@mitre/hdf-converters 2.12.2 → 2.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -24
- package/lib/data/converters/csv2json.d.ts +1 -0
- package/lib/data/converters/csv2json.d.ts.map +1 -0
- package/lib/data/converters/csv2json.js +1 -1
- package/lib/data/converters/csv2json.js.map +1 -1
- package/lib/data/converters/xml2json.d.ts +1 -0
- package/lib/data/converters/xml2json.d.ts.map +1 -0
- package/lib/data/converters/xml2json.js +6 -25
- package/lib/data/converters/xml2json.js.map +1 -1
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.d.ts +2 -0
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.d.ts.map +1 -0
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.js +13 -0
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.js.map +1 -0
- package/lib/index.d.ts +6 -0
- package/lib/index.d.ts.map +1 -0
- package/lib/index.js +23 -8
- package/lib/index.js.map +1 -1
- package/lib/package.json +28 -45
- package/lib/src/anchore-grype-mapper.d.ts +1 -0
- package/lib/src/anchore-grype-mapper.d.ts.map +1 -0
- package/lib/src/anchore-grype-mapper.js +7 -1
- package/lib/src/anchore-grype-mapper.js.map +1 -1
- package/lib/src/asff-mapper/asff-mapper.d.ts +1 -0
- package/lib/src/asff-mapper/asff-mapper.d.ts.map +1 -0
- package/lib/src/asff-mapper/asff-mapper.js +276 -242
- package/lib/src/asff-mapper/asff-mapper.js.map +1 -1
- package/lib/src/asff-mapper/case-cms-inspec.d.ts +1 -0
- package/lib/src/asff-mapper/case-cms-inspec.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-cms-inspec.js +18 -9
- package/lib/src/asff-mapper/case-cms-inspec.js.map +1 -1
- package/lib/src/asff-mapper/case-firewall-manager.d.ts +1 -0
- package/lib/src/asff-mapper/case-firewall-manager.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-firewall-manager.js +18 -9
- package/lib/src/asff-mapper/case-firewall-manager.js.map +1 -1
- package/lib/src/asff-mapper/case-guardduty.d.ts +1 -0
- package/lib/src/asff-mapper/case-guardduty.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-guardduty.js +18 -9
- package/lib/src/asff-mapper/case-guardduty.js.map +1 -1
- package/lib/src/asff-mapper/case-inspector.d.ts +1 -0
- package/lib/src/asff-mapper/case-inspector.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-inspector.js +18 -9
- package/lib/src/asff-mapper/case-inspector.js.map +1 -1
- package/lib/src/asff-mapper/case-previously-hdf.d.ts +1 -0
- package/lib/src/asff-mapper/case-previously-hdf.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-previously-hdf.js +28 -15
- package/lib/src/asff-mapper/case-previously-hdf.js.map +1 -1
- package/lib/src/asff-mapper/case-prowler.d.ts +1 -0
- package/lib/src/asff-mapper/case-prowler.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-prowler.js +19 -9
- package/lib/src/asff-mapper/case-prowler.js.map +1 -1
- package/lib/src/asff-mapper/case-security-hub.d.ts +1 -0
- package/lib/src/asff-mapper/case-security-hub.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-security-hub.js +24 -9
- package/lib/src/asff-mapper/case-security-hub.js.map +1 -1
- package/lib/src/asff-mapper/case-trivy.d.ts +1 -0
- package/lib/src/asff-mapper/case-trivy.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-trivy.js +18 -9
- package/lib/src/asff-mapper/case-trivy.js.map +1 -1
- package/lib/src/aws-config-mapper.d.ts +1 -0
- package/lib/src/aws-config-mapper.d.ts.map +1 -0
- package/lib/src/aws-config-mapper.js +38 -22
- package/lib/src/aws-config-mapper.js.map +1 -1
- package/lib/src/base-converter.d.ts +2 -1
- package/lib/src/base-converter.d.ts.map +1 -0
- package/lib/src/base-converter.js +51 -33
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.d.ts +7 -0
- package/lib/src/burpsuite-mapper.d.ts.map +1 -0
- package/lib/src/burpsuite-mapper.js +115 -88
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/checkov-mapper.d.ts +67 -0
- package/lib/src/checkov-mapper.d.ts.map +1 -0
- package/lib/src/checkov-mapper.js +240 -0
- package/lib/src/checkov-mapper.js.map +1 -0
- package/lib/src/ckl-mapper/checklist-jsonix-converter.d.ts +17 -0
- package/lib/src/ckl-mapper/checklist-jsonix-converter.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js +59 -25
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-mapper.d.ts +35 -0
- package/lib/src/ckl-mapper/checklist-mapper.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklist-mapper.js +264 -155
- package/lib/src/ckl-mapper/checklist-mapper.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-metadata-utils.d.ts +1 -0
- package/lib/src/ckl-mapper/checklist-metadata-utils.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklist-metadata-utils.js +38 -16
- package/lib/src/ckl-mapper/checklist-metadata-utils.js.map +1 -1
- package/lib/src/ckl-mapper/checklistJsonix.d.ts +6 -0
- package/lib/src/ckl-mapper/checklistJsonix.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklistJsonix.js +8 -8
- package/lib/src/ckl-mapper/checklistJsonix.js.map +1 -1
- package/lib/src/ckl-mapper/jsonixMapping.d.ts +5 -0
- package/lib/src/ckl-mapper/jsonixMapping.d.ts.map +1 -0
- package/lib/src/ckl-mapper/jsonixMapping.js +4 -0
- package/lib/src/ckl-mapper/jsonixMapping.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/asff-types.d.ts +1 -0
- package/lib/src/converters-from-hdf/asff/asff-types.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/asff/asff-types.js +1 -0
- package/lib/src/converters-from-hdf/asff/asff-types.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js +110 -84
