npm - mobbdev - Versions diffs - 1.0.59 → 1.0.61 - Mend

mobbdev 1.0.59 → 1.0.61

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +19 -29
package/package.json +20 -19

package/dist/index.mjs CHANGED Viewed

@@ -4,10 +4,7 @@ var __export = (target, all) => {
   for (var name in all)
     __defProp(target, name, { get: all[name], enumerable: true });
 };
-var __publicField = (obj, key, value) => {
-  __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
-  return value;
-};
+var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
 // src/index.ts
 import { hideBin } from "yargs/helpers";
@@ -414,7 +411,7 @@ var GetVulByNodesMetadataDocument = `
     path
     startLine
     vulnerabilityReportIssue {
-      parsedIssueType
+      safeIssueType
       fixId
       category
       vulnerabilityReportIssueTags {
@@ -450,7 +447,7 @@ var GetVulByNodesMetadataDocument = `
       where: {fixId: {_is_null: true}, _or: [{category: {_eq: "Irrelevant"}}, {category: {_eq: "FalsePositive"}}]}
     ) {
       id
-      parsedIssueType
+      safeIssueType
       fixId
       category
       vulnerabilityReportIssueTags {
@@ -1717,8 +1714,7 @@ import {
   createSpinner as _createSpinner
 } from "nanospinner";
 function printToStdError(opts) {
-  if (opts?.text)
-    console.error(opts.text);
+  if (opts?.text) console.error(opts.text);
 }
 var mockSpinner = {
   success: (opts) => {
@@ -2090,8 +2086,7 @@ function capitalizeFirstLetter(str) {
   return str?.length ? str[0].toUpperCase() + str.slice(1) : "";
 }
 function lowercaseFirstLetter(str) {
-  if (!str)
-    return str;
+  if (!str) return str;
   return `${str.charAt(0).toLowerCase()}${str.slice(1)}`;
 }
 var severityToEmoji = {
@@ -3839,11 +3834,9 @@ var parseScmURL = (scmURL, scmType) => {
       hostname,
       scmType
     });
-    if (!repo)
-      return null;
+    if (!repo) return null;
     const { organization, repoName } = repo;
-    if (!organization || !repoName)
-      return null;
+    if (!organization || !repoName) return null;
     if (!organization.match(NAME_REGEX) || !repoName.match(NAME_REGEX))
       return null;
     const res = {
@@ -5659,6 +5652,7 @@ import {
   createRequesterFn
 } from "@gitbeaker/requester-utils";
 import {
+  AccessLevel,
   Gitlab
 } from "@gitbeaker/rest";
 import Debug4 from "debug";
@@ -5745,7 +5739,6 @@ async function getGitlabUsername(url, accessToken) {
   return res.username;
 }
 async function getGitlabIsUserCollaborator({
-  username,
   accessToken,
   repoUrl
 }) {
@@ -5753,13 +5746,12 @@ async function getGitlabIsUserCollaborator({
     const { projectPath } = parseGitlabOwnerAndRepo(repoUrl);
     const api2 = getGitBeaker({ url: repoUrl, gitlabAuthToken: accessToken });
     const res = await api2.Projects.show(projectPath);
-    const members = await api2.ProjectMembers.all(res.id, {
-      includeInherited: true
-    });
-    if (!username) {
+    const groupAccess = res.permissions?.group_access?.access_level || 0;
+    const projectAccess = res.permissions?.project_access?.access_level || 0;
+    if (groupAccess >= AccessLevel.DEVELOPER || projectAccess >= AccessLevel.DEVELOPER) {
       return true;
     }
-    return !!members.find((member) => member.username === username);
+    return false;
   } catch (e) {
     return false;
   }
@@ -6004,8 +5996,7 @@ async function processBody(response) {
 async function brokerRequestHandler(endpoint, options) {
   const { prefixUrl, searchParams } = options || {};
   let baseUrl;
-  if (prefixUrl)
-    baseUrl = prefixUrl.endsWith("/") ? prefixUrl : `${prefixUrl}/`;
+  if (prefixUrl) baseUrl = prefixUrl.endsWith("/") ? prefixUrl : `${prefixUrl}/`;
   const url = new URL(endpoint, baseUrl);
   url.search = searchParams || "";
   const dispatcher = url && isBrokerUrl(url.href) ? new ProxyAgent({
@@ -7332,7 +7323,7 @@ async function postIssueComment(params) {
     vulnerabilityReportIssue: {
       vulnerabilityReportIssueTags,
       category,
-      parsedIssueType
+      safeIssueType
     },
     vulnerabilityReportIssueId
   } = vulnerabilityReportIssueCodeNode;
@@ -7348,7 +7339,7 @@ Refresh the page in order to see the changes.`,
   const commentId = commentRes.data.id;
   const commentBody = buildIssueCommentBody({
     issueId: vulnerabilityReportIssueId,
-    issueType: parsedIssueType,
+    issueType: safeIssueType,
     irrelevantIssueWithTags,
     commentId,
     commentUrl: commentRes.data.html_url,
@@ -7617,7 +7608,7 @@ async function addFixCommentsForPr({
               startLine: vulnerabilityReportIssueCodeNode.startLine,
               vulnerabilityReportIssue: {
                 fixId: "",
-                parsedIssueType: vulnerabilityReportIssue.parsedIssueType,
+                safeIssueType: vulnerabilityReportIssue.safeIssueType,
                 vulnerabilityReportIssueTags: vulnerabilityReportIssue.vulnerabilityReportIssueTags,
                 category: vulnerabilityReportIssue.category
               },
@@ -7841,7 +7832,7 @@ var VulnerabilityReportIssueCodeNodeZ = z27.object({
   vulnerabilityReportIssue: z27.object({
     fixId: z27.string(),
     category: ValidCategoriesZ,
-    parsedIssueType: z27.string(),
+    safeIssueType: z27.string(),
     vulnerabilityReportIssueTags: z27.array(
       z27.object({
         tag: z27.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
@@ -7855,7 +7846,7 @@ var VulnerabilityReportIssueNoFixCodeNodeZ = z27.object({
       id: z27.string(),
       fixId: z27.string().nullable(),
       category: ValidCategoriesZ,
-      parsedIssueType: z27.string(),
+      safeIssueType: z27.string(),
       codeNodes: z27.array(
         z27.object({
           path: z27.string(),
@@ -8630,8 +8621,7 @@ async function uploadFile({
 // src/features/analysis/index.ts
 var { CliError: CliError2, Spinner: Spinner2 } = utils_exports;
 function _getScanSource(command, ci) {
-  if (command === "review")
-    return "AUTO_FIXER" /* AutoFixer */;
+  if (command === "review") return "AUTO_FIXER" /* AutoFixer */;
   const envToCi = [
     ["GITLAB_CI", "CI_GITLAB" /* CiGitlab */],
     ["GITHUB_ACTIONS", "CI_GITHUB" /* CiGithub */],

