Remove warnings (#minor) (#101)

* Remove circular imports to fix warning * Swap encoding to be specified by the Ruby invocation instead of inside the application * Delete root level inspec_tools since its redundant with exe/inspec_tools * Remove unnecessary rubygems import * Remove unnecessary inspec import * Remove dependencies within Gemfile in favor of using the gemspec * Add simplecov to the test suite * Migrate to the inspec objects library
mitre · Mar 20, 2020 · 53e9976 · 53e9976
1 parent db6793d
commit 53e9976
Show file tree

Hide file tree

Showing 15 changed files with 64 additions and 62 deletions.
diff --git a/Gemfile b/Gemfile
@@ -2,8 +2,3 @@ source "https://rubygems.org"
 
 # Specify your gem dependencies in inspec_tools.gemspec
 gemspec
-
-gem "codeclimate-test-reporter", group: :test, require: nil
-gem "minitest"
-gem "nokogiri-happymapper"
-gem "macaddr"
diff --git a/exe/inspec_tools b/exe/inspec_tools
@@ -1,4 +1,4 @@
-#!/usr/bin/env ruby
+#!/usr/bin/env ruby -E UTF-8
 
 # Trap ^C
 Signal.trap('INT') {

diff --git a/inspec_tools b/inspec_tools
diff --git a/inspec_tools.gemspec b/inspec_tools.gemspec
@@ -31,17 +31,19 @@ Gem::Specification.new do |spec| # rubocop:disable Metrics/BlockLength
 
   spec.required_ruby_version = '~> 2.3'
 
-  spec.add_dependency 'colorize', '~> 0'
-  spec.add_dependency 'inspec', ">= 3.0", "< 5.0"
-  spec.add_dependency 'nokogiri', '~> 1.8'
-  spec.add_dependency 'nokogiri-happymapper', '~> 0'
-  spec.add_dependency 'OptionParser', '~> 0'
-  spec.add_dependency 'pdf-reader', '~> 2.1', '>= 2.1.0'
-  spec.add_dependency 'roo', '~> 2.8'
-  spec.add_dependency 'thor', '~> 0.19'
-  spec.add_dependency 'word_wrap', '~> 1.0', '~> 1.0.0'
-  spec.add_development_dependency 'bundler', '~> 2.0'
-  spec.add_development_dependency 'minitest', '~> 5.0'
-  spec.add_development_dependency 'pry', '~> 0'
-  spec.add_development_dependency 'rake', '~> 13.0'
+  spec.add_runtime_dependency 'colorize', '~> 0'
+  spec.add_runtime_dependency 'inspec-objects'
+  spec.add_runtime_dependency 'nokogiri', '~> 1.8'
+  spec.add_runtime_dependency 'nokogiri-happymapper', '~> 0'
+  spec.add_runtime_dependency 'OptionParser', '~> 0'
+  spec.add_runtime_dependency 'pdf-reader', '~> 2.1', '>= 2.1.0'
+  spec.add_runtime_dependency 'roo', '~> 2.8'
+  spec.add_runtime_dependency 'thor', '~> 0.19'
+  spec.add_runtime_dependency 'word_wrap', '~> 1.0'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'minitest'
+  spec.add_development_dependency 'pry'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'codeclimate-test-reporter'
+  spec.add_development_dependency 'simplecov'
 end
diff --git a/lib/happy_mapper_tools/stig_checklist.rb b/lib/happy_mapper_tools/stig_checklist.rb
@@ -79,7 +79,6 @@ class Checklist
       tag 'CHECKLIST'
       has_one :asset, Asset, tag: 'ASSET'
       has_one :stig, Stigs, tag: 'STIGS'
-      Encoding.default_external = 'UTF-8'
 
       def where(attrib, data)
         stig.istig.vuln.each do |vuln|

diff --git a/lib/inspec_tools/cli.rb b/lib/inspec_tools/cli.rb
@@ -1,7 +1,7 @@
 require 'yaml'
 require 'json'
 
-require 'inspec'
+require 'inspec-objects'
 require_relative 'version'
 
 require_relative '../utilities/inspec_util'

diff --git a/lib/inspec_tools/csv.rb b/lib/inspec_tools/csv.rb
@@ -1,6 +1,5 @@
 require 'csv'
 require 'nokogiri'
-require 'inspec'
 require 'word_wrap'
 require 'yaml'
 require 'digest'

diff --git a/lib/inspec_tools/pdf.rb b/lib/inspec_tools/pdf.rb
@@ -1,5 +1,4 @@
 require 'digest'
-require 'inspec'
 
 require_relative '../utilities/inspec_util'
 require_relative '../utilities/extract_pdf_text'

diff --git a/lib/inspec_tools/plugin_cli.rb b/lib/inspec_tools/plugin_cli.rb
@@ -1,7 +1,6 @@
 require 'yaml'
 require 'json'
 
