@contrast/contrast 2.0.0 → 2.0.2-beta.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/audit/report/reportingFeature.js +7 -0
- package/dist/cliConstants.js +22 -1
- package/dist/commands/audit/help.js +1 -3
- package/dist/commands/audit/processAudit.js +0 -2
- package/dist/commands/github/fingerprintConfig.js +2 -1
- package/dist/commands/github/processFingerprint.js +28 -0
- package/dist/commands/github/projectGroup.js +124 -34
- package/dist/commands/github/repoServices.js +108 -0
- package/dist/common/HTTPClient.js +38 -17
- package/dist/common/baseRequest.js +74 -0
- package/dist/common/errorHandling.js +1 -1
- package/dist/constants/constants.js +1 -1
- package/dist/index.js +4 -0
- package/dist/scaAnalysis/common/auditReport.js +8 -1
- package/dist/scaAnalysis/common/scaServicesUpload.js +3 -1
- package/dist/scaAnalysis/go/goReadDepFile.js +5 -1
- package/dist/scaAnalysis/java/analysis.js +1 -1
- package/dist/scaAnalysis/java/javaBuildDepsParser.js +11 -1
- package/dist/scaAnalysis/legacy/legacyFlow.js +0 -6
- package/dist/scaAnalysis/processServicesFlow.js +49 -10
- package/dist/scaAnalysis/repoMode/mavenParser.js +19 -1
- package/dist/scaAnalysis/scaAnalysis.js +4 -8
- package/dist/scan/autoDetection.js +14 -3
- package/dist/scan/fileUtils.js +33 -19
- package/dist/utils/paramsUtil/paramHandler.js +11 -2
- package/dist/utils/validationCheck.js +5 -1
- package/package.json +6 -3
- package/src/audit/report/reportingFeature.ts +7 -0
- package/src/cliConstants.js +22 -1
- package/src/commands/audit/help.js +1 -3
- package/src/commands/audit/processAudit.js +0 -2
- package/src/commands/github/fingerprintConfig.js +2 -2
- package/src/commands/github/processFingerprint.js +37 -0
- package/src/commands/github/projectGroup.js +146 -39
- package/src/commands/github/repoServices.js +122 -0
- package/src/common/HTTPClient.js +47 -18
- package/src/common/baseRequest.ts +83 -0
- package/src/common/errorHandling.js +2 -2
- package/src/constants/constants.js +1 -1
- package/src/index.ts +5 -0
- package/src/scaAnalysis/common/auditReport.js +8 -1
- package/src/scaAnalysis/common/scaServicesUpload.js +5 -1
- package/src/scaAnalysis/go/goReadDepFile.js +5 -1
- package/src/scaAnalysis/java/analysis.js +1 -1
- package/src/scaAnalysis/java/javaBuildDepsParser.js +17 -1
- package/src/scaAnalysis/legacy/legacyFlow.js +0 -5
- package/src/scaAnalysis/processServicesFlow.js +107 -17
- package/src/scaAnalysis/repoMode/mavenParser.js +24 -1
- package/src/scaAnalysis/scaAnalysis.js +9 -8
- package/src/scan/autoDetection.js +14 -3
- package/src/scan/fileUtils.js +33 -19
- package/src/utils/paramsUtil/paramHandler.js +16 -2
- package/src/utils/validationCheck.js +6 -1
- package/dist/utils/settingsHelper.js +0 -14
- package/src/utils/settingsHelper.js +0 -16
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
import { HttpsProxyAgent } from 'hpagent'
|
|
2
|
+
import fs from 'fs'
|
|
3
|
+
import got, { Options } from 'got'
|
|
4
|
+
import { Agents, HTTPSOptions } from 'got/dist/source/core'
|
|
5
|
+
|
|
6
|
+
export function gotInstance(config: any) {
|
|
7
|
+
return got.extend({ retry: { limit: 0 }, ...buildBaseRequestOptions(config) })
|
|
8
|
+
}
|
|
9
|
+
|
|
10
|
+
export function buildBaseRequestOptions(config: any) {
|
|
11
|
+
const { apiKey, authorization } = config
|
|
12
|
+
const rejectUnauthorized = !config.certSelfSigned
|
|
13
|
+
|
|
14
|
+
const superApiKey = config.superApiKey
|
|
15
|
+
const superAuthToken = config.superAuthorization
|
|
16
|
+
|
|
