mobbdev 1.0.152 → 1.0.154
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +97 -97
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -5210,20 +5210,14 @@ var GetReportFixesQueryZ = z11.object({
|
|
|
5210
5210
|
)
|
|
5211
5211
|
}).nullish();
|
|
5212
5212
|
var GetFixReportStatsQueryZ = z11.object({
|
|
5213
|
-
|
|
5214
|
-
|
|
5215
|
-
|
|
5216
|
-
|
|
5217
|
-
|
|
5218
|
-
|
|
5219
|
-
vulnerabilityReportIrrelevantIssuesCount: z11.object({
|
|
5220
|
-
vulnerabilityReportIssues_aggregate: z11.object({
|
|
5221
|
-
aggregate: z11.object({ count: z11.number() })
|
|
5222
|
-
})
|
|
5223
|
-
})
|
|
5224
|
-
})
|
|
5213
|
+
fixReport_by_pk: z11.object({
|
|
5214
|
+
id: z11.string().uuid(),
|
|
5215
|
+
vulnerabilitySeverities: z11.record(z11.nativeEnum(Vulnerability_Severity_Enum), z11.number()).nullable(),
|
|
5216
|
+
vulnerabilityReportIrrelevantIssuesCount: z11.object({
|
|
5217
|
+
vulnerabilityReportIssues_aggregate: z11.object({
|
|
5218
|
+
aggregate: z11.object({ count: z11.number() })
|
|
5225
5219
|
})
|
|
5226
|
-
)
|
|
5220
|
+
})
|
|
5227
5221
|
}).nullable()
|
|
5228
5222
|
});
|
|
5229
5223
|
var ProjectVulnerabilityReport = z11.object({
|
|
@@ -8036,6 +8030,12 @@ import {
|
|
|
8036
8030
|
fetch as undiciFetch,
|
|
8037
8031
|
ProxyAgent as ProxyAgent2
|
|
8038
8032
|
} from "undici";
|
|
8033
|
+
|
|
8034
|
+
// src/utils/contextLogger.ts
|
|
8035
|
+
import debugModule from "debug";
|
|
8036
|
+
var debug3 = debugModule("mobb:shared");
|
|
8037
|
+
|
|
8038
|
+
// src/features/analysis/scm/gitlab/gitlab.ts
|
|
8039
8039
|
init_env();
|
|
8040
8040
|
|
|
8041
8041
|
// src/features/analysis/scm/gitlab/types.ts
|
|
@@ -8047,7 +8047,7 @@ var GitlabAuthResultZ = z22.object({
|
|
|
8047
8047
|
});
|
|
8048
8048
|
|
|
8049
8049
|
// src/features/analysis/scm/gitlab/gitlab.ts
|
|
8050
|
-
var
|
|
8050
|
+
var debug4 = Debug3("scm:gitlab");
|
|
8051
8051
|
function removeTrailingSlash2(str) {
|
|
8052
8052
|
return str.trim().replace(/\/+$/, "");
|
|
8053
8053
|
}
|
|
@@ -8985,7 +8985,7 @@ import chalk from "chalk";
|
|
|
8985
8985
|
import Debug4 from "debug";
|
|
8986
8986
|
import * as dotenv from "dotenv";
|
|
8987
8987
|
import { z as z24 } from "zod";
|
|
8988
|
-
var
|
|
8988
|
+
var debug5 = Debug4("mobbdev:constants");
|
|
8989
8989
|
var __dirname = path6.dirname(fileURLToPath2(import.meta.url));
|
|
8990
8990
|
dotenv.config({ path: path6.join(__dirname, "../.env") });
|
|
8991
8991
|
var scmFriendlyText = {
|
|
@@ -9022,7 +9022,7 @@ var envVariablesSchema = z24.object({
|
|
|
9022
9022
|
HTTPS_PROXY: z24.string().optional().default("")
|
|
9023
9023
|
}).required();
|
|
9024
9024
|
var envVariables = envVariablesSchema.parse(process.env);
|
|
9025
|
-
|
|
9025
|
+
debug5("config %o", envVariables);
|
|
9026
9026
|
var mobbAscii = `
|
|
9027
9027
|
..
|
|
9028
9028
|
..........
