npm - mobbdev - Versions diffs - 1.0.178 → 1.0.180 - Mend

mobbdev 1.0.178 → 1.0.180

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +432 -101
package/package.json +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -2276,6 +2276,39 @@ var UploadS3BucketInfoDocument = `
   }
 }
     `;
+var UploadAiBlameInferencesInitDocument = `
+    mutation UploadAIBlameInferencesInit($sessions: [AIBlameInferenceInitInput!]!) {
+  uploadAIBlameInferencesInit(sessions: $sessions) {
+    status
+    error
+    uploadSessions {
+      aiBlameInferenceId
+      prompt {
+        url
+        artifactId
+        fileName
+        uploadFieldsJSON
+        uploadKey
+      }
+      inference {
+        url
+        artifactId
+        fileName
+        uploadFieldsJSON
+        uploadKey
+      }
+    }
+  }
+}
+    `;
+var FinalizeAiBlameInferencesUploadDocument = `
+    mutation FinalizeAIBlameInferencesUpload($sessions: [AIBlameInferenceFinalizeInput!]!) {
+  finalizeAIBlameInferencesUpload(sessions: $sessions) {
+    status
+    error
+  }
+}
+    `;
 var DigestVulnerabilityReportDocument = `
     mutation DigestVulnerabilityReport($vulnerabilityReportFileName: String, $fixReportId: String!, $projectId: String!, $scanSource: String!, $repoUrl: String, $reference: String, $sha: String) {
   digestVulnerabilityReport(
@@ -2533,6 +2566,12 @@ function getSdk(client, withWrapper = defaultWrapper) {
     uploadS3BucketInfo(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: UploadS3BucketInfoDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "uploadS3BucketInfo", "mutation", variables);
     },
+    UploadAIBlameInferencesInit(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: UploadAiBlameInferencesInitDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "UploadAIBlameInferencesInit", "mutation", variables);
+    },
+    FinalizeAIBlameInferencesUpload(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: FinalizeAiBlameInferencesUploadDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "FinalizeAIBlameInferencesUpload", "mutation", variables);
+    },
     DigestVulnerabilityReport(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: DigestVulnerabilityReportDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "DigestVulnerabilityReport", "mutation", variables);
     },
@@ -6375,7 +6414,7 @@ async function getAdoSdk(params) {
       const url = new URL(repoUrl);
       const origin2 = url.origin.toLowerCase().endsWith(".visualstudio.com") ? DEFUALT_ADO_ORIGIN : url.origin.toLowerCase();
       const params2 = `path=/&versionDescriptor[versionOptions]=0&versionDescriptor[versionType]=commit&versionDescriptor[version]=${branch}&resolveLfs=true&$format=zip&api-version=5.0&download=true`;
-      const path16 = [
+      const path17 = [
         prefixPath,
         owner,
         projectName,
@@ -6386,7 +6425,7 @@ async function getAdoSdk(params) {
         "items",
         "items"
       ].filter(Boolean).join("/");
-      return new URL(`${path16}?${params2}`, origin2).toString();
+      return new URL(`${path17}?${params2}`, origin2).toString();
     },
     async getAdoBranchList({ repoUrl }) {
       try {
@@ -6877,6 +6916,9 @@ var AdoSCMLib = class extends SCMLib {
       markdownComment: comment
     });
   }
+  async getCommitDiff(_commitSha) {
+    throw new Error("getCommitDiff not implemented for ADO");
+  }
 };
 // src/features/analysis/scm/bitbucket/bitbucket.ts
@@ -7440,6 +7482,9 @@ var BitbucketSCMLib = class extends SCMLib {
       markdownComment: comment
     });
   }
+  async getCommitDiff(_commitSha) {
+    throw new Error("getCommitDiff not implemented for Bitbucket");
+  }
 };
 // src/features/analysis/scm/constants.ts
@@ -7808,6 +7853,33 @@ function getGithubSdk(params = {}) {
         commit_sha: commitSha
       });
     },
+    async getCommitWithDiff({
+      commitSha,
+      owner,
+      repo
+    }) {
+      const [commitData, diffData] = await Promise.all([
+        // Get commit metadata
+        octokit.rest.repos.getCommit({
+          repo,
+          owner,
+          ref: commitSha
+        }),
+        // Get commit diff
+        octokit.request("GET /repos/{owner}/{repo}/commits/{ref}", {
+          owner,
+          repo,
+          ref: commitSha,
+          headers: {
+            Accept: "application/vnd.github.v3.diff"
+          }
+        })
+      ]);
+      return {
+        commit: commitData.data,
+        diff: diffData.data
+      };
+    },
     async getTagDate({
       tag,
       owner,
@@ -7841,14 +7913,14 @@ function getGithubSdk(params = {}) {
       };
     },
