mobbdev 0.0.82 → 0.0.84

package/dist/index.mjs

@@ -94,8 +94,8 @@ var errorMessages = {
   missingCxProjectName: `project name ${chalk.bold(
     "(--cx-project-name)"
   )} is needed if you're using checkmarx`,
-  missingScmType: `SCM type ${chalk.bold(
-    "(--scm-type)"
+  missingUrl: `url ${chalk.bold(
+    "(--url)"
   )} is needed if you're adding an SCM token`,
   invalidScmType: `SCM type ${chalk.bold(
     "(--scm-type)"
@@ -237,23 +237,33 @@ import { v4 as uuidv4 } from "uuid";
 import { gql } from "graphql-request";
 var UPDATE_SCM_TOKEN = gql`
   mutation updateScmToken(
-    $type: ScmType!
+    $scmType: String!
+    $url: String!
     $token: String!
     $org: String
     $username: String
     $refreshToken: String
   ) {
     updateScmToken(
-      type: $type
+      scmType: $scmType
+      url: $url
       token: $token
       org: $org
       username: $username
       refreshToken: $refreshToken
     ) {
-      id
-      adoAccessToken
-      gitlabAccessToken
-      gitHubAccessToken
+      __typename
+      ... on ScmAccessTokenUpdateSuccess {
+        token
+      }
+      ... on InvalidScmTypeError {
+        status
+        error
+      }
+      ... on BadScmCredentials {
+        status
+        error
+      }
     }
   }
 `;
@@ -368,10 +378,20 @@ var ME = gql2`
     me {
       id
       email
-      githubToken
-      gitlabToken
-      adoToken
-      adoOrg
+      scmConfigs {
+        id
+        isBroker
+        orgId
+        refreshToken
+        scmType
+        scmUrl
+        scmUsername
+        token
+        tokenLastUpdate
+        userId
+        scmOrg
+        isTokenAvailable
+      }
     }
   }
 `;
@@ -565,10 +585,7 @@ function subscribe(query, variables, callback, wsClientOptions) {
 import { z as z2 } from "zod";
 var UpdateScmTokenZ = z2.object({
   updateScmToken: z2.object({
-    id: z2.string(),
-    gitHubAccessToken: z2.string().nullable(),
-    gitlabAccessToken: z2.string().nullable(),
-    adoAccessToken: z2.string().nullable()
+    token: z2.string()
   })
 });
 var UploadFieldsZ = z2.object({
@@ -803,9 +820,10 @@ var GQLClient = class {
     }
   }
   async updateScmToken(args) {
-    const { type: type2, token, org, username, refreshToken } = args;
+    const { scmType, url, token, org, username, refreshToken } = args;
     const updateScmTokenResult = await this._client.request(UPDATE_SCM_TOKEN, {
-      type: type2,
+      scmType,
+      url,
       token,
       org,
       username,
@@ -1402,9 +1420,9 @@ async function getGithubBlameRanges({ ref, gitHubUrl, path: path9 }, options) {
   return res.repository.object.blame.ranges.map((range) => ({
     startingLine: range.startingLine,
     endingLine: range.endingLine,
-    email: range.commit.author.user.email,
-    name: range.commit.author.user.name,
-    login: range.commit.author.user.login
+    email: range.commit.author.user?.email || "",
+    name: range.commit.author.user?.name || "",
+    login: range.commit.author.user?.login || ""
   }));
 }
 async function createPr({
@@ -1531,6 +1549,9 @@ function deleteComment(client, params) {
 function getPrDiff(client, params) {
   return client.request(GET_PR, { ...params, mediaType: { format: "diff" } });
 }
+function getPr(client, params) {
+  return client.request(GET_PR, { ...params });
+}
 function createOrUpdateRepositorySecret(client, params) {
   return client.request(CREATE_OR_UPDATE_A_REPOSITORY_SECRET, params);
 }
@@ -1878,7 +1899,7 @@ var isValidBranchName = async (branchName) => {
 var FixesZ = z6.array(z6.object({ fixId: z6.string(), diff: z6.string() })).nonempty();
 
 // src/features/analysis/scm/scm.ts
-function getScmLibTypeFromUrl(url) {
+function getCloudScmLibTypeFromUrl(url) {
   if (!url) {
     return void 0;
   }
@@ -1895,19 +1916,92 @@ function getScmLibTypeFromUrl(url) {
