@mitre/hdf-converters 2.12.2 → 2.13.0

package/lib/src/fortify-mapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"fortify-mapper.js","sourceRoot":"","sources":["../../src/fortify-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAM0B;AAC1B,2CAAkD;AAElD,MAAM,mBAAmB,GACvB,gEAAgE,CAAC;AACnE,MAAM,gBAAgB,GAAa,EAAE,CAAC;AAEtC,SAAS,aAAa,CAAC,KAA8B,EAAE,EAAU;IAC/D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QACxB,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;YACrC,OAAO,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,mBAAmB,CAAC,KAAK,EAAE,CAAC;QACpD,CAAC,CAAC,CAAC;QACH,OAAO,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,2BAA2B,CAAC,CAAC,GAAG,CAAC,CAAC;KACpE;SAAM;QACL,OAAO,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,2BAA2B,CAAW,CAAC,GAAG,CAAC,CAAC;KAC5E;AACH,CAAC;AAED,SAAS,OAAO,CAAC,IAA6B;IAC5C,IAAI,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,sBAAsB,CAAC,CAAC;IACrD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QAC9B,UAAU,GAAG,CAAC,UAAU,CAAC,CAAC;KAC3B;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QAC7B,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,OAAgC,EAAE,EAAE;YAC/D,OAAO,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,mBAAmB,CAAC;QAC1D,CAAC,CAAC,CAAC;QACH,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS,EAAE;YACrC,OAAO,gBAAgB,CAAC;SACzB;aAAM;YACL,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;SAC9D;KACF;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,YAAY,CAAC,KAAc;IAClC,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC;IACzD,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;IACrD,MAAM,CAAC,IAAI,CAAC,UAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAuB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAE5E,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QACxB,OAAO,KAAkB,CAAC;KAC3B;SAAM;QACL,OAAO,CAAC,KAAK,CAAC,CAAC;KAChB;AACH,CAAC;AACD,SAAS,UAAU,CAAC,KAAgB,EAAE,IAAa;IACjD,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QACxB,IAAI,OAAO,YAAY,MAAM,EAAE;YAC7B,CAAC,CAAC,GAAG,CACH,OAAO,EACP,SAAS,EACR,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAS,CAAC,MAAM,CACvC,CAAC,MAA8B,EAAE,EAAE;gBACjC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;gBAC/D,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAC9B,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBACrC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;gBAExC,IAAI,OAAO,GAAG,KAAK,CAAC;gBACpB,MAAM,OAAO,GACX,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,oCAAoC,CACjD,CAAC,MAAM,CAAC,CAAC,UAAmC,EAAE,EAAE;oBAC/C,OAAO,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,mBAAmB,CAAC,KAAK,OAAO,CAAC;gBAC5D,CAAC,CAAC,CAAC;gBACH,OAAO,CAAC,OAAO,CAAC,CAAC,KAA8B,EAAE,EAAE;oBACjD,MAAM,MAAM,GAAc,SAAS,CACjC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,4BAA4B,CAAC,CAC3C,CAAC;oBACF,MAAM,CAAC,OAAO,CAAC,CAAC,KAAc,EAAE,EAAE;wBAChC,MAAM,OAAO,GAAc,SAAS,CAClC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,CAC9B,CAAC;wBACF,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,KAAc,EAAE,EAAE;4BACxD,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,6BAA6B,CAAC,CAAC;wBACrD,CAAC,CAAC,CAAC;wBACH,eAAe,CAAC,OAAO,CAAC,CAAC,KAAc,EAAE,EAAE;4BACzC,IACE,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,6BAA6B,CAAC,KAAK,SAAS,EACzD;gCACA,OAAO,GAAG,IAAI,CAAC;6BAChB;wBACH,CAAC,CAAC,CAAC;oBACL,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;gBACH,OAAO,OAAO,CAAC;YACjB,CAAC,CACF,CACF,CAAC;YACF,CAAC,CAAC,GAAG,CACH,OAAO,EACP,QAAQ,EACR,aAAa,CACX,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAuC,EAC9D,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAsB,CAC1C,CACF,CAAC;SACH;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;IACH,OAAO,KAA2B,CAAC;AACrC,CAAC;AAED,MAAa,aAAc,SAAQ,8BAAa;IA6F9C,YAAY,IAAY,EAAE,OAAO,GAAG,KAAK;QACvC,KAAK,CACH,IAAA,yBAAQ,EAAC,IAAI,EAAE;YACb,SAAS,EAAE,CAAC,2BAA2B,EAAE,8BAA8B,CAAC;SACzE,CAAC,CACH,CAAC;QA9FJ,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,8BAA8B;oBACpC,OAAO,EAAE,EAAC,IAAI,EAAE,+BAA+B,EAAC;oBAChD,KAAK,EAAE,8BAA8B;oBACrC,OAAO,EAAE;wBACP,IAAI,EAAE,WAAW;wBACjB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;4BACrC,OAAO,yCAAyC,IAAI,EAAE,CAAC;wBACzD,CAAC;qBACF;oBACD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,gBAAgB,EAAE,UAAU;4BAC5B,IAAI,EAAE,kBAAkB;4BACxB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,WAAW,EAAE,OAAO,EAAC;gCAC5B,GAAG,EAAE;oCACH,WAAW,EAAE,CAAC,IAA6B,EAAE,EAAE,CAC7C,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACpC;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,0BAAS,EAAC;4BACjD,EAAE,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BACrB,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,0BAAS,EAAC;4BACnD,MAAM,EAAE,EAAC,IAAI,EAAE,sCAAsC,EAAC;4BACtD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE;oCAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gCAChD,CAAC;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,IAAI,EAAE,yBAAyB;oCAC/B,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,YAAY,EAAC;oCACtC,UAAU,EAAE;wCACV,IAAI,EAAE,kBAAkB;wCACxB,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4CACtC,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;wCAC3D,CAAC;qCACF;iCACF;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,IAAI,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBAClC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE;wBACvB,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE;4BACxB,WAAW;4BACX,MAAM;4BACN,aAAa;4BACb,UAAU;yBACX,CAAC,CAAC;qBACJ;oBACD,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,SAAS;gCACf,IAAI,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;6BACtB;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAOA,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,qBAAqB,CAAC,IAAI,CAAC,CAAC,GAAG,CAClE,IAAI,CAAC,IAAI,EACT,qBAAqB,CACtB,EAAE,CAAC;QACJ,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAzGD,sCAyGC"}
