@mitre/inspec-objects 0.0.1

package/LICENSE.md

@@ -0,0 +1,9 @@
+Licensed under the Apache-2.0 license.  
+
+Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:  
+
+- Redistributions of source code must retain the above copyright/ digital rights legend, this list of conditions and the following Notice.  
+
+- Redistributions in binary form must reproduce the above copyright copyright/ digital rights legend, this list of conditions and the following Notice in the documentation and/or other materials provided with the distribution.  
+
+- Neither the name of The MITRE Corporation nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

package/README.md

@@ -0,0 +1,20 @@
+# ts-inspec-objects
+Typescript objects for InSpec profiles
+
+### NOTICE
+
+© 2018-2022 The MITRE Corporation.
+
+Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
+
+### NOTICE
+
+MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
+
+### NOTICE
+
+This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
+
+No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
+
+For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.

package/lib/index.d.ts

@@ -0,0 +1,5 @@
+export * from './objects/control';
+export * from './objects/profile';
+export * from './parsers/json';
+export * from './parsers/xccdf';
+export * from './utilities/diff';

package/lib/index.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./objects/control"), exports);
+tslib_1.__exportStar(require("./objects/profile"), exports);
+tslib_1.__exportStar(require("./parsers/json"), exports);
+tslib_1.__exportStar(require("./parsers/xccdf"), exports);
+tslib_1.__exportStar(require("./utilities/diff"), exports);

package/lib/objects/control.d.ts

@@ -0,0 +1,42 @@
+import { ExecJSON } from "inspecjs";
+export default class Control {
+    id?: string | null;
+    title?: string | null;
+    code?: string | null;
+    desc?: string | null;
+    descs?: ExecJSON.ControlDescription[] | {
+        [key: string]: string;
+    } | null;
+    impact?: number;
+    ref?: string;
+    refs?: string[];
+    tags: {
+        check?: string;
+        fix?: string;
+        severity?: string;
+        gtitle?: string;
+        gid?: string;
+        satisfies?: string[];
+        rid?: string;
+        stig_id?: string;
+        fix_id?: string;
+        cci?: string[];
+        cis_controls?: Record<string, string[]>[];
+        nist?: string[];
+        legacy?: string[];
+        false_negatives?: string;
+        false_positives?: string;
+        documentable?: boolean;
+        mitigations?: string;
+        severity_override_guidance?: string;
+        potential_impacts?: string;
+        third_party_tools?: string;
+        mitigation_controls?: string;
+        responsibility?: string;
+        ia_controls?: string;
+        [key: string]: string | string[] | Record<string, string[]>[] | boolean | undefined | null;
+    };
+    constructor(data?: Partial<Control>);
+    toUnformattedObject(): Control;
+    toRuby(lineLength?: number): string;
+}

