@mitre/hdf-converters 2.12.2 → 2.13.0

package/lib/src/neuvector-mapper.js

@@ -12,156 +12,155 @@ const CweNistMapping_1 = require("./mappings/CweNistMapping");
 const global_1 = require("./utils/global");
 const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping();
 function cweTags(description) {
-    var _a;
     const regex = /CWE-\d{3}/g;
-    return (_a = description.match(regex)) !== null && _a !== void 0 ? _a : undefined;
+    return description.match(regex) ?? undefined;
 }
 function nistTags(cweTags) {
-    var _a;
-    const identifiers = (_a = cweTags === null || cweTags === void 0 ? void 0 : cweTags.map((tag) => tag.slice(-3))) !== null && _a !== void 0 ? _a : [];
+    const identifiers = cweTags?.map((tag) => tag.slice(-3)) ?? [];
     return CWE_NIST_MAPPING.nistFilter(identifiers, global_1.DEFAULT_UPDATE_REMEDIATION_NIST_TAGS);
 }
 function cveIdMatches(cveName) {
     return (cve) => cve.name === cveName;
 }
 class NeuVectorMapper extends base_converter_1.BaseConverter {
+    withRaw;
+    rawData;
+    getModules;
     memoizedGetModules() {
         const cache = {};
         return (moduleName) => {
-            var _a, _b;
             if (Object.prototype.hasOwnProperty.call(cache, moduleName)) {
                 return cache[moduleName];
             }
-            cache[moduleName] = (_b = (_a = this.data.report.modules) === null || _a === void 0 ? void 0 : _a.find((value) => value.name === moduleName)) === null || _b === void 0 ? void 0 : _b.source;
+            cache[moduleName] = this.data.report.modules?.find((value) => value.name === moduleName)?.source;
             return cache[moduleName];
         };
     }
-    constructor(exportJson, withRaw = false) {
-        const rawParams = JSON.parse(exportJson);
-        super(rawParams);
-        this.mappings = {
-            platform: {
-                name: 'Heimdall Tools',
-                release: package_json_1.version
-            },
-            version: package_json_1.version,
-            statistics: {},
-            profiles: [
-                {
-                    name: 'NeuVector Scan',
-                    title: {
-                        path: 'report',
-                        transformer: (data) => `${data.registry}/${data.repository}:${data.tag} - Digest: ${data.digest} - Image ID: ${data.image_id}`
-                    },
-                    supports: [],
-                    attributes: [],
-                    groups: [],
-                    status: 'loaded',
-                    controls: [
-                        {
-                            path: 'report.vulnerabilities',
-                            key: 'id',
-                            tags: {
-                                cves: { path: 'cves' },
-                                cpes: { path: 'cpes' },
-                                cwe: {
-                                    path: 'description',
-                                    transformer: cweTags
-                                },
-                                nist: {
-                                    path: 'description',
-                                    transformer: (description) => nistTags(cweTags(description))
-                                },
-                                score: { path: 'score' },
-                                vectors: { path: 'vectors' },
-                                vectors_v3: { path: 'vectors_v3' },
-                                score_v3: { path: 'score_v3' },
-                                severity: { path: 'severity' },
-                                source: {
-                                    path: 'package_name',
-                                    transformer: (packageName) => this.getModules(packageName)
-                                },
-                                status: {
-                                    path: 'name',
-                                    transformer: (name) => {
-                                        var _a, _b, _c, _d;
-                                        return (_d = (_c = (_b = (_a = this.rawData.report.modules) === null || _a === void 0 ? void 0 : _a.find((module) => { var _a; return (_a = module.cves) === null || _a === void 0 ? void 0 : _a.find(cveIdMatches(name)); })) === null || _b === void 0 ? void 0 : _b.cves) === null || _c === void 0 ? void 0 : _c.find(cveIdMatches(name))) === null || _d === void 0 ? void 0 : _d.status;
-                                    }
-                                },
-                                feed_rating: { path: 'feed_rating' },
-                                link: { path: 'link' },
-                                published_timestamp: { path: 'published_timestamp' },
-                                last_modified_timestamp: { path: 'last_modified_timestamp' },
-                                in_base_image: { path: 'in_base_image' },
-                                tags: {
-                                    path: 'tags',
-                                    transformer: (tags) => JSON.stringify(tags, null, 2)
-                                },
-                                envs: {
-                                    path: '$.report.envs',
-                                    transformer: (envs) => envs ? envs.join('\n') : undefined
-                                },
-                                cmds: {
-                                    path: '$.report.cmds',
-                                    transformer: (cmds) => cmds ? cmds.join('\n') : undefined
-                                }
+    mappings = {
+        platform: {
+            name: 'Heimdall Tools',
+            release: package_json_1.version
+        },
+        version: package_json_1.version,
+        statistics: {},
+        profiles: [
+            {
