mobbdev 0.0.168 → 0.0.169
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +60 -46
- package/package.json +14 -10
package/dist/index.mjs
CHANGED
|
@@ -3637,7 +3637,7 @@ function getFetch(url) {
|
|
|
3637
3637
|
}
|
|
3638
3638
|
return fetch2;
|
|
3639
3639
|
}
|
|
3640
|
-
function
|
|
3640
|
+
function getOctoKit(options) {
|
|
3641
3641
|
const token = !options?.auth && !isGithubOnPrem(options?.url) ? GITHUB_API_TOKEN : options?.auth;
|
|
3642
3642
|
const baseUrl = options?.url && isGithubOnPrem(options.url) ? `${new URL(options.url).origin}/api/v3` : void 0;
|
|
3643
3643
|
return new Octokit({
|
|
@@ -3654,7 +3654,7 @@ function isGithubActionActionToken(token) {
|
|
|
3654
3654
|
}
|
|
3655
3655
|
async function githubValidateParams(url, accessToken) {
|
|
3656
3656
|
try {
|
|
3657
|
-
const oktoKit =
|
|
3657
|
+
const oktoKit = getOctoKit({ auth: accessToken, url });
|
|
3658
3658
|
if (accessToken && !isGithubActionActionToken(accessToken)) {
|
|
3659
3659
|
await oktoKit.rest.users.getAuthenticated();
|
|
3660
3660
|
}
|
|
@@ -3681,57 +3681,57 @@ async function githubValidateParams(url, accessToken) {
|
|
|
3681
3681
|
}
|
|
3682
3682
|
|
|
3683
3683
|
// src/features/analysis/scm/github/github.ts
|
|
3684
|
-
function getGithubSdk(
|
|
3685
|
-
const octokit =
|
|
3684
|
+
function getGithubSdk(params = {}) {
|
|
3685
|
+
const octokit = getOctoKit(params);
|
|
3686
3686
|
return {
|
|
3687
|
-
async postPrComment(
|
|
3688
|
-
return octokit.request(POST_COMMENT_PATH,
|
|
3687
|
+
async postPrComment(params2) {
|
|
3688
|
+
return octokit.request(POST_COMMENT_PATH, params2);
|
|
3689
3689
|
},
|
|
3690
|
-
async updatePrComment(
|
|
3691
|
-
return octokit.request(UPDATE_COMMENT_PATH,
|
|
3690
|
+
async updatePrComment(params2) {
|
|
3691
|
+
return octokit.request(UPDATE_COMMENT_PATH, params2);
|
|
3692
3692
|
},
|
|
3693
|
-
async getPrComments(
|
|
3694
|
-
return octokit.request(GET_PR_COMMENTS_PATH,
|
|
3693
|
+
async getPrComments(params2) {
|
|
3694
|
+
return octokit.request(GET_PR_COMMENTS_PATH, params2);
|
|
3695
3695
|
},
|
|
3696
|
-
async getPrComment(
|
|
3697
|
-
return octokit.request(GET_PR_COMMENT_PATH,
|
|
3696
|
+
async getPrComment(params2) {
|
|
3697
|
+
return octokit.request(GET_PR_COMMENT_PATH, params2);
|
|
3698
3698
|
},
|
|
3699
|
-
async deleteComment(
|
|
3700
|
-
return octokit.request(DELETE_COMMENT_PATH,
|
|
3699
|
+
async deleteComment(params2) {
|
|
3700
|
+
return octokit.request(DELETE_COMMENT_PATH, params2);
|
|
3701
3701
|
},
|
|
3702
|
-
async replyToCodeReviewComment(
|
|
3703
|
-
return octokit.request(REPLY_TO_CODE_REVIEW_COMMENT_PATH,
|
|
3702
|
+
async replyToCodeReviewComment(params2) {
|
|
3703
|
+
return octokit.request(REPLY_TO_CODE_REVIEW_COMMENT_PATH, params2);
|
|
3704
3704
|
},
|
|
3705
|
-
async getPrDiff(
|
|
3705
|
+
async getPrDiff(params2) {
|
|
3706
3706
|
return octokit.request(GET_PR, {
|
|
3707
|
-
...
|
|
3707
|
+
...params2,
|
|
3708
3708
|
mediaType: { format: "diff" }
|
|
3709
3709
|
});
|
|
3710
3710
|
},
|
|
3711
|
-
async getPr(
|
|
3712
|
-
return octokit.request(GET_PR, { ...
