@mitre/hdf-converters 2.12.6 → 2.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +25 -24
- package/lib/data/converters/csv2json.d.ts +1 -0
- package/lib/data/converters/csv2json.d.ts.map +1 -0
- package/lib/data/converters/csv2json.js +1 -1
- package/lib/data/converters/csv2json.js.map +1 -1
- package/lib/data/converters/xml2json.d.ts +1 -0
- package/lib/data/converters/xml2json.d.ts.map +1 -0
- package/lib/data/converters/xml2json.js +6 -25
- package/lib/data/converters/xml2json.js.map +1 -1
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.d.ts +2 -0
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.d.ts.map +1 -0
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.js +13 -0
- package/lib/data/reverse-html-mapper/convert-to-embedded-strings.js.map +1 -0
- package/lib/index.d.ts +6 -0
- package/lib/index.d.ts.map +1 -0
- package/lib/index.js +23 -8
- package/lib/index.js.map +1 -1
- package/lib/package.json +19 -40
- package/lib/src/anchore-grype-mapper.d.ts +1 -0
- package/lib/src/anchore-grype-mapper.d.ts.map +1 -0
- package/lib/src/anchore-grype-mapper.js +7 -1
- package/lib/src/anchore-grype-mapper.js.map +1 -1
- package/lib/src/asff-mapper/asff-mapper.d.ts +1 -0
- package/lib/src/asff-mapper/asff-mapper.d.ts.map +1 -0
- package/lib/src/asff-mapper/asff-mapper.js +274 -237
- package/lib/src/asff-mapper/asff-mapper.js.map +1 -1
- package/lib/src/asff-mapper/case-cms-inspec.d.ts +1 -0
- package/lib/src/asff-mapper/case-cms-inspec.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-cms-inspec.js +18 -9
- package/lib/src/asff-mapper/case-cms-inspec.js.map +1 -1
- package/lib/src/asff-mapper/case-firewall-manager.d.ts +1 -0
- package/lib/src/asff-mapper/case-firewall-manager.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-firewall-manager.js +18 -9
- package/lib/src/asff-mapper/case-firewall-manager.js.map +1 -1
- package/lib/src/asff-mapper/case-guardduty.d.ts +1 -0
- package/lib/src/asff-mapper/case-guardduty.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-guardduty.js +18 -9
- package/lib/src/asff-mapper/case-guardduty.js.map +1 -1
- package/lib/src/asff-mapper/case-inspector.d.ts +1 -0
- package/lib/src/asff-mapper/case-inspector.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-inspector.js +18 -9
- package/lib/src/asff-mapper/case-inspector.js.map +1 -1
- package/lib/src/asff-mapper/case-previously-hdf.d.ts +1 -0
- package/lib/src/asff-mapper/case-previously-hdf.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-previously-hdf.js +21 -10
- package/lib/src/asff-mapper/case-previously-hdf.js.map +1 -1
- package/lib/src/asff-mapper/case-prowler.d.ts +1 -0
- package/lib/src/asff-mapper/case-prowler.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-prowler.js +19 -9
- package/lib/src/asff-mapper/case-prowler.js.map +1 -1
- package/lib/src/asff-mapper/case-security-hub.d.ts +1 -0
- package/lib/src/asff-mapper/case-security-hub.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-security-hub.js +24 -9
- package/lib/src/asff-mapper/case-security-hub.js.map +1 -1
- package/lib/src/asff-mapper/case-trivy.d.ts +1 -0
- package/lib/src/asff-mapper/case-trivy.d.ts.map +1 -0
- package/lib/src/asff-mapper/case-trivy.js +18 -9
- package/lib/src/asff-mapper/case-trivy.js.map +1 -1
- package/lib/src/aws-config-mapper.d.ts +1 -0
- package/lib/src/aws-config-mapper.d.ts.map +1 -0
- package/lib/src/aws-config-mapper.js +29 -7
- package/lib/src/aws-config-mapper.js.map +1 -1
- package/lib/src/base-converter.d.ts +2 -1
- package/lib/src/base-converter.d.ts.map +1 -0
- package/lib/src/base-converter.js +46 -26
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.d.ts +7 -0
- package/lib/src/burpsuite-mapper.d.ts.map +1 -0
- package/lib/src/burpsuite-mapper.js +115 -88
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/checkov-mapper.d.ts +67 -0
- package/lib/src/checkov-mapper.d.ts.map +1 -0
- package/lib/src/checkov-mapper.js +240 -0
- package/lib/src/checkov-mapper.js.map +1 -0
- package/lib/src/ckl-mapper/checklist-jsonix-converter.d.ts +17 -0
- package/lib/src/ckl-mapper/checklist-jsonix-converter.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js +38 -4
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-mapper.d.ts +35 -0
- package/lib/src/ckl-mapper/checklist-mapper.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklist-mapper.js +262 -151
- package/lib/src/ckl-mapper/checklist-mapper.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-metadata-utils.d.ts +1 -0
- package/lib/src/ckl-mapper/checklist-metadata-utils.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklist-metadata-utils.js +32 -15
- package/lib/src/ckl-mapper/checklist-metadata-utils.js.map +1 -1
- package/lib/src/ckl-mapper/checklistJsonix.d.ts +6 -0
- package/lib/src/ckl-mapper/checklistJsonix.d.ts.map +1 -0
- package/lib/src/ckl-mapper/checklistJsonix.js +8 -8
- package/lib/src/ckl-mapper/checklistJsonix.js.map +1 -1
- package/lib/src/ckl-mapper/jsonixMapping.d.ts +5 -0
- package/lib/src/ckl-mapper/jsonixMapping.d.ts.map +1 -0
- package/lib/src/ckl-mapper/jsonixMapping.js +4 -0
- package/lib/src/ckl-mapper/jsonixMapping.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/asff-types.d.ts +1 -0
- package/lib/src/converters-from-hdf/asff/asff-types.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/asff/asff-types.js +1 -0
