npm - mobbdev - Versions diffs - 1.2.33 → 1.2.34 - Mend

mobbdev 1.2.33 → 1.2.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/args/commands/upload_ai_blame.d.mts +15 -1
package/dist/args/commands/upload_ai_blame.mjs +264 -203
package/dist/index.mjs +3019 -2962
package/package.json +1 -1

package/dist/args/commands/upload_ai_blame.d.mts CHANGED Viewed

@@ -206,6 +206,20 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
     } | undefined;
 }>, "many">;
 type PromptItemArray = z.infer<typeof PromptItemArrayZ>;
+/**
+ * Gets the normalized GitHub repository URL from the current working directory.
+ * Returns null if not in a git repository or if not a GitHub repository.
+ */
+declare function getRepositoryUrl(): Promise<string | null>;
+/**
+ * Get system information for tracking inference source.
+ * Works cross-platform (Windows, macOS, Linux).
+ * Handles errors gracefully for containerized environments where user info may not be available.
+ */
+declare function getSystemInfo(): {
+    computerName: string;
+    userName: string | undefined;
+};
 type UploadAiBlameOptions = {
     prompt: string[];
     inference: string[];
@@ -249,4 +263,4 @@ type UploadAiBlameHandlerOptions = {
 declare function uploadAiBlameHandler(options: UploadAiBlameHandlerOptions): Promise<void>;
 declare function uploadAiBlameCommandHandler(args: UploadAiBlameOptions): Promise<void>;
-export { type PromptItem, type PromptItemArray, type UploadAiBlameOptions, type UploadAiBlameResult, uploadAiBlameBuilder, uploadAiBlameCommandHandler, uploadAiBlameHandler, uploadAiBlameHandlerFromExtension };
+export { type PromptItem, type PromptItemArray, type UploadAiBlameOptions, type UploadAiBlameResult, getRepositoryUrl, getSystemInfo, uploadAiBlameBuilder, uploadAiBlameCommandHandler, uploadAiBlameHandler, uploadAiBlameHandlerFromExtension };

package/dist/args/commands/upload_ai_blame.mjs CHANGED Viewed

@@ -73,6 +73,12 @@ function getSdk(client, withWrapper = defaultWrapper) {
     FinalizeAIBlameInferencesUpload(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: FinalizeAiBlameInferencesUploadDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "FinalizeAIBlameInferencesUpload", "mutation", variables);
     },
+    UploadTracyRecords(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: UploadTracyRecordsDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "UploadTracyRecords", "mutation", variables);
+    },
+    GetTracyRawDataUploadUrls(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: GetTracyRawDataUploadUrlsDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "GetTracyRawDataUploadUrls", "mutation", variables);
+    },
     DigestVulnerabilityReport(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: DigestVulnerabilityReportDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "DigestVulnerabilityReport", "mutation", variables);
     },
@@ -126,7 +132,7 @@ function getSdk(client, withWrapper = defaultWrapper) {
     }
   };
 }
