mobbdev 1.1.2 → 1.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.env +1 -2
- package/dist/index.mjs +39 -21
- package/package.json +2 -2
package/.env
CHANGED
package/dist/index.mjs
CHANGED
|
@@ -13432,9 +13432,6 @@ async function installMobbHooks(options = {}) {
|
|
|
13432
13432
|
let command = "npx --yes mobbdev@latest claude-code-process-hook";
|
|
13433
13433
|
if (options.saveEnv) {
|
|
13434
13434
|
const envVars = [];
|
|
13435
|
-
if (process.env["WEB_LOGIN_URL"]) {
|
|
13436
|
-
envVars.push(`WEB_LOGIN_URL="${process.env["WEB_LOGIN_URL"]}"`);
|
|
13437
|
-
}
|
|
13438
13435
|
if (process.env["WEB_APP_URL"]) {
|
|
13439
13436
|
envVars.push(`WEB_APP_URL="${process.env["WEB_APP_URL"]}"`);
|
|
13440
13437
|
}
|
|
@@ -13483,7 +13480,7 @@ async function installMobbHooks(options = {}) {
|
|
|
13483
13480
|
var claudeCodeInstallHookBuilder = (yargs2) => {
|
|
13484
13481
|
return yargs2.option("save-env", {
|
|
13485
13482
|
type: "boolean",
|
|
13486
|
-
description: "Save
|
|
13483
|
+
description: "Save WEB_APP_URL, and API_URL environment variables to hooks config",
|
|
13487
13484
|
default: false
|
|
13488
13485
|
}).example(
|
|
13489
13486
|
"$0 claude-code-install-hook",
|
|
@@ -19141,10 +19138,15 @@ var PatchApplicationService = class {
|
|
|
19141
19138
|
*/
|
|
19142
19139
|
static writeFileWithFixComment({
|
|
19143
19140
|
filePath,
|
|
19141
|
+
repositoryPath,
|
|
19144
19142
|
content,
|
|
19145
19143
|
fix,
|
|
19146
19144
|
scanContext
|
|
19147
19145
|
}) {
|
|
19146
|
+
const { normalizedPath: normalizedFilePath } = this.resolvePathWithinRepo({
|
|
19147
|
+
repositoryPath,
|
|
19148
|
+
targetPath: filePath
|
|
19149
|
+
});
|
|
19148
19150
|
let finalContent = content;
|
|
19149
19151
|
if (MCP_AUTO_FIX_DEBUG_MODE) {
|
|
19150
19152
|
const fixType = fix.safeIssueType || "Security Issue";
|
|
@@ -19176,10 +19178,28 @@ var PatchApplicationService = class {
|
|
|
19176
19178
|
}
|
|
19177
19179
|
);
|
|
19178
19180
|
}
|
|
19179
|
-
const dirPath = path20.dirname(
|
|
19181
|
+
const dirPath = path20.dirname(normalizedFilePath);
|
|
19180
19182
|
mkdirSync(dirPath, { recursive: true });
|
|
19181
|
-
writeFileSync(
|
|
19182
|
-
return
|
|
19183
|
+
writeFileSync(normalizedFilePath, finalContent, "utf8");
|
|
19184
|
+
return normalizedFilePath;
|
|
19185
|
+
}
|
|
19186
|
+
static resolvePathWithinRepo({
|
|
19187
|
+
repositoryPath,
|
|
19188
|
+
targetPath
|
|
19189
|
+
}) {
|
|
19190
|
+
const repoRoot = path20.resolve(repositoryPath);
|
|
19191
|
+
const normalizedPath = path20.resolve(repoRoot, targetPath);
|
|
19192
|
+
const repoRootWithSep = repoRoot.endsWith(path20.sep) ? repoRoot : `${repoRoot}${path20.sep}`;
|
|
19193
|
+
if (normalizedPath !== repoRoot && !normalizedPath.startsWith(repoRootWithSep)) {
|