|
|
3711
|
+
async getPr(params2) {
|
|
3712
|
+
return octokit.request(GET_PR, { ...params2 });
|
|
3713
3713
|
},
|
|
3714
|
-
async createOrUpdateRepositorySecret(
|
|
3715
|
-
return octokit.request(CREATE_OR_UPDATE_A_REPOSITORY_SECRET,
|
|
3714
|
+
async createOrUpdateRepositorySecret(params2) {
|
|
3715
|
+
return octokit.request(CREATE_OR_UPDATE_A_REPOSITORY_SECRET, params2);
|
|
3716
3716
|
},
|
|
3717
|
-
async getRepositoryPublicKey(
|
|
3718
|
-
return octokit.request(GET_A_REPOSITORY_PUBLIC_KEY,
|
|
3717
|
+
async getRepositoryPublicKey(params2) {
|
|
3718
|
+
return octokit.request(GET_A_REPOSITORY_PUBLIC_KEY, params2);
|
|
3719
3719
|
},
|
|
3720
|
-
async postGeneralPrComment(
|
|
3721
|
-
return octokit.request(POST_GENERAL_PR_COMMENT,
|
|
3720
|
+
async postGeneralPrComment(params2) {
|
|
3721
|
+
return octokit.request(POST_GENERAL_PR_COMMENT, params2);
|
|
3722
3722
|
},
|
|
3723
|
-
async getGeneralPrComments(
|
|
3724
|
-
return octokit.request(GET_GENERAL_PR_COMMENTS,
|
|
3723
|
+
async getGeneralPrComments(params2) {
|
|
3724
|
+
return octokit.request(GET_GENERAL_PR_COMMENTS, params2);
|
|
3725
3725
|
},
|
|
3726
|
-
async deleteGeneralPrComment(
|
|
3727
|
-
return octokit.request(DELETE_GENERAL_PR_COMMENT,
|
|
3726
|
+
async deleteGeneralPrComment(params2) {
|
|
3727
|
+
return octokit.request(DELETE_GENERAL_PR_COMMENT, params2);
|
|
3728
3728
|
},
|
|
3729
3729
|
async getGithubUsername() {
|
|
3730
3730
|
const res = await octokit.rest.users.getAuthenticated();
|
|
3731
3731
|
return res.data.login;
|
|
3732
3732
|
},
|
|
3733
|
-
async getGithubIsUserCollaborator(
|
|
3734
|
-
const { username, repoUrl } =
|
|
3733
|
+
async getGithubIsUserCollaborator(params2) {
|
|
3734
|
+
const { username, repoUrl } = params2;
|
|
3735
3735
|
try {
|
|
3736
3736
|
const { owner, repo } = parseGithubOwnerAndRepo(repoUrl);
|
|
3737
3737
|
const res = await octokit.rest.repos.checkCollaborator({
|
|
@@ -3747,8 +3747,8 @@ function getGithubSdk(parmas = {}) {
|
|
|
3747
3747
|
}
|
|
3748
3748
|
return false;
|
|
3749
3749
|
},
|
|
3750
|
-
async getGithubPullRequestStatus(
|
|
3751
|
-
const { repoUrl, prNumber } =
|
|
3750
|
+
async getGithubPullRequestStatus(params2) {
|
|
3751
|
+
const { repoUrl, prNumber } = params2;
|
|
3752
3752
|
const { owner, repo } = parseGithubOwnerAndRepo(repoUrl);
|
|
3753
3753
|
const res = await octokit.rest.pulls.get({
|
|
3754
3754
|
owner,
|
|
@@ -3763,8 +3763,8 @@ function getGithubSdk(parmas = {}) {
|
|
|
3763
3763
|
}
|
|
3764
3764
|
return res.data.state;
|
|
3765
3765
|
},
|
|
3766
|
-
async getGithubIsRemoteBranch(
|
|
3767
|
-
const { repoUrl, branch } =
|
|
3766
|
+
async getGithubIsRemoteBranch(params2) {
|
|
3767
|
+
const { repoUrl, branch } = params2;
|
|
3768
3768
|
const { owner, repo } = parseGithubOwnerAndRepo(repoUrl);
|
|
3769
3769
|
try {
|
|
3770
3770
|
const res = await octokit.rest.repos.getBranch({
|
|
@@ -3891,8 +3891,8 @@ function getGithubSdk(parmas = {}) {
|
|
|
3891
3891
|
sha: res.data.sha
|
|
3892
3892
|
};
|
|
3893
3893
|
},
|
|
3894
|
-
async getGithubBlameRanges(
|
|
3895
|
-
const { ref, gitHubUrl, path: path9 } =
|
|
3894
|
+
async getGithubBlameRanges(params2) {
|
|
3895
|
+
const { ref, gitHubUrl, path: path9 } = params2;
|
|
3896
3896
|
