mobbdev 1.0.17 → 1.0.20
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +130 -124
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -1467,7 +1467,7 @@ var CliError = class extends Error {
|
|
|
1467
1467
|
// src/features/analysis/index.ts
|
|
1468
1468
|
import chalk4 from "chalk";
|
|
1469
1469
|
import Configstore from "configstore";
|
|
1470
|
-
import
|
|
1470
|
+
import Debug17 from "debug";
|
|
1471
1471
|
import extract from "extract-zip";
|
|
1472
1472
|
import { createSpinner as createSpinner4 } from "nanospinner";
|
|
1473
1473
|
import fetch4 from "node-fetch";
|
|
@@ -1476,7 +1476,7 @@ import tmp2 from "tmp";
|
|
|
1476
1476
|
import { z as z26 } from "zod";
|
|
1477
1477
|
|
|
1478
1478
|
// src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
|
|
1479
|
-
import
|
|
1479
|
+
import Debug8 from "debug";
|
|
1480
1480
|
|
|
1481
1481
|
// src/features/analysis/scm/github/github.ts
|
|
1482
1482
|
import { RequestError } from "@octokit/request-error";
|
|
@@ -5467,6 +5467,7 @@ import {
|
|
|
5467
5467
|
import {
|
|
5468
5468
|
Gitlab
|
|
5469
5469
|
} from "@gitbeaker/rest";
|
|
5470
|
+
import Debug4 from "debug";
|
|
5470
5471
|
import {
|
|
5471
5472
|
fetch as undiciFetch,
|
|
5472
5473
|
ProxyAgent
|
|
@@ -5481,6 +5482,7 @@ var GitlabAuthResultZ = z21.object({
|
|
|
5481
5482
|
});
|
|
5482
5483
|
|
|
5483
5484
|
// src/features/analysis/scm/gitlab/gitlab.ts
|
|
5485
|
+
var debug4 = Debug4("scm:gitlab");
|
|
5484
5486
|
function removeTrailingSlash2(str) {
|
|
5485
5487
|
return str.trim().replace(/\/+$/, "");
|
|
5486
5488
|
}
|
|
@@ -5999,80 +6001,84 @@ var StubSCMLib = class extends SCMLib {
|
|
|
5999
6001
|
constructor(url, accessToken, scmOrg) {
|
|
6000
6002
|
super(url, accessToken, scmOrg);
|
|
6001
6003
|
}
|
|
6002
|
-
getUrlWithCredentials() {
|
|
6003
|
-
console.
|
|
6004
|
-
|
|
6004
|
+
async getUrlWithCredentials() {
|
|
6005
|
+
console.warn("getUrlWithCredentials() returning empty string");
|
|
6006
|
+
return "";
|
|
6005
6007
|
}
|
|
6006
6008
|
async createSubmitRequest(_params) {
|
|
6007
|
-
console.
|
|
6008
|
-
|
|
6009
|
+
console.warn("createSubmitRequest() returning empty string");
|
|
6010
|
+
return "";
|
|
6009
6011
|
}
|
|
6010
6012
|
get scmLibType() {
|
|
6011
|
-
console.
|
|
6012
|
-
|
|
6013
|
+
console.warn("scmLibType returning GITHUB as default");
|
|
6014
|
+
return "GITHUB" /* GITHUB */;
|
|
6013
6015
|
}
|
|
6014
6016
|
getAuthHeaders() {
|
|
6015
|
-
console.
|
|
6016
|
-
|
|
6017
|
+
console.warn("getAuthHeaders() returning empty object");
|
|
6018
|
+
return {};
|
|
6017
6019
|
}
|
|
6018
|
-
getDownloadUrl(_sha) {
|
|
6019
|
-
console.
|
|
6020
|
-
|
|
6020
|
+
async getDownloadUrl(_sha) {
|
|
6021
|
+
console.warn("getDownloadUrl() returning empty string");
|
|
6022
|
+
return "";
|
|
6021
6023
|
}
|
|
6022
6024
|
async getIsRemoteBranch(_branch) {
|
|
6023
|
-
console.
|
|
6024
|
-
|
|
6025
|
+
console.warn("getIsRemoteBranch() returning false");
|
|
6026
|
+
return false;
|
|
6025
6027
|
}
|
|
6026
6028
|
async validateParams() {
|
|
6027
|
-
console.
|
|
6028
|
-
throw new Error("validateParams() not implemented");
|
|
6029
|
+
console.warn("validateParams() no-op");
|
|
6029
6030
|
}
|
|
6030
6031
|
async getRepoList(_scmOrg) {
|
|
6031
|
-
console.
|
|
6032
|
-
|
|
6032
|
+
console.warn("getRepoList() returning empty array");
|
|
6033
|
+
return [];
|
|
6033
6034
|
}
|
|
6034
6035
|
async getBranchList() {
|
|
6035
|
-
console.
|
|
6036
|
-
|
|
6036
|
+
console.warn("getBranchList() returning empty array");
|
|
6037
|
+
return [];
|
|
6037
6038
|
}
|
|
6038
6039
|
async getUsername() {
|
|
6039
|
-
console.
