inspec 4.17.17 → 4.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1834559fb185f5d2d7477563f319605dc3111db8f598777c7d78d0e32b1fd11c
-  data.tar.gz: 17b3b6a638f067cf14cdfa836940a1f620de0ae1310b7b3d45bf27b4d7a0552b
+  metadata.gz: f1383016cfa4899dc2457ba11f9f4a7e79e02b8cfa9c1fd9b2cba34e8b0a6aa4
+  data.tar.gz: f80b35ba96ed8a3954240b5a43611bd4e7822589bf1a52e761b75e3a9e144ab6
 SHA512:
-  metadata.gz: 282930a4ab520be61d4d187aba3e7721a628882c0a6ded0f5df619ac681ed1f8951ffdc11212913066e77ebf9905e4d8ed47c4c275da0fada0a7e8c8a99c9704
-  data.tar.gz: c1797f51e7552ea8930c50dfe3a25719430eb3221dd9d0799b32cf3e0a1290ae369c5df11c0d83a20e19a3928d176dade29a12fa904f8d5dd140164bb71bdd17
+  metadata.gz: 1c2b2cc5aea6c768acb57bd40cfd414c66ac56926dd8243e947e74aa748877a45ae778001c89d7d8a2f03abcc3ee165b2f525ebb664d0732f2d634a91498fbfe
+  data.tar.gz: cd5787223718099c19c4b3d4c85b726eee454305ea66ad7a0762674df7778efc64840d3f3db0debcaa4e1ec485202f9bebe8a2c9ad59c50361510133197efe7c

data/inspec.gemspec

@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency "json-schema", "~> 2.8"
   spec.add_dependency "method_source", "~> 0.8"
   spec.add_dependency "rubyzip", "~> 1.2", ">= 1.2.2"
-  spec.add_dependency "rspec", "~> 3"
+  spec.add_dependency "rspec", ["~> 3.0", "< 3.9"] # TODO: Loosen - See https://github.com/inspec/inspec/issues/4575
   spec.add_dependency "rspec-its", "~> 1.2"
   spec.add_dependency "pry", "~> 0"
   spec.add_dependency "hashie", "~> 3.4"

data/lib/inspec/base_cli.rb

@@ -222,16 +222,20 @@ module Inspec
 
     private
 
+    ALL_OF_OUR_REPORTERS = %w{json json-min json-rspec json-automate junit html yaml documentation progress}.freeze # BUT WHY?!?!
+
     def suppress_log_output?(opts)
       return false if opts["reporter"].nil?
 
-      match = %w{json json-min json-rspec json-automate junit html yaml documentation progress} & opts["reporter"].keys
+      match = ALL_OF_OUR_REPORTERS & opts["reporter"].keys
+
       unless match.empty?
         match.each do |m|
           # check to see if we are outputting to stdout
           return true if opts["reporter"][m]["stdout"] == true
         end
       end
+
       false
     end
 

data/lib/inspec/cli.rb

@@ -9,6 +9,7 @@ module Inspec # TODO: move this somewhere "better"?
   autoload :BaseCLI,       "inspec/base_cli"
   autoload :Deprecation,   "inspec/utils/deprecation"
   autoload :Exceptions,    "inspec/exceptions"
+  autoload :EnvPrinter,    "inspec/env_printer"
   autoload :Fetcher,       "inspec/fetcher"
   autoload :Formatters,    "inspec/formatters"
   autoload :Globals,       "inspec/globals"
@@ -340,7 +341,15 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     ui.exit res unless run_type == :ruby_eval
 
     # No InSpec tests - just print evaluation output.
-    res = (res.respond_to?(:to_json) ? res.to_json : JSON.dump(res)) if o["reporter"]&.keys&.include?("json")
+    reporters = o["reporter"] || {}
+    if reporters.keys.include?("json")
+      res = if res.respond_to?(:to_json)
+              res.to_json
+            else
+              JSON.dump(res)
+            end
+    end
+
     puts res
     ui.exit Inspec::UI::EXIT_NORMAL
   rescue RuntimeError, Train::UserError => e

data/lib/inspec/dsl.rb

@@ -34,6 +34,8 @@ module Inspec::DSL
   # resource.
 
   def self.method_missing_resource(backend, id, *arguments)
+    return unless backend
+
     begin
       require "inspec/resources/#{id}"
     rescue LoadError

data/lib/inspec/formatters/base.rb

@@ -259,6 +259,11 @@ module Inspec::Formatters
       example.delete(:id)
       example.delete(:profile_id)
       control[:results].push(example)
+
+      # Waiver data, if available, is internally stored on a per-result
+      # (that is, per-describe-block) basis, because that is the only granularity
+      # available to us in the RSpec report data structure which we use as a vehicle.
+      control[:waiver_data] ||= example[:waiver_data] || {}
     end
   end
 end

data/lib/inspec/reporters/json.rb

@@ -40,7 +40,6 @@ module Inspec::Reporters
           message:      r[:message],
           exception:    r[:exception],
           backtrace:    r[:backtrace],
-          waiver_data:  r[:waiver_data],
         }.reject { |_k, v| v.nil? }
       }
     end
@@ -96,6 +95,7 @@ module Inspec::Reporters
             line: c[:source_location][:line],
             ref:  c[:source_location][:ref],
           },
+          waiver_data: c[:waiver_data] || {},
           results: profile_results(c),
         }
       }

data/lib/inspec/resources/apt.rb

@@ -87,12 +87,14 @@ module Inspec::Resources
         active = raw_line == line
 
         # formats:
+        # deb               "http://archive.ubuntu.com/ubuntu/" wily main restricted ...
         # deb               http://archive.ubuntu.com/ubuntu/ wily main restricted ...
         # deb [trusted=yes] http://archive.ubuntu.com/ubuntu/ wily main restricted ...
 
         words = line.split
         words.delete 1 if words[1] && words[1].start_with?("[")
         type, url, distro, *components = words
+        url = url.delete('"') if url
 
         next if components.empty?
         next unless URI::HTTP === URI.parse(url)

data/lib/inspec/resources/interface.rb

@@ -17,38 +17,34 @@ module Inspec::Resources
         its('ipv6_cidrs') { should include '::1/128' }
       end
     EXAMPLE
+
     def initialize(iface)
       @iface = iface
-
-      @interface_provider = nil
-      if inspec.os.linux?
-        @interface_provider = LinuxInterface.new(inspec)
-      elsif inspec.os.windows?
-        @interface_provider = WindowsInterface.new(inspec)
-      else
-        return skip_resource "The `interface` resource is not supported on your OS yet."
-      end
     end
 
     def exists?
-      !interface_info.nil? && !interface_info[:name].nil?
+      !!(interface_info && interface_info[:name])
     end
 
     def up?
-      interface_info.nil? ? false : interface_info[:up]
+      !!(interface_info && interface_info[:up])
+    end
+
+    def name
+      interface_info[:name]
     end
 
     # returns link speed in Mbits/sec
     def speed
-      interface_info.nil? ? nil : interface_info[:speed]
+      interface_info && interface_info[:speed]
     end
 
     def ipv4_address?
-      !ipv4_addresses.nil? && !ipv4_addresses.empty?
+      ipv4_addresses && !ipv4_addresses.empty?
     end
 
     def ipv6_address?
-      !ipv6_addresses.nil? && !ipv6_addresses.empty?
+      ipv6_addresses && !ipv6_addresses.empty?
     end
 
     def ipv4_addresses
@@ -72,11 +68,11 @@ module Inspec::Resources
     end
 
     def ipv4_cidrs
-      interface_info.nil? ? [] : interface_info[:ipv4_addresses]
+      interface_info && Array(interface_info[:ipv4_addresses])
     end
 
     def ipv6_cidrs
-      interface_info.nil? ? [] : interface_info[:ipv6_addresses]
+      interface_info && Array(interface_info[:ipv6_addresses])
     end
 
     def to_s
@@ -86,9 +82,11 @@ module Inspec::Resources
     private
 
     def interface_info
-      return @cache if defined?(@cache)
-
-      @cache = @interface_provider.interface_info(@iface) unless @interface_provider.nil?
+      @cache ||= begin
+                   provider = LinuxInterface.new(inspec) if inspec.os.linux?
+                   provider = WindowsInterface.new(inspec) if inspec.os.windows?
+                   Hash(provider && provider.interface_info(@iface))
+                 end
     end
   end
 

data/lib/inspec/resources/users.rb

@@ -3,6 +3,7 @@ require "inspec/utils/convert"
 require "inspec/utils/filter"
 require "inspec/utils/simpleconfig"
 require "inspec/resources/powershell"
+require "date"
 
 module Inspec::Resources
   # This file contains two resources, the `user` and `users` resource.
@@ -116,6 +117,24 @@ module Inspec::Resources
   #   its('mindays') { should eq 0 }
   #   its('maxdays') { should eq 99 }
   #   its('warndays') { should eq 5 }
+  #   its('passwordage') { should be >= 0 }
+  #   its('maxbadpasswords') { should eq nil } // not yet supported on linux
+  #   its('badpasswordattempts') { should eq 0 }
+  # end
+  # describe user('Administrator') do
+  #   it { should exist }
+  #   its('uid') { should eq "S-1-5-21-1759981009-4135989804-1844563890-500" }
+  #   its('gid') { should eq nil } // not supported on Windows
+  #   its('group') { should eq nil } // not supported on Windows
+  #   its('groups') { should eq ['Administrators', 'Users']}
+  #   its('home') { should eq '' }
+  #   its('shell') { should eq nil } // not supported on Windows
+  #   its('mindays') { should eq 0 }
+  #   its('maxdays') { should eq 42 }
+  #   its('warndays') { should eq nil }
+  #   its('passwordage') { should eq 355 }
+  #   its('maxbadpasswords') { should eq 0 }
+  #   its('badpasswordattempts') { should eq 0 }
   # end
   #
   # The following  Serverspec  matchers are deprecated in favor for direct value access
@@ -196,6 +215,14 @@ module Inspec::Resources
       meta_info[:shell] unless meta_info.nil?
     end
 
