psengine 2.0.4__py3-none-any.whl

psengine/markdown/__init__.py

@@ -0,0 +1,21 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+from .markdown import (
+    MarkdownMaker,
+    clean_text,
+    divider,
+    escape_pipe_characters,
+    html_textarea,
+    table_from_rows,
+)

psengine/markdown/markdown.py

@@ -0,0 +1,169 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+import html
+from typing import Union
+
+import markdown_strings
+from markdown_strings import header
+from pydantic import validate_call
+
+from .models import Section
+
+TITLE_HEADER_LEVEL = 2
+
+###############################################################################
+# Helpers
+###############################################################################
+
+
+def divider() -> str:
+    """Return divider."""
+    return '\n---\n'
+
+
+def table_from_rows(table_list) -> str:
+    r"""Return a formatted table, using each list as the list. The specifics are
+    the same as those for the table function.
+
+    >>> table_from_rows([["1","2","3"],["4","5","6"],["7","8","9"]])
+    '| 1 | 2 | 3 |\\n| --- | --- | --- |\\n| 4 | 5 | 6 |\\n| 7 | 8 | 9 |'
+    """
+    longest_list = max(table_list, key=len)
+    number_of_columns = len(longest_list)
+    columns = [
+        [
+            str(row[column]).replace('|', ' ').replace('\n', ' ') if column < len(row) else ''
+            for row in table_list
+        ]
+        for column in range(number_of_columns)
+    ]
+    return markdown_strings.table(columns)
+
+
+def clean_text(text: str) -> str:
+    """Cleanup legacy alerts data from markdown and html text special chars."""
+    text = (
+        text.replace('\n', '')
+        .replace('#', '\\#')
+        .replace('_', '\\_')
+        .replace('-', '\\-')
+        .replace('*', '•')
+        .replace('\u2028', ' ')
+    )
+    return html.escape(text)
+
+
+def escape_pipe_characters(text: str) -> str:
+    """Escape pipe characters in text."""
+    return text.replace('|', '\\|')
+
+
+def html_textarea(text: str) -> str:
+    """Wrap text in a markdown code block."""
+    return f'<textarea readonly="true">{text}</textarea>'
+
+
+class MarkdownMaker:
+    """Class to manage markdown inputs and formatting of markdown output."""
+
+    def __init__(
+        self,
+        addendum: str = '',
+        character_limit: int = None,
+        defang_iocs: bool = False,
+        iocs_to_defang: list = None,
+    ):
+        self.title = None
+        self.sections = []
+        self.addendum = addendum
+        if character_limit is not None and character_limit < len(addendum):
+            raise ValueError(f'Character limit must be at least {len(addendum)}')
+        self.character_limit = character_limit
+        self.defang_iocs = defang_iocs
+        if self.defang_iocs and iocs_to_defang is None:
+            raise ValueError('If `defang_iocs` is True, you need to supply `iocs_to_defang`.')
+        self.iocs_to_defang = iocs_to_defang
+
+    @validate_call
+    def add_title(self, title: str) -> None:
+        """Add title to the markdown."""
+        self.title = title
+
+    def validate_section(self, title: str, content: Union[list[dict], list[str]]) -> Section:
+        """Recursive function to validate a section and its content.
+
+        Args:
+            title (str): Section title
+            content (Union[list[dict], list[str]]): Section content
+
+        Raises:
+            ValueError: Raised if the section content is empty.
+
+        Returns:
+            Section: Returns a validated section object.
+        """
+        if len(content) == 0:
+            raise ValueError('Section content cannot be empty.')
+        if isinstance(content[0], str):
+            return Section(title=title, content=content)
+        if isinstance(content[0], dict):
+            return Section(
+                title=title, content=[self.validate_section(**section) for section in content]
+            )
+
+    @validate_call
+    def add_section(self, title: str, content: Union[list[dict], list[str]]) -> None:
+        """Add a section to the markdown."""
+        self.sections.append(self.validate_section(title, content))
+
+    def format_section(self, section: Section, header_level: int) -> str:
+        """Recursive function to format a section and its content."""
+        md_str = header(section.title, header_level) + '\n\n'
+        if isinstance(section.content[0], str):
+            md_str += '\n'.join(section.content)
+        else:
+            for sub_section in section.content:
+                md_str += self.format_section(sub_section, header_level + 1)
+
+        md_str += '\n\n'
+
+        return md_str
+
+    def format_defang_iocs(self, entities: set, md_str: str) -> str:
+        """Replace `.` with `[.]` for every IOC found."""
+        for entity in entities:
+            defanged = entity.replace('.', '[.]')
+            md_str = md_str.replace(entity, defanged)
+
+        return md_str
+
+    def format_output(self) -> str:
+        """Format the markdown output.
+
+        Call this method after adding a title and any sections.
+        """
+        md_str = ''
+        if self.title is not None:
+            md_str += header(self.title, TITLE_HEADER_LEVEL) + '\n\n'
+
+        for section in self.sections:
+            md_str += self.format_section(section, TITLE_HEADER_LEVEL + 1)
+
+        if self.defang_iocs:
+            md_str = self.format_defang_iocs(self.iocs_to_defang, md_str)
+
+        if self.character_limit is not None and len(md_str) > self.character_limit:
+            md_str = md_str[: self.character_limit - len(self.addendum)] + self.addendum
+
+        return md_str

