mobbdev 1.0.1 → 1.0.2

package/dist/index.mjs

@@ -21,12 +21,16 @@ var mobbCliCommand = {
 };
 
 // src/args/yargs.ts
-import chalk9 from "chalk";
+import chalk10 from "chalk";
 import yargs from "yargs/yargs";
 
 // src/args/commands/analyze.ts
 import fs5 from "node:fs";
 
+// src/commands/index.ts
+import crypto from "node:crypto";
+import os from "node:os";
+
 // src/constants.ts
 import path from "node:path";
 import { fileURLToPath } from "node:url";
@@ -159,6 +163,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
   IssueType_Enum2["RegexInjection"] = "REGEX_INJECTION";
   IssueType_Enum2["SqlInjection"] = "SQL_Injection";
   IssueType_Enum2["Ssrf"] = "SSRF";
+  IssueType_Enum2["StringFormatMisuse"] = "STRING_FORMAT_MISUSE";
   IssueType_Enum2["SystemInformationLeak"] = "SYSTEM_INFORMATION_LEAK";
   IssueType_Enum2["SystemInformationLeakExternal"] = "SYSTEM_INFORMATION_LEAK_EXTERNAL";
   IssueType_Enum2["TrustBoundaryViolation"] = "TRUST_BOUNDARY_VIOLATION";
@@ -414,6 +419,9 @@ var UpdateScmTokenDocument = `
       status
       error
     }
+    ... on RepoUnreachableError {
+      status
+    }
   }
 }
     `;
@@ -731,7 +739,8 @@ var issueTypeMap = {
   ["MISSING_CSP_HEADER" /* MissingCspHeader */]: "Missing CSP Header",
   ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: "Hardcoded Domain in HTML",
   ["HEAP_INSPECTION" /* HeapInspection */]: "Heap Inspection",
-  ["CLIENT_DOM_STORED_CODE_INJECTION" /* ClientDomStoredCodeInjection */]: "Client Code Injection"
+  ["CLIENT_DOM_STORED_CODE_INJECTION" /* ClientDomStoredCodeInjection */]: "Client Code Injection",
+  ["STRING_FORMAT_MISUSE" /* StringFormatMisuse */]: "String Format Misuse"
 };
 var issueTypeZ = z.nativeEnum(IssueType_Enum);
 var getIssueTypeFriendlyString = (issueType) => {
@@ -1337,9 +1346,7 @@ var progressMassages = {
 var VUL_REPORT_DIGEST_TIMEOUT_MS = 1e3 * 60 * 30;
 
 // src/features/analysis/index.ts
-import crypto from "node:crypto";
 import fs4 from "node:fs";
-import os from "node:os";
 import path7 from "node:path";
 import { pipeline } from "node:stream/promises";
 
@@ -1698,7 +1705,8 @@ var fixDetailsData = {
   ["CLIENT_DOM_STORED_CODE_INJECTION" /* ClientDomStoredCodeInjection */]: {
     issueDescription: "Client DOM Stored Code Injection is a client-side security vulnerability where malicious JavaScript code gets stored in the DOM and later executed when retrieved by legitimate scripts.",
     fixInstructions: "Update the code to avoid the possibility for malicious JavaScript code to get stored in the DOM."
-  }
+  },
+  ["STRING_FORMAT_MISUSE" /* StringFormatMisuse */]: void 0
 };
 
 // src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
@@ -7444,16 +7452,16 @@ function createSpwan({ args, processPath, name }, options) {
   return createChildProcess({ childProcess: child, name }, options);
 }
 function createChildProcess({ childProcess, name }, options) {
-  const debug16 = Debug12(`mobbdev:${name}`);
+  const debug17 = Debug12(`mobbdev:${name}`);
   const { display } = options;
   return new Promise((resolve, reject) => {
     let out = "";
     const onData = (chunk) => {
-      debug16(`chunk received from ${name} std ${chunk}`);
+      debug17(`chunk received from ${name} std ${chunk}`);
       out += chunk;
     };
     if (!childProcess || !childProcess?.stdout || !childProcess?.stderr) {
-      debug16(`unable to fork ${name}`);
+      debug17(`unable to fork ${name}`);
       reject(new Error(`unable to fork ${name}`));
     }
     childProcess.stdout?.on("data", onData);
@@ -7463,11 +7471,11 @@ function createChildProcess({ childProcess, name }, options) {
       childProcess.stderr?.pipe(process2.stderr);
     }
     childProcess.on("exit", (code) => {
-      debug16(`${name} exit code ${code}`);
+      debug17(`${name} exit code ${code}`);
       resolve({ message: out, code });
     });
     childProcess.on("error", (err) => {
-      debug16(`${name} error %o`, err);
+      debug17(`${name} error %o`, err);
       reject(err);
     });
   });
@@ -7691,8 +7699,7 @@ async function uploadFile({
 }
 
