npm - @mitre/inspec-objects - Versions diffs - 0.0.3 → 0.0.4 - Mend

@mitre/inspec-objects 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

package/lib/parsers/xccdf.js +1 -1
package/mitre-inspec-objects-v0.0.1.tgz +0 -0
package/mitre-inspec-objects-v0.0.3.tgz +0 -0
package/package.json +1 -1
package/lib/utilities/CciNistMappingData.d.ts +0 -5100
package/lib/utilities/CciNistMappingData.js +0 -5103
package/src/index.ts +0 -5
package/src/mappings/CciNistMappingData.ts +0 -5100
package/src/objects/control.ts +0 -148
package/src/objects/profile.ts +0 -93
package/src/parsers/json.ts +0 -92
package/src/parsers/oval.ts +0 -18
package/src/parsers/xccdf.ts +0 -252
package/src/types/diff.d.ts +0 -9
package/src/types/oval.d.ts +0 -609
package/src/types/xccdf.d.ts +0 -883
package/src/utilities/diff.ts +0 -71
package/src/utilities/global.ts +0 -52
package/src/utilities/xccdf.ts +0 -119

package/src/utilities/diff.ts DELETED Viewed

@@ -1,71 +0,0 @@
-import { diff } from 'json-diff';
-import Profile from '../objects/profile';
-import { ProfileDiff } from '../types/diff';
-import _ from 'lodash'
-export function removeNewlines(control?: Record<string, unknown>): Record<string, unknown> {
-    if (!control) {
-        return {};
-    }
-    return _.mapValues(control, (value) => {
-        if (typeof value === 'string') {
-            return value.replace(/\n/g, '{{{{newlineHERE}}}}').trim();
-        } else if (typeof value === 'object' && value !== null) {
-            return removeNewlines(value as Record<string, unknown>);
-        }
-        return value;
-    });
-}
-export function diffProfile(fromProfile: Profile, toProfile: Profile): ProfileDiff {
-    const profileDiff: ProfileDiff = {
-        addedControlIDs: [],
-        removedControlIDs: [],
-        changedControls: {}
-    };
-    const fromControlIDs = fromProfile.controls.map((control) => control.id).sort();
-    const toControlIDs = toProfile.controls.map((control) => control.id).sort();
-    // Find new controls
-    const controlIDDiff: string[][] | undefined = diff(fromControlIDs, toControlIDs)
-    controlIDDiff?.forEach((diffValue) => {
-        if (diffValue[0] === '-') {
-            profileDiff.removedControlIDs.push(diffValue[1])
-        } else if (diffValue[0] === '+') {
-            profileDiff.addedControlIDs.push(diffValue[1])
-        }
-    })
-    // Add new controls to changedControls
-    profileDiff.addedControlIDs.forEach((addedControl) => {
-        const newControl = toProfile.controls.find((control) => addedControl === control.id)
-        if (newControl) {
-            profileDiff.changedControls[addedControl] = newControl
-        }
-    })
-    // Find changed controls
-    for (const fromControl of fromProfile.controls) {
-        const toControl = toProfile.controls.find((control) => control.id === fromControl.id)
-        if (toControl) {
-            const controlDiff: Record<string, any> | undefined = diff(fromControl, toControl);
-            console.log(controlDiff)
-            if (controlDiff) {
-                Object.entries(controlDiff).forEach(([key, value]) => {
-                    console.log(value)
-                    if (_.has(value, '__new')) {
-                        _.set(profileDiff, 'changedControls.'+fromControl.id +'.'+key.replace('.', '\\.'), _.get(controlDiff, key+'.__new'))
-                    } else if (typeof value === 'object') {
-                        Object.entries(value).forEach(([subKey]) => {
-                            _.set(profileDiff, 'changedControls.'+fromControl.id +'.'+key.replace('.', '\\.')+'.'+subKey.replace('.', '\\.'), _.get(controlDiff, key+'.'+subKey+'.__new'))
-                        })
-                    }
-                })
-            }
-        }
-    }
-    return profileDiff
-}

package/src/utilities/global.ts DELETED Viewed

@@ -1,52 +0,0 @@
-import _ from "lodash";
-// Breaks lines down to lineLength number of characters
-export function wrap(s: string, lineLength = 80): string {
-  return s.replace(
-    new RegExp(`(?![^\n]{1,${lineLength}}$)([^\n]{1,${lineLength}})`, "g"),
-    "$1\n"
-  );
-}
-export function unformatText(s: string): string {
-  return s.replace(/\n/g, ' ').replace(/\\n/g, ' ').replace(/( +|\t)/g, ' ')
-}
-const escapeQuotes = (s: string) =>
-  s.replace(/\\/g, "\\\\").replace(/'/g, "\\'"); // Escape backslashes and quotes
-const escapeDoubleQuotes = (s: string) =>
-  s.replace(/\\/g, "\\\\").replace(/"/g, '\\"'); // Escape backslashes and double quotes
-const wrapAndEscapeQuotes = (s: string, lineLength?: number) =>
-  escapeDoubleQuotes(wrap(s, lineLength)); // Escape backslashes and quotes, and wrap long lines
-export { escapeQuotes, escapeDoubleQuotes, wrapAndEscapeQuotes };
-export function getFirstPath(
-  object: Record<string, unknown>,
-  paths: string[]
-): string {
-  const index = _.findIndex(paths, (p) => hasPath(object, p));
-  if (index === -1) {
-    throw new Error(
-      `Attestation is missing one of these paths: ${paths.join(', ')}`
-    );
-  } else {
-    return _.get(object, paths[index]) as string;
-  }
-}
-export function hasPath(
-  file: Record<string, unknown>,
-  path: string | string[]
-): boolean {
-  let pathArray;
-  if (typeof path === 'string') {
-    pathArray = [path];
-  } else {
-    pathArray = path;
-  }
-  return _.some(pathArray, (p) => _.has(file, p));
-}