psengine/markdown/models.py

@@ -0,0 +1,22 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+
+from typing import Union
+
+from ..common_models import RFBaseModel
+
+
+class Section(RFBaseModel):
+    title: str
+    content: Union[list['Section'], list[str]]

psengine/playbook_alerts/__init__.py

@@ -0,0 +1,34 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+from .errors import (
+    PlaybookAlertError,
+    PlaybookAlertFetchError,
+    PlaybookAlertRetrieveImageError,
+    PlaybookAlertSearchError,
+    PlaybookAlertUpdateError,
+)
+from .models import SearchResponse
+from .pa_category import PACategory
+from .playbook_alert_mgr import PlaybookAlertMgr
+from .playbook_alerts import (
+    PBA_CodeRepoLeakage,
+    PBA_CyberVulnerability,
+    PBA_DomainAbuse,
+    PBA_Generic,
+    PBA_IdentityNovelExposure,
+    PBA_ThirdPartyRisk,
+    PreviewAlertOut,
+    SearchIn,
+    UpdateAlertIn,
+)

psengine/playbook_alerts/constants.py

@@ -0,0 +1,35 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+from typing import Union
+
+from .playbook_alerts import (
+    PBA_CodeRepoLeakage,
+    PBA_CyberVulnerability,
+    PBA_DomainAbuse,
+    PBA_Generic,
+    PBA_IdentityNovelExposure,
+    PBA_ThirdPartyRisk,
+)
+
+STATUS_PANEL_NAME = 'status'
+DEFAULT_PBA_OUTPUT_DIR = 'playbook_alerts'
+DEFAULT_PBA_FILE_NAME = 'playbook_alerts_{}.json'
+
+PLAYBOOK_ALERT_TYPE = Union[
+    PBA_Generic,
+    PBA_CodeRepoLeakage,
+    PBA_CyberVulnerability,
+    PBA_DomainAbuse,
+    PBA_IdentityNovelExposure,
+    PBA_ThirdPartyRisk,
+]

psengine/playbook_alerts/errors.py

@@ -0,0 +1,35 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+
+from ..errors import RecordedFutureError
+
+
+class PlaybookAlertError(RecordedFutureError):
+    """Error raised when playbook alert fails."""
+
+
+class PlaybookAlertSearchError(PlaybookAlertError):
+    """Error raised when playbook alert search query fails."""
+
+
+class PlaybookAlertUpdateError(PlaybookAlertError):
+    """Error raised when playbook alert update fails."""
+
+
+class PlaybookAlertFetchError(PlaybookAlertError):
+    """Error raised when playbook alert fetch fails."""
+
+
+class PlaybookAlertRetrieveImageError(PlaybookAlertError):
+    """Error raised when playbook alert image fetch fails."""

