mobbdev 1.0.4 → 1.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +21 -10
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -196,6 +196,7 @@ var Vulnerability_Report_Vendor_Enum = /* @__PURE__ */ ((Vulnerability_Report_Ve
|
|
|
196
196
|
Vulnerability_Report_Vendor_Enum3["CheckmarxXml"] = "checkmarxXml";
|
|
197
197
|
Vulnerability_Report_Vendor_Enum3["Codeql"] = "codeql";
|
|
198
198
|
Vulnerability_Report_Vendor_Enum3["Fortify"] = "fortify";
|
|
199
|
+
Vulnerability_Report_Vendor_Enum3["Semgrep"] = "semgrep";
|
|
199
200
|
Vulnerability_Report_Vendor_Enum3["Snyk"] = "snyk";
|
|
200
201
|
Vulnerability_Report_Vendor_Enum3["Sonarqube"] = "sonarqube";
|
|
201
202
|
return Vulnerability_Report_Vendor_Enum3;
|
|
@@ -802,7 +803,8 @@ var ScmSubmitFixRequestsZ = z3.array(
|
|
|
802
803
|
submitFixRequest: z3.object({
|
|
803
804
|
createdByUser: z3.object({
|
|
804
805
|
email: z3.string()
|
|
805
|
-
})
|
|
806
|
+
}),
|
|
807
|
+
targetBranchName: z3.string().default("")
|
|
806
808
|
}),
|
|
807
809
|
prUrl: z3.string().nullable(),
|
|
808
810
|
commitUrl: z3.string().nullable(),
|
|
@@ -1132,7 +1134,9 @@ var FixScreenQueryResultZ = z3.object({
|
|
|
1132
1134
|
})
|
|
1133
1135
|
),
|
|
1134
1136
|
fixesWithSameIssueType: z3.object({
|
|
1135
|
-
fix: z3.array(
|
|
1137
|
+
fix: z3.array(
|
|
1138
|
+
z3.object({ id: z3.string().uuid(), state: z3.nativeEnum(Fix_State_Enum) })
|
|
1139
|
+
)
|
|
1136
1140
|
})
|
|
1137
1141
|
});
|
|
1138
1142
|
var FixReportByProjectZ = z3.object({
|
|
@@ -1275,14 +1279,16 @@ var SCANNERS = {
|
|
|
1275
1279
|
Codeql: "codeql",
|
|
1276
1280
|
Fortify: "fortify",
|
|
1277
1281
|
Snyk: "snyk",
|
|
1278
|
-
Sonarqube: "sonarqube"
|
|
1282
|
+
Sonarqube: "sonarqube",
|
|
1283
|
+
Semgrep: "semgrep"
|
|
1279
1284
|
};
|
|
1280
1285
|
var scannerToVulnerability_Report_Vendor_Enum = {
|
|
1281
1286
|
[SCANNERS.Checkmarx]: "checkmarx" /* Checkmarx */,
|
|
1282
1287
|
[SCANNERS.Snyk]: "snyk" /* Snyk */,
|
|
1283
1288
|
[SCANNERS.Sonarqube]: "sonarqube" /* Sonarqube */,
|
|
1284
1289
|
[SCANNERS.Codeql]: "codeql" /* Codeql */,
|
|
1285
|
-
[SCANNERS.Fortify]: "fortify" /* Fortify
|
|
1290
|
+
[SCANNERS.Fortify]: "fortify" /* Fortify */,
|
|
1291
|
+
[SCANNERS.Semgrep]: "semgrep" /* Semgrep */
|
|
1286
1292
|
};
|
|
1287
1293
|
var SupportedScannersZ = z4.enum([SCANNERS.Checkmarx, SCANNERS.Snyk]);
|
|
1288
1294
|
var envVariablesSchema = z4.object({
|
|
@@ -2007,7 +2013,7 @@ var insecureRandomness = {
|
|
|
2007
2013
|
description: () => "See [the official documentation](https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.randomnumbergenerator?view=net-8.0#applies-to) for more details.",
|
|
2008
2014
|
guidance: () => ""
|
|
2009
2015
|
},
|
|
2010
|
-
|
|
2016
|
+
isNetVersionGreaterThan6: {
|
|
2011
2017
|
content: () => "We are able to offer a more concise solution if the .NET version is greater then .NET 6",
|
|
2012
2018
|
description: () => "",
