@mitre/hdf-converters 2.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +9 -0
- package/README.md +4 -0
- package/lib/data/U_CCI_List.xml +38403 -0
- package/lib/data/aws-config-mapping.csv +107 -0
- package/lib/data/cwe-nist-mapping.csv +203 -0
- package/lib/data/nessus-plugins-nist-mapping.csv +108 -0
- package/lib/data/nikto-nist-mapping.csv +8942 -0
- package/lib/data/owasp-nist-mapping.csv +11 -0
- package/lib/data/scoutsuite-nist-mapping.csv +140 -0
- package/lib/index.d.ts +12 -0
- package/lib/index.js +25 -0
- package/lib/index.js.map +1 -0
- package/lib/package.json +45 -0
- package/lib/src/base-converter.d.ts +39 -0
- package/lib/src/base-converter.js +216 -0
- package/lib/src/base-converter.js.map +1 -0
- package/lib/src/burpsuite-mapper.d.ts +7 -0
- package/lib/src/burpsuite-mapper.js +157 -0
- package/lib/src/burpsuite-mapper.js.map +1 -0
- package/lib/src/dbprotect-mapper.d.ts +7 -0
- package/lib/src/dbprotect-mapper.js +165 -0
- package/lib/src/dbprotect-mapper.js.map +1 -0
- package/lib/src/fortify-mapper.d.ts +8 -0
- package/lib/src/fortify-mapper.js +180 -0
- package/lib/src/fortify-mapper.js.map +1 -0
- package/lib/src/jfrog-xray-mapper.d.ts +7 -0
- package/lib/src/jfrog-xray-mapper.js +169 -0
- package/lib/src/jfrog-xray-mapper.js.map +1 -0
- package/lib/src/mappings/CciNistMapping.d.ts +6 -0
- package/lib/src/mappings/CciNistMapping.js +60 -0
- package/lib/src/mappings/CciNistMapping.js.map +1 -0
- package/lib/src/mappings/CciNistMappingItem.d.ts +5 -0
- package/lib/src/mappings/CciNistMappingItem.js +11 -0
- package/lib/src/mappings/CciNistMappingItem.js.map +1 -0
- package/lib/src/mappings/CweNistMapping.d.ts +6 -0
- package/lib/src/mappings/CweNistMapping.js +74 -0
- package/lib/src/mappings/CweNistMapping.js.map +1 -0
- package/lib/src/mappings/CweNistMappingItem.d.ts +8 -0
- package/lib/src/mappings/CweNistMappingItem.js +34 -0
- package/lib/src/mappings/CweNistMappingItem.js.map +1 -0
- package/lib/src/mappings/NessusPluginsNistMapping.d.ts +6 -0
- package/lib/src/mappings/NessusPluginsNistMapping.js +48 -0
- package/lib/src/mappings/NessusPluginsNistMapping.js.map +1 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.d.ts +7 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.js +23 -0
- package/lib/src/mappings/NessusPluginsNistMappingItem.js.map +1 -0
- package/lib/src/mappings/NiktoNistMapping.d.ts +6 -0
- package/lib/src/mappings/NiktoNistMapping.js +40 -0
- package/lib/src/mappings/NiktoNistMapping.js.map +1 -0
- package/lib/src/mappings/NiktoNistMappingItem.d.ts +7 -0
- package/lib/src/mappings/NiktoNistMappingItem.js +28 -0
- package/lib/src/mappings/NiktoNistMappingItem.js.map +1 -0
- package/lib/src/mappings/OwaspNistMapping.d.ts +6 -0
- package/lib/src/mappings/OwaspNistMapping.js +55 -0
- package/lib/src/mappings/OwaspNistMapping.js.map +1 -0
- package/lib/src/mappings/OwaspNistMappingItem.d.ts +8 -0
- package/lib/src/mappings/OwaspNistMappingItem.js +34 -0
- package/lib/src/mappings/OwaspNistMappingItem.js.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.d.ts +6 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.js +39 -0
- package/lib/src/mappings/ScoutsuiteNistMapping.js.map +1 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.d.ts +5 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.js +21 -0
- package/lib/src/mappings/ScoutsuiteNistMappingItem.js.map +1 -0
- package/lib/src/nessus-mapper.d.ts +13 -0
- package/lib/src/nessus-mapper.js +303 -0
- package/lib/src/nessus-mapper.js.map +1 -0
- package/lib/src/netsparker-mapper.d.ts +7 -0
- package/lib/src/netsparker-mapper.js +221 -0
- package/lib/src/netsparker-mapper.js.map +1 -0
- package/lib/src/nikto-mapper.d.ts +7 -0
- package/lib/src/nikto-mapper.js +96 -0
- package/lib/src/nikto-mapper.js.map +1 -0
- package/lib/src/sarif-mapper.d.ts +7 -0
- package/lib/src/sarif-mapper.js +143 -0
- package/lib/src/sarif-mapper.js.map +1 -0
- package/lib/src/scoutsuite-mapper.d.ts +7 -0
- package/lib/src/scoutsuite-mapper.js +258 -0
- package/lib/src/scoutsuite-mapper.js.map +1 -0
- package/lib/src/snyk-mapper.d.ts +14 -0
- package/lib/src/snyk-mapper.js +165 -0
- package/lib/src/snyk-mapper.js.map +1 -0
- package/lib/src/xccdf-results-mapper.d.ts +6 -0
- package/lib/src/xccdf-results-mapper.js +206 -0
- package/lib/src/xccdf-results-mapper.js.map +1 -0
- package/lib/src/zap-mapper.d.ts +8 -0
- package/lib/src/zap-mapper.js +177 -0
- package/lib/src/zap-mapper.js.map +1 -0
- package/package.json +45 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,gDAAwB;AACxB,kDAAgE;AAChE,qDAA6E;AAC7E,kEAA6D;AAE7D,MAAM,uBAAuB,GAAG,cAAI,CAAC,OAAO,CAC1C,SAAS,EACT,gCAAgC,CACjC,CAAC;AACF,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,CAAC,uBAAuB,CAAC,CAAC;AAEzE,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,iBAAiB,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;AAC9C,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,SAAS,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,UAAU,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;AACrE,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,OAAO,SAAS,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,YAAY,gBAAC,CAAC,GAAG,CAC1D,aAAa,EACb,QAAQ,CACT,EAAE,CAAC;AACN,CAAC;AACD,SAAS,OAAO,CAAC,EAAU;IACzB,OAAO,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IA6D5C,YAAY,SAAiB;QAC3B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QA7D/B,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;aACtC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,uBAAuB;oBAC7B,OAAO,EAAE,EAAE;oBACX,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oBACjC,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE;wBACP,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4BACtC,OAAO,WAAW,KAAK,EAAE,CAAC;wBAC5B,CAAC;qBACF;oBACD,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAC;gCACxC,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;6BACvB;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACpB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACnB,MAAM,EAAE,GAAG;4BACX,IAAI,EAAE,EAAE;4BACR,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,QAAQ,EAAE,CAAC;oCACX,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAGF,CAAC;IACD,WAAW,CACT,cAAgE;QAEhE,KAAK,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACpC,CAAC;CACF;AArED,kCAqEC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { ExecJSON } from 'inspecjs';
|
|
2
|
+
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
|
+
export declare class SarifMapper extends BaseConverter {
|
|
4
|
+
mappings: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
5
|
+
constructor(sarifJson: string);
|
|
6
|
+
setMappings(customMappings: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
7
|
+
}
|
|
@@ -0,0 +1,143 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.SarifMapper = void 0;
|
|
7
|
+
const inspecjs_1 = require("inspecjs");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const path_1 = __importDefault(require("path"));
|
|
10
|
+
const package_json_1 = require("../package.json");
|
|
11
|
+
const base_converter_1 = require("./base-converter");
|
|
12
|
+
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
13
|
+
const IMPACT_MAPPING = new Map([
|
|
14
|
+
['error', 0.7],
|
|
15
|
+
['warning', 0.5],
|
|
16
|
+
['note', 0.3]
|
|
17
|
+
]);
|
|
18
|
+
const MESSAGE_TEXT = 'message.text';
|
|
19
|
+
const CWE_NIST_MAPPING_FILE = path_1.default.resolve(__dirname, '../data/cwe-nist-mapping.csv');
|
|
20
|
+
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping(CWE_NIST_MAPPING_FILE);
|
|
21
|
+
const DEFAULT_NIST_TAG = ['SA-11', 'RA-5'];
|
|
22
|
+
function extractCwe(text) {
|
|
23
|
+
let output = text.split('(').slice(-1)[0].slice(0, -2).split(', ');
|
|
24
|
+
if (output.length === 1) {
|
|
25
|
+
output = text.split('(').slice(-1)[0].slice(0, -2).split('!/');
|
|
26
|
+
}
|
|
27
|
+
return output;
|
|
28
|
+
}
|
|
29
|
+
function impactMapping(severity) {
|
|
30
|
+
if (typeof severity === 'string' || typeof severity === 'number') {
|
|
31
|
+
return IMPACT_MAPPING.get(severity.toString().toLowerCase()) || 0.1;
|
|
32
|
+
}
|
|
33
|
+
else {
|
|
34
|
+
return 0.1;
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
function formatCodeDesc(input) {
|
|
38
|
+
const output = [];
|
|
39
|
+
output.push(`URL : ${lodash_1.default.get(input, 'artifactLocation.uri')}`);
|
|
40
|
+
output.push(`LINE : ${lodash_1.default.get(input, 'region.startLine')}`);
|
|
41
|
+
output.push(`COLUMN : ${lodash_1.default.get(input, 'region.startColumn')}`);
|
|
42
|
+
return output.join(' ');
|
|
43
|
+
}
|
|
44
|
+
function nistTag(text) {
|
|
45
|
+
let identifiers = extractCwe(text);
|
|
46
|
+
identifiers = identifiers.map((element) => element.split('-')[1]);
|
|
47
|
+
return CWE_NIST_MAPPING.nistFilter(identifiers, DEFAULT_NIST_TAG);
|
|
48
|
+
}
|
|
49
|
+
class SarifMapper extends base_converter_1.BaseConverter {
|
|
50
|
+
constructor(sarifJson) {
|
|
51
|
+
super(JSON.parse(sarifJson));
|
|
52
|
+
this.mappings = {
|
|
53
|
+
platform: {
|
|
54
|
+
name: 'Heimdall Tools',
|
|
55
|
+
release: package_json_1.version,
|
|
56
|
+
target_id: 'Static Analysis Results Interchange Format'
|
|
57
|
+
},
|
|
58
|
+
version: package_json_1.version,
|
|
59
|
+
statistics: {
|
|
60
|
+
duration: null
|
|
61
|
+
},
|
|
62
|
+
profiles: [
|
|
63
|
+
{
|
|
64
|
+
path: 'runs',
|
|
65
|
+
name: 'SARIF',
|
|
66
|
+
version: { path: '$.version' },
|
|
67
|
+
title: 'Static Analysis Results Interchange Format',
|
|
68
|
+
maintainer: null,
|
|
69
|
+
summary: '',
|
|
70
|
+
license: null,
|
|
71
|
+
copyright: null,
|
|
72
|
+
copyright_email: null,
|
|
73
|
+
supports: [],
|
|
74
|
+
attributes: [],
|
|
75
|
+
depends: [],
|
|
76
|
+
groups: [],
|
|
77
|
+
status: 'loaded',
|
|
78
|
+
controls: [
|
|
79
|
+
{
|
|
80
|
+
path: 'results',
|
|
81
|
+
key: 'id',
|
|
82
|
+
tags: {
|
|
83
|
+
cwe: {
|
|
84
|
+
path: MESSAGE_TEXT,
|
|
85
|
+
transformer: extractCwe
|
|
86
|
+
},
|
|
87
|
+
nist: { path: MESSAGE_TEXT, transformer: nistTag }
|
|
88
|
+
},
|
|
89
|
+
descriptions: [],
|
|
90
|
+
refs: [],
|
|
91
|
+
source_location: {
|
|
92
|
+
ref: { path: 'locations[0].physicalLocation.artifactLocation.uri' },
|
|
93
|
+
line: { path: 'locations[0].physicalLocation.region.startLine' }
