mobbdev 1.1.17 → 1.1.21

package/dist/args/commands/upload_ai_blame.d.mts

@@ -51,18 +51,26 @@ declare const PromptItemZ: z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
-        rawArguments?: string | undefined;
         accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
     }, {
         name: string;
         parameters: string;
         result: string;
-        rawArguments?: string | undefined;
         accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
     }>>;
 }, "strip", z.ZodTypeAny, {
     type: "USER_PROMPT" | "AI_RESPONSE" | "TOOL_EXECUTION" | "AI_THINKING";
+    tool?: {
+        name: string;
+        parameters: string;
+        result: string;
+        accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
+    } | undefined;
     date?: Date | undefined;
+    text?: string | undefined;
     attachedFiles?: {
         relativePath: string;
         startLine?: number | undefined;
@@ -71,17 +79,17 @@ declare const PromptItemZ: z.ZodObject<{
         inputCount: number;
         outputCount: number;
     } | undefined;
-    text?: string | undefined;
+}, {
+    type: "USER_PROMPT" | "AI_RESPONSE" | "TOOL_EXECUTION" | "AI_THINKING";
     tool?: {
         name: string;
         parameters: string;
         result: string;
-        rawArguments?: string | undefined;
         accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
     } | undefined;
-}, {
-    type: "USER_PROMPT" | "AI_RESPONSE" | "TOOL_EXECUTION" | "AI_THINKING";
     date?: Date | undefined;
+    text?: string | undefined;
     attachedFiles?: {
         relativePath: string;
         startLine?: number | undefined;
@@ -90,14 +98,6 @@ declare const PromptItemZ: z.ZodObject<{
         inputCount: number;
         outputCount: number;
     } | undefined;
-    text?: string | undefined;
-    tool?: {
-        name: string;
-        parameters: string;
-        result: string;
-        rawArguments?: string | undefined;
-        accepted?: boolean | undefined;
-    } | undefined;
 }>;
 type PromptItem = z.infer<typeof PromptItemZ>;
 declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
@@ -134,18 +134,26 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
-        rawArguments?: string | undefined;
         accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
     }, {
         name: string;
         parameters: string;
         result: string;
-        rawArguments?: string | undefined;
         accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
     }>>;
 }, "strip", z.ZodTypeAny, {
     type: "USER_PROMPT" | "AI_RESPONSE" | "TOOL_EXECUTION" | "AI_THINKING";
+    tool?: {
+        name: string;
+        parameters: string;
+        result: string;
+        accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
+    } | undefined;
     date?: Date | undefined;
+    text?: string | undefined;
     attachedFiles?: {
         relativePath: string;
         startLine?: number | undefined;
@@ -154,17 +162,17 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
         inputCount: number;
         outputCount: number;
     } | undefined;
-    text?: string | undefined;
+}, {
+    type: "USER_PROMPT" | "AI_RESPONSE" | "TOOL_EXECUTION" | "AI_THINKING";
     tool?: {
         name: string;
         parameters: string;
         result: string;
-        rawArguments?: string | undefined;
         accepted?: boolean | undefined;
+        rawArguments?: string | undefined;
     } | undefined;
-}, {
-    type: "USER_PROMPT" | "AI_RESPONSE" | "TOOL_EXECUTION" | "AI_THINKING";
     date?: Date | undefined;
+    text?: string | undefined;
     attachedFiles?: {
         relativePath: string;
         startLine?: number | undefined;
@@ -173,14 +181,6 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
         inputCount: number;
         outputCount: number;
     } | undefined;
-    text?: string | undefined;
-    tool?: {
-        name: string;
-        parameters: string;
-        result: string;
-        rawArguments?: string | undefined;
-        accepted?: boolean | undefined;
-    } | undefined;
 }>, "many">;
 type PromptItemArray = z.infer<typeof PromptItemArrayZ>;
 type UploadAiBlameOptions = {

package/dist/args/commands/upload_ai_blame.mjs

@@ -1118,6 +1118,31 @@ var GetUserMvsAutoFixDocument = `
   }
 }
     `;
+var StreamBlameAiAnalysisRequestsDocument = `
+    subscription streamBlameAiAnalysisRequests($requestIds: [uuid!]!) {
+  blame_ai_analysis_request(where: {id: {_in: $requestIds}}) {
+    id
+    state
+    commitId
+    organizationId
+    createdOn
+  }
+}
+    `;
+var StreamCommitBlameRequestsDocument = `
+    subscription streamCommitBlameRequests($requestIds: [uuid!]!) {
+  commit_blame_request(where: {id: {_in: $requestIds}}) {
+    id
+    state
+    organizationId
+    repositoryUrl
+    commitSha
+    createdOn
