@soos-io/api-client - npm Package Compare versions

Comparing version 0.2.0-pre.1 to 0.2.0-pre.2

dist/api/SOOSAnalysisApiClient.d.ts

 import FormData from "form-data";
-import { ManifestStatus, OutputFormat, PackageManagerType, ScanStatus, ScanType } from "../enums";
+import { IntegrationName, ManifestStatus, OutputFormat, PackageManagerType, ScanStatus, ScanType } from "../enums";
 import { ICodedMessageModel } from "../models";
@@ -20,3 +20,3 @@ interface ICreateScanRequestContributingDeveloperAudit {
     operatingEnvironment: string;
-    integrationName: string | null;
+    integrationName?: IntegrationName | null;
     scriptVersion: string | null;
@@ -23,0 +23,0 @@ appVersion: string | null;

dist/enums.d.ts

@@ -0,1 +1,25 @@
+export declare enum ContributingDevelopersVariableNames {
+    AWSCodeBuild = "CODEBUILD_BUILD_INITIATOR",
+    Bamboo = "bamboo_planRepository_1_username",
+    BitBucket = "BITBUCKET_STEP_TRIGGERER_UUID",
+    CircleCI = "CIRCLE_USERNAME",
+    CodeShip = "CI_COMMITTER_USERNAME",
+    GitHub = "GITHUB_ACTOR",
+    GitLab = "GITLAB_USER_LOGIN",
+    Jenkins = "CHANGE_AUTHOR",
+    TeamCity = "TEAMCITY_BUILD_TRIGGEREDBY_USERNAME",
+    TravisCI = "TRAVIS_COMMIT"
+}
+export declare enum IntegrationName {
+    AWSCodeBuild = "AWSCodeBuild",
+    Bamboo = "Bamboo",
+    BitBucket = "BitBucket",
+    CircleCI = "CircleCI",
+    CodeShip = "CodeShip",
+    GithubActions = "GitHub",
+    Gitlab = "GitLab",
+    Jenkins = "Jenkins",
+    TeamCity = "TeamCity",
+    Travis = "TravisCI"
+}
 export declare enum PackageManagerType {
@@ -2,0 +26,0 @@ Unknown = "Unknown",

dist/enums.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.OnFailure = exports.OutputFormat = exports.LogLevel = exports.ScanType = exports.ScanStatus = exports.ManifestStatus = exports.PackageManagerType = void 0;
+exports.OnFailure = exports.OutputFormat = exports.LogLevel = exports.ScanType = exports.ScanStatus = exports.ManifestStatus = exports.PackageManagerType = exports.IntegrationName = exports.ContributingDevelopersVariableNames = void 0;
+var ContributingDevelopersVariableNames;
+(function (ContributingDevelopersVariableNames) {
+    ContributingDevelopersVariableNames["AWSCodeBuild"] = "CODEBUILD_BUILD_INITIATOR";
+    ContributingDevelopersVariableNames["Bamboo"] = "bamboo_planRepository_1_username";
+    ContributingDevelopersVariableNames["BitBucket"] = "BITBUCKET_STEP_TRIGGERER_UUID";
+    ContributingDevelopersVariableNames["CircleCI"] = "CIRCLE_USERNAME";
+    ContributingDevelopersVariableNames["CodeShip"] = "CI_COMMITTER_USERNAME";
+    ContributingDevelopersVariableNames["GitHub"] = "GITHUB_ACTOR";
+    ContributingDevelopersVariableNames["GitLab"] = "GITLAB_USER_LOGIN";
+    ContributingDevelopersVariableNames["Jenkins"] = "CHANGE_AUTHOR";
+    ContributingDevelopersVariableNames["TeamCity"] = "TEAMCITY_BUILD_TRIGGEREDBY_USERNAME";
+    ContributingDevelopersVariableNames["TravisCI"] = "TRAVIS_COMMIT";
+})(ContributingDevelopersVariableNames || (exports.ContributingDevelopersVariableNames = ContributingDevelopersVariableNames = {}));
+var IntegrationName;
+(function (IntegrationName) {
+    IntegrationName["AWSCodeBuild"] = "AWSCodeBuild";
+    IntegrationName["Bamboo"] = "Bamboo";
+    IntegrationName["BitBucket"] = "BitBucket";
+    IntegrationName["CircleCI"] = "CircleCI";
+    IntegrationName["CodeShip"] = "CodeShip";
+    IntegrationName["GithubActions"] = "GitHub";
+    IntegrationName["Gitlab"] = "GitLab";
+    IntegrationName["Jenkins"] = "Jenkins";
+    IntegrationName["TeamCity"] = "TeamCity";
+    IntegrationName["Travis"] = "TravisCI";
+})(IntegrationName || (exports.IntegrationName = IntegrationName = {}));
 var PackageManagerType;
@@ -5,0 +31,0 @@ (function (PackageManagerType) {

dist/services/AnalysisService.d.ts

 import SOOSAnalysisApiClient, { ICreateScanRequestContributingDeveloperAudit, ICreateScanResponse } from "../api/SOOSAnalysisApiClient";
-import { OutputFormat, ScanStatus, ScanType } from "../enums";
+import { IntegrationName, OutputFormat, ScanStatus, ScanType } from "../enums";
 interface IRunOutputFormatParams {
@@ -14,2 +14,13 @@ clientId: string;
 }
+interface IStartScanParams {
+    clientId: string;
+    projectHash: string;
+    analysisId: string;
+    scanType: ScanType;
+    scanUrl: string;
+}
+interface IWaitForScanToFinishParams {
+    scanStatusUrl: string;
+    scanUrl: string;
+}
 interface ISetupScanParams {
@@ -25,3 +36,3 @@ clientId: string;
     operatingEnvironment: string;
-    integrationName: string;
+    integrationName?: IntegrationName;
     appVersion: string;
@@ -39,15 +50,12 @@ scriptVersion: string;
     }): Promise<ICreateScanResponse>;
-    startScan({ clientId, projectHash, analysisId, scanType, scanUrl, }: {
-        clientId: string;
-        projectHash: string;
-        analysisId: string;
-        scanType: ScanType;
-        scanUrl: string;
+    startScan({ args }: {
+        args: IStartScanParams;
     }): Promise<void>;
-    waitForScanToFinish({ scanStatusUrl, scanUrl, }: {
-        scanStatusUrl: string;
-        scanUrl: string;
+    waitForScanToFinish({ args }: {
+        args: IWaitForScanToFinishParams;
     }): Promise<ScanStatus>;
-    runOutputFormat({ clientId, projectHash, projectName, branchHash, scanType, analysisId, outputFormat, sourceCodePath, workingDirectory, }: IRunOutputFormatParams): Promise<void>;
+    runOutputFormat({ args }: {
+        args: IRunOutputFormatParams;
+    }): Promise<void>;
 }
 export default AnalysisService;

dist/services/AnalysisService.js

@@ -7,2 +7,3 @@ "use strict";
 const constants_1 = require("../constants");
+const enums_1 = require("../enums");
 const logging_1 = require("../logging");
@@ -25,2 +26,14 @@ const utilities_1 = require("../utilities");
             logging_1.soosLogger.info(`Branch Name: ${args.branchName}`);
+            if (args.integrationName) {
+                logging_1.soosLogger.info(`Integration Name: ${args.integrationName}`);
+                const envVariableName = enums_1.ContributingDevelopersVariableNames[args.integrationName];
+                const contributingDeveloper = process.env[envVariableName];
+                if (contributingDeveloper) {
+                    args.contributingDeveloperAudit.push({
+                        source: "EnvironmentVariable",
+                        sourceName: envVariableName,
+                        contributingDeveloperId: contributingDeveloper,
+                    });
+                }
+            }
             const result = yield this.analysisApiClient.createScan({
@@ -51,17 +64,17 @@ clientId: args.clientId,
     }
-    startScan({ clientId, projectHash, analysisId, scanType, scanUrl, }) {
+    startScan({ args }) {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
-            logging_1.soosLogger.info(`Starting ${scanType} Analysis scan`);
+            logging_1.soosLogger.info(`Starting ${args.scanType} Analysis scan`);
             yield this.analysisApiClient.startScan({
-                clientId: clientId,
-                projectHash: projectHash,
-                analysisId: analysisId,
+                clientId: args.clientId,
+                projectHash: args.projectHash,
+                analysisId: args.analysisId,
             });
-            logging_1.soosLogger.info(`Analysis scan started successfully, to see the results visit: ${scanUrl}`);
+            logging_1.soosLogger.info(`Analysis scan started successfully, to see the results visit: ${args.scanUrl}`);
         });
     }
-    waitForScanToFinish({ scanStatusUrl, scanUrl, }) {
+    waitForScanToFinish({ args }) {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
             const scanStatus = yield this.analysisApiClient.getScanStatus({
-                scanStatusUrl: scanStatusUrl,
+                scanStatusUrl: args.scanStatusUrl,
             });
@@ -71,3 +84,3 @@ if (!scanStatus.isComplete) {
                 yield (0, utilities_1.sleep)(constants_1.SOOS_CONSTANTS.Status.DelayTime);
-                return yield this.waitForScanToFinish({ scanStatusUrl, scanUrl });
+                return yield this.waitForScanToFinish({ args });
             }
@@ -88,3 +101,3 @@ if (scanStatus.errors.length > 0) {
             }
-            const resultMessage = `${statusMessage}. View the results at: ${scanUrl}`;
+            const resultMessage = `${statusMessage}. View the results at: ${args.scanUrl}`;
             logging_1.soosLogger.info(resultMessage);
@@ -94,20 +107,20 @@ return scanStatus.status;
     }
-    runOutputFormat({ clientId, projectHash, projectName, branchHash, scanType, analysisId, outputFormat, sourceCodePath, workingDirectory, }) {
+    runOutputFormat({ args }) {
         return tslib_1.__awaiter(this, void 0, void 0, function* () {
-            logging_1.soosLogger.info(`Generating ${outputFormat} report ${projectName}...`);
+            logging_1.soosLogger.info(`Generating ${args.outputFormat} report ${args.projectName}...`);
             const output = yield this.analysisApiClient.getFormattedScanResult({
-                clientId: clientId,
-                projectHash: projectHash,
-                branchHash: branchHash,
-                scanType: scanType,
-                scanId: analysisId,
-                outputFormat: outputFormat,
+                clientId: args.clientId,
+                projectHash: args.projectHash,
+                branchHash: args.branchHash,
+                scanType: args.scanType,
+                scanId: args.analysisId,
+                outputFormat: args.outputFormat,
             });
             if (output) {
-                logging_1.soosLogger.info(`${outputFormat} report generated successfully.`);
-                logging_1.soosLogger.info(`Output ('${outputFormat}' format):`);
+                logging_1.soosLogger.info(`${args.outputFormat} report generated successfully.`);
+                logging_1.soosLogger.info(`Output ('${args.outputFormat}' format):`);
                 logging_1.soosLogger.info(JSON.stringify(output, null, 2));
-                if (sourceCodePath) {
-                    logging_1.soosLogger.info(`Writing ${outputFormat} report to ${Path.join(sourceCodePath, constants_1.SOOS_CONSTANTS.Files.SarifOutput)}`);
-                    FileSystem.writeFile(`${workingDirectory}/${constants_1.SOOS_CONSTANTS.Files.SarifOutput}`, JSON.stringify(output, null, 2), (error) => {
+                if (args.sourceCodePath) {
+                    logging_1.soosLogger.info(`Writing ${args.outputFormat} report to ${Path.join(args.sourceCodePath, constants_1.SOOS_CONSTANTS.Files.SarifOutput)}`);
+                    FileSystem.writeFile(`${args.workingDirectory}/${constants_1.SOOS_CONSTANTS.Files.SarifOutput}`, JSON.stringify(output, null, 2), (error) => {
                         if (error) {
@@ -114,0 +127,0 @@ logging_1.soosLogger.error(error);

package.json

 {
   "name": "@soos-io/api-client",
-  "version": "0.2.0-pre.1",
+  "version": "0.2.0-pre.2",
   "description": "This is the SOOS API Client for registered clients leveraging the various integrations to the SOOS platform.",
@@ -5,0 +5,0 @@ "main": "dist/index.js",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

56379

increased by5.72%

Lines of code

1224

increased by6.16%

Worsened metrics

Number of low supply chain risk alerts

4

increased by33.33%

No dependency changes