npm - mobbdev - Versions diffs - 0.0.165 → 0.0.167 - Mend

mobbdev 0.0.165 → 0.0.167

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +239 -252
package/package.json +7 -7

package/dist/index.mjs CHANGED Viewed

@@ -1271,16 +1271,16 @@ var CliError = class extends Error {
 // src/features/analysis/index.ts
 import chalk4 from "chalk";
 import Configstore from "configstore";
-import Debug13 from "debug";
+import Debug15 from "debug";
 import extract from "extract-zip";
 import fetch4 from "node-fetch";
 import open2 from "open";
 import semver from "semver";
 import tmp2 from "tmp";
-import { z as z19 } from "zod";
+import { z as z20 } from "zod";
 // src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
-import Debug4 from "debug";
+import Debug6 from "debug";
 // src/features/analysis/scm/ado/constants.ts
 var DEFUALT_ADO_ORIGIN = scmCloudUrl.Ado;
@@ -1288,7 +1288,8 @@ var DEFUALT_ADO_ORIGIN = scmCloudUrl.Ado;
 // src/features/analysis/scm/ado/utils.ts
 import querystring3 from "node:querystring";
 import * as api from "azure-devops-node-api";
-import { z as z16 } from "zod";
+import Debug3 from "debug";
+import { z as z17 } from "zod";
 // src/features/analysis/scm/env.ts
 import { z as z3 } from "zod";
@@ -1300,13 +1301,14 @@ var EnvVariablesZod = z3.object({
 var { GITLAB_API_TOKEN, GITHUB_API_TOKEN, GIT_PROXY_HOST } = EnvVariablesZod.parse(process.env);
 // src/features/analysis/scm/scm.ts
-import { z as z14 } from "zod";
+import { z as z15 } from "zod";
 // src/features/analysis/scm/bitbucket/bitbucket.ts
 import querystring from "node:querystring";
 import bitbucketPkg from "bitbucket";
 import * as bitbucketPkgNode from "bitbucket";
-import { z as z10 } from "zod";
+import Debug2 from "debug";
+import { z as z11 } from "zod";
 // src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
 import { z as z5 } from "zod";
@@ -3244,27 +3246,31 @@ var sanityRepoURL = (scmURL) => {
   }
 };
+// src/features/analysis/scm/bitbucket/validation.ts
+import { z as z10 } from "zod";
+var BitbucketAuthResultZ = z10.object({
+  access_token: z10.string(),
+  token_type: z10.string(),
+  refresh_token: z10.string()
+});
 // src/features/analysis/scm/bitbucket/bitbucket.ts
+var debug2 = Debug2("scm:bitbucket");
 var BITBUCKET_HOSTNAME = "bitbucket.org";
-var TokenExpiredErrorZ = z10.object({
-  status: z10.number(),
-  error: z10.object({
-    type: z10.string(),
-    error: z10.object({
-      message: z10.string()
+var TokenExpiredErrorZ = z11.object({
+  status: z11.number(),
+  error: z11.object({
+    type: z11.string(),
+    error: z11.object({
+      message: z11.string()
     })
   })
 });
 var BITBUCKET_ACCESS_TOKEN_URL = `https://${BITBUCKET_HOSTNAME}/site/oauth2/access_token`;
-var BitbucketAuthResultZ = z10.object({
-  access_token: z10.string(),
-  token_type: z10.string(),
-  refresh_token: z10.string()
-});
-var BitbucketParseResultZ = z10.object({
-  organization: z10.string(),
-  repoName: z10.string(),
-  hostname: z10.literal(BITBUCKET_HOSTNAME)
+var BitbucketParseResultZ = z11.object({
+  organization: z11.string(),
+  repoName: z11.string(),
+  hostname: z11.literal(BITBUCKET_HOSTNAME)
 });
 function parseBitbucketOrganizationAndRepo(bitbucketUrl) {
   const parsedGitHubUrl = normalizeUrl(bitbucketUrl);
@@ -3275,27 +3281,6 @@ function parseBitbucketOrganizationAndRepo(bitbucketUrl) {
     repoSlug: validatedBitbucketResult.repoName
   };
 }
-async function getBitbucketToken(params) {
-  const { bitbucketClientId, bitbucketClientSecret, authType } = params;
-  const res = await fetch(BITBUCKET_ACCESS_TOKEN_URL, {
-    method: "POST",
-    headers: {
-      "Content-Type": "application/x-www-form-urlencoded",
-      Authorization: "Basic " + btoa(`${bitbucketClientId}:${bitbucketClientSecret}`)
-    },
-    body: querystring.stringify(
-      authType === "refresh_token" ? {
-        grant_type: authType,
-        refresh_token: params.refreshToken
-      } : {
-        grant_type: authType,
-        code: params.code
-      }
-    )
-  });
-  const authResult = await res.json();
-  return BitbucketAuthResultZ.parse(authResult);
-}
 function getBitbucketIntance(params) {
   const BitbucketContstructor = bitbucketPkg && "Bitbucket" in bitbucketPkg ? bitbucketPkg.Bitbucket : bitbucketPkgNode.Bitbucket;
   switch (params.authType) {
@@ -3343,7 +3328,7 @@ function getBitbucketSdk(params) {
       if (!res.data.values) {
         return [];
       }
-      return res.data.values.filter((branch) => !!branch.name).map((branch) => z10.string().parse(branch.name));
+      return res.data.values.filter((branch) => !!branch.name).map((branch) => z11.string().parse(branch.name));
     },
     async getIsUserCollaborator(params2) {
       const { repoUrl } = params2;
@@ -3458,7 +3443,7 @@ function getBitbucketSdk(params) {
       return GetRefererenceResultZ.parse({
         sha: tagRes.data.target?.hash,
         type: "TAG" /* TAG */,
-        date: new Date(z10.string().parse(tagRes.data.target?.date))
+        date: new Date(z11.string().parse(tagRes.data.target?.date))
       });
     },
     async getBranchRef(params2) {
@@ -3466,7 +3451,7 @@ function getBitbucketSdk(params) {
       return GetRefererenceResultZ.parse({
         sha: getBranchRes.target?.hash,
         type: "BRANCH" /* BRANCH */,
-        date: new Date(z10.string().parse(getBranchRes.target?.date))
+        date: new Date(z11.string().parse(getBranchRes.target?.date))
       });
     },
     async getCommitRef(params2) {
@@ -3474,13 +3459,13 @@ function getBitbucketSdk(params) {
       return GetRefererenceResultZ.parse({