     async getGithubBlameRanges(params2) {
-      const { ref, gitHubUrl, path: path16 } = params2;
+      const { ref, gitHubUrl, path: path17 } = params2;
       const { owner, repo } = parseGithubOwnerAndRepo(gitHubUrl);
       const res = await octokit.graphql(
         GET_BLAME_DOCUMENT,
         {
           owner,
           repo,
-          path: path16,
+          path: path17,
           ref
         }
       );
@@ -8155,11 +8227,11 @@ var GithubSCMLib = class extends SCMLib {
       markdownComment: comment
     });
   }
-  async getRepoBlameRanges(ref, path16) {
+  async getRepoBlameRanges(ref, path17) {
     this._validateUrl();
     return await this.githubSdk.getGithubBlameRanges({
       ref,
-      path: path16,
+      path: path17,
       gitHubUrl: this.url
     });
   }
@@ -8243,6 +8315,24 @@ var GithubSCMLib = class extends SCMLib {
       comment_id: commentId
     });
   }
+  async getCommitDiff(commitSha) {
+    this._validateAccessTokenAndUrl();
+    const { owner, repo } = parseGithubOwnerAndRepo(this.url);
+    const { commit, diff } = await this.githubSdk.getCommitWithDiff({
+      owner,
+      repo,
+      commitSha
+    });
+    const commitTimestamp = commit.commit.committer?.date ? new Date(commit.commit.committer.date) : new Date(commit.commit.author?.date || Date.now());
+    return {
+      diff,
+      commitTimestamp,
+      commitSha: commit.sha,
+      authorName: commit.commit.author?.name,
+      authorEmail: commit.commit.author?.email,
+      message: commit.commit.message
+    };
+  }
 };
 // src/features/analysis/scm/gitlab/gitlab.ts
@@ -8573,13 +8663,13 @@ function parseGitlabOwnerAndRepo(gitlabUrl) {
   const { organization, repoName, projectPath } = parsingResult;
   return { owner: organization, repo: repoName, projectPath };
 }
-async function getGitlabBlameRanges({ ref, gitlabUrl, path: path16 }, options) {
+async function getGitlabBlameRanges({ ref, gitlabUrl, path: path17 }, options) {
   const { projectPath } = parseGitlabOwnerAndRepo(gitlabUrl);
   const api2 = getGitBeaker({
     url: gitlabUrl,
     gitlabAuthToken: options?.gitlabAuthToken
   });
-  const resp = await api2.RepositoryFiles.allFileBlames(projectPath, path16, ref);
+  const resp = await api2.RepositoryFiles.allFileBlames(projectPath, path17, ref);
   let lineNumber = 1;
   return resp.filter((range) => range.lines).map((range) => {
     const oldLineNumber = lineNumber;
@@ -8755,10 +8845,10 @@ var GitlabSCMLib = class extends SCMLib {
       markdownComment: comment
     });
   }
-  async getRepoBlameRanges(ref, path16) {
+  async getRepoBlameRanges(ref, path17) {
     this._validateUrl();
     return await getGitlabBlameRanges(
-      { ref, path: path16, gitlabUrl: this.url },
+      { ref, path: path17, gitlabUrl: this.url },
       {
         url: this.url,
         gitlabAuthToken: this.accessToken
@@ -8808,6 +8898,9 @@ var GitlabSCMLib = class extends SCMLib {
     this._validateAccessTokenAndUrl();
     return `${this.url}/-/commits/${branchName}`;
   }
+  async getCommitDiff(_commitSha) {
+    throw new Error("getCommitDiff not implemented for GitLab");
+  }
 };
 // src/features/analysis/scm/scmFactory.ts
@@ -8904,6 +8997,17 @@ var StubSCMLib = class extends SCMLib {
   async addCommentToSubmitRequest(_submitRequestId, _comment) {
     console.warn("addCommentToSubmitRequest() no-op");
   }
+  async getCommitDiff(_commitSha) {
+    console.warn("getCommitDiff() returning stub diff");
+    return {
+      diff: "",
+      commitTimestamp: /* @__PURE__ */ new Date(),
+      commitSha: _commitSha,
+      authorName: void 0,
+      authorEmail: void 0,
+      message: void 0
+    };
+  }
 };
 // src/features/analysis/scm/scmFactory.ts
@@ -9456,7 +9560,8 @@ var mobbCliCommand = {
   analyze: "analyze",
   review: "review",
   convertToSarif: "convert-to-sarif",
-  mcp: "mcp"
+  mcp: "mcp",
+  uploadAiBlame: "upload-ai-blame"
 };
 var ScanContext = {
   FULL_SCAN: "FULL_SCAN",
@@ -9467,7 +9572,7 @@ var ScanContext = {
 };
 // src/args/yargs.ts
-import chalk10 from "chalk";
+import chalk11 from "chalk";
 import yargs from "yargs/yargs";
 // src/args/commands/analyze.ts
@@ -9836,7 +9941,7 @@ async function postIssueComment(params) {
     fpDescription
   } = params;
   const {
-    path: path16,
+    path: path17,
     startLine,
     vulnerabilityReportIssue: {
       vulnerabilityReportIssueTags,
@@ -9851,7 +9956,7 @@ async function postIssueComment(params) {
 Refresh the page in order to see the changes.`,
     pull_number: pullRequest,
     commit_id: commitSha,
-    path: path16,
+    path: path17,
