n/g, ' ')
-        .replace(/\s+/g, ' ')
-        .trim();
+    return oldString.replace(/\n/g, ' ').replace(/\s+/g, ' ').trim();
 }
 exports.stripTags = stripTags;
 function assignBySeverity(entry, assignedObj) {

package/dist/scan/models/groupedResultsModel.js

@@ -5,7 +5,7 @@ class GroupedResultsModel {
     constructor(ruleId) {
         this.ruleId = ruleId;
         this.colour = '#999999';
-        this.codePathSet = new Set;
+        this.codePathSet = new Set();
     }
 }
 exports.GroupedResultsModel = GroupedResultsModel;

package/dist/scan/models/scanResultsModel.js

@@ -5,7 +5,9 @@ class ScanResultsModel {
     constructor(scan) {
         this.projectOverview = scan.projectOverview;
         this.scanDetail = scan.scanDetail;
-        this.scanResultsInstances = scan.scanResultsInstances;
+        this.scanResultsInstances =
+            scan.scanResultsInstances;
+        this.newProject = scan.newProject;
     }
 }
 exports.ScanResultsModel = ScanResultsModel;

package/dist/scan/populateProjectIdAndProjectName.js

@@ -8,8 +8,9 @@ const populateProjectId = async (config) => {
         proj = await getExistingProjectIdByName(config, client).then(res => {
             return res;
         });
+        return { projectId: proj, isNewProject: false };
     }
-    return proj;
+    return { projectId: proj, isNewProject: true };
 };
 const createProjectId = async (config, client) => {
     return client

package/dist/scan/scan.js

@@ -55,6 +55,7 @@ const sendScan = async (config) => {
             }
         })
             .catch(err => {
+            oraWrapper_1.default.stopSpinner(startUploadSpinner);
             console.log(err);
         });
     }

package/dist/scan/scanConfig.js

@@ -3,7 +3,7 @@ const paramHandler = require('../utils/paramsUtil/paramHandler');
 const constants = require('../../src/constants.js');
 const parsedCLIOptions = require('../../src/utils/parsedCLIOptions');
 const path = require('path');
-const { supportedLanguages } = require('../audit/languageAnalysisEngine/constants');
+const { supportedLanguagesScan } = require('../constants/constants');
 const i18n = require('i18n');
 const { scanUsageGuide } = require('./help');
 const getScanConfig = argv => {
@@ -15,16 +15,21 @@ const getScanConfig = argv => {
     const paramsAuth = paramHandler.getAuth(scanParams);
     if (scanParams.language) {
         scanParams.language = scanParams.language.toUpperCase();
-        if (!Object.values(supportedLanguages).includes(scanParams.language)) {
+        if (!Object.values(supportedLanguagesScan).includes(scanParams.language)) {
             console.log(`Did not recognise --language ${scanParams.language}`);
             console.log(i18n.__('constantsHowToRunDev3'));
             process.exit(1);
         }
     }
+    let projectNameSource;
     if (!scanParams.name && scanParams.file) {
         scanParams.name = getFileName(scanParams.file);
+        projectNameSource = 'AUTO';
     }
-    return { ...paramsAuth, ...scanParams };
+    else {
+        projectNameSource = 'USER';
+    }
+    return { ...paramsAuth, ...scanParams, projectNameSource };
 };
 const getFileName = file => {
     return file.split(path.sep).pop();