- package/lib/src/converters-from-hdf/asff/asff-types.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js +110 -84
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.d.ts +1 -0
- package/lib/src/converters-from-hdf/asff/transformers.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/asff/transformers.js +68 -38
- package/lib/src/converters-from-hdf/asff/transformers.js.map +1 -1
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js +54 -28
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/html/embedded-assets.d.ts +4 -0
- package/lib/src/converters-from-hdf/html/embedded-assets.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/html/embedded-assets.js +8 -0
- package/lib/src/converters-from-hdf/html/embedded-assets.js.map +1 -0
- package/lib/src/converters-from-hdf/html/html-types.d.ts +1 -0
- package/lib/src/converters-from-hdf/html/html-types.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/html/html-types.js +1 -0
- package/lib/src/converters-from-hdf/html/html-types.js.map +1 -1
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.d.ts +3 -2
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.js +151 -107
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/reverse-any-base-converter.d.ts +1 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.js +3 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/reverse-base-converter.d.ts +1 -0
- package/lib/src/converters-from-hdf/reverse-base-converter.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/reverse-base-converter.js +29 -9
- package/lib/src/converters-from-hdf/reverse-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js +39 -14
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.d.ts +1 -0
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.d.ts.map +1 -0
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js +32 -10
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js.map +1 -1
- package/lib/src/conveyor-mapper.d.ts +1 -0
- package/lib/src/conveyor-mapper.d.ts.map +1 -0
- package/lib/src/conveyor-mapper.js +85 -40
- package/lib/src/conveyor-mapper.js.map +1 -1
- package/lib/src/cyclonedx-sbom-mapper.d.ts +1 -0
- package/lib/src/cyclonedx-sbom-mapper.d.ts.map +1 -0
- package/lib/src/cyclonedx-sbom-mapper.js +368 -294
- package/lib/src/cyclonedx-sbom-mapper.js.map +1 -1
- package/lib/src/dbprotect-mapper.d.ts +1 -0
- package/lib/src/dbprotect-mapper.d.ts.map +1 -0
- package/lib/src/dbprotect-mapper.js +74 -63
- package/lib/src/dbprotect-mapper.js.map +1 -1
- package/lib/src/dependency-track-mapper.d.ts +1 -0
- package/lib/src/dependency-track-mapper.d.ts.map +1 -0
- package/lib/src/dependency-track-mapper.js +144 -130
- package/lib/src/dependency-track-mapper.js.map +1 -1
- package/lib/src/fortify-mapper.d.ts +7 -0
- package/lib/src/fortify-mapper.d.ts.map +1 -0
- package/lib/src/fortify-mapper.js +118 -92
- package/lib/src/fortify-mapper.js.map +1 -1
- package/lib/src/gosec-mapper.d.ts +1 -0
- package/lib/src/gosec-mapper.d.ts.map +1 -0
- package/lib/src/gosec-mapper.js +90 -72
- package/lib/src/gosec-mapper.js.map +1 -1
- package/lib/src/ionchannel-mapper.d.ts +1 -0
- package/lib/src/ionchannel-mapper.d.ts.map +1 -0
- package/lib/src/ionchannel-mapper.js +130 -110
- package/lib/src/ionchannel-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.d.ts +1 -0
- package/lib/src/jfrog-xray-mapper.d.ts.map +1 -0
- package/lib/src/jfrog-xray-mapper.js +92 -78
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/jsonix-converter.d.ts +1 -0
- package/lib/src/jsonix-converter.d.ts.map +1 -0
- package/lib/src/jsonix-converter.js +1 -0
- package/lib/src/jsonix-converter.js.map +1 -1
- package/lib/src/jsonix-intermediate-converter.d.ts +1 -0
- package/lib/src/jsonix-intermediate-converter.d.ts.map +1 -0
- package/lib/src/jsonix-intermediate-converter.js.map +1 -1
- package/lib/src/mappings/AwsConfigMapping.d.ts +1 -0
- package/lib/src/mappings/AwsConfigMapping.d.ts.map +1 -0
- package/lib/src/mappings/AwsConfigMapping.js +19 -9
- package/lib/src/mappings/AwsConfigMapping.js.map +1 -1
- package/lib/src/mappings/AwsConfigMappingData.d.ts +1 -0
- package/lib/src/mappings/AwsConfigMappingData.d.ts.map +1 -0
- package/lib/src/mappings/AwsConfigMappingData.js.map +1 -1
- package/lib/src/mappings/CciNistMapping.d.ts +1 -0
- package/lib/src/mappings/CciNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/CciNistMapping.js +4 -0
- package/lib/src/mappings/CciNistMapping.js.map +1 -1
- package/lib/src/mappings/CciNistMappingData.d.ts +1 -0
- package/lib/src/mappings/CciNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/CciNistMappingData.js.map +1 -1
- package/lib/src/mappings/CciNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/CciNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/CciNistMappingItem.js +2 -0
- package/lib/src/mappings/CciNistMappingItem.js.map +1 -1
- package/lib/src/mappings/CheckovToCciAndNistMappingData.d.ts +5 -0
- package/lib/src/mappings/CheckovToCciAndNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/CheckovToCciAndNistMappingData.js +2695 -0
- package/lib/src/mappings/CheckovToCciAndNistMappingData.js.map +1 -0
- package/lib/src/mappings/CweNistMapping.d.ts +1 -0
- package/lib/src/mappings/CweNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/CweNistMapping.js +1 -0
- package/lib/src/mappings/CweNistMapping.js.map +1 -1
- package/lib/src/mappings/CweNistMappingData.d.ts +1 -0
