mobbdev 1.0.166 → 1.0.170
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +30 -6
- package/package.json +11 -10
package/dist/index.mjs
CHANGED
|
@@ -968,6 +968,7 @@ var init_GitService = __esm({
|
|
|
968
968
|
);
|
|
969
969
|
const fileSet = /* @__PURE__ */ new Set();
|
|
970
970
|
let commitsProcessed = 0;
|
|
971
|
+
const consideredFiles = [];
|
|
971
972
|
for (const file of currentChanges.files) {
|
|
972
973
|
if (fileSet.size >= maxFiles) {
|
|
973
974
|
break;
|
|
@@ -1026,7 +1027,7 @@ var init_GitService = __esm({
|
|
|
1026
1027
|
path2.join(gitRoot, gitRelativePath)
|
|
1027
1028
|
);
|
|
1028
1029
|
}
|
|
1029
|
-
|
|
1030
|
+
consideredFiles.push(adjustedPath);
|
|
1030
1031
|
if (!fileSet.has(adjustedPath) && await FileUtils.shouldPackFile(
|
|
1031
1032
|
path2.join(gitRoot, gitRelativePath)
|
|
1032
1033
|
) && !adjustedPath.startsWith("..")) {
|
|
@@ -1044,6 +1045,13 @@ var init_GitService = __esm({
|
|
|
1044
1045
|
}
|
|
1045
1046
|
}
|
|
1046
1047
|
const files = Array.from(fileSet);
|
|
1048
|
+
if (consideredFiles.length > 0) {
|
|
1049
|
+
this.log(
|
|
1050
|
+
`[GitService] Considered ${consideredFiles.length} files during recent file search`,
|
|
1051
|
+
"debug",
|
|
1052
|
+
{ consideredFiles }
|
|
1053
|
+
);
|
|
1054
|
+
}
|
|
1047
1055
|
this.log("[GitService] Recently changed files retrieved", "info", {
|
|
1048
1056
|
fileCount: files.length,
|
|
1049
1057
|
commitsProcessed,
|
|
@@ -1655,6 +1663,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
|
|
|
1655
1663
|
IssueType_Enum2["RegexInjection"] = "REGEX_INJECTION";
|
|
1656
1664
|
IssueType_Enum2["RegexMissingTimeout"] = "REGEX_MISSING_TIMEOUT";
|
|
1657
1665
|
IssueType_Enum2["RequestParametersBoundViaInput"] = "REQUEST_PARAMETERS_BOUND_VIA_INPUT";
|
|
1666
|
+
IssueType_Enum2["ReturnInInit"] = "RETURN_IN_INIT";
|
|
1658
1667
|
IssueType_Enum2["ReturnShouldNotBeInvariant"] = "RETURN_SHOULD_NOT_BE_INVARIANT";
|
|
1659
1668
|
IssueType_Enum2["SpringDefaultPermit"] = "SPRING_DEFAULT_PERMIT";
|
|
1660
1669
|
IssueType_Enum2["SqlInjection"] = "SQL_Injection";
|
|
@@ -2743,7 +2752,8 @@ var fixDetailsData = {
|
|
|
2743
2752
|
["MISSING_TEMPLATE_STRING_INDICATOR" /* MissingTemplateStringIndicator */]: void 0,
|
|
2744
2753
|
["NO_ASSERT" /* NoAssert */]: void 0,
|
|
2745
2754
|
["FUNCTION_CALL_WITHOUT_PARENTHESES" /* FunctionCallWithoutParentheses */]: void 0,
|
|
2746
|
-
["SPRING_DEFAULT_PERMIT" /* SpringDefaultPermit */]: void 0
|
|
2755
|
+
["SPRING_DEFAULT_PERMIT" /* SpringDefaultPermit */]: void 0,
|
|
2756
|
+
["RETURN_IN_INIT" /* ReturnInInit */]: void 0
|
|
2747
2757
|
};
|
|
2748
2758
|
|
|
2749
2759
|
// src/features/analysis/scm/shared/src/getIssueType.ts
|
|
@@ -2879,7 +2889,8 @@ var issueTypeMap = {
|
|
|
2879
2889
|
["USELESS_IF_BODY" /* UselessIfBody */]: "Useless If Body",
|
|
2880
2890
|
["NO_ASSERT" /* NoAssert */]: "No Assert",
|
|
2881
2891
|
