mobbdev 1.4.34 → 1.4.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -346,6 +346,9 @@ var init_client_generates = __esm({
346
346
  key
347
347
  value
348
348
  }
349
+ content
350
+ description
351
+ guidance
349
352
  }
350
353
  extraContext {
351
354
  extraContext {
@@ -590,6 +593,9 @@ var init_client_generates = __esm({
590
593
  name
591
594
  options
592
595
  value
596
+ content
597
+ description
598
+ guidance
593
599
  __typename
594
600
  }
595
601
  extraContext {
@@ -599,6 +605,7 @@ var init_client_generates = __esm({
599
605
  __typename
600
606
  }
601
607
  fixDescription
608
+ guidances
602
609
  manifestActionsRequired {
603
610
  action
604
611
  lib {
@@ -1087,6 +1094,9 @@ var init_client_generates = __esm({
1087
1094
  key
1088
1095
  value
1089
1096
  }
1097
+ content
1098
+ description
1099
+ guidance
1090
1100
  }
1091
1101
  extraContext {
1092
1102
  extraContext {
@@ -1324,7 +1334,11 @@ var init_fix = __esm({
1324
1334
  FixExtraContextZ = z2.object({
1325
1335
  fixDescription: z2.string(),
1326
1336
  manifestActionsRequired: z2.array(ManifestActionRequiredZ),
1327
- extraContext: z2.array(ExtraContextInternalZ)
1337
+ extraContext: z2.array(ExtraContextInternalZ),
1338
+ // E-2015 PR5c: analyzer-served fix-level guidance. default([]) so a query that
1339
+ // omits it still parses, while the output type is a required string[] to match
1340
+ // the non-null GraphQL field. getFixGuidances prefers served then falls back.
1341
+ guidances: z2.array(z2.string()).default([])
1328
1342
  });
1329
1343
  PatchAndQuestionsZ = z2.object({
1330
1344
  __typename: z2.literal("FixData"),
@@ -1339,7 +1353,14 @@ var init_fix = __esm({
1339
1353
  value: z2.string().nullable(),
1340
1354
  extraContext: z2.array(ExtraContextInternalZ),
1341
1355
  inputType: z2.nativeEnum(FixQuestionInputType),
1342
- options: z2.array(z2.string())
1356
+ options: z2.array(z2.string()),
1357
+ // E-2015 PR5: analyzer-served question copy. default('') so a query that
1358
+ // omits these still parses (-> '' -> FE falls back to its own copy), while
1359
+ // the output type stays a required `string` to match the non-null GraphQL
1360
+ // fields. Consumers use `served || storedQuestionData`.
1361
+ content: z2.string().default(""),
1362
+ description: z2.string().default(""),
1363
+ guidance: z2.string().default("")
1343
1364
  })
1344
1365
  ),
1345
1366
  extraContext: FixExtraContextZ
@@ -4701,18 +4722,6 @@ Also add a matching \`<resource-ref>\` (or \`<data-source>\`) in your \`WEB-INF/
4701
4722
  This fix is mandated by the J2EE / Jakarta EE specification (CWE-245) \u2014 direct driver management bypasses the container's pooling, retry, and failover policies.`
4702
4723
  };
4703
4724
 
4704
- // src/features/analysis/scm/shared/src/storedFixData/java/sqlInjection.ts
4705
- var sqlInjection = {
4706
- guidance: ({
4707
- hasQuestionMarksAfterTaintVar
4708
- }) => {
4709
- if (hasQuestionMarksAfterTaintVar) {
4710
- return "Please make sure to correct the following indices of the setInt()/setString() calls after the new parameter is added.";
4711
- }
4712
- return "";
4713
- }
4714
- };
4715
-
4716
4725
  // src/features/analysis/scm/shared/src/storedFixData/java/systemInformationLeak.ts
4717
4726
  var systemInformationLeak = {
4718
4727
  guidance: ({
@@ -4730,7 +4739,6 @@ var vulnerabilities5 = {
4730
4739
  ["PASSWORD_IN_COMMENT"]: passwordInComment,
4731
4740
  ["INSECURE_DESERIALIZATION"]: insecureDeserialization,
4732
4741
  ["J2EE_GET_CONNECTION"]: j2eeGetConnection,
4733
- ["SQL_Injection"]: sqlInjection,
4734
4742
  ["SYSTEM_INFORMATION_LEAK"]: systemInformationLeak
4735
4743
  };
4736
4744
  var java_default = vulnerabilities5;