|
|
@@ -9352,7 +9352,7 @@ function keyBy(array, keyBy2) {
|
|
|
9352
9352
|
|
|
9353
9353
|
// src/features/analysis/utils/send_report.ts
|
|
9354
9354
|
import Debug5 from "debug";
|
|
9355
|
-
var
|
|
9355
|
+
var debug6 = Debug5("mobbdev:index");
|
|
9356
9356
|
async function sendReport({
|
|
9357
9357
|
spinner,
|
|
9358
9358
|
submitVulnerabilityReportVariables,
|
|
@@ -9363,7 +9363,7 @@ async function sendReport({
|
|
|
9363
9363
|
submitVulnerabilityReportVariables
|
|
9364
9364
|
);
|
|
9365
9365
|
if (submitRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
|
|
9366
|
-
|
|
9366
|
+
debug6("error submit vul report %s", submitRes);
|
|
9367
9367
|
throw new Error("\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed");
|
|
9368
9368
|
}
|
|
9369
9369
|
spinner.update({ text: progressMassages.processingVulnerabilityReport });
|
|
@@ -9415,7 +9415,7 @@ var scannerToFriendlyString = {
|
|
|
9415
9415
|
// src/features/analysis/add_fix_comments_for_pr/utils/buildCommentBody.ts
|
|
9416
9416
|
import Debug6 from "debug";
|
|
9417
9417
|
import { z as z25 } from "zod";
|
|
9418
|
-
var
|
|
9418
|
+
var debug7 = Debug6("mobbdev:handle-finished-analysis");
|
|
9419
9419
|
var getCommitFixButton = (commitUrl) => `<a href="${commitUrl}"><img src=${COMMIT_FIX_SVG}></a>`;
|
|
9420
9420
|
function buildFixCommentBody({
|
|
9421
9421
|
fix,
|
|
@@ -9474,7 +9474,7 @@ function buildFixCommentBody({
|
|
|
9474
9474
|
safeIssueType: z25.nativeEnum(IssueType_Enum)
|
|
9475
9475
|
}).safeParse(fix);
|
|
9476
9476
|
if (!validFixParseRes.success) {
|
|
9477
|
-
|
|
9477
|
+
debug7(
|
|
9478
9478
|
`fix ${fixId} has custom issue type or language, therefore the commit description will not be added`,
|
|
9479
9479
|
validFixParseRes.error
|
|
9480
9480
|
);
|
|
@@ -9538,7 +9538,7 @@ ${issuePageLink}`;
|
|
|
9538
9538
|
}
|
|
9539
9539
|
|
|
9540
9540
|
// src/features/analysis/add_fix_comments_for_pr/utils/utils.ts
|
|
9541
|
-
var
|
|
9541
|
+
var debug8 = Debug7("mobbdev:handle-finished-analysis");
|
|
9542
9542
|
function calculateRanges(integers) {
|
|
9543
9543
|
if (integers.length === 0) {
|
|
9544
9544
|
return [];
|
|
@@ -9572,7 +9572,7 @@ function deleteAllPreviousComments({
|
|
|
9572
9572
|
try {
|
|
9573
9573
|
return scm.deleteComment({ comment_id: comment.id });
|
|
9574
9574
|
} catch (e) {
|
|
9575
|
-
|
|
9575
|
+
debug8("delete comment failed %s", e);
|
|
9576
9576
|
return Promise.resolve();
|
|
9577
9577
|
}
|
|
9578
9578
|
});
|
|
@@ -9588,7 +9588,7 @@ function deleteAllPreviousGeneralPrComments(params) {
|
|
|
9588
9588
|
try {
|
|
9589
9589
|
return scm.deleteGeneralPrComment({ commentId: comment.id });
|
|
9590
9590
|
} catch (e) {
|
|
9591
|
-
|
|
9591
|
+
debug8("delete comment failed %s", e);
|
|
9592
9592
|
return Promise.resolve();
|
|
9593
9593
|
}
|
|
9594
9594
|
});
|
|
@@ -9732,7 +9732,7 @@ async function postAnalysisInsightComment(params) {
|
|
|
9732
9732
|
fixablePrVuls,
|
|
9733
9733
|
nonFixablePrVuls
|
|
9734
9734
|
} = prVulenrabilities;
|
|
9735
|
-
|
|
9735
|
+
debug8({
|
|
9736
9736
|
fixablePrVuls,
|
|
9737
9737
|
nonFixablePrVuls,
|
|
9738
9738
|
vulnerabilitiesOutsidePr,
|
|
@@ -9787,7 +9787,7 @@ ${contactUsMarkdown}`;
|
|
|
9787
9787
|
}
|
|
9788
9788
|
|
|
9789
9789
|
// src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
|
|
9790
|
-
var
|
|
9790
|
+
var debug9 = Debug8("mobbdev:handle-finished-analysis");
|
|
9791
9791
|
async function addFixCommentsForPr({
|
|
9792
9792
|
analysisId,
|
|
9793
9793
|
scm: _scm,
|
|
@@ -9799,7 +9799,7 @@ async function addFixCommentsForPr({
|
|
|
9799
9799
|
}
|
|
9800
9800
|
const scm = _scm;
|
|
9801
9801
|
const getAnalysisRes = await gqlClient.getAnalysis(analysisId);
|
|
9802
|
-
|
|
9802
|
+