|
|
94
|
+
},
|
|
95
|
+
title: {
|
|
96
|
+
path: MESSAGE_TEXT,
|
|
97
|
+
transformer: (text) => {
|
|
98
|
+
if (typeof text === 'string') {
|
|
99
|
+
return text.split(': ')[0];
|
|
100
|
+
}
|
|
101
|
+
else {
|
|
102
|
+
return '';
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
},
|
|
106
|
+
id: { path: 'ruleId' },
|
|
107
|
+
desc: {
|
|
108
|
+
path: MESSAGE_TEXT,
|
|
109
|
+
transformer: (text) => {
|
|
110
|
+
if (typeof text === 'string') {
|
|
111
|
+
return text.split(': ')[1];
|
|
112
|
+
}
|
|
113
|
+
else {
|
|
114
|
+
return '';
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
},
|
|
118
|
+
impact: { path: 'level', transformer: impactMapping },
|
|
119
|
+
code: '',
|
|
120
|
+
results: [
|
|
121
|
+
{
|
|
122
|
+
status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
|
|
123
|
+
code_desc: {
|
|
124
|
+
path: 'locations[0].physicalLocation',
|
|
125
|
+
transformer: formatCodeDesc
|
|
126
|
+
},
|
|
127
|
+
run_time: 0,
|
|
128
|
+
start_time: ''
|
|
129
|
+
}
|
|
130
|
+
]
|
|
131
|
+
}
|
|
132
|
+
],
|
|
133
|
+
sha256: ''
|
|
134
|
+
}
|
|
135
|
+
]
|
|
136
|
+
};
|
|
137
|
+
}
|
|
138
|
+
setMappings(customMappings) {
|
|
139
|
+
super.setMappings(customMappings);
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
exports.SarifMapper = SarifMapper;
|
|
143
|
+
//# sourceMappingURL=sarif-mapper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sarif-mapper.js","sourceRoot":"","sources":["../../src/sarif-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,gDAAwB;AACxB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AAEzD,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,OAAO,EAAE,GAAG,CAAC;IACd,CAAC,SAAS,EAAE,GAAG,CAAC;IAChB,CAAC,MAAM,EAAE,GAAG,CAAC;CACd,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,cAAc,CAAC;AAEpC,MAAM,qBAAqB,GAAG,cAAI,CAAC,OAAO,CACxC,SAAS,EACT,8BAA8B,CAC/B,CAAC;AACF,MAAM,gBAAgB,GAAG,IAAI,+BAAc,CAAC,qBAAqB,CAAC,CAAC;AACnE,MAAM,gBAAgB,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AAE3C,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACnE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;KAChE;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AACD,SAAS,aAAa,CAAC,QAAiB;IACtC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;QAChE,OAAO,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,GAAG,CAAC;KACrE;SAAM;QACL,OAAO,GAAG,CAAC;KACZ;AACH,CAAC;AACD,SAAS,cAAc,CAAC,KAAc;IACpC,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,SAAS,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,sBAAsB,CAAC,EAAE,CAAC,CAAC;IAC7D,MAAM,CAAC,IAAI,CAAC,UAAU,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC;IAC1D,MAAM,CAAC,IAAI,CAAC,YAAY,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,CAAC;IAC9D,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC1B,CAAC;AACD,SAAS,OAAO,CAAC,IAAY;IAC3B,IAAI,WAAW,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;IACnC,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,OAAO,gBAAgB,CAAC,UAAU,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;AACpE,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IAoF5C,YAAY,SAAiB;QAC3B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QApF/B,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,4CAA4C;aACxD;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;oBAC5B,KAAK,EAAE,4CAA4C;oBACnD,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE,EAAE;oBACX,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,SAAS;4BACf,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,YAAY;oCAClB,WAAW,EAAE,UAAU;iCACxB;gCACD,IAAI,EAAE,EAAC,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,OAAO,EAAC;6BACjD;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE;gCACf,GAAG,EAAE,EAAC,IAAI,EAAE,oDAAoD,EAAC;gCACjE,IAAI,EAAE,EAAC,IAAI,EAAE,gDAAgD,EAAC;6BAC/D;4BACD,KAAK,EAAE;gCACL,IAAI,EAAE,YAAY;gCAClB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;oCACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;wCAC5B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;qCAC5B;yCAAM;wCACL,OAAO,EAAE,CAAC;qCACX;gCACH,CAAC;6BACF;4BACD,EAAE,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;4BACpB,IAAI,EAAE;gCACJ,IAAI,EAAE,YAAY;gCAClB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;oCACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;wCAC5B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;qCAC5B;yCAAM;wCACL,OAAO,EAAE,CAAC;qCACX;gCACH,CAAC;6BACF;4BACD,MAAM,EAAE,EAAC,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAC;4BACnD,IAAI,EAAE,EAAE;4BACR,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,+BAA+B;wCACrC,WAAW,EAAE,cAAc;qCAC5B;oCACD,QAAQ,EAAE,CAAC;oCACX,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAGF,CAAC;IACD,WAAW,CACT,cAAgE;QAEhE,KAAK,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACpC,CAAC;CACF;AA5FD,kCA4FC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { ExecJSON } from 'inspecjs';
|
|
2
|
+
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
|
+
export declare class ScoutsuiteMapper extends BaseConverter {
|
|
4
|
+
mappings: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
5
|
+
