@contrast/contrast 2.0.1 → 2.0.2-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (49) hide show
  1. package/dist/audit/report/reportingFeature.js +7 -0
  2. package/dist/cliConstants.js +9 -8
  3. package/dist/commands/audit/processAudit.js +0 -2
  4. package/dist/commands/github/fingerprintConfig.js +2 -1
  5. package/dist/commands/github/processFingerprint.js +17 -7
  6. package/dist/commands/github/projectGroup.js +110 -30
  7. package/dist/commands/github/repoServices.js +42 -4
  8. package/dist/common/HTTPClient.js +37 -16
  9. package/dist/common/baseRequest.js +74 -0
  10. package/dist/constants/constants.js +1 -1
  11. package/dist/scaAnalysis/common/auditReport.js +8 -1
  12. package/dist/scaAnalysis/common/scaServicesUpload.js +3 -1
  13. package/dist/scaAnalysis/go/goReadDepFile.js +5 -1
  14. package/dist/scaAnalysis/java/analysis.js +1 -1
  15. package/dist/scaAnalysis/java/javaBuildDepsParser.js +11 -1
  16. package/dist/scaAnalysis/legacy/legacyFlow.js +0 -6
  17. package/dist/scaAnalysis/processServicesFlow.js +38 -17
  18. package/dist/scaAnalysis/repoMode/mavenParser.js +95 -53
  19. package/dist/scaAnalysis/scaAnalysis.js +4 -8
  20. package/dist/scan/autoDetection.js +12 -5
  21. package/dist/scan/fileUtils.js +33 -19
  22. package/dist/utils/paramsUtil/paramHandler.js +11 -2
  23. package/dist/utils/validationCheck.js +5 -1
  24. package/package.json +7 -3
  25. package/src/audit/report/reportingFeature.ts +7 -0
  26. package/src/cliConstants.js +9 -8
  27. package/src/commands/audit/processAudit.js +0 -2
  28. package/src/commands/github/fingerprintConfig.js +2 -2
  29. package/src/commands/github/processFingerprint.js +21 -11
  30. package/src/commands/github/projectGroup.js +131 -35
  31. package/src/commands/github/repoServices.js +46 -4
  32. package/src/common/HTTPClient.js +46 -17
  33. package/src/common/baseRequest.ts +83 -0
  34. package/src/constants/constants.js +1 -1
  35. package/src/scaAnalysis/common/auditReport.js +8 -1
  36. package/src/scaAnalysis/common/scaServicesUpload.js +5 -1
  37. package/src/scaAnalysis/go/goReadDepFile.js +5 -1
  38. package/src/scaAnalysis/java/analysis.js +1 -1
  39. package/src/scaAnalysis/java/javaBuildDepsParser.js +17 -1
  40. package/src/scaAnalysis/legacy/legacyFlow.js +0 -5
  41. package/src/scaAnalysis/processServicesFlow.js +82 -24
  42. package/src/scaAnalysis/repoMode/mavenParser.js +112 -62
  43. package/src/scaAnalysis/scaAnalysis.js +9 -8
  44. package/src/scan/autoDetection.js +12 -5
  45. package/src/scan/fileUtils.js +33 -19
  46. package/src/utils/paramsUtil/paramHandler.js +16 -2
  47. package/src/utils/validationCheck.js +6 -1
  48. package/dist/utils/settingsHelper.js +0 -14
  49. package/src/utils/settingsHelper.js +0 -16
package/src/scan/fileUtils.js CHANGED
@@ -18,6 +18,7 @@ const findAllFiles = async (filePath, depth = 2) => {
18
18
  '**/build.gradle',
19
19
  '**/build.gradle.kts',
20
20
  '**/package.json',
21
+ '**/package-lock.json',
21
22
  '**/yarn.lock',
22
23
  '**/Pipfile',
23
24
  '**/*.csproj',
@@ -51,94 +52,107 @@ const findFilesJava = async (languagesFound, filePath, depth = 1) => {
51
52
  )
52
53
 
