npm - mobbdev - Versions diffs - 1.2.60 → 1.2.62 - Mend

mobbdev 1.2.60 → 1.2.62

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/args/commands/upload_ai_blame.mjs +17 -1
package/dist/index.mjs +203 -23
package/package.json +1 -1

package/dist/args/commands/upload_ai_blame.mjs CHANGED Viewed

@@ -7209,7 +7209,17 @@ import Debug8 from "debug";
 // src/utils/sanitize-sensitive-data.ts
 import { OpenRedaction } from "@openredaction/openredaction";
+var ADO_PAT_PATTERN = {
+  type: "AZURE_DEVOPS_PAT",
+  regex: /\b[a-zA-Z0-9]{20,}JQQJ99[a-zA-Z0-9]{10,52}\b/g,
+  priority: 95,
+  placeholder: "[ADO_PAT_{n}]",
+  description: "Azure DevOps Personal Access Token",
+  severity: "high",
+  validator: (match) => match.length >= 52 && match.length <= 100
+};
 var openRedaction = new OpenRedaction({
+  customPatterns: [ADO_PAT_PATTERN],
   patterns: [
     // Core Personal Data
     // Removed EMAIL - causes false positives in code/test snippets (e.g. --author="Eve Author <eve@example.com>")
@@ -7280,7 +7290,9 @@ var openRedaction = new OpenRedaction({
     "STRIPE_API_KEY",
     "GOOGLE_API_KEY",
     "FIREBASE_API_KEY",
-    "HEROKU_API_KEY",
+    // Removed HEROKU_API_KEY - its regex matches ALL UUIDs ([a-f0-9]{8}-[a-f0-9]{4}-...)
+    // and the validator triggers on "auth" anywhere in context (e.g. "oauth2" in user IDs).
+    // This causes false positives on every UUID when OAuth-related strings are nearby.
     "MAILGUN_API_KEY",
     "SENDGRID_API_KEY",
     "TWILIO_API_KEY",
@@ -7305,7 +7317,11 @@ async function sanitizeDataWithCounts(obj) {
   const counts = {
     detections: { total: 0, high: 0, medium: 0, low: 0 }
   };
+  const MAX_SCAN_LENGTH = 1e5;
   const sanitizeString = async (str) => {
+    if (str.length > MAX_SCAN_LENGTH) {
+      return str;
+    }
     let result = str;
     const piiDetections = openRedaction.scan(str);
     if (piiDetections && piiDetections.total > 0) {

package/dist/index.mjs CHANGED Viewed

@@ -13186,7 +13186,17 @@ function getStableComputerName() {
 // src/utils/sanitize-sensitive-data.ts
 import { OpenRedaction } from "@openredaction/openredaction";
+var ADO_PAT_PATTERN = {
+  type: "AZURE_DEVOPS_PAT",
+  regex: /\b[a-zA-Z0-9]{20,}JQQJ99[a-zA-Z0-9]{10,52}\b/g,
+  priority: 95,
+  placeholder: "[ADO_PAT_{n}]",
+  description: "Azure DevOps Personal Access Token",
+  severity: "high",
+  validator: (match) => match.length >= 52 && match.length <= 100
+};
 var openRedaction = new OpenRedaction({
+  customPatterns: [ADO_PAT_PATTERN],
   patterns: [
     // Core Personal Data
     // Removed EMAIL - causes false positives in code/test snippets (e.g. --author="Eve Author <eve@example.com>")
@@ -13257,7 +13267,9 @@ var openRedaction = new OpenRedaction({
     "STRIPE_API_KEY",
     "GOOGLE_API_KEY",
     "FIREBASE_API_KEY",
-    "HEROKU_API_KEY",
+    // Removed HEROKU_API_KEY - its regex matches ALL UUIDs ([a-f0-9]{8}-[a-f0-9]{4}-...)
+    // and the validator triggers on "auth" anywhere in context (e.g. "oauth2" in user IDs).
+    // This causes false positives on every UUID when OAuth-related strings are nearby.
