npm - mobbdev - Versions diffs - 1.0.63 → 1.0.65 - Mend

mobbdev 1.0.63 → 1.0.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +25 -6
package/package.json +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -54,6 +54,7 @@ var Language = /* @__PURE__ */ ((Language2) => {
   Language2["Python"] = "PYTHON";
   Language2["Sql"] = "SQL";
   Language2["Xml"] = "XML";
+  Language2["Yaml"] = "YAML";
   return Language2;
 })(Language || {});
 var ManifestAction = /* @__PURE__ */ ((ManifestAction2) => {
@@ -105,6 +106,7 @@ var IssueLanguage_Enum = /* @__PURE__ */ ((IssueLanguage_Enum2) => {
   IssueLanguage_Enum2["Python"] = "Python";
   IssueLanguage_Enum2["Sql"] = "SQL";
   IssueLanguage_Enum2["Xml"] = "XML";
+  IssueLanguage_Enum2["Yaml"] = "YAML";
   return IssueLanguage_Enum2;
 })(IssueLanguage_Enum || {});
 var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
@@ -125,6 +127,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
   IssueType_Enum2["ErroneousStringCompare"] = "ERRONEOUS_STRING_COMPARE";
   IssueType_Enum2["ErrorCondtionWithoutAction"] = "ERROR_CONDTION_WITHOUT_ACTION";
   IssueType_Enum2["FrameableLoginPage"] = "FRAMEABLE_LOGIN_PAGE";
+  IssueType_Enum2["GhActionsShellInjection"] = "GH_ACTIONS_SHELL_INJECTION";
   IssueType_Enum2["GraphqlDepthLimit"] = "GRAPHQL_DEPTH_LIMIT";
   IssueType_Enum2["HardcodedDomainInHtml"] = "HARDCODED_DOMAIN_IN_HTML";
   IssueType_Enum2["HardcodedSecrets"] = "HARDCODED_SECRETS";
@@ -1140,7 +1143,8 @@ var issueTypeMap = {
   ["MISSING_SSL_MINVERSION" /* MissingSslMinversion */]: "Missing SSL MinVersion",
   ["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: "Missing Websocket Origin Check",
   ["DUPLICATED_STRINGS" /* DuplicatedStrings */]: "String Literals Should not Be Duplicated",
-  ["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: "Insecure UUID Version"
+  ["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: "Insecure UUID Version",
+  ["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: "GitHub Actions Shell Injection"
 };
 var issueTypeZ = z5.nativeEnum(IssueType_Enum);
 var getIssueTypeFriendlyString = (issueType) => {
@@ -2086,7 +2090,8 @@ var fixDetailsData = {
   ["MISSING_SSL_MINVERSION" /* MissingSslMinversion */]: void 0,
   ["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: void 0,
   ["DUPLICATED_STRINGS" /* DuplicatedStrings */]: void 0,
-  ["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: void 0
+  ["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: void 0,
+  ["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: void 0
 };
 // src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
@@ -7855,14 +7860,26 @@ var GetVulByNodesMetadataZ = z27.object({
 var debug11 = Debug11("mobbdev:gql");
 var API_KEY_HEADER_NAME = "x-mobb-key";
 var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
-var fetchWithProxy = (url, options = {}) => {
+function getProxyAgent(url) {
   try {
-    const parsedUrl = new URL(url.toString());
+    const parsedUrl = new URL(url);
     const isHttp = parsedUrl.protocol === "http:";
     const isHttps = parsedUrl.protocol === "https:";
     const proxy = isHttps ? HTTPS_PROXY : isHttp ? HTTP_PROXY : null;
     if (proxy) {
-      const agent = isHttps ? new HttpsProxyAgent2(proxy) : new HttpProxyAgent2(proxy);
+      debug11("Using proxy %s", proxy);
+      debug11("Proxy agent %o", proxy);
+      return isHttps ? new HttpsProxyAgent2(proxy) : new HttpProxyAgent2(proxy);
+    }
+  } catch (err) {
+    debug11(`Skipping proxy for ${url}. Reason: ${err.message}`);
+  }
+  return void 0;
+}
+var fetchWithProxy = (url, options = {}) => {
+  try {
+    const agent = getProxyAgent(url.toString());
+    if (agent) {
       return fetchOrig(url, {
         ...options,
         // @ts-expect-error Node-fetch doesn't type 'agent', but it's valid
@@ -8606,9 +8623,11 @@ async function uploadFile({
     debug15("upload file from buffer");
     form.append("file", new File([file], "file"));
   }
+  const agent = getProxyAgent(url);
   const response = await fetch3(url, {
     method: "POST",
-    body: form
+    body: form,
+    agent
   });
   if (!response.ok) {
     debug15("error from S3 %s %s", response.body, response.status);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.63",
+  "version": "1.0.65",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",