Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hdf2ckl severity #5866

Merged
merged 81 commits into from
Jul 12, 2024
Merged

Hdf2ckl severity #5866

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
81 commits
Select commit Hold shift + click to select a range
c778a18
use severity tag in hdf2ckl mapping
kemley76 May 31, 2024
209a77b
use default values in severity check
kemley76 May 31, 2024
ac6c378
update hdf2ckl test
kemley76 May 31, 2024
d6c6d50
fix inconsistencies with how severity is computed and displayed
kemley76 Jun 5, 2024
e0f18f2
linting
kemley76 Jun 5, 2024
fa53293
add clarifying comments for severity computation
kemley76 Jun 5, 2024
fb1093e
update ckl2hdf tests
kemley76 Jun 12, 2024
b56c07a
remove unecessary lowercase conversion
kemley76 Jun 12, 2024
fa98d0d
show severityoverride and severity justification in details panel
kemley76 Jun 14, 2024
cdcf937
severity override info displayed in results table
kemley76 Jun 14, 2024
77aac4b
format results view impact column to show severity as well
kemley76 Jun 14, 2024
c560395
linting
kemley76 Jun 14, 2024
9e2b5b9
added severity and severity overrides to hdf2ckl and ckl2hdf
kemley76 Jun 17, 2024
8f80059
ensure severity low and critical get mapped properly in hdf2ckl
kemley76 Jun 17, 2024
14312e6
fix fallbacks in ControlRowHeader for showing severity override
kemley76 Jun 17, 2024
62cedce
linting
kemley76 Jun 17, 2024
87dd363
split impact and severity into two columns
kemley76 Jun 17, 2024
6953dfb
linting
kemley76 Jun 17, 2024
499141c
add information labels on severity and impact table headers
kemley76 Jun 17, 2024
c88e4a3
linting
kemley76 Jun 17, 2024
e5c5cee
add visual spacing between delta and severity level for overridden se…
kemley76 Jun 17, 2024
58aa1cf
update impact ranges for results table header tooltip
kemley76 Jun 18, 2024
6cba39d
removed transparancy from v-tooltip backgrounds
kemley76 Jun 21, 2024
c4a463e
refactor checklist mapper to use result type when parsing Json
kemley76 Jun 21, 2024
79ea5f8
use severity form Third_Party_Tools section if present upon ckl2hdf
kemley76 Jun 21, 2024
7ded3a8
ensure that impact is computed using computed severity upon ckl2hdf
kemley76 Jun 21, 2024
33a5207
add data to ckl thirdPartyTools to ensure hdf's severity and impact a…
kemley76 Jun 21, 2024
6d60163
add severityoverride tag to control when impact and severity differ
kemley76 Jun 24, 2024
c744e28
recombine severity into impact column and indicate if they differ
kemley76 Jun 24, 2024
0533bbb
linting
kemley76 Jun 24, 2024
0b19038
add ability to filter controls by the presence of specific tags
kemley76 Jun 24, 2024
de004d4
create InfoCardRow component to alert user to any severity overrides
kemley76 Jun 24, 2024
9675b4e
bring back severity column
kemley76 Jun 24, 2024
6b7cfee
linting
kemley76 Jun 25, 2024
e22cbfd
remove impact column, only showing severity
kemley76 Jun 25, 2024
7461544
revert changes to include severityoverride when severity and impact d…
kemley76 Jun 25, 2024
ac5d06d
ensure hdf to ckl to hdf doesn't add extra metadata
kemley76 Jun 25, 2024
2c01f34
update hdf2ckl test
kemley76 Jun 25, 2024
965fa19
linting
kemley76 Jun 26, 2024
a0c4fa2
remove extra code leftover from removed impact column
kemley76 Jun 26, 2024
2f6994c
removed ts specific code tested in frontend test that caused error
kemley76 Jun 26, 2024
044f468
linting
kemley76 Jun 26, 2024
902f99d
updated ckl2hdf tests to consider third party tools
kemley76 Jun 26, 2024
4134db4
add checklist with overrides file to sample files
kemley76 Jun 27, 2024
0776bc7
expanded checklist override test to include non-overridden vuln sever…
kemley76 Jun 27, 2024
63888e1
added frontend test to ensure severity overrides can be filtered prop…
kemley76 Jun 28, 2024
ad6d471
add cypress test to ensure severity override lables appear
kemley76 Jun 28, 2024
8f789ed
clean up vue logic for severity override display
kemley76 Jun 28, 2024
5da3f38
account for non-lowercase severity tags
kemley76 Jun 28, 2024
76ba8c4
remove unneeded code bits
kemley76 Jun 28, 2024
5711083
fix sample loading in cypress test
kemley76 Jun 28, 2024
48e0988
fix hdf2checklist third party tools computation
kemley76 Jun 28, 2024
3c1ed41
Merge branch 'master' into hdf2ckl-severity
kemley76 Jun 28, 2024
c7bee1a
update control search help menu with tag filter
kemley76 Jun 28, 2024
c41780c
fixed issue with critical severity being lost in hdf to ckl to hdf
kemley76 Jul 2, 2024
689154b
fix logic and complexity of hdf2ckl addHdfSpecificData
kemley76 Jul 2, 2024
312c92d
linting
kemley76 Jul 2, 2024
b568258
accounted for possiblity of nil severity tag when doing hdf2ckl
kemley76 Jul 8, 2024
a34998a
Merge branch 'master' into hdf2ckl-severity
kemley76 Jul 8, 2024
92a817c
add severity name constants in inspecJs as utility
kemley76 Jul 8, 2024
d087af9
added test util for version replacement for ckl and xccdf reverse tes…
kemley76 Jul 8, 2024
dd60821
add parseJson to util file with better return type
kemley76 Jul 8, 2024
96b4d97
relocate ckl2hdf helper function
kemley76 Jul 8, 2024
bbe988e
refactor hdf2ckl computeImpact to use standard util function
kemley76 Jul 9, 2024
9492de7
remove redundant 'active-class' in results table's chips
kemley76 Jul 9, 2024
8bda1d7
fix weird autoformating instances in vue
kemley76 Jul 9, 2024
eb5204a
fix comment typo
kemley76 Jul 9, 2024
0711df7
fix messed up test in checklist reverse mapper
kemley76 Jul 9, 2024
f9137fe
Merge branch 'master' into hdf2ckl-severity
kemley76 Jul 9, 2024
9496c73
fix typo
kemley76 Jul 9, 2024
cf3e3e6
refactored to remove unecessary type casting
kemley76 Jul 10, 2024
23a8cc0
use more representative type for JSON parse output
kemley76 Jul 10, 2024
0292f89
simplify ckl mapper helper function
kemley76 Jul 10, 2024
7b234e5
linting
kemley76 Jul 10, 2024
d929425
remove unused imports
kemley76 Jul 10, 2024
65237ef
export inspecJS function for converting impact into severity
kemley76 Jul 10, 2024
0724908
Merge branch 'master' into hdf2ckl-severity
mergify[bot] Jul 10, 2024
9937386
Merge branch 'master' into hdf2ckl-severity
kemley76 Jul 11, 2024
642f4b4
restart CI
kemley76 Jul 11, 2024
0c815a2
merge master into hdf2ckl-severity
kemley76 Jul 11, 2024
9792e0c
Merge branch 'master' into hdf2ckl-severity
kemley76 Jul 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...onverters/sample_jsons/checklist_mapper/converted-rhel8_sample_oneOfEachControlStatus.ckl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -377,7 +377,7 @@ expected: "2.9-9.el8_6"
</STIG_DATA>
<STIG_DATA>
<VULN_ATTRIBUTE>Severity</VULN_ATTRIBUTE>
<ATTRIBUTE_DATA>low</ATTRIBUTE_DATA>
<ATTRIBUTE_DATA>high</ATTRIBUTE_DATA>
</STIG_DATA>
<STIG_DATA>
<VULN_ATTRIBUTE>Group_Title</VULN_ATTRIBUTE>
Expand Down
14 changes: 12 additions & 2 deletions libs/hdf-converters/src/ckl-mapper/checklist-jsonix-converter.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -576,7 +576,14 @@ export class ChecklistJsonixConverter extends JsonixIntermediateConverter<
}
}

severityMap(impact: number): Severity {
severityMap(impact: number, severityTag: string): Severity {
severityTag = severityTag.toLowerCase();
if (
severityTag != Severity.Empty &&
(Object.values(Severity) as string[]).includes(severityTag)
) {
return severityTag as Severity;
}
if (impact < 0.4) {
return Severity.Low;
} else if (impact < 0.7) {
Expand Down Expand Up @@ -686,7 +693,10 @@ export class ChecklistJsonixConverter extends JsonixIntermediateConverter<
metadata?.vulidmapping === 'gid'
? _.get(control.tags, 'gid', defaultId)
: defaultId,
severity: this.severityMap(control.impact),
severity: this.severityMap(
control.impact,
_.get(control.tags, 'severity', Severity.Empty)
),
groupTitle: _.get(control.tags, 'gtitle', defaultId),
ruleId: _.get(control.tags, 'rid', defaultId),
ruleVer: _.get(control.tags, 'stig_id', defaultId),
Expand Down
Loading