check-msdefender 1.1.6__tar.gz → 1.1.8__tar.gz

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: check-msdefender
-Version: 1.1.6
+Version: 1.1.8
 Summary: A Nagios plugin for monitoring Microsoft Defender API endpoints
 Keywords: nagios,monitoring,microsoft,graph,api,azure
 Author-Email: ldvchosal <ldvchosal@github.com>

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/__init__.py

@@ -1,5 +1,4 @@
 """Check Microsoft Defender API endpoints and check values - Nagios plugin."""
-
-__version__ = "1.0.0"
+__version__ = "1.1.8"
 __author__ = "ldvchosal"
 __email__ = "ldvchosa@github.com"

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/cli/commands/__init__.py

@@ -7,6 +7,7 @@ from .onboarding import register_onboarding_commands
 from .machines import register_machines_commands
 from .detail import register_detail_commands
 from .alerts import register_alerts_commands
+from .products import register_products_commands
 
 
 def register_all_commands(main_group: Any) -> None:
@@ -17,3 +18,4 @@ def register_all_commands(main_group: Any) -> None:
     register_machines_commands(main_group)
     register_detail_commands(main_group)
     register_alerts_commands(main_group)
+    register_products_commands(main_group)

check_msdefender-1.1.8/check_msdefender/cli/commands/products.py

@@ -0,0 +1,60 @@
+"""Products commands for CLI."""
+
+import sys
+from typing import Optional, Any
+
+from check_msdefender.core.auth import get_authenticator
+from check_msdefender.core.config import load_config
+from check_msdefender.core.defender import DefenderClient
+from check_msdefender.core.nagios import NagiosPlugin
+from check_msdefender.services.products_service import ProductsService
+from ..decorators import common_options
+
+
+def register_products_commands(main_group: Any) -> None:
+    """Register products commands with the main CLI group."""
+
+    @main_group.command("products")
+    @common_options
+    def products_cmd(
+        config: str,
+        verbose: int,
+        machine_id: Optional[str],
+        dns_name: Optional[str],
+        warning: Optional[float],
+        critical: Optional[float],
+    ) -> None:
+        """Check installed products for Microsoft Defender."""
+        warning = warning if warning is not None else 5
+        critical = critical if critical is not None else 1
+
+        try:
+            # Load configuration
+            cfg = load_config(config)
+
+            # Get authenticator
+            authenticator = get_authenticator(cfg)
+
+            # Create Defender client
+            client = DefenderClient(authenticator, verbose_level=verbose)
+
+            # Create the products service
+            service = ProductsService(client, verbose_level=verbose)
+
+            # Create Nagios plugin
+            plugin = NagiosPlugin(service, "products")
+
+            # Execute check
+            result = plugin.check(
+                machine_id=machine_id,
+                dns_name=dns_name,
+                warning=warning,
+                critical=critical,
+                verbose=verbose,
+            )
+
+            sys.exit(result or 0)
+
+        except Exception as e:
+            print(f"UNKNOWN: {str(e)}")
+            sys.exit(3)

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/cli/decorators.py

@@ -10,9 +10,7 @@ def common_options(func: Callable[..., Any]) -> Callable[..., Any]:
         "-c", "--config", default="check_msdefender.ini", help="Configuration file path"
     )(func)
     func = click.option("-v", "--verbose", count=True, help="Increase verbosity")(func)
-    func = click.option("-m", "--machine-id", "-i", "--id", help="Machine ID (GUID)")(
-        func
-    )
+    func = click.option("-m", "--machine-id", "-i", "--id", help="Machine ID (GUID)")(func)
     func = click.option("-d", "--dns-name", help="Computer DNS Name (FQDN)")(func)
     func = click.option("-W", "--warning", type=float, help="Warning threshold")(func)
     func = click.option("-C", "--critical", type=float, help="Critical threshold")(func)

