mobbdev 0.0.36 → 0.0.38

package/dist/index.js

@@ -1,1324 +0,0 @@
-var __defProp = Object.defineProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-
-// src/index.ts
-import { hideBin } from "yargs/helpers";
-
-// src/args/yargs.ts
-import chalk8 from "chalk";
-import yargs from "yargs/yargs";
-
-// src/args/commands/analyze.ts
-import fs4 from "node:fs";
-
-// src/constants.ts
-import path from "node:path";
-import { fileURLToPath } from "node:url";
-import Debug from "debug";
-import * as dotenv from "dotenv";
-import { z } from "zod";
-var debug = Debug("mobbdev:constants");
-var __dirname = path.dirname(fileURLToPath(import.meta.url));
-dotenv.config({ path: path.join(__dirname, "../.env") });
-var SCANNERS = {
-  Checkmarx: "checkmarx",
-  Codeql: "codeql",
-  Fortify: "fortify",
-  Snyk: "snyk"
-};
-var envVariablesSchema = z.object({
-  WEB_LOGIN_URL: z.string(),
-  WEB_APP_URL: z.string(),
-  API_URL: z.string()
-}).required();
-var envVariables = envVariablesSchema.parse(process.env);
-debug("config %o", envVariables);
-var mobbAscii = `
-                                   ..                       
-                             ..........                     
-                        .................                   
-               ...........................                  
-              ..............................                
-             ................................               
-             ..................................             
-            ....................................            
-            .....................................           
-            .............................................   
-          ................................................. 
-     ...............................       .................
-  ..................................           ............ 
-..................    .............            ..........   
-......... ........      .........             ......        
-  ...............                          ....             
-         .... ..                                            
-                                                            
-                                      . ...                 
-                              ..............                
-                       ......................               
-                   ...........................              
-               ................................             
-           ......................................           
-                ...............................             
-                       .................                    
-`;
-var WEB_LOGIN_URL = envVariables.WEB_LOGIN_URL;
-var WEB_APP_URL = envVariables.WEB_APP_URL;
-var API_URL = envVariables.API_URL;
-
-// src/features/analysis/index.ts
-import crypto from "node:crypto";
-import fs3 from "node:fs";
-import os from "node:os";
-import path5 from "node:path";
-
-// src/utils/index.ts
-var utils_exports = {};
-__export(utils_exports, {
-  CliError: () => CliError,
-  Spinner: () => Spinner,
-  getDirName: () => getDirName,
-  keypress: () => keypress,
-  sleep: () => sleep
-});
-
-// src/utils/dirname.ts
-import path2 from "node:path";
-import { fileURLToPath as fileURLToPath2 } from "node:url";
-function getDirName() {
-  return path2.dirname(fileURLToPath2(import.meta.url));
-}
-
-// src/utils/keypress.ts
-import readline from "node:readline";
-async function keypress() {
-  const rl = readline.createInterface({
-    input: process.stdin,
-    output: process.stdout
-  });
-  return new Promise((resolve) => {
-    rl.question("", (answer) => {
-      rl.close();
-      process.stderr.moveCursor(0, -1);
-      process.stderr.clearLine(1);
-      resolve(answer);
-    });
-  });
-}
-
-// src/utils/spinner.ts
-import {
-  createSpinner as _createSpinner
-} from "nanospinner";
-var mockSpinner = {
-  success: () => mockSpinner,
-  error: () => mockSpinner,
-  warn: () => mockSpinner,
-  stop: () => mockSpinner,
-  start: () => mockSpinner,
-  update: () => mockSpinner,
-  reset: () => mockSpinner,
-  clear: () => mockSpinner,
-  spin: () => mockSpinner
-};
-function Spinner({ ci = false } = {}) {
-  return {
-    createSpinner: (text, options) => ci ? mockSpinner : _createSpinner(text, options)
-  };
-}
-
-// src/utils/index.ts
-var sleep = (ms = 2e3) => new Promise((r) => setTimeout(r, ms));
-var CliError = class extends Error {
-};
-
-// src/features/analysis/index.ts
-import chalk3 from "chalk";
-import Configstore from "configstore";
-import Debug8 from "debug";
-import open2 from "open";
-import semver from "semver";
-import tmp from "tmp";
-
-// src/features/analysis/git.ts
-import Debug2 from "debug";
-import { simpleGit } from "simple-git";
-var debug2 = Debug2("mobbdev:git");
-async function getGitInfo(srcDirPath) {
-  debug2("getting git info for %s", srcDirPath);
-  const git = simpleGit({
-    baseDir: srcDirPath,
-    maxConcurrentProcesses: 1,
-    trimmed: true
-  });
-  let repoUrl = "";
-  let hash = "";
-  let reference = "";
-  try {
