aribot 1.0.0__tar.gz

aribot-1.0.0/.gitignore

@@ -0,0 +1,25 @@
+# Dependencies
+node_modules/
+__pycache__/
+*.pyc
+.venv/
+venv/
+
+# Build artifacts
+dist/
+build/
+*.egg-info/
+
+# IDE
+.idea/
+.vscode/
+*.swp
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Environment
+.env
+.env.local
+*.log

aribot-1.0.0/PKG-INFO

@@ -0,0 +1,377 @@
+Metadata-Version: 2.4
+Name: aribot
+Version: 1.0.0
+Summary: Aribot Security Platform SDK by Aristiun & Ayurak - Threat modeling, compliance, and cloud security APIs
+Project-URL: Homepage, https://developer.ayurak.com
+Project-URL: Documentation, https://developer.ayurak.com/docs/python-sdk
+Project-URL: Repository, https://github.com/Aristiun/aribot-python
+Author-email: Aristiun <sdk@ayurak.com>, Ayurak <sdk@ayurak.com>
+License-Expression: MIT
+Keywords: api,cloud-security,compliance,devsecops,security,threat-modeling
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.8
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: requests>=2.28.0
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.21.0; extra == 'dev'
+Requires-Dist: pytest>=7.0.0; extra == 'dev'
+Requires-Dist: responses>=0.23.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# Aribot Python SDK
+
+Official Python SDK for the Aribot Security Platform.
+
+## Installation
+
+```bash
+pip install aribot
+```
+
+## Quick Start
+
+```python
+from aribot import Aribot
+
+client = Aribot(api_key="your_api_key")
+
+# Analyze architecture diagram for threats
+result = client.threat_modeling.analyze_diagram("architecture.png")
+print(f"Found {result['threat_count']} threats")
+
+# Get detailed threats
+threats = client.threat_modeling.get_threats(result['diagram_id'])
+for threat in threats:
+    print(f"[{threat['severity']}] {threat['title']}")
+```
+
+## Features
+
+- **Threat Modeling** - Upload diagrams, detect components, identify threats
+- **Compliance Scanning** - ISO 27001, SOC2, GDPR, HIPAA, PCI-DSS, NIST
+- **Cloud Security** - Scan AWS, Azure, GCP for misconfigurations
+- **Pipeline Security** - SAST, SCA, secrets detection in CI/CD
+
+## API Reference
+
+### Threat Modeling
+
+```python
+# Upload and analyze a diagram
+result = client.threat_modeling.analyze_diagram(
+    "architecture.png",
+    analysis_depth="comprehensive",  # basic, comprehensive, detailed
+    wait=True,                       # wait for analysis to complete
+    timeout=300                      # max wait time in seconds
+)
+
+# List diagrams
+diagrams = client.threat_modeling.list(page=1, limit=25)
+
+# Get diagram details
+diagram = client.threat_modeling.get(diagram_id)
+
+# Get threats for a diagram
+threats = client.threat_modeling.get_threats(diagram_id)
+
+# Get detected components
+components = client.threat_modeling.get_components(diagram_id)
+
+# Run AI-powered analysis
+ai_result = client.threat_modeling.analyze_with_ai(
+    diagram_id,
+    analysis_types=["attack_paths", "data_flow"]
+)
+
+# Delete a diagram
+client.threat_modeling.delete(diagram_id)
+
+# Get dashboard metrics
+dashboard = client.threat_modeling.dashboard(period="month")
+```
+
+### Compliance Scanning
+
+```python
+# Run compliance scan
+result = client.compliance.scan(
+    diagram_id,
+    standards=["ISO27001", "SOC2", "GDPR"],
+    include_recommendations=True
+)
+print(f"Compliance score: {result['overall_score']}%")
+
+# Get compliance report
+report = client.compliance.get_report(diagram_id, format="json")
+
+# List available standards
+standards = client.compliance.list_standards()
+
+# Get standard details
+iso = client.compliance.get_standard("ISO27001")
+
+# List controls for a standard
+controls = client.compliance.list_controls("SOC2", category="access_control")
+
+# Get compliance gaps
+gaps = client.compliance.get_gaps(diagram_id, standard_id="ISO27001")
+
+# Create custom standard
+custom = client.compliance.add_custom_standard(
+    name="Internal Security Policy",
+    description="Company security requirements",
+    controls=[
+        {
+            "id": "ISP-001",
+            "name": "Data Encryption",
+            "description": "All data must be encrypted at rest",
+            "severity": "high"
+        }
+    ]
+)
+
+# Get compliance dashboard
+dashboard = client.compliance.dashboard(period="quarter")
+```
+
+### Cloud Security
+
+```python
+# Run cloud security scan
+scan = client.cloud.scan(
+    project_id="123456789012",
+    provider="aws",
+    services=["iam", "s3", "ec2"],
+    compliance_standards=["CIS-AWS"]
+)
+
+# Get scan results
+scan = client.cloud.get_scan(scan_id)
+
+# List scans
+scans = client.cloud.list_scans(provider="aws", status="completed")
+
+# Get findings
+findings = client.cloud.get_findings(
+    scan_id,
+    severity="critical",
+    service="s3"
+)
+
+# Connect AWS account
