inspec-core 3.9.3 → 4.1.4.preview

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA256:
-  metadata.gz: 96ff01311bc29d2878ccaa989af9b586229a74cf6c4e22a5d15cccec333ab8b9
-  data.tar.gz: 727e2df3d8d54bbf57fa4cd91b6dbb2a2d45b8124ee2fa6aaff2e8e29ad8c5fe
+SHA1:
+  metadata.gz: 4153e41e5d8fddfb696a73688b7d92b299aed682
+  data.tar.gz: 9a9c379e82e175edacc705e63b299e091be4df1b
 SHA512:
-  metadata.gz: 158b57f8f27e24c0a4c3dd9f6f0db7701ed1deac01872d6832332bfc523eea695f8af4654bbabdc6e1fdf649eff3ea007f37417d3e5dda92bf097fb5d1fe0438
-  data.tar.gz: 994876c13c21a6a2230c945e2668515b75d5ac30202de624da721cb929e10fdcd96fb159a935e9119f0b92ed92ff75a8cf480a7937e5b159cc1dadd021eea719
+  metadata.gz: abbbc79378e7f76da10089bea0030fe19c0ad470eba604caaa5ad909ceb8977919f9849346e558f3dceb213d290d2317ec12a282936100cb2152f412f034aac2
+  data.tar.gz: 806520071a450b2a8c4fe097dbc580d3de4b6beed0b09f95f3ae3e4af2948ec653456ff59bdc815396149391b0a82d496f3abdaf608af1653ccd1ed82544009d

data/README.md

@@ -46,7 +46,7 @@ inspec exec test.rb -t docker://container_id
 
 ## Installation
 
-InSpec requires Ruby ( >2.3 ).
+InSpec requires Ruby ( >= 2.4 ).
 
 ### Install as package
 
@@ -454,4 +454,3 @@ distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
 limitations under the License.
-

data/etc/deprecations.json

@@ -6,24 +6,106 @@
       "action": "ignore",
       "prefix": "The 'default' option for attributes is being replaced by 'value' - please use it instead."
     },
+    "aws_resources_in_resource_pack": {
+      "comment": "See #3822",
+      "action": "ignore",
+      "prefix": "AWS resources shipped with core InSpec are being to moved to a resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
+    },
     "cli_option_json_config": {
       "action": "ignore",
       "prefix": "The --json-config option is being replaced by the --config option.",
       "comment": "See #3661"
     },
-    "filesystem_property_size": {
+    "file_resource_be_mounted_matchers": {
+      "action": "warn",
+      "suffix": "This will not be supported in InSpec 4.0."
+    },
+    "host_resource_proto_usage": {
+      "action": "warn",
+      "suffix": "This will not be supported in InSpec 4.0."
+    },
+    "inspec_ui_methods": {
+      "action": "ignore",
+      "suffix": "Please call `cli.ui` directly",
+      "comment": "See #3715"
+    },
+    "mssql_session_pass_option": {
+      "action": "warn",
+      "suffix": "This will not be supported in InSpec 4.0."
+    },
+    "oracledb_session_pass_option": {
+      "action": "warn",
+      "suffix": "This will not be supported in InSpec 4.0."
+    },
+    "property_filesystem_size": {
       "action": "ignore",
       "comment": "See #3778"
     },
+    "property_processes_list": {
+      "action": "warn",
+      "suffix": "This property will be removed in InSpec 4.0."
+    },
+    "properties_aws_iam_user": {
+      "action": "warn",
+      "suffix": "This property will be removed in InSpec 4.0."
+    },
+    "properties_shadow": {
+      "action": "warn",
+      "suffix": "This property will be removed in InSpec 4.0."
+    },
     "rename_attributes_to_inputs": {
       "action": "ignore",
       "prefix": "InSpec Attributes are being renamed to InSpec Inputs to avoid confusion with Chef Attributes.",
       "comment": "See #3802"
     },
-    "aws_resources_in_resource_pack": {
-      "comment": "See #3822",
-      "action": "ignore",
-      "prefix": "AWS resources shipped with core InSpec are being to moved to a resource pack for faster iteration. Please update your profiles to depend on git@github.com:inspec/inspec-aws.git ."
+    "resource_apache": {
+      "action": "warn",
+      "suffix": "This resource will be removed in InSpec 4.0."
+    },
+    "resource_azure_generic_resource": {
+      "action": "warn",
+      "prefix": "The azure_generic_resource is deprecated. Please use a specific resource. See: 'https://github.com/inspec/inspec/issues/3131'"
+    },
+    "resource_iis_website": {
+      "action": "warn",
+      "suffix": "This resource will be removed in InSpec 4.0.",
+      "comment": "Needed for ServerSpec compatibility"
+    },
+    "resource_linux_kernel_parameter": {
+      "action": "warn",
+      "suffix": "This resource will be removed in InSpec 4.0.",
+      "comment": "Needed for ServerSpec compatibility"
+    },
+    "resource_ppa": {
+      "action": "warn",
+      "suffix": "This resource will be removed in InSpec 4.0.",
+      "comment": "Needed for ServerSpec compatibility"
+    },
+    "resource_script": {
+      "action": "warn",
+      "suffix": "This resource will be removed in InSpec 4.0"
+    },
+    "resource_user_serverspec_compat": {
+      "action": "warn"
+    },
+    "resource_windows_registry_key": {
+      "action": "warn",
+      "suffix": "This resource will be removed in InSpec 4.0.",
+      "comment": "Needed for ServerSpec compatibility"
+    },
+    "serverspec_compatibility": {
+      "action": "warn",
+      "suffix": "This is only allowed for compatibility with ServerSpec"
+    },
+    "supports_syntax": {
+      "action": "warn"
+    },
+    "mount_parser_serverspec_compat": {
+      "action": "warn"
+    },
+    "wmi_non_hash_usage": {
+      "action": "warn",
+      "suffix": "This property will be removed in InSpec 4.0."
     }
   }
-}
+}