-    repoUrl = (await git.getConfig("remote.origin.url")).value || "";
-    hash = await git.revparse(["HEAD"]) || "";
-    reference = await git.revparse(["--abbrev-ref", "HEAD"]) || "";
-  } catch (e) {
-    if (e instanceof Error) {
-      debug2("failed to run git %o", e);
-      if (e.message.includes(" spawn ")) {
-        debug2("git cli not installed");
-      } else if (e.message.includes(" not a git repository ")) {
-        debug2("folder is not a git repo");
-      } else {
-        throw e;
-      }
-    }
-    throw e;
-  }
-  if (repoUrl.endsWith(".git")) {
-    repoUrl = repoUrl.slice(0, -".git".length);
-  }
-  if (repoUrl.startsWith("git@github.com:")) {
-    repoUrl = repoUrl.replace("git@github.com:", "https://github.com/");
-  }
-  return {
-    repoUrl,
-    hash,
-    reference
-  };
-}
-
-// src/features/analysis/github/github.ts
-import fs from "node:fs";
-import path3 from "node:path";
-import stream from "node:stream";
-import { promisify } from "node:util";
-import { RequestError } from "@octokit/request-error";
-import chalk from "chalk";
-import Debug3 from "debug";
-import extract from "extract-zip";
-import fetch from "node-fetch";
-import { Octokit } from "octokit";
-var pipeline = promisify(stream.pipeline);
-var debug3 = Debug3("mobbdev:github");
-async function _getRepo({ owner, repo }, { token } = {}) {
-  const octokit = new Octokit({ auth: token });
-  return octokit.rest.repos.get({
-    owner,
-    repo
-  });
-}
-function extractSlug(repoUrl) {
-  debug3("get default branch %s", repoUrl);
-  let slug = repoUrl.replace(/https?:\/\/github\.com\//i, "");
-  if (slug.endsWith("/")) {
-    slug = slug.substring(0, slug.length - 1);
-  }
-  if (slug.endsWith(".git")) {
-    slug = slug.substring(0, slug.length - ".git".length);
-  }
-  debug3("slug %s", slug);
-  return slug;
-}
-function parseRepoUrl(repoUrl) {
-  const slug = extractSlug(repoUrl);
-  const [owner, repo] = slug.split("/");
-  if (!owner || !repo) {
-    throw new Error(`Error parsing repo url ${repoUrl}}`);
-  }
-  return { owner, repo };
-}
-async function canReachRepo(repoUrl, { token } = {}) {
-  const repoAndOnwer = parseRepoUrl(repoUrl);
-  try {
-    const res = await _getRepo(repoAndOnwer, { token });
-    return res;
-  } catch (e) {
-    if (e instanceof RequestError) {
-      return false;
-    }
-    throw e;
-  }
-}
-async function getRepo(repoUrl, { token } = {}) {
-  const repoAndOnwer = parseRepoUrl(repoUrl);
-  try {
-    const res = await _getRepo(repoAndOnwer, { token });
-    return res;
-  } catch (e) {
-    if (e instanceof RequestError) {
-      debug3("GH request failed %s %s", e.message, e.status);
-      throw new CliError(
-        `Can't get repository, make sure you have access to : ${repoUrl}.`
-      );
-    }
-    throw e;
-  }
-}
-async function downloadRepo({ repoUrl, reference, dirname, ci }, { token } = {}) {
-  const { createSpinner: createSpinner3 } = Spinner({ ci });
-  const repoSpinner = createSpinner3("\u{1F4BE} Downloading Repo").start();
-  debug3("download repo %s %s %s", repoUrl, reference, dirname);
-  const zipFilePath = path3.join(dirname, "repo.zip");
-  const response = await fetch(`${repoUrl}/zipball/${reference}`, {
-    method: "GET",
-    headers: {
-      ...token && { Authorization: `bearer ${token}` }
-    }
-  });
-  if (!response.ok) {
-    debug3("GH zipball request failed %s %s", response.body, response.status);
-    repoSpinner.error({ text: "\u{1F4BE} Repo download failed" });
-    throw new Error(
-      `Can't access the the branch ${chalk.bold(reference)} on ${chalk.bold(
-        repoUrl
-      )} make sure it exits.`
-    );
-  }
-  const fileWriterStream = fs.createWriteStream(zipFilePath);
-  if (!response.body) {
-    throw new Error("Response body is empty");
-  }
-  await pipeline(response.body, fileWriterStream);
-  await extract(zipFilePath, { dir: dirname });
-  const repoRoot = fs.readdirSync(dirname, { withFileTypes: true }).filter((dirent) => dirent.isDirectory()).map((dirent) => dirent.name)[0];
-  if (!repoRoot) {
-    throw new Error("Repo root not found");
-  }
-  debug3("repo root %s", repoRoot);
-  repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
-  return path3.join(dirname, repoRoot);
-}
-
-// src/features/analysis/graphql/gql.ts
-import Debug4 from "debug";
-import { GraphQLClient } from "graphql-request";
-
-// src/features/analysis/graphql/mutations.ts
-import { gql } from "graphql-request";
-var UPLOAD_S3_BUCKET_INFO = gql`
-  mutation uploadS3BucketInfo($fileName: String!) {
-    uploadS3BucketInfo(fileName: $fileName) {
-      status
-      error
-      reportUploadInfo: uploadInfo {
-        url
-        fixReportId
-        uploadFieldsJSON
-        uploadKey
-      }
-      repoUploadInfo {
-        url
-        fixReportId
-        uploadFieldsJSON
-        uploadKey
-      }
-    }
-  }
-`;
-var SUBMIT_VULNERABILITY_REPORT = gql`
-  mutation SubmitVulnerabilityReport(
-    $vulnerabilityReportFileName: String!
-    $fixReportId: String!
-    $repoUrl: String!
-    $reference: String!
-    $projectId: String!
-    $sha: String
-  ) {
-    submitVulnerabilityReport(
-      fixReportId: $fixReportId
-      repoUrl: $repoUrl
-      reference: $reference
-      sha: $sha
-      vulnerabilityReportFileName: $vulnerabilityReportFileName
-      projectId: $projectId
-    ) {
-      __typename
-    }
-  }
-`;
-var CREATE_COMMUNITY_USER = gql`
-  mutation CreateCommunityUser {
-    initOrganizationAndProject {
-      userId
-      projectId
-      organizationId
-    }
-  }
-`;
-var CREATE_CLI_LOGIN = gql`
-  mutation CreateCliLogin($publicKey: String!) {
-    insert_cli_login_one(object: { publicKey: $publicKey }) {
-      id
-    }
-  }
-`;
-var PERFORM_CLI_LOGIN = gql`
-  mutation performCliLogin($loginId: String!) {
-    performCliLogin(loginId: $loginId) {
-      status
-    }
-  }
-`;
-
-// src/features/analysis/graphql/queries.ts
-import { gql as gql2 } from "graphql-request";
-var ME = gql2`
-  query Me {
-    me {
-      id
-      email
-      githubToken
-    }
-  }
-`;
-var GET_ORG_AND_PROJECT_ID = gql2`
-  query getOrgAndProjectId {
-    users: user {
-      userOrganizationsAndUserOrganizationRoles {
-        organization {
-          id
-          projects(order_by: { updatedAt: desc }) {
-            id
-          }
-        }
-      }
-    }
-  }
-`;
-var GET_ENCRYPTED_API_TOKEN = gql2`
-  query GetEncryptedApiToken($loginId: uuid!) {
-    cli_login_by_pk(id: $loginId) {
-      encryptedApiToken
-    }
-  }
-`;
-
-// src/features/analysis/graphql/types.ts
-import { z as z2 } from "zod";
-var UploadFieldsZ = z2.object({
-  bucket: z2.string(),
-  "X-Amz-Algorithm": z2.string(),
-  "X-Amz-Credential": z2.string(),
-  "X-Amz-Date": z2.string(),
-  Policy: z2.string(),
-  "X-Amz-Signature": z2.string()
-});
-var ReportUploadInfoZ = z2.object({
-  url: z2.string(),
-  fixReportId: z2.string(),
-  uploadFieldsJSON: z2.string().transform((str, ctx) => {
-    try {
-      return JSON.parse(str);
-    } catch (e) {
-      ctx.addIssue({ code: "custom", message: "Invalid JSON" });
-      return z2.NEVER;
-    }
-  }),
-  uploadKey: z2.string()
-}).transform(({ uploadFieldsJSON, ...input }) => ({
-  ...input,
-  uploadFields: uploadFieldsJSON
-}));
-var UploadS3BucketInfoZ = z2.object({
-  uploadS3BucketInfo: z2.object({
-    status: z2.string(),
-    error: z2.string().nullish(),
-    reportUploadInfo: ReportUploadInfoZ,
-    repoUploadInfo: ReportUploadInfoZ
-  })
-});
-var GetOrgAndProjectIdQueryZ = z2.object({
-  users: z2.array(
-    z2.object({
-      userOrganizationsAndUserOrganizationRoles: z2.array(
-        z2.object({
-          organization: z2.object({
-            id: z2.string(),
-            projects: z2.array(
-              z2.object({
-                id: z2.string()
-              })
-            ).nonempty()
-          })
-        })
-      ).nonempty()
-    })
-  ).nonempty()
-});
-var CreateCliLoginZ = z2.object({
-  insert_cli_login_one: z2.object({
-    id: z2.string()
-  })
-});
-var GetEncryptedApiTokenZ = z2.object({
-  cli_login_by_pk: z2.object({
-    encryptedApiToken: z2.string().nullable()
-  })
-});
-
-// src/features/analysis/graphql/gql.ts
-var debug4 = Debug4("mobbdev:gql");
-var API_KEY_HEADER_NAME = "x-mobb-key";
-var GQLClient = class {
-  constructor(args) {
-    const { apiKey } = args;
-    debug4(`init with apiKey ${apiKey}`);
-    this._client = new GraphQLClient(API_URL, {
-      headers: { [API_KEY_HEADER_NAME]: apiKey || "" }
-    });
-  }
-  async getUserInfo() {
-    const { me } = await this._client.request(ME);
-    return me;
-  }
-  async createCliLogin(variables) {
-    const res = CreateCliLoginZ.parse(
-      await this._client.request(
-        CREATE_CLI_LOGIN,
-        variables,
-        {
-          // We may have outdated API key in the config storage. Avoid using it for the login request.
-          [API_KEY_HEADER_NAME]: ""
-        }
-      )
-    );
-    return res.insert_cli_login_one.id;
-  }
-  async verifyToken() {
-    await this.createCommunityUser();
-    try {
-      await this.getUserInfo();
-    } catch (e) {
-      debug4("verify token failed %o", e);
-      return false;
-    }
-    return true;
-  }
-  async getOrgAndProjectId() {
-    const getOrgAndProjectIdResult = await this._client.request(
-      GET_ORG_AND_PROJECT_ID
-    );
-    const [user] = GetOrgAndProjectIdQueryZ.parse(
-      getOrgAndProjectIdResult
-    ).users;
-    const org = user.userOrganizationsAndUserOrganizationRoles[0].organization;
-    return {
-      organizationId: org.id,
-      projectId: org.projects[0].id
-    };
-  }
-  async getEncryptedApiToken(variables) {
-    const res = await this._client.request(
-      GET_ENCRYPTED_API_TOKEN,
-      variables,
-      {
-        // We may have outdated API key in the config storage. Avoid using it for the login request.
