RubyGems - heimdall_tools - Versions diffs - 1.3.31 → 1.3.36 - Mend

heimdall_tools 1.3.31 → 1.3.36

Files changed (19) hide show

checksums.yaml +4 -4
data/README.md +68 -0
data/lib/data/cwe-nist-mapping.csv +13 -5
data/lib/data/nikto-nist-mapping.csv +8942 -0
data/lib/heimdall_tools.rb +4 -0
data/lib/heimdall_tools/cli.rb +50 -0
data/lib/heimdall_tools/dbprotect_mapper.rb +127 -0
data/lib/heimdall_tools/fortify_mapper.rb +2 -1
data/lib/heimdall_tools/help/dbprotect_mapper.md +5 -0
data/lib/heimdall_tools/help/jfrog_xray_mapper.md +5 -0
data/lib/heimdall_tools/help/nikto_mapper.md +7 -0
data/lib/heimdall_tools/help/snyk_mapper.md +7 -0
data/lib/heimdall_tools/jfrog_xray_mapper.rb +142 -0
data/lib/heimdall_tools/nikto_mapper.rb +149 -0
data/lib/heimdall_tools/snyk_mapper.rb +161 -0
data/lib/heimdall_tools/sonarqube_mapper.rb +3 -1
data/lib/heimdall_tools/zap_mapper.rb +2 -1
metadata +12 -32
data/CHANGELOG.md +0 -285