- package/lib/src/mappings/CweNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/CweNistMappingData.js.map +1 -1
- package/lib/src/mappings/CweNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/CweNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/CweNistMappingItem.js +5 -0
- package/lib/src/mappings/CweNistMappingItem.js.map +1 -1
- package/lib/src/mappings/NessusPluginNistMappingData.d.ts +1 -0
- package/lib/src/mappings/NessusPluginNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/NessusPluginNistMappingData.js.map +1 -1
- package/lib/src/mappings/NessusPluginsNistMapping.d.ts +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.js +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.js.map +1 -1
- package/lib/src/mappings/NessusPluginsNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.js +4 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.js.map +1 -1
- package/lib/src/mappings/NiktoNistMapping.d.ts +1 -0
- package/lib/src/mappings/NiktoNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/NiktoNistMapping.js.map +1 -1
- package/lib/src/mappings/NiktoNistMappingData.d.ts +1 -0
- package/lib/src/mappings/NiktoNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/NiktoNistMappingData.js.map +1 -1
- package/lib/src/mappings/NiktoNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/NiktoNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/NiktoNistMappingItem.js +4 -0
- package/lib/src/mappings/NiktoNistMappingItem.js.map +1 -1
- package/lib/src/mappings/NistCciMappingData.d.ts +1 -0
- package/lib/src/mappings/NistCciMappingData.d.ts.map +1 -0
- package/lib/src/mappings/NistCciMappingData.js.map +1 -1
- package/lib/src/mappings/OwaspNistMapping.d.ts +1 -0
- package/lib/src/mappings/OwaspNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/OwaspNistMapping.js +18 -7
- package/lib/src/mappings/OwaspNistMapping.js.map +1 -1
- package/lib/src/mappings/OwaspNistMappingData.d.ts +1 -0
- package/lib/src/mappings/OwaspNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/OwaspNistMappingData.js.map +1 -1
- package/lib/src/mappings/OwaspNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/OwaspNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/OwaspNistMappingItem.js +5 -0
- package/lib/src/mappings/OwaspNistMappingItem.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMapping.d.ts +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.d.ts.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.js +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMappingData.d.ts +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingData.d.ts.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingData.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMappingItem.d.ts +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.d.ts.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.js +2 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.js.map +1 -1
- package/lib/src/msft-secure-score-mapper.d.ts +1 -0
- package/lib/src/msft-secure-score-mapper.d.ts.map +1 -0
- package/lib/src/msft-secure-score-mapper.js +202 -185
- package/lib/src/msft-secure-score-mapper.js.map +1 -1
- package/lib/src/nessus-mapper.d.ts +2 -1
- package/lib/src/nessus-mapper.d.ts.map +1 -0
- package/lib/src/nessus-mapper.js +122 -105
- package/lib/src/nessus-mapper.js.map +1 -1
- package/lib/src/netsparker-mapper.d.ts +7 -0
- package/lib/src/netsparker-mapper.d.ts.map +1 -0
- package/lib/src/netsparker-mapper.js +34 -9
- package/lib/src/netsparker-mapper.js.map +1 -1
- package/lib/src/neuvector-mapper.d.ts +1 -0
- package/lib/src/neuvector-mapper.d.ts.map +1 -0
- package/lib/src/neuvector-mapper.js +120 -117
- package/lib/src/neuvector-mapper.js.map +1 -1
- package/lib/src/nikto-mapper.d.ts +1 -0
- package/lib/src/nikto-mapper.d.ts.map +1 -0
- package/lib/src/nikto-mapper.js +85 -74
- package/lib/src/nikto-mapper.js.map +1 -1
- package/lib/src/prisma-mapper.d.ts +1 -0
- package/lib/src/prisma-mapper.d.ts.map +1 -0
- package/lib/src/prisma-mapper.js +138 -128
- package/lib/src/prisma-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.d.ts +1 -0
- package/lib/src/sarif-mapper.d.ts.map +1 -0
- package/lib/src/sarif-mapper.js +116 -105
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/scoutsuite-mapper.d.ts +1 -0
- package/lib/src/scoutsuite-mapper.d.ts.map +1 -0
- package/lib/src/scoutsuite-mapper.js +174 -163
- package/lib/src/scoutsuite-mapper.js.map +1 -1
- package/lib/src/snyk-mapper.d.ts +1 -0
- package/lib/src/snyk-mapper.d.ts.map +1 -0
- package/lib/src/snyk-mapper.js +112 -100
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/sonarqube-mapper.d.ts +18 -5
- package/lib/src/sonarqube-mapper.d.ts.map +1 -0
- package/lib/src/sonarqube-mapper.js +525 -271
- package/lib/src/sonarqube-mapper.js.map +1 -1
- package/lib/src/splunk-mapper.d.ts +3 -2
- package/lib/src/splunk-mapper.d.ts.map +1 -0
- package/lib/src/splunk-mapper.js +69 -12
- package/lib/src/splunk-mapper.js.map +1 -1
- package/lib/src/trufflehog-mapper.d.ts +1 -0
- package/lib/src/trufflehog-mapper.d.ts.map +1 -0
- package/lib/src/trufflehog-mapper.js +72 -69
- package/lib/src/trufflehog-mapper.js.map +1 -1
- package/lib/src/twistlock-mapper.d.ts +1 -0
- package/lib/src/twistlock-mapper.d.ts.map +1 -0
- package/lib/src/twistlock-mapper.js +140 -126
- package/lib/src/twistlock-mapper.js.map +1 -1
- package/lib/src/utils/CCI_List.d.ts +1 -0
- package/lib/src/utils/CCI_List.d.ts.map +1 -0
