@mitre/hdf-schema 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. package/LICENSE.md +55 -0
  2. package/README.md +143 -0
  3. package/dist/go/go.mod +4 -0
  4. package/dist/go/hdf.go +2224 -0
  5. package/dist/helpers.d.ts +77 -0
  6. package/dist/helpers.js +242 -0
  7. package/dist/index.d.ts +62 -0
  8. package/dist/index.js +37 -0
  9. package/dist/python/hdf_amendments.py +695 -0
  10. package/dist/python/hdf_baseline.py +782 -0
  11. package/dist/python/hdf_comparison.py +1771 -0
  12. package/dist/python/hdf_evidence_package.py +593 -0
  13. package/dist/python/hdf_plan.py +363 -0
  14. package/dist/python/hdf_results.py +2163 -0
  15. package/dist/python/hdf_system.py +904 -0
  16. package/dist/schemas/hdf-amendments.schema.json +1562 -0
  17. package/dist/schemas/hdf-baseline.schema.json +1787 -0
  18. package/dist/schemas/hdf-comparison.schema.json +3730 -0
  19. package/dist/schemas/hdf-evidence-package.schema.json +1738 -0
  20. package/dist/schemas/hdf-plan.schema.json +1821 -0
  21. package/dist/schemas/hdf-results.schema.json +2810 -0
  22. package/dist/schemas/hdf-system.schema.json +2512 -0
  23. package/dist/ts/hdf-amendments.d.ts +446 -0
  24. package/dist/ts/hdf-amendments.js +77 -0
  25. package/dist/ts/hdf-amendments.ts +457 -0
  26. package/dist/ts/hdf-baseline.d.ts +472 -0
  27. package/dist/ts/hdf-baseline.js +58 -0
  28. package/dist/ts/hdf-baseline.ts +483 -0
  29. package/dist/ts/hdf-comparison.d.ts +1185 -0
  30. package/dist/ts/hdf-comparison.js +216 -0
  31. package/dist/ts/hdf-comparison.ts +1210 -0
  32. package/dist/ts/hdf-evidence-package.d.ts +348 -0
  33. package/dist/ts/hdf-evidence-package.js +39 -0
  34. package/dist/ts/hdf-evidence-package.ts +356 -0
  35. package/dist/ts/hdf-plan.d.ts +204 -0
  36. package/dist/ts/hdf-plan.js +23 -0
  37. package/dist/ts/hdf-plan.ts +205 -0
  38. package/dist/ts/hdf-results.d.ts +1457 -0
  39. package/dist/ts/hdf-results.js +174 -0
  40. package/dist/ts/hdf-results.ts +1481 -0
  41. package/dist/ts/hdf-system.d.ts +609 -0
  42. package/dist/ts/hdf-system.js +102 -0
  43. package/dist/ts/hdf-system.ts +617 -0
  44. package/package.json +98 -0
  45. package/src/schemas/hdf-amendments.schema.json +97 -0
  46. package/src/schemas/hdf-baseline.schema.json +190 -0
  47. package/src/schemas/hdf-comparison.schema.json +107 -0
  48. package/src/schemas/hdf-evidence-package.schema.json +227 -0
  49. package/src/schemas/hdf-plan.schema.json +92 -0
  50. package/src/schemas/hdf-results.schema.json +304 -0
  51. package/src/schemas/hdf-system.schema.json +136 -0
  52. package/src/schemas/primitives/amendments.schema.json +155 -0
  53. package/src/schemas/primitives/common.schema.json +814 -0
  54. package/src/schemas/primitives/comparison.schema.json +809 -0
  55. package/src/schemas/primitives/component.schema.json +518 -0
  56. package/src/schemas/primitives/data-flow.schema.json +158 -0
  57. package/src/schemas/primitives/extensions.schema.json +342 -0
  58. package/src/schemas/primitives/parameter.schema.json +128 -0
  59. package/src/schemas/primitives/plan.schema.json +128 -0
  60. package/src/schemas/primitives/platform.schema.json +32 -0
  61. package/src/schemas/primitives/result.schema.json +133 -0
  62. package/src/schemas/primitives/runner.schema.json +83 -0
  63. package/src/schemas/primitives/statistics.schema.json +71 -0
  64. package/src/schemas/primitives/system.schema.json +132 -0
  65. package/src/schemas/primitives/target.schema.json +523 -0
@@ -0,0 +1,174 @@
1
+ /**
2
+ * The comparison operator used when evaluating this input against observed values.