-        [API_KEY_HEADER_NAME]: ""
-      }
-    );
-    return GetEncryptedApiTokenZ.parse(res).cli_login_by_pk.encryptedApiToken;
-  }
-  async createCommunityUser() {
-    try {
-      await this._client.request(CREATE_COMMUNITY_USER);
-    } catch (e) {
-      debug4("create community user failed %o", e);
-    }
-  }
-  async uploadS3BucketInfo() {
-    const uploadS3BucketInfoResult = await this._client.request(UPLOAD_S3_BUCKET_INFO, {
-      fileName: "report.json"
-    });
-    return UploadS3BucketInfoZ.parse(uploadS3BucketInfoResult);
-  }
-  async submitVulnerabilityReport({
-    fixReportId,
-    repoUrl,
-    reference,
-    projectId,
-    sha
-  }) {
-    await this._client.request(SUBMIT_VULNERABILITY_REPORT, {
-      fixReportId,
-      repoUrl,
-      reference,
-      vulnerabilityReportFileName: "report.json",
-      projectId,
-      sha: sha || ""
-    });
-  }
-};
-
-// src/features/analysis/pack.ts
-import fs2 from "node:fs";
-import path4 from "node:path";
-import AdmZip from "adm-zip";
-import Debug5 from "debug";
-import { globby } from "globby";
-import { isBinary } from "istextorbinary";
-var debug5 = Debug5("mobbdev:pack");
-var MAX_FILE_SIZE = 1024 * 1024 * 5;
-async function pack(srcDirPath) {
-  debug5("pack folder %s", srcDirPath);
-  const filepaths = await globby("**", {
-    gitignore: true,
-    onlyFiles: true,
-    cwd: srcDirPath,
-    followSymbolicLinks: false
-  });
-  debug5("files found %d", filepaths.length);
-  const zip = new AdmZip();
-  debug5("compressing files");
-  for (const filepath of filepaths) {
-    const absFilepath = path4.join(srcDirPath, filepath.toString());
-    if (fs2.lstatSync(absFilepath).size > MAX_FILE_SIZE) {
-      debug5("ignoring %s because the size is > 5MB", filepath);
-      continue;
-    }
-    const data = fs2.readFileSync(absFilepath);
-    if (isBinary(null, data)) {
-      debug5("ignoring %s because is seems to be a binary file", filepath);
-      continue;
-    }
-    zip.addFile(filepath.toString(), data);
-  }
-  debug5("get zip file buffer");
-  return zip.toBuffer();
-}
-
-// src/features/analysis/prompts.ts
-import inquirer from "inquirer";
-import { createSpinner } from "nanospinner";
-var scannerChoices = [
-  { name: "Snyk", value: SCANNERS.Snyk },
-  { name: "Checkmarx", value: SCANNERS.Checkmarx },
-  { name: "Codeql", value: SCANNERS.Codeql },
-  { name: "Fortify", value: SCANNERS.Fortify }
-];
-async function choseScanner() {
-  const { scanner } = await inquirer.prompt({
-    name: "scanner",
-    message: "Choose a scanner you wish to use to scan your code",
-    type: "list",
-    choices: scannerChoices
-  });
-  return scanner;
-}
-async function githubIntegrationPrompt() {
-  const answers = await inquirer.prompt({
-    name: "githubConfirm",
-    type: "confirm",
-    message: "It seems we don't have access to the repo, do you want to grant access to your github account",
-    default: true
-  });
-  return answers.githubConfirm;
-}
-async function mobbAnalysisPrompt() {
-  const spinner = createSpinner().start();
-  spinner.update({ text: "Hit any key to view available fixes" });
-  await keypress();
-  return spinner.success();
-}
-async function snykArticlePrompt() {
-  const { snykArticleConfirm } = await inquirer.prompt({
-    name: "snykArticleConfirm",
-    type: "confirm",
-    message: "Do you want to be taken to the relevant Snyk's online article?",
-    default: true
-  });
-  return snykArticleConfirm;
-}
-
-// src/features/analysis/snyk.ts
-import cp from "node:child_process";
-import { createRequire } from "node:module";
-import chalk2 from "chalk";
-import Debug6 from "debug";
-import { createSpinner as createSpinner2 } from "nanospinner";
-import open from "open";
-import * as process2 from "process";
-import supportsColor from "supports-color";
-var { stdout: stdout2 } = supportsColor;
-var debug6 = Debug6("mobbdev:snyk");
-var require2 = createRequire(import.meta.url);
-var SNYK_PATH = require2.resolve("snyk/bin/snyk");
-var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-application-code/snyk-code/getting-started-with-snyk-code/activating-snyk-code-using-the-web-ui/step-1-enabling-the-snyk-code-option";
-debug6("snyk executable path %s", SNYK_PATH);
-async function forkSnyk(args, { display }) {
-  debug6("fork snyk with args %o %s", args, display);
-  return new Promise((resolve, reject) => {
-    const child = cp.fork(SNYK_PATH, args, {
-      stdio: ["inherit", "pipe", "pipe", "ipc"],
-      env: { FORCE_COLOR: stdout2 ? "1" : "0" }
-    });
-    let out = "";
-    const onData = (chunk) => {
-      debug6("chunk received from snyk std %s", chunk);
-      out += chunk;
-    };
-    if (!child || !child?.stdout || !child?.stderr) {
-      debug6("unable to fork snyk");
-      reject(new Error("unable to fork snyk"));
-    }
-    child.stdout?.on("data", onData);
-    child.stderr?.on("data", onData);
-    if (display) {
-      child.stdout?.pipe(process2.stdout);
-      child.stderr?.pipe(process2.stderr);
-    }
-    child.on("exit", () => {
-      debug6("snyk exit");
-      resolve(out);
-    });
-    child.on("error", (err) => {
-      debug6("snyk error %o", err);
-      reject(err);
-    });
-  });
-}
-async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
-  debug6("get snyk report start %s %s", reportPath, repoRoot);
-  const config3 = await forkSnyk(["config"], { display: false });
-  if (!config3.includes("api: ")) {
-    const snykLoginSpinner = createSpinner2().start();
-    if (!skipPrompts) {
-      snykLoginSpinner.update({
-        text: "\u{1F513} Login to Snyk is required, press any key to continue"
-      });
-      await keypress();
-    }
-    snykLoginSpinner.update({
-      text: "\u{1F513} Waiting for Snyk login to complete"
-    });
-    debug6("no token in the config %s", config3);
-    await forkSnyk(["auth"], { display: true });
-    snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
-  }
-  const snykSpinner = createSpinner2("\u{1F50D} Scanning your repo with Snyk ").start();
-  const out = await forkSnyk(
-    ["code", "test", `--sarif-file-output=${reportPath}`, repoRoot],
-    { display: true }
-  );
-  if (out.includes(
-    "Snyk Code is not supported for org: enable in Settings > Snyk Code"
-  )) {
-    debug6("snyk code is not enabled %s", out);
-    snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
-    const answer = await snykArticlePrompt();
-    debug6("answer %s", answer);
-    if (answer) {
-      debug6("opening the browser");
-      await open(SNYK_ARTICLE_URL);
-    }
-    console.log(
-      chalk2.bgBlue(
-        "\nPlease enable Snyk Code in your Snyk account and try again."
