mobbdev 1.0.122 → 1.0.126

package/dist/index.mjs

@@ -32,7 +32,7 @@ var init_env = __esm({
 });
 
 // src/mcp/core/configs.ts
-var MCP_DEFAULT_API_URL, MCP_API_KEY_HEADER_NAME, MCP_LOGIN_MAX_WAIT, MCP_LOGIN_CHECK_DELAY, MCP_VUL_REPORT_DIGEST_TIMEOUT_MS, MCP_MAX_FILE_SIZE, MCP_PERIODIC_CHECK_INTERVAL, MCP_DEFAULT_MAX_FILES_TO_SCAN, MCP_REPORT_ID_EXPIRATION_MS, MCP_TOOLS_BROWSER_COOLDOWN_MS, MCP_DEFAULT_LIMIT;
+var MCP_DEFAULT_API_URL, MCP_API_KEY_HEADER_NAME, MCP_LOGIN_MAX_WAIT, MCP_LOGIN_CHECK_DELAY, MCP_VUL_REPORT_DIGEST_TIMEOUT_MS, MCP_MAX_FILE_SIZE, MCP_PERIODIC_CHECK_INTERVAL, MCP_DEFAULT_MAX_FILES_TO_SCAN, MCP_REPORT_ID_EXPIRATION_MS, MCP_TOOLS_BROWSER_COOLDOWN_MS, MCP_DEFAULT_LIMIT, isAutoScan;
 var init_configs = __esm({
   "src/mcp/core/configs.ts"() {
     "use strict";
@@ -48,6 +48,7 @@ var init_configs = __esm({
     MCP_REPORT_ID_EXPIRATION_MS = 2 * 60 * 60 * 1e3;
     MCP_TOOLS_BROWSER_COOLDOWN_MS = 24 * 60 * 60 * 1e3;
     MCP_DEFAULT_LIMIT = 3;
+    isAutoScan = process.env["AUTO_SCAN"] !== "false";
   }
 });
 
@@ -1440,6 +1441,7 @@ var Language = /* @__PURE__ */ ((Language2) => {
   Language2["Cpp"] = "CPP";
   Language2["Csharp"] = "CSHARP";
   Language2["Default"] = "DEFAULT";
+  Language2["Dockerfile"] = "DOCKERFILE";
   Language2["Go"] = "GO";
   Language2["Java"] = "JAVA";
   Language2["Js"] = "JS";
@@ -1493,6 +1495,7 @@ var IssueLanguage_Enum = /* @__PURE__ */ ((IssueLanguage_Enum2) => {
   IssueLanguage_Enum2["CSharp"] = "CSharp";
   IssueLanguage_Enum2["Cpp"] = "Cpp";
   IssueLanguage_Enum2["Default"] = "Default";
+  IssueLanguage_Enum2["Dockerfile"] = "Dockerfile";
   IssueLanguage_Enum2["Go"] = "Go";
   IssueLanguage_Enum2["Java"] = "Java";
   IssueLanguage_Enum2["JavaScript"] = "JavaScript";
@@ -1549,6 +1552,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
   IssueType_Enum2["InformationExposureViaHeaders"] = "INFORMATION_EXPOSURE_VIA_HEADERS";
   IssueType_Enum2["InsecureBinderConfiguration"] = "INSECURE_BINDER_CONFIGURATION";
   IssueType_Enum2["InsecureCookie"] = "INSECURE_COOKIE";
+  IssueType_Enum2["InsecurePostmessage"] = "INSECURE_POSTMESSAGE";
   IssueType_Enum2["InsecureRandomness"] = "INSECURE_RANDOMNESS";
   IssueType_Enum2["InsecureTmpFile"] = "INSECURE_TMP_FILE";
   IssueType_Enum2["InsecureUuidVersion"] = "INSECURE_UUID_VERSION";
@@ -1563,6 +1567,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
   IssueType_Enum2["MissingEqualsOrHashcode"] = "MISSING_EQUALS_OR_HASHCODE";
   IssueType_Enum2["MissingHstsHeader"] = "MISSING_HSTS_HEADER";
   IssueType_Enum2["MissingSslMinversion"] = "MISSING_SSL_MINVERSION";
+  IssueType_Enum2["MissingUser"] = "MISSING_USER";
   IssueType_Enum2["MissingWhitespace"] = "MISSING_WHITESPACE";
   IssueType_Enum2["ModifiedDefaultParam"] = "MODIFIED_DEFAULT_PARAM";
   IssueType_Enum2["NonFinalPublicStaticField"] = "NON_FINAL_PUBLIC_STATIC_FIELD";
@@ -2255,14 +2260,14 @@ var GetReportFixesDocument = `
 var GetLatestReportByRepoUrlDocument = `
     query GetLatestReportByRepoUrl($repoUrl: String!, $filters: fix_bool_exp = {}, $limit: Int!, $offset: Int!, $currentUserEmail: String!) {
   fixReport(
-    where: {_and: [{repo: {originalUrl: {_eq: $repoUrl}}}, {state: {_eq: Finished}}]}
+    where: {_and: [{repo: {originalUrl: {_eq: $repoUrl}}}, {state: {_eq: Finished}}, {vulnerabilityReport: {_or: [{vendor: {_is_null: true}}, {vendor: {_nin: [semgrep, opengrep]}}]}}]}
     order_by: {createdOn: desc}
     limit: 1
   ) {
     ...FixReportSummaryFields
   }
   expiredReport: fixReport(
-    where: {_and: [{repo: {originalUrl: {_eq: $repoUrl}}}, {state: {_eq: Expired}}]}
+    where: {_and: [{repo: {originalUrl: {_eq: $repoUrl}}}, {state: {_eq: Expired}}, {_or: [{vulnerabilityReport: {vendor: {_is_null: true}}}, {vulnerabilityReport: {vendor: {_nin: [semgrep, opengrep]}}}]}]}
     order_by: {createdOn: desc}
     limit: 1
   ) {
@@ -2636,7 +2641,12 @@ var fixDetailsData = {
     fixInstructions: "Implement proper input validation and bounds checking to prevent HTTP parameter pollution. Use safe string manipulation functions and ensure that the buffer size is properly managed."
   },
   ["INCOMPLETE_SANITIZATION" /* IncompleteSanitization */]: void 0,
-  ["CREDENTIAL_DISCLOSURE" /* CredentialDisclosure */]: void 0
+  ["CREDENTIAL_DISCLOSURE" /* CredentialDisclosure */]: void 0,
+  ["INSECURE_POSTMESSAGE" /* InsecurePostmessage */]: void 0,
+  ["MISSING_USER" /* MissingUser */]: {
+    issueDescription: "Missing User occurs when a user is not specified in the Dockerfile, leading to security vulnerabilities.",
+    fixInstructions: "Specify a user in the Dockerfile to prevent security vulnerabilities."
+  }
 };
 