+    completedOn
+    error
+  }
+}
+    `;
 var defaultWrapper = (action, _operationName, _operationType, _variables) => action();
 function getSdk(client, withWrapper = defaultWrapper) {
   return {
@@ -1216,6 +1241,12 @@ function getSdk(client, withWrapper = defaultWrapper) {
     },
     GetUserMvsAutoFix(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: GetUserMvsAutoFixDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "GetUserMvsAutoFix", "query", variables);
+    },
+    streamBlameAiAnalysisRequests(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: StreamBlameAiAnalysisRequestsDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "streamBlameAiAnalysisRequests", "subscription", variables);
+    },
+    streamCommitBlameRequests(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: StreamCommitBlameRequestsDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "streamCommitBlameRequests", "subscription", variables);
     }
   };
 }
@@ -2172,6 +2203,7 @@ function getDirName() {
 var debug = Debug("mobbdev:constants");
 dotenv.config({ path: path2.join(getModuleRootDir(), ".env") });
 var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
+var DEFAULT_WEB_APP_URL = "https://app.mobb.ai";
 var scmFriendlyText = {
   ["Ado" /* Ado */]: "Azure DevOps",
   ["Bitbucket" /* Bitbucket */]: "Bitbucket",
@@ -2198,13 +2230,16 @@ var scannerToVulnerabilityReportVendorEnum = {
 };
 var SupportedScannersZ = z8.enum([SCANNERS.Checkmarx, SCANNERS.Snyk]);
 var envVariablesSchema = z8.object({
-  WEB_APP_URL: z8.string(),
-  API_URL: z8.string(),
-  HASURA_ACCESS_KEY: z8.string(),
-  LOCAL_GRAPHQL_ENDPOINT: z8.string(),
+  // These have safe defaults for production - the VS Code extension passes explicit URLs
+  WEB_APP_URL: z8.string().optional().default(DEFAULT_WEB_APP_URL),
+  API_URL: z8.string().optional().default(DEFAULT_API_URL),
+  // These are only needed for local development with Hasura
+  HASURA_ACCESS_KEY: z8.string().optional().default(""),
+  LOCAL_GRAPHQL_ENDPOINT: z8.string().optional().default(""),
+  // Proxy settings
   HTTP_PROXY: z8.string().optional().default(""),
   HTTPS_PROXY: z8.string().optional().default("")
-}).required();
+});
 var envVariables = envVariablesSchema.parse(process.env);
 debug("config %o", envVariables);
 var WEB_APP_URL = envVariables.WEB_APP_URL;
@@ -2399,75 +2434,78 @@ function createWSClient(options) {
     }
   });
 }
-function subscribe(query, variables, callback, wsClientOptions) {
-  return new Promise((resolve, reject) => {
-    let timer = null;
-    let settled = false;
-    const { timeoutInMs = SUBSCRIPTION_TIMEOUT_MS } = wsClientOptions;
-    const client = createWSClient(wsClientOptions);
-    let unsubscribe = () => {
-      return;
-    };
-    function cleanup() {
+function subscribeStream(query, variables, handlers, wsClientOptions) {
+  let timer = null;
+  const { timeoutInMs = SUBSCRIPTION_TIMEOUT_MS } = wsClientOptions;
+  const client = createWSClient(wsClientOptions);
+  let unsub = null;
+  let settled = false;
+  const cleanup = () => {
+    if (unsub) {
       try {
-        unsubscribe();
+        unsub();
       } catch {
       }
-      if (timer) {
-        clearTimeout(timer);
-        timer = null;
-      }
+      unsub = null;
     }
-    function finalizeResolve(data) {
-      if (settled) {
+    if (timer) {
+      clearTimeout(timer);
+      timer = null;
+    }
+  };
+  const finalizeError = (error) => {
+    if (settled) {
+      return;
+    }
+    settled = true;
+    cleanup();
+    handlers.error(error);
+  };
+  unsub = client.subscribe(
+    { query, variables },
+    {
+      next: (payload) => {
+        if (settled) {
+          return;
+        }
+        if (!payload.data) {
+          finalizeError(
+            new Error(
+              `Broken data object from graphQL subscribe: ${JSON.stringify(
+                payload
+              )} for query: ${query}`
+            )
+          );
+          return;
+        }
+        handlers.next(payload.data);
+      },
+      error: (error) => {
+        finalizeError(error);
+      },
+      complete: () => {
         return;
       }
-      settled = true;
-      cleanup();
-      resolve(data);
     }
-    function finalizeReject(error) {
+  );
+  if (typeof timeoutInMs === "number") {
+    timer = setTimeout(() => {
+      finalizeError(
+        new Error(
+          `Timeout expired for graphQL subscribe query: ${query} with timeout: ${timeoutInMs}`
+        )
+      );
+    }, timeoutInMs);
+  }
+  return {
+    unsubscribe: () => {
       if (settled) {
         return;
       }
       settled = true;
       cleanup();
-      reject(error);
     }
-    unsubscribe = client.subscribe(
-      { query, variables },
-      {
-        next: (data) => {
-          if (!data.data) {