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/core/auth.py

@@ -20,9 +20,7 @@ def get_authenticator(
     tenant_id = auth_section.get("tenant_id")
 
     if not client_id or not tenant_id:
-        raise ConfigurationError(
-            "client_id and tenant_id are required in [auth] section"
-        )
+        raise ConfigurationError("client_id and tenant_id are required in [auth] section")
 
     # Check for client secret authentication
     client_secret = auth_section.get("client_secret")

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/core/defender.py

@@ -6,6 +6,16 @@ from typing import Any, Dict, cast
 from check_msdefender.core.exceptions import DefenderAPIError
 from check_msdefender.core.logging_config import get_verbose_logger
 
+PARAM_TOP = "$top"
+
+PARAM_EXPAND = "$expand"
+
+PARAM_ORDERBY = "$orderby"
+
+PARAM_FILTER = "$filter"
+
+PARAM_SELECT = "$select"
+
 
 class DefenderClient:
     """Client for Microsoft Defender API."""
@@ -55,14 +65,15 @@ class DefenderClient:
             "Content-Type": DefenderClient.application_json,
         }
 
-        params = {"$filter": f"computerDnsName eq '{dns_name}'", "$select": "id"}
+        params = {
+            PARAM_FILTER: f"computerDnsName eq '{dns_name}'",
+            PARAM_SELECT: "id"
+        }
 
         try:
             start_time = time.time()
             self.logger.info(f"Querying machine by DNS name: {dns_name}")
-            response = requests.get(
-                url, headers=headers, params=params, timeout=self.timeout
-            )
+            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
             elapsed = time.time() - start_time
 
             self.logger.api_call("GET", url, response.status_code, elapsed)
@@ -152,14 +163,12 @@ class DefenderClient:
             "Content-Type": DefenderClient.application_json,
         }
 
-        params = {"$select": "id,computerDnsName,onboardingStatus,osPlatform"}
+        params = {PARAM_SELECT: "id,computerDnsName,onboardingStatus,osPlatform"}
 
         try:
             start_time = time.time()
             self.logger.info("Querying all machines")
-            response = requests.get(
-                url, headers=headers, params=params, timeout=self.timeout
-            )
+            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
             elapsed = time.time() - start_time
 
             self.logger.api_call("GET", url, response.status_code, elapsed)
@@ -188,18 +197,16 @@ class DefenderClient:
         }
 
         params = {
-            "$top": "100",
-            "$expand": "evidence",
-            "$orderby": "alertCreationTime desc",
-            "$select": "status,title,machineId,computerDnsName,alertCreationTime,firstEventTime,lastEventTime,lastUpdateTime,severity",
+            PARAM_TOP: "100",
+            PARAM_EXPAND: "evidence",
+            PARAM_ORDERBY: "alertCreationTime desc",
+            PARAM_SELECT: "status,title,machineId,computerDnsName,alertCreationTime,firstEventTime,lastEventTime,lastUpdateTime,severity",
         }
 
         try:
             start_time = time.time()
             self.logger.info("Querying alerts")
-            response = requests.get(
-                url, headers=headers, params=params, timeout=self.timeout
-            )
+            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
             elapsed = time.time() - start_time
 
             self.logger.api_call("GET", url, response.status_code, elapsed)
@@ -215,6 +222,40 @@ class DefenderClient:
                 self.logger.debug(f"Response: {str(e.response.content)}")
             raise DefenderAPIError(f"Failed to query MS Defender API: {str(e)}")
 
