npm - mobbdev - Versions diffs - 0.0.182 → 0.0.183 - Mend

mobbdev 0.0.182 → 0.0.183

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +8 -2
package/package.json +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -122,6 +122,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
   IssueType_Enum2["HardcodedDomainInHtml"] = "HARDCODED_DOMAIN_IN_HTML";
   IssueType_Enum2["HardcodedSecrets"] = "HARDCODED_SECRETS";
   IssueType_Enum2["HeaderManipulation"] = "HEADER_MANIPULATION";
+  IssueType_Enum2["HeapInspection"] = "HEAP_INSPECTION";
   IssueType_Enum2["HtmlCommentInJsp"] = "HTML_COMMENT_IN_JSP";
   IssueType_Enum2["HttpOnlyCookie"] = "HTTP_ONLY_COOKIE";
   IssueType_Enum2["HttpResponseSplitting"] = "HTTP_RESPONSE_SPLITTING";
@@ -1547,7 +1548,11 @@ var fixDetailsData = {
     fixInstructions: "Use express-rate-limit npm package to set a rate limit."
   },
   ["MISSING_CSP_HEADER" /* MissingCspHeader */]: void 0,
-  ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: void 0
+  ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: void 0,
+  ["HEAP_INSPECTION" /* HeapInspection */]: {
+    issueDescription: "All variables stored by the application in unencrypted memory can be read by an attacker. This can lead to the exposure of sensitive information, such as passwords, credit card numbers, and personal data.",
+    fixInstructions: "Use secure storage methods to store secrets in memory."
+  }
 };
 // src/features/analysis/scm/shared/src/getIssueType.ts
@@ -1625,7 +1630,8 @@ var issueTypeMap = {
   ["UNVALIDATED_PUBLIC_METHOD_ARGUMENT" /* UnvalidatedPublicMethodArgument */]: "Unvalidated Public Method Argument",
   ["AUTO_ESCAPE_FALSE" /* AutoEscapeFalse */]: "Auto-escape False",
   ["MISSING_CSP_HEADER" /* MissingCspHeader */]: "Missing CSP Header",
-  ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: "Hardcoded Domain in HTML"
+  ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: "Hardcoded Domain in HTML",
+  ["HEAP_INSPECTION" /* HeapInspection */]: "Heap Inspection"
 };
 var issueTypeZ = z4.nativeEnum(IssueType_Enum);
 var getIssueTypeFriendlyString = (issueType) => {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.182",
+  "version": "0.0.183",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",