npm - mobbdev - Versions diffs - 0.0.49 → 0.0.51 - Mend

mobbdev 0.0.49 → 0.0.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.mjs +27 -7
package/package.json +1 -1
package/src/post_install/binary.mjs +56 -9
package/src/post_install/cx_install.mjs +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -600,6 +600,11 @@ import { globby } from "globby";
 import { isBinary } from "istextorbinary";
 var debug4 = Debug4("mobbdev:pack");
 var MAX_FILE_SIZE = 1024 * 1024 * 5;
+function endsWithAny(str, suffixes) {
+  return suffixes.some(function(suffix) {
+    return str.endsWith(suffix);
+  });
+}
 async function pack(srcDirPath, vulnFiles) {
   debug4("pack folder %s", srcDirPath);
   const filepaths = await globby("**", {
@@ -613,7 +618,10 @@ async function pack(srcDirPath, vulnFiles) {
   debug4("compressing files");
   for (const filepath of filepaths) {
     const absFilepath = path3.join(srcDirPath, filepath.toString());
-    if (!vulnFiles.includes(filepath.toString())) {
+    if (!endsWithAny(
+      absFilepath.toString().replaceAll(path3.win32.sep, path3.posix.sep),
+      vulnFiles
+    )) {
       debug4("ignoring %s because it is not a vulnerability file", filepath);
       continue;
     }
@@ -756,12 +764,15 @@ import chalk from "chalk";
 import Debug6 from "debug";
 import { existsSync } from "fs";
 import { createSpinner as createSpinner2 } from "nanospinner";
+import { type } from "os";
 import path4 from "path";
 var debug5 = Debug6("mobbdev:checkmarx");
 var require2 = createRequire(import.meta.url);
 var getCheckmarxPath = () => {
+  const os3 = type();
+  const cxFileName = os3 === "Windows_NT" ? "cx.exe" : "cx";
   try {
-    return require2.resolve(".bin/cx");
+    return require2.resolve(`.bin/${cxFileName}`);
   } catch (e) {
     throw new CliError(cxOperatingSystemSupportMessage);
   }
@@ -802,7 +813,7 @@ async function forkCheckmarx(args, { display }) {
     { display }
   );
 }
-async function getCheckmarxReport({ reportPath, repositoryRoot, branch }, { skipPrompts = false }) {
+async function getCheckmarxReport({ reportPath, repositoryRoot, branch, projectName }, { skipPrompts = false }) {
   debug5("get checkmarx report start %s %s", reportPath, repositoryRoot);
   const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
     display: false
@@ -822,7 +833,7 @@ async function getCheckmarxReport({ reportPath, repositoryRoot, branch }, { skip
     branch,
     filePath,
     fileName,
-    projectName: "mobb_dev"
+    projectName
   });
   console.log("\u280B \u{1F50D} Initiating Checkmarx Scan ");
   const { code: scanCode } = await forkCheckmarx(
@@ -852,7 +863,7 @@ async function validateCheckamxCredentials() {
         Here's a suggestion for checkmarx configuation:
           ${chalk.bold("AST Base URI:")} https://ast.checkmarx.net
           ${chalk.bold("AST Base Auth URI (IAM):")} https://iam.checkmarx.net
-      `);
+  `);
   await forkCheckmarx(CONFIGURE_COMMAND, { display: true });
   const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
     display: false
@@ -2149,7 +2160,8 @@ async function _scan({
   srcPath,
   commitHash,
   ref,
-  scanner
+  scanner,
+  cxProjectName
 }, { skipPrompts = false } = {}) {
   debug8("start %s %s", dirname, repo);
   const { createSpinner: createSpinner4 } = Spinner2({ ci });
@@ -2257,8 +2269,16 @@ async function _scan({
         await getSnykReport(reportPath2, repositoryRoot, { skipPrompts });
         break;
       case "checkmarx":
+        if (!cxProjectName) {
+          throw new Error("cxProjectName is required for checkmarx scanner");
+        }
         await getCheckmarxReport(
-          { reportPath: reportPath2, repositoryRoot, branch: reference },
+          {
+            reportPath: reportPath2,
+            repositoryRoot,
+            branch: reference,
+            projectName: cxProjectName
+          },
           { skipPrompts }
         );
         break;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.49",
+  "version": "0.0.51",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",

