heimdall_tools 1.3.43 → 1.3.48

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c43f6e237587993013cf521088d30cc83404ff141ec8b172ae8562bd8a48d977
4
- data.tar.gz: e9ee689580ae95807ca329d086228f3ded50b2e6a162276e0d2d222729c42767
3
+ metadata.gz: aa900ce8ff5cabccb6e138bb636a0c56972f1894431c9ce67f95bcb0811b1c91
4
+ data.tar.gz: 830006eea9df8dfe413e8d0e472d9b38794f41f92a3ec5c468b882b01d54b39b
5
5
  SHA512:
6
- metadata.gz: 9d4880095e40720edc57619f79c5dd8a4000be7c16e9be8395e23057f3cd4f33844bea39c7d5f7814fbf9553b903057faf3ae49792f2f7fca4e0e89368ae4ad3
7
- data.tar.gz: 95395b98c52a5854ca5115e3fea4159ccab351445a4a79fa241ecdc2c60f0f41b86f1328476b62594f3eb5d56bd02dc727b4172878a5aac8db38803318b6328d
6
+ metadata.gz: b304f53e1ffd55c28734ca094c2d4ccedb23123ca144bad0d06c80f5a29e5b6f143b48cce2dedec0467ae344c8bbc55bd93cf6ca53dae6d0d7486019e73dcbe1
7
+ data.tar.gz: 7096c8751c387912720ba51fe18f69c1a8568d98a4e9a1d7962a5693d7469049eb71d24878dc7a75d8af96de70211324a173b9f3eb87c6104b0e5f6df647cdcd
data/README.md CHANGED
@@ -5,17 +5,34 @@
5
5
 
6
6
  HeimdallTools supplies several methods to convert output from various tools to "Heimdall Data Format"(HDF) format to be viewable in Heimdall. The current converters are:
7
7
 
8
- - **sonarqube_mapper** - open-source static code analysis tool
9
- - **fortify_mapper** - commercial static code analysis tool
10
- - **zap_mapper** - OWASP ZAP - open-source dynamic code analysis tool
11
- - **burpsuite_mapper** - commercial dynamic analysis tool
12
- - **nessus_mapper** - commercial vulnerability scanner
13
- - **snyk_mapper** - commercial package vulnerability scanner
14
- - **nikto_mapper** - open-source web server scanner
15
- - **jfrog_xray_mapper** - package vulnerability scanner
16
- - **dbprotect_mapper** - database vulnerability scanner
17
- - **aws_config_mapper** - assess, audit, and evaluate AWS resources
18
- - **netsparker_mapper** - web application security scanner
8
+ 1. [**aws_config_mapper**](#aws_config_mapper) - assess, audit, and evaluate AWS resources
9
+ 1. [**burpsuite_mapper**](#burpsuite_mapper) - commercial dynamic analysis tool
10
+ 1. [**dbprotect_mapper**](#dbprotect_mapper) - database vulnerability scanner
11
+ 1. [**fortify_mapper**](#fortify_mapper) - commercial static code analysis tool
12
+ 1. [**jfrog_xray_mapper**](#jfrog_xray_mapper) - package vulnerability scanner
13
+ 1. [**nessus_mapper**](#nessus_mapper) - commercial security scanner (supports compliance and vulnerability scans from Tenable.sc and Tenable.io)
14
+ 1. [**netsparker_mapper**](#netsparker_mapper) - web application security scanner
15
+ 1. [**nikto_mapper**](#nikto_mapper) - open-source web server scanner
16
+ 1. [**sarif_mapper**](#sarif_mapper) - static analysis results interchange format
17
+ 1. [**scoutsuite_mapper**](#scoutsuite_mapper) - multi-cloud security auditing tool
18
+ 1. [**snyk_mapper**](#snyk_mapper) - commercial package vulnerability scanner
19
+ 1. [**sonarqube_mapper**](#sonarqube_mapper) - open-source static code analysis tool
20
+ 1. [**xccdf_results_mapper**](#xccdf_results_mapper) - extensible configuration checklist description results format
21
+ 1. [*scc_mapper](#xccdf_results_mapper) - scap compliance checker format
22
+ 1. [**zap_mapper**](#zap_mapper) - OWASP ZAP - open-source dynamic code analysis tool
23
+
24
+ ## Want to recommend a mapper for another tool? Please use these steps:
25
+
26
+ 1. Create an [issue](https://github.com/mitre/heimdall_tools/issues/new), and email saf@groups.mitre.org citing the issue link so we can help
27
+ 2. Provide a sample output, preferably the most detailed the tool can provide, and also preferably in a machine-readable format, such as xml, json, or csv - whichever is natively available. If it is sensitive we'll work that in #3. (If it's an API only, we'll also just talk about it in #3)
28
+ 3. Let's arrange a time to take a close look at the data it provides to get an idea of all it has to offer. We'll suggest an initial mapping of the HDF core elements.
29
+ 4. Note: if the tool doesn't provide a NIST SP 800-53 reference, we've worked on mappings to other references such as CWE or OWASP Top 10.
30
+ 5. If the tool doesn't provide something for #4, or another core element such as impact, we'll help you identify a custom mapping approach.
31
+ 6. We'll help you decide how to preserve any other information (non-core elements) the tool provides to ensure that all of the original tool's intent comes through for the user when the data is viewed in Heimdall.
32
+ 7. Finally, We'll provide final peer review and support merging your pull request.
33
+ We appreciate your contributions, but we're here to help!
34
+
35
+ ## How to Install Heimdall Tools:
19
36
 
