@mitre/inspec-objects 0.0.2 → 0.0.3

package/src/parsers/xccdf.ts

@@ -1,11 +1,10 @@
-import {data as CCINistMappings} from '@mitre/hdf-converters/lib/src/mappings/CciNistMappingData'
 import Profile from '../objects/profile';
-import { convertEncodedHTMLIntoJson, convertEncodedXmlIntoJson, impactNumberToSeverityString, severityStringToImpact } from '../utilities/xccdf';
+import { convertEncodedHTMLIntoJson, convertEncodedXmlIntoJson, impactNumberToSeverityString, removeXMLSpecialCharacters, severityStringToImpact } from '../utilities/xccdf';
 import { BenchmarkGroup, BenchmarkRule, DecodedDescription, FrontMatter, Notice, ParsedXCCDF, RationaleElement } from '../types/xccdf';
 import Control from '../objects/control';
 import _ from 'lodash';
 import { OvalDefinitionValue } from '../types/oval';
-import { CciNistMappingData } from '@mitre/hdf-converters';
+import {data as CciNistMappingData} from '../mappings/CciNistMappingData'
 
 export type GroupContextualizedRule = BenchmarkRule & {group: Omit<BenchmarkGroup, 'Rule' | 'Group'>}
 
@@ -27,7 +26,7 @@ export function extractAllRules(groups: BenchmarkGroup[]): GroupContextualizedRu
     return rules
 }
 
-export function processXCCDF(xml: string, ovalDefinitions?: Record<string, OvalDefinitionValue>): Profile {
+export function processXCCDF(xml: string, removeNewlines = false, ovalDefinitions?: Record<string, OvalDefinitionValue>): Profile {
     const parsedXML: ParsedXCCDF = convertEncodedXmlIntoJson(xml)
     const rules = extractAllRules(parsedXML.Benchmark[0].Group)
 
@@ -47,8 +46,16 @@ export function processXCCDF(xml: string, ovalDefinitions?: Record<string, OvalD
         const control = new Control();
 
         control.id = rule.group['@_id']
-        control.title = rule['@_severity'] ? rule.title : `[[[MISSING SEVERITY FROM STIG]]] ${rule.title}`
-        control.desc = typeof extractedDescription === 'string' ? extractedDescription :  extractedDescription.VulnDiscussion?.split('Satisfies: ')[0]
+        
+        if (removeNewlines) {
+            const title = removeXMLSpecialCharacters(rule['@_severity'] ? rule.title : `[[[MISSING SEVERITY FROM STIG]]] ${rule.title}`)
+            control.title = title.replace(/\n/g, '{{{{newlineHERE}}}}')
+            const desc = removeXMLSpecialCharacters(typeof extractedDescription === 'string' ? extractedDescription :  extractedDescription.VulnDiscussion?.split('Satisfies: ')[0] || 'Missing Description')
+            control.desc = desc?.replace(/\n/g, '{{{{newlineHERE}}}}')
+        } else {
+            control.title = removeXMLSpecialCharacters(rule['@_severity'] ? rule.title : `[[[MISSING SEVERITY FROM STIG]]] ${rule.title}`)
+            control.desc = removeXMLSpecialCharacters(typeof extractedDescription === 'string' ? extractedDescription :  extractedDescription.VulnDiscussion?.split('Satisfies: ')[0] || 'Missing Description')
+        }
         control.impact = severityStringToImpact(rule['@_severity'] || 'critical', rule.group['@_id'])
         
         if (!control.descs || Array.isArray(control.descs)) {
@@ -57,7 +64,13 @@ export function processXCCDF(xml: string, ovalDefinitions?: Record<string, OvalD
 