psengine/playbook_alerts/helpers.py

@@ -0,0 +1,80 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+import logging
+from pathlib import Path
+from typing import Union
+
+from ..errors import WriteFileError
+from ..helpers import OSHelpers, debug_call
+from .constants import DEFAULT_PBA_OUTPUT_DIR
+from .playbook_alerts import PBA_DomainAbuse
+
+LOG = logging.getLogger('psengine.playbook_alerts.helpers')
+
+
+@debug_call
+def save_pba_images(
+    playbook_alerts: Union[PBA_DomainAbuse, list[PBA_DomainAbuse]],
+    output_directory: str = DEFAULT_PBA_OUTPUT_DIR,
+) -> None:
+    """Save Domain Abuse images/screenshots to disk as a .png file.
+
+    Args:
+        playbook_alerts (Union[PBA_DomainAbuse, List[PBA_DomainAbuse]]): Domain Abuse alert(s)
+        output_directory (str): The directory to save the images to
+
+    Raises:
+        TypeError: If alerts are not PBA_DomainAbuse objects
+        WriteFileError: If the image save fails with an OSError
+    """
+    if not isinstance(playbook_alerts, (list, PBA_DomainAbuse)):
+        raise TypeError('Image saving is only supported by Domain Abuse alerts')
+
+    playbook_alerts = playbook_alerts if isinstance(playbook_alerts, list) else [playbook_alerts]
+    if not all(isinstance(alert, PBA_DomainAbuse) for alert in playbook_alerts):
+        raise TypeError('Image saving is only supported by Domain Abuse alerts')
+
+    for alert in playbook_alerts:
+        LOG.info(f'Saving {len(alert.images)} image(s) to disk for alert {alert.playbook_alert_id}')
+        for image_id, meta in alert.images.items():
+            file_name = f'{alert.playbook_alert_id[5:]}_{image_id[4:]}'
+            _save_image(
+                file_name=file_name,
+                image_bytes=meta['image_bytes'],
+                output_directory=output_directory,
+            )
+
+
+def _save_image(
+    file_name: str, image_bytes: bytes, output_directory: Union[str, Path] = DEFAULT_PBA_OUTPUT_DIR
+) -> None:
+    """Save image to disk as a .png file.
+
+    Args:
+        file_name (str): File name without the extension
+        image_bytes (bytes): Image bytes
+        output_directory (str or Path): The directory to save the image to
+
+    Raises:
+        WriteFileError: If the image save fails with an OSError
+    """
+    try:
+        LOG.debug(f"Saving image '{file_name}' to disk")
+        dir_path = OSHelpers.mkdir(output_directory)
+        image_filepath = dir_path / f'{file_name}.png'
+        with image_filepath.open('wb') as file:
+            file.write(image_bytes)
+    except OSError as err:
+        raise WriteFileError(
+            f'Failed to save playbook alert image to disk. Cause: {err.args}',
+        ) from err