20
37
  Ruby 2.4 or higher (check using "ruby -v")
21
38
 
@@ -49,7 +66,7 @@ Verify the installed version number:
49
66
 
50
67
  ### Installation on Ubuntu-based systems
51
68
 
52
- <https://github.com/rvm/ubuntu_rvm>
69
+
53
70
 
54
71
  # Installation of Heimdall Tools:
55
72
 
@@ -62,203 +79,223 @@ For detailed help on any command, run `heimdall_tools help [COMMAND]`. Help can
62
79
 
63
80
  For Docker usage, replace the `heimdall_tools` command with the correct Docker command below for your operating system:
64
81
 
65
- - **On Linux and Mac:** `docker run -it -v$(pwd):/share mitre/heimdall_tools`
66
- - **On Windows CMD:** `docker run -it -v%cd%:/share mitre/heimdall_tools`
82
+ - **On Linux and Mac:** `docker run -it -v$(pwd):/share mitre/heimdall_tools`
83
+ - **On Windows CMD:** `docker run -it -v%cd%:/share mitre/heimdall_tools`
67
84
 
68
85
  Note that all of the above Docker commands will mount your current directory on the Docker container. Ensure that you have navigated to the directory you intend to convert files in before executing the command.
69
86
 
70
- ## sonarqube_mapper
87
+ ## aws_config_mapper
71
88
 
72
- sonarqube_mapper pulls SonarQube results, for the specified project, from the API and outputs in HDF format Json to be viewed on Heimdall
89
+ aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results into HDF format json to be viewable in Heimdall
73
90
 
74
- ```
75
- USAGE: heimdall_tools sonarqube_mapper [OPTIONS] -n <project-name> -u <api-url> -o <scan-results.json>
91
+ ### AWS Config Rule Mapping:
76
92
 
77
- FLAGS:
78
- -n --name <project-key> : Project Key of the project in SonarQube
79
- -u --api_url <api-url> : url of the SonarQube Server API. Typically ends with /api.
80
- --auth <credentials> : username:password or token [optional].
81
- -o --output <scan-results> : path to output scan-results json.
82
- -V --verbose : verbose run [optional].
93
+ The mapping of AWS Config Rules to 800-53 Controls was sourced from [this link](https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-nist-800-53_rev_4.html).
83
94
 
84
- example:
95
+ ### Authentication with AWS:
85
96
 
86
- heimdall_tools sonarqube_mapper -n sonar_project_key -u http://sonar:9000/api -o scan_results.json
97
+ [Developer Guide for configuring Ruby AWS SDK for authentication](https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html)
87
98
 
88
- heimdall_tools sonarqube_mapper -n sonar_project_key -u http://sonar:9000/api --auth admin:admin -o scan_results.json
89
- ```
99
+ USAGE: heimdall_tools aws_config_mapper [OPTIONS] -o
90
100
 
