mobbdev 0.0.84 → 0.0.85

package/dist/index.mjs

@@ -173,7 +173,6 @@ var CliError = class extends Error {
 };
 
 // src/features/analysis/index.ts
-import { Octokit as Octokit3 } from "@octokit/core";
 import chalk4 from "chalk";
 import Configstore from "configstore";
 import Debug10 from "debug";
@@ -476,6 +475,17 @@ var GET_FIX = gql2`
     }
   }
 `;
+var GET_FIXES = gql2`
+  query getFixes($filters: fix_bool_exp!) {
+    fixes: fix(where: $filters) {
+      issueType
+      id
+      patchAndQuestions {
+        patch
+      }
+    }
+  }
+`;
 var GET_VUL_BY_NODES_METADATA = gql2`
   query getVulByNodesMetadata(
     $filters: [vulnerability_report_issue_code_node_bool_exp!]
@@ -486,6 +496,7 @@ var GET_VUL_BY_NODES_METADATA = gql2`
       where: {
         _or: $filters
         vulnerabilityReportIssue: {
+          fixId: { _is_null: false }
           vulnerabilityReportId: { _eq: $vulnerabilityReportId }
         }
       }
@@ -498,6 +509,35 @@ var GET_VUL_BY_NODES_METADATA = gql2`
         fixId
       }
     }
+    fixablePrVuls: vulnerability_report_issue_aggregate(
+      where: {
+        fixId: { _is_null: false }
+        vulnerabilityReportId: { _eq: $vulnerabilityReportId }
+        codeNodes: { _or: $filters }
+      }
+    ) {
+      aggregate {
+        count
+      }
+    }
+    nonFixablePrVuls: vulnerability_report_issue_aggregate(
+      where: {
+        fixId: { _is_null: true }
+        vulnerabilityReportId: { _eq: $vulnerabilityReportId }
+        codeNodes: { _or: $filters }
+      }
+    ) {
+      aggregate {
+        count
+      }
+    }
+    totalScanVulnerabilities: vulnerability_report_issue_aggregate(
+      where: { vulnerabilityReportId: { _eq: $vulnerabilityReportId } }
+    ) {
+      aggregate {
+        count
+      }
+    }
   }
 `;
 
@@ -711,15 +751,17 @@ var GetAnalysisQueryZ = z2.object({
     })
   })
 });
-var GetFixQueryZ = z2.object({
-  fix_by_pk: z2.object({
-    issueType: z2.string(),
-    id: z2.string(),
-    patchAndQuestions: z2.object({
-      patch: z2.string()
-    })
+var FixDataZ = z2.object({
+  issueType: z2.string(),
+  id: z2.string(),
+  patchAndQuestions: z2.object({
+    patch: z2.string()
   })
 });
+var GetFixQueryZ = z2.object({
+  fix_by_pk: FixDataZ
+});
+var GetFixesQueryZ = z2.object({ fixes: z2.array(FixDataZ) });
 var VulnerabilityReportIssueCodeNodeZ = z2.object({
   vulnerabilityReportIssueId: z2.string(),
   path: z2.string(),
@@ -729,7 +771,22 @@ var VulnerabilityReportIssueCodeNodeZ = z2.object({
   })
 });
 var GetVulByNodesMetadataZ = z2.object({
-  vulnerabilityReportIssueCodeNodes: z2.array(VulnerabilityReportIssueCodeNodeZ)
+  vulnerabilityReportIssueCodeNodes: z2.array(VulnerabilityReportIssueCodeNodeZ),
+  nonFixablePrVuls: z2.object({
+    aggregate: z2.object({
+      count: z2.number()
+    })
+  }),
+  fixablePrVuls: z2.object({
+    aggregate: z2.object({
+      count: z2.number()
+    })
+  }),
+  totalScanVulnerabilities: z2.object({
+    aggregate: z2.object({
+      count: z2.number()
+    })
+  })
 });
 
