@contrast/contrast 2.0.1 → 2.0.2-beta.0

package/dist/audit/report/reportingFeature.js

@@ -29,6 +29,7 @@ const reportUtils_1 = require("./utils/reportUtils");
 const constants = __importStar(require("../../constants/constants"));
 const severityCountModel_1 = require("./models/severityCountModel");
 const common = __importStar(require("../../common/fail"));
+const save_1 = require("../save");
 function convertKeysToStandardFormat(config, guidance) {
     let convertedGuidance = guidance;
     switch (config.language) {
@@ -83,6 +84,12 @@ async function vulnerabilityReportV2(config, reportId) {
         const output = formatVulnerabilityOutput(reportResponse.vulnerabilities, config.applicationId, config, reportResponse.remediationGuidance
             ? reportResponse.remediationGuidance
             : {});
+        if (config.save !== undefined) {
+            await (0, save_1.auditSave)(config);
+        }
+        else {
+            console.log('\nUse contrast audit --save to generate an SBOM');
+        }
         if (config.fail) {
             common.processFail(config, output[2]);
         }

package/dist/cliConstants.js

@@ -365,6 +365,7 @@ const auditOptionDefinitions = [
         name: 'legacy',
         alias: 'l',
         type: Boolean,
+        defaultValue: false,
         description: '{bold ' +
             i18n.__('constantsOptional') +
             '}:' +
@@ -379,7 +380,12 @@ const auditOptionDefinitions = [
             i18n.__('auditOptionsRepoSummary')
     },
     {
-        name: 'repo-id',
+        name: 'repository-id',
+        type: String,
+        description: ''
+    },
+    {
+        name: 'project-group-id',
         type: String,
         description: ''
     }
@@ -392,7 +398,7 @@ const fingerprintOptionDefinitions = [
         description: '{bold ' + i18n.__('constantsOptional') + '}: ' + i18n.__('depthOption')
     },
     {
-        name: 'repo-url',
+        name: 'repository-url',
         type: String,
         description: ''
     },
@@ -402,12 +408,7 @@ const fingerprintOptionDefinitions = [
         description: ''
     },
     {
-        name: 'repo-name',
-        type: String,
-        description: ''
-    },
-    {
-        name: 'language',
+        name: 'repository-name',
         type: String,
         description: ''
     }

package/dist/commands/audit/processAudit.js

@@ -4,14 +4,12 @@ const { auditUsageGuide } = require('./help');
 const scaController = require('../../scaAnalysis/scaAnalysis');
 const { sendTelemetryConfigAsObject } = require('../../telemetry/telemetry');
 const { postRunMessage } = require('../../common/commonHelp');
-const settingsHelper = require('../../utils/settingsHelper');
 const processAudit = async (contrastConf, argvMain) => {
     if (argvMain.indexOf('--help') !== -1) {
         printHelpMessage();
         process.exit(0);
     }
     let config = await auditConfig.getAuditConfig(contrastConf, 'audit', argvMain);
-    config = await settingsHelper.getSettings(config);
     await scaController.processSca(config);
     if (!config.fingerprint) {
         postRunMessage('audit');

package/dist/commands/github/fingerprintConfig.js

@@ -3,8 +3,9 @@ const parsedCLIOptions = require('../../utils/parsedCLIOptions');
 const constants = require('../../cliConstants');
 const paramHandler = require('../../utils/paramsUtil/paramHandler');
 const getFingerprintConfig = async (contrastConf, command, argv) => {
-    const fingerprintParameters = await parsedCLIOptions.getCommandLineArgsCustom(contrastConf, command, argv, constants.commandLineDefinitions.fingerprintOptionDefinitions);
+    let fingerprintParameters = await parsedCLIOptions.getCommandLineArgsCustom(contrastConf, command, argv, constants.commandLineDefinitions.fingerprintOptionDefinitions);
     const paramsAuth = paramHandler.getAuth(fingerprintParameters);
+    fingerprintParameters = paramHandler.getFingerprint(fingerprintParameters);
     return { ...paramsAuth, ...fingerprintParameters };
 };
 module.exports = {