package/lib/objects/control.js

@@ -0,0 +1,88 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+const flat_1 = require("flat");
+const global_1 = require("../utilities/global");
+class Control {
+    constructor(data) {
+        this.tags = {};
+        if (data) {
+            Object.entries(data).forEach(([key, value]) => {
+                lodash_1.default.set(this, key, value);
+            });
+        }
+    }
+    toUnformattedObject() {
+        const flattened = (0, flat_1.flatten)(this);
+        Object.entries(flattened).forEach(([key, value]) => {
+            if (typeof value === 'string') {
+                lodash_1.default.set(flattened, key, (0, global_1.unformatText)(value));
+            }
+        });
+        return new Control((0, flat_1.unflatten)(flattened));
+    }
+    toRuby(lineLength = 80) {
+        let result = "# encoding: UTF-8\n\n";
+        result += `control "${this.id}" do\n`;
+        if (this.title) {
+            result += `  title "${(0, global_1.wrapAndEscapeQuotes)(this.title, lineLength)}"\n`;
+        }
+        else {
+            console.error(`${this.id} does not have a title`);
+        }
+        if (this.desc) {
+            result += `  desc "${(0, global_1.wrapAndEscapeQuotes)(this.desc, lineLength)}"\n`;
+        }
+        else {
+            console.error(`${this.id} does not have a desc`);
+        }
+        if (this.descs) {
+            Object.entries(this.descs).forEach(([key, desc]) => {
+                if (desc) {
+                    result += `  desc "${key}", "${(0, global_1.wrapAndEscapeQuotes)(desc, lineLength)}"\n`;
+                }
+                else {
+                    console.error(`${this.id} does not have a desc for the value ${key}`);
+                }
+            });
+        }
+        if (this.impact) {
+            result += `  impact ${this.impact}\n`;
+        }
+        else {
+            console.error(`${this.id} does not have an impact`);
+        }
+        if (this.refs) {
+            this.refs.forEach((ref) => {
+                result += `  ref '${(0, global_1.escapeQuotes)(ref)}'\n`;
+            });
+        }
+        Object.entries(this.tags).forEach(([tag, value]) => {
+            if (value) {
+                if (typeof value === "object") {
+                    if (Array.isArray(value) && typeof value[0] === "string") {
+                        result += `  tag ${tag}: ${JSON.stringify(value)}\n`;
+                    }
+                    else {
+                        // Convert JSON Object to Ruby Hash
+                        const stringifiedObject = JSON.stringify(value, null, 2)
+                            .replace(/\n/g, "\n  ")
+                            .replace(/\{\n {6}/g, "{")
+                            .replace(/\[\n {8}/g, "[")
+                            .replace(/\n {6}\]/g, "]")
+                            .replace(/\n {4}\}/g, "}")
+                            .replace(/": \[/g, '" => [');
+                        result += `  tag ${tag}: ${stringifiedObject}\n`;
+                    }
+                }
+                else if (typeof value === "string") {
+                    result += `  tag ${tag}: "${(0, global_1.wrapAndEscapeQuotes)(value, lineLength)}"\n`;
+                }
+            }
+        });
+        result += "end";
+        return result;
+    }
+}
+exports.default = Control;

package/lib/objects/profile.d.ts

@@ -0,0 +1,50 @@
+import Control from "./control";
+export default class Profile {
+    name?: string | null;
+    title?: string | null;
+    maintainer?: string | null;
+    copyright?: string | null;
+    copyright_email?: string | null;
+    license?: string | null;
+    summary?: string | null;
+    description?: string | null;
+    version?: string | null;
+    inspec_version?: string | null;
+    supports: {
+        "platform-family"?: string;
+        "platform-name"?: string;
+        "os-name"?: string;
+        "os-family"?: string;
+        release?: string;
+        platform?: string;
+    }[];
+    depends: {
+        name: string;
+        path?: string;
+        url?: string;
+        username?: string;
+        password?: string;
+        git?: string;
+        branch?: string;
+        tag?: string;
+        commit?: string;
+        version?: string;
+        relative_path?: string;
+        supermarket?: string;
+        compliance?: string;
+    }[];
+    inputs: {
+        [key: string]: string;
+    }[];
+    gem_dependencies?: {
+        name: string;
+        version: string;
+    }[];
+    libraries: string[];
+    readme?: string | null;
+    files: string[];
+    controls: Control[];
+    constructor(data?: Omit<Partial<Profile>, "controls">);
+    createInspecYaml(): string;
+    toUnformattedObject(): Profile;
+}

