inspec_tools 2.0.2.pre5 → 2.0.2.pre6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +24 -2
- data/lib/happy_mapper_tools/cci_attributes.rb +12 -22
- data/lib/inspec_tools/inspec.rb +1 -1
- data/lib/inspec_tools_plugin.rb +1 -1
- data/lib/utilities/inspec_util.rb +9 -9
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 87b6bbd0df65db41870f46c0b67579f6678cbddcbc430e84239809f495b3438f
|
|
4
|
+
data.tar.gz: 0f89d4f3cb90827083762b1ef0ee65c5321f1ee2bee03f84588f303854111cd3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7bfe5ba90ce7a93dde6fdf48f9c0789592814ea568b3c191748882dc2630df4e52fcffebea71472615425b7f89fd4df5dd570c141ea70f6111474ffc27b86eea
|
|
7
|
+
data.tar.gz: 990e101238e1f5b9f66fd7af898386acc3e624d67e9c672189c1b1040efbe3b1774af4dab222a79596ee44872211d75cd9ea8d7101c67a15d00a69e9e750c882
|
data/CHANGELOG.md
CHANGED
|
@@ -2,7 +2,29 @@
|
|
|
2
2
|
|
|
3
3
|
## [Unreleased](https://github.com/mitre/inspec_tools/tree/HEAD)
|
|
4
4
|
|
|
5
|
-
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.
|
|
5
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.2.pre5...HEAD)
|
|
6
|
+
|
|
7
|
+
**Implemented enhancements:**
|
|
8
|
+
|
|
9
|
+
- Remove tag with NIST revision [\#139](https://github.com/mitre/inspec_tools/issues/139)
|
|
10
|
+
|
|
11
|
+
**Fixed bugs:**
|
|
12
|
+
|
|
13
|
+
- CCE- data seems to be coming into the CCI references in some XCCDF files [\#151](https://github.com/mitre/inspec_tools/issues/151)
|
|
14
|
+
- small fix to resolve issues with CCE data in the XCCDF [\#156](https://github.com/mitre/inspec_tools/pull/156) ([aaronlippold](https://github.com/aaronlippold))
|
|
15
|
+
|
|
16
|
+
**Closed issues:**
|
|
17
|
+
|
|
18
|
+
- update inspec2ckl schema to the newest CKL Schema in the stig viewer 2.10 [\#149](https://github.com/mitre/inspec_tools/issues/149)
|
|
19
|
+
- Categorize all errors the same [\#145](https://github.com/mitre/inspec_tools/issues/145)
|
|
20
|
+
|
|
21
|
+
**Merged pull requests:**
|
|
22
|
+
|
|
23
|
+
- Apply fixes from CodeFactor [\#153](https://github.com/mitre/inspec_tools/pull/153) ([aaronlippold](https://github.com/aaronlippold))
|
|
24
|
+
|
|
25
|
+
## [v2.0.2.pre5](https://github.com/mitre/inspec_tools/tree/v2.0.2.pre5) (2020-04-15)
|
|
26
|
+
|
|
27
|
+
[Full Changelog](https://github.com/mitre/inspec_tools/compare/v2.0.1.pre4...v2.0.2.pre5)
|
|
6
28
|
|
|
7
29
|
**Implemented enhancements:**
|
|
8
30
|
|
|
@@ -430,6 +452,7 @@
|
|
|
430
452
|
|
|
431
453
|
- Updated rake version [\#69](https://github.com/mitre/inspec_tools/pull/69) ([robthew](https://github.com/robthew))
|
|
432
454
|
- Add in 'inspec' and 'fileutils' require statements [\#65](https://github.com/mitre/inspec_tools/pull/65) ([samcornwell](https://github.com/samcornwell))
|
|
455
|
+
- Metadata docs and tools [\#55](https://github.com/mitre/inspec_tools/pull/55) ([samcornwell](https://github.com/samcornwell))
|
|
433
456
|
|
|
434
457
|
## [v1.4.1](https://github.com/mitre/inspec_tools/tree/v1.4.1) (2019-06-20)
|
