@mitre/hdf-converters 2.6.59 → 2.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +21 -20
- package/lib/data/converters/xml2json.js +25 -2
- package/lib/data/converters/xml2json.js.map +1 -1
- package/lib/data/converters/xml2json.ts +1 -1
- package/lib/index.d.ts +1 -0
- package/lib/index.js +1 -0
- package/lib/index.js.map +1 -1
- package/lib/package.json +4 -3
- package/lib/src/asff-mapper/asff-mapper.js +82 -66
- package/lib/src/asff-mapper/asff-mapper.js.map +1 -1
- package/lib/src/asff-mapper/case-cms-inspec.js +29 -9
- package/lib/src/asff-mapper/case-cms-inspec.js.map +1 -1
- package/lib/src/asff-mapper/case-firewall-manager.js +25 -5
- package/lib/src/asff-mapper/case-firewall-manager.js.map +1 -1
- package/lib/src/asff-mapper/case-guardduty.js +24 -4
- package/lib/src/asff-mapper/case-guardduty.js.map +1 -1
- package/lib/src/asff-mapper/case-inspector.js +24 -4
- package/lib/src/asff-mapper/case-inspector.js.map +1 -1
- package/lib/src/asff-mapper/case-previously-hdf.js +81 -61
- package/lib/src/asff-mapper/case-previously-hdf.js.map +1 -1
- package/lib/src/asff-mapper/case-prowler.js +26 -6
- package/lib/src/asff-mapper/case-prowler.js.map +1 -1
- package/lib/src/asff-mapper/case-security-hub.js +44 -24
- package/lib/src/asff-mapper/case-security-hub.js.map +1 -1
- package/lib/src/asff-mapper/case-trivy.js +30 -10
- package/lib/src/asff-mapper/case-trivy.js.map +1 -1
- package/lib/src/aws-config-mapper.js +31 -8
- package/lib/src/aws-config-mapper.js.map +1 -1
- package/lib/src/base-converter.js +35 -35
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.js +31 -11
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js +47 -27
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-mapper.js +2 -5
- package/lib/src/ckl-mapper/checklist-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js +26 -6
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.js +42 -19
- package/lib/src/converters-from-hdf/asff/transformers.js.map +1 -1
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.d.ts +31 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js +200 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js.map +1 -0
- package/lib/src/converters-from-hdf/reverse-base-converter.js +29 -9
- package/lib/src/converters-from-hdf/reverse-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.d.ts +0 -1
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js +29 -16
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js +25 -2
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js.map +1 -1
- package/lib/src/conveyor-mapper.js +52 -32
- package/lib/src/conveyor-mapper.js.map +1 -1
- package/lib/src/dbprotect-mapper.js +36 -16
- package/lib/src/dbprotect-mapper.js.map +1 -1
- package/lib/src/fortify-mapper.js +50 -30
- package/lib/src/fortify-mapper.js.map +1 -1
- package/lib/src/gosec-mapper.js +26 -6
- package/lib/src/gosec-mapper.js.map +1 -1
- package/lib/src/ionchannel-mapper.js +28 -5
- package/lib/src/ionchannel-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.js +41 -21
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/mappings/AwsConfigMapping.js +24 -4
- package/lib/src/mappings/AwsConfigMapping.js.map +1 -1
- package/lib/src/nessus-mapper.js +70 -50
- package/lib/src/nessus-mapper.js.map +1 -1
- package/lib/src/netsparker-mapper.js +49 -29
- package/lib/src/netsparker-mapper.js.map +1 -1
- package/lib/src/nikto-mapper.js +26 -6
- package/lib/src/nikto-mapper.js.map +1 -1
- package/lib/src/prisma-mapper.js +24 -4
- package/lib/src/prisma-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.js +32 -12
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/scoutsuite-mapper.js +39 -19
- package/lib/src/scoutsuite-mapper.js.map +1 -1
- package/lib/src/snyk-mapper.js +27 -7
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/splunk-mapper.js +29 -6
- package/lib/src/splunk-mapper.js.map +1 -1
- package/lib/src/twistlock-mapper.js +43 -23
- package/lib/src/twistlock-mapper.js.map +1 -1
- package/lib/src/utils/attestations.js +31 -8
- package/lib/src/utils/attestations.js.map +1 -1
- package/lib/src/utils/fingerprinting.js +27 -7
- package/lib/src/utils/fingerprinting.js.map +1 -1
- package/lib/src/utils/global.d.ts +2 -1
- package/lib/src/utils/global.js +35 -5
- package/lib/src/utils/global.js.map +1 -1
- package/lib/src/utils/splunk-tools.js +26 -3
- package/lib/src/utils/splunk-tools.js.map +1 -1
- package/lib/src/veracode-mapper.js +84 -64
- package/lib/src/veracode-mapper.js.map +1 -1
- package/lib/src/xccdf-results-mapper.js +71 -50
- package/lib/src/xccdf-results-mapper.js.map +1 -1
- package/lib/src/zap-mapper.js +39 -19
- package/lib/src/zap-mapper.js.map +1 -1