   }
   return void 0;
 }
+function getScmTypeFromScmLibType(scmLibType) {
+  if (scmLibType === "GITLAB" /* GITLAB */) {
+    return "GitLab" /* GitLab */;
+  }
+  if (scmLibType === "GITHUB" /* GITHUB */) {
+    return "GitHub" /* GitHub */;
+  }
+  if (scmLibType === "ADO" /* ADO */) {
+    return "Ado" /* Ado */;
+  }
+  throw new Error(`unknown scm lib type: ${scmLibType}`);
+}
+function getScmLibTypeFromScmType(scmType) {
+  if (scmType === "GitLab" /* GitLab */) {
+    return "GITLAB" /* GITLAB */;
+  }
+  if (scmType === "GitHub" /* GitHub */) {
+    return "GITHUB" /* GITHUB */;
+  }
+  if (scmType === "Ado" /* Ado */) {
+    return "ADO" /* ADO */;
+  }
+  throw new Error(`unknown scm type: ${scmType}`);
+}
+function getScmConfig({
+  url,
+  scmConfigs,
+  includeOrgTokens = true
+}) {
+  const filteredScmConfigs = scmConfigs.filter((scm) => {
+    const urlObject = new URL(url);
+    const configUrl = new URL(scm.scmUrl);
+    return (
+      //if we the user does an ADO oauth flow then the token is saved for dev.azure.com but
+      //sometimes the user uses the url dev.azure.com and sometimes the url visualstudio.com
+      //so we need to check both
+      (urlObject.hostname === configUrl.hostname || urlObject.hostname.endsWith(".visualstudio.com") && configUrl.hostname === "dev.azure.com") && urlObject.protocol === configUrl.protocol && urlObject.port === configUrl.port
+    );
+  });
+  const scmOrgConfig = filteredScmConfigs.find((scm) => scm.orgId && scm.token);
+  if (scmOrgConfig && includeOrgTokens) {
+    return {
+      id: scmOrgConfig.id,
+      accessToken: scmOrgConfig.token || void 0,
+      scmLibType: getScmLibTypeFromScmType(scmOrgConfig.scmType),
+      scmOrg: scmOrgConfig.scmOrg || void 0
+    };
+  }
+  const scmUserConfig = filteredScmConfigs.find(
+    (scm) => scm.userId && scm.token
+  );
+  if (scmUserConfig) {
+    return {
+      id: scmUserConfig.id,
+      accessToken: scmUserConfig.token || void 0,
+      scmLibType: getScmLibTypeFromScmType(scmUserConfig.scmType),
+      scmOrg: scmUserConfig.scmOrg || void 0
+    };
+  }
+  const type2 = getCloudScmLibTypeFromUrl(url);
+  if (type2) {
+    return {
+      id: void 0,
+      accessToken: void 0,
+      scmLibType: type2,
+      scmOrg: void 0
+    };
+  }
+  return {
+    id: void 0,
+    accessToken: void 0,
+    scmLibType: void 0,
+    scmOrg: void 0
+  };
+}
 async function scmCanReachRepo({
   repoUrl,
-  githubToken,
-  gitlabToken,
-  adoToken,
+  scmType,
+  accessToken,
   scmOrg
 }) {
   try {
-    const scmLibType = getScmLibTypeFromUrl(repoUrl);
     await SCMLib.init({
       url: repoUrl,
-      accessToken: scmLibType === "GITHUB" /* GITHUB */ ? githubToken : scmLibType === "GITLAB" /* GITLAB */ ? gitlabToken : scmLibType === "ADO" /* ADO */ ? adoToken : "",
-      scmType: scmLibType,
+      accessToken,
+      scmType: getScmLibTypeFromScmType(scmType),
       scmOrg
     });
     return true;
@@ -1958,7 +2052,7 @@ var SCMLib = class {
     if (!this.accessToken) {
       return trimmedUrl;
     }
-    const scmLibType = getScmLibTypeFromUrl(trimmedUrl);
+    const scmLibType = this.getScmLibType();
     if (scmLibType === "ADO" /* ADO */) {
       return `https://${this.accessToken}@${trimmedUrl.toLowerCase().replace("https://", "")}`;
     }
@@ -2085,6 +2179,9 @@ var AdoSCMLib = class extends SCMLib {
       repoUrl: this.url
     });
   }
+  getScmLibType() {
+    return "ADO" /* ADO */;
+  }
   getAuthHeaders() {
     if (this.accessToken) {
       if (getAdoTokenType(this.accessToken) === "OAUTH" /* OAUTH */) {
@@ -2185,6 +2282,9 @@ var AdoSCMLib = class extends SCMLib {
       accessToken: this.accessToken
     });
   }
+  getPr() {
+    throw new Error("Method not implemented.");
+  }
 };
