@mitre/hdf-converters 2.6.23 → 2.6.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/index.d.ts +1 -0
- package/lib/index.js +1 -0
- package/lib/index.js.map +1 -1
- package/lib/package.json +4 -4
- package/lib/src/ionchannel-mapper.d.ts +27 -0
- package/lib/src/ionchannel-mapper.js +268 -0
- package/lib/src/ionchannel-mapper.js.map +1 -0
- package/lib/src/snyk-mapper.d.ts +3 -1
- package/lib/src/snyk-mapper.js +23 -17
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/utils/global.d.ts +1 -0
- package/lib/src/utils/global.js +4 -1
- package/lib/src/utils/global.js.map +1 -1
- package/package.json +4 -4
package/lib/index.d.ts
CHANGED
|
@@ -5,6 +5,7 @@ export * from './src/converters-from-hdf/asff/reverse-asff-mapper';
|
|
|
5
5
|
export * from './src/converters-from-hdf/splunk/reverse-splunk-mapper';
|
|
6
6
|
export * from './src/dbprotect-mapper';
|
|
7
7
|
export * from './src/fortify-mapper';
|
|
8
|
+
export * from './src/ionchannel-mapper';
|
|
8
9
|
export * from './src/jfrog-xray-mapper';
|
|
9
10
|
export * as AwsConfigMappingData from './src/mappings/AwsConfigMappingData';
|
|
10
11
|
export * as CciNistMappingData from './src/mappings/CciNistMappingData';
|
package/lib/index.js
CHANGED
|
@@ -35,6 +35,7 @@ __exportStar(require("./src/converters-from-hdf/asff/reverse-asff-mapper"), expo
|
|
|
35
35
|
__exportStar(require("./src/converters-from-hdf/splunk/reverse-splunk-mapper"), exports);
|
|
36
36
|
__exportStar(require("./src/dbprotect-mapper"), exports);
|
|
37
37
|
__exportStar(require("./src/fortify-mapper"), exports);
|
|
38
|
+
__exportStar(require("./src/ionchannel-mapper"), exports);
|
|
38
39
|
__exportStar(require("./src/jfrog-xray-mapper"), exports);
|
|
39
40
|
exports.AwsConfigMappingData = __importStar(require("./src/mappings/AwsConfigMappingData"));
|
|
40
41
|
exports.CciNistMappingData = __importStar(require("./src/mappings/CciNistMappingData"));
|
package/lib/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAA0D;AAAlD,0GAAA,WAAW,OAAA;AACnB,0DAAwC;AACxC,yDAAuC;AACvC,qFAAmE;AACnE,yFAAuE;AACvE,yDAAuC;AACvC,uDAAqC;AACrC,0DAAwC;AACxC,4FAA4E;AAC5E,wFAAwE;AACxE,wFAAwE;AACxE,0GAA0F;AAC1F,4FAA4E;AAC5E,4FAA4E;AAC5E,sGAAsF;AACtF,sDAAoC;AACpC,0DAAwC;AACxC,qDAAmC;AACnC,sDAAoC;AACpC,qDAAmC;AACnC,0DAAwC;AACxC,oDAAkC;AAClC,yDAAuC;AACvC,sDAAoC;AACpC,6DAA2C;AAC3C,mDAAiC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,6DAA0D;AAAlD,0GAAA,WAAW,OAAA;AACnB,0DAAwC;AACxC,yDAAuC;AACvC,qFAAmE;AACnE,yFAAuE;AACvE,yDAAuC;AACvC,uDAAqC;AACrC,0DAAwC;AACxC,0DAAwC;AACxC,4FAA4E;AAC5E,wFAAwE;AACxE,wFAAwE;AACxE,0GAA0F;AAC1F,4FAA4E;AAC5E,4FAA4E;AAC5E,sGAAsF;AACtF,sDAAoC;AACpC,0DAAwC;AACxC,qDAAmC;AACnC,sDAAoC;AACpC,qDAAmC;AACnC,0DAAwC;AACxC,oDAAkC;AAClC,yDAAuC;AACvC,sDAAoC;AACpC,6DAA2C;AAC3C,mDAAiC"}
|
package/lib/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mitre/hdf-converters",
|
|
3
|
-
"version": "2.6.
|
|
3
|
+
"version": "2.6.24",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"description": "Converter util library used to transform various scan results into HDF format",
|
|
6
6
|
"files": [
|
|
@@ -26,12 +26,12 @@
|
|
|
26
26
|
"@types/papaparse": "^5.3.2",
|
|
27
27
|
"@types/xml2js": "^0.4.9",
|
|
28
28
|
"aws-sdk": "^2.1046.0",
|
|
29
|
-
"axios": "^0.
|
|
29
|
+
"axios": "^0.27.2",
|
|
30
30
|
"csv2json": "^2.0.2",
|
|
31
31
|
"fast-xml-parser": "^3.21.1",
|
|
32
32
|
"html-entities": "^2.3.2",
|
|
33
33
|
"htmlparser2": "^7.1.2",
|
|
34
|
-
"inspecjs": "^2.6.