package/dist/commands/github/processFingerprint.js

@@ -1,18 +1,28 @@
 "use strict";
 const fingerprintConfig = require('./fingerprintConfig');
 const repoServices = require('./repoServices');
-const settingsHelper = require('../../utils/settingsHelper');
 const autoDetection = require('../../scan/autoDetection');
 const saveResults = require('../../scan/saveResults');
+const projectConfig = require('./projectGroup');
 const processFingerprint = async (contrastConf, argvMain) => {
     let config = await fingerprintConfig.getFingerprintConfig(contrastConf, 'fingerprint', argvMain);
-    config = await settingsHelper.getSettings(config);
     config.repositoryId = await repoServices.getRepoId(config);
-    let fingerprint = await autoDetection.autoDetectFingerprintInfo(config.file, config.depth, config);
-    let idArray = fingerprint.map(x => x.id);
-    await saveResults.writeResultsToFile(fingerprint, 'fingerPrintInfo.json');
-    return console.log(idArray);
+    if (config.repositoryId !== '') {
+        config.projectGroupId = await projectConfig.getProjectGroupId(config);
+        let fingerprint = await autoDetection.autoDetectFingerprintInfo(config.file, config.depth, config);
+        if (fingerprint.length === 0) {
+            console.log('No supported manifests found');
+            process.exit(0);
+        }
+        let idArray = fingerprint.map(x => x.id);
+        await saveResults.writeResultsToFile(fingerprint, 'fingerPrintInfo.json');
+        return console.log(idArray);
+    }
+    else {
+        console.log('No repository Id found');
+        process.exit(1);
+    }
 };
 module.exports = {
-    processFingerprint
+    processFingerprint: processFingerprint
 };

