inspec 5.23.6 → 6.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c71383217a1edbc827e19ccd5e31a77f0372e51a23a0ab6c22f61b482aa5d8f6
-  data.tar.gz: 8ff2cd8a20be1cbefa6fe566f34e339a54c87904f24116b290dd048897ac7389
+  metadata.gz: 7145e01e64e1c20915a545ba5582a59b8c19522f0eaddf66055fce1b1b1ce428
+  data.tar.gz: 62a67bff0e18b1c92567a67c4822f4e7c7fdd9ea2ee82e541e6c2e67ef4f8f16
 SHA512:
-  metadata.gz: 7af4db4cd906a60ef301f230af4015d1141bad1d56933d6956053da542b448ad406fc844b0c015dbc34891c01ffe95841a54964523a6047a95e9408ca5373e7d
-  data.tar.gz: 53542954aad93a6bb5dd2e39bfcf63132ca87631f6ce9628e30c2286c9c7425887d3e81b0973d72421ce0f8e1db9f2d2d864d56fd47921679a3120c38bce7cd1
+  metadata.gz: 2fee45943fa837e958dc1a26b03492236469d21b52410f54457dc0ef06ef82749aad95ff981ccbeecd6ff02b1c422eab8819204ec089ffa8fc0d487f9f36bf8f
+  data.tar.gz: 9b75899257f59cc068b555bbe6bc65323ad94c64a440ce343537647af284f257f69902c8c85e1bb53c129ca94b2b34bd782e63efb6b4513ba79cfaf7c549f926

data/Gemfile

@@ -1,3 +1,12 @@
+# For Chef internal builds, allows preview versions of gems if available.
+if ENV["ARTIFACTORY_BASE_URL"]
+  source ENV["ARTIFACTORY_BASE_URL"] + "/artifactory/api/gems/omnibus-gems-local/" do
+    # TODO: either fully populate this list, or revert back to non-block format
+    #       to sweep all Chef gems from Artifactory.
+    gem "chef-licensing"
+  end
+end
+
 source "https://rubygems.org"
 
 gem "inspec", path: "."
@@ -9,14 +18,7 @@ gem "inspec", path: "."
 # in it in order to package the executable. Hence the odd backwards dependency.
 gem "inspec-bin", path: "./inspec-bin"
 
-# ffi version v1.17.0 is breaking verify pipeline as it requires
-# rubygems version to be upgraded to >= 3.3.22 Ref:https://buildkite.com/chef/inspec-inspec-main-verify-private/builds/812#018fe177-2ccb-45ed-a25e-213c8a6453df/698-707
-
-gem "ffi", ">= 1.15.5", "< 1.17.0"
-
-# We have a build issue 2023-11-13 with unf_ext 0.0.9 so we are pinning to 0.0.8.2
-# See https://github.com/knu/ruby-unf_ext/issues/74 https://buildkite.com/chef/inspec-inspec-inspec-5-omnibus-release/builds/22
-gem "unf_ext", "= 0.0.8.2"
+gem "ffi", ">= 1.9.14", "!= 1.13.0", "!= 1.14.2"
 
 # inspec tests depend text output that changed in the 3.10 release
 # but our runtime dep is still 3.9+
@@ -30,45 +32,27 @@ group :omnibus do
 end
 
 group :test do
-  gem "chefstyle"
-  gem "concurrent-ruby"
-  gem "json_schemer"
+  gem "chefstyle", "~> 2.2.2"
+  gem "concurrent-ruby", "~> 1.0"
+  gem "json_schemer", ">= 0.2.1", "< 2.0.1"
   gem "m"
   gem "minitest-sprint", "~> 1.0"
   gem "minitest", "5.15.0"
-  gem "mocha"
-  # Pinning this version as it breaking for ruby 3.1.0
-  gem "nokogiri", "< 1.17.2"
-  # Pinning this version as it breaking for ruby 3.0.0
-  gem "pry-byebug", "< 3.12.0"
-  gem "pry"
-  gem "rake"
-  gem "simplecov"
+  gem "mocha", "~> 1.1"
+  gem "nokogiri", "~> 1.9"
+  gem "pry-byebug"
+  gem "pry", "~> 0.10"
+  gem "rake", ">= 10"
+  gem "simplecov", "~> 0.21"
   gem "simplecov_json_formatter"
-  gem "webmock"
-  gem "signet", "< 0.22.0" # 0.20.0+ requires min ruby 3.1
-  # Pinning to 1.15 as multi_json 1.16 require ruby 3.2 version
-  # Ref: https://buildkite.com/chef-oss/inspec-inspec-inspec-5-verify/builds/647#019808ca-087b-43bc-b1f9-40a36f59c5f4
-  gem "multi_json", "~> 1.15.0"
+  gem "webmock", "~> 3.0"
+
+  if Gem.ruby_version >= Gem::Version.new("3.0.0")
+    # html-proofer has a dep on io-event, which is ruby-3 only
+    gem "html-proofer", "~> 3.19.4", platforms: :ruby # do not attempt to run proofer on windows. Pinned to 3.19.4 as test is breaking in updated versions.
+  end
 end
 