package/lib/objects/profile.js

@@ -0,0 +1,48 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+const yaml_1 = tslib_1.__importDefault(require("yaml"));
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+const global_1 = require("../utilities/global");
+class Profile {
+    constructor(data) {
+        this.supports = [];
+        this.depends = [];
+        this.inputs = [];
+        this.libraries = [];
+        this.files = [];
+        this.controls = [];
+        if (data) {
+            Object.entries(data).forEach(([key, value]) => {
+                lodash_1.default.set(this, key, value);
+            });
+        }
+    }
+    createInspecYaml() {
+        return yaml_1.default.stringify({
+            name: this.name,
+            title: this.title,
+            maintainer: this.maintainer,
+            copyright: this.copyright,
+            copyright_email: this.copyright_email,
+            license: this.license,
+            summary: this.summary,
+            description: this.description,
+            version: this.version,
+            supports: this.supports,
+            depends: this.depends,
+            inspec_version: this.inspec_version,
+        });
+    }
+    toUnformattedObject() {
+        const unformattedProfile = new Profile(this);
+        Object.entries(this).forEach(([key, value]) => {
+            if (typeof value === "string") {
+                lodash_1.default.set(unformattedProfile, key, (0, global_1.unformatText)(value));
+            }
+        });
+        unformattedProfile.controls = this.controls.map((control) => control.toUnformattedObject());
+        return unformattedProfile;
+    }
+}
+exports.default = Profile;

package/lib/parsers/json.d.ts

@@ -0,0 +1,6 @@
+import { ContextualizedEvaluation, ContextualizedProfile, ExecJSON } from "inspecjs";
+import Profile from "../objects/profile";
+export declare function processEvaluation(evaluationInput: ContextualizedEvaluation): Profile;
+export declare function processProfileJSON(profileInput: ContextualizedProfile): Profile;
+export declare function processExecJSON(execJSON: ExecJSON.Execution): Profile;
+export declare function processJSON(json: string): Profile;

package/lib/parsers/json.js

@@ -0,0 +1,80 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processJSON = exports.processExecJSON = exports.processProfileJSON = exports.processEvaluation = void 0;
+const tslib_1 = require("tslib");
+const inspecjs_1 = require("inspecjs");
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+const control_1 = tslib_1.__importDefault(require("../objects/control"));
+const profile_1 = tslib_1.__importDefault(require("../objects/profile"));
+function processEvaluation(evaluationInput) {
+    const topLevelProfile = evaluationInput.contains[0];
+    const profile = new profile_1.default({
+        name: topLevelProfile.data.name,
+        title: topLevelProfile.data.title,
+        maintainer: topLevelProfile.data.maintainer,
+        copyright: topLevelProfile.data.copyright,
+        copyright_email: topLevelProfile.data.copyright_email,
+        license: lodash_1.default.get(topLevelProfile.data, "license"),
+        summary: lodash_1.default.get(topLevelProfile.data, "summary"),
+        description: lodash_1.default.get(topLevelProfile.data, "description"),
+        version: topLevelProfile.data.version,
+    });
+    topLevelProfile.contains.forEach((control) => {
+        profile.controls.push(new control_1.default({
+            id: control.data.id,
+            title: control.data.title,
+            impact: control.data.impact,
+            desc: control.data.desc,
+            descs: control.hdf.wraps.descriptions,
+            tags: control.hdf.wraps.tags,
+        }));
+    });
+    return profile;
+}
+exports.processEvaluation = processEvaluation;
+function processProfileJSON(profileInput) {
+    const profile = new profile_1.default({
+        name: profileInput.data.name,
+        title: profileInput.data.title,
+        maintainer: profileInput.data.maintainer,
+        copyright: profileInput.data.copyright,
+        copyright_email: profileInput.data.copyright_email,
+        license: lodash_1.default.get(profileInput.data, "license"),
+        summary: lodash_1.default.get(profileInput.data, "summary"),
+        description: lodash_1.default.get(profileInput.data, "description"),
+        version: profileInput.data.version,
+    });
+    profileInput.data.controls.forEach((control) => {
+        profile.controls.push(new control_1.default({
+            id: control.id,
+            title: control.title,
+            desc: control.desc,
+            impact: control.impact,
+            code: control.code,
+            tags: control.tags,
+            descs: control.descriptions,
+        }));
+    });
+    return profile;
+}
+exports.processProfileJSON = processProfileJSON;
+function processExecJSON(execJSON) {
+    return processEvaluation((0, inspecjs_1.contextualizeEvaluation)(execJSON));
+}
+exports.processExecJSON = processExecJSON;
+function processJSON(json) {
+    const convertedFile = (0, inspecjs_1.convertFile)(json, true);
+    let profile = new profile_1.default();
+    if (convertedFile["1_0_ExecJson"]) {
+        profile = processEvaluation((0, inspecjs_1.contextualizeEvaluation)(convertedFile["1_0_ExecJson"])).toUnformattedObject();
+    }
+    else if (convertedFile["1_0_ProfileJson"]) {
+        profile = processProfileJSON((0, inspecjs_1.contextualizeProfile)(JSON.parse(json))).toUnformattedObject();
+    }
+    else {
+        throw new Error("Unknown file type passed");
+    }
+    profile.controls = lodash_1.default.sortBy(profile.controls, "id");
+    return profile;
+}
+exports.processJSON = processJSON;

