abide_dev_utils 0.14.2 → 0.15.0

data/lib/abide_dev_utils/xccdf/parser.rb

@@ -27,10 +27,10 @@ module AbideDevUtils
         def self.link_profile_rules(benchmark)
           return unless benchmark.respond_to?(:profile)
 
-          rules = benchmark.find_children_by_class(AbideDevUtils::XCCDF::Parser::Objects::Rule, recurse: true)
+          rules = benchmark.descendants.select { |d| d.label == 'rule' }
           benchmark.profile.each do |profile|
             profile.xccdf_select.each do |sel|
-              rules.select { |rule| rule.id == sel.idref }.each do |rule|
+              rules.select { |rule| rule.id.value == sel.idref.value }.each do |rule|
                 rule.add_link(profile)
                 profile.add_link(rule)
               end
@@ -41,14 +41,13 @@ module AbideDevUtils
         def self.link_rule_values(benchmark)
           return unless benchmark.respond_to?(:value)
 
-          rules = benchmark.find_children_by_class(AbideDevUtils::XCCDF::Parser::Objects::Rule, recurse: true)
+          rules = benchmark.descendants.select { |d| d.label == 'rule' }
           benchmark.value.each do |value|
-            rules.each do |rule|
-              unless rule.find_children_by_attribute_value('value-id', value.id, recurse: true).empty?
-                rule.add_link(value)
-                value.add_link(rule)
-              end
-            end
+            rule = rules.find { |r| r.title.to_s == value.title.to_s }
+            next unless rule
+
+            rule.add_link(value)
+            value.add_link(rule)
           end
         end
       end

data/lib/abide_dev_utils/xccdf.rb

@@ -37,16 +37,7 @@ module AbideDevUtils
     # Diffs two xccdf files
     def self.diff(file1, file2, opts)
       require 'abide_dev_utils/xccdf/diff'
-      bm1 = Benchmark.new(file1)
-      bm2 = Benchmark.new(file2)
-      AbideDevUtils::XCCDF::Diff.diff_benchmarks(bm1, bm2, opts)
-    end
-
-    # Use new-style diff
-    def self.new_style_diff(file1, file2, opts)
-      require 'abide_dev_utils/xccdf/diff/benchmark'
-      bm_diff = AbideDevUtils::XCCDF::Diff::BenchmarkDiff.new(file1, file2, opts)
-      bm_diff.diff
+      AbideDevUtils::XCCDF::Diff.benchmark_diff(file1, file2, opts)
     end
 
     # Common constants and methods included by nearly everything else

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: abide_dev_utils
 version: !ruby/object:Gem::Version
-  version: 0.14.2
+  version: 0.15.0
 platform: ruby
 authors:
 - abide-team
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-03-28 00:00:00.000000000 Z
+date: 2023-06-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -136,20 +136,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: amatch
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.4'
 - !ruby/object:Gem::Dependency
   name: facterdb
   requirement: !ruby/object:Gem::Requirement
@@ -448,16 +434,10 @@ files:
 - lib/abide_dev_utils/version.rb
 - lib/abide_dev_utils/xccdf.rb
 - lib/abide_dev_utils/xccdf/diff.rb
-- lib/abide_dev_utils/xccdf/diff/benchmark.rb
-- lib/abide_dev_utils/xccdf/diff/benchmark/number_title.rb
-- lib/abide_dev_utils/xccdf/diff/benchmark/profile.rb
-- lib/abide_dev_utils/xccdf/diff/benchmark/property.rb
-- lib/abide_dev_utils/xccdf/diff/benchmark/property_existence.rb
-- lib/abide_dev_utils/xccdf/diff/utils.rb
 - lib/abide_dev_utils/xccdf/parser.rb
 - lib/abide_dev_utils/xccdf/parser/helpers.rb
 - lib/abide_dev_utils/xccdf/parser/objects.rb
-- lib/abide_dev_utils/xccdf/parser/objects/digest_object.rb
+- lib/abide_dev_utils/xccdf/parser/objects/diffable_object.rb
 - lib/abide_dev_utils/xccdf/parser/objects/numbered_object.rb
 - lib/abide_dev_utils/xccdf/utils.rb
 - new_diff.rb
@@ -483,7 +463,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.4.6
 signing_key:
 specification_version: 4
 summary: Helper utilities for developing compliance Puppet code

