inspec-core 5.22.36 → 5.22.40
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/inspec/dependencies/dependency_set.rb +2 -2
- data/lib/inspec/dsl.rb +1 -1
- data/lib/inspec/profile.rb +2 -2
- data/lib/inspec/reporters/cli.rb +1 -1
- data/lib/inspec/rule.rb +14 -9
- data/lib/inspec/runner.rb +1 -1
- data/lib/inspec/utils/waivers/csv_file_reader.rb +1 -1
- data/lib/inspec/utils/waivers/excel_file_reader.rb +1 -1
- data/lib/inspec/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a95805ac2a4faab83d1826792a5d838caa5f1808fcc884e061cf3f7070ab6ef2
|
|
4
|
+
data.tar.gz: 984dfca55efec04f1e9b98ddfebf5be636b96a91c7fe7dc97f9ffb9789c60af3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fb6e20f346e0e5ab27878931b1396c10a633b99767472774299d92fce3ae2ccf01399cb100e5ae4566456039a3d814ac4148670da65b41563e72139d29551ed7
|
|
7
|
+
data.tar.gz: 0c9c665c3afb6d90121bf40ac00736a900955e0ea5955af58f7e56378d18eecfd7560f40e2cce049afd7156ecb495c77b1c58765c0e69f82bfd03e976c2f367f
|
|
@@ -26,7 +26,7 @@ module Inspec
|
|
|
26
26
|
dep_list = {}
|
|
27
27
|
dependencies.each do |d|
|
|
28
28
|
# if depedent profile does not have a source version then only name is used in dependency hash
|
|
29
|
-
key_name = (d.source_version.
|
|
29
|
+
key_name = ((d.source_version.nil? || d.source_version.empty?) ? "#{d.name}" : "#{d.name}-#{d.source_version}") rescue "#{d.name}"
|
|
30
30
|
dep_list[key_name] = d
|
|
31
31
|
end
|
|
32
32
|
new(cwd, cache, dep_list, backend)
|
|
@@ -42,7 +42,7 @@ module Inspec
|
|
|
42
42
|
dep_list = {}
|
|
43
43
|
dep_tree.each do |d|
|
|
44
44
|
# if depedent profile does not have a source version then only name is used in dependency hash
|
|
45
|
-
key_name = (d.source_version.
|
|
45
|
+
key_name = ((d.source_version.nil? || d.source_version.empty?) ? "#{d.name}" : "#{d.name}-#{d.source_version}") rescue "#{d.name}"
|
|
46
46
|
dep_list[key_name] = d
|
|
47
47
|
dep_list.merge!(flatten_dep_tree(d.dependencies))
|
|
48
48
|
end
|
data/lib/inspec/dsl.rb
CHANGED
|
@@ -95,7 +95,7 @@ module Inspec::DSL
|
|
|
95
95
|
# 1. Fetching VERSION from a profile dependency name which is in a format NAME-VERSION.
|
|
96
96
|
# 2. Matching original profile dependency name with profile name used with include or require control DSL.
|
|
97
97
|
source_version = value.source_version
|
|
98
|
-
unless source_version.
|
|
98
|
+
unless source_version.nil? || source_version.empty?
|
|
99
99
|
profile_id_key = key.split("-#{source_version}")[0]
|
|
100
100
|
new_profile_id = key if profile_id_key == profile_id
|
|
101
101
|
end
|
data/lib/inspec/profile.rb
CHANGED
|
@@ -248,7 +248,7 @@ module Inspec
|
|
|
248
248
|
## Find the waivers file
|
|
249
249
|
# - TODO: cli_opts and instance_variable_get could be exposed
|
|
250
250
|
waiver_paths = cfg.instance_variable_get(:@cli_opts)["waiver_file"]
|
|
251
|
-
if waiver_paths.
|
|
251
|
+
if waiver_paths.nil? || waiver_paths.empty?
|
|
252
252
|
Inspec::Log.error "Must use --waiver-file with --filter-waived-controls"
|
|
253
253
|
Inspec::UI.new.exit(:usage_error)
|
|
254
254
|
end
|
|
@@ -276,7 +276,7 @@ module Inspec
|
|
|
276
276
|
# be processed and rendered
|
|
277
277
|
tests.each do |control_filename, source_code|
|
|
278
278
|
cleared_tests = source_code.scan(/control\s+['"].+?['"].+?(?=(?:control\s+['"].+?['"])|\z)/m).collect do |element|
|
|
279
|
-
next if element.
|
|
279
|
+
next if element.nil? || element.empty?
