@mitre/hdf-converters 2.6.21 → 2.6.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.d.ts +1 -1
- package/lib/index.js +3 -2
- package/lib/index.js.map +1 -1
- package/lib/package.json +2 -2
- package/lib/src/asff-mapper/asff-mapper.d.ts +106 -0
- package/lib/src/asff-mapper/asff-mapper.js +462 -0
- package/lib/src/asff-mapper/asff-mapper.js.map +1 -0
- package/lib/src/asff-mapper/case-firewall-manager.d.ts +1 -0
- package/lib/src/asff-mapper/case-firewall-manager.js +27 -0
- package/lib/src/asff-mapper/case-firewall-manager.js.map +1 -0
- package/lib/src/asff-mapper/case-hdf2asff.d.ts +1 -0
- package/lib/src/asff-mapper/case-hdf2asff.js +192 -0
- package/lib/src/asff-mapper/case-hdf2asff.js.map +1 -0
- package/lib/src/asff-mapper/case-prowler.d.ts +1 -0
- package/lib/src/asff-mapper/case-prowler.js +39 -0
- package/lib/src/asff-mapper/case-prowler.js.map +1 -0
- package/lib/src/asff-mapper/case-security-hub.d.ts +1 -0
- package/lib/src/asff-mapper/case-security-hub.js +136 -0
- package/lib/src/asff-mapper/case-security-hub.js.map +1 -0
- package/lib/src/asff-mapper/case-trivy.d.ts +1 -0
- package/lib/src/asff-mapper/case-trivy.js +71 -0
- package/lib/src/asff-mapper/case-trivy.js.map +1 -0
- package/lib/src/base-converter.js +8 -12
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.js +2 -2
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.js +8 -4
- package/lib/src/converters-from-hdf/asff/transformers.js.map +1 -1
- package/lib/src/fortify-mapper.js +1 -3
- package/lib/src/fortify-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.js +2 -2
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/mappings/ScoutsuiteNistMapping.js +3 -3
- package/lib/src/mappings/ScoutsuiteNistMapping.js.map +1 -1
- package/lib/src/nessus-mapper.js +8 -3
- package/lib/src/nessus-mapper.js.map +1 -1
- package/lib/src/netsparker-mapper.js +2 -2
- package/lib/src/netsparker-mapper.js.map +1 -1
- package/lib/src/prisma-mapper.js +2 -2
- package/lib/src/prisma-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.js +2 -2
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/snyk-mapper.js +2 -2
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/splunk-mapper.d.ts +1 -0
- package/lib/src/splunk-mapper.js +4 -3
- package/lib/src/splunk-mapper.js.map +1 -1
- package/lib/src/utils/global.d.ts +2 -0
- package/lib/src/utils/global.js +3 -1
- package/lib/src/utils/global.js.map +1 -1
- package/lib/src/xccdf-results-mapper.js +2 -2
- package/lib/src/xccdf-results-mapper.js.map +1 -1
- package/lib/src/zap-mapper.js +2 -8
- package/lib/src/zap-mapper.js.map +1 -1
- package/package.json +2 -2
- package/lib/src/asff-mapper.d.ts +0 -25
- package/lib/src/asff-mapper.js +0 -887
- package/lib/src/asff-mapper.js.map +0 -1
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getFirewallManager = void 0;
|
|
7
|
+
const html_entities_1 = require("html-entities");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
function findingId(finding) {
|
|
10
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(finding, 'Title'));
|
|
11
|
+
}
|
|
12
|
+
function productName(findings) {
|
|
13
|
+
const finding = Array.isArray(findings) ? findings[0] : findings;
|
|
14
|
+
return (0, html_entities_1.encode)(`${lodash_1.default.get(finding, 'ProductFields.aws/securityhub/CompanyName')} ${lodash_1.default.get(finding, 'ProductFields.aws/securityhub/ProductName')}`);
|
|
15
|
+
}
|
|
16
|
+
function filename(findingInfo) {
|
|
17
|
+
return `${productName(findingInfo[1])}.json`;
|
|
18
|
+
}
|
|
19
|
+
function getFirewallManager() {
|
|
20
|
+
return {
|
|
21
|
+
findingId,
|
|
22
|
+
productName,
|
|
23
|
+
filename
|
|
24
|
+
};
|
|
25
|
+
}
|
|
26
|
+
exports.getFirewallManager = getFirewallManager;
|
|
27
|
+
//# sourceMappingURL=case-firewall-manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"case-firewall-manager.js","sourceRoot":"","sources":["../../../src/asff-mapper/case-firewall-manager.ts"],"names":[],"mappings":";;;;;;AAAA,iDAAqC;AACrC,oDAAuB;AAEvB,SAAS,SAAS,CAAC,OAAgC;IACjD,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAW,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,WAAW,CAClB,QAA6D;IAE7D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IACjE,OAAO,IAAA,sBAAM,EACX,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,2CAA2C,CAAC,IAAI,gBAAC,CAAC,GAAG,CACrE,OAAO,EACP,2CAA2C,CAC5C,EAAE,CACJ,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CACf,WAAiE;IAEjE,OAAO,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;AAC/C,CAAC;AAED,SAAgB,kBAAkB;IAChC,OAAO;QACL,SAAS;QACT,WAAW;QACX,QAAQ;KACT,CAAC;AACJ,CAAC;AAND,gDAMC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function getHDF2ASFF(): Record<string, (...inputs: any) => any>;
|
|
@@ -0,0 +1,192 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getHDF2ASFF = void 0;
|
|
7
|
+
const html_entities_1 = require("html-entities");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const global_1 = require("../utils/global");
|
|
10
|
+
const asff_mapper_1 = require("./asff-mapper");
|
|
11
|
+
function replaceTypesSlashes(type) {
|
|
12
|
+
if (!lodash_1.default.isString(type)) {
|
|
13
|
+
return type;
|
|
14
|
+
}
|
|
15
|
+
return type.replace(global_1.FROM_ASFF_TYPES_SLASH_REPLACEMENT, '/');
|
|
16
|
+
}
|
|
17
|
+
function objectifyTypesArray(typesArray) {
|
|
18
|
+
if (!Array.isArray(typesArray)) {
|
|
19
|
+
typesArray = lodash_1.default.get(typesArray, 'FindingProviderFields.Types');
|
|
20
|
+
}
|
|
21
|
+
const ret = {};
|
|
22
|
+
for (const typeString of typesArray) {
|
|
23
|
+
lodash_1.default.merge(ret, (() => {
|
|
24
|
+
const [type, attribute, value] = typeString.split('/');
|
|
25
|
+
let parsed = replaceTypesSlashes(value);
|
|
26
|
+
try {
|
|
27
|
+
parsed = JSON.parse(parsed);
|
|
28
|
+
}
|
|
29
|
+
catch { }
|
|
30
|
+
return { [type]: { [attribute]: parsed } };
|
|
31
|
+
})());
|
|
32
|
+
}
|
|
33
|
+
return ret;
|
|
34
|
+
}
|
|
35
|
+
function findExecutionFindingIndex(asffOrFindings, asffFindingToMatch) {
|
|
36
|
+
if (asffFindingToMatch) {
|
|
37
|
+
const targetToMatch = asffFindingToMatch.Id.split('/')[0];
|
|
38
|
+
return lodash_1.default.findIndex(Array.isArray(asffOrFindings)
|
|
39
|
+
? asffOrFindings
|
|
40
|
+
: lodash_1.default.get(asffOrFindings, 'Findings'), (finding) => lodash_1.default.get(finding, 'Id').split('/').length === 2 &&
|
|
41
|
+
lodash_1.default.get(finding, 'Id').startsWith(targetToMatch));
|
|
42
|
+
}
|
|
43
|
+
return lodash_1.default.findIndex(Array.isArray(asffOrFindings)
|
|
44
|
+
? asffOrFindings
|
|
45
|
+
: lodash_1.default.get(asffOrFindings, 'Findings'), (finding) => lodash_1.default.get(finding, 'Id').split('/').length === 2);
|
|
46
|
+
}
|
|
47
|
+
function preprocessingASFF(asff) {
|
|
48
|
+
const clone = lodash_1.default.cloneDeep(asff);
|
|
49
|
+
const index = findExecutionFindingIndex(clone);
|
|
50
|
+
lodash_1.default.pullAt(lodash_1.default.get(clone, 'Findings'), index);
|
|
51
|
+
return clone;
|
|
52
|
+
}