 // src/features/analysis/scm/shared/src/getIssueType.ts
@@ -2755,7 +2765,9 @@ var issueTypeMap = {
   ["STRING_TERMINATION_ERROR" /* StringTerminationError */]: "String Termination Error",
   ["HTTP_PARAMETER_POLLUTION" /* HttpParameterPollution */]: "HTTP Parameter Pollution",
   ["INCOMPLETE_SANITIZATION" /* IncompleteSanitization */]: "Incomplete Sanitization",
-  ["CREDENTIAL_DISCLOSURE" /* CredentialDisclosure */]: "Credential Disclosure"
+  ["CREDENTIAL_DISCLOSURE" /* CredentialDisclosure */]: "Credential Disclosure",
+  ["INSECURE_POSTMESSAGE" /* InsecurePostmessage */]: "Insecure Postmessage",
+  ["MISSING_USER" /* MissingUser */]: "Missing User"
 };
 var issueTypeZ = z.nativeEnum(IssueType_Enum);
 var getIssueTypeFriendlyString = (issueType) => {
@@ -2952,9 +2964,13 @@ var vulnerabilities = {
 };
 var csharp_default = vulnerabilities;
 
-// src/features/analysis/scm/shared/src/storedFixData/go/index.ts
+// src/features/analysis/scm/shared/src/storedFixData/dockerfile/index.ts
 var vulnerabilities2 = {};
-var go_default = vulnerabilities2;
+var dockerfile_default = vulnerabilities2;
+
+// src/features/analysis/scm/shared/src/storedFixData/go/index.ts
+var vulnerabilities3 = {};
+var go_default = vulnerabilities3;
 
 // src/features/analysis/scm/shared/src/storedFixData/java/sqlInjection.ts
 var sqlInjection = {
@@ -2981,12 +2997,12 @@ var systemInformationLeak = {
 };
 
 // src/features/analysis/scm/shared/src/storedFixData/java/index.ts
-var vulnerabilities3 = {
+var vulnerabilities4 = {
   ["PASSWORD_IN_COMMENT" /* PasswordInComment */]: passwordInComment,
   ["SQL_Injection" /* SqlInjection */]: sqlInjection,
   ["SYSTEM_INFORMATION_LEAK" /* SystemInformationLeak */]: systemInformationLeak
 };
-var java_default = vulnerabilities3;
+var java_default = vulnerabilities4;
 
 // src/features/analysis/scm/shared/src/storedFixData/python/csrf.ts
 var csrf = {
@@ -3029,18 +3045,18 @@ var ssrf = {
 };
 
 // src/features/analysis/scm/shared/src/storedFixData/javascript/index.ts
-var vulnerabilities4 = {
+var vulnerabilities5 = {
   ["SSRF" /* Ssrf */]: ssrf,
   ["HARDCODED_SECRETS" /* HardcodedSecrets */]: hardcodedSecrets,
   ["PASSWORD_IN_COMMENT" /* PasswordInComment */]: passwordInComment,
   ["NO_LIMITS_OR_THROTTLING" /* NoLimitsOrThrottling */]: noLimitsOrThrottling,
   ["CSRF" /* Csrf */]: csrf
 };
-var javascript_default = vulnerabilities4;
+var javascript_default = vulnerabilities5;
 
 // src/features/analysis/scm/shared/src/storedFixData/php/index.ts
-var vulnerabilities5 = {};
-var php_default = vulnerabilities5;
+var vulnerabilities6 = {};
+var php_default = vulnerabilities6;
 
 // src/features/analysis/scm/shared/src/storedFixData/python/autoEscapeFalse.ts
 var autoEscapeFalse = {
@@ -3062,11 +3078,11 @@ See more information [here](https://jinja.palletsprojects.com/en/3.1.x/templates
 };
 
 // src/features/analysis/scm/shared/src/storedFixData/python/index.ts
-var vulnerabilities6 = {
+var vulnerabilities7 = {
   ["AUTO_ESCAPE_FALSE" /* AutoEscapeFalse */]: autoEscapeFalse,
   ["CSRF" /* Csrf */]: csrf
 };
-var python_default = vulnerabilities6;
+var python_default = vulnerabilities7;
 
 // src/features/analysis/scm/shared/src/storedFixData/sql/defaultRightsInObjDefinition.ts
 var defaultRightsInObjDefinition = {
@@ -3074,16 +3090,16 @@ var defaultRightsInObjDefinition = {
 };
 
 // src/features/analysis/scm/shared/src/storedFixData/sql/index.ts
-var vulnerabilities7 = {
+var vulnerabilities8 = {
   ["DEFAULT_RIGHTS_IN_OBJ_DEFINITION" /* DefaultRightsInObjDefinition */]: defaultRightsInObjDefinition
 };
-var sql_default = vulnerabilities7;
+var sql_default = vulnerabilities8;
 
 // src/features/analysis/scm/shared/src/storedFixData/xml/index.ts
-var vulnerabilities8 = {
+var vulnerabilities9 = {
   ["PASSWORD_IN_COMMENT" /* PasswordInComment */]: passwordInComment
 };
-var xml_default = vulnerabilities8;
+var xml_default = vulnerabilities9;
 
