inspec-core 5.22.80 → 5.22.95
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/Gemfile +6 -5
- data/inspec-core.gemspec +7 -8
- data/lib/inspec/fetcher/git.rb +21 -1
- data/lib/inspec/profile.rb +8 -1
- data/lib/inspec/secrets/yaml.rb +1 -5
- data/lib/inspec/version.rb +1 -1
- metadata +17 -11
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a7b225f8fda920cb03f73a84eb1edc2b98339058c824f2323bee26995b37c74b
|
|
4
|
+
data.tar.gz: 5b6eb547488c20ff9e8170066f0ba38871afeead368f91248254ccf171e33327
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 01e6f8d6a5749288c3a53d9fc0166d3b8e832437cbb63aa86dc67dfe09160a956c528a9fe06e43f7912b497d8201b99556d68f6b4569ba6ac044910db821fea0
|
|
7
|
+
data.tar.gz: d6e5f9d3e5b5393d3cc0fbe9754ddba827cb1f12df3911fe1486dfe314b1386d5dca7b32a52509b65f9ad10cc6870ba0d990e63b5bb38456df98a57b82667fc2
|
data/Gemfile
CHANGED
|
@@ -40,12 +40,16 @@ group :test do
|
|
|
40
40
|
# Pinning this version as it breaking for ruby 3.1.0
|
|
41
41
|
gem "nokogiri", "< 1.17.2"
|
|
42
42
|
# Pinning this version as it breaking for ruby 3.0.0
|
|
43
|
-
gem "pry-byebug", "< 3.
|
|
43
|
+
gem "pry-byebug", "< 3.12.0"
|
|
44
44
|
gem "pry"
|
|
45
45
|
gem "rake"
|
|
46
46
|
gem "simplecov"
|
|
47
47
|
gem "simplecov_json_formatter"
|
|
48
48
|
gem "webmock"
|
|
49
|
+
gem "signet", "< 0.21.0" # 0.20.0+ requires min ruby 3.1
|
|
50
|
+
# Pinning to 1.15 as multi_json 1.16 require ruby 3.2 version
|
|
51
|
+
# Ref: https://buildkite.com/chef-oss/inspec-inspec-inspec-5-verify/builds/647#019808ca-087b-43bc-b1f9-40a36f59c5f4
|
|
52
|
+
gem "multi_json", "~> 1.15.0"
|
|
49
53
|
end
|
|
50
54
|
|
|
51
55
|
group :deploy do
|
|
@@ -53,12 +57,9 @@ group :deploy do
|
|
|
53
57
|
end
|
|
54
58
|
|
|
55
59
|
# Build is failing - see: https://buildkite.com/chef-oss/inspec-inspec-inspec-5-verify/builds/442
|
|
56
|
-
# Error:
|
|
57
|
-
# zeitwerk-2.7.1 requires Ruby >= 3.2, which is incompatible with the current version (Ruby 3.0.7p220)
|
|
58
|
-
|
|
60
|
+
# Error: zeitwerk-2.7.1 requires Ruby >= 3.2, which is incompatible with the current version (Ruby 3.0.7p220)
|
|
59
61
|
# Dependency chain:
|
|
60
62
|
# zeitwerk → dry-configurable, dry-struct, dry-types → k8s-ruby → train-kubernetes
|
|
61
|
-
|
|
62
63
|
# Pinning zeitwerk to ~> 2.6 to avoid Ruby >= 3.2 requirement.
|
|
63
64
|
# Remove this pin when upgrading to Ruby 3.2 or higher.
|
|
64
65
|
gem "zeitwerk", "~> 2.6.0", "< 2.7"
|
data/inspec-core.gemspec
CHANGED
|
@@ -13,9 +13,8 @@ Gem::Specification.new do |spec|
|
|
|
13
13
|
spec.license = "Apache-2.0"
|
|
14
14
|
spec.require_paths = ["lib"]
|
|
15
15
|
|
|
16
|
-
#
|
|
17
|
-
|
|
18
|
-
spec.required_ruby_version = ">= 3.0.3"
|
|
16
|
+
# Chef will provide AIX support with ruby 3.0 in separate builds with older versions of InSpec 5, hence we can drop ruby 3.0 support
|
|
17
|
+
spec.required_ruby_version = ">= 3.1.0"
|
|
19
18
|
|
|
20
19
|
# the gemfile and gemspec are necessary for appbundler so don't remove it
|
|
21
20
|
spec.files =
|
|
@@ -29,11 +28,11 @@ Gem::Specification.new do |spec|
|
|
|
29
28
|
spec.add_dependency "license-acceptance", ">= 0.2.13", "< 3.0"
|
|
30
29
|
# TODO: We should remove the thor pinning in next upcoming releases currently it's breaking our unit test in cli_args_test for aliases due to
|
|
31
30
|
# recent changes made in thor library REF: https://github.com/rails/thor/releases/tag/v1.3.0 & https://github.com/rails/thor/pull/800
|
|
32
|
-
spec.add_dependency "thor", ">= 0.20", "< 1.
