npm - @contrast/contrast - Versions diffs - 2.0.2-beta.0 → 2.0.2-beta.10 - Mend

@contrast/contrast 2.0.2-beta.0 → 2.0.2-beta.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (395) hide show

package/README.md +2 -1
package/dist/assess/assessConfig.js +9 -0
package/dist/assess/assessConfig.js.map +1 -0
package/dist/assess/help.js +37 -0
package/dist/assess/help.js.map +1 -0
package/dist/assess/http/index.js +39 -0
package/dist/assess/http/index.js.map +1 -0
package/dist/assess/index.js +69 -0
package/dist/assess/index.js.map +1 -0
package/dist/assess/metadata/findYamlFile.js +59 -0
package/dist/assess/metadata/findYamlFile.js.map +1 -0
package/dist/assess/metadata/index.js +37 -0
package/dist/assess/metadata/index.js.map +1 -0
package/dist/assess/metadata/utils.js +159 -0
package/dist/assess/metadata/utils.js.map +1 -0
package/dist/assess/printing/index.js +11 -0
package/dist/assess/printing/index.js.map +1 -0
package/dist/assess/printing/utils.js +119 -0
package/dist/assess/printing/utils.js.map +1 -0
package/dist/audit/auditConfig.js +9 -0
package/dist/audit/auditConfig.js.map +1 -0
package/dist/{commands/audit → audit}/auditController.js +9 -13
package/dist/audit/auditController.js.map +1 -0
package/dist/audit/auditRequests.js +193 -0
package/dist/audit/auditRequests.js.map +1 -0
package/dist/audit/auditRequestsLegacy.js +63 -0
package/dist/audit/auditRequestsLegacy.js.map +1 -0
package/dist/audit/catalogueApplication/catalogueApplication.js +16 -29
package/dist/audit/catalogueApplication/catalogueApplication.js.map +1 -0
package/dist/audit/help.js +68 -0
package/dist/audit/help.js.map +1 -0
package/dist/audit/languageAnalysisEngine/commonApi.js +12 -14
package/dist/audit/languageAnalysisEngine/commonApi.js.map +1 -0
package/dist/audit/languageAnalysisEngine/filterProjectPath.js +2 -1
package/dist/audit/languageAnalysisEngine/filterProjectPath.js.map +1 -0
package/dist/audit/languageAnalysisEngine/getProjectRootFilenames.js +9 -12
package/dist/audit/languageAnalysisEngine/getProjectRootFilenames.js.map +1 -0
package/dist/audit/languageAnalysisEngine/sendSnapshot.js +18 -30
package/dist/audit/languageAnalysisEngine/sendSnapshot.js.map +1 -0
package/dist/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js +9 -9
package/dist/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js.map +1 -0
package/dist/audit/processAudit.js +21 -0
package/dist/audit/processAudit.js.map +1 -0
package/dist/audit/report/commonReportingFunctions.js +33 -61
package/dist/audit/report/commonReportingFunctions.js.map +1 -0
package/dist/audit/report/models/reportGuidanceModel.js +2 -5
package/dist/audit/report/models/reportGuidanceModel.js.map +1 -0
package/dist/audit/report/models/reportLibraryModel.js +3 -7
package/dist/audit/report/models/reportLibraryModel.js.map +1 -0
package/dist/audit/report/models/reportListModel.js +4 -9
package/dist/audit/report/models/reportListModel.js.map +1 -0
package/dist/audit/report/models/reportOutputModel.js +4 -9
package/dist/audit/report/models/reportOutputModel.js.map +1 -0
package/dist/audit/report/models/reportSeverityModel.js +2 -5
package/dist/audit/report/models/reportSeverityModel.js.map +1 -0
package/dist/audit/report/models/severityCountModel.js +3 -5
package/dist/audit/report/models/severityCountModel.js.map +1 -0
package/dist/audit/report/reportingFeature.js +27 -55
package/dist/audit/report/reportingFeature.js.map +1 -0
package/dist/audit/report/utils/reportUtils.js +28 -59
package/dist/audit/report/utils/reportUtils.js.map +1 -0
package/dist/audit/save.js +14 -16
package/dist/audit/save.js.map +1 -0
package/dist/{commands/audit → audit}/saveFile.js +3 -6
package/dist/audit/saveFile.js.map +1 -0
package/dist/auth/auth.js +103 -0
package/dist/auth/auth.js.map +1 -0
package/dist/auth/authRequests.js +18 -0
package/dist/auth/authRequests.js.map +1 -0
package/dist/cliConstants.js +48 -18
package/dist/cliConstants.js.map +1 -0
package/dist/commands/config/config.js +12 -13
package/dist/commands/config/config.js.map +1 -0
package/dist/commands/learn/learn.js +3 -6
package/dist/commands/learn/learn.js.map +1 -0
package/dist/commands/learn/processLearn.js +3 -6
package/dist/commands/learn/processLearn.js.map +1 -0
package/dist/common/HTTPClient.js +193 -94
package/dist/common/HTTPClient.js.map +1 -0
package/dist/{scan → common}/autoDetection.js +53 -36
package/dist/common/autoDetection.js.map +1 -0
package/dist/common/baseRequest.js +59 -23
package/dist/common/baseRequest.js.map +1 -0
package/dist/common/commonHelp.js +13 -13
package/dist/common/commonHelp.js.map +1 -0
package/dist/common/errorHandling.js +49 -63
package/dist/common/errorHandling.js.map +1 -0
package/dist/common/fail.js +6 -12
package/dist/common/fail.js.map +1 -0
package/dist/common/stringManipulations.js +8 -0
package/dist/common/stringManipulations.js.map +1 -0
package/dist/common/versionChecker.js +16 -19