- package/package.json +4 -3
|
@@ -1,11 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.NetsparkerMapper = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const package_json_1 = require("../package.json");
|
|
10
30
|
const base_converter_1 = require("./base-converter");
|
|
11
31
|
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
@@ -22,11 +42,11 @@ const IMPACT_MAPPING = new Map([
|
|
|
22
42
|
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping();
|
|
23
43
|
const OWASP_NIST_MAPPING = new OwaspNistMapping_1.OwaspNistMapping();
|
|
24
44
|
function nistTag(classification) {
|
|
25
|
-
let cweTag =
|
|
45
|
+
let cweTag = _.get(classification, 'cwe');
|
|
26
46
|
if (!Array.isArray(cweTag)) {
|
|
27
47
|
cweTag = [cweTag];
|
|
28
48
|
}
|
|
29
|
-
let owaspTag =
|
|
49
|
+
let owaspTag = _.get(classification, 'owasp');
|
|
30
50
|
if (!Array.isArray(owaspTag)) {
|
|
31
51
|
owaspTag = [owaspTag];
|
|
32
52
|
}
|
|
@@ -42,43 +62,43 @@ function nistTag(classification) {
|
|
|
42
62
|
}
|
|
43
63
|
function formatControlDesc(vulnerability) {
|
|
44
64
|
const text = [];
|
|
45
|
-
const description =
|
|
65
|
+
const description = _.get(vulnerability, 'description');
|
|
46
66
|
if (description) {
|
|
47
67
|
text.push(description);
|
|
48
68
|
}
|
|
49
|
-
const exploitationSkills =
|
|
69
|
+
const exploitationSkills = _.get(vulnerability, 'exploitation-skills');
|
|
50
70
|
if (exploitationSkills) {
|
|
51
71
|
text.push(`Exploitation-skills: ${exploitationSkills}`);
|
|
52
72
|
}
|
|
53
|
-
const extraInformation =
|
|
73
|
+
const extraInformation = _.get(vulnerability, 'extra-information');
|
|
54
74
|
if (extraInformation) {
|
|
55
75
|
text.push(`Extra-information: ${JSON.stringify(extraInformation).replace(/:/gi, '=>')}`);
|
|
56
76
|
}
|
|
57
|
-
const classification =
|
|
77
|
+
const classification = _.get(vulnerability, 'classification');
|
|
58
78
|
if (classification) {
|
|
59
79
|
text.push(`Classification: ${JSON.stringify(classification).replace(/:/gi, '=>')}`);
|
|
60
80
|
}
|
|
61
|
-
const impact =
|
|
81
|
+
const impact = _.get(vulnerability, 'impact');
|
|
62
82
|
if (impact) {
|
|
63
83
|
text.push(`Impact: ${impact}`);
|
|
64
84
|
}
|
|
65
|
-
const firstSeenDate =
|
|
85
|
+
const firstSeenDate = _.get(vulnerability, 'FirstSeenDate');
|
|
66
86
|
if (firstSeenDate) {
|
|
67
87
|
text.push(`FirstSeenDate: ${firstSeenDate}`);
|
|
68
88
|
}
|
|
69
|
-
const lastSeenDate =
|
|
89
|
+
const lastSeenDate = _.get(vulnerability, 'LastSeenDate');
|
|
70
90
|
if (lastSeenDate) {
|
|
71
91
|
text.push(`LastSeenDate: ${lastSeenDate}`);
|
|
72
92
|
}
|
|
73
|
-
const certainty =
|
|
93
|
+
const certainty = _.get(vulnerability, 'certainty');
|
|
74
94
|
if (certainty) {
|
|
75
95
|
text.push(`Certainty: ${certainty}`);
|
|
76
96
|
}
|
|
77
|
-
const type =
|
|
97
|
+
const type = _.get(vulnerability, 'type');
|
|
78
98
|
if (type) {
|
|
79
99
|
text.push(`Type: ${type}`);
|
|
80
100
|
}
|
|
81
|
-
const confirmed =
|
|
101
|
+
const confirmed = _.get(vulnerability, 'confirmed');
|
|
82
102
|
if (confirmed) {
|
|
83
103
|
text.push(`Confirmed: ${confirmed}`);
|
|
84
104
|
}
|
|
@@ -86,11 +106,11 @@ function formatControlDesc(vulnerability) {
|
|
|
86
106
|
}
|
|
87
107
|
function formatCheck(vulnerability) {
|
|
88
108
|
const text = [];
|
|
89
|
-
const exploitationSkills =
|
|
109
|
+
const exploitationSkills = _.get(vulnerability, 'exploitation-skills');
|
|
90
110
|
if (exploitationSkills) {
|
|
91
111
|
text.push(`Exploitation-skills: ${exploitationSkills}`);
|
|
92
112
|
}
|
|
93
|
-
const proofOfConcept =
|
|
113
|
+
const proofOfConcept = _.get(vulnerability, 'proof-of-concept');
|
|
94
114
|
if (proofOfConcept) {
|
|
95
115
|
text.push(`Proof-of-concept: ${proofOfConcept}`);
|
|
96
116
|
}
|
|
@@ -98,15 +118,15 @@ function formatCheck(vulnerability) {
|
|
|
98
118
|
}
|
|
99
119
|
function formatFix(vulnerability) {
|
|
100
120
|
const text = [];
|
|
101
|
-
const remedialActions =
|
|
121
|
+
const remedialActions = _.get(vulnerability, 'remedial-actions');
|
|
102
122
|
if (remedialActions) {
|
|
103
123
|
text.push(`Remedial-actions: ${remedialActions}`);
|
|
104
124
|
}
|
|
105
|
-
const remedialProcedure =
|
|
125
|
+
const remedialProcedure = _.get(vulnerability, 'remedial-procedure');
|
|
106
126
|
if (remedialProcedure) {
|
|
107
127
|
text.push(`Remedial-procedure: ${remedialProcedure}`);
|
|
108
128
|
}
|
|
109
|
-
const remedyReferences =
|
|
129
|
+
const remedyReferences = _.get(vulnerability, 'remedy-references');
|
|
110
130
|
if (remedyReferences) {
|
|
111
131
|
text.push(`Remedy-references: ${remedyReferences}`);
|
|
112
132
|
}
|
|
