mobbdev 1.2.29 → 1.2.32

package/dist/args/commands/upload_ai_blame.mjs

@@ -851,12 +851,15 @@ var init_client_generates = __esm({
 }
     `;
     AnalyzeCommitForExtensionAiBlameDocument = `
-    mutation AnalyzeCommitForExtensionAIBlame($repositoryURL: String!, $commitSha: String!, $organizationId: String!, $commitTimestamp: Timestamp) {
+    mutation AnalyzeCommitForExtensionAIBlame($repositoryURL: String!, $commitSha: String!, $organizationId: String!, $commitTimestamp: Timestamp, $commitAuthor: GitIdentityInput, $commitCommitter: GitIdentityInput, $commitCoAuthors: [GitIdentityInput!]) {
   analyzeCommitForAIBlame(
     repositoryURL: $repositoryURL
     commitSha: $commitSha
     organizationId: $organizationId
     commitTimestamp: $commitTimestamp
+    commitAuthor: $commitAuthor
+    commitCommitter: $commitCommitter
+    commitCoAuthors: $commitCoAuthors
   ) {
     __typename
     ... on ProcessAIBlameFinalResult {
@@ -2636,6 +2639,217 @@ var init_configs = __esm({
   }
 });
 
+// src/utils/blame/gitBlameTypes.ts
+import { z as z19 } from "zod";
+function parseCoAuthorValue(raw) {
+  const trimmed = raw.trim();
+  if (!trimmed) {
+    return null;
+  }
+  const openBracket = trimmed.lastIndexOf("<");
+  const closeBracket = trimmed.lastIndexOf(">");
+  if (openBracket === -1 || closeBracket === -1 || closeBracket < openBracket) {
+    return null;
+  }
+  const name = trimmed.slice(0, openBracket).trim();
+  const email = trimmed.slice(openBracket + 1, closeBracket).trim();
+  if (!name || !email) {
+    return null;
+  }
+  return { name, email };
+}
+function parseCommitLine(line) {
+  const parts = line.split("\0");
+  if (parts.length < 7) {
+    return null;
+  }
+  return {
+    sha: parts[0],
+    author: { name: parts[2], email: parts[1] },
+    committer: { name: parts[4], email: parts[3] },
+    coAuthors: parts.slice(7).map(parseCoAuthorValue).filter((v) => v !== null),
+    timestamp: parseInt(parts[5], 10),
+    message: parts[6]
+  };
+}
+var PrepareGitBlameMessageZ, PrepareGitBlameResponseMessageZ, CommitMetadataZ, LineToCommitMapZ, CommitMetadataMapZ, BlameInfoZ, LineRangeZ, PrContextZ, PrepareCommitBlameMessageZ, BlameLineInfoZ, FileBlameDataZ, ChunkFetchResultZ, FileBlameResponseEntryZ, CommitBlameDataZ, CommitInfoZ, GitIdentityZ, COMMIT_LOG_FORMAT, CommitDataZ, PrDiffDataZ, PrStatsZ, CommitsManifestZ, BlameLineEntryZ, BlameLinesDataZ, PrepareCommitBlameResponseMessageZ;
+var init_gitBlameTypes = __esm({
+  "src/utils/blame/gitBlameTypes.ts"() {
+    "use strict";
+    PrepareGitBlameMessageZ = z19.object({
+      reportId: z19.string(),
+      repoArchivePath: z19.string()
+    });
+    PrepareGitBlameResponseMessageZ = z19.object({
+      reportId: z19.string()
+    });
+    CommitMetadataZ = z19.object({
+      author: z19.string().optional(),
+      "author-mail": z19.string().optional(),
+      "author-time": z19.string().optional(),
+      "author-tz": z19.string().optional(),
+      committer: z19.string().optional(),
+      "committer-mail": z19.string().optional(),
+      "committer-time": z19.string().optional(),
+      "committer-tz": z19.string().optional(),
+      summary: z19.string().optional(),
+      filename: z19.string().optional()
+    });
+    LineToCommitMapZ = z19.record(z19.string(), z19.string());
+    CommitMetadataMapZ = z19.record(z19.string(), CommitMetadataZ);
+    BlameInfoZ = z19.object({
+      lineToCommit: LineToCommitMapZ,
+      commitMetadata: CommitMetadataMapZ
+    });
+    LineRangeZ = z19.object({
+      /** First line in chunk (1-indexed) */
+      start: z19.number(),
+      /** Last line in chunk (inclusive) */
+      end: z19.number()
+    });
+    PrContextZ = z19.object({
+      prNumber: z19.number(),
+      repositoryUrl: z19.string(),
+      organizationId: z19.string(),
+      userEmail: z19.string(),
+      source: z19.enum(["pr", "github"]),
+      githubContext: z19.object({
+        prNumber: z19.number(),
+        installationId: z19.number(),