     line: startLine
   });
   const commentId = commentRes.data.id;
@@ -9885,7 +9990,7 @@ async function postFixComment(params) {
     scanner
   } = params;
   const {
-    path: path16,
+    path: path17,
     startLine,
     vulnerabilityReportIssue: { fixId, vulnerabilityReportIssueTags, category },
     vulnerabilityReportIssueId
@@ -9903,7 +10008,7 @@ async function postFixComment(params) {
 Refresh the page in order to see the changes.`,
     pull_number: pullRequest,
     commit_id: commitSha,
-    path: path16,
+    path: path17,
     line: startLine
   });
   const commentId = commentRes.data.id;
@@ -12559,6 +12664,12 @@ var McpGQLClient = class {
       }
     };
   }
+  async uploadAIBlameInferencesInitRaw(variables) {
+    return await this.clientSdk.UploadAIBlameInferencesInit(variables);
+  }
+  async finalizeAIBlameInferencesUploadRaw(variables) {
+    return await this.clientSdk.FinalizeAIBlameInferencesUpload(variables);
+  }
   async isApiEndpointReachable() {
     try {
       logDebug("[GraphQL] Calling Me query for API connection verification");
@@ -13095,7 +13206,7 @@ var McpGQLClient = class {
   }
 };
 async function createAuthenticatedMcpGQLClient({
-  isBackgoundCall = false
+  isBackgroundCall = false
 } = {}) {
   logDebug("[GraphQL] Getting config", {
     apiToken: configStore.get("apiToken")
@@ -13116,18 +13227,18 @@ async function createAuthenticatedMcpGQLClient({
     return initialClient;
   }
   const authService = new McpAuthService(initialClient);
-  const newApiToken = await authService.authenticate(isBackgoundCall);
+  const newApiToken = await authService.authenticate(isBackgroundCall);
   configStore.set("apiToken", newApiToken);
   return new McpGQLClient({ apiKey: newApiToken, type: "apiKey" });
 }
-// src/mcp/services/McpUsageService.ts
+// src/mcp/services/McpUsageService/McpUsageService.ts
 init_configs();
 import fetch5 from "node-fetch";
 import os4 from "os";
 import { v4 as uuidv43, v5 as uuidv5 } from "uuid";
-// src/mcp/core/host.ts
+// src/mcp/services/McpUsageService/host.ts
 import { execSync } from "child_process";
 import fs10 from "fs";
 import os3 from "os";
@@ -13242,7 +13353,7 @@ var getProcessInfo = (pid) => {
       const cmd = parts.slice(2).join(" ");
       return { pid: pidStr ?? "", ppid: ppid ?? "", cmd };
     } else {
-      logWarn(`Unsupported platform: ${platform}`);
+      logWarn(`[UsageService] Unsupported platform: ${platform}`);
       return null;
     }
   } catch {
@@ -13350,7 +13461,7 @@ var getHostInfo = () => {
   return { mcps: results, user: gitInfo };
 };
-// src/mcp/services/McpUsageService.ts
+// src/mcp/services/McpUsageService/McpUsageService.ts
 var McpUsageService = class {
   constructor() {
     __publicField(this, "configKey", "mcpUsage");
@@ -13364,10 +13475,9 @@ var McpUsageService = class {
     }
   }
   startPeriodicTracking() {
-    const scanContext = ScanContext.BACKGROUND_PERIODIC;
-    logDebug(`[${scanContext}] Starting periodic tracking for mcps`, {});
+    logDebug(`[UsageService] Starting periodic tracking for mcps`, {});
     this.intervalId = setInterval(async () => {
-      logDebug(`[${scanContext}] Triggering periodic security scan`, {
+      logDebug(`[UsageService] Triggering periodic usage service`, {
         MCP_PERIODIC_TRACK_INTERVAL
       });
       await mcpUsageService.trackServerStart();
@@ -13386,13 +13496,13 @@ var McpUsageService = class {
     }
     const macString = macs.length ? macs.sort().join(",") : `${os4.hostname()}-${uuidv43()}`;
     const hostId = uuidv5(macString, uuidv5.DNS);
-    logDebug("Generated new host ID", { hostId });
+    logDebug("[UsageService] Generated new host ID", { hostId });
     return hostId;
   }
   getOrganizationId() {
     const organizationId = configStore.get("GOV-ORG-ID") || "";
     if (organizationId) {
-      logDebug("Using stored organization ID", {
+      logDebug("[UsageService] Using stored organization ID", {
         organizationId
       });
       return organizationId;
@@ -13419,7 +13529,9 @@ var McpUsageService = class {
       const hostId = this.generateHostId();
       const organizationId = this.getOrganizationId();
       if (!organizationId) {
-        logError("Cannot track MCP usage - organization ID not available");
+        logError(
+          "[UsageService] Cannot track MCP usage - organization ID not available"
+        );
         return;
       }
       const usageData = this.createUsageData(hostId, organizationId, status);
@@ -13428,10 +13540,12 @@ var McpUsageService = class {
         (key) => usageData[key] !== stored[key]
