mobbdev 1.0.153 → 1.0.155
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +91 -85
- package/package.json +10 -10
package/dist/index.mjs
CHANGED
|
@@ -8030,6 +8030,12 @@ import {
|
|
|
8030
8030
|
fetch as undiciFetch,
|
|
8031
8031
|
ProxyAgent as ProxyAgent2
|
|
8032
8032
|
} from "undici";
|
|
8033
|
+
|
|
8034
|
+
// src/utils/contextLogger.ts
|
|
8035
|
+
import debugModule from "debug";
|
|
8036
|
+
var debug3 = debugModule("mobb:shared");
|
|
8037
|
+
|
|
8038
|
+
// src/features/analysis/scm/gitlab/gitlab.ts
|
|
8033
8039
|
init_env();
|
|
8034
8040
|
|
|
8035
8041
|
// src/features/analysis/scm/gitlab/types.ts
|
|
@@ -8041,7 +8047,7 @@ var GitlabAuthResultZ = z22.object({
|
|
|
8041
8047
|
});
|
|
8042
8048
|
|
|
8043
8049
|
// src/features/analysis/scm/gitlab/gitlab.ts
|
|
8044
|
-
var
|
|
8050
|
+
var debug4 = Debug3("scm:gitlab");
|
|
8045
8051
|
function removeTrailingSlash2(str) {
|
|
8046
8052
|
return str.trim().replace(/\/+$/, "");
|
|
8047
8053
|
}
|
|
@@ -8979,7 +8985,7 @@ import chalk from "chalk";
|
|
|
8979
8985
|
import Debug4 from "debug";
|
|
8980
8986
|
import * as dotenv from "dotenv";
|
|
8981
8987
|
import { z as z24 } from "zod";
|
|
8982
|
-
var
|
|
8988
|
+
var debug5 = Debug4("mobbdev:constants");
|
|
8983
8989
|
var __dirname = path6.dirname(fileURLToPath2(import.meta.url));
|
|
8984
8990
|
dotenv.config({ path: path6.join(__dirname, "../.env") });
|
|
8985
8991
|
var scmFriendlyText = {
|
|
@@ -9016,7 +9022,7 @@ var envVariablesSchema = z24.object({
|
|
|
9016
9022
|
HTTPS_PROXY: z24.string().optional().default("")
|
|
9017
9023
|
}).required();
|
|
9018
9024
|
var envVariables = envVariablesSchema.parse(process.env);
|
|
9019
|
-
|
|
9025
|
+
debug5("config %o", envVariables);
|
|
9020
9026
|
var mobbAscii = `
|
|
9021
9027
|
..
|
|
9022
9028
|
..........
|
|
@@ -9346,7 +9352,7 @@ function keyBy(array, keyBy2) {
|
|
|
9346
9352
|
|
|
9347
9353
|
// src/features/analysis/utils/send_report.ts
|
|
9348
9354
|
import Debug5 from "debug";
|
|
9349
|
-
var
|
|
9355
|
+
var debug6 = Debug5("mobbdev:index");
|
|
9350
9356
|
async function sendReport({
|
|
9351
9357
|
spinner,
|
|
9352
9358
|
submitVulnerabilityReportVariables,
|
|
@@ -9357,7 +9363,7 @@ async function sendReport({
|
|
|
9357
9363
|
submitVulnerabilityReportVariables
|
|
9358
9364
|
);
|
|
9359
9365
|
if (submitRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
|
|
9360
|
-
|
|
9366
|
+
debug6("error submit vul report %s", submitRes);
|
|
9361
9367
|
throw new Error("\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed");
|
|
9362
9368
|
}
|
|
9363
9369
|
spinner.update({ text: progressMassages.processingVulnerabilityReport });
|
|
@@ -9409,7 +9415,7 @@ var scannerToFriendlyString = {
|
|
|
9409
9415
|
// src/features/analysis/add_fix_comments_for_pr/utils/buildCommentBody.ts
|
|
9410
9416
|
import Debug6 from "debug";
|
|
9411
9417
|
import { z as z25 } from "zod";
|
|
9412
|
-
var
|
|
9418
|
+
var debug7 = Debug6("mobbdev:handle-finished-analysis");
|
|
9413
9419
|
var getCommitFixButton = (commitUrl) => `<a href="${commitUrl}"><img src=${COMMIT_FIX_SVG}></a>`;
|
|
9414
9420
|
function buildFixCommentBody({
|
|
9415
9421
|
fix,
|
|
@@ -9468,7 +9474,7 @@ function buildFixCommentBody({
|
|
|
9468
9474
|
safeIssueType: z25.nativeEnum(IssueType_Enum)
|
|
9469
9475
|
}).safeParse(fix);
|
|
9470
9476
|
if (!validFixParseRes.success) {
|
|
9471
|
-
|
|
9477
|
+
debug7(
|
|
9472
9478
|
`fix ${fixId} has custom issue type or language, therefore the commit description will not be added`,
|
|
9473
9479
|
validFixParseRes.error
|
|
9474
9480
|
);
|
|
@@ -9532,7 +9538,7 @@ ${issuePageLink}`;
|
|
|
9532
9538
|
}
|
|
9533
9539
|
|
|
9534
9540
|
// src/features/analysis/add_fix_comments_for_pr/utils/utils.ts
|
|
9535
|
-
var
|
|
9541
|
+