17
|
+
const requestOptions = {
|
|
18
|
+
responseType: 'json',
|
|
19
|
+
forever: true,
|
|
20
|
+
uri: config.host,
|
|
21
|
+
followRedirect: false,
|
|
22
|
+
headers: {
|
|
23
|
+
'Content-Type': 'application/json; charset=utf-8',
|
|
24
|
+
Authorization: authorization,
|
|
25
|
+
'API-Key': apiKey,
|
|
26
|
+
SuperAuthorization: superAuthToken,
|
|
27
|
+
'Super-API-Key': superApiKey,
|
|
28
|
+
'User-Agent': 'contrast-cli-v2'
|
|
29
|
+
},
|
|
30
|
+
agent: getAgent(config)
|
|
31
|
+
} as Options
|
|
32
|
+
|
|
33
|
+
requestOptions.https = {
|
|
34
|
+
rejectUnauthorized: rejectUnauthorized
|
|
35
|
+
}
|
|
36
|
+
|
|
37
|
+
maybeAddCertsToRequest(config, requestOptions.https)
|
|
38
|
+
return requestOptions
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
function getAgent(config: any) {
|
|
42
|
+
return config.proxy
|
|
43
|
+
? (new HttpsProxyAgent({ proxy: config.proxy }) as Agents)
|
|
44
|
+
: false
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
function maybeAddCertsToRequest(config: any, https: HTTPSOptions) {
|
|
48
|
+
// cacert
|
|
49
|
+
const caCertFilePath = config.cacert
|
|
50
|
+
if (caCertFilePath) {
|
|
51
|
+
try {
|
|
52
|
+
https.certificateAuthority = fs.readFileSync(caCertFilePath)
|
|
53
|
+
} catch (error: any) {
|
|
54
|
+
throw new Error(
|
|
55
|
+
`Unable to read CA from ${caCertFilePath}, msg: ${error.message}`
|
|
56
|
+
)
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
|
|
60
|
+
// cert
|
|
61
|
+
const certPath = config.cert
|
|
62
|
+
if (certPath) {
|
|
63
|
+
try {
|
|
64
|
+
https.certificate = fs.readFileSync(certPath)
|
|
65
|
+
} catch (error: any) {
|
|
66
|
+
throw new Error(
|
|
67
|
+
`Unable to read Certificate PEM file from config option contrast.api.certificate.cert_file='${certPath}', msg: ${error.message}`
|
|
68
|
+
)
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
|
|
72
|
+
// key
|
|
73
|
+
const keyPath = config.key
|
|
74
|
+
if (keyPath) {
|
|
75
|
+
try {
|
|
76
|
+
https.key = fs.readFileSync(keyPath)
|
|
77
|
+
} catch (error: any) {
|
|
78
|
+
throw new Error(
|
|
79
|
+
`Unable to read Key PEM file from config option contrast.api.certificate.key_file='${keyPath}', msg: ${error.message}`
|
|
80
|
+
)
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
}
|
|
@@ -51,8 +51,8 @@ const maxAppError = () => {
|
|
|
51
51
|
|
|
52
52
|
const parametersError = () => {
|
|
53
53
|
generalError(
|
|
54
|
-
`
|
|
55
|
-
'Check your command & keys again for hidden characters.\nFor more information use contrast help.'
|
|
54
|
+
`Credentials not recognized`,
|
|
55
|
+
'Check your command & keys again for hidden characters / verify that the credentials are correct.\nFor more information use contrast help.'
|
|
56
56
|
)
|
|
57
57
|
process.exit(1)
|
|
58
58
|
}
|
package/src/index.ts
CHANGED
|
@@ -16,6 +16,7 @@ import {
|
|
|
16
16
|
import { findCommandOnError } from './common/errorHandling'
|
|
17
17
|
import { sendTelemetryConfigAsConfObj } from './telemetry/telemetry'
|
|
18
18
|
import { processLearn } from './commands/learn/processLearn'
|
|
19
|
+
import { processFingerprint } from './commands/github/processFingerprint'
|
|
19
20
|
const {
|
|
20
21
|
commandLineDefinitions: { mainUsageGuide, mainDefinition }
|
|
21
22
|
} = constants
|
|
@@ -83,6 +84,10 @@ const start = async () => {
|
|
|
83
84
|
return await processAudit(config, argvMain)
|
|
84
85
|
}
|
|
85
86
|
|
|
87
|
+
if (command === 'fingerprint') {
|
|
88
|
+
return await processFingerprint(config, argvMain)