-var AiBlameInferenceType, FixQuestionInputType, Language, ManifestAction, Effort_To_Apply_Fix_Enum, Fix_Rating_Tag_Enum, Fix_Report_State_Enum, Fix_State_Enum, IssueLanguage_Enum, IssueType_Enum, Pr_Status_Enum, Project_Role_Type_Enum, Vulnerability_Report_Issue_Category_Enum, Vulnerability_Report_Issue_State_Enum, Vulnerability_Report_Issue_Tag_Enum, Vulnerability_Report_Vendor_Enum, Vulnerability_Severity_Enum, FixDetailsFragmentDoc, FixReportSummaryFieldsFragmentDoc, MeDocument, GetLastOrgAndNamedProjectDocument, GetLastOrgDocument, GetEncryptedApiTokenDocument, FixReportStateDocument, GetVulnerabilityReportPathsDocument, GetAnalysisSubscriptionDocument, GetAnalysisDocument, GetFixesDocument, GetVulByNodesMetadataDocument, GetFalsePositiveDocument, UpdateScmTokenDocument, UploadS3BucketInfoDocument, GetTracyDiffUploadUrlDocument, AnalyzeCommitForExtensionAiBlameDocument, GetAiBlameInferenceDocument, GetAiBlameAttributionPromptDocument, GetPromptSummaryDocument, UploadAiBlameInferencesInitDocument, FinalizeAiBlameInferencesUploadDocument, DigestVulnerabilityReportDocument, SubmitVulnerabilityReportDocument, CreateCommunityUserDocument, CreateCliLoginDocument, PerformCliLoginDocument, CreateProjectDocument, ValidateRepoUrlDocument, GitReferenceDocument, AutoPrAnalysisDocument, GetFixReportsByRepoUrlDocument, GetReportFixesDocument, GetLatestReportByRepoUrlDocument, UpdateDownloadedFixDataDocument, GetUserMvsAutoFixDocument, StreamBlameAiAnalysisRequestsDocument, StreamCommitBlameRequestsDocument, ScanSkillDocument, defaultWrapper;
+var AiBlameInferenceType, FixQuestionInputType, Language, ManifestAction, Effort_To_Apply_Fix_Enum, Fix_Rating_Tag_Enum, Fix_Report_State_Enum, Fix_State_Enum, IssueLanguage_Enum, IssueType_Enum, Pr_Status_Enum, Project_Role_Type_Enum, Vulnerability_Report_Issue_Category_Enum, Vulnerability_Report_Issue_State_Enum, Vulnerability_Report_Issue_Tag_Enum, Vulnerability_Report_Vendor_Enum, Vulnerability_Severity_Enum, FixDetailsFragmentDoc, FixReportSummaryFieldsFragmentDoc, MeDocument, GetLastOrgAndNamedProjectDocument, GetLastOrgDocument, GetEncryptedApiTokenDocument, FixReportStateDocument, GetVulnerabilityReportPathsDocument, GetAnalysisSubscriptionDocument, GetAnalysisDocument, GetFixesDocument, GetVulByNodesMetadataDocument, GetFalsePositiveDocument, UpdateScmTokenDocument, UploadS3BucketInfoDocument, GetTracyDiffUploadUrlDocument, AnalyzeCommitForExtensionAiBlameDocument, GetAiBlameInferenceDocument, GetAiBlameAttributionPromptDocument, GetPromptSummaryDocument, UploadAiBlameInferencesInitDocument, FinalizeAiBlameInferencesUploadDocument, UploadTracyRecordsDocument, GetTracyRawDataUploadUrlsDocument, DigestVulnerabilityReportDocument, SubmitVulnerabilityReportDocument, CreateCommunityUserDocument, CreateCliLoginDocument, PerformCliLoginDocument, CreateProjectDocument, ValidateRepoUrlDocument, GitReferenceDocument, AutoPrAnalysisDocument, GetFixReportsByRepoUrlDocument, GetReportFixesDocument, GetLatestReportByRepoUrlDocument, UpdateDownloadedFixDataDocument, GetUserMvsAutoFixDocument, StreamBlameAiAnalysisRequestsDocument, StreamCommitBlameRequestsDocument, ScanSkillDocument, defaultWrapper;
 var init_client_generates = __esm({
   "src/features/analysis/scm/generates/client_generates.ts"() {
     "use strict";
@@ -962,6 +968,28 @@ var init_client_generates = __esm({
