npm - mobbdev - Versions diffs - 0.0.141 → 0.0.143 - Mend

mobbdev 0.0.141 → 0.0.143

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +49 -27
package/package.json +6 -6

package/dist/index.mjs CHANGED Viewed

@@ -146,15 +146,17 @@ var MeDocument = `
 }
     `;
 var GetOrgAndProjectIdDocument = `
-    query getOrgAndProjectId {
-  users: user {
-    userOrganizationsAndUserOrganizationRoles {
-      organization {
+    query getOrgAndProjectId($filters: organization_to_organization_role_bool_exp, $limit: Int) {
+  organization_to_organization_role(
+    where: $filters
+    order_by: {organization: {createdOn: desc}}
+    limit: $limit
+  ) {
+    organization {
+      id
+      projects(order_by: {updatedAt: desc}) {
         id
-        projects(order_by: {updatedAt: desc}) {
-          id
-          name
-        }
+        name
       }
     }
   }
@@ -4302,12 +4304,17 @@ var GQLClient = class {
     }
     return true;
   }
-  async getOrgAndProjectId(projectName) {
-    const getOrgAndProjectIdResult = await this._clientSdk.getOrgAndProjectId();
-    const org = getOrgAndProjectIdResult?.users?.at(0)?.userOrganizationsAndUserOrganizationRoles?.at(0)?.organization;
-    if (!org?.id) {
+  async getOrgAndProjectId(params = {}) {
+    const { projectName, userDefinedOrganizationId } = params;
+    const getOrgAndProjectIdResult = await this._clientSdk.getOrgAndProjectId({
+      filters: userDefinedOrganizationId ? { organizationId: { _eq: userDefinedOrganizationId } } : {},
+      limit: 1
+    });
+    const [organizationToOrganizationRole] = getOrgAndProjectIdResult.organization_to_organization_role;
+    if (!organizationToOrganizationRole) {
       throw new Error("Organization not found");
     }
+    const { organization: org } = organizationToOrganizationRole;
     const project = projectName ? org?.projects.find((project2) => project2.name === projectName) ?? null : org?.projects[0];
     if (!project?.id) {
       throw new Error("Project not found");
@@ -4648,14 +4655,14 @@ var { stdout: stdout2 } = supportsColor;
 function createFork({ args, processPath, name }, options) {
   const child = cp.fork(processPath, args, {
     stdio: ["inherit", "pipe", "pipe", "ipc"],
-    env: { FORCE_COLOR: stdout2 ? "1" : "0" }
+    env: { ...process2.env, FORCE_COLOR: stdout2 ? "1" : "0" }
   });
   return createChildProcess({ childProcess: child, name }, options);
 }
 function createSpwan({ args, processPath, name }, options) {
   const child = cp.spawn(processPath, args, {
     stdio: ["inherit", "pipe", "pipe", "ipc"],
-    env: { FORCE_COLOR: stdout2 ? "1" : "0" }
+    env: { ...process2.env, FORCE_COLOR: stdout2 ? "1" : "0" }
   });
   return createChildProcess({ childProcess: child, name }, options);
 }
@@ -4818,14 +4825,11 @@ import open from "open";
 var debug9 = Debug10("mobbdev:snyk");
 var require3 = createRequire2(import.meta.url);
 var SNYK_PATH = require3.resolve("snyk/bin/snyk");
-var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-application-code/snyk-code/getting-started-with-snyk-code/activating-snyk-code-using-the-web-ui/step-1-enabling-the-snyk-code-option";
+var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-using-snyk/snyk-code/configure-snyk-code#enable-snyk-code";
 debug9("snyk executable path %s", SNYK_PATH);
 async function forkSnyk(args, { display }) {
   debug9("fork snyk with args %o %s", args, display);
-  return createFork(
-    { args, processPath: SNYK_PATH, name: "checkmarx" },
-    { display }
-  );
+  return createFork({ args, processPath: SNYK_PATH, name: "snyk" }, { display });
 }
 async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
   debug9("get snyk report start %s %s", reportPath, repoRoot);
@@ -4851,9 +4855,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
     ["code", "test", `--sarif-file-output=${reportPath}`, repoRoot],
     { display: true }
   );
-  if (scanOutput.includes(
-    "Snyk Code is not supported for org: enable in Settings > Snyk Code"
-  )) {
+  if (scanOutput.includes("Snyk Code is not supported for org")) {
     debug9("snyk code is not enabled %s", scanOutput);
     snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
     const answer = await snykArticlePrompt();
@@ -5033,7 +5035,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
     cxProjectName,
     mobbProjectName,
     githubToken: githubActionToken,
-    command
+    command,
+    organizationId: userOrganizationId
   } = params;
   debug11("start %s %s", dirname, repo);
   const { createSpinner: createSpinner4 } = Spinner2({ ci });
@@ -5043,7 +5046,10 @@ async function _scan(params, { skipPrompts = false } = {}) {
     type: "apiKey"
   });