var debug8 = Debug7("mobbdev:handle-finished-analysis");
|
|
9536
9542
|
function calculateRanges(integers) {
|
|
9537
9543
|
if (integers.length === 0) {
|
|
9538
9544
|
return [];
|
|
@@ -9566,7 +9572,7 @@ function deleteAllPreviousComments({
|
|
|
9566
9572
|
try {
|
|
9567
9573
|
return scm.deleteComment({ comment_id: comment.id });
|
|
9568
9574
|
} catch (e) {
|
|
9569
|
-
|
|
9575
|
+
debug8("delete comment failed %s", e);
|
|
9570
9576
|
return Promise.resolve();
|
|
9571
9577
|
}
|
|
9572
9578
|
});
|
|
@@ -9582,7 +9588,7 @@ function deleteAllPreviousGeneralPrComments(params) {
|
|
|
9582
9588
|
try {
|
|
9583
9589
|
return scm.deleteGeneralPrComment({ commentId: comment.id });
|
|
9584
9590
|
} catch (e) {
|
|
9585
|
-
|
|
9591
|
+
debug8("delete comment failed %s", e);
|
|
9586
9592
|
return Promise.resolve();
|
|
9587
9593
|
}
|
|
9588
9594
|
});
|
|
@@ -9726,7 +9732,7 @@ async function postAnalysisInsightComment(params) {
|
|
|
9726
9732
|
fixablePrVuls,
|
|
9727
9733
|
nonFixablePrVuls
|
|
9728
9734
|
} = prVulenrabilities;
|
|
9729
|
-
|
|
9735
|
+
debug8({
|
|
9730
9736
|
fixablePrVuls,
|
|
9731
9737
|
nonFixablePrVuls,
|
|
9732
9738
|
vulnerabilitiesOutsidePr,
|
|
@@ -9781,7 +9787,7 @@ ${contactUsMarkdown}`;
|
|
|
9781
9787
|
}
|
|
9782
9788
|
|
|
9783
9789
|
// src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
|
|
9784
|
-
var
|
|
9790
|
+
var debug9 = Debug8("mobbdev:handle-finished-analysis");
|
|
9785
9791
|
async function addFixCommentsForPr({
|
|
9786
9792
|
analysisId,
|
|
9787
9793
|
scm: _scm,
|
|
@@ -9793,7 +9799,7 @@ async function addFixCommentsForPr({
|
|
|
9793
9799
|
}
|
|
9794
9800
|
const scm = _scm;
|
|
9795
9801
|
const getAnalysisRes = await gqlClient.getAnalysis(analysisId);
|
|
9796
|
-
|
|
9802
|
+
debug9("getAnalysis %o", getAnalysisRes);
|
|
9797
9803
|
const {
|
|
9798
9804
|
vulnerabilityReport: {
|
|
9799
9805
|
projectId,
|
|
@@ -9898,7 +9904,7 @@ ${contextString}` : description;
|
|
|
9898
9904
|
|
|
9899
9905
|
// src/features/analysis/auto_pr_handler.ts
|
|
9900
9906
|
import Debug9 from "debug";
|
|
9901
|
-
var
|
|
9907
|
+
var debug10 = Debug9("mobbdev:handleAutoPr");
|
|
9902
9908
|
async function handleAutoPr(params) {
|
|
9903
9909
|
const {
|
|
9904
9910
|
gqlClient,
|
|
@@ -9922,7 +9928,7 @@ async function handleAutoPr(params) {
|
|
|
9922
9928
|
prId,
|
|
9923
9929
|
prStrategy: createOnePr ? "CONDENSE" /* Condense */ : "SPREAD" /* Spread */
|
|
9924
9930
|
});
|
|
9925
|
-
|
|
9931
|
+
debug10("auto pr analysis res %o", autoPrAnalysisRes);
|
|
9926
9932
|
if (autoPrAnalysisRes.autoPrAnalysis?.__typename === "AutoPrError") {
|
|
9927
9933
|
createAutoPrSpinner.error({
|
|
9928
9934
|
text: `\u{1F504} Automatic pull request failed - ${autoPrAnalysisRes.autoPrAnalysis.error}`
|
|
@@ -9949,14 +9955,14 @@ async function handleAutoPr(params) {
|
|
|
9949
9955
|
// src/features/analysis/git.ts
|
|
9950
9956
|
init_GitService();
|
|
9951
9957
|
import Debug10 from "debug";
|
|
9952
|
-
var
|
|
9958
|
+
var debug11 = Debug10("mobbdev:git");
|
|
9953
9959
|
async function getGitInfo(srcDirPath) {
|
|
9954
|
-
|
|
9960
|
+
debug11("getting git info for %s", srcDirPath);
|
|
9955
9961
|
const gitService = new GitService(srcDirPath);
|
|
9956
9962
|
try {
|
|
9957
9963
|
const validationResult = await gitService.validateRepository();
|
|
9958
9964
|
if (!validationResult.isValid) {
|
|
9959
|
-
|
|
9965
|
+
debug11("folder is not a git repo");
|
|
9960
9966
|
return {
|
|
9961
9967
|
success: false,
|
|
9962
9968
|
hash: void 0,
|
|
@@ -9971,9 +9977,9 @@ async function getGitInfo(srcDirPath) {
|
|
|
9971
9977
|
};
|
|
9972
9978
|
} catch (e) {
|
|
9973
9979
|
if (e instanceof Error) {
|
|
9974
|
-
|
|
9980
|
+
debug11("failed to run git %o", e);
|
|
9975
9981
|
if (e.message.includes(" spawn ")) {
|
|
9976
|
-
|
|
9982
|
+