|
|
34
|
+
"inspecjs": "^2.6.24",
|
|
35
35
|
"lodash": "^4.17.21",
|
|
36
36
|
"moment": "^2.29.1",
|
|
37
37
|
"papaparse": "^5.3.1",
|
|
@@ -41,7 +41,7 @@
|
|
|
41
41
|
"devDependencies": {
|
|
42
42
|
"@types/jest": "^27.0.0",
|
|
43
43
|
"@types/lodash": "^4.14.161",
|
|
44
|
-
"@types/node": "^
|
|
44
|
+
"@types/node": "^17.0.25",
|
|
45
45
|
"htmlparser2": "^7.1.2",
|
|
46
46
|
"jest": "^27.0.6",
|
|
47
47
|
"quicktype": "^15.0.260",
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import { AxiosInstance } from 'axios';
|
|
2
|
+
import { ExecJSON } from 'inspecjs';
|
|
3
|
+
import { IonChannelAnalysisResponse } from '../types/ionchannelAnalysis';
|
|
4
|
+
import { Project } from '../types/ionchannelProjects';
|
|
5
|
+
import { Team } from '../types/ionchannelTeams';
|
|
6
|
+
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
7
|
+
export declare class IonChannelAPIMapper {
|
|
8
|
+
apiKey: string;
|
|
9
|
+
projectId?: string;
|
|
10
|
+
teamId?: string;
|
|
11
|
+
analysisId?: string;
|
|
12
|
+
apiClient: AxiosInstance;
|
|
13
|
+
constructor(apiKey: string, projectId?: string, teamId?: string, analysisId?: string);
|
|
14
|
+
toHdf(): Promise<ExecJSON.Execution>;
|
|
15
|
+
setTeam(teamName: string): Promise<void>;
|
|
16
|
+
getTeams(): Promise<Team[]>;
|
|
17
|
+
setProject(projectName: string): Promise<void>;
|
|
18
|
+
getProjects(): Promise<Project[]>;
|
|
19
|
+
getAnalysis(): Promise<IonChannelAnalysisResponse>;
|
|
20
|
+
}
|
|
21
|
+
export declare class IonChannelMapper extends BaseConverter {
|
|
22
|
+
mappings: MappedTransform<ExecJSON.Execution & {
|
|
23
|
+
passthrough: unknown;
|
|
24
|
+
}, ILookupPath>;
|
|
25
|
+
constructor(ionchannelJson: string);
|
|
26
|
+
setMappings(customMappings: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
27
|
+
}
|
|
@@ -0,0 +1,268 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
5
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
+
exports.IonChannelMapper = exports.IonChannelAPIMapper = void 0;
|
|
7
|
+
const axios_1 = __importDefault(require("axios"));
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
9
|
+
const package_json_1 = require("../package.json");
|
|
10
|
+
const base_converter_1 = require("./base-converter");
|
|
11
|
+
const global_1 = require("./utils/global");
|
|
12
|
+
function extractAllDependencies(dependency) {
|
|
13
|
+
const result = [];
|
|
14
|
+
result.push({
|
|
15
|
+
...dependency,
|
|
16
|
+
parentDependencies: []
|
|
17
|
+
});
|
|
18
|
+
if (Array.isArray(dependency.dependencies)) {
|
|
19
|
+
dependency.dependencies.forEach((subDependency) => {
|
|
20
|
+
result.push(...extractAllDependencies(subDependency));
|
|
21
|
+
});
|
|
22
|
+
}
|
|
23
|
+
return result;
|
|
24
|
+
}
|
|
25
|
+
function preprocessIonChannelData(ionchannelData) {
|
|
26
|
+
const result = {
|
|
27
|
+
metadata: {},
|
|
28
|
+
scans: {
|
|
29
|
+
vulnerability: [],
|
|
30
|
+
dependency: {
|
|
31
|
+
dependencies: [],
|
|
32
|
+
contextualizedDependencies: []
|
|
33
|
+
},
|
|
34
|
+
ecosystems: [],
|
|
35
|
+
community: [],
|
|
36
|
+
buildsystems: [],
|
|
37
|
+
virus: [],
|
|
38
|
+
license: [],
|
|
39
|
+
difference: [],
|
|
40
|
+
about_yml: []
|
|
41
|
+
}
|
|
42
|
+
};
|
|
43
|
+
const parsed = JSON.parse(ionchannelData);
|
|
44
|
+
const scanSummaries = lodash_1.default.get(parsed, 'scan_summaries');
|
|
45
|
+
result.metadata = lodash_1.default.omit(parsed, 'scan_summaries');
|
|
46
|
+
if (!Array.isArray(scanSummaries)) {
|
|
47
|
+
throw new Error(`Ion Channel scan_summaries invalid summary data (expecting array, got ${typeof scanSummaries})`);
|
|
48
|
+
}
|
|
49
|
+
scanSummaries.forEach((scanSummary) => {
|
|
50
|
+
switch (scanSummary.name) {
|
|
51
|
+
case 'dependency':
|
|
52
|
+
if (!scanSummary.results.data.dependencies) {
|
|
53
|
+
throw new Error('Dependency scan contains no dependencies array');
|
|
54
|
+
}
|
|
55
|
+
result.scans.dependency.dependencies =
|
|
56
|
+
scanSummary.results.data.dependencies;
|
|
57
|
+
break;
|
|
58
|
+
default:
|
|
59
|
+
break;
|
|
60
|
+
}
|
|
61
|
+
});
|
|
62
|
+
const dependencyGraph = {};
|
|
63
|
+
result.scans.dependency.dependencies.forEach((topLevelDependency) => {
|
|
64
|
+
const flatDependencies = extractAllDependencies(topLevelDependency);
|
|
65
|
+
flatDependencies.forEach((dependency) => {
|
|
66
|