data/lib/inspec/base_cli.rb

@@ -164,28 +164,28 @@ module Inspec
       end
 
       def mark_text(text)
-        # TODO: - deprecate, call cli.ui directly
+        Inspec.deprecate(:inspec_ui_methods)
         # Note that this one doesn't automatically print
         ui.emphasis(text, print: false)
       end
 
       def headline(title)
-        # TODO: - deprecate, call cli.ui directly
+        Inspec.deprecate(:inspec_ui_methods)
         ui.headline(title)
       end
 
       def li(entry)
-        # TODO: - deprecate, call cli.ui directly
+        Inspec.deprecate(:inspec_ui_methods)
         ui.list_item(entry)
       end
 
       def plain_text(msg)
-        # TODO: - deprecate, call cli.ui directly
+        Inspec.deprecate(:inspec_ui_methods)
         ui.plain(msg + "\n")
       end
 
       def exit(code)
-        # TODO: - deprecate, call cli.ui directly
+        Inspec.deprecate(:inspec_ui_methods)
         ui.exit code
       end
     end

data/lib/inspec/cli.rb

@@ -39,6 +39,9 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   class_option :disable_user_plugins, type: :string, banner: '',
     desc: 'Disable loading all plugins that the user installed.'
 
+  require 'license_acceptance/cli_flags/thor'
+  include LicenseAcceptance::CLIFlags::Thor
+
   desc 'json PATH', 'read all tests in PATH and generate a JSON summary'
   option :output, aliases: :o, type: :string,
     desc: 'Save the created profile to a path'
@@ -196,6 +199,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
         3  Fatal deprecation encountered
       100  Normal exit, at least one test failed
       101  Normal exit, at least one test skipped but none failed
+      172  Chef License not accepted
     ```
 
     Below are some examples of using `exec` with different test LOCATIONS:
@@ -373,18 +377,44 @@ class Inspec::InspecCLI < Inspec::BaseCLI
   end
 end
 
+#=====================================================================#
+#                        Pre-Flight Code
+#=====================================================================#
+
+help_commands = ['-h', '--help', 'help']
+version_commands = ['-v', '--version', 'version']
+commands_exempt_from_license_check = help_commands + version_commands
+
+#---------------------------------------------------------------------#
+# EULA acceptance
+#---------------------------------------------------------------------#
+require 'license_acceptance/acceptor'
 begin
-  # Handle help commands
-  # This allows you to use any of the normal help commands after the normal args.
-  help_commands = ['-h', '--help', 'help']
-  (help_commands & ARGV).each do |cmd|
-    # move the help argument to one place behind the end for Thor to digest
-    if ARGV.size > 1
-      match = ARGV.delete(cmd)
-      ARGV.insert(-2, match)
-    end
+  if (commands_exempt_from_license_check & ARGV.map(&:downcase)).empty? &&  # Did they use a non-exempt command?
+     !ARGV.empty?                                                           # Did they supply at least one command?
+    LicenseAcceptance::Acceptor.check_and_persist('inspec', Inspec::VERSION)
   end
+rescue LicenseAcceptance::LicenseNotAcceptedError
+  Inspec::Log.error 'InSpec cannot execute without accepting the license'
+  Inspec::UI.new.exit(:license_not_accepted)
+end
 
