mobbdev 0.0.106 → 0.0.108

package/.env

@@ -1,7 +1,9 @@
-# production@v15
+# production@v17
 WEB_LOGIN_URL="https://app.mobb.ai/cli-login"
 API_URL="https://api.mobb.ai/v1/graphql"
 WEB_APP_URL="https://app.mobb.ai"
 GITLAB_API_TOKEN=""
 GITHUB_API_TOKEN=""
-ADO_TEST_ACCESS_TOKEN=""
+ADO_TEST_ACCESS_TOKEN=""
+HASURA_ACCESS_KEY=""
+LOCAL_GRAPHQL_ENDPOINT=""

package/dist/index.mjs

@@ -55,7 +55,9 @@ var SCANNERS = {
 var SupportedScannersZ = z.enum([SCANNERS.Checkmarx, SCANNERS.Snyk]);
 var envVariablesSchema = z.object({
   WEB_APP_URL: z.string(),
-  API_URL: z.string()
+  API_URL: z.string(),
+  HASURA_ACCESS_KEY: z.string(),
+  LOCAL_GRAPHQL_ENDPOINT: z.string()
 }).required();
 var envVariables = envVariablesSchema.parse(process.env);
 debug("config %o", envVariables);
@@ -90,6 +92,8 @@ var mobbAscii = `
 var PROJECT_DEFAULT_NAME = "My first project";
 var WEB_APP_URL = envVariables.WEB_APP_URL;
 var API_URL = envVariables.API_URL;
+var HASURA_ACCESS_KEY = envVariables.HASURA_ACCESS_KEY;
+var LOCAL_GRAPHQL_ENDPOINT = envVariables.LOCAL_GRAPHQL_ENDPOINT;
 var errorMessages = {
   missingCxProjectName: `project name ${chalk.bold(
     "(--cx-project-name)"
@@ -118,6 +122,328 @@ import os2 from "node:os";
 import path6 from "node:path";
 import { pipeline } from "node:stream/promises";
 
+// src/generates/client_generates.ts
+var MeDocument = `
+    query Me {
+  me {
+    id
+    email
+    scmConfigs {
+      id
+      orgId
+      refreshToken
+      scmType
+      scmUrl
+      scmUsername
+      token
+      tokenLastUpdate
+      userId
+      scmOrg
+      isTokenAvailable
+    }
+  }
+}
+    `;
+var GetOrgAndProjectIdDocument = `
+    query getOrgAndProjectId {
+  users: user {
+    userOrganizationsAndUserOrganizationRoles {
+      organization {
+        id
+        projects(order_by: {updatedAt: desc}) {
+          id
+          name
+        }
+      }
+    }
+  }
+}
+    `;
+var GetEncryptedApiTokenDocument = `
+    query GetEncryptedApiToken($loginId: uuid!) {
+  cli_login_by_pk(id: $loginId) {
+    encryptedApiToken
+  }
+}
+    `;
+var FixReportStateDocument = `
+    query FixReportState($id: uuid!) {
+  fixReport_by_pk(id: $id) {
+    state
+  }
+}
+    `;
+var GetVulnerabilityReportPathsDocument = `
+    query GetVulnerabilityReportPaths($vulnerabilityReportId: uuid!) {
+  vulnerability_report_path(
+    where: {vulnerabilityReportId: {_eq: $vulnerabilityReportId}}
+  ) {
+    path
+  }
+}
+    `;
+var GetAnalysisDocument = `
+    subscription getAnalysis($analysisId: uuid!) {
+  analysis: fixReport_by_pk(id: $analysisId) {
+    id
+    state
+  }
+}
+    `;
+var GetAnalsyisDocument = `
+    query getAnalsyis($analysisId: uuid!) {
+  analysis: fixReport_by_pk(id: $analysisId) {
+    id
+    state
+    repo {
+      commitSha
+      pullRequest
+    }
+    vulnerabilityReportId
+    vulnerabilityReport {
+      projectId
+      project {
+        organizationId
+      }
+      file {
+        signedFile {
+          url
+        }
+      }
+    }
+  }
+}
+    `;
+var GetFixesDocument = `
+    query getFixes($filters: fix_bool_exp!) {
+  fixes: fix(where: $filters) {
+    issueType
+    id
+    patchAndQuestions {
+      __typename
+      ... on FixData {
+        patch
+      }
+    }
+  }
+}
+    `;
+var GetVulByNodesMetadataDocument = `
+    query getVulByNodesMetadata($filters: [vulnerability_report_issue_code_node_bool_exp!], $vulnerabilityReportId: uuid!) {
+  vulnerabilityReportIssueCodeNodes: vulnerability_report_issue_code_node(
+    order_by: {index: desc}
+    where: {_or: $filters, vulnerabilityReportIssue: {fixId: {_is_null: false}, vulnerabilityReportId: {_eq: $vulnerabilityReportId}}}
+  ) {
+    vulnerabilityReportIssueId
+    path
+    startLine
+    vulnerabilityReportIssue {
+      issueType
+      fixId
+    }
+  }
+  fixablePrVuls: vulnerability_report_issue_aggregate(
+    where: {fixId: {_is_null: false}, vulnerabilityReportId: {_eq: $vulnerabilityReportId}, codeNodes: {_or: $filters}}
+  ) {
+    aggregate {
+      count
+    }
+  }
+  nonFixablePrVuls: vulnerability_report_issue_aggregate(
+    where: {fixId: {_is_null: true}, vulnerabilityReportId: {_eq: $vulnerabilityReportId}, codeNodes: {_or: $filters}}
+  ) {
+    aggregate {
+      count
+    }
+  }
+  totalScanVulnerabilities: vulnerability_report_issue_aggregate(
+    where: {vulnerabilityReportId: {_eq: $vulnerabilityReportId}}
+  ) {
+    aggregate {
+      count
+    }
+  }
+}
+    `;
+var UpdateScmTokenDocument = `
+    mutation updateScmToken($scmType: String!, $url: String!, $token: String!, $org: String, $username: String, $refreshToken: String) {
+  updateScmToken(
+    scmType: $scmType
+    url: $url
+    token: $token
+    org: $org
+    username: $username
+    refreshToken: $refreshToken
+  ) {
+    __typename
+    ... on ScmAccessTokenUpdateSuccess {
+      token
+    }
+    ... on InvalidScmTypeError {
+      status
+      error
+    }
+    ... on BadScmCredentials {
+      status
+      error
+    }
+  }
+}
+    `;
+var UploadS3BucketInfoDocument = `
+    mutation uploadS3BucketInfo($fileName: String!) {
+  uploadS3BucketInfo(fileName: $fileName) {
+    status
+    error
+    reportUploadInfo: uploadInfo {
+      url
+      fixReportId
+      uploadFieldsJSON
+      uploadKey
+    }
+    repoUploadInfo {
+      url
+      fixReportId
+      uploadFieldsJSON
+      uploadKey
+    }
+  }
+}
+    `;
+var DigestVulnerabilityReportDocument = `
+    mutation DigestVulnerabilityReport($vulnerabilityReportFileName: String!, $fixReportId: String!, $projectId: String!) {
+  digestVulnerabilityReport(
+    fixReportId: $fixReportId
+    vulnerabilityReportFileName: $vulnerabilityReportFileName
+    projectId: $projectId
+  ) {
+    __typename
+    ... on VulnerabilityReport {
+      vulnerabilityReportId
+      fixReportId
+    }
+    ... on RabbitSendError {
+      status
+      error
+    }
+    ... on ReportValidationError {
+      status
+      error
+    }
+    ... on ReferenceNotFoundError {
+      status
+      error
+    }
+  }
+}
+    `;
+var SubmitVulnerabilityReportDocument = `
+    mutation SubmitVulnerabilityReport($fixReportId: String!, $repoUrl: String!, $reference: String!, $projectId: String!, $sha: String, $experimentalEnabled: Boolean, $vulnerabilityReportFileName: String, $pullRequest: Int) {
+  submitVulnerabilityReport(
+    fixReportId: $fixReportId
+    repoUrl: $repoUrl
+    reference: $reference
+    sha: $sha
+    experimentalEnabled: $experimentalEnabled
+    pullRequest: $pullRequest
+    projectId: $projectId
+    vulnerabilityReportFileName: $vulnerabilityReportFileName
+  ) {
+    __typename
+    ... on VulnerabilityReport {
+      vulnerabilityReportId
+      fixReportId
+    }
+  }
+}
+    `;
+var CreateCommunityUserDocument = `
+    mutation CreateCommunityUser {
+  initOrganizationAndProject {
+    userId
+    projectId
+    organizationId
+  }
+}
+    `;
+var CreateCliLoginDocument = `
+    mutation CreateCliLogin($publicKey: String!) {
+  insert_cli_login_one(object: {publicKey: $publicKey}) {
+    id
+  }
+}
+    `;
+var PerformCliLoginDocument = `
+    mutation performCliLogin($loginId: String!) {
+  performCliLogin(loginId: $loginId) {
+    status
+  }
+}
+    `;
+var CreateProjectDocument = `
+    mutation CreateProject($organizationId: String!, $projectName: String!) {
+  createProject(organizationId: $organizationId, projectName: $projectName) {
+    projectId
+  }
+}
+    `;
+var defaultWrapper = (action, _operationName, _operationType) => action();
+function getSdk(client, withWrapper = defaultWrapper) {
+  return {
+    Me(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(MeDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "Me", "query");
+    },
+    getOrgAndProjectId(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetOrgAndProjectIdDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "getOrgAndProjectId", "query");
+    },
+    GetEncryptedApiToken(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetEncryptedApiTokenDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "GetEncryptedApiToken", "query");
+    },
+    FixReportState(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(FixReportStateDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "FixReportState", "query");
+    },
+    GetVulnerabilityReportPaths(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetVulnerabilityReportPathsDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "GetVulnerabilityReportPaths", "query");
+    },
+    getAnalysis(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetAnalysisDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "getAnalysis", "subscription");
+    },
+    getAnalsyis(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetAnalsyisDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "getAnalsyis", "query");
+    },
+    getFixes(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetFixesDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "getFixes", "query");
+    },
+    getVulByNodesMetadata(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(GetVulByNodesMetadataDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "getVulByNodesMetadata", "query");
+    },
+    updateScmToken(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(UpdateScmTokenDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "updateScmToken", "mutation");
+    },
+    uploadS3BucketInfo(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(UploadS3BucketInfoDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "uploadS3BucketInfo", "mutation");
+    },
+    DigestVulnerabilityReport(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(DigestVulnerabilityReportDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "DigestVulnerabilityReport", "mutation");
+    },
+    SubmitVulnerabilityReport(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(SubmitVulnerabilityReportDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "SubmitVulnerabilityReport", "mutation");
+    },
+    CreateCommunityUser(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(CreateCommunityUserDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "CreateCommunityUser", "mutation");
+    },
+    CreateCliLogin(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(CreateCliLoginDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "CreateCliLogin", "mutation");
+    },
+    performCliLogin(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(PerformCliLoginDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "performCliLogin", "mutation");
+    },
+    CreateProject(variables, requestHeaders) {
+      return withWrapper((wrappedRequestHeaders) => client.request(CreateProjectDocument, variables, { ...requestHeaders, ...wrappedRequestHeaders }), "CreateProject", "mutation");
+    }
+  };
+}
+
 // src/utils/index.ts
 var utils_exports = {};
 __export(utils_exports, {
@@ -250,322 +576,7 @@ import Debug3 from "debug";
 import { GraphQLClient } from "graphql-request";
 import { v4 as uuidv4 } from "uuid";
 
-// src/features/analysis/graphql/mutations.ts
-import { gql } from "graphql-request";
-var UPDATE_SCM_TOKEN = gql`
-  mutation updateScmToken(
-    $scmType: String!