         sha: getCommitRes.hash,
         type: "COMMIT" /* COMMIT */,
-        date: new Date(z10.string().parse(getCommitRes.date))
+        date: new Date(z11.string().parse(getCommitRes.date))
       });
     },
     async getDownloadUrl({ url, sha }) {
       this.getReferenceData({ ref: sha, url });
       const repoRes = await this.getRepo({ repoUrl: url });
-      const parsedRepoUrl = z10.string().url().parse(repoRes.links?.html?.href);
+      const parsedRepoUrl = z11.string().url().parse(repoRes.links?.html?.href);
       return `${parsedRepoUrl}/get/${sha}.zip`;
     },
     async getPullRequest(params2) {
@@ -3523,7 +3508,7 @@ async function validateBitbucketParams(params) {
 }
 async function getUsersworkspacesSlugs(bitbucketClient) {
   const res = await bitbucketClient.workspaces.getWorkspaces({});
-  return res.data.values?.map((v) => z10.string().parse(v.slug));
+  return res.data.values?.map((v) => z11.string().parse(v.slug));
 }
 async function getllUsersrepositories(bitbucketClient) {
   const userWorspacesSlugs = await getUsersworkspacesSlugs(bitbucketClient);
@@ -4063,11 +4048,11 @@ import {
 import { ProxyAgent as ProxyAgent2 } from "undici";
 // src/features/analysis/scm/gitlab/types.ts
-import { z as z11 } from "zod";
-var GitlabAuthResultZ = z11.object({
-  access_token: z11.string(),
-  token_type: z11.string(),
-  refresh_token: z11.string()
+import { z as z12 } from "zod";
+var GitlabAuthResultZ = z12.object({
+  access_token: z12.string(),
+  token_type: z12.string(),
+  refresh_token: z12.string()
 });
 // src/features/analysis/scm/gitlab/gitlab.ts
@@ -4075,6 +4060,7 @@ function removeTrailingSlash(str) {
   return str.trim().replace(/\/+$/, "");
 }
 function getGitBeaker(options) {
+  console.log("getGitBeaker starting");
   const token = options?.gitlabAuthToken ?? GITLAB_API_TOKEN ?? "";
   const url = options.url;
   const host = url ? new URL(url).origin : "https://gitlab.com";
@@ -4332,8 +4318,14 @@ async function getGitlabBlameRanges({ ref, gitlabUrl, path: path9 }, options) {
   });
 }
 function initGitlabFetchMock() {
+  console.log("initGitlabFetchMock starting");
   const globalFetch = global.fetch;
   function myFetch(input, init) {
+    console.log(
+      `myFetch called with input: ${input} ${JSON.stringify(input)} ${JSON.stringify(init)}`,
+      input,
+      input?.url
+    );
     let urlParsed = null;
     try {
       urlParsed = input?.url ? new URL(input?.url) : null;
@@ -4342,7 +4334,9 @@ function initGitlabFetchMock() {
         `this block is used for unit tests only. URL ${input?.url} starts from local directory`
       );
     }
+    console.log(`urlParsed: ${urlParsed} ${urlParsed?.href}`);
     if (urlParsed && isBrokerUrl(urlParsed.href)) {
+      console.log(`urlParsed is broker url: ${urlParsed.href}`);
       const dispatcher = new ProxyAgent2({
         uri: GIT_PROXY_HOST,
         requestTls: {
@@ -4351,9 +4345,11 @@ function initGitlabFetchMock() {
       });
       return globalFetch(input, { dispatcher });
     }
+    console.log("urlParsed is not broker url");
     return globalFetch(input, init);
   }
   global.fetch = myFetch;
+  console.log("initGitlabFetchMock finished");
 }
 initGitlabFetchMock();
@@ -4363,80 +4359,80 @@ import parseDiff from "parse-diff";
 import path3 from "path";
 import { simpleGit } from "simple-git";
 import tmp from "tmp";
-import { z as z13 } from "zod";
+import { z as z14 } from "zod";
 // src/features/analysis/scm/scmSubmit/types.ts
-import { z as z12 } from "zod";
-var BaseSubmitToScmMessageZ = z12.object({
-  submitFixRequestId: z12.string().uuid(),
-  fixes: z12.array(
-    z12.object({
-      fixId: z12.string().uuid(),
-      patches: z12.array(z12.string())
+import { z as z13 } from "zod";
+var BaseSubmitToScmMessageZ = z13.object({
+  submitFixRequestId: z13.string().uuid(),
+  fixes: z13.array(
+    z13.object({
+      fixId: z13.string().uuid(),
+      patches: z13.array(z13.string())
     })
   ),
-  commitHash: z12.string(),
-  repoUrl: z12.string(),
-  mobbUserEmail: z12.string(),
-  extraHeaders: z12.record(z12.string(), z12.string()).default({})
+  commitHash: z13.string(),
+  repoUrl: z13.string(),
+  mobbUserEmail: z13.string(),
+  extraHeaders: z13.record(z13.string(), z13.string()).default({})
 });
 var submitToScmMessageType = {
   commitToSameBranch: "commitToSameBranch",
   submitFixesForDifferentBranch: "submitFixesForDifferentBranch"
 };
 var CommitToSameBranchParamsZ = BaseSubmitToScmMessageZ.merge(
-  z12.object({
-    type: z12.literal(submitToScmMessageType.commitToSameBranch),
-    branch: z12.string(),
-    commitMessage: z12.string(),
-    commitDescription: z12.string().nullish(),
-    githubCommentId: z12.number().nullish()
+  z13.object({
+    type: z13.literal(submitToScmMessageType.commitToSameBranch),
+    branch: z13.string(),
+    commitMessage: z13.string(),
+    commitDescription: z13.string().nullish(),
+    githubCommentId: z13.number().nullish()
   })
 );
-var SubmitFixesToDifferentBranchParamsZ = z12.object({
-  type: z12.literal(submitToScmMessageType.submitFixesForDifferentBranch),
-  submitBranch: z12.string(),
-  baseBranch: z12.string()
+var SubmitFixesToDifferentBranchParamsZ = z13.object({
+  type: z13.literal(submitToScmMessageType.submitFixesForDifferentBranch),
+  submitBranch: z13.string(),
+  baseBranch: z13.string()
 }).merge(BaseSubmitToScmMessageZ);
-var SubmitFixesMessageZ = z12.union([
+var SubmitFixesMessageZ = z13.union([
   CommitToSameBranchParamsZ,
   SubmitFixesToDifferentBranchParamsZ
 ]);
-var FixResponseArrayZ = z12.array(
-  z12.object({
-    fixId: z12.string().uuid()