     status
     error
   }
+}
+    `;
+    UploadTracyRecordsDocument = `
+    mutation UploadTracyRecords($records: [TracyRecordInput!]!) {
+  uploadTracyRecords(records: $records) {
+    status
+    error
+  }
+}
+    `;
+    GetTracyRawDataUploadUrlsDocument = `
+    mutation GetTracyRawDataUploadUrls($recordIds: [String!]!) {
+  getTracyRawDataUploadUrls(recordIds: $recordIds) {
+    status
+    error
+    uploads {
+      recordId
+      url
+      uploadFieldsJSON
+      uploadKey
+    }
+  }
 }
     `;
     DigestVulnerabilityReportDocument = `
@@ -4082,7 +4110,7 @@ import z27 from "zod";
 // src/commands/handleMobbLogin.ts
 import chalk2 from "chalk";
-import Debug7 from "debug";
+import Debug10 from "debug";
 // src/utils/dirname.ts
 import fs from "fs";
@@ -4211,6 +4239,7 @@ var CliError = class extends Error {
 // src/commands/AuthManager.ts
 import crypto from "crypto";
 import os from "os";
+import Debug9 from "debug";
 import open from "open";
 // src/constants.ts
@@ -4374,8 +4403,7 @@ function getProxyAgent(url) {
     const isHttps = parsedUrl.protocol === "https:";
     const proxy = isHttps ? getHttpProxy() : isHttp ? getHttpProxyOnly() : null;
     if (proxy) {
-      debug2("Using proxy %s", proxy);
-      debug2("Proxy agent %o", proxy);
+      debug2("Using proxy %s for %s", proxy, url);
       return new HttpsProxyAgent(proxy);
     }
   } catch (err) {
@@ -7094,6 +7122,12 @@ var GQLClient = class {
   async finalizeAIBlameInferencesUploadRaw(variables) {
     return await this._clientSdk.FinalizeAIBlameInferencesUpload(variables);
   }
+  async uploadTracyRecords(variables) {
+    return await this._clientSdk.UploadTracyRecords(variables);
+  }
+  async getTracyRawDataUploadUrls(variables) {
+    return await this._clientSdk.GetTracyRawDataUploadUrls(variables);
+  }
   async analyzeCommitForExtensionAIBlame(variables) {
     return await this._clientSdk.AnalyzeCommitForExtensionAIBlame(variables);
   }
@@ -7111,6 +7145,209 @@ var GQLClient = class {
   }
 };
+// src/features/analysis/graphql/tracy-batch-upload.ts
+import { promisify } from "util";
+import { gzip } from "zlib";
+import Debug8 from "debug";
+// src/utils/sanitize-sensitive-data.ts
+import { OpenRedaction } from "@openredaction/openredaction";
+var openRedaction = new OpenRedaction({
+  patterns: [
+    // Core Personal Data
+    // Removed EMAIL - causes false positives in code/test snippets (e.g. --author="Eve Author <eve@example.com>")
+    // Prefer false negatives over false positives for this use case.
+    "SSN",
+    "NATIONAL_INSURANCE_UK",
+    "DATE_OF_BIRTH",
+    // Identity Documents
+    "PASSPORT_UK",
+    "PASSPORT_US",
+    "PASSPORT_MRZ_TD1",
+    "PASSPORT_MRZ_TD3",
+    "DRIVING_LICENSE_UK",
+    "DRIVING_LICENSE_US",
+    "VISA_NUMBER",
+    "VISA_MRZ",
+    "TAX_ID",
+    // Financial Data (removed SWIFT_BIC, CARD_AUTH_CODE - too broad, causing false positives with authentication words)
+    // Removed CREDIT_CARD - causes false positives on zero-filled UUIDs (e.g. '00000000-0000-0000-0000-000000000000')
+    // Prefer false negatives over false positives for this use case.