       );
       if (!hasChanges) {
-        logDebug(`Skipping ${status} usage tracking - no changes`);
+        logDebug(
+          `[UsageService] Skipping ${status} usage tracking - no changes`
+        );
         return;
       }
-      logDebug("Before", { usageData });
+      logDebug("[UsageService] Before", { usageData });
       try {
         const res = await fetch5(this.REST_API_URL, {
           method: "POST",
@@ -13448,19 +13562,19 @@ var McpUsageService = class {
           })
         });
         const authResult = await res.json();
-        logDebug("Success usage data", { authResult });
+        logDebug("[UsageService] Success usage data", { authResult });
       } catch (err) {
-        logDebug("Error usage data", { err });
+        logDebug("[UsageService] Error usage data", { err });
       }
-      logDebug("Saving usage data", { usageData });
+      logDebug("[UsageService] Saving usage data", { usageData });
       configStore.set(this.configKey, usageData);
       logInfo(
-        `MCP server ${status === "ACTIVE" ? "start" : "stop"} tracked successfully`
+        `[UsageService] MCP server ${status === "ACTIVE" ? "start" : "stop"} tracked successfully`
       );
     } catch (error) {
       configStore.set(this.configKey, { status: "FAILED" });
       logError(
-        `Failed to track MCP server ${status === "ACTIVE" ? "start" : "stop"}`,
+        `[UsageService] Failed to track MCP server ${status === "ACTIVE" ? "start" : "stop"}`,
         { error }
       );
     }
@@ -13530,6 +13644,9 @@ var McpServer = class {
     __publicField(this, "toolRegistry");
     __publicField(this, "isEventHandlersSetup", false);
     __publicField(this, "eventHandlers", /* @__PURE__ */ new Map());
+    __publicField(this, "parentProcessCheckInterval");
+    __publicField(this, "parentPid");
+    this.parentPid = process.ppid;
     this.server = new Server(
       {
         name: config4.name,
@@ -13544,8 +13661,12 @@ var McpServer = class {
     this.toolRegistry = new ToolRegistry();
     this.setupHandlers();
     this.setupProcessEventHandlers();
+    this.setupParentProcessMonitoring();
     logInfo("MCP server instance created");
-    logDebug("MCP server instance config", { config: config4 });
+    logDebug("MCP server instance config", {
+      config: config4,
+      parentPid: this.parentPid
+    });
   }
   async trackServerUsage(action, signalOrError) {
     try {
@@ -13570,6 +13691,12 @@ var McpServer = class {
     const messages = {
       SIGINT: "MCP server interrupted",
       SIGTERM: "MCP server terminated",
+      SIGHUP: "MCP server hangup signal received",
+      SIGQUIT: "MCP server quit signal received",
+      SIGABRT: "MCP server abort signal received",
+      SIGPIPE: "MCP server broken pipe signal received",
+      SIGCHLD: "MCP server child process signal received",
+      SIGTSTP: "MCP server terminal stop signal received",
       exit: "MCP server exiting",
       uncaughtException: "Uncaught exception in MCP server",
       unhandledRejection: "Unhandled promise rejection in MCP server",
@@ -13600,7 +13727,10 @@ var McpServer = class {
     } else {
       logDebug(message, { signal });
     }
-    if (signal === "SIGINT" || signal === "SIGTERM") {
+    if (signal === "SIGCHLD") {
+      return;
+    }
+    if (signal === "SIGINT" || signal === "SIGTERM" || signal === "SIGHUP" || signal === "SIGQUIT" || signal === "SIGABRT" || signal === "SIGPIPE" || signal === "SIGTSTP") {
       await this.trackServerUsage("stop", signal);
       process.exit(0);
     }
@@ -13609,6 +13739,62 @@ var McpServer = class {
       process.exit(1);
     }
   }
+  isParentProcessAlive() {
+    try {
+      process.kill(this.parentPid, 0);
+      return true;
+    } catch (error) {
+      return false;
+    }
+  }
+  async handleParentProcessDeath(source) {
+    logInfo(`Parent process death detected via ${source}`, {
+      parentPid: this.parentPid
+    });
+    await this.trackServerUsage("stop", `parent-death-${source}`);
+    process.exit(0);
+  }
+  setupParentProcessMonitoring() {
+    logInfo("Setting up parent process monitoring", {
+      parentPid: this.parentPid
+    });
+    process.stdin.on("close", async () => {
+      logDebug("stdin closed - parent likely terminated");
+      await this.handleParentProcessDeath("stdin-close");
+    });
+    process.stdin.on("end", async () => {
+      logDebug("stdin ended - parent likely terminated");
+      await this.handleParentProcessDeath("stdin-end");
+    });
+    process.stdout.on("error", async (error) => {