constructor(scoutsuiteJson: string);
|
|
6
|
+
setMappings(customMappings: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
7
|
+
}
|
|
@@ -0,0 +1,258 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.ScoutsuiteMapper = void 0;
|
|
7
|
+
const inspecjs_1 = require("inspecjs");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const path_1 = __importDefault(require("path"));
|
|
10
|
+
const package_json_1 = require("../package.json");
|
|
11
|
+
const base_converter_1 = require("./base-converter");
|
|
12
|
+
const ScoutsuiteNistMapping_1 = require("./mappings/ScoutsuiteNistMapping");
|
|
13
|
+
const INSPEC_INPUTS_MAPPING = {
|
|
14
|
+
string: 'String',
|
|
15
|
+
numeric: 'Numeric',
|
|
16
|
+
regexp: 'Regexp',
|
|
17
|
+
array: 'Array',
|
|
18
|
+
hash: 'Hash',
|
|
19
|
+
boolean: 'Boolean',
|
|
20
|
+
any: 'Any'
|
|
21
|
+
};
|
|
22
|
+
const IMPACT_MAPPING = new Map([
|
|
23
|
+
['danger', 0.7],
|
|
24
|
+
['warning', 0.5]
|
|
25
|
+
]);
|
|
26
|
+
const SCOUTSUITE_NIST_MAPPING_FILE = path_1.default.resolve(__dirname, '../data/scoutsuite-nist-mapping.csv');
|
|
27
|
+
const SCOUTSUITE_NIST_MAPPING = new ScoutsuiteNistMapping_1.ScoutsuiteNistMapping(SCOUTSUITE_NIST_MAPPING_FILE);
|
|
28
|
+
function getRulesetName(file) {
|
|
29
|
+
return lodash_1.default.get(file, 'last_run.ruleset_name');
|
|
30
|
+
}
|
|
31
|
+
function formatTargetId(file) {
|
|
32
|
+
return `${getRulesetName(file)} ruleset:${lodash_1.default.get(file, 'provider_name')}:${lodash_1.default.get(file, 'account_id')}`;
|
|
33
|
+
}
|
|
34
|
+
function formatTitle(file) {
|
|
35
|
+
return `Scout Suite Report using ${getRulesetName(file)} ruleset on ${lodash_1.default.get(file, 'provider_name')} with account ${lodash_1.default.get(file, 'account_id')}`;
|
|
36
|
+
}
|
|
37
|
+
function compliance(input) {
|
|
38
|
+
if (Array.isArray(input)) {
|
|
39
|
+
return input
|
|
40
|
+
.map((element) => `Compliant with ${lodash_1.default.get(element, 'name')}, reference ${lodash_1.default.get(element, 'reference')}, version ${lodash_1.default.get(element, 'version')}`)
|
|
41
|
+
.join('\n');
|
|
42
|
+
}
|
|
43
|
+
else {
|
|
44
|
+
return '';
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
function getStatus(input) {
|
|
48
|
+
if (lodash_1.default.get(input, 'checked_items') === 0) {
|
|
49
|
+
return inspecjs_1.ExecJSON.ControlResultStatus.Skipped;
|
|
50
|
+
}
|
|
51
|
+
else if (lodash_1.default.get(input, 'flagged_items') === 0) {
|
|
52
|
+
return inspecjs_1.ExecJSON.ControlResultStatus.Passed;
|
|
53
|
+
}
|
|
54
|
+
else {
|
|
55
|
+
return inspecjs_1.ExecJSON.ControlResultStatus.Failed;
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
function checkSkip(input) {
|
|
59
|
+
if (lodash_1.default.get(input, 'checked_items') === 0) {
|
|
60
|
+
return 'Skipped because no items were checked';
|
|
61
|
+
}
|
|
62
|
+
else {
|
|
63
|
+
return '';
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
function getMessage(input) {
|
|
67
|
+
if (lodash_1.default.get(input, 'checked_items') === 0) {
|
|
68
|
+
return '';
|
|
69
|
+
}
|
|
70
|
+
else if (lodash_1.default.get(input, 'flagged_items') === 0) {
|
|
71
|
+
return `0 flagged items out of ${lodash_1.default.get(input, 'checked_items')} checked items`;
|
|
72
|
+
}
|
|
73
|
+
else {
|
|
74
|
+
return `${lodash_1.default.get(input, 'flagged_items')} flagged items out of ${lodash_1.default.get(input, 'checked_items')} checked items:\n${lodash_1.default.get(input, 'items').join('\n')}`;
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
function nistTag(rule) {
|
|
78
|
+
return SCOUTSUITE_NIST_MAPPING.nistTag(rule);
|
|
79
|
+
}
|
|
80
|
+
function checkArray(input) {
|
|
81
|
+
if (typeof input === 'string') {
|
|
82
|
+
return input;
|
|
83
|
+
}
|
|
84
|
+
return input.join(', ');
|
|
85
|
+
}
|
|
86
|
+
function collapseServices(file) {
|
|
87
|
+
const services = Object.values(lodash_1.default.get(file, 'services'));
|
|
88
|
+
const findings = [];
|
|
89
|
+
services.forEach((element) => {
|
|
90
|
+
findings.push(lodash_1.default.get(element, 'findings'));
|
|
91
|
+
});
|
|
92
|
+
const entries = [];
|
|
93
|
+
Object.values(findings).forEach((element) => {
|
|
94
|
+
Object.entries(element).forEach((subElement) => {
|
|
95
|
+
entries.push(subElement);
|
|
96
|
+
});
|
|
97
|
+
});
|
|
98
|
+
lodash_1.default.set(file, 'services', entries);
|
|
99
|
+
return file;
|
|
100
|
+
}
|
|
101
|
+
class ScoutsuiteMapper extends base_converter_1.BaseConverter {
|
|
102
|
+
constructor(scoutsuiteJson) {
|
|
103
|
+
super(collapseServices(JSON.parse(scoutsuiteJson.split('\n', 2)[1])));
|
|
104
|
+
this.mappings = {
|
|
105
|
+
platform: {
|
|
106
|
+
name: 'Heimdall Tools',
|
|
107
|
+
release: package_json_1.version,
|
|
108
|
+
target_id: { transformer: formatTargetId }
|
|
109
|
+
},
|
|
110
|
+
version: package_json_1.version,
|
|
111
|
+
statistics: {
|
|
112
|
+
duration: null
|
|
113
|
+
},
|
|
114
|
+
profiles: [
|
|
115
|
+
{
|
|
116
|
+
name: 'Scout Suite Multi-Cloud Security Auditing Tool',
|
|
117
|
+
version: { path: 'last_run.version' },
|
|
118
|
+
title: { transformer: formatTitle },
