npm - mobbdev - Versions diffs - 0.0.141 → 0.0.142 - Mend

mobbdev 0.0.141 → 0.0.142

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +44 -17
package/package.json +6 -6

package/dist/index.mjs CHANGED Viewed

@@ -146,15 +146,17 @@ var MeDocument = `
 }
     `;
 var GetOrgAndProjectIdDocument = `
-    query getOrgAndProjectId {
-  users: user {
-    userOrganizationsAndUserOrganizationRoles {
-      organization {
+    query getOrgAndProjectId($filters: organization_to_organization_role_bool_exp, $limit: Int) {
+  organization_to_organization_role(
+    where: $filters
+    order_by: {organization: {createdOn: desc}}
+    limit: $limit
+  ) {
+    organization {
+      id
+      projects(order_by: {updatedAt: desc}) {
         id
-        projects(order_by: {updatedAt: desc}) {
-          id
-          name
-        }
+        name
       }
     }
   }
@@ -4302,12 +4304,17 @@ var GQLClient = class {
     }
     return true;
   }
-  async getOrgAndProjectId(projectName) {
-    const getOrgAndProjectIdResult = await this._clientSdk.getOrgAndProjectId();
-    const org = getOrgAndProjectIdResult?.users?.at(0)?.userOrganizationsAndUserOrganizationRoles?.at(0)?.organization;
-    if (!org?.id) {
+  async getOrgAndProjectId(params = {}) {
+    const { projectName, userDefinedOrganizationId } = params;
+    const getOrgAndProjectIdResult = await this._clientSdk.getOrgAndProjectId({
+      filters: userDefinedOrganizationId ? { organizationId: { _eq: userDefinedOrganizationId } } : {},
+      limit: 1
+    });
+    const [organizationToOrganizationRole] = getOrgAndProjectIdResult.organization_to_organization_role;
+    if (!organizationToOrganizationRole) {
       throw new Error("Organization not found");
     }
+    const { organization: org } = organizationToOrganizationRole;
     const project = projectName ? org?.projects.find((project2) => project2.name === projectName) ?? null : org?.projects[0];
     if (!project?.id) {
       throw new Error("Project not found");
@@ -5033,7 +5040,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
     cxProjectName,
     mobbProjectName,
     githubToken: githubActionToken,
-    command
+    command,
+    organizationId: userOrganizationId
   } = params;
   debug11("start %s %s", dirname, repo);
   const { createSpinner: createSpinner4 } = Spinner2({ ci });
@@ -5043,7 +5051,10 @@ async function _scan(params, { skipPrompts = false } = {}) {
     type: "apiKey"
   });
   await handleMobbLogin();
-  const { projectId, organizationId } = await gqlClient.getOrgAndProjectId(mobbProjectName);
+  const { projectId, organizationId } = await gqlClient.getOrgAndProjectId({
+    projectName: mobbProjectName,
+    userDefinedOrganizationId: userOrganizationId
+  });
   const {
     uploadS3BucketInfo: { repoUploadInfo, reportUploadInfo }
   } = await gqlClient.uploadS3BucketInfo();
@@ -5474,7 +5485,8 @@ async function analyze({
   ci,
   commitHash,
   srcPath,
-  mobbProjectName
+  mobbProjectName,
+  organizationId
 }, { skipPrompts = false } = {}) {
   !ci && await showWelcomeMessage(skipPrompts);
   await runAnalysis(
@@ -5487,6 +5499,7 @@ async function analyze({
       commitHash,
       mobbProjectName,
       srcPath,
+      organizationId,
       command: "analyze"
     },
     { skipPrompts }
@@ -5563,6 +5576,12 @@ var refOption = {
   type: "string",
   demandOption: false
 };
+var organizationIdOptions = {
+  describe: chalk5.bold("Organization id"),
+  alias: "organization-id",
+  type: "string",
+  demandOption: false
+};
 var scannerOptions = {
   alias: "s",
