mobbdev 1.0.137 → 1.0.140

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/index.mjs +48 -3
  2. package/package.json +10 -10
package/dist/index.mjs CHANGED
@@ -1582,6 +1582,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
1582
1582
  IssueType_Enum2["NoEquivalenceMethod"] = "NO_EQUIVALENCE_METHOD";
1583
1583
  IssueType_Enum2["NoLimitsOrThrottling"] = "NO_LIMITS_OR_THROTTLING";
1584
1584
  IssueType_Enum2["NoNestedTry"] = "NO_NESTED_TRY";
1585
+ IssueType_Enum2["NoNewPrivileges"] = "NO_NEW_PRIVILEGES";
1585
1586
  IssueType_Enum2["NoOpOverhead"] = "NO_OP_OVERHEAD";
1586
1587
  IssueType_Enum2["NoPrintStatement"] = "NO_PRINT_STATEMENT";
1587
1588
  IssueType_Enum2["NoReturnInFinally"] = "NO_RETURN_IN_FINALLY";
@@ -1592,6 +1593,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
1592
1593
  IssueType_Enum2["OverlyLargeRange"] = "OVERLY_LARGE_RANGE";
1593
1594
  IssueType_Enum2["PasswordInComment"] = "PASSWORD_IN_COMMENT";
1594
1595
  IssueType_Enum2["PoorErrorHandlingEmptyCatchBlock"] = "POOR_ERROR_HANDLING_EMPTY_CATCH_BLOCK";
1596
+ IssueType_Enum2["PortAllInterfaces"] = "PORT_ALL_INTERFACES";
1595
1597
  IssueType_Enum2["PrivacyViolation"] = "PRIVACY_VIOLATION";
1596
1598
  IssueType_Enum2["PrototypePollution"] = "PROTOTYPE_POLLUTION";
1597
1599
  IssueType_Enum2["Pt"] = "PT";
@@ -1627,6 +1629,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
1627
1629
  IssueType_Enum2["WeakXmlSchemaUnboundedOccurrences"] = "WEAK_XML_SCHEMA_UNBOUNDED_OCCURRENCES";
1628
1630
  IssueType_Enum2["WebsocketMissingOriginCheck"] = "WEBSOCKET_MISSING_ORIGIN_CHECK";
1629
1631
  IssueType_Enum2["WildcardImports"] = "WILDCARD_IMPORTS";
1632
+ IssueType_Enum2["WritableFilesystemService"] = "WRITABLE_FILESYSTEM_SERVICE";
1630
1633
  IssueType_Enum2["Xss"] = "XSS";
1631
1634
  IssueType_Enum2["Xxe"] = "XXE";
1632
1635
  IssueType_Enum2["ZipSlip"] = "ZIP_SLIP";
@@ -2656,7 +2659,10 @@ var fixDetailsData = {
2656
2659
  issueDescription: "Missing User occurs when a user is not specified in the Dockerfile, leading to security vulnerabilities.",
2657
2660
  fixInstructions: "Specify a user in the Dockerfile to prevent security vulnerabilities."
2658
2661
  },
2659
- ["MISSING_ENCODING_FILE_OPEN" /* MissingEncodingFileOpen */]: void 0
2662
+ ["MISSING_ENCODING_FILE_OPEN" /* MissingEncodingFileOpen */]: void 0,
2663
+ ["PORT_ALL_INTERFACES" /* PortAllInterfaces */]: void 0,
2664
+ ["WRITABLE_FILESYSTEM_SERVICE" /* WritableFilesystemService */]: void 0,
2665
+ ["NO_NEW_PRIVILEGES" /* NoNewPrivileges */]: void 0
2660
2666
  };
2661
2667
 
2662
2668
  // src/features/analysis/scm/shared/src/getIssueType.ts
@@ -2778,7 +2784,10 @@ var issueTypeMap = {
2778
2784
  ["CREDENTIAL_DISCLOSURE" /* CredentialDisclosure */]: "Credential Disclosure",
2779
2785
  ["INSECURE_POSTMESSAGE" /* InsecurePostmessage */]: "Insecure Postmessage",
2780
2786
  ["MISSING_USER" /* MissingUser */]: "Missing User",
2781
- ["MISSING_ENCODING_FILE_OPEN" /* MissingEncodingFileOpen */]: "Missing Encoding File Open"
2787
+ ["MISSING_ENCODING_FILE_OPEN" /* MissingEncodingFileOpen */]: "Missing Encoding File Open",
2788
+ ["PORT_ALL_INTERFACES" /* PortAllInterfaces */]: "Port All Interfaces",
2789
+ ["WRITABLE_FILESYSTEM_SERVICE" /* WritableFilesystemService */]: "Writable Filesystem Service",
2790
+ ["NO_NEW_PRIVILEGES" /* NoNewPrivileges */]: "No New Privileges"
2782
2791
  };
2783
2792
  var issueTypeZ = z.nativeEnum(IssueType_Enum);
2784
2793
  var getIssueTypeFriendlyString = (issueType) => {
@@ -4367,6 +4376,41 @@ var vulnerabilities15 = {
4367
4376
  };
4368
4377
  var xml_default2 = vulnerabilities15;
4369
4378
 
