HomeGuidesAPI ReferenceChangelog
Log In
Changelog

CHANGELOG (CLI)

Changelog

Provides details on all changes to the RegScale-CLI over time.

[6.7.0] - 2024-11-13

Added

  • Command to sync recommendations from Microsoft Defender for Cloud to RegScale as issues via regscale defender sync_cloud_recommendations
  • PickleFileHandler Model to handle reading and writing Pickled data while being threadsafe

Changed

  • Improved Tenable SC to cache to disk and process all findings and assets to ScannerIntegration in a single action using new PickleFileHandler model

[6.6.0] - 2024-11-08

Added

  • Handling unauthorized responses (401) when making API calls to API class
  • More logging during API calls for better debugging

Changed

  • Logging during admin_actions send_reminders if no users have email notifications enabled

Fixed

  • AttributeError during get_mappings_as_assets in AssetMappings class
  • Misnamed attribute in Questions model to follow RegScaleModel convention

Removed

  • Handling unauthorized responses (401) when making API calls from APIHandler class

[6.5.0] - 2024-11-06

Added

  • Wiz Asset child list of Software inventory is able to map to STIGs and is automated based on rules in STIG mapping rule file

Changed

  • Silenced Import warning in Wiz when memory is 0
  • Deprecated API call to validate RegScale token when using regscale validate_token and when validating RegScale CLI Application

Fixed

  • Import issue in Wiz integration when type is container image
  • Issue prompting for in Wiz credentials when not using Wiz integration

[6.4.0] - 2024-11-01

Added

  • --poam_id_column option to the regscale fedramp import-poam command to specify the column name for the POAM ID

Fixed

  • POAM ID can be any format as long as it contains V-# instead of V-### only format

[6.3.0] - 2024-10-31

Added

  • Emailing user that triggered job in Automation Manager if it fails

Changed

  • Consolidated Wiz CLI
  • Ensure Issues are using ScannerIntegration
  • Parsing control implementation part statements during FedRAMP Appendix A parsing

Fixed

  • Issue Status incorrectly set on closed issues in ScannerIntegration

[6.2.0] - 2024-10-30

Added

  • Original Risk Rating calculation to ScannerIntegration
  • Basis For Adjustment fallback value if finding value is None or empty
  • Optional ingestClosedIssues key to the init.yaml, defaults to False

[6.1.0] - 2024-10-28

Added

  • ImportValidater to validate the import of files into RegScale before processing the data
    • Added to xray, aqua, defender, ibm, nexpose, prisma, qualys, snyk, aws, ecr, veracode imports
  • show_mapping command to display the custom header mappings for file imports
    • Added to xray, aqua, defender, prisma, qualys, snyk, aws, ecr, veracode imports
  • Command prompts when creating custom mapping files for flat file imports if required fields are missing

Changed

  • Improved error handling during the import of files into RegScale

Fixed

  • Numerous bugs during the import of files into RegScale

[6.0.0] - 2024-10-24

Added

  • id attribute to Link RegScale model
  • Python 3.13 support

Changed

  • Updated response handling during catalog import
  • Updated internal testing suite
  • Error message when failed to parse userId from token in parse_user_id_from_jwt()

Fixed

  • CISA Alert ingestion
  • Errors when processing vulnerabilities in ScannerIntegration
  • URLs to use new forms in RegScale
  • Issue with asset_mapping mappingId to id
  • Issue with questionnaire and questionnaireInstance creation due to renaming properties

Removed

  • fitz dependency

[5.82.0] - 2024-10-22

Changed

  • Set default values for IssueCreation=Consolidated and VulnerabilityCreation=PoamCreation

[5.81.1] - 2024-10-18

Fixed

  • tenableMinimumSeverityFilter not being used during Tenable SC integration
  • _get_vulns_by_scan logic and returned datatype updated to properly return a list of tool_vulns

[5.81.0] - 2024-10-14

Added

  • Option for FedRAMP rev4 SSP docx import to allow for RegScale security profile id or name
  • Missing field riskCategorization to Component model
  • Several missing fields from Privacy model
  • User model:
    • Added roles attribute
    • get_by_user_id method to find a user by their user id
    • assign_role method to assign a role to a user

Changed

  • Updated Question and Questionnaire models to include default values
  • Token parsing logic during login

Fixed

  • Typing of app config to default to dict instead of _SpecialForm
  • Bug in questionnaire create_instance_from_questionnaire method
  • FedRAMP rev4 SSP docx import:
    • Bug causing import to freeze when checking for specific text in the document
    • Missing ports and protocols during import
    • Handling of content control elements in the document when parsing text

Removed

  • Duplicate name attribute on the User model

[5.80.1] - 2024-10-14

Fixed

  • Missing dependency causing import errors

[5.80.0] - 2024-10-14

Added

  • Filtering vulnerabilities by scanner in ScannerIntegration

Changed

  • Closing vulnerability mappings that are no longer reported by a scan

Fixed

  • Possible error when checking against scanningTool when no vulnerabilities are found

[5.79.0] - 2024-10-14

Added

  • SAP Concur support for SysDig and Tenable flat files
  • Object level locking to prevent duplicate creation during multithreading

[5.78.0] - 2024-10-07

Added

  • Optional support for grouping by Tenable Plugin inside ScannerIntegration
  • RegScale ID and RegScale Module parameters to Microsoft Defender jobs in Automation Manager
  • Threading utilities for better performance throughout the CLI

Fixed

  • Errors when running Wiz integrations in Automation Manager

[5.77.0] - 2024-10-03

Added

  • drNumber field to the Deviation model

Changed

  • Update Deviation model to support the new get_by_security_plan endpoint

Fixed

  • Error in qualys sync_qualys when the Qualys instance has < 100 vulnerabilities

[5.76.0] - 2024-09-29

Added

  • ipv4 as an option when retrieving the name of a Tenable IO asset
  • ability to process Nessus files from s3
  • Pagination to Qualys integration to fetch Assets when there are more than 1000 assets
  • Section 8 from section 3 (table 3.1) descriptions during FedRAMP SSP import
  • Info message when no Tenable SC data is found

Changed

  • Optimized Qualys integration to use RegScale models and only fetch necessary data while avoiding rate limits

Fixed

  • Improved POAM import process and error handling
    • Enhanced date parsing and CVE validation
    • Implemented more robust error handling and logging
  • False positives on Jobs running in Automation Manager
  • Not using urljoin when concatenating qualysUrl from init.yaml to call Qualys APIs

[5.75.0] - 2024-09-23

Added

  • STIG support for Tenable

Changed

  • Method on running jobs in Automation Manager
  • Security Check field during Burp flat file import to use hex identifier per Burp documentation

[5.74.1] - 2024-09-21

Added

  • Resilience to POA&M importer when parsing status from sheet names

Fixed

  • Error during Aqua import when description not provided, it will now be skipped and warn the user

[5.74.0] - 2024-09-19

Added

  • Privacy model used during parsing privacy data while importing FedRAMP .docx System Security Plan
  • otherIdentifier field for deviations model
  • Populating otherIdentifier during the deviation importer
  • Caching mixin for RegScale models to cache object by plan id
  • Ability to import eMASS SLCM .xlsm files into RegScale via regscale emass import_slcm
  • Support for OSCAL versions 1.1.1 and 1.1.2 catalog imports
  • Fix a Nessus break on invalid cache object in the parent cache
  • Added criticality updater for security controls in a catalog for eMASS via regscale criticality_updater import
  • Automation Manager jobs for Wiz integration commands: vulnerabilities, attach_sbom and add_report_evidence
  • Option to sync Microsoft Defender for Cloud and Microsoft Defender 365 to a provided regscale_id and regscale_module

Changed

  • Improved integrations import speed using new caching mixin
  • Changed issue.sourceReport to Burp Suite during Burp file import
  • Wiz command options to use --regscale_ssp_id or -id to specify the System Security Plan ID
  • Improved the speed and reliability of Microsoft Defender for Cloud and Microsoft Defender 365

Fixed

  • First seen and last seen dates not being set during Tenable SC and flat file imports
  • Error handling when unable to find profile during FedRAMP Rev5 .docx import
  • Improved Wiz issue import to prevent timeouts
  • Fixed Not importing Column Q (Vendor Last Check In Date) of POAM spreadsheet
  • FedRAMP Inventory: Handle end of life missing and populate if present