debug9("getAnalysis %o", getAnalysisRes);
|
|
9803
9803
|
const {
|
|
9804
9804
|
vulnerabilityReport: {
|
|
9805
9805
|
projectId,
|
|
@@ -9904,7 +9904,7 @@ ${contextString}` : description;
|
|
|
9904
9904
|
|
|
9905
9905
|
// src/features/analysis/auto_pr_handler.ts
|
|
9906
9906
|
import Debug9 from "debug";
|
|
9907
|
-
var
|
|
9907
|
+
var debug10 = Debug9("mobbdev:handleAutoPr");
|
|
9908
9908
|
async function handleAutoPr(params) {
|
|
9909
9909
|
const {
|
|
9910
9910
|
gqlClient,
|
|
@@ -9928,7 +9928,7 @@ async function handleAutoPr(params) {
|
|
|
9928
9928
|
prId,
|
|
9929
9929
|
prStrategy: createOnePr ? "CONDENSE" /* Condense */ : "SPREAD" /* Spread */
|
|
9930
9930
|
});
|
|
9931
|
-
|
|
9931
|
+
debug10("auto pr analysis res %o", autoPrAnalysisRes);
|
|
9932
9932
|
if (autoPrAnalysisRes.autoPrAnalysis?.__typename === "AutoPrError") {
|
|
9933
9933
|
createAutoPrSpinner.error({
|
|
9934
9934
|
text: `\u{1F504} Automatic pull request failed - ${autoPrAnalysisRes.autoPrAnalysis.error}`
|
|
@@ -9955,14 +9955,14 @@ async function handleAutoPr(params) {
|
|
|
9955
9955
|
// src/features/analysis/git.ts
|
|
9956
9956
|
init_GitService();
|
|
9957
9957
|
import Debug10 from "debug";
|
|
9958
|
-
var
|
|
9958
|
+
var debug11 = Debug10("mobbdev:git");
|
|
9959
9959
|
async function getGitInfo(srcDirPath) {
|
|
9960
|
-
|
|
9960
|
+
debug11("getting git info for %s", srcDirPath);
|
|
9961
9961
|
const gitService = new GitService(srcDirPath);
|
|
9962
9962
|
try {
|
|
9963
9963
|
const validationResult = await gitService.validateRepository();
|
|
9964
9964
|
if (!validationResult.isValid) {
|
|
9965
|
-
|
|
9965
|
+
debug11("folder is not a git repo");
|
|
9966
9966
|
return {
|
|
9967
9967
|
success: false,
|
|
9968
9968
|
hash: void 0,
|
|
@@ -9977,9 +9977,9 @@ async function getGitInfo(srcDirPath) {
|
|
|
9977
9977
|
};
|
|
9978
9978
|
} catch (e) {
|
|
9979
9979
|
if (e instanceof Error) {
|
|
9980
|
-
|
|
9980
|
+
debug11("failed to run git %o", e);
|
|
9981
9981
|
if (e.message.includes(" spawn ")) {
|
|
9982
|
-
|
|
9982
|
+
debug11("git cli not installed");
|
|
9983
9983
|
} else {
|
|
9984
9984
|
throw e;
|
|
9985
9985
|
}
|
|
@@ -10002,11 +10002,11 @@ import { createClient } from "graphql-ws";
|
|
|
10002
10002
|
import { HttpsProxyAgent } from "https-proxy-agent";
|
|
10003
10003
|
import WebSocket from "ws";
|
|
10004
10004
|
var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
|
|
10005
|
-
var
|
|
10005
|
+
var debug12 = Debug11("mobbdev:subscribe");
|
|
10006
10006
|
var SUBSCRIPTION_TIMEOUT_MS = 30 * 60 * 1e3;
|
|
10007
10007
|
function createWSClient(options) {
|
|
10008
10008
|
const proxy = options.url.startsWith("wss://") && process.env["HTTPS_PROXY"] ? new HttpsProxyAgent(process.env["HTTPS_PROXY"]) : options.url.startsWith("ws://") && process.env["HTTP_PROXY"] ? new HttpsProxyAgent(process.env["HTTP_PROXY"]) : null;
|
|
10009
|
-
|
|
10009
|
+
debug12(
|
|
10010
10010
|
`Using proxy: ${proxy ? "yes" : "no"} with url: ${options.url} and with proxy: ${process.env["HTTP_PROXY"]} for the websocket connection`
|
|
10011
10011
|
);
|
|
10012
10012
|
const CustomWebSocket = class extends WebSocket {
|
|
@@ -10155,7 +10155,7 @@ var GetVulByNodesMetadataZ = z27.object({
|
|
|
10155
10155
|
});
|
|
10156
10156
|
|
|
10157
10157
|
// src/features/analysis/graphql/gql.ts
|
|
10158
|
-
var
|
|
10158
|
+
var debug13 = Debug12("mobbdev:gql");
|
|
10159
10159
|
var API_KEY_HEADER_NAME = "x-mobb-key";
|
|
10160
10160
|
var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
|
|
10161
10161
|
function getProxyAgent(url) {
|
|
@@ -10165,12 +10165,12 @@ function getProxyAgent(url) {
|
|
|
10165
10165
|
const isHttps = parsedUrl.protocol === "https:";
|
|
10166
10166
|