data/lib/heimdall_tools/snyk_mapper.rb ADDED Viewed

@@ -0,0 +1,161 @@
+require 'json'
+require 'csv'
+require 'heimdall_tools/hdf'
+require 'utilities/xml_to_hash'
+RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
+CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
+IMPACT_MAPPING = {
+  high: 0.7,
+  medium: 0.5,
+  low: 0.3,
+}.freeze
+SNYK_VERSION_REGEX = 'v(\d+.)(\d+.)(\d+)'.freeze
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
+# Loading spinner sign
+$spinner = Enumerator.new do |e|
+  loop do
+    e.yield '|'
+    e.yield '/'
+    e.yield '-'
+    e.yield '\\'
+  end
+end
+module HeimdallTools
+  class SnykMapper
+    def initialize(synk_json, name=nil, verbose = false)
+      @synk_json = synk_json
+      @verbose = verbose
+      begin
+        @cwe_nist_mapping = parse_mapper
+        @projects = JSON.parse(synk_json)
+        # Cover single and multi-project scan use cases.
+        unless @projects.kind_of?(Array)
+          @projects = [ @projects ]
+        end
+      rescue StandardError => e
+        raise "Invalid Snyk JSON file provided Exception: #{e}"
+      end
+    end
+    def extract_scaninfo(project)
+      info = {}
+      begin
+        info['policy'] = project['policy']
+        reg = Regexp.new(SNYK_VERSION_REGEX, Regexp::IGNORECASE)
+        info['version'] = info['policy'].scan(reg).join
+        info['projectName'] = project['projectName']
+        info['summary'] = project['summary']
+        info
+      rescue StandardError => e
+        raise "Error extracting project info from Synk JSON file provided Exception: #{e}"
+      end
+    end
+    def finding(vulnerability)
+      finding = {}
+      finding['status'] = 'failed'
+      finding['code_desc'] = "From : [ #{vulnerability['from'].join(" , ").to_s } ]"
+      finding['run_time'] = NA_FLOAT
+      # Snyk results does not profile scan timestamp; using current time to satisfy HDF format
+      finding['start_time'] = NA_STRING
+      [finding]
+    end
+    def nist_tag(cweid)
+      entries = @cwe_nist_mapping.select { |x| cweid.include? x[:cweid].to_s }
+      tags = entries.map { |x| x[:nistid] }
+      tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
+    end
+    def parse_identifiers(vulnerability, ref)
+      # Extracting id number from reference style CWE-297
+      vulnerability['identifiers'][ref].map { |e| e.split("#{ref}-")[1]  }
+      rescue
+        return []
+    end
+    def impact(severity)
+      IMPACT_MAPPING[severity.to_sym]
+    end
+    def parse_mapper
+      csv_data = CSV.read(CWE_NIST_MAPPING_FILE, **{ encoding: 'UTF-8',
+                                                   headers: true,
+                                                   header_converters: :symbol,
+                                                   converters: :all })
+      csv_data.map(&:to_hash)
+    end
+    def desc_tags(data, label)
+      { "data": data || NA_STRING, "label": label || NA_STRING }
+    end
+    # Snyk report could have multiple vulnerability entries for multiple findings of same issue type.
+    # The meta data is identical across entries
+    # method collapse_duplicates return unique controls with applicable findings collapsed into it.
+    def collapse_duplicates(controls)
+      unique_controls = []
+      controls.map { |x| x['id'] }.uniq.each do |id|
+        collapsed_results = controls.select { |x| x['id'].eql?(id) }.map {|x| x['results']}
+        unique_control = controls.find { |x| x['id'].eql?(id) }
+        unique_control['results'] = collapsed_results.flatten
+        unique_controls << unique_control
+      end
+      unique_controls
+    end
+    def to_hdf
+      project_results = {}
+      @projects.each do | project |
+        controls = []
+        project['vulnerabilities'].each do | vulnerability |
+          printf("\rProcessing: %s", $spinner.next)
+          item = {}
+          item['tags']               = {}
+          item['descriptions']       = []
+          item['refs']               = NA_ARRAY
+          item['source_location']    = NA_HASH
+          item['descriptions']       = NA_ARRAY
+          item['title']              = vulnerability['title'].to_s
+          item['id']                 = vulnerability['id'].to_s
+          item['desc']               = vulnerability['description'].to_s
+          item['impact']             = impact(vulnerability['severity'])
+          item['code']               = ''
+          item['results']            = finding(vulnerability)
+          item['tags']['nist']       = nist_tag( parse_identifiers( vulnerability, 'CWE') )
+          item['tags']['cweid']      = parse_identifiers( vulnerability, 'CWE')
+          item['tags']['cveid']      = parse_identifiers( vulnerability, 'CVE')
+          item['tags']['ghsaid']     = parse_identifiers( vulnerability, 'GHSA')
+          controls << item
+        end
+        controls = collapse_duplicates(controls)
+        scaninfo = extract_scaninfo(project)
+        results = HeimdallDataFormat.new(profile_name: scaninfo['policy'],
+                                         version: scaninfo['version'],
+                                         title: "Snyk Project: #{scaninfo['projectName']}",
+                                         summary: "Snyk Summary: #{scaninfo['summary']}",
+                                         controls: controls,
+                                         target_id: scaninfo['projectName'])
+        project_results[scaninfo['projectName']] = results.to_hdf
+      end
+      project_results
+    end
+  end
+end

data/lib/heimdall_tools/sonarqube_mapper.rb CHANGED Viewed

@@ -5,6 +5,8 @@ require 'heimdall_tools/hdf'
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
 MAPPING_FILES = {
   cwe: File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv'),
   owasp: File.join(RESOURCE_DIR, 'owasp-nist-mapping.csv')
@@ -237,7 +239,7 @@ class Control
       return [@mappings[tag_type][parsed_tag]].flatten.uniq
     end
-    ['unmapped'] # HDF expects this to be a list, but not an empty list even if there aren't results
+    DEFAULT_NIST_TAG # Entries with unmapped NIST tags are defaulted to NIST tags ‘SA-11, RA-5 Rev_4’
   end
   def hdf

data/lib/heimdall_tools/zap_mapper.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require 'heimdall_tools/hdf'
 RESOURCE_DIR = Pathname.new(__FILE__).join('../../data')
 CWE_NIST_MAPPING_FILE = File.join(RESOURCE_DIR, 'cwe-nist-mapping.csv')
+DEFAULT_NIST_TAG = ["SA-11", "RA-5"].freeze
 # rubocop:disable Metrics/AbcSize
@@ -66,7 +67,7 @@ module HeimdallTools
     def nist_tag(cweid)
       entries = @cwe_nist_mapping.select { |x| x[:cweid].to_s.eql?(cweid.to_s) }
       tags = entries.map { |x| [x[:nistid], "Rev_#{x[:rev]}"] }
-      tags.empty? ? ['unmapped'] : tags.flatten.uniq
+      tags.empty? ? DEFAULT_NIST_TAG : tags.flatten.uniq
     end
     def impact(riskcode)