-require 'inspec'
 require 'roo'
 require_relative 'version'
 

diff --git a/lib/inspec_tools/xccdf.rb b/lib/inspec_tools/xccdf.rb
@@ -4,7 +4,6 @@
 
 require 'digest'
 require 'json'
-require 'inspec'
 
 module InspecTools
   # rubocop:disable Metrics/ClassLength

diff --git a/lib/inspec_tools/xlsx.rb b/lib/inspec_tools/xlsx.rb
@@ -3,7 +3,6 @@
 require 'word_wrap'
 require 'yaml'
 require 'digest'
-require 'inspec'
 
 require_relative '../utilities/inspec_util'
 
@@ -92,7 +91,7 @@ def parse_cis_controls(control_prefix)
           cis_tags = row[tag_pos['cis_controls']].formatted_value.scan(/CONTROL:v(\d) (\d+)\.?(\d*)/)
           control['tags']['cis_controls'] = []
           control['tags']['nist'] = []
-          cis_tags.each do |cis_tag| 
+          cis_tags.each do |cis_tag|
             if cis_tag[2].nil? || cis_tag[2] == ""
               control['tags']['cis_controls'] << cis_tag[1].to_s
               control['tags']['nist'] << cis2Nist[cis_tag[1]]

diff --git a/lib/inspec_tools_plugin.rb b/lib/inspec_tools_plugin.rb
@@ -1,9 +1,7 @@
-# frozen_string_literal: true
+ # frozen_string_literal: true
 
 libdir = File.dirname(__FILE__)
 $LOAD_PATH.unshift(libdir) unless $LOAD_PATH.include?(libdir)
 
 require 'inspec_tools/version'
 require 'inspec_tools/plugin'
-
-require 'rubygems'
diff --git a/lib/utilities/inspec_util.rb b/lib/utilities/inspec_util.rb
@@ -1,5 +1,4 @@
 require 'inspec/objects'
-require 'inspec/impact'
 require 'word_wrap'
 require 'pp'
 require 'uri'
@@ -48,6 +47,15 @@ module Utils
   class InspecUtil
     DATA_NOT_FOUND_MESSAGE = 'N/A'.freeze
     WIDTH = 80
+    IMPACT_SCORES = {
+      "none" => 0.0,
+      "low" => 0.1,
+      "medium" => 0.4,
+      "high" => 0.7,
+      "critical" => 0.9,
+    }.freeze
+
+    class ImpactError; end
 
     def self.parse_data_for_xccdf(json)
       data = {}
@@ -214,7 +222,13 @@ def self.get_impact(severity)
     end
 
     def self.get_impact_string(impact)
-      Inspec::Impact.string_from_impact(impact) unless impact.nil?
+      return if impact.nil?
+      value = impact.to_f
+      raise ImpactError, "'#{value}' is not a valid impact score. Valid impact scores: [0.0 - 1.0]." if value < 0 || value > 1
+
+      IMPACT_SCORES.reverse_each do |name, impact|
+        return name if value >= impact
+      end
     end
 
     def self.unpack_inspec_json(directory, inspec_json, separated, output_format)
@@ -239,7 +253,7 @@ def self.unpack_inspec_json(directory, inspec_json, separated, output_format)
     private_class_method def self.generate_controls(inspec_json)
       controls = []
       inspec_json['controls'].each do |json_control|
-        control = Inspec::Control.new
+        control = ::Inspec::Object::Control.new
         if (defined? control.desc).nil?
           control.descriptions[:default] = json_control['desc']
           control.descriptions[:rationale] = json_control['tags']['rationale']
@@ -253,32 +267,32 @@ def self.unpack_inspec_json(directory, inspec_json, separated, output_format)
         control.impact = get_impact(json_control['impact'])
 
         #json_control['tags'].each do |tag|
-        #  control.add_tag(Inspec::Tag.new(tag.key, tag.value)
+        #  control.add_tag(Inspec::Object::Tag.new(tag.key, tag.value)
         #end
 