const { owner, repo } = parseGithubOwnerAndRepo(gitHubUrl);
|
|
3897
3897
|
const res = await octokit.graphql(
|
|
3898
3898
|
GET_BLAME_DOCUMENT,
|
|
@@ -3915,8 +3915,8 @@ function getGithubSdk(parmas = {}) {
|
|
|
3915
3915
|
}));
|
|
3916
3916
|
},
|
|
3917
3917
|
// todo: refactor the name for this function
|
|
3918
|
-
async createPr(
|
|
3919
|
-
const { sourceRepoUrl, filesPaths, userRepoUrl, title, body } =
|
|
3918
|
+
async createPr(params2) {
|
|
3919
|
+
const { sourceRepoUrl, filesPaths, userRepoUrl, title, body } = params2;
|
|
3920
3920
|
const { owner: sourceOwner, repo: sourceRepo } = parseGithubOwnerAndRepo(sourceRepoUrl);
|
|
3921
3921
|
const { owner, repo } = parseGithubOwnerAndRepo(userRepoUrl);
|
|
3922
3922
|
const [sourceFilePath, secondFilePath] = filesPaths;
|
|
@@ -5721,6 +5721,10 @@ async function adoValidateParams({
|
|
|
5721
5721
|
await getAdoClientParams({ url, accessToken, tokenOrg })
|
|
5722
5722
|
);
|
|
5723
5723
|
await api2.connect();
|
|
5724
|
+
if (url) {
|
|
5725
|
+
const git = await api2.getGitApi();
|
|
5726
|
+
await validateAdoRepo({ git, repoUrl: url });
|
|
5727
|
+
}
|
|
5724
5728
|
} catch (e) {
|
|
5725
5729
|
console.log("adoValidateParams error", e);
|
|
5726
5730
|
const error = e;
|
|
@@ -5763,6 +5767,20 @@ async function _getOrgsForOauthToken({
|
|
|
5763
5767
|
const orgs = accounts.value.map((account) => account.accountName).filter((value, index, array) => array.indexOf(value) === index);
|
|
5764
5768
|
return orgs;
|
|
5765
5769
|
}
|
|
5770
|
+
async function validateAdoRepo({
|
|
5771
|
+
git,
|
|
5772
|
+
repoUrl
|
|
5773
|
+
}) {
|
|
5774
|
+
const isAdoRepo = !!parseScmURL(repoUrl, "Ado" /* Ado */);
|
|
5775
|
+
if (!isAdoRepo) {
|
|
5776
|
+
return;
|
|
5777
|
+
}
|
|
5778
|
+
const { repo, projectName } = parseAdoOwnerAndRepo(repoUrl);
|
|
5779
|
+
const branches = await git.getBranches(repo, projectName);
|
|
5780
|
+
if (!branches || branches.length === 0) {
|
|
5781
|
+
throw new InvalidRepoUrlError("no branches");
|
|
5782
|
+
}
|
|
5783
|
+
}
|
|
5766
5784
|
|
|
5767
5785
|
// src/features/analysis/scm/ado/ado.ts
|
|
5768
5786
|
async function getAdoSdk(params) {
|
|
@@ -5770,12 +5788,8 @@ async function getAdoSdk(params) {
|
|
|
5770
5788
|
return {
|
|
5771
5789
|
async getAdoIsUserCollaborator({ repoUrl }) {
|
|
5772
5790
|
try {
|
|
5773
|
-
const { repo, projectName } = parseAdoOwnerAndRepo(repoUrl);
|
|
5774
5791
|
const git = await api2.getGitApi();
|
|
5775
|
-
|
|
5776
|
-
if (!branches || branches.length === 0) {
|
|
5777
|
-
throw new InvalidRepoUrlError("no branches");
|
|
5778
|
-
}
|
|
5792
|
+
await validateAdoRepo({ git, repoUrl });
|
|
5779
5793
|
return true;
|
|
5780
5794
|
} catch (e) {
|
|
5781
5795
|
return false;
|
|
@@ -8044,7 +8058,7 @@ async function scan(scanOptions, { skipPrompts = false } = {}) {
|
|
|
8044
8058
|
const selectedScanner = scanner || await choseScanner();
|
|
8045
8059
|
if (selectedScanner !== SCANNERS.Checkmarx && selectedScanner !== SCANNERS.Snyk) {
|
|
8046
8060
|
throw new CliError(
|
|
8047
|
-
"Vulnerability scanning via Bugsy is available only with Snyk at the moment. Additional scanners will follow soon."
|
|
8061
|
+
"Vulnerability scanning via Bugsy is available only with Snyk and Checkmarx at the moment. Additional scanners will follow soon."
