@contrast/contrast 2.0.2-beta.0 → 2.0.2-beta.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +2 -1
- package/dist/assess/assessConfig.js +9 -0
- package/dist/assess/assessConfig.js.map +1 -0
- package/dist/assess/help.js +37 -0
- package/dist/assess/help.js.map +1 -0
- package/dist/assess/http/index.js +39 -0
- package/dist/assess/http/index.js.map +1 -0
- package/dist/assess/index.js +69 -0
- package/dist/assess/index.js.map +1 -0
- package/dist/assess/metadata/findYamlFile.js +59 -0
- package/dist/assess/metadata/findYamlFile.js.map +1 -0
- package/dist/assess/metadata/index.js +37 -0
- package/dist/assess/metadata/index.js.map +1 -0
- package/dist/assess/metadata/utils.js +159 -0
- package/dist/assess/metadata/utils.js.map +1 -0
- package/dist/assess/printing/index.js +11 -0
- package/dist/assess/printing/index.js.map +1 -0
- package/dist/assess/printing/utils.js +119 -0
- package/dist/assess/printing/utils.js.map +1 -0
- package/dist/audit/auditConfig.js +9 -0
- package/dist/audit/auditConfig.js.map +1 -0
- package/dist/{commands/audit → audit}/auditController.js +9 -13
- package/dist/audit/auditController.js.map +1 -0
- package/dist/audit/auditRequests.js +193 -0
- package/dist/audit/auditRequests.js.map +1 -0
- package/dist/audit/auditRequestsLegacy.js +63 -0
- package/dist/audit/auditRequestsLegacy.js.map +1 -0
- package/dist/audit/catalogueApplication/catalogueApplication.js +16 -29
- package/dist/audit/catalogueApplication/catalogueApplication.js.map +1 -0
- package/dist/audit/help.js +68 -0
- package/dist/audit/help.js.map +1 -0
- package/dist/audit/languageAnalysisEngine/commonApi.js +12 -14
- package/dist/audit/languageAnalysisEngine/commonApi.js.map +1 -0
- package/dist/audit/languageAnalysisEngine/filterProjectPath.js +2 -1
- package/dist/audit/languageAnalysisEngine/filterProjectPath.js.map +1 -0
- package/dist/audit/languageAnalysisEngine/getProjectRootFilenames.js +9 -12
- package/dist/audit/languageAnalysisEngine/getProjectRootFilenames.js.map +1 -0
- package/dist/audit/languageAnalysisEngine/sendSnapshot.js +18 -30
- package/dist/audit/languageAnalysisEngine/sendSnapshot.js.map +1 -0
- package/dist/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js +9 -9
- package/dist/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js.map +1 -0
- package/dist/audit/processAudit.js +21 -0
- package/dist/audit/processAudit.js.map +1 -0
- package/dist/audit/report/commonReportingFunctions.js +33 -61
- package/dist/audit/report/commonReportingFunctions.js.map +1 -0
- package/dist/audit/report/models/reportGuidanceModel.js +2 -5
- package/dist/audit/report/models/reportGuidanceModel.js.map +1 -0
- package/dist/audit/report/models/reportLibraryModel.js +3 -7
- package/dist/audit/report/models/reportLibraryModel.js.map +1 -0
- package/dist/audit/report/models/reportListModel.js +4 -9
- package/dist/audit/report/models/reportListModel.js.map +1 -0
- package/dist/audit/report/models/reportOutputModel.js +4 -9
- package/dist/audit/report/models/reportOutputModel.js.map +1 -0
- package/dist/audit/report/models/reportSeverityModel.js +2 -5
- package/dist/audit/report/models/reportSeverityModel.js.map +1 -0
- package/dist/audit/report/models/severityCountModel.js +3 -5
- package/dist/audit/report/models/severityCountModel.js.map +1 -0
- package/dist/audit/report/reportingFeature.js +27 -55
- package/dist/audit/report/reportingFeature.js.map +1 -0
- package/dist/audit/report/utils/reportUtils.js +28 -59
- package/dist/audit/report/utils/reportUtils.js.map +1 -0
- package/dist/audit/save.js +14 -16
- package/dist/audit/save.js.map +1 -0
- package/dist/{commands/audit → audit}/saveFile.js +3 -6
- package/dist/audit/saveFile.js.map +1 -0
- package/dist/auth/auth.js +103 -0
- package/dist/auth/auth.js.map +1 -0
- package/dist/auth/authRequests.js +18 -0
- package/dist/auth/authRequests.js.map +1 -0
- package/dist/cliConstants.js +48 -18
- package/dist/cliConstants.js.map +1 -0
- package/dist/commands/config/config.js +12 -13
- package/dist/commands/config/config.js.map +1 -0
- package/dist/commands/learn/learn.js +3 -6
- package/dist/commands/learn/learn.js.map +1 -0
- package/dist/commands/learn/processLearn.js +3 -6
- package/dist/commands/learn/processLearn.js.map +1 -0
- package/dist/common/HTTPClient.js +193 -94
- package/dist/common/HTTPClient.js.map +1 -0
- package/dist/{scan → common}/autoDetection.js +53 -36
- package/dist/common/autoDetection.js.map +1 -0
- package/dist/common/baseRequest.js +59 -23
- package/dist/common/baseRequest.js.map +1 -0
- package/dist/common/commonHelp.js +13 -13
- package/dist/common/commonHelp.js.map +1 -0
- package/dist/common/errorHandling.js +49 -63
- package/dist/common/errorHandling.js.map +1 -0
- package/dist/common/fail.js +6 -12
- package/dist/common/fail.js.map +1 -0
- package/dist/common/stringManipulations.js +8 -0
- package/dist/common/stringManipulations.js.map +1 -0
- package/dist/common/versionChecker.js +16 -19
- package/dist/common/versionChecker.js.map +1 -0
- package/dist/constants/constants.js +46 -65
- package/dist/constants/constants.js.map +1 -0
- package/dist/constants/lambda.js +8 -5
- package/dist/constants/lambda.js.map +1 -0
- package/dist/constants/locales.js +14 -10
- package/dist/constants/locales.js.map +1 -0
- package/dist/github/fingerprintConfig.js +10 -0
- package/dist/github/fingerprintConfig.js.map +1 -0
- package/dist/github/processFingerprint.js +25 -0
- package/dist/github/processFingerprint.js.map +1 -0
- package/dist/github/projectGroup.js +225 -0
- package/dist/github/projectGroup.js.map +1 -0