 group :deploy do
   gem "inquirer"
 end
-
-# Build is failing - see: https://buildkite.com/chef-oss/inspec-inspec-inspec-5-verify/builds/442
-# Error: zeitwerk-2.7.1 requires Ruby >= 3.2, which is incompatible with the current version (Ruby 3.0.7p220)
-# Dependency chain:
-# zeitwerk → dry-configurable, dry-struct, dry-types → k8s-ruby → train-kubernetes
-# Pinning zeitwerk to ~> 2.6 to avoid Ruby >= 3.2 requirement.
-# Remove this pin when upgrading to Ruby 3.2 or higher.
-gem "zeitwerk", "~> 2.6.0", "< 2.7"
-
-# Pinning dry-core,dry-core,dry-types to < 1.1.0 as it is breaking the build because 1.1.0 is incompatible with the current version, ruby 3.0.x on CI
-gem "dry-types", "<= 1.7.2" if RUBY_VERSION < "3.1.0"
-gem "dry-core", "> 1.0.0", "< 1.1.0" if RUBY_VERSION < "3.1.0"
-gem "dry-inflector", "<= 1.1.0" if RUBY_VERSION < "3.1.0"
-
-# Pinning securerandom to < 0.4.0 as it is breaking the build because 0.4.0 is incompatible with the current version, ruby 3.0.x on CI
-# Remove this pin when upgrading to Ruby 3.1 or higher on CI.
-gem "securerandom", "< 0.4.0" if RUBY_VERSION < "3.1.0"

data/inspec.gemspec

@@ -8,13 +8,20 @@ Gem::Specification.new do |spec|
   spec.authors       = ["Chef InSpec Team"]
   spec.email         = ["inspec@chef.io"]
   spec.summary       = "Infrastructure and compliance testing."
-  spec.description   = "InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification."
+  spec.description   = <<-EOT
+InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.
+
+Packaged distributions of Progress® Chef® products obtained from RubyGems are made available pursuant to the Progress Chef EULA at https://www.chef.io/end-user-license-agreement, unless there is an executed agreement in effect between you and Progress that covers the Progress Chef products ("Master Agreement"), in which case the Master Agreement shall govern.
+
+Source code obtained from the Chef GitHub repository is made available under Apache-2.0, a copy of which is included.
+
+  EOT
+
   spec.homepage      = "https://github.com/inspec/inspec"
-  spec.license       = "Apache-2.0"
+  spec.license       = "LicenseRef-Chef-EULA"
   spec.require_paths = ["lib"]
 
-  # Chef will provide AIX support with ruby 3.0 in separate builds with older versions of InSpec 5, hence we can drop ruby 3.0 support
-  spec.required_ruby_version = ">= 3.1.0"
+  spec.required_ruby_version = ">= 2.7"
 
   # ONLY the aws/azure/gcp files. The rest will come in from inspec-core
   # the gemspec is necessary for appbundler so don't remove it
@@ -25,21 +32,25 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency "inspec-core", "= #{Inspec::VERSION}"
 
-  spec.add_dependency "train", "~> 3.13", ">= 3.13.4"
+  spec.add_dependency "train", "~> 3.10"
+
+  # cookstyle support for inspec check
+  # Added here not because they are compiled, but to keep chef-client lightweight
+  spec.add_dependency "cookstyle"
   spec.add_dependency "rake"
 
   # progress bar streaming reporter plugin support
   spec.add_dependency "progress_bar", "~> 1.3.3"
 
   # Used for Azure profile until integrated into train
-  spec.add_dependency "faraday_middleware", ">= 0.12.2", "< 1.3"
+  spec.add_dependency "faraday_middleware", ">= 0.12.2", "< 1.1"
 
   # Train plugins we ship with InSpec
   spec.add_dependency "train-habitat",    "~> 0.1"
   spec.add_dependency "train-aws",        "~> 0.2"
-  spec.add_dependency "train-winrm",      "~> 0.4.0" # socks5h changes in 0.4.0
-  spec.add_dependency "train-kubernetes", "< 0.3.1" # 0.3.1+ requires min ruby 3.1
+  spec.add_dependency "train-winrm",      "~> 0.2"
+  spec.add_dependency "train-kubernetes", "~> 0.1"
 
-  spec.add_dependency "mongo", "= 2.21.3" # 2.14 introduces a broken symlink in mongo-2.14.0/spec/support/ocsp
+  spec.add_dependency "mongo", "= 2.13.2" # 2.14 introduces a broken symlink in mongo-2.14.0/spec/support/ocsp
 
 end

data/lib/plugins/inspec-license/inspec-license.gemspec

@@ -0,0 +1,6 @@
+Gem::Specification.new do |spec|
+  spec.name          = "inspec-license"
+  spec.summary       = "Plugin to list user licenses."
+  spec.description   = ""
+  spec.license       = "Apache-2.0"
+end

data/lib/plugins/inspec-parallel/inspec-parallel.gemspec

@@ -0,0 +1,6 @@
+Gem::Specification.new do |spec|
+  spec.name          = "inspec-parallel"
+  spec.summary       = "Plugin to handle parallel InSpec scan operations over multiple targets"
+  spec.description   = ""
+  spec.license       = "Apache-2.0"
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 5.23.6
+  version: 6.6.0
 platform: ruby
 authors:
 - Chef InSpec Team
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2025-09-23 00:00:00.000000000 Z
+date: 2023-11-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: inspec-core
@@ -16,34 +16,42 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.23.6
+        version: 6.6.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 5.23.6
+        version: 6.6.0
 - !ruby/object:Gem::Dependency
   name: train
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.13'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.13.4
+        version: '3.10'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.13'
+        version: '3.10'
+- !ruby/object:Gem::Dependency
+  name: cookstyle
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.13.4
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -81,7 +89,7 @@ dependencies:
         version: 0.12.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -91,7 +99,7 @@ dependencies:
         version: 0.12.2
     - - "<"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '1.1'
 - !ruby/object:Gem::Dependency
   name: train-habitat
   requirement: !ruby/object:Gem::Requirement
@@ -126,46 +134,49 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.0
+        version: '0.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.4.0
+        version: '0.2'
 - !ruby/object:Gem::Dependency
   name: train-kubernetes
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: '0.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<"
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.3.1
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: mongo
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.21.3
+        version: 2.13.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 2.21.3
-description: InSpec provides a framework for creating end-to-end infrastructure tests.
-  You can use it for integration or even compliance testing. Create fully portable
-  test profiles and use them in your workflow to ensure stability and security. Integrate
-  InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.
+        version: 2.13.2
+description: |+
+  InSpec provides a framework for creating end-to-end infrastructure tests. You can use it for integration or even compliance testing. Create fully portable test profiles and use them in your workflow to ensure stability and security. Integrate InSpec in your change lifecycle for local testing, CI/CD, and deployment verification.
+
+  Packaged distributions of Progress® Chef® products obtained from RubyGems are made available pursuant to the Progress Chef EULA at https://www.chef.io/end-user-license-agreement, unless there is an executed agreement in effect between you and Progress that covers the Progress Chef products ("Master Agreement"), in which case the Master Agreement shall govern.
+
+  Source code obtained from the Chef GitHub repository is made available under Apache-2.0, a copy of which is included.
+
 email:
 - inspec@chef.io
 executables: []
@@ -190,6 +201,8 @@ files:
 - lib/plugins/inspec-init/templates/profiles/gcp/controls/example.rb
 - lib/plugins/inspec-init/templates/profiles/gcp/inputs.yml
 - lib/plugins/inspec-init/templates/profiles/gcp/inspec.yml
+- lib/plugins/inspec-license/inspec-license.gemspec
+- lib/plugins/inspec-parallel/inspec-parallel.gemspec
 - lib/plugins/inspec-plugin-manager-cli/inspec-plugin-manager-cli.gemspec
 - lib/plugins/inspec-reporter-html2/inspec-reporter-html2.gemspec
 - lib/plugins/inspec-reporter-json-min/inspec-reporter-json-min.gemspec
@@ -198,7 +211,7 @@ files:
 - lib/plugins/inspec-streaming-reporter-progress-bar/inspec-streaming-reporter-progress-bar.gemspec
 homepage: https://github.com/inspec/inspec
 licenses:
-- Apache-2.0
+- LicenseRef-Chef-EULA
 metadata: {}
 post_install_message: 
 rdoc_options: []
@@ -208,14 +221,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.1.0
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.27
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: Infrastructure and compliance testing.