 // src/features/analysis/graphql/gql.ts
@@ -844,7 +901,6 @@ var GQLClient = class {
     const filters = hunks.map((hunk) => {
       const filter = {
         path: { _eq: hunk.path },
-        vulnerabilityReportIssue: { fixId: { _is_null: false } },
         _or: hunk.ranges.map(({ endLine, startLine }) => ({
           startLine: { _gte: startLine, _lte: endLine },
           endLine: { _gte: startLine, _lte: endLine }
@@ -868,10 +924,20 @@ var GQLClient = class {
         [vulnerabilityReportIssueCodeNode.vulnerabilityReportIssueId]: vulnerabilityReportIssueCodeNode
       };
     }, {});
+    const nonFixablePrVuls = parsedGetVulByNodesMetadataRes.nonFixablePrVuls.aggregate.count;
+    const fixablePrVuls = parsedGetVulByNodesMetadataRes.fixablePrVuls.aggregate.count;
+    const totalScanVulnerabilities = parsedGetVulByNodesMetadataRes.totalScanVulnerabilities.aggregate.count;
+    const vulnerabilitiesOutsidePr = totalScanVulnerabilities - nonFixablePrVuls - fixablePrVuls;
+    const totalPrVulnerabilities = nonFixablePrVuls + fixablePrVuls;
     return {
       vulnerabilityReportIssueCodeNodes: Object.values(
         uniqueVulByNodesMetadata
-      )
+      ),
+      nonFixablePrVuls,
+      fixablePrVuls,
+      totalScanVulnerabilities,
+      vulnerabilitiesOutsidePr,
+      totalPrVulnerabilities
     };
   }
   async digestVulnerabilityReport({
@@ -977,9 +1043,19 @@ var GQLClient = class {
     );
     return GetFixQueryZ.parse(res);
   }
+  async getFixes(fixIds) {
+    const res = await this._client.request(
+      GET_FIXES,
+      {
+        filters: { id: { _in: fixIds } }
+      }
+    );
+    return GetFixesQueryZ.parse(res);
+  }
 };
 
 // src/features/analysis/handle_finished_analysis.ts
+import { Octokit as Octokit3 } from "@octokit/core";
 import Debug4 from "debug";
 import parseDiff from "parse-diff";
 import { z as z9 } from "zod";
@@ -1527,6 +1603,9 @@ var UPDATE_COMMENT_PATH = "PATCH /repos/{owner}/{repo}/pulls/comments/{comment_i
 var GET_PR_COMMENTS_PATH = "GET /repos/{owner}/{repo}/pulls/{pull_number}/comments";
 var GET_PR_COMMENT_PATH = "GET /repos/{owner}/{repo}/pulls/comments/{comment_id}";
 var GET_PR = "GET /repos/{owner}/{repo}/pulls/{pull_number}";
+var POST_GENERAL_PR_COMMENT = "POST /repos/{owner}/{repo}/issues/{issue_number}/comments";
+var GET_GENERAL_PR_COMMENTS = "GET /repos/{owner}/{repo}/issues/{issue_number}/comments";
+var DELETE_GENERAL_PR_COMMENT = "DELETE /repos/{owner}/{repo}/issues/comments/{comment_id}";
 var CREATE_OR_UPDATE_A_REPOSITORY_SECRET = "PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}";
 var GET_A_REPOSITORY_PUBLIC_KEY = "GET /repos/{owner}/{repo}/actions/secrets/public-key";
 
@@ -1558,6 +1637,15 @@ function createOrUpdateRepositorySecret(client, params) {
 function getARepositoryPublicKey(client, params) {
   return client.request(GET_A_REPOSITORY_PUBLIC_KEY, params);
 }
+function postGeneralPrComment(client, params) {
+  return client.request(POST_GENERAL_PR_COMMENT, params);
+}
+function getGeneralPrComments(client, params) {
+  return client.request(GET_GENERAL_PR_COMMENTS, params);
+}
+function deleteGeneralPrComment(client, params) {
+  return client.request(DELETE_GENERAL_PR_COMMENT, params);
+}
 