const proxy = isHttps ? HTTPS_PROXY : isHttp ? HTTP_PROXY : null;
|
|
10167
10167
|
if (proxy) {
|
|
10168
|
-
|
|
10169
|
-
|
|
10168
|
+
debug13("Using proxy %s", proxy);
|
|
10169
|
+
debug13("Proxy agent %o", proxy);
|
|
10170
10170
|
return isHttps ? new HttpsProxyAgent2(proxy) : new HttpProxyAgent(proxy);
|
|
10171
10171
|
}
|
|
10172
10172
|
} catch (err) {
|
|
10173
|
-
|
|
10173
|
+
debug13(`Skipping proxy for ${url}. Reason: ${err.message}`);
|
|
10174
10174
|
}
|
|
10175
10175
|
return void 0;
|
|
10176
10176
|
}
|
|
@@ -10185,7 +10185,7 @@ var fetchWithProxy = (url, options = {}) => {
|
|
|
10185
10185
|
});
|
|
10186
10186
|
}
|
|
10187
10187
|
} catch (err) {
|
|
10188
|
-
|
|
10188
|
+
debug13(`Skipping proxy for ${url}. Reason: ${err.message}`);
|
|
10189
10189
|
}
|
|
10190
10190
|
return fetchOrig(url, options);
|
|
10191
10191
|
};
|
|
@@ -10194,7 +10194,7 @@ var GQLClient = class {
|
|
|
10194
10194
|
__publicField(this, "_client");
|
|
10195
10195
|
__publicField(this, "_clientSdk");
|
|
10196
10196
|
__publicField(this, "_auth");
|
|
10197
|
-
|
|
10197
|
+
debug13(`init with ${args}`);
|
|
10198
10198
|
this._auth = args;
|
|
10199
10199
|
this._client = new GraphQLClient(API_URL, {
|
|
10200
10200
|
headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
|
|
@@ -10203,7 +10203,7 @@ var GQLClient = class {
|
|
|
10203
10203
|
fetch: fetchWithProxy,
|
|
10204
10204
|
requestMiddleware: (request) => {
|
|
10205
10205
|
const requestId = uuidv4();
|
|
10206
|
-
|
|
10206
|
+
debug13(
|
|
10207
10207
|
`sending API request with id: ${requestId} and with request: ${request.body}`
|
|
10208
10208
|
);
|
|
10209
10209
|
return {
|
|
@@ -10233,7 +10233,7 @@ var GQLClient = class {
|
|
|
10233
10233
|
await this.getUserInfo();
|
|
10234
10234
|
} catch (e) {
|
|
10235
10235
|
if (e?.toString().startsWith("FetchError")) {
|
|
10236
|
-
|
|
10236
|
+
debug13("verify connection failed %o", e);
|
|
10237
10237
|
return false;
|
|
10238
10238
|
}
|
|
10239
10239
|
}
|
|
@@ -10245,7 +10245,7 @@ var GQLClient = class {
|
|
|
10245
10245
|
try {
|
|
10246
10246
|
info = await this.getUserInfo();
|
|
10247
10247
|
} catch (e) {
|
|
10248
|
-
|
|
10248
|
+
debug13("verify token failed %o", e);
|
|
10249
10249
|
return false;
|
|
10250
10250
|
}
|
|
10251
10251
|
return info?.email || true;
|
|
@@ -10304,7 +10304,7 @@ var GQLClient = class {
|
|
|
10304
10304
|
try {
|
|
10305
10305
|
await this._clientSdk.CreateCommunityUser();
|
|
10306
10306
|
} catch (e) {
|
|
10307
|
-
|
|
10307
|
+
debug13("create community user failed %o", e);
|
|
10308
10308
|
}
|
|
10309
10309
|
}
|
|
10310
10310
|
async updateScmToken(args) {
|
|
@@ -10535,7 +10535,7 @@ import { isBinary as isBinary2 } from "istextorbinary";
|
|
|
10535
10535
|
import { simpleGit as simpleGit2 } from "simple-git";
|
|
10536
10536
|
import { parseStringPromise } from "xml2js";
|
|
10537
10537
|
import { z as z28 } from "zod";
|
|
10538
|
-
var
|
|
10538
|
+
var debug14 = Debug13("mobbdev:pack");
|
|
10539
10539
|
var FPR_SOURCE_CODE_FILE_MAPPING_SCHEMA = z28.object({
|
|
10540
10540
|
properties: z28.object({
|
|
10541
10541
|
entry: z28.array(
|
|
@@ -10557,7 +10557,7 @@ function getManifestFilesSuffixes() {
|
|
|
10557
10557
|
return ["package.json", "pom.xml"];
|
|
10558
10558
|
}
|
|
10559
10559
|
async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
10560
|
-
|
|
10560
|
+
debug14("pack folder %s", srcDirPath);
|
|
10561
10561
|
let git = void 0;
|
|
10562
10562
|
try {
|
|
10563
10563
|
git = simpleGit2({
|
|
@@ -10567,13 +10567,13 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
10567
10567
|
});
|
|
10568
10568
|
await git.status();
|
|
10569
10569
|
} catch (e) {
|
|
10570
|
-
|
|
10570
|
+