+var FixResponseArrayZ = z13.array(
+  z13.object({
+    fixId: z13.string().uuid()
   })
 );
-var SubmitFixesBaseResponseMessageZ = z12.object({
-  mobbUserEmail: z12.string(),
-  submitFixRequestId: z12.string().uuid(),
-  submitBranches: z12.array(
-    z12.object({
-      branchName: z12.string(),
+var SubmitFixesBaseResponseMessageZ = z13.object({
+  mobbUserEmail: z13.string(),
+  submitFixRequestId: z13.string().uuid(),
+  submitBranches: z13.array(
+    z13.object({
+      branchName: z13.string(),
       fixes: FixResponseArrayZ
     })
   ),
-  error: z12.object({
-    type: z12.enum([
+  error: z13.object({
+    type: z13.enum([
       "InitialRepoAccessError",
       "PushBranchError",
       "UnknownError"
     ]),
-    info: z12.object({
-      message: z12.string(),
-      pushBranchName: z12.string().optional()
+    info: z13.object({
+      message: z13.string(),
+      pushBranchName: z13.string().optional()
     })
   }).optional()
 });
-var SubmitFixesToSameBranchResponseMessageZ = z12.object({
-  type: z12.literal(submitToScmMessageType.commitToSameBranch),
-  githubCommentId: z12.number().nullish()
+var SubmitFixesToSameBranchResponseMessageZ = z13.object({
+  type: z13.literal(submitToScmMessageType.commitToSameBranch),
+  githubCommentId: z13.number().nullish()
 }).merge(SubmitFixesBaseResponseMessageZ);
-var SubmitFixesToDifferentBranchResponseMessageZ = z12.object({
-  type: z12.literal(submitToScmMessageType.submitFixesForDifferentBranch),
-  githubCommentId: z12.number().optional()
+var SubmitFixesToDifferentBranchResponseMessageZ = z13.object({
+  type: z13.literal(submitToScmMessageType.submitFixesForDifferentBranch),
+  githubCommentId: z13.number().optional()
 }).merge(SubmitFixesBaseResponseMessageZ);
-var SubmitFixesResponseMessageZ = z12.discriminatedUnion("type", [
+var SubmitFixesResponseMessageZ = z13.discriminatedUnion("type", [
   SubmitFixesToSameBranchResponseMessageZ,
   SubmitFixesToDifferentBranchResponseMessageZ
 ]);
@@ -4454,21 +4450,21 @@ var isValidBranchName = async (branchName) => {
     return false;
   }
 };
-var FixesZ = z13.array(
-  z13.object({
-    fixId: z13.string(),
-    patches: z13.array(z13.string())
+var FixesZ = z14.array(
+  z14.object({
+    fixId: z14.string(),
+    patches: z14.array(z14.string())
   })
 ).nonempty();
 // src/features/analysis/scm/scm.ts
 function isBrokerUrl(url) {
-  return z14.string().uuid().safeParse(new URL(url).host).success;
+  return z15.string().uuid().safeParse(new URL(url).host).success;
 }
-var GetRefererenceResultZ = z14.object({
-  date: z14.date().optional(),
-  sha: z14.string(),
-  type: z14.nativeEnum(ReferenceType)
+var GetRefererenceResultZ = z15.object({
+  date: z15.date().optional(),
+  sha: z15.string(),
+  type: z15.nativeEnum(ReferenceType)
 });
 function getCloudScmLibTypeFromUrl(url) {
   if (!url) {
@@ -4509,7 +4505,7 @@ var scmTypeToScmLibScmType = {
   ["Bitbucket" /* Bitbucket */]: "BITBUCKET" /* BITBUCKET */
 };
 function getScmLibTypeFromScmType(scmType) {
-  const parsedScmType = z14.nativeEnum(ScmType).parse(scmType);
+  const parsedScmType = z15.nativeEnum(ScmType).parse(scmType);
   return scmTypeToScmLibScmType[parsedScmType];
 }
 function getScmConfig({
@@ -4723,7 +4719,7 @@ var SCMLib = class {
       if (e instanceof InvalidRepoUrlError && url) {
         throw new RepoNoTokenAccessError(
           "no access to repo",
-          scmLibScmTypeToScmType[z14.nativeEnum(ScmLibScmType).parse(scmType)]
+          scmLibScmTypeToScmType[z15.nativeEnum(ScmLibScmType).parse(scmType)]
         );
       }
       console.error(`error validating scm: ${scmType} `, e);
@@ -5134,7 +5130,7 @@ var GithubSCMLib = class extends SCMLib {
       owner,
       repo
     });
-    return z14.string().parse(prRes.data);
+    return z15.string().parse(prRes.data);
   }
   async getRepoList(_scmOrg) {
     this._validateAccessToken();
@@ -5325,7 +5321,7 @@ var StubSCMLib = class extends SCMLib {
 };
 function getUserAndPassword(token) {
   const [username, password] = token.split(":");
-  const safePasswordAndUsername = z14.object({ username: z14.string(), password: z14.string() }).parse({ username, password });
+  const safePasswordAndUsername = z15.object({ username: z15.string(), password: z15.string() }).parse({ username, password });
   return {
     username: safePasswordAndUsername.username,
     password: safePasswordAndUsername.password
@@ -5361,7 +5357,7 @@ var BitbucketSCMLib = class extends SCMLib {
         return { username, password, authType };
       }
       case "token": {
-        return { authType, token: z14.string().parse(this.accessToken) };
+        return { authType, token: z15.string().parse(this.accessToken) };
       }
       case "public":
         return { authType };
@@ -5373,7 +5369,7 @@ var BitbucketSCMLib = class extends SCMLib {
       ...params,
       repoUrl: this.url
     });
-    return String(z14.number().parse(pullRequestRes.id));
+    return String(z15.number().parse(pullRequestRes.id));
   }
   async validateParams() {
     return validateBitbucketParams({
@@ -5445,7 +5441,7 @@ var BitbucketSCMLib = class extends SCMLib {
   async getUsername() {
     this._validateAccessToken();
     const res = await this.bitbucketSdk.getUser();
-    return z14.string().parse(res.username);
+    return z15.string().parse(res.username);
   }
   async getSubmitRequestStatus(_scmSubmitRequestId) {
     this._validateAccessTokenAndUrl();
@@ -5474,7 +5470,7 @@ var BitbucketSCMLib = class extends SCMLib {
   async getRepoDefaultBranch() {
     this._validateUrl();