-    $url: String!
-    $token: String!
-    $org: String
-    $username: String
-    $refreshToken: String
-  ) {
-    updateScmToken(
-      scmType: $scmType
-      url: $url
-      token: $token
-      org: $org
-      username: $username
-      refreshToken: $refreshToken
-    ) {
-      __typename
-      ... on ScmAccessTokenUpdateSuccess {
-        token
-      }
-      ... on InvalidScmTypeError {
-        status
-        error
-      }
-      ... on BadScmCredentials {
-        status
-        error
-      }
-    }
-  }
-`;
-var UPLOAD_S3_BUCKET_INFO = gql`
-  mutation uploadS3BucketInfo($fileName: String!) {
-    uploadS3BucketInfo(fileName: $fileName) {
-      status
-      error
-      reportUploadInfo: uploadInfo {
-        url
-        fixReportId
-        uploadFieldsJSON
-        uploadKey
-      }
-      repoUploadInfo {
-        url
-        fixReportId
-        uploadFieldsJSON
-        uploadKey
-      }
-    }
-  }
-`;
-var DIGEST_VULNERABILITY_REPORT = gql`
-  mutation DigestVulnerabilityReport(
-    $vulnerabilityReportFileName: String!
-    $fixReportId: String!
-    $projectId: String!
-  ) {
-    digestVulnerabilityReport(
-      fixReportId: $fixReportId
-      vulnerabilityReportFileName: $vulnerabilityReportFileName
-      projectId: $projectId
-    ) {
-      __typename
-      ... on VulnerabilityReport {
-        vulnerabilityReportId
-        fixReportId
-      }
-      ... on RabbitSendError {
-        status
-        error
-      }
-      ... on ReportValidationError {
-        status
-        error
-      }
-      ... on ReferenceNotFoundError {
-        status
-        error
-      }
-    }
-  }
-`;
-var SUBMIT_VULNERABILITY_REPORT = gql`
-  mutation SubmitVulnerabilityReport(
-    $fixReportId: String!
-    $repoUrl: String!
-    $reference: String!
-    $projectId: String!
-    $sha: String
-    $experimentalEnabled: Boolean
-    $vulnerabilityReportFileName: String
-    $pullRequest: Int
-  ) {
-    submitVulnerabilityReport(
-      fixReportId: $fixReportId
-      repoUrl: $repoUrl
-      reference: $reference
-      sha: $sha
-      experimentalEnabled: $experimentalEnabled
-      pullRequest: $pullRequest
-      projectId: $projectId
-      vulnerabilityReportFileName: $vulnerabilityReportFileName
-    ) {
-      __typename
-      ... on VulnerabilityReport {
-        vulnerabilityReportId
-        fixReportId
-      }
-    }
-  }
-`;
-var CREATE_COMMUNITY_USER = gql`
-  mutation CreateCommunityUser {
-    initOrganizationAndProject {
-      userId
-      projectId
-      organizationId
-    }
-  }
-`;
-var CREATE_CLI_LOGIN = gql`
-  mutation CreateCliLogin($publicKey: String!) {
-    insert_cli_login_one(object: { publicKey: $publicKey }) {
-      id
-    }
-  }
-`;
-var PERFORM_CLI_LOGIN = gql`
-  mutation performCliLogin($loginId: String!) {
-    performCliLogin(loginId: $loginId) {
-      status
-    }
-  }
-`;
-var CREATE_PROJECT = gql`
-  mutation CreateProject($organizationId: String!, $projectName: String!) {
-    createProject(organizationId: $organizationId, projectName: $projectName) {
-      projectId
-    }
-  }
-`;
-
-// src/features/analysis/graphql/queries.ts
-import { gql as gql2 } from "graphql-request";
-var ME = gql2`
-  query Me {
-    me {
-      id
-      email
-      scmConfigs {
-        id
-        orgId
-        refreshToken
-        scmType
-        scmUrl
-        scmUsername
-        token
-        tokenLastUpdate
-        userId
-        scmOrg
-        isTokenAvailable
-      }
-    }
-  }
-`;
-var GET_ORG_AND_PROJECT_ID = gql2`
-  query getOrgAndProjectId {
-    users: user {
-      userOrganizationsAndUserOrganizationRoles {
-        organization {
-          id
-          projects(order_by: { updatedAt: desc }) {
-            id
-            name
-          }
-        }
-      }
-    }
-  }
-`;
-var GET_ENCRYPTED_API_TOKEN = gql2`
-  query GetEncryptedApiToken($loginId: uuid!) {
-    cli_login_by_pk(id: $loginId) {
-      encryptedApiToken
-    }
-  }
-`;
-var GET_FIX_REPORT_STATE = gql2`
-  query FixReportState($id: uuid!) {
-    fixReport_by_pk(id: $id) {
-      state
-    }
-  }
-`;
-var GET_VULNERABILITY_REPORT_PATHS = gql2`
-  query GetVulnerabilityReportPaths($vulnerabilityReportId: uuid!) {
-    vulnerability_report_path(
-      where: { vulnerabilityReportId: { _eq: $vulnerabilityReportId } }
-    ) {
-      path
-    }
-  }
-`;
-var SUBSCRIBE_TO_ANALYSIS = gql2`
-  subscription getAnalysis($analysisId: uuid!) {
-    analysis: fixReport_by_pk(id: $analysisId) {
-      id
-      state
-    }
-  }
-`;
-var GET_ANALYSIS = gql2`
-  query getAnalsyis($analysisId: uuid!) {
-    analysis: fixReport_by_pk(id: $analysisId) {
-      id
-      state
-      repo {
-        commitSha
-        pullRequest
-      }
-      vulnerabilityReportId
-      vulnerabilityReport {
-        projectId
-        project {
-          organizationId
-        }
-        file {
-          signedFile {
-            url
-          }
-        }
-      }
-    }
-  }
-`;
-var GET_FIX = gql2`
-  query getFix($fixId: uuid!) {
-    fix_by_pk(id: $fixId) {
-      issueType
-      id
-      patchAndQuestions {
-        patch
-      }
-    }
-  }
-`;
-var GET_FIXES = gql2`
-  query getFixes($filters: fix_bool_exp!) {
-    fixes: fix(where: $filters) {
-      issueType
-      id
-      patchAndQuestions {
-        patch
-      }
-    }
-  }
-`;
-var GET_VUL_BY_NODES_METADATA = gql2`
-  query getVulByNodesMetadata(
-    $filters: [vulnerability_report_issue_code_node_bool_exp!]