data/lib/abide_dev_utils/xccdf/diff/benchmark/number_title.rb

@@ -1,270 +0,0 @@
-# frozen_string_literal: true
-
-require 'abide_dev_utils/xccdf/diff/benchmark/property_existence'
-
-module AbideDevUtils
-  module XCCDF
-    module Diff
-      # Diffs two XCCDF benchmarks using the title / number of the items as the primary
-      # diff properties.
-      class NumberTitleDiff
-        SKIP_DIFF_TYPES = %i[equal both].freeze
-
-        def initialize(numbered_children, other_numbered_children)
-          new_number_title_objs(numbered_children, other_numbered_children)
-        end
-
-        def diff
-          @diff ||= find_diffs(@number_title_objs, @other_number_title_objs)
-        end
-
-        def to_s
-          parts = []
-          @diff.each do |_, diffs|
-            diffs.each do |dh|
-              parts << dh[:diff_text]
-            end
-          end
-          parts.join("\n")
-        end
-
-        private
-
-        attr_writer :diff
-
-        def added_number_title_objs
-          added_titles = @self_prop_checker.added_titles
-          @other_number_title_objs.select do |nto|
-            added_titles.include?(nto.title)
-          end
-        end
-
-        def removed_number_title_objs
-          removed_titles = @self_prop_checker.removed_titles
-          @number_title_objs.select do |nto|
-            removed_titles.include?(nto.title)
-          end
-        end
-
-        def find_diffs(objs, other_objs)
-          diffs = []
-          added_number_title_objs.each do |nto|
-            change_type = %i[both added]
-            stand_in = NumberTitleContainerStandIn.new(change_type)
-            diffs << process_diffs([diff_hash(change_type, stand_in, nto)])
-          end
-          removed_number_title_objs.each do |nto|
-            change_type = %i[both removed]
-            stand_in = NumberTitleContainerStandIn.new(change_type)
-            diffs << process_diffs([diff_hash(change_type, nto, stand_in)])
-          end
-          objs.each do |obj|
-            obj_diffs = other_objs.each_with_object([]) do |other_obj, o_ary|
-              obj_diff = obj.diff(other_obj)
-              next if SKIP_DIFF_TYPES.include?(obj_diff[0])
-
-              o_ary << diff_hash(obj_diff, obj, other_obj)
-            end
-
-            processed_obj_diffs = process_diffs(obj_diffs)
-            diffs << processed_obj_diffs unless obj_diffs.empty?
-          end
-          diffs
-        end
-
-        def process_diffs(diffs)
-          return {} if diffs.empty?
-
-          raise "Unexpected diffs: #{diffs}" if diffs.length > 2
-
-          return diffs[0] if diffs.length == 1
-
-          if diffs[0][:type][0] == PropChecker.inverse_existence_state[diffs[1][:type][0]]
-            diffs[0]
-          else
-            diffs[1]
-          end
-        end
-
-        def diff_hash(diff_type, obj, other_obj)
-          {
-            self: obj.child,
-            other: other_obj.child,
-            type: diff_type,
-            text: diff_type_text(diff_type, obj, other_obj),
-            number: obj.number,
-            other_number: other_obj.number,
-            title: obj.title,
-            other_title: other_obj.title,
-          }
-        end
-
-        def diff_type_text(diff_type, obj, other_obj)
-          DiffTypeText.text(diff_type, obj, other_obj)
-        end
-
-        def new_number_title_objs(children, other_children)
-          number_title_objs = children.map { |c| NumberTitleContainer.new(c) }.sort
-          other_number_title_objs = other_children.map { |c| NumberTitleContainer.new(c) }.sort
-          @self_prop_checker = PropChecker.new(number_title_objs, other_number_title_objs)
-          @other_prop_checker = PropChecker.new(other_number_title_objs, number_title_objs)
-          number_title_objs.map { |n| n.prop_checker = @self_prop_checker }
-          other_number_title_objs.map { |n| n.prop_checker = @other_prop_checker }
-          @number_title_objs = number_title_objs
-          @other_number_title_objs = other_number_title_objs
-        end
-      end
-
-      # Creates string representations of diff types
-      class DiffTypeText
-        def self.text(diff_type, obj, other_obj)
-          case diff_type[0]
-          when :equal
-            'The objects are equal'
-          when :title
-            "Title changed: Number \"#{obj.number}\": #{obj.title} -> #{other_obj.title}"
-          when :number
-            number_diff_type_text(diff_type, obj, other_obj)
-          when :both
-            both_diff_type_text(diff_type, obj, other_obj)
-          when :add
-            "Add object with number \"#{other_obj.number}\" and title \"#{other_obj.title}\""
-          when :remove
