@mitre/inspec-objects 0.0.31 → 0.0.32

package/.eslintignore

@@ -0,0 +1,2 @@
+node_modules
+lib

package/.eslintrc

@@ -0,0 +1,41 @@
+{
+    "rules": {
+      "@typescript-eslint/no-unused-vars": "warn",
+      "@typescript-eslint/no-explicit-any": "off",
+      "unicorn/filename-case": "off",
+      "unicorn/prefer-node-protocol": "off",
+      "unicorn/numeric-separators-style": "off",
+      "unicorn/no-hex-escape": "off",
+      "unicorn/better-regex": "off",
+      "unicorn/no-zero-fractions": "off",
+      "unicorn/no-array-for-each": "off",
+      "unicorn/explicit-length-check": "off",
+      "unicorn/no-process-exit": "off",
+      "no-process-exit": "off",
+      "no-await-in-loop": "off",
+      "no-control-regex": "off",
+      "max-nested-callbacks": "off",
+      "unicorn/prefer-json-parse-buffer": "off",
+      "camelcase": "off", // Camel case fields are used in CKL
+      "no-console": "off",
+      "node/no-missing-import": "off",
+      "complexity": "off",
+      "no-constant-condition": "off",
+      "keyword-spacing": 2,
+      "space-before-blocks":"warn",
+      "space-in-parens": 2,
+      "indent": ["error", 2, { "SwitchCase": 1 }],
+      "quotes": [2, "single", { "avoidEscape": true }],
+      "object-curly-spacing": [2, "never"]
+    },
+    "root": true,
+    "parser": "@typescript-eslint/parser",
+    "plugins": [
+      "@typescript-eslint"
+    ],
+    "extends": [
+      "eslint:recommended",
+      "plugin:@typescript-eslint/eslint-recommended",
+      "plugin:@typescript-eslint/recommended"
+    ]    
+  }

package/.github/workflows/e2e-test.yml

@@ -4,35 +4,22 @@ on:
   push:
     branches: [ main ]
   pull_request:
-    branches: [ main ]
 
 jobs:
   build:
     runs-on: ubuntu-20.04
 
     steps:
-     - uses: actions/checkout@v2
-
-     - name: Cache node modules
-       uses: actions/cache@v2
-       env:
-         cache-name: cache-node-modules
-       with:
-         # npm cache files are stored in `~/.npm` on Linux/macOS
-         path: ~/.npm
-         key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/yarn.lock') }}
-         restore-keys: |
-           ${{ runner.os }}-build-${{ env.cache-name }}-
-           ${{ runner.os }}-build-
-           ${{ runner.os }}-
+     - uses: actions/checkout@v3
 
      - name: Setup Node.js
-       uses: actions/setup-node@v1
+       uses: actions/setup-node@v3
        with:
-        node-version: '16.x'
+        node-version: 18
+        cache: 'npm'
 
      - name: Install dependencies
-       run: npm install
+       run: npm ci
 
      - name: Run e2e tests
-       run: yarn test
+       run: npm test

package/.github/workflows/linter.yml

@@ -0,0 +1,27 @@
+
+name: Lint TS-InSpec-Objects
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-20.04
+
+    steps:
+     - name: Checkout code
+       uses: actions/checkout@v3
+
+     - name: Setup Node.js
+       uses: actions/setup-node@v3
+       with:
+        node-version: 18
+        cache: 'npm'
+
+     - name: Install project dependencies
+       run: npm ci
+
+     - name: Run lint
+       run: npm run lint:ci

package/.github/workflows/push-to-gpr.yml

@@ -0,0 +1,36 @@
+name: Build and Release NPM to GPR (GitHub Package Registry)
+on:
+  release:
+    types: [published]
+  workflow_dispatch:
+
+jobs:
+  build-deploy:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Setup node
+        uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          registry-url: https://npm.pkg.github.com/
+          scope: '@mitre'
+
+      - name: Build the NPM Package
+        run: |
+          npm install
+          npm run build
+      - name: Pack all items that are published
+        run: npm pack
+      # Setup .npmrc file to publish to GitHub Package Registry
+      - uses: actions/setup-node@v1
+        with:
+          registry-url: 'https://npm.pkg.github.com'
+          scope: '@mitre'
+
+      # Publish inspec-objects to GitHub Package Registry
+      - name: Publish inspec-objects to GPR
+        run: npm publish mitre-inspec-objects-*.tgz
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

package/.github/workflows/push-to-npm.yml

@@ -2,17 +2,18 @@ name: Push @mitre/inspec-objects to NPM
 on:
   release:
     types: [published]
+  workflow_dispatch:
 
 jobs:
   build-deploy:
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@master
+      - uses: actions/checkout@v3
 
       - name: setup node
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
-          node-version: "16.x"
+          node-version: 18
           registry-url: 'https://registry.npmjs.org'
 
       - name: Install project dependencies
@@ -27,7 +28,7 @@ jobs:
       - name: Pack all items that are published as packages
         run: npm pack
 
-      - name: Publish SAF CLI to NPM
+      - name: Publish inspec-objects to NPM
         run: npm publish --access public mitre-inspec-objects-*.tgz
         env:
-          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}

package/README.md

@@ -1,6 +1,54 @@
 # ts-inspec-objects
 Typescript objects for InSpec profiles
 
+This repository contains the source code that facilitates the writing of InSpec profiles (for use in things like stub generation and delta comparisons) more consistent with `Chef Cookstyle` formatting for ease of use when comparing with new changes from delta and when generating InSpec stubs that match a standard format. 
+
+For more information about Chef Cookstyle see: 
+ - [chef/cookstyle on GitHub](https://github.com/chef/cookstyle)
+ - [Chef Cookstyle on Chef documents page](https://docs.chef.io/workstation/cookstyle/)
+
+## How to Use
+The process code maintained in this repository generates a `npm` executable that is published to the `npm registry` as [mitre-inspec-objects](https://www.npmjs.com/package/@mitre/inspec-objects).
+
+To use the `mitre-inspec-objects` npm package, simply add the package as a dependency to your project application using the npm install command:
+```
+npm install mitre-inspec-objects
+```
+The package is a CommonJS-based npm written in TypeScript 
+
+## Parsing Process
+
+When using this library to parse `InSpec profiles` or `xccdf files` for the purposes of generating InSpec profiles, the general workflow is as follows:
+```
+  - The input is processed, read into a typescript object
+  - Operated on with any required action / logic
+  - Then written into an InSpec profile as output. 
+```
+This means that we can not simply write out in the same format we got in. Instead, we have to make choices about formatting for how to write out content.
+
+Here are some formatting choices that are being made.
+
+1. String quotation
+
+      | The string contains | Use	|
+      |--------	|--------------------	|
+      | single (') and double (") quotes| percent string syntax - %q() |
+      | single (') quotes | double (") quotes |
+      | other | single (') quotes	|
+
+2. Tag keywords are not quoted (ex: tag severity: 'medium')
+3. Each control file ends with a newline
+
+### Workflow graphical representation
+<div align="center">
+  <img src="images/ts-inspec-objects.jpg" alt="Typescript Objects Generation Process" title="Typescript Objects Generation Process">
+</div>
+
+### Delta and Stub Process
+<div align="center">
+  <img src="images/Delta_Process.jpg" alt="Delta and Stub Generation Process" title="Delta and Stub Generation Process">
+</div>
+
 ### NOTICE
 