|
|
2013
2019
|
guidance: () => ""
|
|
@@ -2430,7 +2436,7 @@ var overlyBroadCatch2 = {
|
|
|
2430
2436
|
|
|
2431
2437
|
// src/features/analysis/scm/shared/src/storedQuestionData/java/privacyViolation.ts
|
|
2432
2438
|
var privacyViolation = {
|
|
2433
|
-
|
|
2439
|
+
remediationOption: {
|
|
2434
2440
|
content: () => "Preferred fix solution",
|
|
2435
2441
|
description: () => `
|
|
2436
2442
|
- Completely Remove the log message
|
|
@@ -6429,7 +6435,8 @@ var scannerToFriendlyString = {
|
|
|
6429
6435
|
codeql: "CodeQL",
|
|
6430
6436
|
fortify: "Fortify",
|
|
6431
6437
|
snyk: "Snyk",
|
|
6432
|
-
sonarqube: "Sonarqube"
|
|
6438
|
+
sonarqube: "Sonarqube",
|
|
6439
|
+
semgrep: "Semgrep"
|
|
6433
6440
|
};
|
|
6434
6441
|
|
|
6435
6442
|
// src/features/analysis/add_fix_comments_for_pr/utils/buildCommentBody.ts
|
|
@@ -6915,6 +6922,9 @@ import WebSocket from "ws";
|
|
|
6915
6922
|
var SUBSCRIPTION_TIMEOUT_MS = 30 * 60 * 1e3;
|
|
6916
6923
|
function createWSClient(options) {
|
|
6917
6924
|
return createClient({
|
|
6925
|
+
//this is needed to prevent AWS from killing the connection
|
|
6926
|
+
//currently our load balancer has a 29s idle timeout
|
|
6927
|
+
keepAlive: 1e4,
|
|
6918
6928
|
url: options.url,
|
|
6919
6929
|
webSocketImpl: options.websocket || WebSocket,
|
|
6920
6930
|
connectionParams: () => {
|
|
@@ -7385,7 +7395,8 @@ var scannerChoices = [
|
|
|
7385
7395
|
{ name: "Checkmarx", value: SCANNERS.Checkmarx },
|
|
7386
7396
|
{ name: "Codeql", value: SCANNERS.Codeql },
|
|
7387
7397
|
{ name: "Fortify", value: SCANNERS.Fortify },
|
|
7388
|
-
{ name: "Sonarqube", value: SCANNERS.Sonarqube }
|
|
7398
|
+
{ name: "Sonarqube", value: SCANNERS.Sonarqube },
|
|
7399
|
+
{ name: "Semgrep", value: SCANNERS.Semgrep }
|
|
7389
7400
|
];
|
|
7390
7401
|
async function choseScanner() {
|
|
7391
7402
|
const { scanner } = await inquirer.prompt({
|
|
@@ -8622,7 +8633,7 @@ function analyzeBuilder(yargs2) {
|
|
|
8622
8633
|
demandOption: true,
|
|
8623
8634
|
type: "string",
|
|
8624
8635
|
describe: chalk8.bold(
|
|
8625
|
-
"Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube)"
|
|
8636
|
+
"Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube, Semgrep)"
|
|
8626
8637
|
)
|
|
8627
8638
|
}).option("repo", repoOption).option("p", {
|
|
8628
8639
|
alias: "src-path",
|
|
@@ -8670,7 +8681,7 @@ function reviewBuilder(yargs2) {
|
|
|
8670
8681
|
demandOption: true,
|
|
8671
8682
|
type: "string",
|
|
8672
8683
|
describe: chalk9.bold(
|
|
8673
|
-
"Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube)"
|
|
8684
|
+
"Select the vulnerability report to analyze (Checkmarx, Snyk, Fortify, CodeQL, Sonarqube, Semgrep)"
|
|
8674
8685
|
)
|
|
8675
8686
|
}).option("repo", { ...repoOption, demandOption: true }).option("scanner", { ...scannerOptions, demandOption: true }).option("ref", { ...refOption, demandOption: true }).option("ch", {
|
|
8676
8687
|
alias: "commit-hash",
|