 var GitlabSCMLib = class extends SCMLib {
   async createSubmitRequest(targetBranchName, sourceBranchName, title, body) {
@@ -2243,6 +2343,9 @@ var GitlabSCMLib = class extends SCMLib {
       repoUrl: this.url
     });
   }
+  getScmLibType() {
+    return "GITLAB" /* GITLAB */;
+  }
   getAuthHeaders() {
     if (this?.accessToken?.startsWith("glpat-")) {
       return {
@@ -2353,6 +2456,9 @@ var GitlabSCMLib = class extends SCMLib {
   updatePrComment(_params, _oktokit) {
     throw new Error("updatePrComment not implemented.");
   }
+  getPr() {
+    throw new Error("Method not implemented.");
+  }
 };
 var GithubSCMLib = class extends SCMLib {
   // we don't always need a url, what's important is that we have an access token
@@ -2503,6 +2609,9 @@ var GithubSCMLib = class extends SCMLib {
     }
     return getGithubBranchList(this.accessToken, this.url);
   }
+  getScmLibType() {
+    return "GITHUB" /* GITHUB */;
+  }
   getAuthHeaders() {
     if (this.accessToken) {
       return { authorization: `Bearer ${this.accessToken}` };
@@ -2606,12 +2715,28 @@ var GithubSCMLib = class extends SCMLib {
       githubAuthToken: this.accessToken
     });
   }
+  async getPr(prNumber) {
+    if (!this.url || !this.oktokit) {
+      console.error("no url");
+      throw new Error("no url");
+    }
+    const { owner, repo } = parseGithubOwnerAndRepo(this.url);
+    return getPr(this.oktokit, {
+      owner,
+      repo,
+      pull_number: prNumber
+    });
+  }
 };
 var StubSCMLib = class extends SCMLib {
   async createSubmitRequest(_targetBranchName, _sourceBranchName, _title, _body) {
     console.error("createSubmitRequest() not implemented");
     throw new Error("createSubmitRequest() not implemented");
   }
+  getScmLibType() {
+    console.error("getScmLibType() not implemented");
+    throw new Error("getScmLibType() not implemented");
+  }
   getAuthHeaders() {
     console.error("getAuthHeaders() not implemented");
     throw new Error("getAuthHeaders() not implemented");
@@ -2684,6 +2809,10 @@ var StubSCMLib = class extends SCMLib {
     console.error("updatePrComment() not implemented");
     throw new Error("updatePrComment() not implemented");
   }
+  async getPr() {
+    console.error("getPr() not implemented");
+    throw new Error("getPr() not implemented");
+  }
 };
 
 // src/features/analysis/scm/ado.ts
@@ -3888,11 +4017,8 @@ async function runAnalysis(params, options) {
     tmpObj.removeCallback();
   }
 }
-function _getTokenAndUrlForScmType({
-  scmLibType,
-  githubToken,
-  gitlabToken,
-  adoToken
+function _getUrlForScmType({
+  scmLibType
 }) {
   const githubAuthUrl = `${WEB_APP_URL}/github-auth`;
   const gitlabAuthUrl = `${WEB_APP_URL}/gitlab-auth`;
@@ -3900,22 +4026,18 @@ function _getTokenAndUrlForScmType({
   switch (scmLibType) {
     case "GITHUB" /* GITHUB */:
       return {
-        token: githubToken,
         authUrl: githubAuthUrl
       };
     case "GITLAB" /* GITLAB */:
       return {
-        token: gitlabToken,
         authUrl: gitlabAuthUrl
       };
     case "ADO" /* ADO */:
       return {
-        token: adoToken,
         authUrl: adoAuthUrl
       };
     default:
       return {
-        token: void 0,
         authUrl: void 0
       };
   }
@@ -3958,35 +4080,34 @@ async function _scan(params, { skipPrompts = false } = {}) {
     throw new Error("repo is required in case srcPath is not provided");
   }
   const userInfo = await gqlClient.getUserInfo();
-  const { githubToken, gitlabToken, adoToken, adoOrg } = userInfo;
+  const tokenInfo = getScmConfig({
+    url: repo,
+    scmConfigs: userInfo.scmConfigs,
+    includeOrgTokens: false
+  });
   const isRepoAvailable = await scmCanReachRepo({
     repoUrl: repo,
-    githubToken,
-    gitlabToken,
-    adoToken,
-    scmOrg: adoOrg
