@mitre/inspec-objects 0.0.1 → 0.0.2

package/src/utilities/diff.ts

@@ -2,6 +2,11 @@ import { diff } from 'json-diff';
 import Profile from '../objects/profile';
 import { ProfileDiff } from '../types/diff';
 import _ from 'lodash'
+import Control from '../objects/control';
+
+export function updateControl(originalControlString: string, originalControl: Control, updatedControl: Control) {
+    console.log('Here is the original control:');
+}
 
 export function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDiff {
     const profileDiff: ProfileDiff = {
@@ -14,8 +19,9 @@ export function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDi
     const toControlIDs = toProfile.controls.map((control) => control.id).sort();
 
     // Find new controls
-    const controlIDDiff: string[][] = diff(fromControlIDs, toControlIDs)
-    controlIDDiff.forEach((diffValue) => {
+    const controlIDDiff: string[][] | undefined = diff(fromControlIDs, toControlIDs)
+
+    controlIDDiff?.forEach((diffValue) => {
         if (diffValue[0] === '-') {
             profileDiff.removedControlIDs.push(diffValue[1])
         } else if (diffValue[0] === '+') {
@@ -41,7 +47,7 @@ export function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDi
                     if (_.has(value, '__new')) {
                         _.set(profileDiff, 'changedControls.'+fromControl.id +'.'+key.replace('.', '\\.'), _.get(controlDiff, key+'.__new'))
                     } else if (typeof value === 'object') {
-                        Object.entries(value).forEach(([subKey, subValue]) => {
+                        Object.entries(value).forEach(([subKey]) => {
                             _.set(profileDiff, 'changedControls.'+fromControl.id +'.'+key.replace('.', '\\.')+'.'+subKey.replace('.', '\\.'), _.get(controlDiff, key+'.'+subKey+'.__new'))
                         })
                     }

package/src/utilities/global.ts

@@ -21,3 +21,32 @@ const wrapAndEscapeQuotes = (s: string, lineLength?: number) =>
   escapeDoubleQuotes(wrap(s, lineLength)); // Escape backslashes and quotes, and wrap long lines
 
 export { escapeQuotes, escapeDoubleQuotes, wrapAndEscapeQuotes };
+
+export function getFirstPath(
+  object: Record<string, unknown>,
+  paths: string[]
+): string {
+  const index = _.findIndex(paths, (p) => hasPath(object, p));
+
+  if (index === -1) {
+    throw new Error(
+      `Attestation is missing one of these paths: ${paths.join(', ')}`
+    );
+  } else {
+    return _.get(object, paths[index]) as string;
+  }
+}
+
+export function hasPath(
+  file: Record<string, unknown>,
+  path: string | string[]
+): boolean {
+  let pathArray;
+  if (typeof path === 'string') {
+    pathArray = [path];
+  } else {
+    pathArray = path;
+  }
+
+  return _.some(pathArray, (p) => _.has(file, p));
+}

package/src/utilities/xccdf.ts

@@ -2,17 +2,21 @@ import parser from 'fast-xml-parser'
 import * as htmlparser from 'htmlparser2'
 import _ from 'lodash'
 import { DecodedDescription } from '../types/xccdf'
+import fs from 'fs'
+import { randomUUID } from 'crypto'
 
 export function convertEncodedXmlIntoJson(
-    encodedXml: string,
+    encodedXml: string
   ): any {
     return parser.parse(encodedXml, {
       ignoreAttributes: false,
+      ignoreNameSpace: true,
       attributeNamePrefix: '@_',
+      arrayMode: true
     })
 }
 
-export function severityStringToImpact(string: string): number {
+export function severityStringToImpact(string: string, id: string): number {
   if (string.match(/none|na|n\/a|not[\s()*_|]?applicable/i)?.length) {
     return 0.0
   }
@@ -33,7 +37,8 @@ export function severityStringToImpact(string: string): number {
     return 1.0
   }
 