+        repositoryURL: z19.string()
+      }).optional()
+    });
+    PrepareCommitBlameMessageZ = z19.object({
+      /** Commit blame request ID from database (for tracking and updating status) */
+      commitBlameRequestId: z19.string(),
+      /** Organization ID (for org-scoped caching) */
+      organizationId: z19.string(),
+      /** Full repository URL (e.g., https://github.com/org/repo) */
+      repositoryUrl: z19.string(),
+      /** Commit SHA to analyze (typically PR head commit) */
+      commitSha: z19.string(),
+      /** Authentication headers for repository access (e.g., GitHub token) */
+      extraHeaders: z19.record(z19.string(), z19.string()).default({}),
+      // --- PR analysis fields ---
+      /** Target branch name (from getPr() base.ref). When set, enables PR analysis mode. */
+      targetBranch: z19.string().optional(),
+      /** Context for triggering blame attribution analysis after SCM agent completes. */
+      prContext: PrContextZ.optional(),
+      /** User email for blame attribution analysis trigger context (used for both PR and single commit flows). */
+      userEmail: z19.string().optional()
+    });
+    BlameLineInfoZ = z19.object({
+      /** Line number as it appeared in the introducing commit */
+      originalLineNumber: z19.number(),
+      /** Commit SHA that introduced this line */
+      commitSha: z19.string(),
+      /** Author name for this line */
+      authorName: z19.string().optional(),
+      /** Author email for this line */
+      authorEmail: z19.string().optional()
+    }).nullable();
+    FileBlameDataZ = z19.array(BlameLineInfoZ);
+    ChunkFetchResultZ = z19.object({
+      filePath: z19.string(),
+      lines: z19.array(z19.number()),
+      data: FileBlameDataZ.nullable()
+    });
+    FileBlameResponseEntryZ = z19.object({
+      /** Chunk index (0 for small files, 0-N for large file chunks) */
+      chunkIndex: z19.number(),
+      /** Blame data array (1-indexed, index 0 is null) */
+      blameData: FileBlameDataZ
+    });
+    CommitBlameDataZ = z19.record(
+      z19.string(),
+      // fileName
+      z19.array(FileBlameResponseEntryZ)
+    );
+    CommitInfoZ = z19.object({
+      /** Number of parent commits (1 = normal commit, 2+ = merge commit, null = failed to determine) */
+      parentCount: z19.number().nullable()
+    });
+    GitIdentityZ = z19.object({
+      name: z19.string(),
+      email: z19.string()
+    });
+    COMMIT_LOG_FORMAT = "%H%x00%ae%x00%an%x00%ce%x00%cn%x00%at%x00%s%x00%(trailers:key=Co-authored-by,valueonly,separator=%x00)";
+    CommitDataZ = z19.object({
+      diff: z19.string(),
+      author: GitIdentityZ,
+      committer: GitIdentityZ,
+      coAuthors: z19.array(GitIdentityZ),
+      timestamp: z19.number(),
+      // Unix timestamp in seconds
+      message: z19.string().optional(),
+      parentCount: z19.number().nullable()
+    });
+    PrDiffDataZ = z19.object({
+      diff: z19.string()
+    });
+    PrStatsZ = z19.object({
+      additions: z19.number(),
+      deletions: z19.number()
+    });
+    CommitsManifestZ = z19.object({
+      commits: z19.array(z19.string())
+      // Array of commit SHAs in order
+    });
+    BlameLineEntryZ = z19.object({
+      file: z19.string(),
+      line: z19.number(),
+      originalCommitSha: z19.string(),
+      originalLineNumber: z19.number()
+    });
+    BlameLinesDataZ = z19.object({
+      lines: z19.array(BlameLineEntryZ)
+    });
+    PrepareCommitBlameResponseMessageZ = z19.object({
+      /** Commit blame request ID (matches request, used to update specific DB record) */
+      commitBlameRequestId: z19.string(),
+      /** Organization ID (matches request) */
+      organizationId: z19.string(),
+      /** Repository URL (matches request) */
+      repositoryUrl: z19.string(),
+      /** Commit SHA analyzed (matches request) */
+      commitSha: z19.string(),
+      /** Processing status */
+      status: z19.enum(["success", "failure"]),