|
|
119
|
+
maintainer: null,
|
|
120
|
+
summary: { path: 'last_run.ruleset_about' },
|
|
121
|
+
license: null,
|
|
122
|
+
copyright: null,
|
|
123
|
+
copyright_email: null,
|
|
124
|
+
supports: [],
|
|
125
|
+
attributes: [
|
|
126
|
+
{
|
|
127
|
+
name: 'account_id',
|
|
128
|
+
options: {
|
|
129
|
+
value: { path: 'account_id' },
|
|
130
|
+
required: true,
|
|
131
|
+
sensitive: false,
|
|
132
|
+
type: INSPEC_INPUTS_MAPPING.string
|
|
133
|
+
}
|
|
134
|
+
},
|
|
135
|
+
{
|
|
136
|
+
name: 'environment',
|
|
137
|
+
options: {
|
|
138
|
+
value: { path: 'environment' }
|
|
139
|
+
}
|
|
140
|
+
},
|
|
141
|
+
{
|
|
142
|
+
name: 'ruleset',
|
|
143
|
+
options: {
|
|
144
|
+
value: { path: 'last_run.ruleset_name' }
|
|
145
|
+
}
|
|
146
|
+
},
|
|
147
|
+
{
|
|
148
|
+
name: 'run_parameters_excluded_regions',
|
|
149
|
+
options: {
|
|
150
|
+
value: {
|
|
151
|
+
path: 'last_run.run_parameters.excluded_region',
|
|
152
|
+
transformer: checkArray
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
},
|
|
156
|
+
{
|
|
157
|
+
name: 'run_parameters_regions',
|
|
158
|
+
options: {
|
|
159
|
+
value: {
|
|
160
|
+
path: 'last_run.run_parameters.regions',
|
|
161
|
+
transformer: checkArray
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
},
|
|
165
|
+
{
|
|
166
|
+
name: 'run_parameters_services',
|
|
167
|
+
options: {
|
|
168
|
+
value: {
|
|
169
|
+
path: 'last_run.run_parameters.services',
|
|
170
|
+
transformer: checkArray
|
|
171
|
+
}
|
|
172
|
+
}
|
|
173
|
+
},
|
|
174
|
+
{
|
|
175
|
+
name: 'run_parameters_skipped_services',
|
|
176
|
+
options: {
|
|
177
|
+
value: {
|
|
178
|
+
path: 'last_run.run_parameters.skipped_services',
|
|
179
|
+
transformer: checkArray
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
},
|
|
183
|
+
{
|
|
184
|
+
name: 'time',
|
|
185
|
+
options: {
|
|
186
|
+
value: { path: 'last_run.time' }
|
|
187
|
+
}
|
|
188
|
+
},
|
|
189
|
+
{
|
|
190
|
+
name: 'partition',
|
|
191
|
+
options: {
|
|
192
|
+
value: { path: 'partition' }
|
|
193
|
+
}
|
|
194
|
+
},
|
|
195
|
+
{
|
|
196
|
+
name: 'provider_code',
|
|
197
|
+
options: {
|
|
198
|
+
value: { path: 'provider_code' }
|
|
199
|
+
}
|
|
200
|
+
},
|
|
201
|
+
{
|
|
202
|
+
name: 'provider_name',
|
|
203
|
+
options: {
|
|
204
|
+
value: { path: 'provider_name' }
|
|
205
|
+
}
|
|
206
|
+
}
|
|
207
|
+
],
|
|
208
|
+
depends: [],
|
|
209
|
+
groups: [],
|
|
210
|
+
status: 'loaded',
|
|
211
|
+
controls: [
|
|
212
|
+
{
|
|
213
|
+
path: 'services',
|
|
214
|
+
key: 'id',
|
|
215
|
+
id: { path: '[0]' },
|
|
216
|
+
title: { path: '[1].description' },
|
|
217
|
+
tags: {
|
|
218
|
+
nist: { path: '[0]', transformer: nistTag }
|
|
219
|
+
},
|
|
220
|
+
impact: {
|
|
221
|
+
path: '[1].level',
|
|
222
|
+
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
223
|
+
},
|
|
224
|
+
desc: { path: '[1].rationale' },
|
|
225
|
+
descriptions: [
|
|
226
|
+
{ data: { path: '[1].remediation' }, label: 'fix' },
|
|
227
|
+
{ data: { path: '[1].service' }, label: 'service' },
|
|
228
|
+
{ data: { path: '[1].path' }, label: 'path' },
|
|
229
|
+
{ data: { path: '[1].id_suffix' }, label: 'id_suffix' }
|
|
230
|
+
],
|
|
231
|
+
refs: [
|
|
232
|
+
{ url: { path: '[1].references[0]' } },
|
|
233
|
+
{ ref: { path: '[1].compliance', transformer: compliance } }
|
|
234
|
+
],
|
|
235
|
+
source_location: {},
|
|
236
|
+
code: '',
|
|
237
|
+
results: [
|
|
238
|
+
{
|
|
239
|
+
status: { path: '[1]', transformer: getStatus },
|
|
240
|
+
skip_message: { path: '[1]', transformer: checkSkip },
|
|
241
|
+
message: { path: '[1]', transformer: getMessage },
|
|
242
|
+
code_desc: { path: '[1].description' },
|
|
243
|
+
start_time: { path: '$.last_run.time' }
|
|
244
|
+
}
|
|
245
|
+
]
|
|
246
|
+
}
|
|
247
|
+
],
|
|
248
|
+
sha256: ''
|
|
249
|
+
}
|
|
250
|
+
]
|
|
251
|
+
};
|
|
252
|
+
}
|
|
253
|
+
setMappings(customMappings) {
|
|
254
|
+
super.setMappings(customMappings);
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
exports.ScoutsuiteMapper = ScoutsuiteMapper;
|
|
258
|
+
//# sourceMappingURL=scoutsuite-mapper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scoutsuite-mapper.js","sourceRoot":"","sources":["../../src/scoutsuite-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,gDAAwB;AACxB,kDAAgE;AAChE,qDAK0B;AAC1B,4EAAuE;AAEvE,MAAM,qBAAqB,GAAG;IAC5B,MAAM,EAAE,QAAQ;IAChB,OAAO,EAAE,SAAS;IAClB,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,OAAO;IACd,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,SAAS;IAClB,GAAG,EAAE,KAAK;CACX,CAAC;AACF,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,SAAS,EAAE,GAAG,CAAC;CACjB,CAAC,CAAC;AAEH,MAAM,4BAA4B,GAAG,cAAI,CAAC,OAAO,CAC/C,SAAS,EACT,qCAAqC,CACtC,CAAC;AAEF,MAAM,uBAAuB,GAAG,IAAI,6CAAqB,CACvD,4BAA4B,CAC7B,CAAC;AAEF,SAAS,cAAc,CAAC,IAAa;IACnC,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;AAC9C,CAAC;AACD,SAAS,cAAc,CAAC,IAAa;IACnC,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,YAAY,gBAAC,CAAC,GAAG,CAC7C,IAAI,EACJ,eAAe,CAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;AACnC,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,4BAA4B,