|
435
458
|
|
|
@@ -472,7 +495,6 @@
|
|
|
472
495
|
|
|
473
496
|
**Merged pull requests:**
|
|
474
497
|
|
|
475
|
-
- Metadata docs and tools [\#55](https://github.com/mitre/inspec_tools/pull/55) ([samcornwell](https://github.com/samcornwell))
|
|
476
498
|
- Fix bugs introduced by \#51 \(STIGViewer PR\) [\#52](https://github.com/mitre/inspec_tools/pull/52) ([samcornwell](https://github.com/samcornwell))
|
|
477
499
|
- Enhancements to meet working with STIGViewer as well as tracking some custom metadata when converting from xccdf2inspec and inspec2ckl [\#51](https://github.com/mitre/inspec_tools/pull/51) ([kevin-j-smith](https://github.com/kevin-j-smith))
|
|
478
500
|
- Add modules summary, compliance [\#45](https://github.com/mitre/inspec_tools/pull/45) ([rx294](https://github.com/rx294))
|
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
require 'happymapper'
|
|
4
4
|
require 'nokogiri'
|
|
5
5
|
|
|
6
|
-
# rubocop:
|
|
6
|
+
# rubocop:disable Naming/ClassAndModuleCamelCase
|
|
7
7
|
|
|
8
8
|
module HappyMapperTools
|
|
9
9
|
module CCIAttributes
|
|
@@ -18,13 +18,6 @@ module HappyMapperTools
|
|
|
18
18
|
attribute :index, String, tag: 'index'
|
|
19
19
|
end
|
|
20
20
|
|
|
21
|
-
class References
|
|
22
|
-
include HappyMapper
|
|
23
|
-
tag 'references'
|
|
24
|
-
|
|
25
|
-
has_many :references, Reference, tag: 'reference'
|
|
26
|
-
end
|
|
27
|
-
|
|
28
21
|
class CCI_Item
|
|
29
22
|
include HappyMapper
|
|
30
23
|
tag 'cci_item'
|
|
@@ -35,14 +28,7 @@ module HappyMapperTools
|
|
|
35
28
|
element :contributor, String, tag: 'contributor'
|
|
36
29
|
element :definition, String, tag: 'definition'
|
|
37
30
|
element :type, String, tag: 'type'
|
|
38
|
-
|
|
39
|
-
end
|
|
40
|
-
|
|
41
|
-
class CCI_Items
|
|
42
|
-
include HappyMapper
|
|
43
|
-
tag 'cci_items'
|
|
44
|
-
|
|
45
|
-
has_many :cci_item, CCI_Item, tag: 'cci_item'
|
|
31
|
+
has_many :references, Reference, xpath: 'xmlns:references'
|
|
46
32
|
end
|
|
47
33
|
|
|
48
34
|
class Metadata
|
|
@@ -60,17 +46,21 @@ module HappyMapperTools
|
|
|
60
46
|
attribute :xsi, String, tag: 'xsi', namespace: 'xmlns'
|
|
61
47
|
attribute :schemaLocation, String, tag: 'schemaLocation', namespace: 'xmlns'
|
|
62
48
|
has_one :metadata, Metadata, tag: 'metadata'
|
|
63
|
-
has_many :cci_items,
|
|
49
|
+
has_many :cci_items, CCI_Item, xpath: 'xmlns:cci_items'
|
|
64
50
|
|
|
65
51
|
def fetch_nists(ccis)
|
|
66
52
|
ccis = [ccis] unless ccis.is_a?(Array)
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
53
|
+
|
|
54
|
+
# some of the XCCDF files were having CCE- tags show up which
|
|
55
|
+
# we don't support, not sure if this is a typo on their part or
|
|
56
|
+
# we need to see about supporting CCE tags but ... for now
|
|
57
|
+
filtered_ccis = ccis.select { |f| /CCI-/.match(f) }
|
|
58
|
+
filtered_ccis.map do |cci|
|
|
59
|
+
cci_items.find { |item| item.id == cci }.references.max_by(&:version).index
|
|
71
60
|
end
|
|
72