+      /** Error message (only present if status is 'failure') */
+      error: z19.string().optional(),
+      /**
+       * Blame data for all processed files/chunks.
+       * Empty dictionary if status is 'failure'.
+       * Contains line mappings as arrays if status is 'success'.
+       */
+      blameData: CommitBlameDataZ,
+      /**
+       * Info about each commit referenced in the blame data plus the head commit.
+       * Keyed by commit SHA, deduplicated.
+       * Empty dictionary if status is 'failure'.
+       */
+      commits: z19.record(z19.string(), CommitInfoZ).default({}),
+      // --- New PR diff computation response fields ---
+      /** S3 paths for commit-level data (commitSha → S3 key). Present in PR analysis mode and single commit mode. */
+      commitDataS3Paths: z19.record(z19.string(), z19.string()).optional(),
+      /** S3 key for PR diff JSON. Present in PR analysis mode. */
+      prDiffS3Path: z19.string().optional(),
+      /** S3 key for commits manifest. Present in PR analysis mode. */
+      commitsManifestS3Path: z19.string().optional(),
+      /** S3 key for per-line targeted blame data. Present in PR analysis mode. */
+      blameLinesS3Path: z19.string().optional(),
+      /** S3 key for PR stats (additions/deletions). Present in PR analysis mode. */
+      prStatsS3Path: z19.string().optional(),
+      /** PR context passed through from request for response handler. */
+      prContext: PrContextZ.optional(),
+      /** PR title from the request metadata (passed through). */
+      prTitle: z19.string().optional(),
+      /** User email passed through from request for single commit blame attribution analysis trigger. */
+      userEmail: z19.string().optional()
+    });
+  }
+});
+
 // src/features/analysis/scm/services/ExcludedDirs.ts
 var EXCLUDED_DIRS;
 var init_ExcludedDirs = __esm({
@@ -3308,6 +3522,7 @@ var init_GitService = __esm({
   "src/features/analysis/scm/services/GitService.ts"() {
     "use strict";
     init_configs();
+    init_gitBlameTypes();
     init_urlParser2();
     init_FileUtils();
     MAX_COMMIT_DIFF_SIZE_BYTES = 3 * 1024 * 1024;
@@ -3804,7 +4019,7 @@ ${rootContent}`;
           const DIFF_DELIMITER = "---MOBB_DIFF_START---";
           const output = await this.git.show([
             commitSha,
-            `--format=%cI%n${DIFF_DELIMITER}`,
+            `--format=${COMMIT_LOG_FORMAT}%n${DIFF_DELIMITER}`,
             "--patch"
           ]);
           const delimiterIndex = output.indexOf(DIFF_DELIMITER);
@@ -3825,16 +4040,16 @@ ${rootContent}`;
             });
             return null;
           }
-          const metadataLines = metadataOutput.trim().split("\n");
-          if (metadataLines.length < 1 || !metadataLines[0]) {
+          const metadataLine = metadataOutput.trim();
+          const parsed = parseCommitLine(metadataLine);
+          if (!parsed) {
             this.log("[GitService] Unexpected metadata format", "warning", {
               commitSha,
-              metadataLines
+              metadataLine
             });
             return null;
           }
-          const timestampStr = metadataLines[0];
-          const timestamp = new Date(timestampStr);
+          const timestamp = new Date(parsed.timestamp * 1e3);
           this.log("[GitService] Local commit data retrieved", "debug", {
             commitSha,
             diffSizeBytes,
@@ -3842,7 +4057,10 @@ ${rootContent}`;
           });
           return {
             diff,
-            timestamp
+            timestamp,
+            author: parsed.author,
+            committer: parsed.committer,
+            coAuthors: parsed.coAuthors
           };
         } catch (error) {
           const errorMessage = `Failed to get local commit data: ${error.message}`;
@@ -3860,7 +4078,7 @@ import * as os3 from "os";
 import path6 from "path";
 import chalk3 from "chalk";
 import { withFile } from "tmp-promise";
-import z26 from "zod";
+import z27 from "zod";
 