cAAc,CAAC,IAAI,CAAC,eAAe,gBAAC,CAAC,GAAG,CACzE,IAAI,EACJ,eAAe,CAChB,iBAAiB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;AAChD,CAAC;AACD,SAAS,UAAU,CAAC,KAAc;IAChC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QACxB,OAAO,KAAK;aACT,GAAG,CACF,CAAC,OAAO,EAAE,EAAE,CACV,kBAAkB,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,eAAe,gBAAC,CAAC,GAAG,CAC1D,OAAO,EACP,WAAW,CACZ,aAAa,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAC5C;aACA,IAAI,CAAC,IAAI,CAAC,CAAC;KACf;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QACvC,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;KAC7C;SAAM,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QAC9C,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;KAC5C;SAAM;QACL,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;KAC5C;AACH,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QACvC,OAAO,uCAAuC,CAAC;KAChD;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,UAAU,CAAC,KAAc;IAChC,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QACvC,OAAO,EAAE,CAAC;KACX;SAAM,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QAC9C,OAAO,0BAA0B,gBAAC,CAAC,GAAG,CACpC,KAAK,EACL,eAAe,CAChB,gBAAgB,CAAC;KACnB;SAAM;QACL,OAAO,GAAG,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,yBAAyB,gBAAC,CAAC,GAAG,CACnE,KAAK,EACL,eAAe,CAChB,oBAAoB,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;KACzD;AACH,CAAC;AACD,SAAS,OAAO,CAAC,IAAY;IAC3B,OAAO,uBAAuB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAC/C,CAAC;AACD,SAAS,UAAU,CAAC,KAAyB;IAC3C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,OAAO,KAAK,CAAC;KACd;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,gBAAgB,CACvB,IAA6B;IAE7B,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAC5B,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAA4B,CACnD,CAAC;IACF,MAAM,QAAQ,GAA8B,EAAE,CAAC;IAC/C,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC3B,QAAQ,CAAC,IAAI,CAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC1C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YAC7C,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACjC,OAAO,IAAI,CAAC;AACd,CAAC;AACD,MAAa,gBAAiB,SAAQ,8BAAa;IAqJjD,YAAY,cAAsB;QAChC,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QArJxE,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;aACzC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,gDAAgD;oBACtD,OAAO,EAAE,EAAC,IAAI,EAAE,kBAAkB,EAAC;oBACnC,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oBACjC,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE,EAAC,IAAI,EAAE,wBAAwB,EAAC;oBACzC,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE;wBACV;4BACE,IAAI,EAAE,YAAY;4BAClB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;gCAC3B,QAAQ,EAAE,IAAI;gCACd,SAAS,EAAE,KAAK;gCAChB,IAAI,EAAE,qBAAqB,CAAC,MAAM;6BACnC;yBACF;wBACD;4BACE,IAAI,EAAE,aAAa;4BACnB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;6BAC7B;yBACF;wBACD;4BACE,IAAI,EAAE,SAAS;4BACf,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,uBAAuB,EAAC;6BACvC;yBACF;wBACD;4BACE,IAAI,EAAE,iCAAiC;4BACvC,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,yCAAyC;oCAC/C,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,wBAAwB;4BAC9B,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,iCAAiC;oCACvC,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,yBAAyB;4BAC/B,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,kCAAkC;oCACxC,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,iCAAiC;4BACvC,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,0CAA0C;oCAChD,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,MAAM;4BACZ,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;6BAC/B;yBACF;wBACD;4BACE,IAAI,EAAE,WAAW;4BACjB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;6BAC3B;yBACF;wBACD;4BACE,IAAI,EAAE,eAAe;4BACrB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;6BAC/B;yBACF;wBACD;4BACE,IAAI,EAAE,eAAe;4BACrB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;6BAC/B;yBACF;qBACF;oBACD,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,UAAU;4BAChB,GAAG,EAAE,IAAI;4BACT,EAAE,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACjB,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;4BAChC,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAC;6BAC1C;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,WAAW;gCACjB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;4BAC7B,YAAY,EAAE;gCACZ,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC,EAAE,KAAK,EAAE,KAAK,EAAC;gCAC/C,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC,EAAE,KAAK,EAAE,SAAS,EAAC;gCAC/C,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC,EAAE,KAAK,EAAE,MAAM,EAAC;gCACzC,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC,EAAE,KAAK,EAAE,WAAW,EAAC;6BACpD;4BACD,IAAI,EAAE;gCACJ,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,mBAAmB,EAAC,EAAC;gCAClC,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,UAAU,EAAC,EAAC;6BACzD;4BACD,eAAe,EAAE,EAAE;4BACnB,IAAI,EAAE,EAAE;4BACR,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAC;oCAC7C,YAAY,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAC;oCACnD,OAAO,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAC;oCAC/C,SAAS,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;oCACpC,UAAU,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;iCACtC;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAGF,CAAC;IACD,WAAW,CACT,cAAgE;QAEhE,KAAK,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACpC,CAAC;CACF;AA7JD,4CA6JC"}