+      logWarn("stdout error - parent may have terminated", { error });
+      if (error.message.includes("EPIPE") || error.message.includes("ECONNRESET")) {
+        await this.handleParentProcessDeath("stdout-error");
+      }
+    });
+    process.stderr.on("error", async (error) => {
+      logWarn("stderr error - parent may have terminated", { error });
+      if (error.message.includes("EPIPE") || error.message.includes("ECONNRESET")) {
+        await this.handleParentProcessDeath("stderr-error");
+      }
+    });
+    if (process.send) {
+      process.on("disconnect", async () => {
+        logDebug("IPC disconnected - parent terminated");
+        await this.handleParentProcessDeath("ipc-disconnect");
+      });
+      logDebug("IPC monitoring enabled");
+    } else {
+      logDebug("IPC not available - skipping IPC monitoring");
+    }
+    this.parentProcessCheckInterval = setInterval(async () => {
+      if (!this.isParentProcessAlive()) {
+        logDebug("Parent process not alive during periodic check");
+        await this.handleParentProcessDeath("periodic-check");
+      }
+    }, 1e4);
+    logInfo("Parent process monitoring setup complete");
+  }
   setupProcessEventHandlers() {
     if (this.isEventHandlersSetup) {
       logDebug("Process event handlers already setup, skipping");
@@ -13617,6 +13803,12 @@ var McpServer = class {
     const signals = [
       "SIGINT",
       "SIGTERM",
+      "SIGHUP",
+      "SIGQUIT",
+      "SIGABRT",
+      "SIGPIPE",
+      "SIGCHLD",
+      "SIGTSTP",
       "exit",
       "uncaughtException",
       "unhandledRejection",
@@ -13640,12 +13832,17 @@ var McpServer = class {
       };
       process.once("SIGINT", cleanup);
       process.once("SIGTERM", cleanup);
+      process.once("SIGHUP", cleanup);
+      process.once("SIGQUIT", cleanup);
+      process.once("SIGABRT", cleanup);
+      process.once("SIGPIPE", cleanup);
+      process.once("SIGTSTP", cleanup);
     });
   }
   async triggerScanForNewAvailableFixes() {
     try {
       const gqlClient = await createAuthenticatedMcpGQLClient({
-        isBackgoundCall: true
+        isBackgroundCall: true
       });
       const isConnected = await gqlClient.verifyApiConnection();
       if (!isConnected) {
@@ -13770,6 +13967,12 @@ var McpServer = class {
     this.toolRegistry.registerTool(tool);
     logInfo(`Tool registered: ${tool.name}`);
   }
+  getParentProcessId() {
+    return this.parentPid;
+  }
+  checkParentProcessAlive() {
+    return this.isParentProcessAlive();
+  }
   async start() {
     try {
       logInfo("Starting MCP server");
@@ -13788,6 +13991,11 @@ var McpServer = class {
   async stop() {
     logDebug("MCP server shutting down");
     await this.trackServerUsage("stop");
+    if (this.parentProcessCheckInterval) {
+      clearInterval(this.parentProcessCheckInterval);
+      this.parentProcessCheckInterval = void 0;
+      logDebug("Parent process check interval cleared");
+    }
     this.eventHandlers.forEach((handler, signal) => {
       process.removeListener(signal, handler);
     });
@@ -14421,23 +14629,23 @@ init_configs();
 import fs12 from "fs/promises";
 import nodePath from "path";
 var getLocalFiles = async ({
-  path: path16,
+  path: path17,
   maxFileSize = MCP_MAX_FILE_SIZE,
   maxFiles,
   isAllFilesScan,
   scanContext
 }) => {
   logDebug(`[${scanContext}] Starting getLocalFiles`, {
-    path: path16,
+    path: path17,
     maxFileSize,
     maxFiles,
     isAllFilesScan
   });
   try {
-    const resolvedRepoPath = await fs12.realpath(path16);
+    const resolvedRepoPath = await fs12.realpath(path17);
     logDebug(`[${scanContext}] Resolved repository path`, {
       resolvedRepoPath,
-      originalPath: path16
+      originalPath: path17
     });
     const gitService = new GitService(resolvedRepoPath, log);
     const gitValidation = await gitService.validateRepository();
@@ -14450,7 +14658,7 @@ var getLocalFiles = async ({
     if (!gitValidation.isValid || isAllFilesScan) {
       try {
         files = await FileUtils.getLastChangedFiles({
-          dir: path16,
+          dir: path17,
           maxFileSize,
           maxFiles,
           isAllFilesScan
@@ -14542,7 +14750,7 @@ var getLocalFiles = async ({
     logError(`${scanContext}Unexpected error in getLocalFiles`, {
       error: error instanceof Error ? error.message : String(error),
       stack: error instanceof Error ? error.stack : void 0,
-      path: path16
+      path: path17
     });
     throw error;
   }
@@ -16676,14 +16884,14 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
    * since the last scan.