91
- ## fortify_mapper
101
+ FLAGS:
102
+ -o --output : path to output scan-results json.
103
+ -V --verbose : verbose run [optional].
92
104
 
93
- fortify_mapper translates an Fortify results FVDL file into HDF format json to be viewable in Heimdall
105
+ example: heimdall_tools aws_config_mapper -o aws_config_results_hdf.json
94
106
 
95
- ```
96
- USAGE: heimdall_tools fortify_mapper [OPTIONS] -f <fortify-fvdl> -o <scan-results.json>
107
+ ## burpsuite_mapper
97
108
 
98
- FLAGS:
99
- -f --fvdl <fortify-fvdl> : path to Fortify Scan FVDL file.
100
- -o --output <scan-results> : path to output scan-results json.
101
- -V --verbose : verbose run [optional].
109
+ burpsuite_mapper translates an BurpSuite Pro exported XML results file into HDF format json to be viewable in Heimdall
102
110
 
103
- example: heimdall_tools fortify_mapper -f audit.fvdl -o scan_results.json
104
- ```
111
+ USAGE: heimdall_tools burpsuite_mapper [OPTIONS] -x -o
105
112
 
106
- ## zap_mapper
113
+ FLAGS:
114
+ -x : path to BurpSuitePro exported XML results file.
115
+ -o --output : path to output scan-results json.
116
+ -V --verbose : verbose run [optional].
107
117
 
108
- zap_mapper translates OWASP ZAP results Json to HDF format Json be viewed on Heimdall
118
+ example: heimdall_tools burpsuite_mapper -x burpsuite_results.xml -o scan_results.json
109
119
 
110
- ```
111
- USAGE: heimdall_tools zap_mapper [OPTIONS] -j <zap-json> -n <site-name> -o <scan-results.json>
120
+ ## dbprotect_mapper
112
121
 
113
- FLAGS:
114
- -j --json <zap-json> : path to OWASP ZAP results JSON file.
115
- -n --name <site-name> : URL of the site being evaluated.
116
- -o --output <scan-results> : path to output scan-results json.
117
- -V --verbose : verbose run [optional].
122
+ dbprotect_mapper translates DBProtect report in `Check Results Details` format XML to HDF format JSON be viewed on Heimdall.
118
123
 
119
- example: heimdall_tools zap_mapper -j zap_results.json -n site_name -o scan_results.json
120
- ```
124
+ USAGE: heimdall_tools dbprotect_mapper [OPTIONS] -x -o
121
125
 
122
- ## burpsuite_mapper
126
+ FLAGS:
127
+ -x : path to DBProtect report XML file.
128
+ -o --output : path to output scan-results json.
129
+ -V --verbose : verbose run [optional].
123
130
 
124
- burpsuite_mapper translates an BurpSuite Pro exported XML results file into HDF format json to be viewable in Heimdall
131
+ example: heimdall_tools dbprotect_mapper -x check_results_details_report.xml -o db_protect_hdf.json
132
+
133
+ ## fortify_mapper
134
+
135
+ fortify_mapper translates an Fortify results FVDL file into HDF format json to be viewable in Heimdall
136
+
137
+ USAGE: heimdall_tools fortify_mapper [OPTIONS] -f -o
138
+
139
+ FLAGS:
140
+ -f --fvdl : path to Fortify Scan FVDL file.
141
+ -o --output : path to output scan-results json.
142
+ -V --verbose : verbose run [optional].
143
+
144
+ example: heimdall_tools fortify_mapper -f audit.fvdl -o scan_results.json
145
+
146
+ ## jfrog_xray_mapper
147
+
148
+ jfrog_xray_mapper translates an JFrog Xray results JSON file into HDF format JSON to be viewable in Heimdall
125
149
 
