npm - @mitre/inspec-objects - Versions diffs - 0.0.16 → 0.0.17 - Mend

@mitre/inspec-objects 0.0.16 → 0.0.17

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/lib/index.d.ts +7 -6
package/lib/index.js +1 -0
package/lib/parsers/oval.d.ts +1 -1
package/lib/parsers/oval.js +3 -0
package/lib/parsers/xccdf.js +29 -4
package/lib/utilities/diffMarkdown.d.ts +1 -2
package/lib/utilities/diffMarkdown.js +1 -1
package/lib/utilities/update.d.ts +1 -1
package/lib/utilities/update.js +2 -5
package/package-lock.json +2 -2
package/package.json +1 -1

package/lib/index.d.ts CHANGED Viewed

@@ -1,6 +1,7 @@
-export * from './objects/control';
-export * from './objects/profile';
-export * from './parsers/json';
-export * from './parsers/xccdf';
-export * from './utilities/diff';
-export * from './utilities/update';
+export * from "./objects/control";
+export * from "./objects/profile";
+export * from "./parsers/json";
+export * from "./parsers/oval";
+export * from "./parsers/xccdf";
+export * from "./utilities/diff";
+export * from "./utilities/update";

package/lib/index.js CHANGED Viewed

@@ -4,6 +4,7 @@ const tslib_1 = require("tslib");
 tslib_1.__exportStar(require("./objects/control"), exports);
 tslib_1.__exportStar(require("./objects/profile"), exports);
 tslib_1.__exportStar(require("./parsers/json"), exports);
+tslib_1.__exportStar(require("./parsers/oval"), exports);
 tslib_1.__exportStar(require("./parsers/xccdf"), exports);
 tslib_1.__exportStar(require("./utilities/diff"), exports);
 tslib_1.__exportStar(require("./utilities/update"), exports);

package/lib/parsers/oval.d.ts CHANGED Viewed

@@ -1,2 +1,2 @@
 import { OvalDefinitionValue } from '../types/oval';
-export declare function processOVAL(oval: string): Record<string, OvalDefinitionValue>;
+export declare function processOVAL(oval?: string): Record<string, OvalDefinitionValue> | undefined;

package/lib/parsers/oval.js CHANGED Viewed

@@ -3,6 +3,9 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.processOVAL = void 0;
 const xccdf_1 = require("../utilities/xccdf");
 function processOVAL(oval) {
+    if (!oval) {
+        return undefined;
+    }
     const parsed = (0, xccdf_1.convertEncodedXmlIntoJson)(oval);
     const extractedDefinitions = {};
     for (const ovalDefinitions of parsed.oval_definitions) {

package/lib/parsers/xccdf.js CHANGED Viewed

@@ -62,14 +62,21 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
                 control.id = rule.version;
                 break;
             case 'cis':
-                //
-                control.id = 'CIS-PLACEHOLDER';
+                const controlIdRegex = /\d(\d?)(\d?)(\d?)(.\d(\d?)(\d?)(\d?))?(.\d(\d?)(\d?)(\d?))?(.\d(\d?)(\d?)(\d?))?(.\d(\d?)(\d?)(\d?))?/g;
+                const controlIdMatch = controlIdRegex.exec(rule['@_id']);
+                if (controlIdMatch) {
+                    control.id = controlIdMatch[0];
+                }
+                else {
+                    throw new Error(`Could not parse control ID from rule ID: ${rule['@_id']}. Expecting format: 'xccdf_org.cisecurity.benchmarks_rule_1.1.11_Rule_title_summary`);
+                }
                 break;
             default:
                 throw new Error('useRuleId must be one of "group", "rule", or "version"');
         }
         control.title = (0, xccdf_1.removeXMLSpecialCharacters)(rule['@_severity'] ? ensureDecodedXMLStringValue(rule.title) : `[[[MISSING SEVERITY FROM STIG]]] ${ensureDecodedXMLStringValue(rule.title)}`);
-        control.desc = (0, xccdf_1.removeXMLSpecialCharacters)(typeof extractedDescription === 'string' ? extractedDescription : ((_a = extractedDescription.VulnDiscussion) === null || _a === void 0 ? void 0 : _a.split('Satisfies: ')[0]) || 'Missing Description');
+        const descriptionText = (typeof extractedDescription === 'object' && !Array.isArray(extractedDescription)) ? ((_a = extractedDescription.VulnDiscussion) === null || _a === void 0 ? void 0 : _a.split('Satisfies: ')[0]) || 'Missing Description' : '';
+        control.desc = (0, xccdf_1.removeXMLSpecialCharacters)(descriptionText);
         control.impact = (0, xccdf_1.severityStringToImpact)(rule['@_severity'] || 'medium', rule.group['@_id']);
         if (!control.descs || Array.isArray(control.descs)) {
             control.descs = {};
@@ -98,7 +105,25 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
                 }
             }
         }
-        control.descs.fix = (0, xccdf_1.removeXMLSpecialCharacters)(rule.fixtext ? rule.fixtext[0]['#text'] : (rule.fix ? rule.fix[0]['#text'] || 'Missing fix text' : 'Missing fix text'));
+        if (lodash_1.default.get(rule.fixtext, '[0]["#text"]')) {
+            control.descs.fix = (0, xccdf_1.removeXMLSpecialCharacters)(rule.fixtext[0]['#text']);
+        }
+        else if (typeof rule.fixtext === 'string') {
+            control.descs.fix = (0, xccdf_1.removeXMLSpecialCharacters)(rule.fixtext);
+        }
+        else if (typeof rule.fixtext === 'object') {
+            if (Array.isArray(rule.fixtext)) {
+                control.descs.fix = (0, xccdf_1.removeXMLSpecialCharacters)(JSON.stringify(rule.fixtext));
+            }
+        }
+        else if (typeof rule.fixtext === 'undefined') {
+            if (rule.fix && rule.fix[0]) {
+                control.descs.fix = (0, xccdf_1.removeXMLSpecialCharacters)(rule.fix[0]['#text'] || 'Missing fix text');
+            }
+        }
+        else {
+            control.descs.fix = 'Missing fix text';
+        }
         control.tags.severity = (0, xccdf_1.impactNumberToSeverityString)((0, xccdf_1.severityStringToImpact)(rule['@_severity'] || 'critical', control.id || 'Unknown'));
         control.tags.gid = rule.group['@_id'],
             control.tags.rid = rule['@_id'];

package/lib/utilities/diffMarkdown.d.ts CHANGED Viewed

@@ -1,6 +1,5 @@
 import { ProfileDiff } from "../types/diff";
-import Profile from "../objects/profile";
 export declare function createDiffMarkdown(diff: {
     simplified: ProfileDiff;
     originalDiff: any;
-}, updatedProfile: Profile): string;
+}): string;

package/lib/utilities/diffMarkdown.js CHANGED Viewed

@@ -9,7 +9,7 @@ function getUpdatedCheckForId(id, profile) {
     const foundControl = profile.controls.find((control) => control.id === id);
     return lodash_1.default.get(foundControl === null || foundControl === void 0 ? void 0 : foundControl.descs, "check") || "Missing check";
 }
-function createDiffMarkdown(diff, updatedProfile) {
+function createDiffMarkdown(diff) {
     const renderableDiffData = {
         addedControls: Object.values(diff.simplified.addedControls),
         hasRenamedControls: false,

package/lib/utilities/update.d.ts CHANGED Viewed

@@ -14,4 +14,4 @@ export declare type UpdatedProfileReturn = {
 export declare function findUpdatedControlByAllIdentifiers(existingControl: Control, updatedControls: Control[]): Control | undefined;
 export declare function updateControl(from: Control, update: Partial<Control>, logger: winston.Logger): Control;
 export declare function updateProfile(from: Profile, using: Profile, logger: winston.Logger): Omit<UpdatedProfileReturn, 'markdown'>;
-export declare function updateProfileUsingXCCDF(from: Profile, using: string, id: 'group' | 'rule' | 'version', logger: winston.Logger, ovalDefinitions?: Record<string, OvalDefinitionValue>): UpdatedProfileReturn;
+export declare function updateProfileUsingXCCDF(from: Profile, using: string, id: 'group' | 'rule' | 'version' | 'cis', logger: winston.Logger, ovalDefinitions?: Record<string, OvalDefinitionValue>): UpdatedProfileReturn;

package/lib/utilities/update.js CHANGED Viewed

@@ -134,17 +134,14 @@ function updateProfileUsingXCCDF(from, using, id, logger, ovalDefinitions) {
     logger.debug(`Updating profile ${from.name} with control IDs: ${id}`);
     // Parse the XCCDF benchmark and convert it into a Profile
     logger.debug('Loading XCCDF File');
-    const xccdfProfile = (0, xccdf_1.processXCCDF)(using, false, id);
+    const xccdfProfile = (0, xccdf_1.processXCCDF)(using, false, id, ovalDefinitions);
     logger.debug('Loaded XCCDF File');
-    logger.debug('Loading XCCDF File with newline replacements');
-    const xccdfProfileWithNLReplacement = (0, xccdf_1.processXCCDF)(using, true, id);
-    logger.debug('Loaded XCCDF File with newline replacements');
     // Update the profile and return
     logger.debug('Creating updated profile');
     const updatedProfile = updateProfile(from, xccdfProfile, logger);
     logger.debug('Creating diff markdown');
     // Create the markdown
-    const markdown = (0, diffMarkdown_1.createDiffMarkdown)(updatedProfile.diff, xccdfProfileWithNLReplacement);
+    const markdown = (0, diffMarkdown_1.createDiffMarkdown)(updatedProfile.diff);
     logger.debug('Profile update complete');
     return {
         profile: updatedProfile.profile,

package/package-lock.json CHANGED Viewed

@@ -1,12 +1,12 @@
 {
   "name": "@mitre/inspec-objects",
-  "version": "0.0.16",
+  "version": "0.0.17",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "@mitre/inspec-objects",
-      "version": "0.0.16",
+      "version": "0.0.17",
       "license": "Apache-2.0",
       "dependencies": {
         "@types/flat": "^5.0.2",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@mitre/inspec-objects",
-  "version": "0.0.16",
+  "version": "0.0.17",
   "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks",
   "main": "lib/index.js",
   "publishConfig": {