@mitre/hdf-converters 2.6.29 → 2.6.31
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +4 -3
- package/lib/index.d.ts +1 -0
- package/lib/index.js +2 -1
- package/lib/index.js.map +1 -1
- package/lib/package.json +4 -4
- package/lib/src/asff-mapper/asff-mapper.d.ts +4 -1
- package/lib/src/asff-mapper/asff-mapper.js +15 -4
- package/lib/src/asff-mapper/asff-mapper.js.map +1 -1
- package/lib/src/asff-mapper/case-previously-hdf.d.ts +1 -0
- package/lib/src/asff-mapper/{case-hdf2asff.js → case-previously-hdf.js} +54 -40
- package/lib/src/asff-mapper/case-previously-hdf.js.map +1 -0
- package/lib/src/asff-mapper/case-trivy.js +2 -1
- package/lib/src/asff-mapper/case-trivy.js.map +1 -1
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.js +4 -0
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.d.ts +6 -0
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js +114 -2
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.d.ts +0 -2
- package/lib/src/converters-from-hdf/asff/transformers.js +48 -46
- package/lib/src/converters-from-hdf/asff/transformers.js.map +1 -1
- package/lib/src/fortify-mapper.d.ts +5 -2
- package/lib/src/fortify-mapper.js +41 -20
- package/lib/src/fortify-mapper.js.map +1 -1
- package/lib/src/ionchannel-mapper.js +3 -1
- package/lib/src/ionchannel-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.js +7 -2
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/mappings/NistCciMappingData.d.ts +1 -0
- package/lib/src/mappings/NistCciMappingData.js +27 -0
- package/lib/src/mappings/NistCciMappingData.js.map +1 -0
- package/lib/src/netsparker-mapper.js +4 -0
- package/lib/src/netsparker-mapper.js.map +1 -1
- package/lib/src/nikto-mapper.js +5 -0
- package/lib/src/nikto-mapper.js.map +1 -1
- package/lib/src/prisma-mapper.d.ts +1 -0
- package/lib/src/prisma-mapper.js +15 -10
- package/lib/src/prisma-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.js +4 -0
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/scoutsuite-mapper.js +6 -1
- package/lib/src/scoutsuite-mapper.js.map +1 -1
- package/lib/src/snyk-mapper.js +7 -2
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/sonarqube-mapper.js +4 -0
- package/lib/src/sonarqube-mapper.js.map +1 -1
- package/lib/src/twistlock-mapper.d.ts +7 -1
- package/lib/src/twistlock-mapper.js +26 -8
- package/lib/src/twistlock-mapper.js.map +1 -1
- package/lib/src/utils/attestations.d.ts +3 -0
- package/lib/src/utils/attestations.js +17 -3
- package/lib/src/utils/attestations.js.map +1 -1
- package/lib/src/utils/fingerprinting.js +7 -1
- package/lib/src/utils/fingerprinting.js.map +1 -1
- package/lib/src/utils/global.d.ts +4 -0
- package/lib/src/utils/global.js +24 -1
- package/lib/src/utils/global.js.map +1 -1
- package/lib/src/veracode-mapper.js +35 -4
- package/lib/src/veracode-mapper.js.map +1 -1
- package/lib/src/xccdf-results-mapper.d.ts +5 -2
- package/lib/src/xccdf-results-mapper.js +113 -71
- package/lib/src/xccdf-results-mapper.js.map +1 -1
- package/lib/src/zap-mapper.js +4 -0
- package/lib/src/zap-mapper.js.map +1 -1
- package/package.json +4 -4
- package/lib/src/asff-mapper/case-hdf2asff.d.ts +0 -1
- package/lib/src/asff-mapper/case-hdf2asff.js.map +0 -1
|
@@ -209,11 +209,13 @@ class IonChannelMapper extends base_converter_1.BaseConverter {
|
|
|
209
209
|
? {
|
|
210
210
|
...lodash_1.default.omit(dependency, 'dependencies'),
|
|
211
211
|
nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
|
|
212
|
+
cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS),
|
|
212
213
|
dependencies: dependency.dependencies.map((subDependency) => `${subDependency.name}`)
|
|
213
214
|
}
|
|
214
215
|
: {
|
|
215
216
|
...lodash_1.default.omit(dependency, 'dependencies'),
|
|
216
|
-
nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS
|
|
217
|
+
nist: global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
|
|
218
|
+
cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS)
|
|
217
219
|
};
|
|
218
220
|
}
|
|
219
221
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ionchannel-mapper.js","sourceRoot":"","sources":["../../src/ionchannel-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA2C;AAE3C,oDAAuB;AACvB,kDAAgE;AAShE,qDAA6E;AAC7E,
|
|
1
|
+
{"version":3,"file":"ionchannel-mapper.js","sourceRoot":"","sources":["../../src/ionchannel-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA2C;AAE3C,oDAAuB;AACvB,kDAAgE;AAShE,qDAA6E;AAC7E,2CAGwB;AAGxB,SAAS,sBAAsB,CAC7B,UAAsB;IAEtB,MAAM,MAAM,GAA+B,EAAE,CAAC;IAC9C,MAAM,CAAC,IAAI,CAAC;QACV,GAAG,UAAU;QACb,kBAAkB,EAAE,EAAE;KACvB,CAAC,CAAC;IACH,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE;QAC1C,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;YAChD,MAAM,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,aAAa,CAAC,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;KACJ;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,wBAAwB,CAAC,cAAsB;IACtD,MAAM,MAAM,GAAG;QACb,QAAQ,EAAE,EAAE;QACZ,KAAK,EAAE;YACL,aAAa,EAAE,EAAE;YACjB,UAAU,EAAE;gBACV,YAAY,EAAE,EAAkB;gBAChC,0BAA0B,EAAE,EAAgC;aAC7D;YACD,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;YACb,YAAY,EAAE,EAAE;YAChB,KAAK,EAAE,EAAE;YACT,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,EAAE;YACd,SAAS,EAAE,EAAE;SACd;KACF,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IAC1C,MAAM,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAEtD,MAAM,CAAC,QAAQ,GAAG,gBAAC,CAAC,IAAI,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAEnD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE;QACjC,MAAM,IAAI,KAAK,CACb,yEAAyE,OAAO,aAAa,GAAG,CACjG,CAAC;KACH;IAED,aAAa,CAAC,OAAO,CAAC,CAAC,WAAwB,EAAE,EAAE;QACjD,QAAQ,WAAW,CAAC,IAAI,EAAE;YACxB,KAAK,YAAY;gBACf,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,EAAE;oBAC1C,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAC;iBACnE;gBACD,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY;oBAClC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC;gBACxC,MAAM;YAER;gBACE,MAAM;SACT;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,eAAe,GAA6C,EAAE,CAAC;IAGrE,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,kBAAkB,EAAE,EAAE;QAClE,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,kBAAkB,CAAC,CAAC;QACpE,gBAAgB,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YACtC,eAAe,CAAC,GAAG,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,GAAG,UAAU,CAAC;QACvE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAGH,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,EAAE;QACzD,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE;YAC1C,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,EAAE;gBAChD,eAAe,CACb,GAAG,aAAa,CAAC,GAAG,IAAI,aAAa,CAAC,IAAI,EAAE,CAC7C,CAAC,kBAAkB,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC;YACpE,CAAC,CAAC,CAAC;SACJ;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,EAAE;QACzD,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,0BAA0B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAa,mBAAmB;IAQ9B,YACE,MAAc,EACd,SAAkB,EAClB,MAAe,EACf,UAAmB;QAEnB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAE7B,IAAI,CAAC,SAAS,GAAG,eAAK,CAAC,MAAM,EAAE,CAAC;QAChC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CACpC,eAAe,CAChB,GAAG,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;YAC9C,mCAAmC,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QAC1C,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QACvE,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAgB;QAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC7C,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CACnC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,WAAW,EAAE,CAC7D,CAAC;QACF,IAAI,CAAC,SAAS,EAAE;YACd,MAAM,IAAI,KAAK,CACb,QAAQ,QAAQ,kCAAkC,cAAc;iBAC7D,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;iBACxB,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;SACH;QACD,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC,EAAE,CAAC;IAC7B,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