npm - mobbdev - Versions diffs - 1.4.10 → 1.4.12 - Mend

mobbdev 1.4.10 → 1.4.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/args/commands/upload_ai_blame.d.mts +28 -9
package/dist/args/commands/upload_ai_blame.mjs +114 -15
package/dist/index.mjs +814 -146
package/package.json +1 -1

package/dist/args/commands/upload_ai_blame.d.mts CHANGED Viewed

@@ -56,17 +56,17 @@ declare const PromptItemZ: z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     }, {
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     }>>;
 }, "strip", z.ZodTypeAny, {
@@ -75,9 +75,9 @@ declare const PromptItemZ: z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     } | undefined;
     date?: Date | undefined;
@@ -96,9 +96,9 @@ declare const PromptItemZ: z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     } | undefined;
     date?: Date | undefined;
@@ -149,17 +149,17 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     }, {
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     }>>;
 }, "strip", z.ZodTypeAny, {
@@ -168,9 +168,9 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     } | undefined;
     date?: Date | undefined;
@@ -189,9 +189,9 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
         name: string;
         parameters: string;
         result: string;
+        mcpServer?: string | undefined;
         accepted?: boolean | undefined;
         rawArguments?: string | undefined;
-        mcpServer?: string | undefined;
         mcpToolName?: string | undefined;
     } | undefined;
     date?: Date | undefined;
@@ -206,6 +206,25 @@ declare const PromptItemArrayZ: z.ZodArray<z.ZodObject<{
     }[] | undefined;
 }>, "many">;
 type PromptItemArray = z.infer<typeof PromptItemArrayZ>;
+type RepoState = {
+    repositoryUrl: string | null;
+    branch: string | null;
+    commitSha: string | null;
+};
+/**
+ * Reads git state for tracy event attribution: repo URL, current branch, and
+ * HEAD commit SHA. Each field is read fresh — no caching across calls. Detached
+ * HEAD (rebase, bisect) returns `branch: null` rather than the literal string
+ * "HEAD" that `git rev-parse --abbrev-ref HEAD` would produce.
+ *
+ * Both the CLI daemon and the VS Code extension flow through the shared
+ * `GitService.getCurrentRepoState()` so detached-HEAD handling and SHA
+ * normalization stay in lockstep across the two clients.
+ *
+ * Never throws — non-existent dirs, missing git binaries, and unrecognized
+ * remotes all resolve to nulls so the daemon hot path can rely on a value.
+ */
+declare function readRepoState(workingDir?: string): Promise<RepoState>;
 /**
  * Gets the normalized GitHub repository URL from the current working directory.
  * Returns null if not in a git repository or if not a GitHub repository.
@@ -265,4 +284,4 @@ type UploadAiBlameHandlerOptions = {
 declare function uploadAiBlameHandler(options: UploadAiBlameHandlerOptions): Promise<void>;
 declare function uploadAiBlameCommandHandler(args: UploadAiBlameOptions): Promise<void>;
-export { type PromptItem, type PromptItemArray, type UploadAiBlameOptions, type UploadAiBlameResult, getRepositoryUrl, getSystemInfo, uploadAiBlameBuilder, uploadAiBlameCommandHandler, uploadAiBlameHandler, uploadAiBlameHandlerFromExtension };
+export { type PromptItem, type PromptItemArray, type RepoState, type UploadAiBlameOptions, type UploadAiBlameResult, getRepositoryUrl, getSystemInfo, readRepoState, uploadAiBlameBuilder, uploadAiBlameCommandHandler, uploadAiBlameHandler, uploadAiBlameHandlerFromExtension };

package/dist/args/commands/upload_ai_blame.mjs CHANGED Viewed

@@ -109,6 +109,9 @@ function getSdk(client, withWrapper = defaultWrapper) {
     autoPrAnalysis(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: AutoPrAnalysisDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "autoPrAnalysis", "mutation", variables);