psengine/playbook_alerts/mappings.py

@@ -0,0 +1,44 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+from ..endpoints import (
+    EP_PLAYBOOK_ALERT_CODE_REPO_LEAKAGE,
+    EP_PLAYBOOK_ALERT_CYBER_VULNERABILITY,
+    EP_PLAYBOOK_ALERT_DOMAIN_ABUSE,
+    EP_PLAYBOOK_ALERT_IDENTITY_NOVEL_EXPOSURES,
+    EP_PLAYBOOK_ALERT_THIRD_PARTY_RISK,
+)
+from .pa_category import PACategory
+from .playbook_alerts import (
+    PBA_CodeRepoLeakage,
+    PBA_CyberVulnerability,
+    PBA_DomainAbuse,
+    PBA_IdentityNovelExposure,
+    PBA_ThirdPartyRisk,
+)
+
+CATEGORY_ENDPOINTS = {
+    PACategory.CODE_REPO_LEAKAGE.value: EP_PLAYBOOK_ALERT_CODE_REPO_LEAKAGE,
+    PACategory.CYBER_VULNERABILITY.value: EP_PLAYBOOK_ALERT_CYBER_VULNERABILITY,
+    PACategory.DOMAIN_ABUSE.value: EP_PLAYBOOK_ALERT_DOMAIN_ABUSE,
+    PACategory.IDENTITY_NOVEL_EXPOSURES.value: EP_PLAYBOOK_ALERT_IDENTITY_NOVEL_EXPOSURES,
+    PACategory.THIRD_PARTY_RISK.value: EP_PLAYBOOK_ALERT_THIRD_PARTY_RISK,
+}
+
+CATEGORY_TO_OBJECT_MAP = {
+    PACategory.CODE_REPO_LEAKAGE.value: PBA_CodeRepoLeakage,
+    PACategory.CYBER_VULNERABILITY.value: PBA_CyberVulnerability,
+    PACategory.DOMAIN_ABUSE.value: PBA_DomainAbuse,
+    PACategory.IDENTITY_NOVEL_EXPOSURES.value: PBA_IdentityNovelExposure,
+    PACategory.THIRD_PARTY_RISK.value: PBA_ThirdPartyRisk,
+}

psengine/playbook_alerts/markdown/__init__.py

@@ -0,0 +1,13 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+

psengine/playbook_alerts/markdown/markdown.py

@@ -0,0 +1,98 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+from markdown_strings import bold, link
+
+from ...constants import TIMESTAMP_STR, TRUNCATE_COMMENT
+from ...markdown import (
+    MarkdownMaker,
+)
+from ..models.common_models import ResolvedEntity
+from ..pa_category import PACategory
+from .markdown_code_repo import _code_repo_markdown
+from .markdown_domain_abuse import _domain_abuse_markdown
+from .markdown_identity_exposure import _identity_exposure_markdown
+
+PORTAL_URL = 'https://app.recordedfuture.com/portal/playbook-alerts/{}'
+API_URL = 'https://api.recordedfuture.com/playbook-alert/{}/{}'
+
+
+MARKDOWN_BY_PBA_TYPE = {
+    PACategory.CODE_REPO_LEAKAGE.value: _code_repo_markdown,
+    PACategory.DOMAIN_ABUSE.value: _domain_abuse_markdown,
+    PACategory.IDENTITY_NOVEL_EXPOSURES.value: _identity_exposure_markdown,
+}
+
+
+def _generic_pba_summary(pba, md_maker: MarkdownMaker):
+    md_maker.add_title(pba.panel_status.case_rule_label)
+    id_ = pba.playbook_alert_id
+    general_info = [
+        f'{bold("ID:")} {id_}',
+        f'{bold("Created:")} {pba.panel_status.created.strftime(TIMESTAMP_STR)}',
+        f'{bold("Updated:")} {pba.panel_status.updated.strftime(TIMESTAMP_STR)}',
+        f'{bold("Status:")} {pba.panel_status.status}',
+        f'{bold("Priority:")} {pba.panel_status.priority}',
+        '{} | {}'.format(
+            link('API', API_URL.format(pba.category, id_)), link('Portal', PORTAL_URL.format(id_))
+        ),
+    ]
+    md_maker.add_section('Summary', general_info)
+
+
+def _unmapped_pba(pba, md_maker: MarkdownMaker, *args, **kwargs) -> str:  # noqa: ARG001
+    md_maker.sections.insert(
+        0,
+        md_maker.validate_section(
+            'Warning',
+            [
+                (
+                    '> 🚨 The markdown of this alert is not fully supported yet. '
+                    'For full details check the portal 🚨'
+                )
+            ],
+        ),
+    )
+
+    if targets := pba.panel_status.targets:
+        if any(isinstance(t, str) for t in targets):
+            md_maker.add_section('Targets', ', '.join(t for t in targets))
+        elif any(isinstance(t, ResolvedEntity) for t in targets):
+            md_maker.add_section('Targets', [t.name for t in targets])
+
+    return md_maker.format_output()
+
+
+def _markdown_playbook_alert(
+    playbook_alert,
+    html_tags: bool = True,
+    character_limit: int = None,
+    defang_iocs: bool = False,
+    iocs_to_defang: list = None,
+) -> str:
+    md_maker = MarkdownMaker(
+        addendum=TRUNCATE_COMMENT.format(
+            type_='alert', url=PORTAL_URL.format(playbook_alert.playbook_alert_id)
+        ),
+        character_limit=character_limit,
+        defang_iocs=defang_iocs,
+        iocs_to_defang=iocs_to_defang or [],
+    )
+    _generic_pba_summary(playbook_alert, md_maker)
+
+    try:
+        return MARKDOWN_BY_PBA_TYPE.get(playbook_alert.category, _unmapped_pba)(
+            playbook_alert, md_maker, html_tags
+        )
+    except AttributeError:
+        return _unmapped_pba(playbook_alert, md_maker, html_tags)