 © 2018-2022 The MITRE Corporation.

package/lib/index.d.ts

@@ -1,7 +1,7 @@
-export * from "./objects/control";
-export * from "./objects/profile";
-export * from "./parsers/json";
-export * from "./parsers/oval";
-export * from "./parsers/xccdf";
-export * from "./utilities/diff";
-export * from "./utilities/update";
+export * from './objects/control';
+export * from './objects/profile';
+export * from './parsers/json';
+export * from './parsers/oval';
+export * from './parsers/xccdf';
+export * from './utilities/diff';
+export * from './utilities/update';

package/lib/objects/control.d.ts

@@ -1,4 +1,4 @@
-import { ExecJSON } from "inspecjs";
+import { ExecJSON } from 'inspecjs';
 export declare function objectifyDescriptions(descs: ExecJSON.ControlDescription[] | {
     [key: string]: string | undefined;
 } | null | undefined): {
@@ -49,5 +49,5 @@ export default class Control {
     };
     constructor(data?: Partial<Control>);
     toUnformattedObject(): Control;
-    toRuby(lineLength?: number): string;
+    toRuby(): string;
 }

package/lib/objects/control.js

@@ -36,25 +36,36 @@ class Control {
         });
         return new Control((0, flat_1.unflatten)(flattened));
     }
-    toRuby(lineLength = 80) {
-        let result = "# encoding: UTF-8\n\n";
-        result += `control "${this.id}" do\n`;
+    toRuby() {
+        let result = '';
+        result += `control '${this.id}' do\n`;
         if (this.title) {
-            result += `  title "${(0, global_1.escapeDoubleQuotes)((0, global_1.removeNewlinePlaceholders)(this.title))}"\n`;
+            result += `  title ${(0, global_1.escapeQuotes)(this.title)}\n`;
         }
         else {
             console.error(`${this.id} does not have a title`);
         }
+        // This is the known 'default' description - on previous version this content was repeated on descriptions processed by "descs"
         if (this.desc) {
-            result += `  desc "${(0, global_1.escapeDoubleQuotes)((0, global_1.removeNewlinePlaceholders)(this.desc))}"\n`;
+            result += `  desc ${(0, global_1.escapeQuotes)(this.desc)}\n`;
         }
         else {
             console.error(`${this.id} does not have a desc`);
         }
         if (this.descs) {
-            Object.entries(this.descs).forEach(([key, desc]) => {
-                if (desc) {
-                    result += `  desc "${key}", "${(0, global_1.escapeDoubleQuotes)((0, global_1.removeNewlinePlaceholders)(desc))}"\n`;
+            Object.entries(this.descs).forEach(([key, subDesc]) => {
+                if (subDesc) {
+                    if (key.match('default') && this.desc) {
+                        if (subDesc != this.desc) {
+                            // The "default" keyword may have the same content as the desc content for backward compatibility with different historical InSpec versions.
+                            // In that case, we can ignore writing the "default" subdescription field.
+                            // If they are different, however, someone may be trying to use the keyword "default" for a unique subdescription, which should not be done.
+                            console.error(`${this.id} has a subdescription called "default" with contents that do not match the main description. "Default" should not be used as a keyword for unique sub-descriptions.`);
+                        }
+                    }
+                    else {
+                        result += `  desc '${key}', ${(0, global_1.escapeQuotes)(subDesc)}\n`;
+                    }
                 }
                 else {
                     console.error(`${this.id} does not have a desc for the value ${key}`);
@@ -69,34 +80,39 @@ class Control {
         }
         if (this.refs) {
             this.refs.forEach((ref) => {
+                var _a;
                 if (typeof ref === 'string') {
-                    result += `  ref '${(0, global_1.escapeQuotes)((0, global_1.removeNewlinePlaceholders)(ref))}'\n`;
+                    result += `  ref ${(0, global_1.escapeQuotes)(ref)}\n`;
                 }
                 else {
-                    result += `  ref '${(0, global_1.escapeQuotes)((0, global_1.removeNewlinePlaceholders)(ref.ref || ''))}', url: '${(0, global_1.escapeQuotes)((0, global_1.removeNewlinePlaceholders)(ref.url || ''))}'`;
+                    result += `  ref ${(0, global_1.escapeQuotes)(((_a = ref.ref) === null || _a === void 0 ? void 0 : _a.toString()) || '')}, url: ${(0, global_1.escapeQuotes)(ref.url || '')}`;
                 }
             });
         }
         Object.entries(this.tags).forEach(([tag, value]) => {
             if (value) {
-                if (typeof value === "object") {
-                    if (Array.isArray(value) && typeof value[0] === "string") {
-                        result += `  tag ${tag}: ${JSON.stringify(value).split('","').join('", "')}\n`;
+                if (typeof value === 'object') {
+                    if (Array.isArray(value) && typeof value[0] === 'string') {
+                        // The goal is to keep the style similar to cookstyle formatting
+                        result += `  tag ${tag}: ${JSON.stringify(value)
+                            .replace(/"/g, "'") // replace the double quotes with single quotes, ex: ["V-72029","SV-86653"] -> ['V-72029','SV-86653']
+                            .split("','") // split the items in the string
+                            .join("', '")}\n`; // join them together using single quote and a space, ex: ['V-72029','SV-86653'] -> ['V-72029', 'SV-86653']
                     }
                     else {
                         // Convert JSON Object to Ruby Hash
                         const stringifiedObject = JSON.stringify(value, null, 2)
-                            .replace(/\n/g, "\n  ")
-                            .replace(/\{\n {6}/g, "{")
-                            .replace(/\[\n {8}/g, "[")
-                            .replace(/\n {6}\]/g, "]")
-                            .replace(/\n {4}\}/g, "}")
+                            .replace(/\n/g, '\n  ')
+                            .replace(/\{\n {6}/g, '{')
+                            .replace(/\[\n {8}/g, '[')
+                            .replace(/\n {6}\]/g, ']')
+                            .replace(/\n {4}\}/g, '}')
                             .replace(/": \[/g, '" => [');
                         result += `  tag ${tag}: ${stringifiedObject}\n`;
                     }
                 }
-                else if (typeof value === "string") {
-                    result += `  tag ${tag}: "${(0, global_1.escapeDoubleQuotes)((0, global_1.removeNewlinePlaceholders)(value))}"\n`;
+                else if (typeof value === 'string') {
+                    result += `  tag ${tag}: ${(0, global_1.escapeQuotes)(value)}\n`;
                 }
             }
         });
@@ -104,7 +120,10 @@ class Control {
             result += '\n';
             result += this.describe;
         }
-        result += "end";
+        if (!result.slice(-1).match('\n')) {
+            result += '\n';
+        }
+        result += 'end\n';
         return result;
     }
 }