-            finalizeReject(
-              new Error(
-                `Broken data object from graphQL subscribe: ${JSON.stringify(
-                  data
-                )} for query: ${query}`
-              )
-            );
-          } else {
-            callback(finalizeResolve, finalizeReject, data.data);
-          }
-        },
-        error: (error) => {
-          finalizeReject(error);
-        },
-        complete: () => {
-          return;
-        }
-      }
-    );
-    if (typeof timeoutInMs === "number") {
-      timer = setTimeout(() => {
-        finalizeReject(
-          new Error(
-            `Timeout expired for graphQL subscribe query: ${query} with timeout: ${timeoutInMs}`
-          )
-        );
-      }, timeoutInMs);
-    }
-  });
+  };
 }
 
 // src/features/analysis/scm/utils/index.ts
@@ -4688,10 +4726,12 @@ var GQLClient = class {
   constructor(args) {
     __publicField(this, "_client");
     __publicField(this, "_clientSdk");
+    __publicField(this, "_apiUrl");
     __publicField(this, "_auth");
     debug6(`init with  ${args}`);
     this._auth = args;
-    this._client = new GraphQLClient(API_URL, {
+    this._apiUrl = args.apiUrl || API_URL;
+    this._client = new GraphQLClient(this._apiUrl, {
       headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
         Authorization: `Bearer ${args.token}`
       },
@@ -4956,32 +4996,47 @@ var GQLClient = class {
   }
   async subscribeToAnalysis(params) {
     const { callbackStates } = params;
-    return subscribe(
-      GetAnalysisSubscriptionDocument,
-      params.subscribeToAnalysisParams,
-      async (resolve, reject, data) => {
-        if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
-          const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
-          reject(
-            new ReportDigestError(errorMessage, data.analysis?.failReason ?? "")
-          );
-          return;
-        }
-        if (callbackStates.includes(data.analysis?.state)) {
-          await params.callback(data.analysis.id);
-          resolve(data);
-        }
-      },
-      this._auth.type === "apiKey" ? {
-        apiKey: this._auth.apiKey,
-        type: "apiKey",
-        timeoutInMs: params.timeoutInMs,
-        proxyAgent: getProxyAgent(API_URL)
-      } : {
-        token: this._auth.token,
-        type: "token",
-        timeoutInMs: params.timeoutInMs,
-        proxyAgent: getProxyAgent(API_URL)
+    return new Promise(
+      (resolve, reject) => {
+        const subscription = subscribeStream(
+          GetAnalysisSubscriptionDocument,
+          params.subscribeToAnalysisParams,
+          {
+            next: async (data) => {
+              if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
+                const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
+                subscription.unsubscribe();
+                reject(
+                  new ReportDigestError(
+                    errorMessage,
+                    data.analysis?.failReason ?? ""
+                  )
+                );
+                return;
+              }
+              if (callbackStates.includes(data.analysis?.state)) {
+                await params.callback(data.analysis.id);
+                subscription.unsubscribe();
+                resolve(data);
+              }
+            },
+            error: (error) => {
+              subscription.unsubscribe();
+              reject(error);
+            }
+          },
+          this._auth.type === "apiKey" ? {
+            apiKey: this._auth.apiKey,
+            type: "apiKey",
+            timeoutInMs: params.timeoutInMs,
+            proxyAgent: getProxyAgent(this._apiUrl)
+          } : {
+            token: this._auth.token,
+            type: "token",
+            timeoutInMs: params.timeoutInMs,
+            proxyAgent: getProxyAgent(this._apiUrl)
+          }
+        );
       }
     );
   }
@@ -5065,29 +5120,37 @@ var configStore = getConfigStore();
 var debug7 = Debug6("mobbdev:commands");
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
 var LOGIN_CHECK_DELAY = 5 * 1e3;
-var webLoginUrl = `${WEB_APP_URL}/cli-login`;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk2.bgBlue(
   "press any key to continue"
 )};`;
 async function getAuthenticatedGQLClient({
   inputApiKey = "",
-  isSkipPrompts = true
+  isSkipPrompts = true,
+  apiUrl,
+  webAppUrl
 }) {
   let gqlClient = new GQLClient({
     apiKey: inputApiKey || configStore.get("apiToken") || "",
-    type: "apiKey"
+    type: "apiKey",
+    apiUrl
   });
   gqlClient = await handleMobbLogin({
     inGqlClient: gqlClient,
-    skipPrompts: isSkipPrompts
+    skipPrompts: isSkipPrompts,
+    apiUrl,
+    webAppUrl
   });
   return gqlClient;
 }
 async function handleMobbLogin({
   inGqlClient,
   apiKey,
-  skipPrompts
+  skipPrompts,
