version 1.0.19

Author: Kirill89

__e2e__/package.json

@@ -10,7 +10,7 @@
     "dotenv": "16.4.7",
     "node-pty": "1.0.0",
     "npm": "10.9.0",
-    "verdaccio": "6.0.0"
+    "verdaccio": "6.0.5"
   },
   "author": "",
   "license": "ISC"

package.json

@@ -1,6 +1,6 @@
 {
   "name": "mobbdev",
-  "version": "1.0.17",
+  "version": "1.0.19",
   "description": "Automated secure code remediation tool",
   "repository": "git+https://github.com/mobb-dev/bugsy.git",
   "main": "dist/index.js",

src/features/analysis/scm/StubSCMLib.ts

@@ -1,7 +1,9 @@
 import { SCMLib } from './scm'
 import {
   CreateSubmitRequestParams,
+  GetGitBlameReponse,
   GetRefererenceResult,
+  ReferenceType,
   ScmLibScmType,
   ScmRepoInfo,
   ScmSubmitRequestStatus,
@@ -16,108 +18,108 @@ export class StubSCMLib extends SCMLib {
     super(url, accessToken, scmOrg)
   }
 
-  public override getUrlWithCredentials(): Promise<string> {
-    console.error('getUrlWithCredentials() not implemented')
-    throw new Error('getUrlWithCredentials() not implemented')
+  public override async getUrlWithCredentials(): Promise<string> {
+    console.warn('getUrlWithCredentials() returning empty string')
+    return ''
   }
 
   async createSubmitRequest(
     _params: CreateSubmitRequestParams
   ): Promise<string> {
-    console.error('createSubmitRequest() not implemented')
-    throw new Error('createSubmitRequest() not implemented')
+    console.warn('createSubmitRequest() returning empty string')
+    return ''
   }
 
   get scmLibType(): ScmLibScmType {
-    console.error('getScmLibType() not implemented')
-    throw new Error('getScmLibType() not implemented')
+    console.warn('scmLibType returning GITHUB as default')
+    return ScmLibScmType.GITHUB
   }
 
   getAuthHeaders(): Record<string, string> {
-    console.error('getAuthHeaders() not implemented')
-    throw new Error('getAuthHeaders() not implemented')
+    console.warn('getAuthHeaders() returning empty object')
+    return {}
   }
 
-  getDownloadUrl(_sha: string): Promise<string> {
-    console.error('getDownloadUrl() not implemented')
-    throw new Error('getDownloadUrl() not implemented')
+  async getDownloadUrl(_sha: string): Promise<string> {
+    console.warn('getDownloadUrl() returning empty string')
+    return ''
   }
 
   async getIsRemoteBranch(_branch: string): Promise<boolean> {
-    console.error('getIsRemoteBranch() not implemented')
-    throw new Error('getIsRemoteBranch() not implemented')
+    console.warn('getIsRemoteBranch() returning false')
+    return false
   }
 
-  async validateParams() {
-    console.error('validateParams() not implemented')
-    throw new Error('validateParams() not implemented')
+  async validateParams(): Promise<void> {
+    console.warn('validateParams() no-op')
   }
 
   async getRepoList(_scmOrg: string | undefined): Promise<ScmRepoInfo[]> {
-    console.error('getRepoList() not implemented')
-    throw new Error('getRepoList() not implemented')
+    console.warn('getRepoList() returning empty array')
+    return []
   }
 
   async getBranchList(): Promise<string[]> {
-    console.error('getBranchList() not implemented')
-    throw new Error('getBranchList() not implemented')
+    console.warn('getBranchList() returning empty array')
+    return []
   }
 
   async getUsername(): Promise<string> {
-    console.error('getUsername() not implemented')
-    throw new Error('getUsername() not implemented')
+    console.warn('getUsername() returning empty string')
+    return ''
   }
 
   async getSubmitRequestStatus(
     _scmSubmitRequestId: string
   ): Promise<ScmSubmitRequestStatus> {
-    console.error('getSubmitRequestStatus() not implemented')
-    throw new Error('getSubmitRequestStatus() not implemented')
+    console.warn('getSubmitRequestStatus() returning ERROR')
+    return 'error'
   }
 
   async getUserHasAccessToRepo(): Promise<boolean> {
-    console.error('getUserHasAccessToRepo() not implemented')
-    throw new Error('getUserHasAccessToRepo() not implemented')
+    console.warn('getUserHasAccessToRepo() returning false')
+    return false
   }
 
   async getRepoBlameRanges(
     _ref: string,
     _path: string
-  ): Promise<
-    {
-      startingLine: number
-      endingLine: number
-      name: string
-      login: string
-      email: string
-    }[]
-  > {
-    console.error('getRepoBlameRanges() not implemented')
-    throw new Error('getRepoBlameRanges() not implemented')
+  ): Promise<GetGitBlameReponse> {
+    console.warn('getRepoBlameRanges() returning empty array')
+    return []
   }
 
   async getReferenceData(_ref: string): Promise<GetRefererenceResult> {
-    console.error('getReferenceData() not implemented')
-    throw new Error('getReferenceData() not implemented')
+    console.warn('getReferenceData() returning null/empty defaults')
+    return {
+      type: ReferenceType.BRANCH,
+      sha: '',
+      date: undefined,
+    }
   }
 
   async getRepoDefaultBranch(): Promise<string> {
-    console.error('getRepoDefaultBranch() not implemented')
-    throw new Error('getRepoDefaultBranch() not implemented')
+    console.warn('getRepoDefaultBranch() returning empty string')
+    return ''
   }
+
   async getPrUrl(_prNumber: number): Promise<string> {
-    console.error('getPr() not implemented')
-    throw new Error('getPr() not implemented')
+    console.warn('getPrUrl() returning empty string')
+    return ''
   }
+
   async getPrId(_prUrl: string): Promise<string> {
-    console.error('getPrId() not implemented')
-    throw new Error('getPrId() not implemented')
+    console.warn('getPrId() returning empty string')
+    return ''
   }
+
   async getCommitUrl(_commitId: string): Promise<string> {
-    console.error('getCommitUrl() not implemented')
-    throw new Error('getCommitUrl() not implemented')
+    console.warn('getCommitUrl() returning empty string')
+    return ''
   }
-  _getUsernameForAuthUrl(): Promise<string> {
-    throw new Error('Method not implemented.')
+
+  async _getUsernameForAuthUrl(): Promise<string> {
+    console.warn('_getUsernameForAuthUrl() returning empty string')
+    return ''
   }
 }

src/features/analysis/scm/ado/utils.ts

@@ -340,39 +340,44 @@ export async function getAdoToken({
   tokenType: AdoOAuthTokenType
   redirectUri: string
 }) {
-  const res = await fetch(ADO_ACCESS_TOKEN_URL, {
-    method: 'POST',
-    headers: {
-      Accept: 'application/json',
-      'Content-Type': 'application/x-www-form-urlencoded',
-    },
-    body: querystring.stringify({
-      client_assertion_type:
-        'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
-      client_assertion: adoClientSecret,
-      redirect_uri: redirectUri,
-      assertion: token,
-      grant_type:
-        tokenType === 'code'
-          ? 'urn:ietf:params:oauth:grant-type:jwt-bearer'
-          : 'refresh_token',
-    }),
-  })
-  const authResult = await res.json()
-  const parsedAuthResult = AdoAuthResultZ.safeParse(authResult)
-  if (!parsedAuthResult.success) {
-    debug('ado refresh token error', { authResult, redirectUri })
-  }
-  const scmOrgs = parsedAuthResult.success
-    ? await getOrgsForOauthToken({
-        oauthToken: parsedAuthResult.data.access_token,
-      })
-    : null
+  try {
+    const res = await fetch(ADO_ACCESS_TOKEN_URL, {
+      method: 'POST',
+      headers: {
+        Accept: 'application/json',
+        'Content-Type': 'application/x-www-form-urlencoded',
+      },
+      body: querystring.stringify({
+        client_assertion_type:
+          'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
+        client_assertion: adoClientSecret,
+        redirect_uri: redirectUri,
+        assertion: token,
+        grant_type:
+          tokenType === 'code'
+            ? 'urn:ietf:params:oauth:grant-type:jwt-bearer'
+            : 'refresh_token',
+      }),
+    })
+    const authResult = await res.json()
+    const parsedAuthResult = AdoAuthResultZ.safeParse(authResult)
+    if (!parsedAuthResult.success) {
+      debug('ado refresh token error', { authResult, redirectUri })
+    }
+    const scmOrgs = parsedAuthResult.success
+      ? await getOrgsForOauthToken({
+          oauthToken: parsedAuthResult.data.access_token,
+        })
+      : null
 
-  return AdoAuthResultWithOrgsZ.safeParse({
-    ...parsedAuthResult.data,
-    scmOrgs,
-  })
+    return AdoAuthResultWithOrgsZ.safeParse({
+      ...parsedAuthResult.data,
+      scmOrgs,
+    })
+  } catch (e) {
+    debug('failed to get ADO token:', e)
+    return { success: false, data: null }
+  }
 }
 
 export async function validateAdoRepo({

src/features/analysis/scm/bitbucket/bitbucket.ts

@@ -73,41 +73,48 @@ export async function getBitbucketToken(
   params: GetBitbucketTokenArgs
 ): Promise<GetBitbucketTokenRes> {
   const { bitbucketClientId, bitbucketClientSecret, authType } = params
-  const res = await fetch(BITBUCKET_ACCESS_TOKEN_URL, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/x-www-form-urlencoded',
-      Authorization:
-        'Basic ' + btoa(`${bitbucketClientId}:${bitbucketClientSecret}`),
-    },
-    body: querystring.stringify(
-      authType === 'refresh_token'
-        ? {
-            grant_type: authType,
-            refresh_token: params.refreshToken,
-          }
-        : {
-            grant_type: authType,
-            code: params.code,
-          }
-    ),
-  })
-  const authResult = await res.json()
+  try {
+    const res = await fetch(BITBUCKET_ACCESS_TOKEN_URL, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+        Authorization:
+          'Basic ' + btoa(`${bitbucketClientId}:${bitbucketClientSecret}`),
+      },
+      body: querystring.stringify(
+        authType === 'refresh_token'
+          ? {
+              grant_type: authType,
+              refresh_token: params.refreshToken,
+            }
+          : {
+              grant_type: authType,
+              code: params.code,
+            }
+      ),
+    })
+    const authResult = await res.json()
 
-  const parseResult = BitbucketAuthResultZ.safeParse(authResult)
-  if (!parseResult.success) {
-    debug(
-      `failed to parse bitbucket auth result for: ${authType}`,
-      parseResult.error
-    )
+    const parseResult = BitbucketAuthResultZ.safeParse(authResult)
+    if (!parseResult.success) {
+      debug(
+        `failed to parse bitbucket auth result for: ${authType}`,
+        parseResult.error
+      )
+      return {
+        success: false,
+      }
+    }
+    return {
+      success: true,
+      authResult: parseResult.data,
+    }
+  } catch (e) {
+    debug(`failed to get bitbucket token:`, e)
     return {
       success: false,
     }
   }
-  return {
-    success: true,
-    authResult: parseResult.data,
-  }
 }
 
 type GetBranchParams = {