[5.73.1] - 2024-09-11

Fixed

  • Updated imports to optimize performance during FedRAMP Rev5 inventory workbook import
  • Software inventory now saving to assets properly during Aqua import
  • Whitespaces in part statements when importing FedRAMP Rev 5 SSP Appendix A

[5.73.0] - 2024-09-10

Added

  • Added Stig Mapping Engine to Scanner Integration
  • Added Stig Mapping json Config
  • Added Sbom importer from wiz sbom report into ssp
  • Support for Python 3.12
  • Added option for poamTitleType, Cve (default) or pluginId during POAM creation
  • RiskAdjustment field to Issue model

Changed

  • Updated Jira integration to add a comment to the Jira issue when creating it containing populated RegScale issue fields & link to the issue in RegScale
  • ScannerIntegration to use new IntegrationFindingId field in RegScale
  • Risk Adjustment column (Column U) logic for POAM importer to use the new RiskAdjustment field in Issues

Fixed

  • Fixed Duplicate Components being created in scanner integration
  • Delayed import of pandas
  • Fixed STIG Integration mappings
  • Fixed Model caching bug
  • Fixed authentication error in Okta integration
  • Fixed Wiz Inventory filter param
  • Missing F String during header error handling during flat file imports
  • Software inventory version datatype during Aqua import
  • Make sure artifacts directory exists, before trying to write files to it during Tenable integration
  • FedRAMP Rev5 Appendix A .docx importer:
    • Precedence for Not Applicable when multiple control imp statuses are selected.
    • "Implementation Pending" to "Planned"

[5.72.0] - 2024-08-30

Added

  • Aqua flat file Import:
    • Support for excel file types
    • Capabilities for extra columns
  • Move files routine to Nessus import

Fixed

  • Errors during scan file imports
  • Handling errors or bad data during Aqua import
  • Error during Nessus file import

Removed

  • Unused methods for Snyk, Nexpose and Prisma file imports

[5.71.0] - 2024-08-29

Added

  • Added Wiz report to RegScale Evidence locker via regscale wiz add_report_evidence
  • Option to filter work notes to update in RegScale via regscale_id and regscale_module during ServiceNow integration
  • Option to filter incidents from ServiceNow by adding --all False to the regscale servicenow issues_and_attachments command
  • find_by_service_now_id method to the Issue model to find issues with a ServiceNow Incident ID

Changed

  • import-fedramp-ssp-xml-rev4 command to import-fedramp-ssp-xml
  • Updated column logic for POAM Importer

Fixed

  • SystemName parsing during FedRAMP import
  • RegScale platform Version check
  • Fixed bug causing errors around object caching in the RegScale CLI
  • Much better performance for Tenable IO Assets and Vulnerability imports
  • ServiceNow integration sync_work_notes
  • Errors during bulk excel editor commands

[5.70.2] - 2024-08-27

Fixed

  • Error in check_text function during FedRAMP importer
  • POAM importer starting row number
  • Bug causing errors around object caching in the RegScale CLI
  • Extra spaces appearing in fields during FedRAMP Rev5 Appendix A import
  • Original detection date not importing during POAM import

[5.70.1] - 2024-08-23

Fixed

  • Handle invalid create API returns from RegScale when it returns id as 0
  • Update justification on RA deviations

Added

  • Add AdjustedRiskRating to POAM importer

[5.69.0] - 2024-08-21

Added

  • Durosuite Integration via regscale durosuite

Fixed

  • Bug causing issues to close during import
  • Bug preventing Wiz cli from using the project id passed

[5.68.1] - 2024-08-20

Fixed

  • Bug in Burp integration when assigning IPAddress
  • Asset identifiers not mapping correctly during Tenable Nessus integration
  • FileTag model to Tag to match RegScale
  • Error during tag creation when uploading files to RegScale via CLI

[5.68.0] - 2024-08-19

Added

  • Tagging model used in Files and Properties classes
  • TagMapping model used for mapping tags to Files or Properties
  • Deviation Request Forms can now be imported and saved as RegScale deviation via regscale fedramp import-drf
  • POAM import field mappings are improved
  • Added ScannerIntegration to the Tenable SC integration
  • New command to ServiceNow integration to sync RegScale and ServiceNow Incidents as well as their attachments via regscale servicenow issues_and_attachments
  • RegScale object validation to XRay import

Changed

  • Added ScannerIntegration to the Tenable SC integration
  • Updated logging for an issue breakdown before saving it to RegScale
  • Renamed tag model to filetag and update codebase
  • Made issueCreation and vulnerabilityCreation variables required and to be set by the user

Fixed

  • Update pluginIds for Tenable SC findings
  • make sure flat file integrations create poams, setting the ScannerVariable
  • Plugin Id added to Tenable SC
  • regscale version check during ScannerIntegration
  • issueOwnerId not being set to current CLI user in Issue data model
  • Use a more simple and faster hashing algorhythm for unique otherIdentifier naming

Removed

  • Unused and deprecated create_issue() method used in flat file integrations

[5.67.0] - 2024-08-09

Added

  • Defender flat-file import, based on ScannerIntegration class via regscale defender import_alerts
  • otherId to the ControlParameter model to support Rev5 OSCAL compliant catalogs
  • vulnerabilityCreation options
  • Added missing fields to ControlImplementation model
  • Add support for IBM AppScan CSV ingestion via regscale ibm import_appscan

Changed

  • FedRAMP Rev 5 SSP import to use the new otherId field in the ControlParameter model
  • Tenable SC integration to use ScannerIntegration class for unified parsing and record creation throughout the CLI

Fixed

  • Error during Jira integration when creating issues in Jira
  • TypeError during regscale tenable sc query_vuln command
  • Use IP address for nessus scan asset identifiers
  • Parameter names showing non-human readable format during FedRAMP Rev5 .docx import

Removed

  • tenable sc trend_vuln command
  • __eq__ and hash methods from Issue model

[5.66.1] - 2024-07-31

Fixed

  • Fixed broken generator and typo in IntegrationFinding for the FlatFileImporter

[5.66.0] - 2024-07-31

Added

  • Bulk excel editor for RegScale assessments, controls, issues, components and assets via regscale model

Changed

  • Burp Integration will now use ScannerIntegration
  • Set finding vulnerability type correctly for Flat File scans
  • System name parsing during FedRAMP import will now use System Name from Table 1.1, if not found, it will use the System Name from the title page
  • .XML import to use new otherId field, if available, to support changes in Rev 5 Catalogs

Fixed

  • FedRAMP appendix A import not setting control responsibility or control source
  • Fixed Wiz bug caused by not having preset full pull limit variable in init.yaml

[5.65.0] - 2024-07-30

Added

  • ScannerIntegration to the FlatFileImporter for unified parsing and record creation throughout the CLI

Changed

  • Renamed the ContainerScan class to FlatFileImporter

[5.64.0] - 2024-07-30

Added

  • Progress bars when using batch_update method in RegScale models

Changed

  • Improved CLI performance

Fixed

  • Progress bars when using batch_create method in RegScale models
  • Typo in burp integration
  • Ensure we create vulnerabilities for Wiz GHSA vulnerabilities

[5.63.1] - 2024-07-24

Fixed

  • Progress bars not displaying correctly

[5.63.0] - 2024-07-24

Fixed

  • Incorrect url in Vulnerability creation method

[5.62.0] - 2024-07-23

Changed

  • Updated Wiz Vulnerability and Asset integrations for new vulnerability workflow.