|
|
53
|
+
function supportingDocs(input) {
|
|
54
|
+
const [asff, docs] = input;
|
|
55
|
+
const index = findExecutionFindingIndex(asff);
|
|
56
|
+
const docsClone = lodash_1.default.cloneDeep(docs);
|
|
57
|
+
docsClone.set(asff_mapper_1.SpecialCasing.HDF2ASFF, {
|
|
58
|
+
execution: lodash_1.default.get(asff, `Findings[${index}]`)
|
|
59
|
+
});
|
|
60
|
+
return docsClone;
|
|
61
|
+
}
|
|
62
|
+
function productName(findings) {
|
|
63
|
+
const finding = Array.isArray(findings) ? findings[0] : findings;
|
|
64
|
+
const name = lodash_1.default.get(finding, 'Id');
|
|
65
|
+
return (0, html_entities_1.encode)(name.split('/').slice(0, 2).join(' - '));
|
|
66
|
+
}
|
|
67
|
+
function doesNotHaveFindingTitlePrefix() {
|
|
68
|
+
return true;
|
|
69
|
+
}
|
|
70
|
+
function code(group) {
|
|
71
|
+
return group[0].code || '';
|
|
72
|
+
}
|
|
73
|
+
function waiverData(group) {
|
|
74
|
+
return group[0].waiver_data || {};
|
|
75
|
+
}
|
|
76
|
+
function filename(findingInfo) {
|
|
77
|
+
const index = findExecutionFindingIndex(findingInfo[1], findingInfo[0]);
|
|
78
|
+
const target = replaceTypesSlashes(lodash_1.default.get(findingInfo[1][index], 'Id').split('/')[0]);
|
|
79
|
+
const finding = findingInfo[0];
|
|
80
|
+
return `${lodash_1.default.get(objectifyTypesArray(finding), 'File.Input')}-${target}.json`;
|
|
81
|
+
}
|
|
82
|
+
function getCodeForProfileLayer(finding, profileName) {
|
|
83
|
+
var _a, _b, _c;
|
|
84
|
+
const profileLayerToCodeMapping = {};
|
|
85
|
+
(_c = (_b = (_a = lodash_1.default.get(finding, 'Resources')
|
|
86
|
+
.find((resource) => resource.Type === 'AwsIamRole')) === null || _a === void 0 ? void 0 : _a.Details) === null || _b === void 0 ? void 0 : _b.AwsIamRole) === null || _c === void 0 ? void 0 : _c.AssumeRolePolicyDocument.split('=========================================================\n# Profile name: ').filter((codeLayer) => codeLayer).forEach((codeLayer) => {
|
|
87
|
+
const [profileLevel, code] = codeLayer.split('\n=========================================================\n\n');
|
|
88
|
+
profileLayerToCodeMapping[profileLevel] = code
|
|
89
|
+
.split('Test Description:')[0]
|
|
90
|
+
.trim();
|
|
91
|
+
});
|
|
92
|
+
if (profileName in profileLayerToCodeMapping) {
|
|
93
|
+
return profileLayerToCodeMapping[profileName];
|
|
94
|
+
}
|
|
95
|
+
else {
|
|
96
|
+
return '';
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
function mapping(context) {
|
|
100
|
+
var _a;
|
|
101
|
+
const execution = lodash_1.default.get(context.supportingDocs.get(asff_mapper_1.SpecialCasing.HDF2ASFF), 'execution');
|
|
102
|
+
const executionTypes = objectifyTypesArray(execution);
|
|
103
|
+
const profileNames = Object.keys(executionTypes || {}).filter((type) => !['MITRE', 'File', 'Execution'].includes(type));
|
|
104
|
+
return {
|
|
105
|
+
shortcircuit: true,
|
|
106
|
+
passthrough: lodash_1.default.get(executionTypes, 'Execution.passthrough'),
|
|
107
|
+
platform: {
|
|
108
|
+
...lodash_1.default.get(executionTypes, 'Execution.platform'),
|
|
109
|
+
target_id: ((_a = context.supportingDocs.get(asff_mapper_1.SpecialCasing.HDF2ASFF)) === null || _a === void 0 ? void 0 : _a.execution.Id).split('/')[0]
|
|
110
|
+
},
|
|
111
|
+
version: lodash_1.default.get(executionTypes, 'Execution.version'),
|
|
112
|
+
statistics: lodash_1.default.get(executionTypes, 'Execution.statistics'),
|
|
113
|
+
profiles: lodash_1.default.map(profileNames, (profileName, index) => {
|
|
114
|
+
return {
|
|
115
|
+
name: lodash_1.default.get(executionTypes, `${profileName}.name`),
|
|
116
|
+
version: lodash_1.default.get(executionTypes, `${profileName}.version`),
|
|
117
|
+
title: lodash_1.default.get(executionTypes, `${profileName}.title`),
|
|
118
|
+
maintainer: lodash_1.default.get(executionTypes, `${profileName}.maintainer`),
|
|
119
|
+
summary: lodash_1.default.get(executionTypes, `${profileName}.summary`),
|
|
120
|
+
license: lodash_1.default.get(executionTypes, `${profileName}.license`),
|
|
121
|
+
copyright: lodash_1.default.get(executionTypes, `${profileName}.copyright`),
|
|
122
|
+
copyright_email: lodash_1.default.get(executionTypes, `${profileName}.copyright_email`),
|
|
123
|
+
supports: lodash_1.default.get(executionTypes, `${profileName}.supports`, []),
|
|
124
|
+
attributes: lodash_1.default.get(executionTypes, `${profileName}.attributes`, []),
|
|
125
|
+
depends: lodash_1.default.get(executionTypes, `${profileName}.depends`),
|
|
126
|
+
groups: [],
|
|
127
|
+
status: lodash_1.default.get(executionTypes, `${profileName}.status`),
|
|
128
|
+
description: lodash_1.default.get(executionTypes, `${profileName}.description`),
|
|
129
|
+
inspec_version: lodash_1.default.get(executionTypes, `${profileName}.inspec_version`),
|
|
130
|
+
parent_profile: lodash_1.default.get(executionTypes, `${profileName}.parent_profile`),
|
|
131
|
+
skip_message: lodash_1.default.get(executionTypes, `${profileName}.skip_message`),
|
|
132
|
+
status_message: lodash_1.default.get(executionTypes, `${profileName}.status_message`),
|
|
133
|
+
controls: (0, asff_mapper_1.consolidate)(context, (() => {
|
|
134
|
+
return lodash_1.default.map(lodash_1.default.get(context.data, 'Findings'), (finding) => {
|
|
135
|
+
const findingTypes = objectifyTypesArray(finding);
|
|
136
|
+
return {
|
|
137
|
+
id: lodash_1.default.get(findingTypes, 'Control.ID'),
|
|
138
|
+
...(lodash_1.default.has(findingTypes, 'Control.Title') && {
|
|
139
|
+
title: lodash_1.default.get(findingTypes, 'Control.Title')
|
|
140
|
+
}),
|
|
141
|
+
...(lodash_1.default.has(findingTypes, 'Control.Desc') && {
|
|
142
|
+
desc: lodash_1.default.get(findingTypes, 'Control.Desc')
|
|
143
|
+
}),
|
|
144
|
+
impact: lodash_1.default.get(findingTypes, 'Control.Impact'),
|
|
145
|
+
tags: {
|
|
146
|
+
...lodash_1.default.omit(lodash_1.default.get(findingTypes, 'Tags'), ['nist']),
|
|
147
|
+
nist: (() => {
|
|
148
|
+
const nisttags = lodash_1.default.get(findingTypes, 'Tags.nist');
|
|
149
|
+
if (nisttags === undefined || nisttags.length === 0) {
|
|
150
|
+
return global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS;
|
|
151
|
+
}
|
|
152
|
+
return nisttags;
|
|
153
|
+
})()
|
|
154
|
+
},
|
|
155
|
+
descriptions: lodash_1.default.map(Object.entries(lodash_1.default.get(findingTypes, 'Descriptions') || {}), ([key, value]) => ({ label: key, data: value })),
|
|
156
|
+
refs: lodash_1.default.get(findingTypes, 'Control.Refs', []),
|
|
157
|
+
source_location: lodash_1.default.get(findingTypes, 'Control.Source_Location', {}),
|
|
158
|
+
...(lodash_1.default.has(findingTypes, 'Control.Waiver_Data') && {
|
|
159
|
+
waiver_data: lodash_1.default.get(findingTypes, 'Control.Waiver_Data')
|
|
160
|
+
}),
|
|
161
|
+
code: getCodeForProfileLayer(finding, profileName),
|
|
162
|
+
results: index === profileNames.length - 1
|
|
163
|
+
? [
|
|
164
|
+
{
|
|
165
|
+
code_desc: lodash_1.default.get(findingTypes, 'Segment.code_desc'),
|
|
166
|
+