debug11("git cli not installed");
|
|
9977
9983
|
} else {
|
|
9978
9984
|
throw e;
|
|
9979
9985
|
}
|
|
@@ -9996,11 +10002,11 @@ import { createClient } from "graphql-ws";
|
|
|
9996
10002
|
import { HttpsProxyAgent } from "https-proxy-agent";
|
|
9997
10003
|
import WebSocket from "ws";
|
|
9998
10004
|
var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
|
|
9999
|
-
var
|
|
10005
|
+
var debug12 = Debug11("mobbdev:subscribe");
|
|
10000
10006
|
var SUBSCRIPTION_TIMEOUT_MS = 30 * 60 * 1e3;
|
|
10001
10007
|
function createWSClient(options) {
|
|
10002
10008
|
const proxy = options.url.startsWith("wss://") && process.env["HTTPS_PROXY"] ? new HttpsProxyAgent(process.env["HTTPS_PROXY"]) : options.url.startsWith("ws://") && process.env["HTTP_PROXY"] ? new HttpsProxyAgent(process.env["HTTP_PROXY"]) : null;
|
|
10003
|
-
|
|
10009
|
+
debug12(
|
|
10004
10010
|
`Using proxy: ${proxy ? "yes" : "no"} with url: ${options.url} and with proxy: ${process.env["HTTP_PROXY"]} for the websocket connection`
|
|
10005
10011
|
);
|
|
10006
10012
|
const CustomWebSocket = class extends WebSocket {
|
|
@@ -10149,7 +10155,7 @@ var GetVulByNodesMetadataZ = z27.object({
|
|
|
10149
10155
|
});
|
|
10150
10156
|
|
|
10151
10157
|
// src/features/analysis/graphql/gql.ts
|
|
10152
|
-
var
|
|
10158
|
+
var debug13 = Debug12("mobbdev:gql");
|
|
10153
10159
|
var API_KEY_HEADER_NAME = "x-mobb-key";
|
|
10154
10160
|
var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
|
|
10155
10161
|
function getProxyAgent(url) {
|
|
@@ -10159,12 +10165,12 @@ function getProxyAgent(url) {
|
|
|
10159
10165
|
const isHttps = parsedUrl.protocol === "https:";
|
|
10160
10166
|
const proxy = isHttps ? HTTPS_PROXY : isHttp ? HTTP_PROXY : null;
|
|
10161
10167
|
if (proxy) {
|
|
10162
|
-
|
|
10163
|
-
|
|
10168
|
+
debug13("Using proxy %s", proxy);
|
|
10169
|
+
debug13("Proxy agent %o", proxy);
|
|
10164
10170
|
return isHttps ? new HttpsProxyAgent2(proxy) : new HttpProxyAgent(proxy);
|
|
10165
10171
|
}
|
|
10166
10172
|
} catch (err) {
|
|
10167
|
-
|
|
10173
|
+
debug13(`Skipping proxy for ${url}. Reason: ${err.message}`);
|
|
10168
10174
|
}
|
|
10169
10175
|
return void 0;
|
|
10170
10176
|
}
|
|
@@ -10179,7 +10185,7 @@ var fetchWithProxy = (url, options = {}) => {
|
|
|
10179
10185
|
});
|
|
10180
10186
|
}
|
|
10181
10187
|
} catch (err) {
|
|
10182
|
-
|
|
10188
|
+
debug13(`Skipping proxy for ${url}. Reason: ${err.message}`);
|
|
10183
10189
|
}
|
|
10184
10190
|
return fetchOrig(url, options);
|
|
10185
10191
|
};
|
|
@@ -10188,7 +10194,7 @@ var GQLClient = class {
|
|
|
10188
10194
|
__publicField(this, "_client");
|
|
10189
10195
|
__publicField(this, "_clientSdk");
|
|
10190
10196
|
__publicField(this, "_auth");
|
|
10191
|
-
|
|
10197
|
+
debug13(`init with ${args}`);
|
|
10192
10198
|
this._auth = args;
|
|
10193
10199
|
this._client = new GraphQLClient(API_URL, {
|
|
10194
10200
|
headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
|
|
@@ -10197,7 +10203,7 @@ var GQLClient = class {
|
|
|
10197
10203
|
fetch: fetchWithProxy,
|
|
10198
10204
|
requestMiddleware: (request) => {
|
|
10199
10205
|
const requestId = uuidv4();
|
|
10200
|
-
|
|
10206
|
+
debug13(
|
|
10201
10207
|
`sending API request with id: ${requestId} and with request: ${request.body}`
|
|
10202
10208
|
);
|
|
10203
10209
|
return {
|
|
@@ -10227,7 +10233,7 @@ var GQLClient = class {
|
|
|
10227
10233
|
await this.getUserInfo();
|
|
10228
10234
|
} catch (e) {
|
|
10229
10235
|
if (e?.toString().startsWith("FetchError")) {
|
|
10230
|
-
|
|
10236
|
+
debug13("verify connection failed %o", e);
|
|
10231
10237
|
return false;
|
|
10232
10238
|
}
|
|
10233
10239
|
}
|
|
@@ -10239,7 +10245,7 @@ var GQLClient = class {
|
|
|
10239
10245
|
try {
|
|
10240
10246
|
info = await this.getUserInfo();
|
|
10241
10247
|
