npm - mobbdev - Versions diffs - 0.0.115 → 0.0.118 - Mend

mobbdev 0.0.115 → 0.0.118

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +40 -25
package/package.json +11 -11

package/dist/index.mjs CHANGED Viewed

@@ -593,9 +593,9 @@ function createWSClient(options) {
     webSocketImpl: options.websocket || WebSocket,
     connectionParams: () => {
       return {
-        headers: {
+        headers: options.type === "apiKey" ? {
           [API_KEY_HEADER_NAME]: options.apiKey
-        }
+        } : { authorization: `Bearer ${options.token}` }
       };
     }
   });
@@ -699,13 +699,14 @@ var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
 var GQLClient = class {
   constructor(args) {
     __publicField(this, "_client");
-    __publicField(this, "_apiKey");
     __publicField(this, "_clientSdk");
-    const { apiKey } = args;
-    this._apiKey = apiKey;
-    debug3(`init with apiKey ${apiKey}`);
+    __publicField(this, "_auth");
+    debug3(`init with  ${args}`);
+    this._auth = args;
     this._client = new GraphQLClient(API_URL, {
-      headers: { [API_KEY_HEADER_NAME]: apiKey || "" },
+      headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
+        Authorization: `Bearer ${args.token}`
+      },
       requestMiddleware: (request) => {
         const requestId = uuidv4();
         debug3(
@@ -805,10 +806,12 @@ var GQLClient = class {
     const filters = hunks.map((hunk) => {
       const filter = {
         path: { _eq: hunk.path },
-        _or: hunk.ranges.map(({ endLine, startLine }) => ({
-          startLine: { _gte: startLine, _lte: endLine },
-          endLine: { _gte: startLine, _lte: endLine }
-        }))
+        _or: hunk.ranges.flatMap(({ endLine, startLine }) => {
+          return [
+            { startLine: { _gte: startLine, _lte: endLine } },
+            { endLine: { _gte: startLine, _lte: endLine } }
+          ];
+        })
       };
       return filter;
     });
@@ -925,8 +928,13 @@ var GQLClient = class {
           resolve(data);
         }
       },
-      {
-        apiKey: this._apiKey,
+      this._auth.type === "apiKey" ? {
+        apiKey: this._auth.apiKey,
+        type: "apiKey",
+        timeoutInMs: params.timeoutInMs
+      } : {
+        token: this._auth.token,
+        type: "token",
         timeoutInMs: params.timeoutInMs
       }
     );
@@ -4336,7 +4344,7 @@ async function handleFinishedAnalysis({
 ${patch}
 \`\`\``;
     const fixPageLink = `[Learn more and fine tune the fix](${fixUrl})`;
-    await scm.updatePrComment(
+    return await scm.updatePrComment(
       {
         body: `${title}
 ${subTitle}
@@ -4444,6 +4452,9 @@ function endsWithAny(str, suffixes) {
     return str.endsWith(suffix);
   });
 }
+function _get_manifest_files_suffixes() {
+  return ["package.json"];
+}
 async function pack(srcDirPath, vulnFiles) {
   debug6("pack folder %s", srcDirPath);
   const filepaths = await globby("**", {
@@ -4457,6 +4468,7 @@ async function pack(srcDirPath, vulnFiles) {
   debug6("compressing files");
   for (const filepath of filepaths) {
     const absFilepath = path4.join(srcDirPath, filepath.toString());
+    vulnFiles = vulnFiles.concat(_get_manifest_files_suffixes());
     if (!endsWithAny(
       absFilepath.toString().replaceAll(path4.win32.sep, path4.posix.sep),
       vulnFiles
@@ -4821,7 +4833,7 @@ async function uploadFile({
 }
 // src/features/analysis/index.ts
-var { CliError: CliError2, Spinner: Spinner2, keypress: keypress2, getDirName: getDirName2 } = utils_exports;
+var { CliError: CliError2, Spinner: Spinner2, keypress: keypress2 } = utils_exports;
 var webLoginUrl = `${WEB_APP_URL}/cli-login`;
 async function downloadRepo({
   repoUrl,
@@ -4865,9 +4877,6 @@ var LOGIN_CHECK_DELAY = 5 * 1e3;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk4.bgBlue(
   "press any key to continue"
 )};`;
-var tmpObj = tmp2.dirSync({
-  unsafeCleanup: true
-});
 var getReportUrl = ({
   organizationId,
   projectId,
@@ -4875,7 +4884,7 @@ var getReportUrl = ({
 }) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
 var debug10 = Debug11("mobbdev:index");
 var packageJson = JSON.parse(
-  fs3.readFileSync(path6.join(getDirName2(), "../package.json"), "utf8")
+  fs3.readFileSync(path6.join(getDirName(), "../package.json"), "utf8")
 );
 if (!semver.satisfies(process.version, packageJson.engines.node)) {
   throw new CliError2(
@@ -4885,8 +4894,11 @@ if (!semver.satisfies(process.version, packageJson.engines.node)) {
 var config2 = new Configstore(packageJson.name, { apiToken: "" });