@@ -114,15 +134,15 @@ function formatFix(vulnerability) {
|
|
|
114
134
|
}
|
|
115
135
|
function formatCodeDesc(request) {
|
|
116
136
|
const text = [];
|
|
117
|
-
text.push(`http-request : ${
|
|
118
|
-
text.push(`method : ${
|
|
137
|
+
text.push(`http-request : ${_.get(request, 'content')}`);
|
|
138
|
+
text.push(`method : ${_.get(request, 'method')}`);
|
|
119
139
|
return text.join('\n');
|
|
120
140
|
}
|
|
121
141
|
function formatMessage(response) {
|
|
122
142
|
const text = [];
|
|
123
|
-
text.push(`http-response : ${
|
|
124
|
-
text.push(`duration : ${
|
|
125
|
-
text.push(`status-code : ${
|
|
143
|
+
text.push(`http-response : ${_.get(response, 'content')}`);
|
|
144
|
+
text.push(`duration : ${_.get(response, 'duration')}`);
|
|
145
|
+
text.push(`status-code : ${_.get(response, 'status-code')}`);
|
|
126
146
|
return text.join('\n');
|
|
127
147
|
}
|
|
128
148
|
class NetsparkerMapper extends base_converter_1.BaseConverter {
|
|
@@ -149,7 +169,7 @@ class NetsparkerMapper extends base_converter_1.BaseConverter {
|
|
|
149
169
|
title: {
|
|
150
170
|
path: `${toolname}-enterprise.target`,
|
|
151
171
|
transformer: (input) => {
|
|
152
|
-
return `${toolname.replace(/^./, (firstLetter) => firstLetter.toUpperCase())} Enterprise Scan ID: ${
|
|
172
|
+
return `${toolname.replace(/^./, (firstLetter) => firstLetter.toUpperCase())} Enterprise Scan ID: ${_.get(input, 'scan-id')} URL: ${_.get(input, 'url')}`;
|
|
153
173
|
}
|
|
154
174
|
},
|
|
155
175
|
summary: `${capitalizedToolname} Enterprise Scan`,
|
|
@@ -210,9 +230,9 @@ class NetsparkerMapper extends base_converter_1.BaseConverter {
|
|
|
210
230
|
],
|
|
211
231
|
passthrough: {
|
|
212
232
|
transformer: (data) => {
|
|
213
|
-
const auxData =
|
|
214
|
-
const genData =
|
|
215
|
-
const targetData =
|
|
233
|
+
const auxData = _.get(data, 'netsparker-enterprise');
|
|
234
|
+
const genData = _.get(auxData, 'generated');
|
|
235
|
+
const targetData = _.omit(_.get(auxData, 'target'), [
|
|
216
236
|
'scan-id',
|
|
217
237
|
'url',
|
|
218
238
|
'initiated'
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"netsparker-mapper.js","sourceRoot":"","sources":["../../src/netsparker-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"netsparker-mapper.js","sourceRoot":"","sources":["../../src/netsparker-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAO0B;AAC1B,8DAAyD;AACzD,kEAA6D;AAC7D,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,UAAU,EAAE,GAAG,CAAC;IACjB,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,eAAe,EAAE,GAAG,CAAC;IACtB,CAAC,aAAa,EAAE,GAAG,CAAC;CACrB,CAAC,CAAC;AAEH,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAC9C,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,OAAO,CAAC,cAAuC;IACtD,IAAI,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;QAC1B,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC;KACnB;IACD,IAAI,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;IAC9C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;QAC5B,QAAQ,GAAG,CAAC,QAAQ,CAAC,CAAC;KACvB;IACD,MAAM,GAAG,GAAG,gBAAgB,CAAC,UAAU,CAAC,MAAkB,CAAC,CAAC;IAC5D,MAAM,KAAK,GAAG,kBAAkB,CAAC,mBAAmB,CAAC,QAAoB,CAAC,CAAC;IAC3E,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,OAAO,MAAM,CAAC;KACf;SAAM;QACL,OAAO,+CAAsC,CAAC;KAC/C;AACH,CAAC;AACD,SAAS,iBAAiB,CAAC,aAAsB;IAC/C,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,WAAW,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IACxD,IAAI,WAAW,EAAE;QACf,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;KACxB;IACD,MAAM,kBAAkB,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,qBAAqB,CAAC,CAAC;IACvE,IAAI,kBAAkB,EAAE;QACtB,IAAI,CAAC,IAAI,CAAC,wBAAwB,kBAAkB,EAAE,CAAC,CAAC;KACzD;IACD,MAAM,gBAAgB,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;IACnE,IAAI,gBAAgB,EAAE;QACpB,IAAI,CAAC,IAAI,CACP,sBAAsB,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAC5D,KAAK,EACL,IAAI,CACL,EAAE,CACJ,CAAC;KACH;IACD,MAAM,cAAc,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC;IAC9D,IAAI,cAAc,EAAE;QAClB,IAAI,CAAC,IAAI,CACP,mBAAmB,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,EAAE,CACzE,CAAC;KACH;IACD,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;IAC9C,IAAI,MAAM,EAAE;QACV,IAAI,CAAC,IAAI,CAAC,WAAW,MAAM,EAAE,CAAC,CAAC;KAChC;IACD,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;IAC5D,IAAI,aAAa,EAAE;QACjB,IAAI,CAAC,IAAI,CAAC,kBAAkB,aAAa,EAAE,CAAC,CAAC;KAC9C;IACD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;IAC1D,IAAI,YAAY,EAAE;QAChB,IAAI,CAAC,IAAI,CAAC,iBAAiB,YAAY,EAAE,CAAC,CAAC;KAC5C;IACD,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,SAAS,EAAE;QACb,IAAI,CAAC,IAAI,CAAC,cAAc,SAAS,EAAE,CAAC,CAAC;KACtC;IACD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