|
|
6040
|
-
|
|
6040
|
+
console.warn("getUsername() returning empty string");
|
|
6041
|
+
return "";
|
|
6041
6042
|
}
|
|
6042
6043
|
async getSubmitRequestStatus(_scmSubmitRequestId) {
|
|
6043
|
-
console.
|
|
6044
|
-
|
|
6044
|
+
console.warn("getSubmitRequestStatus() returning ERROR");
|
|
6045
|
+
return "error";
|
|
6045
6046
|
}
|
|
6046
6047
|
async getUserHasAccessToRepo() {
|
|
6047
|
-
console.
|
|
6048
|
-
|
|
6048
|
+
console.warn("getUserHasAccessToRepo() returning false");
|
|
6049
|
+
return false;
|
|
6049
6050
|
}
|
|
6050
6051
|
async getRepoBlameRanges(_ref, _path) {
|
|
6051
|
-
console.
|
|
6052
|
-
|
|
6052
|
+
console.warn("getRepoBlameRanges() returning empty array");
|
|
6053
|
+
return [];
|
|
6053
6054
|
}
|
|
6054
6055
|
async getReferenceData(_ref) {
|
|
6055
|
-
console.
|
|
6056
|
-
|
|
6056
|
+
console.warn("getReferenceData() returning null/empty defaults");
|
|
6057
|
+
return {
|
|
6058
|
+
type: "BRANCH" /* BRANCH */,
|
|
6059
|
+
sha: "",
|
|
6060
|
+
date: void 0
|
|
6061
|
+
};
|
|
6057
6062
|
}
|
|
6058
6063
|
async getRepoDefaultBranch() {
|
|
6059
|
-
console.
|
|
6060
|
-
|
|
6064
|
+
console.warn("getRepoDefaultBranch() returning empty string");
|
|
6065
|
+
return "";
|
|
6061
6066
|
}
|
|
6062
6067
|
async getPrUrl(_prNumber) {
|
|
6063
|
-
console.
|
|
6064
|
-
|
|
6068
|
+
console.warn("getPrUrl() returning empty string");
|
|
6069
|
+
return "";
|
|
6065
6070
|
}
|
|
6066
6071
|
async getPrId(_prUrl) {
|
|
6067
|
-
console.
|
|
6068
|
-
|
|
6072
|
+
console.warn("getPrId() returning empty string");
|
|
6073
|
+
return "";
|
|
6069
6074
|
}
|
|
6070
6075
|
async getCommitUrl(_commitId) {
|
|
6071
|
-
console.
|
|
6072
|
-
|
|
6076
|
+
console.warn("getCommitUrl() returning empty string");
|
|
6077
|
+
return "";
|
|
6073
6078
|
}
|
|
6074
|
-
_getUsernameForAuthUrl() {
|
|
6075
|
-
|
|
6079
|
+
async _getUsernameForAuthUrl() {
|
|
6080
|
+
console.warn("_getUsernameForAuthUrl() returning empty string");
|
|
6081
|
+
return "";
|
|
6076
6082
|
}
|
|
6077
6083
|
};
|
|
6078
6084
|
|
|
@@ -6561,7 +6567,7 @@ function getGithubSdk(params = {}) {
|
|
|
6561
6567
|
}
|
|
6562
6568
|
|
|
6563
6569
|
// src/features/analysis/add_fix_comments_for_pr/utils/utils.ts
|
|
6564
|
-
import
|
|
6570
|
+
import Debug7 from "debug";
|
|
6565
6571
|
import parseDiff2 from "parse-diff";
|
|
6566
6572
|
import { z as z24 } from "zod";
|
|
6567
6573
|
|
|
@@ -6573,8 +6579,8 @@ function keyBy(array, keyBy2) {
|
|
|
6573
6579
|
}
|
|
6574
6580
|
|
|
6575
6581
|
// src/features/analysis/utils/send_report.ts
|
|
6576
|
-
import
|
|
6577
|
-
var
|
|
6582
|
+
import Debug5 from "debug";
|
|
6583
|
+
var debug5 = Debug5("mobbdev:index");
|
|
6578
6584
|
async function sendReport({
|
|
6579
6585
|
spinner,
|
|
6580
6586
|
submitVulnerabilityReportVariables,
|
|
@@ -6585,7 +6591,7 @@ async function sendReport({
|
|
|
6585
6591
|
submitVulnerabilityReportVariables
|
|
6586
6592
|
);
|
|
6587
6593
|
if (submitRes.submitVulnerabilityReport.__typename !== "VulnerabilityReport") {
|
|
6588
|
-
|
|
6594
|
+
debug5("error submit vul report %s", submitRes);
|
|
6589
6595
|
throw new Error("\u{1F575}\uFE0F\u200D\u2642\uFE0F Mobb analysis failed");
|
|
6590
6596
|
}
|
|
6591
6597
|
spinner.update({ text: progressMassages.processingVulnerabilityReport });
|
|
@@ -6634,9 +6640,9 @@ var scannerToFriendlyString = {
|
|
|
6634
6640
|
};
|
|
6635
6641
|
|
|
6636
6642
|
// src/features/analysis/add_fix_comments_for_pr/utils/buildCommentBody.ts
|
|
6637
|
-
import
|
|
6643
|
+
import Debug6 from "debug";
|
|
6638
6644
|
import { z as z23 } from "zod";
|
|
6639
|
-
var
|
|
6645
|
+
var debug6 = Debug6("mobbdev:handle-finished-analysis");
|
|
6640
6646
|
var getCommitFixButton = (commitUrl) => `<a href="${commitUrl}"><img src=${COMMIT_FIX_SVG}></a>`;
|
|
6641
6647
|
function buildCommentBody({
|
|
6642
6648
|
fix,
|
|
@@ -6680,7 +6686,7 @@ function buildCommentBody({
|
|
|
6680
6686
|
safeIssueType: z23.nativeEnum(IssueType_Enum)
|
|
6681
6687
|
}).safeParse(fix);
|
|
6682
6688
|
if (!validFixParseRes.success) {
|
|
6683
|
-
|
|
6689
|
+
debug6(
|
|
6684
6690
|
`fix ${fixId} has custom issue type or language, therefore the commit description will not be added`,
|
|
6685
6691
|
validFixParseRes.error
|
|
6686
6692
|
);
|
|
@@ -6710,7 +6716,7 @@ ${fixPageLink}`;
|
|
|
6710
6716
|
}
|
|
6711
6717
|
|
|
6712
6718
|
// src/features/analysis/add_fix_comments_for_pr/utils/utils.ts
|
|
6713
|
-
var
|
|
6719
|
+
var debug7 = Debug7("mobbdev:handle-finished-analysis");
|
|
6714
6720
|
function calculateRanges(integers) {
|
|
6715
6721
|
if (integers.length === 0) {
|
|
6716
6722
|
return [];
|
|
@@ -6744,7 +6750,7 @@ function deleteAllPreviousComments({
|
|
|
6744
6750
|
try {
|
|
6745
6751
|
return scm.deleteComment({ comment_id: comment.id });
|
|
6746
6752
|
} catch (e) {
|
|
6747
|
-
|
|
6753
|
+
debug7("delete comment failed %s", e);
|
|
6748
6754
|
return Promise.resolve();
|
|
6749
6755
|
}
|
|
6750
6756
|
});
|
|
@@ -6760,7 +6766,7 @@ function deleteAllPreviousGeneralPrComments(params) {
|
|
|
6760
6766
|
try {
|
|
6761
6767
|
return scm.deleteGeneralPrComment({ commentId: comment.id });
|
|
6762
6768
|
} catch (e) {
|
|
6763
|
-
|
|
6769
|
+
debug7("delete comment failed %s", e);
|
|
6764
6770
|
return Promise.resolve();
|
|
6765
6771
|
}
|
|
6766
6772
|
});
|
|
@@ -6891,7 +6897,7 @@ async function postAnalysisInsightComment(params) {
|
|
|
6891
6897
|
fixablePrVuls,
|
|
6892
6898
|
nonFixablePrVuls
|
|
6893
6899
|
} = prVulenrabilities;
|
|
6894
|
-
|
|
6900
|
+
debug7({
|
|
6895
6901
|
fixablePrVuls,
|
|
6896
6902
|
nonFixablePrVuls,
|
|
6897
6903
|
vulnerabilitiesOutsidePr,
|
|
@@ -6946,7 +6952,7 @@ ${contactUsMarkdown}`;
|
|
|
6946
6952
|
}
|
|
6947
6953
|
|
|
6948
6954
|
// src/features/analysis/add_fix_comments_for_pr/add_fix_comments_for_pr.ts
|
|
6949
|
-
var
|
|
6955
|
+
var debug8 = Debug8("mobbdev:handle-finished-analysis");
|
|
6950
6956
|
async function addFixCommentsForPr({
|
|
6951
6957
|
analysisId,
|
|
6952
6958
|
scm: _scm,
|
|
@@ -6958,7 +6964,7 @@ async function addFixCommentsForPr({
|
|
|
6958
6964
|
}
|
|
6959
6965
|
const scm = _scm;
|
|
6960
6966
|
const getAnalysisRes = await gqlClient.getAnalysis(analysisId);
|
|
6961
|
-
|
|
6967
|
+
debug8("getAnalysis %o", getAnalysisRes);
|
|
6962
6968
|
const {
|
|
6963
6969
|
vulnerabilityReport: {
|
|
6964
6970
|
projectId,
|
|
@@ -7020,8 +7026,8 @@ async function addFixCommentsForPr({
|
|
|
7020
7026
|
}
|
|
7021
7027
|
|
|
7022
7028
|
// src/features/analysis/auto_pr_handler.ts
|
|
7023
|
-
import
|
|
7024
|
-
var
|
|
7029
|
+
import Debug9 from "debug";
|
|
7030
|
+
var debug9 = Debug9("mobbdev:handleAutoPr");
|
|
7025
7031
|
async function handleAutoPr(params) {
|
|
7026
7032
|
const { gqlClient, analysisId, commitDirectly, createSpinner: createSpinner5 } = params;
|
|
7027
7033
|
const createAutoPrSpinner = createSpinner5(
|
|
@@ -7036,7 +7042,7 @@ async function handleAutoPr(params) {
|
|
|
7036
7042
|
analysisId2,
|
|
7037
7043
|
commitDirectly
|
|
7038
7044
|
);
|
|
7039
|
-
|
|
7045
|
+
debug9("auto pr analysis res %o", autoPrAnalysisRes);
|
|
7040
7046
|
if (autoPrAnalysisRes.autoPrAnalysis?.__typename === "AutoPrError") {
|
|
7041
7047
|
createAutoPrSpinner.error({
|
|
7042
7048
|
text: `\u{1F504} Automatic pull request failed - ${autoPrAnalysisRes.autoPrAnalysis.error}`
|
|
@@ -7061,12 +7067,12 @@ async function handleAutoPr(params) {