["FUNCTION_CALL_WITHOUT_PARENTHESES" /* FunctionCallWithoutParentheses */]: "Function Call Without Parentheses",
|
|
2882
|
-
["SPRING_DEFAULT_PERMIT" /* SpringDefaultPermit */]: "Spring Default Permit"
|
|
2892
|
+
["SPRING_DEFAULT_PERMIT" /* SpringDefaultPermit */]: "Spring Default Permit",
|
|
2893
|
+
["RETURN_IN_INIT" /* ReturnInInit */]: "Return in Init"
|
|
2883
2894
|
};
|
|
2884
2895
|
var issueTypeZ = z.nativeEnum(IssueType_Enum);
|
|
2885
2896
|
var getIssueTypeFriendlyString = (issueType) => {
|
|
@@ -5201,7 +5212,7 @@ var ReportFixesQueryFixZ = z11.object({
|
|
|
5201
5212
|
})
|
|
5202
5213
|
).min(1)
|
|
5203
5214
|
});
|
|
5204
|
-
var
|
|
5215
|
+
var BaseVulnerabilityReportIssueZ = z11.object({
|
|
5205
5216
|
id: z11.string().uuid(),
|
|
5206
5217
|
createdAt: z11.string(),
|
|
5207
5218
|
state: z11.nativeEnum(Vulnerability_Report_Issue_State_Enum),
|
|
@@ -5220,7 +5231,6 @@ var VulnerabilityReportIssueZ = z11.object({
|
|
|
5220
5231
|
severity: z11.string(),
|
|
5221
5232
|
severityValue: z11.number(),
|
|
5222
5233
|
category: z11.string(),
|
|
5223
|
-
codeNodes: z11.array(z11.object({ path: z11.string() })),
|
|
5224
5234
|
vulnerabilityReportIssueTags: z11.array(
|
|
5225
5235
|
z11.object({
|
|
5226
5236
|
vulnerability_report_issue_tag_value: z11.string()
|
|
@@ -5228,6 +5238,18 @@ var VulnerabilityReportIssueZ = z11.object({
|
|
|
5228
5238
|
),
|
|
5229
5239
|
sharedState: VulnerabilityReportIssueSharedStateZ
|
|
5230
5240
|
});
|
|
5241
|
+
var VulnerabilityReportIssueZ = BaseVulnerabilityReportIssueZ.merge(
|
|
5242
|
+
z11.object({
|
|
5243
|
+
codeNodes: z11.array(z11.object({ path: z11.string() }))
|
|
5244
|
+
})
|
|
5245
|
+
);
|
|
5246
|
+
var VulnerabilityReportIssueWithCodeFilePathZ = BaseVulnerabilityReportIssueZ.merge(
|
|
5247
|
+
z11.object({
|
|
5248
|
+
codeFilePath: z11.string().nullable(),
|
|
5249
|
+
//TODO: REMOVE THIS once we flush out all the reports that don't have codeFilePath
|
|
5250
|
+
codeNodes: z11.array(z11.object({ path: z11.string() }))
|
|
5251
|
+
})
|
|
5252
|
+
);
|
|
5231
5253
|
var GetReportIssuesQueryZ = z11.object({
|
|
5232
5254
|
fixReport: z11.object({
|
|
5233
5255
|
vulnerabilityReport: z11.object({
|
|
@@ -5236,7 +5258,9 @@ var GetReportIssuesQueryZ = z11.object({
|
|
|
5236
5258
|
vulnerabilityReportIssues_aggregate: z11.object({
|
|
5237
5259
|
aggregate: z11.object({ count: z11.number() })
|
|
5238
5260
|
}),
|
|
5239
|
-
vulnerabilityReportIssues: z11.array(
|
|
5261
|
+
vulnerabilityReportIssues: z11.array(
|
|
5262
|
+
VulnerabilityReportIssueWithCodeFilePathZ
|
|
5263
|
+
)
|
|
5240
5264
|
})
|
|
5241
5265
|
}).array()
|
|
5242
5266
|
}).nullish();
|
package/package.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mobbdev",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.170",
|
|
4
4
|
"description": "Automated secure code remediation tool",
|
|
5
5
|
"repository": "git+https://github.com/mobb-dev/bugsy.git",
|
|
6
|
-
"main": "dist/index.