+  apiUrl,
+  webAppUrl
 }) {
+  const resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
+  const resolvedApiUrl = apiUrl || API_URL;
   const { createSpinner } = Spinner({ ci: skipPrompts });
   const isConnected = await inGqlClient.verifyApiConnection();
   if (!isConnected) {
@@ -5129,7 +5192,7 @@ async function handleMobbLogin({
   const loginId = await inGqlClient.createCliLogin({
     publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
   });
-  const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
+  const browserUrl = `${resolvedWebAppUrl}/cli-login/${loginId}?hostname=${os.hostname()}`;
   !skipPrompts && console.log(
     `If the page does not open automatically, kindly access it through ${browserUrl}.`
   );
@@ -5154,7 +5217,11 @@ async function handleMobbLogin({
     });
     throw new CliError();
   }
-  const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
+  const newGqlClient = new GQLClient({
+    apiKey: newApiToken,
+    type: "apiKey",
+    apiUrl: resolvedApiUrl
+  });
   const loginSuccess = await newGqlClient.validateUserToken();
   if (loginSuccess) {
     debug7(`set api token ${newApiToken}`);
@@ -5242,42 +5309,36 @@ var openRedaction = new OpenRedaction({
     "VISA_NUMBER",
     "VISA_MRZ",
     "TAX_ID",
-    // Financial Data
+    // Financial Data (removed SWIFT_BIC - too broad, matches bank code formats in variables)
     "CREDIT_CARD",
     "IBAN",
     "BANK_ACCOUNT_UK",
     "ROUTING_NUMBER_US",
-    "SWIFT_BIC",
     "CARD_TRACK1_DATA",
     "CARD_TRACK2_DATA",
     "CARD_EXPIRY",
     "CARD_AUTH_CODE",
-    // Cryptocurrency
-    "BITCOIN_ADDRESS",
+    // Cryptocurrency (removed BITCOIN_ADDRESS - too broad, matches hash-like strings)
     "ETHEREUM_ADDRESS",
     "LITECOIN_ADDRESS",
     "CARDANO_ADDRESS",
     "SOLANA_ADDRESS",
     "MONERO_ADDRESS",
     "RIPPLE_ADDRESS",
-    // Medical Data
+    // Medical Data (removed PRESCRIPTION_NUMBER - too broad, matches words containing "ription")
     "NHS_NUMBER",
     "MEDICAL_RECORD_NUMBER",
     "AUSTRALIAN_MEDICARE",
     "HEALTH_PLAN_NUMBER",
-    "PRESCRIPTION_NUMBER",
     "PATIENT_ID",
-    // Communications
+    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US - too broad)
     "PHONE_US",
     "PHONE_UK",
     "PHONE_UK_MOBILE",
     "PHONE_INTERNATIONAL",
     "PHONE_LINE_NUMBER",
-    "EMERGENCY_CONTACT",
     "ADDRESS_STREET",
-    "ADDRESS_PO_BOX",
     "POSTCODE_UK",
-    "ZIP_CODE_US",
     // Network & Technical
     "IPV4",
     "IPV6",

package/dist/index.mjs

@@ -842,16 +842,7 @@ var init_GitService = __esm({
             this.git.revparse(["HEAD"]),
             this.git.revparse(["--abbrev-ref", "HEAD"])
           ]);
-          let normalizedRepoUrl = repoUrl.value || "";
-          if (normalizedRepoUrl.endsWith(".git")) {
-            normalizedRepoUrl = normalizedRepoUrl.slice(0, -".git".length);
-          }
-          if (normalizedRepoUrl.startsWith("git@github.com:")) {
-            normalizedRepoUrl = normalizedRepoUrl.replace(
-              "git@github.com:",
-              "https://github.com/"
-            );
-          }
+          const normalizedRepoUrl = repoUrl.value ? this.normalizeGitUrl(repoUrl.value) : "";
           this.log("[GitService] Git repository information retrieved", "debug", {
             repoUrl: normalizedRepoUrl,
             hash,
@@ -1147,6 +1138,9 @@ var init_GitService = __esm({
             }
           }
         }
+        if (normalizedUrl.startsWith("https://") || normalizedUrl.startsWith("http://")) {
+          normalizedUrl = normalizedUrl.replace(/^(https?:\/\/)([^@/]+@)/, "$1");
+        }
         return normalizedUrl;
       }
       /**
@@ -2377,6 +2371,31 @@ var GetUserMvsAutoFixDocument = `
   }
 }
     `;
+var StreamBlameAiAnalysisRequestsDocument = `
+    subscription streamBlameAiAnalysisRequests($requestIds: [uuid!]!) {
+  blame_ai_analysis_request(where: {id: {_in: $requestIds}}) {
+    id
+    state
+    commitId
+    organizationId
+    createdOn
+  }
+}
+    `;
+var StreamCommitBlameRequestsDocument = `
+    subscription streamCommitBlameRequests($requestIds: [uuid!]!) {
+  commit_blame_request(where: {id: {_in: $requestIds}}) {
+    id
+    state
+    organizationId
+    repositoryUrl
+    commitSha
+    createdOn
+    completedOn
+    error
+  }
+}
+    `;
 var defaultWrapper = (action, _operationName, _operationType, _variables) => action();
 function getSdk(client, withWrapper = defaultWrapper) {
   return {
@@ -2475,6 +2494,12 @@ function getSdk(client, withWrapper = defaultWrapper) {
     },
     GetUserMvsAutoFix(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: GetUserMvsAutoFixDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "GetUserMvsAutoFix", "query", variables);
+    },