|
|
|
7061
7067
|
}
|
|
7062
7068
|
|
|
7063
7069
|
// src/features/analysis/git.ts
|
|
7064
|
-
import
|
|
7070
|
+
import Debug10 from "debug";
|
|
7065
7071
|
import { simpleGit as simpleGit2 } from "simple-git";
|
|
7066
|
-
var
|
|
7072
|
+
var debug10 = Debug10("mobbdev:git");
|
|
7067
7073
|
var GIT_NOT_INITIALIZED_ERROR_MESSAGE = "not a git repository";
|
|
7068
7074
|
async function getGitInfo(srcDirPath) {
|
|
7069
|
-
|
|
7075
|
+
debug10("getting git info for %s", srcDirPath);
|
|
7070
7076
|
const git = simpleGit2({
|
|
7071
7077
|
baseDir: srcDirPath,
|
|
7072
7078
|
maxConcurrentProcesses: 1,
|
|
@@ -7081,11 +7087,11 @@ async function getGitInfo(srcDirPath) {
|
|
|
7081
7087
|
reference = await git.revparse(["--abbrev-ref", "HEAD"]) || "";
|
|
7082
7088
|
} catch (e) {
|
|
7083
7089
|
if (e instanceof Error) {
|
|
7084
|
-
|
|
7090
|
+
debug10("failed to run git %o", e);
|
|
7085
7091
|
if (e.message.includes(" spawn ")) {
|
|
7086
|
-
|
|
7092
|
+
debug10("git cli not installed");
|
|
7087
7093
|
} else if (e.message.includes(GIT_NOT_INITIALIZED_ERROR_MESSAGE)) {
|
|
7088
|
-
|
|
7094
|
+
debug10("folder is not a git repo");
|
|
7089
7095
|
return {
|
|
7090
7096
|
success: false,
|
|
7091
7097
|
hash: void 0,
|
|
@@ -7113,7 +7119,7 @@ async function getGitInfo(srcDirPath) {
|
|
|
7113
7119
|
}
|
|
7114
7120
|
|
|
7115
7121
|
// src/features/analysis/graphql/gql.ts
|
|
7116
|
-
import
|
|
7122
|
+
import Debug11 from "debug";
|
|
7117
7123
|
import { GraphQLClient } from "graphql-request";
|
|
7118
7124
|
import { v4 as uuidv4 } from "uuid";
|
|
7119
7125
|
|
|
@@ -7230,7 +7236,7 @@ var GetVulByNodesMetadataZ = z25.object({
|
|
|
7230
7236
|
});
|
|
7231
7237
|
|
|
7232
7238
|
// src/features/analysis/graphql/gql.ts
|
|
7233
|
-
var
|
|
7239
|
+
var debug11 = Debug11("mobbdev:gql");
|
|
7234
7240
|
var API_KEY_HEADER_NAME = "x-mobb-key";
|
|
7235
7241
|
var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
|
|
7236
7242
|
var GQLClient = class {
|
|
@@ -7238,7 +7244,7 @@ var GQLClient = class {
|
|
|
7238
7244
|
__publicField(this, "_client");
|
|
7239
7245
|
__publicField(this, "_clientSdk");
|
|
7240
7246
|
__publicField(this, "_auth");
|
|
7241
|
-
|
|
7247
|
+
debug11(`init with ${args}`);
|
|
7242
7248
|
this._auth = args;
|
|
7243
7249
|
this._client = new GraphQLClient(API_URL, {
|
|
7244
7250
|
headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
|
|
@@ -7246,7 +7252,7 @@ var GQLClient = class {
|
|
|
7246
7252
|
},
|
|
7247
7253
|
requestMiddleware: (request) => {
|
|
7248
7254
|
const requestId = uuidv4();
|
|
7249
|
-
|
|
7255
|
+
debug11(
|
|
7250
7256
|
`sending API request with id: ${requestId} and with request: ${request.body}`
|
|
7251
7257
|
);
|
|
7252
7258
|
return {
|
|
@@ -7276,7 +7282,7 @@ var GQLClient = class {
|
|
|
7276
7282
|
try {
|
|
7277
7283
|
await this.getUserInfo();
|
|
7278
7284
|
} catch (e) {
|
|
7279
|
-
|
|
7285
|
+
debug11("verify token failed %o", e);
|
|
7280
7286
|
return false;
|
|
7281
7287
|
}
|
|
7282
7288
|
return true;
|
|
@@ -7320,7 +7326,7 @@ var GQLClient = class {
|
|
|
7320
7326
|
try {
|
|
7321
7327
|
await this._clientSdk.CreateCommunityUser();
|
|
7322
7328
|
} catch (e) {
|
|
7323
|
-
|
|
7329
|
+
debug11("create community user failed %o", e);
|
|
7324
7330
|
}
|
|
7325
7331
|
}
|
|
7326
7332
|
async updateScmToken(args) {
|
|
@@ -7515,11 +7521,11 @@ var GQLClient = class {
|
|
|
7515
7521
|
import fs3 from "node:fs";
|
|
7516
7522
|
import path5 from "node:path";
|
|
7517
7523
|
import AdmZip from "adm-zip";
|
|
7518
|
-
import
|
|
7524
|
+
import Debug12 from "debug";
|
|
7519
7525
|
import { globby } from "globby";
|
|
7520
7526
|
import { isBinary } from "istextorbinary";