+                name: 'NeuVector Scan',
+                title: {
+                    path: 'report',
+                    transformer: (data) => `${data.registry}/${data.repository}:${data.tag} - Digest: ${data.digest} - Image ID: ${data.image_id}`
+                },
+                supports: [],
+                attributes: [],
+                groups: [],
+                status: 'loaded',
+                controls: [
+                    {
+                        path: 'report.vulnerabilities',
+                        key: 'id',
+                        tags: {
+                            cves: { path: 'cves' },
+                            cpes: { path: 'cpes' },
+                            cwe: {
+                                path: 'description',
+                                transformer: cweTags
+                            },
+                            nist: {
+                                path: 'description',
+                                transformer: (description) => nistTags(cweTags(description))
+                            },
+                            score: { path: 'score' },
+                            vectors: { path: 'vectors' },
+                            vectors_v3: { path: 'vectors_v3' },
+                            score_v3: { path: 'score_v3' },
+                            severity: { path: 'severity' },
+                            source: {
+                                path: 'package_name',
+                                transformer: (packageName) => this.getModules(packageName)
                             },
-                            refs: [],
-                            source_location: { ref: { path: 'file_name' } },
-                            title: {
-                                transformer: (data) => `NeuVector found a vulnerability to ${data.name} in ${data.package_name}/${data.package_version}.`
+                            status: {
+                                path: 'name',
+                                transformer: (name) => this.rawData.report.modules
+                                    ?.find((module) => module.cves?.find(cveIdMatches(name)))
+                                    ?.cves?.find(cveIdMatches(name))?.status
                             },
-                            id: {
-                                transformer: (data) => `${data.name}/${data.package_name}/${data.package_version}`
+                            feed_rating: { path: 'feed_rating' },
+                            link: { path: 'link' },
+                            published_timestamp: { path: 'published_timestamp' },
+                            last_modified_timestamp: { path: 'last_modified_timestamp' },
+                            in_base_image: { path: 'in_base_image' },
+                            tags: {
+                                path: 'tags',
+                                transformer: (tags) => JSON.stringify(tags, null, 2)
                             },
-                            desc: { path: 'description' },
-                            impact: {
-                                transformer: (data) => data.score_v3 / 10
+                            envs: {
+                                path: '$.report.envs',
+                                transformer: (envs) => envs ? envs.join('\n') : undefined
                             },
-                            results: [
-                                {
-                                    status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
-                                    code_desc: '',
-                                    message: {
-                                        transformer: (data) => {
-                                            const { package_name, package_version, fixed_version } = data;
-                                            if (!fixed_version) {
-                                                return `Vulnerable package ${package_name} is at version ${package_version}. No fixed version available.`;
-                                            }
-                                            return `Vulnerable package ${package_name} is at version ${package_version}. Update to fixed version ${fixed_version}.`;
+                            cmds: {
+                                path: '$.report.cmds',
+                                transformer: (cmds) => cmds ? cmds.join('\n') : undefined
+                            }
+                        },
+                        refs: [],
+                        source_location: { ref: { path: 'file_name' } },
+                        title: {
+                            transformer: (data) => `NeuVector found a vulnerability to ${data.name} in ${data.package_name}/${data.package_version}.`
+                        },
+                        id: {
+                            transformer: (data) => `${data.name}/${data.package_name}/${data.package_version}`
+                        },
+                        desc: { path: 'description' },
+                        impact: {
+                            transformer: (data) => data.score_v3 / 10
+                        },
+                        results: [
+                            {
+                                status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
+                                code_desc: '',
+                                message: {
+                                    transformer: (data) => {
+                                        const { package_name, package_version, fixed_version } = data;
+                                        if (!fixed_version) {
+                                            return `Vulnerable package ${package_name} is at version ${package_version}. No fixed version available.`;
                                         }
-                                    },
-                                    start_time: ''
-                                }
-                            ]
+                                        return `Vulnerable package ${package_name} is at version ${package_version}. Update to fixed version ${fixed_version}.`;
+                                    }
+                                },
+                                start_time: ''
+                            }
+                        ]
+                    }
+                ],
+                sha256: ''
+            }
+        ],
+        passthrough: {
+            transformer: (data) => {
+                return {
+                    auxiliary_data: [
+                        {
+                            name: 'NeuVector',
+                            data: lodash_1.default.omit([
+                                'reports.vulnerabilities',
+                                'reports.cmds',
+                                'reports.envs',
+                                'reports.registry',
+                                'reports.repository',
+                                'reports.tag',
+                                'reports.digest',
+                                'reports.image_id'
+                            ])
                         }
                     ],
-                    sha256: ''
-                }
-            ],
-            passthrough: {
-                transformer: (data) => {
-                    return {
-                        auxiliary_data: [
-                            {
-                                name: 'NeuVector',
-                                data: lodash_1.default.omit([
-                                    'reports.vulnerabilities',
-                                    'reports.cmds',
-                                    'reports.envs',
-                                    'reports.registry',
-                                    'reports.repository',
-                                    'reports.tag',
-                                    'reports.digest',
-                                    'reports.image_id'
-                                ])
-                            }
-                        ],
-                        ...(this.withRaw && { raw: data })
-                    };
-                }
+                    ...(this.withRaw && { raw: data })
+                };
             }
-        };
+        }
+    };
+    constructor(exportJson, withRaw = false) {
+        const rawParams = JSON.parse(exportJson);
+        super(rawParams);
         this.withRaw = withRaw;
         this.rawData = rawParams;
         this.getModules = this.memoizedGetModules();

package/lib/src/neuvector-mapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"neuvector-mapper.js","sourceRoot":"","sources":["../../src/neuvector-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,2CAAoE;AASpE,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAE9C,SAAS,OAAO,CAAC,WAAmB;;IAClC,MAAM,KAAK,GAAG,YAAY,CAAC;IAC3B,OAAO,MAAA,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,mCAAI,SAAS,CAAC;AAC/C,CAAC;AAED,SAAS,QAAQ,CAAC,OAA6B;;IAC7C,MAAM,WAAW,GAAG,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,mCAAI,EAAE,CAAC;IACvE,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,6CAAoC,CACrC,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,OAAO,CAAC,GAAkB,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,OAAO,CAAC;AACtD,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IAKhD,kBAAkB;QAGhB,MAAM,KAAK,GAAyD,EAAE,CAAC;QAEvE,OAAO,CAAC,UAAkB,EAAE,EAAE;;YAC5B,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE;gBAC3D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC;aAC1B;YACD,KAAK,CAAC,UAAU,CAAC,GAAG,MAAA,MAAC,IAAI,CAAC,IAA0B,CAAC,MAAM,CAAC,OAAO,0CAAE,IAAI,CACvE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,UAAU,CACrC,0CAAE,MAAM,CAAC;YACV,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC;QAC3B,CAAC,CAAC;IACJ,CAAC;IAyID,YAAY,UAAkB,EAAE,OAAO,GAAG,KAAK;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,KAAK,CAAC,SAAS,CAAC,CAAC;QAzInB,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,gBAAgB;oBACtB,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,CAAC,IAAwB,EAAE,EAAE,CACxC,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,cAAc,IAAI,CAAC,MAAM,gBAAgB,IAAI,CAAC,QAAQ,EAAE;qBAC1G;oBACD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,wBAAwB;4BAC9B,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;gCACpB,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;gCACpB,GAAG,EAAE;oCACH,IAAI,EAAE,aAAa;oCACnB,WAAW,EAAE,OAAO;iCACrB;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,aAAa;oCACnB,WAAW,EAAE,CAAC,WAAmB,EAAE,EAAE,CACnC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;iCACjC;gCACD,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;gCACtB,OAAO,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;gCAC1B,UAAU,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;gCAChC,QAAQ,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;gCAC5B,QAAQ,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;gCAC5B,MAAM,EAAE;oCACN,IAAI,EAAE,cAAc;oCACpB,WAAW,EAAE,CAAC,WAAmB,EAAE,EAAE,CACnC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;iCAC/B;gCACD,MAAM,EAAE;oCACN,IAAI,EAAE,MAAM;oCACZ,WAAW,EAAE,CAAC,IAAY,EAAE,EAAE;;wCAC5B,OAAA,MAAA,MAAA,MAAA,MAAA,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,0CACvB,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,WAAC,OAAA,MAAA,MAAM,CAAC,IAAI,0CAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAA,EAAA,CAAC,0CACvD,IAAI,0CAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,0CAAE,MAAM,CAAA;qCAAA;iCAC7C;gCACD,WAAW,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;gCAClC,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