+    def get_products(self) -> Dict[str, Any]:
+        """Get installed products for a machine."""
+        self.logger.method_entry("get_products")
+
+        token = self._get_token()
+
+        # Use the TVM API endpoint for products
+        url = f"{self.base_url}/api/machines/SoftwareVulnerabilitiesByMachine"
+        headers = {
+            "Authorization": f"Bearer {token}",
+            "Content-Type": DefenderClient.application_json,
+        }
+
+        params = {"pageIndex": "1", "pageSize": "50000"}
+
+        try:
+            start_time = time.time()
+            self.logger.info("Querying products")
+            response = requests.get(url, headers=headers, params=params, timeout=self.timeout)
+            elapsed = time.time() - start_time
+
+            self.logger.api_call("GET", url, response.status_code, elapsed)
+            response.raise_for_status()
+
+            result = cast(Dict[str, Any], response.json())
+            self.logger.json_response(str(result))
+            self.logger.method_exit("get_products", result)
+            return result
+        except requests.RequestException as e:
+            self.logger.debug(f"API request failed: {str(e)}")
+            if hasattr(e, "response") and e.response is not None:
+                self.logger.debug(f"Response: {str(e.response.content)}")
+            raise DefenderAPIError(f"Failed to query MS Defender API: {str(e)}")
+
     def _get_token(self) -> str:
         """Get access token from authenticator."""
         self.logger.trace("Getting access token from authenticator")

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/core/logging_config.py

@@ -82,9 +82,7 @@ class VerboseLogger:
         """Log API call details if verbose >= 2."""
         if self.verbose_level >= 2:
             if status_code and response_time:
-                self.logger.debug(
-                    f"API {method} {url} -> {status_code} ({response_time:.3f}s)"
-                )
+                self.logger.debug(f"API {method} {url} -> {status_code} ({response_time:.3f}s)")
             else:
                 self.logger.debug(f"API {method} {url}")
 

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/core/nagios.py

@@ -50,12 +50,6 @@ class DefenderScalarContext(nagiosplugin.ScalarContext):
                         f"{metric.name} is {metric.value} (outside range {warning_val}:)",
                         metric,
                     )
-                elif critical_val == metric.value:
-                    return self.result_cls(
-                        nagiosplugin.Critical,
-                        f"{metric.name} is {metric.value} (outside range {critical_val}:)",
-                        metric,
-                    )
                 else:
                     # If no exact match, use the more severe one (critical)
                     return self.result_cls(
@@ -122,15 +116,13 @@ class NagiosPlugin:
     ) -> int:
         """Execute the check and return Nagios exit code."""
         try:
-            result = self.service.get_result(machine_id=machine_id, dns_name=dns_name)
+            result = self.service.get_result()
             value = result["value"]
             details = result.get("details", [])
 
             # Create Nagios check with custom summary
             # Use 'found' as context name for detail command, otherwise use command name
-            context_name = (
-                "found" if self.command_name == "detail" else self.command_name
-            )
+            context_name = "found" if self.command_name == "detail" else self.command_name
             check = nagiosplugin.Check(
                 DefenderResource(self.command_name, value),
                 DefenderScalarContext(context_name, warning, critical),

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/services/alerts_service.py

@@ -53,18 +53,12 @@ class AlertsService:
             or alert.get("computerDnsName") == target_dns_name
         ]
 
-        self.logger.info(
-            f"Found {len(machine_alerts)} alerts for machine {target_dns_name}"
-        )
+        self.logger.info(f"Found {len(machine_alerts)} alerts for machine {target_dns_name}")
 
         # Categorize alerts by status and severity
-        unresolved_alerts = [
-            alert for alert in machine_alerts if alert.get("status") != "Resolved"
-        ]
+        unresolved_alerts = [alert for alert in machine_alerts if alert.get("status") != "Resolved"]
         informational_alerts = [
-            alert
-            for alert in unresolved_alerts
-            if alert.get("severity") == "Informational"
+            alert for alert in unresolved_alerts if alert.get("severity") == "Informational"
         ]
         critical_warning_alerts = [
             alert
@@ -88,9 +82,7 @@ class AlertsService:
                 title = alert.get("title", "Unknown alert")
                 status = alert.get("status", "Unknown")
                 severity = alert.get("severity", "Unknown")
-                details.append(
-                    f"{creation_time} - {title} ({status} {severity.lower()})"
-                )
+                details.append(f"{creation_time} - {title} ({status} {severity.lower()})")
 
