inspec 5.22.65 → 6.6.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d6c41c9c2862944ac53a0a2a8995af9307a70297e7c37904c06eddf44ef69c2a
4
- data.tar.gz: c323fad8e22752eb09cef8275995caffa5d14426a4eba9fe7b67506a5e65d7ee
3
+ metadata.gz: 7145e01e64e1c20915a545ba5582a59b8c19522f0eaddf66055fce1b1b1ce428
4
+ data.tar.gz: 62a67bff0e18b1c92567a67c4822f4e7c7fdd9ea2ee82e541e6c2e67ef4f8f16
5
5
  SHA512:
6
- metadata.gz: 2ff71fc0e4529486028018fc51cee7fa0ae967ce9ca664fc23165ad6e2b9c3ce95aa5388dbbb444f33a427b178dea5cd9e02205375954044e001668e2d5e3314
7
- data.tar.gz: 815502b03cb8593a48f5b94705921fad5e085081af3f38173156f0f7aba0c3156b381d529edf4e366926cd66371d7e969af7d7c18e15a1da2f9c3fc6d069f003
6
+ metadata.gz: 2fee45943fa837e958dc1a26b03492236469d21b52410f54457dc0ef06ef82749aad95ff981ccbeecd6ff02b1c422eab8819204ec089ffa8fc0d487f9f36bf8f
7
+ data.tar.gz: 9b75899257f59cc068b555bbe6bc65323ad94c64a440ce343537647af284f257f69902c8c85e1bb53c129ca94b2b34bd782e63efb6b4513ba79cfaf7c549f926
data/Gemfile CHANGED
@@ -1,3 +1,12 @@
1
+ # For Chef internal builds, allows preview versions of gems if available.
2
+ if ENV["ARTIFACTORY_BASE_URL"]
3
+ source ENV["ARTIFACTORY_BASE_URL"] + "/artifactory/api/gems/omnibus-gems-local/" do
4
+ # TODO: either fully populate this list, or revert back to non-block format
5
+ # to sweep all Chef gems from Artifactory.
6
+ gem "chef-licensing"
7
+ end
8
+ end
9
+
1
10
  source "https://rubygems.org"
2
11
 
3
12
  gem "inspec", path: "."
@@ -9,14 +18,7 @@ gem "inspec", path: "."
9
18
  # in it in order to package the executable. Hence the odd backwards dependency.
10
19
  gem "inspec-bin", path: "./inspec-bin"
11
20
 
12
- # ffi version v1.17.0 is breaking verify pipeline as it requires
13
- # rubygems version to be upgraded to >= 3.3.22 Ref:https://buildkite.com/chef/inspec-inspec-main-verify-private/builds/812#018fe177-2ccb-45ed-a25e-213c8a6453df/698-707
14
-
15
- gem "ffi", ">= 1.15.5", "< 1.18.0"
16
-
17
- # We have a build issue 2023-11-13 with unf_ext 0.0.9 so we are pinning to 0.0.8.2
18
- # See https://github.com/knu/ruby-unf_ext/issues/74 https://buildkite.com/chef/inspec-inspec-inspec-5-omnibus-release/builds/22
19
- gem "unf_ext", "= 0.0.8.2"
21
+ gem "ffi", ">= 1.9.14", "!= 1.13.0", "!= 1.14.2"
20
22
 
21
23
  # inspec tests depend text output that changed in the 3.10 release
22
24
  # but our runtime dep is still 3.9+
@@ -30,37 +32,27 @@ group :omnibus do
30
32
  end
31
33
 
32
34
  group :test do
33
- gem "chefstyle"
34
- gem "concurrent-ruby"
35
- gem "json_schemer"
35
+ gem "chefstyle", "~> 2.2.2"
36
+ gem "concurrent-ruby", "~> 1.0"
37
+ gem "json_schemer", ">= 0.2.1", "< 2.0.1"
36
38
  gem "m"
37
39
  gem "minitest-sprint", "~> 1.0"
38
40
  gem "minitest", "5.15.0"
39
- gem "mocha"
40
- gem "nokogiri"
41
+ gem "mocha", "~> 1.1"
42
+ gem "nokogiri", "~> 1.9"
41
43
  gem "pry-byebug"
42
- gem "pry"
43
- gem "rake"
44
- gem "simplecov"
44
+ gem "pry", "~> 0.10"
45
+ gem "rake", ">= 10"
46
+ gem "simplecov", "~> 0.21"
45
47
  gem "simplecov_json_formatter"
46
- gem "webmock"
48
+ gem "webmock", "~> 3.0"
49
+
50
+ if Gem.ruby_version >= Gem::Version.new("3.0.0")
51
+ # html-proofer has a dep on io-event, which is ruby-3 only
52
+ gem "html-proofer", "~> 3.19.4", platforms: :ruby # do not attempt to run proofer on windows. Pinned to 3.19.4 as test is breaking in updated versions.
53
+ end
47
54
  end
48
55
 
