@contrast/contrast 1.0.8 → 1.0.9

package/src/commands/audit/auditController.ts

@@ -1,9 +1,6 @@
 import { catalogueApplication } from '../../audit/catalogueApplication/catalogueApplication'
 import commonApi from '../../audit/languageAnalysisEngine/commonApi'
 
-const identifyLanguageAE = require('./../../audit/languageAnalysisEngine')
-const languageFactory = require('../../audit/languageAnalysisEngine/languageAnalysisFactory')
-
 export const dealWithNoAppId = async (config: { [x: string]: string }) => {
   let appID: string
   try {
@@ -32,14 +29,6 @@ export const dealWithNoAppId = async (config: { [x: string]: string }) => {
   return appID
 }
 
-export const startAudit = async (config: { [key: string]: string }) => {
-  if (!config.applicationId) {
-    // @ts-ignore
-    config.applicationId = await dealWithNoAppId(config)
-  }
-  identifyLanguageAE(config.file, languageFactory, config.applicationId, config)
-}
-
 export const getAppName = (file: string) => {
   const last = file.charAt(file.length - 1)
   if (last !== '/') {

package/src/commands/audit/help.ts

@@ -13,30 +13,13 @@ const auditUsageGuide = commandLineUsage([
       '{bold ' +
         i18n.__('constantsAuditPrerequisitesContentSupportedLanguages') +
         '}',
-      '{bold ' +
-        i18n.__('constantsAuditPrerequisitesContentJava') +
-        '}' +
-        i18n.__('constantsAuditPrerequisitesContentMessage'),
-      '',
-      '{italic ' + i18n.__('constantsJavaNote') + '}',
-      '{italic ' + i18n.__('constantsJavaNoteGradle') + '}',
-      '',
-      '{bold ' +
-        i18n.__('constantsAuditPrerequisitesContentDotNet') +
-        '}' +
-        i18n.__('constantsAuditPrerequisitesContentDotNetMessage'),
-      '{bold ' +
-        i18n.__('constantsAuditPrerequisitesContentLanguageNode') +
-        '}' +
-        i18n.__('constantsAuditPrerequisitesContentLanguageNodeMessage'),
-      '{bold ' +
-        i18n.__('constantsAuditPrerequisitesContentLanguageRuby') +
-        '}' +
-        i18n.__('constantsAuditPrerequisitesContentLanguageRubyMessage'),
-      '{bold ' +
-        i18n.__('constantsAuditPrerequisitesContentLanguagePython') +
-        '}' +
-        i18n.__('constantsAuditPrerequisitesContentLanguagePythonMessage')
+      i18n.__('constantsAuditPrerequisitesJavaContentMessage'),
+      i18n.__('constantsAuditPrerequisitesContentDotNetMessage'),
+      i18n.__('constantsAuditPrerequisitesContentNodeMessage'),
+      i18n.__('constantsAuditPrerequisitesContentRubyMessage'),
+      i18n.__('constantsAuditPrerequisitesContentPythonMessage'),
+      i18n.__('constantsAuditPrerequisitesContentGoMessage'),
+      i18n.__('constantsAuditPrerequisitesContentPHPMessage')
     ]
   },
   {

package/src/commands/audit/processAudit.ts

@@ -1,4 +1,3 @@
-import { startAudit } from './auditController'
 import { getAuditConfig } from './auditConfig'
 import { auditUsageGuide } from './help'
 import { processSca } from '../scan/sca/scaAnalysis'
@@ -11,12 +10,7 @@ export const processAudit = async (argv: parameterInput) => {
     process.exit(0)
   }
   const config = getAuditConfig(argv)
-
-  if (config.experimental) {
-    await processSca(config)
-  } else {
-    await startAudit(config)
-  }
+  await processSca(config)
 }
 
 const printHelpMessage = () => {

package/src/commands/audit/saveFile.ts

@@ -1,7 +1,7 @@
 import fs from 'fs'
 