-    $vulnerabilityReportId: uuid!
-  ) {
-    vulnerabilityReportIssueCodeNodes: vulnerability_report_issue_code_node(
-      order_by: { index: desc }
-      where: {
-        _or: $filters
-        vulnerabilityReportIssue: {
-          fixId: { _is_null: false }
-          vulnerabilityReportId: { _eq: $vulnerabilityReportId }
-        }
-      }
-    ) {
-      vulnerabilityReportIssueId
-      path
-      startLine
-      vulnerabilityReportIssue {
-        issueType
-        fixId
-      }
-    }
-    fixablePrVuls: vulnerability_report_issue_aggregate(
-      where: {
-        fixId: { _is_null: false }
-        vulnerabilityReportId: { _eq: $vulnerabilityReportId }
-        codeNodes: { _or: $filters }
-      }
-    ) {
-      aggregate {
-        count
-      }
-    }
-    nonFixablePrVuls: vulnerability_report_issue_aggregate(
-      where: {
-        fixId: { _is_null: true }
-        vulnerabilityReportId: { _eq: $vulnerabilityReportId }
-        codeNodes: { _or: $filters }
-      }
-    ) {
-      aggregate {
-        count
-      }
-    }
-    totalScanVulnerabilities: vulnerability_report_issue_aggregate(
-      where: { vulnerabilityReportId: { _eq: $vulnerabilityReportId } }
-    ) {
-      aggregate {
-        count
-      }
-    }
-  }
-`;
-
-// src/features/analysis/graphql/subscirbe.ts
+// src/features/analysis/graphql/subscribe.ts
 import { createClient } from "graphql-ws";
 import WebSocket from "ws";
 var SUBSCRIPTION_TIMEOUT_MS = 10 * 60 * 1e3;
@@ -647,150 +658,6 @@ function subscribe(query, variables, callback, wsClientOptions) {
 
 // src/features/analysis/graphql/types.ts
 import { z as z2 } from "zod";
-var UpdateScmTokenZ = z2.object({
-  updateScmToken: z2.object({
-    token: z2.string()
-  })
-});
-var UploadFieldsZ = z2.object({
-  bucket: z2.string(),
-  "X-Amz-Algorithm": z2.string(),
-  "X-Amz-Credential": z2.string(),
-  "X-Amz-Date": z2.string(),
-  Policy: z2.string(),
-  "X-Amz-Signature": z2.string()
-});
-var ReportUploadInfoZ = z2.object({
-  url: z2.string(),
-  fixReportId: z2.string(),
-  uploadFieldsJSON: z2.string().transform((str, ctx) => {
-    try {
-      return JSON.parse(str);
-    } catch (e) {
-      ctx.addIssue({ code: "custom", message: "Invalid JSON" });
-      return z2.NEVER;
-    }
-  }),
-  uploadKey: z2.string()
-}).transform(({ uploadFieldsJSON, ...input }) => ({
-  ...input,
-  uploadFields: uploadFieldsJSON
-}));
-var UploadS3BucketInfoZ = z2.object({
-  uploadS3BucketInfo: z2.object({
-    status: z2.string(),
-    error: z2.string().nullish(),
-    reportUploadInfo: ReportUploadInfoZ,
-    repoUploadInfo: ReportUploadInfoZ
-  })
-});
-var GetOrgAndProjectIdQueryZ = z2.object({
-  users: z2.array(
-    z2.object({
-      userOrganizationsAndUserOrganizationRoles: z2.array(
-        z2.object({
-          organization: z2.object({
-            id: z2.string(),
-            projects: z2.array(
-              z2.object({
-                id: z2.string(),
-                name: z2.string()
-              })
-            ).nonempty()
-          })
-        })
-      ).nonempty()
-    })
-  ).nonempty()
-});
-var CreateCliLoginZ = z2.object({
-  insert_cli_login_one: z2.object({
-    id: z2.string()
-  })
-});
-var GetEncryptedApiTokenZ = z2.object({
-  cli_login_by_pk: z2.object({
-    encryptedApiToken: z2.string().nullable()
-  })
-});
-var DigestVulnerabilityReportZ = z2.object({
-  digestVulnerabilityReport: z2.object({
-    vulnerabilityReportId: z2.string()
-  })
-});
-var AnalysisStateZ = z2.enum([
-  "Created",
-  "Deleted",
-  "Digested",
-  "Expired",
-  "Failed",
-  "Finished",
-  "Initialized",
-  "Requested"
-]);
-var GetFixReportZ = z2.object({
-  fixReport_by_pk: z2.object({
-    state: AnalysisStateZ
-  })
-});
-var GetFixReportSubscriptionZ = z2.object({
-  analysis: z2.object({
-    id: z2.string(),
-    state: AnalysisStateZ
-  })
-});
-var GetVulnerabilityReportPathsZ = z2.object({
-  vulnerability_report_path: z2.array(
-    z2.object({
-      path: z2.string()
-    })
-  )
-});
-var CreateUpdateFixReportMutationZ = z2.object({
-  submitVulnerabilityReport: z2.object({
-    __typename: z2.literal("VulnerabilityReport"),
-    vulnerabilityReportId: z2.string(),
-    fixReportId: z2.string()
-  })
-});
-var CreateProjectMutationZ = z2.object({
-  createProject: z2.object({