package/dist/common/versionChecker.js.map +1 -0
package/dist/constants/constants.js +46 -65
package/dist/constants/constants.js.map +1 -0
package/dist/constants/lambda.js +8 -5
package/dist/constants/lambda.js.map +1 -0
package/dist/constants/locales.js +14 -10
package/dist/constants/locales.js.map +1 -0
package/dist/github/fingerprintConfig.js +10 -0
package/dist/github/fingerprintConfig.js.map +1 -0
package/dist/github/processFingerprint.js +25 -0
package/dist/github/processFingerprint.js.map +1 -0
package/dist/github/projectGroup.js +225 -0
package/dist/github/projectGroup.js.map +1 -0
package/dist/github/repoServices.js +91 -0
package/dist/github/repoServices.js.map +1 -0
package/dist/index.js +42 -39
package/dist/index.js.map +1 -0
package/dist/lambda/analytics.js +6 -9
package/dist/lambda/analytics.js.map +1 -0
package/dist/lambda/arn.js +6 -9
package/dist/lambda/arn.js.map +1 -0
package/dist/lambda/aws.js +29 -34
package/dist/lambda/aws.js.map +1 -0
package/dist/lambda/cliError.js +13 -41
package/dist/lambda/cliError.js.map +1 -0
package/dist/lambda/constants.js +3 -4
package/dist/lambda/constants.js.map +1 -0
package/dist/lambda/help.js +39 -44
package/dist/lambda/help.js.map +1 -0
package/dist/lambda/lambda.js +61 -65
package/dist/lambda/lambda.js.map +1 -0
package/dist/lambda/lambdaUtils.js +38 -32
package/dist/lambda/lambdaUtils.js.map +1 -0
package/dist/lambda/logUtils.js +21 -17
package/dist/lambda/logUtils.js.map +1 -0
package/dist/lambda/scanDetailCompletion.js +19 -25
package/dist/lambda/scanDetailCompletion.js.map +1 -0
package/dist/lambda/scanRequest.js +34 -41
package/dist/lambda/scanRequest.js.map +1 -0
package/dist/lambda/scanResults.js +8 -10
package/dist/lambda/scanResults.js.map +1 -0
package/dist/lambda/types.js +5 -7
package/dist/lambda/types.js.map +1 -0
package/dist/lambda/utils.js +33 -35
package/dist/lambda/utils.js.map +1 -0
package/dist/sbom/generateSbom.js +6 -10
package/dist/sbom/generateSbom.js.map +1 -0
package/dist/scaAnalysis/common/auditReport.js +8 -12
package/dist/scaAnalysis/common/auditReport.js.map +1 -0
package/dist/scaAnalysis/common/commonReportingFunctionsSca.js +26 -32
package/dist/scaAnalysis/common/commonReportingFunctionsSca.js.map +1 -0
package/dist/scaAnalysis/common/formatMessage.js +8 -17
package/dist/scaAnalysis/common/formatMessage.js.map +1 -0
package/dist/scaAnalysis/common/models/ScaReportModel.js +4 -9
package/dist/scaAnalysis/common/models/ScaReportModel.js.map +1 -0
package/dist/scaAnalysis/common/scaParserForGoAndJava.js +10 -9
package/dist/scaAnalysis/common/scaParserForGoAndJava.js.map +1 -0
package/dist/scaAnalysis/common/scaServicesUpload.js +59 -90
package/dist/scaAnalysis/common/scaServicesUpload.js.map +1 -0
package/dist/scaAnalysis/common/treeUpload.js +15 -25
package/dist/scaAnalysis/common/treeUpload.js.map +1 -0
package/dist/scaAnalysis/common/utils/reportUtilsSca.js +21 -29
package/dist/scaAnalysis/common/utils/reportUtilsSca.js.map +1 -0
package/dist/scaAnalysis/dotnet/analysis.js +12 -18
package/dist/scaAnalysis/dotnet/analysis.js.map +1 -0
package/dist/scaAnalysis/dotnet/index.js +4 -7
package/dist/scaAnalysis/dotnet/index.js.map +1 -0
package/dist/scaAnalysis/go/goAnalysis.js +8 -11
package/dist/scaAnalysis/go/goAnalysis.js.map +1 -0
package/dist/scaAnalysis/go/goParseDeps.js +9 -7
package/dist/scaAnalysis/go/goParseDeps.js.map +1 -0
package/dist/scaAnalysis/go/goReadDepFile.js +10 -8
package/dist/scaAnalysis/go/goReadDepFile.js.map +1 -0
package/dist/scaAnalysis/java/analysis.js +23 -20
package/dist/scaAnalysis/java/analysis.js.map +1 -0
package/dist/scaAnalysis/java/index.js +7 -10
package/dist/scaAnalysis/java/index.js.map +1 -0
package/dist/scaAnalysis/java/javaBuildDepsParser.js +43 -43
package/dist/scaAnalysis/java/javaBuildDepsParser.js.map +1 -0
package/dist/scaAnalysis/javascript/analysis.js +16 -20
package/dist/scaAnalysis/javascript/analysis.js.map +1 -0
package/dist/scaAnalysis/javascript/index.js +17 -19
package/dist/scaAnalysis/javascript/index.js.map +1 -0
package/dist/scaAnalysis/javascript/scaServiceParser.js +8 -15
package/dist/scaAnalysis/javascript/scaServiceParser.js.map +1 -0
package/dist/scaAnalysis/legacy/legacyFlow.js +13 -15
package/dist/scaAnalysis/legacy/legacyFlow.js.map +1 -0
package/dist/scaAnalysis/php/analysis.js +15 -16
package/dist/scaAnalysis/php/analysis.js.map +1 -0
package/dist/scaAnalysis/php/index.js +5 -8
package/dist/scaAnalysis/php/index.js.map +1 -0
package/dist/scaAnalysis/php/phpNewServicesMapper.js +9 -12
package/dist/scaAnalysis/php/phpNewServicesMapper.js.map +1 -0
package/dist/scaAnalysis/processServicesFlow.js +86 -32
package/dist/scaAnalysis/processServicesFlow.js.map +1 -0
package/dist/scaAnalysis/python/analysis.js +16 -23
package/dist/scaAnalysis/python/analysis.js.map +1 -0
package/dist/scaAnalysis/python/index.js +4 -7
package/dist/scaAnalysis/python/index.js.map +1 -0