-export const saveFile = (config: any, rawResults: any) => {
-  const fileName = `${config.applicationId}-sbom-cyclonedx.json`
+export const saveFile = (config: any, type: string, rawResults: any) => {
+  const fileName = `${config.applicationId}-sbom-${type}.json`
   fs.writeFileSync(fileName, JSON.stringify(rawResults))
 }
 

package/src/commands/scan/processScan.js

@@ -7,7 +7,6 @@ const { processSca } = require('./sca/scaAnalysis')
 
 const processScan = async argvMain => {
   let config = scanConfig.getScanConfig(argvMain)
-  // console.log(config)
   //try SCA analysis first
   if (config.experimental) {
     await processSca(config)

package/src/commands/scan/sca/scaAnalysis.js

@@ -1,13 +1,10 @@
 const autoDetection = require('../../../scan/autoDetection')
 const javaAnalysis = require('../../../scaAnalysis/java')
 const treeUpload = require('../../../scaAnalysis/common/treeUpload')
-const {
-  manualDetectAuditFilesAndLanguages
-} = require('../../../scan/autoDetection')
 const auditController = require('../../audit/auditController')
 const {
-  supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP }
-} = require('../../../audit/languageAnalysisEngine/constants')
+  supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET }
+} = require('../../../constants/constants')
 const goAnalysis = require('../../../scaAnalysis/go/goAnalysis')
 const phpAnalysis = require('../../../scaAnalysis/php/index')
 const { rubyAnalysis } = require('../../../scaAnalysis/ruby')
@@ -26,14 +23,17 @@ const {
   vulnerabilityReportV2
 } = require('../../../audit/languageAnalysisEngine/report/reportingFeature')
 const auditSave = require('../../../audit/save')
-
+const { dotNetAnalysis } = require('../../../scaAnalysis/dotnet')
 const processSca = async config => {
+  const startTime = performance.now()
   let filesFound
   if (config.file) {
     config.file = config.file.concat('/')
-    filesFound = await manualDetectAuditFilesAndLanguages(config.file)
+    filesFound = await autoDetection.autoDetectAuditFilesAndLanguages(
+      config.file
+    )
   } else {
-    filesFound = await autoDetection.autoDetectAuditFilesAndLanguages(config)
+    filesFound = await autoDetection.autoDetectAuditFilesAndLanguages(undefined)
     config.file = process.cwd().concat('/')
   }
 
@@ -70,15 +70,21 @@ const processSca = async config => {
         messageToSend = goAnalysis.goAnalysis(config, filesFound[0])
         config.language = GO
         break
+      case DOTNET:
+        messageToSend = dotNetAnalysis(config, filesFound[0])
+        config.language = DOTNET
+        break
       default:
         //something is wrong
-        console.log('language detected not supported')
+        console.log('No supported language detected in project path')
         return
     }
 
     if (!config.applicationId) {
       config.applicationId = await auditController.dealWithNoAppId(config)
     }
+
+    console.log('') //empty log for space before spinner
     //send message to TS
     const reportSpinner = returnOra(i18n.__('auditSCAAnalysisBegins'))
     startSpinner(reportSpinner)
@@ -93,16 +99,25 @@ const processSca = async config => {
       snapshotResponse.id,
       reportSpinner
     )
-    succeedSpinner(reportSpinner, 'Contrast SCA audit complete')
+    succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'))
 
     await vulnerabilityReportV2(config, snapshotResponse.id)
+    if (config.save !== undefined) {
+      await auditSave.auditSave(config)
+    }
+    const endTime = performance.now() - startTime
+    const scanDurationMs = endTime - startTime
 
-    await auditSave.auditSave(config)
+    console.log(
+      `----- completed in ${(scanDurationMs / 1000).toFixed(2)}s -----`
+    )
   } else {
     if (filesFound.length === 0) {
-      console.log('no compatible dependency files detected. Continuing...')
+      console.log(i18n.__('languageAnalysisNoLanguage'))
+      console.log(i18n.__('languageAnalysisNoLanguageHelpLine'))
+      throw new Error()
     } else {
-      console.log(
+      throw new Error(
         'multiple language files detected, please use --file to specify a directory or the file where dependencies are declared'
       )
     }

package/src/common/HTTPClient.js

@@ -333,9 +333,9 @@ HTTPClient.prototype.checkLibrary = function checkLibrary(data) {
   return requestUtils.sendRequest({ method: 'post', options })
 }
 