package/lib/objects/profile.d.ts

@@ -1,4 +1,4 @@
-import Control from "./control";
+import Control from './control';
 export default class Profile {
     name?: string | null;
     title?: string | null;
@@ -11,10 +11,10 @@ export default class Profile {
     version?: string | null;
     inspec_version?: string | null;
     supports: {
-        "platform-family"?: string;
-        "platform-name"?: string;
-        "os-name"?: string;
-        "os-family"?: string;
+        'platform-family'?: string;
+        'platform-name'?: string;
+        'os-name'?: string;
+        'os-family'?: string;
         release?: string;
         platform?: string;
     }[];
@@ -44,7 +44,7 @@ export default class Profile {
     readme?: string | null;
     files: string[];
     controls: Control[];
-    constructor(data?: Omit<Partial<Profile>, "controls">);
+    constructor(data?: Omit<Partial<Profile>, 'controls'>);
     createInspecYaml(): string;
     toUnformattedObject(): Profile;
 }

package/lib/objects/profile.js

@@ -37,7 +37,7 @@ class Profile {
     toUnformattedObject() {
         const unformattedProfile = new Profile(this);
         Object.entries(this).forEach(([key, value]) => {
-            if (typeof value === "string") {
+            if (typeof value === 'string') {
                 lodash_1.default.set(unformattedProfile, key, (0, global_1.unformatText)(value));
             }
         });

package/lib/parsers/json.d.ts

@@ -1,5 +1,5 @@
-import { ContextualizedEvaluation, ContextualizedProfile, ExecJSON } from "inspecjs";
-import Profile from "../objects/profile";
+import { ContextualizedEvaluation, ContextualizedProfile, ExecJSON } from 'inspecjs';
+import Profile from '../objects/profile';
 export declare function processEvaluation(evaluationInput: ContextualizedEvaluation): Profile;
 export declare function processProfileJSON(profileInput: ContextualizedProfile): Profile;
 export declare function processExecJSON(execJSON: ExecJSON.Execution): Profile;

package/lib/parsers/json.js

@@ -6,6 +6,7 @@ const inspecjs_1 = require("inspecjs");
 const lodash_1 = tslib_1.__importDefault(require("lodash"));
 const control_1 = tslib_1.__importStar(require("../objects/control"));
 const profile_1 = tslib_1.__importDefault(require("../objects/profile"));
+const update_1 = require("../utilities/update");
 function processEvaluation(evaluationInput) {
     const topLevelProfile = evaluationInput.contains[0];
     const profile = new profile_1.default({
@@ -14,9 +15,9 @@ function processEvaluation(evaluationInput) {
         maintainer: topLevelProfile.data.maintainer,
         copyright: topLevelProfile.data.copyright,
         copyright_email: topLevelProfile.data.copyright_email,
-        license: lodash_1.default.get(topLevelProfile.data, "license"),
-        summary: lodash_1.default.get(topLevelProfile.data, "summary"),
-        description: lodash_1.default.get(topLevelProfile.data, "description"),
+        license: lodash_1.default.get(topLevelProfile.data, 'license'),
+        summary: lodash_1.default.get(topLevelProfile.data, 'summary'),
+        description: lodash_1.default.get(topLevelProfile.data, 'description'),
         version: topLevelProfile.data.version,
     });
     topLevelProfile.contains.forEach((control) => {
@@ -39,9 +40,9 @@ function processProfileJSON(profileInput) {
         maintainer: profileInput.data.maintainer,
         copyright: profileInput.data.copyright,
         copyright_email: profileInput.data.copyright_email,
-        license: lodash_1.default.get(profileInput.data, "license"),
-        summary: lodash_1.default.get(profileInput.data, "summary"),
-        description: lodash_1.default.get(profileInput.data, "description"),
+        license: lodash_1.default.get(profileInput.data, 'license'),
+        summary: lodash_1.default.get(profileInput.data, 'summary'),
+        description: lodash_1.default.get(profileInput.data, 'description'),
         version: profileInput.data.version,
     });
     profileInput.data.controls.forEach((control) => {
@@ -54,12 +55,15 @@ function processProfileJSON(profileInput) {
             tags: control.tags,
             descs: (0, control_1.objectifyDescriptions)(control.descriptions),
         });
+        newControl.describe = (0, update_1.getExistingDescribeFromControl)(newControl);
         // Migrate check and fix text from tags to descriptions
         if (newControl.tags.check && !newControl.descs.check) {
+            // eslint-disable-next-line  @typescript-eslint/no-non-null-assertion
             lodash_1.default.set(newControl.descs, 'check', control.tags.check);
             lodash_1.default.set(newControl.tags, 'check', undefined);
         }
         if (newControl.tags.fix && !newControl.descs.fix) {
+            // eslint-disable-next-line  @typescript-eslint/no-non-null-assertion
             lodash_1.default.set(newControl.descs, 'fix', control.tags.fix);
             lodash_1.default.set(newControl.tags, 'fix', undefined);
         }
@@ -75,16 +79,16 @@ exports.processExecJSON = processExecJSON;
 function processInSpecProfile(json) {
     const convertedFile = (0, inspecjs_1.convertFile)(json, true);
     let profile = new profile_1.default();
-    if (convertedFile["1_0_ExecJson"]) {
-        profile = processEvaluation((0, inspecjs_1.contextualizeEvaluation)(convertedFile["1_0_ExecJson"])).toUnformattedObject();
+    if (convertedFile['1_0_ExecJson']) {
+        profile = processEvaluation((0, inspecjs_1.contextualizeEvaluation)(convertedFile['1_0_ExecJson'])).toUnformattedObject();
     }
-    else if (convertedFile["1_0_ProfileJson"]) {
+    else if (convertedFile['1_0_ProfileJson']) {
         profile = processProfileJSON((0, inspecjs_1.contextualizeProfile)(JSON.parse(json))).toUnformattedObject();
     }
     else {
-        throw new Error("Unknown file type passed");
+        throw new Error('Unknown file type passed');
     }
-    profile.controls = lodash_1.default.sortBy(profile.controls, "id");
+    profile.controls = lodash_1.default.sortBy(profile.controls, 'id');
     return profile;
 }
 exports.processInSpecProfile = processInSpecProfile;

