RubyGems - inspec-core - Versions diffs - 5.22.55 → 5.22.58 - Mend

inspec-core 5.22.55 → 5.22.58

Files changed (6) hide show

checksums.yaml +4 -4
data/inspec-core.gemspec +3 -1
data/lib/inspec/resources/oracledb_session.rb +5 -8
data/lib/inspec/resources/postgres_session.rb +1 -1
data/lib/inspec/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5b84448a3befad076d31e888ef81ca567f4fb398dc73f215abebb8af76021bc5
-  data.tar.gz: 03b2b4ea7321ceba11f2f043c4dc76ede8652f3d24b0e9a7fcca08cd648572d0
+  metadata.gz: 02f7fb4aedd2162975d1cbf01938cc2e749fb4a935dbe1d52b4e6ecee3bb360f
+  data.tar.gz: 277ae958544f136bf8f2444d839dfc45d378506be00c587689813b98cd798439
 SHA512:
-  metadata.gz: 819f0ccd7d978c1f71f3e3cfe22f922c4bcdf763a09b55e5d9fe4eb2406a2c759671af09987ba4267abcc4505f517d8c2f6e0bfe9bcc62bcfd05f91a17474ca9
-  data.tar.gz: 8920507c3d2cb040f21c5e6309defc3a32c1f4000ee4b4bccba793ce0038c8eac3c84aa2f7247833e57635ed757e3b8e5d8a4b1977b859a0fb975af31ca3aa54
+  metadata.gz: 484a35f9b50804ebcd94b3234881ebc2d4dc5518bd9df66c9af42f37c314586f8b6305972045e9c23f2d3e04fdbba95de9ed386ce3c4e0ce95fc54bc002cdc38
+  data.tar.gz: 31c1e550ab9532a8ddc5c3447dec9a518b7699cb39c979a28cbf5b53eab860abfd4589b220331ef98a0e8b937ebdae1e0840e534a454f2e6050d674adcdf4810

data/inspec-core.gemspec CHANGED Viewed

@@ -13,7 +13,9 @@ Gem::Specification.new do |spec|
   spec.license       = "Apache-2.0"
   spec.require_paths = ["lib"]
-  spec.required_ruby_version = ">= 2.7"
+  # We want to support ruby 3.0 as Chef is using ruby to support AIX and we want to make sure InSpec works with it. (Ref: https://github.com/chef/chef/pull/13207)
+  # TODO: Once we have Chef working fully with ruby 3.1 we can drop ruby 3.0
+  spec.required_ruby_version = ">= 3.0.3"
   # the gemfile and gemspec are necessary for appbundler so don't remove it
   spec.files =

data/lib/inspec/resources/oracledb_session.rb CHANGED Viewed

@@ -57,7 +57,7 @@ module Inspec::Resources
       inspec_cmd = inspec.command(command)
       out = inspec_cmd.stdout + "\n" + inspec_cmd.stderr
-      if inspec_cmd.exit_status != 0 || !inspec_cmd.stderr.empty? || out.downcase =~ /^error.*/
+      if inspec_cmd.exit_status != 0 || out.downcase =~ /^error.*/
         raise Inspec::Exceptions::ResourceFailed, "Oracle query with errors: #{out}"
       else
         begin
@@ -134,10 +134,8 @@ module Inspec::Resources
     end
     def escape_query(query)
-      # https://github.com/inspec/inspec/security/code-scanning/7
-      # https://github.com/inspec/inspec/security/code-scanning/8
-      escaped_query = query.gsub(/["\\]/) { |match| match == '"' ? '\\"' : "\\\\" } # Escape backslashes and double quotes
-      escaped_query.gsub!("$", '\\$') unless escaped_query.include? "\\$" # Escape dollar signs, but only if not already escaped
+      escaped_query = query.gsub(/\\\\/, "\\").gsub(/"/, '\\"')
+      escaped_query = escaped_query.gsub("$", '\\$') unless escaped_query.include? "\\$"
       escaped_query
     end
@@ -145,9 +143,8 @@ module Inspec::Resources
       output = stdout.split("oracle_query_string")[-1]
       # comma_query_sub replaces the csv delimiter "," in the output.
       # Handles CSV parsing of data like this (DROP,3) etc
-      # Replace all occurrences of the target pattern using gsub instead of sub
-      # Issue detected: https://github.com/inspec/inspec/security/code-scanning/9
-      output = output.gsub(/\r/, "").strip.gsub(",", "comma_query_sub")
+      output = output.sub(/\r/, "").strip.gsub(",", "comma_query_sub")
       converter = ->(header) { header.downcase }
       CSV.parse(output, headers: true, header_converters: converter).map do |row|
         next if row.entries.flatten.empty?

data/lib/inspec/resources/postgres_session.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module Inspec::Resources
       psql_cmd = create_psql_cmd(query, db)
       cmd = inspec.command(psql_cmd, redact_regex: %r{(:\/\/[a-z]*:).*(@)})
       out = cmd.stdout + "\n" + cmd.stderr
-      if cmd.exit_status != 0 && ( out =~ /could not connect to/ || out =~ /password authentication failed/ ) && out.downcase =~ /error:/
+      if cmd.exit_status != 0 && ( out =~ /could not connect to/ || out =~ /password authentication failed/ ) && (out.downcase =~ /error:/ || out.downcase =~ /fatal:/)
         raise Inspec::Exceptions::ResourceFailed, "PostgreSQL connection error: #{out}"
       elsif cmd.exit_status != 0 && out.downcase =~ /error:/
         Lines.new(out, "PostgreSQL query with error: #{query}", cmd.exit_status)

data/lib/inspec/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "5.22.55".freeze
+  VERSION = "5.22.58".freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 5.22.55
+  version: 5.22.58
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-07-29 00:00:00.000000000 Z
+date: 2024-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry
@@ -861,7 +861,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: 3.0.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="