package/lib/parsers/xccdf.d.ts

@@ -0,0 +1,2 @@
+import Profile from '../objects/profile';
+export declare function processXCCDF(xml: string): Profile;

package/lib/parsers/xccdf.js

@@ -0,0 +1,73 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processXCCDF = void 0;
+const tslib_1 = require("tslib");
+const CciNistMappingData_1 = require("@mitre/hdf-converters/lib/src/mappings/CciNistMappingData");
+const profile_1 = tslib_1.__importDefault(require("../objects/profile"));
+const xccdf_1 = require("../utilities/xccdf");
+const control_1 = tslib_1.__importDefault(require("../objects/control"));
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+function processXCCDF(xml) {
+    const parsedXML = (0, xccdf_1.convertEncodedXmlIntoJson)(xml);
+    const groups = parsedXML.Benchmark.Group;
+    const profile = new profile_1.default({
+        name: parsedXML.Benchmark['@_id'],
+        title: parsedXML.Benchmark.title,
+        summary: parsedXML.Benchmark.description
+    });
+    groups.forEach(group => {
+        var _a, _b, _c;
+        const extractedDescription = (0, xccdf_1.convertEncodedHTMLIntoJson)((_a = group.Rule) === null || _a === void 0 ? void 0 : _a.description);
+        const control = new control_1.default({
+            id: group['@_id'],
+            title: group.Rule['@_severity'] ? group.Rule.title : `[[[MISSING SEVERITY FROM STIG]]] ${group.Rule.title}`,
+            desc: (_b = extractedDescription.VulnDiscussion) === null || _b === void 0 ? void 0 : _b.split('Satisfies: ')[0],
+            impact: (0, xccdf_1.severityStringToImpact)(group.Rule['@_severity'] || 'critical'),
+            descs: {
+                check: group.Rule.check['check-content'],
+                fix: group.Rule.fixtext['#text']
+            },
+            tags: lodash_1.default.omitBy({
+                severity: (0, xccdf_1.impactNumberToSeverityString)((0, xccdf_1.severityStringToImpact)(group.Rule['@_severity'] || 'critical')),
+                gtitle: group.title,
+                satisfies: ((_c = extractedDescription.VulnDiscussion) === null || _c === void 0 ? void 0 : _c.includes('Satisfies: ')) && extractedDescription.VulnDiscussion.split('Satisfies: ').length >= 1 ? extractedDescription.VulnDiscussion.split('Satisfies: ')[1].split(',').map(satisfaction => satisfaction.trim()) : undefined,
+                gid: group['@_id'],
+                rid: group.Rule['@_id'],
+                stig_id: group.Rule.version,
+                fix_id: group.Rule.fix['@_id'],
+                false_negatives: extractedDescription.FalseNegatives,
+                false_positives: extractedDescription.FalsePositives,
+                documentable: extractedDescription.Documentable,
+                mitigations: extractedDescription.Mitigations,
+                severity_override_guidance: extractedDescription.SeverityOverrideGuidance,
+                potential_impacts: extractedDescription.PotentialImpacts,
+                third_party_tools: extractedDescription.ThirdPartyTools,
+                mitigation_control: extractedDescription.MitigationControl,
+                mitigation_controls: extractedDescription.MitigationControls,
+                responsibility: extractedDescription.Responsibility,
+                ia_controls: extractedDescription.IAControls
+            }, i => !Boolean(i))
+        });
+        if ('ident' in group.Rule) {
+            const identifiers = Array.isArray(group.Rule.ident) ? group.Rule.ident : [group.Rule.ident];
+            // Grab CCI/NIST/Legacy identifiers
+            identifiers.forEach(identifier => {
+                var _a, _b, _c;
+                const identifierText = identifier['#text'];
+                if (identifier['@_system'].toLowerCase().endsWith('cci')) {
+                    (_a = control.tags.cci) === null || _a === void 0 ? void 0 : _a.push(identifierText);
+                    if (identifierText in CciNistMappingData_1.data) {
+                        (_b = control.tags.nist) === null || _b === void 0 ? void 0 : _b.push(lodash_1.default.get(CciNistMappingData_1.data, identifierText));
+                    }
+                }
+                if (identifier['@_system'].toLowerCase().endsWith('legacy')) {
+                    (_c = control.tags.legacy) === null || _c === void 0 ? void 0 : _c.push(identifierText);
+                }
+            });
+        }
+        profile.controls.push(control);
+    });
+    profile.controls = lodash_1.default.sortBy(profile.controls, 'id');
+    return profile.toUnformattedObject();
+}
+exports.processXCCDF = processXCCDF;