         # Return the number of unresolved alerts as the value
         # This will be used by Nagios plugin for determining status based on thresholds
@@ -101,8 +93,6 @@ class AlertsService:
             "details": details,
         }
 
-        self.logger.info(
-            f"Alert analysis complete: {len(unresolved_alerts)} unresolved alerts"
-        )
+        self.logger.info(f"Alert analysis complete: {len(unresolved_alerts)} unresolved alerts")
         self.logger.method_exit("get_result", result)
         return result

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/services/detail_service.py

@@ -54,21 +54,15 @@ class DetailService:
             # Create detailed output
             details = []
             details.append(f"Machine ID: {machine_details.get('id', 'Unknown')}")
-            details.append(
-                f"Computer Name: {machine_details.get('computerDnsName', 'Unknown')}"
-            )
-            details.append(
-                f"OS Platform: {machine_details.get('osPlatform', 'Unknown')}"
-            )
+            details.append(f"Computer Name: {machine_details.get('computerDnsName', 'Unknown')}")
+            details.append(f"OS Platform: {machine_details.get('osPlatform', 'Unknown')}")
             details.append(f"OS Version: {machine_details.get('osVersion', 'Unknown')}")
-            details.append(
-                f"Health Status: {machine_details.get('healthStatus', 'Unknown')}"
-            )
+            details.append(f"Health Status: {machine_details.get('healthStatus', 'Unknown')}")
             details.append(f"Risk Score: {machine_details.get('riskScore', 'Unknown')}")
 
             result = {"value": 1, "details": details}
 
-            self.logger.info(f"Machine details retrieved successfully")
+            self.logger.info("Machine details retrieved successfully")
             self.logger.method_exit("get_result", result)
             return result
 

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/services/lastseen_service.py

@@ -62,9 +62,7 @@ class LastSeenService:
 
             result = {"value": days_diff, "details": details}
 
-            self.logger.info(
-                f"Machine last seen {days_diff} days ago ({last_seen_str})"
-            )
+            self.logger.info(f"Machine last seen {days_diff} days ago ({last_seen_str})")
             self.logger.method_exit("get_result", result)
             return result
         except (ValueError, TypeError) as e:

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/services/machines_service.py

@@ -13,7 +13,7 @@ class MachinesService:
         self.defender = defender_client
         self.logger = get_verbose_logger(__name__, verbose_level)
 
-    def get_result(self, **kwargs: Any) -> Dict[str, Any]:
+    def get_result(self) -> Dict[str, Any]:
         """Get machine count result with value and details."""
         self.logger.method_entry("get_result")
 
@@ -44,8 +44,8 @@ class MachinesService:
         sorted_machines = sorted(
             machines,
             key=lambda x: (
-                status_priority[x["onboardingStatus"]],
-                x["computerDnsName"],
+                status_priority[x["onboardingStatus"] or ""],
+                x["computerDnsName"] or "",
             ),
         )
         for machine in sorted_machines:
@@ -60,7 +60,7 @@ class MachinesService:
         self.logger.method_exit("get_result", result)
         return result
 
-    def get_details(self, **kwargs: Any) -> List[str]:
+    def get_details(self) -> List[str]:
         """Get detailed machine information."""
         self.logger.method_entry("get_details")
 

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/services/onboarding_service.py

@@ -54,8 +54,6 @@ class OnboardingService:
 
         result = {"value": result_value, "details": details}
 
-        self.logger.info(
-            f"Machine onboarding status: {onboarding_state} -> {result_value}"
-        )
+        self.logger.info(f"Machine onboarding status: {onboarding_state} -> {result_value}")
         self.logger.method_exit("get_result", result)
         return result

