mobbdev 1.0.193 → 1.0.195

package/dist/args/commands/upload_ai_blame.mjs

@@ -659,6 +659,9 @@ var GetAnalysisDocument = `
       projectId
       project {
         organizationId
+        organization {
+          ghFixerNoFixComments
+        }
       }
       file {
         signedFile {
@@ -4611,8 +4614,8 @@ var Logger = class {
    * Migrates logs from unknown path to known workspace path
    */
   migrateLogs(fromPath, toPath) {
-    const existingLogs = this.mobbConfigStore.get(fromPath) || [];
-    const targetLogs = this.mobbConfigStore.get(toPath) || [];
+    const existingLogs = this.mobbConfigStore.get(fromPath) ?? [];
+    const targetLogs = this.mobbConfigStore.get(toPath) ?? [];
     if (existingLogs.length > 0) {
       const combinedLogs = [...targetLogs, ...existingLogs];
       const finalLogs = combinedLogs.slice(-MAX_LOGS_SIZE);
@@ -4643,7 +4646,7 @@ var Logger = class {
       message,
       data
     };
-    const logs = this.mobbConfigStore.get(currentPath) || [];
+    const logs = this.mobbConfigStore.get(currentPath) ?? [];
     if (logs.length >= MAX_LOGS_SIZE) {
       logs.shift();
     }

package/dist/index.mjs

@@ -2094,6 +2094,9 @@ var GetAnalysisDocument = `
       projectId
       project {
         organizationId
+        organization {
+          ghFixerNoFixComments
+        }
       }
       file {
         signedFile {
@@ -10518,7 +10521,10 @@ async function addFixCommentsForPr({
   const {
     vulnerabilityReport: {
       projectId,
-      project: { organizationId }
+      project: {
+        organizationId,
+        organization: { ghFixerNoFixComments }
+      }
     }
   } = getAnalysisRes;
   if (!getAnalysisRes.repo?.commitSha || !getAnalysisRes.repo.pullRequest) {
@@ -10547,74 +10553,76 @@ async function addFixCommentsForPr({
     ...deleteAllPreviousComments({ comments, scm }),
     ...deleteAllPreviousGeneralPrComments({ generalPrComments, scm })
   ]);
-  await Promise.all([
-    ...prVulenrabilities.vulnerabilityReportIssueCodeNodes.map(
-      (vulnerabilityReportIssueCodeNode) => {
-        return postFixComment({
-          vulnerabilityReportIssueCodeNode,
-          projectId,
-          analysisId,
-          organizationId,
-          fixesById,
-          scm,
-          pullRequest,
-          scanner,
-          commitSha
-        });
-      }
-    ),
-    ...irrelevantVulnerabilityReportIssues.map(
-      async (vulnerabilityReportIssue) => {
-        let fpDescription = null;
-        if (vulnerabilityReportIssue.fpId) {
-          const fpRes = await gqlClient.getFalsePositive({
-            fpId: vulnerabilityReportIssue.fpId
+  await Promise.all(
+    [
+      ...prVulenrabilities.vulnerabilityReportIssueCodeNodes.map(
+        (vulnerabilityReportIssueCodeNode) => {
+          return postFixComment({
+            vulnerabilityReportIssueCodeNode,
+            projectId,
+            analysisId,
+            organizationId,
+            fixesById,
+            scm,
+            pullRequest,
+            scanner,
+            commitSha
           });
-          const parsedFpRes = await FalsePositivePartsZ.parseAsync(
-            fpRes?.getFalsePositive
-          );
-          const { description, contextString } = getParsedFalsePositiveMessage(parsedFpRes);
-          fpDescription = contextString ? `${description}
+        }
+      ),
+      ...irrelevantVulnerabilityReportIssues.map(
+        async (vulnerabilityReportIssue) => {
+          let fpDescription = null;
+          if (vulnerabilityReportIssue.fpId) {
+            const fpRes = await gqlClient.getFalsePositive({
+              fpId: vulnerabilityReportIssue.fpId
+            });
+            const parsedFpRes = await FalsePositivePartsZ.parseAsync(
+              fpRes?.getFalsePositive
+            );
+            const { description, contextString } = getParsedFalsePositiveMessage(parsedFpRes);
+            fpDescription = contextString ? `${description}
 