Fixed

  • FedRAMP Import Fixes:
    • Parameters during FedRAMP Rev4 SSP .docx import not getting created or updated
    • FedRAMP Rev5 .docx importer parts not importing properly

[5.61.0] - 2024-07-19

Added

  • Proper vulnerability and scan history creation with the Tenable SC integration
  • Logic to close vulnerabilities that are no longer found for any assets

Changed

  • Details for running active user report in Automation Manager
  • Improved Tenable integration code structure and optimization

Fixed

  • FedRAMP .docx Import:
    • Required fields not having a default value when not found during import
    • Responsible role parsing
    • Leveraged authorization parsing

[5.60.0] - 2024-07-16

Added

  • User Email report CLI functionality via regscale admin_actions user_report
  • Added Wiz Sbom integration to ingest Wiz SBoM data into RegScale
  • Ability to parse Veracode XLSX files via regscale veracode import_veracode
  • Support for ingesting Qualys scan artifacts into RegScale via regscale qualys import_scans

Changed

  • Updated Docs dockerfile
  • Error message when unable to login to remove false statement of missing MFA Token

Fixed

  • Updated errors during login to gracefully exit instead of having exceptions on failed login
  • FedRAMP Rev 5 Import:
    • Parameters not being imported
    • Control Parts not populating correctly
  • Creating links when importing flat files

[5.59.0] - 2024-07-03

Added

  • Syncing JIRA tasks as RegScale tasks. Tasks will create and update in RegScale based on JIRA information
  • Added terraform to build RegScale CLI Lambda
  • Added S3 compatibility for STIG checklist processing

[5.58.0] - 2024-06-28

Added

  • ECR CSV and JSON file Scan ingestion via regscale ecr import_ecr
  • Updating catalogs via the platform regscale catalog update_via_platform
  • Checking the platform for updatable catalogs via regscale catalog check_for_updates

Fixed

  • Deprecation warnings in AirFlow container to prevent future issues

[5.57.0] - 2024-06-25

Added

  • FedRAMP Imports:
    • MultiSelect on word docx Appendix A Control implementation status if multi-selected set to "Not Implemented"
    • Importing of control-implementation status boolean status values as well as multi-select on control-origination values
      • Warning if control-implementation status does not match FedRAMP Approved values

[5.56.0] - 2024-06-24

Added

  • Support for ingesting AWS Inspector scan artifacts into RegScale via regscale aws inspector import_scans

Fixed

  • Sync Vulns error in Tenable IO

[5.55.0] - 2024-06-15

Changed

  • Endpoint used during validate_token

[5.54.0] - 2024-06-15

Added

  • Checking RegScale ID and module provided before running POAM import
  • Additional mappings during FedRAMP POAM Import

Changed

  • Stig Mapper to the CLI to map STIGs to RegScale Assets added property field to match on any field of asset model

Fixed

  • Issue will now close if the vulnerability that created it isn't located in the nessus scan
  • Duplicate Vulnerabilities being created in RegScale
  • Fixed issue where formulas were reported as values during POAM import

[5.53.0] - 2024-06-12

Added

  • Added Stig Mapper to the CLI to map STIGs to RegScale Assets

Fixed

  • Parsing identification from Excel workbook during regscale issues load command
  • Error during stig integration when parsing Vulnerabilities

[5.52.0] - 2024-06-11

Changed

  • AttributeError during tenable io sync_assets command
  • Updated consistency in CVE and Title mapping during flat file imports
  • Controls with no data during FedRAMP .docx import are now set to "Not Implemented" instead of "NA"

Fixed

  • Fixed date time string parsing during tenable io sync_vulns command
  • Parts not being mapped even though they are in the FedRAMP .docx document
  • Various bugs parsing CVE when creating CVEs during regscale wiz vulnerabilities command

[5.51.0] - 2024-06-10

Changed

  • Updated Tenable IO to use delta loads to follow Tenable integration standards

Fixed

  • Email subject sent to users with upcoming items when using admin_actions send_reminders
  • Timing warnings will only be displayed if logger level is set to DEBUG
  • Logic using Aqua, Burp, ECR, Nexpose, Prisma, Snyk, & XRay flat file imports to close issues in RegScale if they are not found in subsequent flat file imports

[5.50.0] - 2024-06-06

Added

  • STIG integration for importing assets, creating Issues and setting Control Status from STIG files.
  • [BETA] FedRAMP Rev5 CIS/CRM import via regscale fedramp import-cis-crm
  • [BETA] FedRAMP POAM worksheet import to RegScale issues via regscale fedramp import-poam
  • File tags during FedRAMP XML import
  • Link creation during Prisma and Snyk flat file imports on issues if a link is available during parsing
  • Logic to close issues in RegScale if they are not found in subsequent flat file imports (Aqua, Burp, ECR, Nexpose, Prisma, Snyk, & XRay)
  • Wiz Cloud Configuration, Host and Data Findings

Fixed

  • Fixed issues of missing parts on FedRAMP Docx importer
  • Error during regscale wiz issues command
  • Fixed issues of missing params on FedRAMP Docx importer
  • Updated Tenable SC to not use the now deprecated api.update_server method
  • KeyError experienced during prisma import_prisma
  • Mapping asset.find_os if no operating system is provided
  • Possible AttributeError during ecr import_ecr
  • Reduced import time to speed up commands

Changed

  • Updated Tenable IO asset fetch to cache on disk instead of memory

Removed

  • regscale stig command, replaced with regscale stigv2

[5.49.0] - 2024-05-24

Changed

  • When uploading a FedRAMP Rev5 .docx SSP when using regscale-rest, you will be redirected to the created SSP in RegScale upon completion
  • Logging for missing controls during FedRAMP .xml import

Fixed

  • Param and objective mappings now parse correctly during FedRAMP Rev5 .docx import
  • Importing FedRAMP Rev5 .docx SSPs with Appendix A .docx file now works correctly in the flask application when using regscale-rest
  • Parsing and importing components during .xml import in the flask application when using regscale-rest

[5.48.0] - 2024-05-22

Added

  • Command to import a FedRAMP Rev5 appendix a to an existing SSP in RegScale via fedramp load-fedramp-appendix-a
  • Option to import Rev 4 .docx SSPs with Appendix A .docx file in the flask application when using regscale-rest

Fixed

  • FedRAMP command to execute correctly: fedramp import-fedramp-ssp-xml-rev4
  • Styling issue on counts on the FedRAMP import SSP results page

[5.47.0] - 2024-05-21

Added

  • Feedback on the page during the SSP import process when using regscale-rest and uploading a FedRAMP .XML System Security Plan

Changed

  • Updated UI in the file import process when using regscale-rest
  • When clicking the view SSP during a FedRAMP import, the SSP will now open in a new tab

[5.46.0] - 2024-05-17

Added

  • More integrations and jobs to populate Automation Manager in RegScale
  • Vulnerability information during wiz issues command

Fixed

  • Error when creating issues in tenable sc query_vuln

[5.45.0] - 2024-05-15

Added

  • NessusReport.close_issues method to handle automatically closing issues based on scans
  • ReportGenerator class to easily generate simple .csv reports from a list of changed objects which can be uploaded to RegScale and/or saved locally

Changed

  • Updated Tenable IO integration to use the Exports API for asset downloading

[5.44.0] - 2024-05-13

Added

  • A --server flag to the regscale version command to pull down the RegScale server version, if available
  • Log file uploaded to SSP when importing FedRAMP documents via CLI

Fixed

  • Date parsing in CISA integration

[5.43.0] - 2024-05-09

Added

  • Visual feedback when creating data in RegScale during regscale wiz issues command
  • Vulnerabilities that are not in subsequent scans are closed as well as issues related to those vulnerabilities

Changed

  • Removed Vulnerability ID from the expected headers for the regscale prisma import
  • Updated regscale nexpose import to map the IP Address using the IP Address column
  • Improved speed during regscale wiz issues command

Fixed

  • Error when uploading a .PDF file via regscale upload_file, the file preview was not displaying
  • FedRAMP Rev5 Importer:
    • Errors during Implementation Options
    • Required fields for parameters
    • Leveraged Authorization parsing

[5.42.0] - 2024-05-07

Added

  • Internal testing for the flask application

Fixed

  • Flask application not starting when running regscale-rest command

[5.41.1] - 2024-05-06

Fixed

  • Error during the Nessus import functionality

[5.41.0] - 2024-05-03

Added

  • FedRAMP Rev5 Imports:
    • Inventory .xlsx importer
    • Appendix A .docx importer
  • Added Catalog Sync Security Plan to sync a security plan with an updated catalog

Changed

  • Updated Catalog Updater to work with newer catalogs

Changed

  • get_all_by_parent on Assets to use the new get_all_by_search API endpoint

[5.40.0] - 2024-05-01

Added

  • Wiz vulnerability integration to ingest Wiz vulnerability data into RegScale
  • processStatus to Asset model which maps to NSA-Approved Process Status

Fixed

  • KeyError when parsing # of days from init.yaml if it wasn't populated during flat file vulnerability imports

Security

  • Updated dependencies

[5.39.0] - 2024-04-26

Added

  • Amazon ECR container scan support to the CLI

Change

  • Updated approach on fetching vulnerability data from Qualys to prevent timeout errors

Fixed

  • Wiz issues integration not being able to create/update issues in RegScale
  • Date parsing during Cisa integration
  • Error during Intune integration when a device has never logged in
  • Burp ingest error on NoneType response data
  • Multiple possible errors during the Qualys integration
  • Parsing users during FedRAMP Rev5 XML import
  • Error when parsing components with no implementation statements during oscal component

Security

  • Reworked the RegScale-CLI container build process

[5.38.0] - 2024-04-15

Fixed

  • Date parsing bug that would fail on oddly formatted date strings during Aqua import
  • Help text within the Aqua integration.
  • Wiz issues integration not being able to create/update issues in RegScale
  • Errors during Oscal component import

[5.37.0] - 2024-04-09

Security

  • Updated dependency versions

Added

  • Functionality for FedRAMP XML import to support rev4 and rev 5 OSCAL XML as they are all 1.x.x versions of OSCAL
  • New registry file for catalog downloads

Fixed

  • Multiple errors during the Intune integration
  • FedRAMP rev5 OSCAL XML Import:
    • Responsible parties not being correctly parsed
    • Added parameter parsing for inclusion of odp parameters
  • FedRAMP rev4 OSCAL XML Import:
    • Address FedRAMP default system role import assignments
    • Parts parsing for implementationObjectives
    • Optimization for security control lookups

[5.36.0] - 2024-03-29

Added

  • Option to add assets under components for scanner integration
  • --scan_date option to flat file imports: Aqua, Prisma, Nexpose, and Snyk

Changed

  • Improved logging messages and outputs during the Jira integration

Fixed

  • Duplicating issues in Jira and RegScale during Jira integration
  • Email message sent from admin_actions send_reminders now uses the correct styling
  • Bug that could cause a Scan creation to fail in the Tenable Nessus integration
  • Bug in GCP Integrations where it didn't match control ids in a case-insensitive manner
  • Missing mapping files during the Crowdstrike integration
  • Added a catalog import function to the catalog cli. This will use the new RegScale Catalog import API.
  • FedRAMP rev4 .docx importer:
    • Controls not being imported
    • Incorrect parsing of system roles

Changed

  • Wiz issues:
    • Now utilizes graphql client
    • Improved issue data mapping

[5.35.0] - 2024-03-20

Added

  • XRay integration to ingest .json files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
  • Logic to handle additional columns than required during Nexpose, Snyk & Prisma imports
  • Prepared By and Prepared For tables to the FedRAMP Rev4 .docx importer
  • FedRAMP Rev4 .docx Importer:
    • Version from title page
    • Prepared By and Prepared For tables

Fixed

  • Inventory Asset Mapping for Wiz integration
  • Additional endpoints to Issue model to support batch_update & batch_create

Fixed

  • GCP Integration: Fixed issue with asset import and component mappings

[5.34.0] - 2024-03-14

Added

  • Stigv2 integration for importing assets from STIG files.

Fixed

  • Failed issue creation during AWS integration
  • Error finding unique object during GCP integration
  • Errors during Prisma flat file import
  • Errors during Snyk flat file import
  • Errors during Aqua flat file import
  • Errors during Nexpose flat file import

[5.33.1] - 2024-03-08

Added

  • Profile data object to match RegScale data model

Changed

  • FedRAMP Rev4 .docx importer
    • Improved logging for controls and leveraged authorizations
    • Sped up SystemRole processing

Fixed

  • FedRAMP Rev4 .docx importer
    • Prematurely ending the import process when parsed controls > base profile controls
    • Parsing port numbers and protocols
    • Incorrect number of controls imported displayed on SSP Import Results Summary

[5.33.0] - 2024-03-07

Added

  • crowdstrikeBaseUrl to the init.yaml file

Changed

  • Updated regscale emass populate_controls to use CCIs instead of control IDs when mapping assessment results
  • Fixed AttributeError during GCP integration and Prisma flat file import

[5.32.0] - 2024-02-29

Added

  • Cloud service fields and cloud deployment fields when parsing FedRAMP .docx during import
  • Purpose statement during FedRAMP document import

Changed

  • Updated Cryptography version to 42.0.0 to remove security vulnerabilities
  • Fixed bug causing System Description not being populated during FedRAMP document import
  • AutoCompress large files, warn user when a file is too large to post to RegScale
  • Added testing for file uploads and deletion in RegScale

[5.31.0] - 2024-02-24

Added

  • Added GraphQL client and handler for GraphQL queries
  • Stigv2 integration for importing assets from STIG files.

Changed

  • Refactored Wiz Inventory integration to use GraphQL client and handler
  • Fixed issue during Burp integration when creating issues in RegScale
  • Separated Nexpose and Prisma flat file ingest into two separate integrations
  • ServiceNow's data fetching and issue/incident syncing to be more consistent and reliable
  • Improved control editor file not found error to gracefully exit
  • Modified System Roles to populate correctly during regscale fedramp doc imports

[5.30.2] - 2024-02-16

Added

  • N/A

Changed

  • Fixed System Role and Leveraged Authorization errors during creation and updating experienced in the FedRAMP integration

[5.30.1] - 2024-02-16

Added

  • N/A

Changed

  • Improved healthcheck to fail gracefully when no domain is set
  • Bugfixes:
    • Corrected incorrect mapping control assessments during regscale emass populate_controls
    • Added logic to handle instances with no facilities and/or organizations correctly in regscale assessments integration
    • Incorrect hash when downloading attachments from RegScale during Jira integration
    • False 401 error during regscale login when expired token in init.yaml
    • Fixed Wiz and Tenable Nessus bugs when creating Assets and Issues
    • Fixed bug with CatalogCompare, now it will increment Tests, objectives and parameters correctly

[5.30.0] - 2024-02-14

Added

  • Summary report to inform user what was updated in RegScale when syncing vulnerabilities in Tenable IO integration

Changed

  • Fixed various bugs experienced during Wiz integration
  • Updated AWS integration by removing deprecated functions and improved internal testing
  • Fixed Issue with CrowdStrike integration while fetching existing incidents from RegScale

[5.29.0] - 2024-02-09

Added

  • N/A

Changed

  • Updated Tenable IO to cache vulnerability results from Tenable to disk, instead of memory.
    • Use the tenableMinimumSeverityFilter config value as a filter for Tenable vulnerabilities
  • Fixed issue in application.save_config not updating config in API_Handler or API classes
  • API_Handler is now an extension of the Application class
  • API object no longer needs Application class to be instantiated
  • Improved internal testing for supported versions of Python

[5.28.4] - 2024-02-02

Added

  • Additional columns to wrap text in Control Editor workbooks

Changed

  • Fixed methods in Assessment, Catalog and CustomField models

[5.28.3] - 2024-02-01

Added

  • Aqua integration to ingest Aqua .csv exports into RegScale via regscale aqua

Changed

  • Enhanced Wiz inventory report processing
  • Crowdstrike model parsing to better align to RegScale data models
  • Fixed issue in GCP integration where duplicate assessments were created
  • Updated models to use the newest version of Pydantic
  • Updated Airflow to version 2.8.1

[5.28.2] - 2024-01-25

Added

  • GCP Features: Added passing controls, create issues for findings and ability to scan on a project or organization level

Changed

  • Bugfix: Fixed issue in tenable io integration causing incorrect vulnerability counts & possible KeyErrors

[5.28.1] - 2024-01-24

Added

  • Snyk CLI Integration added to ingest Snyk .xlsx exports as assets, issues, vulnerabilities and scans to a Security Plan in RegScale

Changed

  • Fixed multiple issues during FedRAMP XML and .DOCx imports
  • Updated dependencies to latest versions
  • Hardened docker container image