package/lib/utilities/diff.d.ts

@@ -0,0 +1,3 @@
+import Profile from '../objects/profile';
+import { ProfileDiff } from '../types/diff';
+export declare function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDiff;

package/lib/utilities/diff.js

@@ -0,0 +1,53 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.diffProfile = void 0;
+const tslib_1 = require("tslib");
+const json_diff_1 = require("json-diff");
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+function diffProfile(fromProfile, toProfile) {
+    const profileDiff = {
+        addedControlIDs: [],
+        removedControlIDs: [],
+        changedControls: {}
+    };
+    const fromControlIDs = fromProfile.controls.map((control) => control.id).sort();
+    const toControlIDs = toProfile.controls.map((control) => control.id).sort();
+    // Find new controls
+    const controlIDDiff = (0, json_diff_1.diff)(fromControlIDs, toControlIDs);
+    controlIDDiff.forEach((diffValue) => {
+        if (diffValue[0] === '-') {
+            profileDiff.removedControlIDs.push(diffValue[1]);
+        }
+        else if (diffValue[0] === '+') {
+            profileDiff.addedControlIDs.push(diffValue[1]);
+        }
+    });
+    // Add new controls to changedControls
+    profileDiff.addedControlIDs.forEach((addedControl) => {
+        const newControl = toProfile.controls.find((control) => addedControl === control.id);
+        if (newControl) {
+            profileDiff.changedControls[addedControl] = newControl;
+        }
+    });
+    // Find changed controls
+    for (const fromControl of fromProfile.controls) {
+        const toControl = toProfile.controls.find((control) => control.id === fromControl.id);
+        if (toControl) {
+            const controlDiff = (0, json_diff_1.diff)(fromControl, toControl);
+            if (controlDiff) {
+                Object.entries(controlDiff).forEach(([key, value]) => {
+                    if (lodash_1.default.has(value, '__new')) {
+                        lodash_1.default.set(profileDiff, 'changedControls.' + fromControl.id + '.' + key.replace('.', '\\.'), lodash_1.default.get(controlDiff, key + '.__new'));
+                    }
+                    else if (typeof value === 'object') {
+                        Object.entries(value).forEach(([subKey, subValue]) => {
+                            lodash_1.default.set(profileDiff, 'changedControls.' + fromControl.id + '.' + key.replace('.', '\\.') + '.' + subKey.replace('.', '\\.'), lodash_1.default.get(controlDiff, key + '.' + subKey + '.__new'));
+                        });
+                    }
+                });
+            }
+        }
+    }
+    return profileDiff;
+}
+exports.diffProfile = diffProfile;