|
|
89
|
+
}
|
|
90
|
+
|
|
86
91
|
if (command === 'learn') {
|
|
87
92
|
return processLearn()
|
|
88
93
|
}
|
|
@@ -4,13 +4,20 @@ const {
|
|
|
4
4
|
} = require('../../audit/report/commonReportingFunctions')
|
|
5
5
|
const common = require('../../common/fail')
|
|
6
6
|
const { printFormattedOutputSca } = require('./commonReportingFunctionsSca')
|
|
7
|
+
const { auditSave } = require('../../audit/save')
|
|
7
8
|
|
|
8
|
-
const processAuditReport = (config, reportModelList) => {
|
|
9
|
+
const processAuditReport = async (config, reportModelList, reportId) => {
|
|
9
10
|
let severityCounts = {}
|
|
10
11
|
if (reportModelList !== undefined) {
|
|
11
12
|
severityCounts = formatScaServicesReport(config, reportModelList)
|
|
12
13
|
}
|
|
13
14
|
|
|
15
|
+
if (config.save !== undefined) {
|
|
16
|
+
await auditSave(config, reportId)
|
|
17
|
+
} else {
|
|
18
|
+
console.log('Use contrast audit --save to generate an SBOM')
|
|
19
|
+
}
|
|
20
|
+
|
|
14
21
|
if (config.fail) {
|
|
15
22
|
common.processFail(config, severityCounts)
|
|
16
23
|
}
|
|
@@ -14,8 +14,12 @@ const scaTreeUpload = async (analysis, config, reportSpinner) => {
|
|
|
14
14
|
config.language = config.language === 'JAVASCRIPT' ? 'NODE' : config.language
|
|
15
15
|
const startTime = performance.now()
|
|
16
16
|
const timeout = commonApi.getTimeout(config)
|
|
17
|
+
|
|
18
|
+
const doINeedParent = config.repositoryId && config.language === 'JAVA'
|
|
19
|
+
|
|
17
20
|
const requestBody = {
|
|
18
|
-
|
|
21
|
+
parentPom: doINeedParent ? analysis.parentPom : null,
|
|
22
|
+
dependencyTree: doINeedParent ? analysis.dependencyTree : analysis,
|
|
19
23
|
organizationId: config.organizationId,
|
|
20
24
|
language: config.language,
|
|
21
25
|
tool: {
|
|
@@ -8,7 +8,10 @@ const getGoDependencies = config => {
|
|
|
8
8
|
try {
|
|
9
9
|
// A sample of this output can be found
|
|
10
10
|
// in the go test folder data/goModGraphResults.text
|
|
11
|
-
cmdStdout = child_process.execSync('go mod graph', {
|
|
11
|
+
cmdStdout = child_process.execSync('go mod graph', {
|
|
12
|
+
cwd: cwd,
|
|
13
|
+
maxBuffer: 50 * 1024 * 1024
|
|
14
|
+
})
|
|
12
15
|
|
|
13
16
|
return cmdStdout.toString()
|
|
14
17
|
} catch (err) {
|
|
@@ -22,6 +25,7 @@ const getGoDependencies = config => {
|
|
|
22
25
|
// throw new Error(
|
|
23
26
|
// i18n.__('goReadProjectFile', cwd, `${err.message ? err.message : ''}`)
|
|
24
27
|
// )
|
|
28
|
+
process.exit(1)
|
|
25
29
|
}
|
|
26
30
|
}
|
|
27
31
|
|
|
@@ -30,7 +30,7 @@ const determineProjectTypeAndCwd = (files, config) => {
|
|
|
30
30
|
|
|
31
31
|
const buildMaven = (config, projectData, timeout) => {
|
|
32
32
|
let command = 'mvn'
|
|
33
|
-
let args = ['dependency:tree', '-B']
|
|
33
|
+
let args = ['dependency:tree', '-B', '-Dscope=runtime']
|
|
34
34
|
if (config.mavenSettingsPath) {
|
|
35
35
|
args.push('-s')
|
|
36
36
|
args.push(config.mavenSettingsPath)
|
|
@@ -140,7 +140,7 @@ const computeRelationToLastElement = element => {
|
|
|
140
140
|
}
|
|
141
141
|
|
|
142
142
|
const stripElement = element => {
|
|
143
|
-
|
|
143
|
+
const initialStrippedElement = element
|
|
144
144
|
.replace(/[|]/g, '')
|
|
145
145
|
.replace('+---', '')
|
|
146
146
|
.replace('\\---', '')
|
|
@@ -148,6 +148,22 @@ const stripElement = element => {
|
|
|
148
148
|
.replace('(c)', '')
|
|
149
149
|
.replace('->', '@')
|
|
150
150
|
.replace('(*)', '')
|
|
151
|
+
|
|
152
|
+
//work out Gradle resolved versioning e.g. org.slf4j:slf4j-api:1.7.25 -> 1.7.22