package/src/post_install/binary.mjs CHANGED Viewed

@@ -1,30 +1,65 @@
 // this file is based from 'binary-install' https://www.npmjs.com/package/binary-install
+import AdmZip from 'adm-zip'
 import axios from 'axios'
 import { existsSync, mkdirSync } from 'fs'
 import { arch as _arch, type as _type } from 'os'
 import { join } from 'path'
 import tar from 'tar'
-const __dirname = process.env['PWD']
+/**
+ * Options for showing a installParams.
+ * @typedef {Object} InstallParams
+ * @property {string} installParams.binaryName
+ * @property {string} installParams.url
+ */
+/**
+ * @param {string} url
+ * @returns {string}
+ */
+function getArchiveType(url) {
+  if (url.endsWith('.zip')) {
+    return 'zip'
+  }
+  if (url.endsWith('.tar.gz')) {
+    return 'tar'
+  }
+  throw Error(`Unknown archive type for ${url}`)
+}
 /**
- * @param {Object} installParams
- * @param {string} installParams.binaryName
- * @param {string} installParams.url
+ * @param {InstallParams} opts
  * @returns {Promise<void>}
  */
 export async function install({ binaryName, url }) {
-  if (!__dirname) {
-    throw Error('pwd is undefiled')
-  }
-  const installDirectory = join(__dirname, 'node_modules', '.bin')
+  const installDirectory = join(process.cwd(), 'node_modules', '.bin')
   const binaryPath = join(installDirectory, binaryName)
   if (existsSync(binaryPath)) {
     console.log(`${binaryName} is already installed, skipping installation.`)
     return
   }
+  const archiveType = getArchiveType(url)
   mkdirSync(installDirectory, { recursive: true })
   console.log(`Downloading release from ${url}`)
+  archiveType === 'zip'
+    ? installZip({ binaryName, url, installDirectory })
+    : installTar({ binaryName, url, installDirectory })
+  console.log(`${binaryName} has been installed!`)
+}
+/**
+ * @typedef {object} InstallDirectory
+ * @property {string} installDirectory
+ *  @typedef {InstallParams & InstallDirectory} ArchiveInstallParams
+ **/
+/**
+ * @param {ArchiveInstallParams} opts
+ * @returns {Promise<void>}
+ */
+async function installTar({ binaryName, url, installDirectory }) {
   const binaryStream = await axios({ url, responseType: 'stream' })
   await new Promise((resolve, reject) => {
     const sink = binaryStream.data.pipe(
@@ -38,5 +73,17 @@ export async function install({ binaryName, url }) {
     sink.on('finish', () => resolve(null))
     sink.on('error', (/** @type {Error} */ err) => reject(err))
   })
-  console.log(`${binaryName} has been installed!`)
+}
+/**
+ * @param {ArchiveInstallParams} opts
+ * @returns {Promise<void>}
+ */
+async function installZip({ binaryName, url, installDirectory }) {
+  const body = await axios.get(url, {
+    responseType: 'arraybuffer',
+  })
+  var zip = new AdmZip(body.data)
+  zip.extractEntryTo(binaryName, installDirectory)
 }

package/src/post_install/cx_install.mjs CHANGED Viewed

@@ -43,7 +43,7 @@ function installBinary() {
   const { target } = supportedPlatform
   const url = `https://github.com/Checkmarx/ast-cli/releases/download/2.0.55/ast-cli_${target}`
-  const binaryName = 'cx'
+  const binaryName = supportedPlatform.type === 'Windows_NT' ? 'cx.exe' : 'cx'
   install({ binaryName, url })
 }