start_time: lodash_1.default.get(findingTypes, 'Segment.start_time'),
|
|
167
|
+
...lodash_1.default.omit(lodash_1.default.get(findingTypes, 'Segment'), ['code_desc', 'start_time'])
|
|
168
|
+
}
|
|
169
|
+
]
|
|
170
|
+
: []
|
|
171
|
+
};
|
|
172
|
+
});
|
|
173
|
+
})(), context.data),
|
|
174
|
+
sha256: lodash_1.default.get(executionTypes, `${profileName}.sha256`)
|
|
175
|
+
};
|
|
176
|
+
})
|
|
177
|
+
};
|
|
178
|
+
}
|
|
179
|
+
function getHDF2ASFF() {
|
|
180
|
+
return {
|
|
181
|
+
preprocessingASFF,
|
|
182
|
+
supportingDocs,
|
|
183
|
+
productName,
|
|
184
|
+
doesNotHaveFindingTitlePrefix,
|
|
185
|
+
code,
|
|
186
|
+
waiverData,
|
|
187
|
+
filename,
|
|
188
|
+
mapping
|
|
189
|
+
};
|
|
190
|
+
}
|
|
191
|
+
exports.getHDF2ASFF = getHDF2ASFF;
|
|
192
|
+
//# sourceMappingURL=case-hdf2asff.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"case-hdf2asff.js","sourceRoot":"","sources":["../../../src/asff-mapper/case-hdf2asff.ts"],"names":[],"mappings":";;;;;;AAAA,iDAAqC;AAErC,oDAAuB;AAEvB,4CAGyB;AACzB,+CAAqE;AAErE,SAAS,mBAAmB,CAAI,IAAO;IACrC,IAAI,CAAC,gBAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;QACrB,OAAO,IAAI,CAAC;KACb;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,0CAAiC,EAAE,GAAG,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,mBAAmB,CAC1B,UAA8C;IAE9C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QAC9B,UAAU,GAAG,gBAAC,CAAC,GAAG,CAAC,UAAU,EAAE,6BAA6B,CAAa,CAAC;KAC3E;IACD,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,KAAK,MAAM,UAAU,IAAI,UAAU,EAAE;QACnC,gBAAC,CAAC,KAAK,CACL,GAAG,EACH,CAAC,GAA4B,EAAE;YAC7B,MAAM,CAAC,IAAI,EAAE,SAAS,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACvD,IAAI,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;YACxC,IAAI;gBACF,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;aAC7B;YAAC,MAAM,GAAE;YACV,OAAO,EAAC,CAAC,IAAI,CAAC,EAAE,EAAC,CAAC,SAAS,CAAC,EAAE,MAAM,EAAC,EAAC,CAAC;QACzC,CAAC,CAAC,EAAE,CACL,CAAC;KACH;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,yBAAyB,CAChC,cAAmE,EACnE,kBAAiC;IAEjC,IAAI,kBAAkB,EAAE;QACtB,MAAM,aAAa,GAAG,kBAAkB,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1D,OAAO,gBAAC,CAAC,SAAS,CAChB,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;YAC3B,CAAC,CAAC,cAAc;YAChB,CAAC,CAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,UAAU,CAA+B,EACpE,CAAC,OAAO,EAAE,EAAE,CACT,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC;YACvD,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAY,CAAC,UAAU,CAAC,aAAa,CAAC,CAC7D,CAAC;KACH;IACD,OAAO,gBAAC,CAAC,SAAS,CAChB,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;QAC3B,CAAC,CAAC,cAAc;QAChB,CAAC,CAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,UAAU,CAA+B,EACpE,CAAC,OAAO,EAAE,EAAE,CAAE,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CACtE,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CACxB,IAA6B;IAE7B,MAAM,KAAK,GAAG,gBAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAChC,MAAM,KAAK,GAAG,yBAAyB,CAAC,KAAK,CAAC,CAAC;IAC/C,gBAAC,CAAC,MAAM,CAAC,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAA8B,EAAE,KAAK,CAAC,CAAC;IACvE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CACrB,KAGC;IAED,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC;IAC3B,MAAM,KAAK,GAAG,yBAAyB,CAAC,IAAI,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,gBAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACpC,SAAS,CAAC,GAAG,CAAC,2BAAa,CAAC,QAAQ,EAAE;QACpC,SAAS,EAAE,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,YAAY,KAAK,GAAG,CAA4B;KACxE,CAAC,CAAC;IACH,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,WAAW,CAClB,QAA6D;IAE7D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IACjE,MAAM,IAAI,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAW,CAAC;IAC5C,OAAO,IAAA,sBAAM,EAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;AACzD,CAAC;AAED,SAAS,6BAA6B;IACpC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,IAAI,CAAC,KAAyB;IACrC,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC;AAC7B,CAAC;AAED,SAAS,UAAU,CAAC,KAAyB;IAC3C,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC;AACpC,CAAC;AAED,SAAS,QAAQ,CACf,WAAiE;IAEjE,MAAM,KAAK,GAAG,yBAAyB,CACrC,WAAW,CAAC,CAAC,CAAC,EACd,WAAW,CAAC,CAAC,CAAiB,CAC/B,CAAC;IAEF,MAAM,MAAM,GAAG,mBAAmB,CAC/B,gBAAC,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,IAAI,CAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAC7D,CAAC;IACF,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IAC/B,OAAO,GAAG,gBAAC,CAAC,GAAG,CAAC,mBAAmB,CAAC,OAAO,CAAC,EAAE,YAAY,CAAC,IAAI,MAAM,OAAO,CAAC;AAC/E,CAAC;AAED,SAAS,sBAAsB,CAC7B,OAAgC,EAChC,WAAmB;;IAEnB,MAAM,yBAAyB,GAA2B,EAAE,CAAC;IAC7D,MAAA,MAAA,MACE,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAO3B;SACE,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,CAAC,0CACjD,OAAO,0CAAE,UAAU,0CAAE,wBAAwB,CAAC,KAAK,CACnD,6EAA6E,EAE9E,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,EAC/B,OAAO,CAAC,CAAC,SAAS,EAAE,EAAE;QACrB,MAAM,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG,SAAS,CAAC,KAAK,CAC1C,iEAAiE,CAClE,CAAC;QACF,yBAAyB,CAAC,YAAY,CAAC,GAAG,IAAI;aAC3C,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAAC;aAC7B,IAAI,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;IACL,IAAI,WAAW,IAAI,yBAAyB,EAAE;QAC5C,OAAO,yBAAyB,CAAC,WAAW,CAAC,CAAC;KAC/C;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED,SAAS,OAAO,CACd,OAAmB;;IAEnB,MAAM,SAAS,GAAG,gBAAC,CAAC,GAAG,CACrB,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,2BAAa,CAAC,QAAQ,CAAC,EAClD,WAAW,CACZ,CAAC;IACF,MAAM,cAAc,GAAG,mBAAmB,CACxC,SAAoC,CACrC,CAAC;IACF,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,MAAM,CAC3D,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CACzD,CAAC;IACF,OAAO;QACL,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,uBAAuB,CAAC;QAC3D,QAAQ,EAAE;YACR,GAAI,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,oBAAoB,CAAuB;YACrE,SAAS,EAAE,CACT,MAAA,OAAO,CAAC,cAAc,CAAC,GAAG,CAAC,2BAAa,CAAC,QAAQ,CAAC,0CAAE,SAAS,CAC1D,EACJ,CAAA,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAChB;QACD,OAAO,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,mBAAmB,CAAC;QACnD,UAAU,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,sBAAsB,CAAC;QACzD,QAAQ,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,WAAmB,EAAE,KAAa,EAAE,EAAE;YAEnE,OAAO;gBACL,IAAI,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,OAAO,CAAC;gBAClD,OAAO,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,UAAU,CAAC;gBACxD,KAAK,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,QAAQ,CAAC;gBACpD,UAAU,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,aAAa,CAAC;gBAC9D,OAAO,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,UAAU,CAAC;gBACxD,OAAO,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,UAAU,CAAC;gBACxD,SAAS,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,YAAY,CAAC;gBAC5D,eAAe,EAAE,gBAAC,CAAC,GAAG,CACpB,cAAc,EACd,GAAG,WAAW,kBAAkB,CACjC;gBACD,QAAQ,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,WAAW,EAAE,EAAE,CAAC;gBAC9D,UAAU,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,aAAa,EAAE,EAAE,CAAC;gBAClE,OAAO,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,UAAU,CAAC;gBACxD,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,SAAS,CAAC;gBACtD,WAAW,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,cAAc,CAAC;gBAChE,cAAc,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,iBAAiB,CAAC;gBACtE,cAAc,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,iBAAiB,CAAC;gBACtE,YAAY,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,eAAe,CAAC;gBAClE,cAAc,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,iBAAiB,CAAC;gBACtE,QAAQ,EAAE,IAAA,yBAAW,EACnB,OAAO,EACP,CAAC,GAAuB,EAAE;oBACxB,OAAO,gBAAC,CAAC,GAAG,CACV,gBAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAA8B,EAC5D,CAAC,OAAgC,EAAE,EAAE;wBACnC,MAAM,YAAY,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;wBAClD,OAAO;4BACL,EAAE,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,YAAY,CAAC;4BACrC,GAAG,CAAC,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,IAAI;gCAC1C,KAAK,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC;6BAC5C,CAAC;4BACF,GAAG,CAAC,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC,IAAI;gCACzC,IAAI,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAAC;6BAC1C,CAAC;4BACF,MAAM,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,gBAAgB,CAAC;4BAC7C,IAAI,EAAE;gCACJ,GAAG,gBAAC,CAAC,IAAI,CACP,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,MAAM,CAA8B,EACxD,CAAC,MAAM,CAAC,CACT;gCACD,IAAI,EAAE,CAAC,GAAa,EAAE;oCACpB,MAAM,QAAQ,GAAG,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,WAAW,CAEpC,CAAC;oCACb,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE;wCACnD,OAAO,+CAAsC,CAAC;qCAC/C;oCACD,OAAO,QAAQ,CAAC;gCAClB,CAAC,CAAC,EAAE;6BACL;4BACD,YAAY,EAAE,gBAAC,CAAC,GAAG,CACjB,MAAM,CAAC,OAAO,CACX,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,CAGjC,IAAI,EAAE,CACT,EACD,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAC,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,KAAK,EAAC,CAAC,CAC9C;4BACD,IAAI,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,cAAc,EAAE,EAAE,CAAC;4BAC7C,eAAe,EAAE,gBAAC,CAAC,GAAG,CACpB,YAAY,EACZ,yBAAyB,EACzB,EAAE,CACH;4BACD,GAAG,CAAC,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,qBAAqB,CAAC,IAAI;gCAChD,WAAW,EAAE,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,qBAAqB,CAAC;6BACxD,CAAC;4BACF,IAAI,EAAE,sBAAsB,CAAC,OAAO,EAAE,WAAW,CAAC;4BAElD,OAAO,EACL,KAAK,KAAK,YAAY,CAAC,MAAM,GAAG,CAAC;gCAC/B,CAAC,CAAC;oCACE;wCACE,SAAS,EAAE,gBAAC,CAAC,GAAG,CACd,YAAY,EACZ,mBAAmB,CACV;wCACX,UAAU,EAAE,gBAAC,CAAC,GAAG,CACf,YAAY,EACZ,oBAAoB,CACX;wCACX,GAAG,gBAAC,CAAC,IAAI,CACP,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAG5B,EACD,CAAC,WAAW,EAAE,YAAY,CAAC,CAC5B;qCACF;iCACF;gCACH,CAAC,CAAC,EAAE;yBACW,CAAC;oBACxB,CAAC,CACF,CAAC;gBACJ,CAAC,CAAC,EAAE,EACJ,OAAO,CAAC,IAAI,CACb;gBACD,MAAM,EAAE,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,WAAW,SAAS,CAAC;aACnC,CAAC;QACxB,CAAC,CAAC;KACiD,CAAC;AACxD,CAAC;AAED,SAAgB,WAAW;IACzB,OAAO;QACL,iBAAiB;QACjB,cAAc;QACd,WAAW;QACX,6BAA6B;QAC7B,IAAI;QACJ,UAAU;QACV,QAAQ;QACR,OAAO;KACR,CAAC;AACJ,CAAC;AAXD,kCAWC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function getProwler(): Record<string, (...inputs: any) => any>;
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getProwler = void 0;
|
|
7
|
+
const html_entities_1 = require("html-entities");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const desc = () => ' ';
|
|
10
|
+
function subfindingsCodeDesc(finding) {
|
|
11
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(finding, 'Description'));
|
|
12
|
+
}
|
|
13
|
+
function findingId(finding) {
|
|
14
|
+
const generatorId = lodash_1.default.get(finding, 'GeneratorId');
|
|
15
|
+
const hyphenIndex = generatorId.indexOf('-');
|
|
16
|
+
return (0, html_entities_1.encode)(generatorId.slice(hyphenIndex + 1));
|
|
17
|
+
}
|
|
18
|
+
function productName(findings) {
|
|
19
|
+
const finding = Array.isArray(findings) ? findings[0] : findings;
|
|
20
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(finding, 'ProductFields.ProviderName'));
|
|
21
|
+
}
|
|
22
|
+
function filename(findingInfo) {
|
|
23
|
+
return `${productName(findingInfo[1])}.json`;
|
|
24
|
+
}
|
|
25
|
+
function meta() {
|
|
26
|
+
return { name: 'Prowler', title: 'Prowler Findings' };
|
|
27
|
+
}
|
|
28
|
+
function getProwler() {
|
|
29
|
+
return {
|
|
30
|
+
subfindingsCodeDesc,
|
|
31
|
+
findingId,
|
|
32
|
+
productName,
|
|
33
|
+
desc,
|
|
34
|
+
filename,
|
|
35
|
+
meta
|
|
36
|
+
};
|
|
37
|
+
}
|
|
38
|
+
exports.getProwler = getProwler;
|
|
39
|
+
//# sourceMappingURL=case-prowler.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"case-prowler.js","sourceRoot":"","sources":["../../../src/asff-mapper/case-prowler.ts"],"names":[],"mappings":";;;;;;AAAA,iDAAqC;AACrC,oDAAuB;AAEvB,MAAM,IAAI,GAAG,GAAG,EAAE,CAAC,GAAG,CAAC;AAEvB,SAAS,mBAAmB,CAAC,OAAgB;IAC3C,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,SAAS,CAAC,OAAgB;IACjC,MAAM,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAClD,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC7C,OAAO,IAAA,sBAAM,EAAC,WAAW,CAAC,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,WAAW,CAClB,QAA6D;IAE7D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IACjE,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,4BAA4B,CAAW,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,QAAQ,CACf,WAAiE;IAEjE,OAAO,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;AAC/C,CAAC;AAED,SAAS,IAAI;IACX,OAAO,EAAC,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,kBAAkB,EAAC,CAAC;AACtD,CAAC;AAGD,SAAgB,UAAU;IACxB,OAAO;QACL,mBAAmB;QACnB,SAAS;QACT,WAAW;QACX,IAAI;QACJ,QAAQ;QACR,IAAI;KACL,CAAC;AACJ,CAAC;AATD,gCASC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function getSecurityHub(): Record<string, (...inputs: any) => any>;
|
|
@@ -0,0 +1,136 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getSecurityHub = void 0;
|
|
7
|
+
const html_entities_1 = require("html-entities");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const AwsConfigMapping_1 = require("../mappings/AwsConfigMapping");
|
|
10
|
+
const FINDING_STANDARDS_CONTROL_ARN = 'ProductFields.StandardsControlArn';
|
|
11
|
+
function correspondingControl(controls, finding) {
|
|
12
|
+
return controls.find((control) => lodash_1.default.get(control, 'StandardsControlArn') ===
|
|
13
|
+
lodash_1.default.get(finding, FINDING_STANDARDS_CONTROL_ARN));
|
|
14
|
+
}
|
|
15
|
+
function securityhubSupportingDocs(standards) {
|
|
16
|
+
let controls;
|
|
17
|
+
try {
|
|
18
|
+
if (Array.isArray(standards)) {
|
|
19
|
+
controls = standards
|
|
20
|
+
.map((standard) => lodash_1.default.get(JSON.parse(standard), 'Controls'))
|
|
21
|
+
.flat();
|
|
22
|
+
}
|
|
23
|
+
else {
|
|
24
|
+
controls = null;
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
catch (error) {
|
|
28
|
+
throw new Error(`Invalid supporting docs for Security Hub:\nException: ${error}`);
|
|
29
|
+
}
|
|
30
|
+
const AWS_CONFIG_MAPPING = new AwsConfigMapping_1.AwsConfigMapping();
|
|
31
