inspec2xccdf: Check Text, Fix Text, and MISC→Mitigations

mitre / inspec_tools

A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data

https://inspec-tools.mitre.org/

Other

91 stars 30 forks source link

inspec2xccdf: Check Text, Fix Text, and MISC→Mitigations #226

Closed janeuner closed 3 years ago

janeuner commented 3 years ago

Adds support for the Check Text, Fix Text, and MISC→Mitigations in DISA STIGViewer

Needs special attention to inspec parsing; by my testing, inspec output now uses a descriptions object to encode fix and check text. The sample json (profile and results) probably due for an update.

janeuner commented 3 years ago

Getting different test results parsing the descriptions object based on build environment. For my Ubuntu dev vm and the Windows test runners, the object parses as a Hash. For the Ubuntu and Mac test runners, it parses as a Array. @Bialogs or others, I'd appreciate a second set of eyes. (Note, I'm a Ruby novice. Wrote my first line of Ruby code this week.)

Bialogs commented 3 years ago

yep I can help you out