@mitre/inspec-objects 0.0.8 → 0.0.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/parsers/xccdf.d.ts +1 -1
- package/lib/parsers/xccdf.js +18 -6
- package/lib/resources/automatticUpdateTemplate.json +3 -0
- package/lib/utilities/CciNistMappingData.d.ts +5100 -0
- package/lib/utilities/CciNistMappingData.js +5103 -0
- package/lib/utilities/diff.d.ts +4 -1
- package/lib/utilities/diff.js +22 -3
- package/lib/utilities/diffMarkdown.d.ts +6 -0
- package/lib/utilities/diffMarkdown.js +32 -0
- package/lib/utilities/update.d.ts +15 -0
- package/lib/utilities/update.js +88 -0
- package/lib/utilities/xccdf.d.ts +1 -1
- package/lib/utilities/xccdf.js +18 -2
- package/out.json +107055 -0
- package/package-lock.json +52 -2
- package/package.json +5 -1
- package/test/sample_data/inspec/profiles/redhat-enterprise-linux-7-stig-baseline/spec/fixtures/kitchen/manifests/site.pp +0 -29
- package/test/sample_data/inspec/profiles/redhat-enterprise-linux-7-stig-baseline/spec/fixtures/kitchen/modules/garbage/.gitignore +0 -0
- package/test/sample_data/inspec/profiles/redhat-enterprise-linux-7-stig-baseline/spec/results/.gitkeep +0 -0
package/lib/parsers/xccdf.d.ts
CHANGED
|
@@ -5,4 +5,4 @@ export declare type GroupContextualizedRule = BenchmarkRule & {
|
|
|
5
5
|
group: Omit<BenchmarkGroup, 'Rule' | 'Group'>;
|
|
6
6
|
};
|
|
7
7
|
export declare function extractAllRules(groups: BenchmarkGroup[]): GroupContextualizedRule[];
|
|
8
|
-
export declare function processXCCDF(xml: string, removeNewlines: boolean | undefined, useRuleId: 'group' | 'rule' | 'version', ovalDefinitions?: Record<string, OvalDefinitionValue>): Profile;
|
|
8
|
+
export declare function processXCCDF(xml: string, removeNewlines: boolean | undefined, useRuleId: 'group' | 'rule' | 'version' | 'cis', ovalDefinitions?: Record<string, OvalDefinitionValue>): Profile;
|
package/lib/parsers/xccdf.js
CHANGED
|
@@ -25,6 +25,9 @@ function extractAllRules(groups) {
|
|
|
25
25
|
return rules;
|
|
26
26
|
}
|
|
27
27
|
exports.extractAllRules = extractAllRules;
|
|
28
|
+
function ensureDecodedXMLStringValue(input) {
|
|
29
|
+
return lodash_1.default.get(input, '[0].#text') ? lodash_1.default.get(input, '[0].#text') : input;
|
|
30
|
+
}
|
|
28
31
|
function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
|
|
29
32
|
const parsedXML = (0, xccdf_1.convertEncodedXmlIntoJson)(xml);
|
|
30
33
|
const rules = extractAllRules(parsedXML.Benchmark[0].Group);
|
|
@@ -48,22 +51,31 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
|
|
|
48
51
|
control.id = rule.group['@_id'];
|
|
49
52
|
break;
|
|
50
53
|
case 'rule':
|
|
51
|
-
|
|
54
|
+
if (rule['@_id'].toLowerCase().startsWith('sv')) {
|
|
55
|
+
control.id = rule['@_id'].split('r')[0];
|
|
56
|
+
}
|
|
57
|
+
else {
|
|
58
|
+
control.id = rule['@_id'];
|
|
59
|
+
}
|
|
52
60
|
break;
|
|
53
61
|
case 'version':
|
|
54
62
|
control.id = rule.version;
|
|
55
63
|
break;
|
|
64
|
+
case 'cis':
|
|
65
|
+
//
|
|
66
|
+
control.id = 'CIS-PLACEHOLDER';
|
|
67
|
+
break;
|
|
56
68
|
default:
|
|
57
69
|
throw new Error('useRuleId must be one of "group", "rule", or "version"');
|
|
58
70
|
}
|
|
59
71
|
if (removeNewlines) {
|
|
60
|
-
const title = (0, xccdf_1.removeXMLSpecialCharacters)(rule['@_severity'] ? rule.title : `[[[MISSING SEVERITY FROM STIG]]] ${rule.title}`);
|
|
72
|
+
const title = (0, xccdf_1.removeXMLSpecialCharacters)(rule['@_severity'] ? ensureDecodedXMLStringValue(rule.title) : `[[[MISSING SEVERITY FROM STIG]]] ${ensureDecodedXMLStringValue(rule.title)}`);
|
|
61
73
|
control.title = title.replace(/\n/g, '{{{{newlineHERE}}}}');
|
|
62
74
|
const desc = (0, xccdf_1.removeXMLSpecialCharacters)(typeof extractedDescription === 'string' ? extractedDescription : ((_a = extractedDescription.VulnDiscussion) === null || _a === void 0 ? void 0 : _a.split('Satisfies: ')[0]) || 'Missing Description');
|
|
63
|
-
control.desc = desc === null || desc === void 0 ? void 0 : desc.replace(/\n/g, '{{{{newlineHERE}}}}');
|
|
75
|
+
control.desc = desc === null || desc === void 0 ? void 0 : desc.trim().replace(/\n/g, '{{{{newlineHERE}}}}');
|
|
64
76
|
}
|
|
65
77
|
else {
|
|
66
|
-
control.title = (0, xccdf_1.removeXMLSpecialCharacters)(rule['@_severity'] ? rule.title : `[[[MISSING SEVERITY FROM STIG]]] ${rule.title}`);
|
|
78
|
+
control.title = (0, xccdf_1.removeXMLSpecialCharacters)(rule['@_severity'] ? ensureDecodedXMLStringValue(rule.title) : `[[[MISSING SEVERITY FROM STIG]]] ${ensureDecodedXMLStringValue(rule.title)}`);
|
|
67
79
|
control.desc = (0, xccdf_1.removeXMLSpecialCharacters)(typeof extractedDescription === 'string' ? extractedDescription : ((_b = extractedDescription.VulnDiscussion) === null || _b === void 0 ? void 0 : _b.split('Satisfies: ')[0]) || 'Missing Description');
|
|
68
80
|
}
|
|
69
81
|
control.impact = (0, xccdf_1.severityStringToImpact)(rule['@_severity'] || 'critical', rule.group['@_id']);
|
|
@@ -112,7 +124,7 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
|
|
|
112
124
|
else {
|
|
113
125
|
control.descs.fix = (0, xccdf_1.removeXMLSpecialCharacters)(rule.fixtext ? rule.fixtext[0]['#text'] : (rule.fix ? rule.fix[0]['#text'] || 'Missing fix text' : 'Missing fix text'));
|
|
114
126
|
}
|
|
115
|
-
control.tags.severity = (0, xccdf_1.impactNumberToSeverityString)((0, xccdf_1.severityStringToImpact)(rule['@_severity'] || 'critical', control.id));
|
|
127
|
+
control.tags.severity = (0, xccdf_1.impactNumberToSeverityString)((0, xccdf_1.severityStringToImpact)(rule['@_severity'] || 'critical', control.id || 'Unknown'));
|
|
116
128
|
control.tags.gid = rule.group['@_id'],
|
|
117
129
|
control.tags.rid = rule['@_id'];
|
|
118
130
|
control.tags.stig_id = rule['version'];
|
|
@@ -211,7 +223,7 @@ function processXCCDF(xml, removeNewlines = false, useRuleId, ovalDefinitions) {
|
|
|
211
223
|
(_d = control.refs) === null || _d === void 0 ? void 0 : _d.push(lodash_1.default.get(reference, 'title'));
|
|
212
224
|
}
|
|
213
225
|
}
|
|
214
|
-
// Add the reference to the control tags when
|
|
226
|
+
// Add the reference to the control tags when separated by §
|
|
215
227
|
if (typeof referenceText === 'string' && referenceText.indexOf('§') !== -1) {
|
|
216
228
|
const referenceParts = referenceText.split('§');
|
|
217
229
|
if (referenceParts.length == 2) {
|