     },
+    getFixWithAnswers(variables, requestHeaders, signal) {
+      return withWrapper((wrappedRequestHeaders) => client.request({ document: GetFixWithAnswersDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "getFixWithAnswers", "query", variables);
+    },
     GetFixReportsByRepoUrl(variables, requestHeaders, signal) {
       return withWrapper((wrappedRequestHeaders) => client.request({ document: GetFixReportsByRepoUrlDocument, variables, requestHeaders: { ...requestHeaders, ...wrappedRequestHeaders }, signal }), "GetFixReportsByRepoUrl", "query", variables);
     },
@@ -138,7 +141,7 @@ function getSdk(client, withWrapper = defaultWrapper) {
     }
   };
 }
-var AiBlameInferenceType, FixQuestionInputType, Language, ManifestAction, Effort_To_Apply_Fix_Enum, Fix_Rating_Tag_Enum, Fix_Report_State_Enum, Fix_State_Enum, IssueLanguage_Enum, IssueType_Enum, Pr_Status_Enum, Project_Role_Type_Enum, Vulnerability_Report_Issue_Category_Enum, Vulnerability_Report_Issue_State_Enum, Vulnerability_Report_Issue_Tag_Enum, Vulnerability_Report_Vendor_Enum, Vulnerability_Severity_Enum, FixDetailsFragmentDoc, FixReportSummaryFieldsFragmentDoc, MeDocument, GetLastOrgAndNamedProjectDocument, GetLastOrgDocument, GetEncryptedApiTokenDocument, FixReportStateDocument, GetVulnerabilityReportPathsDocument, GetAnalysisSubscriptionDocument, GetAnalysisDocument, GetFixesDocument, GetVulByNodesMetadataDocument, GetFalsePositiveDocument, UpdateScmTokenDocument, UploadS3BucketInfoDocument, GetTracyDiffUploadUrlDocument, AnalyzeCommitForExtensionAiBlameDocument, GetAiBlameInferenceDocument, GetAiBlameAttributionPromptDocument, GetPromptSummaryDocument, UploadAiBlameInferencesInitDocument, FinalizeAiBlameInferencesUploadDocument, UploadTracyRecordsDocument, GetTracyRawDataUploadUrlDocument, DigestVulnerabilityReportDocument, SubmitVulnerabilityReportDocument, CreateCommunityUserDocument, CreateCliLoginDocument, PerformCliLoginDocument, SetQuarantineEnabledDocument, CreateProjectDocument, ValidateRepoUrlDocument, GitReferenceDocument, AutoPrAnalysisDocument, GetFixReportsByRepoUrlDocument, GetReportFixesDocument, GetLatestReportByRepoUrlDocument, UpdateDownloadedFixDataDocument, GetUserMvsAutoFixDocument, StreamBlameAiAnalysisRequestsDocument, StreamCommitBlameRequestsDocument, ScanSkillDocument, SkillVerdictsByMd5Document, defaultWrapper;
+var AiBlameInferenceType, FixQuestionInputType, Language, ManifestAction, Effort_To_Apply_Fix_Enum, Fix_Rating_Tag_Enum, Fix_Report_State_Enum, Fix_State_Enum, IssueLanguage_Enum, IssueType_Enum, Pr_Status_Enum, Project_Role_Type_Enum, Vulnerability_Report_Issue_Category_Enum, Vulnerability_Report_Issue_State_Enum, Vulnerability_Report_Issue_Tag_Enum, Vulnerability_Report_Vendor_Enum, Vulnerability_Severity_Enum, FixDetailsFragmentDoc, FixReportSummaryFieldsFragmentDoc, MeDocument, GetLastOrgAndNamedProjectDocument, GetLastOrgDocument, GetEncryptedApiTokenDocument, FixReportStateDocument, GetVulnerabilityReportPathsDocument, GetAnalysisSubscriptionDocument, GetAnalysisDocument, GetFixesDocument, GetVulByNodesMetadataDocument, GetFalsePositiveDocument, UpdateScmTokenDocument, UploadS3BucketInfoDocument, GetTracyDiffUploadUrlDocument, AnalyzeCommitForExtensionAiBlameDocument, GetAiBlameInferenceDocument, GetAiBlameAttributionPromptDocument, GetPromptSummaryDocument, UploadAiBlameInferencesInitDocument, FinalizeAiBlameInferencesUploadDocument, UploadTracyRecordsDocument, GetTracyRawDataUploadUrlDocument, DigestVulnerabilityReportDocument, SubmitVulnerabilityReportDocument, CreateCommunityUserDocument, CreateCliLoginDocument, PerformCliLoginDocument, SetQuarantineEnabledDocument, CreateProjectDocument, ValidateRepoUrlDocument, GitReferenceDocument, AutoPrAnalysisDocument, GetFixWithAnswersDocument, GetFixReportsByRepoUrlDocument, GetReportFixesDocument, GetLatestReportByRepoUrlDocument, UpdateDownloadedFixDataDocument, GetUserMvsAutoFixDocument, StreamBlameAiAnalysisRequestsDocument, StreamCommitBlameRequestsDocument, ScanSkillDocument, SkillVerdictsByMd5Document, defaultWrapper;