|
|
7521
7527
|
import { simpleGit as simpleGit3 } from "simple-git";
|
|
7522
|
-
var
|
|
7528
|
+
var debug12 = Debug12("mobbdev:pack");
|
|
7523
7529
|
var MAX_FILE_SIZE = 1024 * 1024 * 5;
|
|
7524
7530
|
function endsWithAny(str, suffixes) {
|
|
7525
7531
|
return suffixes.some(function(suffix) {
|
|
@@ -7530,7 +7536,7 @@ function _get_manifest_files_suffixes() {
|
|
|
7530
7536
|
return ["package.json"];
|
|
7531
7537
|
}
|
|
7532
7538
|
async function pack(srcDirPath, vulnFiles) {
|
|
7533
|
-
|
|
7539
|
+
debug12("pack folder %s", srcDirPath);
|
|
7534
7540
|
let git = void 0;
|
|
7535
7541
|
try {
|
|
7536
7542
|
git = simpleGit3({
|
|
@@ -7540,13 +7546,13 @@ async function pack(srcDirPath, vulnFiles) {
|
|
|
7540
7546
|
});
|
|
7541
7547
|
await git.status();
|
|
7542
7548
|
} catch (e) {
|
|
7543
|
-
|
|
7549
|
+
debug12("failed to run git %o", e);
|
|
7544
7550
|
git = void 0;
|
|
7545
7551
|
if (e instanceof Error) {
|
|
7546
7552
|
if (e.message.includes(" spawn ")) {
|
|
7547
|
-
|
|
7553
|
+
debug12("git cli not installed");
|
|
7548
7554
|
} else if (e.message.includes("not a git repository")) {
|
|
7549
|
-
|
|
7555
|
+
debug12("folder is not a git repo");
|
|
7550
7556
|
} else {
|
|
7551
7557
|
throw e;
|
|
7552
7558
|
}
|
|
@@ -7561,9 +7567,9 @@ async function pack(srcDirPath, vulnFiles) {
|
|
|
7561
7567
|
followSymbolicLinks: false,
|
|
7562
7568
|
dot: true
|
|
7563
7569
|
});
|
|
7564
|
-
|
|
7570
|
+
debug12("files found %d", filepaths.length);
|
|
7565
7571
|
const zip = new AdmZip();
|
|
7566
|
-
|
|
7572
|
+
debug12("compressing files");
|
|
7567
7573
|
for (const filepath of filepaths) {
|
|
7568
7574
|
const absFilepath = path5.join(srcDirPath, filepath.toString());
|
|
7569
7575
|
vulnFiles = vulnFiles.concat(_get_manifest_files_suffixes());
|
|
@@ -7571,21 +7577,21 @@ async function pack(srcDirPath, vulnFiles) {
|
|
|
7571
7577
|
absFilepath.toString().replaceAll(path5.win32.sep, path5.posix.sep),
|
|
7572
7578
|
vulnFiles
|
|
7573
7579
|
)) {
|
|
7574
|
-
|
|
7580
|
+
debug12("ignoring %s because it is not a vulnerability file", filepath);
|
|
7575
7581
|
continue;
|
|
7576
7582
|
}
|
|
7577
7583
|
if (fs3.lstatSync(absFilepath).size > MAX_FILE_SIZE) {
|
|
7578
|
-
|
|
7584
|
+
debug12("ignoring %s because the size is > 5MB", filepath);
|
|
7579
7585
|
continue;
|
|
7580
7586
|
}
|
|
7581
7587
|
const data = git ? await git.showBuffer([`HEAD:./${filepath}`]) : fs3.readFileSync(absFilepath);
|
|
7582
7588
|
if (isBinary(null, data)) {
|
|
7583
|
-
|
|
7589
|
+
debug12("ignoring %s because is seems to be a binary file", filepath);
|
|
7584
7590
|
continue;
|
|
7585
7591
|
}
|
|
7586
7592
|
zip.addFile(filepath.toString(), data);
|
|
7587
7593
|
}
|
|
7588
|
-
|
|
7594
|
+
debug12("get zip file buffer");
|
|
7589
7595
|
return zip.toBuffer();
|
|
7590
7596
|
}
|
|
7591
7597
|
|
|
@@ -7662,7 +7668,7 @@ var cxOperatingSystemSupportMessage = `Your operating system does not support ch
|
|
|
7662
7668
|
|
|
7663
7669
|
// src/utils/child_process.ts
|
|
7664
7670
|
import cp from "node:child_process";
|
|
7665
|
-
import
|
|
7671
|
+
import Debug13 from "debug";
|
|
7666
7672
|
import * as process2 from "process";
|
|
7667
7673
|
import supportsColor from "supports-color";
|
|
7668
7674
|
var { stdout: stdout2 } = supportsColor;
|
|
@@ -7681,16 +7687,16 @@ function createSpwan({ args, processPath, name }, options) {
|
|
|
7681
7687
|
return createChildProcess({ childProcess: child, name }, options);
|
|
7682
7688
|
}
|
|
7683
7689
|
function createChildProcess({ childProcess, name }, options) {
|
|
7684
|
-
const
|
|
7690
|
+
const debug18 = Debug13(`mobbdev:${name}`);
|
|
7685
7691
|
const { display } = options;
|
|
7686