+    streamBlameAiAnalysisRequests(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: StreamBlameAiAnalysisRequestsDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "streamBlameAiAnalysisRequests", "subscription", variables);
+    },
+    streamCommitBlameRequests(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: StreamCommitBlameRequestsDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "streamCommitBlameRequests", "subscription", variables);
     }
   };
 }
@@ -8463,6 +8488,16 @@ function getGithubSdk(params = {}) {
 }
 
 // src/features/analysis/scm/github/GithubSCMLib.ts
+function determinePrStatus(state, isDraft) {
+  switch (state) {
+    case "CLOSED":
+      return "CLOSED" /* Closed */;
+    case "MERGED":
+      return "MERGED" /* Merged */;
+    case "OPEN":
+      return isDraft ? "DRAFT" /* Draft */ : "ACTIVE" /* Active */;
+  }
+}
 var GithubSCMLib = class extends SCMLib {
   // we don't always need a url, what's important is that we have an access token
   constructor(url, accessToken, scmOrg) {
@@ -8910,12 +8945,7 @@ var GithubSCMLib = class extends SCMLib {
     if (!pr) {
       throw new Error(`Pull request #${prNumber} not found`);
     }
-    let prStatus = "ACTIVE" /* Active */;
-    if (pr.state === "CLOSED") {
-      prStatus = pr.mergedAt ? "MERGED" /* Merged */ : "CLOSED" /* Closed */;
-    } else if (pr.isDraft) {
-      prStatus = "DRAFT" /* Draft */;
-    }
+    const prStatus = determinePrStatus(pr.state, pr.isDraft);
     const firstCommit = pr.commits.nodes[0];
     const firstCommitDate = firstCommit ? new Date(
       firstCommit.commit.author?.date || firstCommit.commit.committedDate || pr.createdAt
@@ -10360,6 +10390,7 @@ import { z as z24 } from "zod";
 var debug5 = Debug4("mobbdev:constants");
 dotenv.config({ path: path6.join(getModuleRootDir(), ".env") });
 var DEFAULT_API_URL = "https://api.mobb.ai/v1/graphql";
+var DEFAULT_WEB_APP_URL = "https://app.mobb.ai";
 var scmFriendlyText = {
   ["Ado" /* Ado */]: "Azure DevOps",
   ["Bitbucket" /* Bitbucket */]: "Bitbucket",
@@ -10386,13 +10417,16 @@ var scannerToVulnerabilityReportVendorEnum = {
 };
 var SupportedScannersZ = z24.enum([SCANNERS.Checkmarx, SCANNERS.Snyk]);
 var envVariablesSchema = z24.object({
-  WEB_APP_URL: z24.string(),
-  API_URL: z24.string(),
-  HASURA_ACCESS_KEY: z24.string(),
-  LOCAL_GRAPHQL_ENDPOINT: z24.string(),
+  // These have safe defaults for production - the VS Code extension passes explicit URLs
+  WEB_APP_URL: z24.string().optional().default(DEFAULT_WEB_APP_URL),
+  API_URL: z24.string().optional().default(DEFAULT_API_URL),
+  // These are only needed for local development with Hasura
+  HASURA_ACCESS_KEY: z24.string().optional().default(""),
+  LOCAL_GRAPHQL_ENDPOINT: z24.string().optional().default(""),
+  // Proxy settings
   HTTP_PROXY: z24.string().optional().default(""),
   HTTPS_PROXY: z24.string().optional().default("")
-}).required();
+});
 var envVariables = envVariablesSchema.parse(process.env);
 debug5("config %o", envVariables);
 var mobbAscii = `
@@ -10445,9 +10479,9 @@ var errorMessages = {
   )} is needed if you're adding an SCM token`
 };
 var progressMassages = {
-  processingVulnerabilityReportSuccess: "\u2699\uFE0F  Vulnerability report proccessed successfully",
-  processingVulnerabilityReport: "\u2699\uFE0F  Proccessing vulnerability report",
-  processingVulnerabilityReportFailed: "\u2699\uFE0F  Error Proccessing vulnerability report"
+  processingVulnerabilityReportSuccess: "\u2699\uFE0F  Vulnerability report processed successfully",
+  processingVulnerabilityReport: "\u2699\uFE0F  Processing vulnerability report",
+  processingVulnerabilityReportFailed: "\u2699\uFE0F  Error Processing vulnerability report"
 };
 var VUL_REPORT_DIGEST_TIMEOUT_MS = 1e3 * 60 * 30;
 
@@ -10773,75 +10807,78 @@ function createWSClient(options) {
     }
   });
 }
-function subscribe(query, variables, callback, wsClientOptions) {
-  return new Promise((resolve, reject) => {
-    let timer = null;
-    let settled = false;
-    const { timeoutInMs = SUBSCRIPTION_TIMEOUT_MS } = wsClientOptions;
-    const client = createWSClient(wsClientOptions);
-    let unsubscribe = () => {
-      return;
-    };
-    function cleanup() {
+function subscribeStream(query, variables, handlers, wsClientOptions) {
+  let timer = null;
+  const { timeoutInMs = SUBSCRIPTION_TIMEOUT_MS } = wsClientOptions;
+  const client = createWSClient(wsClientOptions);
+  let unsub = null;
+  let settled = false;
+  const cleanup = () => {
+    if (unsub) {
       try {
-        unsubscribe();
+        unsub();
       } catch {
       }
-      if (timer) {
-        clearTimeout(timer);
-        timer = null;
-      }
+      unsub = null;
     }
-    function finalizeResolve(data) {
-      if (settled) {
+    if (timer) {
+      clearTimeout(timer);
+      timer = null;
+    }
+  };