3
+ *
4
+ * Comparison operator for evaluating the input value against observed values. Numeric:
5
+ * eq/ne/lt/le/gt/ge. String: eq/ne/contains/matches. Collection: in/notIn.
6
+ */
7
+ export var ComparisonOperator;
8
+ (function (ComparisonOperator) {
9
+ ComparisonOperator["Contains"] = "contains";
10
+ ComparisonOperator["Eq"] = "eq";
11
+ ComparisonOperator["Ge"] = "ge";
12
+ ComparisonOperator["Gt"] = "gt";
13
+ ComparisonOperator["In"] = "in";
14
+ ComparisonOperator["LE"] = "le";
15
+ ComparisonOperator["Lt"] = "lt";
16
+ ComparisonOperator["Matches"] = "matches";
17
+ ComparisonOperator["Ne"] = "ne";
18
+ ComparisonOperator["NotIn"] = "notIn";
19
+ })(ComparisonOperator || (ComparisonOperator = {}));
20
+ /**
21
+ * The data type of this input.
22
+ *
23
+ * The data type of the input value. Aligns with InSpec input types.
24
+ */
25
+ export var InputType;
26
+ (function (InputType) {
27
+ InputType["Array"] = "Array";
28
+ InputType["Boolean"] = "Boolean";
29
+ InputType["Hash"] = "Hash";
30
+ InputType["Numeric"] = "Numeric";
31
+ InputType["Regexp"] = "Regexp";
32
+ InputType["String"] = "String";
33
+ })(InputType || (InputType = {}));
34
+ /**
35
+ * The hash algorithm used for the checksum.
36
+ *
37
+ * Supported cryptographic hash algorithms for checksums and integrity verification.
38
+ */
39
+ export var HashAlgorithm;
40
+ (function (HashAlgorithm) {
41
+ HashAlgorithm["Sha256"] = "sha256";
42
+ HashAlgorithm["Sha384"] = "sha384";
43
+ HashAlgorithm["Sha512"] = "sha512";
44
+ })(HashAlgorithm || (HashAlgorithm = {}));
45
+ /**
46
+ * The current effective status of this requirement after applying the most recent
47
+ * non-expired override, or computed from results if no overrides exist.
48
+ *
49
+ * The status of an individual test result. 'notApplicable' indicates the requirement does
50
+ * not apply to the target. 'notReviewed' indicates the requirement was not assessed (e.g.,
51
+ * requires manual verification).
52
+ *
53
+ * The status of this test within the requirement. Example: 'failed'.
54
+ *
55
+ * The new status this override sets for the requirement. This intentionally changes the
56
+ * compliance status.
57
+ */
58
+ export var ResultStatus;
59
+ (function (ResultStatus) {
60
+ ResultStatus["Error"] = "error";
61
+ ResultStatus["Failed"] = "failed";
62
+ ResultStatus["NotApplicable"] = "notApplicable";
63
+ ResultStatus["NotReviewed"] = "notReviewed";
64
+ ResultStatus["Passed"] = "passed";
65
+ })(ResultStatus || (ResultStatus = {}));
66
+ /**
67
+ * The type of identifier. Use 'email' for email addresses, 'username' for user accounts,
68
+ * 'system' for automated systems, 'simple' for basic string identifiers without additional
69
+ * classification, or 'other' for custom identity systems.
70
+ */
71
+ export var OperatorType;
72
+ (function (OperatorType) {
73
+ OperatorType["Email"] = "email";
74
+ OperatorType["Other"] = "other";
75
+ OperatorType["Simple"] = "simple";
76
+ OperatorType["System"] = "system";
77
+ OperatorType["Username"] = "username";
78
+ })(OperatorType || (OperatorType = {}));
79
+ /**
80
+ * The type of evidence being provided.