,IAAI,EAAE;QACR,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;KAC5B;IACD,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC,CAAC;IACpD,IAAI,SAAS,EAAE;QACb,IAAI,CAAC,IAAI,CAAC,cAAc,SAAS,EAAE,CAAC,CAAC;KACtC;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,WAAW,CAAC,aAAsB;IACzC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,kBAAkB,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,qBAAqB,CAAC,CAAC;IACvE,IAAI,kBAAkB,EAAE;QACtB,IAAI,CAAC,IAAI,CAAC,wBAAwB,kBAAkB,EAAE,CAAC,CAAC;KACzD;IACD,MAAM,cAAc,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAAC;IAChE,IAAI,cAAc,EAAE;QAClB,IAAI,CAAC,IAAI,CAAC,qBAAqB,cAAc,EAAE,CAAC,CAAC;KAClD;IACD,OAAO,IAAA,0BAAS,EAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;AACtC,CAAC;AACD,SAAS,SAAS,CAAC,aAAsB;IACvC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,kBAAkB,CAAC,CAAC;IACjE,IAAI,eAAe,EAAE;QACnB,IAAI,CAAC,IAAI,CAAC,qBAAqB,eAAe,EAAE,CAAC,CAAC;KACnD;IACD,MAAM,iBAAiB,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,oBAAoB,CAAC,CAAC;IACrE,IAAI,iBAAiB,EAAE;QACrB,IAAI,CAAC,IAAI,CAAC,uBAAuB,iBAAiB,EAAE,CAAC,CAAC;KACvD;IACD,MAAM,gBAAgB,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,mBAAmB,CAAC,CAAC;IACnE,IAAI,gBAAgB,EAAE;QACpB,IAAI,CAAC,IAAI,CAAC,sBAAsB,gBAAgB,EAAE,CAAC,CAAC;KACrD;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3B,CAAC;AACD,SAAS,cAAc,CAAC,OAAgB;IACtC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;IACzD,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC;IAClD,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,SAAS,aAAa,CAAC,QAAiB;IACtC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAE,CAAC,CAAC;IAC3D,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,CAAC,CAAC;IACvD,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,EAAE,CAAC,CAAC;IAC9D,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC;AACD,MAAa,gBAAiB,SAAQ,8BAAa;IAsHjD,YAAY,aAAqB,EAAE,OAAO,GAAG,KAAK;QAChD,KAAK,CAAC,IAAA,yBAAQ,EAAC,aAAa,CAAC,CAAC,CAAC;QAC/B,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,WAAW,CACd,IAAI,CAAC,cAAc,CACjB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YAC1D,CAAC,CAAC,YAAY;YACd,CAAC,CAAC,SAAS,CACd,CACF,CAAC;IACJ,CAAC;IA7HD,cAAc,CACZ,QAAgB;QAEhB,MAAM,mBAAmB,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CACjE,WAAW,CAAC,WAAW,EAAE,CAC1B,CAAC;QACF,OAAO;YACL,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,IAAI,EAAE,GAAG,QAAQ,wBAAwB,EAAC;aACvD;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,GAAG,mBAAmB,kBAAkB;oBAC9C,KAAK,EAAE;wBACL,IAAI,EAAE,GAAG,QAAQ,oBAAoB;wBACrC,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4BACtC,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAC/C,WAAW,CAAC,WAAW,EAAE,CAC1B,wBAAwB,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,GAAG,CAC5D,KAAK,EACL,KAAK,CACN,EAAE,CAAC;wBACN,CAAC;qBACF;oBACD,OAAO,EAAE,GAAG,mBAAmB,kBAAkB;oBACjD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,GAAG,QAAQ,2CAA2C;4BAC5D,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,gBAAgB;oCACtB,WAAW,EAAE,CAAC,IAA6B,EAAE,EAAE,CAC7C,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACpC;gCACD,IAAI,EAAE,EAAC,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,OAAO,EAAC;6BACrD;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACrB,EAAE,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;4BACtB,IAAI,EAAE,EAAC,WAAW,EAAE,iBAAiB,EAAC;4BACtC,YAAY,EAAE;gCACZ;oCACE,IAAI,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oCAChC,KAAK,EAAE,OAAO;iCACf;gCACD;oCACE,IAAI,EAAE,EAAC,WAAW,EAAE,SAAS,EAAC;oCAC9B,KAAK,EAAE,KAAK;iCACb;6BACF;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,cAAc;wCACpB,WAAW,EAAE,cAAc;qCAC5B;oCACD,OAAO,EAAE,EAAC,IAAI,EAAE,eAAe,EAAE,WAAW,EAAE,aAAa,EAAC;oCAC5D,UAAU,EAAE;wCACV,IAAI,EAAE,KAAK,QAAQ,8BAA8B;qCAClD;iCACF;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CACX,IAA6B,EACJ,EAAE;oBAC3B,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,uBAAuB,CAAC,CAAC;oBACrD,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;oBAC5C,MAAM,UAAU,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE;wBAClD,SAAS;wBACT,KAAK;wBACL,WAAW;qBACZ,CAAC,CAAC;oBACH,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,YAAY;gCAClB,IAAI,EAAE;oCACJ,uBAAuB,EAAE;wCACvB,SAAS,EAAE,OAAO;wCAClB,MAAM,EAAE,UAAU;qCACnB;iCACF;6BACF;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;IACJ,CAAC;CAYF;AAjID,4CAiIC"}
|
package/lib/src/nikto-mapper.js
CHANGED
|
@@ -1,11 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.NiktoMapper = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const package_json_1 = require("../package.json");
|
|
10
30
|
const base_converter_1 = require("./base-converter");
|
|
11
31
|
const NiktoNistMapping_1 = require("./mappings/NiktoNistMapping");