|
|
@@ -0,0 +1,14 @@
|
|
|
1
|
+
import { ExecJSON } from 'inspecjs';
|
|
2
|
+
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
|
+
export declare class SnykResults {
|
|
4
|
+
data: Record<string, unknown>;
|
|
5
|
+
customMapping?: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
6
|
+
constructor(snykJson: string);
|
|
7
|
+
toHdf(): ExecJSON.Execution[] | ExecJSON.Execution;
|
|
8
|
+
setMappings(customMapping: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
9
|
+
}
|
|
10
|
+
export declare class SnykMapper extends BaseConverter {
|
|
11
|
+
mappings: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
12
|
+
constructor(snykJson: Record<string, unknown>);
|
|
13
|
+
setMappings(customMappings: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
14
|
+
}
|
|
@@ -0,0 +1,165 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.SnykMapper = exports.SnykResults = void 0;
|
|
7
|
+
const inspecjs_1 = require("inspecjs");
|
|
8
|
+
const path_1 = __importDefault(require("path"));
|
|
9
|
+
const package_json_1 = require("../package.json");
|
|
10
|
+
const base_converter_1 = require("./base-converter");
|
|
11
|
+
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
12
|
+
const IMPACT_MAPPING = new Map([
|
|
13
|
+
['high', 0.7],
|
|
14
|
+
['medium', 0.5],
|
|
15
|
+
['low', 0.3]
|
|
16
|
+
]);
|
|
17
|
+
const CWE_NIST_MAPPING_FILE = path_1.default.resolve(__dirname, '../data/cwe-nist-mapping.csv');
|
|
18
|
+
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping(CWE_NIST_MAPPING_FILE);
|
|
19
|
+
const DEFAULT_NIST_TAG = ['SA-11', 'RA-5'];
|
|
20
|
+
function parseIdentifier(identifiers) {
|
|
21
|
+
const output = [];
|
|
22
|
+
if (identifiers !== undefined && Array.isArray(identifiers)) {
|
|
23
|
+
identifiers.forEach((element) => {
|
|
24
|
+
const numbers = element.split('-');
|
|
25
|
+
numbers.shift();
|
|
26
|
+
output.push(numbers.join('-'));
|
|
27
|
+
});
|
|
28
|
+
return output;
|
|
29
|
+
}
|
|
30
|
+
else {
|
|
31
|
+
return [];
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
function nistTag(identifiers) {
|
|
35
|
+
return CWE_NIST_MAPPING.nistFilter(parseIdentifier(identifiers), DEFAULT_NIST_TAG);
|
|
36
|
+
}
|
|
37
|
+
class SnykResults {
|
|
38
|
+
constructor(snykJson) {
|
|
39
|
+
this.data = JSON.parse(snykJson);
|
|
40
|
+
}
|
|
41
|
+
toHdf() {
|
|
42
|
+
const results = [];
|
|
43
|
+
if (Array.isArray(this.data)) {
|
|
44
|
+
this.data.forEach((element) => {
|
|
45
|
+
const entry = new SnykMapper(element);
|
|
46
|
+
if (this.customMapping !== undefined) {
|
|
47
|
+
entry.setMappings(this.customMapping);
|
|
48
|
+
}
|
|
49
|
+
results.push(entry.toHdf());
|
|
50
|
+
});
|
|
51
|
+
return results;
|
|
52
|
+
}
|
|
53
|
+
else {
|
|
54
|
+
const result = new SnykMapper(this.data);
|
|
55
|
+
if (this.customMapping !== undefined) {
|
|
56
|
+
result.setMappings(this.customMapping);
|
|
57
|
+
}
|
|
58
|
+
return result.toHdf();
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
setMappings(customMapping) {
|
|
62
|
+
this.customMapping = customMapping;
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
exports.SnykResults = SnykResults;
|
|
66
|
+
class SnykMapper extends base_converter_1.BaseConverter {
|
|
67
|
+
constructor(snykJson) {
|
|
68
|
+
super(snykJson);
|
|
69
|
+
this.mappings = {
|
|
70
|
+
platform: {
|
|
71
|
+
name: 'Heimdall Tools',
|
|
72
|
+
release: package_json_1.version,
|
|
73
|
+
target_id: { path: 'projectName' }
|
|
74
|
+
},
|
|
75
|
+
version: package_json_1.version,
|
|
76
|
+
statistics: {
|
|
77
|
+
duration: null
|
|
78
|
+
},
|
|
79
|
+
profiles: [
|
|
80
|
+
{
|
|
81
|
+
name: { path: 'policy' },
|
|
82
|
+
version: {
|
|
83
|
+
path: 'policy',
|
|
84
|
+
transformer: (policy) => {
|
|
85
|
+
if (typeof policy === 'string') {
|
|
86
|
+
return policy.split('version: ')[1].split('\n')[0];
|
|
87
|
+
}
|
|
88
|
+
else {
|
|
89
|
+
return '';
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
},
|
|
93
|
+
title: {
|
|
94
|
+
path: 'projectName',
|
|
95
|
+
transformer: (projectName) => {
|
|
96
|
+
return `Snyk Project: ${projectName}`;
|
|
97
|
+
}
|
|
98
|
+
},
|
|
99
|
+
maintainer: null,
|
|
100
|
+
summary: {
|
|
101
|
+
path: 'summary',
|
|
102
|
+
transformer: (summary) => {
|
|
103
|
+
return `Snyk Summary: ${summary}`;
|
|
104
|
+
}
|
|
105
|
+
},
|
|
106
|
+
license: null,
|
|
107
|
+
copyright: null,
|
|
108
|
+
copyright_email: null,
|
|
109
|
+
supports: [],
|
|
110
|
+
attributes: [],
|
|
111
|
+
depends: [],
|
|
112
|
+
groups: [],
|
|
113
|
+
status: 'loaded',
|
|
114
|
+
controls: [
|
|
115
|
+
{
|
|
116
|
+
path: 'vulnerabilities',
|
|
117
|
+
key: 'id',
|
|
118
|
+
tags: {
|
|
119
|
+
nist: { path: 'identifiers.CWE', transformer: nistTag },
|
|
120
|
+
cweid: { path: 'identifiers.CWE', transformer: parseIdentifier },
