mobbdev 1.0.109 → 1.0.112
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +73 -33
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -1609,9 +1609,9 @@ function getParsedFalsePositiveMessage(data) {
|
|
|
1609
1609
|
const containsTemplate = extraContext.some(
|
|
1610
1610
|
(context) => fixDescription.includes(`\${${context.key}}`)
|
|
1611
1611
|
);
|
|
1612
|
-
const
|
|
1612
|
+
const description = containsTemplate ? replaceKeysWithValues(fixDescription, extraContext) : fixDescription;
|
|
1613
1613
|
const contextString = containsTemplate ? null : `\`\`\`${extraContext.map(({ value }) => value).join(" ")} \`\`\``;
|
|
1614
|
-
return { description
|
|
1614
|
+
return { description, contextString };
|
|
1615
1615
|
}
|
|
1616
1616
|
|
|
1617
1617
|
// src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
|
|
@@ -1637,7 +1637,7 @@ var getCommitDescription = ({
|
|
|
1637
1637
|
irrelevantIssueWithTags
|
|
1638
1638
|
}) => {
|
|
1639
1639
|
const issueTypeString = getIssueTypeFriendlyString(issueType);
|
|
1640
|
-
let
|
|
1640
|
+
let description = `This change fixes a **${severity} severity** (${severityToEmoji[severity]}) **${issueTypeString}** issue reported by **${capitalizeFirstLetter(
|
|
1641
1641
|
vendor
|
|
1642
1642
|
)}**.
|
|
1643
1643
|
|
|
@@ -1645,7 +1645,7 @@ var getCommitDescription = ({
|
|
|
1645
1645
|
const parseIssueTypeRes = z2.nativeEnum(IssueType_Enum).safeParse(issueType);
|
|
1646
1646
|
if (issueType && parseIssueTypeRes.success) {
|
|
1647
1647
|
if (irrelevantIssueWithTags?.[0]?.tag) {
|
|
1648
|
-
|
|
1648
|
+
description += `
|
|
1649
1649
|
> [!tip]
|
|
1650
1650
|
> This issue was found to be irrelevant to your project - ${lowercaseFirstLetter(getTagTooltip(irrelevantIssueWithTags[0].tag))}.
|
|
1651
1651
|
> Mobb recommends to ignore this issue, however fix is available if you think differently.
|
|
@@ -1657,7 +1657,7 @@ ${issueDescription[irrelevantIssueWithTags[0].tag]}
|
|
|
1657
1657
|
}
|
|
1658
1658
|
const staticData = fixDetailsData[parseIssueTypeRes.data];
|
|
1659
1659
|
if (staticData) {
|
|
1660
|
-
|
|
1660
|
+
description += `## Issue description
|
|
1661
1661
|
${staticData.issueDescription}
|
|
1662
1662
|
|
|
1663
1663
|
## Fix instructions
|
|
@@ -1665,16 +1665,16 @@ ${staticData.fixInstructions}
|
|
|
1665
1665
|
`;
|
|
1666
1666
|
}
|
|
1667
1667
|
}
|
|
1668
|
-
|
|
1668
|
+
description += `
|
|
1669
1669
|
${guidances.map(({ guidance }) => `## Additional actions required
|
|
1670
1670
|
${guidance}
|
|
1671
1671
|
`).join("")}
|
|
1672
1672
|
`;
|
|
1673
1673
|
if (fixUrl) {
|
|
1674
|
-
|
|
1674
|
+
description += `
|
|
1675
1675
|
[More info and fix customization are available in the Mobb platform](${fixUrl})`;
|
|
1676
1676
|
}
|
|
1677
|
-
return
|
|
1677
|
+
return description;
|
|
1678
1678
|
};
|
|
1679
1679
|
var getCommitIssueDescription = ({
|
|
1680
1680
|
vendor,
|
|
@@ -1683,12 +1683,12 @@ var getCommitIssueDescription = ({
|
|
|
1683
1683
|
fpDescription
|
|
1684
1684
|
}) => {
|
|
1685
1685
|
const issueTypeString = getIssueTypeFriendlyString(issueType);
|
|
1686
|
-
let
|
|
1686
|
+
let description = `The following issues reported by ${capitalizeFirstLetter(vendor)} on this PR were found to be irrelevant to your project:
|
|
1687
1687
|
`;
|
|
1688
1688
|
const parseIssueTypeRes = z2.nativeEnum(IssueType_Enum).safeParse(issueType);
|
|
1689
1689
|
if (issueType && parseIssueTypeRes.success) {
|
|
1690
1690
|
if (irrelevantIssueWithTags?.[0]?.tag) {
|
|
1691
|
-
|
|
1691
|
+
description = `
|
|
1692
1692
|
> [!tip]
|
|
1693
1693
|
> The following issues reported by ${capitalizeFirstLetter(vendor)} on this PR were found to be irrelevant to your project:
|
|
1694
1694
|
> ${issueTypeString} - ${lowercaseFirstLetter(getTagTooltip(irrelevantIssueWithTags[0].tag))}.
|
|
@@ -1701,12 +1701,12 @@ ${fpDescription ?? issueDescription[irrelevantIssueWithTags[0].tag]}
|
|
|
1701
1701
|
}
|
|
1702
1702
|
const staticData = fixDetailsData[parseIssueTypeRes.data];
|
|
1703
1703
|
if (staticData) {
|
|
1704
|
-
|
|
1704
|
+
description += `## Issue description
|
|
1705
1705
|
${staticData.issueDescription}
|
|
1706
1706
|
`;
|
|
1707
1707
|
}
|
|
1708
1708
|
}
|
|
1709
|
-
return
|
|
1709
|
+
return description;
|
|
1710
1710
|
};
|
|
1711
1711
|
|
|
1712
1712
|
// src/features/analysis/scm/shared/src/guidances.ts
|
|
@@ -2929,15 +2929,22 @@ var openRedirect2 = {
|
|
|
2929
2929
|
description: () => "",
|
|
2930
2930
|
guidance: () => ""
|
|
2931
2931
|
},
|
|
2932
|
-
|
|
2933
|
-
content: () => "Allowed domains
|
|
2934
|
-
description: () =>
|
|
2932
|
+
domainAllowlist: {
|
|
2933
|
+
content: () => "Allowed domains names",
|
|
2934
|
+
description: () => "please provide a coma separated list of allowed domains names (example.com, example.org, etc.)",
|
|
2935
|
+
guidance: () => ""
|
|
2936
|
+
},
|
|
2937
|
+
pathAllowlist: {
|
|
2938
|
+
content: () => "Allowed paths (URIs)",
|
|
2939
|
+
description: () => "please provide a coma separated list of allowed path (/health, /api/v1/health, etc.)",
|
|
2940
|
+
guidance: () => ""
|
|
2941
|
+
},
|
|
2942
|
+
includeProtocolValidation: {
|
|
2943
|
+
content: () => "Should HTTP or HTTPS protocol be enforced?",
|
|
2944
|
+
description: () => "please indicate if the protocol should be enforced",
|
|
2935
2945
|
guidance: () => ""
|
|
2936
2946
|
}
|
|
2937
2947
|
};
|
|
2938
|
-
var description = `- *If external*, provide a coma separated list of allowed domains.