|
|
@@ -15,10 +35,10 @@ function formatTitle(file) {
|
|
|
15
35
|
return `Nikto Target: ${projectName(file)}`;
|
|
16
36
|
}
|
|
17
37
|
function projectName(file) {
|
|
18
|
-
return `Host: ${
|
|
38
|
+
return `Host: ${_.get(file, 'host')} Port: ${_.get(file, 'port')}`;
|
|
19
39
|
}
|
|
20
40
|
function formatCodeDesc(vulnerability) {
|
|
21
|
-
return `URL : ${
|
|
41
|
+
return `URL : ${_.get(vulnerability, 'url')} Method: ${_.get(vulnerability, 'method')}`;
|
|
22
42
|
}
|
|
23
43
|
function nistTag(id) {
|
|
24
44
|
return NIKTO_NIST_MAPPING.nistTag(id);
|
|
@@ -87,7 +107,7 @@ class NiktoMapper extends base_converter_1.BaseConverter {
|
|
|
87
107
|
auxiliary_data: [
|
|
88
108
|
{
|
|
89
109
|
name: 'Nikto',
|
|
90
|
-
data:
|
|
110
|
+
data: _.omit(data, ['banner', 'host', 'port', 'vulnerabilities'])
|
|
91
111
|
}
|
|
92
112
|
],
|
|
93
113
|
...(this.withRaw && { raw: data })
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"nikto-mapper.js","sourceRoot":"","sources":["../../src/nikto-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAA6E;AAC7E,kEAA6D;AAC7D,2CAAkD;AAElD,MAAM,kBAAkB,GAAG,IAAI,mCAAgB,EAAE,CAAC;AAElD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,iBAAiB,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;AAC9C,CAAC;AACD,SAAS,WAAW,CAAC,IAAa;IAChC,OAAO,SAAS,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;AACrE,CAAC;AACD,SAAS,cAAc,CAAC,aAAsB;IAC5C,OAAO,SAAS,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC,GAAG,CAC1D,aAAa,EACb,QAAQ,CACT,EAAE,CAAC;AACN,CAAC;AACD,SAAS,OAAO,CAAC,EAAU;IACzB,OAAO,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IA4E5C,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QA1E/B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;aACtC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,uBAAuB;oBAC7B,KAAK,EAAE,EAAC,WAAW,EAAE,WAAW,EAAC;oBACjC,OAAO,EAAE;wBACP,IAAI,EAAE,QAAQ;wBACd,WAAW,EAAE,CAAC,KAAc,EAAU,EAAE;4BACtC,OAAO,WAAW,KAAK,EAAE,CAAC;wBAC5B,CAAC;qBACF;oBACD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,iBAAiB;4BACvB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE,EAAC,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAC;gCACxC,GAAG,EAAE;oCACH,IAAI,EAAE,IAAI;oCACV,WAAW,EAAE,CAAC,EAAU,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC;iCAC7D;gCACD,KAAK,EAAE,EAAC,IAAI,EAAE,OAAO,EAAC;6BACvB;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACpB,EAAE,EAAE,EAAC,IAAI,EAAE,IAAI,EAAC;4BAChB,IAAI,EAAE,EAAC,IAAI,EAAE,KAAK,EAAC;4BACnB,MAAM,EAAE,GAAG;4BACX,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,OAAO;gCACb,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,iBAAiB,CAAC,CAAC;6BAClE;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAhFD,kCAgFC"}
|
package/lib/src/prisma-mapper.js
CHANGED
|
@@ -1,11 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.PrismaMapper = exports.PrismaControlMapper = exports.nistTag = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const package_json_1 = require("../package.json");
|
|
10
30
|
const base_converter_1 = require("./base-converter");
|
|
11
31
|
const global_1 = require("./utils/global");
|
|
@@ -171,7 +191,7 @@ class PrismaMapper {
|
|
|
171
191
|
});
|
|
172
192
|
Object.entries(hostnameToControls).forEach(([hostname, controls]) => {
|
|
173
193
|
const converted = new PrismaControlMapper(controls).toHdf();
|
|
174
|
-
|
|
194
|
+
_.set(converted, 'platform.target_id', hostname);
|
|
175
195
|
executions.push(converted);
|
|
176
196
|
});
|
|
177
197
|
return executions;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prisma-mapper.js","sourceRoot":"","sources":["../../src/prisma-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"prisma-mapper.js","sourceRoot":"","sources":["../../src/prisma-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAK0B;AAC1B,2CAIwB;AAexB,MAAM,eAAe,GAA2B;IAC9C,GAAG,EAAE,GAAG;IACR,QAAQ,EAAE,GAAG;IACb,IAAI,EAAE,GAAG;IACT,SAAS,EAAE,GAAG;IACd,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF,SAAgB,OAAO,CAAC,MAA0B;IAChD,IAAI,CAAC,MAAM,EAAE;QACX,OAAO,+CAAsC,CAAC;KAC/C;SAAM;QACL,OAAO,6CAAoC,CAAC;KAC7C;AACH,CAAC;AAND,0BAMC;AAED,MAAa,mBAAoB,SAAQ,8BAAa;IAwHpD,YAAY,cAA+B;QACzC,KAAK,CAAC,EAAC,OAAO,EAAE,cAAc,EAAC,CAAC,CAAC;QAxHnC,aAAQ,GAAqD;YAC3D,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,0BAA0B;aACtC;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf;YACD,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,6BAA6B;oBACnC,OAAO,EAAE,EAAE;oBACX,KAAK,EAAE,0BAA0B;oBACjC,UAAU,EAAE,IAAI;oBAChB,OAAO,EAAE,EAAE;oBACX,OAAO,EAAE,IAAI;oBACb,SAAS,EAAE,IAAI;oBACf,eAAe,EAAE,IAAI;oBACrB,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,OAAO,EAAE,EAAE;oBACX,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