+
dependencyGraph[`${dependency.org}/${dependency.name}`] = dependency;
|
|
67
|
+
});
|
|
68
|
+
});
|
|
69
|
+
Object.entries(dependencyGraph).forEach(([, dependency]) => {
|
|
70
|
+
if (Array.isArray(dependency.dependencies)) {
|
|
71
|
+
dependency.dependencies.forEach((subDependency) => {
|
|
72
|
+
dependencyGraph[`${subDependency.org}/${subDependency.name}`].parentDependencies.push(`${dependency.org}/${dependency.name}`);
|
|
73
|
+
});
|
|
74
|
+
}
|
|
75
|
+
});
|
|
76
|
+
Object.entries(dependencyGraph).forEach(([, dependency]) => {
|
|
77
|
+
result.scans.dependency.contextualizedDependencies.push(dependency);
|
|
78
|
+
});
|
|
79
|
+
return result;
|
|
80
|
+
}
|
|
81
|
+
class IonChannelAPIMapper {
|
|
82
|
+
constructor(apiKey, projectId, teamId, analysisId) {
|
|
83
|
+
this.apiKey = apiKey;
|
|
84
|
+
this.projectId = projectId;
|
|
85
|
+
this.teamId = teamId;
|
|
86
|
+
this.analysisId = analysisId;
|
|
87
|
+
this.apiClient = axios_1.default.create();
|
|
88
|
+
this.apiClient.defaults.headers.common['Authorization'] = `Bearer ${this.apiKey}`;
|
|
89
|
+
this.apiClient.defaults.headers.common['Accept'] =
|
|
90
|
+
'application/json, text/plain, */*';
|
|
91
|
+
}
|
|
92
|
+
async toHdf() {
|
|
93
|
+
const analysis = await this.getAnalysis();
|
|
94
|
+
const mapper = new IonChannelMapper(JSON.stringify(analysis.analysis));
|
|
95
|
+
return mapper.toHdf();
|
|
96
|
+
}
|
|
97
|
+
async setTeam(teamName) {
|
|
98
|
+
const availableTeams = await this.getTeams();
|
|
99
|
+
const foundTeam = availableTeams.find((team) => team.name.toLowerCase() === teamName.toLowerCase());
|
|
100
|
+
if (!foundTeam) {
|
|
101
|
+
throw new Error(`Team ${teamName} not found in available teams: ${availableTeams
|
|
102
|
+
.map((team) => team.name)
|
|
103
|
+
.join(', ')}`);
|
|
104
|
+
}
|
|
105
|
+
this.teamId = foundTeam.id;
|
|
106
|
+
}
|
|
107
|
+
async getTeams() {
|
|
108
|
+
if (!this.apiKey) {
|
|
109
|
+
throw new Error('No API-Key Set');
|
|
110
|
+
}
|
|
111
|
+
return this.apiClient
|
|
112
|
+
.get('https://api.ionchannel.io/v1/teams/getTeams')
|
|
113
|
+
.then(({ data }) => data.data);
|
|
114
|
+
}
|
|
115
|
+
async setProject(projectName) {
|
|
116
|
+
const availableProjects = await this.getProjects();
|
|
117
|
+
const foundProject = availableProjects.find((project) => project.name.toLowerCase() === projectName.toLowerCase());
|
|
118
|
+
if (!foundProject) {
|
|
119
|
+
throw new Error(`Project ${projectName} not found in available projects: ${availableProjects
|
|
120
|
+
.map((project) => project.name)
|
|
121
|
+
.join(', ')}`);
|
|
122
|
+
}
|
|
123
|
+
this.projectId = foundProject.id;
|
|
124
|
+
this.analysisId = foundProject.analysis_summary.analysis_id;
|
|
125
|
+
}
|
|
126
|
+
async getProjects() {
|
|
127
|
+
if (!this.apiKey) {
|
|
128
|
+
throw new Error('No API-Key Defined');
|
|
129
|
+
}
|
|
130
|
+
if (!this.teamId) {
|
|
131
|
+
throw new Error('No Team ID Defined');
|
|
132
|
+
}
|
|
133
|
+
return this.apiClient
|
|
134
|
+
.get('https://api.ionchannel.io/v1/report/getProjects', {
|
|
135
|
+
params: {
|
|
136
|
+
team_id: this.teamId
|
|
137
|
+
}
|
|
138
|
+
})
|
|
139
|
+
.then(({ data }) => data.data);
|
|
140
|
+
}
|
|
141
|
+
async getAnalysis() {
|
|
142
|
+
if (!this.apiKey) {
|
|
143
|
+
throw new Error('No API-Key Defined');
|
|
144
|
+
}
|
|
145
|
+
if (!this.projectId) {
|
|
146
|
+
throw new Error('No Project ID Defined');
|
|
147
|
+
}
|
|
148
|
+
if (!this.teamId) {
|
|
149
|
+
throw new Error('No Team ID Defined');
|
|
150
|
+
}
|
|
151
|
+
if (!this.analysisId) {
|
|
152
|
+
throw new Error('No Analysis ID Defined');
|
|
153
|
+
}
|
|
154
|
+
return this.apiClient
|
|
155
|
+
.get('https://api.ionchannel.io/v1/report/getAnalysis', {
|
|
156
|
+
params: {
|
|
157
|
+
project_id: this.projectId,
|
|
158
|
+
team_id: this.teamId,
|
|
159
|
+
analysis_id: this.analysisId
|
|
160
|
+
}
|
|
161
|
+
})
|
|
162
|
+
.then(({ data }) => data.data);
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
exports.IonChannelAPIMapper = IonChannelAPIMapper;
|
|
166
|
+
class IonChannelMapper extends base_converter_1.BaseConverter {
|
|
167
|
+
constructor(ionchannelJson) {
|
|
168
|
+
super(preprocessIonChannelData(ionchannelJson));
|
|
169
|
+
this.mappings = {
|
|
170
|
+
platform: {
|
|
171
|
+
name: 'Heimdall Tools',
|
|