|
-
nists << ('Rev_' + nist_ver)
|
|
73
61
|
end
|
|
74
62
|
end
|
|
75
63
|
end
|
|
76
64
|
end
|
|
65
|
+
|
|
66
|
+
# rubocop:enable Naming/ClassAndModuleCamelCase
|
data/lib/inspec_tools/inspec.rb
CHANGED
|
@@ -84,7 +84,7 @@ module InspecTools
|
|
|
84
84
|
inspec_json['controls'].each do |json_control|
|
|
85
85
|
control = []
|
|
86
86
|
headers.each do |key, _|
|
|
87
|
-
control.push(json_control[key] || json_control['tags'][key] ||
|
|
87
|
+
control.push(json_control[key] || json_control['tags'][key] || json_control['results']&.collect { |result| result[key] }&.join(",\n") || nil)
|
|
88
88
|
end
|
|
89
89
|
data.push(control)
|
|
90
90
|
end
|
data/lib/inspec_tools_plugin.rb
CHANGED
|
@@ -24,11 +24,11 @@ module Utils
|
|
|
24
24
|
DATA_NOT_FOUND_MESSAGE = 'N/A'.freeze
|
|
25
25
|
WIDTH = 80
|
|
26
26
|
IMPACT_SCORES = {
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
27
|
+
'none' => 0.0,
|
|
28
|
+
'low' => 0.1,
|
|
29
|
+
'medium' => 0.4,
|
|
30
|
+
'high' => 0.7,
|
|
31
|
+
'critical' => 0.9
|
|
32
32
|
}.freeze
|
|
33
33
|
|
|
34
34
|
def self.parse_data_for_xccdf(json)
|
|
@@ -197,7 +197,7 @@ module Utils
|
|
|
197
197
|
|
|
198
198
|
private_class_method def self.float_to_impact(severity)
|
|
199
199
|
raise SeverityInputError, "'#{severity}' is not a valid severity value. It should be a Float between 0.0 and " \
|
|
200
|
-
'1.0 or one of the approved keywords.' unless severity.between?(0,1)
|
|
200
|
+
'1.0 or one of the approved keywords.' unless severity.between?(0, 1)
|
|
201
201
|
|
|
202
202
|
if severity <= 0.01
|
|
203
203
|
0.0 # Informative
|
|
@@ -233,7 +233,7 @@ module Utils
|
|
|
233
233
|
return if impact.nil?
|
|
234
234
|
|
|
235
235
|
value = impact.to_f
|
|
236
|
-
unless value.between?(0,1)
|
|
236
|
+
unless value.between?(0, 1)
|
|
237
237
|
raise ImpactInputError, "'#{value}' is not a valid impact score. Valid impact scores: [0.0 - 1.0]."
|
|
238
238
|
end
|
|
239
239
|
|
|
@@ -277,9 +277,9 @@ module Utils
|
|
|
277
277
|
control.title = json_control['title']
|
|
278
278
|
control.impact = get_impact(json_control['impact'])
|
|
279
279
|
|
|
280
|
-
#json_control['tags'].each do |tag|
|
|
280
|
+
# json_control['tags'].each do |tag|
|
|
281
281
|
# control.add_tag(Inspec::Object::Tag.new(tag.key, tag.value)
|
|
282
|
-
#end
|
|
282
|
+
# end
|
|
283
283
|
|
|
284
284
|
control.add_tag(::Inspec::Object::Tag.new('severity', json_control['tags']['severity']))
|
|
285
285
|
control.add_tag(::Inspec::Object::Tag.new('gtitle', json_control['tags']['gtitle']))
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: inspec_tools
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.2.
|
|
4
|
+
version: 2.0.2.pre6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Robert Thew
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: exe
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2020-04-
|
|
14
|
+
date: 2020-04-28 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: colorize
|