 // src/features/analysis/scm/gitlab.ts
 import querystring from "node:querystring";
@@ -2285,6 +2373,15 @@ var AdoSCMLib = class extends SCMLib {
   getPr() {
     throw new Error("Method not implemented.");
   }
+  postGeneralPrComment() {
+    throw new Error("Method not implemented.");
+  }
+  getGeneralPrComments() {
+    throw new Error("Method not implemented.");
+  }
+  deleteGeneralPrComment() {
+    throw new Error("Method not implemented.");
+  }
 };
 var GitlabSCMLib = class extends SCMLib {
   async createSubmitRequest(targetBranchName, sourceBranchName, title, body) {
@@ -2459,6 +2556,15 @@ var GitlabSCMLib = class extends SCMLib {
   getPr() {
     throw new Error("Method not implemented.");
   }
+  postGeneralPrComment() {
+    throw new Error("Method not implemented.");
+  }
+  getGeneralPrComments() {
+    throw new Error("Method not implemented.");
+  }
+  deleteGeneralPrComment() {
+    throw new Error("Method not implemented.");
+  }
 };
 var GithubSCMLib = class extends SCMLib {
   // we don't always need a url, what's important is that we have an access token
@@ -2727,6 +2833,48 @@ var GithubSCMLib = class extends SCMLib {
       pull_number: prNumber
     });
   }
+  async postGeneralPrComment(params, auth) {
+    const { prNumber, body } = params;
+    if (!this.url) {
+      console.error("no url");
+      throw new Error("no url");
+    }
+    const oktoKit = auth ? new Octokit2({ auth: auth.authToken }) : this.oktokit;
+    const { owner, repo } = parseGithubOwnerAndRepo(this.url);
+    return await postGeneralPrComment(oktoKit, {
+      issue_number: prNumber,
+      owner,
+      repo,
+      body
+    });
+  }
+  async getGeneralPrComments(params, auth) {
+    const { prNumber } = params;
+    if (!this.url) {
+      console.error("no url");
+      throw new Error("no url");
+    }
+    const oktoKit = auth ? new Octokit2({ auth: auth.authToken }) : this.oktokit;
+    const { owner, repo } = parseGithubOwnerAndRepo(this.url);
+    return await getGeneralPrComments(oktoKit, {
+      issue_number: prNumber,
+      owner,
+      repo
+    });
+  }
+  async deleteGeneralPrComment({ commentId }, auth) {
+    if (!this.url) {
+      console.error("no url");
+      throw new Error("no url");
+    }
+    const oktoKit = auth ? new Octokit2({ auth: auth.authToken }) : this.oktokit;
+    const { owner, repo } = parseGithubOwnerAndRepo(this.url);
+    return deleteGeneralPrComment(oktoKit, {
+      owner,
+      repo,
+      comment_id: commentId
+    });
+  }
 };
 var StubSCMLib = class extends SCMLib {
   async createSubmitRequest(_targetBranchName, _sourceBranchName, _title, _body) {
@@ -2813,6 +2961,15 @@ var StubSCMLib = class extends SCMLib {
     console.error("getPr() not implemented");
     throw new Error("getPr() not implemented");
   }
+  postGeneralPrComment() {
+    throw new Error("Method not implemented.");
+  }
+  getGeneralPrComments() {
+    throw new Error("Method not implemented.");
+  }
+  deleteGeneralPrComment() {
+    throw new Error("Method not implemented.");
+  }
 };
 
 // src/features/analysis/scm/ado.ts
@@ -3264,7 +3421,7 @@ var AdoAuthResultZ = z8.object({
 });
 
 // src/features/analysis/scm/constants.ts
-var MOBB_ICON_IMG = "https://svgshare.com/i/12DK.svg";
+var MOBB_ICON_IMG = "https://app.mobb.ai/gh-action/Logo_Rounded_Icon.svg";
 var COMMIT_FIX_SVG = `https://app.mobb.ai/gh-action/commit-button.svg`;
 
 // src/features/analysis/scm/utils/get_issue_type.ts
@@ -3379,6 +3536,13 @@ function getCommitUrl(params) {
   })}/commit?${searchParams.toString()}`;
 }
 
+// src/features/analysis/utils/by_key.ts
+function keyBy(array, keyBy2) {
+  return array.reduce((acc, item) => {
+    return { ...acc, [item[keyBy2]]: item };
+  }, {});
+}
+
 // src/features/analysis/utils/calculate_ranges.ts
 function calculateRanges(integers) {
   if (integers.length === 0) {
@@ -3406,7 +3570,10 @@ function calculateRanges(integers) {
 
