mobbdev 1.0.101 → 1.0.102

package/dist/index.mjs

@@ -280,7 +280,10 @@ var RepoNoTokenAccessError = class extends Error {
   }
 };
 
-// src/features/analysis/scm/shared/src/types/fix.ts
+// src/features/analysis/scm/utils/index.ts
+import { z as z14 } from "zod";
+
+// src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
 import { z as z2 } from "zod";
 
 // src/features/analysis/scm/generates/client_generates.ts
@@ -1130,934 +1133,6 @@ function getSdk(client, withWrapper = defaultWrapper) {
   };
 }
 
-// src/features/analysis/scm/shared/src/types/shared.ts
-import { z } from "zod";
-var ParsedSeverityZ = z.nativeEnum(Vulnerability_Severity_Enum).nullish().transform((i) => i ?? "low" /* Low */);
-var ScmSubmitFixRequestsZ = z.array(
-  z.object({
-    scmSubmitFixRequest: z.object({
-      submitFixRequest: z.object({
-        createdByUser: z.object({
-          email: z.string()
-        }),
-        targetBranchName: z.string().default("")
-      }),
-      prUrl: z.string().nullable(),
-      prStatus: z.nativeEnum(Pr_Status_Enum).nullable(),
-      commitUrl: z.string().nullable(),
-      scmId: z.string()
-    })
-  })
-);
-
-// src/features/analysis/scm/shared/src/types/fix.ts
-var PackageInfoZ = z2.object({
-  name: z2.string(),
-  version: z2.string(),
-  envName: z2.string().nullable()
-});
-var ManifestActionRequiredZ = z2.object({
-  action: z2.nativeEnum(ManifestAction),
-  language: z2.nativeEnum(Language),
-  lib: PackageInfoZ,
-  typesLib: PackageInfoZ.nullable()
-});
-var ExtraContextInternalZ = z2.object({
-  key: z2.string(),
-  value: z2.string().or(z2.boolean()).or(
-    z2.object({
-      int: z2.boolean(),
-      integer: z2.boolean(),
-      string: z2.boolean(),
-      date: z2.boolean()
-    })
-  )
-});
-var FixExtraContextZ = z2.object({
-  fixDescription: z2.string(),
-  manifestActionsRequired: z2.array(ManifestActionRequiredZ),
-  extraContext: z2.array(ExtraContextInternalZ)
-});
-var PatchAndQuestionsZ = z2.object({
-  __typename: z2.literal("FixData"),
-  patch: z2.string(),
-  patchOriginalEncodingBase64: z2.string(),
-  questions: z2.array(
-    z2.object({
-      name: z2.string(),
-      key: z2.string(),
-      index: z2.number(),
-      defaultValue: z2.string(),
-      value: z2.string().nullable(),
-      extraContext: z2.array(ExtraContextInternalZ),
-      inputType: z2.nativeEnum(FixQuestionInputType),
-      options: z2.array(z2.string())
-    })
-  ),
-  extraContext: FixExtraContextZ
-});
-var FixRatingZ = z2.object({
-  voteScore: z2.number(),
-  fixRatingTag: z2.nativeEnum(Fix_Rating_Tag_Enum).nullable().default(null),
-  comment: z2.string().nullable().default(null),
-  updatedDate: z2.string().nullable(),
-  user: z2.object({
-    email: z2.string(),
-    name: z2.string()
-  })
-});
-var FixSharedStateZ = z2.object({
-  state: z2.nativeEnum(Fix_State_Enum),
-  isArchived: z2.boolean(),
-  scmSubmitFixRequests: ScmSubmitFixRequestsZ,
-  fixRatings: z2.array(FixRatingZ).default([])
-}).nullish().transform(
-  (data) => data ? data : {
-    state: "Ready" /* Ready */,
-    isArchived: false,
-    scmSubmitFixRequests: [],
-    fixRatings: []
-  }
-);
-var FixQueryZ = z2.object({
-  __typename: z2.literal("fix").optional(),
-  id: z2.string().uuid(),
-  sharedState: FixSharedStateZ,
-  modifiedBy: z2.string().nullable(),
-  gitBlameLogin: z2.string().nullable(),
-  safeIssueLanguage: z2.string(),
-  safeIssueType: z2.string(),
-  confidence: z2.number(),
-  fixReportId: z2.string().uuid(),
-  isExpired: z2.boolean().default(false),
-  fixFiles: z2.array(
-    z2.object({
-      fileRepoRelativePath: z2.string()
-    })
-  ),
-  numberOfVulnerabilityIssues: z2.number(),
-  severityText: z2.nativeEnum(Vulnerability_Severity_Enum),
-  vulnerabilityReportIssues: z2.array(
-    z2.object({
-      vendorIssueId: z2.string(),
-      issueLanguage: z2.string(),
-      parsedSeverity: ParsedSeverityZ
-    })
-  ),
-  patchAndQuestions: PatchAndQuestionsZ,
-  effortToApplyFix: z2.nativeEnum(Effort_To_Apply_Fix_Enum).nullable()
-});
-var FixPartsForFixScreenZ = FixQueryZ.merge(
-  z2.object({
-    vulnerabilityReportIssues: z2.array(
-      z2.object({
-        vendorIssueId: z2.string(),
-        issueType: z2.string(),
-        issueLanguage: z2.string()
-      })
-    )
-  })
-);
-
-// src/features/analysis/scm/shared/src/types/issue.ts
-import { z as z4 } from "zod";
-
-// src/features/analysis/scm/shared/src/types/analysis.ts
-import { z as z3 } from "zod";
-var FixPageFixReportZ = z3.object({
-  id: z3.string().uuid(),
-  analysisUrl: z3.string(),
-  expirationOn: z3.string(),
-  createdOn: z3.string(),
-  state: z3.nativeEnum(Fix_Report_State_Enum),
-  repo: z3.object({
-    name: z3.string().nullable(),
-    originalUrl: z3.string(),
-    reference: z3.string(),
-    commitSha: z3.string(),
-    isKnownBranch: z3.boolean().nullable()
-  }),
-  vulnerabilityReport: z3.object({
-    vendor: z3.nativeEnum(Vulnerability_Report_Vendor_Enum),
-    vendorReportId: z3.string().uuid().nullable(),
-    projectId: z3.string().uuid(),
-    project: z3.object({
-      organizationId: z3.string().uuid()
-    }),
-    file: z3.object({
-      id: z3.string().uuid(),
-      path: z3.string()
-    }),
-    pending: z3.object({
-      aggregate: z3.object({
-        count: z3.number()
-      })
-    }),
-    supported: z3.object({
-      aggregate: z3.object({
-        count: z3.number()
-      })
-    }),
-    all: z3.object({
-      aggregate: z3.object({
-        count: z3.number()
-      })
-    }),
-    fixable: z3.object({
-      aggregate: z3.object({
-        count: z3.number()
-      })
-    }),
-    errors: z3.object({
-      aggregate: z3.object({
-        count: z3.number()
-      })
-    }),
-    vulnerabilityReportIssues: z3.object({
-      extraData: z3.object({
-        missing_files: z3.string().array().nullish(),
-        large_files: z3.string().array().nullish(),
-        error_files: z3.string().array().nullish()
-      })
-    }).array()
-  })
-});
-
-// src/features/analysis/scm/shared/src/types/issue.ts
-var MAX_SOURCE_CODE_FILE_SIZE_IN_BYTES = 1e5;
-var CATEGORY = {
-  NoFix: "NoFix",
-  Unsupported: "Unsupported",
-  Irrelevant: "Irrelevant",
-  FalsePositive: "FalsePositive",
-  Fixable: "Fixable",
-  Filtered: "Filtered"
-};
-var ValidCategoriesZ = z4.union([
-  z4.literal(CATEGORY.NoFix),
-  z4.literal(CATEGORY.Unsupported),
-  z4.literal(CATEGORY.Irrelevant),
-  z4.literal(CATEGORY.FalsePositive),
-  z4.literal(CATEGORY.Fixable),
-  z4.literal(CATEGORY.Filtered)
-]);
-var VulnerabilityReportIssueSharedStateZ = z4.object({
-  id: z4.string().uuid(),
-  isArchived: z4.boolean()
-}).nullish();
-var BaseIssuePartsZ = z4.object({
-  id: z4.string().uuid(),
-  safeIssueType: z4.string(),
-  safeIssueLanguage: z4.string(),
-  createdAt: z4.string(),
-  parsedSeverity: ParsedSeverityZ,
-  category: ValidCategoriesZ,
-  extraData: z4.object({
-    missing_files: z4.string().array().nullish(),
-    error_files: z4.string().array().nullish()
-  }),
-  vulnerabilityReportIssueTags: z4.array(
-    z4.object({
-      tag: z4.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
-    })
-  ),
-  codeNodes: z4.array(
-    z4.object({
-      path: z4.string(),
-      line: z4.number(),
-      index: z4.number()
-    })
-  ).transform((nodes) => nodes.sort((a, b) => b.index - a.index)),
-  sourceCodeNodes: z4.array(
-    z4.object({
-      sourceCodeFile: z4.object({
-        path: z4.string(),
-        signedFile: z4.object({
-          url: z4.string()
-        })
-      })
-    }).transform(async ({ sourceCodeFile }) => {
-      const { url } = sourceCodeFile.signedFile;
-      const sourceCodeRes = await fetch(url);
-      if (Number(sourceCodeRes.headers.get("Content-Length")) > MAX_SOURCE_CODE_FILE_SIZE_IN_BYTES) {
-        return null;
-      }
-      return {
-        path: sourceCodeFile.path,
-        fileContent: await sourceCodeRes.text()
-      };
-    })
-  ).transform((nodes) => nodes.filter((node) => node !== null)),
-  fix: FixPartsForFixScreenZ.nullish(),
-  vulnerabilityReportIssueNodeDiffFile: z4.object({
-    signedFile: z4.object({
-      url: z4.string()
-    }).transform(async ({ url }) => {
-      const codeDiff = await fetch(url).then((res) => res.text());
-      return { codeDiff };
-    })
-  }).nullish(),
-  sharedState: VulnerabilityReportIssueSharedStateZ
-});
-var FalsePositivePartsZ = z4.object({
-  extraContext: z4.array(z4.object({ key: z4.string(), value: z4.string() })),
-  fixDescription: z4.string()
-});
-var IssuePartsWithFixZ = BaseIssuePartsZ.merge(
-  z4.object({
-    category: z4.literal(CATEGORY.Irrelevant),
-    fix: FixPartsForFixScreenZ.nullish()
-  })
-);
-var IssuePartsFpZ = BaseIssuePartsZ.merge(
-  z4.object({
-    category: z4.literal(CATEGORY.FalsePositive),
-    fpId: z4.string().uuid(),
-    getFalsePositive: FalsePositivePartsZ
-  })
-);
-var GeneralIssueZ = BaseIssuePartsZ.merge(
-  z4.object({
-    category: z4.union([
-      z4.literal(CATEGORY.NoFix),
-      z4.literal(CATEGORY.Unsupported),
-      z4.literal(CATEGORY.Fixable),
-      z4.literal(CATEGORY.Filtered)
-    ])
-  })
-);
-var IssuePartsZ = z4.union([
-  IssuePartsFpZ,
-  IssuePartsWithFixZ,
-  GeneralIssueZ
-]);
-var GetIssueIndexesZ = z4.object({
-  currentIndex: z4.number(),
-  totalIssues: z4.number(),
-  nextIssue: z4.object({
-    id: z4.string().uuid()
-  }).nullish(),
-  prevIssue: z4.object({
-    id: z4.string().uuid()
-  }).nullish()
-});
-var GetIssueScreenDataZ = z4.object({
-  fixReport_by_pk: FixPageFixReportZ,
-  vulnerability_report_issue_by_pk: IssuePartsZ,
-  issueIndexes: GetIssueIndexesZ
-});
-var IssueBucketZ = z4.enum(["fixable", "irrelevant", "remaining"]);
-var mapCategoryToBucket = {
-  FalsePositive: "irrelevant",
-  Irrelevant: "irrelevant",
-  NoFix: "remaining",
-  Unsupported: "remaining",
-  Fixable: "fixable",
-  Filtered: "remaining"
-};
-
-// src/features/analysis/scm/shared/src/types/types.ts
-import { z as z7 } from "zod";
-
-// src/features/analysis/scm/shared/src/validations.ts
-import { z as z6 } from "zod";
-
-// src/features/analysis/scm/shared/src/getIssueType.ts
-import { z as z5 } from "zod";
-var issueTypeMap = {
-  ["NO_LIMITS_OR_THROTTLING" /* NoLimitsOrThrottling */]: "Missing Rate Limiting",
-  ["SQL_Injection" /* SqlInjection */]: "SQL Injection",
-  ["CMDi_relative_path_command" /* CmDiRelativePathCommand */]: "Relative Path Command Injection",
-  ["CMDi" /* CmDi */]: "Command Injection",
-  ["CONFUSING_NAMING" /* ConfusingNaming */]: "Confusing Naming",
-  ["XXE" /* Xxe */]: "XXE",
-  ["XSS" /* Xss */]: "XSS",
-  ["PT" /* Pt */]: "Path Traversal",
-  ["ZIP_SLIP" /* ZipSlip */]: "Zip Slip",
-  ["INSECURE_RANDOMNESS" /* InsecureRandomness */]: "Insecure Randomness",
-  ["SSRF" /* Ssrf */]: "Server Side Request Forgery",
-  ["TYPE_CONFUSION" /* TypeConfusion */]: "Type Confusion",
-  ["REGEX_INJECTION" /* RegexInjection */]: "Regular Expression Injection",
-  ["INCOMPLETE_URL_SANITIZATION" /* IncompleteUrlSanitization */]: "Incomplete URL Sanitization",
-  ["LOCALE_DEPENDENT_COMPARISON" /* LocaleDependentComparison */]: "Locale Dependent Comparison",
-  ["LOG_FORGING" /* LogForging */]: "Log Forging",
-  ["MISSING_CHECK_AGAINST_NULL" /* MissingCheckAgainstNull */]: "Missing Check against Null",
-  ["PASSWORD_IN_COMMENT" /* PasswordInComment */]: "Password in Comment",
-  ["OVERLY_BROAD_CATCH" /* OverlyBroadCatch */]: "Poor Error Handling: Overly Broad Catch",
-  ["USE_OF_SYSTEM_OUTPUT_STREAM" /* UseOfSystemOutputStream */]: "Use of System.out/System.err",
-  ["DANGEROUS_FUNCTION_OVERFLOW" /* DangerousFunctionOverflow */]: "Use of dangerous function",
-  ["DOS_STRING_BUILDER" /* DosStringBuilder */]: "Denial of Service: StringBuilder",
-  ["OPEN_REDIRECT" /* OpenRedirect */]: "Open Redirect",
-  ["WEAK_XML_SCHEMA_UNBOUNDED_OCCURRENCES" /* WeakXmlSchemaUnboundedOccurrences */]: "Weak XML Schema: Unbounded Occurrences",
-  ["SYSTEM_INFORMATION_LEAK" /* SystemInformationLeak */]: "System Information Leak",
-  ["SYSTEM_INFORMATION_LEAK_EXTERNAL" /* SystemInformationLeakExternal */]: "External System Information Leak",