-HTTPClient.prototype.getSbom = function getSbom(config) {
+HTTPClient.prototype.getSbom = function getSbom(config, type) {
   const options = _.cloneDeep(this.requestOptions)
-  options.url = createSbomCycloneDXUrl(config)
+  options.url = createSbomUrl(config, type)
   return requestUtils.sendRequest({ method: 'get', options })
 }
 
@@ -417,13 +417,13 @@ function createLibraryVulnerabilitiesUrl(config) {
   return `${config.host}/Contrast/api/ng/${config.organizationId}/libraries/artifactsByGroupNameVersion`
 }
 
-function createSpecificReportUrl(config, reportId) {
-  return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/reports/${reportId}`
+function createSpecificReportUrl(config, reportId, includeTree = false) {
+  return `${config.host}/Contrast/api/ng/sca/organizations/${config.organizationId}/applications/${config.applicationId}/reports/${reportId}?&includeTree=${includeTree}`
 }
 
-function createSpecificReportWithProdUrl(config, reportId) {
-  return createSpecificReportUrl(config, reportId).concat(
-    `?nodesToInclude=PROD`
+function createSpecificReportWithProdUrl(config, reportId, includeTree) {
+  return createSpecificReportUrl(config, reportId, includeTree).concat(
+    `&nodesToInclude=PROD`
   )
 }
 
@@ -435,8 +435,8 @@ function createDataUrl() {
   return `https://ardy.contrastsecurity.com/production`
 }
 
-function createSbomCycloneDXUrl(config) {
-  return `${config.host}/Contrast/api/ng/${config.organizationId}/applications/${config.applicationId}/libraries/sbom/cyclonedx`
+function createSbomUrl(config, type) {
+  return `${config.host}/Contrast/api/ng/${config.organizationId}/applications/${config.applicationId}/libraries/sbom/${type}`
 }
 
 module.exports = HTTPClient

package/src/constants/constants.js

@@ -5,15 +5,16 @@ const JAVA = 'JAVA'
 const RUBY = 'RUBY'
 const PYTHON = 'PYTHON'
 const GO = 'GO'
-// we set the langauge as Node instead of PHP since we're using the Node engine in TS
 const PHP = 'PHP'
 const JAVASCRIPT = 'JAVASCRIPT'
+// Severity
 const LOW = 'LOW'
 const MEDIUM = 'MEDIUM'
 const HIGH = 'HIGH'
 const CRITICAL = 'CRITICAL'
+// App
 const APP_NAME = 'contrast'
-const APP_VERSION = '1.0.8'
+const APP_VERSION = '1.0.9'
 const TIMEOUT = 120000
 const HIGH_COLOUR = '#ff9900'
 const CRITICAL_COLOUR = '#e35858'
@@ -29,10 +30,13 @@ const NOTE_PRIORITY = 5
 const AUTH_UI_URL = 'https://cli-auth.contrastsecurity.com'
 const AUTH_CALLBACK_URL = 'https://cli-auth-api.contrastsecurity.com'
 const SARIF_FILE = 'SARIF'
+const SBOM_CYCLONE_DX_FILE = 'cyclonedx'
+const SBOM_SPDX_FILE = 'spdx'
 const CE_URL = 'https://ce.contrastsecurity.com/'
 
 module.exports = {
   supportedLanguages: { NODE, DOTNET, JAVA, RUBY, PYTHON, GO, PHP, JAVASCRIPT },
+  supportedLanguagesScan: { JAVASCRIPT, DOTNET, JAVA },
   LOW,
   MEDIUM,
   HIGH,
@@ -53,5 +57,7 @@ module.exports = {
   HIGH_PRIORITY,
   MEDIUM_PRIORITY,
   LOW_PRIORITY,
-  NOTE_PRIORITY
+  NOTE_PRIORITY,
+  SBOM_CYCLONE_DX_FILE,
+  SBOM_SPDX_FILE
 }