 // src/features/analysis/index.ts
-var { CliError: CliError2, Spinner: Spinner2, keypress: keypress2 } = utils_exports;
-var webLoginUrl = `${WEB_APP_URL}/cli-login`;
+var { CliError: CliError2, Spinner: Spinner2 } = utils_exports;
 function _getScanSource(command) {
   if (command === "review")
     return "AUTO_FIXER" /* AutoFixer */;
@@ -7735,11 +7742,6 @@ async function downloadRepo({
   repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
   return path7.join(dirname, repoRoot);
 }
-var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
-var LOGIN_CHECK_DELAY = 5 * 1e3;
-var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk4.bgBlue(
-  "press any key to continue"
-)};`;
 var getReportUrl = ({
   organizationId,
   projectId,
@@ -7896,7 +7898,11 @@ async function _scan(params, { skipPrompts = false } = {}) {
     apiKey: apiKey || config2.get("apiToken"),
     type: "apiKey"
   });
-  await handleMobbLogin();
+  gqlClient = await handleMobbLogin({
+    inGqlClient: gqlClient,
+    skipPrompts,
+    apiKey
+  });
   const { projectId, organizationId } = await gqlClient.getOrgAndProjectId({
     projectName: mobbProjectName,
     userDefinedOrganizationId: userOrganizationId
@@ -8038,69 +8044,6 @@ async function _scan(params, { skipPrompts = false } = {}) {
       chalk4.bgBlue("\n\n  My work here is done for now, see you soon! \u{1F575}\uFE0F\u200D\u2642\uFE0F  ")
     );
   }
-  async function handleMobbLogin() {
-    if (await gqlClient.verifyToken()) {
-      createSpinner4().start().success({
-        text: "\u{1F513} Logged in to Mobb successfully"
-      });
-      return;
-    } else if (apiKey) {
-      createSpinner4().start().error({
-        text: "\u{1F513} Logged in to Mobb failed - check your api-key"
-      });
-      throw new CliError2();
-    }
-    const loginSpinner = createSpinner4().start();
-    if (!skipPrompts) {
-      loginSpinner.update({ text: MOBB_LOGIN_REQUIRED_MSG });
-      await keypress2();
-    }
-    loginSpinner.update({
-      text: "\u{1F513} Waiting for Mobb login..."
-    });
-    const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
-      modulusLength: 2048
-    });
-    const loginId = await gqlClient.createCliLogin({
-      publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
-    });
-    const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
-    !ci && console.log(
-      `If the page does not open automatically, kindly access it through ${browserUrl}.`
-    );
-    await open2(browserUrl);
-    let newApiToken = null;
-    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
-      const encryptedApiToken = await gqlClient.getEncryptedApiToken({
-        loginId
-      });
-      loginSpinner.spin();
-      if (encryptedApiToken) {
-        debug15("encrypted API token received %s", encryptedApiToken);
-        newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
-        debug15("API token decrypted");
-        break;
-      }
-      await sleep(LOGIN_CHECK_DELAY);
-    }
-    if (!newApiToken) {
-      loginSpinner.error({
-        text: "Login timeout error"
-      });
-      throw new CliError2();
-    }
-    gqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
-    if (await gqlClient.verifyToken()) {
-      debug15("set api token %s", newApiToken);
-      config2.set("apiToken", newApiToken);
-      loginSpinner.success({ text: "\u{1F513} Login to Mobb successful!" });
-    } else {
-      loginSpinner.error({
-        text: "Something went wrong, API token is invalid."
-      });
-      throw new CliError2();
-    }
-  }
   async function handleScmIntegration(oldToken, scmAuthUrl2, repoUrl) {
     const scmLibType = getCloudScmLibTypeFromUrl(repoUrl);
     const scmName = scmLibType === "GITHUB" /* GITHUB */ ? "Github" : scmLibType === "GITLAB" /* GITLAB */ ? "Gitlab" : scmLibType === "ADO" /* ADO */ ? "Azure DevOps" : "";
@@ -8284,8 +8227,12 @@ async function _scan(params, { skipPrompts = false } = {}) {
 }
 