   choices: Object.values(SCANNERS),
@@ -5640,6 +5659,12 @@ var UrlZ = z12.string({
 }).refine((data) => !!sanityRepoURL(data), {
   message: "is not a valid GitHub / GitLab / ADO URL"
 });
+function validateOrganizationId(organizationId) {
+  const orgIdValidation = z12.string().uuid().nullish().safeParse(organizationId);
+  if (!orgIdValidation.success) {
+    throw new CliError(`organizationId: ${organizationId} is not a valid UUID`);
+  }
+}
 function validateRepoUrl(args) {
   const repoSafeParseResult = UrlZ.safeParse(args.repo);
   const { success } = repoSafeParseResult;
@@ -5689,7 +5714,7 @@ function analyzeBuilder(yargs2) {
     alias: "commit-hash",
     describe: chalk7.bold("Hash of the commit"),
     type: "string"
-  }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).example(
+  }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("org", organizationIdOptions).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).example(
     "$0 analyze -r https://github.com/WebGoat/WebGoat -f <your_vulirabitliy_report_path>",
     "analyze an existing repository"
   ).help();
@@ -5699,6 +5724,7 @@ function validateAnalyzeOptions(argv) {
     throw new CliError(`
 Can't access ${chalk7.bold(argv.f)}`);
   }
+  validateOrganizationId(argv.organizationId);
   if (!argv.srcPath && !argv.repo) {
     throw new CliError("You must supply either --src-path or --repo");
   }
@@ -5767,13 +5793,14 @@ async function reviewHandler(args) {
 // src/args/commands/scan.ts
 function scanBuilder(args) {
-  return args.coerce("scanner", (arg) => arg.toLowerCase()).option("repo", repoOption).option("ref", refOption).option("scanner", scannerOptions).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("cx-project-name", projectNameOption).example(
+  return args.coerce("scanner", (arg) => arg.toLowerCase()).option("repo", repoOption).option("ref", refOption).option("scanner", scannerOptions).option("org", organizationIdOptions).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("cx-project-name", projectNameOption).example(
     "$0 scan -r https://github.com/WebGoat/WebGoat",
     "Scan an existing repository"
   ).help();
 }
 function validateScanOptions(argv) {
   validateRepoUrl(argv);
+  validateOrganizationId(argv.organizationId);
   argv.scanner === SCANNERS.Checkmarx && validateCheckmarxInstallation();
   if (argv.scanner === SCANNERS.Checkmarx && !argv.cxProjectName) {
     throw new CliError(errorMessages.missingCxProjectName);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.141",
+  "version": "0.0.142",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",
@@ -32,8 +32,8 @@
     "@octokit/plugin-rest-endpoint-methods": "7.2.3",
     "@octokit/request-error": "3.0.3",
     "@types/libsodium-wrappers": "0.7.13",
-    "adm-zip": "0.5.14",
-    "axios": "1.7.2",
+    "adm-zip": "0.5.15",
+    "axios": "1.7.3",
     "azure-devops-node-api": "12.1.0",
     "bitbucket": "2.11.0",
     "chalk": "5.3.0",
@@ -58,11 +58,11 @@
     "parse-diff": "0.11.1",
     "semver": "7.6.3",
     "simple-git": "3.25.0",
-    "snyk": "1.1118.0",
+    "snyk": "1.1292.0",
     "supports-color": "9.4.0",
     "tar": "6.2.1",
     "tmp": "0.2.3",
-    "undici": "6.19.4",
+    "undici": "6.19.5",
     "uuid": "10.0.0",
     "ws": "8.18.0",
     "yargs": "17.7.2",
@@ -84,7 +84,7 @@
     "@types/tar": "6.1.13",
     "@types/tmp": "0.2.6",
     "@types/uuid": "10.0.0",
-    "@types/ws": "8.5.11",
+    "@types/ws": "8.5.12",
     "@types/yargs": "17.0.32",
     "@typescript-eslint/eslint-plugin": "7.17.0",
     "@typescript-eslint/parser": "7.17.0",