 ${contextString}` : description;
-        }
-        return await Promise.all(
-          vulnerabilityReportIssue.codeNodes.map(
-            async (vulnerabilityReportIssueCodeNode) => {
-              return await postIssueComment({
-                vulnerabilityReportIssueCodeNode: {
-                  path: vulnerabilityReportIssueCodeNode.path,
-                  startLine: vulnerabilityReportIssueCodeNode.startLine,
-                  vulnerabilityReportIssue: {
-                    fixId: "",
-                    safeIssueType: vulnerabilityReportIssue.safeIssueType,
-                    vulnerabilityReportIssueTags: vulnerabilityReportIssue.vulnerabilityReportIssueTags,
-                    category: vulnerabilityReportIssue.category
+          }
+          return await Promise.all(
+            vulnerabilityReportIssue.codeNodes.map(
+              async (vulnerabilityReportIssueCodeNode) => {
+                return await postIssueComment({
+                  vulnerabilityReportIssueCodeNode: {
+                    path: vulnerabilityReportIssueCodeNode.path,
+                    startLine: vulnerabilityReportIssueCodeNode.startLine,
+                    vulnerabilityReportIssue: {
+                      fixId: "",
+                      safeIssueType: vulnerabilityReportIssue.safeIssueType,
+                      vulnerabilityReportIssueTags: vulnerabilityReportIssue.vulnerabilityReportIssueTags,
+                      category: vulnerabilityReportIssue.category
+                    },
+                    vulnerabilityReportIssueId: vulnerabilityReportIssue.id
                   },
-                  vulnerabilityReportIssueId: vulnerabilityReportIssue.id
-                },
-                projectId,
-                analysisId,
-                organizationId,
-                fixesById,
-                scm,
-                pullRequest,
-                scanner,
-                commitSha,
-                fpDescription
-              });
-            }
-          )
-        );
-      }
-    ),
-    postAnalysisInsightComment({
-      prVulenrabilities,
-      pullRequest,
-      scanner,
-      scm
-    })
-  ]);
+                  projectId,
+                  analysisId,
+                  organizationId,
+                  fixesById,
+                  scm,
+                  pullRequest,
+                  scanner,
+                  commitSha,
+                  fpDescription
+                });
+              }
+            )
+          );
+        }
+      ),
+      !ghFixerNoFixComments && postAnalysisInsightComment({
+        prVulenrabilities,
+        pullRequest,
+        scanner,
+        scm
+      })
+    ].filter(Boolean)
+  );
 }
 
 // src/features/analysis/auto_pr_handler.ts
@@ -11918,7 +11926,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
   const { createSpinner: createSpinner5 } = Spinner2({ ci });
   skipPrompts = skipPrompts || ci;
   let gqlClient = new GQLClient({
-    apiKey: apiKey || config2.get("apiToken"),
+    apiKey: apiKey ?? config2.get("apiToken") ?? "",
     type: "apiKey"
   });
   gqlClient = await handleMobbLogin({
@@ -12444,7 +12452,7 @@ var config3 = new Configstore2(packageJson.name, { apiToken: "" });
 async function addScmToken(addScmTokenOptions) {
   const { apiKey, token, organization, scmType, url, refreshToken, ci } = addScmTokenOptions;
   let gqlClient = new GQLClient({
-    apiKey: apiKey || config3.get("apiToken"),
+    apiKey: apiKey ?? config3.get("apiToken") ?? "",
     type: "apiKey"
   });
   gqlClient = await handleMobbLogin({
@@ -12838,8 +12846,8 @@ var Logger = class {
    * Migrates logs from unknown path to known workspace path
    */
   migrateLogs(fromPath, toPath) {
-    const existingLogs = this.mobbConfigStore.get(fromPath) || [];
-    const targetLogs = this.mobbConfigStore.get(toPath) || [];
+    const existingLogs = this.mobbConfigStore.get(fromPath) ?? [];
+    const targetLogs = this.mobbConfigStore.get(toPath) ?? [];
     if (existingLogs.length > 0) {
       const combinedLogs = [...targetLogs, ...existingLogs];
       const finalLogs = combinedLogs.slice(-MAX_LOGS_SIZE);
@@ -12870,7 +12878,7 @@ var Logger = class {
       message,
       data
     };
-    const logs = this.mobbConfigStore.get(currentPath) || [];
+    const logs = this.mobbConfigStore.get(currentPath) ?? [];
     if (logs.length >= MAX_LOGS_SIZE) {
       logs.shift();
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.193",
+  "version": "1.0.195",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",
@@ -53,18 +53,18 @@
   "dependencies": {
     "@gitbeaker/requester-utils": "43.5.0",
     "@gitbeaker/rest": "43.5.0",
-    "@modelcontextprotocol/sdk": "1.17.5",
+    "@modelcontextprotocol/sdk": "1.20.1",
     "@octokit/core": "5.2.0",
     "@octokit/request-error": "5.1.1",
     "adm-zip": "0.5.16",
-    "axios": "1.11.0",
+    "axios": "1.12.2",
     "azure-devops-node-api": "15.1.1",
     "bitbucket": "2.11.0",
     "chalk": "5.6.2",
     "chalk-animation": "2.0.3",
-    "configstore": "7.0.0",
+    "configstore": "7.1.0",
     "cross-fetch": "4.1.0",
-    "debug": "4.4.1",
+    "debug": "4.4.3",
     "dotenv": "16.6.1",
     "extract-zip": "2.0.1",
     "globby": "14.1.0",
@@ -86,9 +86,9 @@
     "open": "8.4.2",
     "parse-diff": "0.11.1",
     "sax": "1.4.1",
-    "semver": "7.7.2",
+    "semver": "7.7.3",
     "simple-git": "3.28.0",
-    "snyk": "1.1299.0",
+    "snyk": "1.1300.0",
     "tar": "6.2.1",
     "tmp": "0.2.5",
     "undici": "6.21.3",
@@ -132,7 +132,7 @@
     "nock": "14.0.10",
     "prettier": "3.6.2",
     "tsup": "8.5.0",
-    "typescript": "5.9.2",
+    "typescript": "5.9.3",
     "vitest": "3.2.4"
   },
   "engines": {