126
- ```
127
- USAGE: heimdall_tools burpsuite_mapper [OPTIONS] -x <burpsuite-xml> -o <scan-results.json>
150
+ USAGE: heimdall_tools jfrog_xray_mapper [OPTIONS] -j -o
128
151
 
129
- FLAGS:
130
- -x <burpsuite_xml> : path to BurpSuitePro exported XML results file.
131
- -o --output <scan-results> : path to output scan-results json.
132
- -V --verbose : verbose run [optional].
152
+ FLAGS:
153
+ -j : path to xray results JSON file.
154
+ -o --output : path to output scan-results json.
155
+ -V --verbose : verbose run [optional].
133
156
 
134
- example: heimdall_tools burpsuite_mapper -x burpsuite_results.xml -o scan_results.json
135
- ```
157
+ example: heimdall_tools jfrog_xray_mapper -j xray_results.json -o xray_results_hdf.json
136
158
 
137
159
  ## nessus_mapper
138
160
 
139
- nessus_mapper translates a Nessus-exported XML results file into HDF format json to be viewable in Heimdall
161
+ nessus_mapper translates a Nessus-exported XML results file into HDF format json to be viewable in Heimdall.
162
+ Supports compliance and vulnerability scans from Tenable.sc and Tenable.io.
140
163
 
141
164
  Note: A separate HDF JSON file is generated for each host reported in the Nessus Report.
142
165
 
143
- ```
144
- USAGE: heimdall_tools nessus_mapper [OPTIONS] -x <nessus-results-xml> -o <hdf-file-prefix>
166
+ USAGE: heimdall_tools nessus_mapper [OPTIONS] -x -o
145
167
 
146
- FLAGS:
147
- -x <nessus-results-xml> : path to Nessus-exported XML results file.
148
- -o --output_prefix <prefix> : path to output scan-results json.
149
- -V --verbose : verbose run [optional].
168
+ FLAGS:
169
+ -x : path to Nessus-exported XML results file.
170
+ -o --output_prefix : path to output scan-results json.
171
+ -V --verbose : verbose run [optional].
150
172
 
151
- example: heimdall_tools nessus_mapper -x nessus-results.xml -o test-env
152
- ```
173
+ example: heimdall_tools nessus_mapper -x nessus-results.xml -o test-env
153
174
 
154
- ## snyk_mapper
175
+ ## netsparker_mapper
155
176
 
156
- snyk_mapper translates an Snyk results JSON file into HDF format json to be viewable in Heimdall
157
-
158
- Note: A separate HDF JSON is generated for each project reported in the Snyk Report.
177
+ netsparker_mapper translates an Netsparker XML results file into HDF format JSON to be viewable in Heimdall.
178
+
179
+ The current iteration only works with Netsparker Enterprise Vulnerabilities Scan.
159
180
 
160
- ```
161
- USAGE: heimdall_tools snyk_mapper [OPTIONS] -x <snyk-results-json> -o <hdf-file-prefix>
181
+ USAGE: heimdall_tools netsparker_mapper [OPTIONS] -x -o
162
182
 
163
- FLAGS:
164
- -j <snyk_results_jsonl> : path to Snyk results JSON file.
165
- -o --output_prefix <prefix> : path to output scan-results json.
166
- -V --verbose : verbose run [optional].
183
+ FLAGS:
184
+ -x : path to netsparker results XML file.
185
+ -o --output : path to output scan-results json.
186
+ -V --verbose : verbose run [optional].
167
187
 
168
- example: heimdall_tools snyk_mapper -j snyk_results.json -o output-file-prefix
169
- ```
188
+ example: heimdall_tools netsparker_mapper -x netsparker_results.xml -o netsparker_hdf.json
170
189
 
171
190
  ## nikto_mapper
172
191
 
173
192
  nikto_mapper translates an Nikto results JSON file into HDF format JSON to be viewable in Heimdall
174
-
193
+
175
194
  Note: Current this mapper only support single target Nikto Scans.
176
195
 