package/lib/utilities/global.d.ts

@@ -0,0 +1,6 @@
+export declare function wrap(s: string, lineLength?: number): string;
+export declare function unformatText(s: string): string;
+declare const escapeQuotes: (s: string) => string;
+declare const escapeDoubleQuotes: (s: string) => string;
+declare const wrapAndEscapeQuotes: (s: string, lineLength?: number) => string;
+export { escapeQuotes, escapeDoubleQuotes, wrapAndEscapeQuotes };

package/lib/utilities/global.js

@@ -0,0 +1,18 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.wrapAndEscapeQuotes = exports.escapeDoubleQuotes = exports.escapeQuotes = exports.unformatText = exports.wrap = void 0;
+// Breaks lines down to lineLength number of characters
+function wrap(s, lineLength = 80) {
+    return s.replace(new RegExp(`(?![^\n]{1,${lineLength}}$)([^\n]{1,${lineLength}})`, "g"), "$1\n");
+}
+exports.wrap = wrap;
+function unformatText(s) {
+    return s.replace(/\n/g, ' ').replace(/\\n/g, ' ').replace(/( +|\t)/g, ' ');
+}
+exports.unformatText = unformatText;
+const escapeQuotes = (s) => s.replace(/\\/g, "\\\\").replace(/'/g, "\\'"); // Escape backslashes and quotes
+exports.escapeQuotes = escapeQuotes;
+const escapeDoubleQuotes = (s) => s.replace(/\\/g, "\\\\").replace(/"/g, '\\"'); // Escape backslashes and double quotes
+exports.escapeDoubleQuotes = escapeDoubleQuotes;
+const wrapAndEscapeQuotes = (s, lineLength) => escapeDoubleQuotes(wrap(s, lineLength)); // Escape backslashes and quotes, and wrap long lines
+exports.wrapAndEscapeQuotes = wrapAndEscapeQuotes;

package/lib/utilities/xccdf.d.ts

@@ -0,0 +1,5 @@
+import { DecodedDescription } from '../types/xccdf';
+export declare function convertEncodedXmlIntoJson(encodedXml: string): any;
+export declare function severityStringToImpact(string: string): number;
+export declare function impactNumberToSeverityString(impact: number): string;
+export declare function convertEncodedHTMLIntoJson(encodedHTML?: string): DecodedDescription;