-      )
-    );
-    return false;
-  }
-  snykSpinner.success({ text: "\u{1F50D} Snyk code scan completed" });
-  return true;
-}
-
-// src/features/analysis/upload-file.ts
-import Debug7 from "debug";
-import fetch2, { File, fileFrom, FormData } from "node-fetch";
-var debug7 = Debug7("mobbdev:upload-file");
-async function uploadFile({
-  file,
-  url,
-  uploadKey,
-  uploadFields
-}) {
-  debug7("upload file start %s", url);
-  debug7("upload fields %o", uploadFields);
-  debug7("upload key %s", uploadKey);
-  const form = new FormData();
-  Object.entries(uploadFields).forEach(([key, value]) => {
-    form.append(key, value);
-  });
-  form.append("key", uploadKey);
-  if (typeof file === "string") {
-    debug7("upload file from path %s", file);
-    form.append("file", await fileFrom(file));
-  } else {
-    debug7("upload file from buffer");
-    form.append("file", new File([file], "file"));
-  }
-  const response = await fetch2(url, {
-    method: "POST",
-    body: form
-  });
-  if (!response.ok) {
-    debug7("error from S3 %s %s", response.body, response.status);
-    throw new Error(`Failed to upload the file: ${response.status}`);
-  }
-  debug7("upload file done");
-}
-
-// src/features/analysis/index.ts
-var { CliError: CliError2, Spinner: Spinner2, keypress: keypress2, getDirName: getDirName2 } = utils_exports;
-var webLoginUrl = `${WEB_APP_URL}/cli-login`;
-var githubAuthUrl = `${WEB_APP_URL}/github-auth`;
-var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
-var LOGIN_CHECK_DELAY = 5 * 1e3;
-var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk3.bgBlue(
-  "press any key to continue"
-)};`;
-var tmpObj = tmp.dirSync({
-  unsafeCleanup: true
-});
-var getReportUrl = ({
-  organizationId,
-  projectId,
-  fixReportId
-}) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
-var debug8 = Debug8("mobbdev:index");
-var packageJson = JSON.parse(
-  fs3.readFileSync(path5.join(getDirName2(), "../package.json"), "utf8")
-);
-if (!semver.satisfies(process.version, packageJson.engines.node)) {
-  throw new CliError2(
-    `${packageJson.name} requires node version ${packageJson.engines.node}, but running ${process.version}.`
-  );
-}
-var config2 = new Configstore(packageJson.name, { apiToken: "" });
-debug8("config %o", config2);
-async function runAnalysis(params, options) {
-  try {
-    await _scan(
-      {
-        ...params,
-        dirname: tmpObj.name
-      },
-      options
-    );
-  } finally {
-    tmpObj.removeCallback();
-  }
-}
-async function _scan({
-  dirname,
-  repo,
-  scanFile,
-  apiKey,
-  ci,
-  srcPath,
-  commitHash,
-  ref
-}, { skipPrompts = false } = {}) {
-  debug8("start %s %s", dirname, repo);
-  const { createSpinner: createSpinner3 } = Spinner2({ ci });
-  skipPrompts = skipPrompts || ci;
-  let gqlClient = new GQLClient({
-    apiKey: apiKey || config2.get("apiToken")
-  });
-  await handleMobbLogin();
-  const { projectId, organizationId } = await gqlClient.getOrgAndProjectId();
-  const {
-    uploadS3BucketInfo: { repoUploadInfo, reportUploadInfo }
-  } = await gqlClient.uploadS3BucketInfo();
-  let reportPath = scanFile;
-  if (srcPath) {
-    return await uploadExistingRepo();
-  }
-  if (!repo) {
-    throw new Error("repo is required in case srcPath is not provided");
-  }
-  const userInfo = await gqlClient.getUserInfo();
-  let { githubToken } = userInfo;
-  const isRepoAvailable = await canReachRepo(repo, {
-    token: githubToken
-  });
-  if (!isRepoAvailable) {
-    if (ci) {
-      throw new Error(
-        `Cannot access repo ${repo} with the provided token, please visit ${githubAuthUrl} to refresh your Github token`
-      );
-    }
-    githubToken = await handleGithubIntegration(githubToken);
-    const isRepoAvailable2 = await canReachRepo(repo, {
-      token: githubToken
-    });
-    if (!isRepoAvailable2) {
-      throw new Error(
-        `Cannot access repo ${repo} with the provided credentials`
-      );
-    }
-  }
-  const reference = ref ?? (await getRepo(repo, { token: githubToken })).data.default_branch;
-  debug8("org id %s", organizationId);
-  debug8("project id %s", projectId);
-  debug8("default branch %s", reference);
-  const repositoryRoot = await downloadRepo(
-    {
-      repoUrl: repo,
-      reference,
-      dirname,
-      ci
-    },
-    { token: githubToken }
-  );
-  if (!reportPath) {
-    reportPath = await getReportFromSnyk();
-  }
-  const uploadReportSpinner = createSpinner3("\u{1F4C1} Uploading Report").start();
-  try {
-    await uploadFile({
-      file: reportPath,
-      url: reportUploadInfo.url,
-      uploadFields: reportUploadInfo.uploadFields,
-      uploadKey: reportUploadInfo.uploadKey
-    });
-  } catch (e) {
-    uploadReportSpinner.error({ text: "\u{1F4C1} Report upload failed" });
-    throw e;
-  }
-  uploadReportSpinner.success({ text: "\u{1F4C1} Report uploaded successfully" });
-  const mobbSpinner = createSpinner3("\u{1F575}\uFE0F\u200D\u2642\uFE0F Initiating Mobb analysis").start();
-  try {
-    await gqlClient.submitVulnerabilityReport({
-      fixReportId: reportUploadInfo.fixReportId,
-      repoUrl: repo,
-      reference,
-      projectId
-    });
-  } catch (e) {
-    mobbSpinner.error({ text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed" });
-    throw e;
-  }
-  mobbSpinner.success({
-    text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Generating fixes..."