    */
   async scanForSecurityVulnerabilities({
-    path: path16,
+    path: path17,
     isAllDetectionRulesScan,
     isAllFilesScan,
     scanContext
   }) {
     this.hasAuthenticationFailed = false;
     logDebug(`[${scanContext}] Scanning for new security vulnerabilities`, {
-      path: path16
+      path: path17
     });
     if (!this.gqlClient) {
       logInfo(`[${scanContext}] No GQL client found, skipping scan`);
@@ -16699,10 +16907,10 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       }
       logDebug(
         `[${scanContext}] Connected to the API, assembling list of files to scan`,
-        { path: path16 }
+        { path: path17 }
       );
       const files = await getLocalFiles({
-        path: path16,
+        path: path17,
         isAllFilesScan,
         scanContext
       });
@@ -16727,13 +16935,13 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       });
       const { fixReportId, projectId } = await scanFiles({
         fileList: filesToScan.map((file) => file.relativePath),
-        repositoryPath: path16,
+        repositoryPath: path17,
         gqlClient: this.gqlClient,
         isAllDetectionRulesScan,
         scanContext
       });
       logInfo(
-        `[${scanContext}] Security scan completed for ${path16} reportId: ${fixReportId} projectId: ${projectId}`
+        `[${scanContext}] Security scan completed for ${path17} reportId: ${fixReportId} projectId: ${projectId}`
       );
       if (isAllFilesScan) {
         return;
@@ -17027,13 +17235,13 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     });
     return scannedFiles.some((file) => file.relativePath === fixFile);
   }
-  async getFreshFixes({ path: path16 }) {
+  async getFreshFixes({ path: path17 }) {
     const scanContext = ScanContext.USER_REQUEST;
-    logDebug(`[${scanContext}] Getting fresh fixes`, { path: path16 });
-    if (this.path !== path16) {
-      this.path = path16;
+    logDebug(`[${scanContext}] Getting fresh fixes`, { path: path17 });
+    if (this.path !== path17) {
+      this.path = path17;
       this.reset();
-      logInfo(`[${scanContext}] Reset service state for new path`, { path: path16 });
+      logInfo(`[${scanContext}] Reset service state for new path`, { path: path17 });
     }
     try {
       this.gqlClient = await createAuthenticatedMcpGQLClient();
@@ -17051,7 +17259,7 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       }
       throw error;
     }
-    this.triggerScan({ path: path16, gqlClient: this.gqlClient });
+    this.triggerScan({ path: path17, gqlClient: this.gqlClient });
     let isMvsAutoFixEnabled = null;
     try {
       isMvsAutoFixEnabled = await this.gqlClient.getMvsAutoFixSettings();
@@ -17085,33 +17293,33 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
     return noFreshFixesPrompt;
   }
   triggerScan({
-    path: path16,
+    path: path17,
     gqlClient
   }) {
-    if (this.path !== path16) {
-      this.path = path16;
+    if (this.path !== path17) {
+      this.path = path17;
       this.reset();
-      logInfo(`Reset service state for new path in triggerScan`, { path: path16 });
+      logInfo(`Reset service state for new path in triggerScan`, { path: path17 });
     }
     this.gqlClient = gqlClient;
     if (!this.intervalId) {
-      this.startPeriodicScanning(path16);
-      this.executeInitialScan(path16);
-      void this.executeInitialFullScan(path16);
+      this.startPeriodicScanning(path17);
+      this.executeInitialScan(path17);
+      void this.executeInitialFullScan(path17);
     }
   }
-  startPeriodicScanning(path16) {
+  startPeriodicScanning(path17) {
     const scanContext = ScanContext.BACKGROUND_PERIODIC;
     logDebug(
       `[${scanContext}] Starting periodic scan for new security vulnerabilities`,
       {
-        path: path16
+        path: path17
       }
     );
     this.intervalId = setInterval(() => {
-      logDebug(`[${scanContext}] Triggering periodic security scan`, { path: path16 });
+      logDebug(`[${scanContext}] Triggering periodic security scan`, { path: path17 });
       this.scanForSecurityVulnerabilities({
-        path: path16,
+        path: path17,
         scanContext
       }).catch((error) => {
         logError(`[${scanContext}] Error during periodic security scan`, {
@@ -17120,45 +17328,45 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       });
     }, MCP_PERIODIC_CHECK_INTERVAL);
   }
-  async executeInitialFullScan(path16) {
+  async executeInitialFullScan(path17) {
     const scanContext = ScanContext.FULL_SCAN;
-    logDebug(`[${scanContext}] Triggering initial full security scan`, { path: path16 });
+    logDebug(`[${scanContext}] Triggering initial full security scan`, { path: path17 });
     logDebug(`[${scanContext}] Full scan paths scanned`, {
       fullScanPathsScanned: this.fullScanPathsScanned
     });
-    if (this.fullScanPathsScanned.includes(path16)) {
+    if (this.fullScanPathsScanned.includes(path17)) {
       logDebug(`[${scanContext}] Full scan already executed for this path`, {
-        path: path16
+        path: path17
       });
       return;
     }
     configStore.set("fullScanPathsScanned", [
       ...this.fullScanPathsScanned,
-      path16
+      path17
     ]);
     try {
       await this.scanForSecurityVulnerabilities({