177
- ```
178
- USAGE: heimdall_tools nikto_mapper [OPTIONS] -x <nikto-results-json> -o <hdf-scan-results.json>
196
+ USAGE: heimdall_tools nikto_mapper [OPTIONS] -x -o
179
197
 
180
- FLAGS:
181
- -j <nikto_results_json> : path to Nikto results JSON file.
182
- -o --output_prefix <prefix> : path to output scan-results json.
183
- -V --verbose : verbose run [optional].
198
+ FLAGS:
199
+ -j : path to Nikto results JSON file.
200
+ -o --output_prefix : path to output scan-results json.
201
+ -V --verbose : verbose run [optional].
184
202
 
185
- example: heimdall_tools nikto_mapper -j nikto_results.json -o nikto_results.json
186
- ```
203
+ example: heimdall_tools nikto_mapper -j nikto_results.json -o nikto_results.json
187
204
 
188
- ## jfrog_xray_mapper
205
+ ## sarif_mapper
189
206
 
190
- jfrog_xray_mapper translates an JFrog Xray results JSON file into HDF format JSON to be viewable in Heimdall
191
-
192
- ```
193
- USAGE: heimdall_tools jfrog_xray_mapper [OPTIONS] -j <xray-results-json> -o <hdf-scan-results.json>
207
+ sarif_mapper translates a SARIF JSON file into HDF format JSON to be viewable in Heimdall
194
208
 
195
- FLAGS:
196
- -j <xray_results_json> : path to xray results JSON file.
197
- -o --output <scan-results> : path to output scan-results json.
198
- -V --verbose : verbose run [optional].
209
+ USAGE: heimdall_tools sarif_mapper [OPTIONS] -j -o
199
210
 
200
- example: heimdall_tools jfrog_xray_mapper -j xray_results.json -o xray_results_hdf.json
201
- ```
211
+ FLAGS:
212
+ -j : path to SARIF results JSON file.
213
+ -o --output_prefix : path to output scan-results json.
214
+ -V --verbose : verbose run [optional].
202
215
 
203
- ## dbprotect_mapper
216
+ example: heimdall_tools sarif_mapper -j sarif_results.json -o sarif_results_hdf.json
204
217
 
205
- dbprotect_mapper translates DBProtect report in `Check Results Details` format XML to HDF format JSON be viewed on Heimdall.
206
-
207
- ```
208
- USAGE: heimdall_tools dbprotect_mapper [OPTIONS] -x <check_results_details_report_xml> -o <db_protect_hdf.json>
218
+ ## scoutsuite_mapper
209
219
 
210
- FLAGS:
211
- -x <check_results_details_report_xml> : path to DBProtect report XML file.
212
- -o --output <scan-results> : path to output scan-results json.
213
- -V --verbose : verbose run [optional].
220
+ scoutsuite_mapper translates Scout Suite results from Javascript to HDF-formatted JSON so as to be viewable on Heimdall
214
221
 
215
- example: heimdall_tools dbprotect_mapper -x check_results_details_report.xml -o db_protect_hdf.json
216
- ```
222
+ Note: Currently this mapper only supports AWS.
217
223
 
218
- ## aws_config_mapper
224
+ USAGE: heimdall_tools scoutsuite_mapper -i -o
219
225
 
220
- aws_config_mapper pulls Ruby AWS SDK data to translate AWS Config Rule results into HDF format json to be viewable in Heimdall
226
+ FLAGS:
227
+ -i --input -j --javascript : path to Scout Suite results Javascript file.
228
+ -o --output : path to output scan-results json.
221
229
 
222
- ### AWS Config Rule Mapping:
223
- The mapping of AWS Config Rules to 800-53 Controls was sourced from [this link](https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-nist-800-53_rev_4.html).
224
-
225
- ### Authentication with AWS:
226
- [Developer Guide for configuring Ruby AWS SDK for authentication](https://docs.aws.amazon.com/sdk-for-ruby/v3/developer-guide/setup-config.html)
227
-
228
- ```
229
- USAGE: heimdall_tools aws_config_mapper [OPTIONS] -o <hdf-scan-results.json>
230
+ example: heimdall_tools scoutsuite_mapper -i scoutsuite_results.js -o scoutsuite_hdf.json
230
231
 
231
- FLAGS:
232
- -o --output <scan-results> : path to output scan-results json.
233
- -V --verbose : verbose run [optional].
232
+ ## snyk_mapper
234
233
 
235
- example: heimdall_tools aws_config_mapper -o aws_config_results_hdf.json
236
- ```
234
+ snyk_mapper translates an Snyk results JSON file into HDF format json to be viewable in Heimdall
237
235
 