|
+
return {
|
|
32
|
+
controls,
|
|
33
|
+
awsConfigMapping: AWS_CONFIG_MAPPING
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
function findingId(finding, { controls = null }) {
|
|
37
|
+
let control;
|
|
38
|
+
if (controls !== null &&
|
|
39
|
+
(control = correspondingControl(controls, finding)) !== null) {
|
|
40
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(control, 'ControlId'));
|
|
41
|
+
}
|
|
42
|
+
else if (lodash_1.default.has(finding, 'ProductFields.ControlId')) {
|
|
43
|
+
return lodash_1.default.get(finding, 'ProductFields.ControlId');
|
|
44
|
+
}
|
|
45
|
+
else if (lodash_1.default.has(finding, 'ProductFields.RuleId')) {
|
|
46
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(finding, 'ProductFields.RuleId'));
|
|
47
|
+
}
|
|
48
|
+
else {
|
|
49
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(finding, 'GeneratorId').split('/').slice(-1)[0]);
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
function findingImpact(finding, { controls = null }) {
|
|
53
|
+
let impact;
|
|
54
|
+
let control;
|
|
55
|
+
if (controls !== null &&
|
|
56
|
+
(control = correspondingControl(controls, finding)) !== null) {
|
|
57
|
+
impact = lodash_1.default.get(control, 'SeverityRating');
|
|
58
|
+
}
|
|
59
|
+
else {
|
|
60
|
+
impact =
|
|
61
|
+
lodash_1.default.get(finding, 'Severity.Label') ||
|
|
62
|
+
lodash_1.default.get(finding, 'Severity.Normalized') / 100.0;
|
|
63
|
+
if (typeof impact === 'string' && impact === 'INFORMATIONAL') {
|
|
64
|
+
impact = 'MEDIUM';
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
return impact;
|
|
68
|
+
}
|
|
69
|
+
function findingNistTag(finding, { awsConfigMapping }) {
|
|
70
|
+
if (lodash_1.default.get(finding, 'ProductFields.RelatedAWSResources:0/type') !==
|
|
71
|
+
'AWS::Config::ConfigRule') {
|
|
72
|
+
return [];
|
|
73
|
+
}
|
|
74
|
+
return awsConfigMapping.searchNIST([
|
|
75
|
+
lodash_1.default.get(finding, 'ProductFields.RelatedAWSResources:0/name')
|
|
76
|
+
]);
|
|
77
|
+
}
|
|
78
|
+
function findingTitle(finding, { controls = null }) {
|
|
79
|
+
let control;
|
|
80
|
+
if (controls !== null &&
|
|
81
|
+
(control = correspondingControl(controls, finding)) !== null) {
|
|
82
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(control, 'Title'));
|
|
83
|
+
}
|
|
84
|
+
else {
|
|
85
|
+
return (0, html_entities_1.encode)(lodash_1.default.get(finding, 'Title'));
|
|
86
|
+
}
|
|
87
|
+
}
|
|
88
|
+
function productName(findings) {
|
|
89
|
+
const finding = Array.isArray(findings) ? findings[0] : findings;
|
|
90
|
+
let standardName;
|
|
91
|
+
if (lodash_1.default.get(finding, 'Types[0]')
|
|
92
|
+
.split('/')
|
|
93
|
+
.slice(-1)[0]
|
|
94
|
+
.replace(/-/gi, ' ')
|
|
95
|
+
.toLowerCase() ===
|
|
96
|
+
lodash_1.default.get(finding, FINDING_STANDARDS_CONTROL_ARN)
|
|
97
|
+
.split('/')
|
|
98
|
+
.slice(-4)[0]
|
|
99
|
+
.replace(/-/gi, ' ')
|
|
100
|
+
.toLowerCase()) {
|
|
101
|
+
standardName = lodash_1.default.get(finding, 'Types[0]')
|
|
102
|
+
.split('/')
|
|
103
|
+
.slice(-1)[0]
|
|
104
|
+
.replace(/-/gi, ' ');
|
|
105
|
+
}
|
|
106
|
+
else {
|
|
107
|
+
standardName = lodash_1.default.get(finding, FINDING_STANDARDS_CONTROL_ARN)
|
|
108
|
+
.split('/')
|
|
109
|
+
.slice(-4)[0]
|
|
110
|
+
.replace(/-/gi, ' ')
|
|
111
|
+
.split(/\s+/)
|
|
112
|
+
.map((element) => {
|
|
113
|
+
return element.charAt(0).toUpperCase() + element.slice(1);
|
|
114
|
+
})
|
|
115
|
+
.join(' ');
|
|
116
|
+
}
|
|
117
|
+
return (0, html_entities_1.encode)(`${standardName} v${lodash_1.default.get(finding, FINDING_STANDARDS_CONTROL_ARN)
|
|
118
|
+
.split('/')
|
|
119
|
+
.slice(-2)[0]}`);
|
|
120
|
+
}
|
|
121
|
+
function filename(findingInfo) {
|
|
122
|
+
return `${productName(findingInfo[0])}.json`;
|
|
123
|
+
}
|
|
124
|
+
function getSecurityHub() {
|
|
125
|
+
return {
|
|
126
|
+
securityhubSupportingDocs,
|
|
127
|
+
findingId,
|
|
128
|
+
findingImpact,
|
|
129
|
+
findingNistTag,
|
|
130
|
+
findingTitle,
|
|
131
|
+
productName,
|
|
132
|
+
filename
|
|
133
|
+
};
|
|
134
|
+
}
|
|
135
|
+
exports.getSecurityHub = getSecurityHub;
|
|
136
|
+
//# sourceMappingURL=case-security-hub.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"case-security-hub.js","sourceRoot":"","sources":["../../../src/asff-mapper/case-security-hub.ts"],"names":[],"mappings":";;;;;;AAAA,iDAAqC;AACrC,oDAAuB;AACvB,mEAA8D;AAC9D,MAAM,6BAA6B,GAAG,mCAAmC,CAAC;AAE1E,SAAS,oBAAoB,CAAC,QAAmB,EAAE,OAAgB;IACjE,OAAO,QAAQ,CAAC,IAAI,CAClB,CAAC,OAAO,EAAE,EAAE,CACV,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,CAAC;QACrC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,6BAA6B,CAAC,CAChD,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB,CAAC,SAA+B;IAChE,IAAI,QAA0B,CAAC;IAC/B,IAAI;QACF,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;YAC5B,QAAQ,GAAG,SAAS;iBACjB,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,gBAAC,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,UAAU,CAAC,CAAC;iBAC1D,IAAI,EAAE,CAAC;SACX;aAAM;YACL,QAAQ,GAAG,IAAI,CAAC;SACjB;KACF;IAAC,OAAO,KAAK,EAAE;QACd,MAAM,IAAI,KAAK,CACb,yDAAyD,KAAK,EAAE,CACjE,CAAC;KACH;IACD,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;IAClD,OAAO;QACL,QAAQ;QACR,gBAAgB,EAAE,kBAAkB;KACrC,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAChB,OAAgB,EAChB,EAAC,QAAQ,GAAG,IAAI,EAA+B;IAE/C,IAAI,OAAO,CAAC;IACZ,IACE,QAAQ,KAAK,IAAI;QACjB,CAAC,OAAO,GAAG,oBAAoB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,KAAK,IAAI,EAC5D;QACA,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;KAC5C;SAAM,IAAI,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,yBAAyB,CAAC,EAAE;QAEpD,OAAO,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,yBAAyB,CAAC,CAAC;KAClD;SAAM,IAAI,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,sBAAsB,CAAC,EAAE;QAEjD,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,sBAAsB,CAAC,CAAC,CAAC;KACvD;SAAM;QACL,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;KACtE;AACH,CAAC;AAED,SAAS,aAAa,CACpB,OAAgB,EAChB,EAAC,QAAQ,GAAG,IAAI,EAA+B;IAE/C,IAAI,MAAuB,CAAC;IAC5B,IAAI,OAAO,CAAC;IACZ,IACE,QAAQ,KAAK,IAAI;QACjB,CAAC,OAAO,GAAG,oBAAoB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,KAAK,IAAI,EAC5D;QACA,MAAM,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC;KAC3C;SAAM;QAEL,MAAM;YACJ,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,gBAAgB,CAAC;gBAChC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,qBAAqB,CAAC,GAAG,KAAK,CAAC;QAEhD,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,eAAe,EAAE;YAC5D,MAAM,GAAG,QAAQ,CAAC;SACnB;KACF;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,cAAc,CACrB,OAAgB,EAChB,EAAC,gBAAgB,EAAuC;IAExD,IACE,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,0CAA0C,CAAC;QAC1D,yBAAyB,EACzB;QACA,OAAO,EAAE,CAAC;KACX;IACD,OAAO,gBAAgB,CAAC,UAAU,CAAC;QACjC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,0CAA0C,CAAC;KAC3D,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY,CACnB,OAAgB,EAChB,EAAC,QAAQ,GAAG,IAAI,EAA+B;IAE/C,IAAI,OAAO,CAAC;IACZ,IACE