+{"version":3,"file":"fortify-mapper.js","sourceRoot":"","sources":["../../src/fortify-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAM0B;AAC1B,2CAAkD;AAElD,MAAM,mBAAmB,GACvB,gEAAgE,CAAC;AACnE,MAAM,gBAAgB,GAAa,EAAE,CAAC;AAEtC,IAAI,SAAqC,CAAC;AAE1C,SAAS,aAAa,CAAC,KAA8B,EAAE,EAAU;IAC/D,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;YACrC,OAAO,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,mBAAmB,CAAC,KAAK,EAAE,CAAC;QACpD,CAAC,CAAC,CAAC;QACH,OAAO,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,2BAA2B,CAAC,CAAC,GAAG,CAAC,CAAC;IACrE,CAAC;SAAM,CAAC;QACN,OAAO,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,2BAA2B,CAAW,CAAC,GAAG,CAAC,CAAC;IAC7E,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,IAA6B;IAC5C,IAAI,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,sBAAsB,CAAC,CAAC;IACrD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC/B,UAAU,GAAG,CAAC,UAAU,CAAC,CAAC;IAC5B,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,OAAgC,EAAE,EAAE;YAC/D,OAAO,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,KAAK,mBAAmB,CAAC;QAC1D,CAAC,CAAC,CAAC;QACH,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtC,OAAO,gBAAgB,CAAC;QAC1B,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,YAAY,CAAC,KAAc;IAClC,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;IAC9C,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;IACjD,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,IAAI,CAAC,CAAC;IACzD,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;IACrD,MAAM,CAAC,IAAI,CAAC,UAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAuB,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IAE5E,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAkB,CAAC;IAC5B,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AACD,SAAS,UAAU,CAAC,KAAgB,EAAE,IAAa;IACjD,KAAK,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QACxB,IAAI,OAAO,YAAY,MAAM,EAAE,CAAC;YAC9B,CAAC,CAAC,GAAG,CACH,OAAO,EACP,SAAS,EACR,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAS,CAAC,MAAM,CACvC,CAAC,MAA8B,EAAE,EAAE;gBACjC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;gBAC/D,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;gBAC9B,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;gBACrC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;gBAExC,IAAI,OAAO,GAAG,KAAK,CAAC;gBACpB,MAAM,OAAO,GACX,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,oCAAoC,CACjD,CAAC,MAAM,CAAC,CAAC,UAAmC,EAAE,EAAE;oBAC/C,OAAO,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,mBAAmB,CAAC,KAAK,OAAO,CAAC;gBAC5D,CAAC,CAAC,CAAC;gBACH,OAAO,CAAC,OAAO,CAAC,CAAC,KAA8B,EAAE,EAAE;oBACjD,MAAM,MAAM,GAAc,SAAS,CACjC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,4BAA4B,CAAC,CAC3C,CAAC;oBACF,MAAM,CAAC,OAAO,CAAC,CAAC,KAAc,EAAE,EAAE;wBAChC,MAAM,OAAO,GAAc,SAAS,CAClC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,CAC9B,CAAC;wBACF,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,KAAc,EAAE,EAAE;4BACxD,OAAO,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,6BAA6B,CAAC,CAAC;wBACrD,CAAC,CAAC,CAAC;wBACH,eAAe,CAAC,OAAO,CAAC,CAAC,KAAc,EAAE,EAAE;4BACzC,IACE,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,6BAA6B,CAAC,KAAK,SAAS,EACzD,CAAC;gCACD,OAAO,GAAG,IAAI,CAAC;4BACjB,CAAC;wBACH,CAAC,CAAC,CAAC;oBACL,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;gBACH,OAAO,OAAO,CAAC;YACjB,CAAC,CACF,CACF,CAAC;YACF,CAAC,CAAC,GAAG,CACH,OAAO,EACP,QAAQ,EACR,aAAa,CACX,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAuC,EAC9D,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAsB,CAC1C,CACF,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;IACH,OAAO,KAA2B,CAAC;AACrC,CAAC;AAED,MAAa,cAAc;IACJ;IAAuB;IAA5C,YAAqB,IAAY,EAAW,UAAU,KAAK;QAAtC,SAAI,GAAJ,IAAI,CAAQ;QAAW,YAAO,GAAP,OAAO,CAAQ;IAAG,CAAC;IAE/D,KAAK,CAAC,KAAK;QACT,SAAS,GAAG,MAAM,IAAA,mCAAkB,GAAE,CAAC;QAEvC,OAAO,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC;IAC9D,CAAC;CACF;AARD,wCAQC;AAED,MAAa,aAAc,SAAQ,8BAAa;IAC9C,SAAS,CAAS;IAClB,OAAO,CAAU;IAEjB,QAAQ,GAGJ;QACF,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;SAC9B;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE,EAAE;QACd,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,8BAA8B;gBACpC,OAAO,EAAE,EAAC,IAAI,EAAE,+BAA+B,EAAC;gBAChD,KAAK,EAAE,8BAA8B;gBACrC,OAAO,EAAE;oBACP,IAAI,EAAE,WAAW;oBACjB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;wBACrC,OAAO,yCAAyC,IAAI,EAAE,CAAC;oBACzD,CAAC;iBACF;gBACD,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,gBAAgB,EAAE,UAAU;wBAC5B,IAAI,EAAE,kBAAkB;wBACxB,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE;4BACJ,IAAI,EAAE,EAAC,WAAW,EAAE,OAAO,EAAC;4BAC5B,GAAG,EAAE;gCACH,WAAW,EAAE,CAAC,IAA6B,EAAE,EAAE,CAC7C,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;6BACpC;yBACF;wBACD,IAAI,EAAE,EAAE;wBACR,eAAe,EAAE,EAAE;wBACnB,KAAK,EAAE,EAAC,IAAI,EAAE,UAAU,EAAE,WAAW,EAAE,SAAS,EAAC,EAAE,wDAAwD;wBAC3G,EAAE,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;wBACrB,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS,EAAC;wBACnD,MAAM,EAAE,EAAC,IAAI,EAAE,sCAAsC,EAAC;wBACtD,IAAI,EAAE;4BACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE;gCAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;4BAChD,CAAC;yBACF;wBACD,OAAO,EAAE;4BACP;gCACE,IAAI,EAAE,yBAAyB;gCAC/B,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;gCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,YAAY,EAAC;gCACtC,UAAU,EAAE;oCACV,IAAI,EAAE,kBAAkB;oCACxB,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;wCACtC,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;oCAC3D,CAAC;iCACF;6BACF;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;QACD,WAAW,EAAE;YACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;gBACtE,IAAI,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;gBAClC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBACxB,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE;wBACxB,WAAW;wBACX,MAAM;wBACN,aAAa;wBACb,UAAU;qBACX,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO;oBACL,cAAc,EAAE;wBACd;4BACE,IAAI,EAAE,SAAS;4BACf,IAAI,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;yBACtB;qBACF;oBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;iBACjC,CAAC;YACJ,CAAC;SACF;KACF,CAAC;IACF,YAAY,IAAY,EAAE,OAAO,GAAG,KAAK;QACvC,KAAK,CACH,IAAA,yBAAQ,EAAC,IAAI,EAAE;YACb,SAAS,EAAE,CAAC,2BAA2B,EAAE,8BAA8B,CAAC;SACzE,CAAC,CACH,CAAC;QACF,IAAI,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,qBAAqB,CAAC,IAAI,CAAC,CAAC,GAAG,CAClE,IAAI,CAAC,IAAI,EACT,qBAAqB,CACtB,EAAE,CAAC;QACJ,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAzGD,sCAyGC","sourcesContent":["import {ExecJSON} from 'inspecjs';\nimport * as _ from 'lodash';\nimport {version as HeimdallToolsVersion} from '../package.json';\nimport {\n  BaseConverter,\n  ILookupPath,\n  MappedTransform,\n  buildParseHtmlFunc,\n  parseXml\n} from './base-converter';\nimport {getCCIsForNISTTags} from './utils/global';\n\nconst NIST_REFERENCE_NAME =\n  'Standards Mapping - NIST Special Publication 800-53 Revision 4';\nconst DEFAULT_NIST_TAG: string[] = [];\n\nlet parseHtml: (input: unknown) => string;\n\nfunction impactMapping(input: Record<string, unknown>, id: string): number {\n  if (Array.isArray(input)) {\n    const matches = input.find((element) => {\n      return _.get(element, 'ClassInfo.ClassID') === id;\n    });\n    return parseFloat(_.get(matches, 'ClassInfo.DefaultSeverity')) / 5;\n  } else {\n    return parseFloat(_.get(input, 'ClassInfo.DefaultSeverity') as string) / 5;\n  }\n}\n\nfunction nistTag(rule: Record<string, unknown>): string[] {\n  let references = _.get(rule, 'References.Reference');\n  if (!Array.isArray(references)) {\n    references = [references];\n  }\n  if (Array.isArray(references)) {\n    const tag = references.find((element: Record<string, unknown>) => {\n      return _.get(element, 'Author') === NIST_REFERENCE_NAME;\n    });\n    if (tag === null || tag === undefined) {\n      return DEFAULT_NIST_TAG;\n    } else {\n      return _.get(tag, 'Title').match(/[a-zA-Z][a-zA-Z]-\\d{1,2}/);\n    }\n  }\n  return [];\n}\n\nfunction processEntry(input: unknown): string {\n  const output = [];\n  output.push(`${_.get(input, 'id')}<=SNIPPET`);\n  output.push(`\\nPath: ${_.get(input, 'File')}\\n`);\n  output.push(`StartLine: ${_.get(input, 'StartLine')}, `);\n  output.push(`EndLine: ${_.get(input, 'EndLine')}\\n`);\n  output.push(`Code:\\n${(_.get(input, 'Text') as unknown as string).trim()}`);\n\n  return output.join('');\n}\nfunction makeArray(input: unknown): unknown[] {\n  if (Array.isArray(input)) {\n    return input as unknown[];\n  } else {\n    return [input];\n  }\n}\nfunction filterVuln(input: unknown[], file: unknown): ExecJSON.Control[] {\n  input.forEach((element) => {\n    if (element instanceof Object) {\n      _.set(\n        element,\n        'results',\n        (_.get(element, 'results') as any).filter(\n          (result: ExecJSON.ControlResult) => {\n            const codedesc = _.get(result, 'code_desc').split('<=SNIPPET');\n            const snippetid = codedesc[0];\n            const classid = _.get(element, 'id');\n            _.set(result, 'code_desc', codedesc[1]);\n\n            let isMatch = false;\n            const matches = (\n              _.get(file, 'FVDL.Vulnerabilities.Vulnerability') as any\n            ).filter((subElement: Record<string, unknown>) => {\n              return _.get(subElement, 'ClassInfo.ClassID') === classid;\n            });\n            matches.forEach((match: Record<string, unknown>) => {\n              const traces: unknown[] = makeArray(\n                _.get(match, 'AnalysisInfo.Unified.Trace')\n              );\n              traces.forEach((trace: unknown) => {\n                const entries: unknown[] = makeArray(\n                  _.get(trace, 'Primary.Entry')\n                );\n                const filteredEntries = entries.filter((entry: unknown) => {\n                  return _.has(entry, 'Node.SourceLocation.snippet');\n                });\n                filteredEntries.forEach((entry: unknown) => {\n                  if (\n                    _.get(entry, 'Node.SourceLocation.snippet') === snippetid\n                  ) {\n                    isMatch = true;\n                  }\n                });\n              });\n            });\n            return isMatch;\n          }\n        )\n      );\n      _.set(\n        element,\n        'impact',\n        impactMapping(\n          _.get(element, 'impact') as unknown as Record<string, unknown>,\n          _.get(element, 'id') as unknown as string\n        )\n      );\n    }\n    return element;\n  });\n  return input as ExecJSON.Control[];\n}\n\nexport class FortifyResults {\n  constructor(readonly fvdl: string, readonly withRaw = false) {}\n\n  async toHdf(): Promise<ExecJSON.Execution> {\n    parseHtml = await buildParseHtmlFunc();\n\n    return (new FortifyMapper(this.fvdl, this.withRaw)).toHdf();\n  }\n}\n\nexport class FortifyMapper extends BaseConverter {\n  startTime: string;\n  withRaw: boolean;\n\n  mappings: MappedTransform<\n    ExecJSON.Execution & {passthrough: unknown},\n    ILookupPath\n  > = {\n    platform: {\n      name: 'Heimdall Tools',\n      release: HeimdallToolsVersion\n    },\n    version: HeimdallToolsVersion,\n    statistics: {},\n    profiles: [\n      {\n        name: 'Fortify Static Analyzer Scan',\n        version: {path: 'FVDL.EngineData.EngineVersion'},\n        title: 'Fortify Static Analyzer Scan',\n        summary: {\n          path: 'FVDL.UUID',\n          transformer: (uuid: unknown): string => {\n            return `Fortify Static Analyzer Scan of UUID: ${uuid}`;\n          }\n        },\n        supports: [],\n        attributes: [],\n        groups: [],\n        status: 'loaded',\n        controls: [\n          {\n            arrayTransformer: filterVuln,\n            path: 'FVDL.Description',\n            key: 'id',\n            tags: {\n              nist: {transformer: nistTag},\n              cci: {\n                transformer: (data: Record<string, unknown>) =>\n                  getCCIsForNISTTags(nistTag(data))\n              }\n            },\n            refs: [],\n            source_location: {},\n            title: {path: 'Abstract', transformer: parseHtml}, // there are embedded nodes that do not show up properly\n            id: {path: 'classID'},\n            desc: {path: 'Explanation', transformer: parseHtml},\n            impact: {path: '$.FVDL.Vulnerabilities.Vulnerability'},\n            code: {\n              transformer: (vulnerability: Record<string, unknown>): string => {\n                return JSON.stringify(vulnerability, null, 2);\n              }\n            },\n            results: [\n              {\n                path: '$.FVDL.Snippets.Snippet',\n                status: ExecJSON.ControlResultStatus.Failed,\n                code_desc: {transformer: processEntry},\n                start_time: {\n                  path: '$.FVDL.CreatedTS',\n                  transformer: (input: unknown): string => {\n                    return `${_.get(input, 'date')} ${_.get(input, 'time')}`;\n                  }\n                }\n              }\n            ]\n          }\n        ],\n        sha256: ''\n      }\n    ],\n    passthrough: {\n      transformer: (data: Record<string, unknown>): Record<string, unknown> => {\n        let auxData = _.get(data, 'FVDL');\n        if (_.isObject(auxData)) {\n          auxData = _.omit(auxData, [\n            'CreatedTS',\n            'UUID',\n            'Description',\n            'Snippets'\n          ]);\n        }\n        return {\n          auxiliary_data: [\n            {\n              name: 'Fortify',\n              data: {FVDL: auxData}\n            }\n          ],\n          ...(this.withRaw && {raw: data})\n        };\n      }\n    }\n  };\n  constructor(fvdl: string, withRaw = false) {\n    super(\n      parseXml(fvdl, {\n        stopNodes: ['FVDL.Description.Abstract', 'FVDL.Description.Explanation']\n      })\n    );\n    this.startTime = `${_.get(this.data, 'FVDL.CreatedTS.date')} ${_.get(\n      this.data,\n      'FVDL.CreatedTS.time'\n    )}`;\n    this.withRaw = withRaw;\n  }\n}\n"]}