- package/dist/github/repoServices.js +91 -0
- package/dist/github/repoServices.js.map +1 -0
- package/dist/index.js +42 -39
- package/dist/index.js.map +1 -0
- package/dist/lambda/analytics.js +6 -9
- package/dist/lambda/analytics.js.map +1 -0
- package/dist/lambda/arn.js +6 -9
- package/dist/lambda/arn.js.map +1 -0
- package/dist/lambda/aws.js +29 -34
- package/dist/lambda/aws.js.map +1 -0
- package/dist/lambda/cliError.js +13 -41
- package/dist/lambda/cliError.js.map +1 -0
- package/dist/lambda/constants.js +3 -4
- package/dist/lambda/constants.js.map +1 -0
- package/dist/lambda/help.js +39 -44
- package/dist/lambda/help.js.map +1 -0
- package/dist/lambda/lambda.js +61 -65
- package/dist/lambda/lambda.js.map +1 -0
- package/dist/lambda/lambdaUtils.js +38 -32
- package/dist/lambda/lambdaUtils.js.map +1 -0
- package/dist/lambda/logUtils.js +21 -17
- package/dist/lambda/logUtils.js.map +1 -0
- package/dist/lambda/scanDetailCompletion.js +19 -25
- package/dist/lambda/scanDetailCompletion.js.map +1 -0
- package/dist/lambda/scanRequest.js +34 -41
- package/dist/lambda/scanRequest.js.map +1 -0
- package/dist/lambda/scanResults.js +8 -10
- package/dist/lambda/scanResults.js.map +1 -0
- package/dist/lambda/types.js +5 -7
- package/dist/lambda/types.js.map +1 -0
- package/dist/lambda/utils.js +33 -35
- package/dist/lambda/utils.js.map +1 -0
- package/dist/sbom/generateSbom.js +6 -10
- package/dist/sbom/generateSbom.js.map +1 -0
- package/dist/scaAnalysis/common/auditReport.js +8 -12
- package/dist/scaAnalysis/common/auditReport.js.map +1 -0
- package/dist/scaAnalysis/common/commonReportingFunctionsSca.js +26 -32
- package/dist/scaAnalysis/common/commonReportingFunctionsSca.js.map +1 -0
- package/dist/scaAnalysis/common/formatMessage.js +8 -17
- package/dist/scaAnalysis/common/formatMessage.js.map +1 -0
- package/dist/scaAnalysis/common/models/ScaReportModel.js +4 -9
- package/dist/scaAnalysis/common/models/ScaReportModel.js.map +1 -0
- package/dist/scaAnalysis/common/scaParserForGoAndJava.js +10 -9
- package/dist/scaAnalysis/common/scaParserForGoAndJava.js.map +1 -0
- package/dist/scaAnalysis/common/scaServicesUpload.js +59 -90
- package/dist/scaAnalysis/common/scaServicesUpload.js.map +1 -0
- package/dist/scaAnalysis/common/treeUpload.js +15 -25
- package/dist/scaAnalysis/common/treeUpload.js.map +1 -0
- package/dist/scaAnalysis/common/utils/reportUtilsSca.js +21 -29
- package/dist/scaAnalysis/common/utils/reportUtilsSca.js.map +1 -0
- package/dist/scaAnalysis/dotnet/analysis.js +12 -18
- package/dist/scaAnalysis/dotnet/analysis.js.map +1 -0
- package/dist/scaAnalysis/dotnet/index.js +4 -7
- package/dist/scaAnalysis/dotnet/index.js.map +1 -0
- package/dist/scaAnalysis/go/goAnalysis.js +8 -11
- package/dist/scaAnalysis/go/goAnalysis.js.map +1 -0
- package/dist/scaAnalysis/go/goParseDeps.js +9 -7
- package/dist/scaAnalysis/go/goParseDeps.js.map +1 -0
- package/dist/scaAnalysis/go/goReadDepFile.js +10 -8
- package/dist/scaAnalysis/go/goReadDepFile.js.map +1 -0
- package/dist/scaAnalysis/java/analysis.js +23 -20
- package/dist/scaAnalysis/java/analysis.js.map +1 -0
- package/dist/scaAnalysis/java/index.js +7 -10
- package/dist/scaAnalysis/java/index.js.map +1 -0
- package/dist/scaAnalysis/java/javaBuildDepsParser.js +43 -43
- package/dist/scaAnalysis/java/javaBuildDepsParser.js.map +1 -0
- package/dist/scaAnalysis/javascript/analysis.js +16 -20
- package/dist/scaAnalysis/javascript/analysis.js.map +1 -0
- package/dist/scaAnalysis/javascript/index.js +17 -19
- package/dist/scaAnalysis/javascript/index.js.map +1 -0
- package/dist/scaAnalysis/javascript/scaServiceParser.js +8 -15
- package/dist/scaAnalysis/javascript/scaServiceParser.js.map +1 -0
- package/dist/scaAnalysis/legacy/legacyFlow.js +13 -15
- package/dist/scaAnalysis/legacy/legacyFlow.js.map +1 -0
- package/dist/scaAnalysis/php/analysis.js +15 -16
- package/dist/scaAnalysis/php/analysis.js.map +1 -0
- package/dist/scaAnalysis/php/index.js +5 -8
- package/dist/scaAnalysis/php/index.js.map +1 -0
- package/dist/scaAnalysis/php/phpNewServicesMapper.js +9 -12
- package/dist/scaAnalysis/php/phpNewServicesMapper.js.map +1 -0
- package/dist/scaAnalysis/processServicesFlow.js +86 -32
- package/dist/scaAnalysis/processServicesFlow.js.map +1 -0
- package/dist/scaAnalysis/python/analysis.js +16 -23
- package/dist/scaAnalysis/python/analysis.js.map +1 -0
- package/dist/scaAnalysis/python/index.js +4 -7
- package/dist/scaAnalysis/python/index.js.map +1 -0
- package/dist/scaAnalysis/repoMode/gradleParser.js +7 -13
- package/dist/scaAnalysis/repoMode/gradleParser.js.map +1 -0
- package/dist/scaAnalysis/repoMode/index.js +9 -12
- package/dist/scaAnalysis/repoMode/index.js.map +1 -0
- package/dist/scaAnalysis/repoMode/mavenParser.js +109 -73
- package/dist/scaAnalysis/repoMode/mavenParser.js.map +1 -0
- package/dist/scaAnalysis/ruby/analysis.js +32 -46
- package/dist/scaAnalysis/ruby/analysis.js.map +1 -0
- package/dist/scaAnalysis/ruby/index.js +5 -8
- package/dist/scaAnalysis/ruby/index.js.map +1 -0
- package/dist/scaAnalysis/scaAnalysis.js +49 -51
- package/dist/scaAnalysis/scaAnalysis.js.map +1 -0
- package/dist/scan/fileUtils.js +36 -40
- package/dist/scan/fileUtils.js.map +1 -0
- package/dist/scan/formatScanOutput.js +47 -61
- package/dist/scan/formatScanOutput.js.map +1 -0
- package/dist/scan/help.js +8 -11
- package/dist/scan/help.js.map +1 -0
- package/dist/scan/models/groupedResultsModel.js +2 -5
- package/dist/scan/models/groupedResultsModel.js.map +1 -0
- package/dist/scan/models/resultContentModel.js +2 -2