,QAAQ,KAAK,IAAI;QACjB,CAAC,OAAO,GAAG,oBAAoB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,KAAK,IAAI,EAC5D;QACA,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;KACxC;SAAM;QACL,OAAO,IAAA,sBAAM,EAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;KACxC;AACH,CAAC;AAED,SAAS,WAAW,CAClB,QAA6D;IAE7D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IAGjE,IAAI,YAAoB,CAAC;IACzB,IACG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAY;SACnC,KAAK,CAAC,GAAG,CAAC;SACV,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;SACZ,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACnB,WAAW,EAAE;QACf,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,6BAA6B,CAAY;aACtD,KAAK,CAAC,GAAG,CAAC;aACV,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACZ,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,WAAW,EAAE,EAChB;QACA,YAAY,GAAI,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAY;aAClD,KAAK,CAAC,GAAG,CAAC;aACV,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACZ,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;KACxB;SAAM;QACL,YAAY,GAAI,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,6BAA6B,CAAY;aACrE,KAAK,CAAC,GAAG,CAAC;aACV,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aACZ,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,KAAK,CAAC,KAAK,CAAC;aACZ,GAAG,CAAC,CAAC,OAAe,EAAE,EAAE;YACvB,OAAO,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5D,CAAC,CAAC;aACD,IAAI,CAAC,GAAG,CAAC,CAAC;KACd;IACD,OAAO,IAAA,sBAAM,EACX,GAAG,YAAY,KACZ,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,6BAA6B,CAAY;SACtD,KAAK,CAAC,GAAG,CAAC;SACV,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAChB,EAAE,CACH,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CACf,WAAiE;IAEjE,OAAO,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;AAC/C,CAAC;AAED,SAAgB,cAAc;IAC5B,OAAO;QACL,yBAAyB;QACzB,SAAS;QACT,aAAa;QACb,cAAc;QACd,YAAY;QACZ,WAAW;QACX,QAAQ;KACT,CAAC;AACJ,CAAC;AAVD,wCAUC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare function getTrivy(): Record<string, (...inputs: any) => any>;
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.getTrivy = void 0;
|
|
7
|
+
const html_entities_1 = require("html-entities");
|
|
8
|
+
const inspecjs_1 = require("inspecjs");
|
|
9
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
10
|
+
function findingId(finding) {
|
|
11
|
+
const generatorId = lodash_1.default.get(finding, 'GeneratorId');
|
|
12
|
+
const cveId = lodash_1.default.get(finding, 'Resources[0].Details.Other.CVE ID');
|
|
13
|
+
if (typeof cveId === 'string') {
|
|
14
|
+
return (0, html_entities_1.encode)(`${generatorId}/${cveId}`);
|
|
15
|
+
}
|
|
16
|
+
else {
|
|
17
|
+
const id = lodash_1.default.get(finding, 'Id');
|
|
18
|
+
return (0, html_entities_1.encode)(`${generatorId}/${id}`);
|
|
19
|
+
}
|
|
20
|
+
}
|
|
21
|
+
function findingNistTag(finding) {
|
|
22
|
+
const cveId = lodash_1.default.get(finding, 'Resources[0].Details.Other.CVE ID');
|
|
23
|
+
if (typeof cveId === 'string') {
|
|
24
|
+
return ['SI-2', 'RA-5'];
|
|
25
|
+
}
|
|
26
|
+
else {
|
|
27
|
+
return [];
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
function subfindingsStatus() {
|
|
31
|
+
return inspecjs_1.ExecJSON.ControlResultStatus.Failed;
|
|
32
|
+
}
|
|
33
|
+
function subfindingsMessage(finding) {
|
|
34
|
+
const cveId = lodash_1.default.get(finding, 'Resources[0].Details.Other.CVE ID');
|
|
35
|
+
if (typeof cveId === 'string') {
|
|
36
|
+
const patchedPackage = lodash_1.default.get(finding, 'Resources[0].Details.Other.Patched Package');
|
|
37
|
+
const patchedVersionMessage = patchedPackage.length === 0
|
|
38
|
+
? 'There is no patched version of the package.'
|
|
39
|
+
: `The package has been patched since version(s): ${patchedPackage}.`;
|
|
40
|
+
return `For package ${lodash_1.default.get(finding, 'Resources[0].Details.Other.PkgName')}, the current version that is installed is ${lodash_1.default.get(finding, 'Resources[0].Details.Other.Installed Package')}. ${patchedVersionMessage}`;
|
|
41
|
+
}
|
|
42
|
+
else {
|
|
43
|
+
return undefined;
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
function productName() {
|
|
47
|
+
return 'Aqua Security - Trivy';
|
|
48
|
+
}
|
|
49
|
+
function doesNotHaveFindingTitlePrefix() {
|
|
50
|
+
return true;
|
|
51
|
+
}
|
|
52
|
+
function filename() {
|
|
53
|
+
return `${productName()}.json`;
|
|
54
|
+
}
|
|
55
|
+
function meta() {
|
|
56
|
+
return { name: 'Trivy', title: 'Trivy Findings' };
|
|
57
|
+
}
|
|
58
|
+
function getTrivy() {
|
|
59
|
+
return {
|
|
60
|
+
findingId,
|
|
61
|
+
findingNistTag,
|
|
62
|
+
subfindingsStatus,
|
|
63
|
+
subfindingsMessage,
|
|
64
|
+
doesNotHaveFindingTitlePrefix,
|
|
65
|
+
productName,
|
|
66
|
+
filename,
|
|
67
|
+
meta
|
|
68
|
+
};
|
|
69
|
+
}
|
|
70
|
+
exports.getTrivy = getTrivy;
|
|
71
|
+
//# sourceMappingURL=case-trivy.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"case-trivy.js","sourceRoot":"","sources":["../../../src/asff-mapper/case-trivy.ts"],"names":[],"mappings":";;;;;;AAAA,iDAAqC;AACrC,uCAAkC;AAClC,oDAAuB;AAEvB,SAAS,SAAS,CAAC,OAAgB;IACjC,MAAM,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAClD,MAAM,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,mCAAmC,CAAC,CAAC;IAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,OAAO,IAAA,sBAAM,EAAC,GAAG,WAAW,IAAI,KAAK,EAAE,CAAC,CAAC;KAC1C;SAAM;QACL,MAAM,EAAE,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAChC,OAAO,IAAA,sBAAM,EAAC,GAAG,WAAW,IAAI,EAAE,EAAE,CAAC,CAAC;KACvC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,OAAgB;IACtC,MAAM,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,mCAAmC,CAAC,CAAC;IAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACzB;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED,SAAS,iBAAiB;IACxB,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;AAC7C,CAAC;AAED,SAAS,kBAAkB,CAAC,OAAgB;IAC1C,MAAM,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,mCAAmC,CAAC,CAAC;IAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,MAAM,cAAc,GAAG,gBAAC,CAAC,GAAG,CAC1B,OAAO,EACP,4CAA4C,CAC7C,CAAC;QACF,MAAM,qBAAqB,GACzB,cAAc,CAAC,MAAM,KAAK,CAAC;YACzB,CAAC,CAAC,6CAA6C;YAC/C,CAAC,CAAC,kDAAkD,cAAc,GAAG,CAAC;QAC1E,OAAO,eAAe,gBAAC,CAAC,GAAG,CACzB,OAAO,EACP,oCAAoC,CACrC,8CAA8C,gBAAC,CAAC,GAAG,CAClD,OAAO,EACP,8CAA8C,CAC/C,MAAM,qBAAqB,EAAE,CAAC;KAChC;SAAM;QACL,OAAO,SAAS,CAAC;KAClB;AACH,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,uBAAuB,CAAC;AACjC,CAAC;AAED,SAAS,6BAA6B;IACpC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,QAAQ;IACf,OAAO,GAAG,WAAW,EAAE,OAAO,CAAC;AACjC,CAAC;AAED,SAAS,IAAI;IACX,OAAO,EAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAC,CAAC;AAClD,CAAC;AAED,SAAgB,QAAQ;IACtB,OAAO;QACL,SAAS;QACT,cAAc;QACd,iBAAiB;QACjB,kBAAkB;QAClB,6BAA6B;QAC7B,WAAW;QACX,QAAQ;QACR,IAAI;KACL,CAAC;AACJ,CAAC;AAXD,4BAWC"}
|
|
@@ -143,9 +143,7 @@ class BaseConverter {
|
|
|
143
143
|
return result;
|
|
144
144
|
}
|
|
145
145
|
evaluate(file, v) {
|
|
146
|
-
const hasTransformer = lodash_1.default.
|
|
147
|
-
lodash_1.default.has(v, 'transformer') &&
|
|
148
|
-
lodash_1.default.isFunction(lodash_1.default.get(v, 'transformer'));
|
|
146
|
+
const hasTransformer = lodash_1.default.has(v, 'transformer') && lodash_1.default.isFunction(lodash_1.default.get(v, 'transformer'));
|
|
149
147
|
let transformer = (val) => val;
|
|
150
148
|
if (hasTransformer) {
|
|
151
149
|
transformer = lodash_1.default.get(v, 'transformer');
|
|
@@ -174,11 +172,12 @@ class BaseConverter {
|
|
|
174
172
|
...transformer(hasPath ? pathV : file)
|
|
175
173
|
};
|
|
176
174
|
}
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
175
|
+
if (hasTransformer) {
|
|
176
|
+
return transformer(hasPath ? pathV : file);
|
|
177
|
+
}
|
|
178
|
+
return hasPath
|
|
179
|
+
? pathV
|
|
180
|
+
: this.convertInternal(file, v);
|
|
182
181
|
}
|
|
183
182
|
handleArray(file, v) {
|
|
184
183
|
var _a, _b, _c;
|
|
@@ -263,13 +262,10 @@ class BaseConverter {
|
|
|
263
262
|
return uniqueResults;
|
|
264
263
|
}
|
|
265
264
|
handlePath(file, path) {
|
|
266
|
-
let pathArray;
|
|
265
|
+
let pathArray = path;
|
|
267
266
|
if (typeof path === 'string') {
|
|
268
267
|
pathArray = [path];
|
|
269
268
|
}
|
|
270
|
-
else {
|
|
271
|
-
pathArray = path;
|
|
272
|
-
}
|
|
273
269
|
const index = lodash_1.default.findIndex(pathArray, (p) => this.hasPath(file, p));
|
|
274
270
|
if (index === -1) {
|
|
275
271
|
return '';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-converter.js","sourceRoot":"","sources":["../../src/base-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAAkC;AAClC,sEAAqC;AACrC,wDAA0C;AAE1C,oDAAuB;AACvB,0DAA6B;AA+B7B,SAAgB,YAAY,CAAC,IAAY,EAAE,SAAS,GAAG,QAAQ;IAC7D,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAHD,oCAGC;AAED,SAAgB,SAAS,CAAC,KAAc;IACtC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC;QACrC,MAAM,CAAC,IAAY;YACjB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;KACF,CAAC,CAAC;IACH,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACtB,QAAQ,CAAC,GAAG,EAAE,CAAC;KAChB;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC;AAZD,8BAYC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,OAAO,GAAG;QACd,mBAAmB,EAAE,EAAE;QACvB,YAAY,EAAE,MAAM;QACpB,gBAAgB,EAAE,KAAK;KACxB,CAAC;IACF,OAAO,yBAAM,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;AACpC,CAAC;AAPD,4BAOC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,MAAM,GAAG,mBAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAC,MAAM,EAAE,IAAI,EAAC,CAAC,CAAC;IAEtD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,CAAC;KACrB;IAED,OAAO,MAAM,CAAC,IAAI,CAAC;AACrB,CAAC;AARD,4BAQC;AAED,SAAgB,aAAa,CAC3B,OAA4B;IAE5B,OAAO,CAAC,QAAiB,EAAU,EAAE;QACnC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;YAChE,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;SAC5D;aAAM;YACL,OAAO,CAAC,CAAC;SACV;IACH,CAAC,CAAC;AACJ,CAAC;AAVD,sCAUC;AAGD,SAAS,kBAAkB,CACzB,KAAe,EACf,GAAW,EACX,eAAwB;IAExB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,MAAM,QAAQ,GAAQ,EAAE,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,CAAC,OAAO,CAAC,CAAC,IAAO,EAAE,EAAE;QACxB,MAAM,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACvC,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE;gBAC5B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;gBACjC,OAAO,EAAE,CAAC;aACX;iBAAM;gBACL,MAAM,SAAS,GAAG,gBAAC,CAAC,GAAG,CACrB,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,CACkB,CAAC;gBAC9B,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC7C,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAC5B,CAAC;gBACF,IAAI,eAAe,EAAE;oBACnB,IACE,YAAY,CAAC,OAAO,CAClB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,sBAAsB,CAAW,CAC9C,KAAK,CAAC,CAAC,EACR;wBACA,gBAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CACd,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CACnD,CACF,CAAC;qBACH;iBACF;qBAAM;oBACL,gBAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CAAC,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CAAC,CACrE,CAAC;iBACH;aACF;SACF;IACH,CAAC,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC;AAClB,CAAC;AACD,MAAa,aAAa;IAKxB,YAAY,IAA6B,EAAE,eAAe,GAAG,KAAK;QAChE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IACzC,CAAC;IACD,WAAW,CACT,QAA0D;QAE1D,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IACD,KAAK;QACH,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;SAC9C;aAAM;YACL,MAAM,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC7B,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC;SACV;IACH,CAAC;IAED,SAAS,CACP,GAAM,EACN,EAAiC;QAEjC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAC1B,CAAC;IAC1B,CAAC;IACD,eAAe,CACb,IAA6B,EAC7B,MAAS;QAET,MAAM,iBAAiB,GACrB,gBAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YAClB,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC;YAC7B,gBAAC,CAAC,SAAS,CAAC,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YAC1C,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAChC,IAAI,iBAAiB,EAAE;YACrB,OAAO,gBAAC,CAAC,IAAI,CAAC,MAAgB,EAAE,cAAc,CAG7C,CAAC;SACH;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAsB,EAAE,EAAE,CAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CACvB,CAAC;QACF,OAAO,MAAsC,CAAC;IAChD,CAAC;IAED,QAAQ,CACN,IAA6B,EAC7B,CAAe;QAEf,MAAM,cAAc,GAClB,gBAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"base-converter.js","sourceRoot":"","sources":["../../src/base-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAAkC;AAClC,sEAAqC;AACrC,wDAA0C;AAE1C,oDAAuB;AACvB,0DAA6B;AA+B7B,SAAgB,YAAY,CAAC,IAAY,EAAE,SAAS,GAAG,QAAQ;IAC7D,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAHD,oCAGC;AAED,SAAgB,SAAS,CAAC,KAAc;IACtC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC;QACrC,MAAM,CAAC,IAAY;YACjB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;KACF,CAAC,CAAC;IACH,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACtB,QAAQ,CAAC,GAAG,EAAE,CAAC;KAChB;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC;AAZD,8BAYC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,OAAO,GAAG;QACd,mBAAmB,EAAE,EAAE;QACvB,YAAY,EAAE,MAAM;QACpB,gBAAgB,EAAE,KAAK;KACxB,CAAC;IACF,OAAO,yBAAM,CAAC,KAAK,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;AACpC,CAAC;AAPD,4BAOC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,MAAM,GAAG,mBAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAC,MAAM,EAAE,IAAI,EAAC,CAAC,CAAC;IAEtD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,CAAC;KACrB;IAED,OAAO,MAAM,CAAC,IAAI,CAAC;AACrB,CAAC;AARD,4BAQC;AAED,SAAgB,aAAa,CAC3B,OAA4B;IAE5B,OAAO,CAAC,QAAiB,EAAU,EAAE;QACnC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;YAChE,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;SAC5D;aAAM;YACL,OAAO,CAAC,CAAC;SACV;IACH,CAAC,CAAC;AACJ,CAAC;AAVD,sCAUC;AAGD,SAAS,kBAAkB,CACzB,KAAe,EACf,GAAW,EACX,eAAwB;IAExB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,MAAM,QAAQ,GAAQ,EAAE,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,CAAC,OAAO,CAAC,CAAC,IAAO,EAAE,EAAE;QACxB,MAAM,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACvC,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE;gBAC5B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;gBACjC,OAAO,EAAE,CAAC;aACX;iBAAM;gBACL,MAAM,SAAS,GAAG,gBAAC,CAAC,GAAG,CACrB,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,CACkB,CAAC;gBAC9B,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC7C,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAC5B,CAAC;gBACF,IAAI,eAAe,EAAE;oBACnB,IACE,YAAY,CAAC,OAAO,CAClB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,sBAAsB,CAAW,CAC9C,KAAK,CAAC,CAAC,EACR;wBACA,gBAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CACd,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CACnD,CACF,CAAC;qBACH;iBACF;qBAAM;oBACL,gBAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CAAC,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CAAC,CACrE,CAAC;iBACH;aACF;SACF;IACH,CAAC,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC;AAClB,CAAC;AACD,MAAa,aAAa;IAKxB,YAAY,IAA6B,EAAE,eAAe,GAAG,KAAK;QAChE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IACzC,CAAC;IACD,WAAW,CACT,QAA0D;QAE1D,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IACD,KAAK;QACH,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;SAC9C;aAAM;YACL,MAAM,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC7B,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC;SACV;IACH,CAAC;IAED,SAAS,CACP,GAAM,EACN,EAAiC;QAEjC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAC1B,CAAC;IAC1B,CAAC;IACD,eAAe,CACb,IAA6B,EAC7B,MAAS;QAET,MAAM,iBAAiB,GACrB,gBAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YAClB,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC;YAC7B,gBAAC,CAAC,SAAS,CAAC,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YAC1C,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAChC,IAAI,iBAAiB,EAAE;YACrB,OAAO,gBAAC,CAAC,IAAI,CAAC,MAAgB,EAAE,cAAc,CAG7C,CAAC;SACH;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,CAAC,CAAsB,EAAE,EAAE,CAC/D,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CACvB,CAAC;QACF,OAAO,MAAsC,CAAC;IAChD,CAAC;IAED,QAAQ,CACN,IAA6B,EAC7B,CAAe;QAEf,MAAM,cAAc,GAClB,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,IAAI,gBAAC,CAAC,UAAU,CAAC,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,GAAY,EAAE,EAAE,CAAC,GAAG,CAAC;QACxC,IAAI,cAAc,EAAE;YAClB,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;YACtC,CAAC,GAAG,gBAAC,CAAC,IAAI,CAAC,CAAW,EAAE,aAAa,CAAM,CAAC;SAC7C;QAED,MAAM,OAAO,GAAG,gBAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QAClD,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,OAAO,EAAE;YACX,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,gBAAC,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAsB,CAE5D,CAAC;YACR,CAAC,GAAG,gBAAC,CAAC,IAAI,CAAC,CAAW,EAAE,MAAM,CAAM,CAAC;SACtC;QAED,IACE,gBAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACjB,gBAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACjB,gBAAC,CAAC,SAAS,CAAC,KAAK,CAAC;YAClB,gBAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EACf;YACA,OAAO,WAAW,CAAC,KAAK,CAAM,CAAC;SAChC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;YACxB,OAAO,cAAc;gBACnB,CAAC,CAAE,WAAW,CAAC,KAAK,CAAS;gBAC7B,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;SACnC;QAED,IAAI,gBAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,cAAc,EAAE;YAC1C,OAAO;gBACL,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC;gBAChC,GAAI,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAY;aACnB,CAAC;SACnC;QAED,IAAI,cAAc,EAAE;YAClB,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAGT,CAAC;SAClC;QAED,OAAO,OAAO;YACZ,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAGI,CAAC;IACxC,CAAC;IAED,WAAW,CACT,IAA6B,EAC7B,CAAyB;;QAEzB,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClB,OAAO,EAAE,CAAC;SACX;QACD,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,KAAK,MAAM,UAAU,IAAI,CAAC,EAAE;YAC1B,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE;gBACjC,MAAM,gBAAgB,GAAG,MAAA,UAAU,CAAC,gBAAgB,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;oBACpB,OAAO,gBAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;wBACxB,CAAC,CAAE,gBAAC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAqB;wBAC5D,CAAC,CAAC,OAAO,CAAC;gBACd,CAAC,CAAC,CAAC;gBACH,IAAI,MAAM,GAAa,EAAE,CAAC;gBAC1B,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;oBACpB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAM,CAAC,CAAC;gBACjD,CAAC,CAAC,CAAC;gBACH,IAAI,gBAAgB,KAAK,SAAS,EAAE;oBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE;wBACnC,MAAM,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE;4BACtD,CAAC;4BACD,IAAI,CAAC,IAAI;yBACV,CAAC,CAAC;qBACJ;yBAAM;wBACL,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAQ,CAAC;qBACnE;iBACF;gBACD,aAAa,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;aAC/B;iBAAM;gBACL,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC;gBAC7B,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC;gBAC3B,MAAM,gBAAgB,GAAG,MAAA,UAAU,CAAC,gBAAgB,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjE,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,WAAW,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACvD,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE;oBAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;oBAC5C,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC1B,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAE,EAAE;4BACnD,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE;gCACvD,MAAM;gCACN,aAAa;gCACb,kBAAkB;gCAClB,KAAK;6BACN,CAAiB,CAAC;wBACrB,CAAC,CAAC,CAAC;wBACH,IAAI,gBAAgB,KAAK,SAAS,EAAE;4BAClC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE;gCACnC,CAAC,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE;oCACjD,CAAC;oCACD,IAAI,CAAC,IAAI;iCACV,CAAC,CAAC;6BACJ;iCAAM;gCACL,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAQ,CAAC;6BACzD;yBACF;wBACD,IAAI,GAAG,KAAK,SAAS,EAAE;4BACrB,CAAC,GAAG,kBAAkB,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;yBACtD;wBACD,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;qBAC1B;yBAAM;wBACL,IAAI,WAAW,KAAK,SAAS,EAAE;4BAC7B,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAM,CAAC,CAAC;yBACnE;6BAAM;4BACL,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAM,CAAC,CAAC;yBACtD;qBACF;iBACF;aACF;SACF;QAED,MAAM,aAAa,GAAQ,EAAE,CAAC;QAC9B,aAAa,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YAC/B,IACE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,EAAE,CAAC,gBAAC,CAAC,OAAO,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,EACtE;gBACA,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;aAC5B;QACH,CAAC,CAAC,CAAC;QACH,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,UAAU,CAAC,IAA6B,EAAE,IAAuB;QAC/D,IAAI,SAAS,GAAG,IAAI,CAAC;QAErB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;SACpB;QAED,MAAM,KAAK,GAAG,gBAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE;YAEhB,OAAO,EAAE,CAAC;SACX;aAAM,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;YAC5C,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SAC1D;aAAM;YACL,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;SAC5C;IACH,CAAC;IACD,OAAO,CAAC,IAA6B,EAAE,IAAuB;QAC5D,IAAI,SAAS,CAAC;QACd,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;SACpB;aAAM;YACL,SAAS,GAAG,IAAI,CAAC;SAClB;QAED,OAAO,gBAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YAC7B,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;gBACtB,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;aACrC;iBAAM;gBACL,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;aACvB;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAvOD,sCAuOC"}
|
|
@@ -9,6 +9,7 @@ const lodash_1 = __importDefault(require("lodash"));
|
|
|
9
9
|
const package_json_1 = require("../package.json");
|
|
10
10
|
const base_converter_1 = require("./base-converter");
|
|
11
11
|
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
12
|
+
const global_1 = require("./utils/global");
|
|
12
13
|
const IMPACT_MAPPING = new Map([
|
|
13
14
|
['high', 0.7],
|
|
14
15
|
['medium', 0.5],
|
|
@@ -17,7 +18,6 @@ const IMPACT_MAPPING = new Map([
|
|
|
17
18
|
]);
|
|
18
19
|
const NAME = 'BurpSuite Pro Scan';
|
|
19
20
|
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping();
|
|
20
|
-
const DEFAULT_NIST_TAG = ['SA-11', 'RA-5'];
|
|
21
21
|
function formatCodeDesc(issue) {
|
|
22
22
|
const text = [];
|
|
23
23
|
if (lodash_1.default.has(issue, 'host.ip') && lodash_1.default.has(issue, 'host.text')) {
|
|
@@ -58,7 +58,7 @@ function nistTag(input) {
|
|
|
58
58
|
let cwe = formatCweId(input).split('CWE-');
|
|
59
59
|
cwe.shift();
|
|
60
60
|
cwe = cwe.map((x) => x.split(':')[0]);
|
|
61
|
-
return CWE_NIST_MAPPING.nistFilter(cwe,
|
|
61
|
+
return CWE_NIST_MAPPING.nistFilter(cwe, global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS);
|
|
62
62
|
}
|
|
63
63
|
class BurpSuiteMapper extends base_converter_1.BaseConverter {
|
|
64
64
|
constructor(burpsXml) {
|