|
|
7
|
-
"module": "dist/index.
|
|
6
|
+
"main": "dist/index.mjs",
|
|
7
|
+
"module": "dist/index.mjs",
|
|
8
8
|
"scripts": {
|
|
9
9
|
"clean": "rm -rf build",
|
|
10
10
|
"env": "dotenv -e ./.env",
|
|
@@ -12,15 +12,15 @@
|
|
|
12
12
|
"build": "tsc && tsup-node --env.NODE_ENV production",
|
|
13
13
|
"build:dev": "tsup-node --env.NODE_ENV development",
|
|
14
14
|
"increment-version": "./src/scripts/increment-version.sh",
|
|
15
|
-
"test:mcp": "
|
|
15
|
+
"test:unit:mcp": "vitest run __tests__/mcp/",
|
|
16
16
|
"test:mcp:watch": "vitest watch __tests__/mcp/",
|
|
17
17
|
"test:mcp:verbose": "pnpm run build && NODE_ENV=test VERBOSE=true vitest run __tests__/mcp/",
|
|
18
|
-
"test:mcp:
|
|
19
|
-
"test:
|
|
20
|
-
"test:unit": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --exclude='**/__tests__/integration.test.ts' --exclude='**/__tests__/mcp/**'",
|
|
18
|
+
"test:mcp:all": "pnpm run test:unit:mcp && pnpm run test:integration:mcp && pnpm run test:e2e:mcp",
|
|
19
|
+
"test:unit": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --exclude='**/__tests__/integration.test.ts' --exclude='**/__tests__/integration.mcp.test.ts' --exclude='**/__tests__/mcp/**'",
|
|
21
20
|
"test:integration": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --sequence.concurrent=false false __tests__/integration.test.ts",
|
|
21
|
+
"test:integration:mcp": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --sequence.concurrent=false false __tests__/integration.mcp.test.ts",
|
|
22
22
|
"test:integration:watch": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest watch run __tests__/integration.test.ts",
|
|
23
|
-
"test": "pnpm run test:unit && pnpm run test:
|
|
23
|
+
"test": "pnpm run test:unit && pnpm run test:integration",
|
|
24
24
|
"test:ado": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run ado.test",
|
|
25
25
|
"test:github": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run github.test",
|
|
26
26
|
"test:gitlab": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run gitlab.test",
|
|
@@ -30,13 +30,14 @@
|
|
|
30
30
|
"test:watch": "TOKEN=$(../../scripts/login_auth0.sh) vitest",
|
|
31
31
|
"test:integration:proxy": "GIT_PROXY_HOST=http://tinyproxy:8888 HTTP_PROXY=http://localhost:8888 API_URL=http://app-api:8080/v1/graphql TOKEN=$(../../scripts/login_auth0.sh) vitest run --sequence.concurrent=false false integration.test.ts",
|
|
32
32
|
"lint": "eslint --cache --max-warnings 0 --ignore-path .eslintignore --ext .ts,.tsx,.jsx,.graphql .",
|
|
33
|
+
"lint:fix": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx,.graphql . && prettier --write \"src/**/*.graphql\"",
|
|
33
34
|
"lint:fix:files": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx,.graphql",
|
|
34
35
|
"prepack": "dotenv-vault pull production .env && pnpm build",
|
|
35
36
|
"dev:mcp": "pnpm run build && node dist/index.mjs mcp",
|
|
36
37
|
"debug:mcp": "pnpm run build && node dist/index.mjs mcp --debug",
|
|
37
38
|
"generate": "pnpm run env -- graphql-codegen -r dotenv/config --config client_codegen.ts",
|
|
38
|
-
"test:e2e": "cd ./__e2e__ && npm i && npm run test
|
|
39
|
-
"test:e2e:mcp": "cd ./__e2e__ && npm i && npm run test:mcp"
|
|
39
|
+
"test:e2e": "cd ./__e2e__ && npm i && npm run test",
|
|
40
|
+
"test:e2e:mcp": "pnpm run build && cd ./__e2e__ && npm i && npm run test:mcp"
|
|
40
41
|
},
|
|
41
42
|
"bin": {
|
|
42
43
|
"mobbdev": "bin/cli.mjs"
|