The community edition version of Mobb, or what we called Bugsy, is a command-line interface (CLI) tool that provides automatic security vulnerability remediation for your code.
Modes
To check out all the supported modes, run the following help command:
npx mobbdev@latest --help
This will show you Bugsy's usage help:
Bugsy - Trusted, Automatic Vulnerability Fixer 🕵️♂️
Usage:
mobbdev <command> [options]
Commands:
mobbdev scan Scan your code for vulnerabilities, get automated fixes right away.
mobbdev analyze Provide a vulnerability report and relevant code repository, get automated fixes right away.
mobbdev review Mobb will review your github pull requests and provide comments with fixes
mobbdev add-scm-token Add your SCM (Github, Gitlab, Azure DevOps) token to Mobb to enable automated fixes.
Options:
-h, --help Show help [boolean]
Debug Mode
To enable debug output, set DEBUG=* in your environment variable before running the Mobb CLI.
For example:
Inline (temporary)
DEBUG=* npx mobbdev@latest
Or persistent (Session-Wide)
export DEBUG=*
npx mobbdev@latest
$env:DEBUG="*"
npx mobbdev@latest
set DEBUG=*
npx mobbdev@latest
HTTPS_PROXY settings
To enable the use of HTTPS_PROXY, set the value of the environment variable before running the Mobb CLI.
To update your Mobb access token, edit the file in a text editor and replace the value YOUR_MOBB_API_TOKEN with your Mobb access token as shown in the code snippet below.
mobbdev.json
{
"apiToken": "YOUR_MOBB_API_TOKEN"
}
To remove the Mobb access token, delete the mobbdev.json file from your file system.
Single-Tenants
Below are single-tenant-specific instructions
Environment Variables Settings for Mobb Single-Tenants
If your Mobb instance is in a single-tenant environment, you must configure the following environment variables to ensure Bugsy is communicating with the correct Mobb tenant instance.
set API_URL=https://api-st-TENANT_NAME.mobb.ai/v1/graphql
set WEB_LOGIN_URL=https://TENANT_NAME.mobb.ai/cli-login
set WEB_APP_URL=https://TENANT_NAME.mobb.ai
npx mobbdev@latest analyze -f "report.xml" -r https://ado-test.onemobb.net/DefaultCollection/_git/Mobb-CX-on-prem-integration --ref main --api-key xxxxxxxxxxxxxx --ci