package/src/constants/locales.js

@@ -53,8 +53,10 @@ const en_locales = () => {
       "Identified project language as '%s' but found multiple project files: %s. Please specify which project file you would like analyzed with the %s CLI option.",
     languageAnalysisHasNoLockFile:
       "Identified project language as '%s' but no project lock file was found.",
+    languageAnalysisHasNoPackageJsonFile:
+      'Identified project language as javascript but no package.json file was found.',
     languageAnalysisHasMultipleLockFiles:
-      "Identified project language as '%s' but multiple project lock files were found: %s \n",
+      "Identified project language as '%s' but multiple project lock files were found.",
     languageAnalysisProjectFileError:
       "Identified project language as '%s' but no project file was found.",
     languageAnalysisProjectRootFileNameReadError:
@@ -64,17 +66,20 @@ const en_locales = () => {
     languageAnalysisProjectRootFileNameFailure:
       'Failed to get information about the file or directory @ %s because: ',
     languageAnalysisFailure: ' analysis failed because: ',
-    languageAnalysisNoLanguage: 'No language detected in project path @ %s',
+    languageAnalysisNoLanguage:
+      'We cannot detect a project, use --f <path> to specify a file or folder to analyze.',
+    languageAnalysisNoLanguageHelpLine: `${chalk.bold(
+      'contrast audit --help'
+    )} for more information.`,
     NodeAnalysisFailure: 'NODE analysis failed because: ',
     phpAnalysisFailure: 'PHP analysis failed because: ',
-    NodeParseNPM:
-      "Failed to parse NODE package-lock.json file @ '%s' because: ",
+    NodeParseNPM: 'Failed to parse NODE package-lock.json file because: ',
     phpParseComposerLock:
       "Failed to parse PHP composer.lock file @ '%s' because: ",
     NodeReadNpmError:
       'Failed to read the package-lock.json file @ "%s" because: ',
     phpReadError: 'Failed to read the composer.lock file @ "%s" because: ',
-    NodeParseYarn: "Failed to parse Node yarn.lock version 1 @ '%s' because: ",
+    NodeParseYarn: 'Failed to parse yarn.lock version %s because: ',
     NodeParseYarn2: "Failed to parse Node yarn.lock version 2 @ '%s' because: ",
     nodeReadProjectFileError:
       'Failed to read the NODE project file @ "%s" because: ',
@@ -118,8 +123,7 @@ const en_locales = () => {
       'Provide this if you want to catalogue an application',
     constantsLanguage:
       'Valid values are JAVA, DOTNET, NODE, PYTHON and RUBY. If there are multiple project configuration files in the project_path, language is also required.  Also, provide this when cataloguing an application',
-    constantsFilePath:
-      'The directory root of a project/application that you would like analyzed. Defaults to current directory.',
+    constantsFilePath: `Path of the file you want to perform an SCA audit on. If no folder is specified, Contrast searches for dependency files in the working directory.`,
     constantsSilent: 'Silences JSON output.',
     constantsAppGroups:
       'Assign your application to one or more pre-existing groups when using the catalogue command. Group lists should be comma separated.',
@@ -144,7 +148,8 @@ const en_locales = () => {
       'Allows the user to report libraries with vulnerabilities above a chosen severity level. For example, cve_severity medium only reports libraries with vulnerabilities at medium or higher severity. Values for level are high, medium or low.',
     constantsCount: 'The number of CVEs that must be exceeded to fail a build',
     constantsHeader: 'CodeSec by Contrast Security',
-    constantsPrerequisitesContentScanLanguages: 'Java & JavaScript supported',
+    constantsPrerequisitesContentScanLanguages:
+      'Java, Javascript and .NET supported',
     constantsContrastContent:
       "Use the 'contrast' command for fast and accurate security analysis of your applications and APIs (Java, JavaScript and .NET ) as well as serverless functions (AWS lambda, Java and Python).",
     constantsUsageGuideContentRecommendation:
@@ -249,7 +254,7 @@ const en_locales = () => {
     scanLabel:
       "adds a label to the scan - defaults to 'Started by CLI tool at current date'",
     constantsIgnoreDev:
-      'Excludes developer dependencies from the output. By default all dependencies are included.',
+      'Excludes developer dependencies from the results. All dependencies are included by default.',
     constantsCommands: 'Commands',
     constantsScanOptions: 'Scan Options',
     sbomError: 'All required parameters are not present.',