-        path: path16,
+        path: path17,
         isAllFilesScan: true,
         isAllDetectionRulesScan: true,
         scanContext: ScanContext.FULL_SCAN
       });
-      if (!this.fullScanPathsScanned.includes(path16)) {
-        this.fullScanPathsScanned.push(path16);
+      if (!this.fullScanPathsScanned.includes(path17)) {
+        this.fullScanPathsScanned.push(path17);
         configStore.set("fullScanPathsScanned", this.fullScanPathsScanned);
       }
-      logInfo(`[${scanContext}] Full scan completed`, { path: path16 });
+      logInfo(`[${scanContext}] Full scan completed`, { path: path17 });
     } catch (error) {
       logError(`[${scanContext}] Error during initial full security scan`, {
         error
       });
     }
   }
-  executeInitialScan(path16) {
+  executeInitialScan(path17) {
     const scanContext = ScanContext.BACKGROUND_INITIAL;
-    logDebug(`[${scanContext}] Triggering initial security scan`, { path: path16 });
+    logDebug(`[${scanContext}] Triggering initial security scan`, { path: path17 });
     this.scanForSecurityVulnerabilities({
-      path: path16,
+      path: path17,
       scanContext: ScanContext.BACKGROUND_INITIAL
     }).catch((error) => {
       logError(`[${scanContext}] Error during initial security scan`, { error });
@@ -17254,9 +17462,9 @@ Example payload:
         `Invalid path: potential security risk detected in path: ${pathValidationResult.error}`
       );
     }
-    const path16 = pathValidationResult.path;
+    const path17 = pathValidationResult.path;
     const resultText = await this.newFixesService.getFreshFixes({
-      path: path16
+      path: path17
     });
     logInfo("CheckForNewAvailableFixesTool execution completed", {
       resultText
@@ -17404,8 +17612,8 @@ Call this tool instead of ${MCP_TOOL_SCAN_AND_FIX_VULNERABILITIES} when you only
         `Invalid path: potential security risk detected in path: ${pathValidationResult.error}`
       );
     }
-    const path16 = pathValidationResult.path;
-    const gitService = new GitService(path16, log);
+    const path17 = pathValidationResult.path;
+    const gitService = new GitService(path17, log);
     const gitValidation = await gitService.validateRepository();
     if (!gitValidation.isValid) {
       throw new Error(`Invalid git repository: ${gitValidation.error}`);
@@ -17671,9 +17879,9 @@ Example payload:
         `Invalid path: potential security risk detected in path: ${pathValidationResult.error}`
       );
     }
-    const path16 = pathValidationResult.path;
+    const path17 = pathValidationResult.path;
     const files = await getLocalFiles({
-      path: path16,
+      path: path17,
       maxFileSize: MCP_MAX_FILE_SIZE,
       maxFiles: args.maxFiles,
       scanContext: ScanContext.USER_REQUEST
@@ -17692,7 +17900,7 @@ Example payload:
     try {
       const fixResult = await this.vulnerabilityFixService.processVulnerabilities({
         fileList: files.map((file) => file.relativePath),
-        repositoryPath: path16,
+        repositoryPath: path17,
         offset: args.offset,
         limit: args.limit,
         isRescan: args.rescan || !!args.maxFiles
@@ -17886,60 +18094,183 @@ async function addScmTokenHandler(args) {
   await addScmToken(args);
 }
+// src/args/commands/upload_ai_blame.ts
+import fs17 from "fs/promises";
+import path16 from "path";
+import chalk10 from "chalk";
+function uploadAiBlameBuilder(args) {
+  return args.option("prompt", {
+    type: "string",
+    array: true,
+    demandOption: true,
+    describe: chalk10.bold("Path(s) to prompt artifact(s) (one per session)")
+  }).option("inference", {
+    type: "string",
+    array: true,
+    demandOption: true,
+    describe: chalk10.bold(
+      "Path(s) to inference artifact(s) (one per session)"
+    )
+  }).option("ai-response-at", {
+    type: "string",
+    array: true,
+    describe: chalk10.bold(
+      "ISO timestamp(s) for AI response (one per session, defaults to now)"
+    )
+  }).option("model", {
+    type: "string",
+    array: true,
+    describe: chalk10.bold("AI model name(s) (optional, one per session)")
+  }).option("tool-name", {
+    type: "string",
+    array: true,
+    describe: chalk10.bold("Tool/IDE name(s) (optional, one per session)")
+  }).strict();
+}
+async function uploadAiBlameHandler(args) {
+  const prompts = args.prompt || [];
+  const inferences = args.inference || [];
+  const models = args.model || [];
+  const tools = args.toolName || args["tool-name"] || [];
+  const responseTimes = args.aiResponseAt || args["ai-response-at"] || [];
+  if (prompts.length !== inferences.length) {
+    console.error(
+      chalk10.red("prompt and inference must have the same number of entries")
+    );
+    process.exit(1);
+  }
+  const nowIso = (/* @__PURE__ */ new Date()).toISOString();
+  const sessions = [];
+  for (let i = 0; i < prompts.length; i++) {
+    const promptPath = String(prompts[i]);
+    const inferencePath = String(inferences[i]);
+    try {
+      await Promise.all([fs17.access(promptPath), fs17.access(inferencePath)]);
+    } catch {
+      console.error(chalk10.red(`File not found for session ${i + 1}`));
+      process.exit(1);
+    }
+    sessions.push({
+      promptFileName: path16.basename(promptPath),
+      inferenceFileName: path16.basename(inferencePath),