 // src/features/analysis/handle_finished_analysis.ts
 var debug4 = Debug4("mobbdev:handle-finished-analysis");
+var contactUsMarkdown = `For specific requests [contact us](https://mobb.ai/contact) and we'll do the most to answer your need quickly.`;
 var commitFixButton = (commitUrl) => `<a href="${commitUrl}"><img src=${COMMIT_FIX_SVG}></a>`;
+var MobbIconMarkdown = `![image](${MOBB_ICON_IMG})`;
+var noVulnerabilitiesFoundTitle = `# ${MobbIconMarkdown} No security issues were found \u2705`;
 function scannerToFriendlyString(scanner) {
   switch (scanner) {
     case "checkmarx":
@@ -3419,7 +3586,7 @@ function scannerToFriendlyString(scanner) {
       return "Snyk";
   }
 }
-async function getFixesFromDiff(params) {
+async function getRelevantVulenrabilitiesFromDiff(params) {
   const { gqlClient, diff, vulnerabilityReportId } = params;
   const parsedDiff = parseDiff(diff);
   const fileHunks = parsedDiff.map((file) => {
@@ -3442,13 +3609,45 @@ async function getFixesFromDiff(params) {
     vulnerabilityReportId
   });
 }
+async function getFixesData(params) {
+  const { gqlClient, fixesId } = params;
+  const { fixes } = await gqlClient.getFixes(fixesId);
+  return keyBy(fixes, "id");
+}
+function buildAnalysisSummaryComment(params) {
+  const { prVulenrabilities: fixesFromDiff, fixesById } = params;
+  const { vulnerabilityReportIssueCodeNodes, fixablePrVuls } = fixesFromDiff;
+  const title = `# ${MobbIconMarkdown} ${fixablePrVuls} ${fixablePrVuls === 1 ? "fix is" : "fixes are"} ready to be committed`;
+  const summary = Object.entries(
+    // count every issue type
+    vulnerabilityReportIssueCodeNodes.reduce(
+      (result, vulnerabilityReportIssueCodeNode) => {
+        const { vulnerabilityReportIssue } = vulnerabilityReportIssueCodeNode;
+        const fix = fixesById[vulnerabilityReportIssue.fixId];
+        if (!fix) {
+          throw new Error(`fix ${vulnerabilityReportIssue.fixId} not found`);
+        }
+        const issueType = getIssueType(fix.issueType);
+        const vulnerabilityReportIssueCount = (result[issueType] || 0) + 1;
+        return {
+          ...result,
+          [issueType]: vulnerabilityReportIssueCount
+        };
+      },
+      {}
+    )
+  ).map(([issueType, issueTypeCount]) => `**${issueType}** - ${issueTypeCount}`);
+  return `${title}
+${summary.join("\n")}`;
+}
 async function handleFinishedAnalysis({
   analysisId,
   scm: _scm,
   gqlClient,
-  githubActionOctokit,
+  githubActionToken,
   scanner
 }) {
+  const githubActionOctokit = new Octokit3({ auth: githubActionToken });
   if (_scm instanceof GithubSCMLib === false) {
     return;
   }
@@ -3462,17 +3661,59 @@ async function handleFinishedAnalysis({
   } = getAnalysis.analysis;
   const { commitSha, pullRequest } = getAnalysis.analysis.repo;
   const diff = await scm.getPrDiff({ pull_number: pullRequest });
-  const { vulnerabilityReportIssueCodeNodes } = await getFixesFromDiff({
+  const prVulenrabilities = await getRelevantVulenrabilitiesFromDiff({
     diff,
     gqlClient,
     vulnerabilityReportId: getAnalysis.analysis.vulnerabilityReportId
   });
-  const comments = await scm.getPrComments(
-    { pull_number: pullRequest },
-    githubActionOctokit
+  const { vulnerabilityReportIssueCodeNodes } = prVulenrabilities;
+  const fixesId = vulnerabilityReportIssueCodeNodes.map(
+    ({ vulnerabilityReportIssue: { fixId } }) => fixId
   );
-  await Promise.all(
-    comments.data.filter((comment) => {
+  const fixesById = await getFixesData({ fixesId, gqlClient });
+  const [comments, generalPrComments] = await Promise.all([
+    scm.getPrComments({ pull_number: pullRequest }, githubActionOctokit),
+    scm.getGeneralPrComments(
+      { prNumber: pullRequest },
+      { authToken: githubActionToken }
+    )
+  ]);
+  async function postAnalysisSummary() {
+    if (Object.values(fixesById).length === 0) {
+      return;
+    }
+    const analysisSummaryComment = buildAnalysisSummaryComment({
+      fixesById,
+      prVulenrabilities
+    });
+    await scm.postGeneralPrComment(
+      {
+        body: analysisSummaryComment,