-  ["HTTP_RESPONSE_SPLITTING" /* HttpResponseSplitting */]: "HTTP response splitting",
-  ["HTTP_ONLY_COOKIE" /* HttpOnlyCookie */]: "Cookie is not HttpOnly",
-  ["INSECURE_COOKIE" /* InsecureCookie */]: "Insecure Cookie",
-  ["TRUST_BOUNDARY_VIOLATION" /* TrustBoundaryViolation */]: "Trust Boundary Violation",
-  ["NULL_DEREFERENCE" /* NullDereference */]: "Null Dereference",
-  ["UNSAFE_DESERIALIZATION" /* UnsafeDeserialization */]: "Unsafe deserialization",
-  ["INSECURE_BINDER_CONFIGURATION" /* InsecureBinderConfiguration */]: "Insecure Binder Configuration",
-  ["UNSAFE_TARGET_BLANK" /* UnsafeTargetBlank */]: "Unsafe use of target blank",
-  ["IFRAME_WITHOUT_SANDBOX" /* IframeWithoutSandbox */]: "Client use of iframe without sandbox",
-  ["JQUERY_DEPRECATED_SYMBOLS" /* JqueryDeprecatedSymbols */]: "jQuery deprecated symbols",
-  ["MISSING_ANTIFORGERY_VALIDATION" /* MissingAntiforgeryValidation */]: "Missing Anti-Forgery Validation",
-  ["GRAPHQL_DEPTH_LIMIT" /* GraphqlDepthLimit */]: "GraphQL Depth Limit",
-  ["UNCHECKED_LOOP_CONDITION" /* UncheckedLoopCondition */]: "Unchecked Loop Condition",
-  ["IMPROPER_RESOURCE_SHUTDOWN_OR_RELEASE" /* ImproperResourceShutdownOrRelease */]: "Improper Resource Shutdown or Release",
-  ["IMPROPER_EXCEPTION_HANDLING" /* ImproperExceptionHandling */]: "Improper Exception Handling",
-  ["DEFAULT_RIGHTS_IN_OBJ_DEFINITION" /* DefaultRightsInObjDefinition */]: "Default Definer Rights in Package or Object Definition",
-  ["HTML_COMMENT_IN_JSP" /* HtmlCommentInJsp */]: "HTML Comment in JSP",
-  ["ERROR_CONDTION_WITHOUT_ACTION" /* ErrorCondtionWithoutAction */]: "Error Condition Without Action",
-  ["DEPRECATED_FUNCTION" /* DeprecatedFunction */]: "Deprecated Function",
-  ["HARDCODED_SECRETS" /* HardcodedSecrets */]: "Hardcoded Secrets",
-  ["PROTOTYPE_POLLUTION" /* PrototypePollution */]: "Prototype Pollution",
-  ["RACE_CONDITION_FORMAT_FLAW" /* RaceConditionFormatFlaw */]: "Race Condition Format Flaw",
-  ["NON_FINAL_PUBLIC_STATIC_FIELD" /* NonFinalPublicStaticField */]: "Non-final Public Static Field",
-  ["MISSING_HSTS_HEADER" /* MissingHstsHeader */]: "Missing HSTS Header",
-  ["DEAD_CODE_UNUSED_FIELD" /* DeadCodeUnusedField */]: "Dead Code: Unused Field",
-  ["HEADER_MANIPULATION" /* HeaderManipulation */]: "Header Manipulation",
-  ["MISSING_EQUALS_OR_HASHCODE" /* MissingEqualsOrHashcode */]: "Missing equals or hashcode method",
-  ["WCF_MISCONFIGURATION_INSUFFICIENT_LOGGING" /* WcfMisconfigurationInsufficientLogging */]: "WCF Misconfiguration: Insufficient Logging",
-  ["WCF_MISCONFIGURATION_THROTTLING_NOT_ENABLED" /* WcfMisconfigurationThrottlingNotEnabled */]: "WCF Misconfiguration: Throttling Not Enabled",
-  ["USELESS_REGEXP_CHAR_ESCAPE" /* UselessRegexpCharEscape */]: "Useless regular-expression character escape",
-  ["INCOMPLETE_HOSTNAME_REGEX" /* IncompleteHostnameRegex */]: "Incomplete Hostname Regex",
-  ["OVERLY_LARGE_RANGE" /* OverlyLargeRange */]: "Regex: Overly Large Range",
-  ["INSUFFICIENT_LOGGING" /* InsufficientLogging */]: "Insufficient Logging of Sensitive Operations",
-  ["PRIVACY_VIOLATION" /* PrivacyViolation */]: "Privacy Violation",
-  ["INCOMPLETE_URL_SCHEME_CHECK" /* IncompleteUrlSchemeCheck */]: "Incomplete URL Scheme Check",
-  ["VALUE_NEVER_READ" /* ValueNeverRead */]: "Value Never Read",
-  ["VALUE_SHADOWING" /* ValueShadowing */]: "Value Shadowing",
-  ["NO_EQUIVALENCE_METHOD" /* NoEquivalenceMethod */]: "Class Does Not Implement Equivalence Method",
-  ["INFORMATION_EXPOSURE_VIA_HEADERS" /* InformationExposureViaHeaders */]: "Information Exposure via Headers",
-  ["DEBUG_ENABLED" /* DebugEnabled */]: "Debug Enabled",
-  ["LEFTOVER_DEBUG_CODE" /* LeftoverDebugCode */]: "Leftover Debug Code",
-  ["POOR_ERROR_HANDLING_EMPTY_CATCH_BLOCK" /* PoorErrorHandlingEmptyCatchBlock */]: "Poor Error Handling: Empty Catch Block",
-  ["ERRONEOUS_STRING_COMPARE" /* ErroneousStringCompare */]: "Erroneous String Compare",
-  ["UNVALIDATED_PUBLIC_METHOD_ARGUMENT" /* UnvalidatedPublicMethodArgument */]: "Unvalidated Public Method Argument",
-  ["AUTO_ESCAPE_FALSE" /* AutoEscapeFalse */]: "Auto-escape False",
-  ["MISSING_CSP_HEADER" /* MissingCspHeader */]: "Missing CSP Header",
-  ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: "Hardcoded Domain in HTML",
-  ["HEAP_INSPECTION" /* HeapInspection */]: "Heap Inspection",
-  ["CLIENT_DOM_STORED_CODE_INJECTION" /* ClientDomStoredCodeInjection */]: "Client Code Injection",
-  ["STRING_FORMAT_MISUSE" /* StringFormatMisuse */]: "String Format Misuse",
-  ["NON_READONLY_FIELD" /* NonReadonlyField */]: "Non Readonly Field",
-  ["CSRF" /* Csrf */]: "Cross-Site Request Forgery (CSRF)",
-  ["WEAK_ENCRYPTION" /* WeakEncryption */]: "Weak Encryption Mechanism",
-  ["CODE_IN_COMMENT" /* CodeInComment */]: "Code in Comment",
-  ["REGEX_MISSING_TIMEOUT" /* RegexMissingTimeout */]: "Regex Missing Timeout",
-  ["FRAMEABLE_LOGIN_PAGE" /* FrameableLoginPage */]: "Frameable Login Page",
-  ["USE_OF_HARD_CODED_CRYPTOGRAPHIC_KEY" /* UseOfHardCodedCryptographicKey */]: "Use of Hardcoded Cryptographic Key",
-  ["MISSING_SSL_MINVERSION" /* MissingSslMinversion */]: "Missing SSL MinVersion",
-  ["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: "Missing Websocket Origin Check",
-  ["DUPLICATED_STRINGS" /* DuplicatedStrings */]: "String Literals Should not Be Duplicated",
-  ["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: "Insecure UUID Version",
-  ["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: "GitHub Actions Shell Injection",
-  ["MODIFIED_DEFAULT_PARAM" /* ModifiedDefaultParam */]: "Modified Default Param",
-  ["UNSAFE_WEB_THREAD" /* UnsafeWebThread */]: "Unsafe Web Thread",
-  ["NO_VAR" /* NoVar */]: 'Prefer "let" or "const"',
-  ["INSECURE_TMP_FILE" /* InsecureTmpFile */]: "Insecure Temporary File",
-  ["RETURN_SHOULD_NOT_BE_INVARIANT" /* ReturnShouldNotBeInvariant */]: "Return Should Not Be Invariant",
-  ["SYSTEM_EXIT_SHOULD_RERAISE" /* SystemExitShouldReraise */]: "SystemExit Should Reraise",
-  ["NO_RETURN_IN_FINALLY" /* NoReturnInFinally */]: "No Return in Finally Block",
-  ["WILDCARD_IMPORTS" /* WildcardImports */]: "Wildcard Imports should not be used",
-  ["AVOID_IDENTITY_COMPARISON_CACHED_TYPES" /* AvoidIdentityComparisonCachedTypes */]: "Avoid Identity Comparison of Cached Types",
-  ["AVOID_BUILTIN_SHADOWING" /* AvoidBuiltinShadowing */]: "Avoid Builtin Shadowing",
-  ["IMPROPER_STRING_FORMATTING" /* ImproperStringFormatting */]: "Improper String Formatting",
-  ["TAR_SLIP" /* TarSlip */]: "Tar Slip",
-  ["MISSING_WHITESPACE" /* MissingWhitespace */]: "Missing Whitespace",
-  ["NO_PRINT_STATEMENT" /* NoPrintStatement */]: 'Python 2 "print" Statement Is Obsolete',
-  ["NO_OP_OVERHEAD" /* NoOpOverhead */]: "Expensive Arguments in Conditional Methods",
-  ["DO_NOT_RAISE_EXCEPTION" /* DoNotRaiseException */]: "Do Not Raise Exception",
-  ["DECLARE_VARIABLE_EXPLICITLY" /* DeclareVariableExplicitly */]: "Declare Variable Explicitly",
-  ["NO_NESTED_TRY" /* NoNestedTry */]: "No Nested Try",
-  ["UNNECESSARY_IMPORTS" /* UnnecessaryImports */]: "Unnecessary Imports",
-  ["REDOS" /* Redos */]: "Regular Expression Denial of Service",
-  ["DO_NOT_THROW_GENERIC_EXCEPTION" /* DoNotThrowGenericException */]: "Do Not Throw Generic Exception"
-};
-var issueTypeZ = z5.nativeEnum(IssueType_Enum);
-var getIssueTypeFriendlyString = (issueType) => {
-  const issueTypeZParseRes = issueTypeZ.safeParse(issueType);
-  if (!issueTypeZParseRes.success) {
-    return issueType ? issueType.replaceAll("_", " ") : "Other";
-  }
-  return issueTypeMap[issueTypeZParseRes.data];
-};
-function getTagTooltip(tag) {
-  switch (tag) {
-    case "FALSE_POSITIVE":
-      return "Issue was found to be a false positive";
-    case "TEST_CODE":
-      return "Issue found in test files, not production code";
-    case "VENDOR_CODE":
-      return "Issue is in external libraries or dependencies not owned or maintained by your team";
-    case "AUTOGENERATED_CODE":
-      return "Code created by tools or frameworks, not manually written";
-    case "AUXILIARY_CODE":
-      return "Issue found in supporting files that don't impact core functionality";
-    case "Filtered":
-      return "Issue was filtered by user in the Fix Policy";
-    default:
-      return tag;
-  }
-}
-var issueDescription = {
-  ["AUTOGENERATED_CODE" /* AutogeneratedCode */]: "The flagged code is generated automatically by tools or frameworks as part of the build or runtime process. This categorization highlights that **the issue resides in non-manual code**, which often requires tool-specific solutions or exemptions.",
-  ["AUXILIARY_CODE" /* AuxiliaryCode */]: "The flagged code is auxiliary or supporting code, such as configuration files, build scripts, or other non-application logic. This categorization indicates that the issue is not directly related to the application's core functionality.",
-  ["FALSE_POSITIVE" /* FalsePositive */]: "The flagged code **does not represent an actual vulnerability within the application's context.** This categorization indicates that the issue is either misidentified by the scanner or deemed irrelevant to the application's functionality.",
-  ["TEST_CODE" /* TestCode */]: "The flagged code resides in a test-specific path or context. This categorization indicates that **it supports testing scenarios and is isolated from production use**.",
-  ["UNFIXABLE" /* Unfixable */]: "The flagged code cannot be fixed",
-  ["VENDOR_CODE" /* VendorCode */]: "The flagged code originates from a third-party library or dependency maintained externally. This categorization suggests that **the issue lies outside the application's direct control** and should be addressed by the vendor if necessary."
-};
-function replaceKeysWithValues(fixDescription, extraContext) {
-  let result = fixDescription;
-  extraContext.forEach(({ key, value }) => {
-    result = result.replace(`\${${key}}`, value);
-  });
-  return result;
-}
-function getParsedFalsePositiveMessage(data) {
-  const { fixDescription, extraContext } = data;
-  const containsTemplate = extraContext.some(
-    (context) => fixDescription.includes(`\${${context.key}}`)
-  );
-  const description2 = containsTemplate ? replaceKeysWithValues(fixDescription, extraContext) : fixDescription;
-  const contextString = containsTemplate ? null : `\`\`\`${extraContext.map(({ value }) => value).join(" ")} \`\`\``;
-  return { description: description2, contextString };
-}
-
-// src/features/analysis/scm/shared/src/validations.ts
-var IssueTypeSettingZ = z6.object({
-  autoPrEnabled: z6.boolean(),
-  enabled: z6.boolean(),
-  issueType: z6.nativeEnum(IssueType_Enum)
-});
-var IssueTypeSettingsZ = z6.array(IssueTypeSettingZ).transform((issueTypeSettings) => {
-  return Object.values(IssueType_Enum).map((issueTypeEnum) => {
-    const existingIssueTypeSetting = issueTypeSettings.find(
-      ({ issueType: dbIssueType }) => dbIssueType === issueTypeEnum
-    );
-    if (existingIssueTypeSetting) {
-      return existingIssueTypeSetting;
-    }
-    return {
-      autoPrEnabled: false,
-      enabled: true,
-      issueType: issueTypeEnum
-    };
-  }).sort((a, b) => {
-    return getIssueTypeFriendlyString(a.issueType).localeCompare(
-      getIssueTypeFriendlyString(b.issueType)
-    );
-  });
-});
-
-// src/features/analysis/scm/shared/src/types/types.ts
-var OrganizationScreenQueryParamsZ = z7.object({
-  organizationId: z7.string().uuid()
-});
-var ProjectPageQueryParamsZ = z7.object({
-  organizationId: z7.string().uuid(),
-  projectId: z7.string().uuid()
-});
-var AnalysisPageQueryParamsZ = ProjectPageQueryParamsZ.extend({
-  reportId: z7.string().uuid()
-});
-var FixPageQueryParamsZ = AnalysisPageQueryParamsZ.extend({
-  fixId: z7.string().uuid()
-});
-var IssuePageQueryParamsZ = AnalysisPageQueryParamsZ.extend({
-  issueId: z7.string().uuid()
-});
-var CliLoginPageQueryParamsZ = z7.object({
-  loginId: z7.string().uuid()
-});
-var AnalysisReportDigestedZ = z7.object({
-  id: z7.string().uuid(),
-  state: z7.nativeEnum(Fix_Report_State_Enum),
-  vulnerabilityReport: z7.object({
-    reportSummaryUrl: z7.string().url().nullish(),
-    scanDate: z7.string().nullable(),