- package/dist/scan/models/resultContentModel.js.map +1 -0
- package/dist/scan/models/scanResultsModel.js +2 -5
- package/dist/scan/models/scanResultsModel.js.map +1 -0
- package/dist/scan/populateProjectIdAndProjectName.js +22 -60
- package/dist/scan/populateProjectIdAndProjectName.js.map +1 -0
- package/dist/scan/processScan.js +28 -0
- package/dist/scan/processScan.js.map +1 -0
- package/dist/scan/saveResults.js +3 -6
- package/dist/scan/saveResults.js.map +1 -0
- package/dist/scan/scan.js +33 -53
- package/dist/scan/scan.js.map +1 -0
- package/dist/scan/scanConfig.js +14 -12
- package/dist/scan/scanConfig.js.map +1 -0
- package/dist/scan/scanController.js +19 -21
- package/dist/scan/scanController.js.map +1 -0
- package/dist/scan/scanRequests.js +86 -0
- package/dist/scan/scanRequests.js.map +1 -0
- package/dist/scan/scanResults.js +26 -72
- package/dist/scan/scanResults.js.map +1 -0
- package/dist/telemetry/telemetry.js +29 -59
- package/dist/telemetry/telemetry.js.map +1 -0
- package/dist/utils/capabilities.js +2 -1
- package/dist/utils/capabilities.js.map +1 -0
- package/dist/utils/commonApi.js +58 -50
- package/dist/utils/commonApi.js.map +1 -0
- package/dist/utils/filterProjectPath.js +2 -1
- package/dist/utils/filterProjectPath.js.map +1 -0
- package/dist/utils/generalAPI.js +11 -33
- package/dist/utils/generalAPI.js.map +1 -0
- package/dist/utils/getConfig.js +8 -13
- package/dist/utils/getConfig.js.map +1 -0
- package/dist/utils/oraWrapper.js +7 -14
- package/dist/utils/oraWrapper.js.map +1 -0
- package/dist/utils/paramsUtil/commandlineParams.js +2 -5
- package/dist/utils/paramsUtil/commandlineParams.js.map +1 -0
- package/dist/utils/paramsUtil/configStoreParams.js +9 -10
- package/dist/utils/paramsUtil/configStoreParams.js.map +1 -0
- package/dist/utils/paramsUtil/envVariableParams.js +2 -3
- package/dist/utils/paramsUtil/envVariableParams.js.map +1 -0
- package/dist/utils/paramsUtil/paramHandler.js +12 -13
- package/dist/utils/paramsUtil/paramHandler.js.map +1 -0
- package/dist/utils/parsedCLIOptions.js +4 -7
- package/dist/utils/parsedCLIOptions.js.map +1 -0
- package/dist/utils/requestUtils.js +7 -13
- package/dist/utils/requestUtils.js.map +1 -0
- package/dist/utils/saveFile.js +8 -11
- package/dist/utils/saveFile.js.map +1 -0
- package/dist/utils/validationCheck.js +5 -11
- package/dist/utils/validationCheck.js.map +1 -0
- package/package.json +40 -48
- package/.prettierignore +0 -1
- package/bin/contrast.js +0 -2
- package/dist/audit/languageAnalysisEngine/util/requestUtils.js +0 -14
- package/dist/commands/audit/auditConfig.js +0 -12
- package/dist/commands/audit/help.js +0 -70
- package/dist/commands/audit/processAudit.js +0 -24
- package/dist/commands/auth/auth.js +0 -120
- package/dist/commands/github/fingerprintConfig.js +0 -13
- package/dist/commands/github/processFingerprint.js +0 -28
- package/dist/commands/github/projectGroup.js +0 -254
- package/dist/commands/github/repoServices.js +0 -108
- package/dist/commands/scan/processScan.js +0 -31
- package/dist/lambda/__mocks__/aws.js +0 -21
- package/dist/lambda/__mocks__/lambdaConfig.json +0 -42
- package/src/audit/catalogueApplication/catalogueApplication.js +0 -51
- package/src/audit/languageAnalysisEngine/commonApi.js +0 -20
- package/src/audit/languageAnalysisEngine/filterProjectPath.js +0 -21
- package/src/audit/languageAnalysisEngine/getProjectRootFilenames.js +0 -36
- package/src/audit/languageAnalysisEngine/sendSnapshot.js +0 -57
- package/src/audit/languageAnalysisEngine/util/requestUtils.js +0 -17
- package/src/audit/nodeAnalysisEngine/parseYarn2LockFileContents.js +0 -63
- package/src/audit/report/commonReportingFunctions.js +0 -412
- package/src/audit/report/models/reportGuidanceModel.ts +0 -5
- package/src/audit/report/models/reportLibraryModel.ts +0 -30
- package/src/audit/report/models/reportListModel.ts +0 -49
- package/src/audit/report/models/reportOutputModel.ts +0 -29
- package/src/audit/report/models/reportSeverityModel.ts +0 -18
- package/src/audit/report/models/severityCountModel.ts +0 -22
- package/src/audit/report/reportingFeature.ts +0 -110
- package/src/audit/report/utils/reportUtils.ts +0 -165
- package/src/audit/save.js +0 -67
- package/src/cliConstants.js +0 -522
- package/src/commands/audit/auditConfig.js +0 -18
- package/src/commands/audit/auditController.js +0 -50
- package/src/commands/audit/help.js +0 -72
- package/src/commands/audit/processAudit.js +0 -34
- package/src/commands/audit/saveFile.js +0 -15
- package/src/commands/auth/auth.js +0 -146
- package/src/commands/config/config.js +0 -41
- package/src/commands/github/fingerprintConfig.js +0 -19
- package/src/commands/github/processFingerprint.js +0 -37
- package/src/commands/github/projectGroup.js +0 -294
- package/src/commands/github/repoServices.js +0 -122
- package/src/commands/learn/learn.js +0 -10
- package/src/commands/learn/processLearn.js +0 -13
- package/src/commands/scan/processScan.js +0 -42
- package/src/common/HTTPClient.js +0 -775
- package/src/common/baseRequest.ts +0 -83
- package/src/common/commonHelp.js +0 -53
- package/src/common/errorHandling.js +0 -157
- package/src/common/fail.js +0 -79
- package/src/common/versionChecker.js +0 -75
- package/src/constants/constants.js +0 -71
- package/src/constants/lambda.js +0 -85
- package/src/constants/locales.js +0 -365
- package/src/index.ts +0 -142
- package/src/lambda/__mocks__/aws.ts +0 -32
- package/src/lambda/__mocks__/lambdaConfig.json +0 -42
- package/src/lambda/analytics.ts +0 -9
- package/src/lambda/arn.ts +0 -33