package/dist/scaAnalysis/repoMode/gradleParser.js +7 -13
package/dist/scaAnalysis/repoMode/gradleParser.js.map +1 -0
package/dist/scaAnalysis/repoMode/index.js +9 -12
package/dist/scaAnalysis/repoMode/index.js.map +1 -0
package/dist/scaAnalysis/repoMode/mavenParser.js +109 -73
package/dist/scaAnalysis/repoMode/mavenParser.js.map +1 -0
package/dist/scaAnalysis/ruby/analysis.js +32 -46
package/dist/scaAnalysis/ruby/analysis.js.map +1 -0
package/dist/scaAnalysis/ruby/index.js +5 -8
package/dist/scaAnalysis/ruby/index.js.map +1 -0
package/dist/scaAnalysis/scaAnalysis.js +49 -51
package/dist/scaAnalysis/scaAnalysis.js.map +1 -0
package/dist/scan/fileUtils.js +36 -40
package/dist/scan/fileUtils.js.map +1 -0
package/dist/scan/formatScanOutput.js +47 -61
package/dist/scan/formatScanOutput.js.map +1 -0
package/dist/scan/help.js +8 -11
package/dist/scan/help.js.map +1 -0
package/dist/scan/models/groupedResultsModel.js +2 -5
package/dist/scan/models/groupedResultsModel.js.map +1 -0
package/dist/scan/models/resultContentModel.js +2 -2
package/dist/scan/models/resultContentModel.js.map +1 -0
package/dist/scan/models/scanResultsModel.js +2 -5
package/dist/scan/models/scanResultsModel.js.map +1 -0
package/dist/scan/populateProjectIdAndProjectName.js +22 -60
package/dist/scan/populateProjectIdAndProjectName.js.map +1 -0
package/dist/scan/processScan.js +28 -0
package/dist/scan/processScan.js.map +1 -0
package/dist/scan/saveResults.js +3 -6
package/dist/scan/saveResults.js.map +1 -0
package/dist/scan/scan.js +33 -53
package/dist/scan/scan.js.map +1 -0
package/dist/scan/scanConfig.js +14 -12
package/dist/scan/scanConfig.js.map +1 -0
package/dist/scan/scanController.js +19 -21
package/dist/scan/scanController.js.map +1 -0
package/dist/scan/scanRequests.js +86 -0
package/dist/scan/scanRequests.js.map +1 -0
package/dist/scan/scanResults.js +26 -72
package/dist/scan/scanResults.js.map +1 -0
package/dist/telemetry/telemetry.js +29 -59
package/dist/telemetry/telemetry.js.map +1 -0
package/dist/utils/capabilities.js +2 -1
package/dist/utils/capabilities.js.map +1 -0
package/dist/utils/commonApi.js +58 -50
package/dist/utils/commonApi.js.map +1 -0
package/dist/utils/filterProjectPath.js +2 -1
package/dist/utils/filterProjectPath.js.map +1 -0
package/dist/utils/generalAPI.js +11 -33
package/dist/utils/generalAPI.js.map +1 -0
package/dist/utils/getConfig.js +8 -13
package/dist/utils/getConfig.js.map +1 -0
package/dist/utils/oraWrapper.js +7 -14
package/dist/utils/oraWrapper.js.map +1 -0
package/dist/utils/paramsUtil/commandlineParams.js +2 -5
package/dist/utils/paramsUtil/commandlineParams.js.map +1 -0
package/dist/utils/paramsUtil/configStoreParams.js +9 -10
package/dist/utils/paramsUtil/configStoreParams.js.map +1 -0
package/dist/utils/paramsUtil/envVariableParams.js +2 -3
package/dist/utils/paramsUtil/envVariableParams.js.map +1 -0
package/dist/utils/paramsUtil/paramHandler.js +12 -13
package/dist/utils/paramsUtil/paramHandler.js.map +1 -0
package/dist/utils/parsedCLIOptions.js +4 -7
package/dist/utils/parsedCLIOptions.js.map +1 -0
package/dist/utils/requestUtils.js +7 -13
package/dist/utils/requestUtils.js.map +1 -0
package/dist/utils/saveFile.js +8 -11
package/dist/utils/saveFile.js.map +1 -0
package/dist/utils/validationCheck.js +5 -11
package/dist/utils/validationCheck.js.map +1 -0
package/package.json +40 -48
package/.prettierignore +0 -1
package/bin/contrast.js +0 -2
package/dist/audit/languageAnalysisEngine/util/requestUtils.js +0 -14
package/dist/commands/audit/auditConfig.js +0 -12
package/dist/commands/audit/help.js +0 -70
package/dist/commands/audit/processAudit.js +0 -24
package/dist/commands/auth/auth.js +0 -120
package/dist/commands/github/fingerprintConfig.js +0 -13
package/dist/commands/github/processFingerprint.js +0 -28
package/dist/commands/github/projectGroup.js +0 -254
package/dist/commands/github/repoServices.js +0 -108
package/dist/commands/scan/processScan.js +0 -31
package/dist/lambda/__mocks__/aws.js +0 -21
package/dist/lambda/__mocks__/lambdaConfig.json +0 -42
package/src/audit/catalogueApplication/catalogueApplication.js +0 -51
package/src/audit/languageAnalysisEngine/commonApi.js +0 -20
package/src/audit/languageAnalysisEngine/filterProjectPath.js +0 -21
package/src/audit/languageAnalysisEngine/getProjectRootFilenames.js +0 -36
package/src/audit/languageAnalysisEngine/sendSnapshot.js +0 -57
package/src/audit/languageAnalysisEngine/util/requestUtils.js +0 -17
package/src/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js +0 -63
package/src/audit/report/commonReportingFunctions.js +0 -412
package/src/audit/report/models/reportGuidanceModel.ts +0 -5
package/src/audit/report/models/reportLibraryModel.ts +0 -30
package/src/audit/report/models/reportListModel.ts +0 -49
package/src/audit/report/models/reportOutputModel.ts +0 -29
package/src/audit/report/models/reportSeverityModel.ts +0 -18
package/src/audit/report/models/severityCountModel.ts +0 -22