     const repoRes = await this.bitbucketSdk.getRepo({ repoUrl: this.url });
-    return z14.string().parse(repoRes.mainbranch?.name);
+    return z15.string().parse(repoRes.mainbranch?.name);
   }
   getPrUrl(prNumber) {
     this._validateUrl();
@@ -5483,51 +5479,42 @@ var BitbucketSCMLib = class extends SCMLib {
       `https://bitbucket.org/${workspace}/${repoSlug}/pull-requests/${prNumber}`
     );
   }
-  async refreshToken(params) {
-    const getBitbucketTokenResponse = await getBitbucketToken({
-      authType: "refresh_token",
-      ...params
-    });
-    return {
-      accessToken: getBitbucketTokenResponse.access_token,
-      refreshToken: getBitbucketTokenResponse.refresh_token
-    };
-  }
 };
 // src/features/analysis/scm/ado/validation.ts
-import { z as z15 } from "zod";
-var ValidPullRequestStatusZ = z15.union([
-  z15.literal(1 /* Active */),
-  z15.literal(2 /* Abandoned */),
-  z15.literal(3 /* Completed */)
+import { z as z16 } from "zod";
+var ValidPullRequestStatusZ = z16.union([
+  z16.literal(1 /* Active */),
+  z16.literal(2 /* Abandoned */),
+  z16.literal(3 /* Completed */)
 ]);
-var AdoAuthResultZ = z15.object({
-  access_token: z15.string().min(1),
-  token_type: z15.string().min(1),
-  refresh_token: z15.string().min(1)
+var AdoAuthResultZ = z16.object({
+  access_token: z16.string().min(1),
+  token_type: z16.string().min(1),
+  refresh_token: z16.string().min(1)
 });
-var profileZ = z15.object({
-  displayName: z15.string(),
-  publicAlias: z15.string().min(1),
-  emailAddress: z15.string(),
-  coreRevision: z15.number(),
-  timeStamp: z15.string(),
-  id: z15.string(),
-  revision: z15.number()
+var profileZ = z16.object({
+  displayName: z16.string(),
+  publicAlias: z16.string().min(1),
+  emailAddress: z16.string(),
+  coreRevision: z16.number(),
+  timeStamp: z16.string(),
+  id: z16.string(),
+  revision: z16.number()
 });
-var accountsZ = z15.object({
-  count: z15.number(),
-  value: z15.array(
-    z15.object({
-      accountId: z15.string(),
-      accountUri: z15.string(),
-      accountName: z15.string()
+var accountsZ = z16.object({
+  count: z16.number(),
+  value: z16.array(
+    z16.object({
+      accountId: z16.string(),
+      accountUri: z16.string(),
+      accountName: z16.string()
     })
   )
 });
 // src/features/analysis/scm/ado/utils.ts
+var debug3 = Debug3("mobbdev:scm:ado");
 function _getPublicAdoClient({
   orgName,
   origin: origin2
@@ -5595,7 +5582,7 @@ async function getAdoConnectData({
         oauthToken: adoTokenInfo.accessToken
       });
       return {
-        org: z16.string().parse(org),
+        org: z17.string().parse(org),
         origin: DEFUALT_ADO_ORIGIN
       };
     }
@@ -5681,7 +5668,7 @@ async function getAdoClientParams(params) {
       return {
         tokenType: "PAT" /* PAT */,
         accessToken: adoTokenInfo.accessToken,
-        patTokenOrg: z16.string().parse(tokenOrg).toLowerCase(),
+        patTokenOrg: z17.string().parse(tokenOrg).toLowerCase(),
         origin: origin2,
         orgName: org.toLowerCase()
       };
@@ -6036,9 +6023,9 @@ async function getAdoRepoList({
 var MOBB_ICON_IMG = "https://app.mobb.ai/gh-action/Logo_Rounded_Icon.svg";
 // src/features/analysis/add_fix_comments_for_pr/utils.ts
-import Debug3 from "debug";
+import Debug5 from "debug";
 import parseDiff2 from "parse-diff";
-import { z as z17 } from "zod";
+import { z as z18 } from "zod";
 // src/features/analysis/utils/by_key.ts
 function keyBy(array, keyBy2) {
@@ -6048,8 +6035,8 @@ function keyBy(array, keyBy2) {
 }
 // src/features/analysis/utils/send_report.ts
-import Debug2 from "debug";
-var debug2 = Debug2("mobbdev:index");
+import Debug4 from "debug";
+var debug4 = Debug4("mobbdev:index");
 async function sendReport({
   spinner,
   submitVulnerabilityReportVariables,
@@ -6060,7 +6047,7 @@ async function sendReport({
       submitVulnerabilityReportVariables
     );
     if (submitRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
-      debug2("error submit vul report %s", submitRes);
+      debug4("error submit vul report %s", submitRes);
       throw new Error("\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed");
     }
     spinner.update({ text: progressMassages.processingVulnerabilityReport });
@@ -6108,7 +6095,7 @@ var scannerToFriendlyString = {
 };
 // src/features/analysis/add_fix_comments_for_pr/utils.ts
-var debug3 = Debug3("mobbdev:handle-finished-analysis");
+var debug5 = Debug5("mobbdev:handle-finished-analysis");
 var getCommitFixButton = (commitUrl) => `<a href="${commitUrl}"><img src=${COMMIT_FIX_SVG}></a>`;
 function calculateRanges(integers) {
   if (integers.length === 0) {
@@ -6143,7 +6130,7 @@ function deleteAllPreviousComments({
     try {
       return scm.deleteComment({ comment_id: comment.id });
     } catch (e) {
-      debug3("delete comment failed %s", e);
+      debug5("delete comment failed %s", e);
       return Promise.resolve();
     }
   });
@@ -6159,7 +6146,7 @@ function deleteAllPreviousGeneralPrComments(params) {
     try {
       return scm.deleteGeneralPrComment({ commentId: comment.id });
     } catch (e) {
-      debug3("delete comment failed %s", e);
+      debug5("delete comment failed %s", e);
       return Promise.resolve();
     }
   });
@@ -6283,7 +6270,7 @@ async function getRelevantVulenrabilitiesFromDiff(params) {
     });
     const lineAddedRanges = calculateRanges(fileNumbers);
     const fileFilter = {
-      path: z17.string().parse(file.to),
+      path: z18.string().parse(file.to),
       ranges: lineAddedRanges.map(([startLine, endLine]) => ({
         endLine,