238
- ## netsparker_mapper
236
+ Note: A separate HDF JSON is generated for each project reported in the Snyk Report.
239
237
 
240
- netsparker_mapper translates an Netsparker XML results file into HDF format JSON to be viewable in Heimdall.
238
+ USAGE: heimdall_tools snyk_mapper [OPTIONS] -x -o
239
+
240
+ FLAGS:
241
+ -j : path to Snyk results JSON file.
242
+ -o --output_prefix : path to output scan-results json.
243
+ -V --verbose : verbose run [optional].
244
+
245
+ example: heimdall_tools snyk_mapper -j snyk_results.json -o output-file-prefix
241
246
 
242
- The current iteration only works with Netsparker Enterprise Vulnerabilities Scan.
247
+ ## sonarqube_mapper
248
+
249
+ sonarqube_mapper pulls SonarQube results, for the specified project, from the API and outputs in HDF format Json to be viewed on Heimdall
250
+
251
+ USAGE: heimdall_tools sonarqube_mapper [OPTIONS] -n -u -o
252
+
253
+ FLAGS:
254
+ -n --name : Project Key of the project in SonarQube
255
+ -u --api_url : url of the SonarQube Server API. Typically ends with /api.
256
+ --auth : username:password or token [optional].
257
+ -o --output : path to output scan-results json.
258
+ -V --verbose : verbose run [optional].
259
+
260
+ example:
261
+
262
+ heimdall_tools sonarqube_mapper -n sonar_project_key -u http://sonar:9000/api -o scan_results.json
263
+
264
+ heimdall_tools sonarqube_mapper -n sonar_project_key -u http://sonar:9000/api --auth admin:admin -o scan_results.json
265
+
266
+ ## xccdf_results_mapper
267
+
268
+ Note: SCC outputs scan results in XCCDF-Results format.
269
+
270
+ xccdf_results_mapper translates an XCCDF_Results XML scan into HDF format json to be viewable in Heimdall.
271
+
272
+ USAGE: heimdall_tools xccdf_results_mapper [OPTIONS] -x -o
273
+
274
+ FLAGS:
275
+ -x : path to XCCDF-Results XML file.
276
+ -o --output : path to output scan-results json.
277
+
278
+ example: heimdall_tools xccdf_results_mapper -x xccdf_results.xml -o scan_results.json
279
+
280
+ ## zap_mapper
281
+
282
+ zap_mapper translates OWASP ZAP results Json to HDF format Json be viewed on Heimdall
243
283
 
244
- ```
245
- USAGE: heimdall_tools netsparker_mapper [OPTIONS] -x <netsparker_results_xml> -o <hdf-scan-results.json>
284
+ USAGE: heimdall_tools zap_mapper [OPTIONS] -j -n -o
246
285
 
247
- FLAGS:
248
- -x <netsparker_results_xml> : path to netsparker results XML file.
249
- -o --output <scan-results> : path to output scan-results json.
250
- -V --verbose : verbose run [optional].
286
+ FLAGS:
287
+ -j --json : path to OWASP ZAP results JSON file.
288
+ -n --name : URL of the site being evaluated.
289
+ -o --output : path to output scan-results json.
290
+ -V --verbose : verbose run [optional].
251
291
 
252
- example: heimdall_tools netsparker_mapper -x netsparker_results.xml -o netsparker_hdf.json
253
- ```
292
+ example: heimdall_tools zap_mapper -j zap_results.json -n site_name -o scan_results.json
254
293
 
255
- ## version
294
+ ## version
256
295
 
257
296
  Prints out the gem version
258
297
 
259
- ```
260
- USAGE: heimdall_tools version
261
- ```
298
+ USAGE: heimdall_tools version
262
299
 