+    def domain
+      meta_info[:domain] unless meta_info.nil?
+    end
+
+    def userflags
+      meta_info[:userflags] unless meta_info.nil?
+    end
+
     # returns the minimum days between password changes
     def mindays
       credentials[:mindays] unless credentials.nil?
@@ -211,6 +238,18 @@ module Inspec::Resources
       credentials[:warndays] unless credentials.nil?
     end
 
+    def badpasswordattempts
+      credentials[:badpasswordattempts] unless credentials.nil?
+    end
+
+    def maxbadpasswords
+      credentials[:maxbadpasswords] unless credentials.nil?
+    end
+
+    def passwordage
+      credentials[:passwordage] unless credentials.nil?
+    end
+
     # implement 'mindays' method to be compatible with serverspec
     def minimum_days_between_password_change
       Inspec.deprecate(:resource_user_serverspec_compat, "The user resource `minimum_days_between_password_change` property is deprecated. Please use `mindays`.")
@@ -425,10 +464,17 @@ module Inspec::Resources
         multiple_values: false
       ).params
 
+      dparse = Date.parse "#{params['Last password change']}"
+      dayslastset = (Date.today - dparse).to_i
+      cmd = inspec.command("lastb -w -a | grep #{username} | wc -l")
+      badpasswordattempts = convert_to_i(cmd.stdout.chomp) if cmd.exit_status == 0
+
       {
         mindays: convert_to_i(params["Minimum number of days between password change"]),
         maxdays: convert_to_i(params["Maximum number of days between password change"]),
         warndays: convert_to_i(params["Number of days of warning before password expires"]),
+        passwordage: dayslastset,
+        badpasswordattempts: badpasswordattempts,
       }
     end
   end
@@ -481,6 +527,8 @@ module Inspec::Resources
         mindays: user_sec[1].to_i * 7,
         maxdays: user_sec[2].to_i * 7,
         warndays: user_sec[3].to_i,
+        passwordage: nil,
+        badpasswordattempts: nil,
       }
     end
   end
@@ -573,6 +621,31 @@ module Inspec::Resources
       res[0] unless res.empty?
     end
 
+    def meta_info(username)
+      res = identity(username)
+      return if res.nil?
+      {
+        home: res[:home],
+        shell: res[:shell],
+        domain: res[:domain],
+        userflags: res[:userflags],
+      }
+    end
+
+    def credentials(username)
+      res = identity(username)
+      return if res.nil?
+      {
+        mindays: res[:mindays],
+        maxdays: res[:maxdays],
+        warndays: res[:warndays],
+        badpasswordattempts: res[:badpasswordattempts],
+        maxbadpasswords: res[:maxbadpasswords],
+        minpasswordlength: res[:minpasswordlength],
+        passwordage: res[:passwordage],
+      }
+    end
+
     def list_users
       collect_user_details.map { |user| user[:username] }
     end

data/lib/inspec/rspec_extensions.rb

@@ -50,6 +50,7 @@ module Inspec
     def method_missing(method_name, *arguments, &block)
       # see if it is a resource first
       begin
+        inspec = inspec if respond_to?(:inspec) # backend not available??
         resource = Inspec::DSL.method_missing_resource(inspec, method_name, *arguments)
         return resource if resource
       rescue LoadError

data/lib/inspec/rule.rb

@@ -297,11 +297,11 @@ module Inspec
       __waiver_data["skipped_due_to_waiver"] = false
       __waiver_data["message"] = ""
 
-      # Waivers should have a hash value with keys possibly including skip and
-      # expiration_date. We only care here if it has a skip key and it
-      # is yes-like, since all non-skipped waiver operations are handled
+      # Waivers should have a hash value with keys possibly including "run" and
+      # expiration_date. We only care here if it has a "run" key and it
+      # is false-like, since all non-skipped waiver operations are handled
       # during reporting phase.
-      return unless __waiver_data.key?("skip") && __waiver_data["skip"]
+      return unless __waiver_data.key?("run") && !__waiver_data["run"]
 
       # OK, the intent is to skip. Does it have an expiration date, and
       # if so, is it in the future?

data/lib/inspec/runner_rspec.rb

@@ -83,7 +83,7 @@ module Inspec
       return @rspec_exit_code if @formatter.results.empty?
 