package/src/audit/report/reportingFeature.ts +0 -110
package/src/audit/report/utils/reportUtils.ts +0 -165
package/src/audit/save.js +0 -67
package/src/cliConstants.js +0 -522
package/src/commands/audit/auditConfig.js +0 -18
package/src/commands/audit/auditController.js +0 -50
package/src/commands/audit/help.js +0 -72
package/src/commands/audit/processAudit.js +0 -34
package/src/commands/audit/saveFile.js +0 -15
package/src/commands/auth/auth.js +0 -146
package/src/commands/config/config.js +0 -41
package/src/commands/github/fingerprintConfig.js +0 -19
package/src/commands/github/processFingerprint.js +0 -37
package/src/commands/github/projectGroup.js +0 -294
package/src/commands/github/repoServices.js +0 -122
package/src/commands/learn/learn.js +0 -10
package/src/commands/learn/processLearn.js +0 -13
package/src/commands/scan/processScan.js +0 -42
package/src/common/HTTPClient.js +0 -775
package/src/common/baseRequest.ts +0 -83
package/src/common/commonHelp.js +0 -53
package/src/common/errorHandling.js +0 -157
package/src/common/fail.js +0 -79
package/src/common/versionChecker.js +0 -75
package/src/constants/constants.js +0 -71
package/src/constants/lambda.js +0 -85
package/src/constants/locales.js +0 -365
package/src/index.ts +0 -142
package/src/lambda/__mocks__/aws.ts +0 -32
package/src/lambda/__mocks__/lambdaConfig.json +0 -42
package/src/lambda/analytics.ts +0 -9
package/src/lambda/arn.ts +0 -33
package/src/lambda/aws.ts +0 -248
package/src/lambda/cliError.ts +0 -72
package/src/lambda/constants.ts +0 -11
package/src/lambda/help.ts +0 -92
package/src/lambda/lambda.ts +0 -230
package/src/lambda/lambdaUtils.ts +0 -111
package/src/lambda/logUtils.ts +0 -64
package/src/lambda/scanDetailCompletion.ts +0 -78
package/src/lambda/scanRequest.ts +0 -169
package/src/lambda/scanResults.ts +0 -29
package/src/lambda/types.ts +0 -36
package/src/lambda/utils.ts +0 -188
package/src/sbom/generateSbom.ts +0 -45
package/src/scaAnalysis/common/auditReport.js +0 -59
package/src/scaAnalysis/common/commonReportingFunctionsSca.js +0 -276
package/src/scaAnalysis/common/formatMessage.js +0 -67
package/src/scaAnalysis/common/models/ScaReportModel.ts +0 -81
package/src/scaAnalysis/common/scaParserForGoAndJava.js +0 -41
package/src/scaAnalysis/common/scaServicesUpload.js +0 -155
package/src/scaAnalysis/common/treeUpload.js +0 -51
package/src/scaAnalysis/common/utils/reportUtilsSca.ts +0 -123
package/src/scaAnalysis/dotnet/analysis.js +0 -72
package/src/scaAnalysis/dotnet/index.js +0 -11
package/src/scaAnalysis/go/goAnalysis.js +0 -26
package/src/scaAnalysis/go/goParseDeps.js +0 -203
package/src/scaAnalysis/go/goReadDepFile.js +0 -34
package/src/scaAnalysis/java/analysis.js +0 -148
package/src/scaAnalysis/java/index.js +0 -29
package/src/scaAnalysis/java/javaBuildDepsParser.js +0 -439
package/src/scaAnalysis/javascript/analysis.js +0 -111
package/src/scaAnalysis/javascript/index.js +0 -104
package/src/scaAnalysis/javascript/scaServiceParser.js +0 -151
package/src/scaAnalysis/legacy/legacyFlow.js +0 -43
package/src/scaAnalysis/php/analysis.js +0 -78
package/src/scaAnalysis/php/index.js +0 -28
package/src/scaAnalysis/php/phpNewServicesMapper.js +0 -77
package/src/scaAnalysis/processServicesFlow.js +0 -119
package/src/scaAnalysis/python/analysis.js +0 -93
package/src/scaAnalysis/python/index.js +0 -16
package/src/scaAnalysis/repoMode/gradleParser.js +0 -88
package/src/scaAnalysis/repoMode/index.js +0 -21
package/src/scaAnalysis/repoMode/mavenParser.js +0 -112
package/src/scaAnalysis/ruby/analysis.js +0 -413
package/src/scaAnalysis/ruby/index.js +0 -16
package/src/scaAnalysis/scaAnalysis.js +0 -171
package/src/scan/autoDetection.js +0 -175
package/src/scan/fileUtils.js +0 -206
package/src/scan/formatScanOutput.ts +0 -225
package/src/scan/help.js +0 -56
package/src/scan/models/groupedResultsModel.ts +0 -20
package/src/scan/models/resultContentModel.ts +0 -86
package/src/scan/models/scanResultsModel.ts +0 -55
package/src/scan/populateProjectIdAndProjectName.js +0 -73
package/src/scan/saveResults.js +0 -14
package/src/scan/scan.ts +0 -68
package/src/scan/scanConfig.js +0 -58
package/src/scan/scanController.js +0 -98
package/src/scan/scanResults.js +0 -171
package/src/telemetry/telemetry.ts +0 -154
package/src/utils/capabilities.js +0 -12
package/src/utils/commonApi.js +0 -103
package/src/utils/filterProjectPath.js +0 -25
package/src/utils/generalAPI.js +0 -52
package/src/utils/getConfig.ts +0 -34
package/src/utils/oraWrapper.js +0 -29
package/src/utils/paramsUtil/commandlineParams.js +0 -12
package/src/utils/paramsUtil/configStoreParams.js +0 -19
package/src/utils/paramsUtil/envVariableParams.js +0 -10
package/src/utils/paramsUtil/paramHandler.js +0 -38
package/src/utils/parsedCLIOptions.js +0 -32
package/src/utils/requestUtils.js +0 -29
package/src/utils/saveFile.js +0 -20
package/src/utils/validationCheck.js +0 -39