         startLine
@@ -6324,7 +6311,7 @@ async function postAnalysisInsightComment(params) {
     fixablePrVuls,
     nonFixablePrVuls
   } = prVulenrabilities;
-  debug3({
+  debug5({
     fixablePrVuls,
     nonFixablePrVuls,
     vulnerabilitiesOutsidePr,
@@ -6379,7 +6366,7 @@ ${contactUsMarkdown}`;
 }
 // src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
-var debug4 = Debug4("mobbdev:handle-finished-analysis");
+var debug6 = Debug6("mobbdev:handle-finished-analysis");
 async function addFixCommentsForPr({
   analysisId,
   scm: _scm,
@@ -6391,7 +6378,7 @@ async function addFixCommentsForPr({
   }
   const scm = _scm;
   const getAnalysisRes = await gqlClient.getAnalysis(analysisId);
-  debug4("getAnalysis %o", getAnalysisRes);
+  debug6("getAnalysis %o", getAnalysisRes);
   const {
     vulnerabilityReport: {
       projectId,
@@ -6453,8 +6440,8 @@ async function addFixCommentsForPr({
 }
 // src/features/analysis/auto_pr_handler.ts
-import Debug5 from "debug";
-var debug5 = Debug5("mobbdev:handleAutoPr");
+import Debug7 from "debug";
+var debug7 = Debug7("mobbdev:handleAutoPr");
 async function handleAutoPr(params) {
   const { gqlClient, analysisId, createSpinner: createSpinner4 } = params;
   const createAutoPrSpinner = createSpinner4(
@@ -6466,7 +6453,7 @@ async function handleAutoPr(params) {
     },
     callback: async (analysisId2) => {
       const autoPrAnalysisRes = await gqlClient.autoPrAnalysis(analysisId2);
-      debug5("auto pr analysis res %o", autoPrAnalysisRes);
+      debug7("auto pr analysis res %o", autoPrAnalysisRes);
       if (autoPrAnalysisRes.autoPrAnalysis?.__typename === "AutoPrError") {
         createAutoPrSpinner.error({
           text: `\u{1F504} Automatic pull request failed - ${autoPrAnalysisRes.autoPrAnalysis.error}`
@@ -6491,12 +6478,12 @@ async function handleAutoPr(params) {
 }
 // src/features/analysis/git.ts
-import Debug6 from "debug";
+import Debug8 from "debug";
 import { simpleGit as simpleGit2 } from "simple-git";
-var debug6 = Debug6("mobbdev:git");
+var debug8 = Debug8("mobbdev:git");
 var GIT_NOT_INITIALIZED_ERROR_MESSAGE = "not a git repository";
 async function getGitInfo(srcDirPath) {
-  debug6("getting git info for %s", srcDirPath);
+  debug8("getting git info for %s", srcDirPath);
   const git = simpleGit2({
     baseDir: srcDirPath,
     maxConcurrentProcesses: 1,
@@ -6511,11 +6498,11 @@ async function getGitInfo(srcDirPath) {
     reference = await git.revparse(["--abbrev-ref", "HEAD"]) || "";
   } catch (e) {
     if (e instanceof Error) {
-      debug6("failed to run git %o", e);
+      debug8("failed to run git %o", e);
       if (e.message.includes(" spawn ")) {
-        debug6("git cli not installed");
+        debug8("git cli not installed");
       } else if (e.message.includes(GIT_NOT_INITIALIZED_ERROR_MESSAGE)) {
-        debug6("folder is not a git repo");
+        debug8("folder is not a git repo");
         return {
           success: false,
           hash: void 0,
@@ -6543,7 +6530,7 @@ async function getGitInfo(srcDirPath) {
 }
 // src/features/analysis/graphql/gql.ts
-import Debug7 from "debug";
+import Debug9 from "debug";
 import { GraphQLClient } from "graphql-request";
 import { v4 as uuidv4 } from "uuid";
@@ -6628,36 +6615,36 @@ function subscribe(query, variables, callback, wsClientOptions) {
 }
 // src/features/analysis/graphql/types.ts
-import { z as z18 } from "zod";
-var VulnerabilityReportIssueCodeNodeZ = z18.object({
-  vulnerabilityReportIssueId: z18.string(),
-  path: z18.string(),
-  startLine: z18.number(),
-  vulnerabilityReportIssue: z18.object({
-    fixId: z18.string()
+import { z as z19 } from "zod";
+var VulnerabilityReportIssueCodeNodeZ = z19.object({
+  vulnerabilityReportIssueId: z19.string(),
+  path: z19.string(),
+  startLine: z19.number(),
+  vulnerabilityReportIssue: z19.object({
+    fixId: z19.string()
   })
 });
-var GetVulByNodesMetadataZ = z18.object({
-  vulnerabilityReportIssueCodeNodes: z18.array(VulnerabilityReportIssueCodeNodeZ),
-  nonFixablePrVuls: z18.object({
-    aggregate: z18.object({
-      count: z18.number()
+var GetVulByNodesMetadataZ = z19.object({
+  vulnerabilityReportIssueCodeNodes: z19.array(VulnerabilityReportIssueCodeNodeZ),
+  nonFixablePrVuls: z19.object({
+    aggregate: z19.object({
+      count: z19.number()
     })
   }),
-  fixablePrVuls: z18.object({
-    aggregate: z18.object({
-      count: z18.number()
+  fixablePrVuls: z19.object({
+    aggregate: z19.object({
+      count: z19.number()
     })
   }),
-  totalScanVulnerabilities: z18.object({
-    aggregate: z18.object({
-      count: z18.number()
+  totalScanVulnerabilities: z19.object({
+    aggregate: z19.object({
+      count: z19.number()
     })
   })
 });
 // src/features/analysis/graphql/gql.ts
-var debug7 = Debug7("mobbdev:gql");
+var debug9 = Debug9("mobbdev:gql");
 var API_KEY_HEADER_NAME = "x-mobb-key";
 var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
 var GQLClient = class {
@@ -6665,7 +6652,7 @@ var GQLClient = class {
     __publicField(this, "_client");
     __publicField(this, "_clientSdk");
     __publicField(this, "_auth");
-    debug7(`init with  ${args}`);
+    debug9(`init with  ${args}`);
     this._auth = args;
     this._client = new GraphQLClient(API_URL, {
       headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
@@ -6673,7 +6660,7 @@ var GQLClient = class {
       },
       requestMiddleware: (request) => {
         const requestId = uuidv4();
-        debug7(
+        debug9(
           `sending API request with id: ${requestId} and with request: ${request.body}`
         );