81
+ */
82
+ export var EvidenceType;
83
+ (function (EvidenceType) {
84
+ EvidenceType["Code"] = "code";
85
+ EvidenceType["File"] = "file";
86
+ EvidenceType["Log"] = "log";
87
+ EvidenceType["Other"] = "other";
88
+ EvidenceType["Screenshot"] = "screenshot";
89
+ EvidenceType["URL"] = "url";
90
+ })(EvidenceType || (EvidenceType = {}));
91
+ /**
92
+ * Current status of this milestone.
93
+ */
94
+ export var Status;
95
+ (function (Status) {
96
+ Status["Completed"] = "completed";
97
+ Status["InProgress"] = "inProgress";
98
+ Status["Pending"] = "pending";
99
+ })(Status || (Status = {}));
100
+ /**
101
+ * The type of POA&M. 'remediation' fixes root cause. 'mitigation' reduces risk via
102
+ * compensating controls. 'riskAcceptance' documents decision to accept risk.
103
+ */
104
+ export var PoamType;
105
+ (function (PoamType) {
106
+ PoamType["Mitigation"] = "mitigation";
107
+ PoamType["Remediation"] = "remediation";
108
+ PoamType["RiskAcceptance"] = "riskAcceptance";
109
+ })(PoamType || (PoamType = {}));
110
+ /**
111
+ * Explicit severity rating. Typically derived from impact score but provided explicitly for
112
+ * clarity.
113
+ *
114
+ * Severity rating for a requirement. Typically derived from the numeric impact score.
115
+ */
116
+ export var Severity;
117
+ (function (Severity) {
118
+ Severity["Critical"] = "critical";
119
+ Severity["High"] = "high";
120
+ Severity["Informational"] = "informational";
121
+ Severity["Low"] = "low";
122
+ Severity["Medium"] = "medium";
123
+ })(Severity || (Severity = {}));
124
+ /**
125
+ * The type of status override applied to this requirement.
126
+ *
127
+ * The type of amendment. 'waiver': risk accepted (AO). 'attestation': manually verified
128
+ * (assessor). 'exception': not applicable (system owner + AO). 'poam': remediation tracked
129
+ * (no status change). 'inherited': control provided by another component or system
130
+ * (overrides to notApplicable/passed).
131
+ */
132
+ export var OverrideType;
133
+ (function (OverrideType) {
134
+ OverrideType["Attestation"] = "attestation";
135
+ OverrideType["Exception"] = "exception";
136
+ OverrideType["Inherited"] = "inherited";
137
+ OverrideType["Poam"] = "poam";
138
+ OverrideType["Waiver"] = "waiver";
139
+ })(OverrideType || (OverrideType = {}));
140
+ export var CloudProvider;
141
+ (function (CloudProvider) {
142
+ CloudProvider["Aws"] = "aws";
143
+ CloudProvider["Azure"] = "azure";
144
+ CloudProvider["Gcp"] = "gcp";
145
+ CloudProvider["Oci"] = "oci";
146
+ CloudProvider["Other"] = "other";
147
+ })(CloudProvider || (CloudProvider = {}));
148
+ /**
149
+ * Format of the SBOM (embedded or referenced). Required when sbom or sbomRef is present.
150
+ */
151
+ export var SbomFormat;
152
+ (function (SbomFormat) {
153
+ SbomFormat["Cyclonedx"] = "cyclonedx";
154
+ SbomFormat["Spdx"] = "spdx";
155
+ })(SbomFormat || (SbomFormat = {}));
156
+ /**
157
+ * A human readable/meaningful reference. Example: a book title.
158
+ *
159
+ * IP address of the host.
160
+ */
161
+ export var Copyright;
162
+ (function (Copyright) {
163
+ Copyright["Application"] = "application";
164
+ Copyright["Artifact"] = "artifact";
165
+ Copyright["CloudAccount"] = "cloudAccount";
166
+ Copyright["CloudResource"] = "cloudResource";
167
+ Copyright["ContainerImage"] = "containerImage";
168
+ Copyright["ContainerInstance"] = "containerInstance";
169
+ Copyright["ContainerPlatform"] = "containerPlatform";
170
+ Copyright["Database"] = "database";
171
+ Copyright["Host"] = "host";
172
+ Copyright["Network"] = "network";
173
+ Copyright["Repository"] = "repository";
174
+ })(Copyright || (Copyright = {}));