,SAAS;4BACf,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,CAAC,GAAW,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC;iCAC/D;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,OAAO;iCACrB;gCACD,GAAG,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;gCACrB,IAAI,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;6BACrB;4BACD,YAAY,EAAE,EAAE;4BAChB,IAAI,EAAE,CAAC,EAAC,GAAG,EAAE,EAAC,IAAI,EAAE,oBAAoB,EAAC,EAAC,CAAC;4BAC3C,eAAe,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;4BACnC,EAAE,EAAE;gCACF,WAAW,EAAE,CAAC,IAAmB,EAAE,EAAE;oCACnC,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE;wCAClB,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;qCACrD;yCAAM;wCACL,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;qCACnE;gCACH,CAAC;6BACF;4BACD,KAAK,EAAE;gCACL,WAAW,EAAE,CAAC,IAAmB,EAAE,EAAE,CACnC,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,EAAE;6BACjD;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,CAAC,QAAgB,EAAE,EAAE;oCAChC,IAAI,QAAQ,EAAE;wCACZ,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;qCAClC;yCAAM;wCACL,OAAO,GAAG,CAAC;qCACZ;gCACH,CAAC;6BACF;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,GAAkB,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC;6BAClE;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,WAAW,EAAE,CAAC,GAAkB,EAAE,EAAE;4CAClC,IAAI,MAAM,GAAG,EAAE,CAAC;4CAChB,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE;gDACxB,IAAI,GAAG,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE;oDAC1B,MAAM,IAAI,6BAA6B,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;iDAC1D;6CACF;iDAAM,IAAI,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE;gDAC/B,IAAI,GAAG,CAAC,MAAM,KAAK,EAAE,EAAE;oDACrB,MAAM,IAAI,2BAA2B,GAAG,CAAC,MAAM,EAAE,CAAC;iDACnD;qDAAM;oDACL,MAAM,IAAI,EAAE,CAAC;iDACd;6CACF;iDAAM;gDACL,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,cAAc,GAAG,CAAC,QAAQ,EAAE,CAAC;6CACnD;4CACD,MAAM,IAAI,OAAO,GAAG,CAAC,WAAW,EAAE,CAAC;4CACnC,OAAO,MAAM,CAAC;wCAChB,CAAC;qCACF;oCACD,OAAO,EAAE;wCACP,WAAW,EAAE,CAAC,GAAkB,EAAE,EAAE;4CAClC,IAAI,MAAM,GAAG,EAAE,CAAC;4CAChB,IAAI,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,KAAK,EAAE,EAAE;gDAChD,MAAM,IAAI,eAAe,GAAG,CAAC,YAAY,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,CAAC;6CAC9D;iDAAM,IAAI,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,EAAE;gDACnC,MAAM,IAAI,eAAe,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;6CAC9C;iDAAM,IAAI,GAAG,CAAC,KAAK,KAAK,EAAE,EAAE;gDAC3B,MAAM,IAAI,UAAU,GAAG,CAAC,KAAK,EAAE,CAAC;6CACjC;iDAAM;gDACL,MAAM,IAAI,SAAS,CAAC;6CACrB;4CACD,OAAO,MAAM,CAAC;wCAChB,CAAC;qCACF;oCACD,UAAU,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;iCAChC;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;SACF,CAAC;IAIF,CAAC;CACF;AA3HD,kDA2HC;AAED,MAAa,YAAY;IAmBvB,YAAY,SAAiB;QAlB7B,SAAI,GAAoB,EAAE,CAAC;QAmBzB,IAAI,CAAC,IAAI,GAAG,IAAA,yBAAQ,EAAC,SAAS,CAAoB,CAAC;IACrD,CAAC;IAlBD,KAAK;QACH,MAAM,UAAU,GAAyB,EAAE,CAAC;QAC5C,MAAM,kBAAkB,GAAoC,EAAE,CAAC;QAC/D,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAqB,EAAE,EAAE;YAC1C,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;gBACpC,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAC;YAC/C,kBAAkB,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QACH,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,EAAE;YAClE,MAAM,SAAS,GAAG,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,CAAC;YAC5D,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,oBAAoB,EAAE,QAAQ,CAAC,CAAC;YACjD,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,CAAC,CAAC,CAAC;QACH,OAAO,UAAU,CAAC;IACpB,CAAC;CAKF;AAtBD,oCAsBC"}
|
package/lib/src/sarif-mapper.js
CHANGED
|
@@ -1,11 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.SarifMapper = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const package_json_1 = require("../package.json");
|
|
10
30
|
const base_converter_1 = require("./base-converter");
|
|
11
31
|
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
@@ -34,9 +54,9 @@ function impactMapping(severity) {
|
|
|
34
54
|
}
|
|
35
55
|
function formatCodeDesc(input) {
|
|
36
56
|
const output = [];
|
|
37
|
-
output.push(`URL : ${
|
|
38
|
-
output.push(`LINE : ${
|
|
39
|
-
output.push(`COLUMN : ${
|
|
57
|
+
output.push(`URL : ${_.get(input, 'artifactLocation.uri')}`);
|
|
58
|
+
output.push(`LINE : ${_.get(input, 'region.startLine')}`);
|
|
59
|
+
output.push(`COLUMN : ${_.get(input, 'region.startColumn')}`);
|
|
40
60
|
return output.join(' ');
|
|
41
61
|
}
|
|
42
62
|
function nistTag(text) {
|
|
@@ -83,9 +103,9 @@ class SarifMapper extends base_converter_1.BaseConverter {
|
|
|
83
103
|
refs: [],
|
|
84
104
|
source_location: {
|
|
85
105
|
transformer: (control) => {
|
|
86
|
-
return
|
|