[5.28.0] - 2024-01-17

Added

  • Logic during the setup process to prevent installation of the CLI if the user is not using a supported version of Python
  • Google Cloud Platform integration to pull assets and findings from GCP into RegScale via regscale gcp

Changed

  • Improved memory usage by leveraging pickling instead of passing large objects between methods
  • Improved batch insert and update methods for Issue model
  • Updated batch insert and update methods with improved batch functionality to Asset model
    • Batch issue (still defaulting to threading) is not enabled yet, but will in a subsequent release

[5.27.0] - 2024-01-13

Added

  • Palo Alto/Prisma integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
  • Rapid7/Nexpose integration to ingest .csv files into RegScale as assets, issues, vulnerabilities and scans to a Security Plan in RegScale
  • Logic to wiz integration to add assessments to implementations from the data returned from Wiz

Changed

  • Bugfixes:
    • Compliance report could have passing and failing control ids for the same control
    • Added logic to prevent crashes during Crowdstrike integration when unable to find techniques
    • Issue not allowing you to run the regscale-cli container as a flask api server with regscale-rest entry point
    • Improved testing for Sicura integration
    • KeyError with tag_values in the Nessus integration when no tag key is present
    • Update batch insert and update methods with improved batch functionality to Asset model
    • Refactored DAGs to match expected format for RegScale Automation panel
    • Refactored CLI to allow pulling config from platform if running in an Airflow container

[5.26.0] - 2023-12-20

Added

  • N/A

Changed

  • Bugfixes:
    • Error during asset creation in the STIG integration
    • regscale sicura sync_nodes only worked with a record that had existing assets
    • False negative during regscale validate_token when the user was not an administrator
    • regscale sicura sync_nodes didn't verify provided regscale_module before proceeding
    • False positive of differences.txt being created when no differences found during regscale assessments
  • Updated error message when using a CLI command with an invalid token in the init.yaml

[5.25.0] - 2023-12-15

Added

  • Support for ingesting Burp Suite scan results into RegScale using regscale burp
  • Ability to sync compliance posture for Crowdstrike with CSF and NIST 800-53R5 frameworks via regscale crowdstrike sync_compliance
  • Sicura integration to sync nodes and scans into RegScale as Assets and Security Checks via regscale sicura

Changed

  • Refactored regscale assessments for better performance and maintainability
  • Bugfix: Changed approach on concatenating urls in regscale catalog update
  • Bugfix: Incorrectly parsing userId from service account token when using regscale login --token
  • Bugfix: Ensure the compliance score data is populating correctly regscale tenable io sync_compliance_controls

[5.24.0] - 2023-11-29

Added

  • Total Available Ram to the env_info command
  • TenableNessusId and BurpId to the Issues data model
  • Internal notification during release workflow

Changed

  • Fixed Bug causing control implementations to error during creation whilst using FedRAMP docx import
  • Added progress bars to the regscale catalog update command for real time feedback during the process

[5.23.1] - 2023-11-14

Added

  • regscale env_info command to display the current environment information running the RegScale CLI

Changed

  • Optimized CISA integration and data presentation
  • Rewrote the update catalog command to be more efficient and granular
  • Bugfixes:
    • Added default timeout of 60 for all API requests
    • Add scan file as artifact to SSP
    • Fixed issue in Plugin integration model with a non Optional field
    • Improved error handling during the Wiz integration

[5.23.0] - 2023-11-08

Added

  • tenable nessus Tenable Nessus support added to RegScale. Imports Nessus scans and assets to RegScale and creates issues if significant vulnerabilities are found

Changed

  • Bugfixes:
    • Code cleanup during Wiz integration that caused GraphQL errors and inconsistencies
    • Added more checks when analyzing data from Wiz to prevent duplicate issues in RegScale

[5.22.0] - 2023-11-01

Added

  • N/A

Changed

  • Bugfixes:
    • Fixed issue where uploaded files to RegScale via CLI was missing the Upload Date
    • Fixed issue causing FedRAMP docx not working until a version selection was made

[5.21.1] - 2023-10-31

Added

  • regscale-dev make-docs command to create Sphinx documentation for the RegScale CLI

Changed

  • Bugfix: Fixed issue causing FedRAMP docx import to fail during system role parsing

[5.21.0] - 2023-10-24

Added

  • regscale-dev analyze command to analyze the maintainability, tech debt, and other metrics of the RegScale-CLI codebase
  • send reminders dag in airflow to sends reminder email for any Assessments, Issues, Tasks, Data Calls, Security Plans, and Workflows for the users that have email notifications enabled

Changed

  • Color for regscale control_editor to gray
  • regscale-dev calculate-start-time now defaults to a 0 instead of a None if the regex is not met
  • Wiz issues are now merged by the issue type, the individual Wiz ID's will show up in the issue description

[5.20.2] - 2023-10-18

Added

  • Added two new fields to asset data model to match RegScale asset data model
    • Diagram Level
    • Location

Changed

  • N/A

[5.20.1] - 2023-10-12

Added

  • Ability to add Control Owner during regscale control_editor
  • Highlighted columns in Excel workbook indicating editable data when using regscale control_editor

Changed

  • Bugfix: Fixed errors causing Wiz to crash when fetching all items

[5.20.0] - 2023-10-10

Added

  • Logic to parse date during license validation to support different date formats

Changed

  • regscale init now defaults to passed domain and will also log in with a token if passed and skip-prompts is passed
  • Updated Airflow to version 2.7
  • Bugfix: Fixed issue with regscale-dev calculate-start-time on different linux distributions
  • Bugfix: Improved error handling when using regscale-rest uploader pages
  • [BETA] Regscale-CLI REST Server Docker image
  • Bugfix: Fixed console log during Jira integration always showing a 0 when updaing issues in RegScale

[5.19.0] - 2023-10-02

Added

  • STIG Uploader page that supports single .ckl and .zip file uploads in regscale-rest
  • FedRAMP Rev4 .docx SSP uploader in regscale-rest

Changed

  • Bugfix: Fixed issue causing regscale-rest not to load .html templates
  • Bugfix: Fixed issues in Tenable integration causing unexpected crashes
  • Bugfix: STIG crashes, optimization and ability to recursively search directory for .ckl files if not found at provided parent directory
  • Bugfix: Fixed multiple crash points experienced during FedRAMP Rev 4 .docx SSP import in fedramp load-fedramp-docx

[5.18.2] - 2023-09-26

Added

  • Support for Tenable.io to existing Tenable integration
  • New data model for Risks
  • regscale-dev Click command for testing the speed and performance of the RegScale CLI
  • regscale[airflow-sqlserver] extra to allow for SQL Server integration with Airflow, while not requiring it for airflow

Changed

  • Bugfix: Removed bugs causing regscale migrations to fail while optimizing the workflow
  • Improved AWS integration performance
  • Bugfix: Removed creation of duplicate assets and checklists

[5.18.1] - 2023-09-21

Added

  • N/A

Changed

  • Removed | operator to prevent crashes while using the CLI with Python 3.9

[5.18.0] - 2023-09-20

Added

  • Add [airflow-azure] extra for managing Azure Airflow deployments
  • Logic to nist sort_control_ids command to retry failed controls

Changed

  • Optimized: regscale nist sort_control_ids command to iterate all controls one time while sorting the control ids instead of multiple loops
  • Enhancement: Save wiz json data to RegScale properties instead of dumping to description field
  • Wiz Enhancements:
    • Save wiz json data to RegScale properties instead of dumping to description field
    • Refactoring code for readability and bugfixes
  • GitHub Workflows related to airflow
  • Bugfix: Fixed issue while processing system roles in regscale fedramp load-fedramp-docx

[5.17.1] - 2023-09-13

Added

  • Description for the regscale upload_file command
  • [BETA] Added Crowdstrike integration to pull incidents from Crowdstrike as incidents and assets in RegScale

Changed

  • Removed remaining getAll calls from STIG integration
  • Bugfixes in STIG integration
  • Bugfix in the FedRAMP parse .docx command

[5.17.0] - 2023-09-13

Added

  • Added regscale upload_file to upload a file to RegScale that will parse embedded base64 tags and upload them as well
  • Added functionality to SecurityPlan class to create new ssp from an SSP model
  • Added ability to upload files via requests to RegScale-CLI REST API
  • Added a File Upload GUI to the RegScale-CLI REST API
  • Added log message when validating token

Changed

  • Improved url normalizing to support domain without trailing slash in init.yaml
  • Replaced all getAll calls in the CLI because of their removal in RegScale
  • Bugfix: Fixed errors encountered during FedRAMP .docx importing to RegScale
  • Bugfix: Unable to authenticate with Wiz

[5.15.0] - 2023-08-22

Added

  • Airflow DAG to reset init.yaml if needed

Changed

  • Updated DAG setup method to correct for a bug
  • Streamlined Airflow Dockerfile for cloud deployment
  • Fixed a merge error artifact in Dockerfile.ironbank
  • Added handling in airflow_init.sh to create database if it does not exist
  • DAG docstring updates for knowing required params on platform
  • Expanded DAG timeout execution to 3 hours
  • regscale init modified to properly set domain from env or if passed
  • Added helpful console outputs and instructions when running API client via regscale-rest
  • Refactored regscale catalog update for a better and faster user experience
  • Bugfixes: updated multiple bugs encountered during the catalog update

[5.14.1] - 2023-08-18

Added

  • Better error handling when logging into RegScale
  • Parsing userId from the token when logging in with a token and now saves it to init.yaml
  • Added mfa_token parameter to the regscale init command

Changed

  • Bugfix: If using regscale login with environment variables, the domain will now be saved to init.yaml to prevent future errors during a workflow
  • Removed REGSCALE_USERNAME occurrences to use REGSCALE_USER instead

[5.14.0] - 2023-08-15

Added

  • Added SonarCloud integration along with Airflow DAG to pull in SonarCloud issues

Changed

  • Fixed issue for Airflow DAGs that were not running due to incorrect config template
  • Various bugfixes for catalog updater

[5.13.1] - 2023-08-10

Added

  • Additional logging for interactions with Salesforce when uploading attachments
  • Airflow DAGs to separate CISA operations into separate DAGs
  • Added Dependabot to scan GitHub repo via CLI, DAGs, and REST API

Changed

  • Bugfix: corrected issue in ReadMe.io version workflow that preventing the version to be updated during release
  • Temporarily removed SQL Server integration until dependency conflict is resolved
  • Bugfix: Fixed issue in Salesforce integration causing duplicate attachments in Salesforce & updated console outputs during task

[5.13.0] - 2023-08-08

Added

  • [BETA] Functionality to update existing catalogs in RegScale via CLI command
  • [BETA] Added Salesforce integration to sync Cases in Salesforce and Issues in RegScale along with attachments
  • Airflow DAGs to pull in Recommendations, Alerts from Microsoft Defender 365 and Alerts from Defender for Cloud
  • Added sql server integration
  • Added workflow model and workflow helper functions

Changed

  • Bugfix: fixed dags that were experiencing issues during execution
  • Updated FedRAMP integration to include more information in SSP in RegScale
  • Refactored data models of RegScale objects to use Pydantic

[5.12.1] - 2023-08-02

Added

  • N/A

Changed

  • Removed duplicate workflow that updates changelog in ReadMe.io
  • Bugfix: Jira workflow now uploads attachments when creating new issues in RegScale
  • Refactored delete_file function in regscale assessments integration to prevent trying to delete an entire directory

[5.12.0] - 2023-08-02

Added

  • Added the ability to pull REGSCALE_USERNAME, REGSCALE_PASSWORD and REGSCALE_DOMAIN from the environment variables to streamline regscale login and regscale init commands
    • Added an optional param to regscale login: domain
    • if the environment or param options are not populated for --domain or REGSCALE_DOMAIN, regscale login will parse domain from init.yaml
    • If REGSCALE_USERNAME, REGSCALE_PASSWORD environment variables are not populated, the regscale login will revert back to prompting the user for username & password
  • Added Wiz issues and inventory Dags for running wiz through the airflow pipeline
  • Added attachment syncing in the Jira integration to sync issue's attachments between RegScale and Jira

Changed

  • Updated Dockerfile to install all dependencies unless --build-arg="EXTRA=<extra>" is specified, this allows the container to run AirFlow, Flask API Server and defaults to the CLI
  • Changed the flask server to run on port "0.0.0.0" instead of "localhost"/"127.0.0.1" so it can be bound to a local port while running in a Docker container
  • Refactored CLI to use the RegScaleAuth pydantic class for Platform authentication
  • Refactored login command to check provided token's validity before saving to init.yaml
  • Fix Typo in servicenow integration.
  • Bugfix: fixed keyError possibility with wizIssuesReportId
  • Bugfix: None properties causing index error in Wiz integration
  • Removed dynamically created dags from Airflow
  • Updated Jira integration to be bidirectional, issues can be created in RegScale from a Jira board

[5.11.0] - 2023-07-19

Added

  • Airflow Documentation and default configurations as well as a yesterday() function for scheduling yesterday
  • Airflow image is pushed to Dockerhub
  • Airflow DAGs for Tenable, GitLab & Wiz integrations

Changed

  • Bugfix: fixed issue when trying to login with a token instead of username & password
  • Bugfix: fixed error when trying to run CLI flask application
  • Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.

[5.10.0] - 2023-07-12

Added

  • regscale version command to quickly print the version of RegScale-CLI installed
  • File monitoring tools for development, along with watchdog dev dependency and a dev submodule for development help
  • Added file utilities to print contents

Changed

  • [BETA] regscale-rest command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml
  • Fixed issue with GitLab url variable naming
  • Bugfix: Implemented logic to fix AWS integration

[5.9.0] - 2023-07-05

Added

  • N/A

Changed

  • Fixed missing commands for GitLab integration
  • Added support for the new DOD catalog
  • Fixed bug with SSP level option id's not being set properly in STIG integration
  • Replaced click.argument with click.option in regscale oscal component

[5.8.0] - 2023-06-27

Added

  • regscale[server] extra capable of running regscale-server, which launches a REST API
    • this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
    • if no params on the command, then GET method is assumed.
    • This will work with the current init.yaml if ran in the same directory
    • This can also work with the future AppConfig.
  • POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
  • Evidence Build_Package Command for FEDRamp go to market audit process
  • GitLab integration to pull issues into RegSCale with or without links from description

Changed

  • Updated error handling for Wiz when invalid credentials provided
  • Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
  • Refactored catalog utils, replaced export verbiage to download
  • Refactored and fixed bugs in test_poam_editor.py for better test execution

[5.7.0] - 2023-06-21

Added

  • jwt-token parameter for regscale login command
  • Timeout parameter for get_all_from_module function in regscale.core.utils.app_utils.py

Changed

  • regscale login command to use a jwt-token parameter
  • Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
  • Updated and refactored Assessment Editor CLI feature and testing coverage
  • Changed starlette version from 0.26.1 to 0.27.0
  • Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
  • Fixed bug for OSCAL components being updating in RegScale

[5.6.1] - 2023-06-07

Added

  • N/A

Changed

  • Fixed bug with Wiz issues and assets

[5.6.0] - 2023-06-07

Added

  • Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
  • Azure Intune Support
    • Query devices from Intune and sync with RegScale
    • If a device is not compliant, a RegScale issue will be created
  • Added Azure tests

Changed

  • Removed duplicate workflow for updating changelog in ReadMe.io
  • Fixed issue with Intune integration where assets and issues could be duplicated.
  • Fixed incorrect string on click parent id description.
  • Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
  • Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.

[5.5.0] - 2023-05-31

Added

  • AppConfig class example with basic auth
  • Workflow to automatically update the CHANGELOG (CLI) on ReadMe.io when a new release is created
  • Workflow to automatically update the version on ReadMe.io when a new release is created

Changed

  • N/A

[5.X.X] - 2023-07-XX

Added

  • Airflow Documentation and default configurations as well as a yesterday() function for scheduling yesterday
  • Airflow image is pushed to Dockerhub
  • Airflow DAGs for Tenable, GitLab & Wiz integrations

Changed

  • Bugfix: fixed issue when trying to login with a token instead of username & password
  • Bugfix: fixed error when trying to run CLI flask application
  • Hotfix: fixed authentication with RegScale 5.11 or higher. MFAToken is sometimes required.

[5.10.0] - 2023-07-12

Added

  • regscale version command to quickly print the version of RegScale-CLI installed
  • File monitoring tools for development, along with watchdog dev dependency and a dev submodule for development help
  • Added file utilities to print contents

Changed

  • [BETA] regscale-rest command now invokes a simple server, with one thread and no concurrency to prevent overwriting of init yaml
  • Fixed issue with GitLab url variable naming
  • Bugfix: Implemented logic to fix AWS integration

[5.9.0] - 2023-07-05

Added

  • N/A

Changed

  • Fixed missing commands for GitLab integration
  • Added support for the new DOD catalog
  • Fixed bug with SSP level option id's not being set properly in STIG integration
  • Replaced click.argument with click.option in regscale oscal component

[5.8.0] - 2023-06-27

Added

  • regscale[server] extra capable of running regscale-server, which launches a REST API
    • this is dynamically generated via the click infrastructure, and if params are passed, it is assigned POST method
    • if no params on the command, then GET method is assumed.
    • This will work with the current init.yaml if ran in the same directory
    • This can also work with the future AppConfig.
  • POAM/ Issues CLI feature to edit and update existing issues in RegScale via CLI
  • Evidence Build_Package Command for FEDRamp go to market audit process
  • GitLab integration to pull issues into RegSCale with or without links from description

Changed

  • Updated error handling for Wiz when invalid credentials provided
  • Fixed bug in Tenable integration when creating issues in RegScale when Tenable returned zero results
  • Refactored catalog utils, replaced export verbiage to download
  • Refactored and fixed bugs in test_poam_editor.py for better test execution

[5.7.0] - 2023-06-21

Added

  • jwt-token parameter for regscale login command
  • Timeout parameter for get_all_from_module function in regscale.core.utils.app_utils.py

Changed

  • regscale login command to use a jwt-token parameter
  • Updated and refactored Control Editor CLI feature that includes minor bug fix and testing coverage
  • Updated and refactored Assessment Editor CLI feature and testing coverage
  • Changed starlette version from 0.26.1 to 0.27.0
  • Updated the UBI.Dockerfile to have fewer vulnerabilities while being 500+ MB smaller
  • Fixed bug for OSCAL components being updating in RegScale

[5.6.1] - 2023-06-07

Added

  • N/A

Changed

  • Fixed bug with Wiz issues and assets

[5.6.0] - 2023-06-07

Added

  • Worfklow to automatically push RegScalse-CLI+Airflow to ACR and deploy airflow containerapp
  • Azure Intune Support
    • Query devices from Intune and sync with RegScale
    • If a device is not compliant, a RegScale issue will be created
  • Added Azure tests

Changed

  • Removed duplicate workflow for updating changelog in ReadMe.io
  • Fixed issue with Intune integration where assets and issues could be duplicated.
  • Fixed incorrect string on click parent id description.
  • Fixed bug with STIG issue data type, it was using the asdict() method on a Pydantic dataclass.
  • Fixed bug in STIG objective status counter that was causing erroneous implmentation status updates.

[5.5.0] - 2023-05-31

Added

  • AppConfig class example with basic auth
  • Workflow to automatically update the CHANGELOG (CLI) on ReadMe.io when a new release is created
  • Workflow to automatically update the version on ReadMe.io when a new release is created

Changed

  • N/A

[5.4.0] - 2023-05-25

Added

  • AppConfig and Providers class to be implemented with new platform config endpoint
  • RegScaleAuth class that can be used with RegScaleAuth.authenticate() to return a RegScaleAuth object authenticated via env vars.
    • includes .refresh() to refresh a new token
    • .token property returns auth_token secret value, .username is RegScale user and .password is RegScale password as a SecretStr.
    • domain is retrieved from REGSCALE_DOMAIN and it can be 'dev' for dev.regscale.io or 'yourcompany.regscale.io'
  • generate_regscale_domain_url(domain: str) will generate an f-string to {REGSCALE_DOMAIN}.regscale.io with no default it raises an error
  • regscale.core.static.regex <- precompiled regexes for use elsewhere
  • regscale.core.utils.urls <- generate_regscale_domain_url
  • AppConfig class example with basic auth
  • modified the GitHub tests workflow to test the RegScale submodule and all the tests therein
  • add tests for new methods

Changed

  • Updated requests to 2.31.0
  • Refactored send_reminders, compare_files, emass, nist_catalog, jira, qualys, okta and service now integrations for SDK
    usage
  • Fixed bug during Okta token generation

[5.3.1] - 2023-05-18

Added

  • N/A

Changed

  • Updated control sort Id to verify any previous sort Ids are correct before updating them

[5.3.0] - 2023-05-17

Added

  • N/A

Changed

  • Updated UBI docker image to use newer version with less vulnerabilities
  • Refactored and optimized uploading file to RegScale via CLI

[5.2.1] - 2023-05-12

Added

  • Additional checks and validations to the STIG integration
  • Install options for Airflow and Ansible
  • Option to process FedRAMP catalogs in OSCAL integration

Changed

  • Fixed bug in FedRAMP integration

[5.2.0] - 2023-05-10

Added

  • N/A

Changed

  • Revamped Fedramp testing and improved testing for FedRAMP integration
  • Improved testing for CISA integration
  • Changed version for Cryptography dependency to prevent conflict with OpenSSL

[5.1.0] - 2023-05-04

Added

  • Testing for Wiz integration
  • AWS Security Hub integration & tests
    • Sync findings from AWS security hub to a RegScale security plan
    • SSP implementations will update and issues will be created if desired

Changed

  • Completely refactored the CLI for better performance and maintainability
  • Removed unused dependencies from requirements.txt
  • Updated docker build process to remove setuptools after install, this removes a moderate vulnerability for the Python
    3.9 image
  • Updated handling of GraphQL query timeout errors and increased GraphQL query timeout on the API Graph call

[5.0.0] - 2023-04-25

Added

  • N/A

Changed

  • Bug Fix: Fixed docker hub release workflow and removed critical vulnerability in docker image
  • Updated testing coverage to include testing for the Qualys integration & catalog functionality

[4.26.1] - 2023-04-20

Added

  • N/A

Changed

  • Bug Fix: Fixed control implementations duplicating during OSCAL import
  • Updated Catalog tools to pull data from cloud storage instead of a local file for easier maintenance
  • Updated Wiz functionality to properly link to assets along with Checks and Remediation info in the POAM tab of the
    issue

[4.26.0] - 2023-04-19

Added

  • Added catalog command to allow users to export, compare and diagnose catalogs

Changed

  • Bug Fix: Added verify flag to download_file function to prevent errors during download
  • Bug Fix: Correctly upload components and update changed component control implementations
  • Moved testing artifacts to Azure blob
  • Implemented more tests during update to ensure application integrity

[4.25.1] - 2023-04-13

Added

  • Added STIG integration to pull assets, issues and security checklists data into RegScale and update implementations
    from STIG Checklist rules.
  • Added at STIG test
  • Added command to get_template for the eMASS Control Template in the eMASS integration

Changed

  • Update workflow test yaml
  • Bug fix: Fixed error handling when fetching assets when no assets were associated to the provided record
  • Changed query_vuln command in Qualys integration to sync_qualys to better reflect the function of the command
  • Updated final output message to include # of rows not populated during populate_controls in eMASS integration
  • Bug fix: updated SBOM workflow to leverage secrets
  • Bug fix: Fixed issues encountered during the test_evidence.py

[4.25.0] - 2023-04-12

Added

  • Added Qualys integration to pull assets & vulnerabilities data into RegScale from Qualys

Changed

  • Bug fix: Fixed issue in evidence.py integration
  • Bug fix: Fixed issue in api.py causing errors during Wiz workflow
  • Enhancement: Updated logic and performance throughout the CLI

[4.24.1] - 2023-04-06

Added

  • N/A

Changed

  • Bug fix: Fixed issue causing docker build to script to hang during build process
  • Bug fix: Changed setup.py to parse requirements.txt to prevent version conflicts
  • Bug fix: removed | operand in Api.py to support Python 3.9

[4.24.0] - 2023-04-05

Added

  • N/A

Changed

  • Bug fix: Update objective filter to ensure Rev 5 enhancement objectives are populating.
  • Updated domain for tests to use the correct DEV instance
  • Changed test catalog for test_oscal.py to a smaller catalog to speed up testing

[4.23.0] - 2023-03-28

Added

  • N/A

Changed

  • Upgrade upload_sbom.py to prevent false negatives and better log status code of unsuccessful API call
  • Bug fix: Update CISA Alerts integration to handle updated CISA.gov website

[4.22] - 2023-03-23

Added

  • Add copyright notice to ssp_management.py

Changed

  • Bug fix: Enforce Path type for input and output in oscal cli wrapper
  • Bug fix: Update Tenable integration
  • Refactor assessment editor

[4.20.1] - 2023-03-11

Added

  • New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans
  • Added generation of Red Hat Universal Baseline Image (UBI) dockerfile

Changed

  • Update build process to also generate Red Hat Universal Baseline Image (UBI)

[4.20.0] - 2023-03-07

Added

  • New standalone CLI to export, import, and migrate Control Implementations and Parameters between Security Plans

[4.20.0] - 2023-03-08

Changed

  • Provide helpful Alien Vault error on failed API key
  • Revised populating eMASS SSP spreadsheet assessment fields to highlight cells missing data and adding comments of what
    needed to be done by the user
  • Updated Wiz integration: import SecurityChecks and Recommended Actions to RegScale Issues; concatenate imported
    securityChecks with updated Wiz control IDs; update default Wiz report age
  • Updated missing docstrings and missing function typing

[4.19.2] - 2023-03-03

Changed

  • Bug Fix: Implemented logic to get the correct sort id for older catalogs in nist sort_control_ids

[4.19.0] - 2023-03-01

Added

  • New [BETA] Alien Vault OTX threat integration to pull pulse information into RegScale
  • New [BETA] Update an eMASS controls formatted workbook with controls with assessments from RegScale with the provided
    SSP ID

Changed

  • Security: Removed credentials used for testing integrations replacing with GitHub action secrets
  • Bug Fix: Control Editor problem preventing spreadsheet generation
  • Refactored Control Editor to use GraphQL

[4.18.2] - 2023-02-24

Changed

  • Bug Fix: Improve FedRAMP import with better handling of exceptions.

[4.18.1] - 2023-02-23

Changed

  • Bug Fix: Correct parsing of FedRAMP OSCAL catalogues
  • Updated GraphQL query and logic for send_reminders function
  • Updated docstrings for reformat_str_date function
  • Corrected typo in CHANGELOG

[4.18.0] - 2023-02-22

Added

  • New support for OSCAL 1.0.4 and the Austrailian ISM catalog
  • New support for editing assessments in a spreadsheet external to RegScale
  • Add --obj_to_control option to oscal command to convert 800-53 objectives to controls during catalogue import
  • Add --new_catalog_name option to oscal command to define catalogue name during import

Changed

  • Bug Fix: Correct parsing of NIST 800-53 Rev 5 objectives and parameters
  • Improve outputs of OSCAL import to be clearer and more concise during the workflow
  • Update package testing instructions in README
  • Update docker tag to "latest"

[4.17.2] - 2023-02-20

Changed

  • Revised order of Python libraries

[4.17.0] - 2023-02-15

Changed

  • Bug Fix: Updated logs & console output for encrypt/decrypt and fixed bug causing user to set their password twice for
    the first time

[4.16.2] - 2023-02-09

Changed

  • Bug Fix: Fixed bug in GraphQL function when normalizing the provided URL

[4.16.1] - 2023-02-09

Changed

  • Bug Fix: Refactored evidence CLI to prevent code from executing prematurely

[4.16.0] - 2023-02-08

Added

  • New Microsoft 365 Defender to pull alerts from Microsoft 365 into RegScale
  • New GitHub NPM audit scan integration to create assessments and related issues in RegScale from NPM audit scan of main
    branch
  • New sort CLI to batch sort in natural order NIST controls
  • Added better error handling to api.graph
  • Added additional links to readme.io docs
  • Added links to internal CLI developer standards and GraphQL documentation

Changed

  • Bug Fix: Fix failed jiraId keyError
  • Bug Fix: Fix OSCAL import test
  • Bug Fix: Change click sequence to fix broken test_evidence imports
  • Improve OSCAL CLI to load Australian ISM catalog
  • Change threaded process terminal output to prevent excessive threaded pool warnings
  • Improve testing of evidence CLI
  • Update cryptography library

[4.15.2] - 2023-02-3

Changed

  • Changed default mapping of control status from imported FedRAMP SSP to Not Implemented

[4.15.1] - 2023-02-1

Changed

  • Bug Fix: Fix the CLI looking for file dump path that does not exist
  • Bug Fix: Fix the list of acceptable file types was too limited for FedRAMP documents
  • Bug Fix: Update build script to properly handle all sections of version

[4.15.0] - 2023-01-31

Added

  • Added check for maxThreads to prevent users from being IP-banned by CISA

Changed

  • Bug Fix: Fix incorrect login credentials error message
  • Fixed typos throughout the application and duplicate periods within console
  • Improved Wiz integration to prevent duplicate record creation and other enhancements

[4.14.0] - 2023-01-24

Added

  • New GitHub Dependabot integration to import Depandabot found package vulnerabilities into RegScale
  • Added special data migration script to support many to may inheritance

Changed

  • Bug Fix: Errors between RegScale-CLI and RegScale with Tenable methods
  • Bug Fix: Cognito log in error

[4.13.0] - 2023-01-19

RegScale-CLI 4.13.0 adds new integrations, and refactors the application
for greater long term extensibility

The big leap in version number synchronizes RegScale-CLI version with RegScale version.

IMPORTANT: init.yaml parameter names changed in 4.13.0.

Certain init.yaml parameters changed in 4.13.0 to standardize parameter names to camelCase.
RegScale-CLI automatically adds in new and missing parameters and leaves existing parameters in place.
Be sure to check and update your existing init.yaml parameters.

Method 1 – move, generate, diff, and manually edit

# move init.yaml to backup
mv init.yaml init-bak.yaml
# generate fresh init.yaml
regscale init
# diff backup to fresh to see changes
diff init-bak.yaml init.yaml
# manually edit init.yaml to copy values from params back up to new params in fresh init.yaml

Method 2 – add new and manually edit

# run regscale to add in new/missing params
regscale about
# manually edit init.yaml to copy values around from old params into new params

Added

  • New Okta integration to pull different users from Okta core API
  • New FedRAMP SSP docx import to RegScale support
  • New Azure Microsoft Defender for Cloud to pull alerts from Azure into RegScale
  • New initialization workflow for setting up RegScale CLI
  • Added workflows to reminder command
  • Added bulk control editing via Excel
  • Added persistent CHANGELOG file for releases
  • Added Microsoft Defender for Cloud (DFC) integration that will create issues in RegScale for DFC alerts

Changed

  • Removed support for Python 3.8 to support Python typing
  • Bug Fix: Include missing requirements
  • Bug Fix: Replaced built in tuple for Python 3.8 crashes
  • Bug Fix: Minor bug fixes for functions throughout the application
  • Bug Fix: Standardize to Python Yaml "pyaml" package to correct packaging issue
  • Bug Fix: Automatically create directory "static" required by Python Fitz package
  • Renamed platform to admin_actions
  • Sync CLI version number to RegScale version number
  • Application refactor, restructure and standardization
  • Improved speed performance of Jira, Migrations, Wiz and OSCAL integrations with multithreading
  • Fixed typos in Doc Strings and standardized Doc String and user feedback usage of periods

[1.3.8] - 2023-01-10

Added

  • N/A

Changed

  • Bug Fix: Correct oscal_cli_path default

[1.3.7] - 2022-12-22

Added

  • N/A

Changed

  • Bug Fix: replaced tuple with Tuple to fix crash in Python 3.8

[1.3.6] - 2022-12-19

Added

  • N/A

Changed

  • Bug Fix: Added missing keys to init.yaml