 // src/features/analysis/scm/shared/src/storedFixData/index.ts
 var StoredFixDataItemZ = z3.object({
@@ -3097,7 +3113,8 @@ var languages = {
   ["XML" /* Xml */]: xml_default,
   ["Python" /* Python */]: python_default,
   ["PHP" /* Php */]: php_default,
-  ["Go" /* Go */]: go_default
+  ["Go" /* Go */]: go_default,
+  ["Dockerfile" /* Dockerfile */]: dockerfile_default
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/index.ts
@@ -3387,7 +3404,7 @@ var xxe = {
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/csharp/index.ts
-var vulnerabilities9 = {
+var vulnerabilities10 = {
   ["LOG_FORGING" /* LogForging */]: logForging,
   ["SSRF" /* Ssrf */]: ssrf2,
   ["XXE" /* Xxe */]: xxe,
@@ -3407,7 +3424,7 @@ var vulnerabilities9 = {
   ["INSUFFICIENT_LOGGING" /* InsufficientLogging */]: insufficientLogging,
   ["SQL_Injection" /* SqlInjection */]: sqlInjection2
 };
-var csharp_default2 = vulnerabilities9;
+var csharp_default2 = vulnerabilities10;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/go/logForging.ts
 var logForging2 = {
@@ -3437,12 +3454,12 @@ var websocketMissingOriginCheck = {
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/go/index.ts
-var vulnerabilities10 = {
+var vulnerabilities11 = {
   ["LOG_FORGING" /* LogForging */]: logForging2,
   ["MISSING_SSL_MINVERSION" /* MissingSslMinversion */]: missingSslMinversion,
   ["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: websocketMissingOriginCheck
 };
-var go_default2 = vulnerabilities10;
+var go_default2 = vulnerabilities11;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/java/commandInjection.ts
 var commandInjection = {
@@ -3896,7 +3913,7 @@ var xxe2 = {
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/java/index.ts
-var vulnerabilities11 = {
+var vulnerabilities12 = {
   ["SQL_Injection" /* SqlInjection */]: sqlInjection3,
   ["CMDi_relative_path_command" /* CmDiRelativePathCommand */]: relativePathCommand,
   ["CMDi" /* CmDi */]: commandInjection,
@@ -3922,7 +3939,7 @@ var vulnerabilities11 = {
   ["ERRONEOUS_STRING_COMPARE" /* ErroneousStringCompare */]: erroneousStringCompare,
   ["DUPLICATED_STRINGS" /* DuplicatedStrings */]: duplicatedStrings
 };
-var java_default2 = vulnerabilities11;
+var java_default2 = vulnerabilities12;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/python/csrf.ts
 var csrf2 = {
@@ -4230,7 +4247,7 @@ var xss3 = {
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/js/index.ts
-var vulnerabilities12 = {
+var vulnerabilities13 = {
   ["CMDi" /* CmDi */]: commandInjection2,
   ["GRAPHQL_DEPTH_LIMIT" /* GraphqlDepthLimit */]: graphqlDepthLimit,
   ["INSECURE_RANDOMNESS" /* InsecureRandomness */]: insecureRandomness2,
@@ -4252,7 +4269,7 @@ var vulnerabilities12 = {
   ["HARDCODED_DOMAIN_IN_HTML" /* HardcodedDomainInHtml */]: hardcodedDomainInHtml,
   ["CSRF" /* Csrf */]: csrf2
 };
-var js_default = vulnerabilities12;
+var js_default = vulnerabilities13;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/python/duplicatedStrings.ts
 var duplicatedStrings2 = {
@@ -4303,14 +4320,14 @@ var uncheckedLoopCondition3 = {
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/python/index.ts
-var vulnerabilities13 = {
+var vulnerabilities14 = {
   ["CSRF" /* Csrf */]: csrf2,
   ["LOG_FORGING" /* LogForging */]: logForging5,
   ["OPEN_REDIRECT" /* OpenRedirect */]: openRedirect3,
   ["UNCHECKED_LOOP_CONDITION" /* UncheckedLoopCondition */]: uncheckedLoopCondition3,
   ["DUPLICATED_STRINGS" /* DuplicatedStrings */]: duplicatedStrings2
 };
-var python_default2 = vulnerabilities13;
+var python_default2 = vulnerabilities14;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/xml/unboundedOccurrences.ts
 var unboundedOccurrences = {
@@ -4324,10 +4341,10 @@ A value too high will cause performance issues up to and including denial of ser
 };
 
 // src/features/analysis/scm/shared/src/storedQuestionData/xml/index.ts
-var vulnerabilities14 = {
+var vulnerabilities15 = {
   ["WEAK_XML_SCHEMA_UNBOUNDED_OCCURRENCES" /* WeakXmlSchemaUnboundedOccurrences */]: unboundedOccurrences
 };
-var xml_default2 = vulnerabilities14;
+var xml_default2 = vulnerabilities15;
 
 // src/features/analysis/scm/shared/src/storedQuestionData/index.ts
 var StoredQuestionDataItemZ = z4.object({
@@ -11937,104 +11954,34 @@ import {
 } from "@modelcontextprotocol/sdk/types.js";
 
