mobbdev 1.0.64 → 1.0.67
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +98 -77
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -7,7 +7,7 @@ var __export = (target, all) => {
|
|
|
7
7
|
var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "symbol" ? key + "" : key, value);
|
|
8
8
|
|
|
9
9
|
// src/index.ts
|
|
10
|
-
import
|
|
10
|
+
import Debug20 from "debug";
|
|
11
11
|
import { hideBin } from "yargs/helpers";
|
|
12
12
|
|
|
13
13
|
// src/types.ts
|
|
@@ -184,6 +184,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
|
|
|
184
184
|
IssueType_Enum2["UncheckedLoopCondition"] = "UNCHECKED_LOOP_CONDITION";
|
|
185
185
|
IssueType_Enum2["UnsafeDeserialization"] = "UNSAFE_DESERIALIZATION";
|
|
186
186
|
IssueType_Enum2["UnsafeTargetBlank"] = "UNSAFE_TARGET_BLANK";
|
|
187
|
+
IssueType_Enum2["UnsafeWebThread"] = "UNSAFE_WEB_THREAD";
|
|
187
188
|
IssueType_Enum2["UnvalidatedPublicMethodArgument"] = "UNVALIDATED_PUBLIC_METHOD_ARGUMENT";
|
|
188
189
|
IssueType_Enum2["UselessRegexpCharEscape"] = "USELESS_REGEXP_CHAR_ESCAPE";
|
|
189
190
|
IssueType_Enum2["UseOfHardCodedCryptographicKey"] = "USE_OF_HARD_CODED_CRYPTOGRAPHIC_KEY";
|
|
@@ -1144,7 +1145,8 @@ var issueTypeMap = {
|
|
|
1144
1145
|
["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: "Missing Websocket Origin Check",
|
|
1145
1146
|
["DUPLICATED_STRINGS" /* DuplicatedStrings */]: "String Literals Should not Be Duplicated",
|
|
1146
1147
|
["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: "Insecure UUID Version",
|
|
1147
|
-
["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: "GitHub Actions Shell Injection"
|
|
1148
|
+
["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: "GitHub Actions Shell Injection",
|
|
1149
|
+
["UNSAFE_WEB_THREAD" /* UnsafeWebThread */]: "Unsafe Web Thread"
|
|
1148
1150
|
};
|
|
1149
1151
|
var issueTypeZ = z5.nativeEnum(IssueType_Enum);
|
|
1150
1152
|
var getIssueTypeFriendlyString = (issueType) => {
|
|
@@ -1786,7 +1788,7 @@ var CliError = class extends Error {
|
|
|
1786
1788
|
// src/features/analysis/index.ts
|
|
1787
1789
|
import chalk4 from "chalk";
|
|
1788
1790
|
import Configstore from "configstore";
|
|
1789
|
-
import
|
|
1791
|
+
import Debug18 from "debug";
|
|
1790
1792
|
import extract from "extract-zip";
|
|
1791
1793
|
import { createSpinner as createSpinner4 } from "nanospinner";
|
|
1792
1794
|
import fetch4 from "node-fetch";
|
|
@@ -2091,7 +2093,8 @@ var fixDetailsData = {
|
|
|
2091
2093
|
["WEBSOCKET_MISSING_ORIGIN_CHECK" /* WebsocketMissingOriginCheck */]: void 0,
|
|
2092
2094
|
["DUPLICATED_STRINGS" /* DuplicatedStrings */]: void 0,
|
|
2093
2095
|
["INSECURE_UUID_VERSION" /* InsecureUuidVersion */]: void 0,
|
|
2094
|
-
["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: void 0
|
|
2096
|
+
["GH_ACTIONS_SHELL_INJECTION" /* GhActionsShellInjection */]: void 0,
|
|
2097
|
+
["UNSAFE_WEB_THREAD" /* UnsafeWebThread */]: void 0
|
|
2095
2098
|
};
|
|
2096
2099
|
|
|
2097
2100
|
// src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
|
|
@@ -7699,20 +7702,24 @@ async function getGitInfo(srcDirPath) {
|
|
|
7699
7702
|
|
|
7700
7703
|
// src/features/analysis/graphql/gql.ts
|
|
7701
7704
|
import fetchOrig from "cross-fetch";
|
|
7702
|
-
import
|
|
7705
|
+
import Debug12 from "debug";
|
|
7703
7706
|
import { GraphQLClient } from "graphql-request";
|
|
7704
|
-
import { HttpProxyAgent
|
|
7707
|
+
import { HttpProxyAgent } from "http-proxy-agent";
|
|
7705
7708
|
import { HttpsProxyAgent as HttpsProxyAgent2 } from "https-proxy-agent";
|
|
7706
7709
|
import { v4 as uuidv4 } from "uuid";
|
|
7707
7710
|
|
|
7708
7711
|
// src/features/analysis/graphql/subscribe.ts
|
|
7712
|
+
import Debug11 from "debug";
|
|
7709
7713
|
import { createClient } from "graphql-ws";
|
|
7710
|
-
import { HttpProxyAgent } from "http-proxy-agent";
|
|
7711
7714
|
import { HttpsProxyAgent } from "https-proxy-agent";
|
|
7712
7715
|
import WebSocket from "ws";
|
|
7716
|
+
var debug11 = Debug11("mobbdev:subscribe");
|
|
7713
7717
|
var SUBSCRIPTION_TIMEOUT_MS = 30 * 60 * 1e3;
|
|
7714
7718
|
function createWSClient(options) {
|
|
7715
|
-
const proxy = options.url.startsWith("
|
|
7719
|
+
const proxy = options.url.startsWith("wss://") && process.env["HTTPS_PROXY"] ? new HttpsProxyAgent(process.env["HTTPS_PROXY"]) : options.url.startsWith("ws://") && process.env["HTTP_PROXY"] ? new HttpsProxyAgent(process.env["HTTP_PROXY"]) : null;
|
|
7720
|
+
debug11(
|
|
7721
|
+
`Using proxy: ${proxy ? "yes" : "no"} with url: ${options.url} and with proxy: ${process.env["HTTP_PROXY"]} for the websocket connection`
|
|
7722
|
+
);
|
|
7716
7723
|
const CustomWebSocket = class extends WebSocket {
|
|
7717
7724
|
constructor(address, protocols) {
|
|
7718
7725
|
super(address, protocols, proxy ? { agent: proxy } : void 0);
|
|
@@ -7857,17 +7864,29 @@ var GetVulByNodesMetadataZ = z27.object({
|
|
|
7857
7864
|
});
|
|
7858
7865
|
|
|
7859
7866
|
// src/features/analysis/graphql/gql.ts
|
|
7860
|
-
var
|
|
7867
|
+
var debug12 = Debug12("mobbdev:gql");
|
|
7861
7868
|
var API_KEY_HEADER_NAME = "x-mobb-key";
|
|
7862
7869
|
var REPORT_STATE_CHECK_DELAY = 5 * 1e3;
|
|
7863
|
-
|
|
7870
|
+
function getProxyAgent(url) {
|
|
7864
7871
|
try {
|
|
7865
|
-
const parsedUrl = new URL(url
|
|
7872
|
+
const parsedUrl = new URL(url);
|
|
7866
7873
|
const isHttp = parsedUrl.protocol === "http:";
|
|
7867
7874
|
const isHttps = parsedUrl.protocol === "https:";
|
|
7868
7875
|
const proxy = isHttps ? HTTPS_PROXY : isHttp ? HTTP_PROXY : null;
|
|
7869
7876
|
if (proxy) {
|
|
7870
|
-
|
|
7877
|
+
debug12("Using proxy %s", proxy);
|
|
7878
|
+
debug12("Proxy agent %o", proxy);
|
|
7879
|
+
return isHttps ? new HttpsProxyAgent2(proxy) : new HttpProxyAgent(proxy);
|
|
7880
|
+
}
|
|
7881
|
+
} catch (err) {
|
|
7882
|
+
debug12(`Skipping proxy for ${url}. Reason: ${err.message}`);
|
|
7883
|
+
}
|
|
7884
|
+
return void 0;
|
|
7885
|
+
}
|
|
7886
|
+
var fetchWithProxy = (url, options = {}) => {
|
|
7887
|
+
try {
|
|
7888
|
+
const agent = getProxyAgent(url.toString());
|
|
7889
|
+
if (agent) {
|
|
7871
7890
|
return fetchOrig(url, {
|
|
7872
7891
|
...options,
|
|
7873
7892
|
// @ts-expect-error Node-fetch doesn't type 'agent', but it's valid
|
|
@@ -7875,7 +7894,7 @@ var fetchWithProxy = (url, options = {}) => {
|
|
|
7875
7894
|
});
|
|
7876
7895
|
}
|
|
7877
7896
|
} catch (err) {
|
|
7878
|
-
|
|
7897
|
+
debug12(`Skipping proxy for ${url}. Reason: ${err.message}`);
|
|
7879
7898
|
}
|
|
7880
7899
|
return fetchOrig(url, options);
|
|
7881
7900
|
};
|
|
@@ -7884,7 +7903,7 @@ var GQLClient = class {
|
|
|
7884
7903
|
__publicField(this, "_client");
|
|
7885
7904
|
__publicField(this, "_clientSdk");
|
|
7886
7905
|
__publicField(this, "_auth");
|
|
7887
|
-
|
|
7906
|
+
debug12(`init with ${args}`);
|
|
7888
7907
|
this._auth = args;
|
|
7889
7908
|
this._client = new GraphQLClient(API_URL, {
|
|
7890
7909
|
headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
|
|
@@ -7893,7 +7912,7 @@ var GQLClient = class {
|
|
|
7893
7912
|
fetch: fetchWithProxy,
|
|
7894
7913
|
requestMiddleware: (request) => {
|
|
7895
7914
|
const requestId = uuidv4();
|
|
7896
|
-
|
|
7915
|
+
debug12(
|
|
7897
7916
|
`sending API request with id: ${requestId} and with request: ${request.body}`
|
|
7898
7917
|
);
|
|
7899
7918
|
return {
|
|
@@ -7923,7 +7942,7 @@ var GQLClient = class {
|
|
|
7923
7942
|
await this.getUserInfo();
|
|
7924
7943
|
} catch (e) {
|
|
7925
7944
|
if (e?.toString().startsWith("FetchError")) {
|
|
7926
|
-
|
|
7945
|
+
debug12("verify connection failed %o", e);
|
|
7927
7946
|
return false;
|
|
7928
7947
|
}
|
|
7929
7948
|
}
|
|
@@ -7935,7 +7954,7 @@ var GQLClient = class {
|
|
|
7935
7954
|
try {
|
|
7936
7955
|
info = await this.getUserInfo();
|
|
7937
7956
|
} catch (e) {
|
|
7938
|
-
|
|
7957
|
+
debug12("verify token failed %o", e);
|
|
7939
7958
|
return false;
|
|
7940
7959
|
}
|
|
7941
7960
|
return info?.email || true;
|
|
@@ -7979,7 +7998,7 @@ var GQLClient = class {
|
|
|
7979
7998
|
try {
|
|
7980
7999
|
await this._clientSdk.CreateCommunityUser();
|
|
7981
8000
|
} catch (e) {
|
|
7982
|
-
|
|
8001
|
+
debug12("create community user failed %o", e);
|
|
7983
8002
|
}
|
|
7984
8003
|
}
|
|
7985
8004
|
async updateScmToken(args) {
|
|
@@ -8177,13 +8196,13 @@ var GQLClient = class {
|
|
|
8177
8196
|
import fs2 from "node:fs";
|
|
8178
8197
|
import path4 from "node:path";
|
|
8179
8198
|
import AdmZip from "adm-zip";
|
|
8180
|
-
import
|
|
8199
|
+
import Debug13 from "debug";
|
|
8181
8200
|
import { globby } from "globby";
|
|
8182
8201
|
import { isBinary } from "istextorbinary";
|
|
8183
8202
|
import { simpleGit as simpleGit3 } from "simple-git";
|
|
8184
8203
|
import { parseStringPromise } from "xml2js";
|
|
8185
8204
|
import { z as z28 } from "zod";
|
|
8186
|
-
var
|
|
8205
|
+
var debug13 = Debug13("mobbdev:pack");
|
|
8187
8206
|
var MAX_FILE_SIZE = 1024 * 1024 * 5;
|
|
8188
8207
|
var FPR_SOURCE_CODE_FILE_MAPPING_SCHEMA = z28.object({
|
|
8189
8208
|
properties: z28.object({
|
|
@@ -8206,7 +8225,7 @@ function _get_manifest_files_suffixes() {
|
|
|
8206
8225
|
return ["package.json", "pom.xml"];
|
|
8207
8226
|
}
|
|
8208
8227
|
async function pack(srcDirPath, vulnFiles) {
|
|
8209
|
-
|
|
8228
|
+
debug13("pack folder %s", srcDirPath);
|
|
8210
8229
|
let git = void 0;
|
|
8211
8230
|
try {
|
|
8212
8231
|
git = simpleGit3({
|
|
@@ -8216,13 +8235,13 @@ async function pack(srcDirPath, vulnFiles) {
|
|
|
8216
8235
|
});
|
|
8217
8236
|
await git.status();
|
|
8218
8237
|
} catch (e) {
|
|
8219
|
-
|
|
8238
|
+
debug13("failed to run git %o", e);
|
|
8220
8239
|
git = void 0;
|
|
8221
8240
|
if (e instanceof Error) {
|
|
8222
8241
|
if (e.message.includes(" spawn ")) {
|
|
8223
|
-
|
|
8242
|
+
debug13("git cli not installed");
|
|
8224
8243
|
} else if (e.message.includes("not a git repository")) {
|
|
8225
|
-
|
|
8244
|
+
debug13("folder is not a git repo");
|
|
8226
8245
|
} else {
|
|
8227
8246
|
throw e;
|
|
8228
8247
|
}
|
|
@@ -8237,9 +8256,9 @@ async function pack(srcDirPath, vulnFiles) {
|
|
|
8237
8256
|
followSymbolicLinks: false,
|
|
8238
8257
|
dot: true
|
|
8239
8258
|
});
|
|
8240
|
-
|
|
8259
|
+
debug13("files found %d", filepaths.length);
|
|
8241
8260
|
const zip = new AdmZip();
|
|
8242
|
-
|
|
8261
|
+
debug13("compressing files");
|
|
8243
8262
|
for (const filepath of filepaths) {
|
|
8244
8263
|
const absFilepath = path4.join(srcDirPath, filepath.toString());
|
|
8245
8264
|
vulnFiles = vulnFiles.concat(_get_manifest_files_suffixes());
|
|
@@ -8247,25 +8266,25 @@ async function pack(srcDirPath, vulnFiles) {
|
|
|
8247
8266
|
absFilepath.toString().replaceAll(path4.win32.sep, path4.posix.sep),
|
|
8248
8267
|
vulnFiles
|
|
8249
8268
|
)) {
|
|
8250
|
-
|
|
8269
|
+
debug13("ignoring %s because it is not a vulnerability file", filepath);
|
|
8251
8270
|
continue;
|
|
8252
8271
|
}
|
|
8253
8272
|
if (fs2.lstatSync(absFilepath).size > MAX_FILE_SIZE) {
|
|
8254
|
-
|
|
8273
|
+
debug13("ignoring %s because the size is > 5MB", filepath);
|
|
8255
8274
|
continue;
|
|
8256
8275
|
}
|
|
8257
8276
|
const data = git ? await git.showBuffer([`HEAD:./${filepath}`]) : fs2.readFileSync(absFilepath);
|
|
8258
8277
|
if (isBinary(null, data)) {
|
|
8259
|
-
|
|
8278
|
+
debug13("ignoring %s because is seems to be a binary file", filepath);
|
|
8260
8279
|
continue;
|
|
8261
8280
|
}
|
|
8262
8281
|
zip.addFile(filepath.toString(), data);
|
|
8263
8282
|
}
|
|
8264
|
-
|
|
8283
|
+
debug13("get zip file buffer");
|
|
8265
8284
|
return zip.toBuffer();
|
|
8266
8285
|
}
|
|
8267
8286
|
async function repackFpr(fprPath) {
|
|
8268
|
-
|
|
8287
|
+
debug13("repack fpr file %s", fprPath);
|
|
8269
8288
|
const zipIn = new AdmZip(fprPath);
|
|
8270
8289
|
const zipOut = new AdmZip();
|
|
8271
8290
|
const mappingXML = zipIn.readAsText("src-archive/index.xml", "utf-8");
|
|
@@ -8280,7 +8299,7 @@ async function repackFpr(fprPath) {
|
|
|
8280
8299
|
zipOut.addFile(realPath, buf);
|
|
8281
8300
|
}
|
|
8282
8301
|
}
|
|
8283
|
-
|
|
8302
|
+
debug13("get repacked zip file buffer");
|
|
8284
8303
|
return zipOut.toBuffer();
|
|
8285
8304
|
}
|
|
8286
8305
|
|
|
@@ -8357,7 +8376,7 @@ var cxOperatingSystemSupportMessage = `Your operating system does not support ch
|
|
|
8357
8376
|
|
|
8358
8377
|
// src/utils/child_process.ts
|
|
8359
8378
|
import cp from "node:child_process";
|
|
8360
|
-
import
|
|
8379
|
+
import Debug14 from "debug";
|
|
8361
8380
|
import * as process2 from "process";
|
|
8362
8381
|
import supportsColor from "supports-color";
|
|
8363
8382
|
var { stdout: stdout2 } = supportsColor;
|
|
@@ -8376,16 +8395,16 @@ function createSpwan({ args, processPath, name }, options) {
|
|
|
8376
8395
|
return createChildProcess({ childProcess: child, name }, options);
|
|
8377
8396
|
}
|
|
8378
8397
|
function createChildProcess({ childProcess, name }, options) {
|
|
8379
|
-
const
|
|
8398
|
+
const debug20 = Debug14(`mobbdev:${name}`);
|
|
8380
8399
|
const { display } = options;
|
|
8381
8400
|
return new Promise((resolve, reject) => {
|
|
8382
8401
|
let out = "";
|
|
8383
8402
|
const onData = (chunk) => {
|
|
8384
|
-
|
|
8403
|
+
debug20(`chunk received from ${name} std ${chunk}`);
|
|
8385
8404
|
out += chunk;
|
|
8386
8405
|
};
|
|
8387
8406
|
if (!childProcess || !childProcess?.stdout || !childProcess?.stderr) {
|
|
8388
|
-
|
|
8407
|
+
debug20(`unable to fork ${name}`);
|
|
8389
8408
|
reject(new Error(`unable to fork ${name}`));
|
|
8390
8409
|
}
|
|
8391
8410
|
childProcess.stdout?.on("data", onData);
|
|
@@ -8395,11 +8414,11 @@ function createChildProcess({ childProcess, name }, options) {
|
|
|
8395
8414
|
childProcess.stderr?.pipe(process2.stderr);
|
|
8396
8415
|
}
|
|
8397
8416
|
childProcess.on("exit", (code) => {
|
|
8398
|
-
|
|
8417
|
+
debug20(`${name} exit code ${code}`);
|
|
8399
8418
|
resolve({ message: out, code });
|
|
8400
8419
|
});
|
|
8401
8420
|
childProcess.on("error", (err) => {
|
|
8402
|
-
|
|
8421
|
+
debug20(`${name} error %o`, err);
|
|
8403
8422
|
reject(err);
|
|
8404
8423
|
});
|
|
8405
8424
|
});
|
|
@@ -8407,12 +8426,12 @@ function createChildProcess({ childProcess, name }, options) {
|
|
|
8407
8426
|
|
|
8408
8427
|
// src/features/analysis/scanners/checkmarx.ts
|
|
8409
8428
|
import chalk2 from "chalk";
|
|
8410
|
-
import
|
|
8429
|
+
import Debug15 from "debug";
|
|
8411
8430
|
import { existsSync } from "fs";
|
|
8412
8431
|
import { createSpinner as createSpinner2 } from "nanospinner";
|
|
8413
8432
|
import { type } from "os";
|
|
8414
8433
|
import path5 from "path";
|
|
8415
|
-
var
|
|
8434
|
+
var debug14 = Debug15("mobbdev:checkmarx");
|
|
8416
8435
|
var require2 = createRequire(import.meta.url);
|
|
8417
8436
|
var getCheckmarxPath = () => {
|
|
8418
8437
|
const os2 = type();
|
|
@@ -8453,14 +8472,14 @@ function validateCheckmarxInstallation() {
|
|
|
8453
8472
|
existsSync(getCheckmarxPath());
|
|
8454
8473
|
}
|
|
8455
8474
|
async function forkCheckmarx(args, { display }) {
|
|
8456
|
-
|
|
8475
|
+
debug14("fork checkmarx with args %o %s", args.join(" "), display);
|
|
8457
8476
|
return createSpwan(
|
|
8458
8477
|
{ args, processPath: getCheckmarxPath(), name: "checkmarx" },
|
|
8459
8478
|
{ display }
|
|
8460
8479
|
);
|
|
8461
8480
|
}
|
|
8462
8481
|
async function getCheckmarxReport({ reportPath, repositoryRoot, branch, projectName }, { skipPrompts = false }) {
|
|
8463
|
-
|
|
8482
|
+
debug14("get checkmarx report start %s %s", reportPath, repositoryRoot);
|
|
8464
8483
|
const { code: loginCode } = await forkCheckmarx(VALIDATE_COMMAND, {
|
|
8465
8484
|
display: false
|
|
8466
8485
|
});
|
|
@@ -8528,20 +8547,20 @@ async function validateCheckamxCredentials() {
|
|
|
8528
8547
|
// src/features/analysis/scanners/snyk.ts
|
|
8529
8548
|
import { createRequire as createRequire2 } from "node:module";
|
|
8530
8549
|
import chalk3 from "chalk";
|
|
8531
|
-
import
|
|
8550
|
+
import Debug16 from "debug";
|
|
8532
8551
|
import { createSpinner as createSpinner3 } from "nanospinner";
|
|
8533
8552
|
import open from "open";
|
|
8534
|
-
var
|
|
8553
|
+
var debug15 = Debug16("mobbdev:snyk");
|
|
8535
8554
|
var require3 = createRequire2(import.meta.url);
|
|
8536
8555
|
var SNYK_PATH = require3.resolve("snyk/bin/snyk");
|
|
8537
8556
|
var SNYK_ARTICLE_URL = "https://docs.snyk.io/scan-using-snyk/snyk-code/configure-snyk-code#enable-snyk-code";
|
|
8538
|
-
|
|
8557
|
+
debug15("snyk executable path %s", SNYK_PATH);
|
|
8539
8558
|
async function forkSnyk(args, { display }) {
|
|
8540
|
-
|
|
8559
|
+
debug15("fork snyk with args %o %s", args, display);
|
|
8541
8560
|
return createFork({ args, processPath: SNYK_PATH, name: "snyk" }, { display });
|
|
8542
8561
|
}
|
|
8543
8562
|
async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
8544
|
-
|
|
8563
|
+
debug15("get snyk report start %s %s", reportPath, repoRoot);
|
|
8545
8564
|
const config4 = await forkSnyk(["config"], { display: false });
|
|
8546
8565
|
const { message: configMessage } = config4;
|
|
8547
8566
|
if (!configMessage.includes("api: ")) {
|
|
@@ -8555,7 +8574,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
8555
8574
|
snykLoginSpinner.update({
|
|
8556
8575
|
text: "\u{1F513} Waiting for Snyk login to complete"
|
|
8557
8576
|
});
|
|
8558
|
-
|
|
8577
|
+
debug15("no token in the config %s", config4);
|
|
8559
8578
|
await forkSnyk(["auth"], { display: true });
|
|
8560
8579
|
snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
|
|
8561
8580
|
}
|
|
@@ -8565,12 +8584,12 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
8565
8584
|
{ display: true }
|
|
8566
8585
|
);
|
|
8567
8586
|
if (scanOutput.includes("Snyk Code is not supported for org")) {
|
|
8568
|
-
|
|
8587
|
+
debug15("snyk code is not enabled %s", scanOutput);
|
|
8569
8588
|
snykSpinner.error({ text: "\u{1F50D} Snyk configuration needed" });
|
|
8570
8589
|
const answer = await snykArticlePrompt();
|
|
8571
|
-
|
|
8590
|
+
debug15("answer %s", answer);
|
|
8572
8591
|
if (answer) {
|
|
8573
|
-
|
|
8592
|
+
debug15("opening the browser");
|
|
8574
8593
|
await open(SNYK_ARTICLE_URL);
|
|
8575
8594
|
}
|
|
8576
8595
|
console.log(
|
|
@@ -8585,18 +8604,18 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
|
|
|
8585
8604
|
}
|
|
8586
8605
|
|
|
8587
8606
|
// src/features/analysis/upload-file.ts
|
|
8588
|
-
import
|
|
8607
|
+
import Debug17 from "debug";
|
|
8589
8608
|
import fetch3, { File, fileFrom, FormData } from "node-fetch";
|
|
8590
|
-
var
|
|
8609
|
+
var debug16 = Debug17("mobbdev:upload-file");
|
|
8591
8610
|
async function uploadFile({
|
|
8592
8611
|
file,
|
|
8593
8612
|
url,
|
|
8594
8613
|
uploadKey,
|
|
8595
8614
|
uploadFields
|
|
8596
8615
|
}) {
|
|
8597
|
-
|
|
8598
|
-
|
|
8599
|
-
|
|
8616
|
+
debug16("upload file start %s", url);
|
|
8617
|
+
debug16("upload fields %o", uploadFields);
|
|
8618
|
+
debug16("upload key %s", uploadKey);
|
|
8600
8619
|
const form = new FormData();
|
|
8601
8620
|
Object.entries(uploadFields).forEach(([key, value]) => {
|
|
8602
8621
|
form.append(key, value);
|
|
@@ -8605,21 +8624,23 @@ async function uploadFile({
|
|
|
8605
8624
|
form.append("key", uploadKey);
|
|
8606
8625
|
}
|
|
8607
8626
|
if (typeof file === "string") {
|
|
8608
|
-
|
|
8627
|
+
debug16("upload file from path %s", file);
|
|
8609
8628
|
form.append("file", await fileFrom(file));
|
|
8610
8629
|
} else {
|
|
8611
|
-
|
|
8630
|
+
debug16("upload file from buffer");
|
|
8612
8631
|
form.append("file", new File([file], "file"));
|
|
8613
8632
|
}
|
|
8633
|
+
const agent = getProxyAgent(url);
|
|
8614
8634
|
const response = await fetch3(url, {
|
|
8615
8635
|
method: "POST",
|
|
8616
|
-
body: form
|
|
8636
|
+
body: form,
|
|
8637
|
+
agent
|
|
8617
8638
|
});
|
|
8618
8639
|
if (!response.ok) {
|
|
8619
|
-
|
|
8640
|
+
debug16("error from S3 %s %s", response.body, response.status);
|
|
8620
8641
|
throw new Error(`Failed to upload the file: ${response.status}`);
|
|
8621
8642
|
}
|
|
8622
|
-
|
|
8643
|
+
debug16("upload file done");
|
|
8623
8644
|
}
|
|
8624
8645
|
|
|
8625
8646
|
// src/features/analysis/index.ts
|
|
@@ -8653,9 +8674,9 @@ async function downloadRepo({
|
|
|
8653
8674
|
}) {
|
|
8654
8675
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
8655
8676
|
const repoSpinner = createSpinner5("\u{1F4BE} Downloading Repo").start();
|
|
8656
|
-
|
|
8677
|
+
debug17("download repo %s %s %s", repoUrl, dirname);
|
|
8657
8678
|
const zipFilePath = path6.join(dirname, "repo.zip");
|
|
8658
|
-
|
|
8679
|
+
debug17("download URL: %s auth headers: %o", downloadUrl, authHeaders);
|
|
8659
8680
|
const response = await fetch4(downloadUrl, {
|
|
8660
8681
|
method: "GET",
|
|
8661
8682
|
headers: {
|
|
@@ -8663,7 +8684,7 @@ async function downloadRepo({
|
|
|
8663
8684
|
}
|
|
8664
8685
|
});
|
|
8665
8686
|
if (!response.ok) {
|
|
8666
|
-
|
|
8687
|
+
debug17("SCM zipball request failed %s %s", response.body, response.status);
|
|
8667
8688
|
repoSpinner.error({ text: "\u{1F4BE} Repo download failed" });
|
|
8668
8689
|
throw new Error(`Can't access ${chalk4.bold(repoUrl)}`);
|
|
8669
8690
|
}
|
|
@@ -8677,7 +8698,7 @@ async function downloadRepo({
|
|
|
8677
8698
|
if (!repoRoot) {
|
|
8678
8699
|
throw new Error("Repo root not found");
|
|
8679
8700
|
}
|
|
8680
|
-
|
|
8701
|
+
debug17("repo root %s", repoRoot);
|
|
8681
8702
|
repoSpinner.success({ text: "\u{1F4BE} Repo downloaded successfully" });
|
|
8682
8703
|
return path6.join(dirname, repoRoot);
|
|
8683
8704
|
}
|
|
@@ -8686,9 +8707,9 @@ var getReportUrl = ({
|
|
|
8686
8707
|
projectId,
|
|
8687
8708
|
fixReportId
|
|
8688
8709
|
}) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
|
|
8689
|
-
var
|
|
8710
|
+
var debug17 = Debug18("mobbdev:index");
|
|
8690
8711
|
var config2 = new Configstore(packageJson.name, { apiToken: "" });
|
|
8691
|
-
|
|
8712
|
+
debug17("config %o", config2);
|
|
8692
8713
|
async function runAnalysis(params, options) {
|
|
8693
8714
|
const tmpObj = tmp.dirSync({
|
|
8694
8715
|
unsafeCleanup: true
|
|
@@ -8832,7 +8853,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
8832
8853
|
commitDirectly,
|
|
8833
8854
|
pullRequest
|
|
8834
8855
|
} = params;
|
|
8835
|
-
|
|
8856
|
+
debug17("start %s %s", dirname, repo);
|
|
8836
8857
|
const { createSpinner: createSpinner5 } = Spinner2({ ci });
|
|
8837
8858
|
skipPrompts = skipPrompts || ci;
|
|
8838
8859
|
let gqlClient = new GQLClient({
|
|
@@ -8903,8 +8924,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
|
|
|
8903
8924
|
);
|
|
8904
8925
|
}
|
|
8905
8926
|
const { sha } = getReferenceDataRes.gitReference;
|
|
8906
|
-
|
|
8907
|
-
|
|
8927
|
+
debug17("project id %s", projectId);
|
|
8928
|
+
debug17("default branch %s", reference);
|
|
8908
8929
|
if (command === "scan") {
|
|
8909
8930
|
reportPath = await getReport(
|
|
8910
8931
|
{
|
|
@@ -9233,9 +9254,9 @@ async function waitForAnaysisAndReviewPr({
|
|
|
9233
9254
|
import chalk5 from "chalk";
|
|
9234
9255
|
import chalkAnimation from "chalk-animation";
|
|
9235
9256
|
import Configstore2 from "configstore";
|
|
9236
|
-
import
|
|
9257
|
+
import Debug19 from "debug";
|
|
9237
9258
|
import open3 from "open";
|
|
9238
|
-
var
|
|
9259
|
+
var debug18 = Debug19("mobbdev:commands");
|
|
9239
9260
|
async function review(params, { skipPrompts = true } = {}) {
|
|
9240
9261
|
const {
|
|
9241
9262
|
repo,
|
|
@@ -9424,9 +9445,9 @@ async function handleMobbLogin({
|
|
|
9424
9445
|
});
|
|
9425
9446
|
loginSpinner.spin();
|
|
9426
9447
|
if (encryptedApiToken) {
|
|
9427
|
-
|
|
9448
|
+
debug18("encrypted API token received %s", encryptedApiToken);
|
|
9428
9449
|
newApiToken = crypto.privateDecrypt(privateKey, Buffer.from(encryptedApiToken, "base64")).toString("utf-8");
|
|
9429
|
-
|
|
9450
|
+
debug18("API token decrypted");
|
|
9430
9451
|
break;
|
|
9431
9452
|
}
|
|
9432
9453
|
await sleep(LOGIN_CHECK_DELAY);
|
|
@@ -9440,7 +9461,7 @@ async function handleMobbLogin({
|
|
|
9440
9461
|
const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
|
|
9441
9462
|
const loginSuccess = await newGqlClient.verifyToken();
|
|
9442
9463
|
if (loginSuccess) {
|
|
9443
|
-
|
|
9464
|
+
debug18("set api token %s", newApiToken);
|
|
9444
9465
|
config3.set("apiToken", newApiToken);
|
|
9445
9466
|
loginSpinner.success({
|
|
9446
9467
|
text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
|
|
@@ -9835,13 +9856,13 @@ var parseArgs = async (args) => {
|
|
|
9835
9856
|
};
|
|
9836
9857
|
|
|
9837
9858
|
// src/index.ts
|
|
9838
|
-
var
|
|
9859
|
+
var debug19 = Debug20("mobbdev:index");
|
|
9839
9860
|
async function run() {
|
|
9840
9861
|
return parseArgs(hideBin(process.argv));
|
|
9841
9862
|
}
|
|
9842
9863
|
(async () => {
|
|
9843
9864
|
try {
|
|
9844
|
-
|
|
9865
|
+
debug19("Bugsy CLI v%s running...", packageJson.version);
|
|
9845
9866
|
await run();
|
|
9846
9867
|
process.exit(0);
|
|
9847
9868
|
} catch (err) {
|