package/dist/commands/github/projectGroup.js

@@ -13,23 +13,38 @@ const getProjectIdByOrg = async (config) => {
 };
 const createNewProjectGroupBody = async (config) => {
     let body = {
-        organizationId: config.organizationId,
-        name: config.name ? config.name : config.file
+        organizationId: config.organizationId
     };
     if (config.repo || config?.repositoryId) {
         body.repositoryId = config.repositoryId;
         body.type = 'REPOSITORY';
+        body.name = getProjectGroupNameRepo(config);
     }
     else {
         body.repositoryId = null;
         body.type = 'CLI';
+        body.name = getProjectGroupNameCLI(config);
     }
     return body;
 };
+const getProjectGroupNameRepo = config => {
+    return config.repositoryName;
+};
+const getProjectGroupNameCLI = config => {
+    return config.name ? config.name : config.file;
+};
+const getProjectName = config => {
+    return config.name ? config.name : config.fileName;
+};
 const registerNewProjectGroup = async (config) => {
     let body = await createNewProjectGroupBody(config);
     const client = await commonApi.getHttpClient(config);
-    body.projects = createProjects([config]);
+    if (config.repositoryId) {
+        body.projects = [];
+    }
+    else {
+        body.projects = createProjectsArray([config]);
+    }
     let projectGroupInfo = await client
         .registerProjectGroup(config, body)
         .then(res => {
@@ -46,7 +61,7 @@ const registerNewProjectGroup = async (config) => {
             return res?.body?.projectGroupId;
         }
         if (res.statusCode === 409) {
-            return [];
+            return '';
         }
     })
         .catch(err => {
@@ -55,53 +70,94 @@ const registerNewProjectGroup = async (config) => {
     });
     return projectGroupInfo;
 };
-const createProjects = params => {
+const createProjectsArray = params => {
     let projectsArray = [];
     let projects = {};
     params.forEach(param => {
-        projects = {
-            path: param.file,
-            name: param.name ? param.name : param.file,
-            source: 'SCA',
-            language: param.language,
-            packageManager: 'MAVEN',
-            target: 'SCA',
-            sourceId: ''
-        };
+        projects = createProject(param);
         projectsArray.push(projects);
     });
     return projectsArray;
 };
+const createProject = param => {
+    return {
+        path: param.fileName,
+        name: param.repo ? param.fileName : getProjectName(param),
+        source: 'SCA',
+        language: param.language,
+        packageManager: param.packageManager,
+        target: 'SCA',
+        sourceId: ''
+    };
+};
 const getExistingGroupProjectId = (config, projectGroupsInfoEx) => {
     let existingGroupProjectId = '';
     projectGroupsInfoEx.forEach(i => {
-        if (i.name === config.name) {
+        if (i.repositoryId === config.repositoryId) {
             existingGroupProjectId = i.projectGroupId;
         }
     });
     return existingGroupProjectId;
 };
 const getProjectIdFromArray = (config, array) => {
-    let projectId = '';
-    array?.forEach(i => {
-        if (i.name === config.name) {
-            projectId = i.projectId;
+    if (array.length === 1) {
+        return array[0].projectId;
+    }
+    if (config.name) {
+        for (const i of array) {
+            if (i.name === config.name)
+                return i.projectId;
         }
-    });
-    return projectId;
+    }
+    for (const i of array) {
+        if (i.name === config.fileName)
+            return i.projectId;
+    }
+    return '';
+};
+const addAdditionalData = (body, data) => {
+    body.projectGroupId = data.projectGroupId ? data.projectGroupId : null;
+    body.projectGroupName = data.projectGroupName ? data.projectGroupName : null;
+    body.projectLanguage = data.projectLanguage ? data.projectLanguage : null;
+    body.projectType = data.projectType ? data.projectType : null;
 };
-const registerProjectIdOnCliServices = async (config, projectId) => {
+const registerProjectIdOnCliServices = async (config, projectId, additionalData = undefined) => {
     const client = commonApi.getHttpClient(config);
     let cliServicesBody = {
         projectId: projectId,
-        name: config.name
+        name: config.repo ? config.fileName : getProjectName(config)
     };
+    if (additionalData) {
+        addAdditionalData(cliServicesBody, additionalData);
+    }
     let result = await client
         .registerOnCliServices(config, cliServicesBody)
         .then(res => {
         if (config.debug || config.verbose) {
             console.log('\nregistration on cli services');
+            console.log('request body', cliServicesBody);
+            console.log('response code', res.statusCode);
+        }
+        if (res.statusCode === 201 || res.statusCode === 200) {
+            return res.body;
+        }
+        else {
+            console.log('Failed to Register On Cli Services');
             console.log(res.statusCode);
+            process.exit(1);
+        }
+    });
+    return result;
+};
+const registerProjectWithGroupProjectId = async (config) => {
+    const client = commonApi.getHttpClient(config);
+    config.language = config.language === 'NODE' ? 'JAVASCRIPT' : config.language;
+    let body = createProject(config);
+    let result = await client.registerProject(config, body).then(res => {
+        if (config.debug || config.verbose) {
+            console.log('\nregister Project With Group ProjectId');
+            console.log(res.statusCode);
+            console.log(res.body);
         }
         if (res.statusCode === 201 || res.statusCode === 200) {
             return res.body;
@@ -113,7 +169,7 @@ const registerProjectIdOnCliServices = async (config, projectId) => {
     return result;
 };
 const retrieveExistingProjectIdWithProjectGroupId = async (config, client, projectGroupId) => {
-    let groups = await client
+    return await client
         .retrieveExistingProjectIdByProjectGroupId(config, projectGroupId)
         .then(res => {
         if (config.debug || config.verbose) {
@@ -125,10 +181,9 @@ const retrieveExistingProjectIdWithProjectGroupId = async (config, client, proje
             return res.body;
         }
         else {
-            return [];
+            return '';
         }
     });
-    return getProjectIdFromArray(config, groups);
 };
 const retrieveProjectByOrganization = async (config, client) => {
     return await client.retrieveProjectByOrganizationId(config).then(res => {
@@ -145,16 +200,36 @@ const retrieveProjectByOrganization = async (config, client) => {
         }
     });
 };
-const retrieveExistingProjectGroups = async (config, client) => {
+const retrieveExistingProjectGroups = async (config) => {
+    const client = commonApi.getHttpClient(config);
     return await client.retrieveExistingProjectGroupsByOrg(config).then(res => {
+        if (config.debug || config.verbose) {
+            console.log('retrieve Existing ProjectGroups By Org');
+            console.log(res.statusCode);
+            console.log(res.body);
+        }
         if (res.statusCode === 201 || res.statusCode === 200) {
-            return res.body;
+            let correctGroupID = res?.body?.filter(i => i.repositoryId === config.repositoryId);
+            if (correctGroupID.length > 0) {
+                return correctGroupID[0].projectGroupId;
+            }
+            return '';
         }
         else {
-            return [];
+            return '';
         }
     });
 };
+const getProjectGroupId = async (config) => {
+    let projectGroupId = '';
+    if (config.projectGroupId === '' || config.projectGroupId === undefined) {
+        projectGroupId = await retrieveExistingProjectGroups(config);
+    }
+    if (projectGroupId === '') {
+        projectGroupId = await registerNewProjectGroup(config);
+    }
+    return projectGroupId;
+};
 const dealWithNoName = async (config) => {
     try {
         config.name = getAppName(config.file);
@@ -170,5 +245,10 @@ module.exports = {
     registerProjectIdOnCliServices,
     dealWithNoName,
     registerNewProjectGroup,
-    createNewProjectGroupBody
+    createNewProjectGroupBody,
+    registerProjectWithGroupProjectId,
+    getExistingGroupProjectId,
+    getProjectGroupId,
+    retrieveExistingProjectGroups,
+    createProject
 };