@@ -5073,7 +5081,7 @@ var requestParametersBoundViaInput = {
5073
5081
  };
5074
5082
 
5075
5083
  // src/features/analysis/scm/shared/src/storedQuestionData/csharp/sqlInjection.ts
5076
- var sqlInjection2 = {
5084
+ var sqlInjection = {
5077
5085
  databaseProvider: {
5078
5086
  content: () => "Select the database provider",
5079
5087
  description: () => "",
@@ -5227,7 +5235,7 @@ var vulnerabilities12 = {
5227
5235
  ["VALUE_SHADOWING"]: valueShadowing,
5228
5236
  ["INSECURE_RANDOMNESS"]: insecureRandomness,
5229
5237
  ["INSUFFICIENT_LOGGING"]: insufficientLogging,
5230
- ["SQL_Injection"]: sqlInjection2,
5238
+ ["SQL_Injection"]: sqlInjection,
5231
5239
  ["REQUEST_PARAMETERS_BOUND_VIA_INPUT"]: requestParametersBoundViaInput
5232
5240
  };
5233
5241
  var csharp_default2 = vulnerabilities12;
@@ -5522,81 +5530,6 @@ var relativePathCommand = {
5522
5530
  }
5523
5531
  };
5524
5532
 
5525
- // src/features/analysis/scm/shared/src/storedQuestionData/java/sqlInjection.ts
5526
- function capitalizeFirstLetter(item) {
5527
- return item.charAt(0).toUpperCase() + item.slice(1);
5528
- }
5529
- var typeToSetMethod = {
5530
- integer: "setInt",
5531
- date: "setDate",
5532
- string: "setString"
5533
- };
5534
- var sqlInjection3 = {
5535
- parameterType: {
5536
- content: ({ tainted_term }) => `What is the SQL Data Type of the \`${tainted_term}\` parameter?`,
5537
- description: () => "In order to make sure the statement is built correctly, we must ensure we use the same type that is defined for this parameter in the SQL table. If you are unsure of this type, please consult with your team.",
5538
- guidance: ({
5539
- tainted_term,
5540
- taint_var_type_guidance_required,
5541
- userInputValue
5542
- }) => {
5543
- if (!taint_var_type_guidance_required || !userInputValue) {
5544
- return "";
5545
- }
5546
- if (!taint_var_type_guidance_required[userInputValue]) {
5547
- return "";
5548
- }
5549
- return `Make sure to convert \`${tainted_term}\` to \`${capitalizeFirstLetter(
5550
- userInputValue
5551
- )}\` which is the type expected by the new setter method: \`${typeToSetMethod[userInputValue]}\``;
5552
- }
5553
- },
5554
- varName: {
5555
- content: () => "Name the new PreparedStatement variable",
5556
- description: () => "We needed to create a new variable for this fix. We actually like the name we picked, but maybe you follow different naming conventions, so you can change it here.",
5557
- guidance: () => ""
5558
- },
5559
- taintIndex: {
5560
- content: ({ tainted_term }) => `What is the index of \`\`\`${tainted_term}\`\`\` in the query?`,
5561
- description: () => "When constructing a query, we need to know exactly where to insert this parameter. If the query has more than one parameter, the index gives us this information. Leave the value as 1 if there is only one parameter.",
5562
- guidance: () => ""
5563
- },
5564
- statementAfterQuery: {
5565
- content: ({ var_name }) => `Is the \`Statement\` variable \`${var_name}\` declared after constructing the query string?`,
5566
- description: () => "When creating the `PreparedStatement` parameter, we need to give it the constructed query. Currently, Mobb doesn't support the case where the query string is defined after the statement in your code.",
5567
- guidance: ({ userInputValue }) => userInputValue === "no" ? "You should move the code creating the query so it is executed before being used by the prepared statement" : ""
5568
- },
5569
- statementBeforeQuery: {
5570
- content: ({ var_name }) => `Is the query string variable declared after the \`Statement\` variable \`${var_name}\`?`,
5571
- description: ({ enquote_func_name }) => `We need to have the \`Statement\` object defined before using the \`${enquote_func_name}()\` method. Currently, Mobb doesn't support the case where the query string is defined before the statement in your code.`,
5572
- guidance: ({
5573
- userInputValue,
5574
- enquote_func_name
5575
- }) => userInputValue === "no" ? `You should move the code creating the query so it is executed after creating the \`Statement\` object as we need to have the \`Statement\` object defined before using the \`${enquote_func_name}()\` method.` : ""
5576
- },
5577
- containsControlCharacters: {
5578
- content: ({ tainted_term }) => `Does \`\`\`${tainted_term}\`\`\` represent a single SQL parameter value?`,
5579
- description: () => `This should be 'no' only in the rare cases where the input variable itself does not represent a single SQL parameter value but rather other parts of a SQL query such as a table name, a column name, a list of values, a complete or partial inner SQL statement, etc.
5580
-
5581
- It may be confusing a bit, so here are some examples:
5582
-
5583
- * A SQL identifier \`\`\`(SELECT * FROM \${tableName})\`\`\`
5584
-
5585
- * A SQL statement \`\`\`(SELECT * FROM users ORDER BY id \${order})\`\`\``,
5586
- guidance: () => ""
5587
- },
5588
- javaVersionGreaterOrEqual19: {
5589
- content: ({ enquote_func_name }) => `Is \`java.sql.Statement.${enquote_func_name}\` method available in your runtime?`,
5590
- description: ({ enquote_func_name }) => `\`java.sql.Statement.${enquote_func_name}\` is supported in Java 1.9 or greater.`,
5591
- guidance: () => ""
5592
- },
5593
- queryParameterName: {
5594
- content: () => "What should be the name of the query parameter?",
5595
- description: () => "",
5596
- guidance: () => ""
5597
- }
5598
- };
5599
-
5600
5533
  // src/features/analysis/scm/shared/src/storedQuestionData/java/ssrf.ts
5601
5534
  var ssrf3 = {
5602
5535
  domainsAllowlist: {
@@ -5723,7 +5656,6 @@ var xxe2 = {
5723
5656
 
5724
5657
  // src/features/analysis/scm/shared/src/storedQuestionData/java/index.ts
5725
5658
  var vulnerabilities14 = {
5726
- ["SQL_Injection"]: sqlInjection3,
5727
5659
  ["CMDi_relative_path_command"]: relativePathCommand,
5728
5660
  ["CMDi"]: commandInjection2,
5729
5661
  ["CONFUSING_NAMING"]: confusingNaming,
package/dist/index.mjs CHANGED
@@ -346,6 +346,9 @@ var init_client_generates = __esm({
346
346
  key
347
347
  value
348
348
  }
349
+ content
350
+ description
351
+ guidance
349
352
  }
350
353
  extraContext {
351
354
  extraContext {
@@ -590,6 +593,9 @@ var init_client_generates = __esm({
590
593
  name
591
594
  options
592
595
  value
596
+ content
597
+ description
598
+ guidance
593
599
  __typename
594
600
  }
595
601
  extraContext {
@@ -599,6 +605,7 @@ var init_client_generates = __esm({
599
605
  __typename
600
606
  }
601
607
  fixDescription
608
+ guidances
602
609
  manifestActionsRequired {
603
610
  action
604
611
  lib {
@@ -1087,6 +1094,9 @@ var init_client_generates = __esm({
1087
1094
  key
1088
1095
  value
1089
1096
  }
1097
+ content
1098
+ description
1099
+ guidance
1090
1100
  }
1091
1101
  extraContext {
1092
1102
  extraContext {
@@ -1426,7 +1436,11 @@ var init_fix = __esm({
1426
1436
  FixExtraContextZ = z6.object({
1427
1437
  fixDescription: z6.string(),
1428
1438
  manifestActionsRequired: z6.array(ManifestActionRequiredZ),
1429
- extraContext: z6.array(ExtraContextInternalZ)
1439
+ extraContext: z6.array(ExtraContextInternalZ),
1440
+ // E-2015 PR5c: analyzer-served fix-level guidance. default([]) so a query that
1441
+ // omits it still parses, while the output type is a required string[] to match
1442
+ // the non-null GraphQL field. getFixGuidances prefers served then falls back.
1443
+ guidances: z6.array(z6.string()).default([])
1430
1444
  });
1431
1445
  PatchAndQuestionsZ = z6.object({
1432
1446
  __typename: z6.literal("FixData"),
@@ -1441,7 +1455,14 @@ var init_fix = __esm({
1441
1455
  value: z6.string().nullable(),
1442
1456
  extraContext: z6.array(ExtraContextInternalZ),
1443
1457
  inputType: z6.nativeEnum(FixQuestionInputType),
1444
- options: z6.array(z6.string())
1458
+ options: z6.array(z6.string()),
1459
+ // E-2015 PR5: analyzer-served question copy. default('') so a query that
1460
+ // omits these still parses (-> '' -> FE falls back to its own copy), while
1461
+ // the output type stays a required `string` to match the non-null GraphQL
1462
+ // fields. Consumers use `served || storedQuestionData`.
1463
+ content: z6.string().default(""),
1464
+ description: z6.string().default(""),
1465
+ guidance: z6.string().default("")
1445
1466
  })
1446
1467
  ),
1447
1468
  extraContext: FixExtraContextZ
@@ -4495,18 +4516,6 @@ Also add a matching \`<resource-ref>\` (or \`<data-source>\`) in your \`WEB-INF/
4495
4516
  This fix is mandated by the J2EE / Jakarta EE specification (CWE-245) \u2014 direct driver management bypasses the container's pooling, retry, and failover policies.`
4496
4517
  };
4497
4518
 
4498
- // src/features/analysis/scm/shared/src/storedFixData/java/sqlInjection.ts
4499
- var sqlInjection = {
4500
- guidance: ({
4501
- hasQuestionMarksAfterTaintVar
4502
- }) => {
4503
- if (hasQuestionMarksAfterTaintVar) {
4504
- return "Please make sure to correct the following indices of the setInt()/setString() calls after the new parameter is added.";
4505
- }
4506
- return "";
4507
- }
4508
- };
4509
-
4510
4519
  // src/features/analysis/scm/shared/src/storedFixData/java/systemInformationLeak.ts
4511
4520
  var systemInformationLeak = {
4512
4521
  guidance: ({
@@ -4524,7 +4533,6 @@ var vulnerabilities5 = {
4524
4533
  ["PASSWORD_IN_COMMENT"]: passwordInComment,
4525
4534
  ["INSECURE_DESERIALIZATION"]: insecureDeserialization,
4526
4535
  ["J2EE_GET_CONNECTION"]: j2eeGetConnection,
4527
- ["SQL_Injection"]: sqlInjection,
4528
4536
  ["SYSTEM_INFORMATION_LEAK"]: systemInformationLeak
4529
4537
  };
4530
4538
  var java_default = vulnerabilities5;
@@ -4867,7 +4875,7 @@ var requestParametersBoundViaInput = {
4867
4875
  };
4868
4876
 
4869
4877
  // src/features/analysis/scm/shared/src/storedQuestionData/csharp/sqlInjection.ts
4870
- var sqlInjection2 = {
4878
+ var sqlInjection = {
4871
4879
  databaseProvider: {
4872
4880
  content: () => "Select the database provider",
4873
4881
  description: () => "",
@@ -5021,7 +5029,7 @@ var vulnerabilities12 = {
5021
5029
  ["VALUE_SHADOWING"]: valueShadowing,
5022
5030
  ["INSECURE_RANDOMNESS"]: insecureRandomness,
5023
5031
  ["INSUFFICIENT_LOGGING"]: insufficientLogging,
5024
- ["SQL_Injection"]: sqlInjection2,
5032
+ ["SQL_Injection"]: sqlInjection,
5025
5033
  ["REQUEST_PARAMETERS_BOUND_VIA_INPUT"]: requestParametersBoundViaInput
5026
5034
  };
5027
5035
  var csharp_default2 = vulnerabilities12;
@@ -5316,81 +5324,6 @@ var relativePathCommand = {
5316
5324
  }
5317
5325
  };
5318
5326
 
5319
- // src/features/analysis/scm/shared/src/storedQuestionData/java/sqlInjection.ts
5320
- function capitalizeFirstLetter2(item) {
5321
- return item.charAt(0).toUpperCase() + item.slice(1);
5322
- }
5323
- var typeToSetMethod = {
5324
- integer: "setInt",
5325
- date: "setDate",
5326
- string: "setString"
5327
- };
5328
- var sqlInjection3 = {
5329
- parameterType: {
5330
- content: ({ tainted_term }) => `What is the SQL Data Type of the \`${tainted_term}\` parameter?`,
5331
- description: () => "In order to make sure the statement is built correctly, we must ensure we use the same type that is defined for this parameter in the SQL table. If you are unsure of this type, please consult with your team.",
5332
- guidance: ({
5333
- tainted_term,
5334
- taint_var_type_guidance_required,
5335
- userInputValue
5336
- }) => {
5337
- if (!taint_var_type_guidance_required || !userInputValue) {
5338
- return "";
5339
- }
5340
- if (!taint_var_type_guidance_required[userInputValue]) {
5341
- return "";
5342
- }
5343
- return `Make sure to convert \`${tainted_term}\` to \`${capitalizeFirstLetter2(
5344
- userInputValue
5345
- )}\` which is the type expected by the new setter method: \`${typeToSetMethod[userInputValue]}\``;
5346
- }
5347
- },
5348
- varName: {
5349
- content: () => "Name the new PreparedStatement variable",
5350
- description: () => "We needed to create a new variable for this fix. We actually like the name we picked, but maybe you follow different naming conventions, so you can change it here.",
5351
- guidance: () => ""
5352
- },
5353
- taintIndex: {
5354
- content: ({ tainted_term }) => `What is the index of \`\`\`${tainted_term}\`\`\` in the query?`,
5355
- description: () => "When constructing a query, we need to know exactly where to insert this parameter. If the query has more than one parameter, the index gives us this information. Leave the value as 1 if there is only one parameter.",
5356
- guidance: () => ""
5357
- },
5358
- statementAfterQuery: {
5359
- content: ({ var_name }) => `Is the \`Statement\` variable \`${var_name}\` declared after constructing the query string?`,
5360
- description: () => "When creating the `PreparedStatement` parameter, we need to give it the constructed query. Currently, Mobb doesn't support the case where the query string is defined after the statement in your code.",
5361
- guidance: ({ userInputValue }) => userInputValue === "no" ? "You should move the code creating the query so it is executed before being used by the prepared statement" : ""
5362
- },
5363
- statementBeforeQuery: {
5364
- content: ({ var_name }) => `Is the query string variable declared after the \`Statement\` variable \`${var_name}\`?`,
5365
- description: ({ enquote_func_name }) => `We need to have the \`Statement\` object defined before using the \`${enquote_func_name}()\` method. Currently, Mobb doesn't support the case where the query string is defined before the statement in your code.`,
5366
- guidance: ({
5367
- userInputValue,
5368
- enquote_func_name
5369
- }) => userInputValue === "no" ? `You should move the code creating the query so it is executed after creating the \`Statement\` object as we need to have the \`Statement\` object defined before using the \`${enquote_func_name}()\` method.` : ""
5370
- },
5371
- containsControlCharacters: {
5372
- content: ({ tainted_term }) => `Does \`\`\`${tainted_term}\`\`\` represent a single SQL parameter value?`,
5373
- description: () => `This should be 'no' only in the rare cases where the input variable itself does not represent a single SQL parameter value but rather other parts of a SQL query such as a table name, a column name, a list of values, a complete or partial inner SQL statement, etc.
5374
-
5375
- It may be confusing a bit, so here are some examples:
5376
-
5377
- * A SQL identifier \`\`\`(SELECT * FROM \${tableName})\`\`\`
5378
-
5379
- * A SQL statement \`\`\`(SELECT * FROM users ORDER BY id \${order})\`\`\``,
5380
- guidance: () => ""
5381
- },
5382
- javaVersionGreaterOrEqual19: {
5383
- content: ({ enquote_func_name }) => `Is \`java.sql.Statement.${enquote_func_name}\` method available in your runtime?`,
5384
- description: ({ enquote_func_name }) => `\`java.sql.Statement.${enquote_func_name}\` is supported in Java 1.9 or greater.`,
5385
- guidance: () => ""
5386
- },
5387
- queryParameterName: {
5388
- content: () => "What should be the name of the query parameter?",
5389
- description: () => "",
5390
- guidance: () => ""
5391
- }
5392
- };
5393
-
5394
5327
  // src/features/analysis/scm/shared/src/storedQuestionData/java/ssrf.ts
5395
5328
  var ssrf3 = {
5396
5329
  domainsAllowlist: {
@@ -5517,7 +5450,6 @@ var xxe2 = {
5517
5450
 
5518
5451
  // src/features/analysis/scm/shared/src/storedQuestionData/java/index.ts
5519
5452
  var vulnerabilities14 = {
5520
- ["SQL_Injection"]: sqlInjection3,
5521
5453
  ["CMDi_relative_path_command"]: relativePathCommand,
5522
5454
  ["CMDi"]: commandInjection2,
5523
5455
  ["CONFUSING_NAMING"]: confusingNaming,
@@ -6056,13 +5988,18 @@ function getQuestionInformation({
6056
5988
  issueType,
6057
5989
  language
6058
5990
  }) {
6059
- const { name } = fixQuestionData;
5991
+ const { name, content, description, guidance } = fixQuestionData;
6060
5992
  const storedQuestionDataItem = storedQuestionData_default[language]?.[issueType]?.[name] ?? {
6061
5993
  content: () => "",
6062
5994
  description: () => "",
6063
5995
  guidance: () => ""
6064
5996
  };
6065
- return StoredQuestionDataItemZ.parse(storedQuestionDataItem);
5997
+ const stored = StoredQuestionDataItemZ.parse(storedQuestionDataItem);
5998
+ return {
5999
+ content: (args) => content || stored.content(args),
6000
+ description: (args) => description || stored.description(args),
6001
+ guidance: (args) => guidance || stored.guidance(args)
6002
+ };
6066
6003
  }
6067
6004
  function curriedQuestionInformationByQuestion({
6068
6005
  issueType,
@@ -6125,7 +6062,8 @@ function getFixGuidances({
6125
6062
  },
6126
6063
  {}
6127
6064
  );
6128
- const fixGuidance = storeFixResult.success ? [storeFixResult.data.guidance({ questions, ...extraContext })] : [];
6065
+ const servedFixGuidances = fixExtraContext.guidances ?? [];
6066
+ const fixGuidance = servedFixGuidances.length > 0 ? servedFixGuidances : storeFixResult.success ? [storeFixResult.data.guidance({ questions, ...extraContext })] : [];
6129
6067
  return libGuidances.concat(fixGuidance).filter((guidance) => !!guidance);
6130
6068
  }
6131
6069
  var IssueTypeAndLanguageZ = z4.object({
@@ -19416,7 +19354,7 @@ function createLogger(config2) {
19416
19354
 
19417
19355
  // src/features/claude_code/hook_logger.ts
19418
19356
  var DD_RUM_TOKEN = true ? "pubf59c0182545bfb4c299175119f1abf9b" : "";
19419
- var CLI_VERSION = true ? "1.4.34" : "unknown";
19357
+ var CLI_VERSION = true ? "1.4.35" : "unknown";
19420
19358
  var NAMESPACE = "mobbdev-claude-code-hook-logs";
19421
19359
  var claudeCodeVersion;
19422
19360
  function buildDdTags() {
@@ -20988,7 +20926,12 @@ var FixQuestionSchema = z32.object({
20988
20926
  inputType: z32.nativeEnum(FixQuestionInputType),
20989
20927
  options: z32.array(z32.string()),
20990
20928
  index: z32.number(),
20991
- extraContext: z32.array(UnstructuredFixExtraContextSchema)
20929
+ extraContext: z32.array(UnstructuredFixExtraContextSchema),
20930
+ // E-2015 PR5: analyzer-served question copy. default('') -> FE falls back when
20931
+ // a query omits it, while the output type stays a required string.
20932
+ content: z32.string().default(""),
20933
+ description: z32.string().default(""),
20934
+ guidance: z32.string().default("")
20992
20935
  });
20993
20936
  var FixDataSchema = z32.object({
20994
20937
  __typename: z32.literal("FixData"),
@@ -24718,6 +24661,12 @@ var resolveQuestionText = ({
24718
24661
  fix,
24719
24662
  question
24720
24663
  }) => {
24664
+ if (question.content || question.description) {
24665
+ return {
24666
+ content: question.content || question.name,
24667
+ description: question.description ?? ""
24668
+ };
24669
+ }
24721
24670
  const language = fix.safeIssueLanguage ?? void 0;
24722
24671
  const issueType = fix.safeIssueType ?? void 0;
24723
24672
  if (!language || !issueType) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "mobbdev",
3
- "version": "1.4.34",
3
+ "version": "1.4.35",
4
4
  "description": "Automated secure code remediation tool",
5
5
  "repository": "git+https://github.com/mobb-dev/bugsy.git",
6
6
  "main": "dist/index.mjs",
@@ -62,7 +62,7 @@
62
62
  "@octokit/request-error": "5.1.1",
63
63
  "@openredaction/openredaction": "1.0.4",
64
64
  "adm-zip": "0.5.17",
65
- "axios": "1.16.1",
65
+ "axios": "1.18.1",
66
66
  "azure-devops-node-api": "15.1.2",
67
67
  "bitbucket": "2.12.0",
68
68
  "chalk": "5.6.2",
@@ -101,9 +101,9 @@
101
101
  "simple-git": "3.36.0",
102
102
  "snyk": "1.1305.0",
103
103
  "tar": "7.5.15",
104
- "tmp": "0.2.6",
104
+ "tmp": "0.2.7",
105
105
  "tmp-promise": "3.0.3",
106
- "undici": "6.24.0",
106
+ "undici": "6.27.0",
107
107
  "uuid": "11.1.1",
108
108
  "ws": "8.20.1",
109
109
  "xml2js": "0.6.2",