check_msdefender-1.1.8/check_msdefender/services/products_service.py

@@ -0,0 +1,136 @@
+"""Products service implementation."""
+
+from typing import Dict, Optional, Any
+from datetime import datetime
+
+from check_msdefender.core.exceptions import ValidationError
+from check_msdefender.core.logging_config import get_verbose_logger
+
+
+class ProductsService:
+    """Service for checking installed products on machines."""
+
+    def __init__(self, defender_client: Any, verbose_level: int = 0) -> None:
+        """Initialize with Defender client."""
+        self.defender = defender_client
+        self.logger = get_verbose_logger(__name__, verbose_level)
+
+    def get_result(
+        self, machine_id: Optional[str] = None, dns_name: Optional[str] = None
+    ) -> Dict[str, Any]:
+        """Get products result with value and details for a machine."""
+        self.logger.method_entry("get_result", machine_id=machine_id, dns_name=dns_name)
+
+        if not machine_id and not dns_name:
+            raise ValidationError("Either machine_id or dns_name must be provided")
+
+        # Get machine information
+        target_dns_name = dns_name
+        target_machine_id = machine_id
+
+        if machine_id:
+            # Get DNS name from machine_id
+            machine_details = self.defender.get_machine_by_id(machine_id)
+            target_dns_name = machine_details.get("computerDnsName", "Unknown")
+        elif dns_name:
+            # Get machine_id from dns_name
+            dns_response = self.defender.get_machine_by_dns_name(dns_name)
+            machines = dns_response.get("value", [])
+            if not machines:
+                raise ValidationError(f"Machine not found with DNS name: {dns_name}")
+            target_machine_id = machines[0].get("id")
+            target_dns_name = dns_name
+
+        # Get products for the machine
+        self.logger.info("Fetching products from Microsoft Defender")
+        products_data = self.defender.get_products()
+        all_products = products_data.get("value", [])
+        products = [
+            product for product in all_products if product.get("deviceId") == target_machine_id
+        ]
+
+        self.logger.info(f"Found {len(products)} CVE vulnerabilities for machine {target_dns_name}")
+
+        # Group vulnerabilities by software
+        software_vulnerabilities = {}
+        for vulnerability in products:
+            software_name = vulnerability.get("softwareName", "Unknown")
+            software_version = vulnerability.get("softwareVersion", "Unknown")
+            software_vendor = vulnerability.get("softwareVendor", "Unknown")
+            cve_id = vulnerability.get("cveId", "Unknown")
+            cvss_score = vulnerability.get("cvssScore", 0)
+            disk_paths = vulnerability.get("diskPaths", [])
+            severity = vulnerability.get("vulnerabilitySeverityLevel", "Unknown")
+
+            software_key = f"{software_name}-{software_version}-{software_vendor}"
+
+            if software_key not in software_vulnerabilities:
+                software_vulnerabilities[software_key] = {
+                    "name": software_name,
+                    "version": software_version,
+                    "vendor": software_vendor,
+                    "cves": [],
+                    "paths": set(),
+                    "max_cvss": 0,
+                    "severities": set(),
+                }
+
+            software_vulnerabilities[software_key]["cves"].append(cve_id)
+            software_vulnerabilities[software_key]["paths"].update(disk_paths)
+            software_vulnerabilities[software_key]["max_cvss"] = max(
+                software_vulnerabilities[software_key]["max_cvss"], cvss_score
+            )
+            software_vulnerabilities[software_key]["severities"].add(severity)
+
+        # Count vulnerable software
+        vulnerable_software = []
+
+        for software in software_vulnerabilities.values():
+            if len(software["cves"]) > 0:
+                vulnerable_software.append(software)
+
+        # Create details for output
+        details = []
+        if software_vulnerabilities:
+            summary_line = f"{len(products)} CVE found on {target_dns_name}"
+            details.append(summary_line)
+
+            # Add software details (limit to 10)
+            for software in list(software_vulnerabilities.values())[:10]:
+                cve_count = len(software["cves"])
+                unique_cves = list(set(software["cves"]))
+                cve_list = ", ".join(unique_cves[:5])  # Show first 5 CVEs
+                if len(unique_cves) > 5:
+                    cve_list += f".. (+{len(unique_cves) - 5} more)"
+
+                details.append(
+                    f"{software['name']} {software['version']} ({software['vendor']}) - "
+                    f"{cve_count} weaknesses ({cve_list})"
+                )
+
+                # Add paths (limit to 4)
+                for path in list(software["paths"])[:4]:
+                    details.append(f" - {path}")
+
+        # Determine the value based on severity:
+        # - Vulnerable software triggers warnings
+        # - No vulnerabilities is OK
+        if vulnerable_software:
+            value = len(vulnerable_software)  # Will trigger warning threshold
+        else:
+            value = 0  # OK status
+
+        result = {
+            "value": value,
+            "details": details,
+            "vulnerable_count": len(vulnerable_software),
+            "total_cves": len(products),
+            "total_software": len(software_vulnerabilities),
+        }
+
+        self.logger.info(
+            f"Products analysis complete: {len(products)} total CVEs, "
+            f"{len(vulnerable_software)} vulnerable software"
+        )
+        self.logger.method_exit("get_result", result)
+        return result