,gBAAgB,CAAC,CAAC;SACnC;QACD,OAAO,IAAI,CAAC,SAAS;aAClB,GAAG,CAAC,6CAA6C,CAAC;aAClD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,WAAmB;QAClC,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QACnD,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CACzC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,WAAW,CAAC,WAAW,EAAE,CACtE,CAAC;QACF,IAAI,CAAC,YAAY,EAAE;YACjB,MAAM,IAAI,KAAK,CACb,WAAW,WAAW,qCAAqC,iBAAiB;iBACzE,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;iBAC9B,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAC;SACH;QACD,IAAI,CAAC,SAAS,GAAG,YAAY,CAAC,EAAE,CAAC;QACjC,IAAI,CAAC,UAAU,GAAG,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC;IAC9D,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,OAAO,IAAI,CAAC,SAAS;aAClB,GAAG,CAAC,iDAAiD,EAAE;YACtD,MAAM,EAAE;gBACN,OAAO,EAAE,IAAI,CAAC,MAAM;aACrB;SACF,CAAC;aACD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,WAAW;QACf,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACnB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;SAC1C;QACD,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE;YAChB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;SACvC;QACD,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;YACpB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;SAC3C;QACD,OAAO,IAAI,CAAC,SAAS;aAClB,GAAG,CAAC,iDAAiD,EAAE;YACtD,MAAM,EAAE;gBACN,UAAU,EAAE,IAAI,CAAC,SAAS;gBAC1B,OAAO,EAAE,IAAI,CAAC,MAAM;gBACpB,WAAW,EAAE,IAAI,CAAC,UAAU;aAC7B;SACF,CAAC;aACD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjC,CAAC;CACF;AAhHD,kDAgHC;AAED,MAAa,gBAAiB,SAAQ,8BAAa;IAmHjD,YAAY,cAAsB;QAChC,KAAK,CAAC,wBAAwB,CAAC,cAAc,CAAC,CAAC,CAAC;QAnHlD,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,qBAAqB,EAAC;aACzC;YACD,WAAW,EAAE;gBACX,mBAAmB,EAAE;oBACnB,IAAI,EAAE,UAAU;iBACjB;aACF;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,0BAA0B;oBAChC,OAAO,EAAE,EAAE;oBACX,KAAK,EAAE;wBACL,IAAI,EAAE,iBAAiB;wBACvB,WAAW,EAAE,CAAC,MAAe,EAAE,EAAE,CAAC,0BAA0B,MAAM,EAAE;qBACrE;oBACD,UAAU,EAAE,sBAAsB;oBAClC,OAAO,EAAE,EAAE;oBACX,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,6CAA6C;4BACnD,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,UAAsB,EAAE,EAAE;oCACtC,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC;wCAC3C,CAAC,CAAC;4CACE,GAAG,gBAAC,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC;4CACrC,IAAI,EAAE,kEAAyD;4CAC/D,GAAG,EAAE,IAAA,2BAAkB,EACrB,kEAAyD,CAC1D;4CACD,YAAY,EAAE,UAAU,CAAC,YAAY,CAAC,GAAG,CACvC,CAAC,aAAa,EAAE,EAAE,CAAC,GAAG,aAAa,CAAC,IAAI,EAAE,CAC3C;yCACF;wCACH,CAAC,CAAC;4CACE,GAAG,gBAAC,CAAC,IAAI,CAAC,UAAU,EAAE,cAAc,CAAC;4CACrC,IAAI,EAAE,kEAAyD;4CAC/D,GAAG,EAAE,IAAA,2BAAkB,EACrB,kEAAyD,CAC1D;yCACF,CAAC;gCACR,CAAC;6BACF;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE;gCACL,WAAW,EAAE,CAAC,UAAsB,EAAE,EAAE;oCAEtC,IACE,UAAU,CAAC,IAAI,KAAK,MAAM;wCAC1B,UAAU,CAAC,OAAO,KAAK,KAAK;wCAC5B,UAAU,CAAC,IAAI,KAAK,IAAI,EACxB;wCACA,OAAO,4BAA4B,UAAU,CAAC,IAAI,EAAE,CAAC;qCACtD;oCAED,IAAI,KAAK,GAAG,cAAc,UAAU,CAAC,IAAI,GAAG,CAAC;oCAC7C,IAAI,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,KAAK,EAAE;wCAC5D,KAAK,IAAI,QAAQ,UAAU,CAAC,GAAG,GAAG,CAAC;qCACpC;oCACD,IACE,UAAU,CAAC,OAAO;wCAClB,UAAU,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,KAAK,EAC1C;wCACA,KAAK,IAAI,KAAK,UAAU,CAAC,OAAO,GAAG,CAAC;qCACrC;oCACD,IACE,UAAU,CAAC,WAAW;wCACtB,UAAU,CAAC,WAAW,CAAC,WAAW,EAAE,KAAK,KAAK,EAC9C;wCACA,KAAK,IAAI,aAAa,UAAU,CAAC,WAAW,IAAI,CAAC;qCAClD;oCACD,OAAO,KAAK,CAAC,IAAI,EAAE,CAAC;gCACtB,CAAC;6BACF;4BACD,EAAE,EAAE;gCACF,WAAW,EAAE,CAAC,UAAoC,EAAE,EAAE;oCACpD,OAAO,cAAc,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gCAC3D,CAAC;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,MAAM,EAAE,GAAG;4BACX,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,UAAsB,EAAE,EAAE,CACtC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;6BACtC;4BACD,OAAO,EAAE,EAAE;yBACZ;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAIF,CAAC;CACF;AAtHD,4CAsHC"}
|
|
@@ -15,6 +15,7 @@ const IMPACT_MAPPING = new Map([
|
|
|
15
15
|
['medium', 0.5],
|
|
16
16
|
['low', 0.3]
|
|
17
17
|
]);
|
|
18
|
+
const CWE_PATH = 'component_versions.more_details.cves[0].cwe';
|
|
18
19
|
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping();
|
|
19
20
|
function hashId(vulnerability) {
|
|
20
21
|
if (lodash_1.default.get(vulnerability, 'id') === '') {
|
|
@@ -108,11 +109,15 @@ class JfrogXrayMapper extends base_converter_1.BaseConverter {
|
|
|
108
109
|
path: 'data',
|
|
109
110
|
key: 'id',
|
|
110
111
|
tags: {
|
|
112
|
+
cci: {
|
|
113
|
+
path: CWE_PATH,
|
|
114
|
+
transformer: (identifier) => (0, global_1.getCCIsForNISTTags)(nistTag(identifier))
|
|
115
|
+
},
|
|
111
116
|
nist: {
|
|
112
|
-
path:
|
|
117
|
+
path: CWE_PATH,
|
|
113
118
|
transformer: nistTag
|
|
114
119
|
},
|
|
115
|
-
cweid: { path:
|
|
120
|
+
cweid: { path: CWE_PATH }
|
|
116
121
|
},
|
|
117
122
|
refs: [],
|
|
118
123
|
source_location: {},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jfrog-xray-mapper.js","sourceRoot":"","sources":["../../src/jfrog-xray-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAM0B;AAC1B,8DAAyD;AACzD,
|
|
1
|
+
{"version":3,"file":"jfrog-xray-mapper.js","sourceRoot":"","sources":["../../src/jfrog-xray-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAM0B;AAC1B,8DAAyD;AACzD,2CAGwB;AAGxB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AAEH,MAAM,QAAQ,GAAG,6CAA6C,CAAC;AAE/D,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAG9C,SAAS,MAAM,CAAC,aAAsB;IACpC,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,KAAK,EAAE,EAAE;QACrC,OAAO,IAAA,6BAAY,EAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;KACxE;SAAM;QACL,OAAO,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAW,CAAC;KAC7C;AACH,CAAC;AACD,SAAS,UAAU,CAAC,aAAsB;IACxC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE;QACvC,IAAI,CAAC,IAAI,CAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;KAC3D;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,EAAE;QAChC,MAAM,GAAG,GAAG,MAAM,CAAC;QACnB,MAAM,GAAG,GAAG,KAAK,CAAC;QAClB,IAAI,CAAC,IAAI,CACP,SAAS,IAAI,CAAC,SAAS,CAAC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;aAClD,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC;aACnB,OAAO,CAAC,GAAG,EAAE,IAAI,CAAC,EAAE,CACxB,CAAC;KACH;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,EAAE,GAAG,KAAK,CAAC;IACjB,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE;QAC1C,aAAa,CAAC,IAAI,CAChB,oBAAoB,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,EAAE,CAC7D,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KACzC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,wCAAwC,CAAC,EAAE;QAClE,aAAa,CAAC,IAAI,CAChB,yBAAyB,IAAI,CAAC,SAAS,CACrC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,wCAAwC,CAAC,CAC/D,EAAE,CACJ,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;KAC9C;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mCAAmC,CAAC,EAAE;QAC7D,aAAa,CAAC,IAAI,CAChB,oBAAoB,IAAI,CAAC,SAAS,CAChC,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mCAAmC,CAAC,CAC1D,EAAE,CACJ,CAAC;KACH;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KACzC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,EAAE;QACtC,aAAa,CAAC,IAAI,CAAC,gBAAgB,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC;KAC1E;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;KACrC;IACD,IAAI,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE;QACpC,aAAa,CAAC,IAAI,CAAC,cAAc,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,UAAU,CAAC,EAAE,CAAC,CAAC;KACtE;SAAM;QACL,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;KACnC;IACD,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;AACpD,CAAC;AACD,SAAS,OAAO,CAAC,UAAmC;IAClD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE;QAC7B,UAAU,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE;gBAC5B,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;aAC5C;QACH,CAAC,CAAC,CAAC;KACJ;IACD,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAGD,MAAa,eAAgB,SAAQ,8BAAa;IAiFhD,YAAY,QAAgB,EAAE,OAAO,GAAG,KAAK;QAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC;QA/EpC,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,iBAAiB;oBACvB,KAAK,EAAE,iBAAiB;oBACxB,OAAO,EAAE,qDAAqD;oBAC9D,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,MAAM;4BACZ,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,CAAC,UAAmC,EAAE,EAAE,CACnD,IAAA,2BAAkB,EAAC,OAAO,CAAC,UAAU,CAAC,CAAC;iCAC1C;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,OAAO;iCACrB;gCACD,KAAK,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;6BACxB;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,EAAE,EAAE,EAAC,WAAW,EAAE,MAAM,EAAC;4BACzB,KAAK,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BACxB,IAAI,EAAE;gCACJ,IAAI,EAAE,iCAAiC;gCACvC,WAAW,EAAE,UAAU;6BACxB;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE;oCAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gCAChD,CAAC;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,YAAY;gCAClB,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,aAAa,CAAC,CAAC;6BACpC;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AArFD,0CAqFC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export