-  });
-  await askToOpenAnalysis();
-  async function getReportFromSnyk() {
-    const reportPath2 = path5.join(dirname, "report.json");
-    if (!await getSnykReport(reportPath2, repositoryRoot, { skipPrompts })) {
-      debug8("snyk code is not enabled");
-      throw new CliError2("Snyk code is not enabled");
-    }
-    return reportPath2;
-  }
-  async function askToOpenAnalysis() {
-    const reportUrl = getReportUrl({
-      organizationId,
-      projectId,
-      fixReportId: reportUploadInfo.fixReportId
-    });
-    !ci && console.log("You can access the report at: \n");
-    console.log(chalk3.bold(reportUrl));
-    !skipPrompts && await mobbAnalysisPrompt();
-    !ci && open2(reportUrl);
-    !ci && console.log(
-      chalk3.bgBlue("\n\n  My work here is done for now, see you soon! \u{1F575}\uFE0F\u200D\u2642\uFE0F  ")
-    );
-  }
-  async function handleMobbLogin() {
-    if (await gqlClient.verifyToken()) {
-      createSpinner3().start().success({
-        text: "\u{1F513} Logged in to Mobb successfully"
-      });
-      return;
-    } else if (apiKey) {
-      createSpinner3().start().error({
-        text: "\u{1F513} Logged in to Mobb failed - check your api-key"
-      });
-      throw new CliError2();
-    }
-    const loginSpinner = createSpinner3().start();
-    if (!skipPrompts) {
-      loginSpinner.update({ text: MOBB_LOGIN_REQUIRED_MSG });
-      await keypress2();
-    }
-    loginSpinner.update({
-      text: "\u{1F513} Waiting for Mobb login..."
-    });
-    const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
-      modulusLength: 2048
-    });
-    const loginId = await gqlClient.createCliLogin({
-      publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
-    });
-    const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
-    !ci && console.log(
-      `If the page does not open automatically, kindly access it through ${browserUrl}.`
-    );
-    await open2(browserUrl);
-    let newApiToken = null;
-    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
-      const encryptedApiToken = await gqlClient.getEncryptedApiToken({
-        loginId
-      });
-      loginSpinner.spin();
-      if (encryptedApiToken) {
-        debug8("encrypted API token received %s", encryptedApiToken);
-        newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
-        debug8("API token decrypted");
-        break;
-      }
-      await sleep(LOGIN_CHECK_DELAY);
-    }
-    if (!newApiToken) {
-      loginSpinner.error({
-        text: "Login timeout error"
-      });
-      throw new CliError2();
-    }
-    gqlClient = new GQLClient({ apiKey: newApiToken });
-    if (await gqlClient.verifyToken()) {
-      debug8("set api token %s", newApiToken);
-      config2.set("apiToken", newApiToken);
-      loginSpinner.success({ text: "\u{1F513} Login to Mobb successful!" });
-    } else {
-      loginSpinner.error({
-        text: "Something went wrong, API token is invalid."
-      });
-      throw new CliError2();
-    }
-  }
-  async function handleGithubIntegration(oldToken) {
-    const addGithubIntegration = skipPrompts ? true : await githubIntegrationPrompt();
-    const githubSpinner = createSpinner3(
-      "\u{1F517} Waiting for github integration..."
