mobbdev 0.0.152 → 0.0.157
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +64 -27
- package/package.json +9 -8
package/dist/index.mjs
CHANGED
|
@@ -66,13 +66,10 @@ import { z as z9 } from "zod";
|
|
|
66
66
|
import { z } from "zod";
|
|
67
67
|
var EnvVariablesZod = z.object({
|
|
68
68
|
GITLAB_API_TOKEN: z.string().optional(),
|
|
69
|
-
BROKERED_HOSTS: z.string().toLowerCase().transform(
|
|
70
|
-
(x) => x.split(",").map((url) => url.trim(), []).filter(Boolean)
|
|
71
|
-
).default(""),
|
|
72
69
|
GITHUB_API_TOKEN: z.string().optional(),
|
|
73
70
|
GIT_PROXY_HOST: z.string().default("http://tinyproxy:8888")
|
|
74
71
|
});
|
|
75
|
-
var { GITLAB_API_TOKEN,
|
|
72
|
+
var { GITLAB_API_TOKEN, GITHUB_API_TOKEN, GIT_PROXY_HOST } = EnvVariablesZod.parse(process.env);
|
|
76
73
|
|
|
77
74
|
// src/features/analysis/scm/scm.ts
|
|
78
75
|
import { z as z7 } from "zod";
|
|
@@ -386,6 +383,8 @@ var getIssueType = (issueType) => {
|
|
|
386
383
|
return "Value Never Read";
|
|
387
384
|
case "VALUE_SHADOWING" /* ValueShadowing */:
|
|
388
385
|
return "Value Shadowing";
|
|
386
|
+
case "ERRONEOUS_STRING_COMPARE" /* ErroneousStringCompare */:
|
|
387
|
+
return "Erroneous String Compare";
|
|
389
388
|
default: {
|
|
390
389
|
return issueType ? issueType.replaceAll("_", " ") : "Other";
|
|
391
390
|
}
|
|
@@ -878,7 +877,7 @@ function isGithubOnPrem(url) {
|
|
|
878
877
|
return !url.includes(scmCloudUrl.GitHub);
|
|
879
878
|
}
|
|
880
879
|
function getFetch(url) {
|
|
881
|
-
if (url &&
|
|
880
|
+
if (url && isBrokerUrl(url)) {
|
|
882
881
|
const dispatcher = new ProxyAgent({
|
|
883
882
|
uri: GIT_PROXY_HOST,
|
|
884
883
|
requestTls: {
|
|
@@ -1584,9 +1583,7 @@ function initGitlabFetchMock() {
|
|
|
1584
1583
|
`this block is used for unit tests only. URL ${input?.url} starts from local directory`
|
|
1585
1584
|
);
|
|
1586
1585
|
}
|
|
1587
|
-
if (urlParsed &&
|
|
1588
|
-
`${urlParsed.protocol?.toLowerCase()}//${urlParsed.host?.toLowerCase()}`
|
|
1589
|
-
)) {
|
|
1586
|
+
if (urlParsed && isBrokerUrl(urlParsed.href)) {
|
|
1590
1587
|
const dispatcher = new ProxyAgent2({
|
|
1591
1588
|
uri: process.env["GIT_PROXY_HOST"] || "http://tinyproxy:8888",
|
|
1592
1589
|
requestTls: {
|
|
@@ -1621,6 +1618,7 @@ var BaseSubmitToScmMessageZ = z5.object({
|
|
|
1621
1618
|
),
|
|
1622
1619
|
commitHash: z5.string(),
|
|
1623
1620
|
repoUrl: z5.string(),
|
|
1621
|
+
mobbUserEmail: z5.string(),
|
|
1624
1622
|
extraHeaders: z5.record(z5.string(), z5.string()).default({})
|
|
1625
1623
|
});
|
|
1626
1624
|
var submitToScmMessageType = {
|
|
@@ -1651,6 +1649,7 @@ var FixResponseArrayZ = z5.array(
|
|
|
1651
1649
|
})
|
|
1652
1650
|
);
|
|
1653
1651
|
var SubmitFixesBaseResponseMessageZ = z5.object({
|
|
1652
|
+