         if (rule.check) {
             if (rule.check.some((ruleValue) => 'check-content' in ruleValue)) {
-                control.descs.check = rule.check ? rule.check[0]['check-content'] : 'Missing description'
+                if (removeNewlines) {
+                    const check = removeXMLSpecialCharacters(rule.check ? rule.check[0]['check-content'] : 'Missing description')
+                    control.descs.check = check.replace(/\n/g, '{{{{newlineHERE}}}}')
+                } else {
+                    control.descs.check = removeXMLSpecialCharacters(rule.check ? rule.check[0]['check-content'] : 'Missing description')
+                }
+                
             } else if (rule.check.some((ruleValue) => 'check-content-ref' in ruleValue) && ovalDefinitions) {
                 let referenceID: string | null = null;
                 for (const checkContent of rule.check) {
@@ -70,23 +83,34 @@ export function processXCCDF(xml: string, ovalDefinitions?: Record<string, OvalD
                     }
                 }
                 if (referenceID && referenceID in ovalDefinitions) {
-                    control.descs.check = ovalDefinitions[referenceID].metadata[0].title
-                } else if (referenceID ) {
+                    if (removeNewlines) {
+                        const check = removeXMLSpecialCharacters(ovalDefinitions[referenceID].metadata[0].title)
+                        control.descs.check = check.replace(/\n/g, '{{{{newlineHERE}}}}')
+                    } else {
+                        control.descs.check = removeXMLSpecialCharacters(ovalDefinitions[referenceID].metadata[0].title)
+                    }
+                } else if (referenceID) {
                     console.warn(`Could not find OVAL definition for ${referenceID}`)
                 }
             }
         }
+    
+        if (removeNewlines) {
+            const fix = removeXMLSpecialCharacters(rule.fixtext ? rule.fixtext[0]['#text'] : (rule.fix ? (rule.fix[0] as Notice)['#text'] || 'Missing fix text' : 'Missing fix text'))
+            control.descs.fix = fix.replace(/\n/g, '{{{{newlineHERE}}}}')
+        } else {
+            control.descs.fix = removeXMLSpecialCharacters(rule.fixtext ? rule.fixtext[0]['#text'] : (rule.fix ? (rule.fix[0] as Notice)['#text'] || 'Missing fix text' : 'Missing fix text'))
+        }
         
-        control.descs.fix = rule.fixtext ? rule.fixtext[0]['#text'] : (rule.fix ? (rule.fix[0] as Notice)['#text'] || 'Missing fix text' : 'Missing fix text')
         control.tags.severity = impactNumberToSeverityString(severityStringToImpact(rule['@_severity'] || 'critical', control.id))
         control.tags.gid = rule.group['@_id'],
         control.tags.rid = rule['@_id']
         control.tags.stig_id = rule['version']
 
         if (typeof rule.group.title === "string") {
-            control.tags.gtitle = rule.group.title
+            control.tags.gtitle = removeXMLSpecialCharacters(rule.group.title)
         } else {
-            control.tags.gtitle = _.get(rule.group, 'title[0].#text')
+            control.tags.gtitle = removeXMLSpecialCharacters(_.get(rule.group, 'title[0].#text'))
         }
         
         if (rule['fix'] && rule['fix'].length > 0) {
@@ -116,7 +140,13 @@ export function processXCCDF(xml: string, ovalDefinitions?: Record<string, OvalD
             control.tags.ia_controls = extractedDescription.IAControls || undefined
         }
 
-        control.tags = _.omitBy(control.tags, (value) => value === undefined)
+        control.tags = _.mapValues(_.omitBy(control.tags, (value) => value === undefined), (value) => {
+            if (typeof value === 'string') {
+                return removeXMLSpecialCharacters(value)
+            } else {
+                return value
+            }
+        })
 
          // Get all identifiers from the rule
          if (rule.ident) {
@@ -207,8 +237,8 @@ export function processXCCDF(xml: string, ovalDefinitions?: Record<string, OvalD
                 if (!('nist' in control.tags)) {
                     control.tags.nist = []
                 }
-                if (cci in CciNistMappingData.data) {
-                    control.tags.nist?.push(_.get(CciNistMappingData.data, cci))
+                if (cci in CciNistMappingData) {
+                    control.tags.nist?.push(_.get(CciNistMappingData, cci))
                 }
             })
         }

package/src/utilities/diff.ts

@@ -2,10 +2,19 @@ import { diff } from 'json-diff';
 import Profile from '../objects/profile';
 import { ProfileDiff } from '../types/diff';
 import _ from 'lodash'
-import Control from '../objects/control';
 
-export function updateControl(originalControlString: string, originalControl: Control, updatedControl: Control) {
-    console.log('Here is the original control:');
+export function removeNewlines(control?: Record<string, unknown>): Record<string, unknown> {
+    if (!control) {
+        return {};
+    }
+    return _.mapValues(control, (value) => {
+        if (typeof value === 'string') {
+            return value.replace(/\n/g, '{{{{newlineHERE}}}}').trim();
+        } else if (typeof value === 'object' && value !== null) {
+            return removeNewlines(value as Record<string, unknown>);
+        }
+        return value;
+    });
 }
 
 export function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDiff {
@@ -42,8 +51,10 @@ export function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDi
         const toControl = toProfile.controls.find((control) => control.id === fromControl.id)
         if (toControl) {
             const controlDiff: Record<string, any> | undefined = diff(fromControl, toControl);
+            console.log(controlDiff)
             if (controlDiff) {
                 Object.entries(controlDiff).forEach(([key, value]) => {
+                    console.log(value)
                     if (_.has(value, '__new')) {
                         _.set(profileDiff, 'changedControls.'+fromControl.id +'.'+key.replace('.', '\\.'), _.get(controlDiff, key+'.__new'))
                     } else if (typeof value === 'object') {

package/src/utilities/xccdf.ts

@@ -16,6 +16,10 @@ export function convertEncodedXmlIntoJson(
     })
 }
 
+export function removeXMLSpecialCharacters(input: string): string {
+  return input.replace(/&amp;/gm, '&').replace(/&lt;/gm, '<').replace(/&gt;/gm, '>')
+}
+
 export function severityStringToImpact(string: string, id: string): number {
   if (string.match(/none|na|n\/a|not[\s()*_|]?applicable/i)?.length) {
     return 0.0

package/tsconfig.json

@@ -16,7 +16,7 @@
     "include": [
       "index.ts",
       "src/**/*",
-      "types/**/*.d.ts"
+      "types/*"
     ],
   }
   

package/error.log

@@ -1,12 +0,0 @@
-yarn run v1.22.19
-$ jest 2
-No tests found, exiting with code 1
-Run with `--passWithNoTests` to exit with code 0
-In /home/c/Documents/SAF/ts-inspec-objects
-  219 files checked.
-  testMatch: **/__tests__/**/*.[jt]s?(x), **/?(*.)+(spec|test).[tj]s?(x) - 4 matches
-  testPathIgnorePatterns: /node_modules/ - 219 matches
-  testRegex:  - 0 matches
-Pattern: 2 - 0 matches
-error Command failed with exit code 1.
-info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

