mobbdev 1.0.87 → 1.0.88
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +18 -18
- package/package.json +2 -1
package/dist/index.mjs
CHANGED
|
@@ -7300,8 +7300,8 @@ var CliError = class extends Error {
|
|
|
7300
7300
|
};
|
|
7301
7301
|
|
|
7302
7302
|
// src/commands/convert_to_sarif.ts
|
|
7303
|
-
import AdmZip from "adm-zip";
|
|
7304
7303
|
import multimatch from "multimatch";
|
|
7304
|
+
import StreamZip from "node-stream-zip";
|
|
7305
7305
|
import tmp from "tmp";
|
|
7306
7306
|
async function convertToSarif(options) {
|
|
7307
7307
|
switch (options.inputFileFormat) {
|
|
@@ -7315,8 +7315,9 @@ async function convertToSarif(options) {
|
|
|
7315
7315
|
}
|
|
7316
7316
|
}
|
|
7317
7317
|
async function convertFprToSarif(inputFilePath, outputFilePath, codePathPatterns) {
|
|
7318
|
-
const zipIn = new
|
|
7319
|
-
|
|
7318
|
+
const zipIn = new StreamZip.async({ file: inputFilePath });
|
|
7319
|
+
const zipInEntries = await zipIn.entries();
|
|
7320
|
+
if (!("audit.fvdl" in zipInEntries)) {
|
|
7320
7321
|
throw new CliError(
|
|
7321
7322
|
"\nError: the input file should be in a valid Fortify FPR format."
|
|
7322
7323
|
);
|
|
@@ -7325,10 +7326,9 @@ async function convertFprToSarif(inputFilePath, outputFilePath, codePathPatterns
|
|
|
7325
7326
|
unsafeCleanup: true
|
|
7326
7327
|
});
|
|
7327
7328
|
try {
|
|
7328
|
-
|
|
7329
|
-
|
|
7330
|
-
|
|
7331
|
-
);
|
|
7329
|
+
const auditFvdlPath = path3.join(tmpObj.name, "audit.fvdl");
|
|
7330
|
+
await zipIn.extract("audit.fvdl", auditFvdlPath);
|
|
7331
|
+
const auditFvdlSaxParser = initSaxParser(auditFvdlPath);
|
|
7332
7332
|
const vulnerabilityParser = new VulnerabilityParser(
|
|
7333
7333
|
auditFvdlSaxParser.parser
|
|
7334
7334
|
);
|
|
@@ -7340,14 +7340,14 @@ async function convertFprToSarif(inputFilePath, outputFilePath, codePathPatterns
|
|
|
7340
7340
|
);
|
|
7341
7341
|
let auditMetadataParser = null;
|
|
7342
7342
|
await auditFvdlSaxParser.parse();
|
|
7343
|
-
if (
|
|
7344
|
-
|
|
7345
|
-
|
|
7346
|
-
|
|
7347
|
-
);
|
|
7343
|
+
if ("audit.xml" in zipInEntries) {
|
|
7344
|
+
const auditXmlPath = path3.join(tmpObj.name, "audit.xml");
|
|
7345
|
+
await zipIn.extract("audit.xml", auditXmlPath);
|
|
7346
|
+
const auditXmlSaxParser = initSaxParser(auditXmlPath);
|
|
7348
7347
|
auditMetadataParser = new AuditMetadataParser(auditXmlSaxParser.parser);
|
|
7349
7348
|
await auditXmlSaxParser.parse();
|
|
7350
7349
|
}
|
|
7350
|
+
await zipIn.close();
|
|
7351
7351
|
fs3.writeFileSync(
|
|
7352
7352
|
outputFilePath,
|
|
7353
7353
|
`{
|
|
@@ -8907,7 +8907,7 @@ var GQLClient = class {
|
|
|
8907
8907
|
// src/features/analysis/pack.ts
|
|
8908
8908
|
import fs5 from "node:fs";
|
|
8909
8909
|
import path5 from "node:path";
|
|
8910
|
-
import
|
|
8910
|
+
import AdmZip from "adm-zip";
|
|
8911
8911
|
import Debug13 from "debug";
|
|
8912
8912
|
import { globby } from "globby";
|
|
8913
8913
|
import { isBinary } from "istextorbinary";
|
|
@@ -8969,7 +8969,7 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
8969
8969
|
dot: true
|
|
8970
8970
|
});
|
|
8971
8971
|
debug13("files found %d", filepaths.length);
|
|
8972
|
-
const zip = new
|
|
8972
|
+
const zip = new AdmZip();
|
|
8973
8973
|
debug13("compressing files");
|
|
8974
8974
|
for (const filepath of filepaths) {
|
|
8975
8975
|
const absFilepath = path5.join(srcDirPath, filepath.toString());
|
|
@@ -8999,8 +8999,8 @@ async function pack(srcDirPath, vulnFiles, isIncludeAllFiles = false) {
|
|
|
8999
8999
|
}
|
|
9000
9000
|
async function repackFpr(fprPath) {
|
|
9001
9001
|
debug13("repack fpr file %s", fprPath);
|
|
9002
|
-
const zipIn = new
|
|
9003
|
-
const zipOut = new
|
|
9002
|
+
const zipIn = new AdmZip(fprPath);
|
|
9003
|
+
const zipOut = new AdmZip();
|
|
9004
9004
|
const mappingXML = zipIn.readAsText("src-archive/index.xml", "utf-8");
|
|
9005
9005
|
const filesMapping = FPR_SOURCE_CODE_FILE_MAPPING_SCHEMA.parse(
|
|
9006
9006
|
await parseStringPromise(mappingXML)
|
|
@@ -10709,7 +10709,7 @@ var PathValidation = class {
|
|
|
10709
10709
|
// src/mcp/services/FilePacking.ts
|
|
10710
10710
|
import fs9 from "node:fs";
|
|
10711
10711
|
import path11 from "node:path";
|
|
10712
|
-
import
|
|
10712
|
+
import AdmZip2 from "adm-zip";
|
|
10713
10713
|
import { isBinary as isBinary2 } from "istextorbinary";
|
|
10714
10714
|
var MAX_FILE_SIZE2 = 1024 * 1024 * 5;
|
|
10715
10715
|
var EXCLUDED_FILE_PATTERNS = [
|
|
@@ -10895,7 +10895,7 @@ var FilePacking = class {
|
|
|
10895
10895
|
}
|
|
10896
10896
|
async packFiles(sourceDirectoryPath, filesToPack) {
|
|
10897
10897
|
logInfo(`FilePacking: packing files from ${sourceDirectoryPath}`);
|
|
10898
|
-
const zip = new
|
|
10898
|
+
const zip = new AdmZip2();
|
|
10899
10899
|
let packedFilesCount = 0;
|
|
10900
10900
|
logInfo("FilePacking: compressing files");
|
|
10901
10901
|
for (const filepath of filesToPack) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mobbdev",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.88",
|
|
4
4
|
"description": "Automated secure code remediation tool",
|
|
5
5
|
"repository": "git+https://github.com/mobb-dev/bugsy.git",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -71,6 +71,7 @@
|
|
|
71
71
|
"multimatch": "7.0.0",
|
|
72
72
|
"nanospinner": "1.1.0",
|
|
73
73
|
"node-fetch": "3.3.2",
|
|
74
|
+
"node-stream-zip": "1.15.0",
|
|
74
75
|
"octokit": "3.2.1",
|
|
75
76
|
"open": "8.4.2",
|
|
76
77
|
"parse-diff": "0.11.1",
|