declare const data: Record<string, string[]>;
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.data = void 0;
|
|
4
|
+
exports.data = {
|
|
5
|
+
"AC-3": ["CCI-000213"],
|
|
6
|
+
"AC-4": ["CCI-001368", "CCI-001414"],
|
|
7
|
+
"AC-6": ["CCI-000225"],
|
|
8
|
+
"AC-7": ["CCI-000044"],
|
|
9
|
+
"AC-12": ["CCI-002361"],
|
|
10
|
+
"AU-12": ["CCI-000172"],
|
|
11
|
+
"CM-6": ["CCI-000366"],
|
|
12
|
+
"IA-5": ["CCI-001544", "CCI-000183", "CCI-002042"],
|
|
13
|
+
"IA-8": ["CCI-000804"],
|
|
14
|
+
"RA-5": ["CCI-001643"],
|
|
15
|
+
"SA-11": ["CCI-003173"],
|
|
16
|
+
"SC-4": ["CCI-001090"],
|
|
17
|
+
"SC-8": ["CCI-002418"],
|
|
18
|
+
"SC-12": ["CCI-002438"],
|
|
19
|
+
"SC-13": ["CCI-002450"],
|
|
20
|
+
"SC-23": ["CCI-001184"],
|
|
21
|
+
"SC-28": ["CCI-001199"],
|
|
22
|
+
"SI-2": ["CCI-002605"],
|
|
23
|
+
"SI-10": ["CCI-001310"],
|
|
24
|
+
"SI-11": ["CCI-001312"],
|
|
25
|
+
"SI-16": ["CCI-002824"]
|
|
26
|
+
};
|
|
27
|
+
//# sourceMappingURL=NistCciMappingData.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"NistCciMappingData.js","sourceRoot":"","sources":["../../../src/mappings/NistCciMappingData.ts"],"names":[],"mappings":";;;AAAa,QAAA,IAAI,GAAG;IAChB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,MAAM,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,MAAM,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,YAAY,CAAC;IAClD,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,MAAM,EAAE,CAAC,YAAY,CAAC;IACtB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,OAAO,EAAE,CAAC,YAAY,CAAC;IACvB,OAAO,EAAE,CAAC,YAAY,CAAC;CACI,CAAA"}
|
|
@@ -170,6 +170,10 @@ class NetsparkerMapper extends base_converter_1.BaseConverter {
|
|
|
170
170
|
transformer: (0, base_converter_1.impactMapping)(IMPACT_MAPPING)
|
|
171
171
|
},
|
|
172
172
|
tags: {
|
|
173
|
+
cci: {
|
|
174
|
+
path: 'classification',
|
|
175
|
+
transformer: (data) => (0, global_1.getCCIsForNISTTags)(nistTag(data))
|
|
176
|
+
},
|
|
173
177
|
nist: { path: 'classification', transformer: nistTag }
|
|
174
178
|
},
|
|
175
179
|
descriptions: [
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"netsparker-mapper.js","sourceRoot":"","sources":["../../src/netsparker-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAO0B;AAC1B,8DAAyD;AACzD,kEAA6D;AAC7D,
|
|
1
|
+
{"version":3,"file":"netsparker-mapper.js","sourceRoot":"","sources":["../../src/netsparker-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAO0B;AAC1B,8DAAyD;AACzD,kEAA6D;AAC7D,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,UAAU,EAAE,GAAG,CAAC;IACjB,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,eAAe,EAAE,GAAG,CAAC;IACtB,CAAC,aAAa,EAAE,GAAG,CAAC;CACrB,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,OAAO,CAAC,cAAuC;IACtD,IAAI,MAAM,GAAG,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;QAC1B,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC;KACnB;IACD,IAAI,QAAQ,GAAG,gBAAC,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IAC9C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;QAC5B,QAAQ,GAAG,CAAC,QAAQ,CAAC,CAAC;KACvB;IACD,MAAM,GAAG,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAkB,CAAC,CAAC;IAC5D,MAAM,KAAK,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,QAAoB,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,OAAO,MAAM,CAAC;KACf;SAAM;QACL,OAAO,+CAAsC,CAAC;KAC/C;AACH,CAAC;AACD,SAAS,iBAAiB,CAAC,aAAsB;IAC/C,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IACxD,IAAI,WAAW,EAAE;QACf,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;KACxB;IACD,MAAM,kBAAkB,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,qBAAqB,CAAC,CAAC;IACvE,IAAI,kBAAkB,EAAE;QACtB,IAAI,CAAC,IAAI,CAAC,wBAAwB,kBAAkB,EAAE,CAAC,CAAC;KACzD;IACD,MAAM,gBAAgB,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;IACnE,IAAI,gBAAgB,EAAE;QACpB,IAAI,CAAC,IAAI,CACP,sBAAsB,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAC5D,KAAK,EACL,IAAI,CACL,EAAE,CACJ,CAAC;KACH;IACD,MAAM,cAAc,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC;IAC9D,IAAI,cAAc,EAAE;QAClB,IAAI,CAAC,IAAI,CACP,mBAAmB,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,CACzE,CAAC;KACH;IACD,MAAM,MAAM,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IAC9C,IAAI,MAAM,EAAE;QACV,IAAI,CAAC,IAAI,CAAC,WAAW,MAAM,EAAE,CAAC,CAAC;KAChC;IACD,MAAM,aAAa,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,EAAE;QACjB,IAAI,CAAC,IAAI,CAAC,kBAAkB,aAAa,EAAE,CAAC,CAAC;KAC9C;IACD,MAAM,YAAY,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;IAC1D,IAAI,YAAY,EAAE;QAChB,IAAI,CAAC,IAAI,CAAC,iBAAiB,YAAY,EAAE,CAAC,CAAC;KAC5C;IACD,MAAM,SAAS,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,SAAS,EAAE;QACb,IAAI,CAAC,IAAI,CAAC,cAAc,SAAS,EAAE,CAAC,CAAC;KACtC;IACD,MAAM,IAAI,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;KAC5B;IACD,MAAM,SAAS,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,SAAS,EAAE;QACb,IAAI,CAAC,IAAI,CAAC,cAAc,SAAS,EAAE,CAAC,CAAC;KACtC;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,WAAW,CAAC,aAAsB;IACzC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,kBAAkB,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,qBAAqB,CAAC,CAAC;IACvE,IAAI,kBAAkB,EAAE;QACtB,IAAI,CAAC,IAAI,CAAC,wBAAwB,kBAAkB,EAAE,CAAC,CAAC;KACzD;IACD,MAAM,cAAc,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAAC;IAChE,IAAI,cAAc,EAAE;QAClB,IAAI,CAAC,IAAI,CAAC,qBAAqB,cAAc,EAAE,CAAC,CAAC;KAClD;IACD,OAAO,IAAA,0BAAS,EAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;AACtC,CAAC;AACD,SAAS,SAAS,CAAC,aAAsB;IACvC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAAC;IACjE,IAAI,eAAe,EAAE;QACnB,IAAI,CAAC,IAAI,CAAC,qBAAqB,eAAe,EAAE,CAAC,CAAC;KACnD;IACD,MAAM,iBAAiB,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,oBAAoB,CAAC,CAAC;IACrE,IAAI,iBAAiB,EAAE;QACrB,IAAI,CAAC,IAAI,CAAC,uBAAuB,iBAAiB,EAAE,CAAC,CAAC;KACvD;IACD,MAAM,gBAAgB,GAAG,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;IACnE,IAAI,gBAAgB,EAAE;QACpB,IAAI,CAAC,IAAI,CAAC,sBAAsB,gBAAgB,EAAE,CAAC,CAAC;KACrD;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,cAAc,CAAC,OAAgB;IACtC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,CAAC,IAAI,CAAC,kBAAkB,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;IACzD,IAAI,CAAC,IAAI,CAAC,YAAY,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC;IAClD,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,aAAa,CAAC,QAAiB;IACtC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,CAAC,IAAI,CAAC,mBAAmB,gBAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;IAC3D,IAAI,CAAC,IAAI,CAAC,cAAc,gBAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,CAAC,CAAC;IACvD,IAAI,CAAC,IAAI,CAAC,kBAAkB,gBAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;IAC9D,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,MAAa,gBAAiB,SAAQ,8BAAa;IAiFjD,YAAY,aAAqB;QAC/B,KAAK,CAAC,IAAA,yBAAQ,EAAC,aAAa,CAAC,CAAC,CAAC;QAjFjC,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,kCAAkC,EAAC;aACtD;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,4BAA4B;oBAClC,OAAO,EAAE,EAAE;oBACX,KAAK,EAAE;wBACL,IAAI,EAAE,8BAA8B;wBACpC,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4BACtC,OAAO,kCAAkC,gBAAC,CAAC,GAAG,CAC5C,KAAK,EACL,SAAS,CACV,SAAS,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,CAAC;wBAClC,CAAC;qBACF;oBACD,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE,4BAA4B;oBACrC,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,qDAAqD;4BAC3D,GAAG,EAAE,IAAI;4BACT,EAAE,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;4BACtB,KAAK,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACrB,IAAI,EAAE,EAAC,WAAW,EAAE,iBAAiB,EAAC;4BACtC,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,gBAAgB;oCACtB,WAAW,EAAE,CAAC,IAA6B,EAAE,EAAE,CAC7C,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACpC;gCACD,IAAI,EAAE,EAAC,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,OAAO,EAAC;6BACrD;4BACD,YAAY,EAAE;gCACZ;oCACE,IAAI,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oCAChC,KAAK,EAAE,OAAO;iCACf;gCACD;oCACE,IAAI,EAAE,EAAC,WAAW,EAAE,SAAS,EAAC;oCAC9B,KAAK,EAAE,KAAK;iCACb;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,IAAI,EAAE,EAAE;4BACR,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,cAAc,EAAC;oCAC9D,OAAO,EAAE,EAAC,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,aAAa,EAAC;oCAC5D,QAAQ,EAAE,CAAC;oCACX,UAAU,EAAE,EAAC,IAAI,EAAE,0CAA0C,EAAC;iCAC/D;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAGF,CAAC;CACF;AApFD,4CAoFC"}
|
package/lib/src/nikto-mapper.js
CHANGED
|
@@ -9,6 +9,7 @@ const lodash_1 = __importDefault(require("lodash"));
|
|
|
9
9
|
const package_json_1 = require("../package.json");
|
|
10
10
|
const base_converter_1 = require("./base-converter");
|
|
11
11
|
const NiktoNistMapping_1 = require("./mappings/NiktoNistMapping");
|
|
12
|
+
const global_1 = require("./utils/global");
|
|
12
13
|
const NIKTO_NIST_MAPPING = new NiktoNistMapping_1.NiktoNistMapping();
|
|
13
14
|
function formatTitle(file) {
|
|
14
15
|
return `Nikto Target: ${projectName(file)}`;
|
|
@@ -53,6 +54,10 @@ class NiktoMapper extends base_converter_1.BaseConverter {
|
|
|
53
54
|
key: 'id',
|
|
54
55
|
tags: {
|
|
55
56
|
nist: { path: 'id', transformer: nistTag },
|
|
57
|
+
cci: {
|
|
58
|
+
path: 'id',
|
|
59
|
+
transformer: (id) => (0, global_1.getCCIsForNISTTags)(nistTag(id))
|
|
60
|
+
},
|
|
56
61
|
ösvdb: { path: 'OSVDB' }
|
|
57
62
|
},
|
|
58
63
|
refs: [],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,kEAA6D;
|
|
1
|
+
{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,kEAA6D;AAC7D,2CAAkD;AAElD,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,iBAAiB,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;AAC9C,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,SAAS,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,UAAU,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;AACrE,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,OAAO,SAAS,gBAAC,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,YAAY,gBAAC,CAAC,GAAG,CAC1D,aAAa,EACb,QAAQ,CACT,EAAE,CAAC;AACN,CAAC;AACD,SAAS,OAAO,CAAC,EAAU;IACzB,OAAO,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IA4E5C,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QA1E/B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;aACtC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,uBAAuB;oBAC7B,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oBACjC,OAAO,EAAE;wBACP,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4BACtC,OAAO,WAAW,KAAK,EAAE,CAAC;wBAC5B,CAAC;qBACF;oBACD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAC;gCACxC,GAAG,EAAE;oCACH,IAAI,EAAE,IAAI;oCACV,WAAW,EAAE,CAAC,EAAU,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iCAC7D;gCACD,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;6BACvB;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACpB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACnB,MAAM,EAAE,GAAG;4BACX,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,OAAO;gCACb,IAAI,EAAE,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC;6BAClE;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAhFD,kCAgFC"}
|
|
@@ -12,6 +12,7 @@ export declare type PrismaControl = {
|
|
|
12
12
|
Severity: string;
|
|
13
13
|
Cause?: string;
|
|
14
14
|
};
|
|
15
|
+
export declare function nistTag(cveTag: string | undefined): string[];
|
|
15
16
|
export declare class PrismaControlMapper extends BaseConverter {
|
|
16
17
|
mappings: MappedTransform<ExecJSON.Execution, ILookupPath>;
|
|
17
18
|
constructor(prismaControls: PrismaControl[]);
|
package/lib/src/prisma-mapper.js
CHANGED
|
@@ -3,7 +3,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.PrismaMapper = exports.PrismaControlMapper = void 0;
|
|
6
|
+
exports.PrismaMapper = exports.PrismaControlMapper = exports.nistTag = void 0;
|
|
7
7
|
const inspecjs_1 = require("inspecjs");
|
|
8
8
|
const lodash_1 = __importDefault(require("lodash"));
|
|
9
9
|
const package_json_1 = require("../package.json");
|
|
@@ -16,7 +16,15 @@ const SEVERITY_LOOKUP = {
|
|
|
16
16
|
important: 0.9,
|
|
17
17
|
critical: 1
|
|
18
18
|
};
|
|
19
|
-
|
|
19
|
+
function nistTag(cveTag) {
|
|
20
|
+
if (!cveTag) {
|
|
21
|
+
return global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS;
|
|
22
|
+
}
|
|
23
|
+
else {
|
|
24
|
+
return global_1.DEFAULT_UPDATE_REMEDIATION_NIST_TAGS;
|
|
25
|
+
}
|
|
26
|
+
}
|
|
27
|
+
exports.nistTag = nistTag;
|
|
20
28
|
class PrismaControlMapper extends base_converter_1.BaseConverter {
|
|
21
29
|
constructor(prismaControls) {
|
|
22
30
|
super({ records: prismaControls });
|
|
@@ -51,16 +59,13 @@ class PrismaControlMapper extends base_converter_1.BaseConverter {
|
|
|
51
59
|
key: 'id',
|
|
52
60
|
desc: { path: 'Description' },
|
|
53
61
|
tags: {
|
|
62
|
+
cci: {
|
|
63
|
+
path: 'CVE ID',
|
|
64
|
+
transformer: (cve) => (0, global_1.getCCIsForNISTTags)(nistTag(cve))
|
|
65
|
+
},
|
|
54
66
|
nist: {
|
|
55
67
|
path: 'CVE ID',
|
|
56
|
-
transformer:
|
|
57
|
-
if (!cveTag) {
|
|
58
|
-
return global_1.DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS;
|
|
59
|
-
}
|
|
60
|
-
else {
|
|
61
|
-
return REMEDIATION_NIST_TAG;
|
|
62
|
-
}
|
|
63
|
-
}
|
|
68
|
+
transformer: nistTag
|
|
64
69
|
},
|
|
65
70
|
cve: { path: 'CVE ID' },
|
|
66
71
|
cvss: { path: 'cssv' }
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prisma-mapper.js","sourceRoot":"","sources":["../../src/prisma-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,
|
|
1
|
+
{"version":3,"file":"prisma-mapper.js","sourceRoot":"","sources":["../../src/prisma-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,2CAIwB;AAexB,MAAM,eAAe,GAA2B;IAC9C,GAAG,EAAE,GAAG;IACR,QAAQ,EAAE,GAAG;IACb,IAAI,EAAE,GAAG;IACT,SAAS,EAAE,GAAG;IACd,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF,SAAgB,OAAO,CAAC,MAA0B;IAChD,IAAI,CAAC,MAAM,EAAE;QACX,OAAO,+CAAsC,CAAC;KAC/C;SAAM;QACL,OAAO,6CAAoC,CAAC;KAC7C;AACH,CAAC;AAND,0BAMC;AAED,MAAa,mBAAoB,SAAQ,8BAAa;IAwHpD,YAAY,cAA+B;QACzC,KAAK,CAAC,EAAC,OAAO,EAAE,cAAc,EAAC,CAAC,CAAC;QAxHnC,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,0BAA0B;aACtC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,6BAA6B;oBACnC,OAAO,EAAE,EAAE;oBACX,KAAK,EAAE,0BAA0B;oBACjC,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE,EAAE;oBACX,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,SAAS;4BACf,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,CAAC,GAAW,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC;iCAC/D;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,OAAO;iCACrB;gCACD,GAAG,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;gCACrB,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;6BACrB;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,CAAC,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,oBAAoB,EAAC,EAAC,CAAC;4BAC3C,eAAe,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;4BACnC,EAAE,EAAE;gCACF,WAAW,EAAE,CAAC,IAAmB,EAAE,EAAE;oCACnC,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE;wCAClB,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;qCACrD;yCAAM;wCACL,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;qCACnE;gCACH,CAAC;6BACF;4BACD,KAAK,EAAE;gCACL,WAAW,EAAE,CAAC,IAAmB,EAAE,EAAE,CACnC,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,EAAE;6BACjD;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,CAAC,QAAgB,EAAE,EAAE;oCAChC,IAAI,QAAQ,EAAE;wCACZ,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;qCAClC;yCAAM;wCACL,OAAO,GAAG,CAAC;qCACZ;gCACH,CAAC;6BACF;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,GAAkB,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;6BAClE;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,WAAW,EAAE,CAAC,GAAkB,EAAE,EAAE;4CAClC,IAAI,MAAM,GAAG,EAAE,CAAC;4CAChB,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE;gDACxB,IAAI,GAAG,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE;oDAC1B,MAAM,IAAI,6BAA6B,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;iDAC1D;6CACF;iDAAM,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE;gDAC/B,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE;oDACrB,MAAM,IAAI,2BAA2B,GAAG,CAAC,MAAM,EAAE,CAAC;iDACnD;qDAAM;oDACL,MAAM,IAAI,EAAE,CAAC;iDACd;6CACF;iDAAM;gDACL,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,cAAc,GAAG,CAAC,QAAQ,EAAE,CAAC;6CACnD;4CACD,MAAM,IAAI,OAAO,GAAG,CAAC,WAAW,EAAE,CAAC;4CACnC,OAAO,MAAM,CAAC;wCAChB,CAAC;qCACF;oCACD,OAAO,EAAE;wCACP,WAAW,EAAE,CAAC,GAAkB,EAAE,EAAE;4CAClC,IAAI,MAAM,GAAG,EAAE,CAAC;4CAChB,IAAI,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,KAAK,EAAE,EAAE;gDAChD,MAAM,IAAI,eAAe,GAAG,CAAC,YAAY,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,CAAC;6CAC9D;iDAAM,IAAI,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE;gDACnC,MAAM,IAAI,eAAe,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;6CAC9C;iDAAM,IAAI,GAAG,CAAC,KAAK,KAAK,EAAE,EAAE;gDAC3B,MAAM,IAAI,UAAU,GAAG,CAAC,KAAK,EAAE,CAAC;6CACjC;iDAAM;gDACL,MAAM,IAAI,SAAS,CAAC;6CACrB;4CACD,OAAO,MAAM,CAAC;wCAChB,CAAC;qCACF;oCACD,UAAU,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;iCAChC;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAIF,CAAC;CACF;AA3HD,kDA2HC;AAED,MAAa,YAAY;IAmBvB,YAAY,SAAiB;QAlB7B,SAAI,GAAoB,EAAE,CAAC;QAmBzB,IAAI,CAAC,IAAI,GAAG,IAAA,yBAAQ,EAAC,SAAS,CAAoB,CAAC;IACrD,CAAC;IAlBD,KAAK;QACH,MAAM,UAAU,GAAyB,EAAE,CAAC;QAC5C,MAAM,kBAAkB,GAAoC,EAAE,CAAC;QAC/D,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAqB,EAAE,EAAE;YAC1C,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;gBACpC,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC;YAC/C,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,EAAE;YAClE,MAAM,SAAS,GAAG,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,CAAC;YAC5D,gBAAC,CAAC,GAAG,CAAC,SAAS,EAAE,oBAAoB,EAAE,QAAQ,CAAC,CAAC;YACjD,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,OAAO,UAAU,CAAC;IACpB,CAAC;CAKF;AAtBD,oCAsBC"}
|
package/lib/src/sarif-mapper.js
CHANGED
|
@@ -70,6 +70,10 @@ class SarifMapper extends base_converter_1.BaseConverter {
|
|
|
70
70
|
path: 'results',
|
|
71
71
|
key: 'id',
|
|
72
72
|
tags: {
|
|
73
|
+
cci: {
|
|
74
|
+
path: 'vulnerabilityClassifications',
|
|
75
|
+
transformer: (data) => (0, global_1.getCCIsForNISTTags)(nistTag(data))
|
|
76
|
+
},
|
|
73
77
|
nist: { path: MESSAGE_TEXT, transformer: nistTag },
|
|
74
78
|
cwe: {
|
|
75
79
|
path: MESSAGE_TEXT,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sarif-mapper.js","sourceRoot":"","sources":["../../src/sarif-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,
|
|
1
|
+
{"version":3,"file":"sarif-mapper.js","sourceRoot":"","sources":["../../src/sarif-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,OAAO,EAAE,GAAG,CAAC;IACd,CAAC,SAAS,EAAE,GAAG,CAAC;IAChB,CAAC,MAAM,EAAE,GAAG,CAAC;CACd,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,cAAc,CAAC;AACpC,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAE9C,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACnE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;KAChE;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AACD,SAAS,aAAa,CAAC,QAAiB;IACtC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;QAChE,OAAO,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,GAAG,CAAC;KACrE;SAAM;QACL,OAAO,GAAG,CAAC;KACZ;AACH,CAAC;AACD,SAAS,cAAc,CAAC,KAAc;IACpC,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,SAAS,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,sBAAsB,CAAC,EAAE,CAAC,CAAC;IAC7D,MAAM,CAAC,IAAI,CAAC,UAAU,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC;IAC1D,MAAM,CAAC,IAAI,CAAC,YAAY,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,CAAC;IAC9D,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC1B,CAAC;AACD,SAAS,OAAO,CAAC,IAAY;IAC3B,IAAI,WAAW,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;IACnC,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IA0H5C,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAxH/B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,4CAA4C;aACxD;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;oBAC5B,KAAK,EAAE,4CAA4C;oBACnD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,SAAS;4BACf,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACjE;gCACD,IAAI,EAAE,EAAC,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,OAAO,EAAC;gCAChD,GAAG,EAAE;oCACH,IAAI,EAAE,YAAY;oCAClB,WAAW,EAAE,UAAU;iCACxB;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE;gCACf,WAAW,EAAE,CAAC,OAAgB,EAAE,EAAE;oCAChC,OAAO,gBAAC,CAAC,MAAM,CACb;wCACE,GAAG,EAAE,gBAAC,CAAC,GAAG,CACR,OAAO,EACP,oDAAoD,CACrD;wCACD,IAAI,EAAE,gBAAC,CAAC,GAAG,CACT,OAAO,EACP,gDAAgD,CACjD;qCACF,EACD,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,EAAE,CACxB,CAAC;gCACJ,CAAC;6BACF;4BACD,KAAK,EAAE;gCACL,IAAI,EAAE,YAAY;gCAClB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;oCACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;wCAC5B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;qCAC5B;yCAAM;wCACL,OAAO,EAAE,CAAC;qCACX;gCACH,CAAC;6BACF;4BACD,EAAE,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;4BACpB,IAAI,EAAE;gCACJ,IAAI,EAAE,YAAY;gCAClB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;oCACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;wCAC5B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;qCAC5B;yCAAM;wCACL,OAAO,EAAE,CAAC;qCACX;gCACH,CAAC;6BACF;4BACD,MAAM,EAAE,EAAC,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAC;4BACnD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,+BAA+B;wCACrC,WAAW,EAAE,cAAc;qCAC5B;oCAED,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,IAAI,QAAQ,GAAG,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACnC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;wBAC3B,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAA4B,EAAE,EAAE,CACvD,gBAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CACzB,CAAC;qBACH;oBACD,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,OAAO;gCACb,IAAI,EAAE;oCACJ,OAAO,EAAE,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC;oCAC/B,IAAI,EAAE,QAAQ;iCACf;6BACF;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA9HD,kCA8HC"}
|
|
@@ -9,6 +9,7 @@ const lodash_1 = __importDefault(require("lodash"));
|
|
|
9
9
|
const package_json_1 = require("../package.json");
|
|
10
10
|
const base_converter_1 = require("./base-converter");
|
|
11
11
|
const ScoutsuiteNistMapping_1 = require("./mappings/ScoutsuiteNistMapping");
|
|
12
|
+
const global_1 = require("./utils/global");
|
|
12
13
|
const INSPEC_INPUTS_MAPPING = {
|
|
13
14
|
string: 'String',
|
|
14
15
|
numeric: 'Numeric',
|
|
@@ -204,7 +205,11 @@ class ScoutsuiteMapper extends base_converter_1.BaseConverter {
|
|
|
204
205
|
path: 'services',
|
|
205
206
|
key: 'id',
|
|
206
207
|
tags: {
|
|
207
|
-
nist: { path: '[0]', transformer: nistTag }
|
|
208
|
+