+      aiResponseAt: responseTimes[i] || nowIso,
+      model: models[i],
+      toolName: tools[i]
+    });
+  }
+  const gqlClient = await createAuthenticatedMcpGQLClient();
+  const initRes = await gqlClient.uploadAIBlameInferencesInitRaw({ sessions });
+  const uploadSessions = initRes.uploadAIBlameInferencesInit?.uploadSessions ?? [];
+  if (uploadSessions.length !== sessions.length) {
+    console.error(
+      chalk10.red("Init failed to return expected number of sessions")
+    );
+    process.exit(1);
+  }
+  for (let i = 0; i < uploadSessions.length; i++) {
+    const us = uploadSessions[i];
+    const promptPath = String(prompts[i]);
+    const inferencePath = String(inferences[i]);
+    await uploadFile({
+      file: promptPath,
+      url: us.prompt.url,
+      uploadFields: JSON.parse(us.prompt.uploadFieldsJSON),
+      uploadKey: us.prompt.uploadKey
+    });
+    await uploadFile({
+      file: inferencePath,
+      url: us.inference.url,
+      uploadFields: JSON.parse(us.inference.uploadFieldsJSON),
+      uploadKey: us.inference.uploadKey
+    });
+  }
+  const finalizeSessions = uploadSessions.map((us, i) => {
+    const s = sessions[i];
+    return {
+      aiBlameInferenceId: us.aiBlameInferenceId,
+      promptKey: us.prompt.uploadKey,
+      inferenceKey: us.inference.uploadKey,
+      aiResponseAt: s.aiResponseAt,
+      model: s.model,
+      toolName: s.toolName
+    };
+  });
+  const finRes = await gqlClient.finalizeAIBlameInferencesUploadRaw({
+    sessions: finalizeSessions
+  });
+  const status = finRes?.finalizeAIBlameInferencesUpload?.status;
+  if (status !== "OK") {
+    console.error(
+      chalk10.red(
+        `Finalize failed: ${finRes?.finalizeAIBlameInferencesUpload?.error || "unknown error"}`
+      )
+    );
+    process.exit(1);
+  }
+  console.log(chalk10.green("AI Blame uploads finalized successfully"));
+}
 // src/args/yargs.ts
 var parseArgs = async (args) => {
   const yargsInstance = yargs(args);
   return yargsInstance.updateStrings({
-    "Commands:": chalk10.yellow.underline.bold("Commands:"),
-    "Options:": chalk10.yellow.underline.bold("Options:"),
-    "Examples:": chalk10.yellow.underline.bold("Examples:"),
-    "Show help": chalk10.bold("Show help")
+    "Commands:": chalk11.yellow.underline.bold("Commands:"),
+    "Options:": chalk11.yellow.underline.bold("Options:"),
+    "Examples:": chalk11.yellow.underline.bold("Examples:"),
+    "Show help": chalk11.bold("Show help")
   }).usage(
-    `${chalk10.bold(
+    `${chalk11.bold(
       "\n Bugsy - Trusted, Automatic Vulnerability Fixer \u{1F575}\uFE0F\u200D\u2642\uFE0F\n\n"
-    )} ${chalk10.yellow.underline.bold("Usage:")}
-  $0 ${chalk10.green(
+    )} ${chalk11.yellow.underline.bold("Usage:")}
+  $0 ${chalk11.green(
       "<command>"
-    )} ${chalk10.dim("[options]")}
+    )} ${chalk11.dim("[options]")}
             `
   ).version(false).command(
     mobbCliCommand.scan,
-    chalk10.bold(
+    chalk11.bold(
       "Scan your code for vulnerabilities, get automated fixes right away."
     ),
     scanBuilder,
     scanHandler
   ).command(
     mobbCliCommand.analyze,
-    chalk10.bold(
+    chalk11.bold(
       "Provide a code repository, get automated fixes right away. You can also provide a vulnerability report to analyze or have Mobb scan the code for you."
     ),
     analyzeBuilder,
     analyzeHandler
   ).command(
     mobbCliCommand.review,
-    chalk10.bold(
+    chalk11.bold(
       "Mobb will review your github pull requests and provide comments with fixes "
     ),
     reviewBuilder,
     reviewHandler
   ).command(
     mobbCliCommand.addScmToken,
-    chalk10.bold(
+    chalk11.bold(
       "Add your SCM (Github, Gitlab, Azure DevOps) token to Mobb to enable automated fixes."
     ),
     addScmTokenBuilder,
     addScmTokenHandler
   ).command(
     mobbCliCommand.convertToSarif,
-    chalk10.bold("Convert an existing SAST report to SARIF format."),
+    chalk11.bold("Convert an existing SAST report to SARIF format."),
     convertToSarifBuilder,
     convertToSarifHandler
   ).command(
     mobbCliCommand.mcp,
-    chalk10.bold("Launch the MCP (Model Context Protocol) server."),
+    chalk11.bold("Launch the MCP (Model Context Protocol) server."),
     mcpBuilder,
     mcpHandler
+  ).command(
+    mobbCliCommand.uploadAiBlame,
+    chalk11.bold(
+      "Upload AI Blame inference artifacts (prompt + inference) and finalize them."
+    ),
+    uploadAiBlameBuilder,
+    uploadAiBlameHandler
   ).example(
     "npx mobbdev@latest scan -r https://github.com/WebGoat/WebGoat",
     "Scan an existing repository"
@@ -17948,7 +18279,7 @@ var parseArgs = async (args) => {
     handler() {
       yargsInstance.showHelp();
     }
-  }).strictOptions().help("h").alias("h", "help").epilog(chalk10.bgBlue("Made with \u2764\uFE0F by Mobb")).showHelpOnFail(true).wrap(Math.min(120, yargsInstance.terminalWidth())).parse();
+  }).strictOptions().help("h").alias("h", "help").epilog(chalk11.bgBlue("Made with \u2764\uFE0F by Mobb")).showHelpOnFail(true).wrap(Math.min(120, yargsInstance.terminalWidth())).parse();
 };
 // src/index.ts

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.178",
+  "version": "1.0.180",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",