package/types/ionchannelAnalysis.d.ts

@@ -1,238 +0,0 @@
-export type ContextualizedDependency = Dependency & {
-  parentDependencies: string[];
-};
-
-export type IonChannelAnalysisResponse = {
-  analysis: IonChannelAnalysis;
-};
-
-export type IonChannelAnalysis = {
-  id: string;
-  analysis_id: string;
-  team_id: string;
-  project_id: string;
-  name: string;
-  text: string;
-  type: string;
-  source: string;
-  branch: string;
-  description: string;
-  risk: string;
-  summary: string;
-  passed: boolean;
-  ruleset_id: string;
-  ruleset_name: string;
-  status: string;
-  created_at: Date;
-  updated_at: Date;
-  duration: number;
-  trigger_hash: string;
-  trigger_text: string;
-  trigger_author: string;
-  trigger: string;
-  scan_summaries: ScanSummary[];
-  public: boolean;
-};
-
-export type ScanSummary = {
-  id: string;
-  team_id: string;
-  project_id: string;
-  analysis_id: string;
-  summary: string;
-  results: Results;
-  created_at: Date;
-  updated_at: Date;
-  duration: number;
-  name: string;
-  description: string;
-};
-
-export type Results = {
-  type: string;
-  data: Data;
-};
-
-export type Data = {
-  vulnerabilities?: DataVulnerability[];
-  meta?: Meta;
-  dependencies?: Dependency[];
-  CSS?: number;
-  HTML?: number;
-  JavaScript?: number;
-  Vue?: number;
-  committers?: number;
-  name?: string;
-  url?: string;
-  committed_at?: Date;
-  old_names?: string[];
-  stars?: number;
-  name_changed?: boolean;
-  compilers?: null;
-  docker_file?: DockerFile;
-  known_viruses?: number;
-  engine_version?: string;
-  scanned_directories?: number;
-  scanned_files?: number;
-  infected_files?: number;
-  data_scanned?: string;
-  data_read?: string;
-  time?: string;
-  file_notes?: Record<string, unknown>;
-  clam_av_details?: ClamAVDetails;
-  license?: License;
-  checksum?: string;
-  difference?: boolean;
-  message?: string;
-  valid?: boolean;
-  content?: string;
-};
-
-export type ClamAVDetails = {
-  clamav_version: string;
-  clamav_db_version: string;
-};
-
-export type Dependency = {
-  latest_version: string;
-  org: string;
-  name: string;
-  type: string;
-  package: string;
-  version: string;
-  scope: Scope;
-  requirement: string;
-  file: File;
-  outdated_version: OutdatedVersion;
-  dependencies: Dependency[];
-};
-
-export enum File {
-  Empty = '',
-  PackageJSON = 'package.json'
-}
-
-export type OutdatedVersion = {
-  major_behind: number;
-  minor_behind: number;
-  patch_behind: number;
-};
-
-export enum Scope {
-  Runtime = 'runtime'
-}
-
-export type DockerFile = {
-  images: null;
-  dependencies: null;
-};
-
-export type License = {
-  name: string;
-  type: TypeElement[];
-};
-
-export type TypeElement = {
-  name: string;
-  confidence: number;
-};
-
-export type Meta = {
-  vulnerability_count?: number;
-  resolved_to?: string;
-  first_degree_count?: number;
-  no_version_count?: number;
-  total_unique_count?: number;
-  update_available_count?: number;
-  vulnerable_count?: number;
-};
-
-export type DataVulnerability = {
-  id: number;
-  external_id: string;
-  source_id: number;
-  title: string;
-  name: string;
-  org: string;
-  version: string;
-  up: string;
-  edition: string;
-  aliases: null;
-  created_at: Date;
-  updated_at: Date;
-  references: null;
-  part: string;
-  language: string;
-  vulnerabilities: VulnerabilityVulnerability[];
-  query: Dependency;
-};
-
-export type VulnerabilityVulnerability = {
-  id: number;
-  external_id: string;
-  source: Source[];
-  title: string;
-  summary: string;
-  score: string;
-  score_version?: string;
-  score_system: string;
-  score_details: ScoreDetails;
-  vector: string;
-  access_complexity: string;
-  vulnerability_authentication: string;
-  confidentiality_impact: string;
-  integrity_impact: string;
-  availability_impact: string;
-  vulnerabilty_source: string;
-  assessment_check: null;
-  scanner: null;
-  recommendation: string;
-  references: null;
-  modified_at: Date;
-  published_at: Date;
-  created_at: Date;
-  updated_at: Date;
-  mttr_seconds: null;
-  dependencies: null;
-};
-
-export type ScoreDetails = {
-  cvssv2?: Cvssv2;
-  cvssv3?: Cvssv3;
-};
-
-export type Cvssv2 = {
-  vectorString: string;
-  accessVector: string;
-  accessComplexity: string;
-  authentication: string;
-  confidentialityImpact: string;
-  integrityImpact: string;
-  availabilityImpact: string;
-  baseScore: number;
-};
-
-export type Cvssv3 = {
-  vectorString: string;
-  attackVector: string;
-  attackComplexity: string;
-  privilegesRequired: string;
-  userInteraction: string;
-  scope: string;
-  confidentialityImpact: string;
-  integrityImpact: string;
-  availabilityImpact: string;
-  baseScore: number;
-  baseSeverity: string;
-};
-
-export type Source = {
-  id: number;
-  name: string;
-  description: string;
-  created_at: Date;
-  updated_at: Date;
-  attribution: string;
-  license: string;
-  copyright_url: string;
-};

package/types/ionchannelProjects.d.ts

@@ -1,72 +0,0 @@
-export type Projects = {
-  data: Project[];
-  meta: Meta;
-};
-
-export type Project = {
-  id: string;
-  team_id: string;
-  name: string;
-  active: boolean;
-  draft: boolean;
-  chat_channel: string;
-  created_at: Date;
-  updated_at: Date;
-  deploy_key: string;
-  should_monitor: boolean;
-  monitor_frequency: string;
-  poc_name: string;
-  poc_email: string;
-  username: string;
-  password: string;
-  key_fingerprint: string;
-  private: boolean;
-  aliases: null;
-  tags: null;
-  ruleset_history: null;
-  sbom_id: string;
-  sbom_entry_id: string;
-  cpe: string;
-  purl: string;
-  ruleset_name: string;
-  analysis_summary: AnalysisSummary;
-  status: Status;
-};
-
-export type AnalysisSummary = {
-  id: string;
-  analysis_id: string;
-  team_id: string;
-  project_id: string;
-  name: string;
-  text: null;
-  type: string;
-  source: string;
-  branch: string;
-  description: string;
-  risk: string;
-  summary: string;
-  passed: boolean;
-  ruleset_id: string;
-  ruleset_name: string;
-  status: string;
-  created_at: Date;
-  updated_at: Date;
-  duration: number;
-  trigger_hash: string;
-  trigger_text: string;
-  trigger_author: string;
-  trigger: string;
-};
-
-export enum Status {
-  Errored = 'errored',
-  Failing = 'failing',
-  Passing = 'passing'
-}
-
-export type Meta = {
-  total_count: number;
-  limit: number;
-  offset: number;
-};