       stats = @formatter.results[:statistics][:controls]
-      skipped = @formatter.results&.fetch(:profiles, nil)&.first&.fetch(:status, nil) == "skipped"
+      skipped = @formatter.results.dig(:profiles, 0, :status) == "skipped"
       if stats[:failed][:total] == 0 && stats[:skipped][:total] == 0 && !skipped
         0
       elsif stats[:failed][:total] > 0

data/lib/inspec/schema.rb

@@ -96,6 +96,16 @@ module Inspec
           },
         },
         "results" => { "type" => "array", "items" => RESULT },
+        "waiver_data" => {
+          "type" => "object",
+          "properties" => {
+            "skipped_due_to_waiver" => { "type" => "string" },
+            "run" => { "type" => "boolean" },
+            "message" => { "type" => "string" },
+            "expiration_date" => { "type" => "string" },
+            "justification" => { "type" => "string" },
+          },
+        },
       },
     }.freeze
 

data/lib/inspec/utils/parser.rb

@@ -20,13 +20,14 @@ module PasswdParser
   def parse_passwd_line(line)
     x = line.split(":")
     {
-      "user" => x.at(0),
-      "password" => x.at(1),
-      "uid" => x.at(2),
-      "gid" => x.at(3),
-      "desc" => x.at(4),
-      "home" => x.at(5),
-      "shell" => x.at(6),
+      # rubocop:disable Layout/AlignHash
+      "user"     => x[0],
+      "password" => x[1],
+      "uid"      => x[2],
+      "gid"      => x[3],
+      "desc"     => x[4],
+      "home"     => x[5],
+      "shell"    => x[6],
     }
   end
 end

data/lib/inspec/version.rb

@@ -1,3 +1,3 @@
 module Inspec
-  VERSION = "4.17.17".freeze
+  VERSION = "4.18.0".freeze
 end

data/lib/plugins/inspec-compliance/test/unit/api/login_test.rb

@@ -58,18 +58,18 @@ describe InspecPlugins::Compliance::API do
       it "raises an error if `--user` is missing" do
         options = automate_options
         options.delete("user")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify a user.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify a user.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "raises an error if `--token` and `--dctoken` are missing" do
         options = automate_options
         options.delete("token")
         options.delete("dctoken")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify a token.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify a token.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "stores an access token" do
@@ -79,12 +79,12 @@ describe InspecPlugins::Compliance::API do
         InspecPlugins::Compliance::Configuration.expects(:new).returns(fake_config)
 
         InspecPlugins::Compliance::API.login(options)
-        fake_config["automate"]["ent"].must_equal("automate")
-        fake_config["automate"]["token_type"].must_equal("dctoken")
-        fake_config["user"].must_equal("someone")
-        fake_config["server"].must_equal("https://automate.example.com/api/v0")
-        fake_config["server_type"].must_equal("automate2")
-        fake_config["token"].must_equal("token")
+        _(fake_config["automate"]["ent"]).must_equal("automate")
+        _(fake_config["automate"]["token_type"]).must_equal("dctoken")
+        _(fake_config["user"]).must_equal("someone")
+        _(fake_config["server"]).must_equal("https://automate.example.com/api/v0")
+        _(fake_config["server_type"]).must_equal("automate2")
+        _(fake_config["token"]).must_equal("token")
       end
     end
 
@@ -96,26 +96,26 @@ describe InspecPlugins::Compliance::API do
       it "raises an error if `--user` is missing" do
         options = automate_options
         options.delete("user")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify a user.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify a user.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "raises an error if `--ent` is missing" do
         options = automate_options
         options.delete("ent")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify an enterprise.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify an enterprise.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "raises an error if `--token` and `--dctoken` are missing" do
         options = automate_options
         options.delete("token")
         options.delete("dctoken")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify a token.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify a token.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "stores an access token" do
@@ -125,12 +125,12 @@ describe InspecPlugins::Compliance::API do
         InspecPlugins::Compliance::Configuration.expects(:new).returns(fake_config)
 
         InspecPlugins::Compliance::API.login(options)
-        fake_config["automate"]["ent"].must_equal("automate")
-        fake_config["automate"]["token_type"].must_equal("usertoken")
-        fake_config["user"].must_equal("someone")
-        fake_config["server"].must_equal("https://automate.example.com/compliance")
-        fake_config["server_type"].must_equal("automate")
-        fake_config["token"].must_equal("token")
+        _(fake_config["automate"]["ent"]).must_equal("automate")
+        _(fake_config["automate"]["token_type"]).must_equal("usertoken")
+        _(fake_config["user"]).must_equal("someone")
+        _(fake_config["server"]).must_equal("https://automate.example.com/compliance")
+        _(fake_config["server_type"]).must_equal("automate")
+        _(fake_config["token"]).must_equal("token")
       end
     end
 
