inspec 4.7.3 → 4.7.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 92f16a5a5997ab82b670f6aad951d3cfdce80bbe74e6454c7495fca62621267c
-  data.tar.gz: 2e8a866d55ad0ac9710725e4f19667b2a53df7c6b7ddaf814a5a117a2e5314f2
+  metadata.gz: d453fd4901acccda0f5a0e8de3fc2bc430ed23e4577d239bc33b49823df00c3e
+  data.tar.gz: 8dd4196875d5f02b501517df0b8316e05b9e7e2b1ee59ffb30aa59a68edd7c4e
 SHA512:
-  metadata.gz: 3394cc65c1f7b4901ebd99172e082b6e241c44a8cadb2b23eafd87411ab091073d2bcedb811f796272c4828422dca67adae1162814912bbebd408e93377472b9
-  data.tar.gz: 1fb91443861897468c24a5a83d4135387c869f8fb8e8f16c7c8307a5971452101fce2a0e5fa21357c68a32a9c614c7c19448e3c1a55d83662676878d8ca47755
+  metadata.gz: 4492befd82753e4fd2134c01c67a4e867703634ff41d708cf13d23cc8b11c6740f88129af56aa7a1b0c926fe890bf8cc00ef07e2bc8fe0b94eeee82a9dff9cf9
+  data.tar.gz: b8c87a88dd89f526d001de7eb0d71224e0166192d2854793b30de72bf23187ac3118840c76211fb74027f607a28a7d7e98b4da9927977b21bc8efec6b92d7150

data/inspec.gemspec

@@ -18,7 +18,7 @@ Gem::Specification.new do |spec|
   ).reject { |f| File.directory?(f) }
 
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-                           .reject { |f| File.directory?(f) || f =~ %r{lib/plugins/.*/test/} }
+    .reject { |f| File.directory?(f) || f =~ %r{lib/plugins/.*/test/} }
   spec.require_paths = ["lib"]
 
   spec.required_ruby_version = ">= 2.4"

data/lib/bundles/inspec-supermarket/api.rb

@@ -35,10 +35,11 @@ module Supermarket
     def self.info(profile, supermarket_url = SUPERMARKET_URL)
       _tool_owner, tool_name = profile_name("supermarket://#{profile}")
       return if tool_name.nil? || tool_name.empty?
+
       # Tool name in Supermarket URL is downcased so we need to downcase
       url = "#{supermarket_url}/api/v1/tools/#{tool_name.downcase}"
       _success, data = get(url, {})
-      JSON.parse(data) if !data.nil?
+      JSON.parse(data) unless data.nil?
     rescue JSON::ParserError
       nil
     end

data/lib/bundles/inspec-supermarket/cli.rb

@@ -20,7 +20,7 @@ module Supermarket
 
       headline("Available profiles:")
       supermarket_profiles.each do |p|
-        li("#{p['tool_name']} #{mark_text(p['tool_owner'] + '/' + p['slug'])}")
+        li("#{p["tool_name"]} #{mark_text(p["tool_owner"] + "/" + p["slug"])}")
       end
     end
 
@@ -48,7 +48,7 @@ module Supermarket
       # check that the profile is available
       supermarket_profiles = Supermarket::API.profiles
       found = supermarket_profiles.select do |p|
-        profile == "#{p['tool_owner']}/#{p['slug']}"
+        profile == "#{p["tool_owner"]}/#{p["slug"]}"
       end
 
       if found.empty?
@@ -58,11 +58,11 @@ module Supermarket
 
       # load details for the specific profile
       info = Supermarket::API.info(profile)
-      puts "#{mark_text('name: ')}  #{info['slug']}"
-      puts "#{mark_text('owner:')}  #{info['owner']}"
-      puts "#{mark_text('url:  ')}  #{info['source_url']}"
+      puts "#{mark_text("name: ")}  #{info["slug"]}"
+      puts "#{mark_text("owner:")}  #{info["owner"]}"
+      puts "#{mark_text("url:  ")}  #{info["source_url"]}"
       puts
-      puts "#{mark_text('description:  ')} #{info['description']}"
+      puts "#{mark_text("description:  ")} #{info["description"]}"
     end
   end
 

data/lib/bundles/inspec-supermarket/target.rb

@@ -17,6 +17,7 @@ module Supermarket
                                             end
       return nil unless supermarket_uri
       return nil unless Supermarket::API.exist?(supermarket_uri, supermarket_server)
+
       tool_info = Supermarket::API.find(supermarket_uri, supermarket_server)
       resolve_next(tool_info["tool_source_url"], opts)
     rescue URI::Error

data/lib/fetchers/git.rb

@@ -89,10 +89,12 @@ module Fetchers
       command_string = "git ls-remote \"#{@remote_url}\" \"#{ref_name}*\""
       cmd = shellout(command_string)
       raise "Error running '#{command_string}': #{cmd.stderr}" unless cmd.exitstatus == 0
+
       ref = parse_ls_remote(cmd.stdout, ref_name)
-      if !ref
+      unless ref
         raise "Unable to resolve #{ref_name} to a specific git commit for #{@remote_url}"
       end
+
       ref
     end
 

data/lib/fetchers/mock.rb

@@ -7,6 +7,7 @@ module Fetchers
 
     def self.resolve(target)
       return nil unless target.is_a? Hash
+
       new(target)
     end
 

data/lib/fetchers/url.rb

@@ -29,6 +29,7 @@ module Fetchers
       uri = URI.parse(target)
       return nil if uri.nil? || uri.scheme.nil?
       return nil unless %{ http https }.include? uri.scheme
+
       target = transform(target)
       opts[:username] = username if username
       opts[:password] = password if password
@@ -121,6 +122,7 @@ module Fetchers
 
     def parse_uri(target)
       return URI.parse(target) if target.is_a?(String)
+
       URI.parse(target[:url])
     end
 
@@ -150,7 +152,7 @@ module Fetchers
     end
 
     def download_automate2_archive_to_temp
-      return @temp_archive_path if !@temp_archive_path.nil?
+      return @temp_archive_path unless @temp_archive_path.nil?
 
       Inspec::Log.debug("Fetching URL: #{@target}")
       json = {
@@ -189,7 +191,8 @@ module Fetchers
 
     # Downloads archive to temporary file with side effect :( of setting @archive_type
     def download_archive_to_temp
-      return @temp_archive_path if !@temp_archive_path.nil?
+      return @temp_archive_path unless @temp_archive_path.nil?
+
       Inspec::Log.debug("Fetching URL: #{@target}")
       remote = open_via_uri(@target)
       @archive_type = file_type_from_remote(remote) # side effect :(
@@ -262,7 +265,7 @@ module Fetchers
       end
       unless keys_missing_values.empty?
         raise "Unable to fetch profile - the following HTTP headers have no value: " \
-          "#{keys_missing_values.join(', ')}"
+          "#{keys_missing_values.join(", ")}"
       end
     end
   end

data/lib/inspec/backend.rb

@@ -22,6 +22,7 @@ module Inspec
       # the Ruby stdlib for a better experience.
       def local_transport?
         return false unless defined?(Train::Transports::Local)
+
         backend.is_a?(Train::Transports::Local::Connection)
       end
 

data/lib/inspec/base_cli.rb

@@ -10,9 +10,11 @@ require "inspec/utils/deprecation/global_method"
 class Thor::Arguments
   def parse_array(_name)
     return shift if peek.is_a?(Array)
+
     array = []
     while current_is_value?
       break unless @parsing_options
+
       array << shift
     end
     array
@@ -157,7 +159,7 @@ module Inspec
         next if data.nil?
 
         data = "\e[1m\e[#{color}m#{data}\e[0m"
-        str << format("#{' ' * indent}%-10s %s\n", item.to_s.capitalize + ":", data)
+        str << format("#{" " * indent}%-10s %s\n", item.to_s.capitalize + ":", data)
       end
       str
     end
@@ -218,6 +220,7 @@ module Inspec
 
     def suppress_log_output?(opts)
       return false if opts["reporter"].nil?
+
       match = %w{json json-min json-rspec json-automate junit html yaml documentation progress} & opts["reporter"].keys
       unless match.empty?
         match.each do |m|

data/lib/inspec/cli.rb

@@ -124,7 +124,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     else
       %w{location profile controls timestamp valid}.each do |item|
         puts format("%-12s %s", item.to_s.capitalize + ":",
-                    mark_text(result[:summary][item.to_sym]))
+          mark_text(result[:summary][item.to_sym]))
       end
       puts
 
@@ -148,8 +148,8 @@ class Inspec::InspecCLI < Inspec::BaseCLI
 
         puts
         puts format("Summary:     %s%d errors%s, %s%d warnings%s",
-                    red, result[:errors].length, rst,
-                    yellow, result[:warnings].length, rst)
+          red, result[:errors].length, rst,
+          yellow, result[:warnings].length, rst)
       end
     end
     exit 1 unless result[:summary][:valid]
@@ -375,7 +375,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     puts Inspec::Schema.json(name)
   rescue StandardError => e
     puts e
-    puts "Valid schemas are #{Inspec::Schema.names.join(', ')}"
+    puts "Valid schemas are #{Inspec::Schema.names.join(", ")}"
   end
 
   desc "version", "prints the version of this tool"
@@ -410,6 +410,7 @@ class Inspec::InspecCLI < Inspec::BaseCLI
     runner.load
 
     return :ruby_eval, res if runner.all_rules.empty?
+
     return :rspec_run, runner.run_tests # rubocop:disable Style/RedundantReturn
   end
 end

data/lib/inspec/config.rb

@@ -60,6 +60,7 @@ module Inspec
 
     def diagnose
       return unless self[:diagnose]
+
       puts "InSpec version: #{Inspec::VERSION}"
       puts "Train version: #{Train::VERSION}"
       puts "Command line configuration:"
@@ -159,6 +160,7 @@ module Inspec
       unless transport_name
         raise ArgumentError, "Could not recognize a backend from the target #{final_options[:target]} - use a URI format with the backend name as the URI schema.  Example: 'ssh://somehost.com' or 'transport://credset' or 'transport://' if credentials are provided outside of InSpec."
       end
+
       credentials[:backend] = transport_name.to_s # these are indeed stored in Train as Strings.
     end
 
@@ -185,6 +187,7 @@ module Inspec
 
     def _utc_find_credset_name(_credentials, transport_name)
       return nil unless final_options[:target]
+
       match = final_options[:target].match(%r{^#{transport_name}://(?<credset_name>[\w\d\-]+)$})
       match ? match[:credset_name] : nil
     end
@@ -196,6 +199,7 @@ module Inspec
     # Regardless of our situation, end up with a readable IO object
     def resolve_cfg_io(cli_opts, cfg_io)
       raise(ArgumentError, "Inspec::Config must use an IO to read from") if cfg_io && !cfg_io.respond_to?(:read)
+
       cfg_io ||= check_for_piped_config(cli_opts)
       return cfg_io if cfg_io
 
@@ -211,6 +215,7 @@ module Inspec
 
       return nil unless cli_opt
       return nil unless cli_opt == "-"
+
       # This warning is here so that if a user invokes inspec with --config=-,
       # they will have an explanation for why it appears to hang.
       Inspec::Log.warn "Reading JSON config from standard input" if STDIN.tty?
@@ -287,13 +292,14 @@ module Inspec
       valid_fields = %w{version cli_options credentials compliance reporter}.sort
       @cfg_file_contents.keys.each do |seen_field|
         unless valid_fields.include?(seen_field)
-          raise Inspec::ConfigError::Invalid, "Unrecognized top-level configuration field #{seen_field}.  Recognized fields: #{valid_fields.join(', ')}"
+          raise Inspec::ConfigError::Invalid, "Unrecognized top-level configuration field #{seen_field}.  Recognized fields: #{valid_fields.join(", ")}"
         end
       end
     end
 
     def validate_reporters!(reporters)
       return if reporters.nil?
+
       # TODO: move this into a reporter plugin type system
       valid_types = %w{
         automate
@@ -313,6 +319,7 @@ module Inspec
         raise NotImplementedError, "'#{reporter_name}' is not a valid reporter type." unless valid_types.include?(reporter_name)
 
         next unless reporter_name == "automate"
+
         %w{token url}.each do |option|
           raise Inspec::ReporterError, "You must specify a automate #{option} via the config file." if reporter_config[option].nil?
         end
@@ -410,6 +417,7 @@ module Inspec
       %w{password sudo-password}.each do |option_name|
         snake_case_option_name = option_name.tr("-", "_").to_s
         next unless options[snake_case_option_name] == -1 # Thor sets -1 for missing value - see #1918
+
         raise ArgumentError, "Please provide a value for --#{option_name}. For example: --#{option_name}=hello."
       end
 

data/lib/inspec/control_eval_context.rb

@@ -216,6 +216,7 @@ module Inspec
           return if @skip_only_if_eval == true
 
           return if block.yield == true
+
           # Apply `set_skip_rule` for other rules in the same file
           profile_context_owner.rules.values.each do |r|
             sources_match = r.source_file == block.source_location[0]

data/lib/inspec/dependencies/cache.rb

@@ -49,6 +49,7 @@ module Inspec
     #
     def exists?(key)
       return false if key.nil? || key.empty?
+
       path = base_path_for(key)
       File.directory?(path) || File.exist?("#{path}.tar.gz") || File.exist?("#{path}.zip")
     end

data/lib/inspec/dependencies/dependency_set.rb

@@ -71,6 +71,7 @@ module Inspec
 
     def to_array
       return [] if @dep_list.nil?
+
       @dep_list.map do |_k, v|
         v.to_hash
       end.compact
@@ -85,6 +86,7 @@ module Inspec
     #
     def vendor(dependencies)
       return nil if dependencies.nil? || dependencies.empty?
+
       @dep_list = Resolver.resolve(dependencies, @cache, @cwd, @backend)
     end
   end

data/lib/inspec/dependencies/lockfile.rb

@@ -18,6 +18,7 @@ module Inspec
       parsed_content = YAML.load(content)
       version = parsed_content["lockfile_version"]
       raise "No lockfile_version set in #{path}!" if version.nil?
+
       validate_lockfile_version!(version.to_i)
       new(parsed_content)
     end

data/lib/inspec/dependencies/requirement.rb

@@ -21,16 +21,16 @@ module Inspec
       }
 
       new(dep[:name],
-          dep[:version],
-          config,
-          opts.merge(dep))
+        dep[:version],
+        config,
+        opts.merge(dep))
     end
 
     def self.from_lock_entry(entry, config, opts = {})
       req = new(entry[:name],
-                entry[:version_constraints],
-                config,
-                entry[:resolved_source].merge(backend: config[:backend]).merge(opts))
+        entry[:version_constraints],
+        config,
+        entry[:resolved_source].merge(backend: config[:backend]).merge(opts))
 
       locked_deps = []
       Array(entry[:dependencies]).each do |dep_entry|
@@ -86,7 +86,7 @@ module Inspec
         "version_constraints" => version_constraints,
       }
 
-      if !dependencies.empty?
+      unless dependencies.empty?
         h["dependencies"] = dependencies.map(&:to_hash)
       end
 
@@ -115,6 +115,7 @@ module Inspec
     # load the profile for the requirement
     def profile
       return @profile unless @profile.nil?
+
       opts = @opts.dup
       opts[:backend] = @backend
       opts[:runner_conf] = Inspec::Config.cached

data/lib/inspec/dependencies/resolver.rb

@@ -37,7 +37,7 @@ module Inspec
           problem_cookbook = if top_level
                                "the inspec.yml for this profile."
                              else
-                               "the dependency information for #{path_string.split(' ').last}"
+                               "the dependency information for #{path_string.split(" ").last}"
                              end
           raise Inspec::DuplicateDep, "The dependency #{dep.name} is listed twice in #{problem_cookbook}"
         else
@@ -68,13 +68,13 @@ module Inspec
 
         new_seen_items[dep.resolved_source] = true
 
-        if !dep.source_satisfies_spec?
+        unless dep.source_satisfies_spec?
           raise Inspec::UnsatisfiedVersionSpecification, "The profile #{dep.name} from #{dep.resolved_source} has a version #{dep.source_version} which doesn't match #{dep.version_constraints}"
         end
 
         Inspec::Log.debug("Adding dependency #{dep.name} (#{dep.resolved_source})")
         graph[dep.name] = dep
-        if !dep.dependencies.empty?
+        unless dep.dependencies.empty?
           resolve(dep.dependencies, false, new_seen_items.dup, new_path_string)
         end
       end

data/lib/inspec/describe.rb

@@ -12,6 +12,7 @@ module Inspec
     # @return [nil]
     def one(&block)
       return unless block_given?
+
       instance_eval(&block)
       @action.call("describe.one", @checks, nil)
     end

data/lib/inspec/dsl.rb

@@ -68,7 +68,7 @@ module Inspec::DSL
     context = dep_entry.profile.runner_context
     # if we don't want all the rules, then just make 1 pass to get all rule_IDs
     # that we want to keep from the original
-    filter_included_controls(context, dep_entry.profile, &block) if !opts[:include_all]
+    filter_included_controls(context, dep_entry.profile, &block) unless opts[:include_all]
     # interpret the block and skip/modify as required
     context.load(block) if block_given?
     bind_context.add_subcontext(context)

data/lib/inspec/dsl_shared.rb

@@ -10,7 +10,7 @@ module Inspec
 
       def require(path)
         rbpath = path + ".rb"
-        return __ruby_require(path) if !@require_loader.exists?(rbpath)
+        return __ruby_require(path) unless @require_loader.exists?(rbpath)
         return false if @require_loader.loaded?(rbpath)
 
         # This is equivalent to calling `require 'lib'` with lib on disk.

data/lib/inspec/env_printer.rb

@@ -23,8 +23,8 @@ module Inspec
     end
 
     def print_and_exit!
-      exit_no_shell if !have_shell?
-      exit_no_completion if !have_shell_completion?
+      exit_no_shell unless have_shell?
+      exit_no_completion unless have_shell_completion?
 
       print_completion_for_shell
       print_detection_warning($stdout) if @detected
@@ -77,7 +77,7 @@ module Inspec
         #
         #     inspec env SHELLNAME
         #
-        # Currently supported shells are: #{shells_with_completions.join(', ')}
+        # Currently supported shells are: #{shells_with_completions.join(", ")}
         #
       EOF
     end
@@ -98,7 +98,7 @@ module Inspec
         #
         #    inspec env SHELLNAME
         #
-        # Currently supported shells are: #{shells_with_completions.join(', ')}
+        # Currently supported shells are: #{shells_with_completions.join(", ")}
       EOF
       exit 1
     end