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.d.ts +1 -0
- package/lib/src/converters-from-hdf/asff/transformers.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/asff/transformers.js +82 -55
- package/lib/src/converters-from-hdf/asff/transformers.js.map +1 -1
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js +65 -38
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/html/embedded-assets.d.ts +4 -0
- package/lib/src/converters-from-hdf/html/embedded-assets.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/html/embedded-assets.js +8 -0
- package/lib/src/converters-from-hdf/html/embedded-assets.js.map +1 -0
- package/lib/src/converters-from-hdf/html/html-types.d.ts +1 -0
- package/lib/src/converters-from-hdf/html/html-types.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/html/html-types.js +1 -0
- package/lib/src/converters-from-hdf/html/html-types.js.map +1 -1
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.d.ts +3 -2
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.js +151 -107
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/reverse-any-base-converter.d.ts +1 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.js +3 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/reverse-base-converter.d.ts +1 -0
- package/lib/src/converters-from-hdf/reverse-base-converter.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/reverse-base-converter.js +29 -9
- package/lib/src/converters-from-hdf/reverse-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js +40 -16
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js +33 -12
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js.map +1 -1
- package/lib/src/conveyor-mapper.d.ts +1 -0
- package/lib/src/conveyor-mapper.d.ts.map +1 -0
- package/lib/src/conveyor-mapper.js +85 -40
- package/lib/src/conveyor-mapper.js.map +1 -1
- package/lib/src/cyclonedx-sbom-mapper.d.ts +1 -0
- package/lib/src/cyclonedx-sbom-mapper.d.ts.map +1 -0
- package/lib/src/cyclonedx-sbom-mapper.js +377 -309
- package/lib/src/cyclonedx-sbom-mapper.js.map +1 -1
- package/lib/src/dbprotect-mapper.d.ts +1 -0
- package/lib/src/dbprotect-mapper.d.ts.map +1 -0
- package/lib/src/dbprotect-mapper.js +74 -63
- package/lib/src/dbprotect-mapper.js.map +1 -1
- package/lib/src/dependency-track-mapper.d.ts +1 -0
- package/lib/src/dependency-track-mapper.d.ts.map +1 -0
- package/lib/src/dependency-track-mapper.js +144 -130
- package/lib/src/dependency-track-mapper.js.map +1 -1
- package/lib/src/fortify-mapper.d.ts +7 -0
- package/lib/src/fortify-mapper.d.ts.map +1 -0
- package/lib/src/fortify-mapper.js +118 -92
- package/lib/src/fortify-mapper.js.map +1 -1
- package/lib/src/gosec-mapper.d.ts +1 -0
- package/lib/src/gosec-mapper.d.ts.map +1 -0
- package/lib/src/gosec-mapper.js +90 -72
- package/lib/src/gosec-mapper.js.map +1 -1
- package/lib/src/ionchannel-mapper.d.ts +1 -0
- package/lib/src/ionchannel-mapper.d.ts.map +1 -0
- package/lib/src/ionchannel-mapper.js +130 -110
- package/lib/src/ionchannel-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.d.ts +1 -0
- package/lib/src/jfrog-xray-mapper.d.ts.map +1 -0
- package/lib/src/jfrog-xray-mapper.js +92 -78
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/jsonix-converter.d.ts +1 -0
- package/lib/src/jsonix-converter.d.ts.map +1 -0
- package/lib/src/jsonix-converter.js +1 -0
- package/lib/src/jsonix-converter.js.map +1 -1
- package/lib/src/jsonix-intermediate-converter.d.ts +1 -0
- package/lib/src/jsonix-intermediate-converter.d.ts.map +1 -0
- package/lib/src/jsonix-intermediate-converter.js.map +1 -1
- package/lib/src/mappings/AwsConfigMapping.d.ts +1 -0
- package/lib/src/mappings/AwsConfigMapping.d.ts.map +1 -0
- package/lib/src/mappings/AwsConfigMapping.js +19 -9
- package/lib/src/mappings/AwsConfigMapping.js.map +1 -1
- package/lib/src/mappings/AwsConfigMappingData.d.ts +1 -0
- package/lib/src/mappings/AwsConfigMappingData.d.ts.map +1 -0
- package/lib/src/mappings/AwsConfigMappingData.js.map +1 -1
- package/lib/src/mappings/CciNistMapping.d.ts +1 -0
- package/lib/src/mappings/CciNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/CciNistMapping.js +6 -2
- package/lib/src/mappings/CciNistMapping.js.map +1 -1
- package/lib/src/mappings/CciNistMappingData.d.ts +1 -0
- package/lib/src/mappings/CciNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/CciNistMappingData.js.map +1 -1
- package/lib/src/mappings/CciNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/CciNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/CciNistMappingItem.js +2 -0
- package/lib/src/mappings/CciNistMappingItem.js.map +1 -1
- package/lib/src/mappings/CheckovToCciAndNistMappingData.d.ts +5 -0
- package/lib/src/mappings/CheckovToCciAndNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/CheckovToCciAndNistMappingData.js +2695 -0
- package/lib/src/mappings/CheckovToCciAndNistMappingData.js.map +1 -0
- package/lib/src/mappings/CweNistMapping.d.ts +1 -0
- package/lib/src/mappings/CweNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/CweNistMapping.js +1 -0
- package/lib/src/mappings/CweNistMapping.js.map +1 -1
- package/lib/src/mappings/CweNistMappingData.d.ts +1 -0
- package/lib/src/mappings/CweNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/CweNistMappingData.js.map +1 -1