+  const finalizeError = (error) => {
+    if (settled) {
+      return;
+    }
+    settled = true;
+    cleanup();
+    handlers.error(error);
+  };
+  unsub = client.subscribe(
+    { query, variables },
+    {
+      next: (payload) => {
+        if (settled) {
+          return;
+        }
+        if (!payload.data) {
+          finalizeError(
+            new Error(
+              `Broken data object from graphQL subscribe: ${JSON.stringify(
+                payload
+              )} for query: ${query}`
+            )
+          );
+          return;
+        }
+        handlers.next(payload.data);
+      },
+      error: (error) => {
+        finalizeError(error);
+      },
+      complete: () => {
         return;
       }
-      settled = true;
-      cleanup();
-      resolve(data);
     }
-    function finalizeReject(error) {
+  );
+  if (typeof timeoutInMs === "number") {
+    timer = setTimeout(() => {
+      finalizeError(
+        new Error(
+          `Timeout expired for graphQL subscribe query: ${query} with timeout: ${timeoutInMs}`
+        )
+      );
+    }, timeoutInMs);
+  }
+  return {
+    unsubscribe: () => {
       if (settled) {
         return;
       }
       settled = true;
       cleanup();
-      reject(error);
     }
-    unsubscribe = client.subscribe(
-      { query, variables },
-      {
-        next: (data) => {
-          if (!data.data) {
-            finalizeReject(
-              new Error(
-                `Broken data object from graphQL subscribe: ${JSON.stringify(
-                  data
-                )} for query: ${query}`
-              )
-            );
-          } else {
-            callback(finalizeResolve, finalizeReject, data.data);
-          }
-        },
-        error: (error) => {
-          finalizeReject(error);
-        },
-        complete: () => {
-          return;
-        }
-      }
-    );
-    if (typeof timeoutInMs === "number") {
-      timer = setTimeout(() => {
-        finalizeReject(
-          new Error(
-            `Timeout expired for graphQL subscribe query: ${query} with timeout: ${timeoutInMs}`
-          )
-        );
-      }, timeoutInMs);
-    }
-  });
+  };
 }
 
 // src/features/analysis/graphql/types.ts
@@ -10944,10 +10981,12 @@ var GQLClient = class {
   constructor(args) {
     __publicField(this, "_client");
     __publicField(this, "_clientSdk");
+    __publicField(this, "_apiUrl");
     __publicField(this, "_auth");
     debug6(`init with  ${args}`);
     this._auth = args;
-    this._client = new GraphQLClient(API_URL, {
+    this._apiUrl = args.apiUrl || API_URL;
+    this._client = new GraphQLClient(this._apiUrl, {
       headers: args.type === "apiKey" ? { [API_KEY_HEADER_NAME]: args.apiKey || "" } : {
         Authorization: `Bearer ${args.token}`
       },
@@ -11212,32 +11251,47 @@ var GQLClient = class {
   }
   async subscribeToAnalysis(params) {
     const { callbackStates } = params;
-    return subscribe(
-      GetAnalysisSubscriptionDocument,
-      params.subscribeToAnalysisParams,
-      async (resolve, reject, data) => {
-        if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
-          const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
-          reject(
-            new ReportDigestError(errorMessage, data.analysis?.failReason ?? "")
-          );
-          return;
-        }
-        if (callbackStates.includes(data.analysis?.state)) {
-          await params.callback(data.analysis.id);
-          resolve(data);
-        }
-      },
-      this._auth.type === "apiKey" ? {
-        apiKey: this._auth.apiKey,
-        type: "apiKey",
-        timeoutInMs: params.timeoutInMs,
-        proxyAgent: getProxyAgent(API_URL)
-      } : {
-        token: this._auth.token,
-        type: "token",
-        timeoutInMs: params.timeoutInMs,
-        proxyAgent: getProxyAgent(API_URL)
+    return new Promise(
+      (resolve, reject) => {
+        const subscription = subscribeStream(
+          GetAnalysisSubscriptionDocument,
+          params.subscribeToAnalysisParams,
+          {
+            next: async (data) => {
+              if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
+                const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
+                subscription.unsubscribe();
+                reject(
+                  new ReportDigestError(
+                    errorMessage,
+                    data.analysis?.failReason ?? ""
+                  )
+                );
+                return;
+              }
+              if (callbackStates.includes(data.analysis?.state)) {
+                await params.callback(data.analysis.id);
+                subscription.unsubscribe();
+                resolve(data);
+              }
+            },
+            error: (error) => {
+              subscription.unsubscribe();