-  throw new Error(`${string}' is not a valid severity value. It should be one of the approved keywords`)
+  console.log(`${string} is not a valid severity value. It should be one of the approved keywords. ${id} will be treated as medium severity`)
+  return 0.5;
 }
 
 export function impactNumberToSeverityString(impact: number): string {

package/tsconfig.json

@@ -15,7 +15,8 @@
     },
     "include": [
       "index.ts",
-      "src/**/*"
+      "src/**/*",
+      "types/**/*.d.ts"
     ],
   }
   

package/types/ionchannelAnalysis.d.ts

@@ -0,0 +1,238 @@
+export type ContextualizedDependency = Dependency & {
+  parentDependencies: string[];
+};
+
+export type IonChannelAnalysisResponse = {
+  analysis: IonChannelAnalysis;
+};
+
+export type IonChannelAnalysis = {
+  id: string;
+  analysis_id: string;
+  team_id: string;
+  project_id: string;
+  name: string;
+  text: string;
+  type: string;
+  source: string;
+  branch: string;
+  description: string;
+  risk: string;
+  summary: string;
+  passed: boolean;
+  ruleset_id: string;
+  ruleset_name: string;
+  status: string;
+  created_at: Date;
+  updated_at: Date;
+  duration: number;
+  trigger_hash: string;
+  trigger_text: string;
+  trigger_author: string;
+  trigger: string;
+  scan_summaries: ScanSummary[];
+  public: boolean;
+};
+
+export type ScanSummary = {
+  id: string;
+  team_id: string;
+  project_id: string;
+  analysis_id: string;
+  summary: string;
+  results: Results;
+  created_at: Date;
+  updated_at: Date;
+  duration: number;
+  name: string;
+  description: string;
+};
+
+export type Results = {
+  type: string;
+  data: Data;
+};
+
+export type Data = {
+  vulnerabilities?: DataVulnerability[];
+  meta?: Meta;
+  dependencies?: Dependency[];
+  CSS?: number;
+  HTML?: number;
+  JavaScript?: number;
+  Vue?: number;
+  committers?: number;
+  name?: string;
+  url?: string;
+  committed_at?: Date;
+  old_names?: string[];
+  stars?: number;
+  name_changed?: boolean;
+  compilers?: null;
+  docker_file?: DockerFile;
+  known_viruses?: number;
+  engine_version?: string;
+  scanned_directories?: number;
+  scanned_files?: number;
+  infected_files?: number;
+  data_scanned?: string;
+  data_read?: string;
+  time?: string;
+  file_notes?: Record<string, unknown>;
+  clam_av_details?: ClamAVDetails;
+  license?: License;
+  checksum?: string;
+  difference?: boolean;
+  message?: string;
+  valid?: boolean;
+  content?: string;
+};
+
+export type ClamAVDetails = {
+  clamav_version: string;
+  clamav_db_version: string;
+};
+
+export type Dependency = {
+  latest_version: string;
+  org: string;
+  name: string;
+  type: string;
+  package: string;
+  version: string;
+  scope: Scope;
+  requirement: string;
+  file: File;
+  outdated_version: OutdatedVersion;
+  dependencies: Dependency[];
+};
+
+export enum File {
+  Empty = '',
+  PackageJSON = 'package.json'
+}
+
+export type OutdatedVersion = {
+  major_behind: number;
+  minor_behind: number;
+  patch_behind: number;
+};
+
+export enum Scope {
+  Runtime = 'runtime'
+}
+
+export type DockerFile = {
+  images: null;
+  dependencies: null;
+};
+
+export type License = {
+  name: string;
+  type: TypeElement[];
+};
+
+export type TypeElement = {
+  name: string;
+  confidence: number;
+};
+
+export type Meta = {
+  vulnerability_count?: number;
+  resolved_to?: string;
+  first_degree_count?: number;
+  no_version_count?: number;
+  total_unique_count?: number;
+  update_available_count?: number;
+  vulnerable_count?: number;
+};
+
+export type DataVulnerability = {
+  id: number;
+  external_id: string;
+  source_id: number;
+  title: string;
+  name: string;
+  org: string;
+  version: string;
+  up: string;
+  edition: string;
+  aliases: null;
+  created_at: Date;
+  updated_at: Date;
+  references: null;
+  part: string;
+  language: string;
+  vulnerabilities: VulnerabilityVulnerability[];
+  query: Dependency;
+};
+
+export type VulnerabilityVulnerability = {
+  id: number;
+  external_id: string;
+  source: Source[];
+  title: string;
+  summary: string;
+  score: string;
+  score_version?: string;
+  score_system: string;
+  score_details: ScoreDetails;
+  vector: string;
+  access_complexity: string;
+  vulnerability_authentication: string;
+  confidentiality_impact: string;
+  integrity_impact: string;
+  availability_impact: string;
+  vulnerabilty_source: string;
+  assessment_check: null;
+  scanner: null;
+  recommendation: string;
+  references: null;
+  modified_at: Date;
+  published_at: Date;
+  created_at: Date;
+  updated_at: Date;
+  mttr_seconds: null;
+  dependencies: null;
+};
+
+export type ScoreDetails = {
+  cvssv2?: Cvssv2;
+  cvssv3?: Cvssv3;
+};
+
+export type Cvssv2 = {
+  vectorString: string;
+  accessVector: string;
+  accessComplexity: string;
+  authentication: string;
+  confidentialityImpact: string;
+  integrityImpact: string;
+  availabilityImpact: string;
+  baseScore: number;
+};
+
+export type Cvssv3 = {
+  vectorString: string;
+  attackVector: string;
+  attackComplexity: string;
+  privilegesRequired: string;
+  userInteraction: string;
+  scope: string;
+  confidentialityImpact: string;
+  integrityImpact: string;
+  availabilityImpact: string;
+  baseScore: number;
+  baseSeverity: string;
+};
+
+export type Source = {
+  id: number;
+  name: string;
+  description: string;
+  created_at: Date;
+  updated_at: Date;
+  attribution: string;
+  license: string;
+  copyright_url: string;
+};