 // src/commands/handleMobbLogin.ts
 import chalk2 from "chalk";
@@ -6284,38 +6502,38 @@ import querystring2 from "querystring";
 import * as bitbucketPkgNode from "bitbucket";
 import bitbucketPkg from "bitbucket";
 import Debug4 from "debug";
-import { z as z20 } from "zod";
+import { z as z21 } from "zod";
 
 // src/features/analysis/scm/bitbucket/validation.ts
-import { z as z19 } from "zod";
-var BitbucketAuthResultZ = z19.object({
-  access_token: z19.string(),
-  token_type: z19.string(),
-  refresh_token: z19.string()
+import { z as z20 } from "zod";
+var BitbucketAuthResultZ = z20.object({
+  access_token: z20.string(),
+  token_type: z20.string(),
+  refresh_token: z20.string()
 });
 
 // src/features/analysis/scm/bitbucket/bitbucket.ts
 var debug4 = Debug4("scm:bitbucket");
 var BITBUCKET_HOSTNAME = "bitbucket.org";
-var TokenExpiredErrorZ = z20.object({
-  status: z20.number(),
-  error: z20.object({
-    type: z20.string(),
-    error: z20.object({
-      message: z20.string()
+var TokenExpiredErrorZ = z21.object({
+  status: z21.number(),
+  error: z21.object({
+    type: z21.string(),
+    error: z21.object({
+      message: z21.string()
     })
   })
 });
 var BITBUCKET_ACCESS_TOKEN_URL = `https://${BITBUCKET_HOSTNAME}/site/oauth2/access_token`;
-var BitbucketParseResultZ = z20.object({
-  organization: z20.string(),
-  repoName: z20.string(),
-  hostname: z20.literal(BITBUCKET_HOSTNAME)
+var BitbucketParseResultZ = z21.object({
+  organization: z21.string(),
+  repoName: z21.string(),
+  hostname: z21.literal(BITBUCKET_HOSTNAME)
 });
 
 // src/features/analysis/scm/bitbucket/BitbucketSCMLib.ts
 import { setTimeout as setTimeout3 } from "timers/promises";
-import { z as z21 } from "zod";
+import { z as z22 } from "zod";
 
 // src/features/analysis/scm/constants.ts
 var REPORT_DEFAULT_FILE_NAME = "report.json";
@@ -6324,7 +6542,7 @@ var REPORT_DEFAULT_FILE_NAME = "report.json";
 init_env();
 
 // src/features/analysis/scm/github/GithubSCMLib.ts
-import { z as z22 } from "zod";
+import { z as z23 } from "zod";
 init_client_generates();
 
 // src/features/analysis/scm/github/github.ts
@@ -6362,11 +6580,11 @@ var debug5 = debugModule("mobb:shared");
 init_env();
 
 // src/features/analysis/scm/gitlab/types.ts
-import { z as z23 } from "zod";
-var GitlabAuthResultZ = z23.object({
-  access_token: z23.string(),
-  token_type: z23.string(),
-  refresh_token: z23.string()
+import { z as z24 } from "zod";
+var GitlabAuthResultZ = z24.object({
+  access_token: z24.string(),
+  token_type: z24.string(),
+  refresh_token: z24.string()
 });
 
 // src/features/analysis/scm/gitlab/gitlab.ts
@@ -6376,69 +6594,69 @@ var debug6 = Debug5("scm:gitlab");
 init_client_generates();
 