-    projectId: z2.string()
-  })
-});
-var GetAnalysisQueryZ = z2.object({
-  analysis: z2.object({
-    id: z2.string(),
-    state: z2.string(),
-    repo: z2.object({
-      commitSha: z2.string(),
-      pullRequest: z2.number()
-    }),
-    vulnerabilityReportId: z2.string(),
-    vulnerabilityReport: z2.object({
-      projectId: z2.string(),
-      project: z2.object({
-        organizationId: z2.string()
-      }),
-      file: z2.object({
-        signedFile: z2.object({
-          url: z2.string()
-        })
-      })
-    })
-  })
-});
-var FixDataZ = z2.object({
-  issueType: z2.string(),
-  id: z2.string(),
-  patchAndQuestions: z2.object({
-    patch: z2.string()
-  })
-});
-var GetFixQueryZ = z2.object({
-  fix_by_pk: FixDataZ
-});
-var GetFixesQueryZ = z2.object({ fixes: z2.array(FixDataZ) });
 var VulnerabilityReportIssueCodeNodeZ = z2.object({
   vulnerabilityReportIssueId: z2.string(),
   path: z2.string(),
@@ -826,6 +693,7 @@ var GQLClient = class {
   constructor(args) {
     __publicField(this, "_client");
     __publicField(this, "_apiKey");
+    __publicField(this, "_clientSdk");
     const { apiKey } = args;
     this._apiKey = apiKey;
     debug3(`init with apiKey ${apiKey}`);
@@ -845,23 +713,18 @@ var GQLClient = class {
         };
       }
     });
+    this._clientSdk = getSdk(this._client);
   }
   async getUserInfo() {
-    const { me } = await this._client.request(ME);
+    const { me } = await this._clientSdk.Me();
     return me;
   }
   async createCliLogin(variables) {
-    const res = CreateCliLoginZ.parse(
-      await this._client.request(
-        CREATE_CLI_LOGIN,
-        variables,
-        {
-          // We may have outdated API key in the config storage. Avoid using it for the login request.
-          [API_KEY_HEADER_NAME]: ""
-        }
-      )
-    );
-    return res.insert_cli_login_one.id;
+    const res = await this._clientSdk.CreateCliLogin(variables, {
+      // We may have outdated API key in the config storage. Avoid using it for the login request.
+      [API_KEY_HEADER_NAME]: ""
+    });
+    return res.insert_cli_login_one?.id || "";
   }
   async verifyToken() {
     await this.createCommunityUser();
@@ -874,23 +737,21 @@ var GQLClient = class {
     return true;
   }
   async getOrgAndProjectId(projectName) {
-    const getOrgAndProjectIdResult = await this._client.request(
-      GET_ORG_AND_PROJECT_ID
-    );
-    const [user] = GetOrgAndProjectIdQueryZ.parse(
-      getOrgAndProjectIdResult
-    ).users;
-    const org = user.userOrganizationsAndUserOrganizationRoles[0].organization;
-    const project = projectName ? org.projects.find((project2) => project2.name === projectName) ?? null : org.projects[0];
+    const getOrgAndProjectIdResult = await this._clientSdk.getOrgAndProjectId();
+    const org = getOrgAndProjectIdResult?.users?.at(0)?.userOrganizationsAndUserOrganizationRoles?.at(0)?.organization;
+    if (!org?.id) {
+      throw new Error("Organization not found");
+    }
+    const project = projectName ? org?.projects.find((project2) => project2.name === projectName) ?? null : org?.projects[0];
+    if (!project?.id) {
+      throw new Error("Project not found");
+    }
     let projectId = project?.id;
     if (!projectId) {
-      const createdProject = await this._client.request(
-        CREATE_PROJECT,
-        {
-          organizationId: org.id,
-          projectName: projectName || "My project"
-        }
-      );
+      const createdProject = await this._clientSdk.CreateProject({
+        organizationId: org.id,
+        projectName: projectName || "My project"
+      });
       projectId = createdProject.createProject.projectId;
     }
     return {
@@ -899,26 +760,22 @@ var GQLClient = class {
     };
   }
   async getEncryptedApiToken(variables) {
-    const res = await this._client.request(
-      GET_ENCRYPTED_API_TOKEN,
-      variables,
-      {
-        // We may have outdated API key in the config storage. Avoid using it for the login request.
-        [API_KEY_HEADER_NAME]: ""
-      }
-    );
-    return GetEncryptedApiTokenZ.parse(res).cli_login_by_pk.encryptedApiToken;
+    const res = await this._clientSdk.GetEncryptedApiToken(variables, {
+      // We may have outdated API key in the config storage. Avoid using it for the login request.
