inspec-core 6.8.24 → 7.0.95

data/lib/inspec/file_provider.rb

@@ -1,4 +1,5 @@
 require "rubygems/package" unless defined?(Gem::Package)
+require "rubygems/package/tar_header" unless defined?(Gem::Package::TarHeader)
 require "pathname" unless defined?(Pathname)
 require "zlib" unless defined?(Zlib)
 require "zip" unless defined?(Zip)
@@ -7,8 +8,12 @@ require "inspec/iaf_file"
 module Inspec
   class FileProvider
     def self.for_path(path)
-      if path.is_a?(Hash)
+      raise "Profile or dependency path not resolved." if path.nil?
+
+      if path.is_a?(Hash) && !path.key?(:gem)
         MockProvider.new(path)
+      elsif path.is_a?(Hash) && path.key?(:gem)
+        GemProvider.new(path)
       elsif File.directory?(path)
         DirProvider.new(path)
       elsif File.exist?(path) && path.end_with?(".tar.gz", "tgz")
@@ -99,6 +104,47 @@ module Inspec
     end
   end # class DirProvider
 
+  class GemProvider < FileProvider
+    attr_reader :files
+    def initialize(gem_info)
+      # Determine a path to the gem installation directory
+      gem_name = gem_info[:gem]
+      bootstrap_file = gem_info[:path]
+      gem_version = gem_info[:version]
+      if bootstrap_file
+        # We were given an explicit path - go two directories up
+        parts = Pathname(gem_info[:path]).each_filename.to_a
+        @gem_lib_root = File.join(parts.slice(0, parts.length - 2))
+        @files = Dir[File.join(Shellwords.shellescape(@gem_lib_root), "**", "*")]
+      else
+        # Look up where the gem is installed, respecting version
+        loader = Inspec::Plugin::V2::Loader.new
+        gem_path = loader.find_gem_directory(gem_name, gem_version)
+        if gem_path && File.exist?(gem_path)
+          gem = DirProvider.new(gem_path)
+          @files = gem.files
+          gem
+        else
+          raise Inspec::Exceptions::GemDependencyNotFound, "Dependency does not exist #{gem_name}"
+        end
+      end
+    end
+
+    def read(file)
+      return nil unless files.include?(file)
+      return nil unless File.file?(file)
+
+      File.read(file)
+    end
+
+    def binread(file)
+      return nil unless files.include?(file)
+      return nil unless File.file?(file)
+
+      File.binread(file)
+    end
+  end # class GemProvider
+
   class ZipProvider < FileProvider
     attr_reader :files
 

data/lib/inspec/metadata.rb

@@ -1,4 +1,6 @@
 # Copyright 2015 Dominik Richter
+# Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates.
+# All Rights Reserved.
 
 require "logger"
 require "rubygems/version"

data/lib/inspec/plugin/v2/concerns/gem_spec_helper.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Inspec
+  module Plugin
+    module V2
+      # holds all GemSpec related helper functions
+      module GemSpecHelper
+
+        def loaded_recent_most_version_of?(gemspec)
+          # Check if the gem is already loaded via bundler
+          # In most cases this is true since all Plugins/Resource Packs inherit from inspec-core
+          gem_name = gemspec.name
+          loaded_gem = Gem.loaded_specs[gem_name]
+          return false unless loaded_gem
+
+          # follow bundler's original philosophy i.e load gems that are recent most
+          # This logic works unless there is a pinned version which we don't expect to have since these are managed by us
+          if gemspec.version > loaded_gem.version
+            # deactivate the lower version specs that are loaded via bundler
+            Gem.loaded_specs.delete(gem_name)
+            false # so it can re-activate the requested spec
+          else
+            # don't activate requested gemspec when the already loaded gem is the most recent version
+            true
+          end
+        end
+      end
+    end
+  end
+end

data/lib/inspec/plugin/v2/gem_source_manager.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+require "singleton" unless defined?(Singleton)
+require "forwardable" unless defined?(Forwardable)
+require "chef-licensing"
+
+module Inspec::Plugin::V2
+  class GemSourceManager
+    include Singleton
+    extend Forwardable
+
+    DEFAULT_CHEF_RUBY_GEMS_SERVER = "rubygems.chef.io"
+    DEFAULT_USERNAME = "v1"
+
+    def initialize
+      @sources = Gem.sources
+    end
+
+    def_delegator :@sources, :sources
+
+    def add_chef_rubygems_server
+      register_source(chef_rubygems_server)
+    end
+
+    def add(sources)
+      Array(sources).each { |source| register_source(source) }
+    end
+
+    private
+
+    def chef_rubygems_server
+      # If there are no license keys, return nil to avoid adding an invalid source
+      "https://#{DEFAULT_USERNAME}:#{licenses_string}@#{DEFAULT_CHEF_RUBY_GEMS_SERVER}" unless licenses_string.empty?
+    end
+
+    def register_source(source)
+      return if source.nil? # If the source is nil, we don't want to add it
+
+      gem_source = Gem::Source.new(source)
+      sources << gem_source unless sources.include?(gem_source)
+    rescue StandardError => e
+      raise StandardError, "Unable to add gem source #{source}: #{e.message}"
+    end
+
+    def licenses_string
+      ChefLicensing.license_keys.join(",")
+    rescue StandardError
+      ""
+    end
+  end
+end

data/lib/inspec/plugin/v2/installer.rb

@@ -12,6 +12,9 @@ require "rubygems/uninstaller"
 require "rubygems/remote_fetcher"
 
 require "inspec/plugin/v2/filter"
+require "inspec/plugin/v2/concerns/gem_spec_helper"
+
+require "inspec/plugin/v2/gem_source_manager"
 
 module Inspec::Plugin::V2
   # Handles all actions modifying the user's plugin set:
@@ -23,6 +26,7 @@ module Inspec::Plugin::V2
   class Installer
     include Singleton
     extend Forwardable
+    include Inspec::Plugin::V2::GemSpecHelper
 
     Gem.configuration["verbose"] = false
 
@@ -45,6 +49,10 @@ module Inspec::Plugin::V2
       list_installed_plugin_gems.detect { |spec| spec.name == name && spec.version == Gem::Version.new(version) }
     end
 
+    def ensure_installed(name)
+      plugin_installed?(name) || install(name)
+    end
+
     # Installs a plugin. Defaults to assuming the plugin provided is a gem, and will try to install
     # from whatever gemsources `rubygems` thinks it should use.
     # If it's a gem, installs it and its dependencies to the `gem_path`. The gem is not activated.
@@ -213,7 +221,10 @@ module Inspec::Plugin::V2
         if opts.key?(:version) && plugin_version_installed?(plugin_name, opts[:version])
           raise InstallError, "#{plugin_name} version #{opts[:version]} is already installed."
         else
-          raise InstallError, "#{plugin_name} is already installed. Use 'inspec plugin update' to change version."
+          # Do not redirect to plugin update when using gem based plugin
+          unless gem_based_plugin?(opts)
+            raise InstallError, "#{plugin_name} is already installed. Use 'inspec plugin update' to change version."
+          end
         end
       end
 
@@ -274,7 +285,16 @@ module Inspec::Plugin::V2
     #===================================================================#
 
     def install_from_path(requested_plugin_name, opts)
-      # Nothing to do here; we will later update the plugins file with the path.
+      return unless gem_based_plugin?(opts)
+
+      local_gem_path = opts[:path]
+      Inspec::Log.debug("Installing #{requested_plugin_name} from path #{local_gem_path}")
+      raise InstallError, "Gem File not found: #{local_gem_path}" unless File.exist?(local_gem_path)
+
+      gem_installer = Gem::Installer.at(local_gem_path, install_dir: gem_path, ignore_dependencies: true, document: [])
+      gem_installer.install
+
+      Inspec::Log.debug("Installed gem from path: #{local_gem_path} to #{gem_path}")
     end
 
     def install_from_gem_file(requested_plugin_name, opts)
@@ -296,18 +316,21 @@ module Inspec::Plugin::V2
       install_gem_to_plugins_dir(plugin_dependency, [requested_local_gem_set])
     end
 
-    def install_from_remote_gems(requested_plugin_name, opts)
+    def install_from_remote_gems(requested_plugin_name, opts, source_manager: GemSourceManager.instance)
       plugin_dependency = Gem::Dependency.new(requested_plugin_name, opts[:version] || "> 0")
+      source_manager.add_chef_rubygems_server # ensure CHEF RUBYGEMS server is added to the source
+
+      # This adds custom gem sources to the memoized `Gem.Sources` for this specific run
+      # Note: This will not make any change to the environment Gem source list and
+      # in fact will consider all of the environment Gem sources and custom gem sources to resolve deps
+      source_manager.add(opts[:source])
 