package/lib/utilities/xccdf.js

@@ -0,0 +1,103 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertEncodedHTMLIntoJson = exports.impactNumberToSeverityString = exports.severityStringToImpact = exports.convertEncodedXmlIntoJson = void 0;
+const tslib_1 = require("tslib");
+const fast_xml_parser_1 = tslib_1.__importDefault(require("fast-xml-parser"));
+const htmlparser = tslib_1.__importStar(require("htmlparser2"));
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+function convertEncodedXmlIntoJson(encodedXml) {
+    return fast_xml_parser_1.default.parse(encodedXml, {
+        ignoreAttributes: false,
+        attributeNamePrefix: '@_',
+    });
+}
+exports.convertEncodedXmlIntoJson = convertEncodedXmlIntoJson;
+function severityStringToImpact(string) {
+    var _a, _b, _c, _d, _e;
+    if ((_a = string.match(/none|na|n\/a|not[\s()*_|]?applicable/i)) === null || _a === void 0 ? void 0 : _a.length) {
+        return 0.0;
+    }
+    if ((_b = string.match(/low|cat(egory)?\s*(iii|3)/i)) === null || _b === void 0 ? void 0 : _b.length) {
+        return 0.3;
+    }
+    if ((_c = string.match(/med(ium)?|cat(egory)?\s*(ii|2)/)) === null || _c === void 0 ? void 0 : _c.length) {
+        return 0.5;
+    }
+    if ((_d = string.match(/high|cat(egory)?\s*(i|1)/)) === null || _d === void 0 ? void 0 : _d.length) {
+        return 0.7;
+    }
+    if ((_e = string.match(/crit(ical)?|severe/)) === null || _e === void 0 ? void 0 : _e.length) {
+        return 1.0;
+    }
+    throw new Error(`${string}' is not a valid severity value. It should be one of the approved keywords`);
+}
+exports.severityStringToImpact = severityStringToImpact;
+function impactNumberToSeverityString(impact) {
+    // Impact must be 0.0 - 1.0
+    if (impact < 0.0 || impact > 1.0) {
+        throw new Error('Impact cannot be less than 0.0 or greater than 1.0');
+    }
+    else {
+        if (impact >= 0.9) {
+            return 'critical';
+        }
+        if (impact >= 0.7) {
+            return 'high';
+        }
+        if (impact >= 0.4) {
+            return 'medium';
+        }
+        if (impact >= 0.1) {
+            return 'low';
+        }
+        return 'none';
+    }
+}
+exports.impactNumberToSeverityString = impactNumberToSeverityString;
+function convertEncodedHTMLIntoJson(encodedHTML) {
+    if (encodedHTML) {
+        // Some STIGs regarding XSS put the < character inside of the description which breaks parsing
+        const patchedHTML = encodedHTML.replace(/"&lt;"/g, '[[[REPLACE_LESS_THAN]]]');
+        const xmlChunks = [];
+        const htmlParser = new htmlparser.Parser({
+            ontext(text) {
+                xmlChunks.push(text);
+            },
+        });
+        htmlParser.write(patchedHTML);
+        htmlParser.end();
+        const converted = convertEncodedXmlIntoJson(xmlChunks.join(''));
+        let cleaned = {};
+        if (typeof converted.VulnDiscussion === 'object') { // Some STIGs have xml tags inside of the actual text which breaks processing, e.g U_ASD_STIG_V5R1_Manual-xccdf.xml and all Oracle Database STIGs
+            let extractedVulnDescription = '';
+            const remainingFields = lodash_1.default.omit(converted.VulnDiscussion, ['FalsePositives', 'FalseNegatives', 'Documentable', 'Mitigations', 'SeverityOverrideGuidance', 'PotentialImpacts', 'ThirdPartyTools', 'MitigationControl', 'Responsibility', 'IAControls']);
+            Object.entries(remainingFields).forEach(([field, value]) => {
+                extractedVulnDescription += `<${field}> ${value}`;
+            });
+            cleaned = {
+                VulnDiscussion: extractedVulnDescription.replace(/\[\[\[REPLACE_LESS_THAN]]]/, '"<"'),
+            };
+            Object.entries(converted.VulnDiscussion).forEach(([key, value]) => {
+                if (typeof value === 'string') {
+                    cleaned[key] = value.replace(/\[\[\[REPLACE_LESS_THAN]]]/, '"<"');
+                }
+                else {
+                    cleaned[key] = value;
+                }
+            });
+        }
+        else {
+            Object.entries(converted).forEach(([key, value]) => {
+                if (typeof value === 'string') {
+                    cleaned[key] = value.replace(/\[\[\[REPLACE_LESS_THAN]]]/, '"<"');
+                }
+                else {
+                    cleaned[key] = value;
+                }
+            });
+        }
+        return cleaned;
+    }
+    return {};
+}
+exports.convertEncodedHTMLIntoJson = convertEncodedHTMLIntoJson;