 debug10("config %o", config2);
 async function runAnalysis(params, options) {
+  const tmpObj = tmp2.dirSync({
+    unsafeCleanup: true
+  });
   try {
-    await _scan(
+    return await _scan(
       {
         ...params,
         dirname: tmpObj.name
@@ -4943,7 +4955,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
   const { createSpinner: createSpinner4 } = Spinner2({ ci });
   skipPrompts = skipPrompts || ci;
   let gqlClient = new GQLClient({
-    apiKey: apiKey || config2.get("apiToken")
+    apiKey: apiKey || config2.get("apiToken"),
+    type: "apiKey"
   });
   await handleMobbLogin();
   const { projectId, organizationId } = await gqlClient.getOrgAndProjectId(mobbProjectName);
@@ -5077,6 +5090,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
     text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Generating fixes..."
   });
   await askToOpenAnalysis();
+  return reportUploadInfo.fixReportId;
   async function getReport(scanner2) {
     const reportPath2 = path6.join(dirname, "report.json");
     switch (scanner2) {
@@ -5168,7 +5182,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
       });
       throw new CliError2();
     }
-    gqlClient = new GQLClient({ apiKey: newApiToken });
+    gqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
     if (await gqlClient.verifyToken()) {
       debug10("set api token %s", newApiToken);
       config2.set("apiToken", newApiToken);
@@ -5314,13 +5328,13 @@ async function _scan(params, { skipPrompts = false } = {}) {
       text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Generating fixes..."
     });
     await askToOpenAnalysis();
+    return reportUploadInfo.fixReportId;
   }
 }
 // src/commands/index.ts
 import chalkAnimation from "chalk-animation";
 import Configstore2 from "configstore";
-var { getDirName: getDirName3 } = utils_exports;
 async function review(params, { skipPrompts = true } = {}) {
   const {
     repo,
@@ -5378,13 +5392,14 @@ async function analyze({
   );
 }
 var packageJson2 = JSON.parse(
-  fs4.readFileSync(path7.join(getDirName3(), "../package.json"), "utf8")
+  fs4.readFileSync(path7.join(getDirName(), "../package.json"), "utf8")
 );
 var config3 = new Configstore2(packageJson2.name, { apiToken: "" });
 async function addScmToken(addScmTokenOptions) {
   const { apiKey, token, organization, scmType, url, username, refreshToken } = addScmTokenOptions;
   const gqlClient = new GQLClient({
-    apiKey: apiKey || config3.get("apiToken")
+    apiKey: apiKey || config3.get("apiToken"),
+    type: "apiKey"
   });
   if (!scmType) {
     throw new CliError(errorMessages.invalidScmType);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.115",
+  "version": "0.0.118",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",
@@ -43,11 +43,11 @@
     "dotenv": "16.4.5",
     "extract-zip": "2.0.1",
     "globby": "13.2.2",
-    "graphql": "16.8.1",
+    "graphql": "16.8.2",
     "graphql-request": "5.0.0",
     "graphql-tag": "2.12.6",
-    "graphql-ws": "5.14.3",
-    "inquirer": "9.2.7",
+    "graphql-ws": "5.16.0",
+    "inquirer": "9.2.23",
     "isomorphic-ws": "5.0.0",
     "istextorbinary": "6.0.0",
     "libsodium-wrappers": "0.7.13",
@@ -57,22 +57,22 @@
     "open": "8.4.2",
     "parse-diff": "0.11.1",
     "semver": "7.6.2",
-    "simple-git": "3.24.0",
+    "simple-git": "3.25.0",
     "snyk": "1.1118.0",
     "supports-color": "9.4.0",
     "tar": "6.2.1",
     "tmp": "0.2.3",
     "undici": "6.7.0",
-    "uuid": "9.0.1",
+    "uuid": "10.0.0",
     "ws": "8.10.0",
     "yargs": "17.7.2",
     "zod": "3.23.8"
   },
   "devDependencies": {
-    "@graphql-codegen/cli": "2.16.5",
-    "@graphql-codegen/typescript": "2.7.2",
+    "@graphql-codegen/cli": "3.3.1",
+    "@graphql-codegen/typescript": "3.0.4",
     "@graphql-codegen/typescript-graphql-request": "4.5.8",
-    "@graphql-codegen/typescript-operations": "2.5.5",
+    "@graphql-codegen/typescript-operations": "3.0.4",
     "@octokit/request-error": "3.0.3",
     "@octokit/types": "13.5.0",
     "@types/adm-zip": "0.5.0",
@@ -89,10 +89,10 @@
     "@typescript-eslint/eslint-plugin": "5.44.0",
     "@typescript-eslint/parser": "5.44.0",
     "eslint": "8.56.0",
-    "eslint-plugin-import": "2.27.5",
+    "eslint-plugin-import": "2.29.1",
     "eslint-plugin-prettier": "5.1.3",
     "eslint-plugin-simple-import-sort": "10.0.0",
-    "prettier": "3.3.1",
+    "prettier": "3.3.2",
     "tsup": "7.2.0",
     "typescript": "4.9.5",
     "vitest": "0.34.6"