172
|
+
release: package_json_1.version,
|
|
173
|
+
target_id: { path: 'metadata.project_id' }
|
|
174
|
+
},
|
|
175
|
+
passthrough: {
|
|
176
|
+
ionchannel_metadata: {
|
|
177
|
+
path: 'metadata'
|
|
178
|
+
}
|
|
179
|
+
},
|
|
180
|
+
version: package_json_1.version,
|
|
181
|
+
statistics: {
|
|
182
|
+
duration: null
|
|
183
|
+
},
|
|
184
|
+
profiles: [
|
|
185
|
+
{
|
|
186
|
+
name: 'IonChannel SBOM Analysis',
|
|
187
|
+
version: '',
|
|
188
|
+
title: {
|
|
189
|
+
path: 'metadata.source',
|
|
190
|
+
transformer: (source) => `IonChannel Analysis of ${source}`
|
|
191
|
+
},
|
|
192
|
+
maintainer: 'saf@groups.mitre.org',
|
|
193
|
+
summary: '',
|
|
194
|
+
license: null,
|
|
195
|
+
copyright: null,
|
|
196
|
+
copyright_email: null,
|
|
197
|
+
supports: [],
|
|
198
|
+
attributes: [],
|
|
199
|
+
depends: [],
|
|
200
|
+
groups: [],
|
|
201
|
+
status: 'loaded',
|
|
202
|
+
controls: [
|
|
203
|
+
{
|
|
204
|
+
path: 'scans.dependency.contextualizedDependencies',
|
|
205
|
+
key: 'id',
|
|
206
|
+
tags: {
|
|
207
|
+
transformer: (dependency) => {
|
|
208
|
+
return Array.isArray(dependency.dependencies)
|
|
209
|
+
? {
|
|
210
|
+
...lodash_1.default.omit(dependency, 'dependencies'),
|
|
211
|
+
nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
|
|
212
|
+
dependencies: dependency.dependencies.map((subDependency) => `${subDependency.name}`)
|
|
213
|
+
}
|
|
214
|
+
: {
|
|
215
|
+
...lodash_1.default.omit(dependency, 'dependencies'),
|
|
216
|
+
nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS
|
|
217
|
+
};
|
|
218
|
+
}
|
|
219
|
+
},
|
|
220
|
+
descriptions: [],
|
|
221
|
+
refs: [],
|
|
222
|
+
source_location: {},
|
|
223
|
+
title: {
|
|
224
|
+
transformer: (dependency) => {
|
|
225
|
+
if (dependency.type === 'pypi' &&
|
|
226
|
+
dependency.package === 'egg' &&
|
|
227
|
+
dependency.name === '-e') {
|
|
228
|
+
return `Python requirements file ${dependency.file}`;
|
|
229
|
+
}
|
|
230
|
+
let title = `Dependency ${dependency.name} `;
|
|
231
|
+
if (dependency.org && dependency.org.toLowerCase() !== 'n/a') {
|
|
232
|
+
title += `from ${dependency.org} `;
|
|
233
|
+
}
|
|
234
|
+
if (dependency.version &&
|
|
235
|
+
dependency.version.toLowerCase() !== 'n/a') {
|
|
236
|
+
title += `@ ${dependency.version} `;
|
|
237
|
+
}
|
|
238
|
+
if (dependency.requirement &&
|
|
239
|
+
dependency.requirement.toLowerCase() !== 'n/a') {
|
|
240
|
+
title += `(Required ${dependency.requirement}) `;
|
|
241
|
+
}
|
|
242
|
+
return title.trim();
|
|
243
|
+
}
|
|
244
|
+
},
|
|
245
|
+
id: {
|
|
246
|
+
transformer: (dependency) => {
|
|
247
|
+
return `dependency-${dependency.org}/${dependency.name}`;
|
|
248
|
+
}
|
|
249
|
+
},
|
|
250
|
+
desc: '',
|
|
251
|
+
impact: 0.0,
|
|
252
|
+
code: {
|
|
253
|
+
transformer: (dependency) => JSON.stringify(dependency, null, 2)
|
|
254
|
+
},
|
|
255
|
+
results: []
|
|
256
|
+
}
|
|
257
|
+
],
|
|
258
|
+
sha256: ''
|
|
259
|
+
}
|
|
260
|
+
]
|
|
261
|
+
};
|
|
262
|
+
}
|
|
263
|
+
setMappings(customMappings) {
|
|
264
|
+
super.setMappings(customMappings);
|
|
265
|
+
}
|
|
266
|
+
}
|
|
267
|
+
exports.IonChannelMapper = IonChannelMapper;
|
|
268
|
+
//# sourceMappingURL=ionchannel-mapper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ionchannel-mapper.js","sourceRoot":"","sources":["../../src/ionchannel-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA2C;AAE3C,oDAAuB;AACvB,kDAAgE;AAShE,qDAA6E;AAC7E,2CAAyF;AAGzF,SAAS,sBAAsB,CAC7B,UAAsB;IAEtB,MAAM,MAAM,GAA+B,EAAE,CAAC;IAC9C,MAAM,CAAC,IAAI,CAAC;QACV,GAAG,UAAU;QACb,kBAAkB,EAAE,EAAE;KACvB,CAAC,CAAC;IACH,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE;QAC1C,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;YAChD,MAAM,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,aAAa,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;KACJ;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,wBAAwB,CAAC,cAAsB;IACtD,MAAM,MAAM,GAAG;QACb,QAAQ,EAAE,EAAE;QACZ,KAAK,EAAE;YACL,aAAa,EAAE,EAAE;YACjB,UAAU,EAAE;gBACV,YAAY,EAAE,EAAkB;gBAChC,0BAA0B,EAAE,EAAgC;aAC7D;YACD,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;YACb,YAAY,EAAE,EAAE;YAChB,KAAK,EAAE,EAAE;YACT,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;SACd;KACF,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAC1C,MAAM,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAEtD,MAAM,CAAC,QAAQ,GAAG,gBAAC,CAAC,IAAI,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAEnD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE;QACjC,MAAM,IAAI,KAAK,CACb,yEAAyE,OAAO,aAAa,GAAG,CACjG,CAAC;KACH;IAED,aAAa,CAAC,OAAO,CAAC,CAAC,WAAwB,EAAE,EAAE;QACjD,QAAQ,WAAW,CAAC,IAAI,EAAE;YACxB,KAAK,YAAY;gBACf,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE;oBAC1C,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;iBACnE;gBACD,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY;oBAClC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;gBACxC,MAAM;YAER;gBACE,MAAM;SACT;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAA6C,EAAE,CAAC;IAGrE,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,kBAAkB,EAAE,EAAE;QAClE,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACpE,gBAAgB,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACtC,eAAe,CAAC,GAAG,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU,CAAC;QACvE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAGH,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,EAAE;QACzD,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE;YAC1C,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;gBAChD,eAAe,CACb,GAAG,aAAa,CAAC,GAAG,IAAI,aAAa,CAAC,IAAI,EAAE,CAC7C,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC;YACpE,CAAC,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAa,mBAAmB;IAQ9B,YACE,MAAc,EACd,SAAkB,EAClB,MAAe,EACf,UAAmB;QAEnB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,IAAI,CAAC,SAAS,GAAG,eAAK,CAAC,MAAM,EAAE,CAAC;QAChC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CACpC,eAAe,CAChB,GAAG,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;YAC9C,mCAAmC,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QAC1C,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QACvE,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAgB;QAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CACnC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,WAAW,EAAE,CAC7D,CAAC;QACF,IAAI,CAAC,SAAS,EAAE;YACd,MAAM,IAAI,KAAK,CACb,QAAQ,QAAQ,kCAAkC,cAAc;iBAC7D,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;iBACxB,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;SACH;QACD,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,EAAE,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;SACnC;QACD,OAAO,IAAI,CAAC,SAAS;aAClB,GAAG,CAAC,6CAA6C,CAAC;aAClD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,WAAmB;QAClC,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACnD,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CACzC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,WAAW,CAAC,WAAW,EAAE,CACtE,CAAC;QACF,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,KAAK,CACb,WAAW,WAAW,qCAAqC,iBAAiB;iBACzE,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;iBAC9B,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;SACH;QACD,IAAI,CAAC,SAAS,GAAG,YAAY,CAAC,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU,GAAG,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,OAAO,IAAI,CAAC,SAAS;aAClB,GAAG,CAAC,iDAAiD,EAAE;YACtD,MAAM,EAAE;gBACN,OAAO,EAAE,IAAI,CAAC,MAAM;aACrB;SACF,CAAC;aACD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;YACpB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;SAC3C;QACD,OAAO,IAAI,CAAC,SAAS;aAClB,GAAG,CAAC,iDAAiD,EAAE;YACtD,MAAM,EAAE;gBACN,UAAU,EAAE,IAAI,CAAC,SAAS;gBAC1B,OAAO,EAAE,IAAI,CAAC,MAAM;gBACpB,WAAW,EAAE,IAAI,CAAC,UAAU;aAC7B;SACF,CAAC;aACD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;CACF;AAhHD,kDAgHC;AAED,MAAa,gBAAiB,SAAQ,8BAAa;IA6GjD,YAAY,cAAsB;QAChC,KAAK,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC,CAAC;QA7GlD,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,qBAAqB,EAAC;aACzC;YACD,WAAW,EAAE;gBACX,mBAAmB,EAAE;oBACnB,IAAI,EAAE,UAAU;iBACjB;aACF;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,0BAA0B;oBAChC,OAAO,EAAE,EAAE;oBACX,KAAK,EAAE;wBACL,IAAI,EAAE,iBAAiB;wBACvB,WAAW,EAAE,CAAC,MAAe,EAAE,EAAE,CAAC,0BAA0B,MAAM,EAAE;qBACrE;oBACD,UAAU,EAAE,sBAAsB;oBAClC,OAAO,EAAE,EAAE;oBACX,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,6CAA6C;4BACnD,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,UAAsB,EAAE,EAAE;oCACtC,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC;wCAC3C,CAAC,CAAC;4CACE,GAAG,gBAAC,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC;4CACrC,IAAI,EAAE,kEAAyD;4CAC/D,YAAY,EAAE,UAAU,CAAC,YAAY,CAAC,