;gCACpB,mBAAmB,EAAE,EAAC,IAAI,EAAE,qBAAqB,EAAC;gCAClD,uBAAuB,EAAE,EAAC,IAAI,EAAE,yBAAyB,EAAC;gCAC1D,aAAa,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;gCACtC,IAAI,EAAE;oCACJ,IAAI,EAAE,MAAM;oCACZ,WAAW,EAAE,CAAC,IAAc,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;iCAC/D;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,eAAe;oCACrB,WAAW,EAAE,CAAC,IAAe,EAAE,EAAE,CAC/B,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;iCACrC;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,eAAe;oCACrB,WAAW,EAAE,CAAC,IAAe,EAAE,EAAE,CAC/B,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;iCACrC;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC,EAAC;4BAC3C,KAAK,EAAE;gCACL,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE,CACvC,sCAAsC,IAAI,CAAC,IAAI,OAAO,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,eAAe,GAAG;6BACrG;4BACD,EAAE,EAAE;gCACF,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE,CACvC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,eAAe,EAAE;6BAC9D;4BACD,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,MAAM,EAAE;gCACN,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,GAAG,EAAE;6BAC7D;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAE;oCACb,OAAO,EAAE;wCACP,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE;4CACvC,MAAM,EAAC,YAAY,EAAE,eAAe,EAAE,aAAa,EAAC,GAAG,IAAI,CAAC;4CAC5D,IAAI,CAAC,aAAa,EAAE;gDAClB,OAAO,sBAAsB,YAAY,kBAAkB,eAAe,+BAA+B,CAAC;6CAC3G;4CACD,OAAO,sBAAsB,YAAY,kBAAkB,eAAe,6BAA6B,aAAa,GAAG,CAAC;wCAC1H,CAAC;qCACF;oCACD,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CACX,IAAuB,EAC8B,EAAE;oBACvD,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,WAAW;gCACjB,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC;oCACX,yBAAyB;oCACzB,cAAc;oCACd,cAAc;oCACd,kBAAkB;oCAClB,oBAAoB;oCACpB,aAAa;oCACb,gBAAgB;oCAChB,kBAAkB;iCACnB,CAAC;6BACH;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAIA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;IAC9C,CAAC;CACF;AAnKD,0CAmKC"}
+{"version":3,"file":"neuvector-mapper.js","sourceRoot":"","sources":["../../src/neuvector-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,2CAAoE;AASpE,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAE9C,SAAS,OAAO,CAAC,WAAmB;IAClC,MAAM,KAAK,GAAG,YAAY,CAAC;IAC3B,OAAO,WAAW,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC;AAC/C,CAAC;AAED,SAAS,QAAQ,CAAC,OAA6B;IAC7C,MAAM,WAAW,GAAG,OAAO,EAAE,GAAG,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IACvE,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,6CAAoC,CACrC,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,OAAO,CAAC,GAAkB,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,OAAO,CAAC;AACtD,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IAChD,OAAO,CAAU;IACjB,OAAO,CAAoB;IAC3B,UAAU,CAA+D;IAEzE,kBAAkB;QAGhB,MAAM,KAAK,GAAyD,EAAE,CAAC;QAEvE,OAAO,CAAC,UAAkB,EAAE,EAAE;YAC5B,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE,CAAC;gBAC5D,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC;YAC3B,CAAC;YACD,KAAK,CAAC,UAAU,CAAC,GAAI,IAAI,CAAC,IAA0B,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CACvE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,UAAU,CACrC,EAAE,MAAM,CAAC;YACV,OAAO,KAAK,CAAC,UAAU,CAAC,CAAC;QAC3B,CAAC,CAAC;IACJ,CAAC;IAED,QAAQ,GAGJ;QACF,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;SAC9B;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE,EAAE;QACd,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,gBAAgB;gBACtB,KAAK,EAAE;oBACL,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,CAAC,IAAwB,EAAE,EAAE,CACxC,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,GAAG,cAAc,IAAI,CAAC,MAAM,gBAAgB,IAAI,CAAC,QAAQ,EAAE;iBAC1G;gBACD,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,wBAAwB;wBAC9B,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE;4BACJ,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACpB,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACpB,GAAG,EAAE;gCACH,IAAI,EAAE,aAAa;gCACnB,WAAW,EAAE,OAAO;6BACrB;4BACD,IAAI,EAAE;gCACJ,IAAI,EAAE,aAAa;gCACnB,WAAW,EAAE,CAAC,WAAmB,EAAE,EAAE,CACnC,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;6BACjC;4BACD,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;4BACtB,OAAO,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BAC1B,UAAU,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;4BAChC,QAAQ,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;4BAC5B,QAAQ,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;4BAC5B,MAAM,EAAE;gCACN,IAAI,EAAE,cAAc;gCACpB,WAAW,EAAE,CAAC,WAAmB,EAAE,EAAE,CACnC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;6BAC/B;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,MAAM;gCACZ,WAAW,EAAE,CAAC,IAAY,EAAE,EAAE,CAC5B,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO;oCACzB,EAAE,IAAI,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;oCACzD,EAAE,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM;6BAC7C;4BACD,WAAW,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAClC,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACpB,mBAAmB,EAAE,EAAC,IAAI,EAAE,qBAAqB,EAAC;4BAClD,uBAAuB,EAAE,EAAC,IAAI,EAAE,yBAAyB,EAAC;4BAC1D,aAAa,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;4BACtC,IAAI,EAAE;gCACJ,IAAI,EAAE,MAAM;gCACZ,WAAW,EAAE,CAAC,IAAc,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;6BAC/D;4BACD,IAAI,EAAE;gCACJ,IAAI,EAAE,eAAe;gCACrB,WAAW,EAAE,CAAC,IAAe,EAAE,EAAE,CAC/B,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;6BACrC;4BACD,IAAI,EAAE;gCACJ,IAAI,EAAE,eAAe;gCACrB,WAAW,EAAE,CAAC,IAAe,EAAE,EAAE,CAC/B,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;6BACrC;yBACF;wBACD,IAAI,EAAE,EAAE;wBACR,eAAe,EAAE,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC,EAAC;wBAC3C,KAAK,EAAE;4BACL,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE,CACvC,sCAAsC,IAAI,CAAC,IAAI,OAAO,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