|
|
121
|
+
cveid: { path: 'identifiers.CVE', transformer: parseIdentifier },
|
|
122
|
+
ghsaid: { path: 'identifiers.GHSA', transformer: parseIdentifier }
|
|
123
|
+
},
|
|
124
|
+
descriptions: [],
|
|
125
|
+
refs: [],
|
|
126
|
+
source_location: {},
|
|
127
|
+
title: { path: 'title' },
|
|
128
|
+
id: { path: 'id' },
|
|
129
|
+
desc: { path: 'description' },
|
|
130
|
+
impact: {
|
|
131
|
+
path: 'severity',
|
|
132
|
+
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
133
|
+
},
|
|
134
|
+
code: '',
|
|
135
|
+
results: [
|
|
136
|
+
{
|
|
137
|
+
status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
|
|
138
|
+
code_desc: {
|
|
139
|
+
path: 'from',
|
|
140
|
+
transformer: (input) => {
|
|
141
|
+
if (Array.isArray(input)) {
|
|
142
|
+
return `From : [ ${input.join(' , ')} ]`;
|
|
143
|
+
}
|
|
144
|
+
else {
|
|
145
|
+
return '';
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
},
|
|
149
|
+
run_time: 0,
|
|
150
|
+
start_time: ''
|
|
151
|
+
}
|
|
152
|
+
]
|
|
153
|
+
}
|
|
154
|
+
],
|
|
155
|
+
sha256: ''
|
|
156
|
+
}
|
|
157
|
+
]
|
|
158
|
+
};
|
|
159
|
+
}
|
|
160
|
+
setMappings(customMappings) {
|
|
161
|
+
super.setMappings(customMappings);
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
exports.SnykMapper = SnykMapper;
|
|
165
|
+
//# sourceMappingURL=snyk-mapper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"snyk-mapper.js","sourceRoot":"","sources":["../../src/snyk-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,gDAAwB;AACxB,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AAEzD,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AACH,MAAM,qBAAqB,GAAG,cAAI,CAAC,OAAO,CACxC,SAAS,EACT,8BAA8B,CAC/B,CAAC;AACF,MAAM,gBAAgB,GAAG,IAAI,+BAAc,CAAC,qBAAqB,CAAC,CAAC;AACnE,MAAM,gBAAgB,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AAE3C,SAAS,eAAe,CAAC,WAAgC;IACvD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,WAAW,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QAC3D,WAAW,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC9B,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnC,OAAO,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;QACH,OAAO,MAAM,CAAC;KACf;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,OAAO,CAAC,WAAsB;IACrC,OAAO,gBAAgB,CAAC,UAAU,CAChC,eAAe,CAAC,WAAW,CAAC,EAC5B,gBAAgB,CACjB,CAAC;AACJ,CAAC;AAED,MAAa,WAAW;IAGtB,YAAY,QAAgB;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,KAAK;QACH,MAAM,OAAO,GAAyB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;gBACtC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE;oBACpC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;iBACvC;gBACD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC9B,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;SAChB;aAAM;YACL,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE;gBACpC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;aACxC;YACD,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;SACvB;IACH,CAAC;IACD,WAAW,CACT,aAA+D;QAE/D,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;CACF;AA/BD,kCA+BC;AAED,MAAa,UAAW,SAAQ,8BAAa;IAyF3C,YAAY,QAAiC;QAC3C,KAAK,CAAC,QAAQ,CAAC,CAAC;QAzFlB,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;aACjC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;oBACtB,OAAO,EAAE;wBACP,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,CAAC,MAAe,EAAU,EAAE;4BACvC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;gCAC9B,OAAO,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;6BACpD;iCAAM;gCACL,OAAO,EAAE,CAAC;6BACX;wBACH,CAAC;qBACF;oBACD,KAAK,EAAE;wBACL,IAAI,EAAE,aAAa;wBACnB,WAAW,EAAE,CAAC,WAAoB,EAAU,EAAE;4BAC5C,OAAO,iBAAiB,WAAW,EAAE,CAAC;wBACxC,CAAC;qBACF;oBACD,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE;wBACP,IAAI,EAAE,SAAS;wBACf,WAAW,EAAE,CAAC,OAAgB,EAAU,EAAE;4BACxC,OAAO,iBAAiB,OAAO,EAAE,CAAC;wBACpC,CAAC;qBACF;oBACD,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,OAAO,EAAC;gCACrD,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,eAAe,EAAC;gCAC9D,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,eAAe,EAAC;gCAC9D,MAAM,EAAE,EAAC,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,eAAe,EAAC;6BACjE;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;4BACtB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE,EAAE;4BACR,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,MAAM;wCACZ,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4CACtC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;gDACxB,OAAO,YAAY,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;6CAC1C;iDAAM;gDACL,OAAO,EAAE,CAAC;6CACX;wCACH,CAAC;qCACF;oCACD,QAAQ,EAAE,CAAC;oCACX,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAGF,CAAC;IACD,WAAW,CACT,cAAgE;QAEhE,KAAK,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACpC,CAAC;CACF;AAjGD,gCAiGC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import { ExecJSON } from 'inspecjs';
|
|
2
|
+
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
|
+
export declare class XCCDFResultsMapper extends BaseConverter {
|
|
4
|
+
mappings: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
5
|
+
constructor(scapXml: string);
|
|
6
|
+
}
|