- package/src/lambda/aws.ts +0 -248
- package/src/lambda/cliError.ts +0 -72
- package/src/lambda/constants.ts +0 -11
- package/src/lambda/help.ts +0 -92
- package/src/lambda/lambda.ts +0 -230
- package/src/lambda/lambdaUtils.ts +0 -111
- package/src/lambda/logUtils.ts +0 -64
- package/src/lambda/scanDetailCompletion.ts +0 -78
- package/src/lambda/scanRequest.ts +0 -169
- package/src/lambda/scanResults.ts +0 -29
- package/src/lambda/types.ts +0 -36
- package/src/lambda/utils.ts +0 -188
- package/src/sbom/generateSbom.ts +0 -45
- package/src/scaAnalysis/common/auditReport.js +0 -59
- package/src/scaAnalysis/common/commonReportingFunctionsSca.js +0 -276
- package/src/scaAnalysis/common/formatMessage.js +0 -67
- package/src/scaAnalysis/common/models/ScaReportModel.ts +0 -81
- package/src/scaAnalysis/common/scaParserForGoAndJava.js +0 -41
- package/src/scaAnalysis/common/scaServicesUpload.js +0 -155
- package/src/scaAnalysis/common/treeUpload.js +0 -51
- package/src/scaAnalysis/common/utils/reportUtilsSca.ts +0 -123
- package/src/scaAnalysis/dotnet/analysis.js +0 -72
- package/src/scaAnalysis/dotnet/index.js +0 -11
- package/src/scaAnalysis/go/goAnalysis.js +0 -26
- package/src/scaAnalysis/go/goParseDeps.js +0 -203
- package/src/scaAnalysis/go/goReadDepFile.js +0 -34
- package/src/scaAnalysis/java/analysis.js +0 -148
- package/src/scaAnalysis/java/index.js +0 -29
- package/src/scaAnalysis/java/javaBuildDepsParser.js +0 -439
- package/src/scaAnalysis/javascript/analysis.js +0 -111
- package/src/scaAnalysis/javascript/index.js +0 -104
- package/src/scaAnalysis/javascript/scaServiceParser.js +0 -151
- package/src/scaAnalysis/legacy/legacyFlow.js +0 -43
- package/src/scaAnalysis/php/analysis.js +0 -78
- package/src/scaAnalysis/php/index.js +0 -28
- package/src/scaAnalysis/php/phpNewServicesMapper.js +0 -77
- package/src/scaAnalysis/processServicesFlow.js +0 -119
- package/src/scaAnalysis/python/analysis.js +0 -93
- package/src/scaAnalysis/python/index.js +0 -16
- package/src/scaAnalysis/repoMode/gradleParser.js +0 -88
- package/src/scaAnalysis/repoMode/index.js +0 -21
- package/src/scaAnalysis/repoMode/mavenParser.js +0 -112
- package/src/scaAnalysis/ruby/analysis.js +0 -413
- package/src/scaAnalysis/ruby/index.js +0 -16
- package/src/scaAnalysis/scaAnalysis.js +0 -171
- package/src/scan/autoDetection.js +0 -175
- package/src/scan/fileUtils.js +0 -206
- package/src/scan/formatScanOutput.ts +0 -225
- package/src/scan/help.js +0 -56
- package/src/scan/models/groupedResultsModel.ts +0 -20
- package/src/scan/models/resultContentModel.ts +0 -86
- package/src/scan/models/scanResultsModel.ts +0 -55
- package/src/scan/populateProjectIdAndProjectName.js +0 -73
- package/src/scan/saveResults.js +0 -14
- package/src/scan/scan.ts +0 -68
- package/src/scan/scanConfig.js +0 -58
- package/src/scan/scanController.js +0 -98
- package/src/scan/scanResults.js +0 -171
- package/src/telemetry/telemetry.ts +0 -154
- package/src/utils/capabilities.js +0 -12
- package/src/utils/commonApi.js +0 -103
- package/src/utils/filterProjectPath.js +0 -25
- package/src/utils/generalAPI.js +0 -52
- package/src/utils/getConfig.ts +0 -34
- package/src/utils/oraWrapper.js +0 -29
- package/src/utils/paramsUtil/commandlineParams.js +0 -12
- package/src/utils/paramsUtil/configStoreParams.js +0 -19
- package/src/utils/paramsUtil/envVariableParams.js +0 -10
- package/src/utils/paramsUtil/paramHandler.js +0 -38
- package/src/utils/parsedCLIOptions.js +0 -32
- package/src/utils/requestUtils.js +0 -29
- package/src/utils/saveFile.js +0 -20
- package/src/utils/validationCheck.js +0 -39
|
@@ -1,155 +0,0 @@
|
|
|
1
|
-
const commonApi = require('../../utils/commonApi')
|
|
2
|
-
const { APP_VERSION } = require('../../constants/constants')
|
|
3
|
-
const requestUtils = require('../../utils/requestUtils')
|
|
4
|
-
const { performance } = require('perf_hooks')
|
|
5
|
-
|
|
6
|
-
const scaTreeUpload = async (analysis, config, reportSpinner) => {
|
|
7
|
-
if (config.projectId === '') {
|
|
8
|
-
console.log(
|
|
9
|
-
'We were unable to create/locate a project for this manifest, please try again or run with --debug for more information'
|
|
10
|
-
)
|
|
11
|
-
process.exit(1)
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
config.language = config.language === 'JAVASCRIPT' ? 'NODE' : config.language
|
|
15
|
-
const startTime = performance.now()
|
|
16
|
-
const timeout = commonApi.getTimeout(config)
|
|
17
|
-
|
|
18
|
-
const doINeedParent = config.repositoryId && config.language === 'JAVA'
|
|
19
|
-
|
|
20
|
-
const requestBody = {
|
|
21
|
-
parentPom: doINeedParent ? analysis.parentPom : null,
|
|
22
|
-
dependencyTree: doINeedParent ? analysis.dependencyTree : analysis,
|
|
23
|
-
organizationId: config.organizationId,
|
|
24
|
-
language: config.language,
|
|
25
|
-
tool: {
|
|
26
|
-
name: 'Contrast Codesec',
|
|
27
|
-
version: APP_VERSION
|
|
28
|
-
}
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
if (config.branch) {
|
|
32
|
-
requestBody.branchName = config.branch
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
const client = commonApi.getHttpClient(config)
|
|
36
|
-
const reportID = await client
|
|
37
|
-
.scaServiceIngest(requestBody, config)
|
|
38
|
-
.then(res => {
|
|
39
|
-
if (res.statusCode === 201 || res.statusCode === 200) {
|
|
40
|
-
return res.body.libraryIngestJobId
|
|
41
|
-
} else {
|
|
42
|
-
throw new Error(res.statusCode + ` error ingesting dependencies`)
|
|
43
|
-
}
|
|
44
|
-
})
|
|
45
|
-
.catch(err => {
|
|
46
|
-
throw err
|
|
47
|
-
})
|
|
48
|