 var init_client_generates = __esm({
   "src/features/analysis/scm/generates/client_generates.ts"() {
     "use strict";
@@ -312,6 +315,7 @@ var init_client_generates = __esm({
       IssueType_Enum2["NoReturnInFinally"] = "NO_RETURN_IN_FINALLY";
       IssueType_Enum2["NoVar"] = "NO_VAR";
       IssueType_Enum2["NullDereference"] = "NULL_DEREFERENCE";
+      IssueType_Enum2["OftenMisusedBooleanGetBoolean"] = "OFTEN_MISUSED_BOOLEAN_GET_BOOLEAN";
       IssueType_Enum2["OpenRedirect"] = "OPEN_REDIRECT";
       IssueType_Enum2["OverlyBroadCatch"] = "OVERLY_BROAD_CATCH";
       IssueType_Enum2["OverlyLargeRange"] = "OVERLY_LARGE_RANGE";
@@ -442,6 +446,7 @@ var init_client_generates = __esm({
   id
   confidence
   safeIssueType
+  safeIssueLanguage
   severityText
   gitBlameLogin
   severityValue
@@ -464,6 +469,19 @@ var init_client_generates = __esm({
     ... on FixData {
       patch
       patchOriginalEncodingBase64
+      questions {
+        key
+        name
+        defaultValue
+        value
+        inputType
+        options
+        index
+        extraContext {
+          key
+          value
+        }
+      }
       extraContext {
         extraContext {
           key
@@ -1179,6 +1197,37 @@ var init_client_generates = __esm({
       error
     }
   }
+}
+    `;
+    GetFixWithAnswersDocument = `
+    query getFixWithAnswers($fixId: uuid!, $userInput: [QuestionAnswer!]!) {
+  fixData: getFix(fixId: $fixId, userInput: $userInput, loadAnswers: false) {
+    __typename
+    ... on FixData {
+      patch
+      patchOriginalEncodingBase64
+      questions {
+        key
+        name
+        defaultValue
+        value
+        inputType
+        options
+        index
+        extraContext {
+          key
+          value
+        }
+      }
+      extraContext {
+        extraContext {
+          key
+          value
+        }
+        fixDescription
+      }
+    }
+  }
 }
     `;
     GetFixReportsByRepoUrlDocument = `
@@ -1827,7 +1876,8 @@ var init_getIssueType = __esm({
       ["MISSING_X_FRAME_OPTIONS" /* MissingXFrameOptions */]: "Missing X-Frame-Options Header",
       ["IMPROPER_VALIDATION_OF_ARRAY_INDEX" /* ImproperValidationOfArrayIndex */]: "Improper Validation of Array Index",
       ["INCORRECT_INTEGER_CONVERSION" /* IncorrectIntegerConversion */]: "Incorrect Integer Conversion",
-      ["IMPROPER_CERTIFICATE_VALIDATION" /* ImproperCertificateValidation */]: "Improper Certificate Validation"
+      ["IMPROPER_CERTIFICATE_VALIDATION" /* ImproperCertificateValidation */]: "Improper Certificate Validation",
+      ["OFTEN_MISUSED_BOOLEAN_GET_BOOLEAN" /* OftenMisusedBooleanGetBoolean */]: "Often Misused: Boolean.getBoolean()"
     };
     issueTypeZ = z5.nativeEnum(IssueType_Enum);
     getIssueTypeFriendlyString = (issueType) => {
@@ -3865,6 +3915,31 @@ var init_GitService = __esm({
           throw new Error(errorMessage);
         }
       }
+      /**
+       * Reads `{ branch, commitSha }` for tracy event attribution. Detached-HEAD
+       * (rebase, bisect, "open this commit") returns `branch: null` rather than
+       * the literal string `"HEAD"` that `getCurrentBranch()` produces — that
+       * literal would silently corrupt downstream branch dashboards.
+       *
+       * The two reads run in parallel so the wall-time cost is one `git`
+       * round-trip rather than two. Never throws — failures resolve to nulls so
+       * the daemon hot path can rely on a value, not an exception.
+       */
+      async getCurrentRepoState() {
+        const branchPromise = this.git.raw(["symbolic-ref", "--short", "-q", "HEAD"]).then((s) => {
+          const trimmed = s.trim();
+          return trimmed.length > 0 ? trimmed : null;
+        }).catch(() => null);
+        const commitShaPromise = this.git.raw(["rev-parse", "HEAD"]).then((s) => {
+          const trimmed = s.trim().toLowerCase();
+          return /^[0-9a-f]{40}$/.test(trimmed) ? trimmed : null;
+        }).catch(() => null);
+        const [branch, commitSha] = await Promise.all([
+          branchPromise,
+          commitShaPromise
+        ]);
+        return { branch, commitSha };
+      }
       /**
        * Gets both the current commit hash and current branch name
        */
@@ -5009,7 +5084,8 @@ var fixDetailsData = {
   ["MISSING_X_FRAME_OPTIONS" /* MissingXFrameOptions */]: void 0,
   ["IMPROPER_VALIDATION_OF_ARRAY_INDEX" /* ImproperValidationOfArrayIndex */]: void 0,
   ["INCORRECT_INTEGER_CONVERSION" /* IncorrectIntegerConversion */]: void 0,
-  ["IMPROPER_CERTIFICATE_VALIDATION" /* ImproperCertificateValidation */]: void 0
+  ["IMPROPER_CERTIFICATE_VALIDATION" /* ImproperCertificateValidation */]: void 0,
+  ["OFTEN_MISUSED_BOOLEAN_GET_BOOLEAN" /* OftenMisusedBooleanGetBoolean */]: void 0
 };
 // src/features/analysis/scm/shared/src/commitDescriptionMarkup.ts
@@ -7409,8 +7485,16 @@ var ADO_PAT_PATTERN = {
   severity: "high",
   validator: (match) => match.length >= 52 && match.length <= 100
 };
+var DATADOG_APP_KEY_PATTERN = {
+  type: "DATADOG_APP_KEY",
+  regex: /\bddapp_[a-zA-Z0-9]{30,}\b/g,
+  priority: 95,
+  placeholder: "[DATADOG_APP_KEY_{n}]",
+  description: "Datadog Application Key",
+  severity: "high"
+};
 var openRedaction = new OpenRedaction({
-  customPatterns: [ADO_PAT_PATTERN],
+  customPatterns: [ADO_PAT_PATTERN, DATADOG_APP_KEY_PATTERN],
   patterns: [
     // Core Personal Data
     // Removed EMAIL - causes false positives in code/test snippets (e.g. --author="Eve Author <eve@example.com>")
@@ -8115,19 +8199,33 @@ var PromptItemZ = z27.object({
   }).optional()
 });
 var PromptItemArrayZ = z27.array(PromptItemZ);
-async function getRepositoryUrl(workingDir) {
+var NULL_REPO_STATE = {
+  repositoryUrl: null,
+  branch: null,
+  commitSha: null
+};
+async function readRepoState(workingDir) {
+  const dir = workingDir ?? process.cwd();
+  let gitService;
   try {
-    const gitService = new GitService(workingDir ?? process.cwd());
-    const isRepo = await gitService.isGitRepository();
-    if (!isRepo) {
-      return null;
-    }
-    const remoteUrl = await gitService.getRemoteUrl();
-    const parsed = parseScmURL(remoteUrl);
-    return parsed?.scmType && parsed.scmType !== "Unknown" ? remoteUrl : null;
+    gitService = new GitService(dir);
   } catch {
-    return null;
-  }
+    return NULL_REPO_STATE;
+  }
+  const repoStatePromise = gitService.getCurrentRepoState().catch(() => ({ branch: null, commitSha: null }));
+  const repositoryUrlPromise = gitService.getRemoteUrl().then((url) => {
+    if (!url) return null;
+    const parsed = parseScmURL(url);
+    return parsed?.scmType && parsed.scmType !== "Unknown" ? url : null;
+  }).catch(() => null);
+  const [{ branch, commitSha }, repositoryUrl] = await Promise.all([
+    repoStatePromise,
+    repositoryUrlPromise
+  ]);
+  return { repositoryUrl, branch, commitSha };
+}
+async function getRepositoryUrl(workingDir) {
+  return (await readRepoState(workingDir)).repositoryUrl;
 }
 function getSystemInfo() {
   let userName;
@@ -8409,6 +8507,7 @@ async function uploadAiBlameCommandHandler(args) {
 export {
   getRepositoryUrl,
   getSystemInfo,
+  readRepoState,
   uploadAiBlameBuilder,
   uploadAiBlameCommandHandler,
   uploadAiBlameHandler,