-    ).start();
-    if (!addGithubIntegration) {
-      githubSpinner.error();
-      throw Error("Could not reach github repo");
-    }
-    console.log(
-      `If the page does not open automatically, kindly access it through ${githubAuthUrl}.`
-    );
-    await open2(githubAuthUrl);
-    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
-      const { githubToken: githubToken2 } = await gqlClient.getUserInfo();
-      if (githubToken2 && githubToken2 !== oldToken) {
-        githubSpinner.success({ text: "\u{1F517} Github integration successful!" });
-        return githubToken2;
-      }
-      githubSpinner.spin();
-      await sleep(LOGIN_CHECK_DELAY);
-    }
-    githubSpinner.error({
-      text: "Github login timeout error"
-    });
-    throw new CliError2("Github login timeout");
-  }
-  async function uploadExistingRepo() {
-    if (!srcPath || !reportPath) {
-      throw new Error("src path and reportPath is required");
-    }
-    const gitInfo = await getGitInfo(srcPath);
-    const zippingSpinner = createSpinner3("\u{1F4E6} Zipping repo").start();
-    const zipBuffer = await pack(srcPath);
-    zippingSpinner.success({ text: "\u{1F4E6} Zipping repo successful!" });
-    const uploadReportSpinner2 = createSpinner3("\u{1F4C1} Uploading Report").start();
-    try {
-      await uploadFile({
-        file: reportPath,
-        url: reportUploadInfo.url,
-        uploadFields: reportUploadInfo.uploadFields,
-        uploadKey: reportUploadInfo.uploadKey
-      });
-    } catch (e) {
-      uploadReportSpinner2.error({ text: "\u{1F4C1} Report upload failed" });
-      throw e;
-    }
-    uploadReportSpinner2.success({
-      text: "\u{1F4C1} Uploading Report successful!"
-    });
-    const uploadRepoSpinner = createSpinner3("\u{1F4C1} Uploading Repo").start();
-    try {
-      await uploadFile({
-        file: zipBuffer,
-        url: repoUploadInfo.url,
-        uploadFields: repoUploadInfo.uploadFields,
-        uploadKey: repoUploadInfo.uploadKey
-      });
-    } catch (e) {
-      uploadRepoSpinner.error({ text: "\u{1F4C1} Repo upload failed" });
-      throw e;
-    }
-    uploadRepoSpinner.success({ text: "\u{1F4C1} Uploading Repo successful!" });
-    const mobbSpinner2 = createSpinner3("\u{1F575}\uFE0F\u200D\u2642\uFE0F Initiating Mobb analysis").start();
-    try {
-      await gqlClient.submitVulnerabilityReport({
-        fixReportId: reportUploadInfo.fixReportId,
-        repoUrl: repo || gitInfo.repoUrl,
-        reference: gitInfo.reference,
-        sha: commitHash || gitInfo.hash,
-        projectId
-      });
-    } catch (e) {
-      mobbSpinner2.error({ text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed" });
-      throw e;
-    }
-    mobbSpinner2.success({
-      text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Generating fixes..."
-    });
-    await askToOpenAnalysis();
-  }
-}
-
-// src/commands/index.ts
-import chalkAnimation from "chalk-animation";
-async function analyze({ repo, f: scanFile, ref, apiKey, ci, commitHash, srcPath }, { skipPrompts = false } = {}) {
-  !ci && await showWelcomeMessage(skipPrompts);
-  await runAnalysis(
-    {
-      repo,
-      scanFile,
-      ref,
-      apiKey,
-      ci,
-      commitHash,
-      srcPath
-    },
-    { skipPrompts }
-  );
-}
-async function scan(scanOptions, { skipPrompts = false } = {}) {
-  const { scanner, ci } = scanOptions;
-  !ci && await showWelcomeMessage(skipPrompts);
-  const selectedScanner = scanner || await choseScanner();
-  if (selectedScanner !== SCANNERS.Snyk) {
-    throw new CliError(
-      "Vulnerability scanning via Bugsy is available only with Snyk at the moment. Additional scanners will follow soon."
-    );
-  }
-  await runAnalysis(
-    { ...scanOptions, scanner: selectedScanner },
-    { skipPrompts }
-  );
-}
-async function showWelcomeMessage(skipPrompts = false) {
-  console.log(mobbAscii);
-  const welcome = chalkAnimation.rainbow("\n			Welcome to Bugsy\n");
-  skipPrompts ? await sleep(100) : await sleep(2e3);
-  welcome.stop();
-}
-
-// src/args/commands/analyze.ts
-import chalk6 from "chalk";
-
-// src/args/options.ts
-import chalk4 from "chalk";
-var repoOption = {
-  alias: "r",
-  demandOption: true,
-  type: "string",
-  describe: chalk4.bold("Github repository URL")
-};
-var yesOption = {
-  alias: "yes",
-  type: "boolean",
-  describe: chalk4.bold("Skip prompts and use default values")
-};
-var refOption = {
-  describe: chalk4.bold("reference of the repository (branch, tag, commit)"),
-  type: "string",
-  demandOption: false
-};
-var ciOption = {
-  describe: chalk4.bold(
-    "Run in CI mode, prompts and browser will not be opened"
-  ),
-  type: "boolean",
-  default: false
-};
-var apiKeyOption = {
-  type: "string",
-  describe: chalk4.bold("Mobb authentication api-key")
-};
-var commitHashOption = {
-  alias: "ch",
-  describe: chalk4.bold("Hash of the commit"),
-  type: "string"
-};
-
-// src/args/validation.ts
-import chalk5 from "chalk";
-import path6 from "path";
-import { z as z3 } from "zod";
-function throwRepoUrlErrorMessage({
-  error,
-  repoUrl,
-  command
-}) {
-  const errorMessage = error.issues[error.issues.length - 1]?.message;
-  const formattedErrorMessage = `
-Error: ${chalk5.bold(
-    repoUrl
-  )} is ${errorMessage}
-Example: 