7692
|
return new Promise((resolve, reject) => {
|
|
7687
7693
|
let out = "";
|
|
7688
7694
|
const onData = (chunk) => {
|
|
7689
|
-
|
|
7695
|
+
debug18(`chunk received from ${name} std ${chunk}`);
|
|
7690
7696
|
out += chunk;
|
|
7691
7697
|
};
|
|
7692
7698
|
if (!childProcess || !childProcess?.stdout || !childProcess?.stderr) {
|
|
7693
|
-
|
|
7699
|
+
debug18(`unable to fork ${name}`);
|
|
7694
7700
|
reject(new Error(`unable to fork ${name}`));
|
|
7695
7701
|
}
|
|
7696
7702
|
childProcess.stdout?.on("data", onData);
|
|
@@ -7700,11 +7706,11 @@ function createChildProcess({ childProcess, name }, options) {
|
|
|
7700
7706
|
childProcess.stderr?.pipe(process2.stderr);
|
|
7701
7707
|
}
|
|
7702
7708
|
childProcess.on("exit", (code) => {
|
|
7703
|
-
|
|
7709
|
+
debug18(`${name} exit code ${code}`);
|
|
7704
7710
|
resolve({ message: out, code });
|
|
7705
7711
|
});
|
|
7706
7712
|
childProcess.on("error", (err) => {
|
|
7707
|
-
|
|
7713
|
+
debug18(`${name} error %o`, err);
|
|
7708
7714
|
reject(err);
|
|
7709
7715
|
});
|
|
7710
7716
|
});
|
|
@@ -7712,12 +7718,12 @@ function createChildProcess({ childProcess, name }, options) {
|
|
|
7712
7718
|
|
|
7713
7719
|
// src/features/analysis/scanners/checkmarx.ts
|
|
7714
7720
|
import chalk2 from "chalk";
|
|
7715
|
-
import
|
|
7721
|
+
import Debug14 from "debug";
|
|
7716
7722
|
import { existsSync } from "fs";
|
|
7717
7723
|
import { createSpinner as createSpinner2 } from "nanospinner";
|
|
7718
7724
|
import { type } from "os";
|
|
7719
7725
|
import path6 from "path";
|
|
7720
|
-
var
|
|
7726
|
+
var debug13 = Debug14("mobbdev:checkmarx");
|
|
7721
7727
|
var require2 = createRequire(import.meta.url);
|
|
7722
7728
|
var getCheckmarxPath = () => {
|
|
7723
7729
|
const os2 = type();
|
|
@@ -7758,14 +7764,14 @@ function validateCheckmarxInstallation() {
|
|
|
7758
7764
|
existsSync(getCheckmarxPath());
|
|
7759
7765
|
}
|
|
7760
7766
|
async function forkCheckmarx(args, { display }) {
|
|
7761
|
-
|
|
7767
|
+
debug13("fork checkmarx with args %o %s", args.join(" "), display);
|
|
7762
7768
|
return createSpwan(
|
|
7763
7769
|
{ args, processPath: getCheckmarxPath(), name: "checkmarx" },
|
|
7764
7770
|
{ display }
|
|
7765
7771
|
);
|
|
7766
7772
|
}
|
|
7767
7773
|
async function getCheckmarxReport({ reportPath, repositoryRoot, branch, projectName }, { skipPrompts = false }) {
|
|
7768
|
-
|
|
7774
|
+
debug13("get checkmarx report start %s %s", reportPath, repositoryRoot);
|
|
7769
7775
|
const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
|
|
7770
7776
|
display: false
|
|
7771
7777
|
});
|
|
@@ -7833,20 +7839,20 @@ async function validateCheckamxCredentials() {
|
|
|
7833
7839
|
// src/features/analysis/scanners/snyk.ts
|
|
7834
7840
|
import { createRequire as createRequire2 } from "node:module";
|
|
7835
7841
|
import chalk3 from "chalk";
|
|
7836
|
-
import
|
|
7842
|
+
import Debug15 from "debug";
|
|
7837
7843
|
import { createSpinner as createSpinner3 } from "nanospinner";
|
|
7838
7844
|
import open from "open";
|
|
7839
|
-
var
|
|
7845
|
+
var debug14 = Debug15("mobbdev:snyk");
|
|
7840
7846
|
var require3 = createRequire2(import.meta.url);
|
|
7841
7847
|
var SNYK_PATH = require3.resolve("snyk/bin/snyk");
|
|
7842
7848
|
var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-using-snyk/snyk-code/configure-snyk-code#enable-snyk-code";
|
|
7843
|
-
|
|
7849
|
+
debug14("snyk executable path %s", SNYK_PATH);
|
|
7844
7850
|
async function forkSnyk(args, { display }) {
|
|
7845
|
-
|
|
7851
|
+
debug14("fork snyk with args %o %s", args, display);
|
|
7846
7852
|
return createFork({ args, processPath: SNYK_PATH, name: "snyk" }, { display });
|
|
7847
7853
|
}
|
|
7848