package/types/ionchannelProjects.d.ts

@@ -0,0 +1,72 @@
+export type Projects = {
+  data: Project[];
+  meta: Meta;
+};
+
+export type Project = {
+  id: string;
+  team_id: string;
+  name: string;
+  active: boolean;
+  draft: boolean;
+  chat_channel: string;
+  created_at: Date;
+  updated_at: Date;
+  deploy_key: string;
+  should_monitor: boolean;
+  monitor_frequency: string;
+  poc_name: string;
+  poc_email: string;
+  username: string;
+  password: string;
+  key_fingerprint: string;
+  private: boolean;
+  aliases: null;
+  tags: null;
+  ruleset_history: null;
+  sbom_id: string;
+  sbom_entry_id: string;
+  cpe: string;
+  purl: string;
+  ruleset_name: string;
+  analysis_summary: AnalysisSummary;
+  status: Status;
+};
+
+export type AnalysisSummary = {
+  id: string;
+  analysis_id: string;
+  team_id: string;
+  project_id: string;
+  name: string;
+  text: null;
+  type: string;
+  source: string;
+  branch: string;
+  description: string;
+  risk: string;
+  summary: string;
+  passed: boolean;
+  ruleset_id: string;
+  ruleset_name: string;
+  status: string;
+  created_at: Date;
+  updated_at: Date;
+  duration: number;
+  trigger_hash: string;
+  trigger_text: string;
+  trigger_author: string;
+  trigger: string;
+};
+
+export enum Status {
+  Errored = 'errored',
+  Failing = 'failing',
+  Passing = 'passing'
+}
+
+export type Meta = {
+  total_count: number;
+  limit: number;
+  offset: number;
+};

package/types/ionchannelTeams.d.ts

@@ -0,0 +1,26 @@
+export type IonChannelTeams = {
+  data: Team[];
+  meta: Meta;
+};
+
+export type Team = {
+  id: string;
+  created_at: Date;
+  updated_at: Date;
+  deleted_at: Date;
+  name: string;
+  delivering: boolean;
+  sys_admin: boolean;
+  poc_name: string;
+  poc_email: string;
+  default_deploy_key: string;
+  organization_id: string;
+  user_id: string;
+  role: string;
+  status: string;
+};
+
+export type Meta = {
+  total_count: number;
+  offset: number;
+};