-            "Remove object with number \"#{obj.number}\" and title \"#{obj.title}\""
-          else
-            raise ArgumentError, "Unknown diff type: #{diff_type}"
-          end
-        end
-
-        def self.number_diff_type_text(diff_type, obj, other_obj)
-          case diff_type[1]
-          when :added
-            "Number changed (New Number): Title \"#{obj.title}\": #{obj.number} -> #{other_obj.number}"
-          when :exists
-            "Number changed (Existing Number): Title \"#{obj.title}\": #{obj.number} -> #{other_obj.number}"
-          else
-            raise ArgumentError, "Unknown diff type for number change: #{diff_type[1]}"
-          end
-        end
-
-        def self.both_diff_type_text(diff_type, obj, other_obj)
-          case diff_type[1]
-          when :added
-            "Added object: Title \"#{other_obj.title}\": Number \"#{other_obj.number}\""
-          when :removed
-            "Removed object: Title \"#{obj.title}\": Number \"#{obj.number}\""
-          else
-            raise ArgumentError, "Unknown diff type for both change: #{diff_type[1]}"
-          end
-        end
-      end
-
-      # Checks properties for existence in both benchmarks.
-      class PropChecker < AbideDevUtils::XCCDF::Diff::PropertyExistenceChecker
-        attr_reader :all_numbers, :all_titles, :other_all_numbers, :other_all_titles
-
-        def initialize(number_title_objs, other_number_title_objs)
-          super
-          @all_numbers = number_title_objs.map(&:number)
-          @all_titles = number_title_objs.map(&:title)
-          @other_all_numbers = other_number_title_objs.map(&:number)
-          @other_all_titles = other_number_title_objs.map(&:title)
-        end
-
-        def title(title)
-          property_existence(title, @all_titles, @other_all_titles)
-        end
-
-        def number(number)
-          property_existence(number, @all_numbers, @other_all_numbers)
-        end
-
-        def added_numbers
-          added(@all_numbers, @other_all_numbers)
-        end
-
-        def removed_numbers
-          removed(@all_numbers, @other_all_numbers)
-        end
-
-        def added_titles
-          added(@all_titles, @other_all_titles)
-        end
-
-        def removed_titles
-          removed(@all_titles, @other_all_titles)
-        end
-      end
-
-      class NumberTitleDiffError < StandardError; end
-      class InconsistentDiffTypeError < StandardError; end
-
-      # Holds a number and title for a child of a benchmark
-      # and provides methods to compare it to another child.
-      class NumberTitleContainer
-        include ::Comparable
-        attr_accessor :prop_checker
-        attr_reader :child, :number, :title
-
-        def initialize(child, prop_checker = nil)
-          @child = child
-          @number = child.number.to_s
-          @title = child.title.to_s
-          @prop_checker = prop_checker
-        end
-
-        def diff(other)
-          return %i[equal exist] if number == other.number && title == other.title
-
-          if number == other.number && title != other.title
-            c_diff = correlate_prop_diff_types(@prop_checker.title(other.title),
-                                               other.prop_checker.title(other.title))
-            [:title, c_diff]
-          elsif title == other.title && number != other.number
-            c_diff = correlate_prop_diff_types(@prop_checker.number(other.number),
-                                               other.prop_checker.number(other.number))
-            [:number, c_diff]
-          else
-            %i[both exist]
-          end
-        rescue StandardError => e
-          err_str = [
-            'Error diffing number and title',
-            "Number: #{number}",
-            "Title: #{title}",
-            "Other number: #{other.number}",
-            "Other title: #{other.title}",
-            e.message,
-          ]
-          raise NumberTitleDiffError, err_str.join(', ')
-        end
-
-        def <=>(other)
-          child <=> other.child
-        end
-
-        private
-
-        def correlate_prop_diff_types(self_type, other_type)
-          inverse_diff_type = PropChecker.inverse_existence_state[self_type]
-          return other_type if inverse_diff_type.nil?
-
-          self_type
-        end
-      end
-
-      # Stand-in object for a NumberTitleContainer when the NumberTitleContainer
-      # would not exist. This is used when a change is an add or remove.
-      class NumberTitleContainerStandIn
-        attr_reader :child, :number, :title
-
-        def initialize(change_type)
-          @change_type = change_type
-          @child = nil
-          @number = ''
-          @title = ''
-        end
-      end
-    end
-  end
-end

