$ODV value not replaced correctly in nested dict

[adrian-ib]

Summary

$ODV value not replaced correctly in nested dict

Steps to reproduce

1. git checkout sonoma
2. run: ./scripts/generate_guidance.py -p baselines/DISA-STIG.yaml
3. check generated profile: com.apple.mobiledevice.passwordpolicy.plist
4. The key customRegex is incorrect

What is the current bug behavior?

The profile com.apple.mobiledevice.passwordpolicy.plist is not generated correctly:

<dict>
    <key>customRegex</key>
    <string>^(?=.*[A-Z])(?=.*[a-z]).*$</string>
    <key>maxFailedAttempts</key>
    <integer>3</integer>
    <key>maxPINAgeInDays</key>
    <integer>60</integer>
    <key>minComplexChars</key>
    <integer>1</integer>
    <key>minLength</key>
    <integer>14</integer>
    <key>minutesUntilFailedLoginReset</key>
    <integer>15</integer>
    <key>pinHistory</key>
    <integer>5</integer>
    <key>requireAlphanumeric</key>
    <true/>
</dict>

What is the expected correct behavior?

If the same profile is generated in the main branch instead of the sonoma branch it works properly:

<dict>
    <key>customRegex</key>
    <dict>
        <key>passwordContentDescription</key>
        <dict>
            <key>default</key>
            <string>Password must match custom regex.</string>
        </dict>
        <key>passwordContentRegex</key>
        <string>^(?=.*[A-Z])(?=.*[a-z]).*$</string>
    </dict>
    <key>maxFailedAttempts</key>
    <integer>3</integer>
    <key>maxPINAgeInDays</key>
    <integer>60</integer>
    <key>minComplexChars</key>
    <integer>1</integer>
    <key>minLength</key>
    <integer>14</integer>
    <key>minutesUntilFailedLoginReset</key>
    <integer>15</integer>
    <key>pinHistory</key>
    <integer>5</integer>
    <key>requireAlphanumeric</key>
    <true/>
</dict>

Possible fixes

Take into account nested dicts when replacing the $ODV value

[robertgendler]

Regression from syncing branches and our silly system. Fixed now.