53
54
  if (result.length > 0) {
54
- return languagesFound.push({ JAVA: result, language: 'JAVA' })
55
+ let lockFile = result.find(i => i.includes('pom') || i.includes('gradle'))
56
+ return languagesFound.push({
57
+ JAVA: result,
58
+ language: 'JAVA',
59
+ filePath: lockFile
60
+ })
55
61
  }
56
62
  return languagesFound
57
63
  }
58
64
 
59
- const findFilesJavascript = async (languagesFound, filePath) => {
65
+ const findFilesJavascript = async (languagesFound, filePath, depth = 1) => {
60
66
  const result = await fg(
61
67
  ['**/package.json', '**/yarn.lock', '**/package-lock.json'],
62
68
  {
63
69
  dot: false,
64
- deep: 1,
70
+ deep: depth,
65
71
  onlyFiles: true,
66
72
  cwd: filePath ? filePath : process.cwd()
67
73
  }
68
74
  )
69
75
 
70
76
  if (result.length > 0) {
71
- return languagesFound.push({ JAVASCRIPT: result, language: 'JAVASCRIPT' })
77
+ let lockFile = result.find(i => i.includes('lock'))
78
+ return languagesFound.push({
79
+ JAVASCRIPT: result,
80
+ language: 'JAVASCRIPT',
81
+ filePath: lockFile
82
+ })
72
83
  }
73
84
  return languagesFound
74
85
  }
75
86
 
76
- const findFilesPython = async (languagesFound, filePath) => {
87
+ const findFilesPython = async (languagesFound, filePath, depth = 1) => {
77
88
  const result = await fg(['**/Pipfile.lock', '**/Pipfile'], {
78
89
  dot: false,
79
- deep: 3,
90
+ deep: depth,
80
91
  onlyFiles: true,
81
92
  cwd: filePath ? filePath : process.cwd()
82
93
  })
83
94
 
84
95
  if (result.length > 0) {
85
- return languagesFound.push({ PYTHON: result })
96
+ return languagesFound.push({ PYTHON: result, filePath: 'Pipfile' })
86
97
  }
87
98
  return languagesFound
88
99
  }
89
100
 
90
- const findFilesGo = async (languagesFound, filePath) => {
101
+ const findFilesGo = async (languagesFound, filePath, depth = 1) => {
91
102
  const result = await fg(['**/go.mod'], {
92
103
  dot: false,
93
- deep: 3,
104
+ deep: depth,
94
105
  onlyFiles: true,
95
106
  cwd: filePath ? filePath : process.cwd()
96
107
  })
97
108
 
98
109
  if (result.length > 0) {
99
- return languagesFound.push({ GO: result })
110
+ return languagesFound.push({ GO: result, filePath: 'go.mod' })
100
111
  }
101
112
  return languagesFound
102
113
  }
103
114
 
104
- const findFilesRuby = async (languagesFound, filePath) => {
115
+ const findFilesRuby = async (languagesFound, filePath, depth = 1) => {
105
116
  const result = await fg(['**/Gemfile', '**/Gemfile.lock'], {
106
117
  dot: false,
107
- deep: 3,
118
+ deep: depth,
108
119
  onlyFiles: true,
109
120
  cwd: filePath ? filePath : process.cwd()
110
121
  })
111
122
 
112
123
  if (result.length > 0) {
113
- return languagesFound.push({ RUBY: result })
124
+ return languagesFound.push({ RUBY: result, filePath: 'Gemfile' })
114
125
  }
115
126
  return languagesFound
116
127
  }
117
128
 
118
- const findFilesPhp = async (languagesFound, filePath) => {
129
+ const findFilesPhp = async (languagesFound, filePath, depth = 1) => {
119
130
  const result = await fg(['**/composer.json', '**/composer.lock'], {
120
131
  dot: false,
121
- deep: 3,
132
+ deep: depth,
122
133
  onlyFiles: true,
123
134
  cwd: filePath ? filePath : process.cwd()
124
135
  })
125
136
 