package/lib/src/gosec-mapper.d.ts

@@ -7,3 +7,4 @@ export declare class GosecMapper extends BaseConverter {
     }, ILookupPath>;
     constructor(gosecJson: string, withRaw?: boolean);
 }
+//# sourceMappingURL=gosec-mapper.d.ts.map

package/lib/src/gosec-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"gosec-mapper.d.ts","sourceRoot":"","sources":["../../src/gosec-mapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,QAAQ,EAAC,MAAM,UAAU,CAAC;AAGlC,OAAO,EACL,aAAa,EACb,WAAW,EAEX,eAAe,EAChB,MAAM,kBAAkB,CAAC;AAwD1B,qBAAa,WAAY,SAAQ,aAAa;IAC5C,OAAO,EAAE,OAAO,CAAC;IAEjB,QAAQ,EAAE,eAAe,CACvB,QAAQ,CAAC,SAAS,GAAG;QAAC,WAAW,EAAE,OAAO,CAAA;KAAC,EAC3C,WAAW,CACZ,CAkEC;gBACU,SAAS,EAAE,MAAM,EAAE,OAAO,UAAQ;CAI/C"}

package/lib/src/gosec-mapper.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GosecMapper = void 0;
 const inspecjs_1 = require("inspecjs");
@@ -40,100 +50,108 @@ function nistTag(input) {
     const cwe = [`${_.get(input, 'id')}`];
     return CWE_NIST_MAPPING.nistFilter(cwe, DEFAULT_NIST_TAG);
 }
+// Check `nosec` and `suppressions` fields which denote whether the gosec rule violation should be suppressed/skipped
 function formatStatus(input) {
     return `${_.get(input, 'nosec')}` === 'false' &&
         `${_.get(input, 'suppressions')}` === 'null'
         ? inspecjs_1.ExecJSON.ControlResultStatus.Failed
         : inspecjs_1.ExecJSON.ControlResultStatus.Skipped;
 }
+// If a gosec rule violation is suppressed, forward the given justification
 function formatSkipMessage(input) {
     const suppressions = _.get(input, 'suppressions');
+    // If test is not skipped
     if (`${suppressions}` === 'null') {
         return undefined;
     }
+    // If test is skipped and there are no justifications, report that none are given
     if (!Array.isArray(suppressions)) {
         return 'No justification provided';
     }
+    // otherwise, supply the justifications
     return suppressions
         .map((suppression) => `${suppression.justification ? suppression.justification : 'No justification provided'} (${suppression.kind})`)
         .join('\n');
 }
+// Report gosec rule violation and violation location
 function formatCodeDesc(input) {
     return `Rule ${_.get(input, 'rule_id')} violation detected at:\nFile: ${_.get(input, 'file')}\nLine: ${_.get(input, 'line')}\nColumn: ${_.get(input, 'column')}`;
 }
+// Report confidence of violation and specific offending code
 function formatMessage(input) {
     return `${_.get(input, 'confidence')} confidence of rule violation at:\n${_.get(input, 'code')}`;
 }
 class GosecMapper extends base_converter_1.BaseConverter {
-    constructor(gosecJson, withRaw = false) {
-        super(JSON.parse(gosecJson));
-        this.mappings = {
-            platform: {
-                name: 'Heimdall Tools',
-                release: package_json_1.version
-            },
-            version: package_json_1.version,
-            statistics: {},
-            profiles: [
-                {
-                    name: 'gosec Scan',
-                    title: 'gosec Scan',
-                    version: { path: 'GosecVersion' },
-                    supports: [],
-                    attributes: [],
-                    groups: [],
-                    status: 'loaded',
-                    controls: [
-                        {
-                            path: 'Issues',
-                            key: 'id',
-                            tags: {
-                                nist: {
-                                    path: 'cwe',
-                                    transformer: nistTag
-                                },
-                                cwe: { path: 'cwe' }
+    withRaw;
+    mappings = {
+        platform: {
+            name: 'Heimdall Tools',
+            release: package_json_1.version
+        },
+        version: package_json_1.version,
+        statistics: {},
+        profiles: [
+            {
+                name: 'gosec Scan',
+                title: 'gosec Scan',
+                version: { path: 'GosecVersion' },
+                supports: [],
+                attributes: [],
+                groups: [],
+                status: 'loaded',
+                controls: [
+                    {
+                        path: 'Issues',
+                        key: 'id',
+                        tags: {
+                            nist: {
+                                path: 'cwe',
+                                transformer: nistTag
                             },
-                            refs: [],
-                            source_location: {},
-                            title: { path: 'details' },
-                            id: { path: 'rule_id' },
-                            desc: '',
-                            impact: {
-                                path: 'severity',
-                                transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
-                            },
-                            results: [
-                                {
-                                    status: { transformer: formatStatus },
-                                    skip_message: { transformer: formatSkipMessage },
-                                    code_desc: { transformer: formatCodeDesc },
-                                    message: { transformer: formatMessage },
-                                    start_time: ''
-                                }
-                            ]
-                        }
-                    ],
-                    sha256: ''
-                }
-            ],
-            passthrough: {
-                transformer: (data) => {
-                    return {
-                        auxiliary_data: [
+                            cwe: { path: 'cwe' }
+                        },
+                        refs: [],
+                        source_location: {},
+                        title: { path: 'details' },
+                        id: { path: 'rule_id' },
+                        desc: '',
+                        impact: {
