@mitre/inspec-objects 0.0.32 → 0.0.34

package/lib/utilities/update.js

@@ -31,63 +31,173 @@ function projectValuesOntoExistingObj(dst, src, currentPath = '') {
     }
     return dst;
 }
-/*
-  Return first index found from given array that is not an empty entry (cell)
-*/
-function getIndexOfFirstLine(auditArray, index, action) {
-    let indexVal = index;
-    while (auditArray[indexVal] === '') {
-        switch (action) {
-            case '-':
-                indexVal--;
-                break;
-            case '+':
-                indexVal++;
+function getRangesForLines(text) {
+    /*
+      Returns an array containing two numerical indices (i.e., start and stop
+      line numbers) for each string or multi-line comment, given raw text as
+      an input parameter. The raw text is a string containing the entirety of an
+      InSpec control.
+  
+      Algorithm utilizes a pair of stacks (i.e., `stack`, `rangeStack`) to keep
+      track of string delimiters and their associated line numbers, respectively.
+  
+      Combinations Handled:
+      - Single quotes (')
+      - Double quotes (")
+      - Back ticks (`)
+      - Mixed quotes ("`'")
+      - Percent strings (%; keys: q, Q, r, i, I, w, W, x; delimiters: (), {},
+        [], <>, most non-alphanumeric characters); (e.g., "%q()")
+      - Percent literals (%; delimiters: (), {}, [], <>, most non-
+        alphanumeric characters); (e.g., "%()")
+      - Multi-line comments (e.g., =begin\nSome comment\n=end)
+      - Variable delimiters (i.e., paranthesis: (); array: []; hash: {})
+    */
+    const stringDelimiters = { '(': ')', '{': '}', '[': ']', '<': '>' };
+    const variableDelimiters = { '(': ')', '{': '}', '[': ']' };
+    const quotes = '\'"`';
+    const strings = 'qQriIwWxs';
+    let skipCharLength;
+    (function (skipCharLength) {
+        skipCharLength[skipCharLength["string"] = '('.length] = "string";
+        skipCharLength[skipCharLength["percentString"] = 'q('.length] = "percentString";
+        skipCharLength[skipCharLength["commentBegin"] = '=begin'.length] = "commentBegin";
+    })(skipCharLength || (skipCharLength = {}));
+    const stack = [];
+    const rangeStack = [];
+    const ranges = [];
+    const lines = text.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        let j = 0;
+        while (j < lines[i].length) {
+            const line = lines[i];
+            let char = line[j];
+            const isEmptyStack = (stack.length == 0);
+            const isNotEmptyStack = (stack.length > 0);
+            const isQuoteChar = quotes.includes(char);
+            const isNotEscapeChar = ((j == 0) || (j > 0 && line[j - 1] != '\\'));
+            const isPercentChar = (char == '%');
+            const isVariableDelimiterChar = Object.keys(variableDelimiters).includes(char);
+            const isStringDelimiterChar = ((j < line.length - 1) && (/^[^A-Za-z0-9]$/.test(line[j + 1])));
+            const isCommentBeginChar = ((j == 0) && (line.length >= 6) && (line.slice(0, 6) == '=begin'));
+            const isPercentStringKeyChar = ((j < line.length - 1) && (strings.includes(line[j + 1])));
+            const isPercentStringDelimiterChar = ((j < line.length - 2) && (/^[^A-Za-z0-9]$/.test(line[j + 2])));
+            const isPercentString = (isPercentStringKeyChar && isPercentStringDelimiterChar);
+            let baseCondition = (isEmptyStack && isNotEscapeChar);
+            const quotePushCondition = (baseCondition && isQuoteChar);
+            const variablePushCondition = (baseCondition && isVariableDelimiterChar);
+            const stringPushCondition = (baseCondition && isPercentChar && isStringDelimiterChar);
+            const percentStringPushCondition = (baseCondition && isPercentChar && isPercentString);
+            const commentBeginCondition = (baseCondition && isCommentBeginChar);
+            if (stringPushCondition) {
+                j += skipCharLength.string; // j += 1
+            }
+            else if (percentStringPushCondition) {
+                j += skipCharLength.percentString; // j += 2
+            }
+            else if (commentBeginCondition) {
+                j += skipCharLength.commentBegin; // j += 6
+            }
+            char = line[j];
+            baseCondition = (isNotEmptyStack && isNotEscapeChar);
+            const delimiterCondition = (baseCondition && Object.keys(stringDelimiters).includes(stack[stack.length - 1]));
+            const delimiterPushCondition = (delimiterCondition && (stack[stack.length - 1] == char));
+            const delimiterPopCondition = (delimiterCondition && (stringDelimiters[stack[stack.length - 1]] == char));
+            const basePopCondition = (baseCondition && (stack[stack.length - 1] == char) && !Object.keys(stringDelimiters).includes(char));
+            const isCommentEndChar = ((j == 0) && (line.length >= 4) && (line.slice(0, 4) == '=end'));
+            const commentEndCondition = (baseCondition && isCommentEndChar && (stack[stack.length - 1] == '=begin'));
+            const popCondition = (basePopCondition || delimiterPopCondition || commentEndCondition);
+            const pushCondition = (quotePushCondition || variablePushCondition || stringPushCondition ||
+                percentStringPushCondition || delimiterPushCondition || commentBeginCondition);
+            if (popCondition) {
+                stack.pop();
+                rangeStack[rangeStack.length - 1].push(i);
+                const range_ = rangeStack.pop();
+                if (rangeStack.length == 0) {
+                    ranges.push(range_);
+                }
+            }
+            else if (pushCondition) {
+                if (commentBeginCondition) {
+                    stack.push('=begin');
+                }
+                else {
+                    stack.push(char);
+                }
+                rangeStack.push([i]);
+            }
+            j++;
+        }
+    }
+    return ranges;
+}
+function joinMultiLineStringsFromRanges(text, ranges) {
+    /*
+      Returns an array of strings and joined strings at specified ranges, given
+      raw text as an input parameter.
