@mitre/inspec-objects 0.0.9 → 0.0.12

package/lib/utilities/diff.js

@@ -22,7 +22,15 @@ exports.removeNewlines = removeNewlines;
 function simplifyDiff(diffData) {
     return lodash_1.default.transform(diffData, (result, diffValue, key) => {
         if (lodash_1.default.has(diffValue, '__new')) {
-            result[key] = lodash_1.default.get(diffValue, '__new');
+            // Remove any trailing space
+            if (typeof lodash_1.default.get(diffValue, '__new') === 'string' && typeof lodash_1.default.get(diffValue, '__old') === 'string') {
+                if (lodash_1.default.get(diffValue, '__new').trim() !== lodash_1.default.get(diffValue, '__old').trim()) {
+                    lodash_1.default.set(result, key, lodash_1.default.get(diffValue, '__new'));
+                }
+            }
+            else {
+                result[key] = lodash_1.default.get(diffValue, '__new');
+            }
         }
         else if (Array.isArray(diffValue)) {
             result[key] = diffValue.map((value) => value[0] === '+' && value[1]).filter(value => value);
@@ -43,11 +51,13 @@ function diffProfile(fromProfile, toProfile) {
     const profileDiff = {
         addedControlIDs: [],
         removedControlIDs: [],
+        addedControls: {},
         changedControls: {}
     };
     const originalDiff = {
         addedControlIDs: [],
         removedControlIDs: [],
+        addedControls: {},
         changedControls: {}
     };
     const fromControlIDs = fromProfile.controls.map((control) => control.id).sort();
@@ -68,8 +78,8 @@ function diffProfile(fromProfile, toProfile) {
     profileDiff.addedControlIDs.forEach((addedControl) => {
         const newControl = toProfile.controls.find((control) => addedControl === control.id);
         if (newControl) {
-            profileDiff.changedControls[addedControl] = newControl;
-            originalDiff.changedControls[addedControl] = newControl;
+            profileDiff.addedControls[addedControl] = newControl;
+            originalDiff.addedControls[addedControl] = newControl;
         }
     });
     // Find changed controls

package/lib/utilities/diffMarkdown.d.ts

@@ -0,0 +1,6 @@
+import { ProfileDiff } from "../types/diff";
+import Profile from '../objects/profile';
+export declare function createDiffMarkdown(diff: {
+    simplified: ProfileDiff;
+    originalDiff: any;
+}, updatedProfile: Profile): string;

package/lib/utilities/diffMarkdown.js

@@ -0,0 +1,32 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.createDiffMarkdown = void 0;
+const tslib_1 = require("tslib");
+const mustache_1 = tslib_1.__importDefault(require("mustache"));
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+const global_1 = require("./global");
+const xccdf_1 = require("./xccdf");
+const automatticUpdateTemplate_json_1 = tslib_1.__importDefault(require("../resources/automatticUpdateTemplate.json"));
+function getUpdatedCheckForId(id, profile) {
+    const foundControl = profile.controls.find((control) => control.id === id);
+    return lodash_1.default.get(foundControl === null || foundControl === void 0 ? void 0 : foundControl.descs, 'check') || 'Missing check';
+}
+function createDiffMarkdown(diff, updatedProfile) {
+    const renderableDiffData = {
+        addedControls: Object.values(diff.simplified.addedControls),
+        checks: [],
+        fixes: [],
+    };
+    Object.entries(diff.simplified.changedControls).forEach(([id, updatedControl]) => {
+        if (lodash_1.default.get(updatedControl, "descs.check")) {
+            console.log((0, xccdf_1.removeXMLSpecialCharacters)((0, global_1.removeNewlinePlaceholders)(getUpdatedCheckForId(id, updatedProfile))));
+            renderableDiffData.checks.push({
+                id,
+                check: (0, xccdf_1.removeXMLSpecialCharacters)((0, global_1.removeNewlinePlaceholders)(getUpdatedCheckForId(id, updatedProfile))),
+            });
+        }
+    });
+    // Render output
+    return mustache_1.default.render(automatticUpdateTemplate_json_1.default.data, renderableDiffData);
+}
+exports.createDiffMarkdown = createDiffMarkdown;

package/lib/utilities/update.d.ts

@@ -0,0 +1,15 @@
+import Control from '../objects/control';
+import Profile from '../objects/profile';
+import { ProfileDiff } from '../types/diff';
+import { OvalDefinitionValue } from '../types/oval';
+export declare type UpdatedProfileReturn = {
+    profile: Profile;
+    diff: {
+        simplified: ProfileDiff;
+        originalDiff: Record<string, unknown>;
+    };
+    markdown: string;
+};
+export declare function updateControl(from: Control, update: Partial<Control>): Control;
+export declare function updateProfile(from: Profile, using: Profile): Omit<UpdatedProfileReturn, 'markdown'>;
+export declare function updateProfileUsingXCCDF(from: Profile, using: string, id: 'group' | 'rule' | 'version', ovalDefinitions?: Record<string, OvalDefinitionValue>): UpdatedProfileReturn;