package/lib/parsers/oval.js

@@ -4,10 +4,10 @@ exports.processOVAL = exports.extractAllCriteriaRefs = void 0;
 const xccdf_1 = require("../utilities/xccdf");
 // https://stackoverflow.com/questions/9133500/how-to-find-a-node-in-a-tree-with-javascript
 function searchTree(aTree, fCompair, bGreedy) {
-    var aInnerTree = []; // will contain the inner children
-    var oNode; // always the current node
-    var aReturnNodes = []; // the nodes array which will returned
-    // 1. loop through all root nodes so we don't touch the tree structure
+    let oNode; // always the current node  
+    const aInnerTree = []; // will contain the inner children
+    const aReturnNodes = []; // the nodes array which will returned
+    // 1. loop through all root nodes, store tree content locally so we don't touch the tree structure
     for (const keysTree in aTree) {
         aInnerTree.push(aTree[keysTree]);
     }
@@ -26,7 +26,7 @@ function searchTree(aTree, fCompair, bGreedy) {
                 // true if the property is an array
                 if (oNode[keysNode] instanceof Array) {
                     // 2. push all array object to aInnerTree to search in those later
-                    for (var i = 0; i < oNode[keysNode].length; i++) {
+                    for (let i = 0; i < oNode[keysNode].length; i++) {
                         aInnerTree.push(oNode[keysNode][i]);
                     }
                 }
@@ -40,8 +40,8 @@ function extractAllCriteriaRefs(initialCriteria) {
     initialCriteria.forEach(criteria => {
         var _a;
         (_a = criteria.criterion) === null || _a === void 0 ? void 0 : _a.forEach((criterion) => {
-            if (criterion["@_test_ref"]) {
-                criteriaRefs.push(criterion["@_test_ref"]);
+            if (criterion['@_test_ref']) {
+                criteriaRefs.push(criterion['@_test_ref']);
             }
         });
         if (criteria.criteria) {
@@ -61,22 +61,23 @@ function processOVAL(oval) {
     for (const ovalDefinitions of parsed.oval_definitions) {
         for (const definitionList of ovalDefinitions.definitions) {
             for (const definition of definitionList.definition) {
-                extractedDefinitions[definition["@_id"]] = definition;
-                extractedDefinitions[definition["@_id"]].criteriaRefs = extractAllCriteriaRefs(definition.criteria);
-                extractedDefinitions[definition["@_id"]].resolvedValues = (_a = extractedDefinitions[definition["@_id"]].criteriaRefs) === null || _a === void 0 ? void 0 : _a.map((criteriaRef) => {
+                extractedDefinitions[definition['@_id']] = definition;
+                extractedDefinitions[definition['@_id']].criteriaRefs = extractAllCriteriaRefs(definition.criteria);
+                extractedDefinitions[definition['@_id']].resolvedValues = (_a = extractedDefinitions[definition['@_id']].criteriaRefs) === null || _a === void 0 ? void 0 : _a.map((criteriaRef) => {
                     // Extract the original criteria from the oval file
-                    const foundCriteriaRefererence = searchTree(parsed.oval_definitions[0].tests, (oNode) => oNode["@_id"] === criteriaRef, false)[0];
-                    let foundObjects = [];
-                    let foundStates = [];
+                    const foundCriteriaRefererence = searchTree(parsed.oval_definitions[0].tests, (oNode) => oNode['@_id'] === criteriaRef, false)[0];
+                    // eslint-disable-next-line @typescript-eslint/ban-types
+                    const foundObjects = [];
+                    const foundStates = [];
                     if (foundCriteriaRefererence) {
                         if (foundCriteriaRefererence.object) {
                             foundCriteriaRefererence.object.forEach((object) => {
-                                if (!object["@_object_ref"]) {
+                                if (!object['@_object_ref']) {
                                     console.warn(`Found object without object_ref in test ${criteriaRef}`);
                                 }
                                 else {
-                                    const objectRef = object["@_object_ref"];
-                                    const foundObjectReference = searchTree(parsed.oval_definitions[0].objects, (oNode) => oNode["@_id"] === objectRef, false)[0];
+                                    const objectRef = object['@_object_ref'];
+                                    const foundObjectReference = searchTree(parsed.oval_definitions[0].objects, (oNode) => oNode['@_id'] === objectRef, false)[0];
                                     if (foundObjectReference) {
                                         foundObjects.push(foundObjectReference);
                                     }
@@ -88,12 +89,12 @@ function processOVAL(oval) {
                         }
                         if (foundCriteriaRefererence.state) {
                             foundCriteriaRefererence.state.forEach((state) => {
-                                if (!state["@_state_ref"]) {
+                                if (!state['@_state_ref']) {
                                     console.warn(`Found state without state_ref in test ${criteriaRef}`);
                                 }
                                 else {
-                                    const stateRef = state["@_state_ref"];
-                                    const foundStateReference = searchTree(parsed.oval_definitions[0].states, (oNode) => oNode["@_id"] === stateRef, false)[0];
+                                    const stateRef = state['@_state_ref'];
+                                    const foundStateReference = searchTree(parsed.oval_definitions[0].states, (oNode) => oNode['@_id'] === stateRef, false)[0];
                                     if (foundStateReference) {
                                         foundStates.push(foundStateReference);
                                     }

package/lib/parsers/xccdf.d.ts

@@ -6,7 +6,7 @@ export declare type GroupContextualizedRule = BenchmarkRule & {
 };
 export declare function extractAllRules(groups: BenchmarkGroup[]): GroupContextualizedRule[];
 export declare function extractAllComplexChecks(complexCheck: RuleComplexCheck): Omit<RuleComplexCheck, 'complex-check'>[];
-export declare function processXCCDF(xml: string, removeNewlines: boolean | undefined, useRuleId: 'group' | 'rule' | 'version' | 'cis', ovalDefinitions?: Record<string, OvalDefinitionValue & {
+export declare function processXCCDF(xml: string, removeNewlines: false, useRuleId: 'group' | 'rule' | 'version' | 'cis', ovalDefinitions?: Record<string, OvalDefinitionValue & {
     criteriaRefs?: string[];
     resolvedValues?: any;
 }>): Profile;

package/lib/parsers/xccdf.js

@@ -41,7 +41,7 @@ function ensureDecodedXMLStringValue(input) {
     return lodash_1.default.get(input, '[0].#text') ? lodash_1.default.get(input, '[0].#text') : input;
 }
 // Moving the newline removal to diff library rather than processXCCDF level
-function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
+function processXCCDF(xml, removeNewlines, useRuleId, ovalDefinitions) {
     const parsedXML = (0, xccdf_1.convertEncodedXmlIntoJson)(xml);
     const rules = extractAllRules(parsedXML.Benchmark[0].Group);
     const profile = new profile_1.default({
@@ -91,13 +91,15 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
                 control.id = rule.version;
                 break;
             case 'cis':
+                // eslint-disable-next-line  no-case-declarations
                 const controlIdRegex = /\d(\d?)(\d?)(\d?)(.\d(\d?)(\d?)(\d?))?(.\d(\d?)(\d?)(\d?))?(.\d(\d?)(\d?)(\d?))?(.\d(\d?)(\d?)(\d?))?/g;
+                // eslint-disable-next-line  no-case-declarations
                 const controlIdMatch = controlIdRegex.exec(rule['@_id']);
                 if (controlIdMatch) {
                     control.id = controlIdMatch[0];
                 }
                 else {
-                    throw new Error(`Could not parse control ID from rule ID: ${rule['@_id']}. Expecting format: 'xccdf_org.cisecurity.benchmarks_rule_1.1.11_Rule_title_summary`);
+                    throw new Error(`Could not parse control ID from rule ID: ${rule['@_id']}. Expecting something in this example format: 'xccdf_org.cisecurity.benchmarks_rule_1.1.11_Rule_title_summary`);
                 }
                 break;
             default:
@@ -147,7 +149,7 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
         }
         // Very CIS specific
         else if (rule['complex-check']) {
-            let checkTexts = [];
+            const checkTexts = [];
             for (const complexChecks of rule['complex-check']) {
                 const allComplexChecks = extractAllComplexChecks(complexChecks);
                 if (control.id === '1.1.1.5') {
@@ -226,7 +228,7 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
         control.tags.gid = rule.group['@_id'],
             control.tags.rid = rule['@_id'];
         control.tags.stig_id = rule['version'];
-        if (typeof rule.group.title === "string") {
+        if (typeof rule.group.title === 'string') {
             control.tags.gtitle = (0, xccdf_1.removeXMLSpecialCharacters)(rule.group.title);
         }
         else {
@@ -320,6 +322,7 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
                     if (typeof referenceText === 'string' && referenceText.indexOf('§') !== -1) {
                         const referenceParts = referenceText.split('§');
                         if (referenceParts.length == 2) {
+                            // eslint-disable-next-line  prefer-const
                             let [identifierType, identifier] = referenceText.split('§');
                             identifierType = identifierType.toLowerCase();
                             if (!(identifierType in control.tags)) {
@@ -333,7 +336,7 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
                             }
                         }
                         else {
-                            console.warn("Reference parts of invalid length:");
+                            console.warn('Reference parts of invalid length:');
                             console.log(referenceParts);
                         }
                     }

