mobbdev 0.0.29 → 0.0.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env +4 -4
- package/README.md +9 -9
- package/bin/cli.mjs +1 -1
- package/dist/index.js +1280 -0
- package/package.json +76 -55
- package/index.mjs +0 -35
- package/src/commands/index.mjs +0 -95
- package/src/constants.mjs +0 -60
- package/src/features/analysis/callback-server.mjs +0 -61
- package/src/features/analysis/git.mjs +0 -50
- package/src/features/analysis/github.mjs +0 -106
- package/src/features/analysis/gql.mjs +0 -198
- package/src/features/analysis/index.mjs +0 -281
- package/src/features/analysis/pack.mjs +0 -31
- package/src/features/analysis/prompts.mjs +0 -55
- package/src/features/analysis/snyk.mjs +0 -110
- package/src/features/analysis/upload-file.mjs +0 -37
- package/src/utils.mjs +0 -32
- package/src/yargs.mjs +0 -160
package/.env
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
# production@
|
|
2
|
-
WEB_LOGIN_URL="https://app.mobb.
|
|
3
|
-
API_URL="https://api.mobb.
|
|
4
|
-
WEB_APP_URL="https://app.mobb.
|
|
1
|
+
# production@v11
|
|
2
|
+
WEB_LOGIN_URL="https://app.mobb.ai/cli-login"
|
|
3
|
+
API_URL="https://api.mobb.ai/v1/graphql"
|
|
4
|
+
WEB_APP_URL="https://app.mobb.ai"
|
|
5
5
|
GITHUB_CLIENT_ID="49d729663b401f91afe5"
|
package/README.md
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
# Bugsy
|
|
2
2
|
|
|
3
|
-
Bugsy is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code. It is the community edition version of [Mobb](https://www.mobb.
|
|
3
|
+
Bugsy is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code. It is the community edition version of [Mobb](https://www.mobb.ai), the first vendor-agnostic automated security vulnerability remediation tool. Bugsy is designed to help developers quickly identify and fix security vulnerabilities in their code.
|
|
4
4
|
|
|
5
5
|
<img width="1888" alt="Bugsy" src="./img/bugsy.png">
|
|
6
6
|
|
|
7
|
-
## What is [Mobb](https://www.mobb.
|
|
7
|
+
## What is [Mobb](https://www.mobb.ai)?
|
|
8
8
|
|
|
9
|
-
[Mobb](https://www.mobb.
|
|
9
|
+
[Mobb](https://www.mobb.ai) is the first vendor-agnostic automatic security vulnerability remediation tool. It ingests SAST results from Checkmarx, CodeQL (GitHub Advanced Security), OpenText Fortify, and Snyk and produces code fixes for developers to review and commit to their code.
|
|
10
10
|
|
|
11
11
|
## What does Bugsy do?
|
|
12
12
|
|
|
@@ -14,21 +14,21 @@ Bugsy has two modes - Analyze (the user has a pre-generated SAST report from one
|
|
|
14
14
|
|
|
15
15
|
Scan
|
|
16
16
|
|
|
17
|
-
-
|
|
18
|
-
-
|
|
19
|
-
-
|
|
17
|
+
- Uses Snyk CLI tool to run a SAST analysis on a given open-source GitHub repo
|
|
18
|
+
- Analyzes the vulnerability report to identify issues that can be remediated automatically
|
|
19
|
+
- Produces the code fixes and redirects the user to the fix report page on the Mobb platform
|
|
20
20
|
|
|
21
21
|
Analyze
|
|
22
22
|
|
|
23
|
-
-
|
|
24
|
-
-
|
|
23
|
+
- Analyzes the vulnerability report to identify issues that can be remediated automatically
|
|
24
|
+
- Produces the code fixes and redirects the user to the fix report page on the Mobb platform
|
|
25
25
|
|
|
26
26
|
## Disclaimer
|
|
27
27
|
|
|
28
28
|
This is a community edition version that only analyzes public GitHub repositories. Analyzing private repositories is allowed for a limited amount of time.
|
|
29
29
|
Snyk CLI is used to produce a SAST vulnerability report.
|
|
30
30
|
|
|
31
|
-
-
|
|
31
|
+
- Only Java and Node.js projects are supported at the moment.
|
|
32
32
|
|
|
33
33
|
## Usage
|
|
34
34
|
|
package/bin/cli.mjs
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
import '../index.
|
|
2
|
+
import '../dist/index.js'
|