- package/lib/src/utils/CCI_List.js.map +1 -1
- package/lib/src/utils/attestations.d.ts +1 -0
- package/lib/src/utils/attestations.d.ts.map +1 -0
- package/lib/src/utils/attestations.js +28 -13
- package/lib/src/utils/attestations.js.map +1 -1
- package/lib/src/utils/compliance.d.ts +1 -0
- package/lib/src/utils/compliance.d.ts.map +1 -0
- package/lib/src/utils/compliance.js +11 -3
- package/lib/src/utils/compliance.js.map +1 -1
- package/lib/src/utils/fingerprinting.d.ts +2 -0
- package/lib/src/utils/fingerprinting.d.ts.map +1 -0
- package/lib/src/utils/fingerprinting.js +28 -11
- package/lib/src/utils/fingerprinting.js.map +1 -1
- package/lib/src/utils/global.d.ts +3 -1
- package/lib/src/utils/global.d.ts.map +1 -0
- package/lib/src/utils/global.js +34 -15
- package/lib/src/utils/global.js.map +1 -1
- package/lib/src/utils/parseJson.d.ts +1 -0
- package/lib/src/utils/parseJson.d.ts.map +1 -0
- package/lib/src/utils/parseJson.js +7 -3
- package/lib/src/utils/parseJson.js.map +1 -1
- package/lib/src/utils/result.d.ts +1 -0
- package/lib/src/utils/result.d.ts.map +1 -0
- package/lib/src/utils/result.js.map +1 -1
- package/lib/src/utils/splunk-tools.d.ts +2 -1
- package/lib/src/utils/splunk-tools.d.ts.map +1 -0
- package/lib/src/utils/splunk-tools.js +52 -31
- package/lib/src/utils/splunk-tools.js.map +1 -1
- package/lib/src/veracode-mapper.d.ts +1 -0
- package/lib/src/veracode-mapper.d.ts.map +1 -0
- package/lib/src/veracode-mapper.js +50 -7
- package/lib/src/veracode-mapper.js.map +1 -1
- package/lib/src/xccdf-results-mapper.d.ts +7 -0
- package/lib/src/xccdf-results-mapper.d.ts.map +1 -0
- package/lib/src/xccdf-results-mapper.js +336 -301
- package/lib/src/xccdf-results-mapper.js.map +1 -1
- package/lib/src/zap-mapper.d.ts +8 -0
- package/lib/src/zap-mapper.d.ts.map +1 -0
- package/lib/src/zap-mapper.js +119 -90
- package/lib/src/zap-mapper.js.map +1 -1
- package/lib/tsconfig.build.tsbuildinfo +1 -0
- package/lib/types/neuvector-types.d.ts +1 -0
- package/lib/types/neuvector-types.d.ts.map +1 -0
- package/lib/types/neuvector-types.js +80 -0
- package/lib/types/neuvector-types.js.map +1 -1
- package/lib/types/splunk-config-types.d.ts +1 -0
- package/lib/types/splunk-config-types.d.ts.map +1 -0
- package/lib/types/splunk-config-types.js.map +1 -1
- package/lib/types/splunk-control-types.d.ts +1 -0
- package/lib/types/splunk-control-types.d.ts.map +1 -0
- package/lib/types/splunk-control-types.js.map +1 -1
- package/lib/types/splunk-profile-types.d.ts +1 -0
- package/lib/types/splunk-profile-types.d.ts.map +1 -0
- package/lib/types/splunk-profile-types.js.map +1 -1
- package/lib/types/splunk-report-types.d.ts +1 -0
- package/lib/types/splunk-report-types.d.ts.map +1 -0
- package/lib/types/splunk-report-types.js.map +1 -1
- package/package.json +19 -40
- package/lib/data/converters/csv2json.ts +0 -36
- package/lib/data/converters/xml2json.ts +0 -57
|
@@ -3,16 +3,50 @@ import { BaseConverter, ILookupPath, MappedTransform } from '../base-converter';
|
|
|
3
3
|
import { ChecklistJsonixConverter, ChecklistObject } from './checklist-jsonix-converter';
|
|
4
4
|
import { Checklist } from './checklistJsonix';
|
|
5
5
|
export declare function getChecklistObjectFromHdf(hdf: ExecJSON.Execution): ChecklistObject;
|
|
6
|
+
/**
|
|
7
|
+
* The `ChecklistResults` class extends the `ChecklistJsonixConverter` and is responsible for converting
|
|
8
|
+
* checklist data between different formats (XML CKL, HDF JSON).
|
|
9
|
+
*
|
|
10
|
+
* @extends ChecklistJsonixConverter
|
|
11
|
+
*
|
|
12
|
+
* @property {string | ExecJSON.Execution} data - The input data, which can be a string of XML data or an HDF JSON execution object.
|
|
13
|
+
* @property {Checklist} jsonixData - The JSON representation of the checklist data using the jsonix library.
|
|
14
|
+
* @property {ChecklistObject} checklistObject - The intermediate object representation of the checklist data.
|
|
15
|
+
* @property {boolean} withRaw - A flag indicating whether to include raw data in the output.
|
|
16
|
+
*/
|
|
6
17
|
export declare class ChecklistResults extends ChecklistJsonixConverter {
|
|
7
18
|
data: string | ExecJSON.Execution;
|
|
8
19
|
jsonixData: Checklist;
|
|
9
20
|
checklistObject: ChecklistObject;
|
|
10
21
|
withRaw: boolean;
|
|
22
|
+
/**
|
|
23
|
+
* @param {string | ExecJSON.Execution} data - The input data, which can be either an HDF JSON object
|
|
24
|
+
* or an XML CKL string, depending on the direction of the conversion.
|
|
25
|
+
* @param {boolean} [withRaw=false] - A flag indicating whether to include raw data in the output.
|
|
26
|
+
* Defaults to false.
|
|
27
|
+
*
|
|
28
|
+
* @throws Will throw an error if the asset metadata is invalid.
|
|
29
|
+
*/
|
|
11
30
|
constructor(data: string | ExecJSON.Execution, withRaw?: boolean);
|
|
31
|
+
/**
|
|
32
|
+
* @method getJsonix
|
|
33
|
+
* @returns {Checklist} - Returns the JSON representation of the checklist data.
|
|
34
|
+
*/
|
|
12
35
|
getJsonix(): Checklist;
|
|
36
|
+
/**
|
|
37
|
+
* @method toCkl
|
|
38
|
+
* @returns {string} - Converts JSON data in jsonix format to CKL (Checklist) XML format.
|
|
39
|
+
*/
|
|
13
40
|
toCkl(): string;
|
|
41
|
+
/**
|
|
42
|
+
* @method toHdf
|
|
43
|
+
* @returns {ExecJSON.Execution} - Converts JSON data in intermediate format to HDF (Heimdall Data Format).
|
|
44
|
+
*/
|
|
14
45
|