   await handleMobbLogin();
-  const { projectId, organizationId } = await gqlClient.getOrgAndProjectId(mobbProjectName);
+  const { projectId, organizationId } = await gqlClient.getOrgAndProjectId({
+    projectName: mobbProjectName,
+    userDefinedOrganizationId: userOrganizationId
+  });
   const {
     uploadS3BucketInfo: { repoUploadInfo, reportUploadInfo }
   } = await gqlClient.uploadS3BucketInfo();
@@ -5474,7 +5480,8 @@ async function analyze({
   ci,
   commitHash,
   srcPath,
-  mobbProjectName
+  mobbProjectName,
+  organizationId
 }, { skipPrompts = false } = {}) {
   !ci && await showWelcomeMessage(skipPrompts);
   await runAnalysis(
@@ -5487,6 +5494,7 @@ async function analyze({
       commitHash,
       mobbProjectName,
       srcPath,
+      organizationId,
       command: "analyze"
     },
     { skipPrompts }
@@ -5563,6 +5571,12 @@ var refOption = {
   type: "string",
   demandOption: false
 };
+var organizationIdOptions = {
+  describe: chalk5.bold("Organization id"),
+  alias: "organization-id",
+  type: "string",
+  demandOption: false
+};
 var scannerOptions = {
   alias: "s",
   choices: Object.values(SCANNERS),
@@ -5640,6 +5654,12 @@ var UrlZ = z12.string({
 }).refine((data) => !!sanityRepoURL(data), {
   message: "is not a valid GitHub / GitLab / ADO URL"
 });
+function validateOrganizationId(organizationId) {
+  const orgIdValidation = z12.string().uuid().nullish().safeParse(organizationId);
+  if (!orgIdValidation.success) {
+    throw new CliError(`organizationId: ${organizationId} is not a valid UUID`);
+  }
+}
 function validateRepoUrl(args) {
   const repoSafeParseResult = UrlZ.safeParse(args.repo);
   const { success } = repoSafeParseResult;
@@ -5689,7 +5709,7 @@ function analyzeBuilder(yargs2) {
     alias: "commit-hash",
     describe: chalk7.bold("Hash of the commit"),
     type: "string"
-  }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).example(
+  }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("org", organizationIdOptions).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).example(
     "$0 analyze -r https://github.com/WebGoat/WebGoat -f <your_vulirabitliy_report_path>",
     "analyze an existing repository"
   ).help();
@@ -5699,6 +5719,7 @@ function validateAnalyzeOptions(argv) {
     throw new CliError(`
 Can't access ${chalk7.bold(argv.f)}`);
   }
+  validateOrganizationId(argv.organizationId);
   if (!argv.srcPath && !argv.repo) {
     throw new CliError("You must supply either --src-path or --repo");
   }
@@ -5767,13 +5788,14 @@ async function reviewHandler(args) {
 // src/args/commands/scan.ts
 function scanBuilder(args) {
-  return args.coerce("scanner", (arg) => arg.toLowerCase()).option("repo", repoOption).option("ref", refOption).option("scanner", scannerOptions).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("cx-project-name", projectNameOption).example(
+  return args.coerce("scanner", (arg) => arg.toLowerCase()).option("repo", repoOption).option("ref", refOption).option("scanner", scannerOptions).option("org", organizationIdOptions).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("cx-project-name", projectNameOption).example(
     "$0 scan -r https://github.com/WebGoat/WebGoat",
     "Scan an existing repository"
   ).help();
 }
 function validateScanOptions(argv) {
   validateRepoUrl(argv);
+  validateOrganizationId(argv.organizationId);
   argv.scanner === SCANNERS.Checkmarx && validateCheckmarxInstallation();
   if (argv.scanner === SCANNERS.Checkmarx && !argv.cxProjectName) {
     throw new CliError(errorMessages.missingCxProjectName);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.141",
+  "version": "0.0.143",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",
@@ -32,8 +32,8 @@
     "@octokit/plugin-rest-endpoint-methods": "7.2.3",
     "@octokit/request-error": "3.0.3",
     "@types/libsodium-wrappers": "0.7.13",
-    "adm-zip": "0.5.14",
-    "axios": "1.7.2",
+    "adm-zip": "0.5.15",
+    "axios": "1.7.3",
     "azure-devops-node-api": "12.1.0",
     "bitbucket": "2.11.0",
     "chalk": "5.3.0",
@@ -58,11 +58,11 @@
     "parse-diff": "0.11.1",
     "semver": "7.6.3",
     "simple-git": "3.25.0",
-    "snyk": "1.1118.0",
+    "snyk": "1.1292.4",
     "supports-color": "9.4.0",
     "tar": "6.2.1",
     "tmp": "0.2.3",
-    "undici": "6.19.4",
+    "undici": "6.19.5",
     "uuid": "10.0.0",
     "ws": "8.18.0",
     "yargs": "17.7.2",
@@ -84,7 +84,7 @@
     "@types/tar": "6.1.13",
     "@types/tmp": "0.2.6",
     "@types/uuid": "10.0.0",
-    "@types/ws": "8.5.11",
+    "@types/ws": "8.5.12",
     "@types/yargs": "17.0.32",
     "@typescript-eslint/eslint-plugin": "7.17.0",
     "@typescript-eslint/parser": "7.17.0",