debug14("failed to run git %o", e);
|
|
10571
10571
|
git = void 0;
|
|
10572
10572
|
if (e instanceof Error) {
|
|
10573
10573
|
if (e.message.includes(" spawn ")) {
|
|
10574
|
-
|
|
10574
|
+
debug14("git cli not installed");
|
|
10575
10575
|
} else if (e.message.includes("not a git repository")) {
|
|
10576
|
-
|
|
10576
|
+
debug14("folder is not a git repo");
|
|
10577
10577
|
} else {
|
|
10578
10578
|
throw e;
|
|
10579
10579
|
}
|
|
@@ -10588,9 +10588,9 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
10588
10588
|
followSymbolicLinks: false,
|
|
10589
10589
|
dot: true
|
|
10590
10590
|
});
|
|
10591
|
-
|
|
10591
|
+
debug14("files found %d", filepaths.length);
|
|
10592
10592
|
const zip = new AdmZip();
|
|
10593
|
-
|
|
10593
|
+
debug14("compressing files");
|
|
10594
10594
|
for (const filepath of filepaths) {
|
|
10595
10595
|
const absFilepath = path7.join(srcDirPath, filepath.toString());
|
|
10596
10596
|
if (!isIncludeAllFiles) {
|
|
@@ -10599,26 +10599,26 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
10599
10599
|
absFilepath.toString().replaceAll(path7.win32.sep, path7.posix.sep),
|
|
10600
10600
|
vulnFiles
|
|
10601
10601
|
)) {
|
|
10602
|
-
|
|
10602
|
+
debug14("ignoring %s because it is not a vulnerability file", filepath);
|
|
10603
10603
|
continue;
|
|
10604
10604
|
}
|
|
10605
10605
|
}
|
|
10606
10606
|
if (fs7.lstatSync(absFilepath).size > MCP_MAX_FILE_SIZE) {
|
|
10607
|
-
|
|
10607
|
+
debug14("ignoring %s because the size is > 5MB", filepath);
|
|
10608
10608
|
continue;
|
|
10609
10609
|
}
|
|
10610
10610
|
const data = git ? await git.showBuffer([`HEAD:./${filepath}`]) : fs7.readFileSync(absFilepath);
|
|
10611
10611
|
if (isBinary2(null, data)) {
|
|
10612
|
-
|
|
10612
|
+
debug14("ignoring %s because is seems to be a binary file", filepath);
|
|
10613
10613
|
continue;
|
|
10614
10614
|
}
|
|
10615
10615
|
zip.addFile(filepath.toString(), data);
|
|
10616
10616
|
}
|
|
10617
|
-
|
|
10617
|
+
debug14("get zip file buffer");
|
|
10618
10618
|
return zip.toBuffer();
|
|
10619
10619
|
}
|
|
10620
10620
|
async function repackFpr(fprPath) {
|
|
10621
|
-
|
|
10621
|
+
debug14("repack fpr file %s", fprPath);
|
|
10622
10622
|
const zipIn = new AdmZip(fprPath);
|
|
10623
10623
|
const zipOut = new AdmZip();
|
|
10624
10624
|
const mappingXML = zipIn.readAsText("src-archive/index.xml", "utf-8");
|
|
@@ -10633,7 +10633,7 @@ async function repackFpr(fprPath) {
|
|
|
10633
10633
|
zipOut.addFile(realPath, buf);
|
|
10634
10634
|
}
|
|
10635
10635
|
}
|
|
10636
|
-
|
|
10636
|
+
debug14("get repacked zip file buffer");
|
|
10637
10637
|
return zipOut.toBuffer();
|
|
10638
10638
|
}
|
|
10639
10639
|
|
|
@@ -10728,16 +10728,16 @@ function createSpawn({ args, processPath, name, cwd }, options) {
|
|
|
10728
10728
|
return createChildProcess({ childProcess: child, name }, options);
|
|
10729
10729
|
}
|
|
10730
10730
|
function createChildProcess({ childProcess, name }, options) {
|
|
10731
|
-
const
|
|
10731
|
+
const debug21 = Debug14(`mobbdev:${name}`);
|
|
10732
10732
|
const { display } = options;
|
|
10733
10733
|
return new Promise((resolve, reject) => {
|
|
10734
10734
|
let out = "";
|
|
10735
10735
|
const onData = (chunk) => {
|
|
10736
|
-
|
|
10736
|
+
debug21(`chunk received from ${name} std ${chunk}`);
|
|
10737
10737
|
out += chunk;
|
|
10738
10738
|
};
|
|
10739
10739
|
if (!childProcess?.stdout || !childProcess?.stderr) {
|
|
10740
|
-
|
|
10740
|
+
debug21(`unable to fork ${name}`);
|
|
10741
10741
|
reject(new Error(`unable to fork ${name}`));
|
|
10742
10742
|
}
|
|
10743
10743
|
childProcess.stdout?.on("data", onData);
|
|
@@ -10747,11 +10747,11 @@ function createChildProcess({ childProcess, name }, options) {
|
|
|
10747
10747
