@mitre/hdf-converters 2.7.0 → 2.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +21 -20
- package/lib/data/converters/xml2json.js +25 -2
- package/lib/data/converters/xml2json.js.map +1 -1
- package/lib/data/converters/xml2json.ts +1 -1
- package/lib/index.d.ts +3 -0
- package/lib/index.js +3 -0
- package/lib/index.js.map +1 -1
- package/lib/package.json +8 -5
- package/lib/src/asff-mapper/asff-mapper.js +94 -74
- package/lib/src/asff-mapper/asff-mapper.js.map +1 -1
- package/lib/src/asff-mapper/case-cms-inspec.js +29 -9
- package/lib/src/asff-mapper/case-cms-inspec.js.map +1 -1
- package/lib/src/asff-mapper/case-firewall-manager.js +25 -5
- package/lib/src/asff-mapper/case-firewall-manager.js.map +1 -1
- package/lib/src/asff-mapper/case-guardduty.js +24 -4
- package/lib/src/asff-mapper/case-guardduty.js.map +1 -1
- package/lib/src/asff-mapper/case-inspector.js +24 -4
- package/lib/src/asff-mapper/case-inspector.js.map +1 -1
- package/lib/src/asff-mapper/case-previously-hdf.js +81 -61
- package/lib/src/asff-mapper/case-previously-hdf.js.map +1 -1
- package/lib/src/asff-mapper/case-prowler.js +26 -6
- package/lib/src/asff-mapper/case-prowler.js.map +1 -1
- package/lib/src/asff-mapper/case-security-hub.js +44 -24
- package/lib/src/asff-mapper/case-security-hub.js.map +1 -1
- package/lib/src/asff-mapper/case-trivy.js +30 -10
- package/lib/src/asff-mapper/case-trivy.js.map +1 -1
- package/lib/src/aws-config-mapper.js +31 -8
- package/lib/src/aws-config-mapper.js.map +1 -1
- package/lib/src/base-converter.d.ts +4 -4
- package/lib/src/base-converter.js +35 -35
- package/lib/src/base-converter.js.map +1 -1
- package/lib/src/burpsuite-mapper.js +31 -11
- package/lib/src/burpsuite-mapper.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-jsonix-converter.d.ts +5 -5
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js +47 -27
- package/lib/src/ckl-mapper/checklist-jsonix-converter.js.map +1 -1
- package/lib/src/ckl-mapper/checklist-mapper.js +2 -5
- package/lib/src/ckl-mapper/checklist-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.d.ts +1 -1
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js +26 -6
- package/lib/src/converters-from-hdf/asff/reverse-asff-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.d.ts +1 -1
- package/lib/src/converters-from-hdf/asff/transformers.js +42 -19
- package/lib/src/converters-from-hdf/asff/transformers.js.map +1 -1
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.d.ts +31 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js +200 -0
- package/lib/src/converters-from-hdf/caat/reverse-caat-mapper.js.map +1 -0
- package/lib/src/converters-from-hdf/html/html-types.d.ts +74 -0
- package/lib/src/converters-from-hdf/html/html-types.js +3 -0
- package/lib/src/converters-from-hdf/html/html-types.js.map +1 -0
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.d.ts +39 -0
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.js +374 -0
- package/lib/src/converters-from-hdf/html/reverse-html-mapper.js.map +1 -0
- package/lib/src/converters-from-hdf/reverse-any-base-converter.d.ts +1 -1
- package/lib/src/converters-from-hdf/reverse-any-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/reverse-base-converter.d.ts +1 -1
- package/lib/src/converters-from-hdf/reverse-base-converter.js +29 -9
- package/lib/src/converters-from-hdf/reverse-base-converter.js.map +1 -1
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.d.ts +1 -2
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js +29 -16
- package/lib/src/converters-from-hdf/splunk/reverse-splunk-mapper.js.map +1 -1
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js +25 -2
- package/lib/src/converters-from-hdf/xccdf/reverse-xccdf-mapper.js.map +1 -1
- package/lib/src/conveyor-mapper.js +58 -36
- package/lib/src/conveyor-mapper.js.map +1 -1
- package/lib/src/dbprotect-mapper.js +36 -16
- package/lib/src/dbprotect-mapper.js.map +1 -1
- package/lib/src/fortify-mapper.js +50 -30
- package/lib/src/fortify-mapper.js.map +1 -1
- package/lib/src/gosec-mapper.js +26 -6
- package/lib/src/gosec-mapper.js.map +1 -1
- package/lib/src/ionchannel-mapper.js +28 -5
- package/lib/src/ionchannel-mapper.js.map +1 -1
- package/lib/src/jfrog-xray-mapper.js +41 -21
- package/lib/src/jfrog-xray-mapper.js.map +1 -1
- package/lib/src/mappings/AwsConfigMapping.js +24 -4
- package/lib/src/mappings/AwsConfigMapping.js.map +1 -1
- package/lib/src/nessus-mapper.js +70 -50
- package/lib/src/nessus-mapper.js.map +1 -1
- package/lib/src/netsparker-mapper.js +56 -36
- package/lib/src/netsparker-mapper.js.map +1 -1
- package/lib/src/nikto-mapper.js +26 -6
- package/lib/src/nikto-mapper.js.map +1 -1
- package/lib/src/prisma-mapper.d.ts +1 -1
- package/lib/src/prisma-mapper.js +28 -8
- package/lib/src/prisma-mapper.js.map +1 -1
- package/lib/src/sarif-mapper.js +32 -12
- package/lib/src/sarif-mapper.js.map +1 -1
- package/lib/src/scoutsuite-mapper.js +39 -19
- package/lib/src/scoutsuite-mapper.js.map +1 -1
- package/lib/src/snyk-mapper.js +27 -7
- package/lib/src/snyk-mapper.js.map +1 -1
- package/lib/src/sonarqube-mapper.d.ts +2 -2
- package/lib/src/splunk-mapper.d.ts +4 -4
- package/lib/src/splunk-mapper.js +29 -6
- package/lib/src/splunk-mapper.js.map +1 -1
- package/lib/src/twistlock-mapper.js +43 -23
- package/lib/src/twistlock-mapper.js.map +1 -1
- package/lib/src/utils/attestations.d.ts +1 -1
- package/lib/src/utils/attestations.js +31 -8
- package/lib/src/utils/attestations.js.map +1 -1
- package/lib/src/utils/compliance.d.ts +3 -0
- package/lib/src/utils/compliance.js +27 -0
- package/lib/src/utils/compliance.js.map +1 -0
- package/lib/src/utils/fingerprinting.js +27 -7
- package/lib/src/utils/fingerprinting.js.map +1 -1
- package/lib/src/utils/global.d.ts +2 -1
- package/lib/src/utils/global.js +35 -5
- package/lib/src/utils/global.js.map +1 -1
- package/lib/src/utils/splunk-tools.js +26 -3
- package/lib/src/utils/splunk-tools.js.map +1 -1
- package/lib/src/veracode-mapper.js +105 -85
- package/lib/src/veracode-mapper.js.map +1 -1
- package/lib/src/xccdf-results-mapper.js +69 -49
- package/lib/src/xccdf-results-mapper.js.map +1 -1
- package/lib/src/zap-mapper.js +39 -19
- package/lib/src/zap-mapper.js.map +1 -1
- package/lib/types/splunk-config-types.d.ts +1 -1
- package/lib/types/splunk-control-types.d.ts +4 -4
- package/lib/types/splunk-profile-types.d.ts +6 -6
- package/lib/types/splunk-report-types.d.ts +3 -3
- package/package.json +8 -5
