npm - @contrast/contrast - Versions diffs - 3.0.0 → 3.1.0 - Mend

@contrast/contrast 3.0.0 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/dist/audit/auditRequests.js +2 -2
package/dist/auth/auth.js +8 -4
package/dist/common/autoDetection.js +1 -1
package/dist/constants/constants.js +1 -1
package/dist/github/projectGroup.js +1 -1
package/dist/index.js +3 -1
package/dist/scaAnalysis/dotnet/index.js +4 -0
package/dist/scaAnalysis/dotnet/scaServiceParser.js +17 -0
package/dist/scaAnalysis/scaAnalysis.js +4 -9
package/package.json +14 -14

package/dist/audit/auditRequests.js CHANGED Viewed

@@ -42,7 +42,7 @@ const retrieveProjectByOrganizationIdUrl = (config) => {
         ? baseUrl.concat(`?name=${config.name}`)
         : baseUrl.concat(`?name=${config.fileName}`);
     baseUrl = config.language
-        ? baseUrl.concat(`&language=${config.language}`)
+        ? baseUrl.concat(`&language=${config.language === 'DOTNET' ? 'DOT_NET' : config.language}`)
         : baseUrl;
     baseUrl = config.language ? baseUrl.concat(`&source=SCA`) : baseUrl;
     baseUrl = config.repo
@@ -54,7 +54,7 @@ export async function registerProjectGroup(config, requestBody) {
     const options = buildBaseRequestOptions(config, ErrorType.GENERIC);
     options.url = registerProjectGroupUrl(config);
     options.json = requestBody;
-    logDebug(config, 'registerProjectGroup');
+    logDebug(config, `registerProjectGroup ${options.json}`);
     logDebug(config, `url ${options.url}`);
     try {
         return await got.post(options);

package/dist/auth/auth.js CHANGED Viewed

@@ -2,7 +2,7 @@ import { v4 as uuidv4 } from 'uuid';
 import i18n from 'i18n';
 import { failSpinner, returnOra, startSpinner, succeedSpinner } from '../utils/oraWrapper.js';
 import { en_locales } from '../constants/locales.js';
-import { AUTH_UI_URL, TIMEOUT } from '../constants/constants.js';
+import { AUTH_UI_URL, CE_URL, TIMEOUT } from '../constants/constants.js';
 import { setConfigValues } from '../utils/getConfig.js';
 import commandLineUsage from 'command-line-usage';
 import { commonMessageFormatter } from '../common/errorHandling.js';
@@ -14,6 +14,10 @@ import { logDebug, logInfo } from '../common/logging.js';
 const messages = en_locales();
 export const processAuth = async (argv, config) => {
     const authParams = await getCommandLineArgsCustom(config, 'auth', argv, commandLineDefinitions.authOptionDefinitions);
+    if (authParams.host === CE_URL) {
+        logInfo(i18n.__('codeSecEoL'));
+        process.exit(0);
+    }
     if (authParams.help) {
         logInfo(authUsageGuide);
         process.exit(0);
@@ -76,9 +80,9 @@ const authUsageGuide = commandLineUsage([
     }
 ]);
 const checkForCustomCredentials = (authParams) => {
-    const hasSomeKeys = authParams.apiKey ||
-        authParams.organizationId ||
-        authParams.host ||
+    const hasSomeKeys = authParams.apiKey ??
+        authParams.organizationId ??
+        authParams.host ??
         authParams.authorization;
     const hasAllKeys = authParams.apiKey &&
         authParams.organizationId &&

package/dist/common/autoDetection.js CHANGED Viewed

@@ -54,7 +54,7 @@ export const detectPackageManager = array => {
             i['language'] = PYTHON;
             i['packageManager'] = 'PYPI';
         }
-        if (i.filePath && i.filePath.includes('csproj')) {
+        if (i.filePath && i.filePath.includes('packages-lock.json')) {
             i['language'] = DOTNET;
             i['packageManager'] = 'NUGET';
         }

package/dist/constants/constants.js CHANGED Viewed

@@ -17,7 +17,7 @@ export const HIGH = 'HIGH';
 export const CRITICAL = 'CRITICAL';
 // App
 export const APP_NAME = 'contrast';
-const APP_VERSION = '3.0.0';
+const APP_VERSION = '3.1.0';
 export const TIMEOUT = 120000;
 export const CRITICAL_PRIORITY = 1;
 export const HIGH_PRIORITY = 2;

package/dist/github/projectGroup.js CHANGED Viewed

@@ -74,7 +74,7 @@ export const createProject = (param, shortenedProjectName) => {
         path: param.fileName,
         name: param.repo ? shortenedProjectName : getProjectName(param),
         source: 'SCA',
-        language: param.language,
+        language: param.language === 'DOTNET' ? 'DOT_NET' : param.language,
         packageManager: param.packageManager,
         target: 'SCA',
         sourceId: ''

package/dist/index.js CHANGED Viewed

@@ -18,6 +18,7 @@ import { processSarif } from './sarif/generateSarif.js';
 import { logInfo } from './common/logging.js';
 import { generateYamlConfiguration } from './generateYaml/index.js';
 import i18n from 'i18n';
+import { exit } from 'process';
 const config = localConfig(APP_NAME, getAppVersion());
 const getMainOption = () => {
     const mainOptions = commandLineArgs(commandLineDefinitions.mainDefinition, {
@@ -25,7 +26,7 @@ const getMainOption = () => {
         camelCase: true,
         caseInsensitive: true
     });
-    const argv = mainOptions._unknown || [];
+    const argv = mainOptions._unknown ?? [];
     return {
         mainOptions,
         argv
@@ -62,6 +63,7 @@ const start = async () => {
             }
             if (config.get('host') === CE_URL) {
                 logInfo(i18n.__('codeSecEoL'));
+                exit(0);
             }
             if (command === 'lambda') {
                 return await processLambda(argvMain);

