mirror of
https://github.com/inspec/inspec
synced 2024-12-19 17:43:44 +00:00
6034ece853
The goal of this change is to provide an isolated view of the available profiles when the user calls the include_controls or require_controls APIs. Namely, - A profile should only be able to reference profiles that are part of its transitive dependency tree. That is, if the dependency tree for a profile looks like the following: A |- B --> C | |- D --> E Then profile B should only be able to see profile C and fail if it tries to reference A, D, or E. - The same profile should be include-able at different versions from different parts of the tree without conflict. That is, if the dependency tree for a profile looks like the following: A |- B --> C@1.0 | |- D --> C@2.0 Then profile B should see the 1.0 version of C and profile D should see the 2.0 profile C with respect to the included controls. To achieve these goals we: - Ensure that we construct ProfileContext objects with respect to the correct dependencies in Inspec::DSL. - Provide a method of accessing all transitively defined rules on a ProfileContext without pushing all of the rules onto the same global namespace. This does not yet handle attributes or libraries. |
||
|---|---|---|
| .. | ||
| complete-metadata | ||
| complete-profile | ||
| dependencies | ||
| empty-metadata | ||
| legacy-complete-metadata | ||
| legacy-empty-metadata | ||
| legacy-simple-metadata | ||
| library | ||
| simple-metadata | ||
| skippy-profile-os | ||
| spec_only | ||
| supported_inspec | ||
| unsupported_inspec | ||