|
@@ -30,7 +30,7 @@ exports.BaseConverter = exports.impactMapping = exports.parseCsv = exports.parse
|
|
|
30
30
|
const crypto_1 = require("crypto");
|
|
31
31
|
const fast_xml_parser_1 = require("fast-xml-parser");
|
|
32
32
|
const htmlparser = __importStar(require("htmlparser2"));
|
|
33
|
-
const
|
|
33
|
+
const _ = __importStar(require("lodash"));
|
|
34
34
|
const papaparse_1 = __importDefault(require("papaparse"));
|
|
35
35
|
function generateHash(data, algorithm = 'sha256') {
|
|
36
36
|
const hash = (0, crypto_1.createHash)(algorithm);
|
|
@@ -90,7 +90,7 @@ function collapseDuplicates(array, key, collapseResults) {
|
|
|
90
90
|
const newArray = [];
|
|
91
91
|
let counter = 0;
|
|
92
92
|
array.forEach((item) => {
|
|
93
|
-
const propertyValue =
|
|
93
|
+
const propertyValue = _.get(item, key);
|
|
94
94
|
if (typeof propertyValue === 'string') {
|
|
95
95
|
const index = seen.get(propertyValue) || 0;
|
|
96
96
|
if (!seen.has(propertyValue)) {
|
|
@@ -99,15 +99,15 @@ function collapseDuplicates(array, key, collapseResults) {
|
|
|
99
99
|
counter++;
|
|
100
100
|
}
|
|
101
101
|
else {
|
|
102
|
-
const oldResult =
|
|
103
|
-
const descriptions = oldResult.map((element) =>
|
|
102
|
+
const oldResult = _.get(newArray[index], 'results');
|
|
103
|
+
const descriptions = oldResult.map((element) => _.get(element, 'code_desc'));
|
|
104
104
|
if (collapseResults) {
|
|
105
|
-
if (descriptions.indexOf(
|
|
106
|
-
|
|
105
|
+
if (descriptions.indexOf(_.get(item, 'results[0].code_desc')) === -1) {
|
|
106
|
+
_.set(newArray[index], 'results', oldResult.concat(_.get(item, 'results')));
|
|
107
107
|
}
|
|
108
108
|
}
|
|
109
109
|
else {
|
|
110
|
-
|
|
110
|
+
_.set(newArray[index], 'results', oldResult.concat(_.get(item, 'results')));
|
|
111
111
|
}
|
|
112
112
|
}
|
|
113
113
|
}
|
|
@@ -138,39 +138,39 @@ class BaseConverter {
|
|
|
138
138
|
return Object.fromEntries(Object.entries(obj).map(([k, v]) => [k, fn(v)]));
|
|
139
139
|
}
|
|
140
140
|
convertInternal(file, fields) {
|
|
141
|
-
const isShortcircuiting =
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
|
|
141
|
+
const isShortcircuiting = _.isObject(fields) &&
|
|
142
|
+
_.has(fields, 'shortcircuit') &&
|
|
143
|
+
_.isBoolean(_.get(fields, 'shortcircuit')) &&
|
|
144
|
+
_.get(fields, 'shortcircuit');
|
|
145
145
|
if (isShortcircuiting) {
|
|
146
|
-
return
|
|
146
|
+
return _.omit(fields, 'shortcircuit');
|
|
147
147
|
}
|
|
148
148
|
const result = this.objectMap(fields, (v) => this.evaluate(file, v));
|
|
149
149
|
return result;
|
|
150
150
|
}
|
|
151
151
|
evaluate(file, v) {
|
|
152
|
-
const hasTransformer =
|
|
152
|
+
const hasTransformer = _.has(v, 'transformer') && _.isFunction(_.get(v, 'transformer'));
|
|
153
153
|
let transformer = (val) => val;
|
|
154
154
|
if (hasTransformer) {
|
|
155
|
-
transformer =
|
|
156
|
-
v =
|
|
155
|
+
transformer = _.get(v, 'transformer');
|
|
156
|
+
v = _.omit(v, 'transformer');
|
|
157
157
|
}
|
|
158
|
-
const haspathTransform =
|
|
158
|
+
const haspathTransform = _.has(v, 'pathTransform') && _.isFunction(_.get(v, 'pathTransform'));
|
|
159
159
|
let pathTransform = (val) => val;
|
|
160
160
|
if (haspathTransform) {
|
|
161
|
-
pathTransform =
|
|
162
|
-
v =
|
|
161
|
+
pathTransform = _.get(v, 'pathTransform');
|
|
162
|
+
v = _.omit(v, 'pathTransform');
|
|
163
163
|
}
|
|
164
|
-
const hasPath =
|
|
164
|
+
const hasPath = _.isObject(v) && _.has(v, 'path');
|
|
165
165
|
let pathV = v;
|
|
166
166
|
if (hasPath) {
|
|
167
|
-
pathV = pathTransform(this.handlePath(file,
|
|
168
|
-
v =
|
|
167
|
+
pathV = pathTransform(this.handlePath(file, _.get(v, 'path')), file);
|
|
168
|
+
v = _.omit(v, 'path');
|
|
169
169
|
}
|
|
170
|
-
if (
|
|
171
|
-
|
|
172
|
-
|
|
173
|
-
|
|
170
|
+
if (_.isString(pathV) ||
|
|
171
|
+
_.isNumber(pathV) ||
|
|
172
|
+
_.isBoolean(pathV) ||
|
|
173
|
+
_.isNull(pathV)) {
|
|
174
174
|
return transformer(pathV);
|
|
175
175
|
}
|
|
176
176
|
if (Array.isArray(pathV)) {
|
|
@@ -178,7 +178,7 @@ class BaseConverter {
|
|
|
178
178
|
? transformer(pathV)
|
|
179
179
|
: this.handleArray(file, pathV);
|
|
180
180
|
}
|
|
181
|
-
if (
|
|
181
|
+
if (_.keys(v).length > 0 && hasTransformer) {
|
|
182
182
|
return {
|
|
183
183
|
...this.convertInternal(file, v),
|
|
184
184
|
...transformer(hasPath ? pathV : file)
|
|
@@ -201,8 +201,8 @@ class BaseConverter {
|
|
|
201
201
|
if (lookupPath.path === undefined) {
|
|
202
202
|
const arrayTransformer = (_a = lookupPath.arrayTransformer) === null || _a === void 0 ? void 0 : _a.bind(this);
|
|
203
203
|
v = v.map((element) => {
|
|
204
|
-
return
|
|
205
|
-
?
|
|
204
|
+
return _.isObject(element)
|
|
205
|
+
? _.omit(element, ['arrayTransformer'])
|
|
206
206
|
: element;
|
|
207
207
|
});
|
|
208
208
|
let output = [];
|
|
@@ -233,7 +233,7 @@ class BaseConverter {
|
|
|
233
233
|
}
|
|
234
234
|
if (Array.isArray(pathVal)) {
|
|
235
235
|
v = pathVal.map((element) => {
|
|
236
|
-
return
|
|
236
|
+
return _.omit(this.convertInternal(element, lookupPath), [
|
|
237
237
|
'path',
|
|
238
238
|
'transformer',
|
|
239
239
|
'arrayTransformer',
|
|
@@ -273,15 +273,15 @@ class BaseConverter {
|
|
|
273
273
|
if (typeof path === 'string') {
|
|
274
274
|
pathArray = [path];
|
|
275
275
|
}
|
|
276
|
-
const index =
|
|
276
|
+
const index = _.findIndex(pathArray, (p) => this.hasPath(file, p));
|
|
277
277
|
if (index === -1) {
|
|
278
278
|
return '';
|
|
279
279
|
}
|
|
280
280
|
else if (pathArray[index].startsWith('$.')) {
|
|
281
|
-
return
|
|
281
|
+
return _.get(this.data, pathArray[index].slice(2)) || '';
|
|
282
282
|
}
|
|
283
283
|
else {
|
|
284
|
-
return
|
|
284
|
+
return _.get(file, pathArray[index]) || '';
|
|
285
285
|
}
|
|
286
286
|
}
|
|
287
287
|
hasPath(file, path) {
|
|
@@ -292,12 +292,12 @@ class BaseConverter {
|
|
|
292
292
|
else {
|
|
293
293
|
pathArray = path;
|
|
294
294
|
}
|
|
295
|
-
return
|
|
295
|
+
return _.some(pathArray, (p) => {
|
|
296
296
|
if (p.startsWith('$.')) {
|
|
297
|
-
return
|
|
297
|
+
return _.has(this.data, p.slice(2));
|
|
298
298
|
}
|
|
299
299
|
else {
|
|
300
|
-
return
|
|
300
|
+
return _.has(file, p);
|
|
301
301
|
}
|
|
302
302
|
});
|
|
303
303
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"base-converter.js","sourceRoot":"","sources":["../../src/base-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAAkC;AAClC,qDAA0C;AAC1C,wDAA0C;AAE1C,