+#---------------------------------------------------------------------#
+# Adjustments for help handling
+# This allows you to use any of the normal help commands after the normal args.
+#---------------------------------------------------------------------#
+(help_commands & ARGV).each do |cmd|
+  # move the help argument to one place behind the end for Thor to digest
+  if ARGV.size > 1
+    match = ARGV.delete(cmd)
+    ARGV.insert(-2, match)
+  end
+end
+
+#---------------------------------------------------------------------#
+# Plugin Loading
+#---------------------------------------------------------------------#
+begin
   # Load v2 plugins.  Manually check for plugin disablement.
   omit_core = ARGV.delete('--disable-core-plugins')
   omit_user = ARGV.delete('--disable-user-plugins')

data/lib/inspec/config.rb

@@ -197,7 +197,7 @@ module Inspec
 
     def check_for_piped_config(cli_opts)
       cli_opt = cli_opts[:config] || cli_opts[:json_config]
-      Inspec.deprecate(:cli_option_json_config, '') if cli_opts.key?(:json_config)
+      Inspec.deprecate(:cli_option_json_config) if cli_opts.key?(:json_config)
 
       return nil unless cli_opt
       return nil unless cli_opt == '-'
@@ -209,7 +209,7 @@ module Inspec
 
     def determine_cfg_path(cli_opts)
       path = cli_opts[:config] || cli_opts[:json_config]
-      Inspec.deprecate(:cli_option_json_config, '') if cli_opts.key?(:json_config)
+      Inspec.deprecate(:cli_option_json_config) if cli_opts.key?(:json_config)
 
       if path.nil?
         default_path = File.join(Inspec.config_dir, 'config.json')

data/lib/inspec/metadata.rb

@@ -149,11 +149,9 @@ module Inspec
         nil
       when nil then nil
       else
-        logger ||= Logger.new(nil)
-        logger.warn(
-          "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
-          "supports:\n  - os-family: #{x}\n\n",
-        )
+        Inspec.deprecate(:supports_syntax,
+                         "Do not use deprecated `supports: #{x}` syntax. Instead use:\n"\
+                         "supports:\n  - os-family: #{x}\n\n")
         { :'os-family' => x } # rubocop:disable Style/HashSyntax
       end
     end

data/lib/inspec/plugin/v1/plugin_types/resource.rb

@@ -147,7 +147,10 @@ module Inspec
       end
 
       # rubocop:enable Lint/NestedMethodDefinition
-      if __resource_registry.key?(name)
+
+      # Warn if a resource pack is overwriting a core resource.
+      # Suppress warning if the resource is an AWS resource, see #3822
+      if __resource_registry.key?(name) && !name.start_with?('aws_')
         Inspec::Log.warn("Overwriting resource #{name}. To reference a specific version of #{name} use the resource() method")
       end
       __resource_registry[name] = cl

data/lib/inspec/ui.rb

@@ -33,6 +33,7 @@ module Inspec
     EXIT_USAGE_ERROR = 1
     EXIT_PLUGIN_ERROR = 2
     EXIT_FATAL_DEPRECATION = 3
+    EXIT_LICENSE_NOT_ACCEPTED = 172
     EXIT_FAILED_TESTS = 100
     EXIT_SKIPPED_TESTS = 101
 

data/lib/inspec/version.rb

@@ -1,8 +1,3 @@
-# encoding: utf-8
-# frozen_string_literal: true
-# author: Dominik Richter
-# author: Christoph Hartmann
-
 module Inspec
-  VERSION = '3.9.3'
+  VERSION = '4.1.4.preview'.freeze
 end

data/lib/matchers/matchers.rb

@@ -107,6 +107,7 @@ end
 # Deprecated: You should not use this matcher anymore
 RSpec::Matchers.define :be_running do
   match do |service|
+    Inspec.deprecate(:serverspec_compatibility, 'The service `be_running?` matcher is deprecated.')
     service.running? == true
   end
 

data/lib/resources/apache.rb

@@ -26,7 +26,7 @@ module Inspec::Resources
 
     attr_reader :service, :conf_dir, :conf_path, :user
     def initialize
-      warn '[DEPRECATED] The `apache` resource is deprecated and will be removed in InSpec 4.0'
+      Inspec.deprecate(:resource_apache, 'The apache resource is deprecated')
 
       if inspec.os.debian?
         @service = 'apache2'

data/lib/resources/apt.rb

@@ -127,8 +127,6 @@ module Inspec::Resources
     end
   end
 
-  # for compatability with serverspec
-  # this is deprecated syntax and will be removed in future versions
   class PpaRepository < AptRepository
     name 'ppa'
 
@@ -143,7 +141,7 @@ module Inspec::Resources
     end
 
     def deprecated
-      warn '[DEPRECATION] `ppa(reponame)` is deprecated.  Please use `apt(reponame)` instead.'
+      Inspec.deprecate(:resource_ppa, 'The `ppa` resource is deprecated. Please use `apt`')
     end
   end
 end

data/lib/resources/file.rb

@@ -98,7 +98,7 @@ module Inspec::Resources
       return file.mounted? if expected_options.nil?
 
       # deprecation warning, this functionality will be removed in future version
-      warn "[DEPRECATION] `be_mounted.with and be_mounted.only_with` are deprecated.  Please use `mount('#{source_path}')` instead."
+      Inspec.deprecate(:file_resource_be_mounted_matchers, 'The file resource `be_mounted.with` and `be_mounted.only_with` matchers are deprecated. Please use the `mount` resource instead')
 
       # we cannot read mount data on non-Linux systems
       return nil if !inspec.os.linux?
@@ -133,6 +133,35 @@ module Inspec::Resources
 
     alias sticky? sticky
 
+    def more_permissive_than?(max_mode = nil)
+      raise Inspec::Exceptions::ResourceFailed, 'The file' + file.path + 'doesn\'t seem to exist' unless exist?
+      raise ArgumentError, 'You must proivde a value for the `maximum allowable permission` for the file.' if max_mode.nil?
+      raise ArgumentError, 'You must proivde the `maximum permission target` as a `String`, you provided: ' + max_mode.class.to_s unless max_mode.is_a?(String)
+      raise ArgumentError, 'The value of the `maximum permission target` should be a valid file mode in 4-ditgit octal format: for example, `0644` or `0777`' unless /(0)?([0-7])([0-7])([0-7])/.match?(max_mode)
+
+      # Using the files mode and a few bit-wise calculations we can ensure a
+      # file is no more permisive than desired.
+      #
+      # 1. Calculate the inverse of the desired mode (e.g., 0644) by XOR it with
+      # 0777 (all 1s). We are interested in the bits that are currently 0 since
+      # it indicates that the actual mode is more permissive than the desired mode.
+      # Conversely, we dont care about the bits that are currently 1 because they
+      # cannot be any more permissive and we can safely ignore them.
+      #
+      # 2. Calculate the above result of ANDing the actual mode and the inverse
+      # mode. This will determine if any of the bits that would indicate a more
+      # permissive mode are set in the actual mode.
+      #
+      # 3. If the result is 0000, the files mode is equal
+      # to or less permissive than the desired mode (PASS). Otherwise, the files
+      # mode is more permissive than the desired mode (FAIL).
+
+      max_mode = max_mode.rjust(4, '0')
+      binary_desired_mode = format('%04b', max_mode).to_i(2)
+      desired_mode_inverse = (binary_desired_mode ^ 0b111111111)
+      (desired_mode_inverse & file.mode).zero? ? false : true
+    end
+
     def to_s
       "File #{source_path}"
     end
@@ -212,6 +241,10 @@ module Inspec::Resources
       raise '`check_file_permission_by_mask` is not supported on Windows'
     end
 
+    def more_permissive_than?(*)
+      raise Inspec::Exceptions::ResourceSkipped, 'The `more_permissive_than?` matcher is not supported on your OS yet.'
+    end
+
     def check_file_permission_by_user(access_type, user, path)
       access_rule = translate_perm_names(access_type)
       access_rule = convert_to_powershell_array(access_rule)

data/lib/resources/filesystem.rb

@@ -52,7 +52,7 @@ module Inspec::Resources
     end
 
     def size
-      Inspec.deprecate(:filesystem_property_size, 'The `size` property did not reliably use the correct units.  Please use `size_kb` instead.')
+      Inspec.deprecate(:property_filesystem_size, 'The `size` property did not reliably use the correct units. Please use `size_kb` instead.')
       if inspec.os.windows?
         # On windows, we had a bug prior to #3767 in which the
         # 'size' value was be scaled to GB in powershell.

