mobbdev 0.0.59 → 0.0.60
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +18 -40
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -230,17 +230,11 @@ var DIGEST_VULNERABILITY_REPORT = gql`
|
|
|
230
230
|
$vulnerabilityReportFileName: String!
|
|
231
231
|
$fixReportId: String!
|
|
232
232
|
$projectId: String!
|
|
233
|
-
$repoUrl: String!
|
|
234
|
-
$reference: String!
|
|
235
|
-
$sha: String
|
|
236
233
|
) {
|
|
237
234
|
digestVulnerabilityReport(
|
|
238
235
|
fixReportId: $fixReportId
|
|
239
236
|
vulnerabilityReportFileName: $vulnerabilityReportFileName
|
|
240
237
|
projectId: $projectId
|
|
241
|
-
repoUrl: $repoUrl
|
|
242
|
-
reference: $reference
|
|
243
|
-
sha: $sha
|
|
244
238
|
) {
|
|
245
239
|
__typename
|
|
246
240
|
... on VulnerabilityReport {
|
|
@@ -262,29 +256,22 @@ var DIGEST_VULNERABILITY_REPORT = gql`
|
|
|
262
256
|
}
|
|
263
257
|
}
|
|
264
258
|
`;
|
|
265
|
-
var INITIALIZE_VULNERABILITY_REPORT = gql`
|
|
266
|
-
mutation InitializeVulnerabilityReport($fixReportId: String!) {
|
|
267
|
-
initializeVulnerabilityReport(fixReportId: $fixReportId) {
|
|
268
|
-
__typename
|
|
269
|
-
}
|
|
270
|
-
}
|
|
271
|
-
`;
|
|
272
259
|
var SUBMIT_VULNERABILITY_REPORT = gql`
|
|
273
260
|
mutation SubmitVulnerabilityReport(
|
|
274
|
-
$vulnerabilityReportFileName: String!
|
|
275
261
|
$fixReportId: String!
|
|
276
262
|
$repoUrl: String!
|
|
277
263
|
$reference: String!
|
|
278
264
|
$projectId: String!
|
|
279
265
|
$sha: String
|
|
266
|
+
$vulnerabilityReportFileName: String
|
|
280
267
|
) {
|
|
281
268
|
submitVulnerabilityReport(
|
|
282
269
|
fixReportId: $fixReportId
|
|
283
270
|
repoUrl: $repoUrl
|
|
284
271
|
reference: $reference
|
|
285
272
|
sha: $sha
|
|
286
|
-
vulnerabilityReportFileName: $vulnerabilityReportFileName
|
|
287
273
|
projectId: $projectId
|
|
274
|
+
vulnerabilityReportFileName: $vulnerabilityReportFileName
|
|
288
275
|
) {
|
|
289
276
|
__typename
|
|
290
277
|
}
|
|
@@ -526,43 +513,31 @@ var GQLClient = class {
|
|
|
526
513
|
}
|
|
527
514
|
async digestVulnerabilityReport({
|
|
528
515
|
fixReportId,
|
|
529
|
-
projectId
|
|
530
|
-
repoUrl,
|
|
531
|
-
reference,
|
|
532
|
-
sha
|
|
516
|
+
projectId
|
|
533
517
|
}) {
|
|
534
518
|
const res = await this._client.request(
|
|
535
519
|
DIGEST_VULNERABILITY_REPORT,
|
|
536
520
|
{
|
|
537
521
|
fixReportId,
|
|
538
522
|
vulnerabilityReportFileName: "report.json",
|
|
539
|
-
projectId
|
|
540
|
-
repoUrl,
|
|
541
|
-
reference,
|
|
542
|
-
sha
|
|
523
|
+
projectId
|
|
543
524
|
}
|
|
544
525
|
);
|
|
545
526
|
return DigestVulnerabilityReportZ.parse(res).digestVulnerabilityReport;
|
|
546
527
|
}
|
|
547
|
-
async initializeVulnerabilityReport({
|
|
548
|
-
fixReportId
|
|
549
|
