mobbdev 1.1.1 → 1.1.3

package/dist/args/commands/upload_ai_blame.mjs

@@ -92,7 +92,6 @@ var init_GitService = __esm({
 import fsPromises2 from "fs/promises";
 import path6 from "path";
 import chalk3 from "chalk";
-import Configstore2 from "configstore";
 import { withFile } from "tmp-promise";
 import z26 from "zod";
 
@@ -100,7 +99,6 @@ import z26 from "zod";
 import crypto from "crypto";
 import os from "os";
 import chalk2 from "chalk";
-import Configstore from "configstore";
 import Debug7 from "debug";
 import open from "open";
 
@@ -2111,6 +2109,7 @@ function getDirName() {
 // src/constants.ts
 var debug = Debug("mobbdev:constants");
 dotenv.config({ path: path2.join(getModuleRootDir(), ".env") });
+var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
 var scmFriendlyText = {
   ["Ado" /* Ado */]: "Azure DevOps",
   ["Bitbucket" /* Bitbucket */]: "Bitbucket",
@@ -4408,7 +4407,7 @@ import Debug5 from "debug";
 import { createClient } from "graphql-ws";
 import { HttpsProxyAgent } from "https-proxy-agent";
 import WebSocket from "ws";
-var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
+var DEFAULT_API_URL2 = "https://api.mobb.ai/v1/graphql";
 var debug6 = Debug5("mobbdev:subscribe");
 var SUBSCRIPTION_TIMEOUT_MS = 30 * 60 * 1e3;
 function createWSClient(options) {
@@ -4444,7 +4443,7 @@ function subscribe(query, variables, callback, wsClientOptions) {
   return new Promise((resolve, reject) => {
     let timer = null;
     const { timeoutInMs = SUBSCRIPTION_TIMEOUT_MS } = wsClientOptions;
-    const API_URL2 = process.env["API_URL"] || DEFAULT_API_URL;
+    const API_URL2 = process.env["API_URL"] || DEFAULT_API_URL2;
     const client = createWSClient({
       ...wsClientOptions,
       websocket: WebSocket,
@@ -4950,6 +4949,25 @@ var GQLClient = class {
   }
 };
 
+// src/utils/ConfigStoreService.ts
+import Configstore from "configstore";
+function createConfigStore(defaultValues = { apiToken: "" }) {
+  const API_URL2 = process.env["API_URL"] || DEFAULT_API_URL;
+  let domain = "";
+  try {
+    const url = new URL(API_URL2);
+    domain = url.hostname;
+  } catch (e) {
+    domain = API_URL2.replace(/^https?:\/\//, "").replace(/\/.*$/, "").replace(/:\d+$/, "");
+  }
+  const sanitizedDomain = domain.replace(/\./g, "_");
+  return new Configstore(`mobbdev-${sanitizedDomain}`, defaultValues);
+}
+function getConfigStore() {
+  return createConfigStore();
+}
+var configStore = getConfigStore();
+
 // src/commands/handleMobbLogin.ts
 var debug8 = Debug7("mobbdev:commands");
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
@@ -4958,7 +4976,20 @@ var webLoginUrl = `${WEB_APP_URL}/cli-login`;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk2.bgBlue(
   "press any key to continue"
 )};`;
-var config2 = new Configstore(packageJson.name, { apiToken: "" });
+async function getAuthenticatedGQLClient({
+  inputApiKey = "",
+  isSkipPrompts = true
+}) {
+  let gqlClient = new GQLClient({
+    apiKey: inputApiKey || configStore.get("apiToken") || "",
+    type: "apiKey"
+  });
+  gqlClient = await handleMobbLogin({
+    inGqlClient: gqlClient,
+    skipPrompts: isSkipPrompts
+  });
+  return gqlClient;
+}
 async function handleMobbLogin({
   inGqlClient,
   apiKey,
@@ -5034,7 +5065,7 @@ async function handleMobbLogin({
   const loginSuccess = await newGqlClient.validateUserToken();
   if (loginSuccess) {
     debug8(`set api token ${newApiToken}`);
-    config2.set("apiToken", newApiToken);
+    configStore.set("apiToken", newApiToken);
     loginSpinner.success({
       text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
     });
@@ -5184,18 +5215,6 @@ async function uploadAiBlameHandlerFromExtension(args) {
     });
   });
 }
-var config3 = new Configstore2(packageJson.name, { apiToken: "" });
-async function getAuthenticatedGQLClientForIdeExtension() {
-  let gqlClient = new GQLClient({
-    apiKey: config3.get("apiToken") ?? "",
-    type: "apiKey"
-  });
-  gqlClient = await handleMobbLogin({
-    inGqlClient: gqlClient,
-    skipPrompts: true
-  });
-  return gqlClient;
-}
 async function uploadAiBlameHandler(args, exitOnError = true) {
   const prompts = args.prompt || [];
   const inferences = args.inference || [];
@@ -5238,7 +5257,9 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
       blameType: blameTypes[i] || "CHAT" /* Chat */
     });
   }
-  const authenticatedClient = await getAuthenticatedGQLClientForIdeExtension();
+  const authenticatedClient = await getAuthenticatedGQLClient({
+    isSkipPrompts: true
+  });
   const initRes = await authenticatedClient.uploadAIBlameInferencesInitRaw({
     sessions
   });
@@ -5299,7 +5320,6 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
   console.log(chalk3.green("AI Blame uploads finalized successfully"));
 }
 export {
-  getAuthenticatedGQLClientForIdeExtension,
   uploadAiBlameBuilder,
   uploadAiBlameHandler,
   uploadAiBlameHandlerFromExtension