package/src/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js DELETED Viewed

@@ -1,63 +0,0 @@
-const i18n = require('i18n')
-module.exports = exports = ({ language: { lockFilename }, node }, next) => {
-  // If we never read the lock file or its an earlier version then pass priority
-  if (node.rawYarnLockFileContents == undefined || node.yarnVersion == 1) {
-    next()
-  } else {
-    try {
-      node.yarnLockFile = {}
-      node.yarnLockFile['object'] = node.rawYarnLockFileContents
-      delete node.yarnLockFile['object'].__metadata
-      node.yarnLockFile['type'] = 'success'
-      Object.entries(node.rawYarnLockFileContents).forEach(([key, value]) => {
-        const rawKeyNames = key.split(',')
-        const keyNames = formatKey(rawKeyNames)
-        keyNames.forEach(name => {
-          node.yarnLockFile.object[name] = value
-        })
-      })
-    } catch (err) {
-      next(
-        new Error(
-          i18n.__('NodeParseYarn2', lockFilename.lockFilePath) +
-            `${err.message}`
-        )
-      )
-      return
-    }
-    next()
-  }
-}
-function formatKey(keyNames) {
-  let name = ''
-  let formattedNames = []
-  keyNames.forEach(dummyString => {
-    let nameArr = dummyString.split('@')
-    if (nameArr.length > 1) {
-      if (nameArr.length == 2) {
-        name = nameArr[0]
-      }
-      if (nameArr.length == 3) {
-        name = '@' + nameArr[1]
-      }
-      let version = dummyString.split(':').pop('')
-      if (version.length == 1 && version != '*') {
-        version = version + '.0'
-      }
-      let reformattedKey = name.trim() + '@' + version
-      formattedNames.push(reformattedKey)
-    }
-  })
-  return formattedNames
-}
-exports.formatKey = formatKey