- package/lib/src/mappings/CweNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/CweNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/CweNistMappingItem.js +5 -0
- package/lib/src/mappings/CweNistMappingItem.js.map +1 -1
- package/lib/src/mappings/NessusPluginNistMappingData.d.ts +1 -0
- package/lib/src/mappings/NessusPluginNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/NessusPluginNistMappingData.js.map +1 -1
- package/lib/src/mappings/NessusPluginsNistMapping.d.ts +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.js +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.js.map +1 -1
- package/lib/src/mappings/NessusPluginsNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.js +4 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.js.map +1 -1
- package/lib/src/mappings/NiktoNistMapping.d.ts +1 -0
- package/lib/src/mappings/NiktoNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/NiktoNistMapping.js.map +1 -1
- package/lib/src/mappings/NiktoNistMappingData.d.ts +1 -0
- package/lib/src/mappings/NiktoNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/NiktoNistMappingData.js.map +1 -1
- package/lib/src/mappings/NiktoNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/NiktoNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/NiktoNistMappingItem.js +4 -0
- package/lib/src/mappings/NiktoNistMappingItem.js.map +1 -1
- package/lib/src/mappings/NistCciMappingData.d.ts +1 -0
- package/lib/src/mappings/NistCciMappingData.d.ts.map +1 -0
- package/lib/src/mappings/NistCciMappingData.js.map +1 -1
- package/lib/src/mappings/OwaspNistMapping.d.ts +1 -0
- package/lib/src/mappings/OwaspNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/OwaspNistMapping.js +19 -8
- package/lib/src/mappings/OwaspNistMapping.js.map +1 -1
- package/lib/src/mappings/OwaspNistMappingData.d.ts +1 -0
- package/lib/src/mappings/OwaspNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/OwaspNistMappingData.js.map +1 -1
- package/lib/src/mappings/OwaspNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/OwaspNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/OwaspNistMappingItem.js +5 -0
- package/lib/src/mappings/OwaspNistMappingItem.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMapping.d.ts +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.js +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMappingData.d.ts +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingData.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.js +2 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.js.map +1 -1
- package/lib/src/msft-secure-score-mapper.d.ts +1 -0
- package/lib/src/msft-secure-score-mapper.d.ts.map +1 -0
- package/lib/src/msft-secure-score-mapper.js +202 -185
- package/lib/src/msft-secure-score-mapper.js.map +1 -1
- package/lib/src/nessus-mapper.d.ts +2 -1
- package/lib/src/nessus-mapper.d.ts.map +1 -0
- package/lib/src/nessus-mapper.js +122 -105
- package/lib/src/nessus-mapper.js.map +1 -1
- package/lib/src/netsparker-mapper.d.ts +7 -0
- package/lib/src/netsparker-mapper.d.ts.map +1 -0
- package/lib/src/netsparker-mapper.js +34 -9
- package/lib/src/netsparker-mapper.js.map +1 -1
- package/lib/src/neuvector-mapper.d.ts +1 -0
- package/lib/src/neuvector-mapper.d.ts.map +1 -0
- package/lib/src/neuvector-mapper.js +123 -124
- package/lib/src/neuvector-mapper.js.map +1 -1
- package/lib/src/nikto-mapper.d.ts +1 -0
- package/lib/src/nikto-mapper.d.ts.map +1 -0
- package/lib/src/nikto-mapper.js +85 -74
- package/lib/src/nikto-mapper.js.map +1 -1
- package/lib/src/prisma-mapper.d.ts +1 -0
- package/lib/src/prisma-mapper.d.ts.map +1 -0
- package/lib/src/prisma-mapper.js +138 -128
- package/lib/src/prisma-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.d.ts +1 -0
- package/lib/src/sarif-mapper.d.ts.map +1 -0
- package/lib/src/sarif-mapper.js +116 -105
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/scoutsuite-mapper.d.ts +1 -0
- package/lib/src/scoutsuite-mapper.d.ts.map +1 -0
- package/lib/src/scoutsuite-mapper.js +174 -163
- package/lib/src/scoutsuite-mapper.js.map +1 -1
- package/lib/src/snyk-mapper.d.ts +1 -0
- package/lib/src/snyk-mapper.d.ts.map +1 -0
- package/lib/src/snyk-mapper.js +112 -100
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/sonarqube-mapper.d.ts +18 -5
- package/lib/src/sonarqube-mapper.d.ts.map +1 -0
- package/lib/src/sonarqube-mapper.js +526 -278
- package/lib/src/sonarqube-mapper.js.map +1 -1
- package/lib/src/splunk-mapper.d.ts +3 -2
- package/lib/src/splunk-mapper.d.ts.map +1 -0
- package/lib/src/splunk-mapper.js +72 -16
- package/lib/src/splunk-mapper.js.map +1 -1
- package/lib/src/trufflehog-mapper.d.ts +1 -0
- package/lib/src/trufflehog-mapper.d.ts.map +1 -0
- package/lib/src/trufflehog-mapper.js +72 -69
- package/lib/src/trufflehog-mapper.js.map +1 -1
- package/lib/src/twistlock-mapper.d.ts +1 -0
- package/lib/src/twistlock-mapper.d.ts.map +1 -0
- package/lib/src/twistlock-mapper.js +140 -126
- package/lib/src/twistlock-mapper.js.map +1 -1
- package/lib/src/utils/CCI_List.d.ts +1 -0
- package/lib/src/utils/CCI_List.d.ts.map +1 -0
- package/lib/src/utils/CCI_List.js.map +1 -1
- package/lib/src/utils/attestations.d.ts +1 -0
- package/lib/src/utils/attestations.d.ts.map +1 -0
- package/lib/src/utils/attestations.js +28 -13
- package/lib/src/utils/attestations.js.map +1 -1
- package/lib/src/utils/compliance.d.ts +1 -0
- package/lib/src/utils/compliance.d.ts.map +1 -0
- package/lib/src/utils/compliance.js +11 -3