+                            path: 'severity',
+                            transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
+                        },
+                        results: [
                             {
-                                name: 'gosec',
-                                data: {
-                                    'Golang errors': _.get(data, 'Golang errors'),
-                                    Stats: _.get(data, 'Stats')
-                                }
+                                status: { transformer: formatStatus },
+                                skip_message: { transformer: formatSkipMessage },
+                                code_desc: { transformer: formatCodeDesc },
+                                message: { transformer: formatMessage },
+                                start_time: ''
                             }
-                        ],
-                        ...(this.withRaw && { raw: data })
-                    };
-                }
+                        ]
+                    }
+                ],
+                sha256: ''
             }
-        };
+        ],
+        passthrough: {
+            transformer: (data) => {
+                return {
+                    auxiliary_data: [
+                        {
+                            name: 'gosec',
+                            data: {
+                                'Golang errors': _.get(data, 'Golang errors'),
+                                Stats: _.get(data, 'Stats')
+                            }
+                        }
+                    ],
+                    ...(this.withRaw && { raw: data })
+                };
+            }
+        }
+    };
+    constructor(gosecJson, withRaw = false) {
+        super(JSON.parse(gosecJson));
         this.withRaw = withRaw;
     }
 }

package/lib/src/gosec-mapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"gosec-mapper.js","sourceRoot":"","sources":["../../src/gosec-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AAEzD,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC1C,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AAEH,SAAS,OAAO,CAAC,KAA8B;IAC7C,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IACtC,OAAO,gBAAgB,CAAC,UAAU,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;AAC5D,CAAC;AAGD,SAAS,YAAY,CAAC,KAA8B;IAClD,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,KAAK,OAAO;QAC3C,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,KAAK,MAAM;QAC5C,CAAC,CAAC,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;QACrC,CAAC,CAAC,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;AAC3C,CAAC;AAGD,SAAS,iBAAiB,CAAC,KAA8B;IACvD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;IAGlD,IAAI,GAAG,YAAY,EAAE,KAAK,MAAM,EAAE;QAChC,OAAO,SAAS,CAAC;KAClB;IAGD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;QAChC,OAAO,2BAA2B,CAAC;KACpC;IAED,OAAO,YAAY;SAChB,GAAG,CACF,CAAC,WAAW,EAAE,EAAE,CACd,GAAG,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,2BAA2B,KAAK,WAAW,CAAC,IAAI,GAAG,CACjH;SACA,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAGD,SAAS,cAAc,CAAC,KAA8B;IACpD,OAAO,QAAQ,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,kCAAkC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,CAAC,EAAE,CAAC;AACnK,CAAC;AAGD,SAAS,aAAa,CAAC,KAA8B;IACnD,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,sCAAsC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;AACnG,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IAyE5C,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAvE/B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,YAAY;oBAClB,KAAK,EAAE,YAAY;oBACnB,OAAO,EAAE,EAAC,IAAI,EAAE,cAAc,EAAC;oBAC/B,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,QAAQ;4BACd,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE;oCACJ,IAAI,EAAE,KAAK;oCACX,WAAW,EAAE,OAAO;iCACrB;gCACD,GAAG,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;6BACnB;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BACxB,EAAE,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BACrB,IAAI,EAAE,EAAE;4BACR,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,EAAC,WAAW,EAAE,YAAY,EAAC;oCACnC,YAAY,EAAE,EAAC,WAAW,EAAE,iBAAiB,EAAC;oCAC9C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,OAAO,EAAE,EAAC,WAAW,EAAE,aAAa,EAAC;oCACrC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,OAAO;gCACb,IAAI,EAAE;oCACJ,eAAe,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,eAAe,CAAC;oCAC7C,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC;iCAC5B;6BACF;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA7ED,kCA6EC"}
+{"version":3,"file":"gosec-mapper.js","sourceRoot":"","sources":["../../src/gosec-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AAEzD,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AAC1C,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AAEH,SAAS,OAAO,CAAC,KAA8B;IAC7C,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;IACtC,OAAO,gBAAgB,CAAC,UAAU,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;AAC5D,CAAC;AAED,qHAAqH;AACrH,SAAS,YAAY,CAAC,KAA8B;IAClD,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,KAAK,OAAO;QAC3C,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC,EAAE,KAAK,MAAM;QAC5C,CAAC,CAAC,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;QACrC,CAAC,CAAC,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;AAC3C,CAAC;AAED,2EAA2E;AAC3E,SAAS,iBAAiB,CAAC,KAA8B;IACvD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC;IAElD,yBAAyB;IACzB,IAAI,GAAG,YAAY,EAAE,KAAK,MAAM,EAAE,CAAC;QACjC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,iFAAiF;IACjF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,OAAO,2BAA2B,CAAC;IACrC,CAAC;IACD,uCAAuC;IACvC,OAAO,YAAY;SAChB,GAAG,CACF,CAAC,WAAW,EAAE,EAAE,CACd,GAAG,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,2BAA2B,KAAK,WAAW,CAAC,IAAI,GAAG,CACjH;SACA,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED,qDAAqD;AACrD,SAAS,cAAc,CAAC,KAA8B;IACpD,OAAO,QAAQ,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,kCAAkC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,QAAQ,CAAC,EAAE,CAAC;AACnK,CAAC;AAED,6DAA6D;AAC7D,SAAS,aAAa,CAAC,KAA8B;IACnD,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,sCAAsC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,EAAE,CAAC;AACnG,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IAC5C,OAAO,CAAU;IAEjB,QAAQ,GAGJ;QACF,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;SAC9B;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE,EAAE;QACd,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