mobbUserEmail: z5.string(),
|
|
1654
1653
|
submitFixRequestId: z5.string().uuid(),
|
|
1655
1654
|
submitBranches: z5.array(
|
|
1656
1655
|
z5.object({
|
|
@@ -1684,12 +1683,6 @@ var SubmitFixesResponseMessageZ = z5.discriminatedUnion("type", [
|
|
|
1684
1683
|
]);
|
|
1685
1684
|
|
|
1686
1685
|
// src/features/analysis/scm/scmSubmit/index.ts
|
|
1687
|
-
var EnvVariablesZod2 = z6.object({
|
|
1688
|
-
BROKERED_HOSTS: z6.string().toLowerCase().transform(
|
|
1689
|
-
(x) => x.split(",").map((url) => url.trim(), []).filter(Boolean)
|
|
1690
|
-
).default("")
|
|
1691
|
-
});
|
|
1692
|
-
var { BROKERED_HOSTS: BROKERED_HOSTS2 } = EnvVariablesZod2.parse(process.env);
|
|
1693
1686
|
var isValidBranchName = async (branchName) => {
|
|
1694
1687
|
const git = simpleGit();
|
|
1695
1688
|
try {
|
|
@@ -1710,6 +1703,9 @@ var FixesZ = z6.array(
|
|
|
1710
1703
|
).nonempty();
|
|
1711
1704
|
|
|
1712
1705
|
// src/features/analysis/scm/scm.ts
|
|
1706
|
+
function isBrokerUrl(url) {
|
|
1707
|
+
return z7.string().uuid().safeParse(new URL(url).host).success;
|
|
1708
|
+
}
|
|
1713
1709
|
var GetRefererenceResultZ = z7.object({
|
|
1714
1710
|
date: z7.date().optional(),
|
|
1715
1711
|
sha: z7.string(),
|
|
@@ -1760,10 +1756,11 @@ function getScmLibTypeFromScmType(scmType) {
|
|
|
1760
1756
|
function getScmConfig({
|
|
1761
1757
|
url,
|
|
1762
1758
|
scmConfigs,
|
|
1759
|
+
brokerHosts,
|
|
1763
1760
|
includeOrgTokens = true
|
|
1764
1761
|
}) {
|
|
1762
|
+
const urlObject = new URL(url);
|
|
1765
1763
|
const filteredScmConfigs = scmConfigs.filter((scm) => {
|
|
1766
|
-
const urlObject = new URL(url);
|
|
1767
1764
|
const configUrl = new URL(scm.scmUrl);
|
|
1768
1765
|
return (
|
|
1769
1766
|
//if we the user does an ADO oauth flow then the token is saved for dev.azure.com but
|
|
@@ -1772,13 +1769,20 @@ function getScmConfig({
|
|
|
1772
1769
|
(urlObject.hostname.toLowerCase() === configUrl.hostname.toLowerCase() || urlObject.hostname.toLowerCase().endsWith(".visualstudio.com") && configUrl.hostname.toLowerCase() === "dev.azure.com") && urlObject.protocol === configUrl.protocol && urlObject.port === configUrl.port
|
|
1773
1770
|
);
|
|
1774
1771
|
});
|
|
1772
|
+
const filteredBrokerHosts = brokerHosts.filter((broker) => {
|
|
1773
|
+
const urlObject2 = new URL(url);
|
|
1774
|
+
return urlObject2.hostname.toLowerCase() === broker.realDomain.toLowerCase();
|
|
1775
|
+
});
|
|
1776
|
+
const virtualDomain = filteredBrokerHosts[0]?.virtualDomain;
|
|
1777
|
+
const virtualUrl = virtualDomain ? `https://${virtualDomain}${urlObject.pathname}${urlObject.search}` : void 0;
|
|
1775
1778
|
const scmOrgConfig = filteredScmConfigs.find((scm) => scm.orgId && scm.token);
|
|
1776
1779
|
if (scmOrgConfig && includeOrgTokens) {
|
|
1777
