mobbdev 1.1.24 → 1.1.27

package/dist/args/commands/upload_ai_blame.mjs

@@ -5100,6 +5100,18 @@ var GQLClient = class {
   }
 };
 
+// src/mcp/services/types.ts
+function buildLoginUrl(baseUrl, loginId, hostname2, context) {
+  const url = new URL(`${baseUrl}/${loginId}`);
+  url.searchParams.set("hostname", hostname2);
+  url.searchParams.set("trigger", context.trigger);
+  url.searchParams.set("source", context.source);
+  if (context.ide) {
+    url.searchParams.set("ide", context.ide);
+  }
+  return url.toString();
+}
+
 // src/utils/ConfigStoreService.ts
 import Configstore from "configstore";
 function createConfigStore(defaultValues = { apiToken: "" }) {
@@ -5150,7 +5162,8 @@ async function handleMobbLogin({
   apiKey,
   skipPrompts,
   apiUrl,
-  webAppUrl
+  webAppUrl,
+  loginContext
 }) {
   const resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
   const resolvedApiUrl = apiUrl || API_URL;
@@ -5195,7 +5208,8 @@ async function handleMobbLogin({
   const loginId = await inGqlClient.createCliLogin({
     publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
   });
-  const browserUrl = `${resolvedWebAppUrl}/cli-login/${loginId}?hostname=${os.hostname()}`;
+  const webLoginUrl = `${resolvedWebAppUrl}/cli-login`;
+  const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, loginId, os.hostname(), loginContext) : `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
   !skipPrompts && console.log(
     `If the page does not open automatically, kindly access it through ${browserUrl}.`
   );
@@ -5310,7 +5324,7 @@ var openRedaction = new OpenRedaction({
     "VISA_NUMBER",
     "VISA_MRZ",
     "TAX_ID",
-    // Financial Data (removed SWIFT_BIC - too broad, matches bank code formats in variables)
+    // Financial Data (removed SWIFT_BIC, CARD_AUTH_CODE - too broad, causing false positives with authentication words)
     "CREDIT_CARD",
     "IBAN",
     "BANK_ACCOUNT_UK",
@@ -5318,7 +5332,6 @@ var openRedaction = new OpenRedaction({
     "CARD_TRACK1_DATA",
     "CARD_TRACK2_DATA",
     "CARD_EXPIRY",
-    "CARD_AUTH_CODE",
     // Cryptocurrency (removed BITCOIN_ADDRESS - too broad, matches hash-like strings)
     "ETHEREUM_ADDRESS",
     "LITECOIN_ADDRESS",
@@ -5332,11 +5345,9 @@ var openRedaction = new OpenRedaction({
     "AUSTRALIAN_MEDICARE",
     "HEALTH_PLAN_NUMBER",
     "PATIENT_ID",
-    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US - too broad)
-    "PHONE_US",
+    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US, PHONE_US, PHONE_INTERNATIONAL - too broad, causing false positives)
     "PHONE_UK",
     "PHONE_UK_MOBILE",
-    "PHONE_INTERNATIONAL",
     "PHONE_LINE_NUMBER",
     "ADDRESS_STREET",
     "POSTCODE_UK",
@@ -5434,10 +5445,6 @@ async function sanitizeDataWithCounts(obj) {
   const sanitizedData = await sanitizeRecursive(obj);
   return { sanitizedData, counts };
 }
-async function sanitizeData(obj) {
-  const result = await sanitizeDataWithCounts(obj);
-  return result.sanitizedData;
-}
 
 // src/args/commands/upload_ai_blame.ts
 var PromptItemZ = z26.object({
@@ -5618,11 +5625,8 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
   const initSessions = sessions.map(
     ({ sessionId: _sessionId, ...rest }) => rest
   );
-  const sanitizedSessions = await sanitizeData(
-    initSessions
-  );
   const initRes = await authenticatedClient.uploadAIBlameInferencesInitRaw({
-    sessions: sanitizedSessions
+    sessions: initSessions
   });
   const uploadSessions = initRes.uploadAIBlameInferencesInit?.uploadSessions ?? [];
   if (uploadSessions.length !== sessions.length) {
@@ -5669,11 +5673,8 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
       sessionId: s.sessionId
     };
   });
-  const sanitizedFinalizeSessions = await sanitizeData(
-    finalizeSessions
-  );
   const finRes = await authenticatedClient.finalizeAIBlameInferencesUploadRaw({
-    sessions: sanitizedFinalizeSessions
+    sessions: finalizeSessions
   });
   const status = finRes?.finalizeAIBlameInferencesUpload?.status;
   if (status !== "OK") {

package/dist/index.mjs

@@ -11400,6 +11400,38 @@ var GQLClient = class {
   }
 };
 