nist: { path: '[0]', transformer: nistTag },
|
|
209
|
+
cci: {
|
|
210
|
+
path: '[0]',
|
|
211
|
+
transformer: (data) => (0, global_1.getCCIsForNISTTags)(nistTag(data))
|
|
212
|
+
}
|
|
208
213
|
},
|
|
209
214
|
refs: [
|
|
210
215
|
{ url: { path: '[1].references[0]' } },
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scoutsuite-mapper.js","sourceRoot":"","sources":["../../src/scoutsuite-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,4EAAuE;
|
|
1
|
+
{"version":3,"file":"scoutsuite-mapper.js","sourceRoot":"","sources":["../../src/scoutsuite-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,4EAAuE;AACvE,2CAAkD;AAElD,MAAM,qBAAqB,GAAG;IAC5B,MAAM,EAAE,QAAQ;IAChB,OAAO,EAAE,SAAS;IAClB,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,OAAO;IACd,IAAI,EAAE,MAAM;IACZ,OAAO,EAAE,SAAS;IAClB,GAAG,EAAE,KAAK;CACX,CAAC;AACF,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,SAAS,EAAE,GAAG,CAAC;CACjB,CAAC,CAAC;AAEH,MAAM,uBAAuB,GAAG,IAAI,6CAAqB,EAAE,CAAC;AAE5D,SAAS,cAAc,CAAC,IAAa;IACnC,OAAO,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;AAC9C,CAAC;AACD,SAAS,cAAc,CAAC,IAAa;IACnC,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,YAAY,gBAAC,CAAC,GAAG,CAC7C,IAAI,EACJ,eAAe,CAChB,IAAI,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;AACnC,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,4BAA4B,cAAc,CAAC,IAAI,CAAC,eAAe,gBAAC,CAAC,GAAG,CACzE,IAAI,EACJ,eAAe,CAChB,iBAAiB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;AAChD,CAAC;AACD,SAAS,UAAU,CAAC,KAAc;IAChC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;QACxB,OAAO,KAAK;aACT,GAAG,CACF,CAAC,OAAO,EAAE,EAAE,CACV,kBAAkB,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,eAAe,gBAAC,CAAC,GAAG,CAC1D,OAAO,EACP,WAAW,CACZ,aAAa,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAC5C;aACA,IAAI,CAAC,IAAI,CAAC,CAAC;KACf;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QACvC,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;KAC7C;SAAM,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QAC9C,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;KAC5C;SAAM;QACL,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;KAC5C;AACH,CAAC;AACD,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QACvC,OAAO,uCAAuC,CAAC;KAChD;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,UAAU,CAAC,KAAc;IAChC,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QACvC,OAAO,EAAE,CAAC;KACX;SAAM,IAAI,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,EAAE;QAC9C,OAAO,0BAA0B,gBAAC,CAAC,GAAG,CACpC,KAAK,EACL,eAAe,CAChB,gBAAgB,CAAC;KACnB;SAAM;QACL,OAAO,GAAG,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,eAAe,CAAC,yBAAyB,gBAAC,CAAC,GAAG,CACnE,KAAK,EACL,eAAe,CAChB,oBAAoB,gBAAC,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;KACzD;AACH,CAAC;AACD,SAAS,OAAO,CAAC,IAAY;IAC3B,OAAO,uBAAuB,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AAC/C,CAAC;AACD,SAAS,UAAU,CAAC,KAAyB;IAC3C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,OAAO,KAAK,CAAC;KACd;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,gBAAgB,CACvB,IAA6B;IAE7B,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAC5B,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAA4B,CACnD,CAAC;IACF,MAAM,QAAQ,GAA8B,EAAE,CAAC;IAC/C,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC3B,QAAQ,CAAC,IAAI,CAAC,gBAAC,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC,CAAC,CAAC;IACH,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC1C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YAC7C,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC3B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IACH,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;IACjC,OAAO,IAAI,CAAC;AACd,CAAC;AACD,MAAa,gBAAiB,SAAQ,8BAAa;IA2KjD,YAAY,cAAsB,EAAE,OAAO,GAAG,KAAK;QACjD,KAAK,CAAC,gBAAgB,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAzKxE,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;aACzC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,gDAAgD;oBACtD,OAAO,EAAE,EAAC,IAAI,EAAE,kBAAkB,EAAC;oBACnC,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oBACjC,OAAO,EAAE,EAAC,IAAI,EAAE,wBAAwB,EAAC;oBACzC,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE;wBACV;4BACE,IAAI,EAAE,YAAY;4BAClB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;gCAC3B,QAAQ,EAAE,IAAI;gCACd,SAAS,EAAE,KAAK;gCAChB,IAAI,EAAE,qBAAqB,CAAC,MAAM;6BACnC;yBACF;wBACD;4BACE,IAAI,EAAE,aAAa;4BACnB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;6BAC7B;yBACF;wBACD;4BACE,IAAI,EAAE,SAAS;4BACf,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,uBAAuB,EAAC;6BACvC;yBACF;wBACD;4BACE,IAAI,EAAE,iCAAiC;4BACvC,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,yCAAyC;oCAC/C,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,wBAAwB;4BAC9B,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,iCAAiC;oCACvC,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,yBAAyB;4BAC/B,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,kCAAkC;oCACxC,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,iCAAiC;4BACvC,OAAO,EAAE;gCACP,KAAK,EAAE;oCACL,IAAI,EAAE,0CAA0C;oCAChD,WAAW,EAAE,UAAU;iCACxB;6BACF;yBACF;wBACD;4BACE,IAAI,EAAE,MAAM;4BACZ,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;6BAC/B;yBACF;wBACD;4BACE,IAAI,EAAE,WAAW;4BACjB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;6BAC3B;yBACF;wBACD;4BACE,IAAI,EAAE,eAAe;4BACrB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;6BAC/B;yBACF;wBACD;4BACE,IAAI,EAAE,eAAe;4BACrB,OAAO,EAAE;gCACP,KAAK,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;6BAC/B;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,UAAU;4BAChB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAC;gCACzC,GAAG,EAAE;oCACH,IAAI,EAAE,KAAK;oCACX,WAAW,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACjE;6BACF;4BACD,IAAI,EAAE;gCACJ,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,mBAAmB,EAAC,EAAC;gCAClC,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,UAAU,EAAC,EAAC;6BACzD;4BACD,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;4BAChC,EAAE,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACjB,IAAI,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;4BAC7B,YAAY,EAAE;gCACZ,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC,EAAE,KAAK,EAAE,KAAK,EAAC;gCAC/C,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC,EAAE,KAAK,EAAE,SAAS,EAAC;gCAC/C,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC,EAAE,KAAK,EAAE,MAAM,EAAC;gCACzC,EAAC,IAAI,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC,EAAE,KAAK,EAAE,WAAW,EAAC;6BACpD;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,WAAW;gCACjB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAC;oCAC7C,YAAY,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,SAAS,EAAC;oCACnD,SAAS,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;oCACpC,OAAO,EAAE,EAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAC;oCAC/C,UAAU,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAC;iCACtC;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,MAAM,OAAO,GAAG,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE;wBAC3B,YAAY;wBACZ,aAAa;wBACb,WAAW;wBACX,eAAe;wBACf,eAAe;wBACf,UAAU;qBACX,CAAC,CAAC;oBACH,OAAO,CAAC,QAAQ,GAAG,gBAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,SAAS,CAAC,CAAC,CAAC;oBACzD,OAAO;wBACL,cAAc,EAAE,OAAO;wBACvB,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA/KD,4CA+KC"}
|
package/lib/src/snyk-mapper.js
CHANGED
|
@@ -16,6 +16,7 @@ const IMPACT_MAPPING = new Map([
|
|
|
16
16
|
['low', 0.3]
|
|
17
17
|
]);
|
|
18
18
|
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping();
|
|
19
|
+
const CWE_PATH = 'identifiers.CWE';
|
|
19
20
|
function parseIdentifier(identifiers) {
|
|
20
21
|
const output = [];
|
|
21
22
|
if (identifiers !== undefined && Array.isArray(identifiers)) {
|
|
@@ -103,8 +104,12 @@ class SnykMapper extends base_converter_1.BaseConverter {
|
|
|
103
104
|
path: 'vulnerabilities',
|
|
104
105
|
key: 'id',
|
|
105
106
|
tags: {
|
|
106
|
-
|
|
107