package/types/ionchannelTeams.d.ts

@@ -1,26 +0,0 @@
-export type IonChannelTeams = {
-  data: Team[];
-  meta: Meta;
-};
-
-export type Team = {
-  id: string;
-  created_at: Date;
-  updated_at: Date;
-  deleted_at: Date;
-  name: string;
-  delivering: boolean;
-  sys_admin: boolean;
-  poc_name: string;
-  poc_email: string;
-  default_deploy_key: string;
-  organization_id: string;
-  user_id: string;
-  role: string;
-  status: string;
-};
-
-export type Meta = {
-  total_count: number;
-  offset: number;
-};

package/types/reverseMappedXCCDF.d.ts

@@ -1,67 +0,0 @@
-export type MappedXCCDFtoHDF = {
-  Benchmark: Benchmark;
-};
-
-export type Benchmark = {
-  id: string;
-  date: string;
-  title: string;
-  Profile: Profile[];
-  Rule: Rule[];
-  metadata: MetaData;
-  passthrough: string;
-  version: string;
-  TestResult: {
-    endTime: string;
-    hasAttributes: boolean;
-    // Any as defined by InSpec Inputs, matching InSpecJS
-    attributes: {[key: string]: any}[];
-    results: TestResult[];
-  };
-};
-
-export type Profile = {
-  id: string;
-  title: string;
-  description: string;
-  select: string[];
-};
-
-export type Rule = {
-  groupId?: string;
-  id: string;
-  title?: string;
-  description?: string;
-  code?: string;
-  warning?: string;
-  rationale?: string;
-  checkContent?: string;
-  fix?: string;
-  ccis: string[];
-};
-
-export type MetaData = {
-  maintainer?: string;
-  copyright?: string;
-};
-
-export type XCCDFSeverity = 'info' | 'low' | 'medium' | 'high';
-
-export type TestResultStatus =
-  | 'pass'
-  | 'fail'
-  | 'error'
-  | 'unknown'
-  | 'notapplicable'
-  | 'notchecked'
-  | 'notselected'
-  | 'informational'
-  | 'fixed';
-
-export type TestResult = {
-  idref: string;
-  result: TestResultStatus;
-  messageType: string;
-  message: string;
-  code: string;
-};

package/types/splunk-sdk-no-env/index.d.ts

@@ -1,88 +0,0 @@
-declare module '@mitre/splunk-sdk-no-env' {
-    export type SplunkConfig = {
-      scheme: string;
-      host: string;
-      port?: number;
-      username?: string;
-      password?: string;
-      index: string;
-      owner?: string;
-      app?: string;
-      sessionKey?: string;
-      autologin?: boolean;
-      version?: string;
-      insecure?: boolean;
-    };
-
-    export type jobTrackCallbacks = {
-      done?: (job: Job) => void;
-      ready?: (job: Job) => void;
-      progress?: (job: Job) => void;
-      failed?: (job: Job) => void;
-      error?: (err: any) => void;
-    };
-
-    class Http {
-      constructor();
-    }
-
-    class Logger {
-      error(message: any): void;
-    }
-
-    class Indexs {
-      fetch(callback: (error: any, success: any, indexes: Index[]) => void): void;
-    }
-
-    class Index {
-      name: string;
-
-      submitEvent(
-        event: string,
-        config: {sourcetype: string; index: string},
-        callback: (error: any) => void
-      ): void;
-    }
-
-    class Jobs {
-      fetch(callback: (error: any, success: any, jobs: Job[]) => void): void;
-
-      create(
-        query: string,
-        params: unknown,
-        callback: (error: any, createdJob: Job) => void
-      ): void;
-    }
-
-    class Job {
-      track(
-        options: {period?: number},
-        callbacks: jobTrackCallbacks | ((readyStatus: any) => void)
-      ): void;
-
-      results(
-        params: {count: number},
-        callback: (
-          err: any,
-          results: {fields: string[]; rows: string[]},
-          job: Job
-        ) => void
-      ): void;
-    }
-
-    class Service {
-      constructor(config: SplunkConfig);
-      constructor(httpInstance: any, config: SplunkConfig);
-
-      login(callback: (error: any, success: any) => void): boolean;
-      indexes(): Indexs;
-      jobs(): Jobs;
-
-      requestOptions: {
-        strictSSL: boolean;
-      };
-    }
-  }
-
-  declare module '@mitre/splunk-sdk-no-env/lib/platform/client/jquery_http';
-