+        prNumber: pullRequest
+      },
+      { authToken: githubActionToken }
+    );
+  }
+  function deleteAllPreviousGeneralPrComments() {
+    return generalPrComments.data.filter((comment) => {
+      if (!comment.body) {
+        return false;
+      }
+      return comment.body.includes(MOBB_ICON_IMG);
+    }).map((comment) => {
+      try {
+        return scm.deleteGeneralPrComment(
+          { commentId: comment.id },
+          { authToken: githubActionToken }
+        );
+      } catch (e) {
+        debug4("delete comment failed %s", e);
+        return Promise.resolve();
+      }
+    });
+  }
+  function deleteAllPreviousComments() {
+    return comments.data.filter((comment) => {
       return comment.body.includes(MOBB_ICON_IMG);
     }).map((comment) => {
       try {
@@ -3484,70 +3725,154 @@ async function handleFinishedAnalysis({
         debug4("delete comment failed %s", e);
         return Promise.resolve();
       }
-    })
-  );
-  return Promise.all(
-    vulnerabilityReportIssueCodeNodes.map(
-      async (vulnerabilityReportIssueCodeNodes2) => {
-        const { path: path9, startLine, vulnerabilityReportIssue } = vulnerabilityReportIssueCodeNodes2;
-        const { fixId } = vulnerabilityReportIssue;
-        const { fix_by_pk } = await gqlClient.getFix(fixId);
-        const {
-          patchAndQuestions: { patch }
-        } = fix_by_pk;
-        const commentRes = await scm.postPrComment(
-          {
-            body: "empty",
-            pull_number: pullRequest,
-            commit_id: commitSha,
-            path: path9,
-            line: startLine
-          },
-          githubActionOctokit
-        );
-        const commentId = commentRes.data.id;
-        const commitUrl = getCommitUrl({
-          appBaseUrl: WEB_APP_URL,
-          fixId: fix_by_pk.id,
-          projectId,
-          analysisId,
-          organizationId,
-          redirectUrl: commentRes.data.html_url,
-          commentId
-        });
-        const fixUrl = getFixUrlWithRedirect({
-          appBaseUrl: WEB_APP_URL,
-          fixId: fix_by_pk.id,
-          projectId,
-          analysisId,
-          organizationId,
-          redirectUrl: commentRes.data.html_url,
-          commentId
-        });
-        const scanerString = scannerToFriendlyString(scanner);
-        const issueType = getIssueType(fix_by_pk.issueType);
-        const title = `# ![image](${MOBB_ICON_IMG}) ${issueType} fix is ready`;
-        const subTitle = `### Apply the following code change to fix ${issueType} issue detected by ${scanerString}:`;
-        const diff2 = `\`\`\`diff
+    });
+  }
+  await Promise.all([
+    ...deleteAllPreviousComments(),
+    ...deleteAllPreviousGeneralPrComments()
+  ]);
+  async function postFixComment(vulnerabilityReportIssueCodeNode) {
+    const {
+      path: path9,
+      startLine,
+      vulnerabilityReportIssue: { fixId }
+    } = vulnerabilityReportIssueCodeNode;
+    const fix = fixesById[fixId];
+    if (!fix) {
+      throw new Error(`fix ${fixId} not found`);
+    }
+    const {
+      patchAndQuestions: { patch }
+    } = fix;
+    const commentRes = await scm.postPrComment(
+      {
+        body: "empty",
+        pull_number: pullRequest,
+        commit_id: commitSha,
+        path: path9,
+        line: startLine
+      },
+      githubActionOctokit
+    );
+    const commentId = commentRes.data.id;
+    const commitUrl = getCommitUrl({
+      appBaseUrl: WEB_APP_URL,
+      fixId,
+      projectId,
+      analysisId,
+      organizationId,
+      redirectUrl: commentRes.data.html_url,
+      commentId
+    });
+    const fixUrl = getFixUrlWithRedirect({
+      appBaseUrl: WEB_APP_URL,
+      fixId,
+      projectId,
+      analysisId,
+      organizationId,
+      redirectUrl: commentRes.data.html_url,
+      commentId
+    });
+    const scanerString = scannerToFriendlyString(scanner);
+    const issueType = getIssueType(fix.issueType);
+    const title = `# ${MobbIconMarkdown} ${issueType} fix is ready`;
+    const subTitle = `### Apply the following code change to fix ${issueType} issue detected by **${scanerString}**:`;