} catch (e) {
|
|
10242
|
-
|
|
10248
|
+
debug13("verify token failed %o", e);
|
|
10243
10249
|
return false;
|
|
10244
10250
|
}
|
|
10245
10251
|
return info?.email || true;
|
|
@@ -10298,7 +10304,7 @@ var GQLClient = class {
|
|
|
10298
10304
|
try {
|
|
10299
10305
|
await this._clientSdk.CreateCommunityUser();
|
|
10300
10306
|
} catch (e) {
|
|
10301
|
-
|
|
10307
|
+
debug13("create community user failed %o", e);
|
|
10302
10308
|
}
|
|
10303
10309
|
}
|
|
10304
10310
|
async updateScmToken(args) {
|
|
@@ -10529,7 +10535,7 @@ import { isBinary as isBinary2 } from "istextorbinary";
|
|
|
10529
10535
|
import { simpleGit as simpleGit2 } from "simple-git";
|
|
10530
10536
|
import { parseStringPromise } from "xml2js";
|
|
10531
10537
|
import { z as z28 } from "zod";
|
|
10532
|
-
var
|
|
10538
|
+
var debug14 = Debug13("mobbdev:pack");
|
|
10533
10539
|
var FPR_SOURCE_CODE_FILE_MAPPING_SCHEMA = z28.object({
|
|
10534
10540
|
properties: z28.object({
|
|
10535
10541
|
entry: z28.array(
|
|
@@ -10551,7 +10557,7 @@ function getManifestFilesSuffixes() {
|
|
|
10551
10557
|
return ["package.json", "pom.xml"];
|
|
10552
10558
|
}
|
|
10553
10559
|
async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
10554
|
-
|
|
10560
|
+
debug14("pack folder %s", srcDirPath);
|
|
10555
10561
|
let git = void 0;
|
|
10556
10562
|
try {
|
|
10557
10563
|
git = simpleGit2({
|
|
@@ -10561,13 +10567,13 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
10561
10567
|
});
|
|
10562
10568
|
await git.status();
|
|
10563
10569
|
} catch (e) {
|
|
10564
|
-
|
|
10570
|
+
debug14("failed to run git %o", e);
|
|
10565
10571
|
git = void 0;
|
|
10566
10572
|
if (e instanceof Error) {
|
|
10567
10573
|
if (e.message.includes(" spawn ")) {
|
|
10568
|
-
|
|
10574
|
+
debug14("git cli not installed");
|
|
10569
10575
|
} else if (e.message.includes("not a git repository")) {
|
|
10570
|
-
|
|
10576
|
+
debug14("folder is not a git repo");
|
|
10571
10577
|
} else {
|
|
10572
10578
|
throw e;
|
|
10573
10579
|
}
|
|
@@ -10582,9 +10588,9 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
10582
10588
|
followSymbolicLinks: false,
|
|
10583
10589
|
dot: true
|
|
10584
10590
|
});
|
|
10585
|
-
|
|
10591
|
+
debug14("files found %d", filepaths.length);
|
|
10586
10592
|
const zip = new AdmZip();
|
|
10587
|
-
|
|
10593
|
+
debug14("compressing files");
|
|
10588
10594
|
for (const filepath of filepaths) {
|
|
10589
10595
|
const absFilepath = path7.join(srcDirPath, filepath.toString());
|
|
10590
10596
|
if (!isIncludeAllFiles) {
|
|
@@ -10593,26 +10599,26 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
10593
10599
|
absFilepath.toString().replaceAll(path7.win32.sep, path7.posix.sep),
|
|
10594
10600
|
vulnFiles
|
|
10595
10601
|
)) {
|
|
10596
|
-
|
|
10602
|
+
debug14("ignoring %s because it is not a vulnerability file", filepath);
|
|
10597
10603
|
continue;
|
|
10598
10604
|
}
|
|
10599
10605
|
}
|
|
10600
10606
|
if (fs7.lstatSync(absFilepath).size > MCP_MAX_FILE_SIZE) {
|
|
10601
|
-
|
|
10607
|
+
debug14("ignoring %s because the size is > 5MB", filepath);
|
|
10602
10608
|
continue;
|
|
10603
10609
|
}
|
|
10604
10610
|
const data = git ? await git.showBuffer([`HEAD:./${filepath}`]) : fs7.readFileSync(absFilepath);
|
|
10605
10611
|
if (isBinary2(null, data)) {
|
|
10606
|
-
|
|
10612
|
+
debug14("ignoring %s because is seems to be a binary file", filepath);
|
|
10607
10613
|
continue;
|
|
10608
10614
|
}
|
|
10609
10615
|
zip.addFile(filepath.toString(), data);
|
|
10610
10616
|
}
|
|
10611
|
-
|
|
10617
|
+
debug14("get zip file buffer");
|
|
10612
10618
|
return zip.toBuffer();
|
|
10613
10619
|
}
|
|
10614
10620
|
async function repackFpr(fprPath) {
|
|
10615
|
-
|
|
10621
|
+
debug14("repack fpr file %s", fprPath);
|
|
10616
10622
|
const zipIn = new AdmZip(fprPath);