package/dist/scan/scanController.js

@@ -24,6 +24,10 @@ const fileAndLanguageLogic = async (configToUse) => {
             console.log(i18n.__('fileNotExist'));
             process.exit(1);
         }
+        if (fileFunctions.fileIsEmpty(configToUse.file)) {
+            console.log(i18n.__('scanFileIsEmpty'));
+            process.exit(1);
+        }
         return configToUse;
     }
     else {
@@ -35,14 +39,20 @@ const fileAndLanguageLogic = async (configToUse) => {
 const startScan = async (configToUse) => {
     const startTime = performance.now();
     await fileAndLanguageLogic(configToUse);
+    let newProject;
     if (!configToUse.projectId) {
-        configToUse.projectId = await populateProjectIdAndProjectName.populateProjectId(configToUse);
+        const { projectId, isNewProject } = await populateProjectIdAndProjectName.populateProjectId(configToUse);
+        configToUse.projectId = projectId;
+        newProject = isNewProject;
+    }
+    else {
+        newProject = false;
     }
     const codeArtifactId = await scan.sendScan(configToUse);
     if (!configToUse.ff) {
         const startScanSpinner = returnOra('🚀 Contrast Scan started');
         startSpinner(startScanSpinner);
-        const scanDetail = await scanResults.returnScanResults(configToUse, codeArtifactId, getTimeout(configToUse), startScanSpinner);
+        const scanDetail = await scanResults.returnScanResults(configToUse, codeArtifactId, newProject, getTimeout(configToUse), startScanSpinner);
         const scanResultsInstances = await scanResults.returnScanResultsInstances(configToUse, scanDetail.id);
         const endTime = performance.now();
         const scanDurationMs = endTime - startTime;
@@ -54,7 +64,10 @@ const startScan = async (configToUse) => {
         else {
             succeedSpinner(startScanSpinner, 'Contrast Scan complete');
             console.log(`----- Scan completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`);
-            return { scanDetail, scanResultsInstances: scanResultsInstances.body };
+            return {
+                scanDetail,
+                scanResultsInstances: scanResultsInstances.body
+            };
         }
     }
 };

package/dist/scan/scanResults.js

@@ -26,9 +26,13 @@ const pollScanResults = async (config, scanId, client) => {
         console.log(err);
     });
 };
-const returnScanResults = async (config, codeArtifactId, timeout, startScanSpinner) => {
+const returnScanResults = async (config, codeArtifactId, newProject, timeout, startScanSpinner) => {
     const client = commonApi.getHttpClient(config);
     let scanId = await getScanId(config, codeArtifactId, client);
+    if (process.env.CODESEC_INVOCATION_ENVIRONMENT &&
+        process.env.CODESEC_INVOCATION_ENVIRONMENT.toUpperCase() === 'GITHUB') {
+        await client.createNewEvent(config, scanId, newProject);
+    }
     let startTime = new Date();
     let complete = false;
     if (!_.isNil(scanId)) {

package/dist/utils/commonApi.js

@@ -1,6 +1,6 @@
 "use strict";
 const HttpClient = require('./../common/HTTPClient');
-const { badRequestError, unauthenticatedError, forbiddenError, proxyError, genericError } = require('../common/errorHandling');
+const { badRequestError, unauthenticatedError, forbiddenError, proxyError, genericError, maxAppError } = require('../common/errorHandling');
 const handleResponseErrors = (res, api) => {
     if (res.statusCode === 400) {
         api === 'catalogue' ? badRequestError(true) : badRequestError(false);
@@ -14,6 +14,9 @@ const handleResponseErrors = (res, api) => {
     else if (res.statusCode === 407) {
         proxyError();
     }
+    else if (res.statusCode === 412) {
+        maxAppError();
+    }
     else {
         genericError();
     }

package/dist/utils/filterProjectPath.js

@@ -1,5 +1,6 @@
 "use strict";
 const path = require('path');
+const child_process = require('child_process');
 function resolveFilePath(filepath) {
     if (filepath[0] === '~') {
         return path.join(process.env.HOME, filepath.slice(1));
@@ -7,11 +8,15 @@ function resolveFilePath(filepath) {
     return filepath;
 }
 const returnProjectPath = () => {
-    if (process.env.PWD !== (undefined || null || 'undefined')) {
+    if (process.platform == 'win32') {
+        let winPath = child_process.execSync('cd').toString();
+        return winPath.replace(/\//g, '\\').trim();
+    }
+    else if (process.env.PWD !== (undefined || null || 'undefined')) {
         return process.env.PWD;
     }
     else {
-        return process.argv[process.argv.indexOf('--project_path') + 1];
+        return process.argv[process.argv.indexOf('--file') + 1];
     }
 };
 module.exports = {