7854
|
async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
7849
|
-
|
|
7855
|
+
debug14("get snyk report start %s %s", reportPath, repoRoot);
|
|
7850
7856
|
const config4 = await forkSnyk(["config"], { display: false });
|
|
7851
7857
|
const { message: configMessage } = config4;
|
|
7852
7858
|
if (!configMessage.includes("api: ")) {
|
|
@@ -7860,7 +7866,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
7860
7866
|
snykLoginSpinner.update({
|
|
7861
7867
|
text: "\u{1F513} Waiting for Snyk login to complete"
|
|
7862
7868
|
});
|
|
7863
|
-
|
|
7869
|
+
debug14("no token in the config %s", config4);
|
|
7864
7870
|
await forkSnyk(["auth"], { display: true });
|
|
7865
7871
|
snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
|
|
7866
7872
|
}
|
|
@@ -7870,12 +7876,12 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
7870
7876
|
{ display: true }
|
|
7871
7877
|
);
|
|
7872
7878
|
if (scanOutput.includes("Snyk Code is not supported for org")) {
|
|
7873
|
-
|
|
7879
|
+
debug14("snyk code is not enabled %s", scanOutput);
|
|
7874
7880
|
snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
|
|
7875
7881
|
const answer = await snykArticlePrompt();
|
|
7876
|
-
|
|
7882
|
+
debug14("answer %s", answer);
|
|
7877
7883
|
if (answer) {
|
|
7878
|
-
|
|
7884
|
+
debug14("opening the browser");
|
|
7879
7885
|
await open(SNYK_ARTICLE_URL);
|
|
7880
7886
|
}
|
|
7881
7887
|
console.log(
|
|
@@ -7890,18 +7896,18 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
7890
7896
|
}
|
|
7891
7897
|
|
|
7892
7898
|
// src/features/analysis/upload-file.ts
|
|
7893
|
-
import
|
|
7899
|
+
import Debug16 from "debug";
|
|
7894
7900
|
import fetch3, { File, fileFrom, FormData } from "node-fetch";
|
|
7895
|
-
var
|
|
7901
|
+
var debug15 = Debug16("mobbdev:upload-file");
|
|
7896
7902
|
async function uploadFile({
|
|
7897
7903
|
file,
|
|
7898
7904
|
url,
|
|
7899
7905
|
uploadKey,
|
|
7900
7906
|
uploadFields
|
|
7901
7907
|
}) {
|
|
7902
|
-
|
|
7903
|
-
|
|
7904
|
-
|
|
7908
|
+
debug15("upload file start %s", url);
|
|
7909
|
+
debug15("upload fields %o", uploadFields);
|
|
7910
|
+
debug15("upload key %s", uploadKey);
|
|
7905
7911
|
const form = new FormData();
|
|
7906
7912
|
Object.entries(uploadFields).forEach(([key, value]) => {
|
|
7907
7913
|
form.append(key, value);
|
|
@@ -7910,10 +7916,10 @@ async function uploadFile({
|
|
|
7910
7916
|
form.append("key", uploadKey);
|
|
7911
7917
|
}
|
|
7912
7918
|
if (typeof file === "string") {
|
|
7913
|
-
|
|
7919
|
+
debug15("upload file from path %s", file);
|
|
7914
7920
|
form.append("file", await fileFrom(file));
|
|
7915
7921
|
} else {
|
|
7916
|
-
|
|
7922
|
+
debug15("upload file from buffer");
|
|
7917
7923
|
form.append("file", new File([file], "file"));
|
|
7918
7924
|
}
|
|
7919
7925
|
const response = await fetch3(url, {
|
|
@@ -7921,10 +7927,10 @@ async function uploadFile({
|
|
|
7921
7927
|
body: form
|
|
7922
7928
|
});
|
|
7923
7929
|
if (!response.ok) {
|
|
7924
|
-
|
|
7930
|
+
debug15("error from S3 %s %s", response.body, response.status);
|
|
7925
7931
|
throw new Error(`Failed to upload the file: ${response.status}`);
|
|
7926
7932
|
}
|
|
7927
|
-
|
|
7933
|
+
debug15("upload file done");
|
|
7928
7934
|
}
|
|
7929
7935
|
|
|
7930
7936
|
// src/features/analysis/index.ts
|
|
@@ -7943,9 +7949,9 @@ async function downloadRepo({
|
|
|
7943
7949
|
}) {
|
|
7944
7950
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
7945
7951
|
const repoSpinner = createSpinner5("\u{1F4BE} Downloading Repo").start();
|
|
7946
|
-
|
|
7952
|
+
debug16("download repo %s %s %s", repoUrl, dirname);
|
|
7947
7953
|
const zipFilePath = path7.join(dirname, "repo.zip");
|
|
7948
|
-
|
|
7954
|