|
childProcess.stderr?.pipe(process2.stderr);
|
|
10748
10748
|
}
|
|
10749
10749
|
childProcess.on("exit", (code) => {
|
|
10750
|
-
|
|
10750
|
+
debug21(`${name} exit code ${code}`);
|
|
10751
10751
|
resolve({ message: out, code });
|
|
10752
10752
|
});
|
|
10753
10753
|
childProcess.on("error", (err) => {
|
|
10754
|
-
|
|
10754
|
+
debug21(`${name} error %o`, err);
|
|
10755
10755
|
reject(err);
|
|
10756
10756
|
});
|
|
10757
10757
|
});
|
|
@@ -10764,7 +10764,7 @@ import { existsSync } from "fs";
|
|
|
10764
10764
|
import { createSpinner as createSpinner2 } from "nanospinner";
|
|
10765
10765
|
import { type } from "os";
|
|
10766
10766
|
import path8 from "path";
|
|
10767
|
-
var
|
|
10767
|
+
var debug15 = Debug15("mobbdev:checkmarx");
|
|
10768
10768
|
var require2 = createRequire(import.meta.url);
|
|
10769
10769
|
var getCheckmarxPath = () => {
|
|
10770
10770
|
const os3 = type();
|
|
@@ -10805,14 +10805,14 @@ function validateCheckmarxInstallation() {
|
|
|
10805
10805
|
existsSync(getCheckmarxPath());
|
|
10806
10806
|
}
|
|
10807
10807
|
async function forkCheckmarx(args, { display }) {
|
|
10808
|
-
|
|
10808
|
+
debug15("fork checkmarx with args %o %s", args.join(" "), display);
|
|
10809
10809
|
return createSpawn(
|
|
10810
10810
|
{ args, processPath: getCheckmarxPath(), name: "checkmarx" },
|
|
10811
10811
|
{ display }
|
|
10812
10812
|
);
|
|
10813
10813
|
}
|
|
10814
10814
|
async function getCheckmarxReport({ reportPath, repositoryRoot, branch, projectName }, { skipPrompts = false }) {
|
|
10815
|
-
|
|
10815
|
+
debug15("get checkmarx report start %s %s", reportPath, repositoryRoot);
|
|
10816
10816
|
const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
|
|
10817
10817
|
display: false
|
|
10818
10818
|
});
|
|
@@ -10883,17 +10883,17 @@ import chalk4 from "chalk";
|
|
|
10883
10883
|
import Debug16 from "debug";
|
|
10884
10884
|
import { createSpinner as createSpinner3 } from "nanospinner";
|
|
10885
10885
|
import open from "open";
|
|
10886
|
-
var
|
|
10886
|
+
var debug16 = Debug16("mobbdev:snyk");
|
|
10887
10887
|
var require3 = createRequire2(import.meta.url);
|
|
10888
10888
|
var SNYK_PATH = require3.resolve("snyk/bin/snyk");
|
|
10889
10889
|
var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-using-snyk/snyk-code/configure-snyk-code#enable-snyk-code";
|
|
10890
|
-
|
|
10890
|
+
debug16("snyk executable path %s", SNYK_PATH);
|
|
10891
10891
|
async function forkSnyk(args, { display }) {
|
|
10892
|
-
|
|
10892
|
+
debug16("fork snyk with args %o %s", args, display);
|
|
10893
10893
|
return createFork({ args, processPath: SNYK_PATH, name: "snyk" }, { display });
|
|
10894
10894
|
}
|
|
10895
10895
|
async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
10896
|
-
|
|
10896
|
+
debug16("get snyk report start %s %s", reportPath, repoRoot);
|
|
10897
10897
|
const config4 = await forkSnyk(["config"], { display: false });
|
|
10898
10898
|
const { message: configMessage } = config4;
|
|
10899
10899
|
if (!configMessage.includes("api: ")) {
|
|
@@ -10907,7 +10907,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
10907
10907
|
snykLoginSpinner.update({
|
|
10908
10908
|
text: "\u{1F513} Waiting for Snyk login to complete"
|
|
10909
10909
|
});
|
|
10910
|
-
|
|
10910
|
+
debug16("no token in the config %s", config4);
|
|
10911
10911
|
await forkSnyk(["auth"], { display: true });
|
|
10912
10912
|
snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
|
|
10913
10913
|
}
|
|
@@ -10917,12 +10917,12 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
10917
10917
|
{ display: true }
|
|
10918
10918
|
);
|
|
10919
10919
|
if (scanOutput.includes("Snyk Code is not supported for org")) {
|
|
10920
|
-
|
|
10920
|
+