87
|
-
ref:
|
|
88
|
-
line:
|
|
106
|
+
return _.omitBy({
|
|
107
|
+
ref: _.get(control, 'locations[0].physicalLocation.artifactLocation.uri'),
|
|
108
|
+
line: _.get(control, 'locations[0].physicalLocation.region.startLine')
|
|
89
109
|
}, (value) => value === '');
|
|
90
110
|
}
|
|
91
111
|
},
|
|
@@ -133,16 +153,16 @@ class SarifMapper extends base_converter_1.BaseConverter {
|
|
|
133
153
|
],
|
|
134
154
|
passthrough: {
|
|
135
155
|
transformer: (data) => {
|
|
136
|
-
let runsData =
|
|
156
|
+
let runsData = _.get(data, 'runs');
|
|
137
157
|
if (Array.isArray(runsData)) {
|
|
138
|
-
runsData = runsData.map((run) =>
|
|
158
|
+
runsData = runsData.map((run) => _.omit(run, ['results']));
|
|
139
159
|
}
|
|
140
160
|
return {
|
|
141
161
|
auxiliary_data: [
|
|
142
162
|
{
|
|
143
163
|
name: 'SARIF',
|
|
144
164
|
data: {
|
|
145
|
-
$schema:
|
|
165
|
+
$schema: _.get(data, '$schema'),
|
|
146
166
|
runs: runsData
|
|
147
167
|
}
|
|
148
168
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sarif-mapper.js","sourceRoot":"","sources":["../../src/sarif-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"sarif-mapper.js","sourceRoot":"","sources":["../../src/sarif-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAA6E;AAC7E,8DAAyD;AACzD,2CAGwB;AAExB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,OAAO,EAAE,GAAG,CAAC;IACd,CAAC,SAAS,EAAE,GAAG,CAAC;IAChB,CAAC,MAAM,EAAE,GAAG,CAAC;CACd,CAAC,CAAC;AACH,MAAM,YAAY,GAAG,cAAc,CAAC;AACpC,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAE9C,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACnE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE;QACvB,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;KAChE;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AACD,SAAS,aAAa,CAAC,QAAiB;IACtC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;QAChE,OAAO,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,GAAG,CAAC;KACrE;SAAM;QACL,OAAO,GAAG,CAAC;KACZ;AACH,CAAC;AACD,SAAS,cAAc,CAAC,KAAc;IACpC,MAAM,MAAM,GAAG,EAAE,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,sBAAsB,CAAC,EAAE,CAAC,CAAC;IAC7D,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,kBAAkB,CAAC,EAAE,CAAC,CAAC;IAC1D,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,oBAAoB,CAAC,EAAE,CAAC,CAAC;IAC9D,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC1B,CAAC;AACD,SAAS,OAAO,CAAC,IAAY;IAC3B,IAAI,WAAW,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;IACnC,WAAW,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,WAAY,SAAQ,8BAAa;IA0H5C,YAAY,SAAiB,EAAE,OAAO,GAAG,KAAK;QAC5C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;QAxH/B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;gBAC7B,SAAS,EAAE,4CAA4C;aACxD;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;oBAC5B,KAAK,EAAE,4CAA4C;oBACnD,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,SAAS;4BACf,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,GAAG,EAAE;oCACH,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACjE;gCACD,IAAI,EAAE,EAAC,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,OAAO,EAAC;gCAChD,GAAG,EAAE;oCACH,IAAI,EAAE,YAAY;oCAClB,WAAW,EAAE,UAAU;iCACxB;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE;gCACf,WAAW,EAAE,CAAC,OAAgB,EAAE,EAAE;oCAChC,OAAO,CAAC,CAAC,MAAM,CACb;wCACE,GAAG,EAAE,CAAC,CAAC,GAAG,CACR,OAAO,EACP,oDAAoD,CACrD;wCACD,IAAI,EAAE,CAAC,CAAC,GAAG,CACT,OAAO,EACP,gDAAgD,CACjD;qCACF,EACD,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,EAAE,CACxB,CAAC;gCACJ,CAAC;6BACF;4BACD,KAAK,EAAE;gCACL,IAAI,EAAE,YAAY;gCAClB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;oCACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;wCAC5B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;qCAC5B;yCAAM;wCACL,OAAO,EAAE,CAAC;qCACX;gCACH,CAAC;6BACF;4BACD,EAAE,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;4BACpB,IAAI,EAAE;gCACJ,IAAI,EAAE,YAAY;gCAClB,WAAW,EAAE,CAAC,IAAa,EAAU,EAAE;oCACrC,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;wCAC5B,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;qCAC5B;yCAAM;wCACL,OAAO,EAAE,CAAC;qCACX;gCACH,CAAC;6BACF;4BACD,MAAM,EAAE,EAAC,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAC;4BACnD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE;wCACT,IAAI,EAAE,+BAA+B;wCACrC,WAAW,EAAE,cAAc;qCAC5B;oCAED,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,IAAI,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACnC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE;wBAC3B,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,GAA4B,EAAE,EAAE,CACvD,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC,CACzB,CAAC;qBACH;oBACD,OAAO;wBACL,cAAc,EAAE;4BACd;gCACE,IAAI,EAAE,OAAO;gCACb,IAAI,EAAE;oCACJ,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC;oCAC/B,IAAI,EAAE,QAAQ;iCACf;6BACF;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AA9HD,kCA8HC"}
|
|
@@ -1,11 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.ScoutsuiteMapper = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const package_json_1 = require("../package.json");
|
|
10
30
|
const base_converter_1 = require("./base-converter");
|
|
11
31
|
const ScoutsuiteNistMapping_1 = require("./mappings/ScoutsuiteNistMapping");
|
|
@@ -25,18 +45,18 @@ const IMPACT_MAPPING = new Map([
|
|
|
25
45
|
]);
|
|
26
46
|
const SCOUTSUITE_NIST_MAPPING = new ScoutsuiteNistMapping_1.ScoutsuiteNistMapping();
|
|
27
47
|
function getRulesetName(file) {
|
|
28
|
-
return
|
|
48
|
+
return _.get(file, 'last_run.ruleset_name');
|
|
29
49
|
}
|
|
30
50
|
function formatTargetId(file) {
|
|
31
|
-
return `${getRulesetName(file)} ruleset:${
|
|
51
|
+
return `${getRulesetName(file)} ruleset:${_.get(file, 'provider_name')}:${_.get(file, 'account_id')}`;
|
|
32
52
|
}
|
|
33
53
|
function formatTitle(file) {
|
|
34
|
-
return `Scout Suite Report using ${getRulesetName(file)} ruleset on ${
|
|
54
|
+
return `Scout Suite Report using ${getRulesetName(file)} ruleset on ${_.get(file, 'provider_name')} with account ${_.get(file, 'account_id')}`;
|
|
35
55
|
}
|
|
36
56
|
function compliance(input) {
|
|
37
57
|
if (Array.isArray(input)) {
|
|
38
58
|
return input
|
|
39
|
-
.map((element) => `Compliant with ${
|
|
59
|
+
.map((element) => `Compliant with ${_.get(element, 'name')}, reference ${_.get(element, 'reference')}, version ${_.get(element, 'version')}`)
|
|
40
60
|
.join('\n');
|
|
41
61
|
}
|
|
42
62
|
else {
|
|
@@ -44,10 +64,10 @@ function compliance(input) {
|
|
|
44
64
|
}
|
|
45
65
|
}
|
|
46
66
|
function getStatus(input) {
|
|
47
|
-
if (
|
|
67
|
+
if (_.get(input, 'checked_items') === 0) {
|
|
48
68
|
return inspecjs_1.ExecJSON.ControlResultStatus.Skipped;
|
|
49
69
|
}
|
|
50
|
-
else if (
|
|
70
|
+
else if (_.get(input, 'flagged_items') === 0) {
|
|
51
71
|
return inspecjs_1.ExecJSON.ControlResultStatus.Passed;
|
|
52
72
|
}
|
|
53
73
|
else {
|
|
@@ -55,7 +75,7 @@ function getStatus(input) {
|
|
|
55
75
|
}
|
|
56
76
|
}
|
|
57
77
|
function checkSkip(input) {
|
|
58
|
-
if (
|
|
78
|
+
if (_.get(input, 'checked_items') === 0) {
|
|
59
79
|
return 'Skipped because no items were checked';
|
|
60
80
|
}
|
|
61
81
|
else {
|
|
@@ -63,14 +83,14 @@ function checkSkip(input) {
|
|
|
63
83
|
}
|
|
64
84
|
}
|
|
65
85
|
function getMessage(input) {
|
|
66
|
-
if (
|
|
86
|
+
if (_.get(input, 'checked_items') === 0) {
|
|
67
87
|
return '';
|
|
68
88
|
}
|
|
69
|
-
else if (
|
|
70
|
-
return `0 flagged items out of ${
|
|
89
|
+
else if (_.get(input, 'flagged_items') === 0) {
|
|
90
|
+
return `0 flagged items out of ${_.get(input, 'checked_items')} checked items`;
|
|
71
91
|
}
|
|
72
92
|
else {
|
|
73
|
-
return `${
|
|
93
|
+
return `${_.get(input, 'flagged_items')} flagged items out of ${_.get(input, 'checked_items')} checked items:\n${_.get(input, 'items').join('\n')}`;
|
|
74
94
|
}
|
|
75
95
|
}
|
|
76
96
|
function nistTag(rule) {
|
|
@@ -83,10 +103,10 @@ function checkArray(input) {
|
|
|
83
103
|
return input.join(', ');
|
|
84
104
|
}
|
|
85
105
|
function collapseServices(file) {
|
|
86
|
-
const services = Object.values(
|
|
106
|
+
const services = Object.values(_.get(file, 'services'));
|
|
87
107
|
const findings = [];
|
|
88
108
|
services.forEach((element) => {
|
|
89
|
-
findings.push(
|
|
109
|
+
findings.push(_.get(element, 'findings'));
|
|
90
110
|
});
|
|
91
111
|
const entries = [];
|
|
92
112
|
Object.values(findings).forEach((element) => {
|
|
@@ -94,7 +114,7 @@ function collapseServices(file) {
|
|
|
94
114
|
entries.push(subElement);
|
|
95
115
|
});
|
|
96
116
|
});
|
|
97
|
-
|
|
117
|
+
_.set(file, 'services', entries);
|
|
98
118
|
return file;
|
|
99
119
|
}
|
|
100
120
|
class ScoutsuiteMapper extends base_converter_1.BaseConverter {
|
|
@@ -248,7 +268,7 @@ class ScoutsuiteMapper extends base_converter_1.BaseConverter {
|
|
|
248
268
|
],
|
|
249
269
|
passthrough: {
|
|
250
270
|
transformer: (data) => {
|
|
251
|
-
const auxData =
|
|
271
|
+
const auxData = _.omit(data, [
|
|
252
272
|
'account_id',
|
|
253
273
|
'environment',
|
|
254
274
|
'partition',
|
|
@@ -256,7 +276,7 @@ class ScoutsuiteMapper extends base_converter_1.BaseConverter {
|
|
|
256
276
|
'provider_name',
|
|
257
277
|
'services'
|
|
258
278
|
]);
|
|
259
|
-
auxData.last_run =
|
|
279
|
+
auxData.last_run = _.pick(auxData.last_run, ['summary']);
|
|
260
280
|
return {
|
|
261
281
|
auxiliary_data: auxData,
|
|
262
282
|
...(this.withRaw && { raw: data })
|