-	mobbdev ${command} -r ${chalk5.bold(
-    "https://github.com/WebGoat/WebGoat"
-  )}`;
-  throw new CliError(formattedErrorMessage);
-}
-var GITHUB_REPO_URL_PATTERN = new RegExp("https://github.com/[\\w-]+/[\\w-]+");
-var UrlZ = z3.string({
-  invalid_type_error: "is not a valid github URL"
-}).regex(GITHUB_REPO_URL_PATTERN, {
-  message: "is not a valid github URL"
-});
-function validateRepoUrl(args) {
-  const repoSafeParseResult = UrlZ.safeParse(args.repo);
-  const { success } = repoSafeParseResult;
-  const [command] = args._;
-  if (!command) {
-    throw new CliError("Command not found");
-  }
-  if (!success) {
-    throwRepoUrlErrorMessage({
-      error: repoSafeParseResult.error,
-      repoUrl: args.repo,
-      command
-    });
-  }
-}
-var supportExtensions = [".json", ".xml", ".fpr", ".sarif"];
-function validateReportFileFormat(reportFile) {
-  if (!supportExtensions.includes(path6.extname(reportFile))) {
-    throw new CliError(
-      `
-${chalk5.bold(
-        reportFile
-      )} is not a supported file extension. Supported extensions are: ${chalk5.bold(
-        supportExtensions.join(", ")
-      )}
-`
-    );
-  }
-}
-
-// src/args/commands/analyze.ts
-function analyzeBuilder(yargs2) {
-  return yargs2.option("f", {
-    alias: "scan-file",
-    demandOption: true,
-    type: "string",
-    describe: chalk6.bold(
-      "Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL)"
-    )
-  }).option("repo", repoOption).option("p", {
-    alias: "src-path",
-    describe: chalk6.bold(
-      "Path to the repository folder with the source code"
-    ),
-    type: "string"
-  }).option("ref", refOption).option("ch", {
-    alias: "commit-hash",
-    describe: chalk6.bold("Hash of the commit"),
-    type: "string"
-  }).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).example(
-    "$0 analyze -r https://github.com/WebGoat/WebGoat -f <your_vulirabitliy_report_path>",
-    "analyze an existing repository"
-  ).help();
-}
-function validateAnalyzeOptions(argv) {
-  if (!fs4.existsSync(argv.f)) {
-    throw new CliError(`
-Can't access ${chalk6.bold(argv.f)}`);
-  }
-  if (!argv.srcPath && !argv.repo) {
-    throw new CliError("You must supply either --src-path or --repo");
-  }
-  if (!argv.srcPath && argv.repo) {
-    validateRepoUrl(argv);
-  }
-  if (argv.ci && !argv.apiKey) {
-    throw new CliError("--ci flag requires --api-key to be provided as well");
-  }
-  validateReportFileFormat(argv.f);
-}
-async function analyzeHandler(args) {
-  validateAnalyzeOptions(args);
-  await analyze(args, { skipPrompts: args.yes });
-}
-
-// src/args/commands/scan.ts
-import chalk7 from "chalk";
-function scanBuilder(args) {
-  return args.coerce("scanner", (arg) => arg.toLowerCase()).option("repo", repoOption).option("ref", refOption).option("s", {
-    alias: "scanner",
-    choices: Object.values(SCANNERS),
-    describe: chalk7.bold("Select the scanner to use")
-  }).option("y", yesOption).option("ci", ciOption).option("api-key", apiKeyOption).example(
-    "$0 scan -r https://github.com/WebGoat/WebGoat",
-    "Scan an existing repository"
-  ).help();
-}
-function validateScanOptions(argv) {
-  validateRepoUrl(argv);
-  if (argv.ci && !argv.apiKey) {
-    throw new CliError(
-      "\nError: --ci flag requires --api-key to be provided as well"
-    );
-  }
-}
-async function scanHandler(args) {
-  validateScanOptions(args);
-  await scan(args, { skipPrompts: args.yes });
-}
-
-// src/args/yargs.ts
-var parseArgs = async (args) => {
-  const yargsInstance = yargs(args);
-  return yargsInstance.updateStrings({
-    "Commands:": chalk8.yellow.underline.bold("Commands:"),
-    "Options:": chalk8.yellow.underline.bold("Options:"),
-    "Examples:": chalk8.yellow.underline.bold("Examples:"),
-    "Show help": chalk8.bold("Show help")
-  }).usage(
-    `${chalk8.bold(
-      "\n Bugsy - Trusted, Automatic Vulnerability Fixer \u{1F575}\uFE0F\u200D\u2642\uFE0F\n\n"
-    )} ${chalk8.yellow.underline.bold("Usage:")} 
-  $0 ${chalk8.green(
-      "<command>"
-    )} ${chalk8.dim("[options]")}
-            `
-  ).version(false).command(
-    "scan",
-    chalk8.bold(
-      "Scan your code for vulnerabilities, get automated fixes right away."
-    ),
-    scanBuilder,
-    scanHandler
-  ).command(
-    "analyze",
-    chalk8.bold(
-      "Provide a vulnerability report and relevant code repository, get automated fixes right away."
-    ),
-    analyzeBuilder,
-    analyzeHandler
-  ).example(
-    "$0 scan -r https://github.com/WebGoat/WebGoat",
-    "Scan an existing repository"
-  ).command({
-    command: "*",
-    handler() {
-      yargsInstance.showHelp();
-    }
-  }).strictOptions().help("h").alias("h", "help").epilog(chalk8.bgBlue("Made with \u2764\uFE0F  by Mobb")).showHelpOnFail(true).wrap(Math.min(120, yargsInstance.terminalWidth())).parse();
-};
-
-// src/index.ts
-async function run() {
-  return parseArgs(hideBin(process.argv));
-}
-(async () => {
-  try {
-    await run();
-    process.exit(0);
-  } catch (err) {
-    if (err instanceof CliError) {
-      console.error(err.message);
-      process.exit(1);
-    }
-    console.error(
-      "Something went wrong, please try again or contact support if issue persists."
-    );
-    console.error(err);
-    process.exit(1);
-  }
-})();