|
19194
|
+
throw new Error(
|
|
19195
|
+
`Security violation: target path ${targetPath} resolves outside repository`
|
|
19196
|
+
);
|
|
19197
|
+
}
|
|
19198
|
+
return {
|
|
19199
|
+
repoRoot,
|
|
19200
|
+
normalizedPath,
|
|
19201
|
+
relativePath: path20.relative(repoRoot, normalizedPath)
|
|
19202
|
+
};
|
|
19183
19203
|
}
|
|
19184
19204
|
/**
|
|
19185
19205
|
* Extracts target file path from a fix
|
|
@@ -19649,21 +19669,17 @@ var PatchApplicationService = class {
|
|
|
19649
19669
|
repositoryPath,
|
|
19650
19670
|
scanContext
|
|
19651
19671
|
}) {
|
|
19652
|
-
const
|
|
19653
|
-
|
|
19654
|
-
|
|
19655
|
-
|
|
19656
|
-
|
|
19657
|
-
|
|
19658
|
-
|
|
19659
|
-
|
|
19660
|
-
throw new Error(
|
|
19661
|
-
`Security violation: target file ${targetFile} resolves outside repository`
|
|
19662
|
-
);
|
|
19663
|
-
}
|
|
19672
|
+
const {
|
|
19673
|
+
repoRoot,
|
|
19674
|
+
normalizedPath: absoluteFilePath,
|
|
19675
|
+
relativePath
|
|
19676
|
+
} = this.resolvePathWithinRepo({
|
|
19677
|
+
repositoryPath,
|
|
19678
|
+
targetPath: targetFile
|
|
19679
|
+
});
|
|
19664
19680
|
logDebug(`[${scanContext}] Resolving file path for ${targetFile}`, {
|
|
19665
|
-
repositoryPath:
|
|
19666
|
-
targetFile
|
|
19681
|
+
repositoryPath: repoRoot,
|
|
19682
|
+
targetFile,
|
|
19667
19683
|
absoluteFilePath,
|
|
19668
19684
|
relativePath,
|
|
19669
19685
|
exists: existsSync6(absoluteFilePath)
|
|
@@ -19685,6 +19701,7 @@ var PatchApplicationService = class {
|
|
|
19685
19701
|
const newContent = this.applyHunksToEmptyFile(fileDiff.chunks);
|
|
19686
19702
|
const actualPath = this.writeFileWithFixComment({
|
|
19687
19703
|
filePath: absoluteFilePath,
|
|
19704
|
+
repositoryPath,
|
|
19688
19705
|
content: newContent,
|
|
19689
19706
|
fix,
|
|
19690
19707
|
scanContext
|
|
@@ -19733,6 +19750,7 @@ var PatchApplicationService = class {
|
|
|
19733
19750
|
if (modifiedContent !== originalContent) {
|
|
19734
19751
|
const actualPath = this.writeFileWithFixComment({
|
|
19735
19752
|
filePath: absoluteFilePath,
|
|
19753
|
+
repositoryPath,
|
|
19736
19754
|
content: modifiedContent,
|
|
19737
19755
|
fix,
|
|
19738
19756
|
scanContext
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mobbdev",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.4",
|
|
4
4
|
"description": "Automated secure code remediation tool",
|
|
5
5
|
"repository": "git+https://github.com/mobb-dev/bugsy.git",
|
|
6
6
|
"main": "dist/index.mjs",
|
|
@@ -75,7 +75,7 @@
|
|
|
75
75
|
"http-proxy-agent": "7.0.2",
|
|
76
76
|
"https-proxy-agent": "7.0.6",
|
|
77
77
|
"ignore": "7.0.5",
|
|
78
|
-
"inquirer": "9.3.
|
|
78
|
+
"inquirer": "9.3.8",
|
|
79
79
|
"isomorphic-ws": "5.0.0",
|
|
80
80
|
"istextorbinary": "9.5.0",
|
|
81
81
|
"libsodium-wrappers": "0.7.15",
|