-
if (config.debug) {
|
|
49
|
-
console.log(' polling report', reportID)
|
|
50
|
-
}
|
|
51
|
-
|
|
52
|
-
let keepChecking = true
|
|
53
|
-
let res
|
|
54
|
-
while (keepChecking) {
|
|
55
|
-
res = await client.scaServiceReportStatus(config, reportID).then(res => {
|
|
56
|
-
if (config.debug) {
|
|
57
|
-
console.log('scaServiceReportStatus', res.statusCode)
|
|
58
|
-
console.log(res.body)
|
|
59
|
-
}
|
|
60
|
-
if (res.body.status === 'COMPLETED') {
|
|
61
|
-
keepChecking = false
|
|
62
|
-
return client.scaServiceReport(config, reportID).then(res => {
|
|
63
|
-
const reportBody = res.body
|
|
64
|
-
return { reportBody, reportId: reportID }
|
|
65
|
-
})
|
|
66
|
-
}
|
|
67
|
-
})
|
|
68
|
-
|
|
69
|
-
if (!keepChecking) {
|
|
70
|
-
return { reportArray: res.reportBody, reportId: reportID }
|
|
71
|
-
}
|
|
72
|
-
|
|
73
|
-
commonApi.handleTimeout(startTime, timeout, reportSpinner)
|
|
74
|
-
|
|
75
|
-
await requestUtils.sleep(5000)
|
|
76
|
-
}
|
|
77
|
-
|
|
78
|
-
return { reportArray: res, reportID }
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
const noProjectUpload = async (analysis, config, reportSpinner) => {
|
|
82
|
-
config.language = config.language === 'JAVASCRIPT' ? 'NODE' : config.language
|
|
83
|
-
const startTime = performance.now()
|
|
84
|
-
const timeout = commonApi.getTimeout(config)
|
|
85
|
-
const requestBody = {
|
|
86
|
-
dependencyTree: analysis,
|
|
87
|
-
language: config.language,
|
|
88
|
-
tool: {
|
|
89
|
-
name: 'Contrast Codesec',
|
|
90
|
-
version: APP_VERSION
|
|
91
|
-
}
|
|
92
|
-
}
|
|
93
|
-
|
|
94
|
-
if (config.branch) {
|
|
95
|
-
requestBody.branchName = config.branch
|
|
96
|
-
}
|
|
97
|
-
|
|
98
|
-
const client = commonApi.getHttpClient(config)
|
|
99
|
-
const reportID = await client
|
|
100
|
-
.noProjectIdUpload(requestBody, config)
|
|
101
|
-
.then(res => {
|
|
102
|
-
if (res.statusCode === 201 || res.statusCode === 200) {
|
|
103
|
-
return res.body.libraryIngestJobId
|
|
104
|
-
} else {
|
|
105
|
-
throw new Error(
|
|
106
|
-
res.statusCode + ` error ingesting dependencies with no project id`
|
|
107
|
-
)
|
|
108
|
-
}
|
|
109
|
-
})
|
|
110
|
-
.catch(err => {
|
|
111
|
-
throw err
|
|
112
|
-
})
|
|
113
|
-
|
|
114
|
-
if (config.debug) {
|
|
115
|
-
console.log(' polling report no project', reportID)
|
|
116
|
-
}
|
|
117
|
-
|
|
118
|
-
let keepChecking = true
|
|
119
|
-
let res
|
|
120
|
-
while (keepChecking) {
|
|
121
|
-
res = await client
|
|
122
|
-
.scaServiceNoProjectIdReportStatus(config, reportID)
|
|
123
|
-
.then(res => {
|
|
124
|
-
if (config.debug) {
|
|
125
|
-
console.log('\nscaServiceReportStatus')
|
|
126
|
-
console.log(res.statusCode)
|
|
127
|
-
console.log(res.body)
|
|
128
|
-
}
|
|
129
|
-
if (res.body.status === 'COMPLETED') {
|
|
130
|
-
keepChecking = false
|
|
131
|
-
return client
|
|
132
|
-
.scaServiceReportNoProjectId(config, reportID)
|
|
133
|
-
.then(res => {
|
|
134
|
-
const reportBody = res.body
|
|
135
|
-
return { reportBody, reportId: reportID }
|
|
136
|
-
})
|
|
137
|
-
}
|
|
138
|
-
})
|
|
139
|
-
|
|
140
|
-
if (!keepChecking) {
|
|
141
|
-
return { reportArray: res.reportBody, reportId: reportID }
|
|
142
|
-
}
|
|
143
|
-
|
|
144
|
-
commonApi.handleTimeout(startTime, timeout, reportSpinner)
|
|
145
|
-
|
|
146
|
-
await requestUtils.sleep(5000)
|
|
147
|
-
}
|
|
148
|
-
|
|
149
|
-
return { reportArray: res, reportID }
|
|
150
|
-
}
|
|
151
|
-
|
|
152
|
-
module.exports = {
|
|
153
|
-
scaTreeUpload,
|
|
154
|
-
noProjectUpload
|
|
155
|
-
}
|
|
@@ -1,51 +0,0 @@
|
|
|
1
|
-
const commonApi = require('../../utils/commonApi')
|
|
2
|
-
const { APP_VERSION } = require('../../constants/constants')
|
|
3
|
-
|
|
4
|
-
const commonSendSnapShot = async (analysis, config) => {
|
|
5
|
-
let requestBody = {}
|
|
6
|
-
config.legacy === false
|
|
7
|
-
? (requestBody = sendToSCAServices(config, analysis))
|
|
8
|
-
: (requestBody = {
|
|
9
|
-
appID: config.applicationId,
|
|
10
|
-
cliVersion: APP_VERSION,
|
|
11
|
-
snapshot: analysis
|
|
12
|
-
})
|
|
13
|
-
|
|
14
|
-
const client = commonApi.getHttpClient(config)
|
|
15
|
-
return client
|
|
16
|
-
.sendSnapshot(requestBody, config)
|
|
17
|
-
.then(res => {
|
|
18
|
-
if (res.statusCode === 201) {
|
|
19
|
-
return res.body
|
|
20
|
-
} else {
|
|
21
|
-
if (res.statusCode === 403) {
|
|
22
|
-
throw new Error(
|
|
23
|
-
`🛑 Contrast audit failed \nPlease check you have the right permissions and the application ${
|
|
24
|
-
config.applicationName ? config.applicationName : ''
|
|
25
|
-
} has not been archived.`.replace(/ +(?= )/g, '')
|
|
26
|
-
)
|
|
27
|
-
}
|
|
28
|
-
throw new Error(res.statusCode + ` error processing dependencies`)
|
|
29
|
-
}
|
|
30
|
-
})
|
|
31
|
-
.catch(err => {
|
|
32
|
-
throw err
|
|
33
|
-
})
|
|
34
|
-
}
|
|
35
|
-
|
|
36
|
-
const sendToSCAServices = (config, analysis) => {
|
|
37
|
-
return {
|
|
38
|
-
applicationId: config.applicationId,
|
|
39
|
-
dependencyTree: analysis,
|
|
40
|
-
organizationId: config.organizationId,
|
|
41
|
-
language: config.language,
|
|
42
|
-
tool: {
|
|
43
|
-
name: 'Contrast Codesec',
|
|
44
|
-
version: APP_VERSION
|
|
45
|
-
}
|
|
46
|
-
}
|
|
47
|
-
}
|
|
48
|
-
|
|
49
|
-
module.exports = {
|
|
50
|
-
commonSendSnapShot
|
|
51
|
-
}
|
|
@@ -1,123 +0,0 @@
|
|
|
1
|
-
import { orderBy } from 'lodash'
|
|
2
|
-
import {
|
|
3
|
-
CRITICAL_COLOUR,
|
|
4
|
-
CRITICAL_PRIORITY,
|
|
5
|
-
HIGH_COLOUR,
|
|
6
|
-
HIGH_PRIORITY,
|
|
7
|
-
LOW_COLOUR,
|
|
8
|
-
LOW_PRIORITY,
|
|
9
|
-
MEDIUM_COLOUR,
|
|
10
|
-