toHdf(): ExecJSON.Execution;
|
|
15
46
|
}
|
|
47
|
+
/**
|
|
48
|
+
* Checklist mapper
|
|
49
|
+
*/
|
|
16
50
|
export declare class ChecklistMapper extends BaseConverter {
|
|
17
51
|
withRaw: boolean;
|
|
18
52
|
mappings: MappedTransform<ExecJSON.Execution & {
|
|
@@ -20,3 +54,4 @@ export declare class ChecklistMapper extends BaseConverter {
|
|
|
20
54
|
}, ILookupPath>;
|
|
21
55
|
constructor(checklistObject: ChecklistObject, withRaw?: boolean);
|
|
22
56
|
}
|
|
57
|
+
//# sourceMappingURL=checklist-mapper.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"checklist-mapper.d.ts","sourceRoot":"","sources":["../../../src/ckl-mapper/checklist-mapper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAC,QAAQ,EAAa,MAAM,UAAU,CAAC;AAI9C,OAAO,EACL,aAAa,EAEb,WAAW,EACX,eAAe,EAChB,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,wBAAwB,EACxB,eAAe,EAIhB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAC,SAAS,EAAC,MAAM,mBAAmB,CAAC;AAqP5C,wBAAgB,yBAAyB,CACvC,GAAG,EAAE,QAAQ,CAAC,SAAS,GACtB,eAAe,CAKjB;AA0BD;;;;;;;;;;GAUG;AACH,qBAAa,gBAAiB,SAAQ,wBAAwB;IAC5D,IAAI,EAAE,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC;IAClC,UAAU,EAAE,SAAS,CAAC;IACtB,eAAe,EAAE,eAAe,CAAC;IACjC,OAAO,EAAE,OAAO,CAAC;IAEjB;;;;;;;OAOG;gBACS,IAAI,EAAE,MAAM,GAAG,QAAQ,CAAC,SAAS,EAAE,OAAO,UAAQ;IAqB9D;;;OAGG;IACH,SAAS,IAAI,SAAS;IAItB;;;OAGG;IACH,KAAK,IAAI,MAAM;IASf;;;OAGG;IACH,KAAK,IAAI,QAAQ,CAAC,SAAS;CA8B5B;AAED;;GAEG;AACH,qBAAa,eAAgB,SAAQ,aAAa;IAChD,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,eAAe,CACvB,QAAQ,CAAC,SAAS,GAAG;QAAC,WAAW,EAAE,OAAO,CAAA;KAAC,EAC3C,WAAW,CACZ,CAsKC;gBAEU,eAAe,EAAE,eAAe,EAAE,OAAO,UAAQ;CAI9D"}
|
|
@@ -3,7 +3,8 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.ChecklistMapper = exports.ChecklistResults =
|
|
6
|
+
exports.ChecklistMapper = exports.ChecklistResults = void 0;
|
|
7
|
+
exports.getChecklistObjectFromHdf = getChecklistObjectFromHdf;
|
|
7
8
|
const inspecjs_1 = require("inspecjs");
|
|
8
9
|
const lodash_1 = __importDefault(require("lodash"));
|
|
9
10
|
const xml_formatter_1 = __importDefault(require("xml-formatter"));
|
|
@@ -22,13 +23,33 @@ var ImpactMapping;
|
|
|
22
23
|
ImpactMapping[ImpactMapping["low"] = 0.3] = "low";
|
|
23
24
|
})(ImpactMapping || (ImpactMapping = {}));
|
|
24
25
|
const CCI_NIST_TWO_WAY_MAPPER = new CciNistMapping_1.CciNistTwoWayMapper();
|
|
26
|
+
/**
|
|
27
|
+
* Tranformer function that splits a string and return array
|
|
28
|
+
* @param input - string of CCI references
|
|
29
|
+
* @returns ref - array of CCI references
|
|
30
|
+
*/
|
|
25
31
|
function cciRef(input) {
|
|
26
32
|
return input.split('; ');
|
|
27
33
|
}
|
|
34
|
+
/**
|
|
35
|
+
* Transformer function that splits string and maps resulting array
|
|
36
|
+
* into NIST control tags
|
|
37
|
+
* @param input - string of CCI references
|
|
38
|
+
* @returns tag - array of NIST Control Tags
|
|
39
|
+
*/
|
|
28
40
|
function nistTag(input) {
|
|
29
41
|
const identifiers = cciRef(input);
|
|
30
42
|
return CCI_NIST_TWO_WAY_MAPPER.nistFilter(identifiers, global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS);
|
|
31
43
|
}
|
|
44
|
+
/**
|
|
45
|
+
* Inner function to find the severity of the vuln
|
|
46
|
+
* Does not account for severity override, so this should
|
|
47
|
+
* not be taken as the final severity value
|
|
48
|
+
* Uses thirdPartyTools.hdfExistingData.severity first,
|
|
49
|
+
* then falls back to checklist severity tag
|
|
50
|
+
* @param vuln - checklist vulnerability object
|
|
51
|
+
* @returns - severity
|
|
52
|
+
*/
|
|
32
53
|
function findSeverity(vuln) {
|
|
33
54
|
let severity = vuln.severity;
|
|
34
55
|
const hdfExistingData = (0, parseJson_1.parseJson)(vuln.thirdPartyTools);
|
|
@@ -37,6 +58,13 @@ function findSeverity(vuln) {
|
|
|
37
58
|
}
|
|
38
59
|
return severity;
|
|
39
60
|
}
|
|
61
|
+
/**
|
|
62
|
+
* Inner function to find the severityoverride of the vuln
|
|
63
|
+
* Uses thirdPartyTools.hdfExistingData.severityoverride first,
|
|
64
|
+
* then falls back to checklist severityoverride tag
|
|
65
|
+
* @param vuln - checklist vulnerability object
|
|
66
|
+
* @returns - severityoverride
|
|
67
|
+
*/
|
|
40
68
|
function findSeverityOverride(vuln) {
|
|
41
69
|
let severityOverride = vuln.severityoverride;
|
|
42
70
|
const hdfExistingData = (0, parseJson_1.parseJson)(vuln.thirdPartyTools);
|
|
@@ -45,6 +73,14 @@ function findSeverityOverride(vuln) {
|
|
|
45
73
|
}
|
|
46
74
|
return severityOverride;
|
|
47
75
|
}
|
|
76
|
+
/**
|
|
77
|
+
* Function to find the computed severity of the given vuln
|
|
78
|
+
* with order of precedence as:
|
|
79
|
+
* thirdPartyTools.hdfSpecificData.severityoverride, severityoverride,
|
|
80
|
+
* thidPartyTools.hdfSpecificData.severity, severity
|
|
81
|
+
* @param vuln - checklist vulnerability object
|
|
82
|
+
* @returns severity - string none, low, medium, high, critical
|
|
83
|
+
*/
|
|
48
84
|
function computeSeverity(vuln) {
|
|
49
85
|
const severity = findSeverity(vuln);
|
|
50
86
|
const severityOverride = findSeverityOverride(vuln);
|
|
@@ -55,6 +91,12 @@ function computeSeverity(vuln) {
|
|
|
55
91
|
throw new Error(`Severity "${computed}" does not match none, low, medium, high, or critical, please check severity for ${vuln.vulnNum}`);
|
|
56
92
|
return computed;
|
|
57
93
|
}
|
|
94
|
+
/**
|
|
95
|
+
* Transformer function that checks if the status is 'Not Applicable' returning a 0.