+    accessToken: tokenInfo.accessToken,
+    scmOrg: tokenInfo.scmOrg,
+    scmType: getScmTypeFromScmLibType(tokenInfo.scmLibType)
   });
-  const scmLibType = getScmLibTypeFromUrl(repo);
-  const { authUrl: scmAuthUrl, token } = _getTokenAndUrlForScmType({
-    scmLibType,
-    githubToken,
-    gitlabToken,
-    adoToken
+  const cloudScmLibType = getCloudScmLibTypeFromUrl(repo);
+  const { authUrl: scmAuthUrl } = _getUrlForScmType({
+    scmLibType: cloudScmLibType
   });
-  let myToken = token;
+  let myToken = tokenInfo.accessToken;
   if (!isRepoAvailable) {
-    if (ci || !scmLibType || !scmAuthUrl) {
+    if (ci || !cloudScmLibType || !scmAuthUrl) {
       const errorMessage = scmAuthUrl ? `Cannot access repo ${repo}` : `Cannot access repo ${repo} with the provided token, please visit ${scmAuthUrl} to refresh your source control management system token`;
       throw new Error(errorMessage);
     }
-    if (scmLibType && scmAuthUrl) {
-      myToken = await handleScmIntegration(token, scmLibType, scmAuthUrl) || "";
+    if (cloudScmLibType && scmAuthUrl) {
+      myToken = await handleScmIntegration(tokenInfo.accessToken, scmAuthUrl, repo) || "";
       const isRepoAvailable2 = await scmCanReachRepo({
         repoUrl: repo,
-        githubToken: myToken,
-        gitlabToken: myToken,
-        adoToken: myToken,
-        scmOrg: adoOrg
+        accessToken: myToken,
+        scmOrg: tokenInfo.scmOrg,
+        scmType: getScmTypeFromScmLibType(tokenInfo.scmLibType)
       });
       if (!isRepoAvailable2) {
         throw new Error(
@@ -3997,9 +4118,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
   }
   const scm = await SCMLib.init({
     url: repo,
-    accessToken: token,
-    scmType: scmLibType,
-    scmOrg: adoOrg
+    accessToken: myToken,
+    scmOrg: tokenInfo.scmOrg,
+    scmType: tokenInfo.scmLibType
   });
   const reference = ref ?? await scm.getRepoDefaultBranch();
   const { sha } = await scm.getReferenceData(reference);
@@ -4171,8 +4292,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
       throw new CliError2();
     }
   }
-  async function handleScmIntegration(oldToken, scmLibType2, scmAuthUrl2) {
-    const scmName = scmLibType2 === "GITHUB" /* GITHUB */ ? "Github" : scmLibType2 === "GITLAB" /* GITLAB */ ? "Gitlab" : scmLibType2 === "ADO" /* ADO */ ? "Azure DevOps" : "";
+  async function handleScmIntegration(oldToken, scmAuthUrl2, repoUrl) {
+    const scmLibType = getCloudScmLibTypeFromUrl(repoUrl);
+    const scmName = scmLibType === "GITHUB" /* GITHUB */ ? "Github" : scmLibType === "GITLAB" /* GITLAB */ ? "Gitlab" : scmLibType === "ADO" /* ADO */ ? "Azure DevOps" : "";
     const addScmIntegration = skipPrompts ? true : await scmIntegrationPrompt(scmName);
     const scmSpinner = createSpinner4(
       `\u{1F517} Waiting for ${scmName} integration...`
@@ -4186,14 +4308,15 @@ async function _scan(params, { skipPrompts = false } = {}) {
     );
     await open2(scmAuthUrl2);
     for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
-      const { githubToken: githubToken2, gitlabToken: gitlabToken2 } = await gqlClient.getUserInfo();
-      if (scmLibType2 === "GITHUB" /* GITHUB */ && githubToken2 !== oldToken) {
-        scmSpinner.success({ text: "\u{1F517} Github integration successful!" });
-        return githubToken2;
-      }
-      if (scmLibType2 === "GITLAB" /* GITLAB */ && gitlabToken2 !== oldToken) {
-        scmSpinner.success({ text: "\u{1F517} Gitlab integration successful!" });
-        return gitlabToken2;
+      const userInfo2 = await gqlClient.getUserInfo();
+      const tokenInfo2 = getScmConfig({
+        url: repoUrl,
+        scmConfigs: userInfo2.scmConfigs,
+        includeOrgTokens: false
+      });
+      if (tokenInfo2.accessToken && tokenInfo2.accessToken !== oldToken) {