+// src/mcp/services/types.ts
+function detectIDE() {
+  const env3 = process.env;
+  if (env3["CURSOR_TRACE_ID"] || env3["CURSOR_SESSION_ID"]) return "cursor";
+  if (env3["WINDSURF_IPC_HOOK"] || env3["WINDSURF_PID"]) return "windsurf";
+  if (env3["CLAUDE_DESKTOP"] || env3["ANTHROPIC_CLAUDE"]) return "claude";
+  if (env3["WEBSTORM_VM_OPTIONS"] || env3["IDEA_VM_OPTIONS"] || env3["JETBRAINS_IDE"])
+    return "webstorm";
+  if (env3["VSCODE_IPC_HOOK"] || env3["VSCODE_PID"]) return "vscode";
+  const termProgram = env3["TERM_PROGRAM"]?.toLowerCase();
+  if (termProgram === "windsurf") return "windsurf";
+  if (termProgram === "vscode") return "vscode";
+  return void 0;
+}
+function createMcpLoginContext(trigger) {
+  return {
+    trigger,
+    source: "mcp",
+    ide: detectIDE()
+  };
+}
+function buildLoginUrl(baseUrl, loginId, hostname2, context) {
+  const url = new URL(`${baseUrl}/${loginId}`);
+  url.searchParams.set("hostname", hostname2);
+  url.searchParams.set("trigger", context.trigger);
+  url.searchParams.set("source", context.source);
+  if (context.ide) {
+    url.searchParams.set("ide", context.ide);
+  }
+  return url.toString();
+}
+
 // src/utils/ConfigStoreService.ts
 import Configstore from "configstore";
 function createConfigStore(defaultValues = { apiToken: "" }) {
@@ -11450,7 +11482,8 @@ async function handleMobbLogin({
   apiKey,
   skipPrompts,
   apiUrl,
-  webAppUrl
+  webAppUrl,
+  loginContext
 }) {
   const resolvedWebAppUrl = webAppUrl || WEB_APP_URL;
   const resolvedApiUrl = apiUrl || API_URL;
@@ -11495,7 +11528,8 @@ async function handleMobbLogin({
   const loginId = await inGqlClient.createCliLogin({
     publicKey: publicKey.export({ format: "pem", type: "pkcs1" }).toString()
   });
-  const browserUrl = `${resolvedWebAppUrl}/cli-login/${loginId}?hostname=${os.hostname()}`;
+  const webLoginUrl = `${resolvedWebAppUrl}/cli-login`;
+  const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, loginId, os.hostname(), loginContext) : `${webLoginUrl}/${loginId}?hostname=${os.hostname()}`;
   !skipPrompts && console.log(
     `If the page does not open automatically, kindly access it through ${browserUrl}.`
   );
@@ -13644,7 +13678,7 @@ var openRedaction = new OpenRedaction({
     "VISA_NUMBER",
     "VISA_MRZ",
     "TAX_ID",
-    // Financial Data (removed SWIFT_BIC - too broad, matches bank code formats in variables)
+    // Financial Data (removed SWIFT_BIC, CARD_AUTH_CODE - too broad, causing false positives with authentication words)
     "CREDIT_CARD",
     "IBAN",
     "BANK_ACCOUNT_UK",
@@ -13652,7 +13686,6 @@ var openRedaction = new OpenRedaction({
     "CARD_TRACK1_DATA",
     "CARD_TRACK2_DATA",
     "CARD_EXPIRY",
-    "CARD_AUTH_CODE",
     // Cryptocurrency (removed BITCOIN_ADDRESS - too broad, matches hash-like strings)
     "ETHEREUM_ADDRESS",
     "LITECOIN_ADDRESS",
@@ -13666,11 +13699,9 @@ var openRedaction = new OpenRedaction({
     "AUSTRALIAN_MEDICARE",
     "HEALTH_PLAN_NUMBER",
     "PATIENT_ID",
-    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US - too broad)
-    "PHONE_US",
+    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US, PHONE_US, PHONE_INTERNATIONAL - too broad, causing false positives)
     "PHONE_UK",
     "PHONE_UK_MOBILE",
-    "PHONE_INTERNATIONAL",
     "PHONE_LINE_NUMBER",
     "ADDRESS_STREET",
     "POSTCODE_UK",
@@ -13768,10 +13799,6 @@ async function sanitizeDataWithCounts(obj) {
   const sanitizedData = await sanitizeRecursive(obj);
   return { sanitizedData, counts };
 }
-async function sanitizeData(obj) {
-  const result = await sanitizeDataWithCounts(obj);
-  return result.sanitizedData;
-}
 