package/lib/utilities/diff.d.ts

@@ -1,6 +1,6 @@
-import Profile from "../objects/profile";
-import { ProfileDiff } from "../types/diff";
-import winston from "winston";
+import Profile from '../objects/profile';
+import { ProfileDiff } from '../types/diff';
+import winston from 'winston';
 export declare function removeNewlines(control?: Record<string, unknown>): Record<string, unknown>;
 export declare function ignoreFormattingDiff(diffData: Record<string, unknown>): Record<string, unknown>;
 export declare function diffProfile(fromProfile: Profile, toProfile: Profile, logger: winston.Logger): {

package/lib/utilities/diff.js

@@ -11,10 +11,10 @@ function removeNewlines(control) {
         return {};
     }
     return lodash_1.default.mapValues(control, (value) => {
-        if (typeof value === "string") {
-            return value.replace(/\n/g, "{{{{newlineHERE}}}}").trim();
+        if (typeof value === 'string') {
+            return value.replace(/\n/g, '{{{{newlineHERE}}}}').trim();
         }
-        else if (typeof value === "object" && value !== null) {
+        else if (typeof value === 'object' && value !== null) {
             return removeNewlines(value);
         }
         return value;
@@ -24,28 +24,28 @@ exports.removeNewlines = removeNewlines;
 // Goal is to use a linter for the formatting and compare characters without whitespaces here
 function ignoreFormattingDiff(diffData) {
     return lodash_1.default.transform(diffData, (result, diffValue, key) => {
-        if (lodash_1.default.has(diffValue, "__new")) {
+        if (lodash_1.default.has(diffValue, '__new')) {
             // Remove any trailing space
-            if (typeof lodash_1.default.get(diffValue, "__new") === "string" &&
-                typeof lodash_1.default.get(diffValue, "__old") === "string") {
-                if ((0, global_1.removeWhitespace)(lodash_1.default.get(diffValue, "__new")) !==
-                    (0, global_1.removeWhitespace)(lodash_1.default.get(diffValue, "__old"))) {
-                    lodash_1.default.set(result, key, lodash_1.default.get(diffValue, "__new"));
+            if (typeof lodash_1.default.get(diffValue, '__new') === 'string' &&
+                typeof lodash_1.default.get(diffValue, '__old') === 'string') {
+                if ((0, global_1.removeWhitespace)(lodash_1.default.get(diffValue, '__new')) !==
+                    (0, global_1.removeWhitespace)(lodash_1.default.get(diffValue, '__old'))) {
+                    lodash_1.default.set(result, key, lodash_1.default.get(diffValue, '__new'));
                 }
             }
             else {
-                result[key] = lodash_1.default.get(diffValue, "__new");
+                result[key] = lodash_1.default.get(diffValue, '__new');
             }
         }
         else if (Array.isArray(diffValue)) {
             result[key] = diffValue
-                .map((value) => value[0] === "+" && value[1])
+                .map((value) => value[0] === '+' && value[1])
                 .filter((value) => value);
         }
-        else if (typeof diffValue === "object") {
+        else if (typeof diffValue === 'object') {
             result[key] = ignoreFormattingDiff(diffValue);
         }
-        else if (key.endsWith("__deleted")) {
+        else if (key.endsWith('__deleted')) {
             return undefined;
         }
         else {
@@ -77,13 +77,13 @@ function diffProfile(fromProfile, toProfile, logger) {
         .sort();
     const toControlIDs = toProfile.controls.map((control) => control.id).sort();
     // Find new controls
-    const controlIDDiff = (_a = (0, json_diff_1.diff)(fromControlIDs, toControlIDs)) === null || _a === void 0 ? void 0 : _a.filter((item) => !(item.length === 1 && item[0] === " "));
+    const controlIDDiff = (_a = (0, json_diff_1.diff)(fromControlIDs, toControlIDs)) === null || _a === void 0 ? void 0 : _a.filter((item) => !(item.length === 1 && item[0] === ' '));
     // Contains the new IDs
     const changedControlIds = [];
     // a diffValue has an entry for both what was subtracted ("-")
     // and what was added ("+") -- need to handle both
     controlIDDiff === null || controlIDDiff === void 0 ? void 0 : controlIDDiff.forEach((diffValue) => {
-        if (diffValue[0] === "-") {
+        if (diffValue[0] === '-') {
             const existingControl = fromProfile.controls.find((control) => control.id === diffValue[1]);
             // Check if the control has been given a new ID
             if (existingControl) {
@@ -92,7 +92,7 @@ function diffProfile(fromProfile, toProfile, logger) {
                     profileDiff.renamedControlIDs[existingControl.id] = newControl.id;
                     originalDiff.renamedControlIDs[existingControl.id] = newControl.id;
                     changedControlIds.push(newControl.id.toLowerCase());
-                    const controlDiff = lodash_1.default.omit((0, json_diff_1.diff)(existingControl, newControl), "code__deleted");
+                    const controlDiff = lodash_1.default.omit((0, json_diff_1.diff)(existingControl, newControl), 'code__deleted');
                     // logger.info("CONTROL DIFF:" + JSON.stringify(controlDiff, null, 2))
                     const renamedControlIgnoredFormatting = ignoreFormattingDiff(controlDiff);
                     logger.info(JSON.stringify(renamedControlIgnoredFormatting));
@@ -111,7 +111,7 @@ function diffProfile(fromProfile, toProfile, logger) {
                 logger.error(`Unable to find existing control ${diffValue[1]}`);
             }
         }
-        else if (diffValue[0] === "+" && !changedControlIds.includes(diffValue[1].toLowerCase()) && diffValue[1]) {
+        else if (diffValue[0] === '+' && !changedControlIds.includes(diffValue[1].toLowerCase()) && diffValue[1]) {
             logger.info(JSON.stringify(diffValue));
             logger.info(JSON.stringify(changedControlIds));
             profileDiff.addedControlIDs.push(diffValue[1]);
@@ -134,10 +134,12 @@ function diffProfile(fromProfile, toProfile, logger) {
     for (const fromControl of fromProfile.controls) {
         const toControl = toProfile.controls.find((control) => control.id === fromControl.id);
         if (toControl) {
-            const controlDiff = lodash_1.default.omit((0, json_diff_1.diff)(fromControl, toControl), "code__deleted");
+            const controlDiff = lodash_1.default.omit((0, json_diff_1.diff)(fromControl, toControl), 'code__deleted');
             if (controlDiff) {
+                // eslint-disable-next-line  @typescript-eslint/no-non-null-assertion
                 profileDiff.changedControls[toControl.id] = ignoreFormattingDiff(controlDiff);
                 profileDiff.changedControlIDs.push(toControl.id);
+                // eslint-disable-next-line  @typescript-eslint/no-non-null-assertion
                 originalDiff.changedControls[toControl.id] = controlDiff;
                 originalDiff.changedControlIDs.push(toControl.id);
             }