|
|
1
|
+
{"version":3,"file":"base-converter.js","sourceRoot":"","sources":["../../src/base-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,mCAAkC;AAClC,qDAA0C;AAC1C,wDAA0C;AAE1C,0CAA4B;AAC5B,0DAA6B;AAgC7B,SAAgB,YAAY,CAAC,IAAY,EAAE,SAAS,GAAG,QAAQ;IAC7D,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;IACnC,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzC,CAAC;AAHD,oCAGC;AAED,SAAgB,SAAS,CAAC,KAAc;IACtC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC;QACrC,MAAM,CAAC,IAAY;YACjB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;KACF,CAAC,CAAC;IACH,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE;QAC7B,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACtB,QAAQ,CAAC,GAAG,EAAE,CAAC;KAChB;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC3B,CAAC;AAZD,8BAYC;AAED,SAAgB,QAAQ,CACtB,GAAW,EACX,iBAA2C;IAE3C,MAAM,OAAO,GAAG;QACd,mBAAmB,EAAE,EAAE;QACvB,YAAY,EAAE,MAAM;QACpB,gBAAgB,EAAE,KAAK;QACvB,iBAAiB,EAAE,IAAI;QACvB,mBAAmB,EAAE,KAAK;QAC1B,aAAa,EAAE,KAAK;QACpB,cAAc,EAAE,IAAI;QACpB,GAAG,iBAAiB;KACrB,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,2BAAS,CAAC,OAAO,CAAC,CAAC;IACtC,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC3B,CAAC;AAhBD,4BAgBC;AAED,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,MAAM,GAAG,mBAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAC,MAAM,EAAE,IAAI,EAAC,CAAC,CAAC;IAEtD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE;QACxB,MAAM,MAAM,CAAC,MAAM,CAAC;KACrB;IAED,OAAO,MAAM,CAAC,IAAI,CAAC;AACrB,CAAC;AARD,4BAQC;AAED,SAAgB,aAAa,CAC3B,OAA4B;IAE5B,OAAO,CAAC,QAAiB,EAAU,EAAE;QACnC,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE;YAChE,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;SAC5D;aAAM;YACL,OAAO,CAAC,CAAC;SACV;IACH,CAAC,CAAC;AACJ,CAAC;AAVD,sCAUC;AAGD,SAAS,kBAAkB,CACzB,KAAe,EACf,GAAW,EACX,eAAwB;IAExB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,MAAM,QAAQ,GAAQ,EAAE,CAAC;IACzB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,CAAC,OAAO,CAAC,CAAC,IAAO,EAAE,EAAE;QACxB,MAAM,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QACvC,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE;gBAC5B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACpB,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;gBACjC,OAAO,EAAE,CAAC;aACX;iBAAM;gBACL,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CACrB,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,CACkB,CAAC;gBAC9B,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC7C,CAAC,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAC5B,CAAC;gBACF,IAAI,eAAe,EAAE;oBACnB,IACE,YAAY,CAAC,OAAO,CAClB,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,sBAAsB,CAAW,CAC9C,KAAK,CAAC,CAAC,EACR;wBACA,CAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CACd,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CACnD,CACF,CAAC;qBACH;iBACF;qBAAM;oBACL,CAAC,CAAC,GAAG,CACH,QAAQ,CAAC,KAAK,CAAC,EACf,SAAS,EACT,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAA6B,CAAC,CACrE,CAAC;iBACH;aACF;SACF;IACH,CAAC,CAAC,CAAC;IACH,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAa,aAAa;IAKxB,YAAY,IAA6B,EAAE,eAAe,GAAG,KAAK;QAChE,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,eAAe,GAAG,eAAe,CAAC;IACzC,CAAC;IAED,WAAW,CACT,QAA0D;QAE1D,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED,KAAK;QACH,IAAI,IAAI,CAAC,QAAQ,KAAK,SAAS,EAAE;YAC/B,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;SAC9C;aAAM;YACL,MAAM,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzD,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC7B,OAAO,CAAC,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;YACzD,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,CAAC;SACV;IACH,CAAC;IAED,SAAS,CACP,GAAM,EACN,EAAiC;QAEjC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAwB,CAAC,CAAC,CAAC,CACjD,CAAC;IAC1B,CAAC;IACD,eAAe,CACb,IAA6B,EAC7B,MAAS;QAET,MAAM,iBAAiB,GACrB,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YAClB,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC;YAC7B,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;YAC1C,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QAChC,IAAI,iBAAiB,EAAE;YACrB,OAAO,CAAC,CAAC,IAAI,CAAC,MAAgB,EAAE,cAAc,CAG7C,CAAC;SACH;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAa,EAAE,CAAC,CAAC,EAAE,EAAE,CACjD,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAA6B,CAAC,CACnD,CAAC;QACF,OAAO,MAAsC,CAAC;IAChD,CAAC;IAED,QAAQ,CACN,IAA6B,EAC7B,CAAe;QAEf,MAAM,cAAc,GAClB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC,CAAC;QACnE,IAAI,WAAW,GAAG,CAAC,GAAY,EAAE,EAAE,CAAC,GAAG,CAAC;QACxC,IAAI,cAAc,EAAE;YAClB,WAAW,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,aAAa,CAAQ,CAAC;YAC7C,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAW,EAAE,aAAa,CAAM,CAAC;SAC7C;QAED,MAAM,gBAAgB,GACpB,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,eAAe,CAAC,CAAC,CAAC;QAEvE,IAAI,aAAa,GAGF,CAAC,GAAY,EAAE,EAAE,CAAC,GAAG,CAAC;QACrC,IAAI,gBAAgB,EAAE;YACpB,aAAa,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,eAAe,CAAQ,CAAC;YACjD,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAW,EAAE,eAAe,CAAM,CAAC;SAC/C;QAED,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QAClD,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,OAAO,EAAE;YACX,KAAK,GAAG,aAAa,CACnB,IAAI,CAAC,UAAU,CACb,IAAI,EACJ,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAiC,CACtC,EACZ,IAAI,CACL,CAAC;YACF,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAW,EAAE,MAAM,CAAM,CAAC;SACtC;QAED,IACE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACjB,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;YACjB,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC;YAClB,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EACf;YACA,OAAO,WAAW,CAAC,KAAK,CAAM,CAAC;SAChC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;YACxB,OAAO,cAAc;gBACnB,CAAC,CAAE,WAAW,CAAC,KAAK,CAAS;gBAC7B,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,KAAY,CAAC,CAAC;SAC1C;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,cAAc,EAAE;YAC1C,OAAO;gBACL,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC;gBAChC,GAAI,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAE,IAAgB,CAAY;aAChC,CAAC;SACnC;QAED,IAAI,cAAc,EAAE;YAClB,OAAO,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAE,IAAgB,CAGtB,CAAC;SAClC;QAED,OAAO,OAAO;YACZ,CAAC,CAAC,KAAK;YACP,CAAC,CAAE,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAGI,CAAC;IACxC,CAAC;IAED,WAAW,CACT,IAA6B,EAC7B,CAAyB;;QAEzB,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE;YAClB,OAAO,EAAE,CAAC;SACX;QACD,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,KAAK,MAAM,UAAU,IAAI,CAAC,EAAE;YAC1B,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE;gBACjC,MAAM,gBAAgB,GAAG,MAAA,UAAU,CAAC,gBAAgB,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjE,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;oBACpB,OAAO,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;wBACxB,CAAC,CAAE,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAqB;wBAC5D,CAAC,CAAC,OAAO,CAAC;gBACd,CAAC,CAAC,CAAC;gBACH,IAAI,MAAM,GAAa,EAAE,CAAC;gBAC1B,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAM,CAAC,CAAC;gBAClD,IAAI,gBAAgB,KAAK,SAAS,EAAE;oBAClC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE;wBACnC,MAAM,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE;4BACtD,CAAC;4BACD,IAAI,CAAC,IAAI;yBACV,CAAC,CAAC;qBACJ;yBAAM;wBACL,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,CAAQ,CAAC;qBACnE;iBACF;gBACD,aAAa,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;aAC/B;iBAAM;gBACL,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAC;gBAC7B,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC;gBAC3B,MAAM,gBAAgB,GAAG,MAAA,UAAU,CAAC,gBAAgB,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACjE,MAAM,WAAW,GAAG,MAAA,UAAU,CAAC,WAAW,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACvD,MAAM,aAAa,GAAG,MAAA,UAAU,CAAC,aAAa,0CAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC3D,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE;oBAC5B,IAAI,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;oBAC1C,IAAI,aAAa,KAAK,SAAS,EAAE;wBAC/B,OAAO,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;qBACxC;oBACD,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC1B,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,OAAgC,EAAE,EAAE;4BACnD,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE;gCACvD,MAAM;gCACN,aAAa;gCACb,kBAAkB;gCAClB,KAAK;gCACL,eAAe;6BAChB,CAAiB,CAAC;wBACrB,CAAC,CAAQ,CAAC;wBACV,IAAI,gBAAgB,KAAK,SAAS,EAAE;4BAClC,IAAI,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE;gCACnC,CAAC,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,CAAC,EAAE;oCACjD,CAAC;oCACD,IAAI,CAAC,IAAI;iCACV,CAAC,CAAC;6BACJ;iCAAM;gCACL,CAAC,GAAG,gBAAgB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,CAAC,CAAQ,CAAC;6BACzD;yBACF;wBACD,IAAI,GAAG,KAAK,SAAS,EAAE;4BACrB,CAAC,GAAG,kBAAkB,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;yBACtD;wBACD,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;qBAC1B;yBAAM;wBACL,IAAI,WAAW,KAAK,SAAS,EAAE;4BAC7B,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;yBAChC;wBACD,aAAa,CAAC,IAAI,CAAC,OAAY,CAAC,CAAC;qBAClC;iBACF;aACF;SACF;QAED,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,UAAU,CAAC,IAA6B,EAAE,IAAuB;QAC/D,IAAI,SAAS,GAAG,IAAI,CAAC;QAErB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;SACpB;QAED,MAAM,KAAK,GAAG,CAAC,CAAC,SAAS,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEnE,IAAI,KAAK,KAAK,CAAC,CAAC,EAAE;YAEhB,OAAO,EAAE,CAAC;SACX;aAAM,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;YAC5C,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;SAC1D;aAAM;YACL,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;SAC5C;IACH,CAAC;IACD,OAAO,CAAC,IAA6B,EAAE,IAAuB;QAC5D,IAAI,SAAS,CAAC;QACd,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;YAC5B,SAAS,GAAG,CAAC,IAAI,CAAC,CAAC;SACpB;aAAM;YACL,SAAS,GAAG,IAAI,CAAC;SAClB;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;YAC7B,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;gBACtB,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;aACrC;iBAAM;gBACL,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;aACvB;QACH,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAnPD,sCAmPC"}
|
|
@@ -1,11 +1,31 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.BurpSuiteMapper = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const package_json_1 = require("../package.json");
|
|
10
30
|
const base_converter_1 = require("./base-converter");
|
|
11
31
|
const CweNistMapping_1 = require("./mappings/CweNistMapping");
|
|
@@ -20,23 +40,23 @@ const NAME = 'BurpSuite Pro Scan';
|
|
|
20
40
|
const CWE_NIST_MAPPING = new CweNistMapping_1.CweNistMapping();
|
|
21
41
|
function formatCodeDesc(issue) {
|
|
22
42
|
const text = [];
|
|
23
|
-
if (
|
|
24
|
-
text.push(`Host: ip: ${
|
|
43
|
+
if (_.has(issue, 'host.ip') && _.has(issue, 'host.text')) {
|
|
44
|
+
text.push(`Host: ip: ${_.get(issue, 'host.ip')}, url: ${_.get(issue, 'host.text')}`);
|
|
25
45
|
}
|
|
26
46
|
else {
|
|
27
47
|
text.push('Host: ip: , url: ');
|
|
28
48
|
}
|
|
29
|
-
if (
|
|
30
|
-
text.push(`Location: ${(0, base_converter_1.parseHtml)(
|
|
49
|
+
if (_.has(issue, 'location')) {
|
|
50
|
+
text.push(`Location: ${(0, base_converter_1.parseHtml)(_.get(issue, 'location'))}`);
|
|
31
51
|
}
|
|
32
52
|
else {
|
|
33
53
|
text.push('Location: ');
|
|
34
54
|
}
|
|
35
|
-
if (
|
|
36
|
-
text.push(`issueDetail: ${(0, base_converter_1.parseHtml)(
|
|
55
|
+
if (_.has(issue, 'issueDetail')) {
|
|
56
|
+
text.push(`issueDetail: ${(0, base_converter_1.parseHtml)(_.get(issue, 'issueDetail'))}`);
|
|
37
57
|
}
|
|
38
|
-
if (
|
|
39
|
-
text.push(`confidence: ${(0, base_converter_1.parseHtml)(
|
|
58
|
+
if (_.has(issue, 'confidence')) {
|
|
59
|
+
text.push(`confidence: ${(0, base_converter_1.parseHtml)(_.get(issue, 'confidence'))}`);
|
|
40
60
|
}
|
|
41
61
|
else {
|
|
42
62
|
text.push('confidence: ');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"burpsuite-mapper.js","sourceRoot":"","sources":["../../src/burpsuite-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"burpsuite-mapper.js","sourceRoot":"","sources":["../../src/burpsuite-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,kDAAgE;AAChE,qDAO0B;AAC1B,8DAAyD;AACzD,2CAGwB;AAGxB,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC;IAClD,CAAC,MAAM,EAAE,GAAG,CAAC;IACb,CAAC,QAAQ,EAAE,GAAG,CAAC;IACf,CAAC,KAAK,EAAE,GAAG,CAAC;IACZ,CAAC,aAAa,EAAE,GAAG,CAAC;CACrB,CAAC,CAAC;AACH,MAAM,IAAI,GAAG,oBAAoB,CAAC;AAClC,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAG9C,SAAS,cAAc,CAAC,KAAc;IACpC,MAAM,IAAI,GAAG,EAAE,CAAC;IAChB,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE;QACxD,IAAI,CAAC,IAAI,CACP,aAAa,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,EAAE,CAC1E,CAAC;KACH;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;KAChC;IACD,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,EAAE;QAC5B,IAAI,CAAC,IAAI,CAAC,aAAa,IAAA,0BAAS,EAAC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,EAAE,CAAC,CAAC;KAC/D;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;KACzB;IACD,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,EAAE;QAC/B,IAAI,CAAC,IAAI,CAAC,gBAAgB,IAAA,0BAAS,EAAC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC,EAAE,CAAC,CAAC;KACrE;IACD,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,EAAE;QAC9B,IAAI,CAAC,IAAI,CAAC,eAAe,IAAA,0BAAS,EAAC,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC,EAAE,CAAC,CAAC;KACnE;SAAM;QACL,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;KAC3B;IACD,OAAO,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AAChC,CAAC;AACD,SAAS,UAAU,CAAC,EAAW;IAC7B,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,OAAO,EAAE,KAAK,QAAQ,EAAE;QACpD,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC;KACtB;SAAM;QACL,OAAO,EAAE,CAAC;KACX;AACH,CAAC;AACD,SAAS,WAAW,CAAC,KAAa;IAChC,OAAO,IAAA,0BAAS,EAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,OAAO,CAAC,KAAa;IAC5B,IAAI,GAAG,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3C,GAAG,CAAC,KAAK,EAAE,CAAC;IACZ,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACtC,OAAO,gBAAgB,CAAC,UAAU,CAChC,GAAG,EACH,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAED,MAAa,eAAgB,SAAQ,8BAAa;IAqFhD,YAAY,QAAgB,EAAE,OAAO,GAAG,KAAK;QAC3C,KAAK,CAAC,IAAA,yBAAQ,EAAC,QAAQ,CAAC,CAAC,CAAC;QAnF5B,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,IAAI;oBACV,OAAO,EAAE,EAAC,IAAI,EAAE,oBAAoB,EAAC;oBACrC,KAAK,EAAE,IAAI;oBACX,OAAO,EAAE,IAAI;oBACb,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,cAAc;4BACpB,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,IAAI,EAAE;oCACJ,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,OAAO;iCACrB;gCACD,KAAK,EAAE;oCACL,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,WAAW;iCACzB;gCACD,GAAG,EAAE;oCACH,IAAI,EAAE,8BAA8B;oCACpC,WAAW,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,IAAA,2BAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;iCACjE;gCACD,UAAU,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;6BACjC;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,MAAM,EAAC;4BACrB,EAAE,EAAE,EAAC,IAAI,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAC;4BAC3C,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,0BAAS,EAAC;4BACvD,YAAY,EAAE;gCACZ;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,0BAAS,EAAC;oCACvD,KAAK,EAAE,OAAO;iCACf;gCACD;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,0BAAS,EAAC;oCAC7D,KAAK,EAAE,KAAK;iCACb;6BACF;4BACD,MAAM,EAAE;gCACN,IAAI,EAAE,UAAU;gCAChB,WAAW,EAAE,IAAA,8BAAa,EAAC,cAAc,CAAC;6BAC3C;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAAsC,EAAU,EAAE,CAC9D,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,MAAM,EAAE,mBAAQ,CAAC,mBAAmB,CAAC,MAAM;oCAC3C,SAAS,EAAE,EAAC,WAAW,EAAE,cAAc,EAAC;oCACxC,UAAU,EAAE,EAAC,IAAI,EAAE,qBAAqB,EAAC;iCAC1C;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAA6B,EAA2B,EAAE;oBACtE,OAAO;wBACL,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,EAAC,CAAC;qBACjC,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAGA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAzFD,0CAyFC"}
|
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
import { Asset, Checklist, Sidata, Stigdata, Vuln } from '../../types/checklistJsonix';
|
|
2
2
|
import { JsonixIntermediateConverter } from '../jsonix-intermediate-converter';
|
|
3
|
-
export
|
|
3
|
+
export type ChecklistObject = {
|
|
4
4
|
asset: ChecklistAsset;
|
|
5
5
|
stigs: ChecklistStig[];
|
|
6
6
|
jsonixData: Checklist;
|
|
7
7
|
};
|
|
8
|
-
|
|
9
|
-
|
|
8
|
+
type ChecklistAsset = Asset;
|
|
9
|
+
type ChecklistStig = {
|
|
10
10
|
header: StigHeader;
|
|
11
11
|
vulns: ChecklistVuln[];
|
|
12
12
|
};
|
|
13
|
-
|
|
13
|
+
type StigHeader = {
|
|
14
14
|
version: string;
|
|
15
15
|
classification: 'UNCLASSIFIED' | 'UNCLASSIFIED//FOR OFFICIAL USE ONLY' | 'CUI';
|
|
16
16
|
customname?: string;
|
|
@@ -23,7 +23,7 @@ declare type StigHeader = {
|
|
|
23
23
|
notice?: string;
|
|
24
24
|
source?: string;
|
|
25
25
|
};
|
|
26
|
-
export
|
|
26
|
+
export type ChecklistVuln = Omit<Vuln, 'stigdata' | 'status'> & {
|
|
27
27
|
status: StatusMapping;
|
|
28
28
|
vulnNum: string;
|
|
29
29
|
severity: Severity;
|
|
@@ -1,10 +1,30 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.ChecklistJsonixConverter = exports.Severity = void 0;
|
|
7
|
-
const
|
|
27
|
+
const _ = __importStar(require("lodash"));
|
|
8
28
|
const jsonix_intermediate_converter_1 = require("../jsonix-intermediate-converter");
|
|
9
29
|
var StatusMapping;
|
|
10
30
|
(function (StatusMapping) {
|
|
@@ -29,30 +49,30 @@ class ChecklistJsonixConverter extends jsonix_intermediate_converter_1.JsonixInt
|
|
|
29
49
|
dataName = 'siddata';
|
|
30
50
|
}
|
|
31
51
|
const results = data.filter((attribute) => {
|
|
32
|
-
return
|
|
52
|
+
return _.get(attribute, keyName) == tag;
|
|
33
53
|
});
|
|
34
|
-
return results.map((result) =>
|
|
54
|
+
return results.map((result) => _.get(result, dataName)).join('; ');
|
|
35
55
|
}
|
|
36
56
|
toIntermediateObject(jsonixData) {
|
|
37
57
|
const asset = {
|
|
38
|
-
role:
|
|
39
|
-
assettype:
|
|
40
|
-
hostname:
|
|
41
|
-
hostip:
|
|
42
|
-
hostmac:
|
|
43
|
-
hostfqdn:
|
|
44
|
-
marking:
|
|
45
|
-
targetcomment:
|
|
46
|
-
techarea:
|
|
47
|
-
targetkey:
|
|
48
|
-
webordatabase:
|
|
49
|
-
webdbsite:
|
|
50
|
-
webdbinstance:
|
|
58
|
+
role: _.get(jsonixData, 'value.asset.role'),
|
|
59
|
+
assettype: _.get(jsonixData, 'value.asset.assettype'),
|
|
60
|
+
hostname: _.get(jsonixData, 'value.asset.hostname'),
|
|
61
|
+
hostip: _.get(jsonixData, 'value.asset.hostip'),
|
|
62
|
+
hostmac: _.get(jsonixData, 'value.asset.hostmac'),
|
|
63
|
+
hostfqdn: _.get(jsonixData, 'value.asset.hostfqdn'),
|
|
64
|
+
marking: _.get(jsonixData, 'value.asset.marking'),
|
|
65
|
+
targetcomment: _.get(jsonixData, 'value.asset.targetcomment'),
|
|
66
|
+
techarea: _.get(jsonixData, 'value.asset.techarea'),
|
|
67
|
+
targetkey: _.get(jsonixData, 'value.asset.targetkey'),
|
|
68
|
+
webordatabase: _.get(jsonixData, 'value.asset.webordatabase'),
|
|
69
|
+
webdbsite: _.get(jsonixData, 'value.asset.webdbsite'),
|
|
70
|
+
webdbinstance: _.get(jsonixData, 'value.asset.webdbinstance')
|
|
51
71
|
};
|
|
52
|
-
const rawStigs =
|
|
72
|
+
const rawStigs = _.get(jsonixData, 'value.stigs.istig');
|
|
53
73
|
const stigs = [];
|
|
54
74
|
for (const stig of rawStigs) {
|
|
55
|
-
const stigInfo =
|
|
