inspec 1.45.9 → 1.45.13

data/lib/resources/postgres.rb

@@ -55,13 +55,13 @@ module Inspec::Resources
     private
 
     def verify_dirs
-      if !inspec.directory(@conf_dir).exist?
-        warn "Default postgresql configuration directory: #{@conf_dir} does not exist. Postgresql may not be installed or we've misidentified the configuration directory."
-      end
+      warn "Default postgresql configuration directory: #{@conf_dir} does not exist. " \
+        "Postgresql may not be installed or we've misidentified the configuration " \
+        'directory.' unless inspec.directory(@conf_dir).exist?
 
-      if !inspec.directory(@data_dir).exist?
-        warn "Default postgresql data directory: #{@data_dir} does not exist. Postgresql may not be installed or we've misidentified the data directory."
-      end
+      warn "Default postgresql data directory: #{@data_dir} does not exist. " \
+        "Postgresql may not be installed or we've misidentified the data " \
+        'directory.' unless inspec.directory(@data_dir).exist?
     end
 
     def version_from_psql

data/lib/resources/powershell.rb

@@ -34,7 +34,7 @@ module Inspec::Resources
 
     # Removes leading and trailing whitespace from stdout
     def strip
-      result.stdout.strip unless result.stdout.nil?
+      result.stdout&.strip
     end
 
     def to_s

data/lib/resources/service.rb

@@ -51,7 +51,7 @@ module Inspec::Resources
     #
     # @return [boolean] true if all runlevels are disabled
     def disabled?
-      !values.any?
+      values.none?
     end
 
     def to_s
@@ -136,7 +136,7 @@ module Inspec::Resources
         end
       elsif %w{redhat fedora centos oracle}.include?(platform)
         version = os[:release].to_i
-        if (%w{ redhat centos oracle }.include?(platform) && version >= 7) || (platform == 'fedora' && version >= 15)
+        if (%w{redhat centos oracle}.include?(platform) && version >= 7) || (platform == 'fedora' && version >= 15)
           Systemd.new(inspec, service_ctl)
         else
           SysV.new(inspec, service_ctl || '/sbin/service')
@@ -314,7 +314,6 @@ module Inspec::Resources
       enabled_rc_tcpip? || enabled_inittab?
     end
 
-    # #rubocop:disable Style/TrailingComma
     def enabled_rc_tcpip?
       inspec.command(
         "grep -v ^# /etc/rc.tcpip | grep 'start ' | grep -Eq '(/{0,1}| )#{name} '",
@@ -367,10 +366,10 @@ module Inspec::Resources
     end
 
     def version
-      @version ||= (
+      @version ||= begin
         out = inspec.command("#{service_ctl} --version").stdout
         Gem::Version.new(out[/\(upstart ([^\)]+)\)/, 1])
-      )
+      end
     end
   end
 

data/lib/resources/users.rb

@@ -575,64 +575,64 @@ module Inspec::Resources
     # https://msdn.microsoft.com/en-us/library/aa746340(v=vs.85).aspx
     def collect_user_details # rubocop:disable Metrics/MethodLength
       return @users_cache if defined?(@users_cache)
-      script = <<-EOH
-Function ConvertTo-SID { Param([byte[]]$BinarySID)
-  (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
-}
-
-Function Convert-UserFlag { Param  ($UserFlag)
-  $List = @()
-  Switch ($UserFlag) {
-    ($UserFlag -BOR 0x0001) { $List += 'SCRIPT' }
-    ($UserFlag -BOR 0x0002) { $List += 'ACCOUNTDISABLE' }
-    ($UserFlag -BOR 0x0008) { $List += 'HOMEDIR_REQUIRED' }
-    ($UserFlag -BOR 0x0010) { $List += 'LOCKOUT' }
-    ($UserFlag -BOR 0x0020) { $List += 'PASSWD_NOTREQD' }
-    ($UserFlag -BOR 0x0040) { $List += 'PASSWD_CANT_CHANGE' }
-    ($UserFlag -BOR 0x0080) { $List += 'ENCRYPTED_TEXT_PWD_ALLOWED' }
-    ($UserFlag -BOR 0x0100) { $List += 'TEMP_DUPLICATE_ACCOUNT' }
-    ($UserFlag -BOR 0x0200) { $List += 'NORMAL_ACCOUNT' }
-    ($UserFlag -BOR 0x0800) { $List += 'INTERDOMAIN_TRUST_ACCOUNT' }
-    ($UserFlag -BOR 0x1000) { $List += 'WORKSTATION_TRUST_ACCOUNT' }
-    ($UserFlag -BOR 0x2000) { $List += 'SERVER_TRUST_ACCOUNT' }
-    ($UserFlag -BOR 0x10000) { $List += 'DONT_EXPIRE_PASSWORD' }
-    ($UserFlag -BOR 0x20000) { $List += 'MNS_LOGON_ACCOUNT' }
-    ($UserFlag -BOR 0x40000) { $List += 'SMARTCARD_REQUIRED' }
-    ($UserFlag -BOR 0x80000) { $List += 'TRUSTED_FOR_DELEGATION' }
-    ($UserFlag -BOR 0x100000) { $List += 'NOT_DELEGATED' }
-    ($UserFlag -BOR 0x200000) { $List += 'USE_DES_KEY_ONLY' }
-    ($UserFlag -BOR 0x400000) { $List += 'DONT_REQ_PREAUTH' }
-    ($UserFlag -BOR 0x800000) { $List += 'PASSWORD_EXPIRED' }
-    ($UserFlag -BOR 0x1000000) { $List += 'TRUSTED_TO_AUTH_FOR_DELEGATION' }
-    ($UserFlag -BOR 0x04000000) { $List += 'PARTIAL_SECRETS_ACCOUNT' }
-  }
-  $List
-}
-
-$Computername = $Env:Computername
-$adsi = [ADSI]"WinNT://$Computername"
-$adsi.Children | where {$_.SchemaClassName -eq 'user'} | ForEach {
-  New-Object PSObject -property @{
-    uid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
-    username = $_.Name[0]
-    description = $_.Description[0]
-    disabled = $_.AccountDisabled[0]
-    userflags = Convert-UserFlag  -UserFlag $_.UserFlags[0]
-    passwordage = [math]::Round($_.PasswordAge[0]/86400)
-    minpasswordlength = $_.MinPasswordLength[0]
-    mindays = [math]::Round($_.MinPasswordAge[0]/86400)
-    maxdays = [math]::Round($_.MaxPasswordAge[0]/86400)
-    warndays = $null
-    badpasswordattempts = $_.BadPasswordAttempts[0]
-    maxbadpasswords = $_.MaxBadPasswordsAllowed[0]
-    gid = $null
-    group = $null
-    groups = @($_.Groups() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) })
-    home = $_.HomeDirectory[0]
-    shell = $null
-    domain = $Computername
-  }
-} | ConvertTo-Json
+      script = <<~EOH
+        Function ConvertTo-SID { Param([byte[]]$BinarySID)
+          (New-Object System.Security.Principal.SecurityIdentifier($BinarySID,0)).Value
+        }
+
+        Function Convert-UserFlag { Param  ($UserFlag)
+          $List = @()
+          Switch ($UserFlag) {
+            ($UserFlag -BOR 0x0001) { $List += 'SCRIPT' }
+            ($UserFlag -BOR 0x0002) { $List += 'ACCOUNTDISABLE' }
+            ($UserFlag -BOR 0x0008) { $List += 'HOMEDIR_REQUIRED' }
+            ($UserFlag -BOR 0x0010) { $List += 'LOCKOUT' }
+            ($UserFlag -BOR 0x0020) { $List += 'PASSWD_NOTREQD' }
+            ($UserFlag -BOR 0x0040) { $List += 'PASSWD_CANT_CHANGE' }
+            ($UserFlag -BOR 0x0080) { $List += 'ENCRYPTED_TEXT_PWD_ALLOWED' }
+            ($UserFlag -BOR 0x0100) { $List += 'TEMP_DUPLICATE_ACCOUNT' }
+            ($UserFlag -BOR 0x0200) { $List += 'NORMAL_ACCOUNT' }
+            ($UserFlag -BOR 0x0800) { $List += 'INTERDOMAIN_TRUST_ACCOUNT' }
+            ($UserFlag -BOR 0x1000) { $List += 'WORKSTATION_TRUST_ACCOUNT' }
+            ($UserFlag -BOR 0x2000) { $List += 'SERVER_TRUST_ACCOUNT' }
+            ($UserFlag -BOR 0x10000) { $List += 'DONT_EXPIRE_PASSWORD' }
+            ($UserFlag -BOR 0x20000) { $List += 'MNS_LOGON_ACCOUNT' }
+            ($UserFlag -BOR 0x40000) { $List += 'SMARTCARD_REQUIRED' }
+            ($UserFlag -BOR 0x80000) { $List += 'TRUSTED_FOR_DELEGATION' }
+            ($UserFlag -BOR 0x100000) { $List += 'NOT_DELEGATED' }
+            ($UserFlag -BOR 0x200000) { $List += 'USE_DES_KEY_ONLY' }
+            ($UserFlag -BOR 0x400000) { $List += 'DONT_REQ_PREAUTH' }
+            ($UserFlag -BOR 0x800000) { $List += 'PASSWORD_EXPIRED' }
+            ($UserFlag -BOR 0x1000000) { $List += 'TRUSTED_TO_AUTH_FOR_DELEGATION' }
+            ($UserFlag -BOR 0x04000000) { $List += 'PARTIAL_SECRETS_ACCOUNT' }
+          }
+          $List
+        }
+
+        $Computername = $Env:Computername
+        $adsi = [ADSI]"WinNT://$Computername"
+        $adsi.Children | where {$_.SchemaClassName -eq 'user'} | ForEach {
+          New-Object PSObject -property @{
+            uid = ConvertTo-SID -BinarySID $_.ObjectSID[0]
+            username = $_.Name[0]
+            description = $_.Description[0]
+            disabled = $_.AccountDisabled[0]
+            userflags = Convert-UserFlag  -UserFlag $_.UserFlags[0]
+            passwordage = [math]::Round($_.PasswordAge[0]/86400)
+            minpasswordlength = $_.MinPasswordLength[0]
+            mindays = [math]::Round($_.MinPasswordAge[0]/86400)
+            maxdays = [math]::Round($_.MaxPasswordAge[0]/86400)
+            warndays = $null
+            badpasswordattempts = $_.BadPasswordAttempts[0]
+            maxbadpasswords = $_.MaxBadPasswordsAllowed[0]
+            gid = $null
+            group = $null
+            groups = @($_.Groups() | Foreach-Object { $_.GetType().InvokeMember('Name', 'GetProperty', $null, $_, $null) })
+            home = $_.HomeDirectory[0]
+            shell = $null
+            domain = $Computername
+          }
+        } | ConvertTo-Json
       EOH
       cmd = inspec.powershell(script)
       # cannot rely on exit code for now, successful command returns exit code 1