@@ -364,36 +369,43 @@ const en_locales = () => {
       'An error has occurred when trying to get the Project Id please check your internet connection or provide the Project Id manually',
     internalServerErrorHeader: '500 error - Internal server error',
     resourceLockedErrorHeader: '423 error - Resource is locked',
-    auditHeader: 'Contrast Audit',
-    auditHeaderMessage: `
-    Performs software composition analysis (SCA) on your application/code time to show you the dependencies between open source libraries, including where vulnerabilities were introduced.\n
-    Our recommendation is that this is invoked as part of a CI pipeline so that running the cli is automated as part of your build process.`,
+    auditHeader: 'Contrast audit help',
+    auditHeaderMessage:
+      "Use 'contrast audit' to analyze a project’s dependencies for vulnerabilities.",
     constantsAuditPrerequisitesContentSupportedLanguages:
       'Supported languages and their requirements are:',
-    constantsAuditPrerequisitesContentJava: 'Java: ',
-    constantsAuditPrerequisitesContentMessage: `
-       pom.xml AND Maven build platform, including the dependency plugin. 
-       For a Gradle project (v4.8+) use build.gradle. A gradle-wrapper.properties file is also required.
-       Kotlin is also supported requiring a build.gradle.kts file.`,
-    constantsAuditPrerequisitesContentDotNet: '.NET framework and .NET core: ',
+    constantsAuditPrerequisitesJavaContentMessage: `
+    ${chalk.bold('Java:')} pom.xml ${chalk.bold(
+      'and'
+    )} Maven build platform including the dependency plugin. 
+    ${chalk.bold('Or')} build.gradle ${chalk.bold(
+      'and'
+    )} gradle dependencies or ./gradlew dependencies must be supported`,
     constantsAuditPrerequisitesContentDotNetMessage: `
-       MSBuild 15.0 or greater and have a packages.lock.json file are supported.\n
-       Note: If the packages.lock.json file is unavailable it can be generated by setting RestorePackagesWithLockFile to true within each *.csproj file and running dotnet build.\n`,
-    constantsAuditPrerequisitesContentLanguageNode: 'Node: ',
-    constantsAuditPrerequisitesContentLanguageRuby: 'Ruby: ',
-    constantsAuditPrerequisitesContentLanguagePython: 'Python: ',
-    constantsAuditPrerequisitesContentLanguageNodeMessage:
-      '*.package.json AND a lock file either *.package-lock.json or *.yarn.lock',
-    constantsAuditPrerequisitesContentLanguageRubyMessage:
-      'gemfile AND gemfile.lock',
-    constantsAuditPrerequisitesContentLanguagePythonMessage:
-      'pipfile AND pipfile.lock',
+    ${chalk.bold(
+      '.NET framework and .NET core:'
+    )} MSBuild 15.0 or greater and a packages.lock.json file.
+    Note: If the packages.lock.json file is unavailable it can be generated by setting RestorePackagesWithLockFile to true within each *.csproj file and running dotnet build.\n`,
+    constantsAuditPrerequisitesContentNodeMessage: `${chalk.bold(
+      'Node:'
+    )} package.json and a lock file (either .package-lock.json or .yarn.lock.)\n`,
+    constantsAuditPrerequisitesContentRubyMessage: `${chalk.bold(
+      'Ruby:'
+    )} gemfile and gemfile.lock\n`,
+    constantsAuditPrerequisitesContentPythonMessage: `${chalk.bold(
+      'Python:'
+    )} pipfile and pipfile.lock\n`,
+    constantsAuditPrerequisitesContentGoMessage: `${chalk.bold(
+      'Go:'
+    )} go.mod\n`,
+    constantsAuditPrerequisitesContentPHPMessage: `${chalk.bold(
+      'PHP:'
+    )} composer.json and composer.lock\n`,
     constantsAuditOptions: 'Audit Options',
-    auditOptionsIgnoreDevDependencies: '-igd, --ignore-dev',
-    auditOptionsIgnoreDevDependenciesDescription: 'ignores DevDependencies',
-    auditOptionsSave: '-s, --save',
     auditOptionsSaveDescription:
-      'saves the output in specified format, options: sbom',
+      'Generate and save an SBOM (Software Bill of Materials)\n',
+    auditOptionsSaveOptionsDescription:
+      'Valid options are: spdx, cyclonedx (cycloneDX is the default format)',
     scanNotCompleted:
       'Scan not completed. Check for framework and language support here: %s',
     auditNotCompleted: 'audit not completed.  Please try again',
@@ -415,7 +427,7 @@ const en_locales = () => {
     auditReportSuccessMessage: 'Report successfully retrieved',
     auditReportFailureMessage: 'Unable to generate library report',
     auditSCAAnalysisBegins: 'Contrast SCA audit started',
-    auditSCAAnalysisComplete: 'Contrast SCA audit complete',
+    auditSCAAnalysisComplete: 'Contrast audit complete',
     ...lambda
   }
 }

