CHANGELOG (CLI)
about 1 year ago by ReadMe API
Changelog
Provides details on all changes to the RegScale-CLI over time.
[5.35.0] - 2024-03-20
Added
- XRay integration to ingest .json files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
- Logic to handle additional columns than required during Nexpose, Snyk & Prisma imports
- Prepared By and Prepared For tables to the FedRAMP Rev4 .docx importer
- FedRAMP Rev4 .docx Importer:
- Version from title page
- Prepared By and Prepared For tables
- Additional endpoints to Issue model to support batch_update & batch_create
Fixed
- GCP Integration: Fixed issue with asset import and component mappings
[5.34.0] - 2024-03-14
Added
- Stigv2 integration for importing assets from STIG files.
Fixed
- Failed issue creation during AWS integration
- Error finding unique object during GCP integration
- Errors during Prisma flat file import
- Errors during Snyk flat file import
- Errors during Aqua flat file import
- Errors during Nexpose flat file import
[5.33.1] - 2024-03-08
Added
- Profile data object to match RegScale data model
Changed
- FedRAMP Rev4 .docx importer
- Improved logging for controls and leveraged authorizations
- Sped up SystemRole processing
Fixed
- FedRAMP Rev4 .docx importer
- Prematurely ending the import process when parsed controls > base profile controls
- Parsing port numbers and protocols
- Incorrect number of controls imported displayed on SSP Import Results Summary
[5.33.0] - 2024-03-07
Added
- crowdstrikeBaseUrl to the init.yaml file
Changed
- Updated
regscale emass populate_controls
to use CCIs instead of control IDs when mapping assessment results - Fixed AttributeError during GCP integration and Prisma flat file import
[5.32.0] - 2024-02-29
Added
- Cloud service fields and cloud deployment fields when parsing FedRAMP .docx during import
- Purpose statement during FedRAMP document import
Changed
- Updated Cryptography version to 42.0.0 to remove security vulnerabilities
- Fixed bug causing System Description not being populated during FedRAMP document import
- AutoCompress large files, warn user when a file is too large to post to RegScale
- Added testing for file uploads and deletion in RegScale
[5.31.0] - 2024-02-24
Added
- Added GraphQL client and handler for GraphQL queries
- Stigv2 integration for importing assets from STIG files.
Changed
- Refactored Wiz Inventory integration to use GraphQL client and handler
- Fixed issue during Burp integration when creating issues in RegScale
- Separated Nexpose and Prisma flat file ingest into two separate integrations
- ServiceNow's data fetching and issue/incident syncing to be more consistent and reliable
- Improved control editor file not found error to gracefully exit
- Modified System Roles to populate correctly during
regscale fedramp
doc imports
[5.30.2] - 2024-02-16
Added
- N/A
Changed
- Fixed System Role and Leveraged Authorization errors during creation and updating experienced in the FedRAMP integration
[5.30.1] - 2024-02-16
Added
- N/A
Changed
- Improved healthcheck to fail gracefully when no domain is set
- Bugfixes:
- Corrected incorrect mapping control assessments during
regscale emass populate_controls
- Added logic to handle instances with no facilities and/or organizations correctly in
regscale assessments
integration - Incorrect hash when downloading attachments from RegScale during Jira integration
- False 401 error during
regscale login
when expired token in init.yaml - Fixed Wiz and Tenable Nessus bugs when creating Assets and Issues
- Fixed bug with CatalogCompare, now it will increment Tests, objectives and parameters correctly
- Corrected incorrect mapping control assessments during
[5.30.0] - 2024-02-14
Added
- Summary report to inform user what was updated in RegScale when syncing vulnerabilities in Tenable IO integration
Changed
- Fixed various bugs experienced during Wiz integration
- Updated AWS integration by removing deprecated functions and improved internal testing
- Fixed Issue with CrowdStrike integration while fetching existing incidents from RegScale
[5.29.0] - 2024-02-09
Added
- N/A
Changed
- Updated Tenable IO to cache vulnerability results from Tenable to disk, instead of memory.
- Use the tenableMinimumSeverityFilter config value as a filter for Tenable vulnerabilities
- Fixed issue in application.save_config not updating config in API_Handler or API classes
- API_Handler is now an extension of the Application class
- API object no longer needs Application class to be instantiated
- Improved internal testing for supported versions of Python
[5.28.4] - 2024-02-02
Added
- Additional columns to wrap text in Control Editor workbooks
Changed
- Fixed methods in Assessment, Catalog and CustomField models
[5.28.3] - 2024-02-01
Added
- Aqua integration to ingest Aqua .csv exports into RegScale via
regscale aqua
Changed
- Enhanced Wiz inventory report processing
- Crowdstrike model parsing to better align to RegScale data models
- Fixed issue in GCP integration where duplicate assessments were created
- Updated models to use the newest version of Pydantic
- Updated Airflow to version 2.8.1
[5.28.2] - 2024-01-25
Added
- GCP Features: Added passing controls, create issues for findings and ability to scan on a project or organization level
Changed
- Bugfix: Fixed issue in
tenable io
integration causing incorrect vulnerability counts & possible KeyErrors
[5.28.1] - 2024-01-24
Added
- Snyk CLI Integration added to ingest Snyk .xlsx exports as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
Changed
- Fixed multiple issues during FedRAMP XML and .DOCx imports
- Updated dependencies to latest versions
- Hardened docker container image
[5.28.0] - 2024-01-17
Added
- Logic during the setup process to prevent installation of the CLI if the user is not using a supported version of Python
- Google Cloud Platform integration to pull assets and findings from GCP into RegScale via
regscale gcp
Changed
- Improved memory usage by leveraging pickling instead of passing large objects between methods
- Improved batch insert and update methods for Issue model
- Updated batch insert and update methods with improved batch functionality to Asset model
- Batch issue (still defaulting to threading) is not enabled yet, but will in a subsequent release
[5.27.0] - 2024-01-13
Added
- Palo Alto/Prisma integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
- Rapid7/Nexpose integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
- Logic to wiz integration to add assessments to implementations from the data returned from Wiz
Changed
- Bugfixes:
- Compliance report could have passing and failing control ids for the same control
- Added logic to prevent crashes during Crowdstrike integration when unable to find techniques
- Issue not allowing you to run the regscale-cli container as a flask api server with
regscale-rest
entry point - Improved testing for Sicura integration
- KeyError with tag_values in the Nessus integration when no tag key is present
- Update batch insert and update methods with improved batch functionality to Asset model
- Refactored DAGs to match expected format for RegScale Automation panel
- Refactored CLI to allow pulling config from platform if running in an Airflow container
[5.26.0] - 2023-12-20
Added
- N/A
Changed
- Bugfixes:
- Error during asset creation in the STIG integration
regscale sicura sync_nodes
only worked with a record that had existing assets- False negative during
regscale validate_token
when the user was not an administrator regscale sicura sync_nodes
didn't verify providedregscale_module
before proceeding- False positive of
differences.txt
being created when no differences found duringregscale assessments
- Updated error message when using a CLI command with an invalid token in the
init.yaml
[5.25.0] - 2023-12-15
Added
- Support for ingesting Burp Suite scan results into RegScale using
regscale burp
- Ability to sync compliance posture for Crowdstrike with CSF and NIST 800-53R5 frameworks via
regscale crowdstrike sync_compliance
- Sicura integration to sync nodes and scans into RegScale as Assets and Security Checks via
regscale sicura
Changed
- Refactored
regscale assessments
for better performance and maintainability - Bugfix: Changed approach on concatenating urls in
regscale catalog update
- Bugfix: Incorrectly parsing userId from service account token when using
regscale login --token
- Bugfix: Ensure the compliance score data is populating correctly
regscale tenable io sync_compliance_controls
[5.24.0] - 2023-11-29
Added
- Total Available Ram to the
env_info
command - TenableNessusId and BurpId to the Issues data model
- Internal notification during release workflow
Changed
- Fixed Bug causing control implementations to error during creation whilst using FedRAMP docx import
- Added progress bars to the
regscale catalog update
command for real time feedback during the process
[5.23.1] - 2023-11-14
Added
regscale env_info
command to display the current environment information running the RegScale CLI
Changed
- Optimized CISA integration and data presentation
- Rewrote the update catalog command to be more efficient and granular
- Bugfixes:
- Added default timeout of 60 for all API requests
- Add scan file as artifact to SSP
- Fixed issue in Plugin integration model with a non Optional field
- Improved error handling during the Wiz integration
[5.23.0] - 2023-11-08
Added
tenable nessus
Tenable Nessus support added to RegScale. Imports Nessus scans and assets to RegScale and creates issues if significant vulnerabilities are found
Changed
- Bugfixes:
- Code cleanup during Wiz integration that caused GraphQL errors and inconsistencies
- Added more checks when analyzing data from Wiz to prevent duplicate issues in RegScale
[5.22.0] - 2023-11-01
Added
- N/A
Changed
- Bugfixes:
- Fixed issue where uploaded files to RegScale via CLI was missing the Upload Date
- Fixed issue causing FedRAMP docx not working until a version selection was made
[5.21.1] - 2023-10-31
Added
regscale-dev make-docs
command to create Sphinx documentation for the RegScale CLI
Changed
- Bugfix: Fixed issue causing FedRAMP docx import to fail during system role parsing
[5.21.0] - 2023-10-24
Added
regscale-dev analyze
command to analyze the maintainability, tech debt, and other metrics of the RegScale-CLI codebasesend reminders
dag in airflow to sends reminder email for any Assessments, Issues, Tasks, Data Calls, Security Plans, and Workflows for the users that have email notifications enabled
Changed
- Color for
regscale control_editor
to gray regscale-dev calculate-start-time
now defaults to a0
instead of aNone
if the regex is not met- Wiz issues are now merged by the issue type, the individual Wiz ID's will show up in the issue description
[5.20.2] - 2023-10-18
Added
- Added two new fields to asset data model to match RegScale asset data model
- Diagram Level
- Location
Changed
- N/A
[5.20.1] - 2023-10-12
Added
- Ability to add Control Owner during
regscale control_editor
- Highlighted columns in Excel workbook indicating editable data when using
regscale control_editor
Changed
- Bugfix: Fixed errors causing Wiz to crash when fetching all items
[5.20.0] - 2023-10-10
Added
- Logic to parse date during license validation to support different date formats
Changed
regscale init
now defaults to passed domain and will also log in with a token if passed and skip-prompts is passed- Updated Airflow to version 2.7
- Bugfix: Fixed issue with
regscale-dev calculate-start-time
on different linux distributions - Bugfix: Improved error handling when using
regscale-rest
uploader pages - [BETA] Regscale-CLI REST Server Docker image
- Bugfix: Fixed console log during Jira integration always showing a 0 when updaing issues in RegScale
[5.19.0] - 2023-10-02
Added
- STIG Uploader page that supports single .ckl and .zip file uploads in
regscale-rest
- FedRAMP Rev4 .docx SSP uploader in
regscale-rest
Changed
- Bugfix: Fixed issue causing
regscale-rest
not to load .html templates - Bugfix: Fixed issues in Tenable integration causing unexpected crashes
- Bugfix: STIG crashes, optimization and ability to recursively search directory for .ckl files if not found at provided parent directory
- Bugfix: Fixed multiple crash points experienced during FedRAMP Rev 4 .docx SSP import in
fedramp load-fedramp-docx
[5.18.2] - 2023-09-26
Added
- Support for Tenable.io to existing Tenable integration
- New data model for Risks
regscale-dev
Click command for testing the speed and performance of the RegScale CLIregscale[airflow-sqlserver]
extra to allow for SQL Server integration with Airflow, while not requiring it for airflow
Changed
- Bugfix: Removed bugs causing
regscale migrations
to fail while optimizing the workflow - Improved AWS integration performance
- Bugfix: Removed creation of duplicate assets and checklists
[5.18.1] - 2023-09-21
Added
- N/A
Changed
- Removed
|
operator to prevent crashes while using the CLI with Python 3.9
[5.18.0] - 2023-09-20
Added
- Add [airflow-azure] extra for managing Azure Airflow deployments
- Logic to
nist sort_control_ids
command to retry failed controls
Changed
- Optimized:
regscale nist sort_control_ids
command to iterate all controls one time while sorting the control ids instead of multiple loops - Enhancement: Save wiz json data to RegScale properties instead of dumping to description field
- Wiz Enhancements:
- Save wiz json data to RegScale properties instead of dumping to description field
- Refactoring code for readability and bugfixes
- GitHub Workflows related to airflow
- Bugfix: Fixed issue while processing system roles in
regscale fedramp load-fedramp-docx
[5.17.1] - 2023-09-13
Added
- Description for the
regscale upload_file
command - [BETA] Added Crowdstrike integration to pull incidents from Crowdstrike as incidents and assets in RegScale
Changed
- Removed remaining getAll calls from STIG integration
- Bugfixes in STIG integration
- Bugfix in the FedRAMP parse .docx command
[5.17.0] - 2023-09-13
Added
- Added
regscale upload_file
to upload a file to RegScale that will parse embedded base64 tags and upload them as well - Added functionality to
SecurityPlan
class to create new ssp from an SSP model - Added ability to upload files via requests to RegScale-CLI REST API
- Added a File Upload GUI to the RegScale-CLI REST API
- Added log message when validating token
Changed
- Improved url normalizing to support domain without trailing slash in init.yaml
- Replaced all getAll calls in the CLI because of their removal in RegScale
- Bugfix: Fixed errors encountered during FedRAMP .docx importing to RegScale
- Bugfix: Unable to authenticate with Wiz
[5.15.0] - 2023-08-22
Added
- Airflow DAG to reset init.yaml if needed
Changed
- Updated DAG setup method to correct for a bug
- Streamlined Airflow Dockerfile for cloud deployment
- Fixed a merge error artifact in Dockerfile.ironbank
- Added handling in airflow_init.sh to create database if it does not exist
- DAG docstring updates for knowing required params on platform
- Expanded DAG timeout execution to 3 hours
regscale init
modified to properly set domain from env or if passed- Added helpful console outputs and instructions when running API client via
regscale-rest
- Refactored
regscale catalog update
for a better and faster user experience - Bugfixes: updated multiple bugs encountered during the catalog update
[5.14.1] - 2023-08-18
Added
- Better error handling when logging into RegScale
- Parsing userId from the token when logging in with a token and now saves it to init.yaml
- Added mfa_token parameter to the
regscale init
command
Changed
- Bugfix: If using
regscale login
with environment variables, the domain will now be saved to init.yaml to prevent future errors during a workflow - Removed
REGSCALE_USERNAME
occurrences to useREGSCALE_USER
instead
[5.14.0] - 2023-08-15
Added
- Added SonarCloud integration along with Airflow DAG to pull in SonarCloud issues
Changed
- Fixed issue for Airflow DAGs that were not running due to incorrect config template
- Various bugfixes for catalog updater
[5.13.1] - 2023-08-10
Added
- Additional logging for interactions with Salesforce when uploading attachments
- Airflow DAGs to separate CISA operations into separate DAGs
- Added Dependabot to scan GitHub repo via CLI, DAGs, and REST API
Changed
- Bugfix: corrected issue in ReadMe.io version workflow that preventing the version to be updated during release
- Temporarily removed SQL Server integration until dependency conflict is resolved
- Bugfix: Fixed issue in Salesforce integration causing duplicate attachments in Salesforce & updated console outputs during task
[5.13.0] - 2023-08-08
Added
- [BETA] Functionality to update existing catalogs in RegScale via CLI command
- [BETA] Added Salesforce integration to sync Cases in Salesforce and Issues in RegScale along with attachments
- Airflow DAGs to pull in Recommendations, Alerts from Microsoft Defender 365 and Alerts from Defender for Cloud
- Added sql server integration
- Added workflow model and workflow helper functions
Changed
- Bugfix: fixed dags that were experiencing issues during execution
- Updated FedRAMP integration to include more information in SSP in RegScale
- Refactored data models of RegScale objects to use Pydantic
[5.12.1] - 2023-08-02
Added
- N/A
Changed
- Removed duplicate workflow that updates changelog in ReadMe.io
- Bugfix: Jira workflow now uploads attachments when creating new issues in RegScale
- Refactored
delete_file
function inregscale assessments
integration to prevent trying to delete an entire directory
[5.12.0] - 2023-08-02
Added
- Added the ability to pull
REGSCALE_USERNAME
,REGSCALE_PASSWORD
andREGSCALE_DOMAIN
from the environment variables to streamlineregscale login
andregscale init
commands- Added an optional param to
regscale login
:domain
- if the environment or param options are not populated for
--domain
orREGSCALE_DOMAIN
,regscale login
will parsedomain
frominit.yaml
- If
REGSCALE_USERNAME
,REGSCALE_PASSWORD
environment variables are not populated, theregscale login
will revert back to prompting the user for username & password
- Added an optional param to
- Added Wiz issues and inventory Dags for running wiz through the airflow pipeline
- Added attachment syncing in the Jira integration to sync issue's attachments between RegScale and Jira
Changed
- Updated Dockerfile to install all dependencies unless
--build-arg="EXTRA=<extra>"
is specified, this allows the container to run AirFlow, Flask API Server and defaults to the CLI - Changed the flask server to run on port "0.0.0.0" instead of "localhost"/"127.0.0.1" so it can be bound to a local port while running in a Docker container
- Refactored CLI to use the RegScaleAuth pydantic class for Platform authentication
- Refactored login command to check provided token's validity before saving to init.yaml
- Fix Typo in servicenow integration.
- Bugfix: fixed keyError possibility with wizIssuesReportId
- Bugfix: None properties causing index error in Wiz integration
- Removed dynamically created dags from Airflow
- Updated Jira integration to be bidirectional, issues can be created in RegScale from a Jira board
[5.11.0] - 2023-07-19
Added
- Airflow Documentation and default configurations as well as a
yesterday()
function for scheduling yesterday - Airflow image is pushed to Dockerhub
- Airflow DAGs for Tenable, GitLab & Wiz integrations
Changed
- Bugfix: fixed issue when trying to login with a
token
instead ofusername
&password
- Bugfix: fixed error when trying to run CLI flask application
- Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.
[5.10.0] - 2023-07-12
Added
regscale version
command to quickly print the version of RegScale-CLI installed- File monitoring tools for development, along with
watchdog
dev dependency and adev
submodule for development help - Added file utilities to print contents
Changed
- [BETA]
regscale-rest
command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml - Fixed issue with GitLab url variable naming
- Bugfix: Implemented logic to fix AWS integration
[5.9.0] - 2023-07-05
Added
- N/A
Changed
- Fixed missing commands for GitLab integration
- Added support for the new DOD catalog
- Fixed bug with SSP level option id's not being set properly in
STIG
integration - Replaced
click.argument
withclick.option
inregscale oscal component
[5.8.0] - 2023-06-27
Added
regscale[server]
extra capable of runningregscale-server
, which launches a REST API- this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
- if no params on the command, then
GET
method is assumed. - This will work with the current init.yaml if ran in the same directory
- This can also work with the future AppConfig.
- POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
- Evidence Build_Package Command for FEDRamp go to market audit process
- GitLab integration to pull issues into RegSCale with or without links from description
Changed
- Updated error handling for Wiz when invalid credentials provided
- Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
- Refactored catalog utils, replaced
export
verbiage todownload
- Refactored and fixed bugs in test_poam_editor.py for better test execution
[5.7.0] - 2023-06-21
Added
- jwt-token parameter for regscale login command
- Timeout parameter for
get_all_from_module
function inregscale.core.utils.app_utils.py
Changed
- regscale login command to use a jwt-token parameter
- Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
- Updated and refactored Assessment Editor CLI feature and testing coverage
- Changed starlette version from 0.26.1 to 0.27.0
- Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
- Fixed bug for OSCAL components being updating in RegScale
[5.6.1] - 2023-06-07
Added
- N/A
Changed
- Fixed bug with Wiz issues and assets
[5.6.0] - 2023-06-07
Added
- Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
- Azure Intune Support
- Query devices from Intune and sync with RegScale
- If a device is not compliant, a RegScale issue will be created
- Added Azure tests
Changed
- Removed duplicate workflow for updating changelog in ReadMe.io
- Fixed issue with Intune integration where assets and issues could be duplicated.
- Fixed incorrect string on click parent id description.
- Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
- Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.
[5.5.0] - 2023-05-31
Added
AppConfig
class example with basic auth- Workflow to automatically update the
CHANGELOG (CLI)
on ReadMe.io when a new release is created - Workflow to automatically update the version on ReadMe.io when a new release is created
Changed
- N/A
[5.X.X] - 2023-07-XX
Added
- Airflow Documentation and default configurations as well as a
yesterday()
function for scheduling yesterday - Airflow image is pushed to Dockerhub
- Airflow DAGs for Tenable, GitLab & Wiz integrations
Changed
- Bugfix: fixed issue when trying to login with a
token
instead ofusername
&password
- Bugfix: fixed error when trying to run CLI flask application
- Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.
[5.10.0] - 2023-07-12
Added
regscale version
command to quickly print the version of RegScale-CLI installed- File monitoring tools for development, along with
watchdog
dev dependency and adev
submodule for development help - Added file utilities to print contents
Changed
- [BETA]
regscale-rest
command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml - Fixed issue with GitLab url variable naming
- Bugfix: Implemented logic to fix AWS integration
[5.9.0] - 2023-07-05
Added
- N/A
Changed
- Fixed missing commands for GitLab integration
- Added support for the new DOD catalog
- Fixed bug with SSP level option id's not being set properly in
STIG
integration - Replaced
click.argument
withclick.option
inregscale oscal component
[5.8.0] - 2023-06-27
Added
regscale[server]
extra capable of runningregscale-server
, which launches a REST API- this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
- if no params on the command, then
GET
method is assumed. - This will work with the current init.yaml if ran in the same directory
- This can also work with the future AppConfig.
- POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
- Evidence Build_Package Command for FEDRamp go to market audit process
- GitLab integration to pull issues into RegSCale with or without links from description
Changed
- Updated error handling for Wiz when invalid credentials provided
- Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
- Refactored catalog utils, replaced
export
verbiage todownload
- Refactored and fixed bugs in test_poam_editor.py for better test execution
[5.7.0] - 2023-06-21
Added
- jwt-token parameter for regscale login command
- Timeout parameter for
get_all_from_module
function inregscale.core.utils.app_utils.py
Changed
- regscale login command to use a jwt-token parameter
- Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
- Updated and refactored Assessment Editor CLI feature and testing coverage
- Changed starlette version from 0.26.1 to 0.27.0
- Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
- Fixed bug for OSCAL components being updating in RegScale
[5.6.1] - 2023-06-07
Added
- N/A
Changed
- Fixed bug with Wiz issues and assets
[5.6.0] - 2023-06-07
Added
- Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
- Azure Intune Support
- Query devices from Intune and sync with RegScale
- If a device is not compliant, a RegScale issue will be created
- Added Azure tests
Changed
- Removed duplicate workflow for updating changelog in ReadMe.io
- Fixed issue with Intune integration where assets and issues could be duplicated.
- Fixed incorrect string on click parent id description.
- Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
- Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.
[5.5.0] - 2023-05-31
Added
AppConfig
class example with basic auth- Workflow to automatically update the
CHANGELOG (CLI)
on ReadMe.io when a new release is created - Workflow to automatically update the version on ReadMe.io when a new release is created
Changed
- N/A
[5.4.0] - 2023-05-25
Added
- AppConfig and Providers class to be implemented with new platform config endpoint
- RegScaleAuth class that can be used with
RegScaleAuth.authenticate()
to return a RegScaleAuth object authenticated via env vars.- includes
.refresh()
to refresh a new token .token
property returns auth_token secret value,.username
is RegScale user and.password
is RegScale password as aSecretStr
.- domain is retrieved from
REGSCALE_DOMAIN
and it can be 'dev' for dev.regscale.io or 'yourcompany.regscale.io'
- includes
- generate_regscale_domain_url(domain: str) will generate an f-string to {REGSCALE_DOMAIN}.regscale.io with no default it raises an error
regscale.core.static.regex
<- precompiled regexes for use elsewhereregscale.core.utils.urls
<-generate_regscale_domain_url
AppConfig
class example with basic auth- modified the GitHub tests workflow to test the RegScale submodule and all the tests therein
- add tests for new methods
Changed
- Updated requests to 2.31.0
- Refactored send_reminders, compare_files, emass, nist_catalog, jira, qualys, okta and service now integrations for SDK
usage - Fixed bug during Okta token generation
[5.3.1] - 2023-05-18
Added
- N/A
Changed
- Updated control sort Id to verify any previous sort Ids are correct before updating them
[5.3.0] - 2023-05-17
Added
- N/A
Changed
- Updated UBI docker image to use newer version with less vulnerabilities
- Refactored and optimized uploading file to RegScale via CLI
[5.2.1] - 2023-05-12
Added
- Additional checks and validations to the STIG integration
- Install options for Airflow and Ansible
- Option to process FedRAMP catalogs in OSCAL integration
Changed
- Fixed bug in FedRAMP integration
[5.2.0] - 2023-05-10
Added
- N/A
Changed
- Revamped Fedramp testing and improved testing for FedRAMP integration
- Improved testing for CISA integration
- Changed version for Cryptography dependency to prevent conflict with OpenSSL
[5.1.0] - 2023-05-04
Added
- Testing for Wiz integration
- AWS Security Hub integration & tests
- Sync findings from AWS security hub to a RegScale security plan
- SSP implementations will update and issues will be created if desired
Changed
- Completely refactored the CLI for better performance and maintainability
- Removed unused dependencies from requirements.txt
- Updated docker build process to remove setuptools after install, this removes a moderate vulnerability for the Python
3.9 image - Updated handling of GraphQL query timeout errors and increased GraphQL query timeout on the API Graph call
[5.0.0] - 2023-04-25
Added
- N/A
Changed
- Bug Fix: Fixed docker hub release workflow and removed critical vulnerability in docker image
- Updated testing coverage to include testing for the Qualys integration & catalog functionality
[4.26.1] - 2023-04-20
Added
- N/A
Changed
- Bug Fix: Fixed control implementations duplicating during OSCAL import
- Updated Catalog tools to pull data from cloud storage instead of a local file for easier maintenance
- Updated Wiz functionality to properly link to assets along with Checks and Remediation info in the POAM tab of the
issue
[4.26.0] - 2023-04-19
Added
- Added catalog command to allow users to export, compare and diagnose catalogs
Changed
- Bug Fix: Added verify flag to download_file function to prevent errors during download
- Bug Fix: Correctly upload components and update changed component control implementations
- Moved testing artifacts to Azure blob
- Implemented more tests during update to ensure application integrity
[4.25.1] - 2023-04-13
Added
- Added STIG integration to pull assets, issues and security checklists data into RegScale and update implementations
from STIG Checklist rules. - Added at STIG test
- Added command to
get_template
for the eMASS Control Template in the eMASS integration
Changed
- Update workflow test yaml
- Bug fix: Fixed error handling when fetching assets when no assets were associated to the provided record
- Changed
query_vuln
command in Qualys integration tosync_qualys
to better reflect the function of the command - Updated final output message to include # of rows not populated during
populate_controls
in eMASS integration - Bug fix: updated SBOM workflow to leverage secrets
- Bug fix: Fixed issues encountered during the test_evidence.py
[4.25.0] - 2023-04-12
Added
- Added Qualys integration to pull assets & vulnerabilities data into RegScale from Qualys
Changed
- Bug fix: Fixed issue in evidence.py integration
- Bug fix: Fixed issue in api.py causing errors during Wiz workflow
- Enhancement: Updated logic and performance throughout the CLI
[4.24.1] - 2023-04-06
Added
- N/A
Changed
- Bug fix: Fixed issue causing docker build to script to hang during build process
- Bug fix: Changed setup.py to parse requirements.txt to prevent version conflicts
- Bug fix: removed | operand in Api.py to support Python 3.9
[4.24.0] - 2023-04-05
Added
- N/A
Changed
- Bug fix: Update objective filter to ensure Rev 5 enhancement objectives are populating.
- Updated domain for tests to use the correct DEV instance
- Changed test catalog for test_oscal.py to a smaller catalog to speed up testing
[4.23.0] - 2023-03-28
Added
- N/A
Changed
- Upgrade upload_sbom.py to prevent false negatives and better log status code of unsuccessful API call
- Bug fix: Update CISA Alerts integration to handle updated CISA.gov website
[4.22] - 2023-03-23
Added
- Add copyright notice to ssp_management.py
Changed
- Bug fix: Enforce Path type for input and output in oscal cli wrapper
- Bug fix: Update Tenable integration
- Refactor assessment editor
[4.20.1] - 2023-03-11
Added
- New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans
- Added generation of Red Hat Universal Baseline Image (UBI) dockerfile
Changed
- Update build process to also generate Red Hat Universal Baseline Image (UBI)
[4.20.0] - 2023-03-07
Added
- New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans
[4.20.0] - 2023-03-08
Changed
- Provide helpful Alien Vault error on failed API key
- Revised populating eMASS SSP spreadsheet assessment fields to highlight cells missing data and adding comments of what
needed to be done by the user - Updated Wiz integration: import SecurityChecks and Recommended Actions to RegScale Issues; concatenate imported
securityChecks with updated Wiz control IDs; update default Wiz report age - Updated missing docstrings and missing function typing
[4.19.2] - 2023-03-03
Changed
- Bug Fix: Implemented logic to get the correct sort id for older catalogs in nist sort_control_ids
[4.19.0] - 2023-03-01
Added
- New [BETA] Alien Vault OTX threat integration to pull pulse information into RegScale
- New [BETA] Update an eMASS controls formatted workbook with controls with assessments from RegScale with the provided
SSP ID
Changed
- Security: Removed credentials used for testing integrations replacing with GitHub action secrets
- Bug Fix: Control Editor problem preventing spreadsheet generation
- Refactored Control Editor to use GraphQL
[4.18.2] - 2023-02-24
Changed
- Bug Fix: Improve FedRAMP import with better handling of exceptions.
[4.18.1] - 2023-02-23
Changed
- Bug Fix: Correct parsing of FedRAMP OSCAL catalogues
- Updated GraphQL query and logic for send_reminders function
- Updated docstrings for reformat_str_date function
- Corrected typo in CHANGELOG
[4.18.0] - 2023-02-22
Added
- New support for OSCAL 1.0.4 and the Austrailian ISM catalog
- New support for editing assessments in a spreadsheet external to RegScale
- Add --obj_to_control option to oscal command to convert 800-53 objectives to controls during catalogue import
- Add --new_catalog_name option to oscal command to define catalogue name during import
Changed
- Bug Fix: Correct parsing of NIST 800-53 Rev 5 objectives and parameters
- Improve outputs of OSCAL import to be clearer and more concise during the workflow
- Update package testing instructions in README
- Update docker tag to "latest"
[4.17.2] - 2023-02-20
Changed
- Revised order of Python libraries
[4.17.0] - 2023-02-15
Changed
- Bug Fix: Updated logs & console output for encrypt/decrypt and fixed bug causing user to set their password twice for
the first time
[4.16.2] - 2023-02-09
Changed
- Bug Fix: Fixed bug in GraphQL function when normalizing the provided URL
[4.16.1] - 2023-02-09
Changed
- Bug Fix: Refactored evidence CLI to prevent code from executing prematurely
[4.16.0] - 2023-02-08
Added
- New Microsoft 365 Defender to pull alerts from Microsoft 365 into RegScale
- New GitHub NPM audit scan integration to create assessments and related issues in RegScale from NPM audit scan of main
branch - New sort CLI to batch sort in natural order NIST controls
- Added better error handling to api.graph
- Added additional links to readme.io docs
- Added links to internal CLI developer standards and GraphQL documentation
Changed
- Bug Fix: Fix failed jiraId keyError
- Bug Fix: Fix OSCAL import test
- Bug Fix: Change click sequence to fix broken test_evidence imports
- Improve OSCAL CLI to load Australian ISM catalog
- Change threaded process terminal output to prevent excessive threaded pool warnings
- Improve testing of evidence CLI
- Update cryptography library
[4.15.2] - 2023-02-3
Changed
- Changed default mapping of control status from imported FedRAMP SSP to Not Implemented
[4.15.1] - 2023-02-1
Changed
- Bug Fix: Fix the CLI looking for file dump path that does not exist
- Bug Fix: Fix the list of acceptable file types was too limited for FedRAMP documents
- Bug Fix: Update build script to properly handle all sections of version
[4.15.0] - 2023-01-31
Added
- Added check for maxThreads to prevent users from being IP-banned by CISA
Changed
- Bug Fix: Fix incorrect login credentials error message
- Fixed typos throughout the application and duplicate periods within console
- Improved Wiz integration to prevent duplicate record creation and other enhancements
[4.14.0] - 2023-01-24
Added
- New GitHub Dependabot integration to import Depandabot found package vulnerabilities into RegScale
- Added special data migration script to support many to may inheritance
Changed
- Bug Fix: Errors between RegScale-CLI and RegScale with Tenable methods
- Bug Fix: Cognito log in error
[4.13.0] - 2023-01-19
RegScale-CLI 4.13.0 adds new integrations, and refactors the application
for greater long term extensibility
The big leap in version number synchronizes RegScale-CLI version with RegScale version.
IMPORTANT: init.yaml parameter names changed in 4.13.0.
Certain init.yaml
parameters changed in 4.13.0 to standardize parameter names to camelCase.
RegScale-CLI automatically adds in new and missing parameters and leaves existing parameters in place.
Be sure to check and update your existing init.yaml
parameters.
Method 1 – move, generate, diff, and manually edit
# move init.yaml to backup
mv init.yaml init-bak.yaml
# generate fresh init.yaml
regscale init
# diff backup to fresh to see changes
diff init-bak.yaml init.yaml
# manually edit init.yaml to copy values from params back up to new params in fresh init.yaml
Method 2 – add new and manually edit
# run regscale to add in new/missing params
regscale about
# manually edit init.yaml to copy values around from old params into new params
Added
- New Okta integration to pull different users from Okta core API
- New FedRAMP SSP docx import to RegScale support
- New Azure Microsoft Defender for Cloud to pull alerts from Azure into RegScale
- New initialization workflow for setting up RegScale CLI
- Added workflows to reminder command
- Added bulk control editing via Excel
- Added persistent CHANGELOG file for releases
- Added Microsoft Defender for Cloud (DFC) integration that will create issues in RegScale for DFC alerts
Changed
- Removed support for Python 3.8 to support Python typing
- Bug Fix: Include missing requirements
- Bug Fix: Replaced built in tuple for Python 3.8 crashes
- Bug Fix: Minor bug fixes for functions throughout the application
- Bug Fix: Standardize to Python Yaml "pyaml" package to correct packaging issue
- Bug Fix: Automatically create directory "static" required by Python Fitz package
- Renamed platform to admin_actions
- Sync CLI version number to RegScale version number
- Application refactor, restructure and standardization
- Improved speed performance of Jira, Migrations, Wiz and OSCAL integrations with multithreading
- Fixed typos in Doc Strings and standardized Doc String and user feedback usage of periods
[1.3.8] - 2023-01-10
Added
- N/A
Changed
- Bug Fix: Correct oscal_cli_path default
[1.3.7] - 2022-12-22
Added
- N/A
Changed
- Bug Fix: replaced tuple with Tuple to fix crash in Python 3.8
[1.3.6] - 2022-12-19
Added
- N/A
Changed
- Bug Fix: Added missing keys to init.yaml