+              reject(error);
+            }
+          },
+          this._auth.type === "apiKey" ? {
+            apiKey: this._auth.apiKey,
+            type: "apiKey",
+            timeoutInMs: params.timeoutInMs,
+            proxyAgent: getProxyAgent(this._apiUrl)
+          } : {
+            token: this._auth.token,
+            type: "token",
+            timeoutInMs: params.timeoutInMs,
+            proxyAgent: getProxyAgent(this._apiUrl)
+          }
+        );
       }
     );
   }
@@ -11321,29 +11375,37 @@ var configStore = getConfigStore();
 var debug7 = Debug6("mobbdev:commands");
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
 var LOGIN_CHECK_DELAY = 5 * 1e3;
-var webLoginUrl = `${WEB_APP_URL}/cli-login`;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk3.bgBlue(
   "press any key to continue"
 )};`;
 async function getAuthenticatedGQLClient({
   inputApiKey = "",
-  isSkipPrompts = true
+  isSkipPrompts = true,
+  apiUrl,
+  webAppUrl
 }) {
   let gqlClient = new GQLClient({
     apiKey: inputApiKey || configStore.get("apiToken") || "",
-    type: "apiKey"
+    type: "apiKey",
+    apiUrl
   });
   gqlClient = await handleMobbLogin({
     inGqlClient: gqlClient,
-    skipPrompts: isSkipPrompts
+    skipPrompts: isSkipPrompts,
+    apiUrl,
+    webAppUrl
   });
   return gqlClient;
 }
 async function handleMobbLogin({
   inGqlClient,
   apiKey,
-  skipPrompts
+  skipPrompts,
+  apiUrl,
+  webAppUrl
 }) {
+  const resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
+  const resolvedApiUrl = apiUrl || API_URL;
   const { createSpinner: createSpinner5 } = Spinner({ ci: skipPrompts });
   const isConnected = await inGqlClient.verifyApiConnection();
   if (!isConnected) {
@@ -11385,7 +11447,7 @@ async function handleMobbLogin({
   const loginId = await inGqlClient.createCliLogin({
     publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
   });
-  const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
+  const browserUrl = `${resolvedWebAppUrl}/cli-login/${loginId}?hostname=${os.hostname()}`;
   !skipPrompts && console.log(
     `If the page does not open automatically, kindly access it through ${browserUrl}.`
   );
@@ -11410,7 +11472,11 @@ async function handleMobbLogin({
     });
     throw new CliError();
   }
-  const newGqlClient = new GQLClient({ apiKey: newApiToken, type: "apiKey" });
+  const newGqlClient = new GQLClient({
+    apiKey: newApiToken,
+    type: "apiKey",
+    apiUrl: resolvedApiUrl
+  });
   const loginSuccess = await newGqlClient.validateUserToken();
   if (loginSuccess) {
     debug7(`set api token ${newApiToken}`);
@@ -13532,42 +13598,36 @@ var openRedaction = new OpenRedaction({
     "VISA_NUMBER",
     "VISA_MRZ",
     "TAX_ID",
-    // Financial Data
+    // Financial Data (removed SWIFT_BIC - too broad, matches bank code formats in variables)
     "CREDIT_CARD",
     "IBAN",
     "BANK_ACCOUNT_UK",
     "ROUTING_NUMBER_US",
-    "SWIFT_BIC",
     "CARD_TRACK1_DATA",
     "CARD_TRACK2_DATA",
     "CARD_EXPIRY",
     "CARD_AUTH_CODE",
-    // Cryptocurrency
-    "BITCOIN_ADDRESS",
+    // Cryptocurrency (removed BITCOIN_ADDRESS - too broad, matches hash-like strings)
     "ETHEREUM_ADDRESS",
     "LITECOIN_ADDRESS",
     "CARDANO_ADDRESS",
     "SOLANA_ADDRESS",
     "MONERO_ADDRESS",
     "RIPPLE_ADDRESS",
-    // Medical Data
+    // Medical Data (removed PRESCRIPTION_NUMBER - too broad, matches words containing "ription")
     "NHS_NUMBER",
     "MEDICAL_RECORD_NUMBER",
     "AUSTRALIAN_MEDICARE",
     "HEALTH_PLAN_NUMBER",
-    "PRESCRIPTION_NUMBER",
     "PATIENT_ID",
-    // Communications
+    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US - too broad)
     "PHONE_US",
     "PHONE_UK",
     "PHONE_UK_MOBILE",
     "PHONE_INTERNATIONAL",
     "PHONE_LINE_NUMBER",
-    "EMERGENCY_CONTACT",
     "ADDRESS_STREET",
-    "ADDRESS_PO_BOX",
     "POSTCODE_UK",
-    "ZIP_CODE_US",
     // Network & Technical
     "IPV4",
     "IPV6",
@@ -14751,8 +14811,8 @@ var McpAuthService = class {
       throw new CliLoginError("Error: createCliLogin failed");
     }
     logDebug(`cli login created ${loginId}`);
-    const webLoginUrl2 = `${WEB_APP_URL}/mvs-login`;
-    const browserUrl = `${webLoginUrl2}/${loginId}?hostname=${os4.hostname()}`;
+    const webLoginUrl = `${WEB_APP_URL}/mvs-login`;
+    const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os4.hostname()}`;
     await this.openBrowser(browserUrl, isBackgoundCall);
     logDebug(`waiting for login to complete`);
     let newApiToken = null;
@@ -14941,54 +15001,77 @@ var McpGQLClient = class {
         params: params.subscribeToAnalysisParams
       });
       const { callbackStates } = params;
-      const result = await subscribe(
-        GetAnalysisSubscriptionDocument,
-        params.subscribeToAnalysisParams,