 // src/commands/index.ts
+import chalk5 from "chalk";
 import chalkAnimation from "chalk-animation";
 import Configstore2 from "configstore";
+import Debug17 from "debug";
+import open3 from "open";
+var debug16 = Debug17("mobbdev:commands");
 async function review(params, { skipPrompts = true } = {}) {
   const {
     repo,
@@ -8350,21 +8297,37 @@ async function analyze({
 }
 var config3 = new Configstore2(packageJson.name, { apiToken: "" });
 async function addScmToken(addScmTokenOptions) {
-  const { apiKey, token, organization, scmType, url, refreshToken } = addScmTokenOptions;
-  const gqlClient = new GQLClient({
+  const { apiKey, token, organization, scmType, url, refreshToken, ci } = addScmTokenOptions;
+  let gqlClient = new GQLClient({
     apiKey: apiKey || config3.get("apiToken"),
     type: "apiKey"
   });
+  gqlClient = await handleMobbLogin({
+    inGqlClient: gqlClient,
+    skipPrompts: ci,
+    apiKey
+  });
   if (!scmType) {
     throw new CliError(errorMessages.invalidScmType);
   }
-  await gqlClient.updateScmToken({
+  const resp = await gqlClient.updateScmToken({
     scmType,
     url,
     token,
     org: organization,
     refreshToken
   });
+  if (resp.updateScmToken?.__typename === "RepoUnreachableError") {
+    throw new CliError(
+      "Mobb could not reach the repository. Please try again. If Mobb is connected through a broker, please make sure the broker is connected."
+    );
+  } else if (resp.updateScmToken?.__typename === "BadScmCredentials") {
+    throw new CliError("Invalid SCM credentials. Please try again.");
+  } else if (resp.updateScmToken?.__typename === "ScmAccessTokenUpdateSuccess") {
+    console.log("Token added successfully");
+  } else {
+    throw new CliError("Unexpected error, failed to add token");
+  }
 }
 async function scan(scanOptions, { skipPrompts = false } = {}) {
   const { scanner, ci } = scanOptions;
@@ -8390,34 +8353,109 @@ async function showWelcomeMessage(skipPrompts = false) {
   skipPrompts ? await sleep(100) : await sleep(2e3);
   welcome.stop();
 }
+var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
+var LOGIN_CHECK_DELAY = 5 * 1e3;
+var webLoginUrl = `${WEB_APP_URL}/cli-login`;
+var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk5.bgBlue(
+  "press any key to continue"
+)};`;
+async function handleMobbLogin({
+  inGqlClient,
+  apiKey,
+  skipPrompts
+}) {
+  const { createSpinner: createSpinner4 } = Spinner({ ci: skipPrompts });
+  if (await inGqlClient.verifyToken()) {
+    createSpinner4().start().success({
+      text: "\u{1F513} Logged in to Mobb successfully"
+    });
+    return inGqlClient;
+  } else if (apiKey) {
+    createSpinner4().start().error({
+      text: "\u{1F513} Logged in to Mobb failed - check your api-key"
+    });
+    throw new CliError();
+  }
+  const loginSpinner = createSpinner4().start();
+  if (!skipPrompts) {
+    loginSpinner.update({ text: MOBB_LOGIN_REQUIRED_MSG });
+    await keypress();
+  }
+  loginSpinner.update({
+    text: "\u{1F513} Waiting for Mobb login..."
+  });
+  const { publicKey, privateKey } = crypto.generateKeyPairSync("rsa", {
+    modulusLength: 2048
+  });
+  const loginId = await inGqlClient.createCliLogin({
+    publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
+  });
+  const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
+  !skipPrompts && console.log(
+    `If the page does not open automatically, kindly access it through ${browserUrl}.`
+  );
+  await open3(browserUrl);
+  let newApiToken = null;
+  for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
+    const encryptedApiToken = await inGqlClient.getEncryptedApiToken({
+      loginId
+    });
+    loginSpinner.spin();
+    if (encryptedApiToken) {
+      debug16("encrypted API token received %s", encryptedApiToken);
+      newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
+      debug16("API token decrypted");
+      break;
+    }
+    await sleep(LOGIN_CHECK_DELAY);
+  }
+  if (!newApiToken) {
+    loginSpinner.error({
+      text: "Login timeout error"
+    });
+    throw new CliError();
+  }
+  const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
+  if (await newGqlClient.verifyToken()) {
+    debug16("set api token %s", newApiToken);
+    config3.set("apiToken", newApiToken);
+    loginSpinner.success({ text: "\u{1F513} Login to Mobb successful!" });
+  } else {
+    loginSpinner.error({
+      text: "Something went wrong, API token is invalid."
+    });
+    throw new CliError();
+  }
+  return newGqlClient;
+}
 