package/dist/index.mjs

@@ -32,12 +32,11 @@ var init_env = __esm({
 });
 
 // src/mcp/core/configs.ts
-var MCP_DEFAULT_API_URL, MCP_API_KEY_HEADER_NAME, MCP_LOGIN_MAX_WAIT, MCP_LOGIN_CHECK_DELAY, MCP_VUL_REPORT_DIGEST_TIMEOUT_MS, MCP_MAX_FILE_SIZE, MCP_PERIODIC_CHECK_INTERVAL, MCP_DEFAULT_MAX_FILES_TO_SCAN, MCP_REPORT_ID_EXPIRATION_MS, MCP_TOOLS_BROWSER_COOLDOWN_MS, MCP_DEFAULT_LIMIT, isAutoScan, MVS_AUTO_FIX_OVERRIDE, MCP_AUTO_FIX_DEBUG_MODE, MCP_PERIODIC_TRACK_INTERVAL, MCP_DEFAULT_REST_API_URL, MCP_SYSTEM_FIND_TIMEOUT_MS;
+var MCP_API_KEY_HEADER_NAME, MCP_LOGIN_MAX_WAIT, MCP_LOGIN_CHECK_DELAY, MCP_VUL_REPORT_DIGEST_TIMEOUT_MS, MCP_MAX_FILE_SIZE, MCP_PERIODIC_CHECK_INTERVAL, MCP_DEFAULT_MAX_FILES_TO_SCAN, MCP_REPORT_ID_EXPIRATION_MS, MCP_TOOLS_BROWSER_COOLDOWN_MS, MCP_DEFAULT_LIMIT, isAutoScan, MVS_AUTO_FIX_OVERRIDE, MCP_AUTO_FIX_DEBUG_MODE, MCP_PERIODIC_TRACK_INTERVAL, MCP_DEFAULT_REST_API_URL, MCP_SYSTEM_FIND_TIMEOUT_MS;
 var init_configs = __esm({
   "src/mcp/core/configs.ts"() {
     "use strict";
     init_env();
-    MCP_DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
     MCP_API_KEY_HEADER_NAME = "x-mobb-key";
     MCP_LOGIN_MAX_WAIT = 2 * 60 * 1e3;
     MCP_LOGIN_CHECK_DELAY = 2 * 1e3;
@@ -9812,6 +9811,7 @@ import * as dotenv from "dotenv";
 import { z as z24 } from "zod";
 var debug5 = Debug4("mobbdev:constants");
 dotenv.config({ path: path6.join(getModuleRootDir(), ".env") });
+var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
 var scmFriendlyText = {
   ["Ado" /* Ado */]: "Azure DevOps",
   ["Bitbucket" /* Bitbucket */]: "Bitbucket",
@@ -10069,7 +10069,6 @@ import chalk8 from "chalk";
 
 // src/commands/index.ts
 import chalkAnimation from "chalk-animation";
-import Configstore3 from "configstore";
 
 // src/features/analysis/index.ts
 import fs9 from "fs";
@@ -10078,7 +10077,6 @@ import path9 from "path";
 import { env as env2 } from "process";
 import { pipeline } from "stream/promises";
 import chalk6 from "chalk";
-import Configstore2 from "configstore";
 import Debug19 from "debug";
 import extract from "extract-zip";
 import { createSpinner as createSpinner4 } from "nanospinner";
@@ -10091,7 +10089,6 @@ import { z as z29 } from "zod";
 import crypto from "crypto";
 import os from "os";
 import chalk3 from "chalk";
-import Configstore from "configstore";
 import Debug7 from "debug";
 import open from "open";
 
@@ -10180,7 +10177,7 @@ import Debug5 from "debug";
 import { createClient } from "graphql-ws";
 import { HttpsProxyAgent } from "https-proxy-agent";
 import WebSocket from "ws";
-var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
+var DEFAULT_API_URL2 = "https://api.mobb.ai/v1/graphql";
 var debug6 = Debug5("mobbdev:subscribe");
 var SUBSCRIPTION_TIMEOUT_MS = 30 * 60 * 1e3;
 function createWSClient(options) {
@@ -10216,7 +10213,7 @@ function subscribe(query, variables, callback, wsClientOptions) {
   return new Promise((resolve, reject) => {
     let timer = null;
     const { timeoutInMs = SUBSCRIPTION_TIMEOUT_MS } = wsClientOptions;
-    const API_URL2 = process.env["API_URL"] || DEFAULT_API_URL;
+    const API_URL2 = process.env["API_URL"] || DEFAULT_API_URL2;
     const client = createWSClient({
       ...wsClientOptions,
       websocket: WebSocket,
@@ -10722,6 +10719,25 @@ var GQLClient = class {
   }
 };
 
+// src/utils/ConfigStoreService.ts
+import Configstore from "configstore";
+function createConfigStore(defaultValues = { apiToken: "" }) {
+  const API_URL2 = process.env["API_URL"] || DEFAULT_API_URL;
+  let domain = "";
+  try {
+    const url = new URL(API_URL2);
+    domain = url.hostname;
+  } catch (e) {
+    domain = API_URL2.replace(/^https?:\/\//, "").replace(/\/.*$/, "").replace(/:\d+$/, "");
+  }
+  const sanitizedDomain = domain.replace(/\./g, "_");
+  return new Configstore(`mobbdev-${sanitizedDomain}`, defaultValues);
+}
+function getConfigStore() {
+  return createConfigStore();
+}
+var configStore = getConfigStore();
+
 // src/commands/handleMobbLogin.ts
 var debug8 = Debug7("mobbdev:commands");
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
@@ -10730,7 +10746,20 @@ var webLoginUrl = `${WEB_APP_URL}/cli-login`;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk3.bgBlue(
   "press any key to continue"
 )};`;
-var config2 = new Configstore(packageJson.name, { apiToken: "" });
+async function getAuthenticatedGQLClient({
+  inputApiKey = "",
+  isSkipPrompts = true
+}) {
+  let gqlClient = new GQLClient({
+    apiKey: inputApiKey || configStore.get("apiToken") || "",
+    type: "apiKey"
+  });
+  gqlClient = await handleMobbLogin({
+    inGqlClient: gqlClient,
+    skipPrompts: isSkipPrompts
+  });
+  return gqlClient;
+}
 async function handleMobbLogin({
   inGqlClient,
   apiKey,
@@ -10806,7 +10835,7 @@ async function handleMobbLogin({
   const loginSuccess = await newGqlClient.validateUserToken();
   if (loginSuccess) {
     debug8(`set api token ${newApiToken}`);
-    config2.set("apiToken", newApiToken);
+    configStore.set("apiToken", newApiToken);
     loginSpinner.success({
       text: `\u{1F513} Login to Mobb successful! ${typeof loginSpinner === "string" ? `Logged in as ${loginSuccess}` : ""}`
     });
@@ -11883,8 +11912,8 @@ async function forkSnyk(args, { display }) {
 }
 async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
   debug17("get snyk report start %s %s", reportPath, repoRoot);
-  const config7 = await forkSnyk(["config"], { display: false });
-  const { message: configMessage } = config7;
+  const config2 = await forkSnyk(["config"], { display: false });
+  const { message: configMessage } = config2;
   if (!configMessage.includes("api: ")) {
     const snykLoginSpinner = createSpinner3().start();
     if (!skipPrompts) {
@@ -11896,7 +11925,7 @@ async function getSnykReport(reportPath, repoRoot, { skipPrompts = false }) {
     snykLoginSpinner.update({
       text: "\u{1F513} Waiting for Snyk login to complete"
     });
-    debug17("no token in the config %s", config7);
+    debug17("no token in the config %s", config2);
     await forkSnyk(["auth"], { display: true });
     snykLoginSpinner.success({ text: "\u{1F513} Login to Snyk Successful" });
   }
@@ -12040,8 +12069,6 @@ var getReportUrl = ({
   fixReportId
 }) => `${WEB_APP_URL}/organization/${organizationId}/project/${projectId}/report/${fixReportId}`;
 var debug19 = Debug19("mobbdev:index");
-var config3 = new Configstore2(packageJson.name, { apiToken: "" });
-debug19("config %o", config3);
 async function runAnalysis(params, options) {
   const tmpObj = tmp2.dirSync({
     unsafeCleanup: true
@@ -12189,14 +12216,9 @@ async function _scan(params, { skipPrompts = false } = {}) {
   debug19("start %s %s", dirname, repo);
   const { createSpinner: createSpinner5 } = Spinner2({ ci });
   skipPrompts = skipPrompts || ci;
-  let gqlClient = new GQLClient({
-    apiKey: apiKey ?? config3.get("apiToken") ?? "",
-    type: "apiKey"
-  });
-  gqlClient = await handleMobbLogin({
-    inGqlClient: gqlClient,
-    skipPrompts,
-    apiKey
+  const gqlClient = await getAuthenticatedGQLClient({
+    inputApiKey: apiKey,
+    isSkipPrompts: skipPrompts
   });
   if (!mobbProjectName) {
     throw new Error("mobbProjectName is required");
@@ -12706,17 +12728,11 @@ async function analyze({
     { skipPrompts }
   );
 }
-var config4 = new Configstore3(packageJson.name, { apiToken: "" });
 async function addScmToken(addScmTokenOptions) {
   const { apiKey, token, organization, scmType, url, refreshToken, ci } = addScmTokenOptions;
-  let gqlClient = new GQLClient({
-    apiKey: apiKey ?? config4.get("apiToken") ?? "",
-    type: "apiKey"
-  });
-  gqlClient = await handleMobbLogin({
-    inGqlClient: gqlClient,
-    skipPrompts: ci,
-    apiKey
+  const gqlClient = await getAuthenticatedGQLClient({
+    inputApiKey: apiKey,
+    isSkipPrompts: ci
   });
   if (!scmType) {
     throw new CliError(errorMessages.invalidScmType);
@@ -12896,9 +12912,6 @@ async function analyzeHandler(args) {
   await analyze(args, { skipPrompts: args.yes });
 }
 
-// src/args/commands/claude_code.ts
-import Configstore5 from "configstore";
-
 // src/features/claude_code/data_collector.ts
 import { z as z32 } from "zod";
 
@@ -12906,7 +12919,6 @@ import { z as z32 } from "zod";
 import fsPromises3 from "fs/promises";
 import path11 from "path";
 import chalk9 from "chalk";
-import Configstore4 from "configstore";
 import { withFile } from "tmp-promise";
 import z31 from "zod";
 var PromptItemZ = z31.object({
@@ -12995,18 +13007,6 @@ async function uploadAiBlameHandlerFromExtension(args) {
     });
   });
 }
-var config5 = new Configstore4(packageJson.name, { apiToken: "" });
-async function getAuthenticatedGQLClientForIdeExtension() {
-  let gqlClient = new GQLClient({
-    apiKey: config5.get("apiToken") ?? "",
-    type: "apiKey"
-  });
-  gqlClient = await handleMobbLogin({
-    inGqlClient: gqlClient,
-    skipPrompts: true
-  });
-  return gqlClient;
-}
 async function uploadAiBlameHandler(args, exitOnError = true) {
   const prompts = args.prompt || [];
   const inferences = args.inference || [];
@@ -13049,7 +13049,9 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
       blameType: blameTypes[i] || "CHAT" /* Chat */
     });
   }
-  const authenticatedClient = await getAuthenticatedGQLClientForIdeExtension();
+  const authenticatedClient = await getAuthenticatedGQLClient({
+    isSkipPrompts: true
+  });
   const initRes = await authenticatedClient.uploadAIBlameInferencesInitRaw({
     sessions
   });
@@ -13478,7 +13480,6 @@ async function installMobbHooks(options = {}) {
 }
 
 // src/args/commands/claude_code.ts
-var config6 = new Configstore5(packageJson.name, { apiToken: "" });
 var claudeCodeInstallHookBuilder = (yargs2) => {
   return yargs2.option("save-env", {
     type: "boolean",
@@ -13500,14 +13501,7 @@ var claudeCodeProcessHookBuilder = (yargs2) => {
 };
 var claudeCodeInstallHookHandler = async (argv) => {
   try {
-    const gqlClient = new GQLClient({
-      apiKey: config6.get("apiToken") ?? "",
-      type: "apiKey"
-    });
-    await handleMobbLogin({
-      inGqlClient: gqlClient,
-      skipPrompts: false
-    });
+    await getAuthenticatedGQLClient({ isSkipPrompts: false });
     await installMobbHooks({ saveEnv: argv["save-env"] });
     process.exit(0);
   } catch (error) {
@@ -13574,7 +13568,7 @@ import {
 } from "@modelcontextprotocol/sdk/types.js";
 
 // src/mcp/Logger.ts
-import Configstore6 from "configstore";
+import Configstore2 from "configstore";
 
 // src/mcp/services/WorkspaceService.ts
 var WorkspaceService = class {
@@ -13660,7 +13654,7 @@ var Logger = class {
     __publicField(this, "lastKnownPath", null);
     this.host = WorkspaceService.getHost();
     this.unknownPathSuffix = Math.floor(1e3 + Math.random() * 9e3).toString();
-    this.mobbConfigStore = new Configstore6("mobb-logs", {});
+    this.mobbConfigStore = new Configstore2("mobb-logs", {});
     this.mobbConfigStore.set("version", packageJson.version);
   }
   /**
@@ -13857,29 +13851,6 @@ var GetLatestReportByRepoUrlResponseSchema = z33.object({
   expiredReport: z33.array(ExpiredReportSchema)
 });
 
-// src/mcp/services/ConfigStoreService.ts
-import Configstore7 from "configstore";
-init_configs();
-function createConfigStore(defaultValues = { apiToken: "" }) {
-  const API_URL2 = process.env["API_URL"] || MCP_DEFAULT_API_URL;
-  let domain = "";
-  try {
-    const url = new URL(API_URL2);
-    domain = url.hostname;
-  } catch (e) {
-    domain = API_URL2.replace(/^https?:\/\//, "").replace(/\/.*$/, "").replace(/:\d+$/, "");
-  }
-  const sanitizedDomain = domain.replace(/\./g, "_");
-  return new Configstore7(
-    `${packageJson.name}-${sanitizedDomain}`,
-    defaultValues
-  );
-}
-function getConfigStore() {
-  return createConfigStore();
-}
-var configStore = getConfigStore();
-
 // src/mcp/services/McpAuthService.ts
 import crypto2 from "crypto";
 import os3 from "os";
@@ -13968,7 +13939,7 @@ var McpGQLClient = class {
     __publicField(this, "currentUser", null);
     __publicField(this, "apiUrl");
     this._auth = args;
-    this.apiUrl = process.env["API_URL"] || MCP_DEFAULT_API_URL;
+    this.apiUrl = process.env["API_URL"] || DEFAULT_API_URL;
     logDebug(`[GraphQL] Creating graphql client with api url ${this.apiUrl}`, {
       args
     });
@@ -14687,34 +14658,34 @@ var readConfigFile = (filePath) => {
     return null;
   }
 };
-var mergeConfigIntoResult = (config7, mergedConfig) => {
-  if (config7?.projects) {
+var mergeConfigIntoResult = (config2, mergedConfig) => {
+  if (config2?.projects) {
     const allMcpServers = {};
-    for (const projectPath in config7.projects) {
-      const project = config7.projects[projectPath];
+    for (const projectPath in config2.projects) {
+      const project = config2.projects[projectPath];
       if (project?.mcpServers) {
         Object.assign(allMcpServers, project.mcpServers);
       }
     }
     mergedConfig.mcpServers = { ...mergedConfig.mcpServers, ...allMcpServers };
   }
-  if (config7?.mcpServers) {
+  if (config2?.mcpServers) {
     mergedConfig.mcpServers = {
       ...mergedConfig.mcpServers,
-      ...config7.mcpServers
+      ...config2.mcpServers
     };
   }
-  if (config7?.servers) {
-    mergedConfig.servers = { ...mergedConfig.servers, ...config7.servers };
+  if (config2?.servers) {
+    mergedConfig.servers = { ...mergedConfig.servers, ...config2.servers };
   }
 };
 var readMCPConfig = (hostName) => {
   const configPaths = getMCPConfigPaths(hostName);
   const mergedConfig = {};
   for (const configPath of configPaths) {
-    const config7 = readConfigFile(configPath);
-    if (config7) {
-      mergeConfigIntoResult(config7, mergedConfig);
+    const config2 = readConfigFile(configPath);
+    if (config2) {
+      mergeConfigIntoResult(config2, mergedConfig);
     }
   }
   return Object.keys(mergedConfig).length > 0 ? mergedConfig : null;
@@ -14841,10 +14812,10 @@ var getHostInfo = (additionalMcpList) => {
     if (cfg) allConfigs[ide] = cfg;
   }
   for (const additionalPath of uniqueAdditionalPaths) {
-    const config7 = readConfigFile(additionalPath);
-    if (!config7) continue;
+    const config2 = readConfigFile(additionalPath);
+    if (!config2) continue;
     const mergedConfig = {};
-    mergeConfigIntoResult(config7, mergedConfig);
+    mergeConfigIntoResult(config2, mergedConfig);
     if (Object.keys(mergedConfig).length > 0) {
       allConfigs["system"] = mergedConfig;
     }
@@ -14912,7 +14883,7 @@ var getHostInfo = (additionalMcpList) => {
     }
   }
   for (const { ide, name, command, isRunning } of servers) {
-    const config7 = allConfigs[ide] || null;
+    const config2 = allConfigs[ide] || null;
     const ideName = ide.charAt(0).toUpperCase() + ide.slice(1) || "Unknown";
     let ideVersion = "Unknown";
     const platform2 = os4.platform();
@@ -14929,8 +14900,8 @@ var getHostInfo = (additionalMcpList) => {
       }
     }
     let mcpConfigObj = {};
-    if (config7) {
-      const allServers = config7.mcpServers || config7.servers || {};
+    if (config2) {
+      const allServers = config2.mcpServers || config2.servers || {};
       if (name in allServers && allServers[name]) {
         mcpConfigObj = allServers[name];
       }
@@ -15268,7 +15239,7 @@ var ToolRegistry = class {
 