|
-
|
|
107
|
+
cci: {
|
|
108
|
+
path: CWE_PATH,
|
|
109
|
+
transformer: (cwe) => (0, global_1.getCCIsForNISTTags)(nistTag(cwe))
|
|
110
|
+
},
|
|
111
|
+
nist: { path: CWE_PATH, transformer: nistTag },
|
|
112
|
+
cweid: { path: CWE_PATH, transformer: parseIdentifier },
|
|
108
113
|
cveid: { path: 'identifiers.CVE', transformer: parseIdentifier },
|
|
109
114
|
ghsaid: { path: 'identifiers.GHSA', transformer: parseIdentifier }
|
|
110
115
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"snyk-mapper.js","sourceRoot":"","sources":["../../src/snyk-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AACzD,
|
|
1
|
+
{"version":3,"file":"snyk-mapper.js","sourceRoot":"","sources":["../../src/snyk-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,uCAAkC;AAClC,oDAAuB;AACvB,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AACzD,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;CACb,CAAC,CAAC;AACH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAE9C,MAAM,QAAQ,GAAG,iBAAiB,CAAC;AAEnC,SAAS,eAAe,CAAC,WAAgC;IACvD,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,WAAW,KAAK,SAAS,IAAI,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE;QAC3D,WAAW,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC9B,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACnC,OAAO,CAAC,KAAK,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;QACH,OAAO,MAAM,CAAC;KACf;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,OAAO,CAAC,WAAsB;IACrC,OAAO,gBAAgB,CAAC,UAAU,CAChC,eAAe,CAAC,WAAW,CAAC,EAC5B,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,WAAW;IAGtB,YAAY,QAAgB;QAC1B,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,KAAK;QACH,MAAM,OAAO,GAAyB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YAC5B,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC5B,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,CAAC;gBACtC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE;oBACpC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;iBACvC;gBACD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC9B,CAAC,CAAC,CAAC;YACH,OAAO,OAAO,CAAC;SAChB;aAAM;YACL,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE;gBACpC,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;aACxC;YACD,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;SACvB;IACH,CAAC;CACF;AA1BD,kCA0BC;AAED,MAAa,UAAW,SAAQ,8BAAa;IAsG3C,YAAY,QAAiC;QAC3C,KAAK,CAAC,QAAQ,CAAC,CAAC;QAtGlB,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;aACjC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,WAAW;oBACjB,KAAK,EAAE;wBACL,WAAW,EAAE,CAAC,IAA6B,EAAU,EAAE;4BACrD,MAAM,WAAW,GAAG,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC;gCAC5C,CAAC,CAAC,iBAAiB,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,aAAa,CAAC,GAAG;gCAChD,CAAC,CAAC,EAAE,CAAC;4BACP,OAAO,GAAG,WAAW,cAAc,gBAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;wBAC3D,CAAC;qBACF;oBACD,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE;wBACP,IAAI,EAAE,SAAS;wBACf,WAAW,EAAE,CAAC,OAAe,EAAU,EAAE;4BACvC,OAAO,iBAAiB,OAAO,EAAE,CAAC;wBACpC,CAAC;qBACF;oBACD,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,CAAC,GAAc,EAAE,EAAE,CAC9B,IAAA,2BAAkB,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC;iCACnC;gCACD,IAAI,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,OAAO,EAAC;gCAC5C,KAAK,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAC;gCACrD,KAAK,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,eAAe,EAAC;gCAC9D,MAAM,EAAE,EAAC,IAAI,EAAE,kBAAkB,EAAE,WAAW,EAAE,eAAe,EAAC;6BACjE;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;4BACtB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE;oCAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;gCAChD,CAAC;6BACF;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,MAAM;wCACZ,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4CACtC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;gDACxB,OAAO,YAAY,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;6CAC1C;iDAAM;gDACL,OAAO,EAAE,CAAC;6CACX;wCACH,CAAC;qCACF;oCACD,QAAQ,EAAE,CAAC;oCACX,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,aAAa,EAAE;oBACb,WAAW,EAAE,CACX,IAA6B,EACJ,EAAE;wBAC3B,OAAO,gBAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,iBAAiB,CAAC,CAAC,CAAC;oBAC3C,CAAC;iBACF;aACF;SACF,CAAC;IAGF,CAAC;CACF;AAzGD,gCAyGC"}
|
|
@@ -10,6 +10,7 @@ const package_json_1 = require("../package.json");
|
|
|
10
10
|
const base_converter_1 = require("./base-converter");
|
|
11
11
|
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
12
12
|
const OwaspNistMapping_1 = require("./mappings/OwaspNistMapping");
|
|
13
|
+
const global_1 = require("./utils/global");
|
|
13
14
|
const IMPACT_MAPPING = new Map([
|
|
14
15
|
['blocker', 1.0],
|
|
15
16
|
['critical', 0.7],
|
|
@@ -172,6 +173,9 @@ function createSonarqubeMappings(projectName, branchName, pullRequestID) {
|
|
|
172
173
|
},
|
|
173
174
|
code: null,
|
|
174
175
|
tags: {
|
|
176
|
+
cci: {
|
|
177
|
+
transformer: (issue) => (0, global_1.getCCIsForNISTTags)(parseNistTags(issue))
|
|
178
|
+
},
|
|
175
179
|
nist: { transformer: parseNistTags }
|
|
176
180
|
},
|
|
177
181
|
results: [
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sonarqube-mapper.js","sourceRoot":"","sources":["../../src/sonarqube-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA2C;AAC3C,uCAAkC;AAClC,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AACzD,kEAA6D;
|
|
1
|
+
{"version":3,"file":"sonarqube-mapper.js","sourceRoot":"","sources":["../../src/sonarqube-mapper.ts"],"names":[],"mappings":";;;;;;AAAA,kDAA2C;AAC3C,uCAAkC;AAClC,kDAAgE;AAChE,qDAK0B;AAC1B,8DAAyD;AACzD,kEAA6D;AAC7D,2CAAkD;AAyClD,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,SAAS,EAAE,GAAG,CAAC;IAChB,CAAC,UAAU,EAAE,GAAG,CAAC;IACjB,CAAC,OAAO,EAAE,GAAG,CAAC;IACd,CAAC,OAAO,EAAE,GAAG,CAAC;IACd,CAAC,MAAM,EAAE,GAAG,CAAC;CACd,CAAC,CAAC;AACH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,cAAc,CAAC,aAAsB;IAC5C,MAAM,kBAAkB,GAAG,aAI1B,CAAC;IACF,IAAI,kBAAkB,CAAC,SAAS,EAAE;QAChC,MAAM,QAAQ,GAAG,cAAc,kBAAkB,CAAC,SAAS,CAAC,SAAS,cAAc,kBAAkB,CAAC,SAAS,CAAC,OAAO,iBAAiB,kBAAkB,CAAC,IAAI,QAAQ,CAAC;QACxK,OAAO,QAAQ,kBAAkB,CAAC,SAAS,IAAI,kBAAkB,CAAC,SAAS,CAAC,SAAS,IAAI,kBAAkB,CAAC,SAAS,CAAC,OAAO,IAAI,QAAQ,EAAE,CAAC;KAC7I;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AAED,SAAS,aAAa,CAAC,KAAY;;IACjC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAA,KAAK,CAAC,OAAO,0CAAE,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QAChC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE;YAC7C,MAAM,UAAU,GAAG;gBACjB,MAAM,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE;aACzD,CAAC;YACF,IAAI,CAAC,IAAI,CAAC,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC;SAClE;IACH,CAAC,CAAC,CAAC;IAEH,MAAA,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,0BAA0B,CAAC,0CAAE,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACjE,IAAI,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAa,gBAAgB;IAU3B,YACE,aAAqB,EACrB,SAAiB,EACjB,SAAiB,EACjB,UAAmB,EACnB,aAAsB;QAdxB,SAAI,GAAc;YAChB,MAAM,EAAE,EAAE;SACX,CAAC;QACF,kBAAa,GAAG,EAAE,CAAC;QACnB,cAAS,GAAG,EAAE,CAAC;QACf,cAAS,GAAG,EAAE,CAAC;QACf,eAAU,GAAI,EAAE,CAAC;QACjB,kBAAa,GAAI,EAAE,CAAC;QASlB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,KAAK;QACT,OAAO,IAAI,CAAC,cAAc,EAAE,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,cAAc;;QAElB,IAAI,MAAM,GAAG,IAAI,CAAC;QAClB,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,OAAO,MAAM,EAAE;YACb,MAAM,eAAK;iBACR,GAAG,CAAY,GAAG,IAAI,CAAC,aAAa,oBAAoB,EAAE;gBACzD,IAAI,EAAE,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,EAAC;gBAC9C,MAAM,EAAE;oBACN,aAAa,EAAE,IAAI,CAAC,SAAS;oBAC7B,KAAK,EAAE,eAAe;oBACtB,CAAC,EAAE,IAAI;oBACP,GAAG,CAAC,IAAI,CAAC,UAAU,IAAI,EAAC,MAAM,EAAE,IAAI,CAAC,UAAU,EAAC,CAAC;oBACjD,GAAG,CAAC,IAAI,CAAC,aAAa,IAAI,EAAC,WAAW,EAAE,IAAI,CAAC,aAAa,EAAC,CAAC;iBAG7D;aACF,CAAC;iBACD,IAAI,CAAC,CAAC,EAAC,IAAI,EAAC,EAAE,EAAE;;gBACf,IAAI,IAAI,CAAC,MAAM,EAAE;oBACf,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