package/src/audit/report/commonReportingFunctions.js DELETED Viewed

@@ -1,412 +0,0 @@
-const commonApi = require('../../utils/commonApi')
-const {
-  ReportCompositeKey,
-  ReportList,
-  ReportModelStructure
-} = require('./models/reportListModel')
-const { orderBy } = require('lodash')
-const chalk = require('chalk')
-const {
-  countVulnerableLibrariesBySeverity,
-  orderByHighestPriority,
-  findHighestSeverityCVE,
-  findNameAndVersion,
-  severityCountAllCVEs,
-  findCVESeverity
-} = require('./utils/reportUtils')
-const { SeverityCountModel } = require('./models/severityCountModel')
-const {
-  ReportOutputBodyModel,
-  ReportOutputHeaderModel,
-  ReportOutputModel
-} = require('./models/reportOutputModel')
-const {
-  CE_URL,
-  CRITICAL_COLOUR,
-  HIGH_COLOUR,
-  LOW_COLOUR,
-  MEDIUM_COLOUR,
-  NOTE_COLOUR
-} = require('../../constants/constants')
-const Table = require('cli-table3')
-const { ReportGuidanceModel } = require('./models/reportGuidanceModel')
-const i18n = require('i18n')
-const createSummaryMessageTop = (numberOfVulnerableLibraries, numberOfCves) => {
-  numberOfVulnerableLibraries === 1
-    ? console.log(`Found 1 vulnerable library containing ${numberOfCves} CVE`)
-    : console.log(
-        `Found ${numberOfVulnerableLibraries} vulnerable libraries containing ${numberOfCves} CVEs`
-      )
-}
-const createSummaryMessageBottom = numberOfVulnerableLibraries => {
-  numberOfVulnerableLibraries === 1
-    ? console.log(`Found 1 vulnerability`)
-    : console.log(`Found ${numberOfVulnerableLibraries} vulnerabilities`)
-}
-const getReport = async (config, reportId) => {
-  const client = commonApi.getHttpClient(config)
-  return client
-    .getReportById(config, reportId)
-    .then(res => {
-      if (res.statusCode === 200) {
-        return res.body
-      } else {
-        console.log(JSON.stringify(res.statusCode))
-        commonApi.handleResponseErrors(res, 'report')
-      }
-    })
-    .catch(err => {
-      console.log(err)
-    })
-}
-const printVulnerabilityResponse = (
-  config,
-  vulnerableLibraries,
-  numberOfVulnerableLibraries,
-  numberOfCves,
-  guidance
-) => {
-  let hasSomeVulnerabilitiesReported = false
-  printFormattedOutput(
-    config,
-    vulnerableLibraries,
-    numberOfVulnerableLibraries,
-    numberOfCves,
-    guidance
-  )
-  if (Object.keys(vulnerableLibraries).length > 0) {
-    hasSomeVulnerabilitiesReported = true
-  }
-  return hasSomeVulnerabilitiesReported
-}
-const printFormattedOutput = (
-  config,
-  libraries,
-  numberOfVulnerableLibraries,
-  numberOfCves,
-  guidance
-) => {
-  createSummaryMessageTop(numberOfVulnerableLibraries, numberOfCves)
-  console.log()
-  const report = new ReportList()
-  for (const library of libraries) {
-    const { name, version } = findNameAndVersion(library, config)
-    const newOutputModel = new ReportModelStructure(
-      new ReportCompositeKey(
-        name,
-        version,
-        findHighestSeverityCVE(library.cveArray),
-        severityCountAllCVEs(
-          library.cveArray,
-          new SeverityCountModel()
-        ).getTotal
-      ),
-      library.cveArray,
-      null
-    )
-    report.reportOutputList.push(newOutputModel)
-  }
-  const outputOrderedByLowestSeverityAndLowestNumOfCvesFirst = orderBy(
-    report.reportOutputList,
-    [
-      reportListItem => {
-        return reportListItem.compositeKey.highestSeverity.priority
-      },
-      reportListItem => {
-        return reportListItem.compositeKey.numberOfSeverities
-      }
-    ],
-    ['asc', 'desc']
-  )
-  let contrastHeaderNumCounter = 0
-  for (const reportModel of outputOrderedByLowestSeverityAndLowestNumOfCvesFirst) {
-    contrastHeaderNumCounter++
-    const { libraryName, libraryVersion, highestSeverity } =
-      reportModel.compositeKey
-    const numOfCVEs = reportModel.cveArray.length
-    const table = getReportTable()
-    const header = buildHeader(
-      highestSeverity,
-      contrastHeaderNumCounter,
-      libraryName,
-      libraryVersion,
-      numOfCVEs
-    )
-    const advice = gatherRemediationAdvice(
-      guidance,
-      libraryName,
-      libraryVersion
-    )
-    const body = buildBody(reportModel.cveArray, advice)
-    const reportOutputModel = new ReportOutputModel(header, body)
-    table.push(
-      reportOutputModel.body.issueMessage,
-      reportOutputModel.body.adviceMessage
-    )
-    console.log(
-      reportOutputModel.header.vulnMessage,
-      reportOutputModel.header.introducesMessage
-    )
-    console.log(table.toString() + '\n')
-  }
-  createSummaryMessageBottom(numberOfVulnerableLibraries)
-  const {
-    criticalMessage,
-    highMessage,
-    mediumMessage,
-    lowMessage,
-    noteMessage
-  } = buildFooter(outputOrderedByLowestSeverityAndLowestNumOfCvesFirst)
-  console.log(
-    `${criticalMessage} | ${highMessage} | ${mediumMessage} | ${lowMessage} | ${noteMessage}`
-  )
-  if (config.host !== CE_URL) {
-    console.log(
-      '\n' + chalk.bold('View your full dependency tree in Contrast:')
-    )
-    console.log(
-      `${config.host}/Contrast/static/ng/index.html#/${config.organizationId}/applications/${config.applicationId}/libs/dependency-tree`
-    )
-  }
-}
-function getReportTable() {
-  return new Table({
-    chars: {
-      top: '',
-      'top-mid': '',
-      'top-left': '',
-      'top-right': '',
-      bottom: '',
-      'bottom-mid': '',
-      'bottom-left': '',
-      'bottom-right': '',
-      left: '',
-      'left-mid': '',
-      mid: '',
-      'mid-mid': '',
-      right: '',
-      'right-mid': '',
-      middle: ' '
-    },
