Merge branch 'main' into dependabot/npm_and_yarn/multi-adb500430a

mitre · Jan 3, 2025 · 46e1d8d · 46e1d8d
2 parents 4d3854d + bda8525
commit 46e1d8d
Show file tree

Hide file tree

Showing 21 changed files with 2,484 additions and 2,548 deletions.
diff --git a/.github/workflows/build-macos.yml b/.github/workflows/build-macos.yml
@@ -15,7 +15,7 @@ jobs:
       - name: setup node
         uses: actions/setup-node@v4
         with:
-          node-version: "18"
+          node-version: "22"
           check-latest: true
           cache: 'npm'
 
@@ -32,9 +32,9 @@ jobs:
         run: |
           cd dist/macos
           for file in saf-*.pkg; do
-                  prefix=${file%-*-*.pkg}
-                  suffix=${file#saf-*-*-*}
-                  mv "$file" "$prefix-$suffix"
+            prefix=${file%-*-*.pkg}
+            suffix=${file#saf-*-*-*}
+            mv "$file" "$prefix-$suffix"
           done
 
       - name: Upload SAF-CLI macOS Installer Artifact

diff --git a/.github/workflows/build-rpm.yml b/.github/workflows/build-rpm.yml
@@ -24,7 +24,7 @@ jobs:
       - name: setup node
         uses: actions/setup-node@v4
         with:
-          node-version: "18"
+          node-version: "22"
           check-latest: true
           cache: 'npm'
           cache-dependency-path: ./saf/package-lock.json

diff --git a/.github/workflows/build-windows-linux.yml b/.github/workflows/build-windows-linux.yml
@@ -18,7 +18,7 @@ jobs:
       - name: setup node
         uses: actions/setup-node@v4
         with:
-          node-version: "20"
+          node-version: "22"
           check-latest: true
           cache: 'npm'
           cache-dependency-path: ./saf/package-lock.json
@@ -44,19 +44,19 @@ jobs:
         run: |
           cd saf/dist/win32
           for file in saf-*.exe; do
-                  prefix=${file%-*-*} # get prefix by removing frome end
-                  suffix=${file#saf-*-*-} # get suffix by removing from start
-                  mv "$file" "$prefix-$suffix"
+            prefix=${file%-*-*}     # get prefix by removing from end
+            suffix=${file#saf-*-*-} # get suffix by removing from start
+            mv "$file" "$prefix-$suffix"
           done
 
       - name: Rename Debian Installers
         run: |
           cd saf/dist/deb
           for file in saf_*.deb; do
-                  prefix=${file%.*-*.deb}
-                  prefix_ver=${prefix#saf_}
-                  suffix=${file#*_*_}
-                  sudo mv "$file" "saf-$prefix_ver-$suffix"
+            prefix=${file%.*-*.deb}
+            prefix_ver=${prefix#saf_}
+            suffix=${file#*_*_}
+            sudo mv "$file" "saf-$prefix_ver-$suffix"
           done
 
       - name: Upload SAF-CLI Windows Build x64 Artifact

diff --git a/.github/workflows/e2e-ci.yml b/.github/workflows/e2e-ci.yml
@@ -12,23 +12,41 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-       platform: [ ubuntu-latest, macos-latest, windows-latest ]
-    runs-on: ${{ matrix.platform }}
+       platform: [ ubuntu, macos, windows ]
+    runs-on: ${{ matrix.platform }}-latest
     steps:
-     - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-     - name: Setup Node.js on ${{ matrix.platform }}
-       uses: actions/setup-node@v4
-       with:
-        node-version: "18"
-        check-latest: true
-        cache: 'npm'
+      - name: Setup Node.js on ${{ matrix.platform }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          check-latest: true
+          cache: 'npm'
 
-     - name: Install dependencies on ${{ matrix.platform }}
-       run: npm ci
+      - name: Install dependencies on ${{ matrix.platform }}
+        run: npm ci
+
+      - name: Install cinc-auditor/Compile/Run Tests on ${{ matrix.platform }}
+        if: ${{ matrix.platform == 'windows-latest' }}
+        shell: pwsh
+        run: |
+          Start-Process powershell -Verb RunAs
+          . { iwr -useb https://omnitruck.cinc.sh/install.ps1 } | iex; install -project cinc-auditor
+          $env:Path = $env:Path + ';C:\cinc-project\cinc-auditor\bin' + ';C:\cinc-project\cinc-auditor\embedded\bin'
+          cinc-auditor -v
+          npm run prepack
+          npm run test
 
-     - name: Prepack (compile) on ${{ matrix.platform }}
-       run: npm run prepack
+      - name: Install cinc-auditor/Compile/Run Tests on ${{ matrix.platform }}
+        if: ${{ matrix.platform == 'ubuntu-latest' || matrix.platform == 'macos-latest' }}
+        run: |
+          curl -L https://omnitruck.cinc.sh/install.sh | sudo bash -s -- -P cinc-auditor
+          npm run prepack
+          npm run test
 
