npm - mobbdev - Versions diffs - 1.1.10 → 1.1.12 - Mend

mobbdev 1.1.10 → 1.1.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/args/commands/upload_ai_blame.mjs +101 -12
package/dist/index.mjs +189 -64
package/package.json +1 -1

package/dist/args/commands/upload_ai_blame.mjs CHANGED Viewed

@@ -5133,7 +5133,99 @@ async function uploadFile({
 import { OpenRedaction } from "@openredaction/openredaction";
 import { spawn } from "child_process";
 import { installGitleaks } from "gitleaks-secret-scanner/lib/installer.js";
-var openRedaction = new OpenRedaction();
+var openRedaction = new OpenRedaction({
+  patterns: [
+    // Core Personal Data
+    "EMAIL",
+    "SSN",
+    "NATIONAL_INSURANCE_UK",
+    "DATE_OF_BIRTH",
+    // Identity Documents
+    "PASSPORT_UK",
+    "PASSPORT_US",
+    "PASSPORT_MRZ_TD1",
+    "PASSPORT_MRZ_TD3",
+    "DRIVING_LICENSE_UK",
+    "DRIVING_LICENSE_US",
+    "VISA_NUMBER",
+    "VISA_MRZ",
+    "TAX_ID",
+    // Financial Data
+    "CREDIT_CARD",
+    "IBAN",
+    "BANK_ACCOUNT_UK",
+    "ROUTING_NUMBER_US",
+    "SWIFT_BIC",
+    "CARD_TRACK1_DATA",
+    "CARD_TRACK2_DATA",
+    "CARD_EXPIRY",
+    "CARD_AUTH_CODE",
+    // Cryptocurrency
+    "BITCOIN_ADDRESS",
+    "ETHEREUM_ADDRESS",
+    "LITECOIN_ADDRESS",
+    "CARDANO_ADDRESS",
+    "SOLANA_ADDRESS",
+    "MONERO_ADDRESS",
+    "RIPPLE_ADDRESS",
+    // Medical Data
+    "NHS_NUMBER",
+    "MEDICAL_RECORD_NUMBER",
+    "AUSTRALIAN_MEDICARE",
+    "HEALTH_PLAN_NUMBER",
+    "PRESCRIPTION_NUMBER",
+    "PATIENT_ID",
+    // Communications
+    "PHONE_US",
+    "PHONE_UK",
+    "PHONE_UK_MOBILE",
+    "PHONE_INTERNATIONAL",
+    "PHONE_LINE_NUMBER",
+    "EMERGENCY_CONTACT",
+    "ADDRESS_STREET",
+    "ADDRESS_PO_BOX",
+    "POSTCODE_UK",
+    "ZIP_CODE_US",
+    // Network & Technical
+    "IPV4",
+    "IPV6",
+    "MAC_ADDRESS",
+    "URL_WITH_AUTH",
+    // Security Keys & Tokens
+    "PRIVATE_KEY",
+    "SSH_PRIVATE_KEY",
+    "AWS_SECRET_KEY",
+    "AWS_ACCESS_KEY",
+    "AZURE_STORAGE_KEY",
+    "GCP_SERVICE_ACCOUNT",
+    "JWT_TOKEN",
+    "OAUTH_TOKEN",
+    "OAUTH_CLIENT_SECRET",
+    "BEARER_TOKEN",
+    "PAYMENT_TOKEN",
+    "GENERIC_SECRET",
+    "GENERIC_API_KEY",
+    // Platform-Specific API Keys
+    "GITHUB_TOKEN",
+    "SLACK_TOKEN",
+    "STRIPE_API_KEY",
+    "GOOGLE_API_KEY",
+    "FIREBASE_API_KEY",
+    "HEROKU_API_KEY",
+    "MAILGUN_API_KEY",
+    "SENDGRID_API_KEY",
+    "TWILIO_API_KEY",
+    "NPM_TOKEN",
+    "PYPI_TOKEN",
+    "DOCKER_AUTH",
+    "KUBERNETES_SECRET",
+    // Government & Legal
+    "POLICE_REPORT_NUMBER",
+    "IMMIGRATION_NUMBER",
+    "COURT_REPORTER_LICENSE",
+    "CLIENT_ID"
+  ]
+});
 var gitleaksBinaryPath = null;
 async function initializeGitleaks() {
   try {
@@ -5211,16 +5303,7 @@ async function sanitizeDataWithCounts(obj) {
         ...piiDetections.medium,
         ...piiDetections.low
       ];
-      const filteredDetections = allDetections.filter((detection) => {
-        if (detection.type === "INSTAGRAM_USERNAME") {
-          return false;
-        }
-        if (detection.value.length < 3 && detection.severity !== "high") {
-          return false;
-        }
-        return true;
-      });
-      for (const detection of filteredDetections) {
+      for (const detection of allDetections) {
         counts.pii.total++;
         if (detection.severity === "high") counts.pii.high++;
         else if (detection.severity === "medium") counts.pii.medium++;
@@ -5291,9 +5374,15 @@ var PromptItemZ = z26.object({
 });
 var PromptItemArrayZ = z26.array(PromptItemZ);
 function getSystemInfo() {
+  let userName;
+  try {
+    userName = os2.userInfo().username;
+  } catch {
+    userName = void 0;
+  }
   return {
     computerName: os2.hostname(),
-    userName: os2.userInfo().username
+    userName
   };
 }
 function uploadAiBlameBuilder(args) {

package/dist/index.mjs CHANGED Viewed

@@ -6635,6 +6635,18 @@ var SCMLib = class {
       password: accessToken
     });
   }
+  /**
+   * Fetches commits for multiple PRs in a single batch request.
