npm - @contrast/contrast - Versions diffs - 2.3.1 → 2.3.2 - Mend

@contrast/contrast 2.3.1 → 2.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/constants/constants.js +1 -1
package/dist/scaAnalysis/common/commonReportingFunctionsSca.js +12 -7
package/package.json +1 -1

package/dist/constants/constants.js CHANGED Viewed

@@ -17,7 +17,7 @@ export const HIGH = 'HIGH';
 export const CRITICAL = 'CRITICAL';
 // App
 export const APP_NAME = 'contrast';
-const APP_VERSION = '2.3.1';
+const APP_VERSION = '2.3.2';
 export const TIMEOUT = 120000;
 export const CRITICAL_PRIORITY = 1;
 export const HIGH_PRIORITY = 2;

package/dist/scaAnalysis/common/commonReportingFunctionsSca.js CHANGED Viewed

@@ -25,14 +25,19 @@ export const printFormattedOutputSca = (config, reportModelList, numberOfVulnera
     const report = new ReportList();
     for (const library of reportModelList) {
         const { artifactName, version, vulnerabilities, remediationAdvice } = library;
-        const highestSeverity = findHighestSeverityCVESca(vulnerabilities, config);
-        const severityCount = severityCountAllCVEsSca(vulnerabilities, new SeverityCountModel()).getTotal;
-        if (highestSeverity.priority === undefined) {
-            highestSeverity.priority = NOTE_PRIORITY;
-            logDebug(config, `Unknown severity for vulnerability ${artifactName}`);
+        if (vulnerabilities.length === 0) {
+            logDebug(config, `Unable to find vulnerability for ${artifactName} version ${version}`);
+        }
+        else {
+            const highestSeverity = findHighestSeverityCVESca(vulnerabilities, config);
+            const severityCount = severityCountAllCVEsSca(vulnerabilities, new SeverityCountModel()).getTotal;
+            if (highestSeverity.priority === undefined) {
+                highestSeverity.priority = NOTE_PRIORITY;
+                logDebug(config, `Unknown severity for vulnerability ${artifactName}`);
+            }
+            const newOutputModel = new ReportModelStructure(new ReportCompositeKey(artifactName, version, highestSeverity, severityCount), vulnerabilities, remediationAdvice);
+            report.reportOutputList.push(newOutputModel);
         }
-        const newOutputModel = new ReportModelStructure(new ReportCompositeKey(artifactName, version, highestSeverity, severityCount), vulnerabilities, remediationAdvice);
-        report.reportOutputList.push(newOutputModel);
     }
     const outputOrderedByLowestSeverityAndLowestNumOfCvesFirst = orderBy(report.reportOutputList, [
         reportListItem => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/contrast",
-  "version": "2.3.1",
+  "version": "2.3.2",
   "description": "Contrast Security's command line tool",
   "exports": "./dist/index.js",
   "type": "module",