-
}) {
|
|
550
|
-
await this._client.request(INITIALIZE_VULNERABILITY_REPORT, {
|
|
551
|
-
fixReportId
|
|
552
|
-
});
|
|
553
|
-
}
|
|
554
528
|
async submitVulnerabilityReport({
|
|
555
529
|
fixReportId,
|
|
556
530
|
repoUrl,
|
|
557
531
|
reference,
|
|
558
532
|
projectId,
|
|
559
|
-
sha
|
|
533
|
+
sha,
|
|
534
|
+
vulnerabilityReportFileName
|
|
560
535
|
}) {
|
|
561
536
|
await this._client.request(SUBMIT_VULNERABILITY_REPORT, {
|
|
562
537
|
fixReportId,
|
|
563
538
|
repoUrl,
|
|
564
539
|
reference,
|
|
565
|
-
vulnerabilityReportFileName
|
|
540
|
+
vulnerabilityReportFileName,
|
|
566
541
|
projectId,
|
|
567
542
|
sha: sha || ""
|
|
568
543
|
});
|
|
@@ -2267,7 +2242,9 @@ async function _scan({
|
|
|
2267
2242
|
fixReportId: reportUploadInfo.fixReportId,
|
|
2268
2243
|
repoUrl: repo,
|
|
2269
2244
|
reference,
|
|
2270
|
-
projectId
|
|
2245
|
+
projectId,
|
|
2246
|
+
vulnerabilityReportFileName: "report.json",
|
|
2247
|
+
sha
|
|
2271
2248
|
});
|
|
2272
2249
|
} catch (e) {
|
|
2273
2250
|
mobbSpinner.error({ text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed" });
|
|
@@ -2430,14 +2407,11 @@ async function _scan({
|
|
|
2430
2407
|
});
|
|
2431
2408
|
const digestSpinner = createSpinner4("\u{1F575}\uFE0F\u200D\u2642\uFE0F Digesting report").start();
|
|
2432
2409
|
let vulnFiles = [];
|
|
2410
|
+
const gitInfo = await getGitInfo(srcPath);
|
|
2433
2411
|
try {
|
|
2434
|
-
const gitInfo = await getGitInfo(srcPath);
|
|
2435
2412
|
const { vulnerabilityReportId } = await gqlClient.digestVulnerabilityReport({
|
|
2436
2413
|
fixReportId: reportUploadInfo.fixReportId,
|
|
2437
|
-
projectId
|
|
2438
|
-
repoUrl: repo || gitInfo.repoUrl,
|
|
2439
|
-
reference: gitInfo.reference,
|
|
2440
|
-
sha: commitHash || gitInfo.hash
|
|
2414
|
+
projectId
|
|
2441
2415
|
});
|
|
2442
2416
|
const finalState = await gqlClient.waitFixReportInit(
|
|
2443
2417
|
reportUploadInfo.fixReportId,
|
|
@@ -2474,8 +2448,12 @@ async function _scan({
|
|
|
2474
2448
|
uploadRepoSpinner.success({ text: "\u{1F4C1} Uploading Repo successful!" });
|
|
2475
2449
|
const mobbSpinner2 = createSpinner4("\u{1F575}\uFE0F\u200D\u2642\uFE0F Initiating Mobb analysis").start();
|
|
2476
2450
|
try {
|
|
2477
|
-
await gqlClient.
|
|
2478
|
-
fixReportId: reportUploadInfo.fixReportId
|
|
2451
|
+
await gqlClient.submitVulnerabilityReport({
|
|
2452
|
+
fixReportId: reportUploadInfo.fixReportId,
|
|
2453
|
+
projectId,
|
|
2454
|
+
repoUrl: repo || gitInfo.repoUrl,
|
|
2455
|
+
reference: gitInfo.reference,
|
|
2456
|
+
sha: commitHash || gitInfo.hash
|
|
2479
2457
|
});
|
|
2480
2458
|
} catch (e) {
|
|
2481
2459
|
mobbSpinner2.error({ text: "\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed" });
|