package/lib/utilities/diffMarkdown.d.ts

@@ -1,4 +1,4 @@
-import { ProfileDiff } from "../types/diff";
+import { ProfileDiff } from '../types/diff';
 export declare function createDiffMarkdown(diff: {
     ignoreFormattingDiff: ProfileDiff;
     rawDiff: any;

package/lib/utilities/diffMarkdown.js

@@ -5,10 +5,6 @@ const tslib_1 = require("tslib");
 const mustache_1 = tslib_1.__importDefault(require("mustache"));
 const lodash_1 = tslib_1.__importDefault(require("lodash"));
 const automatticUpdateTemplate_json_1 = tslib_1.__importDefault(require("../resources/automatticUpdateTemplate.json"));
-function getUpdatedCheckForId(id, profile) {
-    const foundControl = profile.controls.find((control) => control.id === id);
-    return lodash_1.default.get(foundControl === null || foundControl === void 0 ? void 0 : foundControl.descs, "check") || "Missing check";
-}
 function createDiffMarkdown(diff) {
     const renderableDiffData = {
         addedControls: Object.values(diff.ignoreFormattingDiff.addedControls),
@@ -30,10 +26,10 @@ function createDiffMarkdown(diff) {
     Object.entries(diff.rawDiff.changedControls).forEach(([id, controlDiff]) => {
         var _a, _b;
         if ((_a = controlDiff.descs) === null || _a === void 0 ? void 0 : _a.check) {
-            const oldCheck = lodash_1.default.get(controlDiff.descs.check, "__old");
-            const newCheck = lodash_1.default.get(controlDiff.descs.check, "__new");
-            if (oldCheck.replace(/\n/g, "").replace(/\W/g, "") !==
-                newCheck.replace(/\n/g, "").replace(/\W/g, "")) {
+            const oldCheck = lodash_1.default.get(controlDiff.descs.check, '__old');
+            const newCheck = lodash_1.default.get(controlDiff.descs.check, '__new');
+            if (oldCheck.replace(/\n/g, '').replace(/\W/g, '') !==
+                newCheck.replace(/\n/g, '').replace(/\W/g, '')) {
                 renderableDiffData.updatedChecks.push({
                     id: id,
                     old: oldCheck,
@@ -42,10 +38,10 @@ function createDiffMarkdown(diff) {
             }
         }
         if ((_b = controlDiff.descs) === null || _b === void 0 ? void 0 : _b.fix) {
-            const oldFix = lodash_1.default.get(controlDiff.descs.fix, "__old");
-            const newFix = lodash_1.default.get(controlDiff.descs.fix, "__new");
-            if (oldFix.replace(/\n/g, "").replace(/\W/g, "") !==
-                newFix.replace(/\n/g, "").replace(/\W/g, "")) {
+            const oldFix = lodash_1.default.get(controlDiff.descs.fix, '__old');
+            const newFix = lodash_1.default.get(controlDiff.descs.fix, '__new');
+            if (oldFix.replace(/\n/g, '').replace(/\W/g, '') !==
+                newFix.replace(/\n/g, '').replace(/\W/g, '')) {
                 renderableDiffData.updatedFixes.push({
                     id: id,
                     old: oldFix,
@@ -54,8 +50,8 @@ function createDiffMarkdown(diff) {
             }
         }
         if (controlDiff.impact) {
-            const oldImpact = lodash_1.default.get(controlDiff.impact, "__old");
-            const newImpact = lodash_1.default.get(controlDiff.impact, "__new");
+            const oldImpact = lodash_1.default.get(controlDiff.impact, '__old');
+            const newImpact = lodash_1.default.get(controlDiff.impact, '__new');
             if (oldImpact !== newImpact) {
                 renderableDiffData.updatedImpacts.push({
                     id: id,
@@ -65,8 +61,8 @@ function createDiffMarkdown(diff) {
             }
         }
         if (controlDiff.title) {
-            const oldTitle = lodash_1.default.get(controlDiff.title, "__old");
-            const newTitle = lodash_1.default.get(controlDiff.title, "__new");
+            const oldTitle = lodash_1.default.get(controlDiff.title, '__old');
+            const newTitle = lodash_1.default.get(controlDiff.title, '__new');
             if (oldTitle !== newTitle) {
                 renderableDiffData.updatedTitles.push({
                     id: id,
@@ -76,8 +72,8 @@ function createDiffMarkdown(diff) {
             }
         }
         if (controlDiff.desc) {
-            const oldDesc = lodash_1.default.get(controlDiff.desc, "__old");
-            const newDesc = lodash_1.default.get(controlDiff.desc, "__new");
+            const oldDesc = lodash_1.default.get(controlDiff.desc, '__old');
+            const newDesc = lodash_1.default.get(controlDiff.desc, '__new');
             if (oldDesc !== newDesc) {
                 renderableDiffData.updatedDescriptions.push({
                     id: id,

package/lib/utilities/global.d.ts

@@ -1,10 +1,7 @@
 export declare function wrap(s: string, lineLength?: number): string;
 export declare function unformatText(s: string): string;
 export declare function removeWhitespace(input: string): string;
-declare const escapeQuotes: (s: string) => string;
-declare const escapeDoubleQuotes: (s: string) => string;
-declare const wrapAndEscapeQuotes: (s: string, lineLength?: number) => string;
-export { escapeQuotes, escapeDoubleQuotes, wrapAndEscapeQuotes };
+export declare function escapeQuotes(s: string): string;
 export declare function removeNewlinePlaceholders(s: string): string;
 export declare function getFirstPath(object: Record<string, unknown>, paths: string[]): string;
 export declare function hasPath(file: Record<string, unknown>, path: string | string[]): boolean;

package/lib/utilities/global.js

@@ -1,23 +1,22 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.hasPath = exports.getFirstPath = exports.removeNewlinePlaceholders = exports.wrapAndEscapeQuotes = exports.escapeDoubleQuotes = exports.escapeQuotes = exports.removeWhitespace = exports.unformatText = exports.wrap = void 0;
+exports.hasPath = exports.getFirstPath = exports.removeNewlinePlaceholders = exports.escapeQuotes = exports.removeWhitespace = exports.unformatText = exports.wrap = void 0;
 const tslib_1 = require("tslib");
 const lodash_1 = tslib_1.__importDefault(require("lodash"));
 // Breaks lines down to lineLength number of characters
 function wrap(s, lineLength = 80) {
-    let newString = "";
-    let currentLine = "";
+    let newString = '';
     let currentLength = 0;
     let shouldBreakLine = false;
-    for (var i = 0; i < s.length; i++) {
+    for (let i = 0; i < s.length; i++) {
         if (shouldBreakLine) {
-            newString += `\n`;
+            newString += '\n';
             currentLength = 0;
             shouldBreakLine = false;
         }
-        let currentChar = s.charAt(i);
-        let nextChar = s.charAt(i + 1);
-        if (nextChar === " ") {
+        const currentChar = s.charAt(i);
+        const nextChar = s.charAt(i + 1);
+        if (nextChar === ' ') {
             if (currentLength >= lineLength) {
                 shouldBreakLine = true;
                 newString += currentChar;
@@ -36,6 +35,7 @@ function wrap(s, lineLength = 80) {
     return newString;
 }
 exports.wrap = wrap;
+// Remove new lines and tabs
 function unformatText(s) {
     return s.replace(/\n/g, ' ').replace(/\\n/g, ' ').replace(/( +|\t)/g, ' ');
 }
@@ -44,12 +44,24 @@ function removeWhitespace(input) {
     return input.replace(/\s/gi, '');
 }
 exports.removeWhitespace = removeWhitespace;
-const escapeQuotes = (s) => s.replace(/\\/g, "\\\\").replace(/'/g, "\\'"); // Escape backslashes and quotes
+const escapeSingleQuotes = (s) => {
+    return s.replace(/\\/g, '\\\\').replace(/'/g, "\\'"); // Escape backslashes and quotes
+};
+const escapeDoubleQuotes = (s) => {
+    return s.replace(/\\/g, '\\\\').replace(/"/g, '\\"'); // Escape backslashes and double quotes
+};
+function escapeQuotes(s) {
+    if (s.includes("'") && s.includes('"')) {
+        return `%q(${removeNewlinePlaceholders(s)})`;
+    }
+    else if (s.includes("'")) {
+        return `"${escapeDoubleQuotes(removeNewlinePlaceholders(s))}"`;
+    }
+    else {
+        return `'${escapeSingleQuotes(removeNewlinePlaceholders(s))}'`;
+    }
+}
 exports.escapeQuotes = escapeQuotes;
-const escapeDoubleQuotes = (s) => s.replace(/\\/g, "\\\\").replace(/"/g, '\\"'); // Escape backslashes and double quotes
-exports.escapeDoubleQuotes = escapeDoubleQuotes;
-const wrapAndEscapeQuotes = (s, lineLength) => escapeDoubleQuotes(wrap(s, lineLength)); // Escape backslashes and quotes, and wrap long lines
-exports.wrapAndEscapeQuotes = wrapAndEscapeQuotes;
 function removeNewlinePlaceholders(s) {
     return s.replace(/\{\{\{\{newlineHERE\}\}\}\}/g, '\n');
 }

package/lib/utilities/logging.d.ts

@@ -1,2 +1,2 @@
-import winston from "winston";
+import winston from 'winston';
 export declare function createWinstonLogger(level?: string): winston.Logger;

package/lib/utilities/update.d.ts

@@ -1,4 +1,4 @@
-import winston from "winston";
+import winston from 'winston';
 import Control from '../objects/control';
 import Profile from '../objects/profile';
 import { ProfileDiff } from '../types/diff';
@@ -11,6 +11,7 @@ export declare type UpdatedProfileReturn = {
     };
     markdown: string;
 };
+export declare function getExistingDescribeFromControl(control: Control): string;
 export declare function findUpdatedControlByAllIdentifiers(existingControl: Control, updatedControls: Control[]): Control | undefined;
 export declare function updateControl(from: Control, update: Partial<Control>, logger: winston.Logger): Control;
 export declare function updateProfile(from: Profile, using: Profile, logger: winston.Logger): Omit<UpdatedProfileReturn, 'markdown'>;