+    const diff2 = `\`\`\`diff
 ${patch} 
 \`\`\``;
-        const fixPageLink = `[Learn more and fine tune the fix](${fixUrl})`;
-        await scm.updatePrComment(
-          {
-            body: `${title}
+    const fixPageLink = `[Learn more and fine tune the fix](${fixUrl})`;
+    await scm.updatePrComment(
+      {
+        body: `${title}
 ${subTitle}
 ${diff2}
 ${commitFixButton(
-              commitUrl
-            )}
+          commitUrl
+        )}
 ${fixPageLink}`,
-            comment_id: commentId
-          },
-          githubActionOctokit
-        );
-      }
-    )
-  );
+        comment_id: commentId
+      },
+      githubActionOctokit
+    );
+  }
+  async function postAnalysisInsightComment() {
+    const scanerString = scannerToFriendlyString(scanner);
+    const {
+      totalPrVulnerabilities,
+      vulnerabilitiesOutsidePr,
+      fixablePrVuls,
+      nonFixablePrVuls
+    } = prVulenrabilities;
+    debug4({
+      fixablePrVuls,
+      nonFixablePrVuls,
+      vulnerabilitiesOutsidePr,
+      totalPrVulnerabilities
+    });
+    if (totalPrVulnerabilities === 0 && vulnerabilitiesOutsidePr === 0) {
+      const body = `Awesome! No vulnerabilities were found  by **${scanerString}**`;
+      const noVulsFoundComment = `${noVulnerabilitiesFoundTitle}
+${body}`;
+      await scm.postGeneralPrComment(
+        {
+          body: noVulsFoundComment,
+          prNumber: pullRequest
+        },
+        { authToken: githubActionToken }
+      );
+      return;
+    }
+    if (totalPrVulnerabilities === 0 && vulnerabilitiesOutsidePr > 0) {
+      const body = `Awesome! No vulnerabilities were found by **${scanerString}** in the changes made as part of this PR.`;
+      const body2 = `Please notice there are issues in this repo that are unrelated to this PR.`;
+      const noVulsFoundComment = `${noVulnerabilitiesFoundTitle}
+${body}
+${body2}`;
+      await scm.postGeneralPrComment(
+        {
+          body: noVulsFoundComment,
+          prNumber: pullRequest
+        },
+        { authToken: githubActionToken }
+      );
+      return;
+    }
+    if (fixablePrVuls === 0 && nonFixablePrVuls > 0) {
+      const title = `# ${MobbIconMarkdown} We couldn't fix the issues detected by **${scanerString}**`;
+      const body = `Mobb Fixer gets better and better every day, but unfortunately your current issues aren't supported yet.`;
+      const noFixableVulsComment = `${title}
+${body}
+${contactUsMarkdown}`;
+      await scm.postGeneralPrComment(
+        {
+          body: noFixableVulsComment,
+          prNumber: pullRequest
+        },
+        { authToken: githubActionToken }
+      );
+      return;
+    }
+    if (fixablePrVuls < nonFixablePrVuls && fixablePrVuls > 0) {
+      const title = `# ${MobbIconMarkdown} We couldn't fix some of the issues detected by **${scanerString}**`;
+      const body = "Mobb Fixer gets better and better every day, but unfortunately your current issues aren't supported yet.";
+      const fixableVulsComment = `${title}
+${body}
+${contactUsMarkdown}`;
+      await scm.postGeneralPrComment(
+        {
+          body: fixableVulsComment,
+          prNumber: pullRequest
+        },
+        { authToken: githubActionToken }
+      );
+      return;
+    }
+  }
+  await Promise.all([
+    ...prVulenrabilities.vulnerabilityReportIssueCodeNodes.map(postFixComment),
+    postAnalysisInsightComment(),
+    postAnalysisSummary()
+  ]);
 }
 
 // src/features/analysis/pack.ts
@@ -4162,7 +4487,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
         analysisId,
         gqlClient,
         scm,
-        githubActionOctokit: new Octokit3({ auth: githubActionToken }),
+        githubActionToken: z10.string().parse(githubActionToken),
         scanner: z10.nativeEnum(SCANNERS).parse(scanner)
       })
     );

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "0.0.84",
+  "version": "0.0.85",
   "description": "Automated secure code remediation tool",
   "repository": "https://github.com/mobb-dev/bugsy",
   "main": "dist/index.js",