MEDIUM_PRIORITY,
|
|
11
|
-
NOTE_COLOUR,
|
|
12
|
-
NOTE_PRIORITY
|
|
13
|
-
} from '../../../constants/constants'
|
|
14
|
-
import { ReportSeverityModel } from '../../../audit/report/models/reportSeverityModel'
|
|
15
|
-
import { SeverityCountModel } from '../../../audit/report/models/severityCountModel'
|
|
16
|
-
import {
|
|
17
|
-
ScaReportModel,
|
|
18
|
-
ScaReportVulnerabilityModel
|
|
19
|
-
} from '../models/ScaReportModel'
|
|
20
|
-
|
|
21
|
-
export function findHighestSeverityCVESca(
|
|
22
|
-
cveArray: ScaReportVulnerabilityModel[]
|
|
23
|
-
) {
|
|
24
|
-
const mappedToReportSeverityModels = cveArray.map(cve =>
|
|
25
|
-
findCVESeveritySca(cve)
|
|
26
|
-
)
|
|
27
|
-
|
|
28
|
-
//order and get first
|
|
29
|
-
return orderBy(mappedToReportSeverityModels, cve => cve?.priority)[0]
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
export function orderByHighestPrioritySca(
|
|
33
|
-
reportSeverityModel: ReportSeverityModel[]
|
|
34
|
-
) {
|
|
35
|
-
return orderBy(reportSeverityModel, ['priority'], ['asc'])
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
export function findCVESeveritySca(
|
|
39
|
-
vulnerabilityModel: ScaReportVulnerabilityModel
|
|
40
|
-
) {
|
|
41
|
-
const { name } = vulnerabilityModel
|
|
42
|
-
|
|
43
|
-
if (
|
|
44
|
-
vulnerabilityModel.cvss3Severity === 'CRITICAL' ||
|
|
45
|
-
vulnerabilityModel.severity === 'CRITICAL'
|
|
46
|
-
) {
|
|
47
|
-
return new ReportSeverityModel(
|
|
48
|
-
'CRITICAL',
|
|
49
|
-
CRITICAL_PRIORITY,
|
|
50
|
-
CRITICAL_COLOUR,
|
|
51
|
-
name
|
|
52
|
-
)
|
|
53
|
-
} else if (
|
|
54
|
-
vulnerabilityModel.cvss3Severity === 'HIGH' ||
|
|
55
|
-
vulnerabilityModel.severity === 'HIGH'
|
|
56
|
-
) {
|
|
57
|
-
return new ReportSeverityModel('HIGH', HIGH_PRIORITY, HIGH_COLOUR, name)
|
|
58
|
-
} else if (
|
|
59
|
-
vulnerabilityModel.cvss3Severity === 'MEDIUM' ||
|
|
60
|
-
vulnerabilityModel.severity === 'MEDIUM'
|
|
61
|
-
) {
|
|
62
|
-
return new ReportSeverityModel(
|
|
63
|
-
'MEDIUM',
|
|
64
|
-
MEDIUM_PRIORITY,
|
|
65
|
-
MEDIUM_COLOUR,
|
|
66
|
-
name
|
|
67
|
-
)
|
|
68
|
-
} else if (
|
|
69
|
-
vulnerabilityModel.cvss3Severity === 'LOW' ||
|
|
70
|
-
vulnerabilityModel.severity === 'LOW'
|
|
71
|
-
) {
|
|
72
|
-
return new ReportSeverityModel('LOW', LOW_PRIORITY, LOW_COLOUR, name)
|
|
73
|
-
} else if (
|
|
74
|
-
vulnerabilityModel.cvss3Severity === 'NOTE' ||
|
|
75
|
-
vulnerabilityModel.severity === 'NOTE'
|
|
76
|
-
) {
|
|
77
|
-
return new ReportSeverityModel('NOTE', NOTE_PRIORITY, NOTE_COLOUR, name)
|
|
78
|
-
}
|
|
79
|
-
}
|
|
80
|
-
|
|
81
|
-
export function convertGenericToTypedReportModelSca(reportArray: any) {
|
|
82
|
-
return reportArray.map((library: any) => {
|
|
83
|
-
return new ScaReportModel(library)
|
|
84
|
-
})
|
|
85
|
-
}
|
|
86
|
-
|
|
87
|
-
export function severityCountAllLibrariesSca(
|
|
88
|
-
vulnerableLibraries: ScaReportModel[],
|
|
89
|
-
severityCount: SeverityCountModel
|
|
90
|
-
) {
|
|
91
|
-
vulnerableLibraries.forEach(lib =>
|
|
92
|
-
severityCountAllCVEsSca(lib.vulnerabilities, severityCount)
|
|
93
|
-
)
|
|
94
|
-
return severityCount
|
|
95
|
-
}
|
|
96
|
-
|
|
97
|
-
export function severityCountAllCVEsSca(
|
|
98
|
-
cveArray: ScaReportVulnerabilityModel[],
|
|
99
|
-
severityCount: SeverityCountModel
|
|
100
|
-
) {
|
|
101
|
-
const severityCountInner = severityCount
|
|
102
|
-
cveArray.forEach(cve => severityCountSingleCVESca(cve, severityCountInner))
|
|
103
|
-
return severityCountInner
|
|
104
|
-
}
|
|
105
|
-
|
|
106
|
-
export function severityCountSingleCVESca(
|
|
107
|
-
cve: ScaReportVulnerabilityModel,
|
|
108
|
-
severityCount: SeverityCountModel
|
|
109
|
-
) {
|
|
110
|
-
if (cve.cvss3Severity === 'CRITICAL' || cve.severity === 'CRITICAL') {
|
|
111
|
-
severityCount.critical += 1
|
|
112
|
-
} else if (cve.cvss3Severity === 'HIGH' || cve.severity === 'HIGH') {
|
|
113
|
-
severityCount.high += 1
|
|
114
|
-
} else if (cve.cvss3Severity === 'MEDIUM' || cve.severity === 'MEDIUM') {
|
|
115
|
-
severityCount.medium += 1
|
|
116
|
-
} else if (cve.cvss3Severity === 'LOW' || cve.severity === 'LOW') {
|
|
117
|
-
severityCount.low += 1
|
|
118
|
-
} else if (cve.cvss3Severity === 'NOTE' || cve.severity === 'NOTE') {
|
|
119
|
-
severityCount.note += 1
|
|
120
|
-
}
|
|
121
|
-
|
|
122
|
-
return severityCount
|
|
123
|
-
}
|
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
const fs = require('fs')
|
|
2
|
-
const xml2js = require('xml2js')
|
|
3
|
-
const i18n = require('i18n')
|
|
4
|
-
|
|
5
|
-
const readAndParseProjectFile = projectFilePath => {
|
|
6
|
-
const projectFile = fs.readFileSync(projectFilePath)
|
|
7
|
-
|
|
8
|
-
return new xml2js.Parser({
|
|
9
|
-
explicitArray: false,
|
|
10
|
-
mergeAttrs: true
|
|
11
|
-
}).parseString(projectFile)
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
const readAndParseLockFile = lockFilePath => {
|
|
15
|
-
const lockFile = JSON.parse(fs.readFileSync(lockFilePath).toString())
|
|
16
|
-
|
|
17
|
-
let count = 0 // Used to test if some nodes are deleted
|
|
18
|
-
|
|
19
|
-
for (const dependenciesNode in lockFile.dependencies) {
|
|
20
|
-
for (const innerNode in lockFile.dependencies[dependenciesNode]) {
|
|
21
|
-
const nodeValidation = JSON.stringify(
|
|
22
|
-
lockFile.dependencies[dependenciesNode][innerNode]
|
|
23
|
-
)
|
|
24
|
-
if (nodeValidation.includes('"type":"Project"')) {
|
|
25
|
-
count += 1
|
|
26
|
-
delete lockFile.dependencies[dependenciesNode][innerNode]
|
|
27
|
-
lockFile.additionalInfo = 'dependenciesNote'