@@ -143,9 +143,9 @@ describe InspecPlugins::Compliance::API do
         options = automate_options
         options.delete("user")
         options.delete("refresh_token")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify a.*--user.*--refresh-token.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify a.*--user.*--refresh-token.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "raises an error if `--user` is present but authentication method missing" do
@@ -153,9 +153,9 @@ describe InspecPlugins::Compliance::API do
         options.delete("password")
         options.delete("token")
         options.delete("refresh_token")
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify.*--password.*--token.*--refresh-token.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify.*--password.*--token.*--refresh-token.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "stores an access token" do
@@ -165,25 +165,25 @@ describe InspecPlugins::Compliance::API do
         InspecPlugins::Compliance::Configuration.expects(:new).returns(fake_config)
 
         InspecPlugins::Compliance::API.login(options)
-        fake_config["user"].must_equal("someone")
-        fake_config["server"].must_equal("https://compliance.example.com/api")
-        fake_config["server_type"].must_equal("compliance")
-        fake_config["token"].must_equal("token")
+        _(fake_config["user"]).must_equal("someone")
+        _(fake_config["server"]).must_equal("https://compliance.example.com/api")
+        _(fake_config["server_type"]).must_equal("compliance")
+        _(fake_config["token"]).must_equal("token")
       end
     end
 
     describe "when target is neither a Chef Compliance nor Chef Automate server" do
       it "raises an error if `https://SERVER` is missing" do
         options = {}
-        err = proc { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
-        err.message.must_match(/Please specify a server.*/)
-        err.message.lines.length.must_equal(1)
+        err = _ { InspecPlugins::Compliance::API.login(options) }.must_raise(ArgumentError)
+        _(err.message).must_match(/Please specify a server.*/)
+        _(err.message.lines.length).must_equal(1)
       end
 
       it "rasies a `CannotDetermineServerType` error" do
         InspecPlugins::Compliance::API.expects(:determine_server_type).returns(nil)
-        err = proc { InspecPlugins::Compliance::API.login(automate_options) }.must_raise(StandardError)
-        err.message.must_match(/Unable to determine/)
+        err = _ { InspecPlugins::Compliance::API.login(automate_options) }.must_raise(StandardError)
+        _(err.message).must_match(/Unable to determine/)
       end
     end
   end

data/lib/plugins/inspec-compliance/test/unit/api_test.rb

@@ -60,7 +60,7 @@ describe InspecPlugins::Compliance::API do
         response = mock
         response.stubs(:code).returns("404")
         InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
-        InspecPlugins::Compliance::API.version(config).must_equal({})
+        _(InspecPlugins::Compliance::API.version(config)).must_equal({})
       end
     end
 
@@ -70,7 +70,7 @@ describe InspecPlugins::Compliance::API do
         response.stubs(:code).returns("200")
         response.stubs(:body).returns(nil)
         InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
-        InspecPlugins::Compliance::API.version(config).must_equal({})
+        _(InspecPlugins::Compliance::API.version(config)).must_equal({})
       end
     end
 
@@ -80,7 +80,7 @@ describe InspecPlugins::Compliance::API do
         response.stubs(:code).returns("200")
         response.stubs(:body).returns("")
         InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
-        InspecPlugins::Compliance::API.version(config).must_equal({})
+        _(InspecPlugins::Compliance::API.version(config)).must_equal({})
       end
     end
 
@@ -90,7 +90,7 @@ describe InspecPlugins::Compliance::API do
         response.stubs(:code).returns("200")
         response.stubs(:body).returns('{"api":"compliance"}')
         InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
-        InspecPlugins::Compliance::API.version(config).must_equal({})
+        _(InspecPlugins::Compliance::API.version(config)).must_equal({})
       end
     end
 
@@ -100,7 +100,7 @@ describe InspecPlugins::Compliance::API do
         response.stubs(:code).returns("200")
         response.stubs(:body).returns('{"api":"compliance","version":""}')
         InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
-        InspecPlugins::Compliance::API.version(config).must_equal({})
+        _(InspecPlugins::Compliance::API.version(config)).must_equal({})
       end
     end
 
@@ -110,7 +110,7 @@ describe InspecPlugins::Compliance::API do
         response.stubs(:code).returns("200")
         response.stubs(:body).returns('{"api":"compliance","version":"1.2.3"}')
         InspecPlugins::Compliance::HTTP.expects(:get).with("myserver/version", "test-headers", true).returns(response)
-        InspecPlugins::Compliance::API.version(config).must_equal({ "version" => "1.2.3", "api" => "compliance" })
+        _(InspecPlugins::Compliance::API.version(config)).must_equal({ "version" => "1.2.3", "api" => "compliance" })
       end
     end
   end
@@ -121,11 +121,11 @@ describe InspecPlugins::Compliance::API do
         config = InspecPlugins::Compliance::Configuration.new
         config.clean
         config["server_type"] = "compliance"
-        InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal false
+        _(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal false
       end
     end
 