debug16("snyk code is not enabled %s", scanOutput);
|
|
10921
10921
|
snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
|
|
10922
10922
|
const answer = await snykArticlePrompt();
|
|
10923
|
-
|
|
10923
|
+
debug16("answer %s", answer);
|
|
10924
10924
|
if (answer) {
|
|
10925
|
-
|
|
10925
|
+
debug16("opening the browser");
|
|
10926
10926
|
await open(SNYK_ARTICLE_URL);
|
|
10927
10927
|
}
|
|
10928
10928
|
console.log(
|
|
@@ -10939,7 +10939,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
10939
10939
|
// src/features/analysis/upload-file.ts
|
|
10940
10940
|
import Debug17 from "debug";
|
|
10941
10941
|
import fetch3, { File, fileFrom, FormData } from "node-fetch";
|
|
10942
|
-
var
|
|
10942
|
+
var debug17 = Debug17("mobbdev:upload-file");
|
|
10943
10943
|
async function uploadFile({
|
|
10944
10944
|
file,
|
|
10945
10945
|
url,
|
|
@@ -10952,9 +10952,9 @@ async function uploadFile({
|
|
|
10952
10952
|
logInfo2(`FileUpload: upload file start ${url}`);
|
|
10953
10953
|
logInfo2(`FileUpload: upload fields`, uploadFields);
|
|
10954
10954
|
logInfo2(`FileUpload: upload key ${uploadKey}`);
|
|
10955
|
-
|
|
10956
|
-
|
|
10957
|
-
|
|
10955
|
+
debug17("upload file start %s", url);
|
|
10956
|
+
debug17("upload fields %o", uploadFields);
|
|
10957
|
+
debug17("upload key %s", uploadKey);
|
|
10958
10958
|
const form = new FormData();
|
|
10959
10959
|
Object.entries(uploadFields).forEach(([key, value]) => {
|
|
10960
10960
|
form.append(key, value);
|
|
@@ -10963,11 +10963,11 @@ async function uploadFile({
|
|
|
10963
10963
|
form.append("key", uploadKey);
|
|
10964
10964
|
}
|
|
10965
10965
|
if (typeof file === "string") {
|
|
10966
|
-
|
|
10966
|
+
debug17("upload file from path %s", file);
|
|
10967
10967
|
logInfo2(`FileUpload: upload file from path ${file}`);
|
|
10968
10968
|
form.append("file", await fileFrom(file));
|
|
10969
10969
|
} else {
|
|
10970
|
-
|
|
10970
|
+
debug17("upload file from buffer");
|
|
10971
10971
|
logInfo2(`FileUpload: upload file from buffer`);
|
|
10972
10972
|
form.append("file", new File([file], "file"));
|
|
10973
10973
|
}
|
|
@@ -10978,11 +10978,11 @@ async function uploadFile({
|
|
|
10978
10978
|
agent
|
|
10979
10979
|
});
|
|
10980
10980
|
if (!response.ok) {
|
|
10981
|
-
|
|
10981
|
+
debug17("error from S3 %s %s", response.body, response.status);
|
|
10982
10982
|
logInfo2(`FileUpload: error from S3 ${response.body} ${response.status}`);
|
|
10983
10983
|
throw new Error(`Failed to upload the file: ${response.status}`);
|
|
10984
10984
|
}
|
|
10985
|
-
|
|
10985
|
+
debug17("upload file done");
|
|
10986
10986
|
logInfo2(`FileUpload: upload file done`);
|
|
10987
10987
|
}
|
|
10988
10988
|
|
|
@@ -11017,9 +11017,9 @@ async function downloadRepo({
|
|
|
11017
11017
|
}) {
|
|
11018
11018
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
11019
11019
|
const repoSpinner = createSpinner5("\u{1F4BE} Downloading Repo").start();
|
|
11020
|
-
|
|
11020
|
+
debug18("download repo %s %s %s", repoUrl, dirname);
|
|
11021
11021
|
const zipFilePath = path9.join(dirname, "repo.zip");
|
|
11022
|
-
|
|
11022
|
+
debug18("download URL: %s auth headers: %o", downloadUrl, authHeaders);
|
|
11023
11023
|
const response = await fetch4(downloadUrl, {
|
|
11024
11024
|
method: "GET",
|
|
11025
11025
|
headers: {
|
|
@@ -11027,7 +11027,7 @@ async function downloadRepo({
|
|
|
11027
11027
|
}
|
|
11028
11028
|
});
|
|
11029
11029
|
if (!response.ok) {
|
|
11030
|
-
|
|
11030
|
+
debug18("SCM zipball request failed %s %s", response.body, response.status);
|
|
11031
11031
|
repoSpinner.error({ text: "\u{1F4BE} Repo download failed" });
|
|
11032
11032
|
throw new Error(`Can't access ${chalk5.bold(repoUrl)}`);
|
|
11033
11033
|
}
|
|
@@ -11041,7 +11041,7 @@ async function downloadRepo({
|
|
|
11041
11041
|
if (!repoRoot) {
|
|
11042
11042
|
throw new Error("Repo root not found");
|
|
11043
11043
|
}
|
|
11044
|
-
|
|
11044
|
+
debug18("repo root %s", repoRoot);
|
|
11045
11045
|
repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
|
|
11046
11046
|
return path9.join(dirname, repoRoot);
|
|
11047
11047
|
}
|
|
@@ -11050,9 +11050,9 @@ var getReportUrl = ({
|
|
|
11050
11050
|
projectId,
|
|
11051
11051
|
fixReportId
|
|
11052
11052
|
}) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
|
|
11053
|
-
var
|
|
11053
|
+
var debug18 = Debug18("mobbdev:index");
|
|
11054
11054
|
var config2 = new Configstore(packageJson.name, { apiToken: "" });
|
|
11055
|
-
|
|
11055
|
+
debug18("config %o", config2);
|
|
11056
11056
|
async function runAnalysis(params, options) {
|
|
11057
11057
|
const tmpObj = tmp2.dirSync({
|
|
11058
11058
|
unsafeCleanup: true
|
|
@@ -11197,7 +11197,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
11197
11197
|
commitDirectly,
|
|
11198
11198
|
pullRequest
|
|
11199
11199
|
} = params;
|
|
11200
|
-
|
|
11200
|
+
debug18("start %s %s", dirname, repo);
|
|
11201
11201
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
11202
11202
|
skipPrompts = skipPrompts || ci;
|
|
11203
11203
|
let gqlClient = new GQLClient({
|
|
@@ -11271,8 +11271,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
11271
11271
|
);
|
|
11272
11272
|
}
|
|
11273
11273
|
const { sha } = getReferenceDataRes.gitReference;
|
|
11274
|
-
|
|
11275
|
-
|
|
11274
|
+
debug18("project id %s", projectId);
|
|
11275
|
+
debug18("default branch %s", reference);
|
|
11276
11276
|
if (command === "scan") {
|
|
11277
11277
|
reportPath = await getReport(
|
|
11278
11278
|
{
|
|
@@ -11654,7 +11654,7 @@ import chalkAnimation from "chalk-animation";
|
|
|
11654
11654
|
import Configstore2 from "configstore";
|
|
11655
11655
|
import Debug19 from "debug";
|
|
11656
11656
|
import open3 from "open";
|
|
11657
|
-
var
|
|
11657
|
+
var debug19 = Debug19("mobbdev:commands");
|
|
11658
11658
|
async function review(params, { skipPrompts = true } = {}) {
|
|
11659
11659
|
const {
|
|
11660
11660
|
repo,
|
|
@@ -11845,9 +11845,9 @@ async function handleMobbLogin({
|
|
|
11845
11845
|
});
|
|
11846
11846
|
loginSpinner.spin();
|
|
11847
11847
|
if (encryptedApiToken) {
|
|
11848
|
-
|
|
11848
|
+
debug19("encrypted API token received %s", encryptedApiToken);
|
|
11849
11849
|
newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
|
|
11850
|
-
|
|
11850
|
+
debug19("API token decrypted");
|
|
11851
11851
|
break;
|
|
11852
11852
|
}
|
|
11853
11853
|
await sleep(LOGIN_CHECK_DELAY);
|
|
@@ -11861,7 +11861,7 @@ async function handleMobbLogin({
|
|
|
11861
11861
|
const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
|
|
11862
11862
|
const loginSuccess = await newGqlClient.validateUserToken();
|
|
11863
11863
|
if (loginSuccess) {
|
|
11864
|
-
|
|
11864
|
+
debug19(`set api token ${newApiToken}`);
|
|
11865
11865
|
config3.set("apiToken", newApiToken);
|
|
11866
11866
|
loginSpinner.success({
|
|
11867
11867
|
text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
|
|
@@ -14905,13 +14905,13 @@ var parseArgs = async (args) => {
|
|
|
14905
14905
|
};
|
|
14906
14906
|
|
|
14907
14907
|
// src/index.ts
|
|
14908
|
-
var
|
|
14908
|
+
var debug20 = Debug20("mobbdev:index");
|
|
14909
14909
|
async function run() {
|
|
14910
14910
|
return parseArgs(hideBin(process.argv));
|
|
14911
14911
|
}
|
|
14912
14912
|
(async () => {
|
|
14913
14913
|
try {
|
|
14914
|
-
|
|
14914
|
+
debug20("Bugsy CLI v%s running...", packageJson.version);
|
|
14915
14915
|
await run();
|
|
14916
14916
|
process.exit(0);
|
|
14917
14917
|
} catch (err) {
|