     "MAILGUN_API_KEY",
     "SENDGRID_API_KEY",
     "TWILIO_API_KEY",
@@ -13282,7 +13294,11 @@ async function sanitizeDataWithCounts(obj) {
   const counts = {
     detections: { total: 0, high: 0, medium: 0, low: 0 }
   };
+  const MAX_SCAN_LENGTH = 1e5;
   const sanitizeString = async (str) => {
+    if (str.length > MAX_SCAN_LENGTH) {
+      return str;
+    }
     let result = str;
     const piiDetections = openRedaction.scan(str);
     if (piiDetections && piiDetections.total > 0) {
@@ -16394,9 +16410,11 @@ async function analyzeHandler(args) {
 }
 // src/features/claude_code/data_collector.ts
+import { execFile } from "child_process";
 import { createHash as createHash2 } from "crypto";
 import { access, open as open4, readdir, readFile, unlink } from "fs/promises";
 import path14 from "path";
+import { promisify } from "util";
 import { z as z33 } from "zod";
 init_client_generates();
@@ -16552,7 +16570,10 @@ function createDdBatch(config2) {
       }
     });
   }
-  return { enqueue, flush, flushAsync, dispose, createPinoStream };
+  function updateDdTags(ddtags) {
+    config2.ddtags = ddtags;
+  }
+  return { enqueue, flush, flushAsync, dispose, createPinoStream, updateDdTags };
 }
 // src/utils/shared-logger/hostname.ts
@@ -16665,6 +16686,11 @@ function createLogger(config2) {
       ddBatch.dispose();
     }
   }
+  function updateDdTags(newDdTags) {
+    if (ddBatch) {
+      ddBatch.updateDdTags(newDdTags);
+    }
+  }
   return {
     info,
     warn,
@@ -16675,14 +16701,23 @@ function createLogger(config2) {
     flushLogs: flushLogs2,
     flushDdAsync,
     disposeDd,
-    setScopePath: csStream.setScopePath
+    setScopePath: csStream.setScopePath,
+    updateDdTags
   };
 }
 // src/features/claude_code/hook_logger.ts
 var DD_RUM_TOKEN = true ? "pubf59c0182545bfb4c299175119f1abf9b" : "";
-var CLI_VERSION = true ? "1.2.60" : "unknown";
+var CLI_VERSION = true ? "1.2.62" : "unknown";
 var NAMESPACE = "mobbdev-claude-code-hook-logs";
+var claudeCodeVersion;
+function buildDdTags() {
+  const tags = [`version:${CLI_VERSION}`];
+  if (claudeCodeVersion) {
+    tags.push(`cc_version:${claudeCodeVersion}`);
+  }
+  return tags.join(",");
+}
 function createHookLogger(scopePath) {
   return createLogger({
     namespace: NAMESPACE,
@@ -16691,7 +16726,7 @@ function createHookLogger(scopePath) {
       apiKey: DD_RUM_TOKEN,
       ddsource: "mobbdev-cli",
       service: "mobbdev-cli-hook",
-      ddtags: `version:${CLI_VERSION}`,
+      ddtags: buildDdTags(),
       hostnameMode: "hashed",
       unrefTimer: true
     }
@@ -16700,6 +16735,13 @@ function createHookLogger(scopePath) {
 var logger = createHookLogger();
 var activeScopedLoggers = [];
 var hookLog = logger;
+function setClaudeCodeVersion(version) {
+  claudeCodeVersion = version;
+  logger.updateDdTags(buildDdTags());
+}
+function getClaudeCodeVersion() {
+  return claudeCodeVersion;
+}
 function flushLogs() {
   logger.flushLogs();
   for (const scoped of activeScopedLoggers) {
@@ -16725,8 +16767,7 @@ import os5 from "os";
 import path13 from "path";
 import chalk11 from "chalk";
 var CLAUDE_SETTINGS_PATH = path13.join(os5.homedir(), ".claude", "settings.json");
-var RECOMMENDED_MATCHER = "Bash|Write|Edit|Agent|Read";
-var STALE_MATCHERS = /* @__PURE__ */ new Set(["", "*", "Edit|Write"]);
+var RECOMMENDED_MATCHER = "Write|Edit";
 async function claudeSettingsExists() {
   try {
     await fsPromises4.access(CLAUDE_SETTINGS_PATH);
@@ -16758,12 +16799,19 @@ async function autoUpgradeMatcherIfStale() {
     let upgraded = false;
     for (const hook of hooks) {
       const isMobbHook = hook.hooks.some(
-        (h) => h.command?.includes("claude-code-process-hook") && (h.command?.includes("mobbdev") || h.command?.includes("mobbdev@"))
+        (h) => h.command?.includes("claude-code-process-hook")
       );
-      if (isMobbHook && STALE_MATCHERS.has(hook.matcher)) {
+      if (!isMobbHook) continue;
+      if (hook.matcher !== RECOMMENDED_MATCHER) {
         hook.matcher = RECOMMENDED_MATCHER;
         upgraded = true;
       }
+      for (const h of hook.hooks) {