 // src/args/commands/upload_ai_blame.ts
 var PromptItemZ = z31.object({
@@ -13952,11 +13979,8 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
   const initSessions = sessions.map(
     ({ sessionId: _sessionId, ...rest }) => rest
   );
-  const sanitizedSessions = await sanitizeData(
-    initSessions
-  );
   const initRes = await authenticatedClient.uploadAIBlameInferencesInitRaw({
-    sessions: sanitizedSessions
+    sessions: initSessions
   });
   const uploadSessions = initRes.uploadAIBlameInferencesInit?.uploadSessions ?? [];
   if (uploadSessions.length !== sessions.length) {
@@ -14003,11 +14027,8 @@ async function uploadAiBlameHandler(args, exitOnError = true) {
       sessionId: s.sessionId
     };
   });
-  const sanitizedFinalizeSessions = await sanitizeData(
-    finalizeSessions
-  );
   const finRes = await authenticatedClient.finalizeAIBlameInferencesUploadRaw({
-    sessions: sanitizedFinalizeSessions
+    sessions: finalizeSessions
   });
   const status = finRes?.finalizeAIBlameInferencesUpload?.status;
   if (status !== "OK") {
@@ -14276,7 +14297,8 @@ async function processAndUploadHookData() {
       model: result.tracePayload.model,
       tool: result.tracePayload.tool,
       responseTime: result.tracePayload.responseTime,
-      blameType: "CHAT" /* Chat */
+      blameType: "CHAT" /* Chat */,
+      sessionId: result.hookData.session_id
     });
     uploadSuccess = true;
   } catch (error) {
@@ -14789,9 +14811,10 @@ var McpAuthService = class {
   /**
    * Handles the complete authentication flow
    * @param isBackgoundCall Whether this is called from tools context
+   * @param loginContext Context information about who triggered the login
    * @returns Authenticated API token
    */
-  async authenticate(isBackgoundCall = false) {
+  async authenticate(isBackgoundCall = false, loginContext) {
     const { publicKey, privateKey } = crypto2.generateKeyPairSync("rsa", {
       modulusLength: 2048
     });
@@ -14804,7 +14827,7 @@ var McpAuthService = class {
     }
     logDebug(`cli login created ${loginId}`);
     const webLoginUrl = `${WEB_APP_URL}/mvs-login`;
-    const browserUrl = `${webLoginUrl}/${loginId}?hostname=${os4.hostname()}`;
+    const browserUrl = loginContext ? buildLoginUrl(webLoginUrl, loginId, os4.hostname(), loginContext) : `${webLoginUrl}/${loginId}?hostname=${os4.hostname()}`;
     await this.openBrowser(browserUrl, isBackgoundCall);
     logDebug(`waiting for login to complete`);
     let newApiToken = null;
@@ -15478,7 +15501,8 @@ var McpGQLClient = class {
   }
 };
 async function createAuthenticatedMcpGQLClient({
-  isBackgroundCall = false
+  isBackgroundCall = false,
+  loginContext
 } = {}) {
   logDebug("[GraphQL] Getting config", {
     apiToken: configStore.get("apiToken")
@@ -15499,7 +15523,10 @@ async function createAuthenticatedMcpGQLClient({
     return initialClient;
   }
   const authService = new McpAuthService(initialClient);
-  const newApiToken = await authService.authenticate(isBackgroundCall);
+  const newApiToken = await authService.authenticate(
+    isBackgroundCall,
+    loginContext
+  );
   configStore.set("apiToken", newApiToken);
   return new McpGQLClient({ apiKey: newApiToken, type: "apiKey" });
 }
@@ -18443,7 +18470,10 @@ var BaseTool = class {
   async execute(args) {
     if (this.hasAuthentication) {
       logDebug(`Authenticating tool: ${this.name}`, { args });
-      const mcpGqlClient = await createAuthenticatedMcpGQLClient();
+      const loginContext = createMcpLoginContext(this.name);
+      const mcpGqlClient = await createAuthenticatedMcpGQLClient({
+        loginContext
+      });
       const userInfo2 = await mcpGqlClient.getUserInfo();
       logDebug("User authenticated successfully", { userInfo: userInfo2 });
     }
@@ -21677,7 +21707,8 @@ var _CheckForNewAvailableFixesService = class _CheckForNewAvailableFixesService
       logInfo(`[${scanContext}] Reset service state for new path`, { path: path22 });
     }
     try {
-      this.gqlClient = await createAuthenticatedMcpGQLClient();
+      const loginContext = createMcpLoginContext("check_new_fixes");
+      this.gqlClient = await createAuthenticatedMcpGQLClient({ loginContext });
     } catch (error) {
       const errorMessage = error.message;
       if (errorMessage.includes("Authentication failed") || errorMessage.includes("access-denied") || errorMessage.includes("Authentication hook unauthorized")) {
@@ -21929,7 +21960,8 @@ var _FetchAvailableFixesService = class _FetchAvailableFixesService {
   }
   async initializeGqlClient() {
     if (!this.gqlClient) {
-      this.gqlClient = await createAuthenticatedMcpGQLClient();
+      const loginContext = createMcpLoginContext("fetch_fixes");
+      this.gqlClient = await createAuthenticatedMcpGQLClient({ loginContext });
     }
     return this.gqlClient;
   }
@@ -22326,7 +22358,8 @@ var _ScanAndFixVulnerabilitiesService = class _ScanAndFixVulnerabilitiesService
     }
   }
   async initializeGqlClient() {
-    const gqlClient = await createAuthenticatedMcpGQLClient();
+    const loginContext = createMcpLoginContext("scan_vulnerabilities");
+    const gqlClient = await createAuthenticatedMcpGQLClient({ loginContext });
     const isConnected = await gqlClient.verifyApiConnection();
     if (!isConnected) {
       throw new ApiConnectionError(

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.1.24",
+  "version": "1.1.27",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",