- package/lib/src/utils/compliance.js.map +1 -1
- package/lib/src/utils/fingerprinting.d.ts +2 -0
- package/lib/src/utils/fingerprinting.d.ts.map +1 -0
- package/lib/src/utils/fingerprinting.js +28 -11
- package/lib/src/utils/fingerprinting.js.map +1 -1
- package/lib/src/utils/global.d.ts +3 -1
- package/lib/src/utils/global.d.ts.map +1 -0
- package/lib/src/utils/global.js +35 -17
- package/lib/src/utils/global.js.map +1 -1
- package/lib/src/utils/parseJson.d.ts +1 -0
- package/lib/src/utils/parseJson.d.ts.map +1 -0
- package/lib/src/utils/parseJson.js +7 -3
- package/lib/src/utils/parseJson.js.map +1 -1
- package/lib/src/utils/result.d.ts +1 -0
- package/lib/src/utils/result.d.ts.map +1 -0
- package/lib/src/utils/result.js.map +1 -1
- package/lib/src/utils/splunk-tools.d.ts +2 -1
- package/lib/src/utils/splunk-tools.d.ts.map +1 -0
- package/lib/src/utils/splunk-tools.js +52 -32
- package/lib/src/utils/splunk-tools.js.map +1 -1
- package/lib/src/veracode-mapper.d.ts +1 -0
- package/lib/src/veracode-mapper.d.ts.map +1 -0
- package/lib/src/veracode-mapper.js +50 -7
- package/lib/src/veracode-mapper.js.map +1 -1
- package/lib/src/xccdf-results-mapper.d.ts +7 -0
- package/lib/src/xccdf-results-mapper.d.ts.map +1 -0
- package/lib/src/xccdf-results-mapper.js +336 -301
- package/lib/src/xccdf-results-mapper.js.map +1 -1
- package/lib/src/zap-mapper.d.ts +8 -0
- package/lib/src/zap-mapper.d.ts.map +1 -0
- package/lib/src/zap-mapper.js +119 -90
- package/lib/src/zap-mapper.js.map +1 -1
- package/lib/tsconfig.build.tsbuildinfo +1 -0
- package/lib/types/neuvector-types.d.ts +1 -0
- package/lib/types/neuvector-types.d.ts.map +1 -0
- package/lib/types/neuvector-types.js +80 -0
- package/lib/types/neuvector-types.js.map +1 -1
- package/lib/types/splunk-config-types.d.ts +1 -0
- package/lib/types/splunk-config-types.d.ts.map +1 -0
- package/lib/types/splunk-config-types.js.map +1 -1
- package/lib/types/splunk-control-types.d.ts +1 -0
- package/lib/types/splunk-control-types.d.ts.map +1 -0
- package/lib/types/splunk-control-types.js.map +1 -1
- package/lib/types/splunk-profile-types.d.ts +1 -0
- package/lib/types/splunk-profile-types.d.ts.map +1 -0
- package/lib/types/splunk-profile-types.js.map +1 -1
- package/lib/types/splunk-report-types.d.ts +1 -0
- package/lib/types/splunk-report-types.d.ts.map +1 -0
- package/lib/types/splunk-report-types.js.map +1 -1
- package/package.json +29 -46
- package/lib/data/converters/csv2json.ts +0 -36
- package/lib/data/converters/xml2json.ts +0 -57
|
@@ -3,7 +3,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.ChecklistMapper = exports.ChecklistResults =
|
|
6
|
+
exports.ChecklistMapper = exports.ChecklistResults = void 0;
|
|
7
|
+
exports.getChecklistObjectFromHdf = getChecklistObjectFromHdf;
|
|
7
8
|
const inspecjs_1 = require("inspecjs");
|
|
8
9
|
const lodash_1 = __importDefault(require("lodash"));
|
|
9
10
|
const xml_formatter_1 = __importDefault(require("xml-formatter"));
|
|
@@ -22,13 +23,33 @@ var ImpactMapping;
|
|
|
22
23
|
ImpactMapping[ImpactMapping["low"] = 0.3] = "low";
|
|
23
24
|
})(ImpactMapping || (ImpactMapping = {}));
|
|
24
25
|
const CCI_NIST_TWO_WAY_MAPPER = new CciNistMapping_1.CciNistTwoWayMapper();
|
|
26
|
+
/**
|
|
27
|
+
* Tranformer function that splits a string and return array
|
|
28
|
+
* @param input - string of CCI references
|
|
29
|
+
* @returns ref - array of CCI references
|
|
30
|
+
*/
|
|
25
31
|
function cciRef(input) {
|
|
26
32
|
return input.split('; ');
|
|
27
33
|
}
|
|
34
|
+
/**
|
|
35
|
+
* Transformer function that splits string and maps resulting array
|
|
36
|
+
* into NIST control tags
|
|
37
|
+
* @param input - string of CCI references
|
|
38
|
+
* @returns tag - array of NIST Control Tags
|
|
39
|
+
*/
|
|
28
40
|
function nistTag(input) {
|
|
29
41
|
const identifiers = cciRef(input);
|
|
30
42
|
return CCI_NIST_TWO_WAY_MAPPER.nistFilter(identifiers, global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS);
|
|
31
43
|
}
|
|
44
|
+
/**
|
|
45
|
+
* Inner function to find the severity of the vuln
|
|
46
|
+
* Does not account for severity override, so this should
|
|
47
|
+
* not be taken as the final severity value
|
|
48
|
+
* Uses thirdPartyTools.hdfExistingData.severity first,
|
|
49
|
+
* then falls back to checklist severity tag
|
|
50
|
+
* @param vuln - checklist vulnerability object
|
|
51
|
+
* @returns - severity
|
|
52
|
+
*/
|
|
32
53
|
function findSeverity(vuln) {
|
|
33
54
|
let severity = vuln.severity;
|
|
34
55
|
const hdfExistingData = (0, parseJson_1.parseJson)(vuln.thirdPartyTools);
|
|
@@ -37,6 +58,13 @@ function findSeverity(vuln) {
|
|
|
37
58
|
}
|
|
38
59
|
return severity;
|
|
39
60
|
}
|
|
61
|
+
/**
|
|
62
|
+
* Inner function to find the severityoverride of the vuln
|
|
63
|
+
* Uses thirdPartyTools.hdfExistingData.severityoverride first,
|
|
64
|
+
* then falls back to checklist severityoverride tag
|
|
65
|
+
* @param vuln - checklist vulnerability object
|
|
66
|
+
* @returns - severityoverride
|
|
67
|
+
*/
|
|
40
68
|
function findSeverityOverride(vuln) {
|
|
41
69
|
let severityOverride = vuln.severityoverride;
|
|
42
70
|
const hdfExistingData = (0, parseJson_1.parseJson)(vuln.thirdPartyTools);
|
|
@@ -45,6 +73,14 @@ function findSeverityOverride(vuln) {
|
|
|
45
73
|
}
|
|
46
74
|
return severityOverride;
|
|
47
75
|
}
|
|
76
|
+
/**
|
|
77
|
+
* Function to find the computed severity of the given vuln