|
|
153
|
+
//take 1.7.22
|
|
154
|
+
const splitElements = initialStrippedElement.split(':')
|
|
155
|
+
if (
|
|
156
|
+
splitElements[2] !== undefined &&
|
|
157
|
+
splitElements[2] !== null &&
|
|
158
|
+
splitElements[2].includes('@')
|
|
159
|
+
) {
|
|
160
|
+
const splitVersions = splitElements[2].split('@')
|
|
161
|
+
return initialStrippedElement
|
|
162
|
+
.replace(':' + splitVersions[0], '')
|
|
163
|
+
.replace('@', ':')
|
|
164
|
+
}
|
|
165
|
+
|
|
166
|
+
return initialStrippedElement
|
|
151
167
|
}
|
|
152
168
|
|
|
153
169
|
const checkVersion = element => {
|
|
@@ -32,11 +32,6 @@ const legacyFlow = async (config, messageToSend) => {
|
|
|
32
32
|
succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'))
|
|
33
33
|
|
|
34
34
|
await vulnerabilityReportV2(config, snapshotResponse.id)
|
|
35
|
-
if (config.save !== undefined) {
|
|
36
|
-
await auditSave(config)
|
|
37
|
-
} else {
|
|
38
|
-
console.log('\nUse contrast audit --save to generate an SBOM')
|
|
39
|
-
}
|
|
40
35
|
const endTime = performance.now() - startTime
|
|
41
36
|
const scanDurationMs = endTime - startTime
|
|
42
37
|
|
|
@@ -1,29 +1,119 @@
|
|
|
1
1
|
const projectConfig = require('../commands/github/projectGroup')
|
|
2
|
+
const repoService = require('../commands/github/repoServices')
|
|
2
3
|
const scaServicesUpload = require('../scaAnalysis/common/scaServicesUpload')
|
|
3
|
-
|
|
4
|
+
|
|
5
|
+
const dealWithNoProjectId = async (analysis, config, reportSpinner) => {
|
|
6
|
+
await projectConfig.registerNewProjectGroup(config)
|
|
4
7
|
let projectId = await projectConfig.getProjectIdByOrg(config)
|
|
8
|
+
await projectConfig.registerProjectIdOnCliServices(config, projectId)
|
|
9
|
+
config.projectId = projectId
|
|
10
|
+
return await scaServicesUpload.scaTreeUpload(analysis, config, reportSpinner)
|
|
11
|
+
}
|
|
5
12
|
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
analysis,
|
|
15
|
-
config,
|
|
16
|
-
reportSpinner
|
|
17
|
-
)
|
|
18
|
-
}
|
|
13
|
+
const repoProcess = async (analysis, config, reportSpinner) => {
|
|
14
|
+
if (config.debug || config.verbose) {
|
|
15
|
+
console.log('in repository process')
|
|
16
|
+
console.log('repository id: ', config.repositoryId)
|
|
17
|
+
}
|
|
18
|
+
if (config.repositoryId === '') {
|
|
19
|
+
console.log('Failed to retrieve Repository Id')
|
|
20
|
+
process.exit(1)
|
|
19
21
|
}
|
|
20
22
|
|
|
21
|
-
await
|
|
22
|
-
|
|
23
|
+
let repoInfo = await repoService.retrieveProjectInfoViaRepoId(config)
|
|
24
|
+
|
|
25
|
+
repoInfo = repoInfo.find(
|
|
26
|
+
element =>
|
|
27
|
+
config.fileName === element.path &&
|
|
28
|
+
config.fileName === element.name &&
|
|
29
|
+
config.projectGroupId === element.projectGroupId
|
|
30
|
+
)
|
|
31
|
+
|
|
32
|
+
// console.log('repoInfo', repoInfo)
|
|
33
|
+
|
|
34
|
+
// if(repoInfo !== undefined) {
|
|
35
|
+
// console.log('re-register / register first time')
|
|
36
|
+
// const language = repoInfo.language === 'JAVASCRIPT' ? 'NODE' : repoInfo.language
|
|
37
|
+
// const additionalData = {
|
|
38
|
+
// projectGroupId: repoInfo.projectGroupId,
|
|
39
|
+
// projectGroupName: repoInfo.name,
|
|
40
|
+
// projectLanguage: language,
|
|
41
|
+
// projectType: 'REPOSITORY'
|
|
42
|
+
// }
|
|
43
|
+
//
|
|
44
|
+
// // check project exists in sca / register (just in case, it failed in the past)
|
|
45
|
+
// await projectConfig.registerProjectIdOnCliServices(
|
|
46
|
+
// config,
|
|
47
|
+
// repoInfo.projectId,
|
|
48
|
+
// additionalData
|
|
49
|
+
// )
|
|
50
|
+
// }
|
|
51
|
+
|
|
52
|
+
if (
|
|
53
|
+
config.projectGroupId &&
|
|
54
|
+
!repoInfo?.projectId &&
|
|
55
|
+
(repoInfo === undefined || repoInfo.length === 0)
|
|
56
|
+
) {
|
|
57
|
+
console.log(
|
|
58
|
+
'*** has projectGroupId, no projectId and repo has no project found that matches'
|
|
59
|
+
)
|
|
60
|
+
repoInfo = await projectConfig.registerProjectWithGroupProjectId(config)
|
|
61
|
+
console.log('new registered group', repoInfo)
|
|
62
|
+
const language =
|
|
63
|
+
repoInfo.language === 'JAVASCRIPT' ? 'NODE' : repoInfo.language
|
|
64
|
+
|
|
65
|
+
// const additionalData = {
|
|
66
|
+
// projectGroupId: repoInfo.projectGroupId,
|
|
67
|
+
// projectGroupName: repoInfo.name,
|
|
68
|
+
// projectLanguage: language,
|
|
69
|
+
// projectType: 'REPOSITORY'
|
|
70
|
+
// }
|
|
71
|
+
|
|
72
|
+
await projectConfig.registerProjectIdOnCliServices(
|
|
73
|
+
config,
|
|
74
|
+
repoInfo.projectId
|
|
75
|
+
)
|
|
76
|
+
}
|
|
77
|
+
config.projectId = repoInfo.projectId
|
|
78
|
+
return await scaServicesUpload.scaTreeUpload(analysis, config, reportSpinner)
|
|
79
|
+
}
|
|
23
80
|
|
|
81
|
+
const trackProcess = async (analysis, config, reportSpinner) => {
|
|
82
|
+
let projectId = await projectConfig.getProjectIdByOrg(config)
|
|
83
|
+
|
|
84
|
+
if (projectId === '') {
|
|
85
|
+
return dealWithNoProjectId(analysis, config, reportSpinner)
|
|
86
|
+
}
|
|
87
|
+
config.projectId = projectId
|
|
88
|
+
// we can always register just in case but normally we exit when
|
|
89
|
+
await projectConfig.registerProjectIdOnCliServices(config, projectId)
|
|
24
90
|
return await scaServicesUpload.scaTreeUpload(analysis, config, reportSpinner)
|
|
25
91
|
}
|
|
26
92
|
|
|
93
|
+
const processUpload = async (analysis, config, reportSpinner) => {
|
|
94
|
+
// if repo but no repoId -> RegisterRepo -> GroupProjectFlow THEN scaTreeUpload
|
|
95
|
+
// if cli tracked but no projectId -> registerNewProjectGroup THEN scaTreeUpload
|
|
96
|
+
// if cli not tracked and no projectID -> noProjectUpload
|
|
97
|
+
// if cli not tracked and projectID -> scaTreeUpload}
|
|
98
|
+
|
|
99
|
+
if (config.repositoryId) {
|
|
100
|
+
return repoProcess(analysis, config, reportSpinner)
|
|
101
|
+
}
|
|
102
|
+
|
|
103
|
+
if (config.track) {
|
|
104
|
+
return trackProcess(analysis, config, reportSpinner)
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
if (!config.track) {
|
|
108
|
+
return await scaServicesUpload.noProjectUpload(
|
|
109
|
+
analysis,
|
|
110
|
+
config,
|
|
111
|
+
reportSpinner
|
|
112
|
+
)
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
|
|
27
116
|
module.exports = {
|
|
28
|
-
processUpload
|
|
117
|
+
processUpload,
|
|
118
|
+
repoProcess
|
|
29
119
|
}
|
|
@@ -32,6 +32,7 @@ const parsePomFile = jsonPomFile => {
|
|
|
32
32
|
let dependencyTree = {}
|
|
33
33
|
let parsedVersion
|
|
34
34
|
let dependencies
|
|
35
|
+
|
|
35
36
|
jsonPomFile.project.hasOwnProperty('dependencies')
|
|
36
37
|
? (dependencies = jsonPomFile.project.dependencies[0].dependency)
|
|
37
38
|
: (dependencies =
|
|
@@ -68,7 +69,29 @@ const parsePomFile = jsonPomFile => {
|
|
|
68
69
|
}
|
|
69
70
|
dependencyTree[depName] = parsedDependency
|
|
70
71
|
}
|
|
71
|
-
|
|
72
|
+
|
|
73
|
+
const retrieveParent = getParentDependency(jsonPomFile)
|
|
74
|
+
|
|
75
|
+
return {
|
|
76
|
+
parentPom: retrieveParent,
|
|
77
|
+
dependencyTree
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
|
|
81
|
+
const getParentDependency = jsonPomFile => {