|
|
96
|
+
* Otherwise, maps computed severity to ImpactMapping
|
|
97
|
+
* @param vuln - checklist vulnerability object
|
|
98
|
+
* @returns impact - number
|
|
99
|
+
*/
|
|
58
100
|
function transformImpact(vuln) {
|
|
59
101
|
if (vuln.status === 'Not Applicable')
|
|
60
102
|
return 0.0;
|
|
@@ -70,6 +112,13 @@ function transformImpact(vuln) {
|
|
|
70
112
|
throw new Error(`Severity "${severity}" does not match low, medium, or high, please check severity for ${vuln.vulnNum}`);
|
|
71
113
|
return impact;
|
|
72
114
|
}
|
|
115
|
+
/**
|
|
116
|
+
* Transformer function that returns appropriate enum value based on param
|
|
117
|
+
* This is required because the status value of the ControlResult object
|
|
118
|
+
* must be an ExecJSON.ControlResultStatus type
|
|
119
|
+
* @param input - string
|
|
120
|
+
* @returns enum ExecJSON.ControlResultStatus
|
|
121
|
+
*/
|
|
73
122
|
function getStatus(input) {
|
|
74
123
|
const status = input.toLowerCase();
|
|
75
124
|
switch (status) {
|
|
@@ -93,11 +142,19 @@ function checkMessage(typeCheck, messageType, message) {
|
|
|
93
142
|
return null;
|
|
94
143
|
}
|
|
95
144
|
}
|
|
145
|
+
/**
|
|
146
|
+
* Transformer function that uses current heimdall checklist export syntax for
|
|
147
|
+
* findingDetails attribute to separate a single string into multiple
|
|
148
|
+
* result objects
|
|
149
|
+
* @param input - array of one element consisting of {code_desc, status, start_time}
|
|
150
|
+
* @returns ExecJSON.ControlResult
|
|
151
|
+
*/
|
|
96
152
|
function parseFindingDetails(input) {
|
|
97
153
|
const findings = input;
|
|
98
154
|
const results = [];
|
|
99
155
|
const findingDetails = findings[0].code_desc;
|
|
100
156
|
const regex = /^(failed|passed|skipped|error) :: TEST (.*?)(?: :: (MESSAGE|SKIP_MESSAGE) (.*?))?$/s;
|
|
157
|
+
// check if code_desc is empty or does not match the above regular expression
|
|
101
158
|
if (!RegExp(regex).exec(findingDetails)) {
|
|
102
159
|
return [
|
|
103
160
|
{
|
|
@@ -108,7 +165,13 @@ function parseFindingDetails(input) {
|
|
|
108
165
|
];
|
|
109
166
|
}
|
|
110
167
|
else {
|
|
168
|
+
// split into multiple findings details using heimdall2 CKLExport functionality
|
|
111
169
|
for (const details of findingDetails.split('\n--------------------------------\n')) {
|
|
170
|
+
// regex of four groups (five if you count the full match) consisting of the four possible status
|
|
171
|
+
// followed by any number of characters after :: TEST which represents the code_desc
|
|
172
|
+
// followed by an optionally :: MESSAGE or SKIP_MESSAGE representing the message type
|
|
173
|
+
// followed by any number of characters representing the message
|
|
174
|
+
// split details for status
|
|
112
175
|
const match = regex.exec(details.trim());
|
|
113
176
|
if (match) {
|
|
114
177
|
const [, mStatus, mCode_dec, messageType, mMessage] = match;
|
|
@@ -161,7 +224,9 @@ function getChecklistObjectFromHdf(hdf) {
|
|
|
161
224
|
}
|
|
162
225
|
return lodash_1.default.get(hdf, 'passthrough.checklist', checklist_jsonix_converter_1.EmptyChecklistObject);
|
|
163
226
|
}
|
|
164
|
-
|
|
227
|
+
// baseconverter makes it difficult to assign an array to attributes using just path+transformer in this case because i think it gets instantly redirected along the 'isString' pathway due to the path pointing at a stringified json blob
|
|
228
|
+
// consequently we have to use the arraytransformer, but that doesn't run if we provide a path at the top level of the object for the same reason as specified above, so we have to put the 'hdfSpecificData' object into the subobject 'data'
|
|
229
|
+
// which we can then extract here
|
|
165
230
|
function getAttributes(input) {
|
|
166
231
|
const passthrough = input;
|
|
167
232
|
const data = passthrough[0].data;
|
|
@@ -181,7 +246,30 @@ function getHdfSpecificDataAttribute(attribute, input) {
|
|
|
181
246
|
return undefined;
|
|
182
247
|
return lodash_1.default.get(hdfSpecificData, attribute);
|
|
183
248
|
}
|
|
249
|
+
/**
|
|
250
|
+
* The `ChecklistResults` class extends the `ChecklistJsonixConverter` and is responsible for converting
|
|
251
|
+
* checklist data between different formats (XML CKL, HDF JSON).
|
|
252
|
+
*
|
|
253
|
+
* @extends ChecklistJsonixConverter
|
|
254
|
+
*
|
|
255
|
+
* @property {string | ExecJSON.Execution} data - The input data, which can be a string of XML data or an HDF JSON execution object.
|
|
256
|
+
* @property {Checklist} jsonixData - The JSON representation of the checklist data using the jsonix library.
|
|
257
|
+
* @property {ChecklistObject} checklistObject - The intermediate object representation of the checklist data.
|
|
258
|
+
* @property {boolean} withRaw - A flag indicating whether to include raw data in the output.
|
|
259
|
+
*/
|
|
184
260
|
class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConverter {
|
|
261
|
+
data;
|
|
262
|
+
jsonixData;
|
|
263
|
+
checklistObject;
|
|
264
|
+
withRaw;
|
|
265
|
+
/**
|
|
266
|
+
* @param {string | ExecJSON.Execution} data - The input data, which can be either an HDF JSON object
|
|
267
|
+
* or an XML CKL string, depending on the direction of the conversion.
|
|
268
|
+
* @param {boolean} [withRaw=false] - A flag indicating whether to include raw data in the output.
|
|
269
|
+
* Defaults to false.
|
|
270
|
+
*
|
|
271
|
+
* @throws Will throw an error if the asset metadata is invalid.
|
|
272
|
+
*/
|
|
185
273
|
constructor(data, withRaw = false) {
|
|
186
274
|
super(jsonixMapping_1.jsonixMapping);
|
|
187
275
|
this.data = data;
|
|
@@ -196,18 +284,31 @@ class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConve
|
|
|
196
284
|
this.jsonixData = super.fromIntermediateObject(this.checklistObject);
|
|
197
285
|
}
|
|
198
286
|
else {
|
|
287
|
+
// CREATE Intermediate Object from HDF
|
|
199
288
|
this.checklistObject = super.hdfToIntermediateObject(data);
|
|
200
289
|
(0, checklist_metadata_utils_1.throwIfInvalidAssetMetadata)(this.checklistObject.asset);
|
|
201
290
|
this.jsonixData = super.fromIntermediateObject(this.checklistObject);
|
|
202
291
|
}
|
|
203
292
|
this.withRaw = withRaw;
|
|
204
293
|
}
|
|
294
|
+
/**
|
|
295
|
+
* @method getJsonix
|
|
296
|
+
* @returns {Checklist} - Returns the JSON representation of the checklist data.
|
|
297
|
+
*/
|
|
205
298
|
getJsonix() {
|
|
206
299
|
return this.jsonixData;
|
|
207
300
|
}
|
|
301
|
+
/**
|
|
302
|
+
* @method toCkl
|
|
303
|
+
* @returns {string} - Converts JSON data in jsonix format to CKL (Checklist) XML format.