1780
|
return {
|
|
1778
1781
|
id: scmOrgConfig.id,
|
|
1779
1782
|
accessToken: scmOrgConfig.token || void 0,
|
|
1780
1783
|
scmLibType: getScmLibTypeFromScmType(scmOrgConfig.scmType),
|
|
1781
|
-
scmOrg: scmOrgConfig.scmOrg || void 0
|
|
1784
|
+
scmOrg: scmOrgConfig.scmOrg || void 0,
|
|
1785
|
+
virtualUrl
|
|
1782
1786
|
};
|
|
1783
1787
|
}
|
|
1784
1788
|
const scmUserConfig = filteredScmConfigs.find(
|
|
@@ -1789,7 +1793,8 @@ function getScmConfig({
|
|
|
1789
1793
|
id: scmUserConfig.id,
|
|
1790
1794
|
accessToken: scmUserConfig.token || void 0,
|
|
1791
1795
|
scmLibType: getScmLibTypeFromScmType(scmUserConfig.scmType),
|
|
1792
|
-
scmOrg: scmUserConfig.scmOrg || void 0
|
|
1796
|
+
scmOrg: scmUserConfig.scmOrg || void 0,
|
|
1797
|
+
virtualUrl
|
|
1793
1798
|
};
|
|
1794
1799
|
}
|
|
1795
1800
|
const type2 = getCloudScmLibTypeFromUrl(url);
|
|
@@ -1798,14 +1803,16 @@ function getScmConfig({
|
|
|
1798
1803
|
id: void 0,
|
|
1799
1804
|
accessToken: void 0,
|
|
1800
1805
|
scmLibType: type2,
|
|
1801
|
-
scmOrg: void 0
|
|
1806
|
+
scmOrg: void 0,
|
|
1807
|
+
virtualUrl
|
|
1802
1808
|
};
|
|
1803
1809
|
}
|
|
1804
1810
|
return {
|
|
1805
1811
|
id: void 0,
|
|
1806
1812
|
accessToken: void 0,
|
|
1807
1813
|
scmLibType: void 0,
|
|
1808
|
-
scmOrg: void 0
|
|
1814
|
+
scmOrg: void 0,
|
|
1815
|
+
virtualUrl
|
|
1809
1816
|
};
|
|
1810
1817
|
}
|
|
1811
1818
|
var InvalidRepoUrlError = class extends Error {
|
|
@@ -1834,7 +1841,7 @@ var RepoNoTokenAccessError = class extends Error {
|
|
|
1834
1841
|
this.scmType = scmType;
|
|
1835
1842
|
}
|
|
1836
1843
|
};
|
|
1837
|
-
function
|
|
1844
|
+
function buildAuthorizedRepoUrl(args) {
|
|
1838
1845
|
const { url, username, password } = args;
|
|
1839
1846
|
const is_http = url.toLowerCase().startsWith("http://");
|
|
1840
1847
|
const is_https = url.toLowerCase().startsWith("https://");
|
|
@@ -1886,7 +1893,7 @@ var SCMLib = class {
|
|
|
1886
1893
|
case "token": {
|
|
1887
1894
|
const { token } = authData;
|
|
1888
1895
|
const username2 = await this._getUsernameForAuthUrl();
|
|
1889
|
-
return
|
|
1896
|
+
return buildAuthorizedRepoUrl({
|
|
1890
1897
|
url,
|
|
1891
1898
|
username: username2,
|
|
1892
1899
|
password: token
|
|
@@ -1894,13 +1901,14 @@ var SCMLib = class {
|
|
|
1894
1901
|
}
|
|
1895
1902
|
case "basic": {
|
|
1896
1903
|
const { username: username2, password } = authData;
|
|
1897
|
-
return
|
|
1904
|
+
return buildAuthorizedRepoUrl({ url, username: username2, password });
|
|
1898
1905
|
}
|
|
1899
1906
|
}
|
|
1900
1907
|
}
|
|
1908
|
+
const finalUrl = scmLibType === "GITLAB" /* GITLAB */ ? `${trimmedUrl}.git` : trimmedUrl;
|
|
1901
1909
|
const username = await this._getUsernameForAuthUrl();
|
|
1902
|
-
return
|
|
1903
|
-
url:
|
|
1910
|
+
return buildAuthorizedRepoUrl({
|
|
1911
|
+
url: finalUrl,
|
|
1904
1912
|
username,
|
|
1905
1913
|
password: accessToken
|
|
1906
1914
|
});
|
|
@@ -1942,6 +1950,7 @@ var SCMLib = class {
|
|
|
1942
1950
|
}
|
|
1943
1951
|
case "ADO" /* ADO */: {
|
|
1944
1952
|
const scm = new AdoSCMLib(trimmedUrl, accessToken, scmOrg);
|
|
1953
|
+
await scm.getAdoSdk();
|
|
1945
1954
|
await scm.validateParams();
|
|
1946
1955
|
return scm;
|
|
1947
1956
|
}
|
|
@@ -2851,7 +2860,7 @@ async function getAdoApiClient(params) {
|
|
|
2851
2860
|
}
|
|
2852
2861
|
const orgUrl = `${origin2}/${orgName}`;
|
|
2853
2862
|
if (params.tokenType === "OAUTH" /* OAUTH */) {
|
|
2854
|
-
if (isAdoOnCloud(origin2)) {
|
|
2863
|
+
if (!isAdoOnCloud(origin2)) {
|
|
2855
2864
|
throw new Error(
|
|
2856
2865
|
`Oauth token is not supported for ADO on prem - ${origin2} `
|
|
2857
2866
|
);
|
|
@@ -2864,7 +2873,7 @@ async function getAdoApiClient(params) {
|
|
|
2864
2873
|
return connection2;
|
|
2865
2874
|
}
|
|
2866
2875
|
const authHandler = api.getPersonalAccessTokenHandler(params.accessToken);
|
|
2867
|
-
const isBroker =
|
|
2876
|
+
const isBroker = isBrokerUrl(orgUrl);
|
|
2868
2877
|
const connection = new api.WebApi(
|
|
2869
2878
|
orgUrl,
|
|
2870
2879
|
authHandler,
|
|
@@ -3360,6 +3369,14 @@ var MeDocument = `
|
|
|
3360
3369
|
me {
|
|
3361
3370
|
id
|
|
3362
3371
|
email
|
|
3372
|
+
userOrganizationsAndUserOrganizationRoles {
|
|
3373
|
+
organization {
|
|
3374
|
+
brokerHosts {
|
|
3375
|
+
realDomain
|
|
3376
|
+
virtualDomain
|
|
3377
|
+
}
|
|
3378
|
+
}
|
|
3379
|
+
}
|
|
3363
3380
|
scmConfigs {
|
|
3364
3381
|
id
|
|
3365
3382
|
orgId
|
|
@@ -5154,6 +5171,20 @@ function _getUrlForScmType({
|
|
|
5154
5171
|
};
|
|
5155
5172
|
}
|
|
5156
5173
|
}
|
|
5174
|
+
function getBrokerHosts(userOrgsAnUserOrgRoles) {
|
|
5175
|
+
const brokerHosts = [];
|
|
5176
|
+
if (!userOrgsAnUserOrgRoles) {
|
|
5177
|
+
return brokerHosts;
|
|
5178
|
+
}
|
|
5179
|
+
userOrgsAnUserOrgRoles.forEach((org) => {
|
|
5180
|
+
org?.organization?.brokerHosts.forEach((brokerHost) => {
|
|
5181
|
+
if (brokerHost) {
|
|
5182
|
+
brokerHosts.push(brokerHost);
|
|
5183
|
+
}
|
|
5184
|
+
});
|
|
5185
|
+
});
|
|
5186
|
+
return brokerHosts;
|
|
5187
|
+
}
|
|
5157
5188
|
async function getScmTokenInfo(params) {
|
|
5158
5189
|
const { gqlClient, repo } = params;
|
|
5159
5190
|
const userInfo = await gqlClient.getUserInfo();
|
|
@@ -5164,7 +5195,10 @@ async function getScmTokenInfo(params) {
|
|
|
5164
5195
|
return getScmConfig({
|
|
5165
5196
|
url: repo,
|
|
5166
5197
|
scmConfigs,
|
|
5167
|
-
includeOrgTokens: false
|
|
5198
|
+
includeOrgTokens: false,
|
|
5199
|
+
brokerHosts: getBrokerHosts(
|
|
5200
|
+
userInfo.userOrganizationsAndUserOrganizationRoles