 // src/features/analysis/scm/scmFactory.ts
-import { z as z24 } from "zod";
+import { z as z25 } from "zod";
 
 // src/features/analysis/graphql/gql.ts
 init_client_generates();
 
 // src/features/analysis/graphql/types.ts
 init_client_generates();
-import { z as z25 } from "zod";
-var VulnerabilityReportIssueCodeNodeZ = z25.object({
-  vulnerabilityReportIssueId: z25.string(),
-  path: z25.string(),
-  startLine: z25.number(),
-  vulnerabilityReportIssue: z25.object({
-    fixId: z25.string(),
-    category: z25.nativeEnum(Vulnerability_Report_Issue_Category_Enum),
-    safeIssueType: z25.string(),
-    vulnerabilityReportIssueTags: z25.array(
-      z25.object({
-        tag: z25.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
+import { z as z26 } from "zod";
+var VulnerabilityReportIssueCodeNodeZ = z26.object({
+  vulnerabilityReportIssueId: z26.string(),
+  path: z26.string(),
+  startLine: z26.number(),
+  vulnerabilityReportIssue: z26.object({
+    fixId: z26.string(),
+    category: z26.nativeEnum(Vulnerability_Report_Issue_Category_Enum),
+    safeIssueType: z26.string(),
+    vulnerabilityReportIssueTags: z26.array(
+      z26.object({
+        tag: z26.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
       })
     )
   })
 });
-var VulnerabilityReportIssueNoFixCodeNodeZ = z25.object({
-  vulnerabilityReportIssues: z25.array(
-    z25.object({
-      id: z25.string(),
-      fixId: z25.string().nullable(),
-      category: z25.nativeEnum(Vulnerability_Report_Issue_Category_Enum),
-      safeIssueType: z25.string(),
-      fpId: z25.string().uuid().nullable(),
-      codeNodes: z25.array(
-        z25.object({
-          path: z25.string(),
-          startLine: z25.number()
+var VulnerabilityReportIssueNoFixCodeNodeZ = z26.object({
+  vulnerabilityReportIssues: z26.array(
+    z26.object({
+      id: z26.string(),
+      fixId: z26.string().nullable(),
+      category: z26.nativeEnum(Vulnerability_Report_Issue_Category_Enum),
+      safeIssueType: z26.string(),
+      fpId: z26.string().uuid().nullable(),
+      codeNodes: z26.array(
+        z26.object({
+          path: z26.string(),
+          startLine: z26.number()
         })
       ),
-      vulnerabilityReportIssueTags: z25.array(
-        z25.object({
-          tag: z25.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
+      vulnerabilityReportIssueTags: z26.array(
+        z26.object({
+          tag: z26.nativeEnum(Vulnerability_Report_Issue_Tag_Enum)
         })
       )
     })
   )
 });
-var GetVulByNodesMetadataZ = z25.object({
-  vulnerabilityReportIssueCodeNodes: z25.array(VulnerabilityReportIssueCodeNodeZ),
-  nonFixablePrVuls: z25.object({
-    aggregate: z25.object({
-      count: z25.number()
+var GetVulByNodesMetadataZ = z26.object({
+  vulnerabilityReportIssueCodeNodes: z26.array(VulnerabilityReportIssueCodeNodeZ),
+  nonFixablePrVuls: z26.object({
+    aggregate: z26.object({
+      count: z26.number()
     })
   }),
-  fixablePrVuls: z25.object({
-    aggregate: z25.object({
-      count: z25.number()
+  fixablePrVuls: z26.object({
+    aggregate: z26.object({
+      count: z26.number()
     })
   }),
-  totalScanVulnerabilities: z25.object({
-    aggregate: z25.object({
-      count: z25.number()
+  totalScanVulnerabilities: z26.object({
+    aggregate: z26.object({
+      count: z26.number()
     })
   }),
-  irrelevantVulnerabilityReportIssue: z25.array(
+  irrelevantVulnerabilityReportIssue: z26.array(
     VulnerabilityReportIssueNoFixCodeNodeZ
   )
 });