package/dist/utils/getConfig.js

@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.setConfigValues = exports.createConfigFromYaml = exports.localConfig = void 0;
+exports.setConfigValues = exports.localConfig = void 0;
 const conf_1 = __importDefault(require("conf"));
 const localConfig = (name, version) => {
     const config = new conf_1.default({
@@ -19,11 +19,6 @@ const localConfig = (name, version) => {
     return config;
 };
 exports.localConfig = localConfig;
-const createConfigFromYaml = (yamlPath) => {
-    const yamlConfig = {};
-    return yamlConfig;
-};
-exports.createConfigFromYaml = createConfigFromYaml;
 const setConfigValues = (config, values) => {
     config.set('apiKey', values.apiKey);
     config.set('organizationId', values.orgId);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/contrast",
-  "version": "1.0.6",
+  "version": "1.0.9",
   "description": "Contrast Security's command line tool",
   "main": "dist/index.js",
   "bin": {
@@ -23,9 +23,9 @@
     "test": "jest --testPathIgnorePatterns=./test-integration/",
     "test-int": "jest ./test-integration/",
     "test-int-scan": "jest ./test-integration/scan",
-    "test-int-audit": "jest ./test-integration/audit",
-    "format": "prettier --write \"**/*.{ts,tsx,js,css,scss,json,md,yml}\" .eslintrc.* .babelrc",
-    "check-format": "prettier --check \"**/*.{ts,tsx,js,css,scss,json,md,yml}\" .eslintrc.* .babelrc",
+    "test-int-audit": "jest test-integration/audit/audit-int.spec.js",
+    "format": "prettier --write \"**/*.{ts,tsx,js,json,md,yml}\" .eslintrc.*",
+    "check-format": "prettier --check \"**/*.{ts,tsx,js,json,md,yml}\" .eslintrc.*",
     "coverage-local": "nyc --reporter=text mocha './test/**/*.spec.js'",
     "coverage": "yarn test --coverage",
     "lint": "eslint --config .eslintrc.json . --ext .ts",
@@ -53,7 +53,6 @@
     "fast-glob": "^3.2.11",
     "i18n": "^0.14.2",
     "js-yaml": "^4.1.0",
-    "latest-version": "5.1.0",
     "lodash": "^4.17.21",
     "log-symbols": "^4.1.0",
     "open": "^8.4.0",
@@ -74,12 +73,13 @@
     "@types/i18n": "^0.13.2",
     "@types/jest": "^27.4.1",
     "@types/lodash": "^4.14.182",
+    "@types/node": "*",
     "@typescript-eslint/eslint-plugin": "^5.21.0",
     "@typescript-eslint/parser": "^5.21.0",
     "csv-writer": "^1.6.0",
     "eslint": "^8.14.0",
     "eslint-config-prettier": "^8.5.0",
-    "eslint-plugin-prettier": "^4.0.0",
+    "eslint-plugin-prettier": "^4.2.1",
     "husky": "^3.1.0",
     "jest": "^27.5.1",
     "jest-junit": "^13.2.0",
@@ -87,7 +87,7 @@
     "npm-license-crawler": "^0.2.1",
     "nyc": "^15.1.0",
     "pkg": "^5.6.0",
-    "prettier": "^1.19.1",
+    "prettier": "^2.7.1",
     "tmp": "^0.2.1",
     "ts-jest": "^27.1.4",
     "ts-node": "^10.7.0",
@@ -103,12 +103,15 @@
   ],
   "prettier": {
     "semi": false,
+    "trailingComma": "none",
+    "arrowParens": "avoid",
+    "bracketSpacing": true,
     "singleQuote": true,
+    "bracketSameLine": true,
     "overrides": [
       {
         "files": [
-          ".eslintrc.ng",
-          ".babelrc"
+          ".eslintrc"
         ],
         "options": {
           "parser": "json"

package/src/audit/catalogueApplication/catalogueApplication.js

@@ -1,10 +1,5 @@
-const i18n = require('i18n')
 const { getHttpClient, handleResponseErrors } = require('../../utils/commonApi')
 