|
|
82
|
+
let parent = {}
|
|
83
|
+
jsonPomFile.project.hasOwnProperty('parent')
|
|
84
|
+
? (parent = buildParent(jsonPomFile.project.parent))
|
|
85
|
+
: (parent = undefined)
|
|
86
|
+
return parent
|
|
87
|
+
}
|
|
88
|
+
|
|
89
|
+
const buildParent = parent => {
|
|
90
|
+
return {
|
|
91
|
+
group: parent[0].groupId[0],
|
|
92
|
+
name: parent[0].artifactId[0],
|
|
93
|
+
version: parent[0].version[0]
|
|
94
|
+
}
|
|
72
95
|
}
|
|
73
96
|
|
|
74
97
|
const getVersion = (pomFile, dependencyWithoutVersion) => {
|
|
@@ -10,7 +10,6 @@ const autoDetection = require('../scan/autoDetection')
|
|
|
10
10
|
const rootFile = require('../audit/languageAnalysisEngine/getProjectRootFilenames')
|
|
11
11
|
const path = require('path')
|
|
12
12
|
const i18n = require('i18n')
|
|
13
|
-
const auditSave = require('../audit/save')
|
|
14
13
|
const { auditUsageGuide } = require('../commands/audit/help')
|
|
15
14
|
const repoMode = require('./repoMode')
|
|
16
15
|
const { dotNetAnalysis } = require('./dotnet')
|
|
@@ -37,6 +36,8 @@ const processSca = async config => {
|
|
|
37
36
|
process.exit(0)
|
|
38
37
|
}
|
|
39
38
|
|
|
39
|
+
config.repo = config.repositoryId !== undefined
|
|
40
|
+
|
|
40
41
|
const projectStats = await rootFile.getProjectStats(config.file)
|
|
41
42
|
let pathWithFile = projectStats.isFile()
|
|
42
43
|
|
|
@@ -46,7 +47,7 @@ const processSca = async config => {
|
|
|
46
47
|
: config.file
|
|
47
48
|
|
|
48
49
|
filesFound = await autoDetection.autoDetectAuditFilesAndLanguages(config.file)
|
|
49
|
-
|
|
50
|
+
filesFound = await autoDetection.detectPackageManager(filesFound)
|
|
50
51
|
autoDetection.dealWithMultiJava(filesFound)
|
|
51
52
|
|
|
52
53
|
if (filesFound.length > 1 && pathWithFile) {
|
|
@@ -59,6 +60,7 @@ const processSca = async config => {
|
|
|
59
60
|
//check we have the language and call the right analyser
|
|
60
61
|
let messageToSend = undefined
|
|
61
62
|
if (filesFound.length === 1) {
|
|
63
|
+
config.packageManager = filesFound[0]?.packageManager
|
|
62
64
|
switch (Object.keys(filesFound[0])[0]) {
|
|
63
65
|
case JAVA:
|
|
64
66
|
config.language = JAVA
|
|
@@ -131,12 +133,11 @@ const processSca = async config => {
|
|
|
131
133
|
const reportModelLibraryList = convertGenericToTypedReportModelSca(
|
|
132
134
|
reportResponse.reportArray
|
|
133
135
|
)
|
|
134
|
-
auditReport.processAuditReport(
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
}
|
|
136
|
+
await auditReport.processAuditReport(
|
|
137
|
+
config,
|
|
138
|
+
reportModelLibraryList,
|
|
139
|
+
reportResponse.reportId
|
|
140
|
+
)
|
|
140
141
|
|
|
141
142
|
succeedSpinner(reportSpinner, i18n.__('auditSCAAnalysisComplete'))
|
|
142
143
|
|
|
@@ -3,13 +3,20 @@ const fileFinder = require('./fileUtils')
|
|
|
3
3
|
const {
|
|
4
4
|
supportedLanguages: { JAVA, GO, PYTHON, RUBY, JAVASCRIPT, NODE, PHP, DOTNET }
|
|
5
5
|
} = require('../constants/constants')
|
|
6
|
-
const autoDetectFingerprintInfo = async (filePath, depth) => {
|
|
6
|
+
const autoDetectFingerprintInfo = async (filePath, depth, config) => {
|
|
7
7
|
let complexObj = await fileFinder.findAllFiles(filePath, depth)
|
|
8
8
|
let result = []
|
|
9
9
|
let count = 0
|
|
10
10
|
complexObj.forEach(i => {
|
|
11
11
|
count++
|
|
12
|
-
|
|
12
|
+
if (!i.includes('package.json')) {
|
|
13
|
+
result.push({
|
|
14
|
+
filePath: i,
|
|
15
|
+
id: count.toString(),
|
|
16
|
+
repositoryId: config.repositoryId,
|
|
17
|
+
projectGroupId: config.projectGroupId
|