package/src/utilities/xccdf.ts DELETED Viewed

@@ -1,119 +0,0 @@
-import parser from 'fast-xml-parser'
-import * as htmlparser from 'htmlparser2'
-import _ from 'lodash'
-import { DecodedDescription } from '../types/xccdf'
-import fs from 'fs'
-import { randomUUID } from 'crypto'
-export function convertEncodedXmlIntoJson(
-    encodedXml: string
-  ): any {
-    return parser.parse(encodedXml, {
-      ignoreAttributes: false,
-      ignoreNameSpace: true,
-      attributeNamePrefix: '@_',
-      arrayMode: true
-    })
-}
-export function removeXMLSpecialCharacters(input: string): string {
-  return input.replace(/&amp;/gm, '&').replace(/&lt;/gm, '<').replace(/&gt;/gm, '>')
-}
-export function severityStringToImpact(string: string, id: string): number {
-  if (string.match(/none|na|n\/a|not[\s()*_|]?applicable/i)?.length) {
-    return 0.0
-  }
-  if (string.match(/low|cat(egory)?\s*(iii|3)/i)?.length) {
-    return 0.3
-  }
-  if (string.match(/med(ium)?|cat(egory)?\s*(ii|2)/)?.length) {
-    return 0.5
-  }
-  if (string.match(/high|cat(egory)?\s*(i|1)/)?.length) {
-    return 0.7
-  }
-  if (string.match(/crit(ical)?|severe/)?.length) {
-    return 1.0
-  }
-  console.log(`${string} is not a valid severity value. It should be one of the approved keywords. ${id} will be treated as medium severity`)
-  return 0.5;
-}
-export function impactNumberToSeverityString(impact: number): string {
-  // Impact must be 0.0 - 1.0
-  if (impact < 0.0 || impact > 1.0) {
-    throw new Error('Impact cannot be less than 0.0 or greater than 1.0')
-  } else {
-    if (impact >= 0.9) {
-      return 'critical'
-    }
-    if (impact >= 0.7) {
-      return 'high'
-    }
-    if (impact >= 0.4) {
-      return 'medium'
-    }
-    if (impact >= 0.1) {
-      return 'low'
-    }
-    return 'none'
-  }
-}
-export function convertEncodedHTMLIntoJson(encodedHTML?: string): DecodedDescription {
-  if (encodedHTML) {
-    // Some STIGs regarding XSS put the < character inside of the description which breaks parsing
-    const patchedHTML = encodedHTML.replace(/"&lt;"/g, '[[[REPLACE_LESS_THAN]]]')
-    const xmlChunks: string[] = []
-    const htmlParser = new htmlparser.Parser({
-      ontext(text: string) {
-        xmlChunks.push(text)
-      },
-    })
-    htmlParser.write(patchedHTML)
-    htmlParser.end()
-    const converted = convertEncodedXmlIntoJson(xmlChunks.join(''))
-    let cleaned: Record<string, string | boolean | undefined> = {}
-    if (typeof converted.VulnDiscussion === 'object') { // Some STIGs have xml tags inside of the actual text which breaks processing, e.g U_ASD_STIG_V5R1_Manual-xccdf.xml and all Oracle Database STIGs
-      let extractedVulnDescription = ''
-      const remainingFields = _.omit(converted.VulnDiscussion, ['FalsePositives', 'FalseNegatives', 'Documentable', 'Mitigations', 'SeverityOverrideGuidance', 'PotentialImpacts', 'ThirdPartyTools', 'MitigationControl', 'Responsibility', 'IAControls'])
-      Object.entries(remainingFields).forEach(([field, value]) => {
-        extractedVulnDescription += `<${field}> ${value}`
-      })
-      cleaned = {
-        VulnDiscussion: extractedVulnDescription.replace(/\[\[\[REPLACE_LESS_THAN]]]/, '"<"'),
-      }
-      Object.entries(converted.VulnDiscussion).forEach(([key, value]) => {
-        if (typeof value === 'string') {
-          cleaned[key] = value.replace(/\[\[\[REPLACE_LESS_THAN]]]/, '"<"')
-        } else {
-          cleaned[key] = (value as boolean)
-        }
-      })
-    } else {
-      Object.entries(converted).forEach(([key, value]) => {
-        if (typeof value === 'string') {
-          cleaned[key] = value.replace(/\[\[\[REPLACE_LESS_THAN]]]/, '"<"')
-        } else {
-          cleaned[key] = (value as boolean)
-        }
-      })
-    }
-    return cleaned
-  }
-  return {}
-}