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/check_msdefender/services/vulnerabilities_service.py

@@ -41,9 +41,7 @@ class VulnerabilitiesService:
 
         # Process and deduplicate vulnerabilities
         vulnerabilities = self._process_vulnerabilities(raw_vulnerabilities)
-        self.logger.info(
-            f"Found {len(vulnerabilities)} unique vulnerabilities after deduplication"
-        )
+        self.logger.info(f"Found {len(vulnerabilities)} unique vulnerabilities after deduplication")
 
         # Calculate vulnerability score
         score = VulnerabilityScore()
@@ -56,9 +54,7 @@ class VulnerabilitiesService:
 
         for vuln in sorted_vulnerabilities:
             severity = vuln.severity.lower()
-            self.logger.debug(
-                f"Processing vulnerability {vuln.id} with severity: {severity}"
-            )
+            self.logger.debug(f"Processing vulnerability {vuln.id} with severity: {severity}")
 
             if severity == "critical":
                 score.critical += 1
@@ -130,9 +126,7 @@ class VulnerabilitiesService:
         # Sort by severity
         sorted_vulnerabilities = self._sort_by_severity(vulnerabilities)
 
-        self.logger.method_exit(
-            "get_detailed_vulnerabilities", len(sorted_vulnerabilities)
-        )
+        self.logger.method_exit("get_detailed_vulnerabilities", len(sorted_vulnerabilities))
         return sorted_vulnerabilities
 
     def _process_vulnerabilities(
@@ -163,9 +157,7 @@ class VulnerabilitiesService:
 
         return unique_vulnerabilities
 
-    def _sort_by_severity(
-        self, vulnerabilities: List[Vulnerability]
-    ) -> List[Vulnerability]:
+    def _sort_by_severity(self, vulnerabilities: List[Vulnerability]) -> List[Vulnerability]:
         """Sort vulnerabilities by severity (Critical > High > Medium > Low)."""
         return sorted(
             vulnerabilities,

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "pdm.backend"
 
 [project]
 name = "check-msdefender"
-version = "1.1.6"
+dynamic = []
 authors = [
     { name = "ldvchosal", email = "ldvchosal@github.com" },
 ]
@@ -38,6 +38,7 @@ dependencies = [
     "azure-identity>=1.12.0",
     "click>=8.0,<9.0",
 ]
+version = "1.1.8"
 
 [project.license]
 text = "MIT"
@@ -51,6 +52,9 @@ Documentation = "https://github.com/lduchosal/check_msdefender/blob/main/README.
 [project.scripts]
 check_msdefender = "check_msdefender.cli:main"
 
+[tool.pdm]
+distribution = true
+
 [tool.pdm.dev-dependencies]
 dev = [
     "pytest>=6.0",
@@ -62,18 +66,44 @@ dev = [
     "twine>=6.2.0",
     "pdm>=2.0.0",
     "ruff>=0.13.0",
+    "pdm-bump",
 ]
 