+    "IBAN",
+    "BANK_ACCOUNT_UK",
+    "ROUTING_NUMBER_US",
+    "CARD_TRACK1_DATA",
+    "CARD_TRACK2_DATA",
+    "CARD_EXPIRY",
+    // Cryptocurrency (removed BITCOIN_ADDRESS - too broad, matches hash-like strings)
+    "ETHEREUM_ADDRESS",
+    "LITECOIN_ADDRESS",
+    "CARDANO_ADDRESS",
+    "SOLANA_ADDRESS",
+    "MONERO_ADDRESS",
+    "RIPPLE_ADDRESS",
+    // Medical Data (removed PRESCRIPTION_NUMBER - too broad, matches words containing "ription")
+    // Removed MEDICAL_RECORD_NUMBER - too broad, "MR" prefix matches "Merge Request" in SCM contexts (e.g. "MR branches" → "MR br****es")
+    "NHS_NUMBER",
+    "AUSTRALIAN_MEDICARE",
+    "HEALTH_PLAN_NUMBER",
+    "PATIENT_ID",
+    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US, PHONE_US, PHONE_INTERNATIONAL - too broad, causing false positives)
+    "PHONE_UK",
+    "PHONE_UK_MOBILE",
+    "PHONE_LINE_NUMBER",
+    "ADDRESS_STREET",
+    "POSTCODE_UK",
+    // Network & Technical
+    "IPV4",
+    "IPV6",
+    "MAC_ADDRESS",
+    "URL_WITH_AUTH",
+    // Security Keys & Tokens
+    "PRIVATE_KEY",
+    "SSH_PRIVATE_KEY",
+    "AWS_SECRET_KEY",
+    "AWS_ACCESS_KEY",
+    "AZURE_STORAGE_KEY",
+    "GCP_SERVICE_ACCOUNT",
+    "JWT_TOKEN",
+    "OAUTH_TOKEN",
+    "OAUTH_CLIENT_SECRET",
+    "BEARER_TOKEN",
+    "PAYMENT_TOKEN",
+    "GENERIC_SECRET",
+    "GENERIC_API_KEY",
+    // Platform-Specific API Keys
+    "GITHUB_TOKEN",
+    "SLACK_TOKEN",
+    "STRIPE_API_KEY",
+    "GOOGLE_API_KEY",
+    "FIREBASE_API_KEY",
+    "HEROKU_API_KEY",
+    "MAILGUN_API_KEY",
+    "SENDGRID_API_KEY",
+    "TWILIO_API_KEY",
+    "NPM_TOKEN",
+    "PYPI_TOKEN",
+    "DOCKER_AUTH",
+    "KUBERNETES_SECRET",
+    // Government & Legal
+    // Removed CLIENT_ID - too broad, "client" is ubiquitous in code (npm packages like @scope/client-*, class names like ClientSdkOptions)
+    "POLICE_REPORT_NUMBER",
+    "IMMIGRATION_NUMBER",
+    "COURT_REPORTER_LICENSE"
+  ]
+});
+function maskString(str, showStart = 2, showEnd = 2) {
+  if (str.length <= showStart + showEnd) {
+    return "*".repeat(str.length);
+  }
+  return str.slice(0, showStart) + "*".repeat(str.length - showStart - showEnd) + str.slice(-showEnd);
+}
+async function sanitizeDataWithCounts(obj) {
+  const counts = {
+    detections: { total: 0, high: 0, medium: 0, low: 0 }
+  };
+  const sanitizeString = async (str) => {
+    let result = str;
+    const piiDetections = openRedaction.scan(str);
+    if (piiDetections && piiDetections.total > 0) {
+      const allDetections = [
+        ...piiDetections.high,
+        ...piiDetections.medium,
+        ...piiDetections.low
+      ];
+      for (const detection of allDetections) {
+        counts.detections.total++;
+        if (detection.severity === "high") counts.detections.high++;
+        else if (detection.severity === "medium") counts.detections.medium++;
+        else if (detection.severity === "low") counts.detections.low++;
+        const masked = maskString(detection.value);
+        result = result.replaceAll(detection.value, masked);
+      }
+    }
+    return result;
+  };
+  const sanitizeRecursive = async (data) => {
+    if (typeof data === "string") {
+      return sanitizeString(data);
+    } else if (Array.isArray(data)) {
+      return Promise.all(data.map((item) => sanitizeRecursive(item)));
+    } else if (data instanceof Error) {
+      return data;
+    } else if (data instanceof Date) {
+      return data;
+    } else if (typeof data === "object" && data !== null) {
+      const sanitized = {};
+      const record = data;