,eAAe,GAAG;yBACrG;wBACD,EAAE,EAAE;4BACF,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE,CACvC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,eAAe,EAAE;yBAC9D;wBACD,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;wBAC3B,MAAM,EAAE;4BACN,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,GAAG,EAAE;yBAC7D;wBACD,OAAO,EAAE;4BACP;gCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;gCAC3C,SAAS,EAAE,EAAE;gCACb,OAAO,EAAE;oCACP,WAAW,EAAE,CAAC,IAAuB,EAAE,EAAE;wCACvC,MAAM,EAAC,YAAY,EAAE,eAAe,EAAE,aAAa,EAAC,GAAG,IAAI,CAAC;wCAC5D,IAAI,CAAC,aAAa,EAAE,CAAC;4CACnB,OAAO,sBAAsB,YAAY,kBAAkB,eAAe,+BAA+B,CAAC;wCAC5G,CAAC;wCACD,OAAO,sBAAsB,YAAY,kBAAkB,eAAe,6BAA6B,aAAa,GAAG,CAAC;oCAC1H,CAAC;iCACF;gCACD,UAAU,EAAE,EAAE;6BACf;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;QACD,WAAW,EAAE;YACX,WAAW,EAAE,CACX,IAAuB,EAC8B,EAAE;gBACvD,OAAO;oBACL,cAAc,EAAE;wBACd;4BACE,IAAI,EAAE,WAAW;4BACjB,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC;gCACX,yBAAyB;gCACzB,cAAc;gCACd,cAAc;gCACd,kBAAkB;gCAClB,oBAAoB;gCACpB,aAAa;gCACb,gBAAgB;gCAChB,kBAAkB;6BACnB,CAAC;yBACH;qBACF;oBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;iBACjC,CAAC;YACJ,CAAC;SACF;KACF,CAAC;IACF,YAAY,UAAkB,EAAE,OAAO,GAAG,KAAK;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,KAAK,CAAC,SAAS,CAAC,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,OAAO,GAAG,SAAS,CAAC;QACzB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;IAC9C,CAAC;CACF;AAnKD,0CAmKC","sourcesContent":["import {ExecJSON} from 'inspecjs';\nimport _ from 'lodash';\nimport {version as HeimdallToolsVersion} from '../package.json';\nimport {BaseConverter, ILookupPath, MappedTransform} from './base-converter';\nimport {CweNistMapping} from './mappings/CweNistMapping';\nimport {DEFAULT_UPDATE_REMEDIATION_NIST_TAGS} from './utils/global';\nimport {\n  NeuVectorScanJson,\n  RESTModuleCve,\n  RESTScanModule,\n  RESTScanRepoReport,\n  RESTVulnerability\n} from '../types/neuvector-types';\n\nconst CWE_NIST_MAPPING = new CweNistMapping();\n\nfunction cweTags(description: string): string[] | undefined {\n  const regex = /CWE-\\d{3}/g;\n  return description.match(regex) ?? undefined;\n}\n\nfunction nistTags(cweTags: string[] | undefined): string[] {\n  const identifiers = cweTags?.map((tag: string) => tag.slice(-3)) ?? [];\n  return CWE_NIST_MAPPING.nistFilter(\n    identifiers,\n    DEFAULT_UPDATE_REMEDIATION_NIST_TAGS\n  );\n}\n\nfunction cveIdMatches(cveName: string): (value: RESTModuleCve) => boolean {\n  return (cve: RESTModuleCve) => cve.name === cveName;\n}\n\nexport class NeuVectorMapper extends BaseConverter {\n  withRaw: boolean;\n  rawData: NeuVectorScanJson;\n  getModules: (moduleName: string) => RESTScanModule['source'] | undefined;\n\n  memoizedGetModules(): (\n    moduleName: string\n  ) => RESTScanModule['source'] | undefined {\n    const cache: Record<string, RESTScanModule['source'] | undefined> = {};\n\n    return (moduleName: string) => {\n      if (Object.prototype.hasOwnProperty.call(cache, moduleName)) {\n        return cache[moduleName];\n      }\n      cache[moduleName] = (this.data as NeuVectorScanJson).report.modules?.find(\n        (value) => value.name === moduleName\n      )?.source;\n      return cache[moduleName];\n    };\n  }\n\n  mappings: MappedTransform<\n    ExecJSON.Execution & {passthrough: unknown},\n    ILookupPath\n  > = {\n    platform: {\n      name: 'Heimdall Tools',\n      release: HeimdallToolsVersion\n    },\n    version: HeimdallToolsVersion,\n    statistics: {},\n    profiles: [\n      {\n        name: 'NeuVector Scan',\n        title: {\n          path: 'report',\n          transformer: (data: RESTScanRepoReport) =>\n            `${data.registry}/${data.repository}:${data.tag} - Digest: ${data.digest} - Image ID: ${data.image_id}`\n        },\n        supports: [],\n        attributes: [],\n        groups: [],\n        status: 'loaded',\n        controls: [\n          {\n            path: 'report.vulnerabilities',\n            key: 'id',\n            tags: {\n              cves: {path: 'cves'},\n              cpes: {path: 'cpes'},\n              cwe: {\n                path: 'description',\n                transformer: cweTags\n              },\n              nist: {\n                path: 'description',\n                transformer: (description: string) =>\n                  nistTags(cweTags(description))\n              },\n              score: {path: 'score'},\n              vectors: {path: 'vectors'},\n              vectors_v3: {path: 'vectors_v3'},\n              score_v3: {path: 'score_v3'},\n              severity: {path: 'severity'},\n              source: {\n                path: 'package_name',\n                transformer: (packageName: string) =>\n                  this.getModules(packageName)\n              },\n              status: {\n                path: 'name',\n                transformer: (name: string) =>\n                  this.rawData.report.modules\n                    ?.find((module) => module.cves?.find(cveIdMatches(name)))\n                    ?.cves?.find(cveIdMatches(name))?.status\n              },\n              feed_rating: {path: 'feed_rating'},\n              link: {path: 'link'},\n              published_timestamp: {path: 'published_timestamp'},\n              last_modified_timestamp: {path: 'last_modified_timestamp'},\n              in_base_image: {path: 'in_base_image'},\n              tags: {\n                path: 'tags',\n                transformer: (tags: string[]) => JSON.stringify(tags, null, 2)\n              },\n              envs: {\n                path: '$.report.envs',\n                transformer: (envs?: string[]) =>\n                  envs ? envs.join('\\n') : undefined\n              },\n              cmds: {\n                path: '$.report.cmds',\n                transformer: (cmds?: string[]) =>\n                  cmds ? cmds.join('\\n') : undefined\n              }\n            },\n            refs: [],\n            source_location: {ref: {path: 'file_name'}},\n            title: {\n              transformer: (data: RESTVulnerability) =>\n                `NeuVector found a vulnerability to ${data.name} in ${data.package_name}/${data.package_version}.