+[tool.pdm.version]
+source = "file"
+path = "check_msdefender/__init__.py"
+
 [tool.pdm.scripts]
 format = "ruff format"
 typecheck = "mypy check_msdefender/"
-lint = "flake8 check_msdefender/"
 build = "python -m build"
 publish = "python -m twine upload dist/* --verbose"
-test = "pytest -v tests/"
 install = "pdm install"
+install-dev = "pdm install -G dev"
 clihelp = "check_msdefender --help"
 climachines = "check_msdefender machines"
+test = "env PYTHONPATH=src python -m pytest tests/ -v --cov=check_msdefender --cov-report=term-missing"
+test-quick = "env PYTHONPATH=src python -m pytest tests/ --tb=no -q"
+test-ci = "env PYTHONPATH=src python -m pytest tests/ -v --cov=check_msdefender --cov-report=term-missing -m 'not reverseproxy'"
+test-unit = "env PYTHONPATH=src python -m pytest tests/unit/ -v"
+test-integration = "env PYTHONPATH=src python -m pytest tests/integration/ -v"
+test-cov = "env PYTHONPATH=src python -m pytest tests/ -v --cov=check_msdefender --cov-report=html --cov-report=term-missing"
+lint = "ruff check check_msdefender/ tests/"
+lint-fix = "ruff check --fix check_msdefender/ tests/"
+format-check = "black --check check_msdefender/ tests/"
+check = [
+    "lint",
+    "format-check",
+    "typecheck",
+    "test",
+]
+bump-version = "pdm bump -v patch"
+env = "echo ${PATH}"
+clean = "rm -rf .coverage htmlcov/ .pytest_cache/ __pycache__/ check_msdefender/__pycache__/"
+version-show = "python -c 'import check_msdefender; print(xp.__version__)'"
+version-patch = "pdm bump patch"
+version-minor = "pdm bump minor"
+version-major = "pdm bump major"
 
 [tool.pdm.scripts.cli]
 composite = [
@@ -102,10 +132,20 @@ target-version = [
 ]
 
 [tool.mypy]
-python_version = "3.9"
+python_version = "3.10"
 warn_return_any = true
 warn_unused_configs = true
 disallow_untyped_defs = true
+disallow_incomplete_defs = true
+check_untyped_defs = true
+disallow_untyped_decorators = false
+no_implicit_optional = true
+warn_redundant_casts = true
+warn_unused_ignores = true
+warn_no_return = true
+warn_unreachable = true
+strict_equality = true
+ignore_missing_imports = true
 
 [tool.pytest.ini_options]
 testpaths = [
@@ -115,3 +155,8 @@ python_files = "test_*.py"
 python_classes = "Test*"
 python_functions = "test_*"
 addopts = "-v"
+
+[tool.pdm-bump]
+version-files = [
+    "check_msdefender/__init__.py:__version__",
+]

{check_msdefender-1.1.6 → check_msdefender-1.1.8}/tests/integration/test_cli_integration.py

@@ -301,7 +301,6 @@ class TestDetailCommand:
         assert "DEFENDER OK - Machine ID:" in result.output
         assert "test-machine" in result.output
         mock_service_instance.get_result.assert_called_once_with(
-            machine_id="test-machine-123", dns_name=None
         )
 
     @patch("check_msdefender.cli.commands.detail.load_config")
@@ -332,7 +331,6 @@ class TestDetailCommand:
         assert result.exit_code == 0
         assert "DEFENDER OK - Machine ID:" in result.output
         mock_service_instance.get_result.assert_called_once_with(
-            machine_id="test-machine-456", dns_name=None
         )
 
     @patch("check_msdefender.cli.commands.detail.load_config")
@@ -364,7 +362,6 @@ class TestDetailCommand:
         assert "DEFENDER OK - Machine ID:" in result.output
         assert "test.domain.com" in result.output
         mock_service_instance.get_result.assert_called_once_with(
-            machine_id=None, dns_name="test.domain.com"
         )
 
     @patch("check_msdefender.cli.commands.detail.load_config")