+        if (!h.async) {
+          h.async = true;
+          upgraded = true;
+        }
+      }
     }
     if (upgraded) {
       await writeClaudeSettings(settings);
@@ -16817,7 +16865,8 @@ async function installMobbHooks(options = {}) {
     hooks: [
       {
         type: "command",
-        command
+        command,
+        async: true
       }
     ]
   };
@@ -16842,6 +16891,8 @@ async function installMobbHooks(options = {}) {
 }
 // src/features/claude_code/data_collector.ts
+var CC_VERSION_CACHE_KEY = "claudeCode.detectedCCVersion";
+var CC_VERSION_CLI_KEY = "claudeCode.detectedCCVersionCli";
 var GLOBAL_COOLDOWN_MS = 5e3;
 var HOOK_COOLDOWN_MS = 15e3;
 var ACTIVE_LOCK_TTL_MS = 6e4;
@@ -16852,14 +16903,35 @@ var MAX_ENTRIES_PER_INVOCATION = 50;
 var COOLDOWN_KEY = "lastHookRunAt";
 var ACTIVE_KEY = "hookActiveAt";
 var HookDataSchema = z33.object({
-  session_id: z33.string(),
-  transcript_path: z33.string(),
-  cwd: z33.string(),
+  session_id: z33.string().nullish(),
+  transcript_path: z33.string().nullish(),
+  cwd: z33.string().nullish(),
   hook_event_name: z33.string(),
   tool_name: z33.string(),
   tool_input: z33.unknown(),
   tool_response: z33.unknown()
 });
+var execFileAsync = promisify(execFile);
+async function detectClaudeCodeVersion() {
+  const cachedCliVersion = configStore.get(CC_VERSION_CLI_KEY);
+  if (cachedCliVersion === packageJson.version) {
+    return configStore.get(CC_VERSION_CACHE_KEY);
+  }
+  try {
+    const { stdout: stdout2 } = await execFileAsync("claude", ["--version"], {
+      timeout: 3e3,
+      encoding: "utf-8"
+    });
+    const version = stdout2.trim().split(/\s/)[0] || stdout2.trim();
+    configStore.set(CC_VERSION_CACHE_KEY, version);
+    configStore.set(CC_VERSION_CLI_KEY, packageJson.version);
+    return version;
+  } catch {
+    configStore.set(CC_VERSION_CACHE_KEY, void 0);
+    configStore.set(CC_VERSION_CLI_KEY, packageJson.version);
+    return void 0;
+  }
+}
 var STDIN_TIMEOUT_MS = 1e4;
 async function readStdinData() {
   hookLog.debug("Reading stdin data");
@@ -16911,6 +16983,24 @@ async function readStdinData() {
 function validateHookData(data) {
   return HookDataSchema.parse(data);
 }
+async function extractSessionIdFromTranscript(transcriptPath) {
+  try {
+    const fh = await open4(transcriptPath, "r");
+    try {
+      const buf = Buffer.alloc(4096);
+      const { bytesRead } = await fh.read(buf, 0, 4096, 0);
+      const chunk = buf.toString("utf-8", 0, bytesRead);
+      const firstLine = chunk.split("\n").find((l) => l.trim().length > 0);
+      if (!firstLine) return null;
+      const entry = JSON.parse(firstLine);
+      return entry.sessionId ?? null;
+    } finally {
+      await fh.close();
+    }
+  } catch {
+    return null;
+  }
+}
 function generateSyntheticId(sessionId, timestamp, type2, lineIndex) {
   const input = `${sessionId ?? ""}:${timestamp ?? ""}:${type2 ?? ""}:${lineIndex}`;
   const hash = createHash2("sha256").update(input).digest("hex").slice(0, 16);
@@ -17201,9 +17291,94 @@ async function processAndUploadTranscriptEntries() {
       hookLog.info("Auto-upgraded hook matcher to reduce CPU usage");
     }
   }
+  try {
+    const ccVersion = await detectClaudeCodeVersion();
+    setClaudeCodeVersion(ccVersion);
+  } catch {
+  }
   const rawData = await readStdinData();
-  const hookData = validateHookData(rawData);
-  const sessionStore = createSessionConfigStore(hookData.session_id);
+  const rawObj = rawData;
+  const hookData = (() => {
+    try {
+      return validateHookData(rawData);
+    } catch (err) {
+      hookLog.error(
+        {
+          data: {
+            hook_event_name: rawObj?.["hook_event_name"],
+            tool_name: rawObj?.["tool_name"],
+            session_id: rawObj?.["session_id"],
+            cwd: rawObj?.["cwd"],
+            keys: rawObj ? Object.keys(rawObj) : []
+          }
+        },
+        `Hook validation failed: ${err.message?.slice(0, 200)}`
+      );
+      throw err;
+    }
+  })();
+  if (!hookData.transcript_path) {
+    hookLog.warn(
+      {
+        data: {
+          hook_event_name: hookData.hook_event_name,