|
|
10617
10623
|
const zipOut = new AdmZip();
|
|
10618
10624
|
const mappingXML = zipIn.readAsText("src-archive/index.xml", "utf-8");
|
|
@@ -10627,7 +10633,7 @@ async function repackFpr(fprPath) {
|
|
|
10627
10633
|
zipOut.addFile(realPath, buf);
|
|
10628
10634
|
}
|
|
10629
10635
|
}
|
|
10630
|
-
|
|
10636
|
+
debug14("get repacked zip file buffer");
|
|
10631
10637
|
return zipOut.toBuffer();
|
|
10632
10638
|
}
|
|
10633
10639
|
|
|
@@ -10722,16 +10728,16 @@ function createSpawn({ args, processPath, name, cwd }, options) {
|
|
|
10722
10728
|
return createChildProcess({ childProcess: child, name }, options);
|
|
10723
10729
|
}
|
|
10724
10730
|
function createChildProcess({ childProcess, name }, options) {
|
|
10725
|
-
const
|
|
10731
|
+
const debug21 = Debug14(`mobbdev:${name}`);
|
|
10726
10732
|
const { display } = options;
|
|
10727
10733
|
return new Promise((resolve, reject) => {
|
|
10728
10734
|
let out = "";
|
|
10729
10735
|
const onData = (chunk) => {
|
|
10730
|
-
|
|
10736
|
+
debug21(`chunk received from ${name} std ${chunk}`);
|
|
10731
10737
|
out += chunk;
|
|
10732
10738
|
};
|
|
10733
10739
|
if (!childProcess?.stdout || !childProcess?.stderr) {
|
|
10734
|
-
|
|
10740
|
+
debug21(`unable to fork ${name}`);
|
|
10735
10741
|
reject(new Error(`unable to fork ${name}`));
|
|
10736
10742
|
}
|
|
10737
10743
|
childProcess.stdout?.on("data", onData);
|
|
@@ -10741,11 +10747,11 @@ function createChildProcess({ childProcess, name }, options) {
|
|
|
10741
10747
|
childProcess.stderr?.pipe(process2.stderr);
|
|
10742
10748
|
}
|
|
10743
10749
|
childProcess.on("exit", (code) => {
|
|
10744
|
-
|
|
10750
|
+
debug21(`${name} exit code ${code}`);
|
|
10745
10751
|
resolve({ message: out, code });
|
|
10746
10752
|
});
|
|
10747
10753
|
childProcess.on("error", (err) => {
|
|
10748
|
-
|
|
10754
|
+
debug21(`${name} error %o`, err);
|
|
10749
10755
|
reject(err);
|
|
10750
10756
|
});
|
|
10751
10757
|
});
|
|
@@ -10758,7 +10764,7 @@ import { existsSync } from "fs";
|
|
|
10758
10764
|
import { createSpinner as createSpinner2 } from "nanospinner";
|
|
10759
10765
|
import { type } from "os";
|
|
10760
10766
|
import path8 from "path";
|
|
10761
|
-
var
|
|
10767
|
+
var debug15 = Debug15("mobbdev:checkmarx");
|
|
10762
10768
|
var require2 = createRequire(import.meta.url);
|
|
10763
10769
|
var getCheckmarxPath = () => {
|
|
10764
10770
|
const os3 = type();
|
|
@@ -10799,14 +10805,14 @@ function validateCheckmarxInstallation() {
|
|
|
10799
10805
|
existsSync(getCheckmarxPath());
|
|
10800
10806
|
}
|
|
10801
10807
|
async function forkCheckmarx(args, { display }) {
|
|
10802
|
-
|
|
10808
|
+
debug15("fork checkmarx with args %o %s", args.join(" "), display);
|
|
10803
10809
|
return createSpawn(
|
|
10804
10810
|
{ args, processPath: getCheckmarxPath(), name: "checkmarx" },
|
|
10805
10811
|
{ display }
|
|
10806
10812
|
);
|
|
10807
10813
|
}
|
|
10808
10814
|
async function getCheckmarxReport({ reportPath, repositoryRoot, branch, projectName }, { skipPrompts = false }) {
|
|
10809
|
-
|
|
10815
|
+
debug15("get checkmarx report start %s %s", reportPath, repositoryRoot);
|
|
10810
10816
|
const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
|
|
10811
10817
|
display: false
|
|
10812
10818
|
});
|
|
@@ -10877,17 +10883,17 @@ import chalk4 from "chalk";
|
|
|
10877
10883
|
import Debug16 from "debug";
|
|
10878
10884
|
import { createSpinner as createSpinner3 } from "nanospinner";
|
|
10879
10885
|
import open from "open";
|
|
10880
|
-
var
|
|
10886
|
+
var debug16 = Debug16("mobbdev:snyk");
|
|
10881
10887
|
var require3 = createRequire2(import.meta.url);
|
|
10882
10888
|
var SNYK_PATH = require3.resolve("snyk/bin/snyk");
|
|
10883
10889
|
var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-using-snyk/snyk-code/configure-snyk-code#enable-snyk-code";