 // src/mcp/Logger.ts
-var loggerUrl = "http://localhost:4444/log";
-var isTestEnvironment = process.env["VITEST"] || process.env["TEST"];
-var CIRCUIT_BREAKER_TIME = 5e3;
-var URL_CHECK_TIMEOUT = 200;
-var MAX_QUEUE_SIZE = 100;
+import Configstore3 from "configstore";
+var MAX_LOGS_SIZE = 1e3;
 var Logger = class {
   constructor() {
-    __publicField(this, "queue", []);
-    __publicField(this, "isProcessing", false);
-    __publicField(this, "isCircuitBroken", false);
-    __publicField(this, "circuitBreakerTimer", null);
+    __publicField(this, "mobbConfigStore");
+    __publicField(this, "path");
+    this.path = process.env["WORKSPACE_FOLDER_PATHS"] || "unknown";
+    this.mobbConfigStore = new Configstore3("mobb-logs", {});
+    this.mobbConfigStore.set("version", packageJson.version);
   }
+  /**
+   * Log a message to the console.
+   * @param message - The message to log.
+   * @param level - The level of the message.
+   * @param data - The data to log.
+   */
   log(message, level = "info", data) {
-    if (isTestEnvironment) return;
-    if (this.queue.length >= MAX_QUEUE_SIZE) {
-      this.queue.shift();
-    }
-    this.queue.push({ message, level, data });
-    if (!this.isProcessing && !this.isCircuitBroken) {
-      this.processQueue();
-    }
-  }
-  async isUrlReachable(url) {
-    try {
-      const controller = new AbortController();
-      const timeoutId = setTimeout(() => controller.abort(), URL_CHECK_TIMEOUT);
-      await fetch(url, {
-        method: "HEAD",
-        signal: controller.signal
-      });
-      clearTimeout(timeoutId);
-      return true;
-    } catch (error) {
-      return false;
-    }
-  }
-  async processQueue() {
-    if (this.queue.length === 0 || this.isCircuitBroken) {
-      this.isProcessing = false;
-      return;
-    }
-    this.isProcessing = true;
-    const logEntry = this.queue[0];
-    if (!logEntry) {
-      this.isProcessing = false;
-      return;
-    }
-    const isReachable = await this.isUrlReachable(loggerUrl);
-    if (!isReachable) {
-      this.triggerCircuitBreaker();
-      return;
-    }
-    await this.sendLogEntry(logEntry);
-  }
-  async sendLogEntry(logEntry) {
     const logMessage = {
       timestamp: (/* @__PURE__ */ new Date()).toISOString(),
-      level: logEntry.level,
-      message: logEntry.message,
-      data: logEntry.data,
-      version: packageJson.version
+      level,
+      message,
+      data
     };
-    const controller = new AbortController();
-    const timeoutId = setTimeout(() => {
-      controller.abort();
-    }, 500);
-    try {
-      await fetch(loggerUrl, {
-        method: "POST",
-        headers: { "Content-Type": "application/json" },
-        body: JSON.stringify(logMessage),
-        redirect: "error",
-        // do not follow redirects
-        signal: controller.signal
-      });
-      this.queue.shift();
-      setTimeout(() => this.processQueue(), 0);
-    } catch (error) {
-      this.triggerCircuitBreaker();
-      logError("Failed to send log entry", error);
-    } finally {
-      clearTimeout(timeoutId);
+    const logs = this.mobbConfigStore.get(this.path) || [];
+    if (logs.length >= MAX_LOGS_SIZE) {
+      logs.shift();
     }
-  }
-  triggerCircuitBreaker() {
-    this.isCircuitBroken = true;
-    this.queue = [];
-    this.isProcessing = false;
-    if (this.circuitBreakerTimer) {
-      clearTimeout(this.circuitBreakerTimer);
-    }
-    this.circuitBreakerTimer = setTimeout(() => {
-      this.isCircuitBroken = false;
-      this.circuitBreakerTimer = null;
-      if (this.queue.length > 0 && !this.isProcessing) {
-        this.processQueue();
-      }
-    }, CIRCUIT_BREAKER_TIME);
+    this.mobbConfigStore.set(this.path, [...logs, logMessage]);
   }
 };
 var logger = new Logger();
@@ -12045,12 +11992,34 @@ var logDebug = (message, data) => logger.log(message, "debug", data);
 var log = logger.log.bind(logger);
 
 // src/mcp/services/McpGQLClient.ts
-import Configstore3 from "configstore";
 import crypto3 from "crypto";
 import { GraphQLClient as GraphQLClient2 } from "graphql-request";
 import { v4 as uuidv42 } from "uuid";
 init_configs();
 
+// src/mcp/services/ConfigStoreService.ts
+init_configs();
+import Configstore4 from "configstore";
+function createConfigStore(defaultValues = { apiToken: "" }) {
+  const API_URL2 = process.env["API_URL"] || MCP_DEFAULT_API_URL;
+  let domain = "";
+  try {
+    const url = new URL(API_URL2);
+    domain = url.hostname;
+  } catch (e) {
+    domain = API_URL2.replace(/^https?:\/\//, "").replace(/\/.*$/, "").replace(/:\d+$/, "");
+  }
+  const sanitizedDomain = domain.replace(/\./g, "_");
+  return new Configstore4(
+    `${packageJson.name}-${sanitizedDomain}`,
+    defaultValues
+  );
+}
+function getConfigStore() {
+  return createConfigStore();
+}
+var configStore = getConfigStore();
+
 // src/mcp/services/McpAuthService.ts
 import crypto2 from "crypto";
 import os2 from "os";
@@ -12131,16 +12100,17 @@ var McpAuthService = class {
 };
 