data/lib/resources/vbscript.rb

@@ -37,16 +37,16 @@ module Inspec::Resources
     def initialize(vbscript)
       return skip_resource 'The `vbscript` resource is not supported on your OS yet.' unless inspec.os.windows?
       @seperator = SecureRandom.uuid
-      cmd = <<-EOH
-$vbscript = @"
-#{vbscript}
-Wscript.Stdout.Write "#{@seperator}"
-"@
-$filename = [System.IO.Path]::GetTempFileName() + ".vbs"
-New-Item $filename -type file -force -value $vbscript | Out-Null
-cscript.exe /nologo $filename
-Remove-Item $filename | Out-Null
-EOH
+      cmd = <<~EOH
+        $vbscript = @"
+        #{vbscript}
+        Wscript.Stdout.Write "#{@seperator}"
+        "@
+        $filename = [System.IO.Path]::GetTempFileName() + ".vbs"
+        New-Item $filename -type file -force -value $vbscript | Out-Null
+        cscript.exe /nologo $filename
+        Remove-Item $filename | Out-Null
+      EOH
       super(cmd)
     end
 

data/lib/resources/virtualization.rb

@@ -76,7 +76,7 @@ module Inspec::Resources
 
       # This file should exist on most Xen systems, normally empty for guests
       if inspec.file('/proc/xen/capabilities').exist? &&
-          inspec.file('/proc/xen/capabilities').content =~ /control_d/i # rubocop:disable Style/MultilineOperationIndentation
+          inspec.file('/proc/xen/capabilities').content =~ /control_d/i # rubocop:disable Layout/MultilineOperationIndentation
         @virtualization_data[:role] = 'host'
       end
       true
@@ -120,11 +120,10 @@ module Inspec::Resources
     # guests will have the hypervisor cpu feature that hosts don't have
     def detect_kvm_from_sys
       return false unless inspec.file('/sys/devices/virtual/misc/kvm').exist?
+      @virtualization_data[:system] = 'kvm'
       if inspec.file('/proc/cpuinfo').content =~ /hypervisor/
-        @virtualization_data[:system] = 'kvm'
         @virtualization_data[:role] = 'guest'
       else
-        @virtualization_data[:system] = 'kvm'
         @virtualization_data[:role] = 'host'
       end
       true
@@ -190,7 +189,7 @@ module Inspec::Resources
       return false unless inspec.file('/proc/self/cgroup').exist?
       cgroup_content = inspec.file('/proc/self/cgroup').content
       if cgroup_content =~ %r{^\d+:[^:]+:/(lxc|docker)/.+$} ||
-          cgroup_content =~ %r{^\d+:[^:]+:/[^/]+/(lxc|docker)-.+$} # rubocop:disable Style/MultilineOperationIndentation
+          cgroup_content =~ %r{^\d+:[^:]+:/[^/]+/(lxc|docker)-.+$} # rubocop:disable Layout/MultilineOperationIndentation
         @virtualization_data[:system] = $1 # rubocop:disable Style/PerlBackrefs
         @virtualization_data[:role] = 'guest'
       elsif lxc_version_exists? && cgroup_content =~ %r{\d:[^:]+:/$}

data/lib/resources/x509_certificate.rb

@@ -52,7 +52,7 @@ module Inspec::Resources
     end
 
     # Forward these methods directly to OpenSSL::X509::Certificate instance
-    %w{version not_before not_after signature_algorithm public_key }.each do |m|
+    %w{version not_before not_after signature_algorithm public_key}.each do |m|
       define_method m.to_sym do |*args|
         @cert.method(m.to_sym).call(*args)
       end

data/lib/resources/yum.rb

@@ -94,7 +94,7 @@ module Inspec::Resources
 
     # Removes lefthand and righthand whitespace
     def strip(value)
-      value.strip if !value.nil?
+      value&.strip
     end
 