|
|
10884
|
-
|
|
10890
|
+
debug16("snyk executable path %s", SNYK_PATH);
|
|
10885
10891
|
async function forkSnyk(args, { display }) {
|
|
10886
|
-
|
|
10892
|
+
debug16("fork snyk with args %o %s", args, display);
|
|
10887
10893
|
return createFork({ args, processPath: SNYK_PATH, name: "snyk" }, { display });
|
|
10888
10894
|
}
|
|
10889
10895
|
async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
10890
|
-
|
|
10896
|
+
debug16("get snyk report start %s %s", reportPath, repoRoot);
|
|
10891
10897
|
const config4 = await forkSnyk(["config"], { display: false });
|
|
10892
10898
|
const { message: configMessage } = config4;
|
|
10893
10899
|
if (!configMessage.includes("api: ")) {
|
|
@@ -10901,7 +10907,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
10901
10907
|
snykLoginSpinner.update({
|
|
10902
10908
|
text: "\u{1F513} Waiting for Snyk login to complete"
|
|
10903
10909
|
});
|
|
10904
|
-
|
|
10910
|
+
debug16("no token in the config %s", config4);
|
|
10905
10911
|
await forkSnyk(["auth"], { display: true });
|
|
10906
10912
|
snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
|
|
10907
10913
|
}
|
|
@@ -10911,12 +10917,12 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
10911
10917
|
{ display: true }
|
|
10912
10918
|
);
|
|
10913
10919
|
if (scanOutput.includes("Snyk Code is not supported for org")) {
|
|
10914
|
-
|
|
10920
|
+
debug16("snyk code is not enabled %s", scanOutput);
|
|
10915
10921
|
snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
|
|
10916
10922
|
const answer = await snykArticlePrompt();
|
|
10917
|
-
|
|
10923
|
+
debug16("answer %s", answer);
|
|
10918
10924
|
if (answer) {
|
|
10919
|
-
|
|
10925
|
+
debug16("opening the browser");
|
|
10920
10926
|
await open(SNYK_ARTICLE_URL);
|
|
10921
10927
|
}
|
|
10922
10928
|
console.log(
|
|
@@ -10933,7 +10939,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
10933
10939
|
// src/features/analysis/upload-file.ts
|
|
10934
10940
|
import Debug17 from "debug";
|
|
10935
10941
|
import fetch3, { File, fileFrom, FormData } from "node-fetch";
|
|
10936
|
-
var
|
|
10942
|
+
var debug17 = Debug17("mobbdev:upload-file");
|
|
10937
10943
|
async function uploadFile({
|
|
10938
10944
|
file,
|
|
10939
10945
|
url,
|
|
@@ -10946,9 +10952,9 @@ async function uploadFile({
|
|
|
10946
10952
|
logInfo2(`FileUpload: upload file start ${url}`);
|
|
10947
10953
|
logInfo2(`FileUpload: upload fields`, uploadFields);
|
|
10948
10954
|
logInfo2(`FileUpload: upload key ${uploadKey}`);
|
|
10949
|
-
|
|
10950
|
-
|
|
10951
|
-
|
|
10955
|
+
debug17("upload file start %s", url);
|
|
10956
|
+
debug17("upload fields %o", uploadFields);
|
|
10957
|
+
debug17("upload key %s", uploadKey);
|
|
10952
10958
|
const form = new FormData();
|
|
10953
10959
|
Object.entries(uploadFields).forEach(([key, value]) => {
|
|
10954
10960
|
form.append(key, value);
|
|
@@ -10957,13 +10963,13 @@ async function uploadFile({
|
|
|
10957
10963
|
form.append("key", uploadKey);
|
|
10958
10964
|
}
|
|
10959
10965
|
if (typeof file === "string") {
|
|
10960
|
-
|
|
10966
|
+
debug17("upload file from path %s", file);
|
|
10961
10967
|
logInfo2(`FileUpload: upload file from path ${file}`);
|
|
10962
10968
|
form.append("file", await fileFrom(file));
|
|
10963
10969
|
} else {
|
|
10964
|
-
|
|
10970
|
+
debug17("upload file from buffer");
|
|
10965
10971
|
logInfo2(`FileUpload: upload file from buffer`);
|
|
10966
|
-
form.append("file", new File([file], "file"));
|
|
10972
|
+
form.append("file", new File([new Uint8Array(file)], "file"));
|
|
10967
10973
|
}
|
|
10968
10974
|
const agent = getProxyAgent(url);
|
|
10969
10975
|
const response = await fetch3(url, {
|
|
@@ -10972,11 +10978,11 @@ async function uploadFile({
|
|
|
10972
10978
|
agent
|
|
10973
10979