49
56
  group :deploy do
50
57
  gem "inquirer"
51
58
  end
52
-
53
- # Build is failing - see: https://buildkite.com/chef-oss/inspec-inspec-inspec-5-verify/builds/442
54
- # Error:
55
- # zeitwerk-2.7.1 requires Ruby >= 3.2, which is incompatible with the current version (Ruby 3.0.7p220)
56
-
57
- # Dependency chain:
58
- # zeitwerk → dry-configurable, dry-struct, dry-types → k8s-ruby → train-kubernetes
59
-
60
- # Pinning zeitwerk to ~> 2.6 to avoid Ruby >= 3.2 requirement.
61
- # Remove this pin when upgrading to Ruby 3.2 or higher.
62
- gem "zeitwerk", "~> 2.6.0", "< 2.7"
63
-
64
- # Pinning securerandom to < 0.4.0 as it is breaking the build because 0.4.0 is incompatible with the current version, ruby 3.0.x on CI
65
- # Remove this pin when upgrading to Ruby 3.1 or higher on CI.
66
- gem "securerandom", "< 0.4.0" if RUBY_VERSION < "3.1.0"
data/inspec.gemspec CHANGED
@@ -8,14 +8,20 @@ Gem::Specification.new do |spec|
8
8
  spec.authors = ["Chef InSpec Team"]
9
9
  spec.email = ["inspec@chef.io"]
10
10
  spec.summary = "Infrastructure and compliance testing."
11
- spec.description = "InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification."
11
+ spec.description = <<-EOT
12
+ InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.
13
+
14
+ Packaged distributions of Progress® Chef® products obtained from RubyGems are made available pursuant to the Progress Chef EULA at https://www.chef.io/end-user-license-agreement, unless there is an executed agreement in effect between you and Progress that covers the Progress Chef products ("Master Agreement"), in which case the Master Agreement shall govern.
15
+
16
+ Source code obtained from the Chef GitHub repository is made available under Apache-2.0, a copy of which is included.
17
+
18
+ EOT
19
+
12
20
  spec.homepage = "https://github.com/inspec/inspec"
13
- spec.license = "Apache-2.0"
21
+ spec.license = "LicenseRef-Chef-EULA"
14
22
  spec.require_paths = ["lib"]
15
23
 
16
- # We want to support ruby 3.0 as Chef is using ruby to support AIX and we want to make sure InSpec works with it. (Ref: https://github.com/chef/chef/pull/13207)
17
- # TODO: Once we have Chef working fully with ruby 3.1 we can drop ruby 3.0
18
- spec.required_ruby_version = ">= 3.0.3"
24
+ spec.required_ruby_version = ">= 2.7"
19
25
 
20
26
  # ONLY the aws/azure/gcp files. The rest will come in from inspec-core
21
27
  # the gemspec is necessary for appbundler so don't remove it
@@ -27,13 +33,17 @@ Gem::Specification.new do |spec|
27
33
  spec.add_dependency "inspec-core", "= #{Inspec::VERSION}"
28
34
 
29
35
  spec.add_dependency "train", "~> 3.10"
36
+
37
+ # cookstyle support for inspec check
38
+ # Added here not because they are compiled, but to keep chef-client lightweight
39
+ spec.add_dependency "cookstyle"
30
40
  spec.add_dependency "rake"
31
41
 
32
42
  # progress bar streaming reporter plugin support
33
43
  spec.add_dependency "progress_bar", "~> 1.3.3"
34
44
 
35
45
  # Used for Azure profile until integrated into train
36
- spec.add_dependency "faraday_middleware", ">= 0.12.2", "< 1.3"
46
+ spec.add_dependency "faraday_middleware", ">= 0.12.2", "< 1.1"
37
47
 