+account = client.cloud.connect_account(
+    provider="aws",
+    credentials={
+        "role_arn": "arn:aws:iam::123456789012:role/AribotSecurityRole",
+        "external_id": "your-external-id"
+    },
+    name="Production AWS"
+)
+
+# Connect GCP project
+account = client.cloud.connect_account(
+    provider="gcp",
+    credentials={
+        "service_account_key": "{ ... }",
+        "project_id": "my-project-123"
+    }
+)
+
+# Connect Azure subscription
+account = client.cloud.connect_account(
+    provider="azure",
+    credentials={
+        "tenant_id": "...",
+        "client_id": "...",
+        "client_secret": "..."
+    }
+)
+
+# List connected accounts
+accounts = client.cloud.list_accounts(provider="aws")
+
+# Get remediation steps
+remediation = client.cloud.get_remediation(finding_id)
+
+# Resolve a finding
+client.cloud.resolve_finding(
+    finding_id,
+    resolution="fixed",
+    notes="Patched in deployment v1.2.3"
+)
+
+# Suppress a finding
+client.cloud.suppress_finding(
+    finding_id,
+    reason="Accepted risk per security review",
+    duration_days=90
+)
+
+# Get cloud security dashboard
+dashboard = client.cloud.dashboard(project_id="123456789012")
+```
+
+### Pipeline Security
+
+```python
+# Create a project
+project = client.pipeline.create_project(
+    name="my-api",
+    repository_url="https://github.com/org/my-api",
+    scan_types=["sast", "sca", "secrets"]
+)
+
+# Run security scan
+result = client.pipeline.scan(
+    project_id,
+    commit_sha="abc123def456",
+    branch="main",
+    scan_types=["sast", "sca", "secrets"],
+    fail_on_severity="high",
+    wait=True
+)
+
+if result['status'] == 'failed':
+    print("Security gate failed!")
+    for finding in result['blocking_findings']:
+        print(f"  [{finding['severity']}] {finding['title']}")
+
+# Get scan details
+scan = client.pipeline.get_scan(scan_id)
+
+# Get specific finding types
+sast_findings = client.pipeline.get_sast_findings(scan_id)
+sca_findings = client.pipeline.get_sca_findings(scan_id)
+secrets = client.pipeline.get_secrets_findings(scan_id)
+
+# Configure security gates
+client.pipeline.configure_gates(
+    project_id,
+    gates={
+        "fail_on_critical": True,
+        "fail_on_high": True,
+        "max_high_findings": 5,
+        "block_secrets": True,
+        "required_scan_types": ["sast", "secrets"]
+    }
+)
+
+# Set baseline (suppress existing findings)
+client.pipeline.add_baseline(project_id, scan_id)
+
+# Suppress a finding
+client.pipeline.suppress_finding(
+    finding_id,
+    reason="False positive - validated manually"
+)
+
+# Get pipeline dashboard
+dashboard = client.pipeline.dashboard(project_id=project_id)
+```
+
+## Error Handling
+
+```python
+from aribot import (
+    Aribot,
+    AribotError,
+    AuthenticationError,
+    RateLimitError,
+    ValidationError,
+    NotFoundError,
+    ServerError
+)
+
+client = Aribot(api_key="your_api_key")
+
+try:
+    result = client.threat_modeling.analyze_diagram("diagram.png")
+except AuthenticationError:
+    print("Invalid API key")
+except RateLimitError as e:
+    print(f"Rate limited. Retry after {e.retry_after} seconds")
+except ValidationError as e:
+    print(f"Invalid request: {e.errors}")
+except NotFoundError:
+    print("Resource not found")
+except ServerError:
+    print("Server error - try again later")
+except AribotError as e:
+    print(f"API error: {e.message}")
+```
+
+## Configuration
+
+```python
+# Custom base URL (for on-premise deployments)
+client = Aribot(
+    api_key="your_api_key",
+    base_url="https://aribot.internal.company.com/api",
+    timeout=60
+)
+
+# Check API health
+health = client.health()
+
+# Get current user info
+user = client.me()
+
+# Get usage stats
+usage = client.usage(period="month")
+print(f"API calls used: {usage['calls_used']}/{usage['calls_limit']}")
+```
+
+## CI/CD Integration
+
+### GitHub Actions
+
+```yaml
+- name: Security Scan
+  env:
+    AYURAK_API_KEY: ${{ secrets.AYURAK_API_KEY }}
+  run: |
+    pip install aribot
+    python -c "
+    from aribot import Aribot
+    client = Aribot(api_key='$AYURAK_API_KEY')
+    result = client.pipeline.scan(
+        project_id='${{ vars.PROJECT_ID }}',
+        commit_sha='${{ github.sha }}',
+        fail_on_severity='high',
+        wait=True
+    )
+    if result['status'] == 'failed':
+        exit(1)
+    "
+```
+
+### GitLab CI
+
+```yaml
+security_scan:
+  script:
+    - pip install aribot
+    - python scripts/security_scan.py
+  variables:
+    AYURAK_API_KEY: $AYURAK_API_KEY
+```
+
+## Support
+
+- Documentation: https://developers.aribot.com/docs/python-sdk
+- API Reference: https://developers.aribot.com/api
+- Issues: https://github.com/AribotAI/aribot-python/issues
+
+## License
+
+MIT