data/lib/resources/host.rb

@@ -49,7 +49,7 @@ module Inspec::Resources
       @port = params[:port]
 
       if params[:proto]
-        warn '[DEPRECATION] The `proto` parameter is deprecated. Use `protocol` instead.'
+        Inspec.deprecate(:host_resource_proto_usage, 'The `host` resource `proto` resource parameter is deprecated. Please use `protocol`.')
         @protocol = params[:proto]
       else
         @protocol = params.fetch(:protocol, 'icmp')
@@ -75,7 +75,7 @@ module Inspec::Resources
     end
 
     def proto
-      warn '[DEPRECATION] The `proto` method is deprecated. Use `protocol` instead.'
+      Inspec.deprecate(:host_resource_proto_usage, 'The host resource `proto` method is deprecated. Please use `protocol`.')
       protocol
     end
 

data/lib/resources/iis_site.rb

@@ -134,8 +134,8 @@ module Inspec::Resources
     EXAMPLE
 
     def initialize(site_name)
+      Inspec.deprecate(:resource_iis_website, 'The `iis_website` resource is deprecated. Please use `iis_site` instead.')
       super(site_name)
-      warn '[DEPRECATION] `iis_website(site_name)` is deprecated.  Please use `iis_site(site_name)` instead.'
     end
 
     def in_app_pool?(app_pool)

data/lib/resources/interface.rb

@@ -13,6 +13,8 @@ module Inspec::Resources
         it { should exist }
         it { should be_up }
         its('speed') { should eq 1000 }
+        its('ipv4_addresses') { should include '127.0.0.1' }
+        its('ipv6_cidrs') { should include '::1/128' }
       end
     EXAMPLE
     def initialize(iface)
@@ -41,6 +43,42 @@ module Inspec::Resources
       interface_info.nil? ? nil : interface_info[:speed]
     end
 
+    def ipv4_address?
+      !ipv4_addresses.nil? && !ipv4_addresses.empty?
+    end
+
+    def ipv6_address?
+      !ipv6_addresses.nil? && !ipv6_addresses.empty?
+    end
+
+    def ipv4_addresses
+      ipv4_cidrs.map { |i| i.split('/')[0] }
+    end
+
+    def ipv6_addresses
+      ipv6_cidrs.map { |i| i.split('/')[0] }
+    end
+
+    def ipv4_addresses_netmask
+      ipv4_cidrs.map { |i| i.split('/') }.map do |addr, netlen|
+        binmask = "#{'1' * netlen.to_i}#{'0' * (32 - netlen.to_i)}".to_i(2)
+        netmask = []
+        (1..4).each do |_byte|
+          netmask.unshift(binmask & 255)
+          binmask = binmask >> 8
+        end
+        "#{addr}/#{netmask.join('.')}"
+      end
+    end
+
+    def ipv4_cidrs
+      interface_info.nil? ? [] : interface_info[:ipv4_addresses]
+    end
+
+    def ipv6_cidrs
+      interface_info.nil? ? [] : interface_info[:ipv6_addresses]
+    end
+
     def to_s
       "Interface #{@iface}"
     end
@@ -87,28 +125,54 @@ module Inspec::Resources
         speed = convert_to_i(speed)
       end
 
+      family_addresses = addresses(iface)
       {
         name: iface,
         up: state,
         speed: speed,
+        ipv4_addresses: family_addresses['inet'],
+        ipv6_addresses: family_addresses['inet6'],
       }
     end
+
+    private
+
+    def addresses(iface)
+      addrs_by_family = { 'inet6' => [], 'inet' => [] }
+      [4, 6].each do |v|
+        cmd = inspec.command("/sbin/ip -br -#{v} address show dev #{iface}")
+        next unless cmd.exit_status.to_i == 0
+        family = v == 6 ? 'inet6' : 'inet'
+
+        cmd.stdout.each_line do |line|
+          _dev, _state, *addrs = line.split(/\s+/)
+          addrs_by_family[family] = addrs
+        end
+      end
+      addrs_by_family
+    end
   end
 
   class WindowsInterface < InterfaceInfo
     def interface_info(iface)
       # gather all network interfaces
-      cmd = inspec.command('Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json')
+      cmd = inspec.command('Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, ' \
+                           'MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json')
+
+      addr_cmd = inspec.command('Get-NetIPAddress | Select-Object -Property IPv6Address, IPv4Address, InterfaceAlias,' \
+                                ' PrefixLength | ConvertTo-Json')
 