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.59",
+  "version": "1.0.61",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",
@@ -16,6 +16,7 @@
     "test:github": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run github.test",
     "test:coverage": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest run --coverage",
     "test:watch": "TOKEN=$(../../scripts/login_auth0.sh) vitest",
+    "test:integration": "GIT_PROXY_HOST=http://tinyproxy:8888 TOKEN=$(../../scripts/login_auth0.sh) vitest watch integration.test",
     "lint": "eslint --cache --max-warnings 0 --ignore-path .eslintignore --ext .ts,.tsx,.jsx .",
     "lint:fix": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx .",
     "lint:fix:files": "eslint --fix --cache --max-warnings 0 --ignore-path .eslintignore --ext .js,.ts,.tsx,.jsx",
@@ -29,16 +30,16 @@
   "author": "",
   "license": "MIT",
   "dependencies": {
-    "@gitbeaker/core": "42.1.0",
-    "@gitbeaker/requester-utils": "42.1.0",
-    "@gitbeaker/rest": "42.1.0",
+    "@gitbeaker/core": "42.2.0",
+    "@gitbeaker/requester-utils": "42.2.0",
+    "@gitbeaker/rest": "42.2.0",
     "@octokit/core": "5.2.0",
     "@octokit/graphql": "5.0.6",
     "@octokit/plugin-rest-endpoint-methods": "7.2.3",
     "@octokit/request-error": "5.1.1",
     "@types/libsodium-wrappers": "0.7.14",
     "adm-zip": "0.5.16",
-    "axios": "1.8.2",
+    "axios": "1.8.4",
     "azure-devops-node-api": "12.1.0",
     "bitbucket": "2.11.0",
     "chalk": "5.4.1",
@@ -63,48 +64,48 @@
     "parse-diff": "0.11.1",
     "semver": "7.7.1",
     "simple-git": "3.27.0",
-    "snyk": "1.1295.3",
+    "snyk": "1.1296.1",
     "supports-color": "10.0.0",
     "tar": "6.2.1",
     "tmp": "0.2.3",
     "undici": "6.21.1",
     "uuid": "11.1.0",
-    "ws": "8.18.0",
+    "ws": "8.18.1",
     "xml2js": "0.6.2",
     "yargs": "17.7.2",
     "zod": "3.24.2"
   },
   "devDependencies": {
     "@graphql-codegen/cli": "5.0.5",
-    "@graphql-codegen/typescript": "4.1.4",
+    "@graphql-codegen/typescript": "4.1.6",
     "@graphql-codegen/typescript-graphql-request": "6.2.0",
-    "@graphql-codegen/typescript-operations": "4.5.0",
-    "@octokit/types": "13.8.0",
+    "@graphql-codegen/typescript-operations": "4.6.0",
+    "@octokit/types": "13.10.0",
     "@types/adm-zip": "0.5.7",
     "@types/chalk-animation": "1.6.3",
     "@types/configstore": "6.0.2",
     "@types/debug": "4.1.12",
     "@types/inquirer": "9.0.7",
-    "@types/semver": "7.5.8",
+    "@types/semver": "7.7.0",
     "@types/tar": "6.1.13",
     "@types/tmp": "0.2.6",
     "@types/uuid": "10.0.0",
-    "@types/ws": "8.5.14",
+    "@types/ws": "8.18.1",
     "@types/xml2js": "0.4.14",
     "@types/yargs": "17.0.33",
     "@typescript-eslint/eslint-plugin": "7.17.0",
     "@typescript-eslint/parser": "7.17.0",
-    "@vitest/coverage-istanbul": "3.0.6",
-    "@vitest/ui": "3.0.6",
+    "@vitest/coverage-istanbul": "3.1.1",
+    "@vitest/ui": "3.1.1",
     "eslint": "8.57.0",
     "eslint-plugin-import": "2.31.0",
-    "eslint-plugin-prettier": "5.2.3",
+    "eslint-plugin-prettier": "5.2.6",
     "eslint-plugin-simple-import-sort": "10.0.0",
-    "nock": "14.0.1",
-    "prettier": "3.5.1",
-    "tsup": "7.2.0",
+    "nock": "14.0.3",
+    "prettier": "3.5.3",
+    "tsup": "8.4.0",
     "typescript": "4.9.5",
-    "vitest": "3.0.6"
+    "vitest": "3.1.1"
   },
   "engines": {
     "node": ">=18.20.4"