|
});
|
|
10974
10980
|
if (!response.ok) {
|
|
10975
|
-
|
|
10981
|
+
debug17("error from S3 %s %s", response.body, response.status);
|
|
10976
10982
|
logInfo2(`FileUpload: error from S3 ${response.body} ${response.status}`);
|
|
10977
10983
|
throw new Error(`Failed to upload the file: ${response.status}`);
|
|
10978
10984
|
}
|
|
10979
|
-
|
|
10985
|
+
debug17("upload file done");
|
|
10980
10986
|
logInfo2(`FileUpload: upload file done`);
|
|
10981
10987
|
}
|
|
10982
10988
|
|
|
@@ -11011,9 +11017,9 @@ async function downloadRepo({
|
|
|
11011
11017
|
}) {
|
|
11012
11018
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
11013
11019
|
const repoSpinner = createSpinner5("\u{1F4BE} Downloading Repo").start();
|
|
11014
|
-
|
|
11020
|
+
debug18("download repo %s %s %s", repoUrl, dirname);
|
|
11015
11021
|
const zipFilePath = path9.join(dirname, "repo.zip");
|
|
11016
|
-
|
|
11022
|
+
debug18("download URL: %s auth headers: %o", downloadUrl, authHeaders);
|
|
11017
11023
|
const response = await fetch4(downloadUrl, {
|
|
11018
11024
|
method: "GET",
|
|
11019
11025
|
headers: {
|
|
@@ -11021,7 +11027,7 @@ async function downloadRepo({
|
|
|
11021
11027
|
}
|
|
11022
11028
|
});
|
|
11023
11029
|
if (!response.ok) {
|
|
11024
|
-
|
|
11030
|
+
debug18("SCM zipball request failed %s %s", response.body, response.status);
|
|
11025
11031
|
repoSpinner.error({ text: "\u{1F4BE} Repo download failed" });
|
|
11026
11032
|
throw new Error(`Can't access ${chalk5.bold(repoUrl)}`);
|
|
11027
11033
|
}
|
|
@@ -11035,7 +11041,7 @@ async function downloadRepo({
|
|
|
11035
11041
|
if (!repoRoot) {
|
|
11036
11042
|
throw new Error("Repo root not found");
|
|
11037
11043
|
}
|
|
11038
|
-
|
|
11044
|
+
debug18("repo root %s", repoRoot);
|
|
11039
11045
|
repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
|
|
11040
11046
|
return path9.join(dirname, repoRoot);
|
|
11041
11047
|
}
|
|
@@ -11044,9 +11050,9 @@ var getReportUrl = ({
|
|
|
11044
11050
|
projectId,
|
|
11045
11051
|
fixReportId
|
|
11046
11052
|
}) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
|
|
11047
|
-
var
|
|
11053
|
+
var debug18 = Debug18("mobbdev:index");
|
|
11048
11054
|
var config2 = new Configstore(packageJson.name, { apiToken: "" });
|
|
11049
|
-
|
|
11055
|
+
debug18("config %o", config2);
|
|
11050
11056
|
async function runAnalysis(params, options) {
|
|
11051
11057
|
const tmpObj = tmp2.dirSync({
|
|
11052
11058
|
unsafeCleanup: true
|
|
@@ -11191,7 +11197,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
11191
11197
|
commitDirectly,
|
|
11192
11198
|
pullRequest
|
|
11193
11199
|
} = params;
|
|
11194
|
-
|
|
11200
|
+
debug18("start %s %s", dirname, repo);
|
|
11195
11201
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
11196
11202
|
skipPrompts = skipPrompts || ci;
|
|
11197
11203
|
let gqlClient = new GQLClient({
|
|
@@ -11265,8 +11271,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
11265
11271
|
);
|
|
11266
11272
|
}
|
|
11267
11273
|
const { sha } = getReferenceDataRes.gitReference;
|
|
11268
|
-
|
|
11269
|
-
|
|
11274
|
+
debug18("project id %s", projectId);
|
|
11275
|
+
debug18("default branch %s", reference);
|
|
11270
11276
|
if (command === "scan") {
|
|
11271
11277
|
reportPath = await getReport(
|
|
11272
11278
|
{
|
|
@@ -11648,7 +11654,7 @@ import chalkAnimation from "chalk-animation";
|
|
|
11648
11654
|
import Configstore2 from "configstore";
|
|
11649
11655
|
import Debug19 from "debug";
|
|
11650
11656
|
import open3 from "open";
|
|
11651
|
-
var
|
|
11657
|
+
var debug19 = Debug19("mobbdev:commands");
|
|
11652
11658
|
async function review(params, { skipPrompts = true } = {}) {
|
|
11653
11659
|
const {
|
|
11654
11660
|
repo,
|
|
@@ -11839,9 +11845,9 @@ async function handleMobbLogin({
|
|
|
11839
11845
|
});
|
|
11840
11846
|