|
|
5201
|
+
)
|
|
5168
5202
|
});
|
|
5169
5203
|
}
|
|
5170
5204
|
async function getReport(params, { skipPrompts }) {
|
|
@@ -5465,6 +5499,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
5465
5499
|
const tokenInfo2 = getScmConfig({
|
|
5466
5500
|
url: repoUrl,
|
|
5467
5501
|
scmConfigs,
|
|
5502
|
+
brokerHosts: getBrokerHosts(
|
|
5503
|
+
userInfo.userOrganizationsAndUserOrganizationRoles
|
|
5504
|
+
),
|
|
5468
5505
|
includeOrgTokens: false
|
|
5469
5506
|
});
|
|
5470
5507
|
if (tokenInfo2.accessToken && tokenInfo2.accessToken !== oldToken) {
|
package/package.json
CHANGED
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mobbdev",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.157",
|
|
4
4
|
"description": "Automated secure code remediation tool",
|
|
5
5
|
"repository": "https://github.com/mobb-dev/bugsy",
|
|
6
6
|
"main": "dist/index.js",
|
|
7
7
|
"module": "dist/index.js",
|
|
8
8
|
"scripts": {
|
|
9
|
+
"clean": "rm -rf build",
|
|
9
10
|
"env": "dotenv -e ./.env",
|
|
10
11
|
"postinstall": "node ./src/post_install/cx_install.mjs",
|
|
11
12
|
"build": "tsc && tsup-node --env.NODE_ENV production",
|
|
@@ -33,13 +34,13 @@
|
|
|
33
34
|
"@octokit/request-error": "3.0.3",
|
|
34
35
|
"@types/libsodium-wrappers": "0.7.13",
|
|
35
36
|
"adm-zip": "0.5.15",
|
|
36
|
-
"axios": "1.7.
|
|
37
|
+
"axios": "1.7.7",
|
|
37
38
|
"azure-devops-node-api": "12.1.0",
|
|
38
39
|
"bitbucket": "2.11.0",
|
|
39
40
|
"chalk": "5.3.0",
|
|
40
41
|
"chalk-animation": "2.0.3",
|
|
41
42
|
"configstore": "6.0.0",
|
|
42
|
-
"debug": "4.3.
|
|
43
|
+
"debug": "4.3.7",
|
|
43
44
|
"dotenv": "16.4.5",
|
|
44
45
|
"extract-zip": "2.0.1",
|
|
45
46
|
"globby": "13.2.2",
|
|
@@ -57,12 +58,12 @@
|
|
|
57
58
|
"open": "8.4.2",
|
|
58
59
|
"parse-diff": "0.11.1",
|
|
59
60
|
"semver": "7.6.3",
|
|
60
|
-
"simple-git": "3.
|
|
61
|
-
"snyk": "1.
|
|
61
|
+
"simple-git": "3.26.0",
|
|
62
|
+
"snyk": "1.1293.0",
|
|
62
63
|
"supports-color": "9.4.0",
|
|
63
64
|
"tar": "6.2.1",
|
|
64
65
|
"tmp": "0.2.3",
|
|
65
|
-
"undici": "6.19.
|
|
66
|
+
"undici": "6.19.8",
|
|
66
67
|
"uuid": "10.0.0",
|
|
67
68
|
"ws": "8.18.0",
|
|
68
69
|
"yargs": "17.7.2",
|
|
@@ -85,11 +86,11 @@
|
|
|
85
86
|
"@types/tmp": "0.2.6",
|
|
86
87
|
"@types/uuid": "10.0.0",
|
|
87
88
|
"@types/ws": "8.5.12",
|
|
88
|
-
"@types/yargs": "17.0.
|
|
89
|
+
"@types/yargs": "17.0.33",
|
|
89
90
|
"@typescript-eslint/eslint-plugin": "7.17.0",
|
|
90
91
|
"@typescript-eslint/parser": "7.17.0",
|
|
91
92
|
"eslint": "8.57.0",
|
|
92
|
-
"eslint-plugin-import": "2.
|
|
93
|
+
"eslint-plugin-import": "2.30.0",
|
|
93
94
|
"eslint-plugin-prettier": "5.2.1",
|
|
94
95
|
"eslint-plugin-simple-import-sort": "10.0.0",
|
|
95
96
|
"prettier": "3.3.3",
|