|
18
|
+
})
|
|
19
|
+
}
|
|
13
20
|
})
|
|
14
21
|
|
|
15
22
|
return result
|
|
@@ -29,7 +36,7 @@ const detectPackageManager = async array => {
|
|
|
29
36
|
i['language'] = JAVA
|
|
30
37
|
i['packageManager'] = 'GRADLE'
|
|
31
38
|
}
|
|
32
|
-
if (i.filePath.includes('package.json')) {
|
|
39
|
+
if (i.filePath.includes('package-lock.json')) {
|
|
33
40
|
i['language'] = JAVASCRIPT
|
|
34
41
|
i['packageManager'] = 'NPM'
|
|
35
42
|
}
|
|
@@ -39,15 +46,19 @@ const detectPackageManager = async array => {
|
|
|
39
46
|
}
|
|
40
47
|
if (i.filePath.includes('Pipfile')) {
|
|
41
48
|
i['language'] = PYTHON
|
|
49
|
+
i['packageManager'] = 'PYPI'
|
|
42
50
|
}
|
|
43
51
|
if (i.filePath.includes('csproj')) {
|
|
44
52
|
i['language'] = DOTNET
|
|
53
|
+
i['packageManager'] = 'NUGET'
|
|
45
54
|
}
|
|
46
55
|
if (i.filePath.includes('Gemfile')) {
|
|
47
56
|
i['language'] = RUBY
|
|
57
|
+
i['packageManager'] = 'RUBYGEMS'
|
|
48
58
|
}
|
|
49
59
|
if (i.filePath.includes('go.mod')) {
|
|
50
60
|
i['language'] = GO
|
|
61
|
+
i['packageManager'] = 'PKG'
|
|
51
62
|
}
|
|
52
63
|
})
|
|
53
64
|
return array
|
package/src/scan/fileUtils.js
CHANGED
|
@@ -18,6 +18,7 @@ const findAllFiles = async (filePath, depth = 2) => {
|
|
|
18
18
|
'**/build.gradle',
|
|
19
19
|
'**/build.gradle.kts',
|
|
20
20
|
'**/package.json',
|
|
21
|
+
'**/package-lock.json',
|
|
21
22
|
'**/yarn.lock',
|
|
22
23
|
'**/Pipfile',
|
|
23
24
|
'**/*.csproj',
|
|
@@ -51,94 +52,107 @@ const findFilesJava = async (languagesFound, filePath, depth = 1) => {
|
|
|
51
52
|
)
|
|
52
53
|
|
|
53
54
|
if (result.length > 0) {
|
|
54
|
-
|
|
55
|
+
let lockFile = result.find(i => i.includes('pom') || i.includes('gradle'))
|
|
56
|
+
return languagesFound.push({
|
|
57
|
+
JAVA: result,
|
|
58
|
+
language: 'JAVA',
|
|
59
|
+
filePath: lockFile
|
|
60
|
+
})
|
|
55
61
|
}
|
|
56
62
|
return languagesFound
|
|
57
63
|
}
|
|
58
64
|
|
|
59
|
-
const findFilesJavascript = async (languagesFound, filePath) => {
|
|
65
|
+
const findFilesJavascript = async (languagesFound, filePath, depth = 1) => {
|
|
60
66
|
const result = await fg(
|
|
61
67
|
['**/package.json', '**/yarn.lock', '**/package-lock.json'],
|
|
62
68
|
{
|
|
63
69
|
dot: false,
|
|
64
|
-
deep:
|
|
70
|
+
deep: depth,
|
|
65
71
|
onlyFiles: true,
|
|
66
72
|
cwd: filePath ? filePath : process.cwd()
|
|
67
73
|
}
|
|
68
74
|
)
|
|
69
75
|
|
|
70
76
|
if (result.length > 0) {
|
|
71
|
-
|
|
77
|
+
let lockFile = result.find(i => i.includes('lock'))
|
|
78
|
+
return languagesFound.push({
|
|
79
|
+
JAVASCRIPT: result,
|
|
80
|
+
language: 'JAVASCRIPT',
|
|
81
|
+
filePath: lockFile
|
|
82
|
+
})
|
|
72
83
|
}
|
|
73
84
|
return languagesFound
|
|
74
85
|
}
|
|
75
86
|
|
|
76
|
-
const findFilesPython = async (languagesFound, filePath) => {
|
|
87
|
+
const findFilesPython = async (languagesFound, filePath, depth = 1) => {
|
|
77
88
|
const result = await fg(['**/Pipfile.lock', '**/Pipfile'], {
|
|
78
89
|
dot: false,
|
|
79
|
-
deep:
|
|
90
|
+
deep: depth,
|
|
80
91
|
onlyFiles: true,
|
|
81
92
|
cwd: filePath ? filePath : process.cwd()
|
|
82
93
|
})
|
|
83
94
|
|
|
84
95
|
if (result.length > 0) {
|
|
85
|
-
return languagesFound.push({ PYTHON: result })
|
|
96
|
+
return languagesFound.push({ PYTHON: result, filePath: 'Pipfile' })
|
|
86
97
|
}
|
|
87
98
|
return languagesFound
|
|
88
99
|
}
|
|
89
100
|
|
|
90
|
-
const findFilesGo = async (languagesFound, filePath) => {
|
|
101
|
+
const findFilesGo = async (languagesFound, filePath, depth = 1) => {