package/dist/commands/github/repoServices.js

@@ -21,12 +21,16 @@ const retrieveRepoId = async (config) => {
 };
 const registerNewRepo = async (config) => {
     let body = {
-        externalScmUrl: config.repoUrl ? config.repoUrl : '',
-        externalScmName: config.repoName,
-        externalId: config.externalId ? config.externalId : '',
+        externalScmUrl: config.repositoryUrl,
+        externalScmName: config.repositoryName,
+        externalId: config.externalId,
         primaryLanguage: config.language,
         defaultBranch: 'develop'
     };
+    if (config.debug || config.verbose) {
+        console.log('registerNewRepo');
+        console.log(body);
+    }
     const client = await commonApi.getHttpClient(config);
     let result = await client
         .registerRepo(config, body)
@@ -46,10 +50,43 @@ const registerNewRepo = async (config) => {
         if (res.statusCode === 409) {
             return '';
         }
+        if (res.statusCode === 400) {
+            if (config.debug || config.verbose) {
+                console.log('\nError Registering Repository - Bad request');
+                console.log(res.statusCode);
+                console.log(res.message);
+            }
+            process.exit(1);
+        }
     })
         .catch(err => {
         console.log('\nError Registering Repository');
         console.log(err.statusCode);
+        console.log(err.message);
+        process.exit(1);
+    });
+    return result;
+};
+const retrieveProjectInfoViaRepoId = async (config) => {
+    const client = await commonApi.getHttpClient(config);
+    let result = await client
+        .retrieveProjectByRepoId(config)
+        .then(res => {
+        if (config.debug || config.verbose) {
+            console.log('\nRetrieve Project By RepoId');
+            console.log(res.statusCode);
+            console.log(res.body);
+        }
+        if (res.statusCode === 201 || res.statusCode === 200) {
+            return res?.body;
+        }
+        if (res.statusCode === 409) {
+            return [];
+        }
+    })
+        .catch(err => {
+        console.log('\nError Retrieve Project By RepoId');
+        console.log(err.statusCode);
     });
     return result;
 };
@@ -66,5 +103,6 @@ const getRepoId = async (config) => {
 module.exports = {
     retrieveRepoId,
     registerNewRepo,
-    getRepoId
+    getRepoId,
+    retrieveProjectInfoViaRepoId
 };