|
|
78
|
+
* with order of precedence as:
|
|
79
|
+
* thirdPartyTools.hdfSpecificData.severityoverride, severityoverride,
|
|
80
|
+
* thidPartyTools.hdfSpecificData.severity, severity
|
|
81
|
+
* @param vuln - checklist vulnerability object
|
|
82
|
+
* @returns severity - string none, low, medium, high, critical
|
|
83
|
+
*/
|
|
48
84
|
function computeSeverity(vuln) {
|
|
49
85
|
const severity = findSeverity(vuln);
|
|
50
86
|
const severityOverride = findSeverityOverride(vuln);
|
|
@@ -55,6 +91,12 @@ function computeSeverity(vuln) {
|
|
|
55
91
|
throw new Error(`Severity "${computed}" does not match none, low, medium, high, or critical, please check severity for ${vuln.vulnNum}`);
|
|
56
92
|
return computed;
|
|
57
93
|
}
|
|
94
|
+
/**
|
|
95
|
+
* Transformer function that checks if the status is 'Not Applicable' returning a 0.
|
|
96
|
+
* Otherwise, maps computed severity to ImpactMapping
|
|
97
|
+
* @param vuln - checklist vulnerability object
|
|
98
|
+
* @returns impact - number
|
|
99
|
+
*/
|
|
58
100
|
function transformImpact(vuln) {
|
|
59
101
|
if (vuln.status === 'Not Applicable')
|
|
60
102
|
return 0.0;
|
|
@@ -70,6 +112,13 @@ function transformImpact(vuln) {
|
|
|
70
112
|
throw new Error(`Severity "${severity}" does not match low, medium, or high, please check severity for ${vuln.vulnNum}`);
|
|
71
113
|
return impact;
|
|
72
114
|
}
|
|
115
|
+
/**
|
|
116
|
+
* Transformer function that returns appropriate enum value based on param
|
|
117
|
+
* This is required because the status value of the ControlResult object
|
|
118
|
+
* must be an ExecJSON.ControlResultStatus type
|
|
119
|
+
* @param input - string
|
|
120
|
+
* @returns enum ExecJSON.ControlResultStatus
|
|
121
|
+
*/
|
|
73
122
|
function getStatus(input) {
|
|
74
123
|
const status = input.toLowerCase();
|
|
75
124
|
switch (status) {
|
|
@@ -93,11 +142,19 @@ function checkMessage(typeCheck, messageType, message) {
|
|
|
93
142
|
return null;
|
|
94
143
|
}
|
|
95
144
|
}
|
|
145
|
+
/**
|
|
146
|
+
* Transformer function that uses current heimdall checklist export syntax for
|
|
147
|
+
* findingDetails attribute to separate a single string into multiple
|
|
148
|
+
* result objects
|
|
149
|
+
* @param input - array of one element consisting of {code_desc, status, start_time}
|
|
150
|
+
* @returns ExecJSON.ControlResult
|
|
151
|
+
*/
|
|
96
152
|
function parseFindingDetails(input) {
|
|
97
153
|
const findings = input;
|
|
98
154
|
const results = [];
|
|
99
155
|
const findingDetails = findings[0].code_desc;
|
|
100
156
|
const regex = /^(failed|passed|skipped|error) :: TEST (.*?)(?: :: (MESSAGE|SKIP_MESSAGE) (.*?))?$/s;
|
|
157
|
+
// check if code_desc is empty or does not match the above regular expression
|
|
101
158
|
if (!RegExp(regex).exec(findingDetails)) {
|
|
102
159
|
return [
|
|
103
160
|
{
|
|
@@ -108,7 +165,13 @@ function parseFindingDetails(input) {
|
|
|
108
165
|
];
|
|
109
166
|
}
|
|
110
167
|
else {
|
|
168
|
+
// split into multiple findings details using heimdall2 CKLExport functionality
|
|
111
169
|
for (const details of findingDetails.split('\n--------------------------------\n')) {
|
|
170
|
+
// regex of four groups (five if you count the full match) consisting of the four possible status
|
|
171
|
+
// followed by any number of characters after :: TEST which represents the code_desc
|
|
172
|
+
// followed by an optionally :: MESSAGE or SKIP_MESSAGE representing the message type
|
|
173
|
+
// followed by any number of characters representing the message
|
|
174
|
+
// split details for status
|
|
112
175
|
const match = regex.exec(details.trim());
|
|
113
176
|
if (match) {
|
|
114
177
|
const [, mStatus, mCode_dec, messageType, mMessage] = match;
|
|
@@ -161,16 +224,17 @@ function getChecklistObjectFromHdf(hdf) {
|
|
|
161
224
|
}
|
|
162
225
|
return lodash_1.default.get(hdf, 'passthrough.checklist', checklist_jsonix_converter_1.EmptyChecklistObject);
|
|
163
226
|
}
|
|
164
|
-
|
|
227
|
+
// baseconverter makes it difficult to assign an array to attributes using just path+transformer in this case because i think it gets instantly redirected along the 'isString' pathway due to the path pointing at a stringified json blob
|
|
228
|
+
// consequently we have to use the arraytransformer, but that doesn't run if we provide a path at the top level of the object for the same reason as specified above, so we have to put the 'hdfSpecificData' object into the subobject 'data'
|
|
229
|
+
// which we can then extract here
|
|
165
230
|
function getAttributes(input) {
|
|
166
|
-
var _a;
|
|
167
231
|
const passthrough = input;
|
|
168
232
|
const data = passthrough[0].data;
|
|
169
233
|
if (!data) {
|
|
170
234
|
return [];
|
|
171
235
|
}
|
|
172
236
|
else {
|
|
173
|
-
return
|
|
237
|
+
return JSON.parse(data).hdfSpecificData?.attributes || [];
|
|
174
238
|
}
|
|
175
239
|
}
|
|
176
240
|
function getHdfSpecificDataAttribute(attribute, input) {
|
|
@@ -182,7 +246,30 @@ function getHdfSpecificDataAttribute(attribute, input) {
|
|
|
182
246
|
return undefined;
|
|
183
247
|
return lodash_1.default.get(hdfSpecificData, attribute);
|
|
184
248
|
}
|
|
249
|
+
/**
|
|
250
|
+
* The `ChecklistResults` class extends the `ChecklistJsonixConverter` and is responsible for converting
|
|
251
|
+
* checklist data between different formats (XML CKL, HDF JSON).