|
|
304
|
+
*/
|
|
208
305
|
toCkl() {
|
|
209
306
|
return (0, xml_formatter_1.default)(`<?xml version="1.0" encoding="UTF-8"?><!--Heimdall Version :: ${package_json_1.version}-->${super.fromJsonix(this.jsonixData)}`, { lineSeparator: '\n', collapseContent: true, indentation: '\t' });
|
|
210
307
|
}
|
|
308
|
+
/**
|
|
309
|
+
* @method toHdf
|
|
310
|
+
* @returns {ExecJSON.Execution} - Converts JSON data in intermediate format to HDF (Heimdall Data Format).
|
|
311
|
+
*/
|
|
211
312
|
toHdf() {
|
|
212
313
|
const numberOfStigs = this.checklistObject.stigs.length;
|
|
213
314
|
if (numberOfStigs === 1) {
|
|
@@ -241,165 +342,175 @@ class ChecklistResults extends checklist_jsonix_converter_1.ChecklistJsonixConve
|
|
|
241
342
|
}
|
|
242
343
|
}
|
|
243
344
|
exports.ChecklistResults = ChecklistResults;
|
|
345
|
+
/**
|
|
346
|
+
* Checklist mapper
|
|
347
|
+
*/
|
|
244
348
|
class ChecklistMapper extends base_converter_1.BaseConverter {
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
248
|
-
|
|
249
|
-
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
transformer: cciRef
|
|
302
|
-
},
|
|
303
|
-
nist: {
|
|
304
|
-
path: 'cciRef',
|
|
305
|
-
transformer: nistTag
|
|
306
|
-
},
|
|
307
|
-
severity: {
|
|
308
|
-
transformer: findSeverity
|
|
309
|
-
},
|
|
310
|
-
weight: { path: 'weight' },
|
|
311
|
-
transformer: (input) => {
|
|
312
|
-
const tags = [
|
|
313
|
-
['IA_Controls', 'iaControls'],
|
|
314
|
-
['Legacy_ID', 'legacyId'],
|
|
315
|
-
['False_Positives', 'falsePositives'],
|
|
316
|
-
['False_Negatives', 'falseNegatives'],
|
|
317
|
-
['Mitigations', 'mitigations'],
|
|
318
|
-
['Mitigation_Controls', 'mitigationControl'],
|
|
319
|
-
['Potential_Impact', 'potentialImpact'],
|
|
320
|
-
['Responsibility', 'responsibility'],
|
|
321
|
-
['STIGRef', 'stigRef'],
|
|
322
|
-
['Security_Override_Guidance', 'securityOverrideGuidance'],
|
|
323
|
-
['severityjustification', 'severityjustification']
|
|
324
|
-
];
|
|
325
|
-
const fullTags = {};
|
|
326
|
-
for (const [key, path] of tags) {
|
|
327
|
-
const tagValue = lodash_1.default.get(input, path);
|
|
328
|
-
if (tagValue && tagValue !== '; ') {
|
|
329
|
-
fullTags[key] = tagValue;
|
|
330
|
-
}
|
|
331
|
-
}
|
|
332
|
-
const severityOverride = findSeverityOverride(input);
|
|
333
|
-
if (severityOverride) {
|
|
334
|
-
fullTags['severityoverride'] = severityOverride;
|
|
335
|
-
}
|
|
336
|
-
return fullTags;
|
|
337
|
-
}
|
|
349
|
+
withRaw;
|
|
350
|
+
mappings = {
|
|
351
|
+
platform: {
|
|
352
|
+
name: 'Heimdall Tools',
|
|
353
|
+
release: package_json_1.version
|
|
354
|
+
},
|
|
355
|
+
version: package_json_1.version,
|
|
356
|
+
statistics: {},
|
|
357
|
+
profiles: [
|
|
358
|
+
{
|
|
359
|
+
path: 'stigs',
|
|
360
|
+
name: { path: 'header.stigid' },
|
|
361
|
+
version: {
|
|
362
|
+
path: 'header',
|
|
363
|
+
transformer: (input) => {
|
|
364
|
+
const ret = getHdfSpecificDataAttribute('version', input.customname) ||
|
|
365
|
+
input.version;
|
|
366
|
+
return ret;
|
|
367
|
+
}
|
|
368
|
+
},
|
|
369
|
+
title: { path: 'header.title' },
|
|
370
|
+
maintainer: {
|
|
371
|
+
path: 'header.customname',
|
|
372
|
+
transformer: lodash_1.default.partial(getHdfSpecificDataAttribute, 'maintainer')
|
|
373
|
+
},
|
|
374
|
+
summary: { path: 'header.description' },
|
|
375
|
+
license: { path: 'header.notice' },
|
|
376
|
+
copyright: {
|
|
377
|
+
path: 'header.customname',
|
|
378
|
+
transformer: lodash_1.default.partial(getHdfSpecificDataAttribute, 'copyright')
|
|
379
|
+
},
|
|
380
|
+
copyright_email: {
|
|
381
|
+
path: 'header.customname',
|
|
382
|
+
transformer: lodash_1.default.partial(getHdfSpecificDataAttribute, 'copyright_email')
|
|
383
|
+
},
|
|
384
|
+
supports: [],
|
|
385
|
+
attributes: [
|
|
386
|
+
{
|
|
387
|
+
arrayTransformer: getAttributes,
|
|
388
|
+
data: { path: 'header.customname' }
|
|
389
|
+
}
|
|
390
|
+
],
|
|
391
|
+
groups: [],
|
|
392
|
+
status: 'loaded',
|
|
393
|
+
controls: [
|
|
394
|
+
{
|
|
395
|
+
path: 'vulns',
|
|
396
|
+
key: 'id',
|
|
397
|
+
tags: {
|
|
398
|
+
gtitle: { path: 'groupTitle' },
|
|
399
|
+
rid: { path: 'ruleId' },
|
|
400
|
+
gid: { path: 'vulnNum' },
|
|
401
|
+
stig_id: { path: 'ruleVer' },
|
|
402
|
+
cci: {
|
|
403
|
+
path: 'cciRef',
|
|
404
|
+
transformer: cciRef
|
|
338
405
|
},
|
|
339
|
-
|
|
340
|
-
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
|
|
344
|
-
|
|
345
|
-
{
|
|
346
|
-
data: { path: 'checkContent' },
|
|
347
|
-
label: 'check'
|
|
348
|
-
},
|
|
349
|
-
{
|
|
350
|
-
data: { path: 'fixText' },
|
|
351
|
-
label: 'fix'
|
|
352
|
-
},
|
|
353
|
-
{
|
|
354
|
-
arrayTransformer: parseComments,
|
|
355
|
-
data: { path: 'comments' },
|
|
356
|
-
label: 'comments'
|
|
357
|
-
}
|
|
358
|
-
],
|
|
359
|
-
impact: {
|
|
360
|
-
transformer: transformImpact
|
|
406
|
+
nist: {
|
|
407
|
+
path: 'cciRef',
|
|
408
|
+
transformer: nistTag
|
|
409
|
+
},
|
|
410
|
+
severity: {
|
|
411
|
+
transformer: findSeverity
|
|
361
412
|
},
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
-
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
413
|
+
weight: { path: 'weight' },
|
|
414
|
+
// following transform takes the available attributes found in a checklist vuln and if available will add to the tags.