package/dist/common/HTTPClient.js

@@ -171,11 +171,6 @@ HTTPClient.prototype.scaServiceIngest = function scaServiceIngest(requestBody, c
     let url = createScaServiceIngestURL(config);
     options.url = url;
     options.body = requestBody;
-    if (config.debug || config.verbose) {
-        console.log('scaServiceIngest');
-        console.log('url', options.url);
-        console.log('body', options.body);
-    }
     return requestUtils.sendRequest({ method: 'post', options });
 };
 HTTPClient.prototype.noProjectIdUpload = function scaServiceIngest(requestBody, config) {
@@ -257,6 +252,13 @@ HTTPClient.prototype.registerRepo = function registerRepo(config, requestBody) {
     options.body = requestBody;
     return requestUtils.sendRequest({ method: 'post', options });
 };
+HTTPClient.prototype.retrieveProjectByRepoId = function retrieveProjectByRepoId(config, requestBody) {
+    const options = _.cloneDeep(this.requestOptions);
+    let url = createRepoProjectUrl(config);
+    options.url = url;
+    options.body = requestBody;
+    return requestUtils.sendRequest({ method: 'get', options });
+};
 HTTPClient.prototype.registerProjectGroup = function (config, requestBody) {
     const options = _.cloneDeep(this.requestOptions);
     let url = registerProjectGroupUrl(config);
@@ -265,15 +267,15 @@ HTTPClient.prototype.registerProjectGroup = function (config, requestBody) {
     if (config.debug || config.verbose) {
         console.log('registerProjectGroup');
         console.log('url', options.url);
-        console.log('body', options.body);
     }
     return requestUtils.sendRequest({ method: 'post', options });
 };
-HTTPClient.prototype.registerProject = function (config, projectGroupId) {
+HTTPClient.prototype.registerProject = function (config, body) {
     const options = _.cloneDeep(this.requestOptions);
-    let url = registerProjectUrl(config, projectGroupId);
+    let url = registerProjectUrl(config);
     options.url = url;
-    return requestUtils.sendRequest({ method: 'get', options });
+    options.body = body;
+    return requestUtils.sendRequest({ method: 'post', options });
 };
 HTTPClient.prototype.retrieveSourcesViaRepositoryId = function (config, repositoryId) {
     const options = _.cloneDeep(this.requestOptions);
@@ -303,12 +305,21 @@ HTTPClient.prototype.retrieveProjectByOrganizationId = function registerRepo(con
     const options = _.cloneDeep(this.requestOptions);
     let url = retrieveProjectByOrganizationIdUrl(config);
     options.url = url;
+    if (config.debug || config.verbose) {
+        console.log(url);
+    }
     return requestUtils.sendRequest({ method: 'get', options });
 };
 HTTPClient.prototype.retrieveExistingProjectGroupsByOrg = function registerRepo(config) {
     const options = _.cloneDeep(this.requestOptions);
-    let url = retrieveExistingGroupProjectsByOrgUrl(config);
+    let url = retrieveExistingGroupProjectsByOrgUrl(config) +
+        '?name=' +
+        config.repositoryName +
+        '&type=REPOSITORY';
     options.url = url;
+    if (config.debug || config.verbose) {
+        console.log(options.url);
+    }
     return requestUtils.sendRequest({ method: 'get', options });
 };
 HTTPClient.prototype.retrieveExistingProjectIdByProjectGroupId =
@@ -450,14 +461,16 @@ function createScaServiceReportStatusURL(config, reportId) {
     return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/ingests/${reportId}/status`;
 }
 function createScaServiceNoProjectIdURL(config) {
-    return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/ingests/tree${config.repo ? '?incomplete=true' : ''}`;
+    return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/libraries/ingests/tree${config.repo && config.language === 'JAVA?' ? 'incomplete=true' : ''}`;
 }
 function createScaServiceHealthURL(config) {
     return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/health`;
 }
 function createScaServiceIngestURL(config) {
     let optionalParams = [];
-    config.repo ? optionalParams.push('incomplete=true') : null;
+    config.repo && config.language === 'JAVA'
+        ? optionalParams.push('incomplete=true')
+        : null;
     config.track ? optionalParams.push('persist=true') : null;
     let params = '?';
     optionalParams.forEach(param => {
@@ -479,8 +492,8 @@ const createAppNameUrl = config => {
 const registerProjectGroupUrl = config => {
     return `${config.host}/api/v4/organizations/${config.organizationId}/project-groups`;
 };
-const registerProjectUrl = (config, projectGroupId) => {
-    return `${config.host}/api/v4/organizations/${config.organizationId}/project-groups/${projectGroupId}/projects`;
+const registerProjectUrl = config => {
+    return `${config.host}/api/v4/organizations/${config.organizationId}/project-groups/${config.projectGroupId}/projects`;
 };
 const retrieveRegisterOnCliServicesUrl = config => {
     return `${config.host}/Contrast/api/sca/organizations/${config.organizationId}/projects`;
@@ -489,15 +502,20 @@ const retrieveSourcesUrl = (config, repositoryId) => {
     return `${config.host}/projects/v1/repositories/${repositoryId}/sources`;
 };
 const retrieveRepoByOrgAndGitURL = config => {
-    return `${config.host}/api/v4/organizations/${config.organizationId}/repositories/external-url?externalRepoUrl=${config.repoUrl}`;
+    return `${config.host}/api/v4/organizations/${config.organizationId}/repositories/external-url?externalRepoUrl=${config.repositoryUrl}`;
 };
 const retrieveProjectByOrganizationIdUrl = config => {
     let baseUrl = `${config.host}/api/v4/organizations/${config.organizationId}/projects`;
-    baseUrl = config.name ? baseUrl.concat(`?name=${config.name}`) : baseUrl;
+    baseUrl = config.name
+        ? baseUrl.concat(`?name=${config.name}`)
+        : baseUrl.concat(`?name=${config.fileName}`);
     baseUrl = config.language
         ? baseUrl.concat(`&language=${config.language}`)
         : baseUrl;
     baseUrl = config.language ? baseUrl.concat(`&source=SCA`) : baseUrl;
+    baseUrl = config.repo
+        ? baseUrl.concat(`&type=REPOSITORY`)
+        : baseUrl.concat(`&type=CLI`);
     return baseUrl;
 };
 const retrieveExistingGroupProjectsByOrgUrl = config => {
@@ -512,6 +530,9 @@ const retrieveExistingRepoUrl = config => {
 function createRepositoryUrl(config) {
     return `${config.host}/api/v4/organizations/${config.organizationId}/repositories`;
 }
+function createRepoProjectUrl(config) {
+    return `${config.host}/api/v4/organizations/${config.organizationId}/repositories/${config.repositoryId}/projects`;
+}
 function createLibraryVulnerabilitiesUrl(config) {
     return `${config.host}/Contrast/api/ng/${config.organizationId}/libraries/artifactsByGroupNameVersion`;
 }