|
|
280
280
|
|
|
281
281
|
if element&.match?(waived_control_id_regex)
|
|
282
282
|
splitlines = element.split("\n")
|
data/lib/inspec/reporters/cli.rb
CHANGED
data/lib/inspec/rule.rb
CHANGED
|
@@ -375,19 +375,24 @@ module Inspec
|
|
|
375
375
|
# only_if mechanism)
|
|
376
376
|
# Double underscore: not intended to be called as part of the DSL
|
|
377
377
|
def __apply_waivers
|
|
378
|
+
@__waiver_data = nil
|
|
378
379
|
control_id = @__rule_id # TODO: control ID slugging
|
|
379
|
-
waiver_files = Inspec::Config.cached.final_options["waiver_file"] if Inspec::Config.cached.respond_to?(:final_options)
|
|
380
380
|
|
|
381
|
-
|
|
381
|
+
waiver_files = Inspec::Config.cached.final_options["waiver_file"] if Inspec::Config.cached.respond_to?(:final_options)
|
|
382
|
+
unless waiver_files.nil? || waiver_files.empty?
|
|
383
|
+
waiver_data_by_profile = Inspec::WaiverFileReader.fetch_waivers_by_profile(__profile_id, waiver_files)
|
|
384
|
+
return unless waiver_data_by_profile && waiver_data_by_profile[control_id] && waiver_data_by_profile[control_id].is_a?(Hash)
|
|
382
385
|
|
|
383
|
-
|
|
386
|
+
@__waiver_data = waiver_data_by_profile[control_id]
|
|
387
|
+
else
|
|
388
|
+
# Support for input registry is provided for backward compatibilty with compliance phase of chef-client
|
|
389
|
+
# Chef-client sends waiver information in inputs hash
|
|
390
|
+
input_registry = Inspec::InputRegistry.instance
|
|
391
|
+
waiver_data_via_input = input_registry.inputs_by_profile.dig(__profile_id, control_id)
|
|
392
|
+
return unless waiver_data_via_input && waiver_data_via_input.has_value? && waiver_data_via_input.value.is_a?(Hash)
|
|
384
393
|
|
|
385
|
-
|
|
386
|
-
|
|
387
|
-
# log of each "set" event so that when it is collapsed to a value,
|
|
388
|
-
# it can determine the correct (highest priority) value.
|
|
389
|
-
# Store in an instance variable for.. later reading???
|
|
390
|
-
@__waiver_data = waiver_data_by_profile[control_id]
|
|
394
|
+
@__waiver_data = waiver_data_via_input.value
|
|
395
|
+
end
|
|
391
396
|
|
|
392
397
|
__waiver_data["skipped_due_to_waiver"] = false
|
|
393
398
|
__waiver_data["message"] = ""
|
data/lib/inspec/runner.rb
CHANGED
|
@@ -142,7 +142,7 @@ module Inspec
|
|
|
142
142
|
get_check_example(m, a, b)
|
|
143
143
|
end.compact
|
|
144
144
|
|
|
145
|
-
examples.map { |example| total_checks += example.
|
|
145
|
+
examples.map { |example| total_checks += example.descendant_filtered_examples.count }
|
|
146
146
|
|
|
147
147
|
unless control_describe_checks.empty?
|
|
148
148
|
# controls with empty tests are avoided
|
|
@@ -19,7 +19,7 @@ module Waivers
|
|
|
19
19
|
row_hash.delete("control_id")
|
|
20
20
|
row_hash.delete_if { |k, v| k.nil? || v.nil? }
|
|
21
21
|
|
|
22
|
-
waiver_data_hash[control_id] = row_hash if control_id && !row_hash.
|
|
22
|
+
waiver_data_hash[control_id] = row_hash if control_id && !(row_hash.nil? || row_hash.empty?)
|
|
23
23
|
end
|
|
24
24
|
|
|
25
25
|
waiver_data_hash
|
|
@@ -25,7 +25,7 @@ module Waivers
|
|
|
25
25
|
row_hash.delete_if { |k, v| k.nil? || v.nil? }
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
-
waiver_data_hash[control_id] = row_hash if control_id && !row_hash.
|
|
28
|
+
waiver_data_hash[control_id] = row_hash if control_id && !(row_hash.nil? || row_hash.empty?)
|
|
29
29
|
end
|
|
30
30
|
waiver_data_hash
|
|
31
31
|
rescue Exception => e
|
data/lib/inspec/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.22.
|
|
4
|
+
version: 5.22.40
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef InSpec Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-01-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: chef-telemetry
|