GAAG,CACvC,CAAC,aAAa,EAAE,EAAE,CAAC,GAAG,aAAa,CAAC,IAAI,EAAE,CAC3C;yCACF;wCACH,CAAC,CAAC;4CACE,GAAG,gBAAC,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC;4CACrC,IAAI,EAAE,kEAAyD;yCAChE,CAAC;gCACR,CAAC;6BACF;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE;gCACL,WAAW,EAAE,CAAC,UAAsB,EAAE,EAAE;oCAEtC,IACE,UAAU,CAAC,IAAI,KAAK,MAAM;wCAC1B,UAAU,CAAC,OAAO,KAAK,KAAK;wCAC5B,UAAU,CAAC,IAAI,KAAK,IAAI,EACxB;wCACA,OAAO,4BAA4B,UAAU,CAAC,IAAI,EAAE,CAAC;qCACtD;oCAED,IAAI,KAAK,GAAG,cAAc,UAAU,CAAC,IAAI,GAAG,CAAC;oCAC7C,IAAI,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,KAAK,EAAE;wCAC5D,KAAK,IAAI,QAAQ,UAAU,CAAC,GAAG,GAAG,CAAC;qCACpC;oCACD,IACE,UAAU,CAAC,OAAO;wCAClB,UAAU,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,KAAK,EAC1C;wCACA,KAAK,IAAI,KAAK,UAAU,CAAC,OAAO,GAAG,CAAC;qCACrC;oCACD,IACE,UAAU,CAAC,WAAW;wCACtB,UAAU,CAAC,WAAW,CAAC,WAAW,EAAE,KAAK,KAAK,EAC9C;wCACA,KAAK,IAAI,aAAa,UAAU,CAAC,WAAW,IAAI,CAAC;qCAClD;oCACD,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;gCACtB,CAAC;6BACF;4BACD,EAAE,EAAE;gCACF,WAAW,EAAE,CAAC,UAAoC,EAAE,EAAE;oCACpD,OAAO,cAAc,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gCAC3D,CAAC;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,MAAM,EAAE,GAAG;4BACX,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,UAAsB,EAAE,EAAE,CACtC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;6BACtC;4BACD,OAAO,EAAE,EAAE;yBACZ;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAIF,CAAC;IACD,WAAW,CACT,cAAgE;QAEhE,KAAK,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACpC,CAAC;CACF;AArHD,4CAqHC"}
|
package/lib/src/snyk-mapper.d.ts
CHANGED
|
@@ -8,7 +8,9 @@ export declare class SnykResults {
|
|
|
8
8
|
setMappings(customMapping: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
9
9
|
}
|
|
10
10
|
export declare class SnykMapper extends BaseConverter {
|
|
11
|
-
mappings: MappedTransform<ExecJSON.Execution
|
|
11
|
+
mappings: MappedTransform<ExecJSON.Execution & {
|
|
12
|
+
passthrough: unknown;
|
|
13
|
+
}, ILookupPath>;
|
|
12
14
|
constructor(snykJson: Record<string, unknown>);
|
|
13
15
|
setMappings(customMappings: MappedTransform<ExecJSON.Execution, ILookupPath>): void;
|
|
14
16
|
}
|
package/lib/src/snyk-mapper.js
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
3
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
|
+
};
|
|
2
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
6
|
exports.SnykMapper = exports.SnykResults = void 0;
|
|
4
7
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
+
const lodash_1 = __importDefault(require("lodash"));
|
|
5
9
|
const package_json_1 = require("../package.json");
|
|
6
10
|
const base_converter_1 = require("./base-converter");
|
|
7
11
|
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
@@ -73,22 +77,13 @@ class SnykMapper extends base_converter_1.BaseConverter {
|
|
|
73
77
|
},
|
|
74
78
|
profiles: [
|
|
75
79
|
{
|
|
76
|
-
name:
|
|
77
|
-
version: {
|
|
78
|
-
path: 'policy',
|
|
79
|
-
transformer: (policy) => {
|
|
80
|
-
if (typeof policy === 'string') {
|
|
81
|
-
return policy.split('version: ')[1].split('\n')[0];
|
|
82
|
-
}
|
|
83
|
-
else {
|
|
84
|
-
return '';
|
|
85
|
-
}
|
|
86
|
-
}
|
|
87
|
-
},
|
|
80
|
+
name: 'Snyk Scan',
|
|
88
81
|
title: {
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
82
|
+
transformer: (data) => {
|
|
83
|
+
const projectName = lodash_1.default.has(data, 'projectName')
|
|
84
|
+
? `Snyk Project: ${lodash_1.default.get(data, 'projectName')} `
|
|
85
|
+
: '';
|
|
86
|
+
return `${projectName}Snyk Path: ${lodash_1.default.get(data, 'path')}`;
|
|
92
87
|
}
|
|
93
88
|
},
|
|
94
89
|
maintainer: null,
|
|
@@ -126,7 +121,11 @@ class SnykMapper extends base_converter_1.BaseConverter {
|
|
|
126
121
|
path: 'severity',
|
|
127
122
|
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
128
123
|
},
|
|
129
|
-
code:
|
|
124
|
+
code: {
|
|
125
|
+
transformer: (vulnerability) => {
|
|
126
|
+
return JSON.stringify(vulnerability, null, 2);
|
|
127
|
+
}
|
|
128
|
+
},
|
|
130
129
|
results: [
|
|
131
130
|
{
|
|
132
131
|
status: inspecjs_1.ExecJSON.ControlResultStatus.Failed,
|
|
@@ -149,7 +148,14 @@ class SnykMapper extends base_converter_1.BaseConverter {
|
|
|
149
148
|
],
|
|
150
149
|
sha256: ''
|
|
151
150
|
}
|
|
152
|
-
]
|
|
151
|
+
],
|
|
152
|
+
passthrough: {
|
|
153
|
+
snyk_metadata: {
|
|
154
|
+