-    style: { 'padding-left': 0, 'padding-right': 0 },
-    colAligns: ['right'],
-    wordWrap: true,
-    colWidths: [12, 1, 100]
-  })
-}
-function buildHeader(
-  highestSeverity,
-  contrastHeaderNum,
-  libraryName,
-  version,
-  numOfCVEs
-) {
-  const vulnerabilityPluralised =
-    numOfCVEs > 1 ? 'vulnerabilities' : 'vulnerability'
-  const formattedHeaderNum = buildFormattedHeaderNum(contrastHeaderNum)
-  const headerColour = chalk.hex(highestSeverity.colour)
-  const headerNumAndSeverity = headerColour(
-    `${formattedHeaderNum} - [${highestSeverity.severity}]`
-  )
-  const libraryNameAndVersion = headerColour.bold(`${libraryName}-${version}`)
-  const vulnMessage = `${headerNumAndSeverity} ${libraryNameAndVersion}`
-  const introducesMessage = `introduces ${numOfCVEs} ${vulnerabilityPluralised}`
-  return new ReportOutputHeaderModel(vulnMessage, introducesMessage)
-}
-function buildBody(cveArray, advice) {
-  const orderedCvesWithSeverityAssigned = orderByHighestPriority(
-    cveArray.map(cve => findCVESeverity(cve))
-  )
-  const issueMessage = getIssueRow(orderedCvesWithSeverityAssigned)
-  //todo different advice based on remediationGuidance being available or now
-  // console.log(advice)
-  const minOrMax = advice.minimum ? advice.minimum : advice.maximum
-  const displayAdvice = minOrMax
-    ? `Change to version ${chalk.bold(minOrMax)}`
-    : 'No recommendation is available according to our data. Upgrade to the latest stable is the best advice we can give.'
-  const adviceMessage = [chalk.bold('Advice'), ':', displayAdvice]
-  return new ReportOutputBodyModel(issueMessage, adviceMessage)
-}
-function getIssueRow(cveArray) {
-  const cveMessagesList = getIssueCveMsgList(cveArray)
-  return [chalk.bold('Issue'), ':', `${cveMessagesList.join(', ')}`]
-}
-function gatherRemediationAdvice(guidance, libraryName, libraryVersion) {
-  const guidanceModel = new ReportGuidanceModel()
-  const data = guidance[libraryName + '@' + libraryVersion]
-  if (data) {
-    guidanceModel.minimum = data.minUpgradeVersion
-    guidanceModel.maximum = data.maxUpgradeVersion
-  }
-  return guidanceModel
-}
-function buildFormattedHeaderNum(contrastHeaderNum) {
-  return `CONTRAST-${contrastHeaderNum.toString().padStart(3, '0')}`
-}
-const buildFooter = reportModelStructure => {
-  const { critical, high, medium, low, note } =
-    countVulnerableLibrariesBySeverity(reportModelStructure)
-  const criticalMessage = chalk
-    .hex(CRITICAL_COLOUR)
-    .bold(`${critical} Critical`)
-  const highMessage = chalk.hex(HIGH_COLOUR).bold(`${high} High`)
-  const mediumMessage = chalk.hex(MEDIUM_COLOUR).bold(`${medium} Medium`)
-  const lowMessage = chalk.hex(LOW_COLOUR).bold(`${low} Low`)
-  const noteMessage = chalk.hex(NOTE_COLOUR).bold(`${note} Note`)
-  return {
-    criticalMessage,
-    highMessage,
-    mediumMessage,
-    lowMessage,
-    noteMessage
-  }
-}
-const getIssueCveMsgList = results => {
-  const cveMessages = []
-  results.forEach(reportSeverityModel => {
-    const { colour, severity, name } = reportSeverityModel
-    const severityShorthand = chalk
-      .hex(colour)
-      .bold(`[${severity.charAt(0).toUpperCase()}]`)
-    const builtMessage = severityShorthand + name
-    cveMessages.push(builtMessage)
-  })
-  return cveMessages
-}
-const getSeverityCounts = results => {
-  const acc = {
-    critical: 0,
-    high: 0,
-    medium: 0,
-    low: 0,
-    note: 0,
-    total: 0
-  }
-  if (results && results.length > 0) {
-    results.forEach(i => {
-      acc[i.severity.toLowerCase()] += 1
-      acc.total += 1
-      return acc
-    })
-  }
-  return acc
-}
-const printNoVulnFoundMsg = () => {
-  console.log(i18n.__('scanNoVulnerabilitiesFound'))
-  console.log(i18n.__('scanNoVulnerabilitiesFoundSecureCode'))
-  console.log(i18n.__('scanNoVulnerabilitiesFoundGoodWork'))
-  console.log(chalk.bold(`Found 0 vulnerabilities`))
-  console.log(
-    i18n.__(
-      'foundDetailedVulnerabilities',
-      String(0),
-      String(0),
-      String(0),
-      String(0),
-      String(0)
-    )
-  )
-}
-const printVulnInfo = projectOverview => {
-  const totalVulnerabilities = projectOverview.total
-  createSummaryMessageBottom(totalVulnerabilities)
-  const formattedValues = severityFormatted(projectOverview)
-  console.log(
-    i18n.__(
-      'foundDetailedVulnerabilities',
-      String(formattedValues.criticalFormatted),
-      String(formattedValues.highFormatted),
-      String(formattedValues.mediumFormatted),
-      String(formattedValues.lowFormatted),
-      String(formattedValues.noteFormatted)
-    )
-  )
-}
-const severityFormatted = projectOverview => {
-  const criticalFormatted = chalk
-    .hex(CRITICAL_COLOUR)
-    .bold(`${projectOverview.critical} Critical`)
-  const highFormatted = chalk
-    .hex(HIGH_COLOUR)
-    .bold(`${projectOverview.high} High`)
-  const mediumFormatted = chalk
-    .hex(MEDIUM_COLOUR)
-    .bold(`${projectOverview.medium} Medium`)
-  const lowFormatted = chalk.hex(LOW_COLOUR).bold(`${projectOverview.low} Low`)
-  const noteFormatted = chalk
-    .hex(NOTE_COLOUR)
-    .bold(`${projectOverview.note} Note`)
-  return {
-    criticalFormatted,
-    highFormatted,
-    mediumFormatted,
-    lowFormatted,
-    noteFormatted
-  }
-}
-module.exports = {
-  createSummaryMessageTop,
-  getReport,
-  createSummaryMessageBottom,
-  printVulnerabilityResponse,
-  printFormattedOutput,
-  getReportTable,
-  buildHeader,
-  buildBody,
-  getIssueRow,
-  gatherRemediationAdvice,
-  buildFormattedHeaderNum,
-  getIssueCveMsgList,
-  getSeverityCounts,
-  printNoVulnFoundMsg,
-  printVulnInfo
-}