         return {
@@ -6703,7 +6690,7 @@ var GQLClient = class {
     try {
       await this.getUserInfo();
     } catch (e) {
-      debug7("verify token failed %o", e);
+      debug9("verify token failed %o", e);
       return false;
     }
     return true;
@@ -6747,7 +6734,7 @@ var GQLClient = class {
     try {
       await this._clientSdk.CreateCommunityUser();
     } catch (e) {
-      debug7("create community user failed %o", e);
+      debug9("create community user failed %o", e);
     }
   }
   async updateScmToken(args) {
@@ -6941,10 +6928,10 @@ var GQLClient = class {
 import fs2 from "node:fs";
 import path4 from "node:path";
 import AdmZip from "adm-zip";
-import Debug8 from "debug";
+import Debug10 from "debug";
 import { globby } from "globby";
 import { isBinary } from "istextorbinary";
-var debug8 = Debug8("mobbdev:pack");
+var debug10 = Debug10("mobbdev:pack");
 var MAX_FILE_SIZE = 1024 * 1024 * 5;
 function endsWithAny(str, suffixes) {
   return suffixes.some(function(suffix) {
@@ -6955,7 +6942,7 @@ function _get_manifest_files_suffixes() {
   return ["package.json"];
 }
 async function pack(srcDirPath, vulnFiles) {
-  debug8("pack folder %s", srcDirPath);
+  debug10("pack folder %s", srcDirPath);
   const filepaths = await globby("**", {
     gitignore: true,
     onlyFiles: true,
@@ -6963,9 +6950,9 @@ async function pack(srcDirPath, vulnFiles) {
     followSymbolicLinks: false,
     dot: true
   });
-  debug8("files found %d", filepaths.length);
+  debug10("files found %d", filepaths.length);
   const zip = new AdmZip();
-  debug8("compressing files");
+  debug10("compressing files");
   for (const filepath of filepaths) {
     const absFilepath = path4.join(srcDirPath, filepath.toString());
     vulnFiles = vulnFiles.concat(_get_manifest_files_suffixes());
@@ -6973,21 +6960,21 @@ async function pack(srcDirPath, vulnFiles) {
       absFilepath.toString().replaceAll(path4.win32.sep, path4.posix.sep),
       vulnFiles
     )) {
-      debug8("ignoring %s because it is not a vulnerability file", filepath);
+      debug10("ignoring %s because it is not a vulnerability file", filepath);
       continue;
     }
     if (fs2.lstatSync(absFilepath).size > MAX_FILE_SIZE) {
-      debug8("ignoring %s because the size is > 5MB", filepath);
+      debug10("ignoring %s because the size is > 5MB", filepath);
       continue;
     }
     const data = fs2.readFileSync(absFilepath);
     if (isBinary(null, data)) {
-      debug8("ignoring %s because is seems to be a binary file", filepath);
+      debug10("ignoring %s because is seems to be a binary file", filepath);
       continue;
     }
     zip.addFile(filepath.toString(), data);
   }
-  debug8("get zip file buffer");
+  debug10("get zip file buffer");
   return zip.toBuffer();
 }
@@ -7063,7 +7050,7 @@ var cxOperatingSystemSupportMessage = `Your operating system does not support ch
 // src/utils/child_process.ts
 import cp from "node:child_process";
-import Debug9 from "debug";
+import Debug11 from "debug";
 import * as process2 from "process";
 import supportsColor from "supports-color";
 var { stdout: stdout2 } = supportsColor;
@@ -7082,16 +7069,16 @@ function createSpwan({ args, processPath, name }, options) {
   return createChildProcess({ childProcess: child, name }, options);
 }
 function createChildProcess({ childProcess, name }, options) {
-  const debug13 = Debug9(`mobbdev:${name}`);
+  const debug15 = Debug11(`mobbdev:${name}`);
   const { display } = options;
   return new Promise((resolve, reject) => {
     let out = "";
     const onData = (chunk) => {
-      debug13(`chunk received from ${name} std ${chunk}`);
+      debug15(`chunk received from ${name} std ${chunk}`);
       out += chunk;
     };
     if (!childProcess || !childProcess?.stdout || !childProcess?.stderr) {
-      debug13(`unable to fork ${name}`);
+      debug15(`unable to fork ${name}`);
       reject(new Error(`unable to fork ${name}`));
     }
     childProcess.stdout?.on("data", onData);
@@ -7101,11 +7088,11 @@ function createChildProcess({ childProcess, name }, options) {
       childProcess.stderr?.pipe(process2.stderr);
     }
     childProcess.on("exit", (code) => {
-      debug13(`${name} exit code ${code}`);
+      debug15(`${name} exit code ${code}`);
       resolve({ message: out, code });
     });
     childProcess.on("error", (err) => {
-      debug13(`${name} error %o`, err);
+      debug15(`${name} error %o`, err);
       reject(err);
     });
   });
@@ -7113,12 +7100,12 @@ function createChildProcess({ childProcess, name }, options) {
 // src/features/analysis/scanners/checkmarx.ts
 import chalk2 from "chalk";
-import Debug10 from "debug";
+import Debug12 from "debug";
 import { existsSync } from "fs";
 import { createSpinner as createSpinner2 } from "nanospinner";
 import { type } from "os";
 import path5 from "path";
-var debug9 = Debug10("mobbdev:checkmarx");
+var debug11 = Debug12("mobbdev:checkmarx");
 var require2 = createRequire(import.meta.url);
 var getCheckmarxPath = () => {
   const os2 = type();
@@ -7159,14 +7146,14 @@ function validateCheckmarxInstallation() {
   existsSync(getCheckmarxPath());
 }
 async function forkCheckmarx(args, { display }) {
-  debug9("fork checkmarx with args %o %s", args.join(" "), display);
+  debug11("fork checkmarx with args %o %s", args.join(" "), display);
   return createSpwan(
     { args, processPath: getCheckmarxPath(), name: "checkmarx" },
     { display }
   );
 }
 async function getCheckmarxReport({ reportPath, repositoryRoot, branch, projectName }, { skipPrompts = false }) {