transformer: (data) => {
|
|
155
|
+
return lodash_1.default.omit(data, ['vulnerabilities']);
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
153
159
|
};
|
|
154
160
|
}
|
|
155
161
|
setMappings(customMappings) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"snyk-mapper.js","sourceRoot":"","sources":["../../src/snyk-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"snyk-mapper.js","sourceRoot":"","sources":["../../src/snyk-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AACzD,2CAAsE;AAEtE,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AACH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAE9C,SAAS,eAAe,CAAC,WAAgC;IACvD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,WAAW,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QAC3D,WAAW,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC9B,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnC,OAAO,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;QACH,OAAO,MAAM,CAAC;KACf;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,OAAO,CAAC,WAAsB;IACrC,OAAO,gBAAgB,CAAC,UAAU,CAChC,eAAe,CAAC,WAAW,CAAC,EAC5B,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,WAAW;IAGtB,YAAY,QAAgB;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,KAAK;QACH,MAAM,OAAO,GAAyB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;gBACtC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE;oBACpC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;iBACvC;gBACD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC9B,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;SAChB;aAAM;YACL,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE;gBACpC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;aACxC;YACD,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;SACvB;IACH,CAAC;IACD,WAAW,CACT,aAA+D;QAE/D,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;CACF;AA/BD,kCA+BC;AAED,MAAa,UAAW,SAAQ,8BAAa;IAiG3C,YAAY,QAAiC;QAC3C,KAAK,CAAC,QAAQ,CAAC,CAAC;QAjGlB,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;aACjC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,WAAW;oBACjB,KAAK,EAAE;wBACL,WAAW,EAAE,CAAC,IAA6B,EAAU,EAAE;4BACrD,MAAM,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC;gCAC5C,CAAC,CAAC,iBAAiB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,GAAG;gCAChD,CAAC,CAAC,EAAE,CAAC;4BACP,OAAO,GAAG,WAAW,cAAc,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;wBAC3D,CAAC;qBACF;oBACD,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE;wBACP,IAAI,EAAE,SAAS;wBACf,WAAW,EAAE,CAAC,OAAe,EAAU,EAAE;4BACvC,OAAO,iBAAiB,OAAO,EAAE,CAAC;wBACpC,CAAC;qBACF;oBACD,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,OAAO,EAAC;gCACrD,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,eAAe,EAAC;gCAC9D,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,eAAe,EAAC;gCAC9D,MAAM,EAAE,EAAC,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,eAAe,EAAC;6BACjE;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;4BACtB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE;oCAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gCAChD,CAAC;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,MAAM;wCACZ,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4CACtC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;gDACxB,OAAO,YAAY,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;6CAC1C;iDAAM;gDACL,OAAO,EAAE,CAAC;6CACX;wCACH,CAAC;qCACF;oCACD,QAAQ,EAAE,CAAC;oCACX,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,aAAa,EAAE;oBACb,WAAW,EAAE,CACX,IAA6B,EACJ,EAAE;wBAC3B,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,iBAAiB,CAAC,CAAC,CAAC;oBAC3C,CAAC;iBACF;aACF;SACF,CAAC;IAGF,CAAC;IACD,WAAW,CACT,cAAgE;QAEhE,KAAK,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACpC,CAAC;CACF;AAzGD,gCAyGC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { ExecJSON } from 'inspecjs';
|
|
2
2
|
export declare const DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS: string[];
|
|
3
|
+
export declare const DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS: string[];
|
|
3
4
|
export declare const FROM_ASFF_TYPES_SLASH_REPLACEMENT: RegExp;
|
|
4
5
|
export declare function createWinstonLogger(mapperName: string, level?: string): import("winston").Logger;
|
|
5
6
|
export declare function getDescription(descriptions: {
|
package/lib/src/utils/global.js
CHANGED
|
