npm - mobbdev - Versions diffs - 1.0.81 → 1.0.83 - Mend

mobbdev 1.0.81 → 1.0.83

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.mjs +52 -15
package/package.json +1 -1

package/dist/index.mjs CHANGED Viewed

@@ -891,11 +891,12 @@ var GitReferenceDocument = `
 }
     `;
 var AutoPrAnalysisDocument = `
-    mutation autoPrAnalysis($analysisId: String!, $commitDirectly: Boolean, $prId: Int) {
+    mutation autoPrAnalysis($analysisId: String!, $commitDirectly: Boolean, $prId: Int, $prStrategy: PRStrategy) {
   autoPrAnalysis(
     analysisId: $analysisId
     sameBranchCommit: $commitDirectly
     prId: $prId
+    prStrategy: $prStrategy
   ) {
     __typename
     ... on AutoPrSuccess {
@@ -7318,16 +7319,17 @@ async function convertFprToSarif(inputFilePath, outputFilePath, codePathPatterns
     "results": [
 `
     );
-    vulnerabilityParser.getVulnerabilities().map(
+    const filteredVulns = vulnerabilityParser.getVulnerabilities().map(
       (vulnerability) => fortifyVulnerabilityToSarifResult(
         vulnerability,
         auditMetadataParser,
         reportMetadataParser,
         unifiedNodePoolParser
       )
-    ).filter((sarifResult) => filterSarifResult(sarifResult, codePathPatterns)).forEach((sarifResult, index) => {
+    ).filter((sarifResult) => filterSarifResult(sarifResult, codePathPatterns));
+    filteredVulns.forEach((sarifResult, index) => {
       fs3.appendFileSync(outputFilePath, JSON.stringify(sarifResult, null, 2));
-      if (index !== vulnerabilityParser.getVulnerabilities().length - 1) {
+      if (index !== filteredVulns.length - 1) {
         fs3.appendFileSync(outputFilePath, ",\n");
       }
     });
@@ -7562,6 +7564,13 @@ var autoPrOption = {
   type: "boolean",
   default: false
 };
+var createOnePrOption = {
+  describe: chalk2.bold(
+    "Create a single unified PR for all fixes (requires --auto-pr)"
+  ),
+  type: "boolean",
+  default: false
+};
 var commitDirectlyOption = {
   describe: chalk2.bold(
     "Commit directly to the scanned branch instead of creating a pull request"
@@ -8242,7 +8251,14 @@ ${contextString}` : description;
 import Debug9 from "debug";
 var debug9 = Debug9("mobbdev:handleAutoPr");
 async function handleAutoPr(params) {
-  const { gqlClient, analysisId, commitDirectly, prId, createSpinner: createSpinner5 } = params;
+  const {
+    gqlClient,
+    analysisId,
+    commitDirectly,
+    prId,
+    createSpinner: createSpinner5,
+    createOnePr
+  } = params;
   const createAutoPrSpinner = createSpinner5(
     "\u{1F504} Waiting for the analysis to finish before initiating automatic pull request creation"
   ).start();
@@ -8251,11 +8267,12 @@ async function handleAutoPr(params) {
       analysisId
     },
     callback: async (analysisId2) => {
-      const autoPrAnalysisRes = await gqlClient.autoPrAnalysis(
-        analysisId2,
+      const autoPrAnalysisRes = await gqlClient.autoPrAnalysis({
+        analysisId: analysisId2,
         commitDirectly,
-        prId
-      );
+        prId,
+        prStrategy: createOnePr ? "CONDENSE" /* Condense */ : "SPREAD" /* Spread */
+      });
       debug9("auto pr analysis res %o", autoPrAnalysisRes);
       if (autoPrAnalysisRes.autoPrAnalysis?.__typename === "AutoPrError") {
         createAutoPrSpinner.error({
@@ -8804,11 +8821,17 @@ var GQLClient = class {
     }
     return res.analysis;
   }
-  async autoPrAnalysis(analysisId, commitDirectly, prId) {
+  async autoPrAnalysis({
+    analysisId,
+    commitDirectly,
+    prId,
+    prStrategy
+  }) {
     return this._clientSdk.autoPrAnalysis({
       analysisId,
       commitDirectly,
-      prId
+      prId,
+      prStrategy
     });
   }
   async getFixes(fixIds) {
@@ -9486,6 +9509,7 @@ async function _scan(params, { skipPrompts = false } = {}) {
     command,
     organizationId: userOrganizationId,
     autoPr,
+    createOnePr,
     commitDirectly,
     pullRequest
   } = params;
@@ -9629,7 +9653,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
       analysisId: reportUploadInfo.fixReportId,
       commitDirectly,
       prId: pullRequest,
-      createSpinner: createSpinner5
+      createSpinner: createSpinner5,
+      createOnePr
     });
   }
   await askToOpenAnalysis();
@@ -9792,7 +9817,8 @@ async function _scan(params, { skipPrompts = false } = {}) {
         analysisId: reportUploadInfo.fixReportId,
         commitDirectly,
         prId: pullRequest,
-        createSpinner: createSpinner5
+        createSpinner: createSpinner5,
+        createOnePr
       });
     }
     await askToOpenAnalysis();
@@ -10192,7 +10218,7 @@ function analyzeBuilder(yargs2) {
     alias: "commit-hash",
     describe: chalk8.bold("Hash of the commit"),
     type: "string"
-  }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("org", organizationIdOptions).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).option("auto-pr", autoPrOption).option("commit-directly", commitDirectlyOption).option("pull-request", {
+  }).option("mobb-project-name", mobbProjectNameOption).option("y", yesOption).option("ci", ciOption).option("org", organizationIdOptions).option("api-key", apiKeyOption).option("commit-hash", commitHashOption).option("auto-pr", autoPrOption).option("create-one-pr", createOnePrOption).option("commit-directly", commitDirectlyOption).option("pull-request", {
     alias: ["pr", "pr-number", "pr-id"],
     describe: chalk8.bold("Number of the pull request"),
     type: "number",
@@ -10203,6 +10229,7 @@ function analyzeBuilder(yargs2) {
   ).help();
 }
 function validateAnalyzeOptions(argv) {
+  console.log("argv", argv);
   if (!fs7.existsSync(argv.f)) {
     throw new CliError(`
 Can't access ${chalk8.bold(argv.f)}`);
@@ -10222,7 +10249,17 @@ Can't access ${chalk8.bold(argv.f)}`);
       "--commit-directly flag requires --auto-pr to be provided as well"
     );
   }
-  if (argv.pullRequest && !argv["commit-directly"]) {
+  if (argv["create-one-pr"] && !argv["auto-pr"]) {
+    throw new CliError(
+      "--create-one-pr flag requires --auto-pr to be provided as well"
+    );
+  }
+  if (argv["create-one-pr"] && argv.commitDirectly) {
+    throw new CliError(
+      "--create-one-pr and --commit-directly cannot be provided at the same time"
+    );
+  }
+  if (argv.pullRequest && !argv.commitDirectly) {
     throw new CliError(
       "--pull-request flag requires --commit-directly to be provided as well"
     );

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.81",
+  "version": "1.0.83",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",