-  debug9("get checkmarx report start %s %s", reportPath, repositoryRoot);
+  debug11("get checkmarx report start %s %s", reportPath, repositoryRoot);
   const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
     display: false
   });
@@ -7234,20 +7221,20 @@ async function validateCheckamxCredentials() {
 // src/features/analysis/scanners/snyk.ts
 import { createRequire as createRequire2 } from "node:module";
 import chalk3 from "chalk";
-import Debug11 from "debug";
+import Debug13 from "debug";
 import { createSpinner as createSpinner3 } from "nanospinner";
 import open from "open";
-var debug10 = Debug11("mobbdev:snyk");
+var debug12 = Debug13("mobbdev:snyk");
 var require3 = createRequire2(import.meta.url);
 var SNYK_PATH = require3.resolve("snyk/bin/snyk");
 var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-using-snyk/snyk-code/configure-snyk-code#enable-snyk-code";
-debug10("snyk executable path %s", SNYK_PATH);
+debug12("snyk executable path %s", SNYK_PATH);
 async function forkSnyk(args, { display }) {
-  debug10("fork snyk with args %o %s", args, display);
+  debug12("fork snyk with args %o %s", args, display);
   return createFork({ args, processPath: SNYK_PATH, name: "snyk" }, { display });
 }
 async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
-  debug10("get snyk report start %s %s", reportPath, repoRoot);
+  debug12("get snyk report start %s %s", reportPath, repoRoot);
   const config4 = await forkSnyk(["config"], { display: false });
   const { message: configMessage } = config4;
   if (!configMessage.includes("api: ")) {
@@ -7261,7 +7248,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
     snykLoginSpinner.update({
       text: "\u{1F513} Waiting for Snyk login to complete"
     });
-    debug10("no token in the config %s", config4);
+    debug12("no token in the config %s", config4);
     await forkSnyk(["auth"], { display: true });
     snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
   }
@@ -7271,12 +7258,12 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
     { display: true }
   );
   if (scanOutput.includes("Snyk Code is not supported for org")) {
-    debug10("snyk code is not enabled %s", scanOutput);
+    debug12("snyk code is not enabled %s", scanOutput);
     snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
     const answer = await snykArticlePrompt();
-    debug10("answer %s", answer);
+    debug12("answer %s", answer);
     if (answer) {
-      debug10("opening the browser");
+      debug12("opening the browser");
       await open(SNYK_ARTICLE_URL);
     }
     console.log(
@@ -7291,18 +7278,18 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
 }
 // src/features/analysis/upload-file.ts
-import Debug12 from "debug";
+import Debug14 from "debug";
 import fetch3, { File, fileFrom, FormData } from "node-fetch";
-var debug11 = Debug12("mobbdev:upload-file");
+var debug13 = Debug14("mobbdev:upload-file");
 async function uploadFile({
   file,
   url,
   uploadKey,
   uploadFields
 }) {
-  debug11("upload file start %s", url);
-  debug11("upload fields %o", uploadFields);
-  debug11("upload key %s", uploadKey);
+  debug13("upload file start %s", url);
+  debug13("upload fields %o", uploadFields);
+  debug13("upload key %s", uploadKey);
   const form = new FormData();
   Object.entries(uploadFields).forEach(([key, value]) => {
     form.append(key, value);
@@ -7311,10 +7298,10 @@ async function uploadFile({
     form.append("key", uploadKey);
   }
   if (typeof file === "string") {
-    debug11("upload file from path %s", file);
+    debug13("upload file from path %s", file);
     form.append("file", await fileFrom(file));
   } else {
-    debug11("upload file from buffer");
+    debug13("upload file from buffer");
     form.append("file", new File([file], "file"));
   }
   const response = await fetch3(url, {
@@ -7322,10 +7309,10 @@ async function uploadFile({
     body: form
   });
   if (!response.ok) {
-    debug11("error from S3 %s %s", response.body, response.status);
+    debug13("error from S3 %s %s", response.body, response.status);
     throw new Error(`Failed to upload the file: ${response.status}`);
   }
-  debug11("upload file done");
+  debug13("upload file done");
 }
 // src/features/analysis/index.ts
@@ -7345,9 +7332,9 @@ async function downloadRepo({
 }) {
   const { createSpinner: createSpinner4 } = Spinner2({ ci });
   const repoSpinner = createSpinner4("\u{1F4BE} Downloading Repo").start();
-  debug12("download repo %s %s %s", repoUrl, dirname);
+  debug14("download repo %s %s %s", repoUrl, dirname);
   const zipFilePath = path6.join(dirname, "repo.zip");
-  debug12("download URL: %s auth headers: %o", downloadUrl, authHeaders);
+  debug14("download URL: %s auth headers: %o", downloadUrl, authHeaders);
   const response = await fetch4(downloadUrl, {
     method: "GET",
     headers: {
@@ -7355,7 +7342,7 @@ async function downloadRepo({
     }
   });
   if (!response.ok) {
-    debug12("SCM zipball request failed %s %s", response.body, response.status);
+    debug14("SCM zipball request failed %s %s", response.body, response.status);
     repoSpinner.error({ text: "\u{1F4BE} Repo download failed" });
     throw new Error(`Can't access ${chalk4.bold(repoUrl)}`);
   }
@@ -7369,7 +7356,7 @@ async function downloadRepo({
   if (!repoRoot) {
     throw new Error("Repo root not found");
   }
-  debug12("repo root %s", repoRoot);
+  debug14("repo root %s", repoRoot);
   repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
   return path6.join(dirname, repoRoot);
 }
@@ -7383,7 +7370,7 @@ var getReportUrl = ({
   projectId,
   fixReportId