126
137
  if (result.length > 0) {
127
- return languagesFound.push({ PHP: result })
138
+ return languagesFound.push({ PHP: result, filePath: 'composer.lock' })
128
139
  }
129
140
  return languagesFound
130
141
  }
131
142
 
132
- const findFilesDotNet = async (languagesFound, filePath) => {
143
+ const findFilesDotNet = async (languagesFound, filePath, depth = 1) => {
133
144
  const result = await fg(['**/*.csproj', '**/packages.lock.json'], {
134
145
  dot: false,
135
- deep: 3,
146
+ deep: depth,
136
147
  onlyFiles: true,
137
148
  cwd: filePath ? filePath : process.cwd()
138
149
  })
139
150
 
140
151
  if (result.length > 0) {
141
- return languagesFound.push({ DOTNET: result })
152
+ return languagesFound.push({
153
+ DOTNET: result,
154
+ filePath: 'packages.lock.json'
155
+ })
142
156
  }
143
157
  return languagesFound
144
158
  }
package/src/utils/paramsUtil/paramHandler.js CHANGED
@@ -1,7 +1,10 @@
1
1
  const commandlineAuth = require('./commandlineParams')
2
2
  const configStoreParams = require('./configStoreParams')
3
3
  const envVariableParams = require('./envVariableParams')
4
- const { validateAuthParams } = require('../validationCheck')
4
+ const {
5
+ validateAuthParams,
6
+ validateFingerprintParams
7
+ } = require('../validationCheck')
5
8
  const i18n = require('i18n')
6
9
 
7
10
  const getAuth = params => {
@@ -21,4 +24,15 @@ const getAuth = params => {
21
24
  }
22
25
  }
23
26
 
24
- module.exports = { getAuth }
27
+ const getFingerprint = params => {
28
+ if (validateFingerprintParams(params)) {
29
+ return params
30
+ } else {
31
+ console.log(
32
+ 'missing fingerprint params please check repository-url and repository-name'
33
+ )
34
+ process.exit(1)
35
+ }
36
+ }
37
+
38
+ module.exports = { getAuth, getFingerprint }
package/src/utils/validationCheck.js CHANGED
@@ -27,8 +27,13 @@ const validateAuthParams = params => {
27
27
  )
28
28
  }
29
29
 
30
+ const validateFingerprintParams = params => {
31
+ return !!(params.repositoryUrl && params.repositoryName)
32
+ }
33
+
30
34
  module.exports = {
31
35
  checkConfigHasRequiredValues: checkConfigHasRequiredValues,
32
36
  validateAuthParams: validateAuthParams,
33
- validateRequiredScanParams: validateRequiredScanParams
37
+ validateRequiredScanParams: validateRequiredScanParams,
38
+ validateFingerprintParams: validateFingerprintParams
34
39
  }
package/dist/utils/settingsHelper.js DELETED
@@ -1,14 +0,0 @@
1
- "use strict";
2
- const generalAPI = require('./generalAPI');
3
- const { SAAS } = require('../constants/constants');
4
- const getSettings = async (config) => {
5
- config.isEOP =
6
- (await generalAPI.getMode(config)).toUpperCase() === SAAS ? false : true;
7
- if (config.legacy === undefined) {
8
- config.legacy = config.isEOP;
9
- }
10
- return config;
11
- };
12
- module.exports = {
13
- getSettings
14
- };
package/src/utils/settingsHelper.js DELETED
@@ -1,16 +0,0 @@
1
- const generalAPI = require('./generalAPI')
2
- const { SAAS } = require('../constants/constants')
3
-
4
- const getSettings = async config => {
5
- config.isEOP =
6
- (await generalAPI.getMode(config)).toUpperCase() === SAAS ? false : true
7
-
8
- if (config.legacy === undefined) {
9
- config.legacy = config.isEOP
10
- }
11
- return config
12
- }
13
-
14
- module.exports = {
15
- getSettings
16
- }