75
|
+
const stigInfo = _.get(stig, 'stiginfo.sidata');
|
|
56
76
|
const header = {
|
|
57
77
|
version: this.getValueFromAttributeName(stigInfo, 'version'),
|
|
58
78
|
classification: this.getValueFromAttributeName(stigInfo, 'classification'),
|
|
@@ -67,15 +87,15 @@ class ChecklistJsonixConverter extends jsonix_intermediate_converter_1.JsonixInt
|
|
|
67
87
|
source: this.getValueFromAttributeName(stigInfo, 'source')
|
|
68
88
|
};
|
|
69
89
|
const checklistVulns = [];
|
|
70
|
-
const vulns =
|
|
90
|
+
const vulns = _.get(stig, 'vuln');
|
|
71
91
|
for (const vuln of vulns) {
|
|
72
|
-
const stigdata =
|
|
92
|
+
const stigdata = _.get(vuln, 'stigdata');
|
|
73
93
|
const checklistVuln = {
|
|
74
|
-
status: StatusMapping[
|
|
75
|
-
findingdetails:
|
|
76
|
-
comments:
|
|
77
|
-
severityoverride:
|
|
78
|
-
severityjustification:
|
|
94
|
+
status: StatusMapping[_.get(vuln, 'status')],
|
|
95
|
+
findingdetails: _.get(vuln, 'findingdetails'),
|
|
96
|
+
comments: _.get(vuln, 'comments'),
|
|
97
|
+
severityoverride: _.get(vuln, 'severityoverride'),
|
|
98
|
+
severityjustification: _.get(vuln, 'severityjustification'),
|
|
79
99
|
vulnNum: this.getValueFromAttributeName(stigdata, 'Vuln_Num'),
|
|
80
100
|
severity: this.getValueFromAttributeName(stigdata, 'Severity'),
|
|
81
101
|
groupTitle: this.getValueFromAttributeName(stigdata, 'Group_Title'),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checklist-jsonix-converter.js","sourceRoot":"","sources":["../../../src/ckl-mapper/checklist-jsonix-converter.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"checklist-jsonix-converter.js","sourceRoot":"","sources":["../../../src/ckl-mapper/checklist-jsonix-converter.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,0CAA4B;AAS5B,oFAA6E;AAiE7E,IAAK,aAKJ;AALD,WAAK,aAAa;IAChB,uCAAsB,CAAA;IACtB,gCAAe,CAAA;IACf,kDAAiC,CAAA;IACjC,8CAA6B,CAAA;AAC/B,CAAC,EALI,aAAa,KAAb,aAAa,QAKjB;AAED,IAAY,QAKX;AALD,WAAY,QAAQ;IAClB,sBAAU,CAAA;IACV,yBAAa,CAAA;IACb,uBAAW,CAAA;IACX,6BAAiB,CAAA;AACnB,CAAC,EALW,QAAQ,GAAR,gBAAQ,KAAR,gBAAQ,QAKnB;AAED,MAAa,wBAAyB,SAAQ,2DAG7C;IACC,yBAAyB,CACvB,IAAS,EACT,GAAW;QAEX,IAAI,OAAO,GAAG,eAAe,CAAC;QAC9B,IAAI,QAAQ,GAAG,eAAe,CAAC;QAC/B,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,IAAI,CAAC,CAAC,EAAE;YACrC,OAAO,GAAG,SAAS,CAAC;YACpB,QAAQ,GAAG,SAAS,CAAC;SACtB;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,SAAY,EAAE,EAAE;YAC3C,OAAO,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,GAAG,CAAC;QAC1C,CAAC,CAAC,CAAC;QACH,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,MAAS,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxE,CAAC;IAOD,oBAAoB,CAAC,UAAqB;QACxC,MAAM,KAAK,GAAmB;YAC5B,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,kBAAkB,CAAC;YAC3C,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,uBAAuB,CAAC;YACrD,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,sBAAsB,CAAC;YACnD,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,oBAAoB,CAAC;YAC/C,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,qBAAqB,CAAC;YACjD,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,sBAAsB,CAAC;YACnD,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,qBAAqB,CAAC;YACjD,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,2BAA2B,CAAC;YAC7D,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,sBAAsB,CAAC;YACnD,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,uBAAuB,CAAC;YACrD,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,2BAA2B,CAAC;YAC7D,SAAS,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,uBAAuB,CAAC;YACrD,aAAa,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,EAAE,2BAA2B,CAAC;SAC9D,CAAC;QAEF,MAAM,QAAQ,GAAY,CAAC,CAAC,GAAG,CAC7B,UAAU,EACV,mBAAmB,CACE,CAAC;QACxB,MAAM,KAAK,GAAoB,EAAE,CAAC;QAClC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE;YAC3B,MAAM,QAAQ,GAAa,CAAC,CAAC,GAAG,CAC9B,IAAI,EACJ,iBAAiB,CACK,CAAC;YACzB,MAAM,MAAM,GAAe;gBACzB,OAAO,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,SAAS,CAAC;gBACpE,cAAc,EAAE,IAAI,CAAC,yBAAyB,CAC5C,QAAQ,EACR,gBAAgB,CAC0B;gBAC5C,UAAU,EAAE,IAAI,CAAC,yBAAyB,CACxC,QAAQ,EACR,YAAY,CACb;gBACD,MAAM,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,QAAQ,CAAC;gBAClE,WAAW,EAAE,IAAI,CAAC,yBAAyB,CACzC,QAAQ,EACR,aAAa,CACd;gBACD,QAAQ,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,UAAU,CAAC;gBACtE,WAAW,EAAE,IAAI,CAAC,yBAAyB,CACzC,QAAQ,EACR,aAAa,CACd;gBACD,KAAK,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,OAAO,CAAC;gBAChE,IAAI,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,MAAM,CAAC;gBAC9D,MAAM,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,QAAQ,CAAC;gBAClE,MAAM,EAAE,IAAI,CAAC,yBAAyB,CAAS,QAAQ,EAAE,QAAQ,CAAC;aACnE,CAAC;YAEF,MAAM,cAAc,GAAoB,EAAE,CAAC;YAC3C,MAAM,KAAK,GAAW,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC1C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE;gBACxB,MAAM,QAAQ,GAAe,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACrD,MAAM,aAAa,GAAkB;oBACnC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;oBAC5C,cAAc,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,gBAAgB,CAAC;oBAC7C,QAAQ,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,UAAU,CAAC;oBACjC,gBAAgB,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,kBAAkB,CAAC;oBACjD,qBAAqB,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,uBAAuB,CAAC;oBAC3D,OAAO,EAAE,IAAI,CAAC,yBAAyB,CACrC,QAAQ,EACR,UAAU,CACX;oBACD,QAAQ,EAAE,IAAI,CAAC,yBAAyB,CACtC,QAAQ,EACR,UAAU,CAC6B;oBACzC,UAAU,EAAE,IAAI,CAAC,yBAAyB,CACxC,QAAQ,EACR,aAAa,CACd;oBACD,MAAM,EAAE,IAAI,CAAC,yBAAyB,CAAW,QAAQ,EAAE,SAAS,CAAC;oBACrE,WAAW,EAAE,IAAI,CAAC,yBAAyB,CACzC,QAAQ,EACR,UAAU,CACX;oBACD,SAAS,EAAE,IAAI,CAAC,yBAAyB,CACvC,QAAQ,EACR,YAAY,CACb;oBACD,WAAW,EAAE,IAAI,CAAC,yBAAyB,CACzC,QAAQ,EACR,cAAc,CACf;oBACD,UAAU,EAAE,IAAI,CAAC,yBAAyB,CACxC,QAAQ,EACR,aAAa,CACd;oBACD,YAAY,EAAE,IAAI,CAAC,yBAAyB,CAC1C,QAAQ,EACR,eAAe,CAChB;oBACD,OAAO,EAAE,IAAI,CAAC,yBAAyB,CACrC,QAAQ,EACR,UAAU,CACX;oBACD,cAAc,EAAE,IAAI,CAAC,yBAAyB,CAC5C,QAAQ,EACR,iBAAiB,CAClB;oBACD,cAAc,EAAE,IAAI,CAAC,yBAAyB,CAC5C,QAAQ,EACR,iBAAiB,CAClB;oBACD,YAAY,EAAE,IAAI,CAAC,yBAAyB,CAC1C,QAAQ,EACR,cAAc,CACO;oBACvB,WAAW,EAAE,IAAI,CAAC,yBAAyB,CACzC,QAAQ,EACR,aAAa,CACd;oBACD,eAAe,EAAE,IAAI,CAAC,yBAAyB,CAC7C,QAAQ,EACR,kBAAkB,CACnB;oBACD,eAAe,EAAE,IAAI,CAAC,yBAAyB,CAC7C,QAAQ,EACR,mBAAmB,CACpB;oBACD,iBAAiB,EAAE,IAAI,CAAC,yBAAyB,CAC/C,QAAQ,EACR,oBAAoB,CACrB;oBACD,cAAc,EAAE,IAAI,CAAC,yBAAyB,CAC5C,QAAQ,EACR,gBAAgB,CACjB;oBACD,wBAAwB,EAAE,IAAI,CAAC,yBAAyB,CACtD,QAAQ,EACR,4BAA4B,CAC7B;oBACD,eAAe,EAAE,IAAI,CAAC,yBAAyB,CAC7C,QAAQ,EACR,mBAAmB,CACpB;oBACD,MAAM,EAAE,IAAI,CAAC,yBAAyB,CAAW,QAAQ,EAAE,QAAQ,CAAC;oBACpE,KAAK,EAAE,IAAI,CAAC,yBAAyB,CACnC,QAAQ,EACR,OAAO,CAC6B;oBACtC,OAAO,EAAE,IAAI,CAAC,yBAAyB,CACrC,QAAQ,EACR,SAAS,CACV;oBACD,SAAS,EAAE,IAAI,CAAC,yBAAyB,CACvC,QAAQ,EACR,WAAW,CACZ;oBACD,QAAQ,EAAE,IAAI,CAAC,yBAAyB,CACtC,QAAQ,EACR,WAAW,CACZ;oBACD,QAAQ,EAAE,IAAI,CAAC,yBAAyB,CACtC,QAAQ,EACR,WAAW,CACZ;oBACD,MAAM,EAAE,IAAI,CAAC,yBAAyB,CAAW,QAAQ,EAAE,SAAS,CAAC;iBACtE,CAAC;gBACF,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;aACpC;YAED,KAAK,CAAC,IAAI,CAAC;gBACT,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,cAAc;aACtB,CAAC,CAAC;SACJ;QAED,MAAM,eAAe,GAAoB;YACvC,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,UAAU;SACvB,CAAC;QACF,OAAO,eAAe,CAAC;IACzB,CAAC;CACF;AA5MD,4DA4MC"}