-const displaySuccessMessage = () => {
-  console.log(i18n.__('catalogueSuccessCommand'))
-}
-
 const catalogueApplication = async config => {
   const client = getHttpClient(config)
   let appId
@@ -14,8 +9,9 @@ const catalogueApplication = async config => {
       if (res.statusCode === 201) {
         //displaySuccessMessage(config, res.body.application.app_id)
         appId = res.body.application.app_id
+      } else if (doesMessagesContainAppId(res)) {
+        appId = tryRetrieveAppIdFromMessages(res.body.messages)
       } else {
-        // console.log(res.statusCode)
         handleResponseErrors(res, 'catalogue')
       }
     })
@@ -25,6 +21,31 @@ const catalogueApplication = async config => {
   return appId
 }
 
+const doesMessagesContainAppId = res => {
+  const regex = /(Application ID =)/
+  if (
+    res.statusCode === 400 &&
+    res.body.messages.filter(message => regex.exec(message))[0]
+  ) {
+    return true
+  }
+
+  return false
+}
+
+const tryRetrieveAppIdFromMessages = messages => {
+  let appId
+  messages.forEach(message => {
+    if (message.includes('Application ID')) {
+      appId = message.split('=')[1].replace(/\s+/g, '')
+    }
+  })
+
+  return appId
+}
+
 module.exports = {
-  catalogueApplication: catalogueApplication
+  catalogueApplication: catalogueApplication,
+  doesMessagesContainAppId,
+  tryRetrieveAppIdFromMessages
 }

package/src/audit/languageAnalysisEngine/getProjectRootFilenames.js

@@ -1,43 +1,14 @@
 const fs = require('fs')
 const path = require('path')
 const i18n = require('i18n')
-/**
- * Will get the filenames from the project path provided to the SCA CLI tool. If
- * the project path points to a file and not a directory will return the
- * filename in the same fashion as if a directory had been read.
- *
- * Will fail and throw for a manner of reasons when doing file/directory
- * inspection.
- *
- * @param {string} projectPath - The path to a projects root directory or a
- * specific project file
- *
- * @return {string[]} List of filenames associated with a projects root
- * directory or the name of the specific project file if that was provided to
- * the 'projectPath' parameter
- *
- * @throws {Error} If the project path doesn't exist
- * @throws {Error} If the project path information can't be collected
- * @throws {Error} If a non-file or non-directory inspected
- */
-module.exports = exports = (analysis, next) => {
-  const { projectPath, languageAnalysis } = analysis
-  try {
-    languageAnalysis.projectRootFilenames = getProjectRootFilenames(projectPath)
-  } catch (err) {
-    next(err)
-    return
-  }
-  next()
-}
 
-const getProjectRootFilenames = projectPath => {
+const getProjectRootFilenames = file => {
   let projectStats = null
   try {
-    projectStats = fs.statSync(projectPath)
+    projectStats = fs.statSync(file)
   } catch (err) {
     throw new Error(
-      i18n.__('languageAnalysisProjectRootFileNameFailure', projectPath) +
+      i18n.__('languageAnalysisProjectRootFileNameFailure', file) +
         `${err.message}`
     )
   }
@@ -45,10 +16,10 @@ const getProjectRootFilenames = projectPath => {
   // Return the contents of a directory...
   if (projectStats.isDirectory()) {
     try {
-      return fs.readdirSync(projectPath)
+      return fs.readdirSync(file)
     } catch (err) {
       throw new Error(
-        i18n.__('languageAnalysisProjectRootFileNameReadError', projectPath) +
+        i18n.__('languageAnalysisProjectRootFileNameReadError', file) +
           `${err.message}`
       )
     }
@@ -57,16 +28,16 @@ const getProjectRootFilenames = projectPath => {
   // If we are working with a file return it in a list as we do when we work
   // with a directory...
   if (projectStats.isFile()) {
-    return [path.basename(projectPath)]
+    return [path.basename(file)]
   }
 
   // Error out if we are working with something like a socket file or some
   // other craziness...
   throw new Error(
     i18n.__('languageAnalysisProjectRootFileNameMissingError'),
-    projectPath
+    file
   )
 }
-
-//For testing purposes
-exports.getProjectRootFilenames = getProjectRootFilenames
+module.exports = {
+  getProjectRootFilenames
+}