+      for (const key in record) {
+        if (Object.prototype.hasOwnProperty.call(record, key)) {
+          sanitized[key] = await sanitizeRecursive(record[key]);
+        }
+      }
+      return sanitized;
+    }
+    return data;
+  };
+  const sanitizedData = await sanitizeRecursive(obj);
+  return { sanitizedData, counts };
+}
+// src/features/analysis/upload-file.ts
+import Debug7 from "debug";
+import fetch3, { File, fileFrom, FormData } from "node-fetch";
+var debug8 = Debug7("mobbdev:upload-file");
+async function uploadFile({
+  file,
+  url,
+  uploadKey,
+  uploadFields,
+  logger
+}) {
+  const logInfo = logger || ((_message, _data) => {
+  });
+  logInfo(`FileUpload: upload file start ${url}`);
+  logInfo(`FileUpload: upload fields`, uploadFields);
+  logInfo(`FileUpload: upload key ${uploadKey}`);
+  debug8("upload file start %s", url);
+  debug8("upload fields %o", uploadFields);
+  debug8("upload key %s", uploadKey);
+  const form = new FormData();
+  Object.entries(uploadFields).forEach(([key, value]) => {
+    form.append(key, value);
+  });
+  if (!form.has("key")) {
+    form.append("key", uploadKey);
+  }
+  if (typeof file === "string") {
+    debug8("upload file from path %s", file);
+    logInfo(`FileUpload: upload file from path ${file}`);
+    form.append("file", await fileFrom(file));
+  } else {
+    debug8("upload file from buffer");
+    logInfo(`FileUpload: upload file from buffer`);
+    form.append("file", new File([new Uint8Array(file)], "file"));
+  }
+  const agent = getProxyAgent(url);
+  const response = await fetch3(url, {
+    method: "POST",
+    body: form,
+    agent
+  });
+  if (!response.ok) {
+    debug8("error from S3 %s %s", response.body, response.status);
+    logInfo(`FileUpload: error from S3 ${response.body} ${response.status}`);
+    throw new Error(`Failed to upload the file: ${response.status}`);
+  }
+  debug8("upload file done");
+  logInfo(`FileUpload: upload file done`);
+}
+// src/features/analysis/graphql/tracy-batch-upload.ts
+var gzipAsync = promisify(gzip);
+var debug9 = Debug8("mobbdev:tracy-batch-upload");
+var MAX_BATCH_PAYLOAD_BYTES = 3 * 1024 * 1024;
 // src/mcp/services/types.ts
 function buildLoginUrl(baseUrl, loginId, hostname, context) {
   const url = new URL(`${baseUrl}/${loginId}`);
@@ -7143,9 +7380,10 @@ function getConfigStore() {
 var configStore = getConfigStore();
 // src/commands/AuthManager.ts
+var debug10 = Debug9("mobbdev:auth");
 var LOGIN_MAX_WAIT = 10 * 60 * 1e3;
 var LOGIN_CHECK_DELAY = 5 * 1e3;
-var AuthManager = class {
+var _AuthManager = class _AuthManager {
   constructor(webAppUrl, apiUrl) {
     __publicField(this, "publicKey");
     __publicField(this, "privateKey");
@@ -7167,7 +7405,7 @@ var AuthManager = class {
   }
   async waitForAuthentication() {
     let newApiToken = null;
-    for (let i = 0; i < LOGIN_MAX_WAIT / LOGIN_CHECK_DELAY; i++) {
+    for (let i = 0; i < _AuthManager.loginMaxWait / LOGIN_CHECK_DELAY; i++) {
       newApiToken = await this.getApiToken();
       if (newApiToken) {
         break;
@@ -7197,6 +7435,9 @@ var AuthManager = class {
     if (this.authenticated === null) {
       const result = await this.checkAuthentication();
       this.authenticated = result.isAuthenticated;
+      if (!result.isAuthenticated) {
+        debug10("isAuthenticated: false \u2014 %s", result.message);
+      }
     }
     return this.authenticated;
   }
@@ -7273,6 +7514,14 @@ var AuthManager = class {
     }
     return null;
   }
+  /**
+   * Returns true if a non-empty API token is stored in the configStore.