,YAAY;gBACnB,OAAO,EAAE,EAAC,IAAI,EAAE,cAAc,EAAC;gBAC/B,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,QAAQ;wBACd,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE;4BACJ,IAAI,EAAE;gCACJ,IAAI,EAAE,KAAK;gCACX,WAAW,EAAE,OAAO;6BACrB;4BACD,GAAG,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;yBACnB;wBACD,IAAI,EAAE,EAAE;wBACR,eAAe,EAAE,EAAE;wBACnB,KAAK,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;wBACxB,EAAE,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;wBACrB,IAAI,EAAE,EAAE;wBACR,MAAM,EAAE;4BACN,IAAI,EAAE,UAAU;4BAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;yBAC3C;wBACD,OAAO,EAAE;4BACP;gCACE,MAAM,EAAE,EAAC,WAAW,EAAE,YAAY,EAAC;gCACnC,YAAY,EAAE,EAAC,WAAW,EAAE,iBAAiB,EAAC;gCAC9C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;gCACxC,OAAO,EAAE,EAAC,WAAW,EAAE,aAAa,EAAC;gCACrC,UAAU,EAAE,EAAE;6BACf;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;QACD,WAAW,EAAE;YACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;gBACtE,OAAO;oBACL,cAAc,EAAE;wBACd;4BACE,IAAI,EAAE,OAAO;4BACb,IAAI,EAAE;gCACJ,eAAe,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,eAAe,CAAC;gCAC7C,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC;6BAC5B;yBACF;qBACF;oBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;iBACjC,CAAC;YACJ,CAAC;SACF;KACF,CAAC;IACF,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA7ED,kCA6EC","sourcesContent":["import {ExecJSON} from 'inspecjs';\nimport * as _ from 'lodash';\nimport {version as HeimdallToolsVersion} from '../package.json';\nimport {\n  BaseConverter,\n  ILookupPath,\n  impactMapping,\n  MappedTransform\n} from './base-converter';\nimport {CweNistMapping} from './mappings/CweNistMapping';\n\nconst CWE_NIST_MAPPING = new CweNistMapping();\nconst DEFAULT_NIST_TAG = ['SI-2', 'RA-5'];\nconst IMPACT_MAPPING: Map<string, number> = new Map([\n  ['high', 0.7],\n  ['medium', 0.5],\n  ['low', 0.3]\n]);\n\nfunction nistTag(input: Record<string, unknown>): string[] {\n  const cwe = [`${_.get(input, 'id')}`];\n  return CWE_NIST_MAPPING.nistFilter(cwe, DEFAULT_NIST_TAG);\n}\n\n// Check `nosec` and `suppressions` fields which denote whether the gosec rule violation should be suppressed/skipped\nfunction formatStatus(input: Record<string, unknown>): string {\n  return `${_.get(input, 'nosec')}` === 'false' &&\n    `${_.get(input, 'suppressions')}` === 'null'\n    ? ExecJSON.ControlResultStatus.Failed\n    : ExecJSON.ControlResultStatus.Skipped;\n}\n\n// If a gosec rule violation is suppressed, forward the given justification\nfunction formatSkipMessage(input: Record<string, unknown>): string | undefined {\n  const suppressions = _.get(input, 'suppressions');\n\n  // If test is not skipped\n  if (`${suppressions}` === 'null') {\n    return undefined;\n  }\n\n  // If test is skipped and there are no justifications, report that none are given\n  if (!Array.isArray(suppressions)) {\n    return 'No justification provided';\n  }\n  // otherwise, supply the justifications\n  return suppressions\n    .map(\n      (suppression) =>\n        `${suppression.justification ? suppression.justification : 'No justification provided'} (${suppression.kind})`\n    )\n    .join('\\n');\n}\n\n// Report gosec rule violation and violation location\nfunction formatCodeDesc(input: Record<string, unknown>): string {\n  return `Rule ${_.get(input, 'rule_id')} violation detected at:\\nFile: ${_.get(input, 'file')}\\nLine: ${_.get(input, 'line')}\\nColumn: ${_.get(input, 'column')}`;\n}\n\n// Report confidence of violation and specific offending code\nfunction formatMessage(input: Record<string, unknown>): string {\n  return `${_.get(input, 'confidence')} confidence of rule violation at:\\n${_.get(input, 'code')}`;\n}\n\nexport class GosecMapper extends BaseConverter {\n  withRaw: boolean;\n\n  mappings: MappedTransform<\n    ExecJSON.Execution & {passthrough: unknown},\n    ILookupPath\n  > = {\n    platform: {\n      name: 'Heimdall Tools',\n      release: HeimdallToolsVersion\n    },\n    version: HeimdallToolsVersion,\n    statistics: {},\n    profiles: [\n      {\n        name: 'gosec Scan',\n        title: 'gosec Scan',\n        version: {path: 'GosecVersion'},\n        supports: [],\n        attributes: [],\n        groups: [],\n        status: 'loaded',\n        controls: [\n          {\n            path: 'Issues',\n            key: 'id',\n            tags: {\n              nist: {\n                path: 'cwe',\n                transformer: nistTag\n              },\n              cwe: {path: 'cwe'}\n            },\n            refs: [],\n            source_location: {},\n            title: {path: 'details'},\n            id: {path: 'rule_id'},\n            desc: '',\n            impact: {\n              path: 'severity',\n              transformer: impactMapping(IMPACT_MAPPING)\n            },\n            results: [\n              {\n                status: {transformer: formatStatus},\n                skip_message: {transformer: formatSkipMessage},\n                code_desc: {transformer: formatCodeDesc},\n                message: {transformer: formatMessage},\n                start_time: ''\n              }\n            ]\n          }\n        ],\n        sha256: ''\n      }\n    ],\n    passthrough: {\n      transformer: (data: Record<string, unknown>): Record<string, unknown> => {\n        return {\n          auxiliary_data: [\n            {\n              name: 'gosec',\n              data: {\n                'Golang errors': _.get(data, 'Golang errors'),\n                Stats: _.get(data, 'Stats')\n              }\n            }\n          ],\n          ...(this.withRaw && {raw: data})\n        };\n      }\n    }\n  };\n  constructor(gosecJson: string, withRaw = false) {\n    super(JSON.parse(gosecJson));\n    this.withRaw = withRaw;\n  }\n}\n"]}

package/lib/src/ionchannel-mapper.d.ts

@@ -24,3 +24,4 @@ export declare class IonChannelMapper extends BaseConverter {
     }, ILookupPath>;
     constructor(ionchannelJson: string);
 }
+//# sourceMappingURL=ionchannel-mapper.d.ts.map