@@ -134,11 +134,11 @@ describe InspecPlugins::Compliance::API do
         config = InspecPlugins::Compliance::Configuration.new
         config.clean
         config["server_type"] = "automate2"
-        InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal true
+        _(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal true
       end
     end
 
@@ -147,11 +147,11 @@ describe InspecPlugins::Compliance::API do
         config = InspecPlugins::Compliance::Configuration.new
         config.clean
         config["server_type"] = "automate"
-        InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal false
+        _(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal false
       end
     end
 
@@ -161,11 +161,11 @@ describe InspecPlugins::Compliance::API do
         config.clean
         config["server_type"] = "automate"
         config["version"] = "1.2.3"
-        InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate2_server?(config).must_equal false
+        _(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate2_server?(config)).must_equal false
       end
     end
 
@@ -175,10 +175,10 @@ describe InspecPlugins::Compliance::API do
         config.clean
         config["server_type"] = "automate"
         config["version"] = {}
-        InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal false
+        _(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal false
       end
     end
 
@@ -188,10 +188,10 @@ describe InspecPlugins::Compliance::API do
         config.clean
         config["server_type"] = "automate"
         config["version"] = { "version" => "0.8.1" }
-        InspecPlugins::Compliance::API.is_compliance_server?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server?(config).must_equal true
-        InspecPlugins::Compliance::API.is_automate_server_pre_080?(config).must_equal false
-        InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config).must_equal true
+        _(InspecPlugins::Compliance::API.is_compliance_server?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server?(config)).must_equal true
+        _(InspecPlugins::Compliance::API.is_automate_server_pre_080?(config)).must_equal false
+        _(InspecPlugins::Compliance::API.is_automate_server_080_and_later?(config)).must_equal true
       end
     end
   end
@@ -199,32 +199,32 @@ describe InspecPlugins::Compliance::API do
   describe ".server_version_from_config" do
     it "returns nil when the config has no version key" do
       config = {}
-      InspecPlugins::Compliance::API.server_version_from_config(config).must_be_nil
+      _(InspecPlugins::Compliance::API.server_version_from_config(config)).must_be_nil
     end
 
     it "returns nil when the version value is not a hash" do
       config = { "version" => "123" }
-      InspecPlugins::Compliance::API.server_version_from_config(config).must_be_nil
+      _(InspecPlugins::Compliance::API.server_version_from_config(config)).must_be_nil
     end
 
     it "returns nil when the version value is a hash but has no version key inside" do
       config = { "version" => {} }
-      InspecPlugins::Compliance::API.server_version_from_config(config).must_be_nil
+      _(InspecPlugins::Compliance::API.server_version_from_config(config)).must_be_nil
     end
 
     it "returns the version if the version value is a hash containing a version" do
       config = { "version" => { "version" => "1.2.3" } }
-      InspecPlugins::Compliance::API.server_version_from_config(config).must_equal "1.2.3"
+      _(InspecPlugins::Compliance::API.server_version_from_config(config)).must_equal "1.2.3"
     end
   end
 
   describe "profile_split" do
     it "handles a profile without version" do
-      InspecPlugins::Compliance::API.profile_split("admin/apache-baseline").must_equal ["admin", "apache-baseline", nil]
+      _(InspecPlugins::Compliance::API.profile_split("admin/apache-baseline")).must_equal ["admin", "apache-baseline", nil]
     end
 
     it "handles a profile with a version" do
-      InspecPlugins::Compliance::API.profile_split("admin/apache-baseline#2.0.1").must_equal ["admin", "apache-baseline", "2.0.1"]
+      _(InspecPlugins::Compliance::API.profile_split("admin/apache-baseline#2.0.1")).must_equal ["admin", "apache-baseline", "2.0.1"]
     end
   end
 
@@ -235,8 +235,8 @@ describe InspecPlugins::Compliance::API do
       config["server_type"] = "automate"
       config["server"] = "https://myautomate"
       config["version"] = "1.6.99"
-      InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline").must_equal       "https://myautomate/profiles/admin/apache-baseline/tar"
-      InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2").must_equal "https://myautomate/profiles/admin/apache-baseline/version/2.0.2/tar"
+      _(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline")).must_equal       "https://myautomate/profiles/admin/apache-baseline/tar"
+      _(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2")).must_equal "https://myautomate/profiles/admin/apache-baseline/version/2.0.2/tar"
     end
 
     it "handles a chef-compliance profile with and without version" do
@@ -245,8 +245,8 @@ describe InspecPlugins::Compliance::API do
       config["server_type"] = "compliance"
       config["server"] = "https://mychefcompliance"
       config["version"] = "1.1.2"
-      InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline").must_equal       "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
-      InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2").must_equal "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
+      _(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline")).must_equal       "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
+      _(InspecPlugins::Compliance::API.target_url(config, "admin/apache-baseline#2.0.2")).must_equal "https://mychefcompliance/owners/admin/compliance/apache-baseline/tar"
     end
   end
 