263
300
  # Development
264
301
 
@@ -266,26 +303,26 @@ USAGE: heimdall_tools version
266
303
 
267
304
  ### A complete PR should include 7 core elements:
268
305
 
269
- - A signed PR ( aka `git commit -a -s` )
270
- - Code for the new functionality
271
- - Updates to the CLI
272
- - New unit tests for the functionality
273
- - Updates to the docs and examples in `README.md` and `./docs/*`
274
- - (if needed) Example / Template files ( `metadata.yml`,`example.yml`, etc )
275
- - Scripts / Scaffolding code for the Example / Template files ( `generate_map` is an example )
276
- - Example Output of the new functionality if it produces an artifact
306
+ - A signed PR ( aka `git commit -a -s` )
307
+ - Code for the new functionality
308
+ - Updates to the CLI
309
+ - New unit tests for the functionality
310
+ - Updates to the docs and examples in `README.md` and `./docs/*`
311
+ - (if needed) Example / Template files ( `metadata.yml`,`example.yml`, etc )
312
+ - Scripts / Scaffolding code for the Example / Template files ( `generate_map` is an example )
313
+ - Example Output of the new functionality if it produces an artifact
277
314
 
278
315
  ### Overview of our PR process
279
316
 
280
- 1. open an issue on the main inspec_tools website noting the issues your PR will address
281
- 2. fork the repo
282
- 3. checkout your repo
283
- 4. cd to the repo
284
- 5. git co -b `<your_branch>`
285
- 6. bundle install
286
- 7. `hack as you will`
287
- 8. test via rake
288
- 9. ensure unit tests still function and add unit tests for your new feature
317
+ 1. open an issue on the main inspec_tools website noting the issues your PR will address
318
+ 2. fork the repo
319
+ 3. checkout your repo
320
+ 4. cd to the repo
321
+ 5. git co -b ``
322
+ 6. bundle install
323
+ 7. `hack as you will`
324
+ 8. test via rake
325
+ 9. ensure unit tests still function and add unit tests for your new feature
289
326
  10. add new docs to the `README.md` and to `./docs/examples`
290
327
  11. update the CLI as needed and add in `usage` example
291
328
  12. (if needed) create and document any example or templates
@@ -293,18 +330,18 @@ USAGE: heimdall_tools version
293
330
  14. (opt) gem build inspec_tools.gemspec
294
331
  15. (opt) gem install inspec_tools
295
332
  16. (opt) test via the installed gem
296
- 17. git commit -a -s `<your_branch>`
333
+ 17. git commit -a -s ``
297
334
  18. Open a PRs aginst the MITRE inspec_tools repo
298
335
 
299
336
  # Publishing a Release
300
337
 
301
338
  If you are a maintainer, it is very easy to cut a release of this gem:
302
339
 
303
- 1. Click on "Releases" and there should be a draft pending.
304
- 2. Make sure the Tag version and Release title match!
305
- 3. Add any additional notes can be added in the Description box.
306
- 4. Click "Publish release".
307
- 5. Release notes will be posted and a new gem will be pushed to Rubygems & Github Packages with the version you specified on step 2.
340
+ 1. Click on "Releases" and there should be a draft pending.
341
+ 2. Make sure the Tag version and Release title match!
342
+ 3. Add any additional notes can be added in the Description box.
343
+ 4. Click "Publish release".
344
+ 5. Release notes will be posted and a new gem will be pushed to Rubygems & Github Packages with the version you specified on step 2.
308
345
 
309
346
  # Testing
310
347
 
@@ -318,8 +355,8 @@ To release a new version, update the version number in `version.rb` according to
318
355
 
319
356
  ### Authors
320
357
 
321
- - Author:: Rony Xavier [rx294](https://github.com/rx294)
322
- - Author:: Dan Mirsky [mirskiy](https://github.com/mirskiy)
358
+ - Author:: Rony Xavier [rx294](https://github.com/rx294)
359
+ - Author:: Dan Mirsky [mirskiy](https://github.com/mirskiy)
323
360
 
324
361
  ### NOTICE
325
362