+      [API_KEY_HEADER_NAME]: ""
+    });
+    return res?.cli_login_by_pk?.encryptedApiToken || null;
   }
   async createCommunityUser() {
     try {
-      await this._client.request(CREATE_COMMUNITY_USER);
+      await this._clientSdk.CreateCommunityUser();
     } catch (e) {
       debug3("create community user failed %o", e);
     }
   }
   async updateScmToken(args) {
     const { scmType, url, token, org, username, refreshToken } = args;
-    const updateScmTokenResult = await this._client.request(UPDATE_SCM_TOKEN, {
+    const updateScmTokenResult = await this._clientSdk.updateScmToken({
       scmType,
       url,
       token,
@@ -926,13 +783,13 @@ var GQLClient = class {
       username,
       refreshToken
     });
-    return UpdateScmTokenZ.parse(updateScmTokenResult);
+    return updateScmTokenResult;
   }
   async uploadS3BucketInfo() {
-    const uploadS3BucketInfoResult = await this._client.request(UPLOAD_S3_BUCKET_INFO, {
+    const uploadS3BucketInfoResult = await this._clientSdk.uploadS3BucketInfo({
       fileName: "report.json"
     });
-    return UploadS3BucketInfoZ.parse(uploadS3BucketInfoResult);
+    return uploadS3BucketInfoResult;
   }
   async getVulByNodesMetadata({
     hunks,
@@ -948,7 +805,7 @@ var GQLClient = class {
       };
       return filter;
     });
-    const getVulByNodesMetadataRes = await this._client.request(GET_VUL_BY_NODES_METADATA, {
+    const getVulByNodesMetadataRes = await this._clientSdk.getVulByNodesMetadata({
       filters: { _or: filters },
       vulnerabilityReportId
     });
@@ -984,15 +841,15 @@ var GQLClient = class {
     fixReportId,
     projectId
   }) {
-    const res = await this._client.request(
-      DIGEST_VULNERABILITY_REPORT,
-      {
-        fixReportId,
-        vulnerabilityReportFileName: "report.json",
-        projectId
-      }
-    );
-    return DigestVulnerabilityReportZ.parse(res).digestVulnerabilityReport;
+    const res = await this._clientSdk.DigestVulnerabilityReport({
+      fixReportId,
+      vulnerabilityReportFileName: "report.json",
+      projectId
+    });
+    if (res.digestVulnerabilityReport.__typename !== "VulnerabilityReport") {
+      throw new Error("Digesting vulnerability report failed");
+    }
+    return res.digestVulnerabilityReport;
   }
   async submitVulnerabilityReport(params) {
     const {
@@ -1005,7 +862,7 @@ var GQLClient = class {
       vulnerabilityReportFileName,
       pullRequest
     } = params;
-    const res = await this._client.request(SUBMIT_VULNERABILITY_REPORT, {
+    const res = await this._clientSdk.SubmitVulnerabilityReport({
       fixReportId,
       repoUrl,
       reference,
@@ -1015,21 +872,21 @@ var GQLClient = class {
       sha: sha || "",
       experimentalEnabled
     });
-    return CreateUpdateFixReportMutationZ.parse(res);
+    return res;
   }
   async getFixReportState(fixReportId) {
-    const res = await this._client.request(
-      GET_FIX_REPORT_STATE,
-      { id: fixReportId }
-    );
-    return GetFixReportZ.parse(res).fixReport_by_pk.state;
+    const res = await this._clientSdk.FixReportState({ id: fixReportId });
+    return res?.fixReport_by_pk?.state || "Created" /* Created */;
   }
   async waitFixReportInit(fixReportId, includeDigested = false) {
-    const FINAL_STATES = ["Finished", "Failed"];
-    let lastState = "Created";
+    const FINAL_STATES = [
+      "Finished" /* Finished */,
+      "Failed" /* Failed */
+    ];
+    let lastState = "Created" /* Created */;
     let attempts = 100;
     if (includeDigested) {
-      FINAL_STATES.push("Digested");
+      FINAL_STATES.push("Digested" /* Digested */);
     }
     do {
       await sleep(REPORT_STATE_CHECK_DELAY);
@@ -1041,23 +898,20 @@ var GQLClient = class {
     return lastState;
   }
   async getVulnerabilityReportPaths(vulnerabilityReportId) {
-    const res = await this._client.request(
-      GET_VULNERABILITY_REPORT_PATHS,
-      { vulnerabilityReportId }
-    );
-    return GetVulnerabilityReportPathsZ.parse(
-      res
-    ).vulnerability_report_path.map((p) => p.path);
+    const res = await this._clientSdk.GetVulnerabilityReportPaths({
+      vulnerabilityReportId
+    });
+    return res.vulnerability_report_path.map((p) => p.path);
   }
   async subscribeToAnalysis(params) {
     const { callbackStates } = params;
     return subscribe(
-      SUBSCRIBE_TO_ANALYSIS,
+      GetAnalysisDocument,
       params.subscribeToAnalysisParams,
       async (resolve, reject, data) => {
-        if (data.analysis.state === "Failed") {
+        if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
           reject(data);
-          throw new Error(`Analysis failed with id: ${data.analysis.id}`);
+          throw new Error(`Analysis failed with id: ${data.analysis?.id}`);
         }
         if (callbackStates.includes(data.analysis?.state)) {
           await params.callback(data.analysis.id);
@@ -1071,28 +925,19 @@ var GQLClient = class {
     );
   }
   async getAnalysis(analysisId) {
-    const res = await this._client.request(GET_ANALYSIS, {
+    const res = await this._clientSdk.getAnalsyis({
       analysisId
     });
-    return GetAnalysisQueryZ.parse(res);
-  }
-  async getFix(fixId) {
-    const res = await this._client.request(
-      GET_FIX,
-      {
-        fixId
-      }
-    );
-    return GetFixQueryZ.parse(res);
+    if (!res.analysis) {