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: heimdall_tools
 version: !ruby/object:Gem::Version
-  version: 1.3.31
+  version: 1.3.36
 platform: ruby
 authors:
 - Robert Thew
@@ -10,7 +10,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-06-16 00:00:00.000000000 Z
+date: 2021-03-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri
@@ -96,20 +96,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.1'
-- !ruby/object:Gem::Dependency
-  name: nori
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.6'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.6'
 - !ruby/object:Gem::Dependency
   name: git-lite-version-bump
   requirement: !ruby/object:Gem::Requirement
@@ -166,20 +152,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -203,7 +175,6 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- CHANGELOG.md
 - Guardfile
 - LICENSE.md
 - README.md
@@ -212,20 +183,29 @@ files:
 - lib/data/U_CCI_List.xml
 - lib/data/cwe-nist-mapping.csv
 - lib/data/nessus-plugins-nist-mapping.csv
+- lib/data/nikto-nist-mapping.csv
 - lib/data/owasp-nist-mapping.csv
 - lib/heimdall_tools.rb
 - lib/heimdall_tools/burpsuite_mapper.rb
 - lib/heimdall_tools/cli.rb
 - lib/heimdall_tools/command.rb
+- lib/heimdall_tools/dbprotect_mapper.rb
 - lib/heimdall_tools/fortify_mapper.rb
 - lib/heimdall_tools/hdf.rb
 - lib/heimdall_tools/help.rb
 - lib/heimdall_tools/help/burpsuite_mapper.md
+- lib/heimdall_tools/help/dbprotect_mapper.md
 - lib/heimdall_tools/help/fortify_mapper.md
+- lib/heimdall_tools/help/jfrog_xray_mapper.md
 - lib/heimdall_tools/help/nessus_mapper.md
+- lib/heimdall_tools/help/nikto_mapper.md
+- lib/heimdall_tools/help/snyk_mapper.md
 - lib/heimdall_tools/help/sonarqube_mapper.md
 - lib/heimdall_tools/help/zap_mapper.md
+- lib/heimdall_tools/jfrog_xray_mapper.rb
 - lib/heimdall_tools/nessus_mapper.rb
+- lib/heimdall_tools/nikto_mapper.rb
+- lib/heimdall_tools/snyk_mapper.rb
 - lib/heimdall_tools/sonarqube_mapper.rb
 - lib/heimdall_tools/version.rb
 - lib/heimdall_tools/zap_mapper.rb
@@ -249,7 +229,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.2.3
 signing_key:
 specification_version: 4
 summary: Convert Forify, Openzap and Sonarqube results to HDF