@@ -269,10 +269,10 @@ describe InspecPlugins::Compliance::API do
         .with(headers: { "Accept" => "*/*", "Accept-Encoding" => "gzip;q=1.0,deflate;q=0.6,identity;q=0.3", "Chef-Delivery-Enterprise" => "automate", "User-Agent" => "Ruby", "X-Data-Collector-Token" => "" })
         .to_return(status: 200, body: profiles_response.to_json, headers: {})
 
-      InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline").must_equal true
-      InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.1").must_equal true
-      InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.999").must_equal false
-      InspecPlugins::Compliance::API.exist?(config, "admin/missing-in-action").must_equal false
+      _(InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline")).must_equal true
+      _(InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.1")).must_equal true
+      _(InspecPlugins::Compliance::API.exist?(config, "admin/apache-baseline#2.0.999")).must_equal false
+      _(InspecPlugins::Compliance::API.exist?(config, "admin/missing-in-action")).must_equal false
     end
   end
 
@@ -295,7 +295,7 @@ describe InspecPlugins::Compliance::API do
         .with(url + automate2_endpoint, headers, insecure)
         .returns(good_response)
 
-      InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:automate2)
+      _(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:automate2)
     end
 
     it "returns `:automate` when a 401 is received from `https://URL/compliance/version`" do
@@ -309,7 +309,7 @@ describe InspecPlugins::Compliance::API do
         .with(url + automate_endpoint, headers, insecure)
         .returns(good_response)
 
-      InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:automate)
+      _(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:automate)
     end
 
     # Chef Automate currently returns 401 for `/compliance/version` but some
@@ -327,7 +327,7 @@ describe InspecPlugins::Compliance::API do
         .with(url + automate_endpoint, headers, insecure)
         .returns(good_response)
 
-      InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:automate)
+      _(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:automate)
     end
 
     it "returns `nil` if a 200 is received from `https://URL/compliance/version` but not redirected to Chef Manage" do
@@ -347,7 +347,7 @@ describe InspecPlugins::Compliance::API do
         .with(url + compliance_endpoint, headers, insecure)
         .returns(mock_compliance_response)
 
-      InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_be_nil
+      _(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_be_nil
     end
 
     it "returns `:compliance` when a 200 is received from `https://URL/api/version`" do
@@ -364,7 +364,7 @@ describe InspecPlugins::Compliance::API do
         .with(url + compliance_endpoint, headers, insecure)
         .returns(good_response)
 
-      InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_equal(:compliance)
+      _(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_equal(:compliance)
     end
 
     it "returns `nil` if it cannot determine the server type" do
@@ -380,7 +380,7 @@ describe InspecPlugins::Compliance::API do
         .with(url + compliance_endpoint, headers, insecure)
         .returns(bad_response)
 
-      InspecPlugins::Compliance::API.determine_server_type(url, insecure).must_be_nil
+      _(InspecPlugins::Compliance::API.determine_server_type(url, insecure)).must_be_nil
     end
   end
 end

data/lib/plugins/inspec-compliance/test/unit/target_test.rb

@@ -15,7 +15,7 @@ describe InspecPlugins::Compliance::Fetcher do
 
     it "returns an error when token is not set" do
       ex = assert_raises(Inspec::FetcherFailure) { fetcher.class.check_compliance_token("http://test.com", config) }
-      ex.message.must_include "Cannot fetch http://test.com because your compliance token has not been\nconfigured."
+      _(ex.message).must_include "Cannot fetch http://test.com because your compliance token has not been\nconfigured."
     end
   end
 
@@ -25,7 +25,7 @@ describe InspecPlugins::Compliance::Fetcher do
     it "returns the correct owner and profile name" do
       config["profile"] = ["admin", "ssh-baseline", nil]
       fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profile", config)
-      fetcher.send(:compliance_profile_name).must_equal "admin/ssh-baseline"
+      _(fetcher.send(:compliance_profile_name)).must_equal "admin/ssh-baseline"
     end
   end
 
@@ -34,12 +34,12 @@ describe InspecPlugins::Compliance::Fetcher do
 
     it "returns the correct profile name when the url is correct" do
       fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/myowner/myprofile/tar", config)
-      fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
+      _(fetcher.send(:compliance_profile_name)).must_equal "myowner/myprofile"
     end
 
     it "raises an exception if the url is malformed" do
       fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
-      proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
+      _(proc { fetcher.send(:compliance_profile_name) }).must_raise RuntimeError
     end
   end
 
@@ -51,12 +51,12 @@ describe InspecPlugins::Compliance::Fetcher do
 
     it "returns the correct profile name when the url is correct" do
       fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/profiles/myowner/myprofile/tar", config)
-      fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
+      _(fetcher.send(:compliance_profile_name)).must_equal "myowner/myprofile"
     end
 
     it "raises an exception if the url is malformed" do
       fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
-      proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
+      _(proc { fetcher.send(:compliance_profile_name) }).must_raise RuntimeError
     end
   end
 
@@ -68,12 +68,12 @@ describe InspecPlugins::Compliance::Fetcher do
 
     it "returns the correct profile name when the url is correct" do
       fetcher = InspecPlugins::Compliance::Fetcher.new("myserver/owners/myowner/compliance/myprofile/tar", config)
-      fetcher.send(:compliance_profile_name).must_equal "myowner/myprofile"
+      _(fetcher.send(:compliance_profile_name)).must_equal "myowner/myprofile"
     end
 
     it "raises an exception if the url is malformed" do
       fetcher = InspecPlugins::Compliance::Fetcher.new("a/bad/url", config)
-      proc { fetcher.send(:compliance_profile_name) }.must_raise RuntimeError
+      _(proc { fetcher.send(:compliance_profile_name) }).must_raise RuntimeError
     end
   end
 
@@ -104,7 +104,7 @@ describe InspecPlugins::Compliance::Fetcher do
       InspecPlugins::Compliance::API.stubs(:profiles).returns(["success", profiles_result])
       fetcher = InspecPlugins::Compliance::Fetcher.resolve("compliance://admin/ssh-baseline")
       assert = ["admin", "ssh-baseline", nil]
-      fetcher.instance_variable_get(:"@config")["profile"].must_equal assert
+      _(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert
     end
 
     it "returns the correct profile name when parsing compliance hash" do
@@ -116,7 +116,7 @@ describe InspecPlugins::Compliance::Fetcher do
       }
       fetcher = InspecPlugins::Compliance::Fetcher.resolve(hash)
       assert = ["admin", "ssh-baseline", nil]
-      fetcher.instance_variable_get(:"@config")["profile"].must_equal assert
+      _(fetcher.instance_variable_get(:"@config")["profile"]).must_equal assert
     end
   end
 
@@ -149,7 +149,7 @@ describe InspecPlugins::Compliance::Fetcher do
       prof = profiles_result[0]
       target = "compliance://#{prof["owner"]}/#{prof["name"]}"
       fetcher = InspecPlugins::Compliance::Fetcher.resolve(target)
-      fetcher.upstream_sha256.must_equal prof["sha256"]
+      _(fetcher.upstream_sha256).must_equal prof["sha256"]
     end
   end
 end

data/lib/plugins/shared/core_plugin_test_helper.rb

@@ -19,22 +19,22 @@ class Module
   include Minitest::Spec::DSL # TODO: NO! remove this!
 end
 
-module Inspec
-  class FuncTestRunResult
-    attr_reader :train_result
-    attr_reader :payload
-
-    extend Forwardable
-    def_delegator :train_result, :stdout
-    def_delegator :train_result, :stderr
-    def_delegator :train_result, :exit_status
-
-    def initialize(train_result)
-      @train_result = train_result
-      @payload = OpenStruct.new
-    end
-  end
-end
+# module Inspec
+#   class FuncTestRunResult
+#     attr_reader :train_result
+#     attr_reader :payload
+#
+#     extend Forwardable
+#     def_delegator :train_result, :stdout
+#     def_delegator :train_result, :stderr
+#     def_delegator :train_result, :exit_status
+#
+#     def initialize(train_result)
+#       @train_result = train_result
+#       @payload = OpenStruct.new
+#     end
+#   end
+# end
 
 module CorePluginBaseHelper
   libdir = File.expand_path "lib"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 4.17.17
+  version: 4.18.0
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-10-02 00:00:00.000000000 Z
+date: 2019-10-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: train
@@ -154,14 +154,20 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '3.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.9'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3'
+        version: '3.0'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3.9'
 - !ruby/object:Gem::Dependency
   name: rspec-its
   requirement: !ruby/object:Gem::Requirement
@@ -502,7 +508,6 @@ files:
 - lib/inspec/plugin/v2/plugin_types/mock.rb
 - lib/inspec/plugin/v2/registry.rb
 - lib/inspec/plugin/v2/status.rb
-- lib/inspec/polyfill.rb
 - lib/inspec/profile.rb
 - lib/inspec/profile_context.rb
 - lib/inspec/profile_vendor.rb

data/lib/inspec/polyfill.rb

@@ -1,9 +0,0 @@
-# copyright: 2016, Chef Software Inc.
-
-class Struct
-  unless instance_methods.include? :to_h
-    def to_h
-      Hash[each_pair.to_a]
-    end
-  end
-end