 // src/mcp/services/McpGQLClient.ts
-var mobbConfigStore = new Configstore3(packageJson.name, { apiToken: "" });
 var McpGQLClient = class {
   constructor(args) {
     __publicField(this, "client");
     __publicField(this, "clientSdk");
     __publicField(this, "_auth");
+    __publicField(this, "currentUser", null);
+    __publicField(this, "apiUrl");
     this._auth = args;
-    const API_URL2 = process.env["API_URL"] || MCP_DEFAULT_API_URL;
-    logDebug("creating graphql client", { API_URL: API_URL2, args });
-    this.client = new GraphQLClient2(API_URL2, {
+    this.apiUrl = process.env["API_URL"] || MCP_DEFAULT_API_URL;
+    logDebug(`creating graphql client with api url ${this.apiUrl}`, { args });
+    this.client = new GraphQLClient2(this.apiUrl, {
       headers: args.type === "apiKey" ? { [MCP_API_KEY_HEADER_NAME]: args.apiKey || "" } : {
         Authorization: `Bearer ${args.token}`
       },
@@ -12159,7 +12129,7 @@ var McpGQLClient = class {
   }
   getErrorContext() {
     return {
-      endpoint: process.env["API_URL"] || MCP_DEFAULT_API_URL,
+      endpoint: this.apiUrl,
       apiKey: this._auth.type === "apiKey" ? this._auth.apiKey : "",
       headers: {
         [MCP_API_KEY_HEADER_NAME]: this._auth.type === "apiKey" ? "[REDACTED]" : "undefined",
@@ -12167,10 +12137,10 @@ var McpGQLClient = class {
       }
     };
   }
-  async verifyApiConnection() {
+  async isApiEndpointReachable() {
     try {
       logDebug("GraphQL: Calling Me query for API connection verification");
-      const result = await this.clientSdk.Me();
+      const result = await this.getUserInfo();
       logDebug("GraphQL: Me query successful", { result });
       return true;
     } catch (e) {
@@ -12183,6 +12153,23 @@ var McpGQLClient = class {
     }
     return true;
   }
+  /**
+   * Verifies both API endpoint reachability and user authentication
+   * @returns true if both API is reachable and user is authenticated
+   */
+  async verifyApiConnection() {
+    const isReachable = await this.isApiEndpointReachable();
+    if (!isReachable) {
+      return false;
+    }
+    try {
+      await this.validateUserToken();
+      return true;
+    } catch (e) {
+      logError("User token validation failed", { error: e });
+      return false;
+    }
+  }
   async uploadS3BucketInfo() {
     try {
       logDebug("GraphQL: Calling uploadS3BucketInfo mutation");
@@ -12237,8 +12224,9 @@ var McpGQLClient = class {
     }
   }
   async subscribeToGetAnalysis(params) {
+    const { scanContext } = params;
     try {
-      logDebug("GraphQL: Starting GetAnalysis subscription", {
+      logDebug(`[${scanContext}] GraphQL: Starting GetAnalysis subscription`, {
         params: params.subscribeToAnalysisParams
       });
       const { callbackStates } = params;
@@ -12246,10 +12234,13 @@ var McpGQLClient = class {
         GetAnalysisSubscriptionDocument,
         params.subscribeToAnalysisParams,
         async (resolve, reject, data) => {
-          logDebug("GraphQL: GetAnalysis subscription data received", { data });
+          logDebug(
+            `[${scanContext}] GraphQL: GetAnalysis subscription data received ${data.analysis?.state}`,
+            { data }
+          );
           if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
             const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
-            logError("GraphQL: Analysis failed", {
+            logError(`[${scanContext}] GraphQL: Analysis failed`, {
               analysisId: data.analysis?.id,
               state: data.analysis?.state,
               failReason: data.analysis?.failReason,
@@ -12259,11 +12250,14 @@ var McpGQLClient = class {
             return;
           }
           if (callbackStates.includes(data.analysis?.state)) {
-            logDebug("GraphQL: Analysis state matches callback states", {
-              analysisId: data.analysis.id,
-              state: data.analysis.state,
-              callbackStates
-            });
+            logDebug(
+              `[${scanContext}] GraphQL: Analysis state matches callback states: ${data.analysis.state}`,
+              {
+                analysisId: data.analysis.id,
+                state: data.analysis.state,
+                callbackStates
+              }
+            );
             await params.callback(data.analysis.id);
             resolve(data);
           }
@@ -12278,10 +12272,12 @@ var McpGQLClient = class {
           timeoutInMs: params.timeoutInMs
         }
       );
-      logDebug("GraphQL: GetAnalysis subscription completed", { result });
+      logDebug(`[${scanContext}] GraphQL: GetAnalysis subscription completed`, {
+        result
+      });
       return result;
     } catch (e) {
-      logError("GraphQL: GetAnalysis subscription failed", {
+      logError(`[${scanContext}] GraphQL: GetAnalysis subscription failed`, {
         error: e,
         params: params.subscribeToAnalysisParams,
         ...this.getErrorContext()
@@ -12345,8 +12341,12 @@ var McpGQLClient = class {
   }
   async getUserInfo() {
     const { me } = await this.clientSdk.Me();
+    this.currentUser = me;
     return me;
   }
+  getCurrentUser() {
+    return this.currentUser;
+  }
   async validateUserToken() {
     logDebug("validating user token");
     try {
@@ -12539,16 +12539,16 @@ var McpGQLClient = class {
 async function createAuthenticatedMcpGQLClient({
   isBackgoundCall = false
 } = {}) {
-  logDebug("getting config", { apiToken: mobbConfigStore.get("apiToken") });
+  logDebug("getting config", { apiToken: configStore.get("apiToken") });
   const initialClient = new McpGQLClient({
     apiKey: process.env["MOBB_API_KEY"] || process.env["API_KEY"] || // fallback for backward compatibility
-    mobbConfigStore.get("apiToken") || "",
+    configStore.get("apiToken") || "",
     type: "apiKey"
   });
-  const isConnected = await initialClient.verifyApiConnection();
-  logDebug("API connection status", { isConnected });
-  if (!isConnected) {
-    throw new ApiConnectionError("Error: failed to connect to Mobb API");
+  const isApiEndpointReachable = await initialClient.isApiEndpointReachable();
+  logDebug("API connection status", { isApiEndpointReachable });
+  if (!isApiEndpointReachable) {
+    throw new ApiConnectionError("Error: failed to reach Mobb GraphQL endpoint");
   }
   logDebug("validating user token");
   const userVerify = await initialClient.validateUserToken();
@@ -12557,7 +12557,7 @@ async function createAuthenticatedMcpGQLClient({
   }
   const authService = new McpAuthService(initialClient);
   const newApiToken = await authService.authenticate(isBackgoundCall);
-  mobbConfigStore.set("apiToken", newApiToken);
+  configStore.set("apiToken", newApiToken);
   return new McpGQLClient({ apiKey: newApiToken, type: "apiKey" });
 }
 
@@ -12566,6 +12566,9 @@ var MCP_TOOL_CHECK_FOR_NEW_AVAILABLE_FIXES = "check_for_new_available_fixes";
 var MCP_TOOL_FETCH_AVAILABLE_FIXES = "fetch_available_fixes";
 var MCP_TOOL_SCAN_AND_FIX_VULNERABILITIES = "scan_and_fix_vulnerabilities";
 
+// src/mcp/core/McpServer.ts
+init_configs();
+
 // src/mcp/core/ToolRegistry.ts
 var ToolRegistry = class {
   constructor() {
@@ -12640,6 +12643,18 @@ var McpServer = class {
       } else {
         logWarn(`${message} (exit code: ${exitCode})`, { signal, exitCode });
       }
+    } else if (signal === "unhandledRejection") {
+      const errorDetails = {
+        signal,
+        errorType: error?.constructor?.name || "Unknown",
+        errorMessage: error instanceof Error ? error.message : String(error),
+        errorStack: error instanceof Error ? error.stack : void 0,
+        errorString: error?.toString(),
+        errorJson: JSON.stringify(error, null, 2),
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      };
+      logError(`${message} - Enhanced error details`, errorDetails);
+      logError(`${message} - Raw error object`, { error, signal });
     } else if (error) {
       logError(`${message}`, { error, signal });
     } else {
@@ -12684,30 +12699,43 @@ var McpServer = class {
     });
   }
   async triggerScanForNewAvailableFixes() {
-    const gqlClient = await createAuthenticatedMcpGQLClient({
-      isBackgoundCall: true
-    });
-    const isConnected = await gqlClient.verifyApiConnection();
-    if (!isConnected) {
-      logError("Failed to connect to the API, skipping scan");
-      return;
-    }
-    if (process.env["WORKSPACE_FOLDER_PATHS"]) {
-      logDebug("WORKSPACE_FOLDER_PATHS is set", {
-        WORKSPACE_FOLDER_PATHS: process.env["WORKSPACE_FOLDER_PATHS"]
+    try {
+      const gqlClient = await createAuthenticatedMcpGQLClient({
+        isBackgoundCall: true
       });
-      try {
-        const checkForNewAvailableFixesTool = this.toolRegistry.getTool(
-          MCP_TOOL_CHECK_FOR_NEW_AVAILABLE_FIXES
-        );
-        logInfo("Triggering periodic scan for new available fixes");
-        checkForNewAvailableFixesTool.triggerScan({
-          path: process.env["WORKSPACE_FOLDER_PATHS"],
-          gqlClient
+      const isConnected = await gqlClient.verifyApiConnection();
+      if (!isConnected) {
+        logError("Failed to connect to the API, skipping background scan");
+        return;
+      }
+      if (process.env["WORKSPACE_FOLDER_PATHS"]) {
+        logDebug("WORKSPACE_FOLDER_PATHS is set", {
+          WORKSPACE_FOLDER_PATHS: process.env["WORKSPACE_FOLDER_PATHS"]
         });
-      } catch (error) {
-        logError("Error getting workspace folder path tool", { error });
+        try {
+          const checkForNewAvailableFixesTool = this.toolRegistry.getTool(
+            MCP_TOOL_CHECK_FOR_NEW_AVAILABLE_FIXES
+          );
+          logInfo("Triggering periodic scan for new available fixes");
+          checkForNewAvailableFixesTool.triggerScan({
+            path: process.env["WORKSPACE_FOLDER_PATHS"],
+            gqlClient
+          });
+        } catch (error) {
+          logError("Error getting workspace folder path tool", { error });
+        }
       }
+    } catch (error) {
+      if (error instanceof Error && (error.message.includes("Authentication") || error.message.includes("failed to connect to Mobb API"))) {
+        logError(
+          "Background scan skipped due to authentication failure. Please re-authenticate by running a manual scan.",
+          {
+            error: error.message
+          }
+        );
+        return;
+      }
+      logError("Unexpected error during background scan", { error });
     }
   }
   async handleListToolsRequest(request) {
@@ -12721,7 +12749,11 @@ var McpServer = class {
     logDebug("env", {
       env: process.env
     });
-    void this.triggerScanForNewAvailableFixes();
+    if (isAutoScan) {
+      void this.triggerScanForNewAvailableFixes();
+    } else {
+      logDebug("Auto scan disabled, skipping triggerScanForNewAvailableFixes");
+    }
     const toolsDefinitions = this.toolRegistry.getAllTools();
     const response = {
       tools: toolsDefinitions.map((tool) => ({
@@ -12931,7 +12963,6 @@ var BaseTool = class {
 
 // src/mcp/tools/checkForNewAvailableFixes/CheckForNewAvailableFixesService.ts
 init_configs();
-import Configstore4 from "configstore";
 