package/lib/utilities/update.js

@@ -2,14 +2,13 @@
 // Utilities to update a profile or control with new metadata
 // The ultimate goal is to preserve all the metadata that is already there and only add what is new
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.updateProfileUsingXCCDF = exports.updateProfile = exports.updateControl = exports.findUpdatedControlByAllIdentifiers = void 0;
+exports.updateProfileUsingXCCDF = exports.updateProfile = exports.updateControl = exports.findUpdatedControlByAllIdentifiers = exports.getExistingDescribeFromControl = void 0;
 const tslib_1 = require("tslib");
 const lodash_1 = tslib_1.__importDefault(require("lodash"));
 const profile_1 = tslib_1.__importDefault(require("../objects/profile"));
 const xccdf_1 = require("../parsers/xccdf");
 const diff_1 = require("./diff");
 const diffMarkdown_1 = require("./diffMarkdown");
-const knownInSpecKeywords = ['title', 'desc', 'impact', 'ref', 'tag', "\""];
 function projectValuesOntoExistingObj(dst, src, currentPath = '') {
     for (const updatedValue in src) {
         const existingValue = lodash_1.default.get(dst, updatedValue);
@@ -32,101 +31,69 @@ function projectValuesOntoExistingObj(dst, src, currentPath = '') {
     }
     return dst;
 }
-// This is the most likely thing to break if you are getting code formatting issues.
-// Extract the existing describe blocks (what is actually run by inspec for validation)
+/*
+  Return first index found from given array that is not an empty entry (cell)
+*/
+function getIndexOfFirstLine(auditArray, index, action) {
+    let indexVal = index;
+    while (auditArray[indexVal] === '') {
+        switch (action) {
+            case '-':
+                indexVal--;
+                break;
+            case '+':
+                indexVal++;
+                break;
+        }
+    }
+    return indexVal;
+}
+/*
+  This is the most likely thing to break if you are getting code formatting issues.
+  Extract the existing describe blocks (what is actually run by inspec for validation)
+*/
 function getExistingDescribeFromControl(control) {
+    // Algorithm:
+    //   Locate the start and end of the control string
+    //   Update the end of the control that contains information (if empty lines are at the end of the control)
+    //   loop: until the start index is changed (loop is done from the bottom up)
+    //     Clean testing array entry line (removes any non-print characters)
+    //     if: line starts with meta-information 'tag' or 'ref'
+    //       set start index to found location
+    //       break out of the loop
+    //     end
+    //   end
+    //   Remove any empty lines after the start index (in any)
+    //   Extract the describe block from the audit control given the start and end indices
+    // Assumptions: 
+    //  1 - The meta-information 'tag' or 'ref' precedes the describe block
+    // Pros: Solves the potential issue with option 1, as the lookup for the meta-information
+    //       'tag' or 'ref' is expected to the at the beginning of the line.
     if (control.code) {
         let existingDescribeBlock = '';
-        let currentQuoteEscape = '';
-        let percentBlockRegexp = /%[qQriIwWxs]?(?<lDelimiter>[\(\[\{\<])/;
-        let inPercentBlock = false;
-        let inQuoteBlock = false;
-        let inMetadataValueOverride = false;
-        let indentedMetadataOverride = false;
-        let inDescribeBlock = false;
-        let mostSpacesSeen = 0;
-        let lDelimiter = '(';
-        let rDelimiter = ')';
-        control.code.split('\n').forEach((line) => {
-            const wordArray = line.trim().split(' ');
-            const spaces = line.substring(0, line.indexOf(wordArray[0])).length;
-            if (spaces - mostSpacesSeen > 10) {
-                indentedMetadataOverride = true;
-            }
-            else {
-                mostSpacesSeen = spaces;
-                indentedMetadataOverride = false;
-            }
-            if ((!inPercentBlock && !inQuoteBlock && !inMetadataValueOverride && !indentedMetadataOverride) || inDescribeBlock) {
-                if (inDescribeBlock && wordArray.length === 1 && wordArray.includes('')) {
-                    existingDescribeBlock += '\n';
-                }
-                // Get the number of spaces at the beginning of the current line
-                else if (spaces >= 2) {
-                    const firstWord = wordArray[0];
-                    if (knownInSpecKeywords.indexOf(firstWord.toLowerCase()) === -1 || (knownInSpecKeywords.indexOf(firstWord.toLowerCase()) !== -1 && spaces > 2) || inDescribeBlock) {
-                        inDescribeBlock = true;
-                        existingDescribeBlock += line + '\n';
-                    }
-                }
+        let indexStart = control.code.toLowerCase().indexOf('control');
+        let indexEnd = control.code.toLowerCase().trimEnd().lastIndexOf('end');
+        const auditControl = control.code.substring(indexStart, indexEnd).split('\n');
+        indexStart = 0;
+        indexEnd = auditControl.length - 1;
+        indexEnd = getIndexOfFirstLine(auditControl, indexEnd, '-');
+        let index = indexEnd;
+        while (indexStart === 0) {
+            const line = auditControl[index].toLowerCase().trim();
+            if (line.indexOf('ref') === 0 || line.indexOf('tag') === 0) {
+                indexStart = index + 1;
             }
-            wordArray.forEach((word, index) => {
-                //console.log(`LDELIMITER:   \"${lDelimiter}\"   RDELIMITER:   \"${rDelimiter}\"`)
-                let percentBlockMatch = percentBlockRegexp.exec(word);
-                if (percentBlockMatch && inPercentBlock === false) {
-                    inPercentBlock = true;
-                    lDelimiter = percentBlockMatch.groups.lDelimiter || '(';
-                    switch (lDelimiter) {
-                        case '{': {
-                            rDelimiter = '}';
-                            break;
-                        }
-                        case '[': {
-                            rDelimiter = ']';
-                            break;
-                        }
-                        case '<': {
-                            rDelimiter = '>';
-                            break;
-                        }
-                        default: {
-                            break;
-                        }
-                    }
-                }
-                const charArray = word.split('');
-                charArray.forEach((char, index) => {
-                    if (inPercentBlock) {
-                        if (char === rDelimiter && charArray[index - 1] !== '\\' && !inQuoteBlock) {
-                            inPercentBlock = false;
-                        }
-                    }
-                    if (char === '"' && charArray[index - 1] !== '\\') {
-                        if (!currentQuoteEscape || !inQuoteBlock) {
-                            currentQuoteEscape = '"';
-                        }
-                        if (currentQuoteEscape === '"') {
-                            inQuoteBlock = !inQuoteBlock;
-                        }
-                    }
-                    else if (char === "'" && charArray[index - 1] !== '\\') {
-                        if (!currentQuoteEscape || !inQuoteBlock) {
-                            currentQuoteEscape = "'";
-                        }
-                        if (currentQuoteEscape === "'") {
-                            inQuoteBlock = !inQuoteBlock;
-                        }
-                    }
-                });
-            });
-        });
-        // Take off the extra newline at the end
-        return existingDescribeBlock.slice(0, -1);
+            index--;
+        }
+        indexStart = getIndexOfFirstLine(auditControl, indexStart, '+');
+        existingDescribeBlock = auditControl.slice(indexStart, indexEnd + 1).join('\n').toString();
+        return existingDescribeBlock;
     }
     else {
         return '';
     }
 }
+exports.getExistingDescribeFromControl = getExistingDescribeFromControl;
 function findUpdatedControlByAllIdentifiers(existingControl, updatedControls) {
     // Try to match based on IDs
     let updatedControl = updatedControls.find((updatedControl) => {

package/lib/utilities/xccdf.js

@@ -25,7 +25,6 @@ function removeXMLSpecialCharacters(str) {
     return he_1.default.decode(str);
 }
 exports.removeXMLSpecialCharacters = removeXMLSpecialCharacters;
-;
 function severityStringToImpact(string, id) {
     var _a, _b, _c, _d, _e;
     if ((_a = string.match(/none|na|n\/a|not[\s()*_|]?applicable/i)) === null || _a === void 0 ? void 0 : _a.length) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mitre/inspec-objects",
-  "version": "0.0.31",
+  "version": "0.0.32",
   "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks",
   "main": "lib/index.js",
   "publishConfig": {
@@ -9,7 +9,9 @@
   "scripts": {
     "build": "tsc -p ./tsconfig.build.json",
     "dev": "npx -y ts-node test.ts",
-    "test": "jest"
+    "test": "jest",
+    "lint": "eslint \"**/*.ts\" --fix",
+    "lint:ci": "eslint \"**/*.ts\" --max-warnings 0"
   },
   "repository": {
     "type": "git",
@@ -48,8 +50,9 @@
   "devDependencies": {
     "@types/jest": "^28.1.1",
     "@types/node": "^17.0.18",
-    "@typescript-eslint/eslint-plugin": "^5.12.0",
-    "eslint": "^8.9.0",
+    "@typescript-eslint/eslint-plugin": "^5.47.0",
+    "@typescript-eslint/parser": "^5.47.0",
+    "eslint": "^8.30.0",
     "tslib": "^2.4.0"
   },
   "jest": {

package/tsconfig.json

@@ -1,22 +1,21 @@
 {
-    "compilerOptions": {
-      "module": "commonjs",
-      "moduleResolution": "node",
-      "noImplicitAny": true,
-      "resolveJsonModule": true,
-      "declaration": true,
-      "importHelpers": true,
-      "esModuleInterop": true,
-      "outDir": "lib",
-      "rootDir": "src",
-      "strict": true,
-      "target": "es2019",
-      "types": ["node", "jest"]
-    },
-    "include": [
-      "index.ts",
-      "src/**/*",
-      "types/*"
-    ],
-  }
-  
+  "compilerOptions": {
+    "module": "commonjs",
+    "moduleResolution": "node",
+    "noImplicitAny": true,
+    "resolveJsonModule": true,
+    "declaration": true,
+    "importHelpers": true,
+    "esModuleInterop": true,
+    "outDir": "lib",
+    "rootDir": "src",
+    "strict": true,
+    "target": "es2019",
+    "types": ["node", "jest"]
+  },
+  "include": [
+    "index.ts",
+    "src/**/*",
+    "types/*"
+  ],
+}