data/lib/abide_dev_utils/xccdf/diff/benchmark/profile.rb

@@ -1,104 +0,0 @@
-# frozen_string_literal: true
-
-require 'abide_dev_utils/xccdf/diff/benchmark/property_existence'
-
-module AbideDevUtils
-  module XCCDF
-    module Diff
-      # Diffs two sets of XCCDF profiles.
-      class ProfileDiff
-        def initialize(profiles, other_profiles)
-          new_profile_rule_objs(profiles, other_profiles)
-        end
-
-        def diff_hash(diff_type, profile1, prof1_rules, profile2, prof2_rules)
-          {
-
-          }
-        end
-
-        private
-
-        def new_profile_rule_objs(profiles, other_profiles)
-          profile_objs = containers_from_profile_list(profiles)
-          other_profile_objs = containers_from_profile_list(other_profiles)
-          @self_prop_checker = PropertyExistenceChecker.new(profile_objs, other_profile_objs)
-          @other_prop_checker = PropertyExistenceChecker.new(other_profile_objs, profile_objs)
-          profile_objs.map { |p| p.prop_checker = @self_prop_checker }
-          other_profile_objs.map { |p| p.prop_checker = @other_prop_checker }
-          @profile_rule_objs = profile_objs
-          @other_profile_rule_objs = other_profile_objs
-        end
-
-        def containers_from_profile_list(profile_list)
-          profile_list.each_with_object([]) do |profile, ary|
-            ary << ProfileRuleContainer.new(profile)
-          end
-        end
-      end
-
-      # Checks property existence in both profiles.
-      class PropChecker < AbideDevUtils::XCCDF::Diff::Benchmark::PropertyExistence
-        def initialize(profile_rule_objs, other_profile_rule_objs)
-          super
-          @profile_rule_objs = profile_rule_objs
-          @other_profile_rule_objs = other_profile_rule_objs
-          @profiles = profile_rule_objs.map(&:profile)
-          @other_profiles = other_profile_rule_objs.map(&:profile)
-        end
-
-        def profile(profile)
-          profile_key = profile.respond_to?(:id) ? profile.id : profile
-          property_existence(profile_key, @profiles, @other_profiles)
-        end
-
-        def rule_in_profile(rule, profile, rule_key: :title)
-          rk = rule.respond_to?(rule_key) ? rule.send(rule_key) : rule
-          rules = @profiles.find { |p| p.id == profile }.linked_rule.map(&rk)
-          other_rules = @other_profiles.find { |p| p.id == profile }.linked_rule.map(&rk)
-          property_existence(rk, rules, other_rules)
-        end
-
-        def added_profiles
-          added(@other_profiles.map(&:id), @profiles.map(&:id))
-        end
-
-        def removed_profiles
-          removed(@profiles.map(&:id), @other_profiles.map(&:id))
-        end
-
-        def added_rules_by_profile
-          @rules_by_profile.each_with_object({}) do |(profile, rules), hsh|
-            next unless @other_rules_by_profile.key?(profile)
-
-            hsh[profile] = added(rules, @other_rules_by_profile[profile])
-          end
-        end
-
-        def removed_rules_by_profile
-          @rules_by_profile.each_with_object({}) do |(profile, rules), hsh|
-            next unless @other_rules_by_profile.key?(profile)
-
-            hsh[profile] = removed(rules, @other_rules_by_profile[profile])
-          end
-        end
-      end
-
-      class ProfileRuleContainer
-        include ::Comparable
-        attr_accessor :prop_checker
-        attr_reader :profile, :rules
-
-        def initialize(profile, prop_checker = nil)
-          @profile = profile
-          @rules = profile.linked_rule
-          @prop_checker = prop_checker
-        end
-
-        def <=>(other)
-          @profile.id <=> other.profile.id
-        end
-      end
-    end
-  end
-end