`\n            },\n            id: {\n              transformer: (data: RESTVulnerability) =>\n                `${data.name}/${data.package_name}/${data.package_version}`\n            },\n            desc: {path: 'description'},\n            impact: {\n              transformer: (data: RESTVulnerability) => data.score_v3 / 10\n            },\n            results: [\n              {\n                status: ExecJSON.ControlResultStatus.Failed,\n                code_desc: '',\n                message: {\n                  transformer: (data: RESTVulnerability) => {\n                    const {package_name, package_version, fixed_version} = data;\n                    if (!fixed_version) {\n                      return `Vulnerable package ${package_name} is at version ${package_version}. No fixed version available.`;\n                    }\n                    return `Vulnerable package ${package_name} is at version ${package_version}. Update to fixed version ${fixed_version}.`;\n                  }\n                },\n                start_time: ''\n              }\n            ]\n          }\n        ],\n        sha256: ''\n      }\n    ],\n    passthrough: {\n      transformer: (\n        data: NeuVectorScanJson\n      ): Record<string, unknown> & {raw?: NeuVectorScanJson} => {\n        return {\n          auxiliary_data: [\n            {\n              name: 'NeuVector',\n              data: _.omit([\n                'reports.vulnerabilities',\n                'reports.cmds',\n                'reports.envs',\n                'reports.registry',\n                'reports.repository',\n                'reports.tag',\n                'reports.digest',\n                'reports.image_id'\n              ])\n            }\n          ],\n          ...(this.withRaw && {raw: data})\n        };\n      }\n    }\n  };\n  constructor(exportJson: string, withRaw = false) {\n    const rawParams = JSON.parse(exportJson);\n    super(rawParams);\n    this.withRaw = withRaw;\n    this.rawData = rawParams;\n    this.getModules = this.memoizedGetModules();\n  }\n}\n"]}

package/lib/src/nikto-mapper.d.ts

@@ -7,3 +7,4 @@ export declare class NiktoMapper extends BaseConverter {
     }, ILookupPath>;
     constructor(niktoJson: string, withRaw?: boolean);
 }
+//# sourceMappingURL=nikto-mapper.d.ts.map

package/lib/src/nikto-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nikto-mapper.d.ts","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,QAAQ,EAAC,MAAM,UAAU,CAAC;AAGlC,OAAO,EAAC,aAAa,EAAE,WAAW,EAAE,eAAe,EAAC,MAAM,kBAAkB,CAAC;AAsB7E,qBAAa,WAAY,SAAQ,aAAa;IAC5C,OAAO,EAAE,OAAO,CAAC;IAEjB,QAAQ,EAAE,eAAe,CACvB,QAAQ,CAAC,SAAS,GAAG;QAAC,WAAW,EAAE,OAAO,CAAA;KAAC,EAC3C,WAAW,CACZ,CAqEC;gBACU,SAAS,EAAE,MAAM,EAAE,OAAO,UAAQ;CAI/C"}

package/lib/src/nikto-mapper.js

@@ -15,13 +15,23 @@ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (
 }) : function(o, v) {
     o["default"] = v;
 });
-var __importStar = (this && this.__importStar) || function (mod) {
-    if (mod && mod.__esModule) return mod;
-    var result = {};
-    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
-    __setModuleDefault(result, mod);
-    return result;
-};
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.NiktoMapper = void 0;
 const inspecjs_1 = require("inspecjs");
@@ -44,77 +54,78 @@ function nistTag(id) {
     return NIKTO_NIST_MAPPING.nistTag(id);
 }
 class NiktoMapper extends base_converter_1.BaseConverter {
-    constructor(niktoJson, withRaw = false) {
-        super(JSON.parse(niktoJson));
-        this.mappings = {
-            platform: {
-                name: 'Heimdall Tools',
-                release: package_json_1.version,
-                target_id: { transformer: projectName }
-            },
-            version: package_json_1.version,
-            statistics: {},
-            profiles: [
-                {
-                    name: 'Nikto Website Scanner',
-                    title: { transformer: formatTitle },
-                    summary: {
-                        path: 'banner',
-                        transformer: (input) => {
-                            return `Banner: ${input}`;
-                        }
-                    },
-                    supports: [],
-                    attributes: [],
-                    groups: [],
-                    status: 'loaded',
-                    controls: [
-                        {
-                            path: 'vulnerabilities',
-                            key: 'id',
-                            tags: {
-                                nist: { path: 'id', transformer: nistTag },
-                                cci: {
-                                    path: 'id',
-                                    transformer: (id) => (0, global_1.getCCIsForNISTTags)(nistTag(id))
-                                },
-                                ösvdb: { path: 'OSVDB' }
-                            },
-                            refs: [],
-                            source_location: {},
-                            title: { path: 'msg' },
-                            id: { path: 'id' },
-                            desc: { path: 'msg' },
-                            impact: 0.5,
-                            code: {
-                                transformer: (vulnerability) => JSON.stringify(vulnerability, null, 2)
+    withRaw;
+    mappings = {
+        platform: {
+            name: 'Heimdall Tools',
