mobbdev 0.0.4 → 0.0.6

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023 Mobb.dev Ltd.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,17 +1,32 @@
-# [mobb.dev](https://www.mobb.dev)
+# Mobb CLI (community tool)
 
-Give your developers time back with fixes you can trust.
+[Mobb](https://www.mobb.dev) automates security vulnerability remediations.
 
-Turn mountains of depressing SAST findings into code fixes with Mobb's developer-first automated secure code remediation.
+<img width="750" alt="Screenshot 2023-03-27 at 5 23 19 PM" src="https://user-images.githubusercontent.com/96389636/228070025-2a1c3aae-6b40-427f-a1e9-2b10ef97b5ea.png">
+
+## What is [Mobb](https://www.mobb.dev)?
+
+[Mobb](https://www.mobb.dev) is the first vendor agnostic automatic security vulnerability remediation tool. It injests SAST results from Checkmarx One, GitHub Advanced Security, and Snyk Code and produces code fixes for the developer to review and commit to their code.
+
+## What does Mobb CLI (Community Tool) do?
+
+-   Uses Snyk Code CLI to run a SAST analysis on a given GitHub repo
+-   Analyzes the vulnerbilities report to identify issues that can be remediated
+-   Produce the code fixes and redirect the user to the fix report page on [mobb.dev](https://www.mobb.dev)
 
 ## Disclaimer
 
-This is a demo version only capable of analyzing public GitHub repositories. We wrap Snyk Code CLI to produce SAST vulnerabilities report.
+This is an alpha version only capable of analyzing public GitHub repositories. We wrap Snyk Code CLI to produce SAST vulnerabilities report.
 
-Only Java projects are supported at the moment.
+-   Only Java projects are supported at the moment.
+-   Only SQLi, CMDi, XSS, and XXE are supported at the moment.
 
 ## Usage
 
 ```shell
 npx mobbdev https://github.com/mobb-dev/simple-vulnerable-java-project
 ```
+
+## Getting support
+
+If you need support using Mobb CLI, or just want to share your thoughts and learn more, you are more than welcome to join our [discord server](https://discord.gg/ks6Nz3H828)

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "mobbdev",
-    "version": "0.0.4",
+    "version": "0.0.6",
     "description": "Automated secure code remediation tool",
     "main": "index.js",
     "scripts": {
@@ -13,7 +13,7 @@
         "mobbdev": "bin/cli.mjs"
     },
     "author": "",
-    "license": "ISC",
+    "license": "MIT",
     "dependencies": {
         "configstore": "6.0.0",
         "dotenv": "16.0.3",
@@ -40,6 +40,7 @@
         "index.mjs",
         ".env",
         "README.md",
+        "LICENSE",
         "package.json"
     ]
 }

package/src/index.mjs

@@ -18,7 +18,9 @@ const config = new Configstore(packageJson.name, { token: '' });
 
 export async function main(dirname, repoUrl) {
     if (!repoUrl) {
-        console.warn('Mobb CLI usage: npx mobb <public GitHub repository URL>');
+        console.warn(
+            'Mobb CLI usage: npx mobbdev <public GitHub repository URL>'
+        );
         return;
     }