Skip to content

Commit

Permalink
Move getCCIsForNISTTags function into libs/hdf-converters/src/mapping…
Browse files Browse the repository at this point in the history
…s/CciNistMapping.ts

Signed-off-by: Joyce Quach <[email protected]>
  • Loading branch information
jtquach1 committed Nov 1, 2024
1 parent a6d2fd4 commit 65038ca
Show file tree
Hide file tree
Showing 20 changed files with 47 additions and 67 deletions.
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/asff-mapper/asff-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,7 @@ import {ExecJSON} from 'inspecjs';
import * as _ from 'lodash';
import {version as HeimdallToolsVersion} from '../../package.json';
import {BaseConverter, ILookupPath, MappedTransform} from '../base-converter';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from '../utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from '../utils/global';
import {getCMSInSpec} from './case-cms-inspec';
import {getFirewallManager} from './case-firewall-manager';
import {getGuardDuty} from './case-guardduty';
Expand All @@ -19,6 +16,7 @@ import {getPreviouslyHDF} from './case-previously-hdf';
import {getProwler} from './case-prowler';
import {getSecurityHub} from './case-security-hub';
import {getTrivy} from './case-trivy';
import {getCCIsForNISTTags} from '../mappings/CciNistMapping';

const IMPACT_MAPPING: Map<string, number> = new Map([
['CRITICAL', 0.9],
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/burpsuite-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,8 @@ import {
parseXml
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

// Constant
const IMPACT_MAPPING: Map<string, number> = new Map([
Expand Down
3 changes: 2 additions & 1 deletion libs/hdf-converters/src/cyclonedx-sbom-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import _ from 'lodash';
import {version as HeimdallToolsVersion} from '../package.json';
import {BaseConverter, ILookupPath, MappedTransform} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {filterString, getCCIsForNISTTags} from './utils/global';
import {filterString} from './utils/global';
import {
CycloneDXSoftwareBillOfMaterialSpecification,
CycloneDXSoftwareBillOfMaterialsStandard,
Expand All @@ -22,6 +22,7 @@ import {
ComponentClass,
ComponentObject
} from '../types/cyclonedx';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const cvssMethods = ['CVSSv2', 'CVSSv3', 'CVSSv31', 'CVSSv4'] as const;
type CVSSMethodEnum = Extract<MethodEnum, (typeof cvssMethods)[number]>;
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/dbprotect-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,8 @@ import {
MappedTransform,
parseXml
} from './base-converter';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const IMPACT_MAPPING: Map<string, number> = new Map([
['high', 0.7],
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/dependency-track-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,8 @@ import {
MappedTransform
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

interface ICweEntry {
cweId: number;
Expand Down
2 changes: 1 addition & 1 deletion libs/hdf-converters/src/fortify-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import {
parseHtml,
parseXml
} from './base-converter';
import {getCCIsForNISTTags} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const NIST_REFERENCE_NAME =
'Standards Mapping - NIST Special Publication 800-53 Revision 4';
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/ionchannel-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,8 @@ import {
import {Project} from '../types/ionchannelProjects';
import {Team} from '../types/ionchannelTeams';
import {BaseConverter, ILookupPath, MappedTransform} from './base-converter';
import {
DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_INFORMATION_SYSTEM_COMPONENT_MANAGEMENT_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

// Extracts all levels of dependencies from any dependency (including sub-dependencies)
function extractAllDependencies(
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/jfrog-xray-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,8 @@ import {
MappedTransform
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

// Constants
const IMPACT_MAPPING: Map<string, number> = new Map([
Expand Down
16 changes: 16 additions & 0 deletions libs/hdf-converters/src/mappings/CciNistMapping.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import _ from 'lodash';
import {CCI_List} from '../utils/CCI_List';
import {CCI_TO_NIST} from './CciNistMappingData';
import {CciNistMappingItem} from './CciNistMappingItem';
import {data as NistCciMappingData} from '../mappings/NistCciMappingData';

type Reference = {
'@_creator': string;
Expand Down Expand Up @@ -188,3 +189,18 @@ export class CciNistMapping {
return matches;
}
}