data/lib/abide_dev_utils/xccdf/diff/benchmark/property.rb

@@ -1,127 +0,0 @@
-# frozen_string_literal: true
-
-require 'amatch'
-
-module AbideDevUtils
-  module XCCDF
-    module Diff
-      # Diffs benchmark properties.
-      module BenchmarkPropertyDiff
-        DEFAULT_PROPERTY_DIFF_OPTS = {
-          rule_properties_for_similarity: %i[title description rationale fixtext],
-          rule_properties_for_confidence: %i[description rationale fixtext],
-          rule_confidence_property_threshold: 0.7,
-          rule_confidence_total_threshold: 0.5,
-          digest_similarity_threshold: 0.75,
-          digest_similarity_label_weights: {
-            'title' => 4.0,
-          },
-          digest_similarity_only_labels: %w[title description fixtext rationale],
-          digest_top_x_similarities: 10,
-        }.freeze
-
-        def safe_rule_prop(rule, prop)
-          rule.respond_to?(prop) ? rule.send(prop).to_s : :none
-        end
-
-        def self_rule_vals
-          @self_rule_vals ||= {}
-        end
-
-        def other_rule_vals
-          @other_rule_vals ||= {}
-        end
-
-        def add_rule_val(rule, prop, val, container: nil)
-          raise ArgumentError, 'container must not be nil' if container.nil?
-
-          return unless container.dig(rule, prop).nil?
-
-          container[rule] ||= {}
-          container[rule][prop] = val
-        end
-
-        def add_self_rule_val(rule, prop, val)
-          add_rule_val(rule, prop, val, container: self_rule_vals)
-        end
-
-        def add_other_rule_val(rule, prop, val)
-          add_rule_val(rule, prop, val, container: other_rule_vals)
-        end
-
-        def same_rule?(prop_similarities)
-          confidence_indicator = 0.0
-          opts[:rule_properties_for_confidence].each do |prop|
-            confidence_indicator += 1.0 if prop_similarities[prop] >= opts[:rule_confidence_property_threshold]
-          end
-          (confidence_indicator / opts[:rule_properties_for_confidence].length) >= opts[:rule_confidence_total_threshold]
-        end
-
-        def maxed_digest_similarities(child, other_children)
-          similarities = other_children.each_with_object([]) do |other_child, ary|
-            if other_child.digest_equal? child
-              ary << [1.0, other_child]
-              next
-            end
-
-            d_sim = child.digest_similarity(other_child,
-                                            only_labels: opts[:digest_similarity_only_labels],
-                                            label_weights: opts[:digest_similarity_label_weights])
-            ary << [d_sim, other_child]
-          end
-          max_digest_similarities(similarities)
-        end
-
-        def max_digest_similarities(digest_similarities)
-          digest_similarities.reject! { |s| s[0] < opts[:digest_similarity_threshold] }
-          return digest_similarities if digest_similarities.empty?
-
-          digest_similarities.max_by(opts[:digest_top_x_similarities]) { |s| s[0] }
-        end
-
-        def rule_property_similarity(rule1, rule2)
-          prop_similarities = {}
-          prop_diff = {}
-          opts[:rule_properties_for_similarity].each do |prop|
-            add_self_rule_val(rule1, prop, safe_rule_prop(rule1, prop).to_s)