package/lib/utilities/update.js

@@ -0,0 +1,88 @@
+"use strict";
+// Utilities to update a profile or control with new metadata
+// The ultimate goal is to preserve all the metadata that is already there and only add what is new
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.updateProfileUsingXCCDF = exports.updateProfile = exports.updateControl = void 0;
+const tslib_1 = require("tslib");
+const lodash_1 = tslib_1.__importDefault(require("lodash"));
+const profile_1 = tslib_1.__importDefault(require("../objects/profile"));
+const xccdf_1 = require("../parsers/xccdf");
+const diff_1 = require("./diff");
+const diffMarkdown_1 = require("./diffMarkdown");
+function projectValuesOntoExistingObj(dst, src, currentPath = '') {
+    for (const updatedValue in src) {
+        const existingValue = lodash_1.default.get(dst, updatedValue);
+        // We have a new value for something that already exists in dst
+        if (existingValue !== undefined) {
+            if (typeof existingValue === 'object' && existingValue !== null && !Array.isArray(existingValue)) {
+                dst[updatedValue] = projectValuesOntoExistingObj(existingValue, src[updatedValue], currentPath + updatedValue + '.');
+            }
+            else if (typeof src[updatedValue] === 'string') {
+                lodash_1.default.set(dst, updatedValue, src[updatedValue].trim());
+            }
+            else if (typeof src[updatedValue] === 'number') {
+                lodash_1.default.set(dst, updatedValue, src[updatedValue]);
+            }
+            else if (Array.isArray(src[updatedValue])) {
+                const uniqueArrayValues = [...new Set(lodash_1.default.get(dst, updatedValue, []).concat(src[updatedValue]))];
+                lodash_1.default.set(dst, updatedValue, uniqueArrayValues);
+            }
+        }
+    }
+    return dst;
+}
+function updateControl(from, update) {
+    return projectValuesOntoExistingObj(from, update);
+}
+exports.updateControl = updateControl;
+function updateProfile(from, using) {
+    // Update the profile with the new metadata
+    const to = new profile_1.default(lodash_1.default.omit(from, 'controls'));
+    // Find the diff
+    const diff = (0, diff_1.diffProfile)(from, using);
+    // Add the new controls
+    diff.simplified.addedControlIDs.forEach(id => {
+        const addedControl = diff.simplified.addedControls[id];
+        if (addedControl) {
+            to.controls.push(addedControl);
+        }
+        else {
+            throw new Error("New control added but don't have the control data");
+        }
+    });
+    // Update the existing controls
+    for (const existingControl of from.controls) {
+        const updatedControl = using.controls.find(control => control.id === existingControl.id);
+        if (updatedControl) {
+            const controlDiff = diff.simplified.changedControls[existingControl.id];
+            if (controlDiff) {
+                to.controls.push(updateControl(existingControl, controlDiff));
+            }
+            else {
+                to.controls.push(existingControl);
+            }
+        }
+        else {
+            console.log("Control not updated: " + existingControl.id);
+        }
+    }
+    return {
+        profile: to,
+        diff,
+    };
+}
+exports.updateProfile = updateProfile;
+function updateProfileUsingXCCDF(from, using, id, ovalDefinitions) {
+    // Parse the XCCDF benchmark and convert it into a Profile
+    const xccdfProfile = (0, xccdf_1.processXCCDF)(using, false, id);
+    const xccdfProfileWithNLReplacement = (0, xccdf_1.processXCCDF)(using, true, id);
+    // Update the profile and return
+    const updatedProfile = updateProfile(from, xccdfProfile);
+    // Create the markdown
+    return {
+        profile: updatedProfile.profile,
+        diff: updatedProfile.diff,
+        markdown: (0, diffMarkdown_1.createDiffMarkdown)(updatedProfile.diff, xccdfProfileWithNLReplacement)
+    };
+}
+exports.updateProfileUsingXCCDF = updateProfileUsingXCCDF;

package/lib/utilities/xccdf.d.ts

@@ -1,6 +1,6 @@
 import { DecodedDescription } from '../types/xccdf';
 export declare function convertEncodedXmlIntoJson(encodedXml: string): any;
-export declare function removeXMLSpecialCharacters(input: string): string;
+export declare function removeXMLSpecialCharacters(str: string): string;
 export declare function severityStringToImpact(string: string, id: string): number;
 export declare function impactNumberToSeverityString(impact: number): string;
 export declare function convertEncodedHTMLIntoJson(encodedHTML?: string): DecodedDescription;

package/lib/utilities/xccdf.js

@@ -5,6 +5,21 @@ const tslib_1 = require("tslib");
 const fast_xml_parser_1 = tslib_1.__importDefault(require("fast-xml-parser"));
 const htmlparser = tslib_1.__importStar(require("htmlparser2"));
 const lodash_1 = tslib_1.__importDefault(require("lodash"));
+const he_1 = tslib_1.__importDefault(require("he"));
+var htmlEntities = {
+    nbsp: ' ',
+    cent: '¢',
+    pound: '£',
+    yen: '¥',
+    euro: '€',
+    copy: '©',
+    reg: '®',
+    lt: '<',
+    gt: '>',
+    quot: '"',
+    amp: '&',
+    apos: '\''
+};
 function convertEncodedXmlIntoJson(encodedXml) {
     return fast_xml_parser_1.default.parse(encodedXml, {
         ignoreAttributes: false,
@@ -14,10 +29,11 @@ function convertEncodedXmlIntoJson(encodedXml) {
     });
 }
 exports.convertEncodedXmlIntoJson = convertEncodedXmlIntoJson;
-function removeXMLSpecialCharacters(input) {
-    return input.replace(/&amp;/gm, '&').replace(/&lt;/gm, '<').replace(/&gt;/gm, '>');
+function removeXMLSpecialCharacters(str) {
+    return he_1.default.decode(str);
 }
 exports.removeXMLSpecialCharacters = removeXMLSpecialCharacters;
+;
 function severityStringToImpact(string, id) {
     var _a, _b, _c, _d, _e;
     if ((_a = string.match(/none|na|n\/a|not[\s()*_|]?applicable/i)) === null || _a === void 0 ? void 0 : _a.length) {