export function getCCIsForNISTTags(nistTags: string[]): string[] {
const cciTags: string[] = [];
for (const nistTag of nistTags) {
const baseTag = /\w\w-\d\d?\d?/g.exec(nistTag);
if (
Array.isArray(baseTag) &&
baseTag.length > 0 &&
baseTag[0] in NistCciMappingData
) {
cciTags.push(...NistCciMappingData[baseTag[0]]);
}
}
return cciTags;
}
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/netsparker-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,8 @@ import {
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {OwaspNistMapping} from './mappings/OwaspNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const IMPACT_MAPPING: Map<string, number> = new Map([
['critical', 1.0],
Expand Down
2 changes: 1 addition & 1 deletion libs/hdf-converters/src/nikto-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ import * as _ from 'lodash';
import {version as HeimdallToolsVersion} from '../package.json';
import {BaseConverter, ILookupPath, MappedTransform} from './base-converter';
import {NiktoNistMapping} from './mappings/NiktoNistMapping';
import {getCCIsForNISTTags} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const NIKTO_NIST_MAPPING = new NiktoNistMapping();

Expand Down
4 changes: 2 additions & 2 deletions libs/hdf-converters/src/prisma-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,9 @@ import {
} from './base-converter';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
DEFAULT_UPDATE_REMEDIATION_NIST_TAGS,
getCCIsForNISTTags
DEFAULT_UPDATE_REMEDIATION_NIST_TAGS
} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

export type PrismaControl = {
Packages: string;
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/sarif-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,8 @@ import * as _ from 'lodash';
import {version as HeimdallToolsVersion} from '../package.json';
import {BaseConverter, ILookupPath, MappedTransform} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const IMPACT_MAPPING: Map<string, number> = new Map([
['error', 0.7],
Expand Down
2 changes: 1 addition & 1 deletion libs/hdf-converters/src/scoutsuite-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import {
MappedTransform
} from './base-converter';
import {ScoutsuiteNistMapping} from './mappings/ScoutsuiteNistMapping';
import {getCCIsForNISTTags} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const INSPEC_INPUTS_MAPPING = {
string: 'String',
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/snyk-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,8 @@ import {
MappedTransform
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const IMPACT_MAPPING: Map<string, number> = new Map([
['high', 0.7],
Expand Down
2 changes: 1 addition & 1 deletion libs/hdf-converters/src/sonarqube-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import {
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {OwaspNistMapping} from './mappings/OwaspNistMapping';
import {getCCIsForNISTTags} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

// eslint-disable-next-line @typescript-eslint/naming-convention
export type Issue = {
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/twistlock-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,8 @@ import {
impactMapping,
MappedTransform
} from './base-converter';
import {
DEFAULT_UPDATE_REMEDIATION_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_UPDATE_REMEDIATION_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const IMPACT_MAPPING: Map<string, number> = new Map([
['critical', 0.9],
Expand Down
15 changes: 0 additions & 15 deletions libs/hdf-converters/src/utils/global.ts
Original file line number Diff line number Diff line change
Expand Up @@ -63,21 +63,6 @@ export function getDescription(
return found;
}

export function getCCIsForNISTTags(nistTags: string[]): string[] {
const cciTags: string[] = [];
for (const nistTag of nistTags) {
const baseTag = /\w\w-\d\d?\d?/g.exec(nistTag);
if (
Array.isArray(baseTag) &&
baseTag.length > 0 &&
baseTag[0] in NistCciMappingData
) {
cciTags.push(...NistCciMappingData[baseTag[0]]);
}
}
return cciTags;
}

// Using the spread operator on a falsy value within an object does nothing. It is possible to use that syntactic behavior to conditionally add attributes to an object by writing something as follows: {...(condition && {attributeName: attribute})} which returns {} if condition is falsy and {attributeName: attribute} otherwise. Use this function to replace the stuff in the parentheses to save cognitive complexity marks when sonarqube complains.
export function conditionallyProvideAttribute(
attributeName: string,
Expand Down
2 changes: 1 addition & 1 deletion libs/hdf-converters/src/veracode-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import {
parseXml
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {getCCIsForNISTTags} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';
const STATIC_FLAWS = 'staticflaws.flaw';
const SEVERITY = 'detailedreport.severity';
const FILE_PATH_VALUE = 'file_paths.file_path.@_.value';
Expand Down
6 changes: 2 additions & 4 deletions libs/hdf-converters/src/zap-mapper.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,8 @@ import {
parseHtml
} from './base-converter';
import {CweNistMapping} from './mappings/CweNistMapping';
import {
DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS,
getCCIsForNISTTags
} from './utils/global';
import {DEFAULT_STATIC_CODE_ANALYSIS_NIST_TAGS} from './utils/global';
import {getCCIsForNISTTags} from './mappings/CciNistMapping';

const CWE_NIST_MAPPING = new CweNistMapping();

Expand Down

0 comments on commit 65038ca

Please sign in to comment.