 // src/mcp/core/McpServer.ts
 var McpServer = class {
-  constructor(config7, govOrgId = "") {
+  constructor(config2, govOrgId = "") {
     __publicField(this, "server");
     __publicField(this, "toolRegistry");
     __publicField(this, "promptRegistry");
@@ -15282,8 +15253,8 @@ var McpServer = class {
     this.mcpUsageService = govOrgId ? new McpUsageService(govOrgId) : null;
     this.server = new Server(
       {
-        name: config7.name,
-        version: config7.version
+        name: config2.name,
+        version: config2.version
       },
       {
         capabilities: {
@@ -15299,7 +15270,7 @@ var McpServer = class {
     this.setupParentProcessMonitoring();
     logInfo("MCP server instance created");
     logDebug("MCP server instance config", {
-      config: config7,
+      config: config2,
       parentPid: this.parentPid
     });
   }
@@ -19170,10 +19141,15 @@ var PatchApplicationService = class {
    */
   static writeFileWithFixComment({
     filePath,
+    repositoryPath,
     content,
     fix,
     scanContext
   }) {
+    const { normalizedPath: normalizedFilePath } = this.resolvePathWithinRepo({
+      repositoryPath,
+      targetPath: filePath
+    });
     let finalContent = content;
     if (MCP_AUTO_FIX_DEBUG_MODE) {
       const fixType = fix.safeIssueType || "Security Issue";
@@ -19205,10 +19181,28 @@ var PatchApplicationService = class {
         }
       );
     }
-    const dirPath = path20.dirname(filePath);
+    const dirPath = path20.dirname(normalizedFilePath);
     mkdirSync(dirPath, { recursive: true });
-    writeFileSync(filePath, finalContent, "utf8");
-    return filePath;
+    writeFileSync(normalizedFilePath, finalContent, "utf8");
+    return normalizedFilePath;
+  }
+  static resolvePathWithinRepo({
+    repositoryPath,
+    targetPath
+  }) {
+    const repoRoot = path20.resolve(repositoryPath);
+    const normalizedPath = path20.resolve(repoRoot, targetPath);
+    const repoRootWithSep = repoRoot.endsWith(path20.sep) ? repoRoot : `${repoRoot}${path20.sep}`;
+    if (normalizedPath !== repoRoot && !normalizedPath.startsWith(repoRootWithSep)) {
+      throw new Error(
+        `Security violation: target path ${targetPath} resolves outside repository`
+      );
+    }
+    return {
+      repoRoot,
+      normalizedPath,
+      relativePath: path20.relative(repoRoot, normalizedPath)
+    };
   }
   /**
    * Extracts target file path from a fix
@@ -19678,21 +19672,17 @@ var PatchApplicationService = class {
     repositoryPath,
     scanContext
   }) {
-    const sanitizedRepoPath = String(repositoryPath || "").replace("\0", "").replace(/^(\.\.(\/|\\))+/, "");
-    const sanitizedTargetFile = String(targetFile || "").replace("\0", "").replace(/^(\.\.(\/|\\))+/, "");
-    const absoluteFilePath = path20.resolve(
-      sanitizedRepoPath,
-      sanitizedTargetFile
-    );
-    const relativePath = path20.relative(sanitizedRepoPath, absoluteFilePath);
-    if (relativePath.startsWith("..")) {
-      throw new Error(
-        `Security violation: target file ${targetFile} resolves outside repository`
-      );
-    }
+    const {
+      repoRoot,
+      normalizedPath: absoluteFilePath,
+      relativePath
+    } = this.resolvePathWithinRepo({
+      repositoryPath,
+      targetPath: targetFile
+    });
     logDebug(`[${scanContext}] Resolving file path for ${targetFile}`, {
-      repositoryPath: sanitizedRepoPath,
-      targetFile: sanitizedTargetFile,
+      repositoryPath: repoRoot,
+      targetFile,
       absoluteFilePath,
       relativePath,
       exists: existsSync6(absoluteFilePath)
@@ -19714,6 +19704,7 @@ var PatchApplicationService = class {
     const newContent = this.applyHunksToEmptyFile(fileDiff.chunks);
     const actualPath = this.writeFileWithFixComment({
       filePath: absoluteFilePath,
+      repositoryPath,
       content: newContent,
       fix,
       scanContext
@@ -19762,6 +19753,7 @@ var PatchApplicationService = class {
     if (modifiedContent !== originalContent) {
       const actualPath = this.writeFileWithFixComment({
         filePath: absoluteFilePath,
+        repositoryPath,
         content: modifiedContent,
         fix,
         scanContext

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.1.1",
+  "version": "1.1.3",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",
@@ -75,7 +75,7 @@
     "http-proxy-agent": "7.0.2",
     "https-proxy-agent": "7.0.6",
     "ignore": "7.0.5",
-    "inquirer": "9.3.7",
+    "inquirer": "9.3.8",
     "isomorphic-ws": "5.0.0",
     "istextorbinary": "9.5.0",
     "libsodium-wrappers": "0.7.15",
@@ -89,7 +89,7 @@
     "sax": "1.4.3",
     "semver": "7.7.3",
     "simple-git": "3.30.0",
-    "snyk": "1.1300.2",
+    "snyk": "1.1301.0",
     "tar": "6.2.1",
     "tmp": "0.2.5",
     "tmp-promise": "3.0.3",