package/dist/scaAnalysis/dotnet/index.js CHANGED Viewed

@@ -1,6 +1,10 @@
 import { getDotNetDeps } from './analysis.js';
 import { createDotNetTSMessage } from '../common/formatMessage.js';
+import { parseDotNet } from './scaServiceParser.js';
 export const dotNetAnalysis = (config, languageFiles) => {
     const dotNetDeps = getDotNetDeps(config, languageFiles.DOTNET);
+    if (config.legacy === false) {
+        return parseDotNet(dotNetDeps);
+    }
     return createDotNetTSMessage(dotNetDeps);
 };

package/dist/scaAnalysis/dotnet/scaServiceParser.js ADDED Viewed

@@ -0,0 +1,17 @@
+export const parseDotNet = rawNode => {
+    let dependencyTree = {};
+    const dependencies = rawNode?.lockFile?.dependencies || {};
+    for (const [framework, frameworkDeps] of Object.entries(dependencies)) {
+        for (const [depName, depDetails] of Object.entries(frameworkDeps)) {
+            dependencyTree[depName] = {
+                group: depName,
+                name: `${depName}.dll`,
+                directDependency: 'true',
+                version: depDetails.resolved,
+                dependencies: Object.keys(depDetails.dependencies || []).map(key => `"${key}"`),
+                productionDependency: depDetails.type === 'Direct' || depDetails.type === 'Transitive'
+            };
+        }
+    }
+    return dependencyTree;
+};

package/dist/scaAnalysis/scaAnalysis.js CHANGED Viewed

@@ -71,15 +71,10 @@ export const processSca = async (config) => {
                 messageToSend = await determineFlow(config, filesFound, goAnalysis);
                 break;
             case DOTNET:
-                if (config.legacy === false) {
-                    logInfo(`${chalk.bold('\n.NET project found\n')} Language type is unsupported.`);
-                    return;
-                }
-                else {
-                    messageToSend = dotNetAnalysis(config, filesFound[0]);
-                    config.language = DOTNET;
-                    break;
-                }
+                config.language = DOTNET;
+                config.packageManager = 'NUGET';
+                messageToSend = dotNetAnalysis(config, filesFound[0]);
+                break;
             default:
                 //something is wrong
                 logInfo('No supported language detected in project path');

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@contrast/contrast",
-  "version": "3.0.0",
+  "version": "3.1.0",
   "description": "Contrast Security's command line tool",
   "exports": "./dist/index.js",
   "type": "module",
@@ -54,7 +54,7 @@
   },
   "dependencies": {
     "@aws-sdk/client-iam": "3.370.0",
-    "@aws-sdk/client-lambda": "3.370.0",
+    "@aws-sdk/client-lambda": "3.782.0",
     "@aws-sdk/config-resolver": "^3.374.0",
     "@aws-sdk/credential-provider-ini": "3.370.0",
     "@aws-sdk/middleware-signing": "3.370.0",
@@ -64,13 +64,13 @@
     "cli-table3": "0.6.3",
     "command-line-args": "5.2.1",
     "command-line-usage": "6.1.3",
-    "conf": "11.0.2",
-    "cross-spawn": "7.0.3",
+    "conf": "13.1.0",
+    "cross-spawn": "7.0.6",
     "fast-glob": "3.3.1",
-    "fast-xml-parser": "4.2.6",
+    "fast-xml-parser": "5.2.0",
     "form-data": "4.0.0",
     "g": "^2.0.1",
-    "got": "13.0.0",
+    "got": "14.4.7",
     "gradle-to-js": "2.0.1",
     "hpagent": "1.2.0",
     "i18n": "0.15.1",
@@ -88,7 +88,7 @@
     "yarn-lockfile": "1.1.1"
   },
   "devDependencies": {
-    "@babel/core": "7.21.8",
+    "@babel/core": "7.23.2",
     "@babel/preset-modules": "0.1.6",
     "@types/command-line-args": "5.2.0",
     "@types/command-line-usage": "5.0.2",
@@ -101,13 +101,13 @@
     "@typescript-eslint/parser": "5.62.0",
     "@vitest/coverage-v8": "0.34.3",
     "csv-writer": "1.6.0",
-    "dotenv": "16.3.1",
-    "esbuild": "0.18.16",
-    "eslint": "8.45.0",
-    "eslint-config-prettier": "8.8.0",
-    "eslint-plugin-prettier": "4.2.1",
+    "dotenv": "16.4.7",
+    "esbuild": "0.25.2",
+    "eslint": "9.24.0",
+    "eslint-config-prettier": "10.1.1",
+    "eslint-plugin-prettier": "5.2.6",
     "husky": "3.1.0",
-    "mocha": "10.2.0",
+    "mocha": "11.1.0",
     "nock": "13.3.2",
     "npm-license-crawler": "0.2.1",
     "prettier": "2.8.8",
@@ -116,7 +116,7 @@
     "ts-node": "^10.9.2",
     "typescript": "5.1.6",
     "uuid": "9.0.0",
-    "vitest": "1.4.0"
+    "vitest": "1.6.1"
   },
   "resolutions": {
     "faker": "5.5.3",