+      throw new Error(`Analysis not found: ${analysisId}`);
+    }
+    return res.analysis;
   }
   async getFixes(fixIds) {
-    const res = await this._client.request(
-      GET_FIXES,
-      {
-        filters: { id: { _in: fixIds } }
-      }
-    );
-    return GetFixesQueryZ.parse(res);
+    const res = await this._clientSdk.getFixes({
+      filters: { id: { _in: fixIds } }
+    });
+    return res;
   }
 };
 
@@ -3596,6 +3441,8 @@ var getIssueType = (issueType) => {
       return "XSS";
     case "PT" /* Pt */:
       return "Path Traversal";
+    case "ZIP_SLIP" /* ZipSlip */:
+      return "Zip Slip";
     case "INSECURE_RANDOMNESS" /* InsecureRandomness */:
       return "Insecure Randomness";
     case "SSRF" /* Ssrf */:
@@ -3738,25 +3585,28 @@ async function sendReport({
   gqlClient
 }) {
   try {
-    const sumbitRes = await gqlClient.submitVulnerabilityReport(
+    const submitRes = await gqlClient.submitVulnerabilityReport(
       submitVulnerabilityReportVariables
     );
-    if (sumbitRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
-      debug4("error submit vul report %s", sumbitRes);
+    if (submitRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
+      debug4("error submit vul report %s", submitRes);
       throw new Error("\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed");
     }
     spinner.update({ text: progressMassages.processingVulnerabilityReport });
     await gqlClient.subscribeToAnalysis({
       subscribeToAnalysisParams: {
-        analysisId: sumbitRes.submitVulnerabilityReport.fixReportId
+        analysisId: submitRes.submitVulnerabilityReport.fixReportId
       },
       callback: () => spinner.update({
-        text: "\u2699\uFE0F Vulnerability report proccessed successfuly"
+        text: "\u2699\uFE0F Vulnerability report processed successfully"
       }),
-      callbackStates: ["Digested", "Finished"],
+      callbackStates: [
+        "Digested" /* Digested */,
+        "Finished" /* Finished */
+      ],
       timeoutInMs: VUL_REPORT_DIGEST_TIMEOUT_MS
     });
-    return sumbitRes;
+    return submitRes;
   } catch (e) {
     spinner.error({ text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed" });
     throw e;
@@ -3822,7 +3672,7 @@ function buildAnalysisSummaryComment(params) {
         if (!fix) {
           throw new Error(`fix ${vulnerabilityReportIssue.fixId} not found`);
         }
-        const issueType = getIssueType(fix.issueType);
+        const issueType = getIssueType(fix.issueType ?? null);
         const vulnerabilityReportIssueCount = (result[issueType] || 0) + 1;
         return {
           ...result,
@@ -3853,13 +3703,16 @@ async function handleFinishedAnalysis({
       projectId,
       project: { organizationId }
     }
-  } = getAnalysis.analysis;
-  const { commitSha, pullRequest } = getAnalysis.analysis.repo;
+  } = getAnalysis;
+  if (!getAnalysis.repo || !getAnalysis.repo.commitSha || !getAnalysis.repo.pullRequest) {
+    throw new Error("repo not found");
+  }
+  const { commitSha, pullRequest } = getAnalysis.repo;
   const diff = await scm.getPrDiff({ pull_number: pullRequest });
   const prVulenrabilities = await getRelevantVulenrabilitiesFromDiff({
     diff,
     gqlClient,
-    vulnerabilityReportId: getAnalysis.analysis.vulnerabilityReportId
+    vulnerabilityReportId: getAnalysis.vulnerabilityReportId
   });
   const { vulnerabilityReportIssueCodeNodes } = prVulenrabilities;
   const fixesId = vulnerabilityReportIssueCodeNodes.map(
@@ -3933,7 +3786,7 @@ async function handleFinishedAnalysis({
       vulnerabilityReportIssue: { fixId }
     } = vulnerabilityReportIssueCodeNode;
     const fix = fixesById[fixId];
-    if (!fix) {
+    if (!fix || fix.patchAndQuestions.__typename !== "FixData") {
       throw new Error(`fix ${fixId} not found`);
     }
     const {
@@ -3969,7 +3822,7 @@ async function handleFinishedAnalysis({
       commentId
     });
     const scanerString = scannerToFriendlyString(scanner);
-    const issueType = getIssueType(fix.issueType);
+    const issueType = getIssueType(fix.issueType ?? null);
     const title = `# ${MobbIconMarkdown} ${issueType} fix is ready`;
     const subTitle = `### Apply the following code change to fix ${issueType} issue detected by **${scanerString}**:`;
     const diff2 = `\`\`\`diff
@@ -4592,6 +4445,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
   const {
     uploadS3BucketInfo: { repoUploadInfo, reportUploadInfo }
   } = await gqlClient.uploadS3BucketInfo();
+  if (!reportUploadInfo || !repoUploadInfo) {
+    throw new Error("uploadS3BucketInfo is null");
+  }
   let reportPath = scanFile;
   if (srcPath) {
     return await uploadExistingRepo();
@@ -4600,9 +4456,15 @@ async function _scan(params, { skipPrompts = false } = {}) {
     throw new Error("repo is required in case srcPath is not provided");
   }
   const userInfo = await gqlClient.getUserInfo();
+  const scmConfigs = [];
+  for (const scmConfig of userInfo?.scmConfigs || []) {
+    if (scmConfig?.__typename === "ScmConfig") {
+      scmConfigs.push(scmConfig);
+    }
+  }
   const tokenInfo = getScmConfig({
     url: repo,
-    scmConfigs: userInfo.scmConfigs,
+    scmConfigs,
     includeOrgTokens: false
   });
   const isRepoAvailable = await scmCanReachRepo({
@@ -4665,7 +4527,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
     await uploadFile({
       file: reportPath,