-        control.add_tag(Inspec::Tag.new('severity', json_control['tags']['severity']))
-        control.add_tag(Inspec::Tag.new('gtitle', json_control['tags']['gtitle']))
-        control.add_tag(Inspec::Tag.new('satisfies', json_control['tags']['satisfies'])) if json_control['tags']['satisfies']
-        control.add_tag(Inspec::Tag.new('gid',      json_control['tags']['gid']))
-        control.add_tag(Inspec::Tag.new('rid',      json_control['tags']['rid']))
-        control.add_tag(Inspec::Tag.new('stig_id',  json_control['tags']['stig_id']))
-        control.add_tag(Inspec::Tag.new('fix_id', json_control['tags']['fix_id']))
-        control.add_tag(Inspec::Tag.new('cci', json_control['tags']['cci']))
-        control.add_tag(Inspec::Tag.new('nist', json_control['tags']['nist']))
-        control.add_tag(Inspec::Tag.new('cis_level', json_control['tags']['cis_level'])) unless json_control['tags']['cis_level'].blank?
-        control.add_tag(Inspec::Tag.new('cis_controls', json_control['tags']['cis_controls'])) unless json_control['tags']['cis_controls'].blank?
-        control.add_tag(Inspec::Tag.new('cis_rid', json_control['tags']['cis_rid'])) unless json_control['tags']['cis_rid'].blank?
-        control.add_tag(Inspec::Tag.new('ref', json_control['tags']['ref'])) unless json_control['tags']['ref'].blank?
-        control.add_tag(Inspec::Tag.new('false_negatives', json_control['tags']['false_negatives'])) unless json_control['tags']['false_positives'].blank?
-        control.add_tag(Inspec::Tag.new('false_positives', json_control['tags']['false_positives'])) unless json_control['tags']['false_positives'].blank?
-        control.add_tag(Inspec::Tag.new('documentable', json_control['tags']['documentable'])) unless json_control['tags']['documentable'].blank?
-        control.add_tag(Inspec::Tag.new('mitigations', json_control['tags']['mitigations'])) unless json_control['tags']['mitigations'].blank?
-        control.add_tag(Inspec::Tag.new('severity_override_guidance', json_control['tags']['documentable'])) unless json_control['tags']['severity_override_guidance'].blank?
-        control.add_tag(Inspec::Tag.new('potential_impacts', json_control['tags']['potential_impacts'])) unless json_control['tags']['potential_impacts'].blank?
-        control.add_tag(Inspec::Tag.new('third_party_tools', json_control['tags']['third_party_tools'])) unless json_control['tags']['third_party_tools'].blank?
-        control.add_tag(Inspec::Tag.new('mitigation_controls', json_control['tags']['mitigation_controls'])) unless json_control['tags']['mitigation_controls'].blank?
-        control.add_tag(Inspec::Tag.new('responsibility', json_control['tags']['responsibility'])) unless json_control['tags']['responsibility'].blank?
-        control.add_tag(Inspec::Tag.new('ia_controls', json_control['tags']['ia_controls'])) unless json_control['tags']['ia_controls'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('severity', json_control['tags']['severity']))
+        control.add_tag(::Inspec::Object::Tag.new('gtitle', json_control['tags']['gtitle']))
+        control.add_tag(::Inspec::Object::Tag.new('satisfies', json_control['tags']['satisfies'])) if json_control['tags']['satisfies']
+        control.add_tag(::Inspec::Object::Tag.new('gid',      json_control['tags']['gid']))
+        control.add_tag(::Inspec::Object::Tag.new('rid',      json_control['tags']['rid']))
+        control.add_tag(::Inspec::Object::Tag.new('stig_id',  json_control['tags']['stig_id']))
+        control.add_tag(::Inspec::Object::Tag.new('fix_id', json_control['tags']['fix_id']))
+        control.add_tag(::Inspec::Object::Tag.new('cci', json_control['tags']['cci']))
+        control.add_tag(::Inspec::Object::Tag.new('nist', json_control['tags']['nist']))
+        control.add_tag(::Inspec::Object::Tag.new('cis_level', json_control['tags']['cis_level'])) unless json_control['tags']['cis_level'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('cis_controls', json_control['tags']['cis_controls'])) unless json_control['tags']['cis_controls'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('cis_rid', json_control['tags']['cis_rid'])) unless json_control['tags']['cis_rid'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('ref', json_control['tags']['ref'])) unless json_control['tags']['ref'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('false_negatives', json_control['tags']['false_negatives'])) unless json_control['tags']['false_positives'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('false_positives', json_control['tags']['false_positives'])) unless json_control['tags']['false_positives'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('documentable', json_control['tags']['documentable'])) unless json_control['tags']['documentable'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('mitigations', json_control['tags']['mitigations'])) unless json_control['tags']['mitigations'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('severity_override_guidance', json_control['tags']['documentable'])) unless json_control['tags']['severity_override_guidance'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('potential_impacts', json_control['tags']['potential_impacts'])) unless json_control['tags']['potential_impacts'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('third_party_tools', json_control['tags']['third_party_tools'])) unless json_control['tags']['third_party_tools'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('mitigation_controls', json_control['tags']['mitigation_controls'])) unless json_control['tags']['mitigation_controls'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('responsibility', json_control['tags']['responsibility'])) unless json_control['tags']['responsibility'].blank?
+        control.add_tag(::Inspec::Object::Tag.new('ia_controls', json_control['tags']['ia_controls'])) unless json_control['tags']['ia_controls'].blank?
 
         controls << control
       end
@@ -313,7 +327,7 @@ def self.unpack_inspec_json(directory, inspec_json, separated, output_format)
           else
             license_content = inspec_json['license']
           end
-        rescue StandardError => e
+        rescue StandardError => _e
           license_content = inspec_json['license']
         end
       end

diff --git a/test/unit/inspec_tools_test.rb b/test/unit/inspec_tools_test.rb
@@ -1,5 +1,4 @@
 require_relative 'test_helper'
-require 'inspec'
 
 class InspecToolsTest < Minitest::Test
   def test_that_it_has_a_version_number

diff --git a/test/unit/test_helper.rb b/test/unit/test_helper.rb
@@ -1,5 +1,6 @@
+require 'simplecov'
+SimpleCov.start
+require 'minitest/autorun'
 $LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
 root = File.expand_path("../../", File.dirname(__FILE__))
 require "#{root}/lib/inspec_tools"
-
-require 'minitest/autorun'