@@ -7338,7 +7556,8 @@ import { OpenRedaction } from "@openredaction/openredaction";
 var openRedaction = new OpenRedaction({
   patterns: [
     // Core Personal Data
-    "EMAIL",
+    // Removed EMAIL - causes false positives in code/test snippets (e.g. --author="Eve Author <eve@example.com>")
+    // Prefer false negatives over false positives for this use case.
     "SSN",
     "NATIONAL_INSURANCE_UK",
     "DATE_OF_BIRTH",
@@ -7353,7 +7572,8 @@ var openRedaction = new OpenRedaction({
     "VISA_MRZ",
     "TAX_ID",
     // Financial Data (removed SWIFT_BIC, CARD_AUTH_CODE - too broad, causing false positives with authentication words)
-    "CREDIT_CARD",
+    // Removed CREDIT_CARD - causes false positives on zero-filled UUIDs (e.g. '00000000-0000-0000-0000-000000000000')
+    // Prefer false negatives over false positives for this use case.
     "IBAN",
     "BANK_ACCOUNT_UK",
     "ROUTING_NUMBER_US",
@@ -7439,15 +7659,6 @@ async function sanitizeDataWithCounts(obj) {
         ...piiDetections.low
       ];
       for (const detection of allDetections) {
-        if (detection.type === "CREDIT_CARD") {
-          const start = detection.position[0];
-          const end = detection.position[1];
-          const charBefore = (start > 0 ? str[start - 1] : "") ?? "";
-          const charAfter = str[end] ?? "";
-          if (charBefore === "." || charBefore >= "0" && charBefore <= "9" || charAfter >= "0" && charAfter <= "9") {
-            continue;
-          }
-        }
         counts.detections.total++;
         if (detection.severity === "high") counts.detections.high++;
         else if (detection.severity === "medium") counts.detections.medium++;
@@ -7500,8 +7711,8 @@ var defaultLogger = {
     }
   }
 };
-var PromptItemZ = z26.object({
-  type: z26.enum([
+var PromptItemZ = z27.object({
+  type: z27.enum([
     "USER_PROMPT",
     "AI_RESPONSE",
     "TOOL_EXECUTION",
@@ -7509,32 +7720,32 @@ var PromptItemZ = z26.object({
     "MCP_TOOL_CALL"
     // MCP (Model Context Protocol) tool invocation
   ]),
-  attachedFiles: z26.array(
-    z26.object({
-      relativePath: z26.string(),
-      startLine: z26.number().optional()
+  attachedFiles: z27.array(
+    z27.object({
+      relativePath: z27.string(),
+      startLine: z27.number().optional()
     })
   ).optional(),
-  tokens: z26.object({
-    inputCount: z26.number(),
-    outputCount: z26.number()
+  tokens: z27.object({
+    inputCount: z27.number(),
+    outputCount: z27.number()
   }).optional(),
-  text: z26.string().optional(),
-  date: z26.date().optional(),
-  tool: z26.object({
-    name: z26.string(),
-    parameters: z26.string(),
-    result: z26.string(),
-    rawArguments: z26.string().optional(),
-    accepted: z26.boolean().optional(),
+  text: z27.string().optional(),
+  date: z27.date().optional(),
+  tool: z27.object({
+    name: z27.string(),
+    parameters: z27.string(),
+    result: z27.string(),
+    rawArguments: z27.string().optional(),
+    accepted: z27.boolean().optional(),
     // MCP-specific fields (only populated for MCP_TOOL_CALL type)
-    mcpServer: z26.string().optional(),
+    mcpServer: z27.string().optional(),
     // MCP server name (e.g., "datadog", "mobb-mcp")
-    mcpToolName: z26.string().optional()
+    mcpToolName: z27.string().optional()
     // MCP tool name without prefix (e.g., "scan_and_fix_vulnerabilities")
   }).optional()
 });
-var PromptItemArrayZ = z26.array(PromptItemZ);
+var PromptItemArrayZ = z27.array(PromptItemZ);
 async function getRepositoryUrl() {
   try {
     const gitService = new GitService(process.cwd());