+            release: package_json_1.version,
+            target_id: { transformer: projectName }
+        },
+        version: package_json_1.version,
+        statistics: {},
+        profiles: [
+            {
+                name: 'Nikto Website Scanner',
+                title: { transformer: formatTitle },
+                summary: {
+                    path: 'banner',
+                    transformer: (input) => {
+                        return `Banner: ${input}`;
+                    }
+                },
+                supports: [],
+                attributes: [],
+                groups: [],
+                status: 'loaded',
+                controls: [
+                    {
+                        path: 'vulnerabilities',
+                        key: 'id',
+                        tags: {
+                            nist: { path: 'id', transformer: nistTag },
+                            cci: {
+                                path: 'id',
+                                transformer: (id) => (0, global_1.getCCIsForNISTTags)(nistTag(id))
                             },
-                            results: [
-                                {
-                                    status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
-                                    code_desc: { transformer: formatCodeDesc },
-                                    start_time: ''
-                                }
-                            ]
-                        }
-                    ],
-                    sha256: ''
-                }
-            ],
-            passthrough: {
-                transformer: (data) => {
-                    return {
-                        auxiliary_data: [
+                            ösvdb: { path: 'OSVDB' }
+                        },
+                        refs: [],
+                        source_location: {},
+                        title: { path: 'msg' },
+                        id: { path: 'id' },
+                        desc: { path: 'msg' },
+                        impact: 0.5,
+                        code: {
+                            transformer: (vulnerability) => JSON.stringify(vulnerability, null, 2)
+                        },
+                        results: [
                             {
-                                name: 'Nikto',
-                                data: _.omit(data, ['banner', 'host', 'port', 'vulnerabilities'])
+                                status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
+                                code_desc: { transformer: formatCodeDesc },
+                                start_time: ''
                             }
-                        ],
-                        ...(this.withRaw && { raw: data })
-                    };
-                }
+                        ]
+                    }
+                ],
+                sha256: ''
             }
-        };
+        ],
+        passthrough: {
+            transformer: (data) => {
+                return {
+                    auxiliary_data: [
+                        {
+                            name: 'Nikto',
+                            data: _.omit(data, ['banner', 'host', 'port', 'vulnerabilities'])
+                        }
+                    ],
+                    ...(this.withRaw && { raw: data })
+                };
+            }
+        }
+    };
+    constructor(niktoJson, withRaw = false) {
+        super(JSON.parse(niktoJson));
         this.withRaw = withRaw;
     }
 }

package/lib/src/nikto-mapper.js.map

@@ -1 +1 @@
-{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAA6E;AAC7E,kEAA6D;AAC7D,2CAAkD;AAElD,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,iBAAiB,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;AAC9C,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,SAAS,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;AACrE,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,OAAO,SAAS,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,GAAG,CAC1D,aAAa,EACb,QAAQ,CACT,EAAE,CAAC;AACN,CAAC;AACD,SAAS,OAAO,CAAC,EAAU;IACzB,OAAO,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IA4E5C,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QA1E/B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;aACtC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,uBAAuB;oBAC7B,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oBACjC,OAAO,EAAE;wBACP,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4BACtC,OAAO,WAAW,KAAK,EAAE,CAAC;wBAC5B,CAAC;qBACF;oBACD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAC;gCACxC,GAAG,EAAE;oCACH,IAAI,EAAE,IAAI;oCACV,WAAW,EAAE,CAAC,EAAU,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iCAC7D;gCACD,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;6BACvB;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACpB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACnB,MAAM,EAAE,GAAG;4BACX,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,OAAO;gCACb,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC;6BAClE;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAhFD,kCAgFC"}