package/types/reverseMappedXCCDF.d.ts

@@ -0,0 +1,67 @@
+export type MappedXCCDFtoHDF = {
+  Benchmark: Benchmark;
+};
+
+export type Benchmark = {
+  id: string;
+  date: string;
+  title: string;
+  Profile: Profile[];
+  Rule: Rule[];
+  metadata: MetaData;
+  passthrough: string;
+  version: string;
+  TestResult: {
+    endTime: string;
+    hasAttributes: boolean;
+    // Any as defined by InSpec Inputs, matching InSpecJS
+    attributes: {[key: string]: any}[];
+    results: TestResult[];
+  };
+};
+
+export type Profile = {
+  id: string;
+  title: string;
+  description: string;
+  select: string[];
+};
+
+export type Rule = {
+  groupId?: string;
+  id: string;
+  title?: string;
+  description?: string;
+  code?: string;
+  warning?: string;
+  rationale?: string;
+  checkContent?: string;
+  fix?: string;
+  ccis: string[];
+};
+
+export type MetaData = {
+  maintainer?: string;
+  copyright?: string;
+};
+
+export type XCCDFSeverity = 'info' | 'low' | 'medium' | 'high';
+
+export type TestResultStatus =
+  | 'pass'
+  | 'fail'
+  | 'error'
+  | 'unknown'
+  | 'notapplicable'
+  | 'notchecked'
+  | 'notselected'
+  | 'informational'
+  | 'fixed';
+
+export type TestResult = {
+  idref: string;
+  result: TestResultStatus;
+  messageType: string;
+  message: string;
+  code: string;
+};

package/types/splunk-sdk-no-env/index.d.ts

@@ -0,0 +1,88 @@
+declare module '@mitre/splunk-sdk-no-env' {
+    export type SplunkConfig = {
+      scheme: string;
+      host: string;
+      port?: number;
+      username?: string;
+      password?: string;
+      index: string;
+      owner?: string;
+      app?: string;
+      sessionKey?: string;
+      autologin?: boolean;
+      version?: string;
+      insecure?: boolean;
+    };
+
+    export type jobTrackCallbacks = {
+      done?: (job: Job) => void;
+      ready?: (job: Job) => void;
+      progress?: (job: Job) => void;
+      failed?: (job: Job) => void;
+      error?: (err: any) => void;
+    };
+
+    class Http {
+      constructor();
+    }
+
+    class Logger {
+      error(message: any): void;
+    }
+
+    class Indexs {
+      fetch(callback: (error: any, success: any, indexes: Index[]) => void): void;
+    }
+
+    class Index {
+      name: string;
+
+      submitEvent(
+        event: string,
+        config: {sourcetype: string; index: string},
+        callback: (error: any) => void
+      ): void;
+    }
+
+    class Jobs {
+      fetch(callback: (error: any, success: any, jobs: Job[]) => void): void;
+
+      create(
+        query: string,
+        params: unknown,
+        callback: (error: any, createdJob: Job) => void
+      ): void;
+    }
+
+    class Job {
+      track(
+        options: {period?: number},
+        callbacks: jobTrackCallbacks | ((readyStatus: any) => void)
+      ): void;
+
+      results(
+        params: {count: number},
+        callback: (
+          err: any,
+          results: {fields: string[]; rows: string[]},
+          job: Job
+        ) => void
+      ): void;
+    }
+
+    class Service {
+      constructor(config: SplunkConfig);
+      constructor(httpInstance: any, config: SplunkConfig);
+
+      login(callback: (error: any, success: any) => void): boolean;
+      indexes(): Indexs;
+      jobs(): Jobs;
+
+      requestOptions: {
+        strictSSL: boolean;
+      };
+    }
+  }
+
+  declare module '@mitre/splunk-sdk-no-env/lib/platform/client/jquery_http';
+