 // src/args/commands/analyze.ts
-import chalk7 from "chalk";
+import chalk8 from "chalk";
 
 // src/args/options.ts
-import chalk5 from "chalk";
+import chalk6 from "chalk";
 var repoOption = {
   alias: "r",
   demandOption: true,
   type: "string",
-  describe: chalk5.bold("Github / GitLab / Azure DevOps repository URL")
+  describe: chalk6.bold("Github / GitLab / Azure DevOps repository URL")
 };
 var projectNameOption = {
   type: "string",
-  describe: chalk5.bold("Checkmarx project name (when scanning with Checkmarx)")
+  describe: chalk6.bold("Checkmarx project name (when scanning with Checkmarx)")
 };
 var yesOption = {
   alias: "yes",
   type: "boolean",
-  describe: chalk5.bold("Skip prompts and use default values")
+  describe: chalk6.bold("Skip prompts and use default values")
 };
 var refOption = {
-  describe: chalk5.bold("reference of the repository (branch, tag, commit)"),
+  describe: chalk6.bold("reference of the repository (branch, tag, commit)"),
   type: "string",
   demandOption: false
 };
 var organizationIdOptions = {
-  describe: chalk5.bold("Organization id"),
+  describe: chalk6.bold("Organization id"),
   alias: "organization-id",
   type: "string",
   demandOption: false
@@ -8425,15 +8463,15 @@ var organizationIdOptions = {
 var scannerOptions = {
   alias: "s",
   choices: Object.values(SCANNERS),
-  describe: chalk5.bold("Select the scanner to use")
+  describe: chalk6.bold("Select the scanner to use")
 };
 var mobbProjectNameOption = {
   type: "string",
-  describe: chalk5.bold("Mobb project name"),
+  describe: chalk6.bold("Mobb project name"),
   default: PROJECT_DEFAULT_NAME
 };
 var ciOption = {
-  describe: chalk5.bold(
+  describe: chalk6.bold(
     "Run in CI mode, prompts and browser will not be opened"
   ),
   type: "boolean",
@@ -8441,46 +8479,46 @@ var ciOption = {
 };
 var apiKeyOption = {
   type: "string",
-  describe: chalk5.bold("Mobb authentication api-key")
+  describe: chalk6.bold("Mobb authentication api-key")
 };
 var commitHashOption = {
   alias: "ch",
-  describe: chalk5.bold("Hash of the commit"),
+  describe: chalk6.bold("Hash of the commit"),
   type: "string"
 };
 var autoPrOption = {
-  describe: chalk5.bold("Enable automatic pull requests for new fixes"),
+  describe: chalk6.bold("Enable automatic pull requests for new fixes"),
   type: "boolean",
   default: false
 };
 var scmTypeOption = {
   demandOption: true,
-  describe: chalk5.bold("SCM type"),
+  describe: chalk6.bold("SCM type"),
   choices: Object.values(ScmType)
 };
 var urlOption = {
-  describe: chalk5.bold(
+  describe: chalk6.bold(
     `URL of the repository (used in ${Object.values(ScmType).join(", ")})`
   ),
   type: "string",
   demandOption: true
 };
 var scmOrgOption = {
-  describe: chalk5.bold("Organization name in SCM (used in Azure DevOps)"),
+  describe: chalk6.bold("Organization name in SCM (used in Azure DevOps)"),
   type: "string"
 };
 var scmRefreshTokenOption = {
-  describe: chalk5.bold("SCM refresh token (used in GitLab)"),
+  describe: chalk6.bold("SCM refresh token (used in GitLab)"),
   type: "string"
 };
 var scmTokenOption = {
-  describe: chalk5.bold("SCM API token"),
+  describe: chalk6.bold("SCM API token"),
   type: "string",
   demandOption: true
 };
 
 // src/args/validation.ts
-import chalk6 from "chalk";
+import chalk7 from "chalk";
 import path8 from "path";
 import { z as z23 } from "zod";
 function throwRepoUrlErrorMessage({
@@ -8490,11 +8528,11 @@ function throwRepoUrlErrorMessage({
 }) {
   const errorMessage = error.issues[error.issues.length - 1]?.message;
   const formattedErrorMessage = `
-Error: ${chalk6.bold(
+Error: ${chalk7.bold(
     repoUrl
   )} is ${errorMessage}
 Example: 
-	mobbdev ${command} -r ${chalk6.bold(
+	mobbdev ${command} -r ${chalk7.bold(
     "https://github.com/WebGoat/WebGoat"
   )}`;
   throw new CliError(formattedErrorMessage);
@@ -8528,9 +8566,9 @@ function validateReportFileFormat(reportFile) {
   if (!supportExtensions.includes(path8.extname(reportFile))) {
     throw new CliError(
       `
-${chalk6.bold(
+${chalk7.bold(
         reportFile
-      )} is not a supported file extension. Supported extensions are: ${chalk6.bold(
+      )} is not a supported file extension. Supported extensions are: ${chalk7.bold(
         supportExtensions.join(", ")
       )}
 `
@@ -8544,18 +8582,18 @@ function analyzeBuilder(yargs2) {
     alias: "scan-file",
     demandOption: true,
     type: "string",
-    describe: chalk7.bold(
+    describe: chalk8.bold(
       "Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube)"
     )
   }).option("repo", repoOption).option("p", {
     alias: "src-path",
-    describe: chalk7.bold(
+    describe: chalk8.bold(
       "Path to the repository folder with the source code"
     ),
     type: "string"
   }).option("ref", refOption).option("ch", {
     alias: "commit-hash",
-    describe: chalk7.bold("Hash of the commit"),
+    describe: chalk8.bold("Hash of the commit"),
     type: "string"
   }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("org", organizationIdOptions).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).option("auto-pr", autoPrOption).example(
     "$0 analyze -r https://github.com/WebGoat/WebGoat -f <your_vulirabitliy_report_path>",
@@ -8565,7 +8603,7 @@ function analyzeBuilder(yargs2) {
 function validateAnalyzeOptions(argv) {
   if (!fs5.existsSync(argv.f)) {
     throw new CliError(`
-Can't access ${chalk7.bold(argv.f)}`);
+Can't access ${chalk8.bold(argv.f)}`);
   }
   validateOrganizationId(argv.organizationId);
   if (!argv.srcPath && !argv.repo) {
@@ -8586,32 +8624,32 @@ async function analyzeHandler(args) {
 
 // src/args/commands/review.ts
 import fs6 from "node:fs";
-import chalk8 from "chalk";
+import chalk9 from "chalk";
 function reviewBuilder(yargs2) {
   return yargs2.option("f", {
     alias: "scan-file",
     demandOption: true,
     type: "string",
-    describe: chalk8.bold(
+    describe: chalk9.bold(
       "Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube)"
     )
   }).option("repo", { ...repoOption, demandOption: true }).option("scanner", { ...scannerOptions, demandOption: true }).option("ref", { ...refOption, demandOption: true }).option("ch", {
     alias: "commit-hash",
-    describe: chalk8.bold("Hash of the commit"),
+    describe: chalk9.bold("Hash of the commit"),
     type: "string",
     demandOption: true
   }).option("mobb-project-name", mobbProjectNameOption).option("api-key", { ...apiKeyOption, demandOption: true }).option("commit-hash", { ...commitHashOption, demandOption: true }).option("github-token", {
-    describe: chalk8.bold("Github action token"),
+    describe: chalk9.bold("Github action token"),
     type: "string",
     demandOption: true
   }).option("pull-request", {
     alias: "pr",
-    describe: chalk8.bold("Number of the pull request"),
+    describe: chalk9.bold("Number of the pull request"),
     type: "number",
     demandOption: true
   }).option("p", {
     alias: "src-path",
-    describe: chalk8.bold(
+    describe: chalk9.bold(
       "Path to the repository folder with the source code"
     ),
     type: "string",
@@ -8624,7 +8662,7 @@ function reviewBuilder(yargs2) {
 function validateReviewOptions(argv) {
   if (!fs6.existsSync(argv.f)) {
     throw new CliError(`
-Can't access ${chalk8.bold(argv.f)}`);
+Can't access ${chalk9.bold(argv.f)}`);
   }
   validateRepoUrl(argv);
   validateReportFileFormat(argv.f);
@@ -8661,7 +8699,7 @@ async function scanHandler(args) {
 