|
|
8048
8062
|
);
|
|
8049
8063
|
}
|
|
8050
8064
|
selectedScanner === SCANNERS.Checkmarx && validateCheckmarxInstallation();
|
package/package.json
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mobbdev",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.169",
|
|
4
4
|
"description": "Automated secure code remediation tool",
|
|
5
|
-
"repository": "https://github.com/mobb-dev/bugsy",
|
|
5
|
+
"repository": "git+https://github.com/mobb-dev/bugsy.git",
|
|
6
6
|
"main": "dist/index.js",
|
|
7
7
|
"module": "dist/index.js",
|
|
8
8
|
"scripts": {
|
|
@@ -12,12 +12,14 @@
|
|
|
12
12
|
"build": "tsc && tsup-node --env.NODE_ENV production",
|
|
13
13
|
"build:dev": "tsup-node --env.NODE_ENV development",
|
|
14
14
|
"test": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run",
|
|
15
|
+
"test:coverage": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --coverage ",
|
|
15
16
|
"test:watch": "TOKEN=$(../../scripts/login_auth0.sh) vitest",
|
|
16
17
|
"lint": "eslint --cache --max-warnings 0 --ignore-path .eslintignore --ext .ts,.tsx,.jsx .",
|
|
17
18
|
"lint:fix": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx .",
|
|
18
19
|
"lint:fix:files": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx",
|
|
19
20
|
"prepack": "dotenv-vault pull production .env && pnpm build",
|
|
20
|
-
"generate": "pnpm run env -- graphql-codegen -r dotenv/config --config client_codegen.ts"
|
|
21
|
+
"generate": "pnpm run env -- graphql-codegen -r dotenv/config --config client_codegen.ts",
|
|
22
|
+
"test:e2e": "cd ./__e2e__ && npm i && npm run test"
|
|
21
23
|
},
|
|
22
24
|
"bin": {
|
|
23
25
|
"mobbdev": "bin/cli.mjs"
|
|
@@ -63,19 +65,19 @@
|
|
|
63
65
|
"supports-color": "9.4.0",
|
|
64
66
|
"tar": "6.2.1",
|
|
65
67
|
"tmp": "0.2.3",
|
|
66
|
-
"undici": "6.
|
|
68
|
+
"undici": "6.20.0",
|
|
67
69
|
"uuid": "10.0.0",
|
|
68
70
|
"ws": "8.18.0",
|
|
69
71
|
"yargs": "17.7.2",
|
|
70
72
|
"zod": "3.23.8"
|
|
71
73
|
},
|
|
72
74
|
"devDependencies": {
|
|
73
|
-
"@graphql-codegen/cli": "5.0.
|
|
74
|
-
"@graphql-codegen/typescript": "4.0
|
|
75
|
+
"@graphql-codegen/cli": "5.0.3",
|
|
76
|
+
"@graphql-codegen/typescript": "4.1.0",
|
|
75
77
|
"@graphql-codegen/typescript-graphql-request": "6.2.0",
|
|
76
|
-
"@graphql-codegen/typescript-operations": "4.
|
|
78
|
+
"@graphql-codegen/typescript-operations": "4.3.0",
|
|
77
79
|
"@octokit/request-error": "3.0.3",
|
|
78
|
-
"@octokit/types": "13.6.
|
|
80
|
+
"@octokit/types": "13.6.1",
|
|
79
81
|
"@types/adm-zip": "0.5.5",
|
|
80
82
|
"@types/chalk-animation": "1.6.3",
|
|
81
83
|
"@types/configstore": "6.0.2",
|
|
@@ -89,14 +91,16 @@
|
|
|
89
91
|
"@types/yargs": "17.0.33",
|
|
90
92
|
"@typescript-eslint/eslint-plugin": "7.17.0",
|
|
91
93
|
"@typescript-eslint/parser": "7.17.0",
|
|
94
|
+
"@vitest/coverage-istanbul": "2.1.2",
|
|
95
|
+
"@vitest/ui": "^2.1.2",
|
|
92
96
|
"eslint": "8.57.0",
|
|
93
|
-
"eslint-plugin-import": "2.
|
|
97
|
+
"eslint-plugin-import": "2.31.0",
|
|
94
98
|
"eslint-plugin-prettier": "5.2.1",
|
|
95
99
|
"eslint-plugin-simple-import-sort": "10.0.0",
|
|
96
100
|
"prettier": "3.3.3",
|
|
97
101
|
"tsup": "7.2.0",
|
|
98
102
|
"typescript": "4.9.5",
|
|
99
|
-
"vitest": "
|
|
103
|
+
"vitest": "2.1.2"
|
|
100
104
|
},
|
|
101
105
|
"engines": {
|
|
102
106
|
"node": ">=18.18.0"
|