|
|
28
|
-
}
|
|
29
|
-
}
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
if (count > 0) {
|
|
33
|
-
const multiLevelProjectWarning = () => {
|
|
34
|
-
console.log('')
|
|
35
|
-
console.log(i18n.__('dependenciesNote'))
|
|
36
|
-
}
|
|
37
|
-
setTimeout(multiLevelProjectWarning, 7000)
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
return lockFile
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
const checkForCorrectFiles = languageFiles => {
|
|
44
|
-
if (!languageFiles.includes('packages.lock.json')) {
|
|
45
|
-
throw new Error(i18n.__('languageAnalysisHasNoLockFile', '.NET'))
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
if (!languageFiles.some(i => i.includes('.csproj'))) {
|
|
49
|
-
throw new Error(i18n.__('languageAnalysisProjectFileError', '.NET'))
|
|
50
|
-
}
|
|
51
|
-
}
|
|
52
|
-
|
|
53
|
-
const getDotNetDeps = (filePath, languageFiles) => {
|
|
54
|
-
checkForCorrectFiles(languageFiles)
|
|
55
|
-
const projectFileName = languageFiles.find(fileName =>
|
|
56
|
-
fileName.includes('.csproj')
|
|
57
|
-
)
|
|
58
|
-
const lockFileName = languageFiles.find(fileName =>
|
|
59
|
-
fileName.includes('.json')
|
|
60
|
-
)
|
|
61
|
-
const projectFile = readAndParseProjectFile(filePath + `/${projectFileName}`)
|
|
62
|
-
const lockFile = readAndParseLockFile(filePath + `/${lockFileName}`)
|
|
63
|
-
|
|
64
|
-
return { projectFile, lockFile }
|
|
65
|
-
}
|
|
66
|
-
|
|
67
|
-
module.exports = {
|
|
68
|
-
getDotNetDeps,
|
|
69
|
-
readAndParseProjectFile,
|
|
70
|
-
readAndParseLockFile,
|
|
71
|
-
checkForCorrectFiles
|
|
72
|
-
}
|
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
const { getDotNetDeps } = require('./analysis')
|
|
2
|
-
const { createDotNetTSMessage } = require('../common/formatMessage')
|
|
3
|
-
|
|
4
|
-
const dotNetAnalysis = (config, languageFiles) => {
|
|
5
|
-
const dotNetDeps = getDotNetDeps(config.file, languageFiles.DOTNET)
|
|
6
|
-
return createDotNetTSMessage(dotNetDeps)
|
|
7
|
-
}
|
|
8
|
-
|
|
9
|
-
module.exports = {
|
|
10
|
-
dotNetAnalysis
|
|
11
|
-
}
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
const { createGoTSMessage } = require('../common/formatMessage')
|
|
2
|
-
const {
|
|
3
|
-
parseDependenciesForSCAServices
|
|
4
|
-
} = require('../common/scaParserForGoAndJava')
|
|
5
|
-
const goReadDepFile = require('./goReadDepFile')
|
|
6
|
-
const goParseDeps = require('./goParseDeps')
|
|
7
|
-
|
|
8
|
-
const goAnalysis = config => {
|
|
9
|
-
try {
|
|
10
|
-
const rawGoDependencies = goReadDepFile.getGoDependencies(config)
|
|
11
|
-
const parsedGoDependencies =
|
|
12
|
-
goParseDeps.parseGoDependencies(rawGoDependencies)
|
|
13
|
-
|
|
14
|
-
if (config.legacy === false) {
|
|
15
|
-
return parseDependenciesForSCAServices(parsedGoDependencies)
|
|
16
|
-
} else {
|
|
17
|
-
return createGoTSMessage(parsedGoDependencies)
|
|
18
|
-
}
|
|
19
|
-
} catch (e) {
|
|
20
|
-
console.log(e.message.toString())
|
|
21
|
-
}
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
module.exports = {
|
|
25
|
-
goAnalysis
|
|
26
|
-
}
|
|
@@ -1,203 +0,0 @@
|
|
|
1
|
-
const crypto = require('crypto')
|
|
2
|
-
|
|
3
|
-
const parseGoDependencies = goDeps => {
|
|
4
|
-
return parseGo(goDeps)
|
|
5
|
-
}
|
|
6
|
-
|
|
7
|
-
const parseGo = modGraphOutput => {
|
|
8
|
-
let splitLines = splitAllLinesIntoArray(modGraphOutput)
|
|
9
|
-
const directDepNames = getDirectDepNames(splitLines)
|
|
10
|
-
const uniqueTransitiveDepNames = getAllUniqueTransitiveDepNames(
|
|
11
|
-
splitLines,
|
|
12
|
-
directDepNames
|
|
13
|
-
)
|
|
14
|
-
|
|
15
|
-
let rootNodes = createRootNodes(splitLines)
|
|
16
|
-
|
|
17
|
-
createTransitiveDeps(uniqueTransitiveDepNames, splitLines, rootNodes)
|
|
18
|
-
|
|
19
|
-
return rootNodes
|
|
20
|
-
}
|
|
21
|
-
|
|
22
|
-
const splitAllLinesIntoArray = modGraphOutput => {
|
|
23
|
-
return modGraphOutput.split(/\r\n|\r|\n/)
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
const getAllDepsOfADepAsEdge = (dep, deps) => {
|
|
27
|
-
let edges = {}
|
|
28
|
-
|
|
29
|
-
const depRows = deps.filter(line => {
|
|
30
|
-
return line.startsWith(dep)
|
|
31
|
-
})
|
|
32
|
-
|
|
33
|
-
depRows.forEach(dep => {
|
|
34
|
-
const edgeName = dep.split(' ')[1]
|
|
35
|
-
edges[edgeName] = edgeName
|
|
36
|
-
})
|
|
37
|
-
|
|
38
|
-
return edges
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
const getAllDepsOfADepAsName = (dep, deps) => {
|
|
42
|
-
let edges = []
|
|
43
|
-
|
|
44
|
-
const depRows = deps.filter(line => {
|
|
45
|
-
return line.startsWith(dep)
|
|
46
|
-
})
|
|
47
|
-
|
|
48
|
-
depRows.forEach(dep => {
|
|
49
|
-
const edgeName = dep.split(' ')[1]
|
|
50
|
-
edges.push(edgeName)
|
|
51
|
-
})
|
|
52
|
-
|
|
53
|
-
return edges
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
const createRootNodes = deps => {
|
|
57
|
-
let rootDep = {}
|
|
58
|
-
const rootDeps = getRootDeps(deps)
|
|
59
|
-
|
|
60
|
-
const edges = rootDeps.map(dep => {
|
|
61
|
-
return dep.split(' ')[1]
|
|
62
|
-
})
|
|
63
|
-
|
|
64
|
-
rootDep[rootDeps[0].split(' ')[0]] = {}
|
|
65
|
-
|
|
66
|
-
edges.forEach(edge => {
|
|
67
|
-
const splitEdge = edge.split('@')
|
|
68
|
-
const splitGroupName = splitEdge[0].split('/')
|
|
69
|
-
const name = splitGroupName.pop()
|
|
70
|
-
const lastSlash = splitEdge[0].lastIndexOf('/')
|
|
71
|
-
let group = splitEdge[0].substring(0, lastSlash)
|
|
72
|
-
const hash = getHash(splitEdge[0])
|
|
73
|
-
|
|
74
|
-
group = checkGroupExists(group, name)
|
|
75
|
-
|
|
76
|
-
//get the edges of the root dependency
|
|