|
|
91
102
|
const result = await fg(['**/go.mod'], {
|
|
92
103
|
dot: false,
|
|
93
|
-
deep:
|
|
104
|
+
deep: depth,
|
|
94
105
|
onlyFiles: true,
|
|
95
106
|
cwd: filePath ? filePath : process.cwd()
|
|
96
107
|
})
|
|
97
108
|
|
|
98
109
|
if (result.length > 0) {
|
|
99
|
-
return languagesFound.push({ GO: result })
|
|
110
|
+
return languagesFound.push({ GO: result, filePath: 'go.mod' })
|
|
100
111
|
}
|
|
101
112
|
return languagesFound
|
|
102
113
|
}
|
|
103
114
|
|
|
104
|
-
const findFilesRuby = async (languagesFound, filePath) => {
|
|
115
|
+
const findFilesRuby = async (languagesFound, filePath, depth = 1) => {
|
|
105
116
|
const result = await fg(['**/Gemfile', '**/Gemfile.lock'], {
|
|
106
117
|
dot: false,
|
|
107
|
-
deep:
|
|
118
|
+
deep: depth,
|
|
108
119
|
onlyFiles: true,
|
|
109
120
|
cwd: filePath ? filePath : process.cwd()
|
|
110
121
|
})
|
|
111
122
|
|
|
112
123
|
if (result.length > 0) {
|
|
113
|
-
return languagesFound.push({ RUBY: result })
|
|
124
|
+
return languagesFound.push({ RUBY: result, filePath: 'Gemfile' })
|
|
114
125
|
}
|
|
115
126
|
return languagesFound
|
|
116
127
|
}
|
|
117
128
|
|
|
118
|
-
const findFilesPhp = async (languagesFound, filePath) => {
|
|
129
|
+
const findFilesPhp = async (languagesFound, filePath, depth = 1) => {
|
|
119
130
|
const result = await fg(['**/composer.json', '**/composer.lock'], {
|
|
120
131
|
dot: false,
|
|
121
|
-
deep:
|
|
132
|
+
deep: depth,
|
|
122
133
|
onlyFiles: true,
|
|
123
134
|
cwd: filePath ? filePath : process.cwd()
|
|
124
135
|
})
|
|
125
136
|
|
|
126
137
|
if (result.length > 0) {
|
|
127
|
-
return languagesFound.push({ PHP: result })
|
|
138
|
+
return languagesFound.push({ PHP: result, filePath: 'composer.lock' })
|
|
128
139
|
}
|
|
129
140
|
return languagesFound
|
|
130
141
|
}
|
|
131
142
|
|
|
132
|
-
const findFilesDotNet = async (languagesFound, filePath) => {
|
|
143
|
+
const findFilesDotNet = async (languagesFound, filePath, depth = 1) => {
|
|
133
144
|
const result = await fg(['**/*.csproj', '**/packages.lock.json'], {
|
|
134
145
|
dot: false,
|
|
135
|
-
deep:
|
|
146
|
+
deep: depth,
|
|
136
147
|
onlyFiles: true,
|
|
137
148
|
cwd: filePath ? filePath : process.cwd()
|
|
138
149
|
})
|
|
139
150
|
|
|
140
151
|
if (result.length > 0) {
|
|
141
|
-
return languagesFound.push({
|
|
152
|
+
return languagesFound.push({
|
|
153
|
+
DOTNET: result,
|
|
154
|
+
filePath: 'packages.lock.json'
|
|
155
|
+
})
|
|
142
156
|
}
|
|
143
157
|
return languagesFound
|
|
144
158
|
}
|
|
@@ -1,7 +1,10 @@
|
|
|
1
1
|
const commandlineAuth = require('./commandlineParams')
|
|
2
2
|
const configStoreParams = require('./configStoreParams')
|
|
3
3
|
const envVariableParams = require('./envVariableParams')
|
|
4
|
-
const {
|
|
4
|
+
const {
|
|
5
|
+
validateAuthParams,
|
|
6
|
+
validateFingerprintParams
|
|
7
|
+
} = require('../validationCheck')
|
|
5
8
|
const i18n = require('i18n')
|
|
6
9
|
|
|
7
10
|
const getAuth = params => {
|
|
@@ -21,4 +24,15 @@ const getAuth = params => {
|
|
|
21
24
|
}
|
|
22
25
|
}
|
|
23
26
|
|
|
24
|
-
|
|
27
|
+
const getFingerprint = params => {
|
|
28
|
+
if (validateFingerprintParams(params)) {
|
|
29
|
+
return params
|
|
30
|
+
} else {
|
|
31
|
+
console.log(
|
|
32
|
+
'missing fingerprint params please check repository-url and repository-name'
|
|
33
|
+
)
|
|
34
|
+
process.exit(1)
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
|
|
38
|
+
module.exports = { getAuth, getFingerprint }
|