+{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAA6E;AAC7E,kEAA6D;AAC7D,2CAAkD;AAElD,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,iBAAiB,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;AAC9C,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,SAAS,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;AACrE,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,OAAO,SAAS,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,GAAG,CAC1D,aAAa,EACb,QAAQ,CACT,EAAE,CAAC;AACN,CAAC;AACD,SAAS,OAAO,CAAC,EAAU;IACzB,OAAO,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IAC5C,OAAO,CAAU;IAEjB,QAAQ,GAGJ;QACF,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;YAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;SACtC;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE,EAAE;QACd,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,uBAAuB;gBAC7B,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;gBACjC,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;wBACtC,OAAO,WAAW,KAAK,EAAE,CAAC;oBAC5B,CAAC;iBACF;gBACD,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,iBAAiB;wBACvB,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE;4BACJ,IAAI,EAAE,EAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAC;4BACxC,GAAG,EAAE;gCACH,IAAI,EAAE,IAAI;gCACV,WAAW,EAAE,CAAC,EAAU,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC;6BAC7D;4BACD,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;yBACvB;wBACD,IAAI,EAAE,EAAE;wBACR,eAAe,EAAE,EAAE;wBACnB,KAAK,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;wBACpB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;wBAChB,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;wBACnB,MAAM,EAAE,GAAG;wBACX,IAAI,EAAE;4BACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;yBACzC;wBACD,OAAO,EAAE;4BACP;gCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;gCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;gCACxC,UAAU,EAAE,EAAE;6BACf;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;QACD,WAAW,EAAE;YACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;gBACtE,OAAO;oBACL,cAAc,EAAE;wBACd;4BACE,IAAI,EAAE,OAAO;4BACb,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC;yBAClE;qBACF;oBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;iBACjC,CAAC;YACJ,CAAC;SACF;KACF,CAAC;IACF,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAC7B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAhFD,kCAgFC","sourcesContent":["import {ExecJSON} from 'inspecjs';\nimport * as _ from 'lodash';\nimport {version as HeimdallToolsVersion} from '../package.json';\nimport {BaseConverter, ILookupPath, MappedTransform} from './base-converter';\nimport {NiktoNistMapping} from './mappings/NiktoNistMapping';\nimport {getCCIsForNISTTags} from './utils/global';\n\nconst NIKTO_NIST_MAPPING = new NiktoNistMapping();\n\nfunction formatTitle(file: unknown): string {\n  return `Nikto Target: ${projectName(file)}`;\n}\nfunction projectName(file: unknown): string {\n  return `Host: ${_.get(file, 'host')} Port: ${_.get(file, 'port')}`;\n}\nfunction formatCodeDesc(vulnerability: unknown): string {\n  return `URL : ${_.get(vulnerability, 'url')} Method: ${_.get(\n    vulnerability,\n    'method'\n  )}`;\n}\nfunction nistTag(id: string): string[] {\n  return NIKTO_NIST_MAPPING.nistTag(id);\n}\n\nexport class NiktoMapper extends BaseConverter {\n  withRaw: boolean;\n\n  mappings: MappedTransform<\n    ExecJSON.Execution & {passthrough: unknown},\n    ILookupPath\n  > = {\n    platform: {\n      name: 'Heimdall Tools',\n      release: HeimdallToolsVersion,\n      target_id: {transformer: projectName}\n    },\n    version: HeimdallToolsVersion,\n    statistics: {},\n    profiles: [\n      {\n        name: 'Nikto Website Scanner',\n        title: {transformer: formatTitle},\n        summary: {\n          path: 'banner',\n          transformer: (input: unknown): string => {\n            return `Banner: ${input}`;\n          }\n        },\n        supports: [],\n        attributes: [],\n        groups: [],\n        status: 'loaded',\n        controls: [\n          {\n            path: 'vulnerabilities',\n            key: 'id',\n            tags: {\n              nist: {path: 'id', transformer: nistTag},\n              cci: {\n                path: 'id',\n                transformer: (id: string) => getCCIsForNISTTags(nistTag(id))\n              },\n              ösvdb: {path: 'OSVDB'}\n            },\n            refs: [],\n            source_location: {},\n            title: {path: 'msg'},\n            id: {path: 'id'},\n            desc: {path: 'msg'},\n            impact: 0.5,\n            code: {\n              transformer: (vulnerability: Record<string, unknown>): string =>\n                JSON.stringify(vulnerability, null, 2)\n            },\n            results: [\n              {\n                status: ExecJSON.ControlResultStatus.Failed,\n                code_desc: {transformer: formatCodeDesc},\n                start_time: ''\n              }\n            ]\n          }\n        ],\n        sha256: ''\n      }\n    ],\n    passthrough: {\n      transformer: (data: Record<string, unknown>): Record<string, unknown> => {\n        return {\n          auxiliary_data: [\n            {\n              name: 'Nikto',\n              data: _.omit(data, ['banner', 'host', 'port', 'vulnerabilities'])\n            }\n          ],\n          ...(this.withRaw && {raw: data})\n        };\n      }\n    }\n  };\n  constructor(niktoJson: string, withRaw = false) {\n    super(JSON.parse(niktoJson));\n    this.withRaw = withRaw;\n  }\n}\n"]}

package/lib/src/prisma-mapper.d.ts

@@ -22,3 +22,4 @@ export declare class PrismaMapper {
     toHdf(): ExecJSON.Execution[];
     constructor(prismaCsv: string);
 }
+//# sourceMappingURL=prisma-mapper.d.ts.map

package/lib/src/prisma-mapper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prisma-mapper.d.ts","sourceRoot":"","sources":["../../src/prisma-mapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,QAAQ,EAAC,MAAM,UAAU,CAAC;AAGlC,OAAO,EACL,aAAa,EACb,WAAW,EACX,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AAO1B,MAAM,MAAM,aAAa,GAAG;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB,CAAC;AAUF,wBAAgB,OAAO,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,YAMjD;AAED,qBAAa,mBAAoB,SAAQ,aAAa;IACpD,QAAQ,EAAE,eAAe,CAAC,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAC,CAqHxD;gBAEU,cAAc,EAAE,aAAa,EAAE;CAG5C;AAED,qBAAa,YAAY;IACvB,IAAI,EAAE,aAAa,EAAE,CAAM;IAE3B,KAAK,IAAI,QAAQ,CAAC,SAAS,EAAE;gBAgBjB,SAAS,EAAE,MAAM;CAG9B"}