Multiple Enhancements #5
Conversation
|
This is impossible to review as it is now. Can we split out the sample files into their own branch and get that merged first? Please double check the contents of those directories tho since I saw a whole bunch of .DS_STORE etc. Take pity lmao |
|
@Amndeep7 @camdenmoors any reason this PR has not yet been merged? Also what's 'left on the list' for a 1.0 MVP? @georgedias @em-c-rod |
| @@ -0,0 +1,38 @@ | |||
| name: Run TS-InSpec-Objects E2E Tests | |||
There was a problem hiding this comment.
A general note for workflows:
Should we add a workflow for publishing the package to npm?
Was the npm package that is there now published manually off of this branch? It seems like these updates are a part of that package.
https://www.npmjs.com/package/@mitre/inspec-objects
| "version": "1.0.0", | ||
| "description": "Typescript objects for InSpec profiles", | ||
| "main": "index.ts", | ||
| "name": "@mitre/inspec-objects", |
There was a problem hiding this comment.
Do we want to name the repository inspec-objects instead of ts-inspec-objects? Seems like a good idea for them to match.
There was a problem hiding this comment.
This was chosen so it wouldn't be confused with inspec/inspec-objects
There was a problem hiding this comment.
Understood, but we also have this repo, which makes this unclear. Let's discuss what is the best resolution.
https://github.com/mitre/inspec-objects
| @@ -0,0 +1,5100 @@ | |||
| export const data = { | |||
| 'CCI-000001': 'AC-1 a 1', | |||
There was a problem hiding this comment.
Where does this mapping come from? (Specifically, the CCIs) I heard someone conversation about these tags in a Vulcan talk today and whether or not you can get the AC-1 type of tags with what is automatically populated from an SRG. I think I need to know more.
There was a problem hiding this comment.
These are taken from DISA's website here and is converted with mitre/heimdall2@libs/hdf-converters/data/converters/xml2json.ts
Signed-off-by: Emily Rodriguez <[email protected]>
|
Why upload the profile-objects content to the repo? What purpose do they serve? Can't we create them on test? Also, when I ran the tests locally, it gave a diff for all of the STIGs in profile-objects because it had things like "\n\n", where the files stored in the repo did not. What change caused this? |
Assuming this is referring to the output data, mostly this was done for testing and demonstration purposes.
Will discuss during our meeting later today |
Signed-off-by: Emily Rodriguez <[email protected]>
Signed-off-by: Emily Rodriguez <[email protected]>
…eFormattingDiff and originalDiff => rawDiff, ensured that renamed controls are not counted as added controls Signed-off-by: Will Dower <[email protected]>
Signed-off-by: Will Dower <[email protected]>
… Update test is failing Signed-off-by: Emily Rodriguez <[email protected]>
Signed-off-by: Emily Rodriguez <[email protected]>
…yntax (not just %q), added new testfile with percent string (%<) to test this Signed-off-by: Will Dower <[email protected]>
Signed-off-by: Emily Rodriguez <[email protected]>
Todo: