inspec-core 3.0.46 → 3.0.52

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5eafca2cfa375552bf4a20c971ec35787ba47e3ce7dc77f2ecb6818d3fe29a28
4
- data.tar.gz: c6ff286509fe13ba680fbdd4a1c67b9029827c57429dbcba7dfb57697a8c3e1c
3
+ metadata.gz: 792ec0ed85e8c7f56b0f1756fe68ee6930cdec48752f160c4dd65e25886ca6be
4
+ data.tar.gz: f93bbe45badce127b6b32cdf701f894bcc6ddb213f1eb900295271417e4cd095
5
5
  SHA512:
6
- metadata.gz: ed867504c283069b22611fb9f1f5b62767b8f81a5b5b7dd7aeb0c480c847856b07356adc3afe17651c1bcb8a69485324ceaf516e691ff36db49a7e6edd729464
7
- data.tar.gz: 141b8b52dc883f908d739c608adcaf1be07adc026b26d330e17150cede8fadd089e79800f6336c86090c4eed7e6949bd4b4417dde925a29a612da4c46c7184a9
6
+ metadata.gz: 7bec79ae8ede29a52874c4cfbeba2b3a181c4823130a226542ee5070c2733ffd9b24c8167331c48233250f0f5ce6aa40f4b18139979acc7806e9571f980b312c
7
+ data.tar.gz: 7d30ee1df7bd9b78406541d1adae0ae2e19f746cf4dbc788f26c912346aab9f8417da54fb37bfbc6b2605be45675e83112e991fd8f0f05be20bcd2cf3bee8585
data/CHANGELOG.md CHANGED
@@ -1,36 +1,49 @@
1
1
  # Change Log
2
2
  <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
3
- <!-- latest_release 3.0.46 -->
4
- ## [v3.0.46](https://github.com/inspec/inspec/tree/v3.0.46) (2018-11-08)
3
+ <!-- latest_release 3.0.52 -->
4
+ ## [v3.0.52](https://github.com/inspec/inspec/tree/v3.0.52) (2018-11-15)
5
5
 
6
- #### New Features
7
- - Add Git SSH and HTTP basic auth support to `inspec exec` [#3562](https://github.com/inspec/inspec/pull/3562) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
6
+ #### Merged Pull Requests
7
+ - Load the compliance plugin when the fetcher is needed [#3609](https://github.com/inspec/inspec/pull/3609) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
8
8
  <!-- latest_release -->
9
9
 
10
- <!-- release_rollup since=3.0.25 -->
11
- ### Changes since 3.0.25 release
10
+ <!-- release_rollup since=3.0.46 -->
11
+ ### Changes since 3.0.46 release
12
12
 
13
- #### New Features
14
- - Add Git SSH and HTTP basic auth support to `inspec exec` [#3562](https://github.com/inspec/inspec/pull/3562) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 3.0.46 -->
13
+ #### Merged Pull Requests
14
+ - Load the compliance plugin when the fetcher is needed [#3609](https://github.com/inspec/inspec/pull/3609) ([jerryaldrichiii](https://github.com/jerryaldrichiii)) <!-- 3.0.52 -->
15
15
 
16
16
  #### Bug Fixes
17
- - port: Correctly detect FreeBSD [#3579](https://github.com/inspec/inspec/pull/3579) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 3.0.43 -->
18
- - Update iis_site bindingInformation construction and add tests [#3492](https://github.com/inspec/inspec/pull/3492) ([mrshanahan](https://github.com/mrshanahan)) <!-- 3.0.40 -->
19
- - Silence RSpec &#39;should&#39; Warning [#3560](https://github.com/inspec/inspec/pull/3560) ([clintoncwolfe](https://github.com/clintoncwolfe)) <!-- 3.0.29 -->
17
+ - Adds protection against zipslip vulnerability [#3604](https://github.com/inspec/inspec/pull/3604) ([hdost](https://github.com/hdost)) <!-- 3.0.51 -->
20
18
 
21
19
  #### Enhancements
22
- - Allow add_test to accept negation [#3586](https://github.com/inspec/inspec/pull/3586) ([rachelrice](https://github.com/rachelrice)) <!-- 3.0.37 -->
23
- - Added xml resource support for ints, bools, and string responses [#3583](https://github.com/inspec/inspec/pull/3583) ([greenantdotcom](https://github.com/greenantdotcom)) <!-- 3.0.34 -->
24
- - Add only_if to Inspec objects [#3577](https://github.com/inspec/inspec/pull/3577) ([james-stocks](https://github.com/james-stocks)) <!-- 3.0.31 -->
25
- - aws_vpc: accept 17 hexadecimal characters for vpc_id [#3564](https://github.com/inspec/inspec/pull/3564) ([kchistova](https://github.com/kchistova)) <!-- 3.0.28 -->
26
-
27
- #### Merged Pull Requests
28
- - Fixes broken link in documentation [#3588](https://github.com/inspec/inspec/pull/3588) ([dmccown](https://github.com/dmccown)) <!-- 3.0.30 -->
29
- - Fixes (some) ruby warnings related to functional tests [#3561](https://github.com/inspec/inspec/pull/3561) ([TheLonelyGhost](https://github.com/TheLonelyGhost)) <!-- 3.0.27 -->
30
- - Fix functional tests issues with vendoring [#3572](https://github.com/inspec/inspec/pull/3572) ([jquick](https://github.com/jquick)) <!-- 3.0.26 -->
20
+ - Adding --no-pager to service checks [#3592](https://github.com/inspec/inspec/pull/3592) ([fernandoalex](https://github.com/fernandoalex)) <!-- 3.0.50 -->
21
+ - aws_security_group: Query against other security group ids in allow_* matchers [#3576](https://github.com/inspec/inspec/pull/3576) ([j00p34](https://github.com/j00p34)) <!-- 3.0.49 -->
31
22
  <!-- release_rollup -->
32
23
 
33
24
  <!-- latest_stable_release -->
25
+ ## [v3.0.46](https://github.com/inspec/inspec/tree/v3.0.46) (2018-11-08)
26
+
27
+ #### New Features
28
+ - Add Git SSH and HTTP basic auth support to `inspec exec` [#3562](https://github.com/inspec/inspec/pull/3562) ([jerryaldrichiii](https://github.com/jerryaldrichiii))
29
+
30
+ #### Enhancements
31
+ - aws_vpc: accept 17 hexadecimal characters for vpc_id [#3564](https://github.com/inspec/inspec/pull/3564) ([kchistova](https://github.com/kchistova))
32
+ - Add only_if to Inspec objects [#3577](https://github.com/inspec/inspec/pull/3577) ([james-stocks](https://github.com/james-stocks))
33
+ - Added xml resource support for ints, bools, and string responses [#3583](https://github.com/inspec/inspec/pull/3583) ([greenantdotcom](https://github.com/greenantdotcom))
34
+ - Allow add_test to accept negation [#3586](https://github.com/inspec/inspec/pull/3586) ([rachelrice](https://github.com/rachelrice))
35
+
36
+ #### Bug Fixes
37
+ - Silence RSpec &#39;should&#39; Warning [#3560](https://github.com/inspec/inspec/pull/3560) ([clintoncwolfe](https://github.com/clintoncwolfe))
38
+ - Update iis_site bindingInformation construction and add tests [#3492](https://github.com/inspec/inspec/pull/3492) ([mrshanahan](https://github.com/mrshanahan))
39
+ - port: Correctly detect FreeBSD [#3579](https://github.com/inspec/inspec/pull/3579) ([clintoncwolfe](https://github.com/clintoncwolfe))
40
+
41
+ #### Merged Pull Requests
42
+ - Fix functional tests issues with vendoring [#3572](https://github.com/inspec/inspec/pull/3572) ([jquick](https://github.com/jquick))
43
+ - Fixes (some) ruby warnings related to functional tests [#3561](https://github.com/inspec/inspec/pull/3561) ([TheLonelyGhost](https://github.com/TheLonelyGhost))
44
+ - Fixes broken link in documentation [#3588](https://github.com/inspec/inspec/pull/3588) ([dmccown](https://github.com/dmccown))
45
+ <!-- latest_stable_release -->
46
+
34
47
  ## [v3.0.25](https://github.com/inspec/inspec/tree/v3.0.25) (2018-11-01)
35
48
 
36
49
  #### Enhancements
@@ -46,7 +59,6 @@
46
59
  - Allow end of options during Thor array parsing [#3547](https://github.com/inspec/inspec/pull/3547) ([jquick](https://github.com/jquick))
47
60
  - Pin to train 1.5.6 [#3568](https://github.com/inspec/inspec/pull/3568) ([jquick](https://github.com/jquick))
48
61
  - bump expeditor version [#3569](https://github.com/inspec/inspec/pull/3569) ([jquick](https://github.com/jquick))
49
- <!-- latest_stable_release -->
50
62
 
51
63
  ## [v3.0.12](https://github.com/inspec/inspec/tree/v3.0.12) (2018-10-24)
52
64
 
@@ -42,3 +42,6 @@ end
42
42
  require 'fetchers/local'
43
43
  require 'fetchers/url'
44
44
  require 'fetchers/git'
45
+
46
+ # TODO: Remove in 4.0 when Compliance fetcher plugin is created
47
+ require 'plugins/inspec-compliance/lib/inspec-compliance/api'
@@ -100,7 +100,7 @@ module Inspec
100
100
  walk_zip(@path) do |io|
101
101
  while (entry = io.get_next_entry)
102
102
  name = entry.name.sub(%r{/+$}, '')
103
- @files.push(name) unless name.empty?
103
+ @files.push(name) unless name.empty? || name.squeeze('/') =~ %r{\.{2}(?:/|\z)}
104
104
  end
105
105
  end
106
106
  end
@@ -156,7 +156,7 @@ module Inspec
156
156
  @files = tar.find_all(&:file?)
157
157
 
158
158
  # delete all entries with no name
159
- @files = @files.find_all { |x| !x.full_name.empty? }
159
+ @files = @files.find_all { |x| !x.full_name.empty? && x.full_name.squeeze('/') !~ %r{\.{2}(?:/|\z)} }
160
160
 
161
161
  # delete all entries that have a PaxHeader
162
162
  @files = @files.delete_if { |x| x.full_name.include?('PaxHeader/') }
@@ -4,5 +4,5 @@
4
4
  # author: Christoph Hartmann
5
5
 
6
6
  module Inspec
7
- VERSION = '3.0.46'
7
+ VERSION = '3.0.52'
8
8
  end
@@ -272,7 +272,7 @@ module Inspec::Resources
272
272
  end
273
273
 
274
274
  def info(service_name)
275
- cmd = inspec.command("#{service_ctl} show --all #{service_name}")
275
+ cmd = inspec.command("#{service_ctl} show --no-pager --all #{service_name}")
276
276
  return nil if cmd.exit_status.to_i != 0
277
277
 
278
278
  # parse data
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec-core
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.46
4
+ version: 3.0.52
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dominik Richter
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-11-08 00:00:00.000000000 Z
11
+ date: 2018-11-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: train-core