-      # BestSet is rubygems.org API + indexing, APISet is for custom sources
-      sources = if opts[:source]
-                  Gem::Resolver::APISet.new(URI.join(opts[:source] + "/api/v1/dependencies"))
-                else
-                  Gem::Resolver::BestSet.new
-                end
+      # BestSet is rubygems.org API + indexing by default
+      # `Gem.sources` is injected as a dependency implicitly while BestSet is initialized
+      sources = Gem::Resolver::BestSet.new
 
       begin
-        install_gem_to_plugins_dir(plugin_dependency, [sources], opts[:update_mode])
+        install_gem_to_plugins_dir(plugin_dependency, [sources], opts[:update_mode], opts: opts)
       rescue Gem::RemoteFetcher::FetchError => gem_ex
         # TODO: Give a hint if the host was not resolvable or a 404 occured
         ex = Inspec::Plugin::V2::InstallError.new(gem_ex.message)
@@ -318,13 +341,16 @@ module Inspec::Plugin::V2
 
     def install_gem_to_plugins_dir(new_plugin_dependency, # rubocop: disable Metrics/AbcSize
       extra_request_sets = [],
-      update_mode = false)
+      update_mode = false, opts: {})
 
       # Get a list of all the gems available to us.
       gem_to_force_update = update_mode ? new_plugin_dependency.name : nil
       set_available_for_resolution = build_gem_request_universe(extra_request_sets, gem_to_force_update)
 
       # Solve the dependency (that is, find a way to install the new plugin and anything it needs)
+      # [WARN]: Gem::RequestSet cannot resolve from multiple directories
+      # So all dependent gems will be resolved to the GEM_HOME/Gem.default_dir directory
+      # assuming everything will be installed in the same dir
       request_set = Gem::RequestSet.new(new_plugin_dependency)
 
       begin
@@ -338,21 +364,37 @@ module Inspec::Plugin::V2
 
       # Activate all current plugins before trying to activate the new one
       loader.list_managed_gems.each do |spec|
-        next if spec.name == new_plugin_dependency.name && update_mode
+        # Skip in case of update mode
+        # Skip in case using a gem based plugin
+        next if spec.name == new_plugin_dependency.name && (update_mode || gem_based_plugin?(opts))
 
-        spec.activate
+        # activate the requested gemspec from the Gem::RequestSet
+        spec.activate unless loaded_recent_most_version_of?(spec)
       end
 
       # Make sure we remove any previously loaded gem on update
-      Gem.loaded_specs.delete(new_plugin_dependency.name) if update_mode
+      # Make sure we remove any previously loaded gem when trying to use resource pack gem
+      # Gem based plugin when updated need to deactivate older version of gem
+      Gem.loaded_specs.delete(new_plugin_dependency.name) if update_mode || gem_based_plugin?(opts)
 
       # Test activating the solution. This makes sure we do not try to load two different versions
       # of the same gem on the stack or a malformed dependency.
       begin
         solution.each do |activation_request|
-          unless activation_request.full_spec.activated?
-            activation_request.full_spec.activate
-          end
+          requested_gemspec = activation_request.full_spec
+          next if requested_gemspec.activated?
+
+          # The specs at this point are pointed to GEM_HOME/Gem.default_dir directory
+          # because of the resolved set's assumption that we will install Gems in the same directory
+          # In many cases, RubyGems has already loaded gems from default dir
+          # Hence at this point it is really only a sanity check
+          # And if the requested_gemspec_file has not been downloaded in this default dir do not activate it
+          # Activation will be taken care after the downloads
+          requested_gemspec_file = File.join(requested_gemspec.gem_dir, "#{requested_gemspec.name}.gemspec")
+          next unless File.exist?(requested_gemspec_file) || File.exist?(requested_gemspec.spec_file)
+
+          # activate the requested gemspec from the Gem::RequestSet
+          requested_gemspec.activate unless loaded_recent_most_version_of?(requested_gemspec)
         end
       rescue Gem::LoadError => gem_ex
         ex = Inspec::Plugin::V2::InstallError.new(gem_ex.message)
@@ -375,7 +417,7 @@ module Inspec::Plugin::V2
           File.write(path_inside_source, spec.to_ruby)
         end
       end
-
+      loader.activate_managed_gems_for_plugin(new_plugin_dependency.name)
       # Locate the GemVersion for the new dependency and return it
       solution.detect { |g| g.name == new_plugin_dependency.name }.version
     end
@@ -536,5 +578,10 @@ module Inspec::Plugin::V2
 
       conf_file
     end
+
+    def gem_based_plugin?(opts)
+      # Param passed by gem fetcher while installing a new gem plugin dependency.
+      !!opts[:gem]
+    end
   end
 end

data/lib/inspec/plugin/v2/loader.rb

@@ -2,6 +2,7 @@ require "inspec/log"
 require "inspec/version"
 require "inspec/plugin/v2/config_file"
 require "inspec/plugin/v2/filter"
+require "inspec/plugin/v2/concerns/gem_spec_helper"
 
 module Inspec::Plugin::V2
   class Loader
@@ -10,6 +11,7 @@ module Inspec::Plugin::V2
     # For {inspec|train}_plugin_name?
     include Inspec::Plugin::V2::FilterPredicates
     extend Inspec::Plugin::V2::FilterPredicates
+    include Inspec::Plugin::V2::GemSpecHelper
 
     def initialize(options = {})
       @options = options
@@ -68,7 +70,9 @@ module Inspec::Plugin::V2
             require plugin_details.entry_point
           else
             load_path = plugin_details.entry_point
-            load_path += ".rb" unless plugin_details.entry_point.end_with?(".rb")
+            next if load_path.end_with?(".gem") # local resource pack's path will have gem path
+
+            load_path += ".rb" unless load_path.end_with?(".rb")
             load load_path
           end
           plugin_details.loaded = true
@@ -157,6 +161,33 @@ module Inspec::Plugin::V2
       self.class.list_managed_gems
     end
 
+    def self.find_gem_directory(gem_name, version = nil)
+      selected_gemspec = find_gemspec_of(gem_name, version)
+      selected_gemspec&.full_gem_path
+    end
+
+    def self.find_gemspec_directory(gem_name, version = nil)
+      selected_gemspec = find_gemspec_of(gem_name, version)
+      selected_gemspec&.loaded_from
+    end
+
+    def self.find_gemspec_of(gem_name, version = nil)
+      version = Gem::Version.new(version) if version && !version.is_a?(Gem::Version)
+
+      list_managed_gems
+        .select { |g| g.name == gem_name }
+        .sort_by(&:version)
+        .yield_self { |gems| version ? gems.find { |g| g.version == version } : gems.last }
+    end
+
+    def find_gemspec_directory(gem_name, version = nil)
+      self.class.find_gemspec_directory(gem_name, version)
+    end
+
+    def find_gem_directory(gem_name, version = nil)
+      self.class.find_gem_directory(gem_name, version)
+    end
+
     # Lists all plugin gems found in the plugin_gem_path.
     # This is simply all gems that begin with train- or inspec-
     # and are not on the exclusion list.
@@ -169,8 +200,6 @@ module Inspec::Plugin::V2
       self.class.list_managed_gems
     end
 
-    private
-
     # 'Activating' a gem adds it to the load path, so 'require "gemname"' will work.
     # Given a gem name, this activates the gem and all of its dependencies, respecting
     # version pinning needs.
@@ -208,13 +237,15 @@ module Inspec::Plugin::V2
         raise ex
       end
       solution.each do |activation_request|
-        next if activation_request.full_spec.activated?
+        requested_gemspec = activation_request.full_spec
+        next if requested_gemspec.activated?
 
-        activation_request.full_spec.activate
-        # TODO: If we are under Bundler, inform it that we loaded a gem
+        requested_gemspec.activate unless loaded_recent_most_version_of?(requested_gemspec)
       end
     end
 
+    private
+
     def annotate_status_after_loading(plugin_name)
       status = registry[plugin_name]
       return if status.api_generation == 2 # Gen2 have self-annotating superclasses

data/lib/inspec/plugin/v2/plugin_types/resource_pack.rb

@@ -0,0 +1,8 @@
+module Inspec::Plugin::V2::PluginType
+  class ResourcePack < Inspec::Plugin::V2::PluginBase
+    register_plugin_type(:resource_pack)
+
+    # TODO: Any DSL definitions would go here
+
+  end
+end

data/lib/inspec/plugin/v2.rb

@@ -13,6 +13,7 @@ module Inspec
       end
 
       class InstallError < Inspec::Plugin::V2::GemActionError; end
+      class InstallRequiredError < Inspec::Plugin::V2::InstallError; end
 
       class PluginExcludedError < Inspec::Plugin::V2::InstallError
         attr_accessor :details

data/lib/inspec/profile.rb

@@ -1,4 +1,6 @@
 # Copyright 2015 Dominik Richter
+# Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates.
+# All Rights Reserved.
 
 require "forwardable" unless defined?(Forwardable)
 require "openssl" unless defined?(OpenSSL)
@@ -299,7 +301,14 @@ module Inspec
       # # Pull together waiver
       waived_control_ids = []
       waiver_paths.each do |waiver_path|
-        waiver_content = YAML.load_file(waiver_path)
+        # Ruby 3.1 treats YAML load as a dangerous operation by default, requiring us to declare date and time classes as permitted
+        # It's not a valid option in 3.0.x
+        if Gem.ruby_version >= Gem::Version.new("3.1.0")
+          waiver_content = ::YAML.load_file(waiver_path, permitted_classes: [Date, Time])
+        else
+          waiver_content = YAML.load_file(waiver_path)
+        end
+
         unless waiver_content
           # Note that we will have already issued a detailed warning
           Inspec::Log.error "YAML parsing error in #{waiver_path}"
@@ -391,6 +400,16 @@ module Inspec
       included_tags
     end
 
+    # InSpec 7 introduced gem-based resource packs, so some "profiles" are now gem-based
+    # In this case, they are backed by a gem that contains an inspec.yml and a lib/PATH/plugin.rb
+    # which contains activator code which needs to be fired.
+    def activate_plugin_if_gem_based
+      return unless source_reader.is_a?(SourceReaders::GemReader)
+
+      reg = Inspec::Plugin::V2::Registry.instance
+      reg.find_activator(plugin_name: name.to_sym).activate!
+    end
+
     def load_libraries
       return @runner_context if @libraries_loaded
 
@@ -618,7 +637,7 @@ module Inspec
                                                                               include_tests: include_tests)
 
         # Collect all metadata defined in the control block and inputs defined inside the control block
-        src.ast.each_node { |n|
+        src.ast&.each_node { |n|
           ctl_id_collector.process(n)
           input_collector.process(n)
         }
@@ -680,7 +699,7 @@ module Inspec
       }
       source_location_ref = @source_reader.target.abs_path(control_filename)
       Inspec::Profile::AstHelper::TitleCollector.new(group_data)
-        .process(src.ast.child_nodes.first) # Picking the title defined for the whole controls file
+        .process(src.ast&.child_nodes&.first) # Picking the title defined for the whole controls file
       group_controls = @info_from_parse[:controls].select { |control| control[:source_location][:ref] == source_location_ref }
       group_data[:controls] = group_controls.map { |control| control[:id] }
 

data/lib/inspec/profile_context.rb

@@ -121,6 +121,7 @@ module Inspec
       @control_subcontexts << context
     end
 
+    # Expects arrays of arrays of [[content, path, line]]
     def load_libraries(libs)
       lib_prefix = "libraries" + File::SEPARATOR
       autoloads = []
@@ -130,11 +131,20 @@ module Inspec
         next unless source.end_with?(".rb")
 
         path = source
+        # Create a list of files (presumably resources) to autoload by stripping the prefixes
+        # InSpec < 6: libraries/*.rb
+        # In InSpec 7, libraries can be installed under (for example)
+        # lib/inspec-test-resources/resources/demo_resource.rb
+
         if source.start_with?(lib_prefix)
           path = source.sub(lib_prefix, "")
           no_subdir = File.dirname(path) == "."
 
           autoloads.push(path) if no_subdir
+        elsif source.match(%r{^lib/.+/resources/.*\.rb})
+          # Gem Resource Pack
+          path = source.sub(%r{^lib/}, "")
+          autoloads.push(path)
         end
 
         @require_loader.add(path, content, source, line)

data/lib/inspec/resources/audit_policy.rb

@@ -39,11 +39,17 @@ module Inspec::Resources
       # expected result:
       # Machine Name,Policy Target,Subcategory,Subcategory GUID,Inclusion Setting,Exclusion Setting
       # WIN-MB8NINQ388J,System,Kerberos Authentication Service,{0CCE9242-69AE-11D9-BED3-505054503030},No Auditing,
-      result ||= inspec.command("Auditpol /get /subcategory:'#{key}' /r").stdout
+      auditpol_cmd = "Auditpol /get /subcategory:'#{key}' /r"
+      result ||= inspec.command(auditpol_cmd)
+
+      unless result.exit_status == 0
+        error = result.stdout + "\n" + result.stderr
+        raise Inspec::Exceptions::ResourceFailed, "Error while executing #{auditpol_cmd} command: #{error}"
+      end
 
       # find line
       target = nil
-      result.each_line do |s|
+      result.stdout.each_line do |s|
         target = s.strip if s =~ /\b.*#{key}.*\b/
       end
 

data/lib/inspec/resources/groups.rb

@@ -200,8 +200,60 @@ module Inspec::Resources
   # implements generic unix groups via /etc/group
   class UnixGroup < GroupInfo
     def groups
+      get_group_info
+    end
+
+    private
+
+    def get_group_info
+      # First, try to fetch group info using getent
+      group_info = fetch_group_info_using_getent
+
+      return group_info unless group_info.empty?
+
+      # If getent fails, fallback to reading group info from /etc/group using inspec.etc_group.entries
+      Inspec::Log.debug("Falling back to reading group info from /etc/group as getent is unavailable or failed.")
       inspec.etc_group.entries
     end
+
+    # Fetches group information using the getent utility
+    def fetch_group_info_using_getent
+      # Find getent utility on the system
+      bin = find_getent_utility
+
+      # If getent is available, fetch group info
+      return [] unless bin
+
+      cmd = inspec.command("#{bin} group")
+      return parse_group_info(cmd) if cmd.exit_status.to_i == 0
+
+      # If getent fails, log the error and return an empty array
+      Inspec::Log.debug("Failed to execute #{bin} group: #{cmd.stderr}.")
+      []
+    end
+
+    # Parses group info from the command output
+    def parse_group_info(cmd)
+      cmd.stdout.strip.split("\n").map do |line|
+        name, password, gid, members = line.split(":")
+        {
+          "name" => name,
+          "password" => password,
+          "gid" => gid.to_i,
+          "members" => members,
+        }
+      end
+    end
+
+    # Checks if getent exists on the system
+    def find_getent_utility
+      %w{/usr/bin/getent /bin/getent getent}.each do |cmd|
+        return cmd if inspec.command(cmd).exist?
+      end
+      # Log debug information if getent is not found
+      Inspec::Log.debug("Could not find `getent` on your system.")
+      nil # Return nil if getent is not found
+    end
   end
 
   # OSX uses opendirectory for groups, so `/etc/group` may not be fully accurate

data/lib/inspec/resources.rb

@@ -30,12 +30,6 @@ require "inspec/resources/cron"
 require "inspec/resources/timezone"
 require "inspec/resources/dh_params"
 require "inspec/resources/directory"
-require "inspec/resources/docker"
-require "inspec/resources/docker_container"
-require "inspec/resources/docker_image"
-require "inspec/resources/docker_plugin"
-require "inspec/resources/docker_service"
-require "inspec/resources/elasticsearch"
 require "inspec/resources/etc_fstab"
 require "inspec/resources/etc_group"
 require "inspec/resources/etc_hosts_allow_deny"
@@ -48,8 +42,6 @@ require "inspec/resources/groups"
 require "inspec/resources/grub_conf"
 require "inspec/resources/host"
 require "inspec/resources/http"
-require "inspec/resources/ibmdb2_conf"
-require "inspec/resources/ibmdb2_session"
 require "inspec/resources/iis_app"
 require "inspec/resources/iis_app_pool"
 require "inspec/resources/iis_site"
@@ -64,9 +56,6 @@ require "inspec/resources/key_rsa"
 require "inspec/resources/ksh"
 require "inspec/resources/limits_conf"
 require "inspec/resources/login_defs"
-require "inspec/resources/mongodb"
-require "inspec/resources/mongodb_conf"
-require "inspec/resources/mongodb_session"
 require "inspec/resources/mount"
 require "inspec/resources/mssql_session"
 require "inspec/resources/mssql_sys_conf"
@@ -82,8 +71,6 @@ require "inspec/resources/oneget"
 require "inspec/resources/oracle"
 require "inspec/resources/oracledb_conf"
 require "inspec/resources/oracledb_listener_conf"
-require "inspec/resources/opa_cli"
-require "inspec/resources/opa_api"
 require "inspec/resources/oracledb_session"
 require "inspec/resources/os"
 require "inspec/resources/os_env"
@@ -102,7 +89,6 @@ require "inspec/resources/postgres_ident_conf"
 require "inspec/resources/postgres_session"
 require "inspec/resources/powershell"
 require "inspec/resources/processes"
-require "inspec/resources/rabbitmq_config"
 require "inspec/resources/registry_key"
 require "inspec/resources/security_identifier"
 require "inspec/resources/security_policy"

data/lib/inspec/rule.rb

@@ -1,4 +1,6 @@
 # copyright: 2015, Dominik Richter
+# Copyright © 2015-2025 Progress Software Corporation and/or its subsidiaries or affiliates.
+# All Rights Reserved.
 
 require "method_source"
 require "date"