+
debug16("download URL: %s auth headers: %o", downloadUrl, authHeaders);
|
|
7949
7955
|
const response = await fetch4(downloadUrl, {
|
|
7950
7956
|
method: "GET",
|
|
7951
7957
|
headers: {
|
|
@@ -7953,7 +7959,7 @@ async function downloadRepo({
|
|
|
7953
7959
|
}
|
|
7954
7960
|
});
|
|
7955
7961
|
if (!response.ok) {
|
|
7956
|
-
|
|
7962
|
+
debug16("SCM zipball request failed %s %s", response.body, response.status);
|
|
7957
7963
|
repoSpinner.error({ text: "\u{1F4BE} Repo download failed" });
|
|
7958
7964
|
throw new Error(`Can't access ${chalk4.bold(repoUrl)}`);
|
|
7959
7965
|
}
|
|
@@ -7967,7 +7973,7 @@ async function downloadRepo({
|
|
|
7967
7973
|
if (!repoRoot) {
|
|
7968
7974
|
throw new Error("Repo root not found");
|
|
7969
7975
|
}
|
|
7970
|
-
|
|
7976
|
+
debug16("repo root %s", repoRoot);
|
|
7971
7977
|
repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
|
|
7972
7978
|
return path7.join(dirname, repoRoot);
|
|
7973
7979
|
}
|
|
@@ -7976,9 +7982,9 @@ var getReportUrl = ({
|
|
|
7976
7982
|
projectId,
|
|
7977
7983
|
fixReportId
|
|
7978
7984
|
}) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
|
|
7979
|
-
var
|
|
7985
|
+
var debug16 = Debug17("mobbdev:index");
|
|
7980
7986
|
var config2 = new Configstore(packageJson.name, { apiToken: "" });
|
|
7981
|
-
|
|
7987
|
+
debug16("config %o", config2);
|
|
7982
7988
|
async function runAnalysis(params, options) {
|
|
7983
7989
|
const tmpObj = tmp2.dirSync({
|
|
7984
7990
|
unsafeCleanup: true
|
|
@@ -8121,7 +8127,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
8121
8127
|
autoPr,
|
|
8122
8128
|
commitDirectly
|
|
8123
8129
|
} = params;
|
|
8124
|
-
|
|
8130
|
+
debug16("start %s %s", dirname, repo);
|
|
8125
8131
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
8126
8132
|
skipPrompts = skipPrompts || ci;
|
|
8127
8133
|
let gqlClient = new GQLClient({
|
|
@@ -8192,8 +8198,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
8192
8198
|
);
|
|
8193
8199
|
}
|
|
8194
8200
|
const { sha } = getReferenceDataRes.gitReference;
|
|
8195
|
-
|
|
8196
|
-
|
|
8201
|
+
debug16("project id %s", projectId);
|
|
8202
|
+
debug16("default branch %s", reference);
|
|
8197
8203
|
if (command === "scan") {
|
|
8198
8204
|
reportPath = await getReport(
|
|
8199
8205
|
{
|
|
@@ -8485,9 +8491,9 @@ async function _digestReport({
|
|
|
8485
8491
|
import chalk5 from "chalk";
|
|
8486
8492
|
import chalkAnimation from "chalk-animation";
|
|
8487
8493
|
import Configstore2 from "configstore";
|
|
8488
|
-
import
|
|
8494
|
+
import Debug18 from "debug";
|
|
8489
8495
|
import open3 from "open";
|
|
8490
|
-
var
|
|
8496
|
+
var debug17 = Debug18("mobbdev:commands");
|
|
8491
8497
|
async function review(params, { skipPrompts = true } = {}) {
|
|
8492
8498
|
const {
|
|
8493
8499
|
repo,
|
|
@@ -8659,9 +8665,9 @@ async function handleMobbLogin({
|
|
|
8659
8665
|
});
|
|
8660
8666
|
loginSpinner.spin();
|
|
8661
8667
|
if (encryptedApiToken) {
|
|
8662
|
-
|
|
8668
|
+
debug17("encrypted API token received %s", encryptedApiToken);
|
|
8663
8669
|
newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
|
|
8664
|
-
|
|
8670
|
+
debug17("API token decrypted");
|
|
8665
8671
|
break;
|
|
8666
8672
|
}
|
|
8667
8673
|
await sleep(LOGIN_CHECK_DELAY);
|
|
@@ -8674,7 +8680,7 @@ async function handleMobbLogin({
|
|
|
8674
8680
|
}
|
|
8675
8681
|
const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
|
|
8676
8682
|
if (await newGqlClient.verifyToken()) {
|
|
8677
|
-
|
|
8683
|
+
debug17("set api token %s", newApiToken);
|
|
8678
8684
|
config3.set("apiToken", newApiToken);
|
|
8679
8685
|
loginSpinner.success({ text: "\u{1F513} Login to Mobb successful!" });
|
|
8680
8686
|
} else {
|