       url: reportUploadInfo.url,
-      uploadFields: reportUploadInfo.uploadFields,
+      uploadFields: JSON.parse(reportUploadInfo.uploadFieldsJSON),
       uploadKey: reportUploadInfo.uploadKey
     });
   } catch (e) {
@@ -4688,6 +4550,10 @@ async function _scan(params, { skipPrompts = false } = {}) {
       pullRequest: params.pullRequest
     }
   });
+  if (sendReportRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
+    mobbSpinner.error({ text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed" });
+    throw new Error("\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed");
+  }
   if (command === "review") {
     await gqlClient.subscribeToAnalysis({
       subscribeToAnalysisParams: {
@@ -4700,7 +4566,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
         githubActionToken: z11.string().parse(githubActionToken),
         scanner: z11.nativeEnum(SCANNERS).parse(scanner)
       }),
-      callbackStates: ["Finished"]
+      callbackStates: ["Finished" /* Finished */]
     });
   }
   mobbSpinner.success({
@@ -4731,6 +4597,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
     return reportPath2;
   }
   async function askToOpenAnalysis() {
+    if (!repoUploadInfo || !reportUploadInfo) {
+      throw new Error("uploadS3BucketInfo is null");
+    }
     const reportUrl = getReportUrl({
       organizationId,
       projectId,
@@ -4824,9 +4693,15 @@ async function _scan(params, { skipPrompts = false } = {}) {
     await open2(scmAuthUrl2);
     for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
       const userInfo2 = await gqlClient.getUserInfo();
+      const scmConfigs2 = [];
+      for (const scmConfig of userInfo2?.scmConfigs || []) {
+        if (scmConfig?.__typename === "ScmConfig") {
+          scmConfigs2.push(scmConfig);
+        }
+      }
       const tokenInfo2 = getScmConfig({
         url: repoUrl,
-        scmConfigs: userInfo2.scmConfigs,
+        scmConfigs: scmConfigs2,
         includeOrgTokens: false
       });
       if (tokenInfo2.accessToken && tokenInfo2.accessToken !== oldToken) {
@@ -4842,6 +4717,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
     throw new CliError2(`${scmName} login timeout`);
   }
   async function uploadExistingRepo() {
+    if (!repoUploadInfo || !reportUploadInfo) {
+      throw new Error("uploadS3BucketInfo is null");
+    }
     if (!srcPath || !reportPath) {
       throw new Error("src path and reportPath is required");
     }
@@ -4850,7 +4728,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
       await uploadFile({
         file: reportPath,
         url: reportUploadInfo.url,
-        uploadFields: reportUploadInfo.uploadFields,
+        uploadFields: JSON.parse(reportUploadInfo.uploadFieldsJSON),
         uploadKey: reportUploadInfo.uploadKey
       });
     } catch (e) {
@@ -4878,7 +4756,10 @@ async function _scan(params, { skipPrompts = false } = {}) {
           callback: () => digestSpinner.update({
             text: progressMassages.processingVulnerabilityReportSuccess
           }),
-          callbackStates: ["Digested", "Finished"],
+          callbackStates: [
+            "Digested" /* Digested */,
+            "Finished" /* Finished */
+          ],
           timeoutInMs: VUL_REPORT_DIGEST_TIMEOUT_MS
         });
       } catch (e) {
@@ -4902,7 +4783,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
       await uploadFile({
         file: zipBuffer,
         url: repoUploadInfo.url,
-        uploadFields: repoUploadInfo.uploadFields,
+        uploadFields: JSON.parse(repoUploadInfo.uploadFieldsJSON),
         uploadKey: repoUploadInfo.uploadKey
       });
     } catch (e) {

package/package.json

@@ -1,11 +1,12 @@
 {
   "name": "mobbdev",
-  "version": "0.0.106",
+  "version": "0.0.108",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",
   "module": "dist/index.js",
   "scripts": {
+    "env": "dotenv -e ./.env",
     "postinstall": "node ./src/post_install/cx_install.mjs",
     "build": "tsc && tsup-node --env.NODE_ENV production",
     "build:dev": "tsup-node --env.NODE_ENV development",
@@ -14,7 +15,8 @@
     "lint": "eslint --cache --max-warnings 0 --ignore-path .eslintignore --ext .ts,.tsx,.jsx .",
     "lint:fix": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx .",
     "lint:fix:files": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx",
-    "prepack": "dotenv-vault pull production .env && pnpm build"
+    "prepack": "dotenv-vault pull production .env && pnpm build",
+    "generate": "pnpm run env -- graphql-codegen -r dotenv/config --config client_codegen.ts"
   },
   "bin": {
     "mobbdev": "bin/cli.mjs"
@@ -42,6 +44,7 @@
     "globby": "13.2.2",
     "graphql": "16.8.1",
     "graphql-request": "5.0.0",
+    "graphql-tag": "2.12.6",
     "graphql-ws": "5.14.3",
     "inquirer": "9.2.7",
     "isomorphic-ws": "5.0.0",
@@ -65,6 +68,10 @@
     "zod": "3.23.7"
   },
   "devDependencies": {
+    "@graphql-codegen/cli": "2.16.5",
+    "@graphql-codegen/typescript": "2.7.2",
+    "@graphql-codegen/typescript-graphql-request": "4.5.8",
+    "@graphql-codegen/typescript-operations": "2.5.5",
     "@octokit/request-error": "3.0.3",
     "@octokit/types": "13.5.0",
     "@types/adm-zip": "0.5.0",
@@ -93,8 +100,8 @@
     "node": ">=12.20.0"
   },
   "files": [
-    "bin",
-    "dist",
+    "bin/cli.mjs",
+    "dist/index.mjs",
     ".env",
     "src/post_install"
   ]