data/CHANGELOG.md DELETED Viewed

@@ -1,285 +0,0 @@
-# Changelog
-## [Unreleased](https://github.com/mitre/heimdall_tools/tree/HEAD)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.30.pre1...HEAD)
-**Closed issues:**
-- nessus\_mapper CCI to NIST Mapping [\#54](https://github.com/mitre/heimdall_tools/issues/54)
-**Merged pull requests:**
-- Update to map NIST tags from CCI refs [\#55](https://github.com/mitre/heimdall_tools/pull/55) ([rx294](https://github.com/rx294))
-## [v1.3.30.pre1](https://github.com/mitre/heimdall_tools/tree/v1.3.30.pre1) (2020-06-12)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.29...v1.3.30.pre1)
-## [v1.3.29](https://github.com/mitre/heimdall_tools/tree/v1.3.29) (2020-05-28)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.28...v1.3.29)
-**Merged pull requests:**
-- Remove debug line [\#53](https://github.com/mitre/heimdall_tools/pull/53) ([rx294](https://github.com/rx294))
-## [v1.3.28](https://github.com/mitre/heimdall_tools/tree/v1.3.28) (2020-05-28)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.27...v1.3.28)
-**Closed issues:**
-- Map 'Policy Compliance' entries for nessus\_mapper [\#49](https://github.com/mitre/heimdall_tools/issues/49)
-**Merged pull requests:**
-- Add code to translate Policy compliance results [\#51](https://github.com/mitre/heimdall_tools/pull/51) ([rx294](https://github.com/rx294))
-## [v1.3.27](https://github.com/mitre/heimdall_tools/tree/v1.3.27) (2020-05-22)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.26...v1.3.27)
-**Merged pull requests:**
-- Updated the Dockerfile to run in an alpine ruby container [\#47](https://github.com/mitre/heimdall_tools/pull/47) ([jsa5593](https://github.com/jsa5593))
-- Require a newer version of git-lite-version-bump for Windows support [\#46](https://github.com/mitre/heimdall_tools/pull/46) ([rbclark](https://github.com/rbclark))
-## [v1.3.26](https://github.com/mitre/heimdall_tools/tree/v1.3.26) (2020-05-06)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.25...v1.3.26)
-**Implemented enhancements:**
-- Converter: Nessus Transform for Audit results and vulnerability scan results  [\#29](https://github.com/mitre/heimdall_tools/issues/29)
-**Merged pull requests:**
-- Nessus Mapper  [\#45](https://github.com/mitre/heimdall_tools/pull/45) ([rx294](https://github.com/rx294))
-## [v1.3.25](https://github.com/mitre/heimdall_tools/tree/v1.3.25) (2020-04-16)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.24...v1.3.25)
-**Closed issues:**
-- Add minimum required json fields to work heimdall server    [\#5](https://github.com/mitre/heimdall_tools/issues/5)
-**Merged pull requests:**
-- Make sure the fields we are looking for in Fortify exist before we parse the element [\#44](https://github.com/mitre/heimdall_tools/pull/44) ([rbclark](https://github.com/rbclark))
-- Update actions to use ruby/setup-ruby [\#43](https://github.com/mitre/heimdall_tools/pull/43) ([Bialogs](https://github.com/Bialogs))
-## [v1.3.24](https://github.com/mitre/heimdall_tools/tree/v1.3.24) (2020-04-07)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.23...v1.3.24)
-**Implemented enhancements:**
-- Converter: Burp Suite Pro [\#28](https://github.com/mitre/heimdall_tools/issues/28)
-**Fixed bugs:**
-- \[Bug\] Import mapping csvs by relative path  [\#41](https://github.com/mitre/heimdall_tools/issues/41)
-**Merged pull requests:**
-- Update to pull data csvs by relative path [\#42](https://github.com/mitre/heimdall_tools/pull/42) ([rx294](https://github.com/rx294))
-- Burpsuite mapper [\#40](https://github.com/mitre/heimdall_tools/pull/40) ([rx294](https://github.com/rx294))
-## [v1.3.23](https://github.com/mitre/heimdall_tools/tree/v1.3.23) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.23.pre5...v1.3.23)
-## [v1.3.23.pre5](https://github.com/mitre/heimdall_tools/tree/v1.3.23.pre5) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.23.pre4...v1.3.23.pre5)