@@ -3,10 +3,13 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.getDescription = exports.createWinstonLogger = exports.FROM_ASFF_TYPES_SLASH_REPLACEMENT = exports.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS = void 0;
|
|
6
|
+
exports.getDescription = exports.createWinstonLogger = exports.FROM_ASFF_TYPES_SLASH_REPLACEMENT = exports.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS = exports.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS = void 0;
|
|
7
7
|
const lodash_1 = __importDefault(require("lodash"));
|
|
8
8
|
const winston_1 = require("winston");
|
|
9
9
|
exports.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS = ['SA-11', 'RA-5'];
|
|
10
|
+
exports.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS = [
|
|
11
|
+
'CM-8'
|
|
12
|
+
];
|
|
10
13
|
exports.FROM_ASFF_TYPES_SLASH_REPLACEMENT = /{{{SLASH}}}/gi;
|
|
11
14
|
function createWinstonLogger(mapperName, level = 'debug') {
|
|
12
15
|
return (0, winston_1.createLogger)({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"global.js","sourceRoot":"","sources":["../../../src/utils/global.ts"],"names":[],"mappings":";;;;;;AACA,oDAAuB;AACvB,qCAAyD;AAI5C,QAAA,sCAAsC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AAG3D,QAAA,iCAAiC,GAAG,eAAe,CAAC;AAEjE,SAAgB,mBAAmB,CAAC,UAAkB,EAAE,KAAK,GAAG,OAAO;IACrE,OAAO,IAAA,sBAAY,EAAC;QAClB,UAAU,EAAE,CAAC,IAAI,oBAAU,CAAC,OAAO,EAAE,CAAC;QACtC,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,gBAAM,CAAC,OAAO,CACpB,gBAAM,CAAC,SAAS,CAAC;YACf,MAAM,EAAE,wBAAwB;SACjC,CAAC,EACF,gBAAM,CAAC,MAAM,CACX,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,UAAU,IAAI,IAAI,CAAC,OAAO,EAAE,CAChE,CACF;KACF,CAAC,CAAC;AACL,CAAC;AAbD,kDAaC;AAGD,SAAgB,cAAc,CAC5B,YAIiC,EACjC,GAAW;;IAEX,IAAI,KAAyB,CAAC;IAC9B,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;QAC/B,KAAK,GAAG,MAAA,YAAY,CAAC,IAAI,CACvB,CAAC,WAAwC,EAAE,EAAE,CAC3C,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,GAAG,CAC1C,0CAAE,IAAI,CAAC;KACT;SAAM;QACL,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;KAClC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAnBD,wCAmBC"}
|
|
1
|
+
{"version":3,"file":"global.js","sourceRoot":"","sources":["../../../src/utils/global.ts"],"names":[],"mappings":";;;;;;AACA,oDAAuB;AACvB,qCAAyD;AAI5C,QAAA,sCAAsC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;AAG3D,QAAA,yDAAyD,GAAG;IACvE,MAAM;CACP,CAAC;AAGW,QAAA,iCAAiC,GAAG,eAAe,CAAC;AAEjE,SAAgB,mBAAmB,CAAC,UAAkB,EAAE,KAAK,GAAG,OAAO;IACrE,OAAO,IAAA,sBAAY,EAAC;QAClB,UAAU,EAAE,CAAC,IAAI,oBAAU,CAAC,OAAO,EAAE,CAAC;QACtC,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,gBAAM,CAAC,OAAO,CACpB,gBAAM,CAAC,SAAS,CAAC;YACf,MAAM,EAAE,wBAAwB;SACjC,CAAC,EACF,gBAAM,CAAC,MAAM,CACX,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,UAAU,IAAI,IAAI,CAAC,OAAO,EAAE,CAChE,CACF;KACF,CAAC,CAAC;AACL,CAAC;AAbD,kDAaC;AAGD,SAAgB,cAAc,CAC5B,YAIiC,EACjC,GAAW;;IAEX,IAAI,KAAyB,CAAC;IAC9B,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;QAC/B,KAAK,GAAG,MAAA,YAAY,CAAC,IAAI,CACvB,CAAC,WAAwC,EAAE,EAAE,CAC3C,WAAW,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,GAAG,CAC1C,0CAAE,IAAI,CAAC;KACT;SAAM;QACL,KAAK,GAAG,gBAAC,CAAC,GAAG,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;KAClC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAnBD,wCAmBC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@mitre/hdf-converters",
|
|
3
|
-
"version": "2.6.
|
|
3
|
+
"version": "2.6.24",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"description": "Converter util library used to transform various scan results into HDF format",
|
|
6
6
|
"files": [
|
|
@@ -26,12 +26,12 @@
|
|
|
26
26
|
"@types/papaparse": "^5.3.2",
|
|
27
27
|
"@types/xml2js": "^0.4.9",
|
|
28
28
|
"aws-sdk": "^2.1046.0",
|
|
29
|
-
"axios": "^0.
|
|
29
|
+
"axios": "^0.27.2",
|
|
30
30
|
"csv2json": "^2.0.2",
|
|
31
31
|
"fast-xml-parser": "^3.21.1",
|
|
32
32
|
"html-entities": "^2.3.2",
|
|
33
33
|
"htmlparser2": "^7.1.2",
|
|
34
|
-
"inspecjs": "^2.6.
|
|
34
|
+
"inspecjs": "^2.6.24",
|
|
35
35
|
"lodash": "^4.17.21",
|
|
36
36
|
"moment": "^2.29.1",
|
|
37
37
|
"papaparse": "^5.3.1",
|
|
@@ -41,7 +41,7 @@
|
|
|
41
41
|
"devDependencies": {
|
|
42
42
|
"@types/jest": "^27.0.0",
|
|
43
43
|
"@types/lodash": "^4.14.161",
|
|
44
|
-
"@types/node": "^
|
|
44
|
+
"@types/node": "^17.0.25",
|
|
45
45
|
"htmlparser2": "^7.1.2",
|
|
46
46
|
"jest": "^27.0.6",
|
|
47
47
|
"quicktype": "^15.0.260",
|