package/src/constants.js

@@ -266,15 +266,6 @@ const auditOptionDefinitions = [
   {
     name: 'maven-settings-path'
   },
-  {
-    name: 'language',
-    alias: 'l',
-    description:
-      '{bold ' +
-      i18n.__('constantsRequiredCatalogue') +
-      '}: ' +
-      i18n.__('constantsLanguage')
-  },
   {
     name: 'organization-id',
     alias: 'o',
@@ -333,12 +324,23 @@ const auditOptionDefinitions = [
       '{bold ' +
       i18n.__('constantsOptional') +
       '}: ' +
-      i18n.__('auditOptionsSaveDescription')
+      i18n.__('auditOptionsSaveDescription') +
+      i18n.__('auditOptionsSaveOptionsDescription')
   },
   {
     name: 'experimental',
     alias: 'e',
     type: Boolean
+  },
+  {
+    name: 'timeout',
+    alias: 't',
+    type: Number,
+    description:
+      '{bold ' +
+      i18n.__('constantsOptional') +
+      '}: ' +
+      i18n.__('scanOptionsTimeoutSummary')
   }
 ]
 

package/src/index.ts

@@ -36,74 +36,84 @@ const getMainOption = () => {
 }
 
 const start = async () => {
-  if (await isCorrectNodeVersion(process.version)) {
-    const { mainOptions, argv: argvMain } = getMainOption()
-    const command =
-      mainOptions.command != undefined ? mainOptions.command.toLowerCase() : ''
-    if (
-      command === 'version' ||
-      argvMain.includes('--v') ||
-      argvMain.includes('--version')
-    ) {
-      console.log(APP_VERSION)
-      await findLatestCLIVersion(config)
-      return
-    }
-
-    // @ts-ignore
-    config.set('numOfRuns', config.get('numOfRuns') + 1)
-
-    // @ts-ignore
-    if (config.get('numOfRuns') >= 1) {
-      await findLatestCLIVersion(config)
-      config.set('numOfRuns', 0)
-    }
-
-    if (command === 'config') {
-      return processConfig(argvMain, config)
-    }
-
-    if (command === 'auth') {
-      return await processAuth(argvMain, config)
-    }
-
-    if (command === 'lambda') {
-      return await processLambda(argvMain)
-    }
-
-    if (command === 'scan') {
-      return await processScan(argvMain)
-    }
-
-    if (command === 'audit') {
-      return await processAudit(argvMain)
-    }
-
-    if (
-      command === 'help' ||
-      argvMain.includes('--help') ||
-      Object.keys(mainOptions).length === 0
-    ) {
-      console.log(mainUsageGuide)
-    } else if (mainOptions._unknown !== undefined) {
-      const foundCommand = findCommandOnError(mainOptions._unknown)
-
-      foundCommand
-        ? console.log(
-            `Unknown Command: Did you mean "${foundCommand}"? \nUse "${foundCommand} --help" for the full list of options`
-          )
-        : console.log(
-            `Unknown Command: ${command} \nUse --help for the full list`
-          )
+  try {
+    if (await isCorrectNodeVersion(process.version)) {
+      const { mainOptions, argv: argvMain } = getMainOption()
+      const command =
+        mainOptions.command != undefined
+          ? mainOptions.command.toLowerCase()
+          : ''
+      if (
+        command === 'version' ||
+        argvMain.includes('--v') ||
+        argvMain.includes('--version')
+      ) {
+        console.log(APP_VERSION)
+        await findLatestCLIVersion(config)
+        return
+      }
+
+      // @ts-ignore
+      config.set('numOfRuns', config.get('numOfRuns') + 1)
+
+      // @ts-ignore