+   * Used for diagnostics — does NOT validate the token.
+   */
+  hasStoredToken() {
+    const token = configStore.get("apiToken");
+    return typeof token === "string" && token.length > 0;
+  }
   /**
    * Gets the current GQL client (if authenticated)
    */
@@ -7305,9 +7554,12 @@ var AuthManager = class {
     this.currentBrowserUrl = null;
   }
 };
+/** Maximum time (ms) to wait for login authentication. Override in tests for faster failures. */
+__publicField(_AuthManager, "loginMaxWait", LOGIN_MAX_WAIT);
+var AuthManager = _AuthManager;
 // src/commands/handleMobbLogin.ts
-var debug8 = Debug7("mobbdev:commands");
+var debug11 = Debug10("mobbdev:commands");
 var LOGIN_MAX_WAIT2 = 10 * 60 * 1e3;
 var LOGIN_CHECK_DELAY2 = 5 * 1e3;
 var MOBB_LOGIN_REQUIRED_MSG = `\u{1F513} Login to Mobb is Required, you will be redirected to our login page, once the authorization is complete return to this prompt, ${chalk2.bgBlue(
@@ -7319,7 +7571,7 @@ async function getAuthenticatedGQLClient({
   apiUrl,
   webAppUrl
 }) {
-  debug8(
+  debug11(
     "getAuthenticatedGQLClient called with: apiUrl=%s, webAppUrl=%s",
     apiUrl || "undefined",
     webAppUrl || "undefined"
@@ -7342,7 +7594,7 @@ async function handleMobbLogin({
   webAppUrl,
   loginContext
 }) {
-  debug8(
+  debug11(
     "handleMobbLogin: resolved URLs - apiUrl=%s (from param: %s), webAppUrl=%s (from param: %s)",
     apiUrl || "fallback",
     apiUrl || "fallback",
@@ -7361,7 +7613,7 @@ async function handleMobbLogin({
       return authManager.getGQLClient();
     }
   } catch (error) {
-    debug8("Authentication check failed:", error);
+    debug11("Authentication check failed:", error);
   }
   if (apiKey) {
     createSpinner().start().error({
@@ -7412,56 +7664,6 @@ init_client_generates();
 init_GitService();
 init_urlParser2();
-// src/features/analysis/upload-file.ts
-import Debug8 from "debug";
-import fetch3, { File, fileFrom, FormData } from "node-fetch";
-var debug9 = Debug8("mobbdev:upload-file");
-async function uploadFile({
-  file,
-  url,
-  uploadKey,
-  uploadFields,
-  logger
-}) {
-  const logInfo = logger || ((_message, _data) => {
-  });
-  logInfo(`FileUpload: upload file start ${url}`);
-  logInfo(`FileUpload: upload fields`, uploadFields);
-  logInfo(`FileUpload: upload key ${uploadKey}`);
-  debug9("upload file start %s", url);
-  debug9("upload fields %o", uploadFields);
-  debug9("upload key %s", uploadKey);
-  const form = new FormData();
-  Object.entries(uploadFields).forEach(([key, value]) => {
-    form.append(key, value);
-  });
-  if (!form.has("key")) {
-    form.append("key", uploadKey);
-  }
-  if (typeof file === "string") {
-    debug9("upload file from path %s", file);
-    logInfo(`FileUpload: upload file from path ${file}`);
-    form.append("file", await fileFrom(file));
-  } else {
-    debug9("upload file from buffer");
-    logInfo(`FileUpload: upload file from buffer`);