|
|
2939
|
-
|
|
2940
|
-
- *If internal*, provide a coma seperated list of allowed paths`;
|
|
2941
2948
|
|
|
2942
2949
|
// src/features/analysis/scm/shared/src/storedQuestionData/js/pt.ts
|
|
2943
2950
|
var pt3 = {
|
|
@@ -3342,6 +3349,16 @@ var FixRatingZ = z7.object({
|
|
|
3342
3349
|
name: z7.string()
|
|
3343
3350
|
})
|
|
3344
3351
|
});
|
|
3352
|
+
var IssueSharedStateZ = z7.object({
|
|
3353
|
+
id: z7.string().uuid(),
|
|
3354
|
+
isArchived: z7.boolean(),
|
|
3355
|
+
ticketIntegrationId: z7.string().uuid().nullable(),
|
|
3356
|
+
ticketIntegrations: z7.array(
|
|
3357
|
+
z7.object({
|
|
3358
|
+
url: z7.string()
|
|
3359
|
+
})
|
|
3360
|
+
)
|
|
3361
|
+
});
|
|
3345
3362
|
var FixSharedStateZ = z7.object({
|
|
3346
3363
|
state: z7.nativeEnum(Fix_State_Enum),
|
|
3347
3364
|
isArchived: z7.boolean(),
|
|
@@ -3377,7 +3394,12 @@ var FixQueryZ = z7.object({
|
|
|
3377
3394
|
z7.object({
|
|
3378
3395
|
vendorIssueId: z7.string(),
|
|
3379
3396
|
issueLanguage: z7.string(),
|
|
3380
|
-
parsedSeverity: ParsedSeverityZ
|
|
3397
|
+
parsedSeverity: ParsedSeverityZ,
|
|
3398
|
+
sharedState: z7.object({
|
|
3399
|
+
id: z7.string().uuid(),
|
|
3400
|
+
isArchived: z7.boolean(),
|
|
3401
|
+
ticketIntegrationId: z7.string().uuid().nullable()
|
|
3402
|
+
})
|
|
3381
3403
|
})
|
|
3382
3404
|
),
|
|
3383
3405
|
patchAndQuestions: PatchAndQuestionsZ,
|
|
@@ -3389,7 +3411,8 @@ var FixPartsForFixScreenZ = FixQueryZ.merge(
|
|
|
3389
3411
|
z7.object({
|
|
3390
3412
|
vendorIssueId: z7.string(),
|
|
3391
3413
|
issueType: z7.string(),
|
|
3392
|
-
issueLanguage: z7.string()
|
|
3414
|
+
issueLanguage: z7.string(),
|
|
3415
|
+
sharedState: IssueSharedStateZ
|
|
3393
3416
|
})
|
|
3394
3417
|
)
|
|
3395
3418
|
})
|
|
@@ -3479,7 +3502,13 @@ var ValidCategoriesZ = z9.union([
|
|
|
3479
3502
|
]);
|
|
3480
3503
|
var VulnerabilityReportIssueSharedStateZ = z9.object({
|
|
3481
3504
|
id: z9.string().uuid(),
|
|
3482
|
-
isArchived: z9.boolean()
|
|
3505
|
+
isArchived: z9.boolean(),
|
|
3506
|
+
ticketIntegrationId: z9.string().uuid().nullable(),
|
|
3507
|
+
ticketIntegrations: z9.array(
|
|
3508
|
+
z9.object({
|
|
3509
|
+
url: z9.string()
|
|
3510
|
+
})
|
|
3511
|
+
)
|
|
3483
3512
|
}).nullish();
|
|
3484
3513
|
var BaseIssuePartsZ = z9.object({
|
|
3485
3514
|
id: z9.string().uuid(),
|
|
@@ -3664,6 +3693,16 @@ var AnalysisReportDigestedZ = z11.object({
|
|
|
3664
3693
|
})
|
|
3665
3694
|
})
|
|
3666
3695
|
});
|
|
3696
|
+
var IssueSharedStateZ2 = z11.object({
|
|
3697
|
+
id: z11.string().uuid(),
|
|
3698
|
+
isArchived: z11.boolean(),
|
|
3699
|
+
ticketIntegrationId: z11.string().uuid().nullable(),
|
|
3700
|
+
ticketIntegrations: z11.array(
|
|
3701
|
+
z11.object({
|
|
3702
|
+
url: z11.string()
|
|
3703
|
+
})
|
|
3704
|
+
)
|
|
3705
|
+
});
|
|
3667
3706
|
var ReportQueryResultZ = z11.object({
|
|
3668
3707
|
fixReport_by_pk: z11.object({
|
|
3669
3708
|
id: z11.string().uuid(),
|
|
@@ -3710,10 +3749,10 @@ var ReportQueryResultZ = z11.object({
|
|
|
3710
3749
|
id: z11.string().uuid(),
|
|
3711
3750
|
issueType: z11.string(),
|
|
3712
3751
|
issueLanguage: z11.string(),
|
|
3713
|
-