|
|
252
|
+
*
|
|
253
|
+
* @extends ChecklistJsonixConverter
|
|
254
|
+
*
|
|
255
|
+
* @property {string | ExecJSON.Execution} data - The input data, which can be a string of XML data or an HDF JSON execution object.
|
|
256
|
+
* @property {Checklist} jsonixData - The JSON representation of the checklist data using the jsonix library.
|
|
257
|
+
* @property {ChecklistObject} checklistObject - The intermediate object representation of the checklist data.
|
|
258
|
+
* @property {boolean} withRaw - A flag indicating whether to include raw data in the output.
|
|
259
|
+
*/
|
|
185
260
|
class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConverter {
|
|
261
|
+
data;
|
|
262
|
+
jsonixData;
|
|
263
|
+
checklistObject;
|
|
264
|
+
withRaw;
|
|
265
|
+
/**
|
|
266
|
+
* @param {string | ExecJSON.Execution} data - The input data, which can be either an HDF JSON object
|
|
267
|
+
* or an XML CKL string, depending on the direction of the conversion.
|
|
268
|
+
* @param {boolean} [withRaw=false] - A flag indicating whether to include raw data in the output.
|
|
269
|
+
* Defaults to false.
|
|
270
|
+
*
|
|
271
|
+
* @throws Will throw an error if the asset metadata is invalid.
|
|
272
|
+
*/
|
|
186
273
|
constructor(data, withRaw = false) {
|
|
187
274
|
super(jsonixMapping_1.jsonixMapping);
|
|
188
275
|
this.data = data;
|
|
@@ -197,20 +284,32 @@ class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConve
|
|
|
197
284
|
this.jsonixData = super.fromIntermediateObject(this.checklistObject);
|
|
198
285
|
}
|
|
199
286
|
else {
|
|
287
|
+
// CREATE Intermediate Object from HDF
|
|
200
288
|
this.checklistObject = super.hdfToIntermediateObject(data);
|
|
201
289
|
(0, checklist_metadata_utils_1.throwIfInvalidAssetMetadata)(this.checklistObject.asset);
|
|
202
290
|
this.jsonixData = super.fromIntermediateObject(this.checklistObject);
|
|
203
291
|
}
|
|
204
292
|
this.withRaw = withRaw;
|
|
205
293
|
}
|
|
294
|
+
/**
|
|
295
|
+
* @method getJsonix
|
|
296
|
+
* @returns {Checklist} - Returns the JSON representation of the checklist data.
|
|
297
|
+
*/
|
|
206
298
|
getJsonix() {
|
|
207
299
|
return this.jsonixData;
|
|
208
300
|
}
|
|
301
|
+
/**
|
|
302
|
+
* @method toCkl
|
|
303
|
+
* @returns {string} - Converts JSON data in jsonix format to CKL (Checklist) XML format.
|
|
304
|
+
*/
|
|
209
305
|
toCkl() {
|
|
210
306
|
return (0, xml_formatter_1.default)(`<?xml version="1.0" encoding="UTF-8"?><!--Heimdall Version :: ${package_json_1.version}-->${super.fromJsonix(this.jsonixData)}`, { lineSeparator: '\n', collapseContent: true, indentation: '\t' });
|
|
211
307
|
}
|
|
308
|
+
/**
|
|
309
|
+
* @method toHdf
|
|
310
|
+
* @returns {ExecJSON.Execution} - Converts JSON data in intermediate format to HDF (Heimdall Data Format).