77
|
-
const edgesOfDep = getAllDepsOfADepAsEdge(edge, deps)
|
|
78
|
-
|
|
79
|
-
rootDep[rootDeps[0].split(' ')[0]][edge] = {
|
|
80
|
-
artifactID: name,
|
|
81
|
-
group: group,
|
|
82
|
-
version: splitEdge[1],
|
|
83
|
-
scope: '"compile',
|
|
84
|
-
type: 'direct',
|
|
85
|
-
hash: hash,
|
|
86
|
-
edges: edgesOfDep
|
|
87
|
-
}
|
|
88
|
-
})
|
|
89
|
-
return rootDep
|
|
90
|
-
}
|
|
91
|
-
|
|
92
|
-
const getRootDeps = deps => {
|
|
93
|
-
const rootDeps = deps.filter(dep => {
|
|
94
|
-
const parentDep = dep.split(' ')[0]
|
|
95
|
-
if (parentDep.split('@v').length === 1) {
|
|
96
|
-
return dep
|
|
97
|
-
}
|
|
98
|
-
})
|
|
99
|
-
return rootDeps
|
|
100
|
-
}
|
|
101
|
-
|
|
102
|
-
const getHash = library => {
|
|
103
|
-
let shaSum = crypto.createHash('sha1')
|
|
104
|
-
shaSum.update(library)
|
|
105
|
-
return shaSum.digest('hex')
|
|
106
|
-
}
|
|
107
|
-
|
|
108
|
-
const getDirectDepNames = deps => {
|
|
109
|
-
const directDepNames = []
|
|
110
|
-
|
|
111
|
-
deps.forEach(dep => {
|
|
112
|
-
const parentDep = dep.split(' ')[0]
|
|
113
|
-
if (parentDep.split('@v').length === 1) {
|
|
114
|
-
dep.split(' ')[1] !== undefined
|
|
115
|
-
? directDepNames.push(dep.split(' ')[1])
|
|
116
|
-
: null
|
|
117
|
-
}
|
|
118
|
-
})
|
|
119
|
-
return directDepNames
|
|
120
|
-
}
|
|
121
|
-
|
|
122
|
-
const getAllUniqueTransitiveDepNames = (deps, directDepNames) => {
|
|
123
|
-
let uniqueDeps = []
|
|
124
|
-
|
|
125
|
-
deps.forEach(dep => {
|
|
126
|
-
const parentDep = dep.split(' ')[0]
|
|
127
|
-
if (parentDep.split('@v').length !== 1) {
|
|
128
|
-
if (!directDepNames.includes(parentDep)) {
|
|
129
|
-
if (!uniqueDeps.includes(parentDep)) {
|
|
130
|
-
parentDep.length > 1 ? uniqueDeps.push(parentDep) : null
|
|
131
|
-
}
|
|
132
|
-
}
|
|
133
|
-
}
|
|
134
|
-
})
|
|
135
|
-
return uniqueDeps
|
|
136
|
-
}
|
|
137
|
-
|
|
138
|
-
const checkGroupExists = (group, name) => {
|
|
139
|
-
if (group === null || group === '') {
|
|
140
|
-
return name
|
|
141
|
-
}
|
|
142
|
-
return group
|
|
143
|
-
}
|
|
144
|
-
|
|
145
|
-
const createTransitiveDeps = (transitiveDeps, splitLines, rootNodes) => {
|
|
146
|
-
transitiveDeps.forEach(dep => {
|
|
147
|
-
//create transitive dep
|
|
148
|
-
const splitEdge = dep.split('@')
|
|
149
|
-
const splitGroupName = splitEdge[0].split('/')
|
|
150
|
-
const name = splitGroupName.pop()
|
|
151
|
-
const lastSlash = splitEdge[0].lastIndexOf('/')
|
|
152
|
-
let group = splitEdge[0].substring(0, lastSlash)
|
|
153
|
-
const hash = getHash(splitEdge[0])
|
|
154
|
-
|
|
155
|
-
group = checkGroupExists(group, name)
|
|
156
|
-
|
|
157
|
-
const transitiveDep = {
|
|
158
|
-
artifactID: name,
|
|
159
|
-
group: group,
|
|
160
|
-
version: splitEdge[1],
|
|
161
|
-
scope: 'compile',
|
|
162
|
-
type: 'transitive',
|
|
163
|
-
hash: hash,
|
|
164
|
-
edges: {}
|
|
165
|
-
}
|
|
166
|
-
|
|
167
|
-
//add edges to transitiveDep
|
|
168
|
-
const edges = getAllDepsOfADepAsEdge(dep, splitLines)
|
|
169
|
-
transitiveDep.edges = edges
|
|
170
|
-
|
|
171
|
-
//add all edges as a transitive dependency to rootNodes
|
|
172
|
-
const edgesAsName = getAllDepsOfADepAsName(dep, splitLines)
|
|
173
|
-
|
|
174
|
-
edgesAsName.forEach(dep => {
|
|
175
|
-
const splitEdge = dep.split('@')
|
|
176
|
-
const splitGroupName = splitEdge[0].split('/')
|
|
177
|
-
const name = splitGroupName.pop()
|
|
178
|
-
const lastSlash = splitEdge[0].lastIndexOf('/')
|
|
179
|
-
let group = splitEdge[0].substring(0, lastSlash)
|
|
180
|
-
const hash = getHash(splitEdge[0])
|
|
181
|
-
|
|
182
|
-
group = checkGroupExists(group, name)
|
|
183
|
-
|
|
184
|
-
const transitiveDep = {
|
|
185
|
-
artifactID: name,
|
|
186
|
-
group: group,
|
|
187
|
-
version: splitEdge[1],
|
|
188
|
-
scope: 'compile',
|
|
189
|
-
type: 'transitive',
|
|
190
|
-
hash: hash,
|
|
191
|
-
edges: {}
|
|
192
|
-
}
|
|
193
|
-
rootNodes[Object.keys(rootNodes)[0]][dep] = transitiveDep
|
|
194
|
-
})
|
|
195
|
-
|
|
196
|
-
//add transitive dependency to rootNodes
|
|
197
|
-
rootNodes[Object.keys(rootNodes)[0]][dep] = transitiveDep
|
|
198
|
-
})
|
|
199
|
-
}
|
|
200
|
-
|
|
201
|
-
module.exports = {
|
|
202
|
-
parseGoDependencies
|
|
203
|
-
}
|
|
@@ -1,34 +0,0 @@
|
|
|
1
|
-
const child_process = require('child_process')
|
|
2
|
-
const i18n = require('i18n')
|
|
3
|
-
|
|
4
|
-
const getGoDependencies = config => {
|
|
5
|
-
let cmdStdout
|
|
6
|
-
let cwd = config.file ? config.file.replace('go.mod', '') : process.cwd()
|
|
7
|
-
|
|
8
|
-
try {
|
|
9
|
-
// A sample of this output can be found
|
|
10
|
-
// in the go test folder data/goModGraphResults.text
|
|
11
|
-
cmdStdout = child_process.execSync('go mod graph', {
|
|
12
|
-
cwd: cwd,
|
|
13
|
-
maxBuffer: 50 * 1024 * 1024
|
|
14
|
-
})
|
|
15
|
-
|
|
16
|
-
return cmdStdout.toString()
|
|
17
|
-
} catch (err) {
|
|
18
|
-
if (err.message === 'spawnSync /bin/sh ENOENT') {
|
|
19
|
-
err.message =
|
|
20
|
-
'\n\n*************** No transitive dependencies ***************\n\nWe are unable to build a dependency tree view from your repository as there were no transitive dependencies found.'
|
|
21
|
-
}
|
|
22
|
-
console.log(
|
|
23
|
-
i18n.__('goReadProjectFile', cwd, `${err.message ? err.message : ''}`)
|
|
24
|
-
)
|
|
25
|
-
// throw new Error(
|
|
26
|
-
// i18n.__('goReadProjectFile', cwd, `${err.message ? err.message : ''}`)
|
|
27
|
-
// )
|
|
28
|
-
process.exit(1)
|
|
29
|
-
}
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
module.exports = {
|
|
33
|
-
getGoDependencies
|
|
34
|
-
}
|