-    supported: z7.object({
-      aggregate: z7.object({
-        count: z7.number()
-      })
-    }),
-    all: z7.object({
-      aggregate: z7.object({
-        count: z7.number()
-      })
-    }),
-    vendor: z7.nativeEnum(Vulnerability_Report_Vendor_Enum),
-    project: z7.object({
-      organizationId: z7.string().uuid()
-    })
-  })
-});
-var ReportQueryResultZ = z7.object({
-  fixReport_by_pk: z7.object({
-    id: z7.string().uuid(),
-    analysisUrl: z7.string(),
-    fixesCommitted: z7.object({
-      aggregate: z7.object({ count: z7.number() })
-    }),
-    fixesDownloaded: z7.object({
-      aggregate: z7.object({ count: z7.number() })
-    }),
-    fixesDoneCount: z7.number(),
-    fixesInprogressCount: z7.number(),
-    fixesReadyCount: z7.object({
-      aggregate: z7.object({ count: z7.number() })
-    }),
-    issueTypes: z7.record(z7.string(), z7.number()).nullable(),
-    issueLanguages: z7.record(z7.string(), z7.number()).nullable(),
-    fixesCountByEffort: z7.record(z7.string(), z7.number()).nullable(),
-    vulnerabilitySeverities: z7.record(z7.string(), z7.number()).nullable(),
-    createdOn: z7.string(),
-    expirationOn: z7.string().nullable(),
-    state: z7.nativeEnum(Fix_Report_State_Enum),
-    fixes: z7.array(
-      z7.object({
-        id: z7.string().uuid(),
-        safeIssueLanguage: z7.string(),
-        safeIssueType: z7.string(),
-        confidence: z7.number(),
-        effortToApplyFix: z7.nativeEnum(Effort_To_Apply_Fix_Enum).nullable(),
-        modifiedBy: z7.string().nullable(),
-        gitBlameLogin: z7.string().nullable(),
-        fixReportId: z7.string().uuid(),
-        filePaths: z7.array(
-          z7.object({
-            fileRepoRelativePath: z7.string()
-          })
-        ),
-        sharedState: FixSharedStateZ,
-        numberOfVulnerabilityIssues: z7.number(),
-        severityText: z7.nativeEnum(Vulnerability_Severity_Enum),
-        vulnerabilityReportIssues: z7.array(
-          z7.object({
-            id: z7.string().uuid(),
-            issueType: z7.string(),
-            issueLanguage: z7.string(),
-            category: z7.string()
-          })
-        )
-        // scmSubmitFixRequests: ScmSubmitFixRequestsZ,
-      })
-    ),
-    repo: z7.object({
-      name: z7.string().nullable(),
-      originalUrl: z7.string(),
-      reference: z7.string(),
-      commitSha: z7.string(),
-      isKnownBranch: z7.boolean().nullish().default(true)
-    }),
-    vulnerabilityReportIssuesFixedCount: z7.object({
-      vulnerabilityReportIssues_aggregate: z7.object({
-        aggregate: z7.object({ count: z7.number() })
-      })
-    }),
-    vulnerabilityReport: z7.object({
-      id: z7.string().uuid(),
-      reportSummaryUrl: z7.string().url().nullish(),
-      vendor: z7.nativeEnum(Vulnerability_Report_Vendor_Enum).nullable(),
-      issuesWithKnownLanguage: z7.number().nullable(),
-      scanDate: z7.string().nullable(),
-      vendorReportId: z7.string().uuid().nullable(),
-      projectId: z7.string().uuid(),
-      project: z7.object({
-        organizationId: z7.string().uuid()
-      }),
-      file: z7.object({
-        id: z7.string().uuid(),
-        path: z7.string()
-      }),
-      pending: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      irrelevant: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      remaining: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      digested: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      supported: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      all: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      fixable: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      errors: z7.object({
-        aggregate: z7.object({
-          count: z7.number()
-        })
-      }),
-      vulnerabilityReportIssues: z7.object({
-        id: z7.string().uuid(),
-        extraData: z7.object({
-          missing_files: z7.string().array().nullish(),
-          large_files: z7.string().array().nullish(),
-          error_files: z7.string().array().nullish()
-        })
-      }).array()
-    })
-  })
-});
-var ReportFixesQueryFixZ = z7.object({
-  id: z7.string().uuid(),
-  sharedState: FixSharedStateZ,
-  confidence: z7.number(),
-  gitBlameLogin: z7.string().nullable(),
-  effortToApplyFix: z7.nativeEnum(Effort_To_Apply_Fix_Enum).nullable(),
-  safeIssueLanguage: z7.string(),
-  safeIssueType: z7.string(),
-  fixReportId: z7.string().uuid(),
-  filePaths: z7.array(
-    z7.object({
-      fileRepoRelativePath: z7.string()
-    })
-  ),
-  numberOfVulnerabilityIssues: z7.number(),
-  severityText: z7.nativeEnum(Vulnerability_Severity_Enum),
-  vulnerabilityReportIssues: z7.array(
-    z7.object({
-      issueType: z7.string(),
-      issueLanguage: z7.string()
-    })
-  ).min(1)
-});
-var VulnerabilityReportIssueZ = z7.object({
-  id: z7.string().uuid(),
-  createdAt: z7.string(),
-  state: z7.nativeEnum(Vulnerability_Report_Issue_State_Enum),
-  safeIssueType: z7.string(),
-  safeIssueLanguage: z7.string(),
-  extraData: z7.object({
-    missing_files: z7.string().array().nullish(),
-    large_files: z7.string().array().nullish(),
-    error_files: z7.string().array().nullish()
-  }),
-  fix: ReportFixesQueryFixZ.nullable(),
-  falsePositive: z7.object({
-    id: z7.string().uuid()
-  }).nullable(),
-  parsedSeverity: ParsedSeverityZ,
-  severity: z7.string(),
-  severityValue: z7.number(),
-  category: z7.string(),
-  codeNodes: z7.array(z7.object({ path: z7.string() })),
-  vulnerabilityReportIssueTags: z7.array(
-    z7.object({
-      vulnerability_report_issue_tag_value: z7.string()
-    })
-  ),
-  sharedState: VulnerabilityReportIssueSharedStateZ
-});
-var GetReportIssuesQueryZ = z7.object({
-  fixReport: z7.object({
-    vulnerabilityReport: z7.object({
-      id: z7.string().uuid(),
-      lastIssueUpdatedAt: z7.string(),
-      vulnerabilityReportIssues_aggregate: z7.object({
-        aggregate: z7.object({ count: z7.number() })
-      }),
-      vulnerabilityReportIssues: z7.array(VulnerabilityReportIssueZ)
-    })
-  }).array()
-}).nullish();
-var FixReportByProjectZ = z7.object({
-  project_by_pk: z7.object({
-    vulnerabilityReports: z7.array(
-      z7.object({
-        fixReport: z7.object({ id: z7.string().uuid() }).nullable()
-      })
-    )
-  })
-});
-var FixScreenQueryResultZ = z7.object({
-  fixReport_by_pk: FixPageFixReportZ,
-  fix_by_pk: FixPartsForFixScreenZ,
-  fixesWithSameIssueType: z7.array(
-    z7.object({
-      id: z7.string().uuid(),
-      sharedState: z7.object({ state: z7.nativeEnum(Fix_State_Enum) }).nullable().default({ state: "Ready" /* Ready */ })
-    })
-  ),
-  relevantIssue: IssuePartsZ.nullish()
-});
-var FixPageQueryZ = z7.object({
-  data: FixScreenQueryResultZ
-});
-var GetReportFixesQueryZ = z7.object({
-  fixReport: z7.array(
-    z7.object({
-      fixes: z7.array(ReportFixesQueryFixZ),
-      vulnerabilityReportIssuesTotalCount: z7.object({
-        vulnerabilityReportIssues_aggregate: z7.object({
-          aggregate: z7.object({ count: z7.number() })
-        })
-      }),
-      vulnerabilityReportIssuesFixedCount: z7.object({
-        vulnerabilityReportIssues_aggregate: z7.object({
-          aggregate: z7.object({ count: z7.number() })
-        })
-      }),
-      vulnerabilityReportIssuesIrrelevantCount: z7.object({
-        vulnerabilityReportIssues_aggregate: z7.object({
-          aggregate: z7.object({ count: z7.number() })
-        })
-      }),
-      vulnerabilityReportIssuesRemainingCount: z7.object({
-        vulnerabilityReportIssues_aggregate: z7.object({
-          aggregate: z7.object({ count: z7.number() })
-        })
-      })
-    })
-  )
-}).nullish();
-var ProjectVulnerabilityReport = z7.object({
-  id: z7.string().uuid(),
-  name: z7.string().nullable(),
-  vendor: z7.nativeEnum(Vulnerability_Report_Vendor_Enum).nullable(),
-  fixReport: z7.object({
-    id: z7.string().uuid(),
-    createdOn: z7.string(),
-    vulnerabilityReportIssuesFixedCount: z7.object({
-      vulnerabilityReportIssues_aggregate: z7.object({
-        aggregate: z7.object({ count: z7.number() })
-      })
-    }),
-    issueTypes: z7.record(z7.string(), z7.number()).nullable(),
-    issueLanguages: z7.record(z7.nativeEnum(IssueLanguage_Enum), z7.number()).nullable(),
-    fixesCountByEffort: z7.record(z7.nativeEnum(Effort_To_Apply_Fix_Enum), z7.number()).nullable(),
-    vulnerabilitySeverities: z7.record(z7.nativeEnum(Vulnerability_Severity_Enum), z7.number()).nullable(),
-    fixesDoneCount: z7.number(),
-    fixesInprogressCount: z7.number(),
-    fixesReadyCount: z7.number(),
-    repo: z7.object({
-      originalUrl: z7.string(),
-      reference: z7.string(),
-      name: z7.string()
-    }),
-    createdByUser: z7.object({
-      email: z7.string()
-    }).nullable(),
-    state: z7.nativeEnum(Fix_Report_State_Enum),
-    expirationOn: z7.string()
-  })
-});
-var ProjectGetProjectZ = z7.object({
-  id: z7.string().uuid(),
-  name: z7.string(),
-  vulnerabilityReports: z7.object({
-    vendor: z7.nativeEnum(Vulnerability_Report_Vendor_Enum).nullable(),
-    fixReport: z7.object({
-      issueLanguages: z7.record(z7.nativeEnum(IssueLanguage_Enum), z7.number()).nullable(),
-      state: z7.nativeEnum(Fix_Report_State_Enum),
-      repo: z7.object({
-        originalUrl: z7.string(),
-        reference: z7.string()
-      }),
-      expirationOn: z7.string()
-    })
-  }).array()
-});
-var GetProjectsQueryZ = z7.array(ProjectGetProjectZ);
-var ProjectPageQueryResultZ = z7.object({
-  name: z7.string(),
-  id: z7.string().uuid(),
-  isDefault: z7.boolean().default(false),
-  organizationId: z7.string().uuid(),
-  vulnerabilityReports: z7.array(ProjectVulnerabilityReport),
-  projectIssueTypeSettings: z7.array(
-    IssueTypeSettingZ.merge(z7.object({ id: z7.string() }))
-  )
-});
-var GetProjectMembersDataZ = z7.object({
-  project_by_pk: z7.object({
-    name: z7.string(),
-    id: z7.string(),
-    projectUsers: z7.array(
-      z7.object({
-        projectToRole: z7.object({
-          projectRole: z7.object({
-            type: z7.nativeEnum(Project_Role_Type_Enum)
-          })
-        }),
-        user: z7.object({
-          id: z7.string().uuid(),
-          picture: z7.string().optional(),
-          name: z7.string().nullish(),
-          email: z7.string().email()
-        })
-      })
-    )
-  })
-});
-var RepoArgsZ = z7.object({
-  originalUrl: z7.string().url(),
-  branch: z7.string(),
-  commitSha: z7.string()
-});
-var scmCloudUrl = {
-  GitLab: "https://gitlab.com",
-  GitHub: "https://github.com",
-  Ado: "https://dev.azure.com",
-  Bitbucket: "https://bitbucket.org"
-};
-var ScmType = /* @__PURE__ */ ((ScmType2) => {
-  ScmType2["GitHub"] = "GitHub";
-  ScmType2["GitLab"] = "GitLab";
-  ScmType2["Ado"] = "Ado";
-  ScmType2["Bitbucket"] = "Bitbucket";
-  return ScmType2;
-})(ScmType || {});
-var ConvertToSarifInputFileFormat = /* @__PURE__ */ ((ConvertToSarifInputFileFormat2) => {
-  ConvertToSarifInputFileFormat2["FortifyFPR"] = "FortifyFPR";
-  return ConvertToSarifInputFileFormat2;
-})(ConvertToSarifInputFileFormat || {});
-
-// src/features/analysis/scm/ado/constants.ts
-var DEFUALT_ADO_ORIGIN = scmCloudUrl.Ado;
-
-// src/features/analysis/scm/ado/utils.ts
-import querystring from "querystring";
-import * as api from "azure-devops-node-api";
-import Debug from "debug";
-import { z as z17 } from "zod";
-
-// src/features/analysis/scm/env.ts
-import { z as z8 } from "zod";
-var EnvVariablesZod = z8.object({
-  GITLAB_API_TOKEN: z8.string().optional(),
-  GITHUB_API_TOKEN: z8.string().optional(),
-  GIT_PROXY_HOST: z8.string().optional().default("http://tinyproxy:8888")
-});
-var { GITLAB_API_TOKEN, GITHUB_API_TOKEN, GIT_PROXY_HOST } = EnvVariablesZod.parse(process.env);
-
-// src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
-import { z as z9 } from "zod";
-
 // src/features/analysis/scm/shared/src/fixDetailsData.ts
 var fixDetailsData = {
   ["PT" /* Pt */]: {
@@ -2324,6 +1399,170 @@ var fixDetailsData = {
   ["DO_NOT_THROW_GENERIC_EXCEPTION" /* DoNotThrowGenericException */]: void 0
 };
 