|
|
31
|
+
spec.add_dependency "thor", ">= 0.20", "< 1.5.0"
|
|
33
32
|
spec.add_dependency "method_source", ">= 0.8", "< 2.0"
|
|
34
|
-
spec.add_dependency "rubyzip", ">= 1.2.2", "<
|
|
35
|
-
spec.add_dependency "rspec", ">= 3.9", "<= 3.
|
|
36
|
-
spec.add_dependency "rspec-its", "
|
|
33
|
+
spec.add_dependency "rubyzip", ">= 1.2.2", "< 4.0"
|
|
34
|
+
spec.add_dependency "rspec", ">= 3.9", "<= 3.14"
|
|
35
|
+
spec.add_dependency "rspec-its", ">= 1.2", "< 3.0"
|
|
37
36
|
spec.add_dependency "pry", "~> 0.13"
|
|
38
37
|
spec.add_dependency "hashie", ">= 3.4", "< 6.0"
|
|
39
38
|
spec.add_dependency "mixlib-log", "~> 3.0", "< 3.2"
|
|
@@ -55,5 +54,5 @@ Gem::Specification.new do |spec|
|
|
|
55
54
|
# which was causing a LoadError ('cannot load such file -- ast') for users/applications using 'inspec-core'.
|
|
56
55
|
spec.add_dependency "cookstyle"
|
|
57
56
|
|
|
58
|
-
spec.add_dependency "train-core", "~> 3.12.13"
|
|
57
|
+
spec.add_dependency "train-core", "~> 3.12.13" # Adding tight version constraint for train as it is compatible with Ruby 3.0.x
|
|
59
58
|
end
|
data/lib/inspec/fetcher/git.rb
CHANGED
|
@@ -68,11 +68,21 @@ module Inspec::Fetcher
|
|
|
68
68
|
else
|
|
69
69
|
Dir.mktmpdir do |working_dir|
|
|
70
70
|
checkout(working_dir)
|
|
71
|
+
if git_only_or_empty?(working_dir)
|
|
72
|
+
# If the temporary working directory is empty after checkout,
|
|
73
|
+
# this means the git repository did not contain any files (or the checkout failed).
|
|
74
|
+
# In this case, remove the destination directory to avoid
|
|
75
|
+
# leaving an empty or invalid profile directory.
|
|
76
|
+
if Dir.exist?(destination_path)
|
|
77
|
+
FileUtils.rm_rf(destination_path)
|
|
78
|
+
end
|
|
79
|
+
raise Inspec::FetcherFailure, "Profile git dependency failed for #{@remote_url} - no files found in the repository."
|
|
80
|
+
end
|
|
71
81
|
if @relative_path
|
|
72
82
|
perform_relative_path_fetch(destination_path, working_dir)
|
|
73
83
|
else
|
|
74
84
|
Inspec::Log.debug("Checkout of #{resolved_ref.nil? ? @remote_url : resolved_ref} successful. " \
|
|
75
|
-
|
|
85
|
+
"Moving checkout to #{destination_path}")
|
|
76
86
|
FileUtils.cp_r(working_dir + "/.", destination_path)
|
|
77
87
|
end
|
|
78
88
|
end
|
|
@@ -80,6 +90,16 @@ module Inspec::Fetcher
|
|
|
80
90
|
@repo_directory
|
|
81
91
|
end
|
|
82
92
|
|
|
93
|
+
def git_only_or_empty?(dir)
|
|
94
|
+
return false unless Dir.exist?(dir)
|
|
95
|
+
|
|
96
|
+
children = Dir.children(dir)
|
|
97
|
+
# Return true if:
|
|
98
|
+
# - directory is completely empty
|
|
99
|
+
# - or it contains only one entry: '.git'
|
|
100
|
+
children.empty? || (children - [".git"]).empty?
|
|
101
|
+
end
|
|
102
|
+
|
|
83
103
|
def perform_relative_path_fetch(destination_path, working_dir)
|
|
84
104
|
Inspec::Log.debug("Checkout of #{resolved_ref.nil? ? @remote_url : resolved_ref} successful. " \
|
|
85
105
|
"Moving #{@relative_path} to #{destination_path}")
|
data/lib/inspec/profile.rb
CHANGED
|
@@ -256,7 +256,14 @@ module Inspec
|
|
|
256
256
|
# # Pull together waiver
|
|
257
257
|
waived_control_ids = []
|
|
258
258
|
waiver_paths.each do |waiver_path|
|
|
259
|
-
|
|
259
|
+
# Ruby 3.1 treats YAML load as a dangerous operation by default, requiring us to declare date and time classes as permitted
|
|
260
|
+
# It's not a valid option in 3.0.x
|
|
261
|
+
if Gem.ruby_version >= Gem::Version.new("3.1.0")
|
|
262
|
+
waiver_content = ::YAML.load_file(waiver_path, permitted_classes: [Date, Time])
|
|
263
|
+
else
|
|
264
|
+
waiver_content = YAML.load_file(waiver_path)
|
|
265
|
+
end
|
|
266
|
+
|
|
260
267
|
unless waiver_content
|
|
261
268
|
# Note that we will have already issued a detailed warning
|
|
262
269
|
Inspec::Log.error "YAML parsing error in #{waiver_path}"
|
data/lib/inspec/secrets/yaml.rb
CHANGED
|
@@ -18,11 +18,7 @@ module Secrets
|
|
|
18
18
|
def initialize(target)
|
|
19
19
|
# Ruby 3.1 treats YAML load as a dangerous operation by default, requiring us to declare date and time classes as permitted
|
|
20
20
|
# It's not a valid option in 3.0.x
|
|
21
|
-
|
|
22
|
-
@inputs = ::YAML.load_file(target, permitted_classes: [Date, Time])
|
|
23
|
-
else
|
|
24
|
-
@inputs = ::YAML.load_file(target)
|
|
25
|
-
end
|
|
21
|
+
@inputs = ::YAML.load_file(target, permitted_classes: [Date, Time])