+        scmSpinner.success({ text: `\u{1F517} ${scmName} integration successful!` });
+        return tokenInfo2.accessToken;
       }
       scmSpinner.spin();
       await sleep(LOGIN_CHECK_DELAY);
@@ -4348,12 +4471,16 @@ var packageJson2 = JSON.parse(
 );
 var config3 = new Configstore2(packageJson2.name, { apiToken: "" });
 async function addScmToken(addScmTokenOptions) {
-  const { apiKey, token, organization, scm, username, refreshToken } = addScmTokenOptions;
+  const { apiKey, token, organization, scmType, url, username, refreshToken } = addScmTokenOptions;
   const gqlClient = new GQLClient({
     apiKey: apiKey || config3.get("apiToken")
   });
+  if (!scmType) {
+    throw new CliError(errorMessages.invalidScmType);
+  }
   await gqlClient.updateScmToken({
-    type: scm,
+    scmType,
+    url,
     token,
     org: organization,
     username,
@@ -4437,9 +4564,16 @@ var commitHashOption = {
   type: "string"
 };
 var scmTypeOption = {
+  demandOption: true,
   describe: chalk5.bold("SCM type (GitHub, GitLab, Ado)"),
   type: "string"
 };
+var urlOption = {
+  describe: chalk5.bold(
+    "URL of the repository (used in GitHub, GitLab, Azure DevOps)"
+  ),
+  type: "string"
+};
 var scmOrgOption = {
   describe: chalk5.bold("Organization name in SCM (used in Azure DevOps)"),
   type: "string"
@@ -4626,29 +4760,32 @@ async function scanHandler(args) {
 
 // src/args/commands/token.ts
 function addScmTokenBuilder(args) {
-  return args.option("scm", scmTypeOption).option("token", scmTokenOption).option("organization", scmOrgOption).option("username", scmUsernameOption).option("refresh-token", scmRefreshTokenOption).option("api-key", apiKeyOption).example(
-    "$0 add-scm-token --scm ado --token abcdef0123456 --organization myOrg",
+  return args.option("scm-type", scmTypeOption).option("url", urlOption).option("token", scmTokenOption).option("organization", scmOrgOption).option("username", scmUsernameOption).option("refresh-token", scmRefreshTokenOption).option("api-key", apiKeyOption).example(
+    "$0 add-scm-token --scm-type Ado --url https://dev.azure.com/adoorg/test/_git/repo --token abcdef0123456 --organization myOrg",
     "Add your SCM (Github, Gitlab, Azure DevOps) token to Mobb to enable automated fixes."
-  ).help().demandOption(["scm", "token"]);
+  ).help().demandOption(["url", "token"]);
 }
 function validateAddScmTokenOptions(argv) {
-  if (!argv.scm) {
-    throw new CliError(errorMessages.missingScmType);
-  }
-  if (!Object.values(ScmTypes).includes(argv.scm)) {
-    throw new CliError(errorMessages.invalidScmType);
+  if (!argv.url) {
+    throw new CliError(errorMessages.missingUrl);
   }
   if (!argv.token) {
     throw new CliError(errorMessages.missingToken);
   }
-  if (argv.scm === ScmTypes.AzureDevOps && !argv.organization) {
+  if ("GitHub" /* GitHub */ !== argv.scmType && "Ado" /* Ado */ !== argv.scmType && "GitLab" /* GitLab */ !== argv.scmType) {
     throw new CliError(
-      "\nError: --organization flag is required for Azure DevOps"
+      "\nError: --scm-type must reference a valid SCM type (GitHub, GitLab, Ado)"
     );
   }
-  if (argv.scm === ScmTypes.Github && !argv.username) {
+  const urlObj = new URL(argv.url);
+  if (urlObj.hostname === "github.com" && !argv.username) {
     throw new CliError("\nError: --username flag is required for GitHub");
   }
+  if ((urlObj.hostname === "dev.azure.com" || urlObj.hostname.endsWith(".visualstudio.com")) && !argv.organization) {
+    throw new CliError(
+      "\nError: --organization flag is required for Azure DevOps"
+    );
+  }
 }
 async function addScmTokenHandler(args) {
   validateAddScmTokenOptions(args);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.82",
+  "version": "0.0.84",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",