-        async (resolve, reject, data) => {
-          logDebug(
-            `[${scanContext}] GraphQL: GetAnalysis subscription data received ${data.analysis?.state}`,
-            { data }
-          );
-          if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
-            const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
-            logError(`[${scanContext}] GraphQL: Analysis failed`, {
-              analysisId: data.analysis?.id,
-              state: data.analysis?.state,
-              failReason: data.analysis?.failReason,
-              ...this.getErrorContext()
-            });
-            reject(new Error(errorMessage));
-            return;
-          }
-          if (callbackStates.includes(data.analysis?.state)) {
-            logDebug(
-              `[${scanContext}] GraphQL: Analysis state matches callback states: ${data.analysis.state}`,
-              {
-                analysisId: data.analysis.id,
-                state: data.analysis.state,
-                callbackStates
+      return new Promise(
+        (resolve, reject) => {
+          const subscription = subscribeStream(
+            GetAnalysisSubscriptionDocument,
+            params.subscribeToAnalysisParams,
+            {
+              next: async (data) => {
+                logDebug(
+                  `[${scanContext}] GraphQL: GetAnalysis subscription data received ${data.analysis?.state}`,
+                  { data }
+                );
+                if (!data.analysis?.state || data.analysis?.state === "Failed" /* Failed */) {
+                  const errorMessage = data.analysis?.failReason || `Analysis failed with id: ${data.analysis?.id}`;
+                  logError(`[${scanContext}] GraphQL: Analysis failed`, {
+                    analysisId: data.analysis?.id,
+                    state: data.analysis?.state,
+                    failReason: data.analysis?.failReason,
+                    ...this.getErrorContext()
+                  });
+                  subscription.unsubscribe();
+                  reject(new Error(errorMessage));
+                  return;
+                }
+                if (callbackStates.includes(data.analysis?.state)) {
+                  logDebug(
+                    `[${scanContext}] GraphQL: Analysis state matches callback states: ${data.analysis.state}`,
+                    {
+                      analysisId: data.analysis.id,
+                      state: data.analysis.state,
+                      callbackStates
+                    }
+                  );
+                  await params.callback(data.analysis.id);
+                  subscription.unsubscribe();
+                  logDebug(
+                    `[${scanContext}] GraphQL: GetAnalysis subscription completed`,
+                    {
+                      analysisId: data.analysis.id,
+                      state: data.analysis.state
+                    }
+                  );
+                  resolve(data);
+                }
+              },
+              error: (error) => {
+                logError(
+                  `[${scanContext}] GraphQL: GetAnalysis subscription failed`,
+                  {
+                    error,
+                    params: params.subscribeToAnalysisParams,
+                    ...this.getErrorContext()
+                  }
+                );
+                subscription.unsubscribe();
+                reject(error);
               }
-            );
-            await params.callback(data.analysis.id);
-            resolve(data);
-          }
-        },
-        this._auth.type === "apiKey" ? {
-          apiKey: this._auth.apiKey,
-          type: "apiKey",
-          timeoutInMs: params.timeoutInMs,
-          proxyAgent: getProxyAgent2(this.apiUrl)
-        } : {
-          token: this._auth.token,
-          type: "token",
-          timeoutInMs: params.timeoutInMs,
-          proxyAgent: getProxyAgent2(this.apiUrl)
+            },
+            this._auth.type === "apiKey" ? {
+              apiKey: this._auth.apiKey,
+              type: "apiKey",
+              timeoutInMs: params.timeoutInMs,
+              proxyAgent: getProxyAgent2(this.apiUrl)
+            } : {
+              token: this._auth.token,
+              type: "token",
+              timeoutInMs: params.timeoutInMs,
+              proxyAgent: getProxyAgent2(this.apiUrl)
+            }
+          );
         }
       );
-      logDebug(`[${scanContext}] GraphQL: GetAnalysis subscription completed`, {
-        result
-      });
-      return result;
     } catch (e) {
       logError(`[${scanContext}] GraphQL: GetAnalysis subscription failed`, {
         error: e,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.1.17",
+  "version": "1.1.21",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",