       # filter network interface
       begin
         net_adapter = JSON.parse(cmd.stdout)
+        addresses = JSON.parse(addr_cmd.stdout)
       rescue JSON::ParserError => _e
         return nil
       end
 
       # ensure we have an array of groups
       net_adapter = [net_adapter] if !net_adapter.is_a?(Array)
+      addresses = [addresses] if !addresses.is_a?(Array)
 
       # select the requested interface
       adapters = net_adapter.each_with_object([]) do |adapter, adapter_collection|
@@ -117,6 +181,8 @@ module Inspec::Resources
           name: adapter['Name'],
           up: adapter['State'] == 2,
           speed: adapter['ReceiveLinkSpeed'] / 1000,
+          ipv4_addresses: addresses_for_proto(addresses, adapter['Name'], 'IPv4'),
+          ipv6_addresses: addresses_for_proto(addresses, adapter['Name'], 'IPv6'),
         }
         adapter_collection.push(info) if info[:name].casecmp(iface) == 0
       end
@@ -125,5 +191,13 @@ module Inspec::Resources
       warn "[Possible Error] detected multiple network interfaces with the name #{iface}" if adapters.size > 1
       adapters[0]
     end
+
+    private
+
+    def addresses_for_proto(all_addresses, iface, proto)
+      all_addresses.select { |i| i['InterfaceAlias'] == iface }
+                   .map { |i| "#{i["#{proto}Address"]}/#{i['PrefixLength']}" unless i["#{proto}Address"].nil? }
+                   .compact
+    end
   end
 end

data/lib/resources/kernel_parameter.rb

@@ -33,24 +33,19 @@ module Inspec::Resources
     end
   end
 
-  # for compatability with serverspec
-  # this is deprecated syntax and will be removed in future versions
   class LinuxKernelParameter < KernelParameter
     name 'linux_kernel_parameter'
 
     def initialize(parameter)
+      Inspec.deprecate(:resource_linux_kernel_parameter, 'The `linux_kernel_parameter` resource is deprecated. Please use `kernel_parameter`')
       super(parameter)
     end
 
     def value
-      deprecated
+      Inspec.deprecate(:resource_linux_kernel_parameter, 'The `linux_kernel_parameter` resource is deprecated. Please use `kernel_parameter`')
       super()
     end
 
-    def deprecated
-      warn '[DEPRECATION] `linux_kernel_parameter(parameter)` is deprecated.  Please use `kernel_parameter(parameter)` instead.'
-    end
-
     def to_s
       "Kernel Parameter #{@parameter}"
     end

data/lib/resources/mssql_session.rb

@@ -34,7 +34,7 @@ module Inspec::Resources
       @user = opts[:user]
       @password = opts[:password] || opts[:pass]
       if opts[:pass]
-        warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
+        Inspec.deprecate(:mssql_session_pass_option, 'The mssql_session `pass` option is deprecated. Please use `password`.')
       end
       @local_mode = opts[:local_mode]
       unless local_mode?

data/lib/resources/oracledb_session.rb

@@ -28,7 +28,7 @@ module Inspec::Resources
       @user = opts[:user]
       @password = opts[:password] || opts[:pass]
       if opts[:pass]
-        warn '[DEPRECATED] use `password` option to supply password instead of `pass`'
+        Inspec.deprecate(:oracledb_session_pass_option, 'The oracledb_session `pass` option is deprecated. Please use `password`.')
       end
 
       @host = opts[:host] || 'localhost'

data/lib/resources/powershell.rb

@@ -56,12 +56,8 @@ module Inspec::Resources
     name 'script'
 
     def initialize(script)
-      deprecated
+      Inspec.deprecate(:resource_script, 'The `script` resource is deprecated. Please use `powershell` instead.')
       super(script)
     end
-
-    def deprecated
-      warn '[DEPRECATION] `script(script)` is deprecated.  Please use `powershell(script)` instead.'
-    end
   end
 end

data/lib/resources/processes.rb

@@ -56,7 +56,7 @@ module Inspec::Resources
     end
 
     def list
-      warn '[DEPRECATION] `processes.list` is deprecated. Please use `processes.entries` instead. It will be removed in version 4.0.'
+      Inspec.deprecate(:property_processes_list, 'The processes `list` property is deprecated. Please use `entries` instead.')
       @list
     end
 

data/lib/resources/registry_key.rb

@@ -280,18 +280,12 @@ module Inspec::Resources
     end
   end
 
-  # for compatability with serverspec
-  # this is deprecated syntax and will be removed in future versions
   class WindowsRegistryKey < RegistryKey
     name 'windows_registry_key'
 
     def initialize(name)
-      deprecated
+      Inspec.deprecate(:resource_windows_registry_key, 'The `windows_registry_key` resource is deprecated. Please use `registry_key` instead.')
       super(name)
     end
-
-    def deprecated
-      warn '[DEPRECATION] `windows_registry_key(reg_key)` is deprecated.  Please use `registry_key(\'path\to\key\')` instead.'
-    end
   end
 end

data/lib/resources/shadow.rb

@@ -91,32 +91,27 @@ module Inspec::Resources
     # Next 4 are deprecated methods.  We define them here so we can emit a deprecation message.
     # They are also defined on the Table, above.
     def user(query = nil)
-      warn '[DEPRECATION] The shadow `user` property is deprecated and will be removed' \
-       ' in InSpec 3.0.  Please use `users` instead.'
+      Inspec.deprecate(:properties_shadow, 'The shadow `user` property is deprecated. Please use `users` instead.')
       query.nil? ? where.users : where('user' => query)
     end
 
     def password(query = nil)
-      warn '[DEPRECATION] The shadow `password` property is deprecated and will be removed' \
-       ' in InSpec 3.0.  Please use `passwords` instead.'
+      Inspec.deprecate(:properties_shadow, 'The shadow `password` property is deprecated. Please use `passwords` instead.')
       query.nil? ? where.passwords : where('password' => query)
     end
 
     def last_change(query = nil)
-      warn '[DEPRECATION] The shadow `last_change` property is deprecated and will be removed' \
-       ' in InSpec 3.0.  Please use `last_changes` instead.'
+      Inspec.deprecate(:properties_shadow, 'The shadow `last_change` property is deprecated. Please use `last_changes` instead.')
       query.nil? ? where.last_changes : where('last_change' => query)
     end
 
     def expiry_date(query = nil)
-      warn '[DEPRECATION] The shadow `expiry_date` property is deprecated and will be removed' \
-       ' in InSpec 3.0.  Please use `expiry_dates` instead.'
+      Inspec.deprecate(:properties_shadow, 'The shadow `expiry_date` property is deprecated. Please use `expiry_dates` instead.')
       query.nil? ? where.expiry_dates : where('expiry_date' => query)
     end
 
     def lines
-      warn '[DEPRECATION] The shadow `lines` property is deprecated and will be removed' \
-        ' in InSpec 3.0.'
+      Inspec.deprecate(:properties_shadow, 'The shadow `lines` property is deprecated.')
       shadow_content.to_s.split("\n")
     end
 

data/lib/resources/users.rb

@@ -213,42 +213,38 @@ module Inspec::Resources
 
     # implement 'mindays' method to be compatible with serverspec
     def minimum_days_between_password_change
-      deprecated('minimum_days_between_password_change', "Please use: its('mindays')")
+      Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.')
       mindays
     end
 
     # implement 'maxdays' method to be compatible with serverspec
     def maximum_days_between_password_change
-      deprecated('maximum_days_between_password_change', "Please use: its('maxdays')")
+      Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `maximum_days_between_password_change` property is deprecated. Please use `maxdays`.')
       maxdays
     end
 
     # implements rspec has matcher, to be compatible with serverspec
     # @see: https://github.com/rspec/rspec-expectations/blob/master/lib/rspec/matchers/built_in/has.rb
     def has_uid?(compare_uid)
-      deprecated('has_uid?')
+      Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_uid?` matcher is deprecated.')
       uid == compare_uid
     end
 
     def has_home_directory?(compare_home)
-      deprecated('has_home_directory?', "Please use: its('home')")
+      Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_home_directory?` matcher is deprecated. Please use `its(\'home\')`.')
       home == compare_home
     end
 
     def has_login_shell?(compare_shell)
-      deprecated('has_login_shell?', "Please use: its('shell')")
+      Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_login_shell?` matcher is deprecated. Please use `its(\'shell\')`.')
       shell == compare_shell
     end
 
     def has_authorized_key?(_compare_key)
-      deprecated('has_authorized_key?')
+      Inspec.deprecate(:resource_user_serverspec_compat, 'The user resource `has_authorized_key?` matcher is deprecated. There is no currently implemented alternative')
       raise NotImplementedError
     end
 