+      if (config.get('numOfRuns') >= 1) {
+        await findLatestCLIVersion(config)
+        config.set('numOfRuns', 0)
+      }
+
+      if (command === 'config') {
+        return processConfig(argvMain, config)
+      }
+
+      if (command === 'auth') {
+        return await processAuth(argvMain, config)
+      }
+
+      if (command === 'lambda') {
+        return await processLambda(argvMain)
+      }
+
+      if (command === 'scan') {
+        return await processScan(argvMain)
+      }
+
+      if (command === 'audit') {
+        return await processAudit(argvMain)
+      }
+
+      if (
+        command === 'help' ||
+        argvMain.includes('--help') ||
+        Object.keys(mainOptions).length === 0
+      ) {
+        console.log(mainUsageGuide)
+      } else if (mainOptions._unknown !== undefined) {
+        const foundCommand = findCommandOnError(mainOptions._unknown)
+
+        foundCommand
+          ? console.log(
+              `Unknown Command: Did you mean "${foundCommand}"? \nUse "${foundCommand} --help" for the full list of options`
+            )
+          : console.log(
+              `Unknown Command: ${command} \nUse --help for the full list`
+            )
+      } else {
+        console.log(
+          `Unknown Command: ${command} \nUse --help for the full list`
+        )
+      }
+      process.exit(9)
     } else {
-      console.log(`Unknown Command: ${command} \nUse --help for the full list`)
+      console.log(
+        'Contrast supports Node versions >=16.13.2 <17. Please use one of those versions.'
+      )
+      process.exit(9)
     }
-    process.exit(9)
-  } else {
-    console.log(
-      'Contrast supports Node versions >=16.13.2 <17. Please use one of those versions.'
-    )
-    process.exit(9)
+  } catch (err: any) {
+    console.log()
+    console.log(err.message.toString())
+    process.exit(1)
   }
 }
 

package/src/lambda/lambda.ts

@@ -16,6 +16,7 @@ import { sleep } from '../utils/requestUtils'
 import ora from '../utils/oraWrapper'
 import { postAnalytics } from './analytics'
 import { LambdaOptions, AnalyticsOption, StatusType, EventType } from './types'
+import { APP_VERSION } from '../constants/constants'
 
 type ApiParams = {
   organizationId: string
@@ -73,7 +74,8 @@ const processLambda = async (argv: string[]) => {
     const startCommandAnalytics: AnalyticsOption = {
       arguments: lambdaOptions,
       sessionId: commandSessionId,
-      eventType: EventType.START
+      eventType: EventType.START,
+      packageVersion: APP_VERSION
     }
     postAnalytics(startCommandAnalytics).catch((error: Error) => {
       /* ignore */
@@ -99,7 +101,8 @@ const processLambda = async (argv: string[]) => {
     const endCommandAnalytics: AnalyticsOption = {
       sessionId: commandSessionId,
       eventType: EventType.END,
-      status: errorMsg ? StatusType.FAILED : StatusType.SUCCESS
+      status: errorMsg ? StatusType.FAILED : StatusType.SUCCESS,
+      packageVersion: APP_VERSION
     }
     if (errorMsg) {
       endCommandAnalytics.errorMsg = errorMsg

package/src/lambda/types.ts

@@ -28,6 +28,7 @@ type ScanFunctionData = {
 export type AnalyticsOption = {
   sessionId: string
   eventType: EventType
+  packageVersion: string
   arguments?: LambdaOptions
   scanFunctionData?: ScanFunctionData
   status?: StatusType