     # Optimize the key value

data/lib/source_readers/inspec.rb

@@ -43,7 +43,8 @@ module SourceReaders
       Inspec::Metadata.from_ref(
         metadata_source,
         @target.read(metadata_source),
-        nil)
+        nil,
+      )
     rescue Psych::SyntaxError => e
       raise "Unable to parse inspec.yml: line #{e.line}, #{e.problem} #{e.context}"
     rescue => e

data/lib/utils/command_wrapper.rb

@@ -14,16 +14,11 @@ class CommandWrapper
     end
 
     wrap = options[:wrap]
-    if !wrap.nil? && !wrap.is_a?(Proc)
-      raise "Called command wrapper with wrap: #{wrap.inspect}. It must be called with a Proc."
-    elsif !wrap.nil?
-      return wrap.call(cmd)
-    end
+    raise "Called command wrapper with wrap: #{wrap.inspect}. It must be called with a Proc." if !wrap.nil? && !wrap.is_a?(Proc)
+    return wrap.call(cmd) unless wrap.nil?
 
     shell = options[:shell]
-    unless UNIX_SHELLS.include?(shell)
-      raise "Don't know how to wrap commands for shell: #{shell.inspect}."
-    end
+    raise "Don't know how to wrap commands for shell: #{shell.inspect}." unless UNIX_SHELLS.include?(shell)
 
     path = options[:path] || shell
     args = options[:args] || '-c'

data/lib/utils/filter.rb

@@ -151,7 +151,7 @@ module FilterTable
       # the struct to hold single items from the #entries method
       entry_struct = Struct.new(*struct_fields.map(&:to_sym)) do
         attr_accessor :__filter
-        def to_s # rubocop:disable Lint/NestedMethodDefinition
+        def to_s
           @__filter || super
         end
       end unless struct_fields.empty?

data/lib/utils/json_log.rb

@@ -12,6 +12,7 @@ class Logger::JSONFormatter < Logger::Formatter
         'severity'=> severity,
         'time'=> time,
         'msg'=> msg,
-      },)
+      },
+    )
   end
 end

data/lib/utils/latest_version.rb

@@ -8,14 +8,15 @@ class LatestInSpecVersion
   # fetches the latest version from rubygems server
   def latest
     uri = URI('https://rubygems.org/api/v1/gems/inspec.json')
-    res = Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https',
-                          open_timeout: 0.5, read_timeout: 0.5
-                         ) {|http|
+    res = Net::HTTP.start(
+      uri.host, uri.port, use_ssl: uri.scheme == 'https',
+      open_timeout: 0.5, read_timeout: 0.5
+    ) { |http|
       http.get(uri.path)
     }
     inspec_info = JSON.parse(res.body)
     inspec_info['version']
-  rescue Exception # rubocop:disable Lint/RescueException
+  rescue StandardError
     nil
   end
 end

data/lib/utils/object_traversal.rb

@@ -27,7 +27,7 @@ module ObjectTraverser
   # If the values to return from is an Array, allow returning by index.
   # Otherwise, support methods on the Array itself.
   def extract_from_array(key, value)
-    if key.is_a?(Fixnum)
+    if key.is_a?(Integer)
       value[key]
     elsif value.respond_to?(key.to_sym)
       value.send(key.to_sym)

data/lib/utils/parser.rb

@@ -234,8 +234,8 @@ module XinetdParser
       # extract content line
       nl = rest.index("\n") || (rest.length-1)
       comment = rest.index('#') || (rest.length-1)
-      dst_idx = (comment < nl) ? comment : nl
-      inner_line = (dst_idx == 0) ? '' : rest[0..dst_idx-1].strip
+      dst_idx = comment < nl ? comment : nl
+      inner_line = dst_idx == 0 ? '' : rest[0..dst_idx-1].strip
       # update unparsed content
       rest = rest[nl+1..-1]
       next if inner_line.empty?

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 1.45.9
+  version: 1.45.13
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-16 00:00:00.000000000 Z
+date: 2017-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train
@@ -19,7 +19,7 @@ dependencies:
         version: '0.29'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.29.1
+        version: 0.29.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '0.29'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.29.1
+        version: 0.29.2
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement