inspec_tools 2.0.2.pre5 → 2.0.2.pre6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +24 -2
- data/lib/happy_mapper_tools/cci_attributes.rb +12 -22
- data/lib/inspec_tools/inspec.rb +1 -1
- data/lib/inspec_tools_plugin.rb +1 -1
- data/lib/utilities/inspec_util.rb +9 -9
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87b6bbd0df65db41870f46c0b67579f6678cbddcbc430e84239809f495b3438f
|
|
4
|
+
data.tar.gz: 0f89d4f3cb90827083762b1ef0ee65c5321f1ee2bee03f84588f303854111cd3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7bfe5ba90ce7a93dde6fdf48f9c0789592814ea568b3c191748882dc2630df4e52fcffebea71472615425b7f89fd4df5dd570c141ea70f6111474ffc27b86eea
|
|
7
|
+
data.tar.gz: 990e101238e1f5b9f66fd7af898386acc3e624d67e9c672189c1b1040efbe3b1774af4dab222a79596ee44872211d75cd9ea8d7101c67a15d00a69e9e750c882
|
data/CHANGELOG.md
CHANGED
|
@@ -2,7 +2,29 @@
|
|
|
2
2
|
|
|
3
3
|
## [Unreleased](https://github.com/mitre/inspec_tools/tree/HEAD)
|
|
4
4
|
|
|
5
|
-
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.
|
|
5
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre5...HEAD)
|
|
6
|
+
|
|
7
|
+
**Implemented enhancements:**
|
|
8
|
+
|
|
9
|
+
- Remove tag with NIST revision [\#139](https://github.com/mitre/inspec_tools/issues/139)
|
|
10
|
+
|
|
11
|
+
**Fixed bugs:**
|
|
12
|
+
|
|
13
|
+
- CCE- data seems to be coming into the CCI references in some XCCDF files [\#151](https://github.com/mitre/inspec_tools/issues/151)
|
|
14
|
+
- small fix to resolve issues with CCE data in the XCCDF [\#156](https://github.com/mitre/inspec_tools/pull/156) ([aaronlippold](https://github.com/aaronlippold))
|
|
15
|
+
|
|
16
|
+
**Closed issues:**
|
|
17
|
+
|
|
18
|
+
- update inspec2ckl schema to the newest CKL Schema in the stig viewer 2.10 [\#149](https://github.com/mitre/inspec_tools/issues/149)
|
|
19
|
+
- Categorize all errors the same [\#145](https://github.com/mitre/inspec_tools/issues/145)
|
|
20
|
+
|
|
21
|
+
**Merged pull requests:**
|
|
22
|
+
|
|
23
|
+
- Apply fixes from CodeFactor [\#153](https://github.com/mitre/inspec_tools/pull/153) ([aaronlippold](https://github.com/aaronlippold))
|
|
24
|
+
|
|
25
|
+
## [v2.0.2.pre5](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre5) (2020-04-15)
|
|
26
|
+
|
|
27
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.1.pre4...v2.0.2.pre5)
|
|
6
28
|
|
|
7
29
|
**Implemented enhancements:**
|
|
8
30
|
|
|
@@ -430,6 +452,7 @@
|
|
|
430
452
|
|
|
431
453
|
- Updated rake version [\#69](https://github.com/mitre/inspec_tools/pull/69) ([robthew](https://github.com/robthew))
|
|
432
454
|
- Add in 'inspec' and 'fileutils' require statements [\#65](https://github.com/mitre/inspec_tools/pull/65) ([samcornwell](https://github.com/samcornwell))
|
|
455
|
+
- Metadata docs and tools [\#55](https://github.com/mitre/inspec_tools/pull/55) ([samcornwell](https://github.com/samcornwell))
|
|
433
456
|
|
|
434
457
|
## [v1.4.1](https://github.com/mitre/inspec_tools/tree/v1.4.1) (2019-06-20)
|
|
435
458
|
|
|
@@ -472,7 +495,6 @@
|
|
|
472
495
|
|
|
473
496
|
**Merged pull requests:**
|
|
474
497
|
|
|
475
|
-
- Metadata docs and tools [\#55](https://github.com/mitre/inspec_tools/pull/55) ([samcornwell](https://github.com/samcornwell))
|
|
476
498
|
- Fix bugs introduced by \#51 \(STIGViewer PR\) [\#52](https://github.com/mitre/inspec_tools/pull/52) ([samcornwell](https://github.com/samcornwell))
|
|
477
499
|
- Enhancements to meet working with STIGViewer as well as tracking some custom metadata when converting from xccdf2inspec and inspec2ckl [\#51](https://github.com/mitre/inspec_tools/pull/51) ([kevin-j-smith](https://github.com/kevin-j-smith))
|
|
478
500
|
- Add modules summary, compliance [\#45](https://github.com/mitre/inspec_tools/pull/45) ([rx294](https://github.com/rx294))
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
require 'happymapper'
|
|
4
4
|
require 'nokogiri'
|
|
5
5
|
|
|
6
|
-
# rubocop:
|
|
6
|
+
# rubocop:disable Naming/ClassAndModuleCamelCase
|
|
7
7
|
|
|
8
8
|
module HappyMapperTools
|
|
9
9
|
module CCIAttributes
|
|
@@ -18,13 +18,6 @@ module HappyMapperTools
|
|
|
18
18
|
attribute :index, String, tag: 'index'
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
class References
|
|
22
|
-
include HappyMapper
|
|
23
|
-
tag 'references'
|
|
24
|
-
|
|
25
|
-
has_many :references, Reference, tag: 'reference'
|
|
26
|
-
end
|
|
27
|
-
|
|
28
21
|
class CCI_Item
|
|
29
22
|
include HappyMapper
|
|
30
23
|
tag 'cci_item'
|
|
@@ -35,14 +28,7 @@ module HappyMapperTools
|
|
|
35
28
|
element :contributor, String, tag: 'contributor'
|
|
36
29
|
element :definition, String, tag: 'definition'
|
|
37
30
|
element :type, String, tag: 'type'
|
|
38
|
-
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
class CCI_Items
|
|
42
|
-
include HappyMapper
|
|
43
|
-
tag 'cci_items'
|
|
44
|
-
|
|
45
|
-
has_many :cci_item, CCI_Item, tag: 'cci_item'
|
|
31
|
+
has_many :references, Reference, xpath: 'xmlns:references'
|
|
46
32
|
end
|
|
47
33
|
|
|
48
34
|
class Metadata
|
|
@@ -60,17 +46,21 @@ module HappyMapperTools
|
|
|
60
46
|
attribute :xsi, String, tag: 'xsi', namespace: 'xmlns'
|
|
61
47
|
attribute :schemaLocation, String, tag: 'schemaLocation', namespace: 'xmlns'
|
|
62
48
|
has_one :metadata, Metadata, tag: 'metadata'
|
|
63
|
-
has_many :cci_items,
|
|
49
|
+
has_many :cci_items, CCI_Item, xpath: 'xmlns:cci_items'
|
|
64
50
|
|
|
65
51
|
def fetch_nists(ccis)
|
|
66
52
|
ccis = [ccis] unless ccis.is_a?(Array)
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
53
|
+
|
|
54
|
+
# some of the XCCDF files were having CCE- tags show up which
|
|
55
|
+
# we don't support, not sure if this is a typo on their part or
|
|
56
|
+
# we need to see about supporting CCE tags but ... for now
|
|
57
|
+
filtered_ccis = ccis.select { |f| /CCI-/.match(f) }
|
|
58
|
+
filtered_ccis.map do |cci|
|
|
59
|
+
cci_items.find { |item| item.id == cci }.references.max_by(&:version).index
|
|
71
60
|
end
|
|
72
|
-
nists << ('Rev_' + nist_ver)
|
|
73
61
|
end
|
|
74
62
|
end
|
|
75
63
|
end
|
|
76
64
|
end
|
|
65
|
+
|
|
66
|
+
# rubocop:enable Naming/ClassAndModuleCamelCase
|
data/lib/inspec_tools/inspec.rb
CHANGED
|
@@ -84,7 +84,7 @@ module InspecTools
|
|
|
84
84
|
inspec_json['controls'].each do |json_control|
|
|
85
85
|
control = []
|
|
86
86
|
headers.each do |key, _|
|
|
87
|
-
control.push(json_control[key] || json_control['tags'][key] ||
|
|
87
|
+
control.push(json_control[key] || json_control['tags'][key] || json_control['results']&.collect { |result| result[key] }&.join(",\n") || nil)
|
|
88
88
|
end
|
|
89
89
|
data.push(control)
|
|
90
90
|
end
|
data/lib/inspec_tools_plugin.rb
CHANGED
|
@@ -24,11 +24,11 @@ module Utils
|
|
|
24
24
|
DATA_NOT_FOUND_MESSAGE = 'N/A'.freeze
|
|
25
25
|
WIDTH = 80
|
|
26
26
|
IMPACT_SCORES = {
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
27
|
+
'none' => 0.0,
|
|
28
|
+
'low' => 0.1,
|
|
29
|
+
'medium' => 0.4,
|
|
30
|
+
'high' => 0.7,
|
|
31
|
+
'critical' => 0.9
|
|
32
32
|
}.freeze
|
|
33
33
|
|
|
34
34
|
def self.parse_data_for_xccdf(json)
|
|
@@ -197,7 +197,7 @@ module Utils
|
|
|
197
197
|
|
|
198
198
|
private_class_method def self.float_to_impact(severity)
|
|
199
199
|
raise SeverityInputError, "'#{severity}' is not a valid severity value. It should be a Float between 0.0 and " \
|
|
200
|
-
'1.0 or one of the approved keywords.' unless severity.between?(0,1)
|
|
200
|
+
'1.0 or one of the approved keywords.' unless severity.between?(0, 1)
|
|
201
201
|
|
|
202
202
|
if severity <= 0.01
|
|
203
203
|
0.0 # Informative
|
|
@@ -233,7 +233,7 @@ module Utils
|
|
|
233
233
|
return if impact.nil?
|
|
234
234
|
|
|
235
235
|
value = impact.to_f
|
|
236
|
-
unless value.between?(0,1)
|
|
236
|
+
unless value.between?(0, 1)
|
|
237
237
|
raise ImpactInputError, "'#{value}' is not a valid impact score. Valid impact scores: [0.0 - 1.0]."
|
|
238
238
|
end
|
|
239
239
|
|
|
@@ -277,9 +277,9 @@ module Utils
|
|
|
277
277
|
control.title = json_control['title']
|
|
278
278
|
control.impact = get_impact(json_control['impact'])
|
|
279
279
|
|
|
280
|
-
#json_control['tags'].each do |tag|
|
|
280
|
+
# json_control['tags'].each do |tag|
|
|
281
281
|
# control.add_tag(Inspec::Object::Tag.new(tag.key, tag.value)
|
|
282
|
-
#end
|
|
282
|
+
# end
|
|
283
283
|
|
|
284
284
|
control.add_tag(::Inspec::Object::Tag.new('severity', json_control['tags']['severity']))
|
|
285
285
|
control.add_tag(::Inspec::Object::Tag.new('gtitle', json_control['tags']['gtitle']))
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec_tools
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.2.
|
|
4
|
+
version: 2.0.2.pre6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Robert Thew
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: exe
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2020-04-
|
|
14
|
+
date: 2020-04-28 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: colorize
|