dradis-saint 4.11.0 → 4.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 826649b4a2c785d48f12e230ff19a375cdb6a085a1636de3b2fa3a0abf9e3db7
-  data.tar.gz: 49898db92b4078acaeeb6a01829f68081f6d95689b49bc503c1bfbc083b23d9c
+  metadata.gz: 6ad271ebf7dcdd465fa72dcc66822c5b4f37bcbf1afa5da73ac335080ff8c566
+  data.tar.gz: 4b6e289d3ee367ef948c9894ec1b65eafbe24cb29fc2bdda704a56f4116dda69
 SHA512:
-  metadata.gz: fb698a8aa3cd56a73677043030de1b676c304e43b3b1df5a25dd3128b15185182dd676a1234a1d7b56540399e807c45982a1008a9cd8655b6cd0653285b329a5
-  data.tar.gz: 92767cf106d1c41bd57b9fc67fbcbe6ef414a0378938fb3a010ad9dfd37db15ed97666591a2c614033b7d9f8a7036f9c7223d72946cc4b75118dec35366c8563
+  metadata.gz: b8ad24f1c417d0f203d197265ab6007630ef36eb0ccc387982e18e2eb8609f05542f3b4397484fe37ddb8b3683c45d782a8334903a3a2f9c6bb19e5f880f4f8f
+  data.tar.gz: 28e12a7284f2cf1e76293907a61f428400a116bf7500733fbe3c273b600eda549ce0fc95c9729e60a0b3c0d203009f5164274d194d9082d9f8a67e014be87923

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+v4.13.0 (July 2024)
+  - No changes
+
+v4.12.0 (May 2024)
+ - Update Dradis links in README
+ - Migrate integration to use Mappings Manager
+
 v4.11.0 (January 2024)
   - No changes
 

data/README.md

@@ -2,8 +2,7 @@
 
 This add-on will enable the user to upload Saint output files in the XML format (.xml) to create a structure of Dradis nodes, issues, and evidences that contain the same information about the hosts and vulnerabilities in the original file.
 
-The add-on requires Dradis 3.0 or higher.
-
+The add-on requires [Dradis CE](https://dradis.com/ce/) > 3.0, or [Dradis Pro](https://dradis.com/).
 
 ## More information
 

data/dradis-saint.gemspec

@@ -5,23 +5,23 @@ require 'dradis/plugins/saint/version'
 version = Dradis::Plugins::Saint::VERSION::STRING
 
 # Describe your gem and declare its dependencies:
-Gem::Specification.new do |s|
-  s.platform    = Gem::Platform::RUBY
-  s.name        = 'dradis-saint'
-  s.version     = version
-  s.authors     = ['Daniel Martin']
-  s.homepage    = 'https://dradis.com/integrations/saint.html'
-  s.summary     = 'Saint upload add-on for Dradis Framework.'
-  s.description = 'This add-on allows you to upload and parse reports from Saint.'
-  s.license     = 'GPL-2'
+Gem::Specification.new do |spec|
+  spec.platform    = Gem::Platform::RUBY
+  spec.name        = 'dradis-saint'
+  spec.version     = version
+  spec.authors     = ['Daniel Martin']
+  spec.homepage    = 'https://dradis.com/integrations/saint.html'
+  spec.summary     = 'Saint upload add-on for Dradis Framework.'
+  spec.description = 'This add-on allows you to upload and parse reports from Saint.'
+  spec.license     = 'GPL-2'
 
-  s.files = `git ls-files`.split($\)
+  spec.files = `git ls-files`.split($\)
 
-  s.add_dependency 'dradis-plugins', '~> 4.0'
-  s.add_dependency 'nokogiri'
-  s.add_dependency 'rake', '~> 13.0'
+  spec.add_dependency 'dradis-plugins', '~> 4.0'
+  spec.add_dependency 'nokogiri'
+  spec.add_dependency 'rake', '~> 13.0'
 
-  s.add_development_dependency 'bundler', '~> 1.6'
-  s.add_dependency 'combustion', '~> 0.6.0'
-  s.add_dependency 'rspec-rails'
+  spec.add_development_dependency 'bundler', '~> 2.0'
+  spec.add_dependency 'combustion', '~> 0.6.0'
+  spec.add_dependency 'rspec-rails'
 end

data/lib/dradis/plugins/saint/gem_version.rb

@@ -7,7 +7,7 @@ module Dradis
 
       module VERSION
         MAJOR = 4
-        MINOR = 11
+        MINOR = 13
         TINY = 0
         PRE = nil
 

data/lib/dradis/plugins/saint/importer.rb

@@ -66,7 +66,7 @@ module Dradis::Plugins::Saint
       issue_plugin_id = Digest::SHA1.hexdigest(evidence_desc)
       issue = @issues[issue_plugin_id]
 
-      evidence_text = template_service.process_template(template: 'evidence', data: xml_evidence)
+      evidence_text = mapping_service.apply_mapping(source: 'evidence', data: xml_evidence)
 
       if issue
         # Create Dradis evidence
@@ -109,7 +109,7 @@ module Dradis::Plugins::Saint
         logger.info{ "\t\t => Creating new issue..." }
         plugin_id = Digest::SHA1.hexdigest(element_desc)
 
-        issue_text = template_service.process_template(template: 'vulnerability', data: xml_vuln)
+        issue_text = mapping_service.apply_mapping(source: 'vulnerability', data: xml_vuln)
         issue = content_service.create_issue(text: issue_text, id: plugin_id)
       else
         # Create Note in Host

data/lib/dradis/plugins/saint/mapping.rb

@@ -0,0 +1,55 @@
+module Dradis::Plugins::Saint
+  module Mapping
+    DEFAULT_MAPPING = {
+      evidence: {
+        'Port' => '{{ saint[evidence.port] }}',
+        'Severity' => '{{ saint[evidence.severity] }}',
+        'Class' => '{{ saint[evidence.class] }}',
+        'cve' => '{{ saint[evidence.cve] }}',
+        'CVSS Base Score' => '{{ saint[evidence.cvss_base_score] }}'
+      },
+      vulnerability: {
+        'Title' => '{{ saint[vulnerability.description] }}',
+        'Host Name' => '{{ saint[vulnerability.hostname] }}',
+        'IP Address' => '{{ saint[vulnerability.ipaddr] }}',
+        'Host Type' => '{{ saint[vulnerability.hosttype] }}',
+        'Scan Time' => '{{ saint[vulnerability.scan_time] }}',
+        'Status' => '{{ saint[vulnerability.status] }}',
+        'Severity' => '{{ saint[vulnerability.severity] }}',
+        'CVE' => '{{ saint[vulnerability.cve] }}',
+        'CVSS Base Score' => '{{ saint[vulnerability.cvss_base_score] }}',
+        'Impact' => '{{ saint[vulnerability.impact] }}',
+        'Background' => '{{ saint[vulnerability.background] }}',
+        'Problem' => '{{ saint[vulnerability.problem] }}',
+        'Resolution' => '{{ saint[vulnerability.resolution] }}',
+        'Reference' => '{{ saint[vulnerability.reference] }}'
+      }
+    }.freeze
+
+    SOURCE_FIELDS = {
+      evidence: [
+        'evidence.port',
+        'evidence.severity',
+        'evidence.class',
+        'evidence.cve',
+        'evidence.cvss_base_score'
+      ],
+      vulnerability: [
+        'vulnerability.description',
+        'vulnerability.hostname',
+        'vulnerability.ipaddr',
+        'vulnerability.hosttype',
+        'vulnerability.scan_time',
+        'vulnerability.status',
+        'vulnerability.severity',
+        'vulnerability.cve',
+        'vulnerability.cvss_base_score',
+        'vulnerability.impact',
+        'vulnerability.background',
+        'vulnerability.problem',
+        'vulnerability.resolution',
+        'vulnerability.reference'
+      ]
+    }.freeze
+  end
+end

data/lib/dradis/plugins/saint.rb

@@ -7,5 +7,6 @@ end
 
 require 'dradis/plugins/saint/engine'
 require 'dradis/plugins/saint/field_processor'
+require 'dradis/plugins/saint/mapping'
 require 'dradis/plugins/saint/importer'
 require 'dradis/plugins/saint/version'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dradis-saint
 version: !ruby/object:Gem::Version
-  version: 4.11.0
+  version: 4.13.0
 platform: ruby
 authors:
 - Daniel Martin
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-01-17 00:00:00.000000000 Z
+date: 2024-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dradis-plugins
@@ -58,14 +58,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.6'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: combustion
   requirement: !ruby/object:Gem::Requirement
@@ -117,6 +117,7 @@ files:
 - lib/dradis/plugins/saint/field_processor.rb
 - lib/dradis/plugins/saint/gem_version.rb
 - lib/dradis/plugins/saint/importer.rb
+- lib/dradis/plugins/saint/mapping.rb
 - lib/dradis/plugins/saint/version.rb
 - lib/saint/base.rb
 - lib/saint/evidence.rb
@@ -134,12 +135,8 @@ files:
 - spec/saint/vulnerability_spec.rb
 - spec/spec_helper.rb
 - spec/xml_element.rb
-- templates/evidence.fields
 - templates/evidence.sample
-- templates/evidence.template
-- templates/vulnerability.fields
 - templates/vulnerability.sample
-- templates/vulnerability.template
 homepage: https://dradis.com/integrations/saint.html
 licenses:
 - GPL-2
@@ -159,7 +156,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.5.6
 signing_key:
 specification_version: 4
 summary: Saint upload add-on for Dradis Framework.

data/templates/evidence.fields

@@ -1,5 +0,0 @@
-evidence.port
-evidence.severity
-evidence.class
-evidence.cve
-evidence.cvss_base_score

data/templates/evidence.template

@@ -1,14 +0,0 @@
-#[Port]#
-%evidence.port%
-
-#[Severity]#
-%evidence.severity%
-
-#[Class]#
-%evidence.class%
-
-#[cve]#
-%evidence.cve%
-
-#[CVSS Base Score]#
-%evidence.cvss_base_score%

data/templates/vulnerability.fields

@@ -1,14 +0,0 @@
-vulnerability.description
-vulnerability.hostname
-vulnerability.ipaddr
-vulnerability.hosttype
-vulnerability.scan_time
-vulnerability.status
-vulnerability.severity
-vulnerability.cve
-vulnerability.cvss_base_score
-vulnerability.impact
-vulnerability.background
-vulnerability.problem
-vulnerability.resolution
-vulnerability.reference

data/templates/vulnerability.template

@@ -1,41 +0,0 @@
-#[Title]#
-%vulnerability.description%
-
-#[Host Name]#
-%vulnerability.hostname%
-
-#[IP Address]#
-%vulnerability.ipaddr%
-
-#[Host Type]#
-%vulnerability.hosttype%
-
-#[Scan Time]#
-%vulnerability.scan_time%
-
-#[Status]#
-%vulnerability.status%
-
-#[Severity]#
-%vulnerability.severity%
-
-#[CVE]#
-%vulnerability.cve%
-
-#[CVSS Base Score]#
-%vulnerability.cvss_base_score%
-
-#[Impact]#
-%vulnerability.impact%
-
-#[Background]#
-%vulnerability.background%
-
-#[Problem]#
-%vulnerability.problem%
-
-#[Resolution]#
-%vulnerability.resolution%
-
-#[Reference]#
-%vulnerability.reference%