-            add_other_rule_val(rule2, prop, safe_rule_prop(rule2, prop).to_s)
-            prop_similarities[prop] = self_rule_vals[rule1][prop].levenshtein_similar(other_rule_vals[rule2][prop])
-            if prop_similarities[prop] < 1.0
-              prop_diff[prop] = { self: self_rule_vals[rule1][prop], other: other_rule_vals[rule2][prop] }
-            end
-          end
-          total = prop_similarities.values.sum / opts[:rule_properties_for_similarity].length
-          {
-            total: total,
-            prop_similarities: prop_similarities,
-            prop_diff: prop_diff,
-            confident_same: same_rule?(prop_similarities),
-          }
-        end
-
-        def most_similar(child, maxed_digest_similarities)
-          most_similar_map = maxed_digest_similarities.each_with_object({}) do |similarity, h|
-            prop_similarities = rule_property_similarity(child, similarity[1])
-            if child.title.to_s == similarity[1].title.to_s
-              prop_similarities[:total] = 99.0 # magic number denoting a title match
-            end
-            h[prop_similarities[:total]] = { self: child, other: similarity[1] }.merge(prop_similarities)
-          end
-          most_similar_map[most_similar_map.keys.max]
-        end
-
-        def find_most_similar(children, other_children)
-          children.each_with_object({}) do |benchmark_child, h|
-            maxed_similarities = maxed_digest_similarities(benchmark_child, other_children)
-            next if maxed_similarities.empty?
-
-            best = most_similar(benchmark_child, maxed_similarities)
-            next if best.nil? || best.empty?
-
-            h[benchmark_child] = best
-          end
-        end
-      end
-    end
-  end
-end

data/lib/abide_dev_utils/xccdf/diff/benchmark/property_existence.rb

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-module AbideDevUtils
-  module XCCDF
-    module Diff
-      # PropertyExistenceChecker provides methods to check existence state of various properties
-      class PropertyExistenceChecker
-        def initialize(*_args); end
-
-        # Compares two arrays (or other iterables implementing `#to_a`)
-        # containing properies and returns an array of the properties
-        # that are added by other_props but not in self_props.
-        def added(self_props, other_props)
-          other_props.to_a - self_props.to_a
-        end
-
-        # Compares two arrays (or other iterables implementing `#to_a`)
-        # containing properies and returns an array of the properties
-        # that are removed by other_props but exist in self_props.
-        def removed(this, other)
-          this.to_a - other.to_a
-        end
-
-        # Returns a hash of existence states and their inverse.
-        def self.inverse_existence_state
-          {
-            removed: :added,
-            added: :removed,
-            exists: :exists,
-          }
-        end
-
-        private
-
-        def property_existence(property, self_props, other_props)
-          if self_props.include?(property) && !other_props.include?(property)
-            :removed
-          elsif !self_props.include?(property) && other_props.include?(property)
-            :added
-          else
-            :exists
-          end
-        end
-      end
-    end
-  end
-end