+   * This is an optimization that not all SCM providers may support efficiently.
+   * Default implementation throws - override in subclasses that support batching.
+   *
+   * @param repoUrl - Repository URL
+   * @param prNumbers - Array of PR numbers to fetch commits for
+   * @returns Map of PR number to array of commit SHAs
+   */
+  async getPrCommitsBatch(_repoUrl, _prNumbers) {
+    throw new Error("getPrCommitsBatch not implemented for this SCM provider");
+  }
   getAccessToken() {
     return this.accessToken || "";
   }
@@ -7493,13 +7505,6 @@ var GET_BLAME_DOCUMENT = `
                 ranges {
                   commit {
                     oid
-                    author {
-                      user {
-                        name
-                        login
-                      }
-                    }
-                    authoredDate
                   }
                   startingLine
                   endingLine
@@ -7539,6 +7544,7 @@ var GITHUB_GRAPHQL_FRAGMENTS = {
   /**
    * Fragment for fetching blame data.
    * Use with object(expression: $ref) on Commit type.
+   * Note: $path placeholder must be replaced with actual file path.
    */
   BLAME_RANGES: `
     blame(path: "$path") {
@@ -7547,13 +7553,6 @@ var GITHUB_GRAPHQL_FRAGMENTS = {
         endingLine
         commit {
           oid
-          author {
-            user {
-              name
-              login
-              email
-            }
-          }
         }
       }
     }
@@ -7717,19 +7716,27 @@ async function executeBatchGraphQL(octokit, owner, repo, config2) {
       }
     }
   `;
-  const response = await octokit.graphql(query, { owner, repo });
+  let response;
+  try {
+    response = await octokit.graphql(query, { owner, repo });
+  } catch (error) {
+    const graphqlError = error;
+    if (graphqlError.data?.repository) {
+      response = graphqlError.data;
+    } else {
+      throw error;
+    }
+  }
   const result = /* @__PURE__ */ new Map();
   items.forEach((item, index) => {
     const data = response.repository[`${aliasPrefix}${index}`];
-    if (data) {
-      const extracted = extractResult(
-        data,
-        item,
-        index
-      );
-      if (extracted !== void 0) {
-        result.set(item, extracted);
-      }
+    const extracted = extractResult(
+      data || {},
+      item,
+      index
+    );
+    if (extracted !== void 0) {
+      result.set(item, extracted);
     }
   });
   return result;
@@ -7875,9 +7882,15 @@ function getGithubSdk(params = {}) {
         }));
       } catch (e) {
         if (e instanceof RequestError && e.status === 401) {
+          console.warn(
+            "GitHub API returned 401 Unauthorized when listing repos - token may be expired or lack repo scope"
+          );
           return [];
         }
         if (e instanceof RequestError && e.status === 404) {
+          console.warn(
+            "GitHub API returned 404 Not Found when listing repos - user may not exist"
+          );
           return [];
         }
         throw e;
@@ -8023,13 +8036,42 @@ function getGithubSdk(params = {}) {
         (range) => ({
           startingLine: range.startingLine,
           endingLine: range.endingLine,
-          commitSha: range.commit.oid,
-          email: range.commit.author.user?.email || "",
-          name: range.commit.author.user?.name || "",
-          login: range.commit.author.user?.login || ""
+          commitSha: range.commit.oid
         })
       );
     },
+    /**
+     * Fetches commits for multiple PRs in a single GraphQL request.
+     * This is much more efficient than making N separate REST API calls.
+     *
+     * @param params.owner - Repository owner
+     * @param params.repo - Repository name
+     * @param params.prNumbers - Array of PR numbers to fetch commits for
+     * @returns Map of PR number to array of commit SHAs
+     */
+    async getPrCommitsBatch(params2) {
+      return executeBatchGraphQL(octokit, params2.owner, params2.repo, {
+        items: params2.prNumbers,
+        aliasPrefix: "prCommits",
+        buildFragment: (prNumber, index) => `
+          prCommits${index}: pullRequest(number: ${prNumber}) {
+            commits(first: 100) {
+              nodes {
+                commit {
+                  oid
+                }
+              }
+            }
+          }`,
+        extractResult: (data) => {
+          const prData = data;
+          if (prData?.commits?.nodes) {
+            return prData.commits.nodes.map((node) => node.commit.oid);
+          }
+          return [];
+        }
+      });
+    },
     // todo: refactor the name for this function
     async createPr(params2) {
       const { sourceRepoUrl, filesPaths, userRepoUrl, title, body } = params2;
@@ -8250,7 +8292,7 @@ function getGithubSdk(params = {}) {
     },
     /**
      * Batch fetch blame data for multiple files via GraphQL.
-     * Field selection matches GITHUB_GRAPHQL_FRAGMENTS.BLAME_RANGES pattern.
+     * Uses GITHUB_GRAPHQL_FRAGMENTS.BLAME_RANGES for the field selection.
      */
     async getBlameBatch(params2) {
       return executeBatchGraphQL(octokit, params2.owner, params2.repo, {
@@ -8259,15 +8301,7 @@ function getGithubSdk(params = {}) {
         buildFragment: (path22, index) => `
           file${index}: object(expression: "${params2.ref}") {
             ... on Commit {
-              blame(path: "${path22}") {
-                ranges {
-                  startingLine
-                  endingLine
-                  commit {
-                    oid
-                  }
-                }
-              }
+              ${GITHUB_GRAPHQL_FRAGMENTS.BLAME_RANGES.replace("$path", path22)}
             }
           }`,
         extractResult: (data) => {
@@ -8276,11 +8310,7 @@ function getGithubSdk(params = {}) {
             return fileData.blame.ranges.map((range) => ({
               startingLine: range.startingLine,
               endingLine: range.endingLine,
-              commitSha: range.commit.oid,
-              // This is an urgent fix. We need to later remove these fields from the return type and propagate the change.
-              email: "",
-              name: "",
-              login: ""
+              commitSha: range.commit.oid
             }));
           }
           return void 0;
@@ -8681,11 +8711,7 @@ var GithubSCMLib = class extends SCMLib {
         })
       )
     );
-    const diffLines = await this._attributeLinesViaBlame(
-      pr.head.ref,
-      filesRes.data,
-      commits
-    );
+    const diffLines = filesRes ? await this._attributeLinesViaBlame(pr.head.ref, filesRes.data, commits) : [];
     return {
       diff: prDiff,
       createdAt: new Date(pr.created_at),
@@ -8743,6 +8769,19 @@ var GithubSCMLib = class extends SCMLib {
     });
     return submitRequests;
   }
+  /**
+   * Fetches commits for multiple PRs in a single GraphQL request.
+   * Much more efficient than calling getSubmitRequestDiff for each PR.
+   *
+   * @param repoUrl - Repository URL
+   * @param prNumbers - Array of PR numbers to fetch commits for
+   * @returns Map of PR number to array of commit SHAs
+   */
+  async getPrCommitsBatch(repoUrl, prNumbers) {
+    this._validateAccessToken();
+    const { owner, repo } = parseGithubOwnerAndRepo(repoUrl);
+    return this.githubSdk.getPrCommitsBatch({ owner, repo, prNumbers });
+  }
   /**
    * Parse a Linear ticket from URL and name
    * Returns null if invalid or missing data
@@ -9211,10 +9250,7 @@ async function getGitlabBlameRanges({ ref, gitlabUrl, path: path22 }, options) {
     return {
       startingLine: oldLineNumber,
       endingLine: lineNumber - 1,
-      commitSha: range.commit.id,
-      login: range.commit.author_email,
-      email: range.commit.author_email,
-      name: range.commit.author_name
+      commitSha: range.commit.id
     };
   });
 }
@@ -13268,7 +13304,99 @@ import z31 from "zod";
 import { OpenRedaction } from "@openredaction/openredaction";
 import { spawn } from "child_process";
 import { installGitleaks } from "gitleaks-secret-scanner/lib/installer.js";
-var openRedaction = new OpenRedaction();
+var openRedaction = new OpenRedaction({
+  patterns: [
+    // Core Personal Data
+    "EMAIL",
+    "SSN",
+    "NATIONAL_INSURANCE_UK",
+    "DATE_OF_BIRTH",
+    // Identity Documents
+    "PASSPORT_UK",
+    "PASSPORT_US",
+    "PASSPORT_MRZ_TD1",
+    "PASSPORT_MRZ_TD3",
+    "DRIVING_LICENSE_UK",
+    "DRIVING_LICENSE_US",
+    "VISA_NUMBER",
+    "VISA_MRZ",
+    "TAX_ID",
+    // Financial Data
+    "CREDIT_CARD",
+    "IBAN",
+    "BANK_ACCOUNT_UK",
+    "ROUTING_NUMBER_US",
+    "SWIFT_BIC",
+    "CARD_TRACK1_DATA",
+    "CARD_TRACK2_DATA",
+    "CARD_EXPIRY",
+    "CARD_AUTH_CODE",
+    // Cryptocurrency
+    "BITCOIN_ADDRESS",
+    "ETHEREUM_ADDRESS",
+    "LITECOIN_ADDRESS",
+    "CARDANO_ADDRESS",
+    "SOLANA_ADDRESS",
+    "MONERO_ADDRESS",
+    "RIPPLE_ADDRESS",
+    // Medical Data
+    "NHS_NUMBER",
+    "MEDICAL_RECORD_NUMBER",
+    "AUSTRALIAN_MEDICARE",
+    "HEALTH_PLAN_NUMBER",
+    "PRESCRIPTION_NUMBER",
+    "PATIENT_ID",
+    // Communications
+    "PHONE_US",
+    "PHONE_UK",
+    "PHONE_UK_MOBILE",
+    "PHONE_INTERNATIONAL",
+    "PHONE_LINE_NUMBER",
+    "EMERGENCY_CONTACT",
+    "ADDRESS_STREET",
+    "ADDRESS_PO_BOX",
+    "POSTCODE_UK",
+    "ZIP_CODE_US",
+    // Network & Technical
+    "IPV4",
+    "IPV6",
+    "MAC_ADDRESS",
+    "URL_WITH_AUTH",
+    // Security Keys & Tokens
+    "PRIVATE_KEY",
+    "SSH_PRIVATE_KEY",
+    "AWS_SECRET_KEY",
+    "AWS_ACCESS_KEY",
+    "AZURE_STORAGE_KEY",
+    "GCP_SERVICE_ACCOUNT",
+    "JWT_TOKEN",
+    "OAUTH_TOKEN",
+    "OAUTH_CLIENT_SECRET",
+    "BEARER_TOKEN",
+    "PAYMENT_TOKEN",
+    "GENERIC_SECRET",
+    "GENERIC_API_KEY",
+    // Platform-Specific API Keys
+    "GITHUB_TOKEN",
+    "SLACK_TOKEN",
+    "STRIPE_API_KEY",
+    "GOOGLE_API_KEY",
+    "FIREBASE_API_KEY",
+    "HEROKU_API_KEY",
+    "MAILGUN_API_KEY",
+    "SENDGRID_API_KEY",
+    "TWILIO_API_KEY",
+    "NPM_TOKEN",
+    "PYPI_TOKEN",
+    "DOCKER_AUTH",
+    "KUBERNETES_SECRET",
+    // Government & Legal
+    "POLICE_REPORT_NUMBER",
+    "IMMIGRATION_NUMBER",
+    "COURT_REPORTER_LICENSE",
+    "CLIENT_ID"
+  ]
+});
 var gitleaksBinaryPath = null;
 async function initializeGitleaks() {
   try {
@@ -13346,16 +13474,7 @@ async function sanitizeDataWithCounts(obj) {
         ...piiDetections.medium,
         ...piiDetections.low
       ];
-      const filteredDetections = allDetections.filter((detection) => {
-        if (detection.type === "INSTAGRAM_USERNAME") {
-          return false;
-        }
-        if (detection.value.length < 3 && detection.severity !== "high") {
-          return false;
-        }
-        return true;
-      });
-      for (const detection of filteredDetections) {
+      for (const detection of allDetections) {
         counts.pii.total++;
         if (detection.severity === "high") counts.pii.high++;
         else if (detection.severity === "medium") counts.pii.medium++;
@@ -13426,9 +13545,15 @@ var PromptItemZ = z31.object({
 });
 var PromptItemArrayZ = z31.array(PromptItemZ);
 function getSystemInfo() {
+  let userName;
+  try {
+    userName = os2.userInfo().username;
+  } catch {
+    userName = void 0;
+  }
   return {
     computerName: os2.hostname(),
-    userName: os2.userInfo().username
+    userName
   };
 }
 function uploadAiBlameBuilder(args) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.1.10",
+  "version": "1.1.12",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",