38
48
  # Train plugins we ship with InSpec
39
49
  spec.add_dependency "train-habitat", "~> 0.1"
@@ -0,0 +1,6 @@
1
+ Gem::Specification.new do |spec|
2
+ spec.name = "inspec-license"
3
+ spec.summary = "Plugin to list user licenses."
4
+ spec.description = ""
5
+ spec.license = "Apache-2.0"
6
+ end
@@ -0,0 +1,6 @@
1
+ Gem::Specification.new do |spec|
2
+ spec.name = "inspec-parallel"
3
+ spec.summary = "Plugin to handle parallel InSpec scan operations over multiple targets"
4
+ spec.description = ""
5
+ spec.license = "Apache-2.0"
6
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: inspec
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.22.65
4
+ version: 6.6.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chef InSpec Team
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-12-12 00:00:00.000000000 Z
11
+ date: 2023-11-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: inspec-core
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 5.22.65
19
+ version: 6.6.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 5.22.65
26
+ version: 6.6.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: train
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -38,6 +38,20 @@ dependencies:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '3.10'
41
+ - !ruby/object:Gem::Dependency
42
+ name: cookstyle
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
41
55
  - !ruby/object:Gem::Dependency
42
56
  name: rake
43
57
  requirement: !ruby/object:Gem::Requirement
@@ -75,7 +89,7 @@ dependencies:
75
89
  version: 0.12.2
76
90
  - - "<"
77
91
  - !ruby/object:Gem::Version
78
- version: '1.3'
92
+ version: '1.1'
79
93
  type: :runtime
80
94
  prerelease: false
81
95
  version_requirements: !ruby/object:Gem::Requirement
@@ -85,7 +99,7 @@ dependencies:
85
99
  version: 0.12.2
86
100
  - - "<"
87
101
  - !ruby/object:Gem::Version
88
- version: '1.3'
102
+ version: '1.1'
89
103
  - !ruby/object:Gem::Dependency
90
104
  name: train-habitat
91
105
  requirement: !ruby/object:Gem::Requirement
@@ -156,10 +170,13 @@ dependencies:
156
170
  - - '='
157
171
  - !ruby/object:Gem::Version
158
172
  version: 2.13.2
159
- description: InSpec provides a framework for creating end-to-end infrastructure tests.
160
- You can use it for integration or even compliance testing. Create fully portable
161
- test profiles and use them in your workflow to ensure stability and security. Integrate
162
- InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.
173
+ description: |+
174
+ InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.
175
+
176
+ Packaged distributions of Progress® Chef® products obtained from RubyGems are made available pursuant to the Progress Chef EULA at https://www.chef.io/end-user-license-agreement, unless there is an executed agreement in effect between you and Progress that covers the Progress Chef products ("Master Agreement"), in which case the Master Agreement shall govern.
177
+
178
+ Source code obtained from the Chef GitHub repository is made available under Apache-2.0, a copy of which is included.
179
+
163
180
  email:
164
181
  - inspec@chef.io
165
182
  executables: []
@@ -184,6 +201,8 @@ files:
184
201
  - lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb
185
202
  - lib/plugins/inspec-init/templates/profiles/gcp/inputs.yml
186
203
  - lib/plugins/inspec-init/templates/profiles/gcp/inspec.yml
204
+ - lib/plugins/inspec-license/inspec-license.gemspec
205
+ - lib/plugins/inspec-parallel/inspec-parallel.gemspec
187
206
  - lib/plugins/inspec-plugin-manager-cli/inspec-plugin-manager-cli.gemspec
188
207
  - lib/plugins/inspec-reporter-html2/inspec-reporter-html2.gemspec
189
208
  - lib/plugins/inspec-reporter-json-min/inspec-reporter-json-min.gemspec
@@ -192,7 +211,7 @@ files:
192
211
  - lib/plugins/inspec-streaming-reporter-progress-bar/inspec-streaming-reporter-progress-bar.gemspec
193
212
  homepage: https://github.com/inspec/inspec
194
213
  licenses:
195
- - Apache-2.0
214
+ - LicenseRef-Chef-EULA
196
215
  metadata: {}
197
216
  post_install_message:
198
217
  rdoc_options: []
@@ -202,14 +221,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
202
221
  requirements:
203
222
  - - ">="
204
223
  - !ruby/object:Gem::Version
205
- version: 3.0.3
224
+ version: '2.7'
206
225
  required_rubygems_version: !ruby/object:Gem::Requirement
207
226
  requirements:
208
227
  - - ">="
209
228
  - !ruby/object:Gem::Version
210
229
  version: '0'
211
230
  requirements: []
212
- rubygems_version: 3.2.3
231
+ rubygems_version: 3.1.4
213
232
  signing_key:
214
233
  specification_version: 4
215
234
  summary: Infrastructure and compliance testing.