+// src/features/analysis/scm/shared/src/getIssueType.ts
+import { z } from "zod";
+var issueTypeMap = {
+  ["NO_LIMITS_OR_THROTTLING" /* NoLimitsOrThrottling */]: "Missing Rate Limiting",
+  ["SQL_Injection" /* SqlInjection */]: "SQL Injection",
+  ["CMDi_relative_path_command" /* CmDiRelativePathCommand */]: "Relative Path Command Injection",
+  ["CMDi" /* CmDi */]: "Command Injection",
+  ["CONFUSING_NAMING" /* ConfusingNaming */]: "Confusing Naming",
+  ["XXE" /* Xxe */]: "XXE",
+  ["XSS" /* Xss */]: "XSS",
+  ["PT" /* Pt */]: "Path Traversal",
+  ["ZIP_SLIP" /* ZipSlip */]: "Zip Slip",
+  ["INSECURE_RANDOMNESS" /* InsecureRandomness */]: "Insecure Randomness",
+  ["SSRF" /* Ssrf */]: "Server Side Request Forgery",
+  ["TYPE_CONFUSION" /* TypeConfusion */]: "Type Confusion",
+  ["REGEX_INJECTION" /* RegexInjection */]: "Regular Expression Injection",
+  ["INCOMPLETE_URL_SANITIZATION" /* IncompleteUrlSanitization */]: "Incomplete URL Sanitization",
+  ["LOCALE_DEPENDENT_COMPARISON" /* LocaleDependentComparison */]: "Locale Dependent Comparison",
+  ["LOG_FORGING" /* LogForging */]: "Log Forging",
+  ["MISSING_CHECK_AGAINST_NULL" /* MissingCheckAgainstNull */]: "Missing Check against Null",
+  ["PASSWORD_IN_COMMENT" /* PasswordInComment */]: "Password in Comment",
+  ["OVERLY_BROAD_CATCH" /* OverlyBroadCatch */]: "Poor Error Handling: Overly Broad Catch",
+  ["USE_OF_SYSTEM_OUTPUT_STREAM" /* UseOfSystemOutputStream */]: "Use of System.out/System.err",
+  ["DANGEROUS_FUNCTION_OVERFLOW" /* DangerousFunctionOverflow */]: "Use of dangerous function",
+  ["DOS_STRING_BUILDER" /* DosStringBuilder */]: "Denial of Service: StringBuilder",
+  ["OPEN_REDIRECT" /* OpenRedirect */]: "Open Redirect",
+  ["WEAK_XML_SCHEMA_UNBOUNDED_OCCURRENCES" /* WeakXmlSchemaUnboundedOccurrences */]: "Weak XML Schema: Unbounded Occurrences",
+  ["SYSTEM_INFORMATION_LEAK" /* SystemInformationLeak */]: "System Information Leak",
+  ["SYSTEM_INFORMATION_LEAK_EXTERNAL" /* SystemInformationLeakExternal */]: "External System Information Leak",
+  ["HTTP_RESPONSE_SPLITTING" /* HttpResponseSplitting */]: "HTTP response splitting",
+  ["HTTP_ONLY_COOKIE" /* HttpOnlyCookie */]: "Cookie is not HttpOnly",
+  ["INSECURE_COOKIE" /* InsecureCookie */]: "Insecure Cookie",
+  ["TRUST_BOUNDARY_VIOLATION" /* TrustBoundaryViolation */]: "Trust Boundary Violation",
+  ["NULL_DEREFERENCE" /* NullDereference */]: "Null Dereference",
+  ["UNSAFE_DESERIALIZATION" /* UnsafeDeserialization */]: "Unsafe deserialization",
+  ["INSECURE_BINDER_CONFIGURATION" /* InsecureBinderConfiguration */]: "Insecure Binder Configuration",
+  ["UNSAFE_TARGET_BLANK" /* UnsafeTargetBlank */]: "Unsafe use of target blank",
+  ["IFRAME_WITHOUT_SANDBOX" /* IframeWithoutSandbox */]: "Client use of iframe without sandbox",
+  ["JQUERY_DEPRECATED_SYMBOLS" /* JqueryDeprecatedSymbols */]: "jQuery deprecated symbols",
+  ["MISSING_ANTIFORGERY_VALIDATION" /* MissingAntiforgeryValidation */]: "Missing Anti-Forgery Validation",
+  ["GRAPHQL_DEPTH_LIMIT" /* GraphqlDepthLimit */]: "GraphQL Depth Limit",
+  ["UNCHECKED_LOOP_CONDITION" /* UncheckedLoopCondition */]: "Unchecked Loop Condition",
+  ["IMPROPER_RESOURCE_SHUTDOWN_OR_RELEASE" /* ImproperResourceShutdownOrRelease */]: "Improper Resource Shutdown or Release",
+  ["IMPROPER_EXCEPTION_HANDLING" /* ImproperExceptionHandling */]: "Improper Exception Handling",
+  ["DEFAULT_RIGHTS_IN_OBJ_DEFINITION" /* DefaultRightsInObjDefinition */]: "Default Definer Rights in Package or Object Definition",
+  ["HTML_COMMENT_IN_JSP" /* HtmlCommentInJsp */]: "HTML Comment in JSP",
+  ["ERROR_CONDTION_WITHOUT_ACTION" /* ErrorCondtionWithoutAction */]: "Error Condition Without Action",
+  ["DEPRECATED_FUNCTION" /* DeprecatedFunction */]: "Deprecated Function",
+  ["HARDCODED_SECRETS" /* HardcodedSecrets */]: "Hardcoded Secrets",
+  ["PROTOTYPE_POLLUTION" /* PrototypePollution */]: "Prototype Pollution",
+  ["RACE_CONDITION_FORMAT_FLAW" /* RaceConditionFormatFlaw */]: "Race Condition Format Flaw",
+  ["NON_FINAL_PUBLIC_STATIC_FIELD" /* NonFinalPublicStaticField */]: "Non-final Public Static Field",
+  ["MISSING_HSTS_HEADER" /* MissingHstsHeader */]: "Missing HSTS Header",
+  ["DEAD_CODE_UNUSED_FIELD" /* DeadCodeUnusedField */]: "Dead Code: Unused Field",
+  ["HEADER_MANIPULATION" /* HeaderManipulation */]: "Header Manipulation",
+  ["MISSING_EQUALS_OR_HASHCODE" /* MissingEqualsOrHashcode */]: "Missing equals or hashcode method",
+  ["WCF_MISCONFIGURATION_INSUFFICIENT_LOGGING" /* WcfMisconfigurationInsufficientLogging */]: "WCF Misconfiguration: Insufficient Logging",
+  ["WCF_MISCONFIGURATION_THROTTLING_NOT_ENABLED" /* WcfMisconfigurationThrottlingNotEnabled */]: "WCF Misconfiguration: Throttling Not Enabled",
+  ["USELESS_REGEXP_CHAR_ESCAPE" /* UselessRegexpCharEscape */]: "Useless regular-expression character escape",
+  ["INCOMPLETE_HOSTNAME_REGEX" /* IncompleteHostnameRegex */]: "Incomplete Hostname Regex",
+  ["OVERLY_LARGE_RANGE" /* OverlyLargeRange */]: "Regex: Overly Large Range",
+  ["INSUFFICIENT_LOGGING" /* InsufficientLogging */]: "Insufficient Logging of Sensitive Operations",
+  ["PRIVACY_VIOLATION" /* PrivacyViolation */]: "Privacy Violation",
+  ["INCOMPLETE_URL_SCHEME_CHECK" /* IncompleteUrlSchemeCheck */]: "Incomplete URL Scheme Check",
+  ["VALUE_NEVER_READ" /* ValueNeverRead */]: "Value Never Read",
+  ["VALUE_SHADOWING" /* ValueShadowing */]: "Value Shadowing",
+  ["NO_EQUIVALENCE_METHOD" /* NoEquivalenceMethod */]: "Class Does Not Implement Equivalence Method",
+  ["INFORMATION_EXPOSURE_VIA_HEADERS" /* InformationExposureViaHeaders */]: "Information Exposure via Headers",
+  ["DEBUG_ENABLED" /* DebugEnabled */]: "Debug Enabled",
+  ["LEFTOVER_DEBUG_CODE" /* LeftoverDebugCode */]: "Leftover Debug Code",
+  ["POOR_ERROR_HANDLING_EMPTY_CATCH_BLOCK" /* PoorErrorHandlingEmptyCatchBlock */]: "Poor Error Handling: Empty Catch Block",
+  ["ERRONEOUS_STRING_COMPARE" /* ErroneousStringCompare */]: "Erroneous String Compare",
+  ["UNVALIDATED_PUBLIC_METHOD_ARGUMENT" /* UnvalidatedPublicMethodArgument */]: "Unvalidated Public Method Argument",
+  ["AUTO_ESCAPE_FALSE" /* AutoEscapeFalse */]: "Auto-escape False",
+  ["MISSING_CSP_HEADER" /* MissingCspHeader */]: "Missing CSP Header",
+  ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: "Hardcoded Domain in HTML",
+  ["HEAP_INSPECTION" /* HeapInspection */]: "Heap Inspection",
+  ["CLIENT_DOM_STORED_CODE_INJECTION" /* ClientDomStoredCodeInjection */]: "Client Code Injection",
+  ["STRING_FORMAT_MISUSE" /* StringFormatMisuse */]: "String Format Misuse",
+  ["NON_READONLY_FIELD" /* NonReadonlyField */]: "Non Readonly Field",
+  ["CSRF" /* Csrf */]: "Cross-Site Request Forgery (CSRF)",
+  ["WEAK_ENCRYPTION" /* WeakEncryption */]: "Weak Encryption Mechanism",
+  ["CODE_IN_COMMENT" /* CodeInComment */]: "Code in Comment",
+  ["REGEX_MISSING_TIMEOUT" /* RegexMissingTimeout */]: "Regex Missing Timeout",
+  ["FRAMEABLE_LOGIN_PAGE" /* FrameableLoginPage */]: "Frameable Login Page",
+  ["USE_OF_HARD_CODED_CRYPTOGRAPHIC_KEY" /* UseOfHardCodedCryptographicKey */]: "Use of Hardcoded Cryptographic Key",
+  ["MISSING_SSL_MINVERSION" /* MissingSslMinversion */]: "Missing SSL MinVersion",
+  ["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: "Missing Websocket Origin Check",
+  ["DUPLICATED_STRINGS" /* DuplicatedStrings */]: "String Literals Should not Be Duplicated",
+  ["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: "Insecure UUID Version",
+  ["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: "GitHub Actions Shell Injection",
+  ["MODIFIED_DEFAULT_PARAM" /* ModifiedDefaultParam */]: "Modified Default Param",
+  ["UNSAFE_WEB_THREAD" /* UnsafeWebThread */]: "Unsafe Web Thread",
+  ["NO_VAR" /* NoVar */]: 'Prefer "let" or "const"',
+  ["INSECURE_TMP_FILE" /* InsecureTmpFile */]: "Insecure Temporary File",
+  ["RETURN_SHOULD_NOT_BE_INVARIANT" /* ReturnShouldNotBeInvariant */]: "Return Should Not Be Invariant",
+  ["SYSTEM_EXIT_SHOULD_RERAISE" /* SystemExitShouldReraise */]: "SystemExit Should Reraise",
+  ["NO_RETURN_IN_FINALLY" /* NoReturnInFinally */]: "No Return in Finally Block",
+  ["WILDCARD_IMPORTS" /* WildcardImports */]: "Wildcard Imports should not be used",
+  ["AVOID_IDENTITY_COMPARISON_CACHED_TYPES" /* AvoidIdentityComparisonCachedTypes */]: "Avoid Identity Comparison of Cached Types",
+  ["AVOID_BUILTIN_SHADOWING" /* AvoidBuiltinShadowing */]: "Avoid Builtin Shadowing",
+  ["IMPROPER_STRING_FORMATTING" /* ImproperStringFormatting */]: "Improper String Formatting",
+  ["TAR_SLIP" /* TarSlip */]: "Tar Slip",
+  ["MISSING_WHITESPACE" /* MissingWhitespace */]: "Missing Whitespace",
+  ["NO_PRINT_STATEMENT" /* NoPrintStatement */]: 'Python 2 "print" Statement Is Obsolete',
+  ["NO_OP_OVERHEAD" /* NoOpOverhead */]: "Expensive Arguments in Conditional Methods",
+  ["DO_NOT_RAISE_EXCEPTION" /* DoNotRaiseException */]: "Do Not Raise Exception",
+  ["DECLARE_VARIABLE_EXPLICITLY" /* DeclareVariableExplicitly */]: "Declare Variable Explicitly",
+  ["NO_NESTED_TRY" /* NoNestedTry */]: "No Nested Try",
+  ["UNNECESSARY_IMPORTS" /* UnnecessaryImports */]: "Unnecessary Imports",
+  ["REDOS" /* Redos */]: "Regular Expression Denial of Service",
+  ["DO_NOT_THROW_GENERIC_EXCEPTION" /* DoNotThrowGenericException */]: "Do Not Throw Generic Exception"
+};
+var issueTypeZ = z.nativeEnum(IssueType_Enum);
+var getIssueTypeFriendlyString = (issueType) => {
+  const issueTypeZParseRes = issueTypeZ.safeParse(issueType);
+  if (!issueTypeZParseRes.success) {
+    return issueType ? issueType.replaceAll("_", " ") : "Other";
+  }
+  return issueTypeMap[issueTypeZParseRes.data];
+};
+function getTagTooltip(tag) {
+  switch (tag) {
+    case "FALSE_POSITIVE":
+      return "Issue was found to be a false positive";
+    case "TEST_CODE":
+      return "Issue found in test files, not production code";
+    case "VENDOR_CODE":
+      return "Issue is in external libraries or dependencies not owned or maintained by your team";
+    case "AUTOGENERATED_CODE":
+      return "Code created by tools or frameworks, not manually written";
+    case "AUXILIARY_CODE":
+      return "Issue found in supporting files that don't impact core functionality";
+    case "Filtered":
+      return "Issue was filtered by user in the Fix Policy";
+    default:
+      return tag;
+  }
+}
+var issueDescription = {
+  ["AUTOGENERATED_CODE" /* AutogeneratedCode */]: "The flagged code is generated automatically by tools or frameworks as part of the build or runtime process. This categorization highlights that **the issue resides in non-manual code**, which often requires tool-specific solutions or exemptions.",
+  ["AUXILIARY_CODE" /* AuxiliaryCode */]: "The flagged code is auxiliary or supporting code, such as configuration files, build scripts, or other non-application logic. This categorization indicates that the issue is not directly related to the application's core functionality.",
+  ["FALSE_POSITIVE" /* FalsePositive */]: "The flagged code **does not represent an actual vulnerability within the application's context.** This categorization indicates that the issue is either misidentified by the scanner or deemed irrelevant to the application's functionality.",
+  ["TEST_CODE" /* TestCode */]: "The flagged code resides in a test-specific path or context. This categorization indicates that **it supports testing scenarios and is isolated from production use**.",
+  ["UNFIXABLE" /* Unfixable */]: "The flagged code cannot be fixed",
+  ["VENDOR_CODE" /* VendorCode */]: "The flagged code originates from a third-party library or dependency maintained externally. This categorization suggests that **the issue lies outside the application's direct control** and should be addressed by the vendor if necessary."
+};
+function replaceKeysWithValues(fixDescription, extraContext) {
+  let result = fixDescription;
+  extraContext.forEach(({ key, value }) => {
+    result = result.replace(`\${${key}}`, value);
+  });
+  return result;
+}
+function getParsedFalsePositiveMessage(data) {
+  const { fixDescription, extraContext } = data;
+  const containsTemplate = extraContext.some(
+    (context) => fixDescription.includes(`\${${context.key}}`)
+  );
+  const description2 = containsTemplate ? replaceKeysWithValues(fixDescription, extraContext) : fixDescription;
+  const contextString = containsTemplate ? null : `\`\`\`${extraContext.map(({ value }) => value).join(" ")} \`\`\``;
+  return { description: description2, contextString };
+}
+
 // src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
 function capitalizeFirstLetter(str) {
   return str?.length ? str[0].toUpperCase() + str.slice(1) : "";
@@ -2352,7 +1591,7 @@ var getCommitDescription = ({
   )}**.
 
 `;
-  const parseIssueTypeRes = z9.nativeEnum(IssueType_Enum).safeParse(issueType);
+  const parseIssueTypeRes = z2.nativeEnum(IssueType_Enum).safeParse(issueType);
   if (issueType && parseIssueTypeRes.success) {
     if (irrelevantIssueWithTags?.[0]?.tag) {
       description2 += `
@@ -2395,7 +1634,7 @@ var getCommitIssueDescription = ({
   const issueTypeString = getIssueTypeFriendlyString(issueType);
   let description2 = `The following issues reported by ${capitalizeFirstLetter(vendor)} on this PR were found to be irrelevant to your project:
 `;
-  const parseIssueTypeRes = z9.nativeEnum(IssueType_Enum).safeParse(issueType);
+  const parseIssueTypeRes = z2.nativeEnum(IssueType_Enum).safeParse(issueType);
   if (issueType && parseIssueTypeRes.success) {
     if (irrelevantIssueWithTags?.[0]?.tag) {
       description2 = `
@@ -2420,10 +1659,10 @@ ${staticData.issueDescription}
 };
 
 // src/features/analysis/scm/shared/src/guidances.ts
-import { z as z12 } from "zod";
+import { z as z5 } from "zod";
 
 // src/features/analysis/scm/shared/src/storedFixData/index.ts
-import { z as z10 } from "zod";
+import { z as z3 } from "zod";
 
 // src/features/analysis/scm/shared/src/storedFixData/passwordInComment.ts
 var passwordInComment = {
@@ -2599,8 +1838,8 @@ var vulnerabilities8 = {
 var xml_default = vulnerabilities8;
 
 // src/features/analysis/scm/shared/src/storedFixData/index.ts
-var StoredFixDataItemZ = z10.object({
-  guidance: z10.function().returns(z10.string())
+var StoredFixDataItemZ = z3.object({
+  guidance: z3.function().returns(z3.string())
 });
 var languages = {
   ["Java" /* Java */]: java_default,
@@ -2614,7 +1853,7 @@ var languages = {
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/index.ts
-import { z as z11 } from "zod";
+import { z as z4 } from "zod";
 