package/dist/common/baseRequest.js

@@ -0,0 +1,74 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildBaseRequestOptions = exports.gotInstance = void 0;
+const hpagent_1 = require("hpagent");
+const fs_1 = __importDefault(require("fs"));
+const got_1 = __importDefault(require("got"));
+function gotInstance(config) {
+    return got_1.default.extend({ retry: { limit: 0 }, ...buildBaseRequestOptions(config) });
+}
+exports.gotInstance = gotInstance;
+function buildBaseRequestOptions(config) {
+    const { apiKey, authorization } = config;
+    const rejectUnauthorized = !config.certSelfSigned;
+    const superApiKey = config.superApiKey;
+    const superAuthToken = config.superAuthorization;
+    const requestOptions = {
+        responseType: 'json',
+        forever: true,
+        uri: config.host,
+        followRedirect: false,
+        headers: {
+            'Content-Type': 'application/json; charset=utf-8',
+            Authorization: authorization,
+            'API-Key': apiKey,
+            SuperAuthorization: superAuthToken,
+            'Super-API-Key': superApiKey,
+            'User-Agent': 'contrast-cli-v2'
+        },
+        agent: getAgent(config)
+    };
+    requestOptions.https = {
+        rejectUnauthorized: rejectUnauthorized
+    };
+    maybeAddCertsToRequest(config, requestOptions.https);
+    return requestOptions;
+}
+exports.buildBaseRequestOptions = buildBaseRequestOptions;
+function getAgent(config) {
+    return config.proxy
+        ? new hpagent_1.HttpsProxyAgent({ proxy: config.proxy })
+        : false;
+}
+function maybeAddCertsToRequest(config, https) {
+    const caCertFilePath = config.cacert;
+    if (caCertFilePath) {
+        try {
+            https.certificateAuthority = fs_1.default.readFileSync(caCertFilePath);
+        }
+        catch (error) {
+            throw new Error(`Unable to read CA from ${caCertFilePath}, msg: ${error.message}`);
+        }
+    }
+    const certPath = config.cert;
+    if (certPath) {
+        try {
+            https.certificate = fs_1.default.readFileSync(certPath);
+        }
+        catch (error) {
+            throw new Error(`Unable to read Certificate PEM file from config option contrast.api.certificate.cert_file='${certPath}', msg: ${error.message}`);
+        }
+    }
+    const keyPath = config.key;
+    if (keyPath) {
+        try {
+            https.key = fs_1.default.readFileSync(keyPath);
+        }
+        catch (error) {
+            throw new Error(`Unable to read Key PEM file from config option contrast.api.certificate.key_file='${keyPath}', msg: ${error.message}`);
+        }
+    }
+}

package/dist/constants/constants.js

@@ -12,7 +12,7 @@ const MEDIUM = 'MEDIUM';
 const HIGH = 'HIGH';
 const CRITICAL = 'CRITICAL';
 const APP_NAME = 'contrast';
-const APP_VERSION = '2.0.1';
+const APP_VERSION = '2.0.2-beta.0';
 const TIMEOUT = 120000;
 const HIGH_COLOUR = '#ff9900';
 const CRITICAL_COLOUR = '#e35858';

package/dist/scaAnalysis/common/auditReport.js

@@ -2,11 +2,18 @@
 const { getSeverityCounts, printNoVulnFoundMsg } = require('../../audit/report/commonReportingFunctions');
 const common = require('../../common/fail');
 const { printFormattedOutputSca } = require('./commonReportingFunctionsSca');
-const processAuditReport = (config, reportModelList) => {
+const { auditSave } = require('../../audit/save');
+const processAuditReport = async (config, reportModelList, reportId) => {
     let severityCounts = {};
     if (reportModelList !== undefined) {
         severityCounts = formatScaServicesReport(config, reportModelList);
     }
+    if (config.save !== undefined) {
+        await auditSave(config, reportId);
+    }
+    else {
+        console.log('Use contrast audit --save to generate an SBOM');
+    }
     if (config.fail) {
         common.processFail(config, severityCounts);
     }