|
|
415
|
+
// first element is the label name as it will appear in UI while the second is the ChecklistObject keyname
|
|
416
|
+
transformer: (input) => {
|
|
417
|
+
const tags = [
|
|
418
|
+
['IA_Controls', 'iaControls'],
|
|
419
|
+
['Legacy_ID', 'legacyId'],
|
|
420
|
+
['False_Positives', 'falsePositives'],
|
|
421
|
+
['False_Negatives', 'falseNegatives'],
|
|
422
|
+
['Mitigations', 'mitigations'],
|
|
423
|
+
['Mitigation_Controls', 'mitigationControl'],
|
|
424
|
+
['Potential_Impact', 'potentialImpact'],
|
|
425
|
+
['Responsibility', 'responsibility'],
|
|
426
|
+
['STIGRef', 'stigRef'],
|
|
427
|
+
['Security_Override_Guidance', 'securityOverrideGuidance'],
|
|
428
|
+
// does not follow above naming convention
|
|
429
|
+
// because it could be used in other converters
|
|
430
|
+
['severityjustification', 'severityjustification']
|
|
431
|
+
];
|
|
432
|
+
const fullTags = {};
|
|
433
|
+
for (const [key, path] of tags) {
|
|
434
|
+
const tagValue = lodash_1.default.get(input, path);
|
|
435
|
+
if (tagValue && tagValue !== '; ') {
|
|
436
|
+
fullTags[key] = tagValue;
|
|
369
437
|
}
|
|
370
|
-
return JSON.stringify(vulnerability, null, 2);
|
|
371
438
|
}
|
|
439
|
+
// another special case that does
|
|
440
|
+
// not follow above naming conventions
|
|
441
|
+
const severityOverride = findSeverityOverride(input);
|
|
442
|
+
if (severityOverride) {
|
|
443
|
+
fullTags['severityoverride'] = severityOverride;
|
|
444
|
+
}
|
|
445
|
+
return fullTags;
|
|
446
|
+
}
|
|
447
|
+
},
|
|
448
|
+
refs: [],
|
|
449
|
+
source_location: {},
|
|
450
|
+
title: { path: 'ruleTitle' },
|
|
451
|
+
id: { path: 'vulnNum' },
|
|
452
|
+
desc: { path: 'vulnDiscuss' },
|
|
453
|
+
descriptions: [
|
|
454
|
+
{
|
|
455
|
+
data: { path: 'checkContent' },
|
|
456
|
+
label: 'check'
|
|
372
457
|
},
|
|
373
|
-
|
|
374
|
-
{
|
|
375
|
-
|
|
376
|
-
|
|
377
|
-
|
|
378
|
-
|
|
379
|
-
|
|
380
|
-
|
|
381
|
-
|
|
458
|
+
{
|
|
459
|
+
data: { path: 'fixText' },
|
|
460
|
+
label: 'fix'
|
|
461
|
+
},
|
|
462
|
+
{
|
|
463
|
+
arrayTransformer: parseComments,
|
|
464
|
+
data: { path: 'comments' },
|
|
465
|
+
label: 'comments'
|
|
466
|
+
}
|
|
467
|
+
],
|
|
468
|
+
impact: {
|
|
469
|
+
transformer: transformImpact
|
|
470
|
+
},
|
|
471
|
+
code: {
|
|
472
|
+
transformer: (vulnerability) => {
|
|
473
|
+
const data = (0, parseJson_1.parseJson)(vulnerability.thirdPartyTools);
|
|
474
|
+
if (data.ok) {
|
|
475
|
+
const code = lodash_1.default.get(data.value, 'hdfSpecificData.code');
|
|
476
|
+
if (code)
|
|
477
|
+
return code;
|
|
382
478
|
}
|
|
383
|
-
|
|
384
|
-
}
|
|
385
|
-
],
|
|
386
|
-
sha256: ''
|
|
387
|
-
}
|
|
388
|
-
],
|
|
389
|
-
passthrough: {
|
|
390
|
-
transformer: (data) => {
|
|
391
|
-
return {
|
|
392
|
-
...{
|
|
393
|
-
checklist: {
|
|
394
|
-
asset: data.asset,
|
|
395
|
-
stigs: data.stigs
|
|
479
|
+
return JSON.stringify(vulnerability, null, 2);
|
|
396
480
|
}
|
|
397
481
|
},
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
|
|
482
|
+
results: [
|
|
483
|
+
{
|
|
484
|
+
arrayTransformer: parseFindingDetails,
|
|
485
|
+
status: {
|
|
486
|
+
path: 'status',
|
|
487
|
+
transformer: getStatus
|
|
488
|
+
},
|
|
489
|
+
code_desc: { path: 'findingdetails' },
|
|
490
|
+
start_time: ''
|
|
491
|
+
}
|
|
492
|
+
]
|
|
493
|
+
}
|
|
494
|
+
],
|
|
495
|
+
sha256: ''
|
|
496
|
+
}
|
|
497
|
+
],
|
|
498
|
+
passthrough: {
|
|
499
|
+
transformer: (data) => {
|
|
500
|
+
return {
|
|
501
|
+
...{
|
|
502
|
+
checklist: {
|
|
503
|
+
asset: data.asset,
|
|
504
|
+
stigs: data.stigs
|
|
505
|
+
}
|
|
506
|
+
},
|
|
507
|
+
...(this.withRaw && { raw: data.jsonixData })
|
|
508
|
+
};
|
|
401
509
|
}
|
|
402
|
-
}
|
|
510
|
+
}
|
|
511
|
+
};
|
|
512
|
+
constructor(checklistObject, withRaw = false) {
|
|
513
|
+
super(checklistObject);
|
|
403
514
|
this.withRaw = withRaw;
|
|
404
515
|
}
|
|
405
516
|
}
|