-    def deprecated(name, alternative = nil)
-      warn "[DEPRECATION] #{name} is deprecated. #{alternative}"
-    end
-
     def to_s
       "User #{@username}"
     end

data/lib/resources/wmi.rb

@@ -26,11 +26,10 @@ module Inspec::Resources
 
     def initialize(wmiclass = nil, opts = nil)
       @options = opts || {}
-      # if wmiclass is not a hash, we have to handle deprecation behavior
       if wmiclass.is_a?(Hash)
         @options.merge!(wmiclass)
       else
-        warn '[DEPRECATION] `wmi(\'wmiclass\')` is deprecated.  Please use `wmi({class: \'wmiclass\'})` instead.'
+        Inspec.deprecate(:wmi_non_hash_usage, 'Using `wmi(\'wmisclass\')` is deprecated. Please use`wmi({class: \'wmisclass\'})`')
         @options[:class] = wmiclass
       end
     end

data/lib/utils/deprecation/deprecator.rb

@@ -18,7 +18,7 @@ module Inspec
 
         action = group[:action] || :warn
         action_method = ('handle_' + action.to_s + '_action').to_sym
-        send(action_method, assembled_message, group)
+        send(action_method, group_name.to_sym, assembled_message, group)
       end
 
       private
@@ -76,7 +76,8 @@ module Inspec
         false
       end
 
-      def handle_ignore_action(message, _group)
+      # Unused args needed for unit test deprecation harness
+      def handle_ignore_action(_group_name, message, _group)
         handle_log_action(message, :debug)
       end
 
@@ -91,24 +92,24 @@ module Inspec
         end
       end
 
-      def handle_warn_action(message, _group)
+      def handle_warn_action(_group_name, message, _group)
         handle_log_action(message, :warn)
       end
 
-      def handle_error_action(message, _group)
+      def handle_error_action(_group_name, message, _group)
         handle_log_action(message, :error)
       end
 
-      def handle_fail_control_action(message, group)
+      def handle_fail_control_action(group_name, message, group)
         if called_from_control?
           raise Inspec::Exceptions::ResourceFailed, message
         else
-          handle_warn_action(message, group)
+          handle_warn_action(group_name, message, group)
         end
       end
 
-      def handle_exit_action(message, group)
-        handle_error_action(message, group)
+      def handle_exit_action(group_name, message, group)
+        handle_error_action(group_name, message, group)
         status = group[:exit_status] || :fatal_deprecation
         Inspec::UI.new.exit(status)
       end

data/lib/utils/deprecation/global_method.rb

@@ -1,7 +1,7 @@
 require 'utils/deprecation/deprecator'
 
 module Inspec
-  def self.deprecate(group, msg, opts = {})
+  def self.deprecate(group, msg = '', opts = {})
     config_io = opts.delete(:config_io)
     deprecator = Inspec::Deprecation::Deprecator.new(config_io: config_io)
     deprecator.handle_deprecation(group, msg, opts)

data/lib/utils/parser.rb

@@ -88,7 +88,7 @@ module LinuxMountParser
       # parse options as array
       mount_options[:options] = mount[5].gsub(/\(|\)/, '').split(',')
     else
-      # parse options as serverspec uses it, tbis is deprecated
+      Inspec.deprecate(:mount_parser_serverspec_compat, 'Parsing mount options in this fashion is deprecated')
       mount_options[:options] = {}
       mount[5].gsub(/\(|\)/, '').split(',').each do |option|
         name, val = option.split('=')

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 3.9.3
+  version: 4.1.4.preview
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-04-15 00:00:00.000000000 Z
+date: 2019-04-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train-core
@@ -16,20 +16,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.7.2
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
-    - - ">="
+        version: '2.0'
+- !ruby/object:Gem::Dependency
+  name: license-acceptance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.7.2
+        version: '0.2'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -664,14 +672,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.3'
+      version: '2.4'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
-rubygems_version: 3.0.3
+rubyforge_project: 
+rubygems_version: 2.6.14.3
 signing_key: 
 specification_version: 4
 summary: Just InSpec