-    form.append("file", new File([new Uint8Array(file)], "file"));
-  }
-  const agent = getProxyAgent(url);
-  const response = await fetch3(url, {
-    method: "POST",
-    body: form,
-    agent
-  });
-  if (!response.ok) {
-    debug9("error from S3 %s %s", response.body, response.status);
-    logInfo(`FileUpload: error from S3 ${response.body} ${response.status}`);
-    throw new Error(`Failed to upload the file: ${response.status}`);
-  }
-  debug9("upload file done");
-  logInfo(`FileUpload: upload file done`);
-}
 // src/utils/computerName.ts
 import { execSync } from "child_process";
 import os2 from "os";
@@ -7551,149 +7753,6 @@ function getStableComputerName() {
   return currentName;
 }
-// src/utils/sanitize-sensitive-data.ts
-import { OpenRedaction } from "@openredaction/openredaction";
-var openRedaction = new OpenRedaction({
-  patterns: [
-    // Core Personal Data
-    // Removed EMAIL - causes false positives in code/test snippets (e.g. --author="Eve Author <eve@example.com>")
-    // Prefer false negatives over false positives for this use case.
-    "SSN",
-    "NATIONAL_INSURANCE_UK",
-    "DATE_OF_BIRTH",
-    // Identity Documents
-    "PASSPORT_UK",
-    "PASSPORT_US",
-    "PASSPORT_MRZ_TD1",
-    "PASSPORT_MRZ_TD3",
-    "DRIVING_LICENSE_UK",
-    "DRIVING_LICENSE_US",
-    "VISA_NUMBER",
-    "VISA_MRZ",
-    "TAX_ID",
-    // Financial Data (removed SWIFT_BIC, CARD_AUTH_CODE - too broad, causing false positives with authentication words)
-    // Removed CREDIT_CARD - causes false positives on zero-filled UUIDs (e.g. '00000000-0000-0000-0000-000000000000')
-    // Prefer false negatives over false positives for this use case.
-    "IBAN",
-    "BANK_ACCOUNT_UK",
-    "ROUTING_NUMBER_US",
-    "CARD_TRACK1_DATA",
-    "CARD_TRACK2_DATA",
-    "CARD_EXPIRY",
-    // Cryptocurrency (removed BITCOIN_ADDRESS - too broad, matches hash-like strings)
-    "ETHEREUM_ADDRESS",
-    "LITECOIN_ADDRESS",
-    "CARDANO_ADDRESS",
-    "SOLANA_ADDRESS",
-    "MONERO_ADDRESS",
-    "RIPPLE_ADDRESS",
-    // Medical Data (removed PRESCRIPTION_NUMBER - too broad, matches words containing "ription")
-    // Removed MEDICAL_RECORD_NUMBER - too broad, "MR" prefix matches "Merge Request" in SCM contexts (e.g. "MR branches" → "MR br****es")
-    "NHS_NUMBER",
-    "AUSTRALIAN_MEDICARE",
-    "HEALTH_PLAN_NUMBER",
-    "PATIENT_ID",
-    // Communications (removed EMERGENCY_CONTACT, ADDRESS_PO_BOX, ZIP_CODE_US, PHONE_US, PHONE_INTERNATIONAL - too broad, causing false positives)
-    "PHONE_UK",
-    "PHONE_UK_MOBILE",
-    "PHONE_LINE_NUMBER",
-    "ADDRESS_STREET",
-    "POSTCODE_UK",
-    // Network & Technical
-    "IPV4",
-    "IPV6",
-    "MAC_ADDRESS",
-    "URL_WITH_AUTH",
-    // Security Keys & Tokens
-    "PRIVATE_KEY",
-    "SSH_PRIVATE_KEY",
-    "AWS_SECRET_KEY",
-    "AWS_ACCESS_KEY",
-    "AZURE_STORAGE_KEY",
-    "GCP_SERVICE_ACCOUNT",
-    "JWT_TOKEN",
-    "OAUTH_TOKEN",
-    "OAUTH_CLIENT_SECRET",
-    "BEARER_TOKEN",