category: z11.string()
|
|
3752
|
+
category: z11.string(),
|
|
3753
|
+
sharedState: IssueSharedStateZ2
|
|
3714
3754
|
})
|
|
3715
3755
|
)
|
|
3716
|
-
// scmSubmitFixRequests: ScmSubmitFixRequestsZ,
|
|
3717
3756
|
})
|
|
3718
3757
|
),
|
|
3719
3758
|
repo: z11.object({
|
|
@@ -3813,7 +3852,8 @@ var ReportFixesQueryFixZ = z11.object({
|
|
|
3813
3852
|
vulnerabilityReportIssues: z11.array(
|
|
3814
3853
|
z11.object({
|
|
3815
3854
|
issueType: z11.string(),
|
|
3816
|
-
issueLanguage: z11.string()
|
|
3855
|
+
issueLanguage: z11.string(),
|
|
3856
|
+
sharedState: IssueSharedStateZ2
|
|
3817
3857
|
})
|
|
3818
3858
|
).min(1)
|
|
3819
3859
|
});
|
|
@@ -4696,11 +4736,11 @@ async function adoValidateParams({
|
|
|
4696
4736
|
console.log("adoValidateParams error", e);
|
|
4697
4737
|
const error = e;
|
|
4698
4738
|
const code = error.code || error.status || error.statusCode || error.response?.status || error.response?.statusCode || error.response?.code;
|
|
4699
|
-
const
|
|
4700
|
-
if (code === 401 || code === 403 ||
|
|
4739
|
+
const description = error.description || `${e}`;
|
|
4740
|
+
if (code === 401 || code === 403 || description.includes("401") || description.includes("403")) {
|
|
4701
4741
|
throw new InvalidAccessTokenError(`invalid ADO access token`);
|
|
4702
4742
|
}
|
|
4703
|
-
if (code === 404 ||
|
|
4743
|
+
if (code === 404 || description.includes("404") || description.includes("Not Found")) {
|
|
4704
4744
|
throw new InvalidRepoUrlError(`invalid ADO repo URL ${url}`);
|
|
4705
4745
|
}
|
|
4706
4746
|
console.log("adoValidateParams error", e);
|
|
@@ -7424,11 +7464,11 @@ async function gitlabValidateParams({
|
|
|
7424
7464
|
} catch (e) {
|
|
7425
7465
|
const error = e;
|
|
7426
7466
|
const code = error.code || error.status || error.statusCode || error.response?.status || error.response?.statusCode || error.response?.code;
|
|
7427
|
-
const
|
|
7428
|
-
if (code === 401 || code === 403 ||
|
|
7467
|
+
const description = error.description || `${e}`;
|
|
7468
|
+
if (code === 401 || code === 403 || description.includes("401") || description.includes("403")) {
|
|
7429
7469
|
throw new InvalidAccessTokenError(`invalid gitlab access token`);
|
|
7430
7470
|
}
|
|
7431
|
-
if (code === 404 ||
|
|
7471
|
+
if (code === 404 || description.includes("404") || description.includes("Not Found")) {
|
|
7432
7472
|
throw new InvalidRepoUrlError(`invalid gitlab repo URL: ${url}`);
|
|
7433
7473
|
}
|
|
7434
7474
|
console.log("gitlabValidateParams error", e);
|
|
@@ -9183,10 +9223,10 @@ async function addFixCommentsForPr({
|
|
|
9183
9223
|
const parsedFpRes = await FalsePositivePartsZ.parseAsync(
|
|
9184
9224
|
fpRes?.getFalsePositive
|
|
9185
9225
|
);
|
|
9186
|
-
const { description
|
|
9187
|
-
fpDescription = contextString ? `${
|
|
9226
|
+
const { description, contextString } = getParsedFalsePositiveMessage(parsedFpRes);
|
|
9227
|
+
fpDescription = contextString ? `${description}
|
|
9188
9228
|
|
|
9189
|
-
${contextString}` :
|
|
9229
|
+
${contextString}` : description;
|
|
9190
9230
|
}
|
|
9191
9231
|
return await Promise.all(
|
|
9192
9232
|
vulnerabilityReportIssue.codeNodes.map(
|