 // src/mcp/core/prompts.ts
 init_configs();
@@ -13550,6 +13581,18 @@ var initializeSecurityReport = async (gqlClient, scanContext) => {
     return repoUploadInfo;
   } catch (error) {
     const message = error.message;
+    if (message.includes("Authentication hook unauthorized") || message.includes("access-denied")) {
+      logError(
+        "Authentication failed during security report initialization. Please re-authenticate.",
+        {
+          error: message
+        }
+      );
+      throw new ReportInitializationError(
+        "Authentication failed. Please re-authenticate and try again."
+      );
+    }
+    logError("Error initializing security report", { error: message });
     throw new ReportInitializationError(
       `Error initializing security report: ${message}`
     );
@@ -13630,7 +13673,8 @@ var executeSecurityScan = async ({
         });
       },
       callbackStates: ["Finished" /* Finished */],
-      timeoutInMs: MCP_VUL_REPORT_DIGEST_TIMEOUT_MS
+      timeoutInMs: MCP_VUL_REPORT_DIGEST_TIMEOUT_MS,
+      scanContext
     });
   } catch (error) {
     logError(`[${scanContext}] Security analysis failed or timed out`, {
@@ -13664,6 +13708,8 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     __publicField(this, "intervalId", null);
     __publicField(this, "isInitialScanComplete", false);
     __publicField(this, "gqlClient", null);
+    __publicField(this, "fullScanPathsScanned", []);
+    this.fullScanPathsScanned = configStore.get("fullScanPathsScanned") || [];
   }
   static getInstance() {
     if (!_CheckForNewAvailableFixesService.instance) {
@@ -13679,6 +13725,7 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     this.filesLastScanned = {};
     this.freshFixes = [];
     this.reportedFixes = [];
+    this.fullScanPathsScanned = configStore.get("fullScanPathsScanned") || [];
     if (this.intervalId) {
       clearInterval(this.intervalId);
       this.intervalId = null;
@@ -13699,61 +13746,84 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     });
     if (!this.gqlClient) {
       logInfo(`[${scanContext}] No GQL client found, skipping scan`);
-      return;
-    }
-    const isConnected = await this.gqlClient.verifyApiConnection();
-    if (!isConnected) {
-      logError(`[${scanContext}] Failed to connect to the API, scan aborted`);
-      return;
+      throw new Error("No GQL client found");
     }
-    logDebug(
-      `[${scanContext}] Connected to the API, assembling list of files to scan`,
-      { path: path13 }
-    );
-    const files = await getLocalFiles({
-      path: path13,
-      isAllFilesScan
-    });
-    logDebug(`[${scanContext}] Active files`, { files });
-    const filesToScan = files.filter((file) => {
-      const lastScannedEditTime = this.filesLastScanned[file.fullPath];
-      if (!lastScannedEditTime) {
-        return true;
+    try {
+      const isConnected = await this.gqlClient.verifyApiConnection();
+      if (!isConnected) {
+        logError(`[${scanContext}] Failed to connect to the API, scan aborted`);
+        throw new ApiConnectionError();
       }
-      return file.lastEdited > lastScannedEditTime;
-    });
-    if (filesToScan.length === 0) {
-      logInfo(`[${scanContext}] No files require scanning`);
-      return;
-    }
-    logDebug(`[${scanContext}] Files requiring security scan`, { filesToScan });
-    const { fixReportId, projectId } = await scanFiles({
-      fileList: filesToScan.map((file) => file.relativePath),
-      repositoryPath: path13,
-      gqlClient: this.gqlClient,
-      isAllDetectionRulesScan,
-      scanContext
-    });
-    logInfo(
-      `[${scanContext}] Security scan completed for ${path13} reportId: ${fixReportId} projectId: ${projectId}`
-    );
-    if (isAllFilesScan) {
-      return;
+      logDebug(
+        `[${scanContext}] Connected to the API, assembling list of files to scan`,
+        { path: path13 }
+      );
+      const files = await getLocalFiles({
+        path: path13,
+        isAllFilesScan
+      });
+      logDebug(`[${scanContext}] Active files`, { files });
+      const filesToScan = files.filter((file) => {
+        const lastScannedEditTime = this.filesLastScanned[file.fullPath];
+        if (!lastScannedEditTime) {
+          return true;
+        }
+        return file.lastEdited > lastScannedEditTime;
+      });
+      if (filesToScan.length === 0) {
+        logInfo(`[${scanContext}] No files require scanning`);
+        return;
+      }
+      logDebug(`[${scanContext}] Files requiring security scan`, {
+        filesToScan
+      });
+      const { fixReportId, projectId } = await scanFiles({
+        fileList: filesToScan.map((file) => file.relativePath),
+        repositoryPath: path13,
+        gqlClient: this.gqlClient,
+        isAllDetectionRulesScan,
+        scanContext
+      });
+      logInfo(
+        `[${scanContext}] Security scan completed for ${path13} reportId: ${fixReportId} projectId: ${projectId}`
+      );
+      if (isAllFilesScan) {
+        return;
+      }
+      const fixes = await this.gqlClient.getReportFixesPaginated({
+        reportId: fixReportId,
+        offset: 0,
+        limit: 1e3
+      });
+      const newFixes = fixes?.fixes?.filter(
+        (fix) => !this.isFixAlreadyReported(fix)
+      );
+      logInfo(
+        `[${scanContext}] Security fixes retrieved, total: ${fixes?.fixes?.length || 0}, new: ${newFixes?.length || 0}`
+      );
+      this.updateFreshFixesCache(newFixes || [], filesToScan);
+      this.updateFilesScanTimestamps(filesToScan);
+      this.isInitialScanComplete = true;
+    } catch (error) {
+      const errorMessage = error.message;
+      if (errorMessage.includes("Authentication failed") || errorMessage.includes("access-denied") || errorMessage.includes("Authentication hook unauthorized")) {
+        logError(
+          "Periodic scan skipped due to authentication failure. Please re-authenticate by running a manual scan.",
+          {
+            error: errorMessage
+          }
+        );
+        return;
+      }
+      if (errorMessage.includes("ReportInitializationError")) {
+        logError("Periodic scan failed during report initialization", {
+          error: errorMessage
+        });
+        return;
+      }
+      logError("Unexpected error during periodic security scan", { error });
+      throw error;
     }
-    const fixes = await this.gqlClient.getReportFixesPaginated({
-      reportId: fixReportId,
-      offset: 0,
-      limit: 1e3
-    });
-    const newFixes = fixes?.fixes?.filter(
-      (fix) => !this.isFixAlreadyReported(fix)
-    );
-    logInfo(