+          tool_name: hookData.tool_name,
+          session_id: hookData.session_id,
+          cwd: hookData.cwd
+        }
+      },
+      "Missing transcript_path \u2014 cannot process hook"
+    );
+    return { entriesUploaded: 0, entriesSkipped: 0, errors: 0 };
+  }
+  let sessionId = hookData.session_id;
+  if (!sessionId) {
+    sessionId = await extractSessionIdFromTranscript(hookData.transcript_path);
+    if (sessionId) {
+      hookLog.warn(
+        {
+          data: {
+            hook_event_name: hookData.hook_event_name,
+            tool_name: hookData.tool_name,
+            cwd: hookData.cwd,
+            extractedSessionId: sessionId
+          }
+        },
+        "Missing session_id in hook data \u2014 extracted from transcript"
+      );
+    } else {
+      hookLog.warn(
+        {
+          data: {
+            hook_event_name: hookData.hook_event_name,
+            tool_name: hookData.tool_name,
+            transcript_path: hookData.transcript_path
+          }
+        },
+        "Missing session_id and could not extract from transcript \u2014 cannot process hook"
+      );
+      return { entriesUploaded: 0, entriesSkipped: 0, errors: 0 };
+    }
+  }
+  if (!hookData.cwd) {
+    hookLog.warn(
+      {
+        data: {
+          hook_event_name: hookData.hook_event_name,
+          tool_name: hookData.tool_name,
+          session_id: sessionId
+        }
+      },
+      "Missing cwd in hook data \u2014 scoped logging and repo URL detection disabled"
+    );
+  }
+  const resolvedHookData = {
+    ...hookData,
+    session_id: sessionId,
+    transcript_path: hookData.transcript_path,
+    cwd: hookData.cwd ?? void 0
+  };
+  const sessionStore = createSessionConfigStore(resolvedHookData.session_id);
   await cleanupStaleSessions(sessionStore);
   const now = Date.now();
   const lastRunAt = sessionStore.get(COOLDOWN_KEY);
@@ -17218,7 +17393,7 @@ async function processAndUploadTranscriptEntries() {
         {
           data: {
             activeDurationMs: activeDuration,
-            sessionId: hookData.session_id
+            sessionId: resolvedHookData.session_id
           }
         },
         "Hook still active \u2014 possible slow upload or hung process"
@@ -17228,20 +17403,21 @@ async function processAndUploadTranscriptEntries() {
   }
   sessionStore.set(ACTIVE_KEY, now);
   sessionStore.set(COOLDOWN_KEY, now);
-  const log2 = createScopedHookLog(hookData.cwd);
+  const log2 = createScopedHookLog(resolvedHookData.cwd ?? process.cwd());
   log2.info(
     {
       data: {
-        sessionId: hookData.session_id,
-        toolName: hookData.tool_name,
-        hookEvent: hookData.hook_event_name,
-        cwd: hookData.cwd
+        sessionId: resolvedHookData.session_id,
+        toolName: resolvedHookData.tool_name,
+        hookEvent: resolvedHookData.hook_event_name,
+        cwd: resolvedHookData.cwd,
+        claudeCodeVersion: getClaudeCodeVersion()
       }
     },
     "Hook data validated"
   );
   try {
-    return await processTranscript(hookData, sessionStore, log2);
+    return await processTranscript(resolvedHookData, sessionStore, log2);
   } finally {
     sessionStore.delete(ACTIVE_KEY);
     log2.flushLogs();
@@ -17330,6 +17506,9 @@ async function processTranscript(hookData, sessionStore, log2) {
         rawEntry["message"] = { model: lastSeenModel };
       }
     }
+    if (!rawEntry["sessionId"]) {
+      rawEntry["sessionId"] = hookData.session_id;
+    }
     return {
       platform: "CLAUDE_CODE" /* ClaudeCode */,
       recordId: _recordId,
@@ -17371,7 +17550,8 @@ async function processTranscript(hookData, sessionStore, log2) {
     sessionStore.set(cursorKey, cursor);
     log2.heartbeat("Upload ok", {
       entriesUploaded: entries.length,
-      entriesSkipped: filteredOut
+      entriesSkipped: filteredOut,
+      claudeCodeVersion: getClaudeCodeVersion()
     });
     return {
       entriesUploaded: entries.length,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.2.60",
+  "version": "1.2.62",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.mjs",