 }) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
-var debug12 = Debug13("mobbdev:index");
+var debug14 = Debug15("mobbdev:index");
 var packageJson = JSON.parse(
   fs3.readFileSync(path6.join(getDirName(), "../package.json"), "utf8")
 );
@@ -7393,7 +7380,7 @@ if (!semver.satisfies(process.version, packageJson.engines.node)) {
   );
 }
 var config2 = new Configstore(packageJson.name, { apiToken: "" });
-debug12("config %o", config2);
+debug14("config %o", config2);
 async function runAnalysis(params, options) {
   const tmpObj = tmp2.dirSync({
     unsafeCleanup: true
@@ -7535,7 +7522,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
     organizationId: userOrganizationId,
     autoPr
   } = params;
-  debug12("start %s %s", dirname, repo);
+  debug14("start %s %s", dirname, repo);
   const { createSpinner: createSpinner4 } = Spinner2({ ci });
   skipPrompts = skipPrompts || ci;
   let gqlClient = new GQLClient({
@@ -7602,8 +7589,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
     );
   }
   const { sha } = getReferenceDataRes.gitReference;
-  debug12("project id %s", projectId);
-  debug12("default branch %s", reference);
+  debug14("project id %s", projectId);
+  debug14("default branch %s", reference);
   if (command === "scan") {
     reportPath = await getReport(
       {
@@ -7641,7 +7628,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
     spinner: mobbSpinner,
     submitVulnerabilityReportVariables: {
       fixReportId: reportUploadInfo.fixReportId,
-      repoUrl: z19.string().parse(repo),
+      repoUrl: z20.string().parse(repo),
       reference,
       projectId,
       vulnerabilityReportFileName: "report.json",
@@ -7722,9 +7709,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
       });
       loginSpinner.spin();
       if (encryptedApiToken) {
-        debug12("encrypted API token received %s", encryptedApiToken);
+        debug14("encrypted API token received %s", encryptedApiToken);
         newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
-        debug12("API token decrypted");
+        debug14("API token decrypted");
         break;
       }
       await sleep(LOGIN_CHECK_DELAY);
@@ -7737,7 +7724,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
     }
     gqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
     if (await gqlClient.verifyToken()) {
-      debug12("set api token %s", newApiToken);
+      debug14("set api token %s", newApiToken);
       config2.set("apiToken", newApiToken);
       loginSpinner.success({ text: "\u{1F513} Login to Mobb successful!" });
     } else {
@@ -7880,9 +7867,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
         }
       });
       if (command === "review") {
-        const params2 = z19.object({
-          repo: z19.string().url(),
-          githubActionToken: z19.string()
+        const params2 = z20.object({
+          repo: z20.string().url(),
+          githubActionToken: z20.string()
         }).parse({ repo, githubActionToken });
         const scm = await SCMLib.init(
           {
@@ -7904,7 +7891,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
               analysisId,
               gqlClient,
               scm,
-              scanner: z19.nativeEnum(SCANNERS).parse(scanner)
+              scanner: z20.nativeEnum(SCANNERS).parse(scanner)
             });
           },
           callbackStates: ["Finished" /* Finished */]
@@ -8131,7 +8118,7 @@ var scmTokenOption = {
 // src/args/validation.ts
 import chalk6 from "chalk";
 import path8 from "path";
-import { z as z20 } from "zod";
+import { z as z21 } from "zod";
 function throwRepoUrlErrorMessage({
   error,
   repoUrl,
@@ -8148,13 +8135,13 @@ Example:
   )}`;
   throw new CliError(formattedErrorMessage);
 }
-var UrlZ = z20.string({
+var UrlZ = z21.string({
   invalid_type_error: `is not a valid ${Object.values(ScmType).join("/ ")} URL`
 }).refine((data) => !!sanityRepoURL(data), {
   message: `is not a valid ${Object.values(ScmType).join(" / ")} URL`
 });
 function validateOrganizationId(organizationId) {
-  const orgIdValidation = z20.string().uuid().nullish().safeParse(organizationId);
+  const orgIdValidation = z21.string().uuid().nullish().safeParse(organizationId);
   if (!orgIdValidation.success) {
     throw new CliError(`organizationId: ${organizationId} is not a valid UUID`);
   }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.165",
+  "version": "0.0.167",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",
@@ -33,7 +33,7 @@
     "@octokit/plugin-rest-endpoint-methods": "7.2.3",
     "@octokit/request-error": "3.0.3",
     "@types/libsodium-wrappers": "0.7.13",
-    "adm-zip": "0.5.15",
+    "adm-zip": "0.5.16",
     "axios": "1.7.7",
     "azure-devops-node-api": "12.1.0",
     "bitbucket": "2.11.0",
@@ -58,8 +58,8 @@
     "open": "8.4.2",
     "parse-diff": "0.11.1",
     "semver": "7.6.3",
-    "simple-git": "3.26.0",
-    "snyk": "1.1293.0",
+    "simple-git": "3.27.0",
+    "snyk": "1.1293.1",
     "supports-color": "9.4.0",
     "tar": "6.2.1",
     "tmp": "0.2.3",
@@ -71,11 +71,11 @@
   },
   "devDependencies": {
     "@graphql-codegen/cli": "5.0.2",
-    "@graphql-codegen/typescript": "3.0.4",
+    "@graphql-codegen/typescript": "4.0.9",
     "@graphql-codegen/typescript-graphql-request": "6.2.0",
-    "@graphql-codegen/typescript-operations": "3.0.4",
+    "@graphql-codegen/typescript-operations": "4.2.3",
     "@octokit/request-error": "3.0.3",
-    "@octokit/types": "13.5.0",
+    "@octokit/types": "13.6.0",
     "@types/adm-zip": "0.5.5",
     "@types/chalk-animation": "1.6.3",
     "@types/configstore": "6.0.2",