|
|
@@ -22,13 +22,10 @@ var __importStar = (this && this.__importStar) || function (mod) {
|
|
|
22
22
|
__setModuleDefault(result, mod);
|
|
23
23
|
return result;
|
|
24
24
|
};
|
|
25
|
-
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
26
|
-
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
27
|
-
};
|
|
28
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
29
26
|
exports.ChecklistMapper = exports.ChecklistResults = void 0;
|
|
30
27
|
const inspecjs_1 = require("inspecjs");
|
|
31
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
32
29
|
const package_json_1 = require("../../package.json");
|
|
33
30
|
const base_converter_1 = require("../base-converter");
|
|
34
31
|
const CciNistMapping_1 = require("../mappings/CciNistMapping");
|
|
@@ -222,7 +219,7 @@ class ChecklistMapper extends base_converter_1.BaseConverter {
|
|
|
222
219
|
];
|
|
223
220
|
const fullTags = {};
|
|
224
221
|
for (const [key, path] of tags) {
|
|
225
|
-
const tagValue =
|
|
222
|
+
const tagValue = _.get(input, path);
|
|
226
223
|
if (tagValue && tagValue !== '; ') {
|
|
227
224
|
fullTags[key] = tagValue;
|
|
228
225
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"checklist-mapper.js","sourceRoot":"","sources":["../../../src/ckl-mapper/checklist-mapper.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"checklist-mapper.js","sourceRoot":"","sources":["../../../src/ckl-mapper/checklist-mapper.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,uCAAkC;AAClC,0CAA4B;AAC5B,qDAAmE;AAEnE,sDAK2B;AAC3B,+DAA0D;AAC1D,4CAAuE;AACvE,6EAIsC;AACtC,kEAAoD;AAEpD,IAAK,aAIJ;AAJD,WAAK,aAAa;IAChB,mDAAU,CAAA;IACV,uDAAY,CAAA;IACZ,iDAAS,CAAA;AACX,CAAC,EAJI,aAAa,KAAb,aAAa,QAIjB;AAED,MAAM,gBAAgB,GAAG,IAAI,+BAAc,EAAE,CAAC;AAO9C,SAAS,MAAM,CAAC,KAAa;IAC3B,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAQD,SAAS,OAAO,CAAC,KAAa;IAC5B,MAAM,WAAW,GAAa,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5C,OAAO,gBAAgB,CAAC,UAAU,CAChC,WAAW,EACX,+CAAsC,CACvC,CAAC;AACJ,CAAC;AAQD,SAAS,YAAY,CAAC,IAAmB;IACvC,IAAI,IAAI,CAAC,gBAAgB,EAAE;QACzB,OAAO,IAAI,CAAC,gBAAgB,CAAC;KAC9B;IACD,OAAO,IAAI,CAAC,QAAQ,CAAC;AACvB,CAAC;AAQD,SAAS,eAAe,CAAC,IAAmB;IAC1C,IAAI,IAAI,CAAC,MAAM,KAAK,gBAAgB;QAAE,OAAO,GAAG,CAAC;IACjD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,MAAM,GACV,aAAa,CAAC,QAAQ,CAAC,WAAW,EAAgC,CAAC,CAAC;IACtE,IAAI,CAAC,MAAM;QACT,MAAM,IAAI,KAAK,CACb,aAAa,QAAQ,oEAAoE,IAAI,CAAC,OAAO,EAAE,CACxG,CAAC;IACJ,OAAO,MAAM,CAAC;AAChB,CAAC;AASD,SAAS,SAAS,CAAC,KAAa;IAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IACnC,QAAQ,MAAM,EAAE;QACd,KAAK,aAAa,CAAC;QACnB,KAAK,QAAQ;YACX,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;QAC7C,KAAK,MAAM,CAAC;QACZ,KAAK,QAAQ;YACX,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,MAAM,CAAC;QAC7C,KAAK,OAAO;YACV,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,KAAK,CAAC;QAC5C;YACE,OAAO,mBAAQ,CAAC,mBAAmB,CAAC,OAAO,CAAC;KAC/C;AACH,CAAC;AASD,SAAS,mBAAmB,CAAC,KAAgB;IAC3C,MAAM,QAAQ,GAAG,KAA4C,CAAC;IAC9D,MAAM,OAAO,GAA6B,EAAE,CAAC;IAC7C,MAAM,SAAS,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IAE3D,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE;QAC9B,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE;YACtB,OAAO,CAAC,IAAI,CAAC;gBACX,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,SAAS,EAAE,OAAO,CAAC,SAAS;gBAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC,CAAC;SACJ;aAAM;YAEL,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,SAAS,CAAC,KAAK,CAC3C,oCAAoC,CACrC,EAAE;gBACD,IAAI,SAAiB,CAAC;gBACtB,IAAI,MAAoC,CAAC;gBACzC,IAAI,OAAO,GAAG,EAAE,CAAC;gBAEjB,MAAM,CAAC,aAAa,EAAE,cAAc,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;gBACpE,IAAI,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE;oBAKrC,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;oBAC7D,IAAI,eAAe,GAAG,CAAC,EAAE;wBACvB,SAAS,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,eAAe,GAAG,CAAC,CAAC,CAAC;wBACzD,OAAO,GAAG,cAAc,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;wBAChD,MAAM,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;qBACnC;yBAAM;wBACL,SAAS,GAAG,cAAc,CAAC;wBAC3B,MAAM,GAAG,SAAS,CAAC,aAAa,CAAC,CAAC;qBACnC;iBACF;qBAAM;oBACL,SAAS,GAAG,OAAO,CAAC;oBACpB,MAAM,GAAG,OAAO,CAAC,MAAsC,CAAC;iBACzD;gBACD,OAAO,CAAC,IAAI,CAAC;oBACX,SAAS;oBACT,MAAM;oBACN,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;oBACjC,UAAU,EAAE,EAAE;iBACf,CAAC,CAAC;aACJ;SACF;KACF;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAQD,MAAa,gBAAiB,SAAQ,qDAAwB;IAU5D,YAAY,YAAoB,EAAE,OAAO,GAAG,KAAK;QAC/C,KAAK,CAAC,YAAY,CAAC,CAAC;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;QACjC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,QAAQ,CAAC,gBAAgB,CAAC,aAAa,CAAC,CAAC;QACjE,IAAI,CAAC,eAAe,GAAG,KAAK,CAAC,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACrE,CAAC;IAED,KAAK;;QACH,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,MAAM,CAAC;QACxD,IAAI,aAAa,KAAK,CAAC,EAAE;YACvB,MAAM,gBAAgB,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YACnE,OAAO,gBAAgB,CAAC,KAAK,EAAE,CAAC;SACjC;aAAM;YACL,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC5D,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC;YACnC,MAAM,iBAAiB,GAAG,gBAAgB,CAAC;YAC3C,MAAM,cAAc,GAAqB;gBACvC,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE,sBAAoB;gBAC7B,QAAQ,EAAE,EAAE;gBACZ,UAAU,EAAE,EAAE;gBACd,MAAM,EAAE,EAAE;gBACV,OAAO,EAAE,EAAE;gBACX,QAAQ,EAAE,EAAE;gBACZ,MAAM,EAAE,EAAE;aACX,CAAC;YACF,KAAK,MAAM,OAAO,IAAI,QAAQ,CAAC,QAAQ,EAAE;gBACvC,MAAA,cAAc,CAAC,OAAO,0CAAE,IAAI,CAAC,EAAC,IAAI,EAAE,OAAO,CAAC,IAAI,EAAC,CAAC,CAAC;gBACnD,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;gBAClD,OAAO,CAAC,cAAc,GAAG,iBAAiB,CAAC;gBAC3C,OAAO,CAAC,MAAM,GAAG,IAAA,6BAAY,EAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;aACxD;YACD,cAAc,CAAC,MAAM,GAAG,IAAA,6BAAY,EAAC,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC;YACrE,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;YAC1C,OAAO,QAAQ,CAAC;SACjB;IACH,CAAC;CACF;AAhDD,4CAgDC;AAKD,MAAa,eAAgB,SAAQ,8BAAa;IAkIhD,YAAY,eAAgC,EAAE,OAAO,GAAG,KAAK;QAC3D,KAAK,CAAC,eAAe,CAAC,CAAC;QAjIzB,aAAQ,GAGJ;YACF,QAAQ,EAAE;gBACR,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE,sBAAoB;aAC9B;YACD,OAAO,EAAE,sBAAoB;YAC7B,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE;gBACR;oBACE,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,EAAC,IAAI,EAAE,cAAc,EAAC;oBAC5B,OAAO,EAAE,EAAC,IAAI,EAAE,gBAAgB,EAAC;oBACjC,KAAK,EAAE,EAAC,IAAI,EAAE,cAAc,EAAC;oBAC7B,OAAO,EAAE,EAAC,IAAI,EAAE,oBAAoB,EAAC;oBACrC,OAAO,EAAE,EAAC,IAAI,EAAE,eAAe,EAAC;oBAChC,QAAQ,EAAE,EAAE;oBACZ,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,EAAE;oBACV,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE;wBACR;4BACE,IAAI,EAAE,OAAO;4BACb,GAAG,EAAE,IAAI;4BACT,IAAI,EAAE;gCACJ,MAAM,EAAE,EAAC,IAAI,EAAE,YAAY,EAAC;gCAC5B,GAAG,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;gCACrB,GAAG,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;gCACtB,OAAO,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;gCAC9B,GAAG,EAAE;oCACH,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,MAAM;iCACpB;gCACD,IAAI,EAAE;oCACJ,IAAI,EAAE,QAAQ;oCACd,WAAW,EAAE,OAAO;iCACrB;gCACD,MAAM,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAC;gCAGxB,WAAW,EAAE,CAAC,KAAoB,EAA2B,EAAE;oCAC7D,MAAM,IAAI,GAAG;wCACX,CAAC,aAAa,EAAE,YAAY,CAAC;wCAC7B,CAAC,WAAW,EAAE,UAAU,CAAC;wCACzB,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;wCACrC,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;wCACrC,CAAC,aAAa,EAAE,aAAa,CAAC;wCAC9B,CAAC,qBAAqB,EAAE,mBAAmB,CAAC;wCAC5C,CAAC,kBAAkB,EAAE,iBAAiB,CAAC;wCACvC,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;wCACpC,CAAC,SAAS,EAAE,SAAS,CAAC;wCACtB,CAAC,4BAA4B,EAAE,0BAA0B,CAAC;wCAC1D,CAAC,wBAAwB,EAAE,uBAAuB,CAAC;qCACpD,CAAC;oCACF,MAAM,QAAQ,GAA4B,EAAE,CAAC;oCAC7C,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,IAAI,EAAE;wCAC9B,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;wCACpC,IAAI,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE;4CACjC,QAAQ,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAC;yCAC1B;qCACF;oCACD,OAAO,QAAQ,CAAC;gCAClB,CAAC;6BACF;4BACD,IAAI,EAAE,EAAE;4BACR,eAAe,EAAE,EAAE;4BACnB,KAAK,EAAE,EAAC,IAAI,EAAE,WAAW,EAAC;4BAC1B,EAAE,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;4BACrB,IAAI,EAAE,EAAC,IAAI,EAAE,aAAa,EAAC;4BAC3B,YAAY,EAAE;gCACZ;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,cAAc,EAAC;oCAC5B,KAAK,EAAE,OAAO;iCACf;gCACD;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,SAAS,EAAC;oCACvB,KAAK,EAAE,KAAK;iCACb;gCACD;oCACE,IAAI,EAAE,EAAC,IAAI,EAAE,UAAU,EAAC;oCACxB,KAAK,EAAE,UAAU;iCAClB;6BACF;4BACD,MAAM,EAAE;gCACN,WAAW,EAAE,CAAC,aAA4B,EAAU,EAAE,CACpD,eAAe,CAAC,aAAa,CAAC;6BACjC;4BACD,IAAI,EAAE;gCACJ,WAAW,EAAE,CAAC,aAA4B,EAAU,EAAE,CACpD,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;6BACzC;4BACD,OAAO,EAAE;gCACP;oCACE,gBAAgB,EAAE,mBAAmB;oCACrC,MAAM,EAAE;wCACN,IAAI,EAAE,QAAQ;wCACd,WAAW,EAAE,SAAS;qCACvB;oCACD,SAAS,EAAE,EAAC,IAAI,EAAE,gBAAgB,EAAC;oCACnC,UAAU,EAAE,EAAE;iCACf;6BACF;yBACF;qBACF;oBACD,MAAM,EAAE,EAAE;iBACX;aACF;YACD,WAAW,EAAE;gBACX,WAAW,EAAE,CAAC,IAAqB,EAA2B,EAAE;oBAC9D,OAAO;wBACL,GAAG;4BACD,SAAS,EAAE;gCACT,KAAK,EAAE,IAAI,CAAC,KAAK;gCACjB,KAAK,EAAE,IAAI,CAAC,KAAK;6BAClB;yBACF;wBACD,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAC,GAAG,EAAE,IAAI,CAAC,UAAU,EAAC,CAAC;qBAC5C,CAAC;gBACJ,CAAC;aACF;SACF,CAAC;QAQA,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAtID,0CAsIC"}
|
|
@@ -4,7 +4,7 @@ import { FromHdfBaseConverter } from '../reverse-base-converter';
|
|
|
4
4
|
import { IExecJSONASFF, IFindingASFF, IOptions } from './asff-types';
|
|
5
5
|
export declare const TO_ASFF_TYPES_SLASH_REPLACEMENT = "{{{SLASH}}}";
|
|
6
6
|
export declare function escapeForwardSlashes<T>(s: T): T;
|
|
7
|
-
export
|
|
7
|
+
export type SegmentedControl = ExecJSON.Control & {
|
|
8
8
|
result: ExecJSON.ControlResult;
|
|
9
9
|
layersOfControl: (ExecJSON.Control & {
|
|
10
10
|
fix?: string;
|
|
@@ -1,16 +1,36 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
-
var
|
|
3
|
-
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || function (mod) {
|
|
19
|
+
if (mod && mod.__esModule) return mod;
|
|
20
|
+
var result = {};
|
|
21
|
+
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
|
|
22
|
+
__setModuleDefault(result, mod);
|
|
23
|
+
return result;
|
|
4
24
|
};
|
|
5
25
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
6
26
|
exports.FromHdfToAsffMapper = exports.escapeForwardSlashes = exports.TO_ASFF_TYPES_SLASH_REPLACEMENT = void 0;
|
|
7
27
|
const inspecjs_1 = require("inspecjs");
|
|
8
|
-
const
|
|
28
|
+
const _ = __importStar(require("lodash"));
|
|
9
29
|
const reverse_base_converter_1 = require("../reverse-base-converter");
|
|
10
30
|
const transformers_1 = require("./transformers");
|
|
11
31
|
exports.TO_ASFF_TYPES_SLASH_REPLACEMENT = '{{{SLASH}}}';
|
|
12
32
|
function escapeForwardSlashes(s) {
|
|
13
|
-
return
|
|
33
|
+
return _.isString(s)
|
|
14
34
|
? s.replace(/\//g, exports.TO_ASFF_TYPES_SLASH_REPLACEMENT)
|
|
15
35
|
: JSON.stringify(s).replace(/\//g, exports.TO_ASFF_TYPES_SLASH_REPLACEMENT);
|
|
16
36
|
}
|
|
@@ -130,7 +150,7 @@ class FromHdfToAsffMapper extends reverse_base_converter_1.FromHdfBaseConverter
|
|
|
130
150
|
restrictionAttributesLessThan32KiB(finding) {
|
|
131
151
|
const ATTRIBUTE_CHARACTER_LIMIT = 30000;
|
|
132
152
|
if (finding.Resources.length > 1) {
|
|
133
|
-
|
|
153
|
+
_.set(finding, 'Resources[1].Details.AwsIamRole.AssumeRolePolicyDocument', _.get(finding, 'Resources[1].Details.AwsIamRole.AssumeRolePolicyDocument', '').slice(0, ATTRIBUTE_CHARACTER_LIMIT));
|
|
134
154
|
}
|
|
135
155
|
finding.FindingProviderFields.Types = finding.FindingProviderFields.Types
|
|
136
156
|
.map((typeString) => {
|
|
@@ -138,7 +158,7 @@ class FromHdfToAsffMapper extends reverse_base_converter_1.FromHdfBaseConverter
|
|
|
138
158
|
return typeString;
|
|
139
159
|
}
|
|
140
160
|
const [type, attribute, value] = typeString.split('/');
|
|
141
|
-
return
|
|
161
|
+
return _.chunk(value, ATTRIBUTE_CHARACTER_LIMIT -
|
|
142
162
|
(type.length + attribute.length + 2)).map((chunk) => `${type}/${attribute}/${chunk.join('')}`);
|
|
143
163
|
})
|
|
144
164
|
.flat();
|