-     - name: Run e2e tests on ${{ matrix.platform }}
-       run: npm run test
+      # - name: Prepack (compile) on ${{ matrix.platform }}
+      #   run: npm run prepack
+
+      # - name: Run e2e tests on ${{ matrix.platform }}
+      #   run: npm run test
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
@@ -16,7 +16,7 @@ jobs:
      - name: Setup Node.js
        uses: actions/setup-node@v4
        with:
-        node-version: "18"
+        node-version: "22"
         check-latest: true
         cache: 'npm'
 

diff --git a/.github/workflows/push-to-npm-gpr.yml b/.github/workflows/push-to-npm-gpr.yml
@@ -12,7 +12,7 @@ jobs:
       - name: setup node
         uses: actions/setup-node@v4
         with:
-          node-version: "18"
+          node-version: "22"
           check-latest: true
           registry-url: "https://registry.npmjs.org"
           cache: 'npm'
@@ -34,7 +34,7 @@ jobs:
       # Setup .npmrc file to publish to GitHub Package Registry
       - uses: actions/setup-node@v4
         with:
-          node-version: "18"
+          node-version: "22"
           registry-url: 'https://npm.pkg.github.com'
           cache: 'npm'
 

diff --git a/.nvmrc b/.nvmrc
@@ -1 +1 @@
-v18.18
+v22.0.0
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-ARG BASE_CONTAINER=node:18-alpine
+ARG BASE_CONTAINER=node:22-alpine
 
 FROM $BASE_CONTAINER AS builder
 

diff --git a/README.md b/README.md
@@ -443,7 +443,7 @@ convert hdf2ckl               Translate a Heimdall Data Format JSON file into a
                               DISA checklist file
 
   USAGE
-    $ saf convert hdf2ckl saf convert hdf2ckl -i <hdf-scan-results-json> -o <output-ckl> [-h] [-m <metadata>] [--profilename <value>] [--profiletitle <value>] [--version <value>] [--releasenumber <value>] [--releasedate <value>] [--marking <value>] [-H <value>] [-I <value>] [-M <value>] [-F <value>] [--targetcomment <value>] [--role Domain Controller|Member Server|None|Workstation] [--assettype Computing|Non-Computing] [--techarea |Application Review|Boundary Security|CDS Admin Review|CDS Technical Review|Database Review|Domain Name System (DNS)|Exchange Server|Host Based System Security (HBSS)|Internal Network|Mobility|Other Review|Releasable Networks (REL)|Releaseable Networks (REL)|Traditional Security|UNIX OS|VVOIP Review|Web Review|Windows OS] [--stigguid <value>] [--targetkey <value>] [--webdbsite <value> --webordatabase] [--webdbinstance <value> ] [--vulidmapping gid|id]
+    $ saf convert hdf2ckl -i <hdf-scan-results-json> -o <output-ckl> [-h] [-m <metadata>] [--profilename <value>] [--profiletitle <value>] [--version <value>] [--releasenumber <value>] [--releasedate <value>] [--marking <value>] [-H <value>] [-I <value>] [-M <value>] [-F <value>] [--targetcomment <value>] [--role Domain Controller|Member Server|None|Workstation] [--assettype Computing|Non-Computing] [--techarea |Application Review|Boundary Security|CDS Admin Review|CDS Technical Review|Database Review|Domain Name System (DNS)|Exchange Server|Host Based System Security (HBSS)|Internal Network|Mobility|Other Review|Releasable Networks (REL)|Releaseable Networks (REL)|Traditional Security|UNIX OS|VVOIP Review|Web Review|Windows OS] [--stigguid <value>] [--targetkey <value>] [--webdbsite <value> --webordatabase] [--webdbinstance <value> ] [--vulidmapping gid|id]
 
   FLAGS
     -h, --help            Show CLI help.

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.4.16
+1.4.17
diff --git a/docs/contributors-guide.md b/docs/contributors-guide.md
@@ -94,6 +94,39 @@ You can get help on the available commands with:
 ./bin/run --help    # Darwin or Linux
 node bin/run --help # Windows
 ```
+## Creating a Release
+The process of creating a release is document in the SAF CLI Wiki Page [How-to Create a SAF CLI Release](https://github.com/mitre/saf/wiki/How%E2%80%90to-Create-a-SAF-CLI-Release)
+
+>[!WARNING]
+> Before executing the preparatory script ensure that the you're on a directory containing the most recent commit of the SAF CLI. The first step of the scrip will do a `git checkout main` proceeding by a `git pull origin main`
+
+Basically the process of creating a SAF CLI release consists of performing the following steps:
+
+1. Run the appropriate preparatory release script
+    ```bash
+    ./release-pre.sh   # Darwin or Linux
+    .\release-pre.ps1  # Windows
+    ```
+    The script performs the following:
+
+    - Retrieve the latest main content
+    - Bump the SAF CLI version number in the VERSION file and package.json
+    - Update MITRE dependencies to latest versions
+    - Remove the `node_modules` if exists
+    - Install all supporting modules
+    - Build and run all tests
+    - Add unstaged files to the staging area (package.json - version) or any other file with the modified flag (M)
+    - Commit previously staged files with `signoff` tag with the new version number
+    - Tag the commit with new release version
+    - Push and updated all three references to the repository with the version number
+
+2. Add the generated packages to the staged released
+3. Associate the tags with the drafted release
+4. Set the release to be the latest
+5. Publish the release
+
+>[!NOTE]
+>Detailed information on steps 2 through 5 are listed in the [How-to Create a SAF CLI Release](https://github.com/mitre/saf/wiki/How%E2%80%90to-Create-a-SAF-CLI-Release) Wiki page
 
 ## Contributing