package/lib/src/ionchannel-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ionchannel-mapper.d.ts","sourceRoot":"","sources":["../../src/ionchannel-mapper.ts"],"names":[],"mappings":"AAAA,OAAc,EAAC,aAAa,EAAC,MAAM,OAAO,CAAC;AAC3C,OAAO,EAAC,QAAQ,EAAC,MAAM,UAAU,CAAC;AAGlC,OAAO,EAGL,0BAA0B,EAE3B,MAAM,6BAA6B,CAAC;AACrC,OAAO,EAAC,OAAO,EAAC,MAAM,6BAA6B,CAAC;AACpD,OAAO,EAAC,IAAI,EAAC,MAAM,0BAA0B,CAAC;AAC9C,OAAO,EAAC,aAAa,EAAE,WAAW,EAAE,eAAe,EAAC,MAAM,kBAAkB,CAAC;AAgG7E,qBAAa,mBAAmB;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,SAAS,EAAE,aAAa,CAAC;gBAGvB,MAAM,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,MAAM,EAClB,MAAM,CAAC,EAAE,MAAM,EACf,UAAU,CAAC,EAAE,MAAM;IAcf,KAAK,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;IAMpC,OAAO,CAAC,QAAQ,EAAE,MAAM;IAexB,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;IAS3B,UAAU,CAAC,WAAW,EAAE,MAAM;IAgB9B,WAAW,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAgBjC,WAAW,IAAI,OAAO,CAAC,0BAA0B,CAAC;CAuBzD;AAED,qBAAa,gBAAiB,SAAQ,aAAa;IACjD,QAAQ,EAAE,eAAe,CACvB,QAAQ,CAAC,SAAS,GAAG;QAAC,WAAW,EAAE,OAAO,CAAA;KAAC,EAC3C,WAAW,CACZ,CA6GC;gBAEU,cAAc,EAAE,MAAM;CAGnC"}

package/lib/src/ionchannel-mapper.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
@@ -32,6 +42,7 @@ const _ = __importStar(require("lodash"));
 const package_json_1 = require("../package.json");
 const base_converter_1 = require("./base-converter");
 const global_1 = require("./utils/global");
+// Extracts all levels of dependencies from any dependency (including sub-dependencies)
 function extractAllDependencies(dependency) {
     const result = [];
     result.push({
@@ -49,18 +60,18 @@ function preprocessIonChannelData(ionchannelData) {
     const result = {
         metadata: {},
         scans: {
-            vulnerability: [],
+            vulnerability: [], // Not Implemented yet
             dependency: {
                 dependencies: [],
-                contextualizedDependencies: []
+                contextualizedDependencies: [] // Dependencies with their parent info
             },
-            ecosystems: [],
-            community: [],
-            buildsystems: [],
-            virus: [],
-            license: [],
-            difference: [],
-            about_yml: []
+            ecosystems: [], // Not Implemented yet
+            community: [], // Not Implemented yet
+            buildsystems: [], // Not Implemented yet
+            virus: [], // Not Implemented yet
+            license: [], // Not Implemented yet
+            difference: [], // Not Implemented yet
+            about_yml: [] // Not Implemented yet
         }
     };
     const parsed = JSON.parse(ionchannelData);
@@ -78,17 +89,20 @@ function preprocessIonChannelData(ionchannelData) {
                 result.scans.dependency.dependencies =
                     scanSummary.results.data.dependencies;
                 break;
+            // We only care about dependencies at the moment
             default:
                 break;
         }
     });
     const dependencyGraph = {};
+    // Flatten dependency tree
     result.scans.dependency.dependencies.forEach((topLevelDependency) => {
         const flatDependencies = extractAllDependencies(topLevelDependency);
         flatDependencies.forEach((dependency) => {
             dependencyGraph[`${dependency.org}/${dependency.name}`] = dependency;
         });
     });
+    // Associate dependencies with each-other
     Object.entries(dependencyGraph).forEach(([, dependency]) => {
         if (Array.isArray(dependency.dependencies)) {
             dependency.dependencies.forEach((subDependency) => {
@@ -102,6 +116,11 @@ function preprocessIonChannelData(ionchannelData) {
     return result;
 }
 class IonChannelAPIMapper {
+    apiKey;
+    projectId;
+    teamId;
+    analysisId;
+    apiClient;
     constructor(apiKey, projectId, teamId, analysisId) {
         this.apiKey = apiKey;
         this.projectId = projectId;
@@ -188,103 +207,104 @@ class IonChannelAPIMapper {
 }
 exports.IonChannelAPIMapper = IonChannelAPIMapper;
 class IonChannelMapper extends base_converter_1.BaseConverter {
-    constructor(ionchannelJson) {
-        super(preprocessIonChannelData(ionchannelJson));
-        this.mappings = {
-            platform: {
-                name: 'Heimdall Tools',
-                release: package_json_1.version,
-                target_id: { path: 'metadata.project_id' }
-            },
-            passthrough: {
-                ionchannel_metadata: {
-                    path: 'metadata'
-                }
-            },
-            version: package_json_1.version,
-            statistics: {
-                duration: null
-            },
-            profiles: [
-                {
-                    name: 'IonChannel SBOM Analysis',
-                    version: '',
-                    title: {
-                        path: 'metadata.source',
-                        transformer: (source) => `IonChannel Analysis of ${source}`
-                    },
-                    maintainer: 'saf@groups.mitre.org',
-                    summary: '',
-                    license: null,
-                    copyright: null,
-                    copyright_email: null,
-                    supports: [],
-                    attributes: [],
-                    depends: [],
-                    groups: [],
-                    status: 'loaded',
-                    controls: [
-                        {
-                            path: 'scans.dependency.contextualizedDependencies',
-                            key: 'id',
-                            tags: {
-                                transformer: (dependency) => {
-                                    return Array.isArray(dependency.dependencies)
-                                        ? {
-                                            ..._.omit(dependency, 'dependencies'),
-                                            nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
-                                            cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS),
-                                            dependencies: dependency.dependencies.map((subDependency) => `${subDependency.name}`)
-                                        }
-                                        : {
-                                            ..._.omit(dependency, 'dependencies'),
-                                            nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
-                                            cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS)
-                                        };
-                                }
-                            },
-                            descriptions: [],
-                            refs: [],
-                            source_location: {},
-                            title: {
-                                transformer: (dependency) => {
-                                    if (dependency.type === 'pypi' &&
-                                        dependency.package === 'egg' &&
-                                        dependency.name === '-e') {
-                                        return `Python requirements file ${dependency.file}`;
-                                    }
-                                    let title = `Dependency ${dependency.name} `;
-                                    if (dependency.org && dependency.org.toLowerCase() !== 'n/a') {
-                                        title += `from ${dependency.org} `;
-                                    }
-                                    if (dependency.version &&
-                                        dependency.version.toLowerCase() !== 'n/a') {
-                                        title += `@ ${dependency.version} `;
-                                    }
-                                    if (dependency.requirement &&
-                                        dependency.requirement.toLowerCase() !== 'n/a') {
-                                        title += `(Required ${dependency.requirement}) `;
+    mappings = {
+        platform: {
+            name: 'Heimdall Tools',
+            release: package_json_1.version,
+            target_id: { path: 'metadata.project_id' }
+        },
+        passthrough: {
+            ionchannel_metadata: {
+                path: 'metadata'
+            }
+        },
+        version: package_json_1.version,
+        statistics: {
+            duration: null
+        },
+        profiles: [
+            {
+                name: 'IonChannel SBOM Analysis',
+                version: '',
+                title: {
+                    path: 'metadata.source',
+                    transformer: (source) => `IonChannel Analysis of ${source}`
+                },
+                maintainer: 'saf@groups.mitre.org',
+                summary: '',
+                license: null,
+                copyright: null,
+                copyright_email: null,
+                supports: [],
+                attributes: [],
+                depends: [],
+                groups: [],
+                status: 'loaded',
+                controls: [
+                    {
+                        path: 'scans.dependency.contextualizedDependencies',
+                        key: 'id',
+                        tags: {
+                            transformer: (dependency) => {
+                                return Array.isArray(dependency.dependencies)
+                                    ? {
+                                        ..._.omit(dependency, 'dependencies'),
+                                        nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
+                                        cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS),
+                                        dependencies: dependency.dependencies.map((subDependency) => `${subDependency.name}`)
                                     }
-                                    return title.trim();
+                                    : {
+                                        ..._.omit(dependency, 'dependencies'),
+                                        nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
+                                        cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS)
+                                    };
+                            }
+                        },
+                        descriptions: [],
+                        refs: [],
+                        source_location: {},
+                        title: {
+                            transformer: (dependency) => {
+                                // Specific to Python requirements, commonly called requirements.txt or requirements_dev.txt
+                                if (dependency.type === 'pypi' &&
+                                    dependency.package === 'egg' &&
+                                    dependency.name === '-e') {
+                                    return `Python requirements file ${dependency.file}`;
                                 }
-                            },
-                            id: {
-                                transformer: (dependency) => {
-                                    return `dependency-${dependency.org}/${dependency.name}`;
+                                let title = `Dependency ${dependency.name} `;
+                                if (dependency.org && dependency.org.toLowerCase() !== 'n/a') {
+                                    title += `from ${dependency.org} `;
                                 }
-                            },
-                            desc: '',
-                            impact: 0.0,
-                            code: {
-                                transformer: (dependency) => JSON.stringify(dependency, null, 2)
-                            },
-                            results: []
-                        }
-                    ],
-                    sha256: ''
-                }
-            ]
-        };
+                                if (dependency.version &&
+                                    dependency.version.toLowerCase() !== 'n/a') {
+                                    title += `@ ${dependency.version} `;
+                                }
+                                if (dependency.requirement &&
+                                    dependency.requirement.toLowerCase() !== 'n/a') {
+                                    title += `(Required ${dependency.requirement}) `;
+                                }
+                                return title.trim();
+                            }
+                        },
+                        id: {
+                            transformer: (dependency) => {
+                                return `dependency-${dependency.org}/${dependency.name}`;
+                            }
+                        },
+                        desc: '',
+                        impact: 0.0,
+                        code: {
+                            transformer: (dependency) => JSON.stringify(dependency, null, 2)
+                        },
+                        results: []
+                    }
+                ],
+                sha256: ''
+            }
+        ]
+    };
+    constructor(ionchannelJson) {
+        super(preprocessIonChannelData(ionchannelJson));
     }
 }
 exports.IonChannelMapper = IonChannelMapper;