-**Merged pull requests:**
-- Rubygems automatically trims the word \_api\_key when referencing the key [\#39](https://github.com/mitre/heimdall_tools/pull/39) ([rbclark](https://github.com/rbclark))
-## [v1.3.23.pre4](https://github.com/mitre/heimdall_tools/tree/v1.3.23.pre4) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.23.pre3...v1.3.23.pre4)
-**Merged pull requests:**
-- Cleanup GPR and Rubygems release flow [\#38](https://github.com/mitre/heimdall_tools/pull/38) ([rbclark](https://github.com/rbclark))
-## [v1.3.23.pre3](https://github.com/mitre/heimdall_tools/tree/v1.3.23.pre3) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.23.pre2...v1.3.23.pre3)
-## [v1.3.23.pre2](https://github.com/mitre/heimdall_tools/tree/v1.3.23.pre2) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.23.pre...v1.3.23.pre2)
-## [v1.3.23.pre](https://github.com/mitre/heimdall_tools/tree/v1.3.23.pre) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.22...v1.3.23.pre)
-**Merged pull requests:**
-- Restructure workflow for publishing gem [\#37](https://github.com/mitre/heimdall_tools/pull/37) ([rbclark](https://github.com/rbclark))
-## [v1.3.22](https://github.com/mitre/heimdall_tools/tree/v1.3.22) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.21...v1.3.22)
-## [v1.3.21](https://github.com/mitre/heimdall_tools/tree/v1.3.21) (2020-03-31)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.20...v1.3.21)
-## [v1.3.20](https://github.com/mitre/heimdall_tools/tree/v1.3.20) (2020-03-30)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.19...v1.3.20)
-**Fixed bugs:**
-- Unable to Convert Fortify 19.2.0 FVDL file to HDF [\#25](https://github.com/mitre/heimdall_tools/issues/25)
-## [v1.3.19](https://github.com/mitre/heimdall_tools/tree/v1.3.19) (2020-03-30)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.18...v1.3.19)
-**Merged pull requests:**
-- Remove all gems from Gemfile and declare them properly in the gemspec [\#33](https://github.com/mitre/heimdall_tools/pull/33) ([rbclark](https://github.com/rbclark))
-## [v1.3.18](https://github.com/mitre/heimdall_tools/tree/v1.3.18) (2020-03-28)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.17...v1.3.18)
-## [v1.3.17](https://github.com/mitre/heimdall_tools/tree/v1.3.17) (2020-03-26)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.16...v1.3.17)
-**Closed issues:**
-- Request New converters [\#23](https://github.com/mitre/heimdall_tools/issues/23)
-## [v1.3.16](https://github.com/mitre/heimdall_tools/tree/v1.3.16) (2020-03-25)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.15...v1.3.16)
-## [v1.3.15](https://github.com/mitre/heimdall_tools/tree/v1.3.15) (2020-03-25)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.14...v1.3.15)
-## [v1.3.14](https://github.com/mitre/heimdall_tools/tree/v1.3.14) (2020-03-24)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.13...v1.3.14)
-## [v1.3.13](https://github.com/mitre/heimdall_tools/tree/v1.3.13) (2020-03-24)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.12...v1.3.13)
-## [v1.3.12](https://github.com/mitre/heimdall_tools/tree/v1.3.12) (2020-03-24)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.11...v1.3.12)
-## [v1.3.11](https://github.com/mitre/heimdall_tools/tree/v1.3.11) (2020-03-24)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.10...v1.3.11)
-## [v1.3.10](https://github.com/mitre/heimdall_tools/tree/v1.3.10) (2020-03-24)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.9...v1.3.10)
-## [v1.3.9](https://github.com/mitre/heimdall_tools/tree/v1.3.9) (2020-03-23)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.8...v1.3.9)
-**Closed issues:**
-- Update XML parser [\#26](https://github.com/mitre/heimdall_tools/issues/26)
-**Merged pull requests:**
-- Update XML parser [\#27](https://github.com/mitre/heimdall_tools/pull/27) ([rx294](https://github.com/rx294))