4379
+ // src/features/analysis/scm/shared/src/storedQuestionData/yaml/noNewPrivileges.ts
4380
+ var noNewPrivileges = {
4381
+ requireNewPrivileges: {
4382
+ content: () => "Does the container require new privileges?",
4383
+ description: () => "",
4384
+ guidance: () => `If the container requires new privileges, setting the no-new-privileges option might harm the container functionality.`
4385
+ }
4386
+ };
4387
+
4388
+ // src/features/analysis/scm/shared/src/storedQuestionData/yaml/portAllInterfaces.ts
4389
+ var portAllInterfaces = {
4390
+ trustedIP: {
4391
+ content: () => "Enter trusted Network IP",
4392
+ description: () => "",
4393
+ guidance: () => `Properly set this value to prevent access from untrusted network adapters. Setting this to a wrong value would prevent accessing the container and might break the system.`
4394
+ }
4395
+ };
4396
+
4397
+ // src/features/analysis/scm/shared/src/storedQuestionData/yaml/writableFilesystemService.ts
4398
+ var writableFilesystemService = {
4399
+ requireWriteAccess: {
4400
+ content: () => "Does the container require writable filesystem access?",
4401
+ description: () => "",
4402
+ guidance: () => `If the container requires writable filesystem access, setting the filesystem as readonly might harm the container functionality.`
4403
+ }
4404
+ };
4405
+
4406
+ // src/features/analysis/scm/shared/src/storedQuestionData/yaml/index.ts
4407
+ var vulnerabilities16 = {
4408
+ ["PORT_ALL_INTERFACES" /* PortAllInterfaces */]: portAllInterfaces,
4409
+ ["WRITABLE_FILESYSTEM_SERVICE" /* WritableFilesystemService */]: writableFilesystemService,
4410
+ ["NO_NEW_PRIVILEGES" /* NoNewPrivileges */]: noNewPrivileges
4411
+ };
4412
+ var yaml_default = vulnerabilities16;
4413
+
4370
4414
  // src/features/analysis/scm/shared/src/storedQuestionData/index.ts
4371
4415
  var StoredQuestionDataItemZ = z4.object({
4372
4416
  content: z4.function().args(z4.any()).returns(z4.string()),
@@ -4379,7 +4423,8 @@ var languages2 = {
4379
4423
  ["XML" /* Xml */]: xml_default2,
4380
4424
  ["CSharp" /* CSharp */]: csharp_default2,
4381
4425
  ["Python" /* Python */]: python_default2,
4382
- ["Go" /* Go */]: go_default2
4426
+ ["Go" /* Go */]: go_default2,
4427
+ ["YAML" /* Yaml */]: yaml_default
4383
4428
  };
4384
4429
  var storedQuestionData_default = languages2;
4385
4430
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mobbdev",
3
- "version": "1.0.137",
3
+ "version": "1.0.140",
4
4
  "description": "Automated secure code remediation tool",
5
5
  "repository": "git+https://github.com/mobb-dev/bugsy.git",
6
6
  "main": "dist/index.js",
@@ -47,14 +47,14 @@
47
47
  "dependencies": {
48
48
  "@gitbeaker/requester-utils": "42.5.0",
49
49
  "@gitbeaker/rest": "42.5.0",
50
- "@modelcontextprotocol/sdk": "1.15.1",
50
+ "@modelcontextprotocol/sdk": "1.17.2",
51
51
  "@octokit/core": "5.2.0",
52
52
  "@octokit/request-error": "5.1.1",
53
53
  "adm-zip": "0.5.16",
54
- "axios": "1.10.0",
55
- "azure-devops-node-api": "15.1.0",
54
+ "axios": "1.11.0",
55
+ "azure-devops-node-api": "15.1.1",
56
56
  "bitbucket": "2.11.0",
57
- "chalk": "5.4.1",
57
+ "chalk": "5.5.0",
58
58
  "chalk-animation": "2.0.3",
59
59
  "configstore": "6.0.0",
60
60
  "cross-fetch": "4.1.0",
@@ -82,9 +82,9 @@
82
82
  "sax": "1.4.1",
83
83
  "semver": "7.7.2",
84
84
  "simple-git": "3.28.0",
85
- "snyk": "1.1297.3",
85
+ "snyk": "1.1298.2",
86
86
  "tar": "6.2.1",
87
- "tmp": "0.2.4",
87
+ "tmp": "0.2.5",
88
88
  "undici": "6.21.3",
89
89
  "uuid": "11.1.0",
90
90
  "ws": "8.18.3",
@@ -120,10 +120,10 @@
120
120
  "eslint": "8.57.0",
121
121
  "eslint-plugin-graphql": "4.0.0",
122
122
  "eslint-plugin-import": "2.32.0",
123
- "eslint-plugin-prettier": "5.5.1",
123
+ "eslint-plugin-prettier": "5.5.4",
124
124
  "eslint-plugin-simple-import-sort": "12.1.1",
125
- "msw": "2.10.4",
126
- "nock": "14.0.5",
125
+ "msw": "2.10.5",
126
+ "nock": "14.0.10",
127
127
  "prettier": "3.6.2",
128
128
  "tsup": "8.5.0",
129
129
  "typescript": "4.9.5",