|
|
311
|
+
*/
|
|
212
312
|
toHdf() {
|
|
213
|
-
var _a;
|
|
214
313
|
const numberOfStigs = this.checklistObject.stigs.length;
|
|
215
314
|
if (numberOfStigs === 1) {
|
|
216
315
|
const defaultChecklist = new ChecklistMapper(this.checklistObject);
|
|
@@ -231,7 +330,7 @@ class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConve
|
|
|
231
330
|
sha256: ''
|
|
232
331
|
};
|
|
233
332
|
for (const profile of original.profiles) {
|
|
234
|
-
|
|
333
|
+
parent_profile.depends?.push({ name: profile.name });
|
|
235
334
|
parent_profile.controls.push(...profile.controls);
|
|
236
335
|
profile.parent_profile = parentProfileName;
|
|
237
336
|
profile.sha256 = (0, base_converter_1.generateHash)(JSON.stringify(profile));
|
|
@@ -243,165 +342,175 @@ class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConve
|
|
|
243
342
|
}
|
|
244
343
|
}
|
|
245
344
|
exports.ChecklistResults = ChecklistResults;
|
|
345
|
+
/**
|
|
346
|
+
* Checklist mapper
|
|
347
|
+
*/
|
|
246
348
|
class ChecklistMapper extends base_converter_1.BaseConverter {
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
transformer: cciRef
|
|
304
|
-
},
|
|
305
|
-
nist: {
|
|
306
|
-
path: 'cciRef',
|
|
307
|
-
transformer: nistTag
|
|
308
|
-
},
|
|
309
|
-
severity: {
|
|
310
|
-
transformer: findSeverity
|
|
311
|
-
},
|
|
312
|
-
weight: { path: 'weight' },
|
|
313
|
-
transformer: (input) => {
|
|
314
|
-
const tags = [
|
|
315
|
-
['IA_Controls', 'iaControls'],
|
|
316
|
-
['Legacy_ID', 'legacyId'],
|
|
317
|
-
['False_Positives', 'falsePositives'],
|
|
318
|
-
['False_Negatives', 'falseNegatives'],
|
|
319
|
-
['Mitigations', 'mitigations'],
|
|
320
|
-
['Mitigation_Controls', 'mitigationControl'],
|
|
321
|
-
['Potential_Impact', 'potentialImpact'],
|
|
322
|
-
['Responsibility', 'responsibility'],
|
|
323
|
-
['STIGRef', 'stigRef'],
|
|
324
|
-
['Security_Override_Guidance', 'securityOverrideGuidance'],
|
|
325
|
-
['severityjustification', 'severityjustification']
|
|
326
|
-
];
|
|
327
|
-
const fullTags = {};
|
|
328
|
-
for (const [key, path] of tags) {
|
|
329
|
-
const tagValue = lodash_1.default.get(input, path);
|
|
330
|
-
if (tagValue && tagValue !== '; ') {
|
|
331
|
-
fullTags[key] = tagValue;
|
|
332
|
-
}
|
|
333
|
-
}
|
|
334
|
-
const severityOverride = findSeverityOverride(input);
|
|
335
|
-
if (severityOverride) {
|
|
336
|
-
fullTags['severityoverride'] = severityOverride;
|
|
337
|
-
}
|
|
338
|
-
return fullTags;
|
|
339
|
-
}
|
|
349
|
+
withRaw;
|
|
350
|
+
mappings = {
|
|
351
|
+
platform: {
|
|
352
|
+
name: 'Heimdall Tools',
|
|
353
|
+
release: package_json_1.version
|
|
354
|
+
},
|
|
355
|
+
version: package_json_1.version,
|
|
356
|
+
statistics: {},
|
|
357
|
+
profiles: [
|
|
358
|
+
{
|
|
359
|
+
path: 'stigs',
|
|
360
|
+
name: { path: 'header.stigid' },
|
|
361
|
+
version: {
|
|
362
|
+
path: 'header',
|
|
363
|
+
transformer: (input) => {
|
|
364
|
+
const ret = getHdfSpecificDataAttribute('version', input.customname) ||
|
|
365
|
+
input.version;
|
|
366
|
+
return ret;
|
|
367
|
+
}
|
|
368
|
+
},
|
|
369
|
+
title: { path: 'header.title' },
|
|
370
|
+
maintainer: {
|
|
371
|
+
path: 'header.customname',
|
|
372
|
+
transformer: lodash_1.default.partial(getHdfSpecificDataAttribute, 'maintainer')
|
|
373
|
+
},
|
|
374
|
+
summary: { path: 'header.description' },
|
|
375
|
+
license: { path: 'header.notice' },
|
|
376
|
+
copyright: {
|
|
377
|
+
path: 'header.customname',
|
|
378
|
+
transformer: lodash_1.default.partial(getHdfSpecificDataAttribute, 'copyright')
|
|
379
|
+
},
|
|
380
|
+
copyright_email: {
|
|
381
|
+
path: 'header.customname',
|
|
382
|
+
transformer: lodash_1.default.partial(getHdfSpecificDataAttribute, 'copyright_email')
|
|
383
|
+
},
|
|
384
|
+
supports: [],
|
|
385
|
+
attributes: [
|
|
386
|
+
{
|
|
387
|
+
arrayTransformer: getAttributes,
|
|
388
|
+
data: { path: 'header.customname' }
|
|
389
|
+
}
|
|
390
|
+
],
|
|
391
|
+
groups: [],
|
|
392
|
+
status: 'loaded',
|
|
393
|
+
controls: [
|
|
394
|
+
{
|
|
395
|
+
path: 'vulns',
|
|
396
|
+
key: 'id',
|
|
397
|
+
tags: {
|
|
398
|
+
gtitle: { path: 'groupTitle' },
|
|
399
|
+
rid: { path: 'ruleId' },
|
|
400
|
+
gid: { path: 'vulnNum' },
|
|
401
|
+
stig_id: { path: 'ruleVer' },
|
|
402
|
+
cci: {
|
|
403
|
+
path: 'cciRef',
|
|
404
|
+
transformer: cciRef
|
|
340
405
|
},
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
|
|
346
|
-
|
|
347
|
-
{
|
|
348
|
-
data: { path: 'checkContent' },
|
|
349
|
-
label: 'check'
|
|
350
|
-
},
|
|
351
|
-
{
|
|
352
|
-
data: { path: 'fixText' },
|
|
353
|
-
label: 'fix'
|
|
354
|
-
},
|
|
355
|
-
{
|
|
356
|
-
arrayTransformer: parseComments,
|
|
357
|
-
data: { path: 'comments' },
|
|
358
|
-
label: 'comments'
|
|
359
|
-
}
|
|
360
|
-
],
|
|
361
|
-
impact: {
|
|
362
|
-
transformer: transformImpact
|
|
406
|
+
nist: {
|
|
407
|
+
path: 'cciRef',
|
|
408
|
+
transformer: nistTag
|
|
409
|
+
},
|
|
410
|
+
severity: {
|
|
411
|
+
transformer: findSeverity
|
|
363
412
|
},
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
413
|
+
weight: { path: 'weight' },
|
|
414
|
+
// following transform takes the available attributes found in a checklist vuln and if available will add to the tags.