loginSpinner.spin();
|
|
11841
11847
|
if (encryptedApiToken) {
|
|
11842
|
-
|
|
11848
|
+
debug19("encrypted API token received %s", encryptedApiToken);
|
|
11843
11849
|
newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
|
|
11844
|
-
|
|
11850
|
+
debug19("API token decrypted");
|
|
11845
11851
|
break;
|
|
11846
11852
|
}
|
|
11847
11853
|
await sleep(LOGIN_CHECK_DELAY);
|
|
@@ -11855,7 +11861,7 @@ async function handleMobbLogin({
|
|
|
11855
11861
|
const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
|
|
11856
11862
|
const loginSuccess = await newGqlClient.validateUserToken();
|
|
11857
11863
|
if (loginSuccess) {
|
|
11858
|
-
|
|
11864
|
+
debug19(`set api token ${newApiToken}`);
|
|
11859
11865
|
config3.set("apiToken", newApiToken);
|
|
11860
11866
|
loginSpinner.success({
|
|
11861
11867
|
text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
|
|
@@ -14899,13 +14905,13 @@ var parseArgs = async (args) => {
|
|
|
14899
14905
|
};
|
|
14900
14906
|
|
|
14901
14907
|
// src/index.ts
|
|
14902
|
-
var
|
|
14908
|
+
var debug20 = Debug20("mobbdev:index");
|
|
14903
14909
|
async function run() {
|
|
14904
14910
|
return parseArgs(hideBin(process.argv));
|
|
14905
14911
|
}
|
|
14906
14912
|
(async () => {
|
|
14907
14913
|
try {
|
|
14908
|
-
|
|
14914
|
+
debug20("Bugsy CLI v%s running...", packageJson.version);
|
|
14909
14915
|
await run();
|
|
14910
14916
|
process.exit(0);
|
|
14911
14917
|
} catch (err) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mobbdev",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.155",
|
|
4
4
|
"description": "Automated secure code remediation tool",
|
|
5
5
|
"repository": "git+https://github.com/mobb-dev/bugsy.git",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -45,18 +45,18 @@
|
|
|
45
45
|
"author": "",
|
|
46
46
|
"license": "MIT",
|
|
47
47
|
"dependencies": {
|
|
48
|
-
"@gitbeaker/requester-utils": "
|
|
49
|
-
"@gitbeaker/rest": "
|
|
50
|
-
"@modelcontextprotocol/sdk": "1.17.
|
|
48
|
+
"@gitbeaker/requester-utils": "43.4.0",
|
|
49
|
+
"@gitbeaker/rest": "43.4.0",
|
|
50
|
+
"@modelcontextprotocol/sdk": "1.17.4",
|
|
51
51
|
"@octokit/core": "5.2.0",
|
|
52
52
|
"@octokit/request-error": "5.1.1",
|
|
53
53
|
"adm-zip": "0.5.16",
|
|
54
54
|
"axios": "1.11.0",
|
|
55
55
|
"azure-devops-node-api": "15.1.1",
|
|
56
56
|
"bitbucket": "2.11.0",
|
|
57
|
-
"chalk": "5.
|
|
57
|
+
"chalk": "5.6.0",
|
|
58
58
|
"chalk-animation": "2.0.3",
|
|
59
|
-
"configstore": "
|
|
59
|
+
"configstore": "7.0.0",
|
|
60
60
|
"cross-fetch": "4.1.0",
|
|
61
61
|
"debug": "4.4.1",
|
|
62
62
|
"dotenv": "16.6.1",
|
|
@@ -70,7 +70,7 @@
|
|
|
70
70
|
"ignore": "7.0.5",
|
|
71
71
|
"inquirer": "9.3.7",
|
|
72
72
|
"isomorphic-ws": "5.0.0",
|
|
73
|
-
"istextorbinary": "
|
|
73
|
+
"istextorbinary": "9.5.0",
|
|
74
74
|
"libsodium-wrappers": "0.7.15",
|
|
75
75
|
"multimatch": "7.0.0",
|
|
76
76
|
"nanospinner": "1.1.0",
|
|
@@ -82,7 +82,7 @@
|
|
|
82
82
|
"sax": "1.4.1",
|
|
83
83
|
"semver": "7.7.2",
|
|
84
84
|
"simple-git": "3.28.0",
|
|
85
|
-
"snyk": "1.1298.
|
|
85
|
+
"snyk": "1.1298.3",
|
|
86
86
|
"tar": "6.2.1",
|
|
87
87
|
"tmp": "0.2.5",
|
|
88
88
|
"undici": "6.21.3",
|
|
@@ -103,7 +103,7 @@
|
|
|
103
103
|
"@types/chalk-animation": "1.6.3",
|
|
104
104
|
"@types/configstore": "6.0.2",
|
|
105
105
|
"@types/debug": "4.1.12",
|
|
106
|
-
"@types/inquirer": "9.0.
|
|
106
|
+
"@types/inquirer": "9.0.9",
|
|
107
107
|
"@types/libsodium-wrappers": "0.7.14",
|
|
108
108
|
"@types/sax": "1.2.7",
|
|
109
109
|
"@types/semver": "7.7.0",
|
|
@@ -126,7 +126,7 @@
|
|
|
126
126
|
"nock": "14.0.10",
|
|
127
127
|
"prettier": "3.6.2",
|
|
128
128
|
"tsup": "8.5.0",
|
|
129
|
-
"typescript": "
|
|
129
|
+
"typescript": "5.9.2",
|
|
130
130
|
"vitest": "3.2.4"
|
|
131
131
|
},
|
|
132
132
|
"engines": {
|