-      `[${scanContext}] Security fixes retrieved, total: ${fixes?.fixes?.length || 0}, new: ${newFixes?.length || 0}`
-    );
-    this.updateFreshFixesCache(newFixes || [], filesToScan);
-    this.updateFilesScanTimestamps(filesToScan);
-    this.isInitialScanComplete = true;
   }
   updateFreshFixesCache(newFixes, filesToScan) {
     this.freshFixes = this.freshFixes.filter((fix) => !this.isFixFromOldScan(fix, filesToScan)).concat(newFixes).sort((a, b) => {
@@ -13807,7 +13877,7 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     if (!this.intervalId) {
       this.startPeriodicScanning(path13);
       this.executeInitialScan(path13);
-      this.executeInitialFullScan(path13);
+      void this.executeInitialFullScan(path13);
     }
   }
   startPeriodicScanning(path13) {
@@ -13824,37 +13894,46 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       });
     }, MCP_PERIODIC_CHECK_INTERVAL);
   }
-  executeInitialFullScan(path13) {
-    logDebug("Triggering initial full security scan", { path: path13 });
-    const mobbConfigStore2 = new Configstore4(packageJson.name, { apiToken: "" });
-    const fullScanPathsScanned = mobbConfigStore2.get("fullScanPathsScanned") || [];
-    logDebug("Full scan paths scanned", { fullScanPathsScanned });
-    if (fullScanPathsScanned.includes(path13)) {
-      logDebug("Full scan already executed for this path", { path: path13 });
+  async executeInitialFullScan(path13) {
+    const scanContext = "FULL_SCAN";
+    logDebug(`[${scanContext}] Triggering initial full security scan`, { path: path13 });
+    logDebug(`[${scanContext}] Full scan paths scanned`, {
+      fullScanPathsScanned: this.fullScanPathsScanned
+    });
+    if (this.fullScanPathsScanned.includes(path13)) {
+      logDebug(`[${scanContext}] Full scan already executed for this path`, {
+        path: path13
+      });
       return;
     }
-    mobbConfigStore2.set("fullScanPathsScanned", [...fullScanPathsScanned, path13]);
-    this.scanForSecurityVulnerabilities({
-      path: path13,
-      isAllFilesScan: true,
-      isAllDetectionRulesScan: true,
-      scanContext: "FULL_SCAN"
-    }).catch((error) => {
+    configStore.set("fullScanPathsScanned", [
+      ...this.fullScanPathsScanned,
+      path13
+    ]);
+    try {
+      await this.scanForSecurityVulnerabilities({
+        path: path13,
+        isAllFilesScan: true,
+        isAllDetectionRulesScan: true,
+        scanContext: "FULL_SCAN"
+      });
+      if (!this.fullScanPathsScanned.includes(path13)) {
+        this.fullScanPathsScanned.push(path13);
+        configStore.set("fullScanPathsScanned", this.fullScanPathsScanned);
+      }
+      logInfo(`[${scanContext}] Full scan completed`, { path: path13 });
+    } catch (error) {
       logError("Error during initial full security scan", { error });
-    }).then(() => {
-      const fullScanPathsScanned2 = mobbConfigStore2.get("fullScanPathsScanned") || [];
-      fullScanPathsScanned2.push(path13);
-      mobbConfigStore2.set("fullScanPathsScanned", fullScanPathsScanned2);
-      logDebug("Full scan completed", { path: path13 });
-    });
+    }
   }
   executeInitialScan(path13) {
-    logDebug("Triggering initial security scan", { path: path13 });
+    const scanContext = "BACKGROUND_INITIAL";
+    logDebug(`[${scanContext}] Triggering initial security scan`, { path: path13 });
     this.scanForSecurityVulnerabilities({
       path: path13,
       scanContext: "BACKGROUND_INITIAL"
     }).catch((error) => {
-      logError("Error during initial security scan", { error });
+      logError(`[${scanContext}] Error during initial security scan`, { error });
     });
   }
   generateFreshFixesResponse() {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.122",
+  "version": "1.0.126",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",
@@ -11,13 +11,14 @@
     "postinstall": "node ./src/post_install/cx_install.mjs",
     "build": "tsc && tsup-node --env.NODE_ENV production",
     "build:dev": "tsup-node --env.NODE_ENV development",
+    "increment-version": "./src/scripts/increment-version.sh",
     "test:mcp": "pnpm run build && vitest run __tests__/mcp/",
     "test:mcp:watch": "vitest watch __tests__/mcp/",
     "test:mcp:verbose": "pnpm run build && NODE_ENV=test VERBOSE=true vitest run __tests__/mcp/",
-    "test:mcp:integration": "pnpm run build && GIT_PROXY_HOST=http://tinyproxy:8888 API_URL=http://app-api:8080/v1/graphql TOKEN=$(../../scripts/login_auth0.sh) vitest run __tests__/integration.test.ts -t 'mcp|MCP'",
+    "test:mcp:integration": "pnpm run build && GIT_PROXY_HOST=http://tinyproxy:8888 API_URL=http://app-api:8080/v1/graphql TOKEN=$(../../scripts/login_auth0.sh) vitest run --sequence.concurrent=false false __tests__/integration.test.ts -t 'mcp|MCP'",
     "test:mcp:all": "pnpm run test:mcp && pnpm run test:mcp:integration && cd ./__e2e__ && npm i && npm run test:mcp",
     "test:unit": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --exclude='**/__tests__/integration.test.ts' --exclude='**/__tests__/mcp/**'",
-    "test:integration": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run __tests__/integration.test.ts",
+    "test:integration": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --sequence.concurrent=false false __tests__/integration.test.ts",
     "test:integration:watch": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest watch run __tests__/integration.test.ts",
     "test": "pnpm run test:unit && pnpm run test:mcp && pnpm run test:integration",
     "test:ado": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run ado.test",
@@ -27,7 +28,7 @@
     "test:cli:main": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run cli-main.test",
     "test:coverage": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --coverage",
     "test:watch": "TOKEN=$(../../scripts/login_auth0.sh) vitest",
-    "test:integration:proxy": "GIT_PROXY_HOST=http://tinyproxy:8888 HTTP_PROXY=http://localhost:8888 API_URL=http://app-api:8080/v1/graphql TOKEN=$(../../scripts/login_auth0.sh) vitest run integration.test.ts",
+    "test:integration:proxy": "GIT_PROXY_HOST=http://tinyproxy:8888 HTTP_PROXY=http://localhost:8888 API_URL=http://app-api:8080/v1/graphql TOKEN=$(../../scripts/login_auth0.sh) vitest run --sequence.concurrent=false false integration.test.ts",
     "lint": "eslint --cache --max-warnings 0 --ignore-path .eslintignore --ext .ts,.tsx,.jsx,.graphql .",
     "lint:fix": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx,.graphql . && prettier --write \"src/**/*.graphql\"",
     "lint:fix:files": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx,.graphql",