|
|
415
|
+
// first element is the label name as it will appear in UI while the second is the ChecklistObject keyname
|
|
416
|
+
transformer: (input) => {
|
|
417
|
+
const tags = [
|
|
418
|
+
['IA_Controls', 'iaControls'],
|
|
419
|
+
['Legacy_ID', 'legacyId'],
|
|
420
|
+
['False_Positives', 'falsePositives'],
|
|
421
|
+
['False_Negatives', 'falseNegatives'],
|
|
422
|
+
['Mitigations', 'mitigations'],
|
|
423
|
+
['Mitigation_Controls', 'mitigationControl'],
|
|
424
|
+
['Potential_Impact', 'potentialImpact'],
|
|
425
|
+
['Responsibility', 'responsibility'],
|
|
426
|
+
['STIGRef', 'stigRef'],
|
|
427
|
+
['Security_Override_Guidance', 'securityOverrideGuidance'],
|
|
428
|
+
// does not follow above naming convention
|
|
429
|
+
// because it could be used in other converters
|
|
430
|
+
['severityjustification', 'severityjustification']
|
|
431
|
+
];
|
|
432
|
+
const fullTags = {};
|
|
433
|
+
for (const [key, path] of tags) {
|
|
434
|
+
const tagValue = lodash_1.default.get(input, path);
|
|
435
|
+
if (tagValue && tagValue !== '; ') {
|
|
436
|
+
fullTags[key] = tagValue;
|
|
371
437
|
}
|
|
372
|
-
return JSON.stringify(vulnerability, null, 2);
|
|
373
438
|
}
|
|
439
|
+
// another special case that does
|
|
440
|
+
// not follow above naming conventions
|
|
441
|
+
const severityOverride = findSeverityOverride(input);
|
|
442
|
+
if (severityOverride) {
|
|
443
|
+
fullTags['severityoverride'] = severityOverride;
|
|
444
|
+
}
|
|
445
|
+
return fullTags;
|
|
446
|
+
}
|
|
447
|
+
},
|
|
448
|
+
refs: [],
|
|
449
|
+
source_location: {},
|
|
450
|
+
title: { path: 'ruleTitle' },
|
|
451
|
+
id: { path: 'vulnNum' },
|
|
452
|
+
desc: { path: 'vulnDiscuss' },
|
|
453
|
+
descriptions: [
|
|
454
|
+
{
|
|
455
|
+
data: { path: 'checkContent' },
|
|
456
|
+
label: 'check'
|
|
374
457
|
},
|
|
375
|
-
|
|
376
|
-
{
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
458
|
+
{
|
|
459
|
+
data: { path: 'fixText' },
|
|
460
|
+
label: 'fix'
|
|
461
|
+
},
|
|
462
|
+
{
|
|
463
|
+
arrayTransformer: parseComments,
|
|
464
|
+
data: { path: 'comments' },
|
|
465
|
+
label: 'comments'
|
|
466
|
+
}
|
|
467
|
+
],
|
|
468
|
+
impact: {
|
|
469
|
+
transformer: transformImpact
|
|
470
|
+
},
|
|
471
|
+
code: {
|
|
472
|
+
transformer: (vulnerability) => {
|
|
473
|
+
const data = (0, parseJson_1.parseJson)(vulnerability.thirdPartyTools);
|
|
474
|
+
if (data.ok) {
|
|
475
|
+
const code = lodash_1.default.get(data.value, 'hdfSpecificData.code');
|
|
476
|
+
if (code)
|
|
477
|
+
return code;
|
|
384
478
|
}
|
|
385
|
-
|
|
386
|
-
}
|
|
387
|
-
],
|
|
388
|
-
sha256: ''
|
|
389
|
-
}
|
|
390
|
-
],
|
|
391
|
-
passthrough: {
|
|
392
|
-
transformer: (data) => {
|
|
393
|
-
return {
|
|
394
|
-
...{
|
|
395
|
-
checklist: {
|
|
396
|
-
asset: data.asset,
|
|
397
|
-
stigs: data.stigs
|
|
479
|
+
return JSON.stringify(vulnerability, null, 2);
|
|
398
480
|
}
|
|
399
481
|
},
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
482
|
+
results: [
|
|
483
|
+
{
|
|
484
|
+
arrayTransformer: parseFindingDetails,
|
|
485
|
+
status: {
|
|
486
|
+
path: 'status',
|
|
487
|
+
transformer: getStatus
|
|
488
|
+
},
|
|
489
|
+
code_desc: { path: 'findingdetails' },
|
|
490
|
+
start_time: ''
|
|
491
|
+
}
|
|
492
|
+
]
|
|
493
|
+
}
|
|
494
|
+
],
|
|
495
|
+
sha256: ''
|
|
496
|
+
}
|
|
497
|
+
],
|
|
498
|
+
passthrough: {
|
|
499
|
+
transformer: (data) => {
|
|
500
|
+
return {
|
|
501
|
+
...{
|
|
502
|
+
checklist: {
|
|
503
|
+
asset: data.asset,
|
|
504
|
+
stigs: data.stigs
|
|
505
|
+
}
|
|
506
|
+
},
|
|
507
|
+
...(this.withRaw && { raw: data.jsonixData })
|
|
508
|
+
};
|
|
403
509
|
}
|
|
404
|
-
}
|
|
510
|
+
}
|
|
511
|
+
};
|
|
512
|
+
constructor(checklistObject, withRaw = false) {
|
|
513
|
+
super(checklistObject);
|
|
405
514
|
this.withRaw = withRaw;
|
|
406
515
|
}
|
|
407
516
|
}
|