+    */
+    const originalLines = text.split('\n');
+    const joinedLines = [];
+    let i = 0;
+    while (i < originalLines.length) {
+        let foundInRanges = false;
+        for (const [startIndex, stopIndex] of ranges) {
+            if (i >= startIndex && i <= stopIndex) {
+                joinedLines.push(originalLines.slice(startIndex, stopIndex + 1).join('\n'));
+                foundInRanges = true;
+                i = stopIndex;
                 break;
+            }
         }
+        if (!foundInRanges) {
+            joinedLines.push(originalLines[i]);
+        }
+        i++;
     }
-    return indexVal;
+    return joinedLines;
+}
+function getMultiLineRanges(ranges) {
+    /*
+      Drops ranges with the same start and stop line numbers (i.e., strings
+      that populate a single line)
+    */
+    const multiLineRanges = [];
+    for (const [start, stop] of ranges) {
+        if (start !== stop) {
+            multiLineRanges.push([start, stop]);
+        }
+    }
+    return multiLineRanges;
 }
 /*
   This is the most likely thing to break if you are getting code formatting issues.
   Extract the existing describe blocks (what is actually run by inspec for validation)
 */
 function getExistingDescribeFromControl(control) {
-    // Algorithm:
-    //   Locate the start and end of the control string
-    //   Update the end of the control that contains information (if empty lines are at the end of the control)
-    //   loop: until the start index is changed (loop is done from the bottom up)
-    //     Clean testing array entry line (removes any non-print characters)
-    //     if: line starts with meta-information 'tag' or 'ref'
-    //       set start index to found location
-    //       break out of the loop
-    //     end
-    //   end
-    //   Remove any empty lines after the start index (in any)
-    //   Extract the describe block from the audit control given the start and end indices
-    // Assumptions: 
-    //  1 - The meta-information 'tag' or 'ref' precedes the describe block
-    // Pros: Solves the potential issue with option 1, as the lookup for the meta-information
-    //       'tag' or 'ref' is expected to the at the beginning of the line.
     if (control.code) {
-        let existingDescribeBlock = '';
-        let indexStart = control.code.toLowerCase().indexOf('control');
-        let indexEnd = control.code.toLowerCase().trimEnd().lastIndexOf('end');
-        const auditControl = control.code.substring(indexStart, indexEnd).split('\n');
-        indexStart = 0;
-        indexEnd = auditControl.length - 1;
-        indexEnd = getIndexOfFirstLine(auditControl, indexEnd, '-');
-        let index = indexEnd;
-        while (indexStart === 0) {
-            const line = auditControl[index].toLowerCase().trim();
-            if (line.indexOf('ref') === 0 || line.indexOf('tag') === 0) {
-                indexStart = index + 1;
+        // Join multi-line strings in InSpec control.
+        const ranges = getRangesForLines(control.code);
+        const multiLineRanges = getMultiLineRanges(ranges);
+        const lines = joinMultiLineStringsFromRanges(control.code, multiLineRanges); // Array of lines representing the full InSpec control, with multi-line strings collapsed
+        // Define RegExp for lines to skip when searching for describe block.
+        const skip = ['control\\W', '  title\\W', '  desc\\W', '  impact\\W', '  tag\\W', '  ref\\W'];
+        const skipRegExp = RegExp(skip.map(x => `(^${x})`).join('|'));
+        // Extract describe block from InSpec control with collapsed multiline strings.
+        const describeBlock = [];
+        let ignoreNewLine = true;
+        for (const line of lines) {
+            const checkRegExp = ((line.trim() !== '') && !skipRegExp.test(line));
+            const checkNewLine = ((line.trim() === '') && !ignoreNewLine);
+            // Include '\n' if it is part of describe block, otherwise skip line.
+            if (checkRegExp || checkNewLine) {
+                describeBlock.push(line);
+                ignoreNewLine = false;
+            }
+            else {
+                ignoreNewLine = true;
             }
-            index--;
         }
-        indexStart = getIndexOfFirstLine(auditControl, indexStart, '+');
-        existingDescribeBlock = auditControl.slice(indexStart, indexEnd + 1).join('\n').toString();
-        return existingDescribeBlock;
+        return describeBlock.slice(0, describeBlock.length - 2).join('\n'); // Drop trailing ['end', '\n'] from Control block.
     }
     else {
         return '';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mitre/inspec-objects",
-  "version": "0.0.32",
+  "version": "0.0.34",
   "description": "Typescript objects for normalizing between InSpec profiles and XCCDF benchmarks",
   "main": "lib/index.js",
   "publishConfig": {