package/src/audit/report/models/reportGuidanceModel.ts DELETED Viewed

@@ -1,5 +0,0 @@
-export class ReportGuidanceModel {
-  minimum?: string
-  maximum?: string
-  latest?: string
-}

package/src/audit/report/models/reportLibraryModel.ts DELETED Viewed

@@ -1,30 +0,0 @@
-export class ReportLibraryModel {
-  name: string
-  cveArray: ReportCVEModel[]
-  constructor(name: string, cveArray: ReportCVEModel[]) {
-    this.name = name
-    this.cveArray = cveArray
-  }
-}
-export class ReportCVEModel {
-  name?: string
-  description?: string
-  authentication?: string
-  references?: []
-  severityCode?: string
-  cvss3SeverityCode?: string
-  constructor(
-    name: string,
-    description: string,
-    severityCode: string,
-    cvss3SeverityCode: string
-  ) {
-    this.name = name
-    this.description = description
-    this.severityCode = severityCode
-    this.cvss3SeverityCode = cvss3SeverityCode
-  }
-}

package/src/audit/report/models/reportListModel.ts DELETED Viewed

@@ -1,49 +0,0 @@
-import { ReportSeverityModel } from './reportSeverityModel'
-import { ReportCVEModel } from './reportLibraryModel'
-import {
-  ScaReportRemediationAdviceModel,
-  ScaReportVulnerabilityModel
-} from '../../../scaAnalysis/common/models/ScaReportModel'
-export class ReportList {
-  reportOutputList: ReportModelStructure[]
-  constructor() {
-    this.reportOutputList = []
-  }
-}
-export class ReportModelStructure {
-  compositeKey: ReportCompositeKey
-  cveArray: ReportCVEModel[] | ScaReportVulnerabilityModel[]
-  remediationAdvice: ScaReportRemediationAdviceModel | null
-  constructor(
-    compositeKey: ReportCompositeKey,
-    cveArray: ReportCVEModel[] | ScaReportVulnerabilityModel[],
-    remediationAdvice: ScaReportRemediationAdviceModel | null
-  ) {
-    this.compositeKey = compositeKey
-    this.cveArray = cveArray
-    this.remediationAdvice = remediationAdvice
-  }
-}
-export class ReportCompositeKey {
-  libraryName!: string
-  libraryVersion!: string
-  highestSeverity!: ReportSeverityModel
-  numberOfSeverities!: number
-  constructor(
-    libraryName: string,
-    libraryVersion: string,
-    highestSeverity: ReportSeverityModel,
-    numberOfSeverities: number
-  ) {
-    this.libraryName = libraryName
-    this.libraryVersion = libraryVersion
-    this.highestSeverity = highestSeverity
-    this.numberOfSeverities = numberOfSeverities
-  }
-}

package/src/audit/report/models/reportOutputModel.ts DELETED Viewed

@@ -1,29 +0,0 @@
-export class ReportOutputModel {
-  header: ReportOutputHeaderModel
-  body: ReportOutputBodyModel
-  constructor(header: ReportOutputHeaderModel, body: ReportOutputBodyModel) {
-    this.header = header
-    this.body = body
-  }
-}
-export class ReportOutputHeaderModel {
-  vulnMessage: string
-  introducesMessage: string
-  constructor(vulnMessage: string, introducesMessage: string) {
-    this.vulnMessage = vulnMessage
-    this.introducesMessage = introducesMessage
-  }
-}
-export class ReportOutputBodyModel {
-  issueMessage: string[]
-  adviceMessage: string[]
-  constructor(issueMessage: string[], adviceMessage: string[]) {
-    this.issueMessage = issueMessage
-    this.adviceMessage = adviceMessage
-  }
-}

package/src/audit/report/models/reportSeverityModel.ts DELETED Viewed

@@ -1,18 +0,0 @@
-export class ReportSeverityModel {
-  severity: string
-  priority: number
-  colour: string
-  name: string
-  constructor(
-    severity: string,
-    priority: number,
-    colour: string,
-    name: string
-  ) {
-    this.severity = severity
-    this.priority = priority
-    this.colour = colour
-    this.name = name
-  }
-}

package/src/audit/report/models/severityCountModel.ts DELETED Viewed

@@ -1,22 +0,0 @@
-export class SeverityCountModel {
-  critical!: number
-  high!: number
-  medium!: number
-  low!: number
-  note!: number
-  total!: number
-  //needed as default to stop NaN when new object constructed
-  constructor() {
-    this.critical = 0
-    this.high = 0
-    this.medium = 0
-    this.low = 0
-    this.note = 0
-    this.total = 0
-  }
-  get getTotal(): number {
-    return this.critical + this.high + this.medium + this.low + this.note
-  }
-}