-    "PAYMENT_TOKEN",
-    "GENERIC_SECRET",
-    "GENERIC_API_KEY",
-    // Platform-Specific API Keys
-    "GITHUB_TOKEN",
-    "SLACK_TOKEN",
-    "STRIPE_API_KEY",
-    "GOOGLE_API_KEY",
-    "FIREBASE_API_KEY",
-    "HEROKU_API_KEY",
-    "MAILGUN_API_KEY",
-    "SENDGRID_API_KEY",
-    "TWILIO_API_KEY",
-    "NPM_TOKEN",
-    "PYPI_TOKEN",
-    "DOCKER_AUTH",
-    "KUBERNETES_SECRET",
-    // Government & Legal
-    // Removed CLIENT_ID - too broad, "client" is ubiquitous in code (npm packages like @scope/client-*, class names like ClientSdkOptions)
-    "POLICE_REPORT_NUMBER",
-    "IMMIGRATION_NUMBER",
-    "COURT_REPORTER_LICENSE"
-  ]
-});
-function maskString(str, showStart = 2, showEnd = 2) {
-  if (str.length <= showStart + showEnd) {
-    return "*".repeat(str.length);
-  }
-  return str.slice(0, showStart) + "*".repeat(str.length - showStart - showEnd) + str.slice(-showEnd);
-}
-async function sanitizeDataWithCounts(obj) {
-  const counts = {
-    detections: { total: 0, high: 0, medium: 0, low: 0 }
-  };
-  const sanitizeString = async (str) => {
-    let result = str;
-    const piiDetections = openRedaction.scan(str);
-    if (piiDetections && piiDetections.total > 0) {
-      const allDetections = [
-        ...piiDetections.high,
-        ...piiDetections.medium,
-        ...piiDetections.low
-      ];
-      for (const detection of allDetections) {
-        counts.detections.total++;
-        if (detection.severity === "high") counts.detections.high++;
-        else if (detection.severity === "medium") counts.detections.medium++;
-        else if (detection.severity === "low") counts.detections.low++;
-        const masked = maskString(detection.value);
-        result = result.replaceAll(detection.value, masked);
-      }
-    }
-    return result;
-  };
-  const sanitizeRecursive = async (data) => {
-    if (typeof data === "string") {
-      return sanitizeString(data);
-    } else if (Array.isArray(data)) {
-      return Promise.all(data.map((item) => sanitizeRecursive(item)));
-    } else if (data instanceof Error) {
-      return data;
-    } else if (data instanceof Date) {
-      return data;
-    } else if (typeof data === "object" && data !== null) {
-      const sanitized = {};
-      const record = data;
-      for (const key in record) {
-        if (Object.prototype.hasOwnProperty.call(record, key)) {
-          sanitized[key] = await sanitizeRecursive(record[key]);
-        }
-      }
-      return sanitized;
-    }
-    return data;
-  };
-  const sanitizedData = await sanitizeRecursive(obj);
-  return { sanitizedData, counts };
-}
 // src/args/commands/upload_ai_blame.ts
 var defaultLogger = {
   info: (msg, data) => {
@@ -8014,6 +8073,8 @@ async function uploadAiBlameCommandHandler(args) {
   await uploadAiBlameHandler({ args });
 }
 export {
+  getRepositoryUrl,
+  getSystemInfo,
   uploadAiBlameBuilder,
   uploadAiBlameCommandHandler,
   uploadAiBlameHandler,