|
|
26
22
|
|
|
27
23
|
# In case of empty yaml file raise the warning else raise the parsing error.
|
|
28
24
|
if !@inputs || @inputs.empty?
|
data/lib/inspec/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec-core
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.22.
|
|
4
|
+
version: 5.22.95
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Chef InSpec Team
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-04
|
|
11
|
+
date: 2025-08-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: chef-telemetry
|
|
@@ -59,7 +59,7 @@ dependencies:
|
|
|
59
59
|
version: '0.20'
|
|
60
60
|
- - "<"
|
|
61
61
|
- !ruby/object:Gem::Version
|
|
62
|
-
version: 1.
|
|
62
|
+
version: 1.5.0
|
|
63
63
|
type: :runtime
|
|
64
64
|
prerelease: false
|
|
65
65
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -69,7 +69,7 @@ dependencies:
|
|
|
69
69
|
version: '0.20'
|
|
70
70
|
- - "<"
|
|
71
71
|
- !ruby/object:Gem::Version
|
|
72
|
-
version: 1.
|
|
72
|
+
version: 1.5.0
|
|
73
73
|
- !ruby/object:Gem::Dependency
|
|
74
74
|
name: method_source
|
|
75
75
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -99,7 +99,7 @@ dependencies:
|
|
|
99
99
|
version: 1.2.2
|
|
100
100
|
- - "<"
|
|
101
101
|
- !ruby/object:Gem::Version
|
|
102
|
-
version: '
|
|
102
|
+
version: '4.0'
|
|
103
103
|
type: :runtime
|
|
104
104
|
prerelease: false
|
|
105
105
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -109,7 +109,7 @@ dependencies:
|
|
|
109
109
|
version: 1.2.2
|
|
110
110
|
- - "<"
|
|
111
111
|
- !ruby/object:Gem::Version
|
|
112
|
-
version: '
|
|
112
|
+
version: '4.0'
|
|
113
113
|
- !ruby/object:Gem::Dependency
|
|
114
114
|
name: rspec
|
|
115
115
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -119,7 +119,7 @@ dependencies:
|
|
|
119
119
|
version: '3.9'
|
|
120
120
|
- - "<="
|
|
121
121
|
- !ruby/object:Gem::Version
|
|
122
|
-
version: '3.
|
|
122
|
+
version: '3.14'
|
|
123
123
|
type: :runtime
|
|
124
124
|
prerelease: false
|
|
125
125
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -129,21 +129,27 @@ dependencies:
|
|
|
129
129
|
version: '3.9'
|
|
130
130
|
- - "<="
|
|
131
131
|
- !ruby/object:Gem::Version
|
|
132
|
-
version: '3.
|
|
132
|
+
version: '3.14'
|
|
133
133
|
- !ruby/object:Gem::Dependency
|
|
134
134
|
name: rspec-its
|
|
135
135
|
requirement: !ruby/object:Gem::Requirement
|
|
136
136
|
requirements:
|
|
137
|
-
- - "
|
|
137
|
+
- - ">="
|
|
138
138
|
- !ruby/object:Gem::Version
|
|
139
139
|
version: '1.2'
|
|
140
|
+
- - "<"
|
|
141
|
+
- !ruby/object:Gem::Version
|
|
142
|
+
version: '3.0'
|
|
140
143
|
type: :runtime
|
|
141
144
|
prerelease: false
|
|
142
145
|
version_requirements: !ruby/object:Gem::Requirement
|
|
143
146
|
requirements:
|
|
144
|
-
- - "
|
|
147
|
+
- - ">="
|
|
145
148
|
- !ruby/object:Gem::Version
|
|
146
149
|
version: '1.2'
|
|
150
|
+
- - "<"
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: '3.0'
|
|
147
153
|
- !ruby/object:Gem::Dependency
|
|
148
154
|
name: pry
|
|
149
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -867,7 +873,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
867
873
|
requirements:
|
|
868
874
|
- - ">="
|
|
869
875
|
- !ruby/object:Gem::Version
|
|
870
|
-
version: 3.0
|
|
876
|
+
version: 3.1.0
|
|
871
877
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
872
878
|
requirements:
|
|
873
879
|
- - ">="
|