 // src/features/analysis/scm/shared/src/storedQuestionData/csharp/httpOnlyCookie.ts
 var httpOnlyCookie = {
@@ -3836,10 +3075,10 @@ var vulnerabilities14 = {
 var xml_default2 = vulnerabilities14;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/index.ts
-var StoredQuestionDataItemZ = z11.object({
-  content: z11.function().args(z11.any()).returns(z11.string()),
-  description: z11.function().args(z11.any()).returns(z11.string()),
-  guidance: z11.function().args(z11.any()).returns(z11.string())
+var StoredQuestionDataItemZ = z4.object({
+  content: z4.function().args(z4.any()).returns(z4.string()),
+  description: z4.function().args(z4.any()).returns(z4.string()),
+  guidance: z4.function().args(z4.any()).returns(z4.string())
 });
 var languages2 = {
   ["Java" /* Java */]: java_default2,
@@ -3934,47 +3173,791 @@ function getFixGuidances({
   const fixGuidance = storeFixResult.success ? [storeFixResult.data.guidance({ questions, ...extraContext })] : [];
   return libGuidances.concat(fixGuidance).filter((guidance) => !!guidance);
 }
-var IssueTypeAndLanguageZ = z12.object({
-  issueType: z12.nativeEnum(IssueType_Enum),
-  issueLanguage: z12.nativeEnum(IssueLanguage_Enum)
+var IssueTypeAndLanguageZ = z5.object({
+  issueType: z5.nativeEnum(IssueType_Enum),
+  issueLanguage: z5.nativeEnum(IssueLanguage_Enum)
+});
+function getGuidances(args) {
+  const safeIssueTypeAndLanguage = IssueTypeAndLanguageZ.safeParse({
+    issueType: args.issueType,
+    issueLanguage: args.issueLanguage
+  });
+  if (!safeIssueTypeAndLanguage.success) {
+    return [];
+  }
+  const { questions, fixExtraContext } = args;
+  const { issueType, issueLanguage } = safeIssueTypeAndLanguage.data;
+  const fixGuidances = getFixGuidances({
+    issueType,
+    issueLanguage,
+    fixExtraContext,
+    questions
+  }).map((guidance, index) => ({ guidance, key: `fixGuidance_index_${index}` }));
+  return questions.map((question) => {
+    let questionGuidance = question.guidance;
+    if (!questionGuidance && issueType && issueLanguage) {
+      const getFixInformation = curriedQuestionInformationByQuestion({
+        issueType,
+        language: issueLanguage
+      });
+      const { guidance } = getFixInformation(question);
+      questionGuidance = guidance({
+        userInputValue: question.value
+      });
+    }
+    return {
+      ...question,
+      guidance: questionGuidance
+    };
+  }).filter(({ guidance }) => !!guidance).map(({ guidance, key }) => ({ guidance, key })).concat(fixGuidances);
+}
+
+// src/features/analysis/scm/shared/src/types/fix.ts
+import { z as z7 } from "zod";
+
+// src/features/analysis/scm/shared/src/types/shared.ts
+import { z as z6 } from "zod";
+var ParsedSeverityZ = z6.nativeEnum(Vulnerability_Severity_Enum).nullish().transform((i) => i ?? "low" /* Low */);
+var ScmSubmitFixRequestsZ = z6.array(
+  z6.object({
+    scmSubmitFixRequest: z6.object({
+      submitFixRequest: z6.object({
+        createdByUser: z6.object({
+          email: z6.string()
+        }),
+        targetBranchName: z6.string().default("")
+      }),
+      prUrl: z6.string().nullable(),
+      prStatus: z6.nativeEnum(Pr_Status_Enum).nullable(),
+      commitUrl: z6.string().nullable(),
+      scmId: z6.string()
+    })
+  })
+);
+
+// src/features/analysis/scm/shared/src/types/fix.ts
+var PackageInfoZ = z7.object({
+  name: z7.string(),
+  version: z7.string(),
+  envName: z7.string().nullable()
+});
+var ManifestActionRequiredZ = z7.object({
+  action: z7.nativeEnum(ManifestAction),
+  language: z7.nativeEnum(Language),
+  lib: PackageInfoZ,
+  typesLib: PackageInfoZ.nullable()
+});
+var ExtraContextInternalZ = z7.object({
+  key: z7.string(),
+  value: z7.string().or(z7.boolean()).or(
+    z7.object({
+      int: z7.boolean(),
+      integer: z7.boolean(),
+      string: z7.boolean(),
+      date: z7.boolean()
+    })
+  )
+});
+var FixExtraContextZ = z7.object({
+  fixDescription: z7.string(),
+  manifestActionsRequired: z7.array(ManifestActionRequiredZ),
+  extraContext: z7.array(ExtraContextInternalZ)
+});
+var PatchAndQuestionsZ = z7.object({
+  __typename: z7.literal("FixData"),
+  patch: z7.string(),
+  patchOriginalEncodingBase64: z7.string(),
+  questions: z7.array(
+    z7.object({
+      name: z7.string(),
+      key: z7.string(),
+      index: z7.number(),
+      defaultValue: z7.string(),
+      value: z7.string().nullable(),
+      extraContext: z7.array(ExtraContextInternalZ),
+      inputType: z7.nativeEnum(FixQuestionInputType),
+      options: z7.array(z7.string())
+    })
+  ),
+  extraContext: FixExtraContextZ
+});
+var FixRatingZ = z7.object({
+  voteScore: z7.number(),
+  fixRatingTag: z7.nativeEnum(Fix_Rating_Tag_Enum).nullable().default(null),
+  comment: z7.string().nullable().default(null),
+  updatedDate: z7.string().nullable(),
+  user: z7.object({
+    email: z7.string(),
+    name: z7.string()
+  })
+});
+var FixSharedStateZ = z7.object({
+  state: z7.nativeEnum(Fix_State_Enum),
+  isArchived: z7.boolean(),
+  scmSubmitFixRequests: ScmSubmitFixRequestsZ,
+  fixRatings: z7.array(FixRatingZ).default([])
+}).nullish().transform(
+  (data) => data ? data : {
+    state: "Ready" /* Ready */,
+    isArchived: false,
+    scmSubmitFixRequests: [],
+    fixRatings: []
+  }
+);
+var FixQueryZ = z7.object({
+  __typename: z7.literal("fix").optional(),
+  id: z7.string().uuid(),
+  sharedState: FixSharedStateZ,
+  modifiedBy: z7.string().nullable(),
+  gitBlameLogin: z7.string().nullable(),
+  safeIssueLanguage: z7.string(),
+  safeIssueType: z7.string(),
+  confidence: z7.number(),
+  fixReportId: z7.string().uuid(),
+  isExpired: z7.boolean().default(false),
+  fixFiles: z7.array(
+    z7.object({
+      fileRepoRelativePath: z7.string()
+    })
+  ),
+  numberOfVulnerabilityIssues: z7.number(),
+  severityText: z7.nativeEnum(Vulnerability_Severity_Enum),
+  vulnerabilityReportIssues: z7.array(
+    z7.object({
+      vendorIssueId: z7.string(),
+      issueLanguage: z7.string(),
+      parsedSeverity: ParsedSeverityZ
+    })
+  ),
+  patchAndQuestions: PatchAndQuestionsZ,
+  effortToApplyFix: z7.nativeEnum(Effort_To_Apply_Fix_Enum).nullable()
+});
+var FixPartsForFixScreenZ = FixQueryZ.merge(
+  z7.object({
+    vulnerabilityReportIssues: z7.array(
+      z7.object({
+        vendorIssueId: z7.string(),
+        issueType: z7.string(),
+        issueLanguage: z7.string()
+      })
+    )
+  })
+);
+
+// src/features/analysis/scm/shared/src/types/issue.ts
+import { z as z9 } from "zod";
+
+// src/features/analysis/scm/shared/src/types/analysis.ts
+import { z as z8 } from "zod";
+var FixPageFixReportZ = z8.object({
+  id: z8.string().uuid(),
+  analysisUrl: z8.string(),
+  expirationOn: z8.string(),
+  createdOn: z8.string(),
+  state: z8.nativeEnum(Fix_Report_State_Enum),
+  repo: z8.object({
+    name: z8.string().nullable(),
+    originalUrl: z8.string(),
+    reference: z8.string(),
+    commitSha: z8.string(),
+    isKnownBranch: z8.boolean().nullable()
+  }),
+  vulnerabilityReport: z8.object({
+    vendor: z8.nativeEnum(Vulnerability_Report_Vendor_Enum),
+    vendorReportId: z8.string().uuid().nullable(),
+    projectId: z8.string().uuid(),
+    project: z8.object({
+      organizationId: z8.string().uuid()
+    }),
+    file: z8.object({
+      id: z8.string().uuid(),
+      path: z8.string()
+    }),
+    pending: z8.object({
+      aggregate: z8.object({
+        count: z8.number()
+      })
+    }),
+    supported: z8.object({
+      aggregate: z8.object({
+        count: z8.number()
+      })
+    }),
+    all: z8.object({
+      aggregate: z8.object({
+        count: z8.number()
+      })
+    }),
+    fixable: z8.object({
+      aggregate: z8.object({
+        count: z8.number()
+      })
+    }),
+    errors: z8.object({
+      aggregate: z8.object({
+        count: z8.number()
+      })
+    }),
+    vulnerabilityReportIssues: z8.object({
+      extraData: z8.object({
+        missing_files: z8.string().array().nullish(),
+        large_files: z8.string().array().nullish(),
+        error_files: z8.string().array().nullish()
+      })
+    }).array()
+  })
+});
+
+// src/features/analysis/scm/shared/src/types/issue.ts
+var MAX_SOURCE_CODE_FILE_SIZE_IN_BYTES = 1e5;
+var CATEGORY = {
+  NoFix: "NoFix",
+  Unsupported: "Unsupported",
+  Irrelevant: "Irrelevant",
+  FalsePositive: "FalsePositive",
+  Fixable: "Fixable",
+  Filtered: "Filtered"
+};
+var ValidCategoriesZ = z9.union([
+  z9.literal(CATEGORY.NoFix),
+  z9.literal(CATEGORY.Unsupported),
+  z9.literal(CATEGORY.Irrelevant),
+  z9.literal(CATEGORY.FalsePositive),
+  z9.literal(CATEGORY.Fixable),
+  z9.literal(CATEGORY.Filtered)
+]);
+var VulnerabilityReportIssueSharedStateZ = z9.object({
+  id: z9.string().uuid(),
+  isArchived: z9.boolean()
+}).nullish();
+var BaseIssuePartsZ = z9.object({
+  id: z9.string().uuid(),
+  safeIssueType: z9.string(),
+  safeIssueLanguage: z9.string(),
+  createdAt: z9.string(),
+  parsedSeverity: ParsedSeverityZ,
+  category: ValidCategoriesZ,
+  extraData: z9.object({
+    missing_files: z9.string().array().nullish(),
+    error_files: z9.string().array().nullish()
+  }),
+  vulnerabilityReportIssueTags: z9.array(
+    z9.object({
+      tag: z9.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
+    })
+  ),
+  codeNodes: z9.array(
+    z9.object({
+      path: z9.string(),
+      line: z9.number(),
+      index: z9.number()
+    })
+  ).transform((nodes) => nodes.sort((a, b) => b.index - a.index)),
+  sourceCodeNodes: z9.array(
+    z9.object({
+      sourceCodeFile: z9.object({
+        path: z9.string(),
+        signedFile: z9.object({
+          url: z9.string()
+        })
+      })
+    }).transform(async ({ sourceCodeFile }) => {
+      const { url } = sourceCodeFile.signedFile;
+      const sourceCodeRes = await fetch(url);
+      if (Number(sourceCodeRes.headers.get("Content-Length")) > MAX_SOURCE_CODE_FILE_SIZE_IN_BYTES) {
+        return null;
+      }
+      return {
+        path: sourceCodeFile.path,
+        fileContent: await sourceCodeRes.text()
+      };
+    })
+  ).transform((nodes) => nodes.filter((node) => node !== null)),
+  fix: FixPartsForFixScreenZ.nullish(),
+  vulnerabilityReportIssueNodeDiffFile: z9.object({
+    signedFile: z9.object({
+      url: z9.string()
+    }).transform(async ({ url }) => {
+      const codeDiff = await fetch(url).then((res) => res.text());
+      return { codeDiff };
+    })
+  }).nullish(),
+  sharedState: VulnerabilityReportIssueSharedStateZ
 });
-function getGuidances(args) {
-  const safeIssueTypeAndLanguage = IssueTypeAndLanguageZ.safeParse({
-    issueType: args.issueType,
-    issueLanguage: args.issueLanguage
-  });
-  if (!safeIssueTypeAndLanguage.success) {
-    return [];
-  }
-  const { questions, fixExtraContext } = args;
-  const { issueType, issueLanguage } = safeIssueTypeAndLanguage.data;
-  const fixGuidances = getFixGuidances({
-    issueType,
-    issueLanguage,
-    fixExtraContext,
-    questions
-  }).map((guidance, index) => ({ guidance, key: `fixGuidance_index_${index}` }));
-  return questions.map((question) => {
-    let questionGuidance = question.guidance;
-    if (!questionGuidance && issueType && issueLanguage) {
-      const getFixInformation = curriedQuestionInformationByQuestion({
-        issueType,
-        language: issueLanguage
-      });
-      const { guidance } = getFixInformation(question);
-      questionGuidance = guidance({
-        userInputValue: question.value
-      });
+var FalsePositivePartsZ = z9.object({
+  extraContext: z9.array(z9.object({ key: z9.string(), value: z9.string() })),
+  fixDescription: z9.string()
+});
+var IssuePartsWithFixZ = BaseIssuePartsZ.merge(
+  z9.object({
+    category: z9.literal(CATEGORY.Irrelevant),
+    fix: FixPartsForFixScreenZ.nullish()
+  })
+);
+var IssuePartsFpZ = BaseIssuePartsZ.merge(
+  z9.object({
+    category: z9.literal(CATEGORY.FalsePositive),
+    fpId: z9.string().uuid(),
+    getFalsePositive: FalsePositivePartsZ
+  })
+);
+var GeneralIssueZ = BaseIssuePartsZ.merge(
+  z9.object({
+    category: z9.union([
+      z9.literal(CATEGORY.NoFix),
+      z9.literal(CATEGORY.Unsupported),
+      z9.literal(CATEGORY.Fixable),
+      z9.literal(CATEGORY.Filtered)
+    ])
+  })
+);
+var IssuePartsZ = z9.union([
+  IssuePartsFpZ,
+  IssuePartsWithFixZ,
+  GeneralIssueZ
+]);
+var GetIssueIndexesZ = z9.object({
+  currentIndex: z9.number(),
+  totalIssues: z9.number(),
+  nextIssue: z9.object({
+    id: z9.string().uuid()
+  }).nullish(),
+  prevIssue: z9.object({
+    id: z9.string().uuid()
+  }).nullish()
+});
+var GetIssueScreenDataZ = z9.object({
+  fixReport_by_pk: FixPageFixReportZ,
+  vulnerability_report_issue_by_pk: IssuePartsZ,
+  issueIndexes: GetIssueIndexesZ
+});
+var IssueBucketZ = z9.enum(["fixable", "irrelevant", "remaining"]);
+var mapCategoryToBucket = {
+  FalsePositive: "irrelevant",
+  Irrelevant: "irrelevant",
+  NoFix: "remaining",
+  Unsupported: "remaining",
+  Fixable: "fixable",
+  Filtered: "remaining"
+};
+
+// src/features/analysis/scm/shared/src/types/types.ts
+import { z as z11 } from "zod";
+
+// src/features/analysis/scm/shared/src/validations.ts
+import { z as z10 } from "zod";
+var IssueTypeSettingZ = z10.object({
+  autoPrEnabled: z10.boolean(),
+  enabled: z10.boolean(),
+  issueType: z10.nativeEnum(IssueType_Enum)
+});
+var IssueTypeSettingsZ = z10.array(IssueTypeSettingZ).transform((issueTypeSettings) => {
+  return Object.values(IssueType_Enum).map((issueTypeEnum) => {
+    const existingIssueTypeSetting = issueTypeSettings.find(
+      ({ issueType: dbIssueType }) => dbIssueType === issueTypeEnum
+    );
+    if (existingIssueTypeSetting) {
+      return existingIssueTypeSetting;
     }
     return {
-      ...question,
-      guidance: questionGuidance
+      autoPrEnabled: false,
+      enabled: true,
+      issueType: issueTypeEnum
     };
-  }).filter(({ guidance }) => !!guidance).map(({ guidance, key }) => ({ guidance, key })).concat(fixGuidances);
-}
+  }).sort((a, b) => {
+    return getIssueTypeFriendlyString(a.issueType).localeCompare(
+      getIssueTypeFriendlyString(b.issueType)
+    );
+  });
+});
+
+// src/features/analysis/scm/shared/src/types/types.ts
+var OrganizationScreenQueryParamsZ = z11.object({
+  organizationId: z11.string().uuid()
+});
+var ProjectPageQueryParamsZ = z11.object({
+  organizationId: z11.string().uuid(),
+  projectId: z11.string().uuid()
+});
+var AnalysisPageQueryParamsZ = ProjectPageQueryParamsZ.extend({
+  reportId: z11.string().uuid()
+});
+var FixPageQueryParamsZ = AnalysisPageQueryParamsZ.extend({
+  fixId: z11.string().uuid()
+});
+var IssuePageQueryParamsZ = AnalysisPageQueryParamsZ.extend({
+  issueId: z11.string().uuid()
+});
+var CliLoginPageQueryParamsZ = z11.object({
+  loginId: z11.string().uuid()
+});
+var AnalysisReportDigestedZ = z11.object({
+  id: z11.string().uuid(),
+  state: z11.nativeEnum(Fix_Report_State_Enum),
+  vulnerabilityReport: z11.object({
+    reportSummaryUrl: z11.string().url().nullish(),
+    scanDate: z11.string().nullable(),
+    supported: z11.object({
+      aggregate: z11.object({
+        count: z11.number()
+      })
+    }),
+    all: z11.object({
+      aggregate: z11.object({
+        count: z11.number()
+      })
+    }),
+    vendor: z11.nativeEnum(Vulnerability_Report_Vendor_Enum),
+    project: z11.object({
+      organizationId: z11.string().uuid()
+    })
+  })
+});
+var ReportQueryResultZ = z11.object({
+  fixReport_by_pk: z11.object({
+    id: z11.string().uuid(),
+    analysisUrl: z11.string(),
+    fixesCommitted: z11.object({
+      aggregate: z11.object({ count: z11.number() })
+    }),
+    fixesDownloaded: z11.object({
+      aggregate: z11.object({ count: z11.number() })
+    }),
+    fixesDoneCount: z11.number(),
+    fixesInprogressCount: z11.number(),
+    fixesReadyCount: z11.object({
+      aggregate: z11.object({ count: z11.number() })
+    }),
+    issueTypes: z11.record(z11.string(), z11.number()).nullable(),
+    issueLanguages: z11.record(z11.string(), z11.number()).nullable(),
+    fixesCountByEffort: z11.record(z11.string(), z11.number()).nullable(),
+    vulnerabilitySeverities: z11.record(z11.string(), z11.number()).nullable(),
+    createdOn: z11.string(),
+    expirationOn: z11.string().nullable(),
+    state: z11.nativeEnum(Fix_Report_State_Enum),
+    fixes: z11.array(
+      z11.object({
+        id: z11.string().uuid(),
+        safeIssueLanguage: z11.string(),
+        safeIssueType: z11.string(),
+        confidence: z11.number(),
+        effortToApplyFix: z11.nativeEnum(Effort_To_Apply_Fix_Enum).nullable(),
+        modifiedBy: z11.string().nullable(),
+        gitBlameLogin: z11.string().nullable(),
+        fixReportId: z11.string().uuid(),
+        filePaths: z11.array(
+          z11.object({
+            fileRepoRelativePath: z11.string()
+          })
+        ),
+        sharedState: FixSharedStateZ,
+        numberOfVulnerabilityIssues: z11.number(),
+        severityText: z11.nativeEnum(Vulnerability_Severity_Enum),
+        vulnerabilityReportIssues: z11.array(
+          z11.object({
+            id: z11.string().uuid(),
+            issueType: z11.string(),
+            issueLanguage: z11.string(),
+            category: z11.string()
+          })
+        )
+        // scmSubmitFixRequests: ScmSubmitFixRequestsZ,
+      })
+    ),
+    repo: z11.object({
+      name: z11.string().nullable(),
+      originalUrl: z11.string(),
+      reference: z11.string(),
+      commitSha: z11.string(),
+      isKnownBranch: z11.boolean().nullish().default(true)
+    }),
+    vulnerabilityReportIssuesFixedCount: z11.object({
+      vulnerabilityReportIssues_aggregate: z11.object({
+        aggregate: z11.object({ count: z11.number() })
+      })
+    }),
+    vulnerabilityReport: z11.object({
+      id: z11.string().uuid(),
+      reportSummaryUrl: z11.string().url().nullish(),
+      vendor: z11.nativeEnum(Vulnerability_Report_Vendor_Enum).nullable(),
+      issuesWithKnownLanguage: z11.number().nullable(),
+      scanDate: z11.string().nullable(),
+      vendorReportId: z11.string().uuid().nullable(),
+      projectId: z11.string().uuid(),
+      project: z11.object({
+        organizationId: z11.string().uuid()
+      }),
+      file: z11.object({
+        id: z11.string().uuid(),
+        path: z11.string()
+      }),
+      pending: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      irrelevant: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      remaining: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      digested: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      supported: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      all: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      fixable: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      errors: z11.object({
+        aggregate: z11.object({
+          count: z11.number()
+        })
+      }),
+      vulnerabilityReportIssues: z11.object({
+        id: z11.string().uuid(),
+        extraData: z11.object({
+          missing_files: z11.string().array().nullish(),
+          large_files: z11.string().array().nullish(),
+          error_files: z11.string().array().nullish()
+        })
+      }).array()
+    })
+  })
+});
+var ReportFixesQueryFixZ = z11.object({
+  id: z11.string().uuid(),
+  sharedState: FixSharedStateZ,
+  confidence: z11.number(),
+  gitBlameLogin: z11.string().nullable(),
+  effortToApplyFix: z11.nativeEnum(Effort_To_Apply_Fix_Enum).nullable(),
+  safeIssueLanguage: z11.string(),
+  safeIssueType: z11.string(),
+  fixReportId: z11.string().uuid(),
+  filePaths: z11.array(
+    z11.object({
+      fileRepoRelativePath: z11.string()
+    })
+  ),
+  numberOfVulnerabilityIssues: z11.number(),
+  severityText: z11.nativeEnum(Vulnerability_Severity_Enum),
+  vulnerabilityReportIssues: z11.array(
+    z11.object({
+      issueType: z11.string(),
+      issueLanguage: z11.string()
+    })
+  ).min(1)
+});
+var VulnerabilityReportIssueZ = z11.object({
+  id: z11.string().uuid(),
+  createdAt: z11.string(),
+  state: z11.nativeEnum(Vulnerability_Report_Issue_State_Enum),
+  safeIssueType: z11.string(),
+  safeIssueLanguage: z11.string(),
+  extraData: z11.object({
+    missing_files: z11.string().array().nullish(),
+    large_files: z11.string().array().nullish(),
+    error_files: z11.string().array().nullish()
+  }),
+  fix: ReportFixesQueryFixZ.nullable(),
+  falsePositive: z11.object({
+    id: z11.string().uuid()
+  }).nullable(),
+  parsedSeverity: ParsedSeverityZ,
+  severity: z11.string(),
+  severityValue: z11.number(),
+  category: z11.string(),
+  codeNodes: z11.array(z11.object({ path: z11.string() })),
+  vulnerabilityReportIssueTags: z11.array(
+    z11.object({
+      vulnerability_report_issue_tag_value: z11.string()
+    })
+  ),
+  sharedState: VulnerabilityReportIssueSharedStateZ
+});
+var GetReportIssuesQueryZ = z11.object({
+  fixReport: z11.object({
+    vulnerabilityReport: z11.object({
+      id: z11.string().uuid(),
+      lastIssueUpdatedAt: z11.string(),
+      vulnerabilityReportIssues_aggregate: z11.object({
+        aggregate: z11.object({ count: z11.number() })
+      }),
+      vulnerabilityReportIssues: z11.array(VulnerabilityReportIssueZ)
+    })
+  }).array()
+}).nullish();
+var FixReportByProjectZ = z11.object({
+  project_by_pk: z11.object({
+    vulnerabilityReports: z11.array(
+      z11.object({
+        fixReport: z11.object({ id: z11.string().uuid() }).nullable()
+      })
+    )
+  })
+});
+var FixScreenQueryResultZ = z11.object({
+  fixReport_by_pk: FixPageFixReportZ,
+  fix_by_pk: FixPartsForFixScreenZ,
+  fixesWithSameIssueType: z11.array(
+    z11.object({
+      id: z11.string().uuid(),
+      sharedState: z11.object({ state: z11.nativeEnum(Fix_State_Enum) }).nullable().default({ state: "Ready" /* Ready */ })
+    })
+  ),
+  relevantIssue: IssuePartsZ.nullish()
+});
+var FixPageQueryZ = z11.object({
+  data: FixScreenQueryResultZ
+});
+var GetReportFixesQueryZ = z11.object({
+  fixReport: z11.array(
+    z11.object({
+      fixes: z11.array(ReportFixesQueryFixZ),
+      vulnerabilityReportIssuesTotalCount: z11.object({
+        vulnerabilityReportIssues_aggregate: z11.object({
+          aggregate: z11.object({ count: z11.number() })
+        })
+      }),
+      vulnerabilityReportIssuesFixedCount: z11.object({
+        vulnerabilityReportIssues_aggregate: z11.object({
+          aggregate: z11.object({ count: z11.number() })
+        })
+      }),
+      vulnerabilityReportIssuesIrrelevantCount: z11.object({
+        vulnerabilityReportIssues_aggregate: z11.object({
+          aggregate: z11.object({ count: z11.number() })
+        })
+      }),
+      vulnerabilityReportIssuesRemainingCount: z11.object({
+        vulnerabilityReportIssues_aggregate: z11.object({
+          aggregate: z11.object({ count: z11.number() })
+        })
+      })
+    })
+  )
+}).nullish();
+var ProjectVulnerabilityReport = z11.object({
+  id: z11.string().uuid(),
+  name: z11.string().nullable(),
+  vendor: z11.nativeEnum(Vulnerability_Report_Vendor_Enum).nullable(),
+  fixReport: z11.object({
+    id: z11.string().uuid(),
+    createdOn: z11.string(),
+    vulnerabilityReportIssuesFixedCount: z11.object({
+      vulnerabilityReportIssues_aggregate: z11.object({
+        aggregate: z11.object({ count: z11.number() })
+      })
+    }),
+    issueTypes: z11.record(z11.string(), z11.number()).nullable(),
+    issueLanguages: z11.record(z11.nativeEnum(IssueLanguage_Enum), z11.number()).nullable(),
+    fixesCountByEffort: z11.record(z11.nativeEnum(Effort_To_Apply_Fix_Enum), z11.number()).nullable(),
+    vulnerabilitySeverities: z11.record(z11.nativeEnum(Vulnerability_Severity_Enum), z11.number()).nullable(),
+    fixesDoneCount: z11.number(),
+    fixesInprogressCount: z11.number(),
+    fixesReadyCount: z11.number(),
+    repo: z11.object({
+      originalUrl: z11.string(),
+      reference: z11.string(),
+      name: z11.string()
+    }),
+    createdByUser: z11.object({
+      email: z11.string()
+    }).nullable(),
+    state: z11.nativeEnum(Fix_Report_State_Enum),
+    expirationOn: z11.string()
+  })
+});
+var ProjectGetProjectZ = z11.object({
+  id: z11.string().uuid(),
+  name: z11.string(),
+  vulnerabilityReports: z11.object({
+    vendor: z11.nativeEnum(Vulnerability_Report_Vendor_Enum).nullable(),
+    fixReport: z11.object({
+      issueLanguages: z11.record(z11.nativeEnum(IssueLanguage_Enum), z11.number()).nullable(),
+      state: z11.nativeEnum(Fix_Report_State_Enum),
+      repo: z11.object({
+        originalUrl: z11.string(),
+        reference: z11.string()
+      }),
+      expirationOn: z11.string()
+    })
+  }).array()
+});
+var GetProjectsQueryZ = z11.array(ProjectGetProjectZ);
+var ProjectPageQueryResultZ = z11.object({
+  name: z11.string(),
+  id: z11.string().uuid(),
+  isDefault: z11.boolean().default(false),
+  organizationId: z11.string().uuid(),
+  vulnerabilityReports: z11.array(ProjectVulnerabilityReport),
+  projectIssueTypeSettings: z11.array(
+    IssueTypeSettingZ.merge(z11.object({ id: z11.string() }))
+  )
+});
+var GetProjectMembersDataZ = z11.object({
+  project_by_pk: z11.object({
+    name: z11.string(),
+    id: z11.string(),
+    projectUsers: z11.array(
+      z11.object({
+        projectToRole: z11.object({
+          projectRole: z11.object({
+            type: z11.nativeEnum(Project_Role_Type_Enum)
+          })
+        }),
+        user: z11.object({
+          id: z11.string().uuid(),
+          picture: z11.string().optional(),
+          name: z11.string().nullish(),
+          email: z11.string().email()
+        })
+      })
+    )
+  })
+});
+var RepoArgsZ = z11.object({
+  originalUrl: z11.string().url(),
+  branch: z11.string(),
+  commitSha: z11.string()
+});
+var scmCloudUrl = {
+  GitLab: "https://gitlab.com",
+  GitHub: "https://github.com",
+  Ado: "https://dev.azure.com",
+  Bitbucket: "https://bitbucket.org"
+};
+var ScmType = /* @__PURE__ */ ((ScmType2) => {
+  ScmType2["GitHub"] = "GitHub";
+  ScmType2["GitLab"] = "GitLab";
+  ScmType2["Ado"] = "Ado";
+  ScmType2["Bitbucket"] = "Bitbucket";
+  return ScmType2;
+})(ScmType || {});
+var ConvertToSarifInputFileFormat = /* @__PURE__ */ ((ConvertToSarifInputFileFormat2) => {
+  ConvertToSarifInputFileFormat2["FortifyFPR"] = "FortifyFPR";
+  return ConvertToSarifInputFileFormat2;
+})(ConvertToSarifInputFileFormat || {});
 
 // src/features/analysis/scm/shared/src/urlParser/urlParser.ts
-import { z as z13 } from "zod";
+import { z as z12 } from "zod";
 var ADO_PREFIX_PATH = "tfs";
 var NAME_REGEX = /[a-z0-9\-_.+]+/i;
 function detectAdoUrl(args) {
@@ -3991,7 +3974,7 @@ function detectAdoUrl(args) {
         scmType: "Ado" /* Ado */,
         organization,
         // project has single repo - repoName === projectName
-        projectName: z13.string().parse(projectName),
+        projectName: z12.string().parse(projectName),
         repoName: projectName,
         prefixPath
       };
@@ -4002,7 +3985,7 @@ function detectAdoUrl(args) {
       return {
         scmType: "Ado" /* Ado */,
         organization,
-        projectName: z13.string().parse(projectName),
+        projectName: z12.string().parse(projectName),
         repoName,
         prefixPath
       };
@@ -4016,7 +3999,7 @@ function detectAdoUrl(args) {
           scmType: "Ado" /* Ado */,
           organization,
           // project has only one repo - repoName === projectName
-          projectName: z13.string().parse(repoName),
+          projectName: z12.string().parse(repoName),
           repoName,
           prefixPath
         };
@@ -4026,7 +4009,7 @@ function detectAdoUrl(args) {
         return {
           scmType: "Ado" /* Ado */,
           organization,
-          projectName: z13.string().parse(projectName),
+          projectName: z12.string().parse(projectName),
           repoName,
           prefixPath
         };
@@ -4152,11 +4135,8 @@ function getIssueUrl({
   return `${appBaseUrl}/organization/${organizationId}/project/${projectId}/report/${analysisId}/issue/${issueId}`;
 }
 
-// src/features/analysis/scm/utils/index.ts
-import { z as z15 } from "zod";
-
 // src/features/analysis/scm/types.ts
-import { z as z14 } from "zod";
+import { z as z13 } from "zod";
 var ReferenceType = /* @__PURE__ */ ((ReferenceType2) => {
   ReferenceType2["BRANCH"] = "BRANCH";
   ReferenceType2["COMMIT"] = "COMMIT";
@@ -4188,12 +4168,19 @@ var scmTypeToScmLibScmType = {
   ["Ado" /* Ado */]: "ADO" /* ADO */,
   ["Bitbucket" /* Bitbucket */]: "BITBUCKET" /* BITBUCKET */
 };
-var GetRefererenceResultZ = z14.object({
-  date: z14.date().optional(),
-  sha: z14.string(),
-  type: z14.nativeEnum(ReferenceType)
+var GetRefererenceResultZ = z13.object({
+  date: z13.date().optional(),
+  sha: z13.string(),
+  type: z13.nativeEnum(ReferenceType)
 });
 
+// src/features/analysis/scm/utils/scm.ts
+var safeBody = (body, maxBodyLength) => {
+  const truncationNotice = "\n\n... Message was cut here because it is too long";
+  const maxBodyContentLength = maxBodyLength - truncationNotice.length;
+  return body.length > maxBodyLength ? body.slice(0, maxBodyContentLength) + truncationNotice : body;
+};
+
 // src/features/analysis/scm/utils/index.ts
 function getFixUrlWithRedirect(params) {
   const {
@@ -4305,7 +4292,7 @@ function shouldValidateUrl(repoUrl) {
   return repoUrl && isUrlHasPath(repoUrl);
 }
 function isBrokerUrl(url) {
-  return z15.string().uuid().safeParse(new URL(url).host).success;
+  return z14.string().uuid().safeParse(new URL(url).host).success;
 }
 function buildAuthorizedRepoUrl(args) {
   const { url, username, password } = args;
@@ -4341,7 +4328,7 @@ function getCloudScmLibTypeFromUrl(url) {
   return void 0;
 }
 function getScmLibTypeFromScmType(scmType) {
-  const parsedScmType = z15.nativeEnum(ScmType).parse(scmType);
+  const parsedScmType = z14.nativeEnum(ScmType).parse(scmType);
   return scmTypeToScmLibScmType[parsedScmType];
 }
 function getScmConfig({
@@ -4407,6 +4394,24 @@ function getScmConfig({
   };
 }
 
+// src/features/analysis/scm/ado/constants.ts
+var DEFUALT_ADO_ORIGIN = scmCloudUrl.Ado;
+
+// src/features/analysis/scm/ado/utils.ts
+import querystring from "querystring";
+import * as api from "azure-devops-node-api";
+import Debug from "debug";
+import { z as z17 } from "zod";
+
+// src/features/analysis/scm/env.ts
+import { z as z15 } from "zod";
+var EnvVariablesZod = z15.object({
+  GITLAB_API_TOKEN: z15.string().optional(),
+  GITHUB_API_TOKEN: z15.string().optional(),
+  GIT_PROXY_HOST: z15.string().optional().default("http://tinyproxy:8888")
+});
+var { GITLAB_API_TOKEN, GITHUB_API_TOKEN, GIT_PROXY_HOST } = EnvVariablesZod.parse(process.env);
+
 // src/features/analysis/scm/ado/validation.ts
 import { z as z16 } from "zod";
 var ValidPullRequestStatusZ = z16.union([
@@ -4690,6 +4695,7 @@ async function validateAdoRepo({
 }
 
 // src/features/analysis/scm/ado/ado.ts
+var MAX_ADO_PR_BODY_LENGTH = 15e4;
 async function getAdoSdk(params) {
   const api2 = await getAdoApiClient(params);
   return {
@@ -4840,7 +4846,7 @@ async function getAdoSdk(params) {
           sourceRefName: `refs/heads/${sourceBranchName}`,
           targetRefName: `refs/heads/${targetBranchName}`,
           title,
-          description: body
+          description: safeBody(body, MAX_ADO_PR_BODY_LENGTH)
         },
         repo,
         projectName
@@ -5915,6 +5921,7 @@ var TokenExpiredErrorZ = z19.object({
   })
 });
 var BITBUCKET_ACCESS_TOKEN_URL = `https://${BITBUCKET_HOSTNAME}/site/oauth2/access_token`;
+var MAX_BITBUCKET_PR_BODY_LENGTH = 32768;
 var BitbucketParseResultZ = z19.object({
   organization: z19.string(),
   repoName: z19.string(),
@@ -6003,7 +6010,7 @@ function getBitbucketSdk(params) {
           type: "pullrequest",
           title: params2.title,
           summary: {
-            raw: params2.body
+            raw: safeBody(params2.body, MAX_BITBUCKET_PR_BODY_LENGTH)
           },
           source: {
             branch: {
@@ -6623,6 +6630,7 @@ async function githubValidateParams(url, accessToken) {
 }
 
 // src/features/analysis/scm/github/github.ts
+var MAX_GH_PR_BODY_LENGTH = 65536;
 function getGithubSdk(params = {}) {
   const octokit = getOctoKit(params);
   return {
@@ -6948,7 +6956,7 @@ function getGithubSdk(params = {}) {
         title,
         head: newBranchName,
         head_repo: sourceRepo,
-        body,
+        body: safeBody(body, MAX_GH_PR_BODY_LENGTH),
         base: defaultBranch
       });
       return {
@@ -6970,7 +6978,7 @@ function getGithubSdk(params = {}) {
         owner,
         repo,
         title: options.title,
-        body: options.body,
+        body: safeBody(options.body, MAX_GH_PR_BODY_LENGTH),
         head: options.sourceBranchName,
         base: options.targetBranchName,
         draft: false,
@@ -7278,6 +7286,7 @@ var debug3 = Debug3("scm:gitlab");
 function removeTrailingSlash2(str) {
   return str.trim().replace(/\/+$/, "");
 }
+var MAX_GITLAB_PR_BODY_LENGTH = 1048576;
 function getRandomGitlabCloudAnonToken() {
   if (!GITLAB_API_TOKEN || typeof GITLAB_API_TOKEN !== "string") {
     return void 0;
@@ -7475,7 +7484,7 @@ async function createMergeRequest(options) {
     options.targetBranchName,
     options.title,
     {
-      description: options.body
+      description: safeBody(options.body, MAX_GITLAB_PR_BODY_LENGTH)
     }
   );
   return res.iid;