 // src/args/commands/token.ts
 function addScmTokenBuilder(args) {
-  return args.option("scm-type", scmTypeOption).option("url", urlOption).option("token", scmTokenOption).option("organization", scmOrgOption).option("refresh-token", scmRefreshTokenOption).option("api-key", apiKeyOption).example(
+  return args.option("scm-type", scmTypeOption).option("url", urlOption).option("token", scmTokenOption).option("organization", scmOrgOption).option("refresh-token", scmRefreshTokenOption).option("api-key", apiKeyOption).option("ci", ciOption).example(
     "$0 add-scm-token --scm-type Ado --url https://dev.azure.com/adoorg/test/_git/repo --token abcdef0123456 --organization myOrg",
     `Add your SCM (${Object.values(scmFriendlyText).join(", ")}) token to Mobb to enable automated fixes.`
   ).help().demandOption(["url", "token"]);
@@ -8698,42 +8736,42 @@ async function addScmTokenHandler(args) {
 var parseArgs = async (args) => {
   const yargsInstance = yargs(args);
   return yargsInstance.updateStrings({
-    "Commands:": chalk9.yellow.underline.bold("Commands:"),
-    "Options:": chalk9.yellow.underline.bold("Options:"),
-    "Examples:": chalk9.yellow.underline.bold("Examples:"),
-    "Show help": chalk9.bold("Show help")
+    "Commands:": chalk10.yellow.underline.bold("Commands:"),
+    "Options:": chalk10.yellow.underline.bold("Options:"),
+    "Examples:": chalk10.yellow.underline.bold("Examples:"),
+    "Show help": chalk10.bold("Show help")
   }).usage(
-    `${chalk9.bold(
+    `${chalk10.bold(
       "\n Bugsy - Trusted, Automatic Vulnerability Fixer \u{1F575}\uFE0F\u200D\u2642\uFE0F\n\n"
-    )} ${chalk9.yellow.underline.bold("Usage:")} 
-  $0 ${chalk9.green(
+    )} ${chalk10.yellow.underline.bold("Usage:")} 
+  $0 ${chalk10.green(
       "<command>"
-    )} ${chalk9.dim("[options]")}
+    )} ${chalk10.dim("[options]")}
             `
   ).version(false).command(
     mobbCliCommand.scan,
-    chalk9.bold(
+    chalk10.bold(
       "Scan your code for vulnerabilities, get automated fixes right away."
     ),
     scanBuilder,
     scanHandler
   ).command(
     mobbCliCommand.analyze,
-    chalk9.bold(
+    chalk10.bold(
       "Provide a vulnerability report and relevant code repository, get automated fixes right away."
     ),
     analyzeBuilder,
     analyzeHandler
   ).command(
     mobbCliCommand.review,
-    chalk9.bold(
+    chalk10.bold(
       "Mobb will review your github pull requests and provide comments with fixes "
     ),
     reviewBuilder,
     reviewHandler
   ).command(
     mobbCliCommand.addScmToken,
-    chalk9.bold(
+    chalk10.bold(
       "Add your SCM (Github, Gitlab, Azure DevOps) token to Mobb to enable automated fixes."
     ),
     addScmTokenBuilder,
@@ -8746,7 +8784,7 @@ var parseArgs = async (args) => {
     handler() {
       yargsInstance.showHelp();
     }
-  }).strictOptions().help("h").alias("h", "help").epilog(chalk9.bgBlue("Made with \u2764\uFE0F by Mobb")).showHelpOnFail(true).wrap(Math.min(120, yargsInstance.terminalWidth())).parse();
+  }).strictOptions().help("h").alias("h", "help").epilog(chalk10.bgBlue("Made with \u2764\uFE0F by Mobb")).showHelpOnFail(true).wrap(Math.min(120, yargsInstance.terminalWidth())).parse();
 };
 
 // src/index.ts

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.1",
+  "version": "1.0.2",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",