;iBACvC;gBACD,MAAM,GAAG,CAAA,MAAA,IAAI,CAAC,MAAM,0CAAE,KAAK,MAAK,GAAG,CAAC;gBACpC,IAAI,IAAI,CAAC,CAAC;YACZ,CAAC,CAAC,CAAC;SACN;QAED,IAAI,QAAQ,GAA6B,EAAE,CAAC;QAC5C,MAAA,IAAI,CAAC,IAAI,CAAC,MAAM,0CAAE,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAClC,QAAQ,CAAC,IAAI,CACX,eAAK,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,kBAAkB,EAAE;gBACjD,IAAI,EAAE,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,EAAC;gBAC9C,MAAM,EAAE;oBACN,GAAG,EAAE,KAAK,CAAC,SAAS;iBACrB;aACF,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,MAAM,eAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,CAC5B,eAAK,CAAC,MAAM,CAAC,CAAC,GAAG,SAAS,EAAE,EAAE;YAE5B,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,EAAE;;gBACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI;qBACzC,KAAK,CAAC,IAAI,CAAC;qBACX,KAAK,CACJ,CAAC,MAAA,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,0CAAE,SAAoB,IAAG,CAAC,EAE5D,CAAC,MAAA,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,0CAAE,OAAkB,IAAG,CAAC,CAC3D;qBACA,IAAI,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CACH,CAAC;QAEF,QAAQ,GAAG,EAAE,CAAC;QACd,MAAA,IAAI,CAAC,IAAI,CAAC,MAAM,0CAAE,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YAClC,QAAQ,CAAC,IAAI,CACX,eAAK,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,aAAa,iBAAiB,EAAE;gBAChD,IAAI,EAAE,EAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,EAAC;gBAC9C,MAAM,EAAE;oBACN,GAAG,EAAE,KAAK,CAAC,IAAI;iBAChB;aACF,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;QACH,MAAM,eAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,CAC5B,eAAK,CAAC,MAAM,CAAC,CAAC,GAAG,SAAS,EAAE,EAAE;YAC5B,SAAS,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,EAAE;gBACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC;gBAC7D,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;gBACvD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;YAChE,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CACH,CAAC;QAEF,MAAM,MAAM,GAAG,IAAI,eAAe,CAChC,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,SAAS,EACd,IAAI,CAAC,UAAU,EACf,IAAI,CAAC,aAAa,CACnB,CAAC;QACF,OAAO,MAAM,CAAC,KAAK,EAAE,CAAC;IACxB,CAAC;CACF;AAhHD,4CAgHC;AAED,SAAS,uBAAuB,CAC9B,WAAmB,EACnB,UAAmB,EACnB,aAAsB;IAEtB,MAAM,uBAAuB,GAC3B,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3C,CAAC,aAAa,CAAC,CAAC,CAAC,iBAAiB,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1D,OAAO;QACL,QAAQ,EAAE;YACR,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAoB;YAC7B,SAAS,EAAE,WAAW;SACvB;QACD,OAAO,EAAE,sBAAoB;QAC7B,UAAU,EAAE;YACV,QAAQ,EAAE,IAAI;SACf;QACD,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,6BAA6B,WAAW,GAAG,uBAAuB,EAAE;gBAC3E,UAAU,EAAE,IAAI;gBAChB,OAAO,EAAE,6BAA6B,WAAW,GAAG,uBAAuB,EAAE;gBAC7E,OAAO,EAAE,IAAI;gBACb,SAAS,EAAE,IAAI;gBACf,eAAe,EAAE,IAAI;gBACrB,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE,EAAE;gBACX,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,QAAQ;gBAChB,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,QAAQ;wBACd,GAAG,EAAE,IAAI;wBACT,IAAI,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;wBACvB,YAAY,EAAE,EAAE;wBAChB,IAAI,EAAE,EAAE;wBACR,eAAe,EAAE,EAAE;wBACnB,EAAE,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;wBAClB,KAAK,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;wBACrB,MAAM,EAAE;4BACN,IAAI,EAAE,UAAU;4BAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;yBAC3C;wBACD,IAAI,EAAE,IAAI;wBACV,IAAI,EAAE;4BACJ,GAAG,EAAE;gCACH,WAAW,EAAE,CAAC,KAAY,EAAE,EAAE,CAC5B,IAAA,2BAAkB,EAAC,aAAa,CAAC,KAAK,CAAC,CAAC;6BAC3C;4BACD,IAAI,EAAE,EAAC,WAAW,EAAE,aAAa,EAAC;yBACnC;wBACD,OAAO,EAAE;4BACP;gCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;gCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;gCACxC,QAAQ,EAAE,CAAC;gCACX,UAAU,EAAE,EAAE;6BACf;yBACF;qBACF;iBACF;gBACD,MAAM,EAAE,EAAE;aACX;SACF;KACF,CAAC;AACJ,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IAIhD,YACE,UAAqB,EACrB,WAAmB,EACnB,UAAmB,EACnB,aAAsB;QAEtB,KAAK,CAAC,UAAiC,CAAC,CAAC;QAT3C,gBAAW,GAAG,EAAE,CAAC;QACjB,eAAU,GAAG,EAAE,CAAC;QAChB,kBAAa,GAAG,EAAE,CAAC;QAQjB,KAAK,CAAC,WAAW,CACf,uBAAuB,CAAC,WAAW,EAAE,UAAU,EAAE,aAAa,CAAC,CAChE,CAAC;IACJ,CAAC;CACF;AAfD,0CAeC"}
|
|
@@ -1,9 +1,15 @@
|
|
|
1
1
|
import { ExecJSON } from 'inspecjs';
|
|
2
2
|
import { BaseConverter, ILookupPath, MappedTransform } from './base-converter';
|
|
3
|
+
export declare class TwistlockResults {
|
|
4
|
+
data: Record<string, unknown>;
|
|
5
|
+
withRaw: boolean;
|
|
6
|
+
constructor(twistlockJson: string, withRaw?: boolean);
|
|
7
|
+
toHdf(): ExecJSON.Execution;
|
|
8
|
+
}
|
|
3
9
|
export declare class TwistlockMapper extends BaseConverter {
|
|
4
10
|
withRaw: boolean;
|
|
5
11
|
mappings: MappedTransform<ExecJSON.Execution & {
|
|
6
12
|
passthrough: unknown;
|
|
7
13
|
}, ILookupPath>;
|
|
8
|
-
constructor(twistlockJson: string, withRaw?: boolean);
|
|
14
|
+
constructor(twistlockJson: Record<string, unknown>, withRaw?: boolean);
|
|
9
15
|
}
|
|
@@ -3,11 +3,12 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
3
3
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
4
4
|
};
|
|
5
5
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
|
-
exports.TwistlockMapper = void 0;
|
|
6
|
+
exports.TwistlockMapper = exports.TwistlockResults = void 0;
|
|
7
7
|
const inspecjs_1 = require("inspecjs");
|
|
8
8
|
const lodash_1 = __importDefault(require("lodash"));
|
|
9
9
|
const package_json_1 = require("../package.json");
|
|
10
10
|
const base_converter_1 = require("./base-converter");
|
|
11
|
+
const global_1 = require("./utils/global");
|
|
11
12
|
const IMPACT_MAPPING = new Map([
|
|
12
13
|
['critical', 0.9],
|
|
13
14
|
['important', 0.9],
|
|
@@ -16,14 +17,27 @@ const IMPACT_MAPPING = new Map([
|
|
|
16
17
|
['moderate', 0.5],
|
|
17
18
|
['low', 0.3]
|
|
18
19
|
]);
|
|
20
|
+
class TwistlockResults {
|
|
21
|
+
constructor(twistlockJson, withRaw = false) {
|
|
22
|
+
this.data = JSON.parse(twistlockJson);
|
|
23
|
+
this.withRaw = withRaw;
|
|
24
|
+
}
|
|
25
|
+
toHdf() {
|
|
26
|
+
if (!lodash_1.default.has(this.data, 'results')) {
|
|
27
|
+
this.data = { results: [this.data] };
|
|
28
|
+
}
|
|
29
|
+
return new TwistlockMapper(this.data, this.withRaw).toHdf();
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
exports.TwistlockResults = TwistlockResults;
|
|
19
33
|
class TwistlockMapper extends base_converter_1.BaseConverter {
|
|
20
34
|
constructor(twistlockJson, withRaw = false) {
|
|
21
|
-
super(
|
|
35
|
+
super(twistlockJson, true);
|
|
22
36
|
this.mappings = {
|
|
23
37
|
platform: {
|
|
24
38
|
name: 'Heimdall Tools',
|
|
25
39
|
release: package_json_1.version,
|
|
26
|
-
target_id: { path: 'results[0].name' }
|
|
40
|
+
target_id: { path: ['results[0].name', 'results[0].repository'] }
|
|
27
41
|
},
|
|
28
42
|
version: package_json_1.version,
|
|
29
43
|
statistics: {},
|
|
@@ -33,9 +47,13 @@ class TwistlockMapper extends base_converter_1.BaseConverter {
|
|
|
33
47
|
name: 'Twistlock Scan',
|
|
34
48
|
title: {
|
|
35
49
|
transformer: (data) => {
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
50
|
+
let projectArr = 'N/A';
|
|
51
|
+
if (lodash_1.default.has(data, 'collections')) {
|
|
52
|
+
projectArr = lodash_1.default.get(data, 'collections');
|
|
53
|
+
}
|
|
54
|
+
if (lodash_1.default.has(data, 'repository')) {
|
|
55
|
+
projectArr = lodash_1.default.get(data, 'repository');
|
|
56
|
+
}
|
|
39
57
|
const projectName = Array.isArray(projectArr)
|
|
40
58
|
? projectArr.join(' / ')
|
|
41
59
|
: projectArr;
|
|
@@ -62,8 +80,8 @@ class TwistlockMapper extends base_converter_1.BaseConverter {
|
|
|
62
80
|
path: 'vulnerabilities',
|
|
63
81
|
key: 'id',
|
|
64
82
|
tags: {
|
|
65
|
-
nist:
|
|
66
|
-
cci:
|
|
83
|
+
nist: global_1.DEFAULT_UPDATE_REMEDIATION_NIST_TAGS,
|
|
84
|
+
cci: (0, global_1.getCCIsForNISTTags)(global_1.DEFAULT_UPDATE_REMEDIATION_NIST_TAGS),
|
|
67
85
|
cveid: { path: 'id' }
|
|
68
86
|
},
|
|
69
87
|
refs: [],
|