-## [v1.3.8](https://github.com/mitre/heimdall_tools/tree/v1.3.8) (2020-03-09)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.7...v1.3.8)
-**Closed issues:**
-- \[BUG\] | sonarqube\_mapper is not handling NIST mapping correctly [\#21](https://github.com/mitre/heimdall_tools/issues/21)
-**Merged pull requests:**
-- Fixes \#21 \[BUG\] | sonarqube\_mapper is not handling NIST mapping correctly [\#22](https://github.com/mitre/heimdall_tools/pull/22) ([rx294](https://github.com/rx294))
-## [v1.3.7](https://github.com/mitre/heimdall_tools/tree/v1.3.7) (2020-03-06)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.6...v1.3.7)
-## [v1.3.6](https://github.com/mitre/heimdall_tools/tree/v1.3.6) (2020-03-05)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.5...v1.3.6)
-## [v1.3.5](https://github.com/mitre/heimdall_tools/tree/v1.3.5) (2020-03-05)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.4...v1.3.5)
-## [v1.3.4](https://github.com/mitre/heimdall_tools/tree/v1.3.4) (2020-03-04)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.3...v1.3.4)
-**Closed issues:**
-- Support Authenticated Sonarqube API  for sonarqube\_mapper [\#18](https://github.com/mitre/heimdall_tools/issues/18)
-## [v1.3.3](https://github.com/mitre/heimdall_tools/tree/v1.3.3) (2020-03-04)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.2...v1.3.3)
-**Merged pull requests:**
-- Sonarqube authentication option [\#20](https://github.com/mitre/heimdall_tools/pull/20) ([rx294](https://github.com/rx294))
-## [v1.3.2](https://github.com/mitre/heimdall_tools/tree/v1.3.2) (2019-12-27)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.1...v1.3.2)
-**Merged pull requests:**
-- Adding dockerfile for heimdall tools [\#15](https://github.com/mitre/heimdall_tools/pull/15) ([rx294](https://github.com/rx294))
-## [v1.3.1](https://github.com/mitre/heimdall_tools/tree/v1.3.1) (2019-12-27)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/v1.3.0...v1.3.1)
-**Closed issues:**
-- Update HDF format generate jsons in Inspec results style [\#10](https://github.com/mitre/heimdall_tools/issues/10)
-**Merged pull requests:**
-- Updating required nori gem version [\#16](https://github.com/mitre/heimdall_tools/pull/16) ([rx294](https://github.com/rx294))
-- Populate shasum and runtime field  [\#14](https://github.com/mitre/heimdall_tools/pull/14) ([rx294](https://github.com/rx294))
-- Updates as per feedback [\#13](https://github.com/mitre/heimdall_tools/pull/13) ([rx294](https://github.com/rx294))
-- updating samples  [\#12](https://github.com/mitre/heimdall_tools/pull/12) ([rx294](https://github.com/rx294))
-- Change to results view on heimdall [\#11](https://github.com/mitre/heimdall_tools/pull/11) ([rx294](https://github.com/rx294))
-## [v1.3.0](https://github.com/mitre/heimdall_tools/tree/v1.3.0) (2019-09-24)
-[Full Changelog](https://github.com/mitre/heimdall_tools/compare/c9c08305796eaf12d7abb2535c285a4acd2f5a91...v1.3.0)
-**Closed issues:**
-- README needs authors [\#9](https://github.com/mitre/heimdall_tools/issues/9)
-- Get NIST rev version from CSV [\#4](https://github.com/mitre/heimdall_tools/issues/4)
-- Output in evaluation format, not profile  [\#2](https://github.com/mitre/heimdall_tools/issues/2)
-**Merged pull requests:**
-- Fixes to PR \#6 [\#8](https://github.com/mitre/heimdall_tools/pull/8) ([rx294](https://github.com/rx294))
-- Update README fortify-fvdl flag to fvdl as in usage [\#7](https://github.com/mitre/heimdall_tools/pull/7) ([mirskiy](https://github.com/mirskiy))
-- Add SonarQube Mapper and OWASP NIST mappings [\#6](https://github.com/mitre/heimdall_tools/pull/6) ([mirskiy](https://github.com/mirskiy))
-- OWASP ZAP Mapper PR [\#3](https://github.com/mitre/heimdall_tools/pull/3) ([rx294](https://github.com/rx294))
-\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*