RubyGems - inspec-core - Versions diffs - 5.22.55 → 5.22.58 - Mend

inspec-core 5.22.55 → 5.22.58

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/inspec-core.gemspec +3 -1
data/lib/inspec/resources/oracledb_session.rb +5 -8
data/lib/inspec/resources/postgres_session.rb +1 -1
data/lib/inspec/version.rb +1 -1
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5b84448a3befad076d31e888ef81ca567f4fb398dc73f215abebb8af76021bc5
-  data.tar.gz: 03b2b4ea7321ceba11f2f043c4dc76ede8652f3d24b0e9a7fcca08cd648572d0
+  metadata.gz: 02f7fb4aedd2162975d1cbf01938cc2e749fb4a935dbe1d52b4e6ecee3bb360f
+  data.tar.gz: 277ae958544f136bf8f2444d839dfc45d378506be00c587689813b98cd798439
 SHA512:
-  metadata.gz: 819f0ccd7d978c1f71f3e3cfe22f922c4bcdf763a09b55e5d9fe4eb2406a2c759671af09987ba4267abcc4505f517d8c2f6e0bfe9bcc62bcfd05f91a17474ca9
-  data.tar.gz: 8920507c3d2cb040f21c5e6309defc3a32c1f4000ee4b4bccba793ce0038c8eac3c84aa2f7247833e57635ed757e3b8e5d8a4b1977b859a0fb975af31ca3aa54
+  metadata.gz: 484a35f9b50804ebcd94b3234881ebc2d4dc5518bd9df66c9af42f37c314586f8b6305972045e9c23f2d3e04fdbba95de9ed386ce3c4e0ce95fc54bc002cdc38
+  data.tar.gz: 31c1e550ab9532a8ddc5c3447dec9a518b7699cb39c979a28cbf5b53eab860abfd4589b220331ef98a0e8b937ebdae1e0840e534a454f2e6050d674adcdf4810

data/inspec-core.gemspec CHANGED Viewed

@@ -13,7 +13,9 @@ Gem::Specification.new do |spec|
   spec.license       = "Apache-2.0"
   spec.require_paths = ["lib"]
-  spec.required_ruby_version = ">= 2.7"
+  # We want to support ruby 3.0 as Chef is using ruby to support AIX and we want to make sure InSpec works with it. (Ref: https://github.com/chef/chef/pull/13207)
+  # TODO: Once we have Chef working fully with ruby 3.1 we can drop ruby 3.0
+  spec.required_ruby_version = ">= 3.0.3"
   # the gemfile and gemspec are necessary for appbundler so don't remove it
   spec.files =

data/lib/inspec/resources/oracledb_session.rb CHANGED Viewed

@@ -57,7 +57,7 @@ module Inspec::Resources
       inspec_cmd = inspec.command(command)
       out = inspec_cmd.stdout + "\n" + inspec_cmd.stderr
-      if inspec_cmd.exit_status != 0 || !inspec_cmd.stderr.empty? || out.downcase =~ /^error.*/
+      if inspec_cmd.exit_status != 0 || out.downcase =~ /^error.*/
         raise Inspec::Exceptions::ResourceFailed, "Oracle query with errors: #{out}"
       else
         begin
@@ -134,10 +134,8 @@ module Inspec::Resources
     end
     def escape_query(query)
-      # https://github.com/inspec/inspec/security/code-scanning/7
-      # https://github.com/inspec/inspec/security/code-scanning/8
-      escaped_query = query.gsub(/["\\]/) { |match| match == '"' ? '\\"' : "\\\\" } # Escape backslashes and double quotes
-      escaped_query.gsub!("$", '\\$') unless escaped_query.include? "\\$" # Escape dollar signs, but only if not already escaped
+      escaped_query = query.gsub(/\\\\/, "\\").gsub(/"/, '\\"')
+      escaped_query = escaped_query.gsub("$", '\\$') unless escaped_query.include? "\\$"
       escaped_query
     end
@@ -145,9 +143,8 @@ module Inspec::Resources
       output = stdout.split("oracle_query_string")[-1]
       # comma_query_sub replaces the csv delimiter "," in the output.
       # Handles CSV parsing of data like this (DROP,3) etc
-      # Replace all occurrences of the target pattern using gsub instead of sub
-      # Issue detected: https://github.com/inspec/inspec/security/code-scanning/9
-      output = output.gsub(/\r/, "").strip.gsub(",", "comma_query_sub")
+      output = output.sub(/\r/, "").strip.gsub(",", "comma_query_sub")
       converter = ->(header) { header.downcase }
       CSV.parse(output, headers: true, header_converters: converter).map do |row|
         next if row.entries.flatten.empty?

data/lib/inspec/resources/postgres_session.rb CHANGED Viewed

@@ -55,7 +55,7 @@ module Inspec::Resources
       psql_cmd = create_psql_cmd(query, db)
       cmd = inspec.command(psql_cmd, redact_regex: %r{(:\/\/[a-z]*:).*(@)})
       out = cmd.stdout + "\n" + cmd.stderr
-      if cmd.exit_status != 0 && ( out =~ /could not connect to/ || out =~ /password authentication failed/ ) && out.downcase =~ /error:/
+      if cmd.exit_status != 0 && ( out =~ /could not connect to/ || out =~ /password authentication failed/ ) && (out.downcase =~ /error:/ || out.downcase =~ /fatal:/)
         raise Inspec::Exceptions::ResourceFailed, "PostgreSQL connection error: #{out}"
       elsif cmd.exit_status != 0 && out.downcase =~ /error:/
         Lines.new(out, "PostgreSQL query with error: #{query}", cmd.exit_status)

data/lib/inspec/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "5.22.55".freeze
+  VERSION = "5.22.58".freeze
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec-core
 version: !ruby/object:Gem::Version
-  version: 5.22.55
+  version: 5.22.58
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-07-29 00:00:00.000000000 Z
+date: 2024-08-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: chef-telemetry
@@ -861,7 +861,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.7'
+      version: 3.0.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="