psengine/playbook_alerts/markdown/markdown_code_repo.py

@@ -0,0 +1,64 @@
+##################################### TERMS OF USE ###########################################
+# The following code is provided for demonstration purpose only, and should not be used      #
+# without independent verification. Recorded Future makes no representations or warranties,  #
+# express, implied, statutory, or otherwise, regarding any aspect of this code or of the     #
+# information it may retrieve, and provides it both strictly “as-is” and without assuming    #
+# responsibility for any information it may retrieve. Recorded Future shall not be liable    #
+# for, and you assume all risk of using, the foregoing. By using this code, Customer         #
+# represents that it is solely responsible for having all necessary licenses, permissions,   #
+# rights, and/or consents to connect to third party APIs, and that it is solely responsible  #
+# for having all necessary licenses, permissions, rights, and/or consents to any data        #
+# accessed from any third party API.                                                         #
+##############################################################################################
+
+from collections import defaultdict
+
+from markdown_strings import blockquote, bold
+
+from ...constants import TIMESTAMP_STR
+from ...markdown import MarkdownMaker, clean_text, divider, html_textarea
+
+
+def _add_repository(pba, md_maker: MarkdownMaker):
+    repos = [
+        f'{bold("Owner:" )} {pba.panel_evidence_summary.repository.owner.name}',
+        f'{bold("URL:" )} {pba.panel_evidence_summary.repository.name}',
+    ]
+
+    md_maker.add_section('Repository', repos)
+
+
+def _add_assessment(pba, md_maker: MarkdownMaker, html_tags: bool):
+    assessments = []
+
+    for assess in pba.panel_evidence_summary.evidence:
+        details = defaultdict(list)
+        for a in assess.assessments:
+            details[a.title].append(clean_text(a.value))
+
+        details_list = []
+        for k, v in details.items():
+            details_list.append(f'{bold(k + ":")} {", ".join(v)}')
+
+        targets = ''
+        if targets := ', '.join(t.name for t in assess.targets):
+            targets = f'{bold("Assessment targets:")} {targets}'
+
+        commit = f'{bold("Commit:")} {assess.url}'
+        published = f'{bold("Published:")} {assess.published.strftime(TIMESTAMP_STR)}'
+        content = blockquote(
+            html_textarea(clean_text(assess.content)) if html_tags else clean_text(assess.content)
+        )
+        content = f'{bold("Content:")}\n\n{content}'
+
+        assessments.extend([published, targets, *details_list, commit, content, divider()])
+    md_maker.add_section('Assessments', assessments)
+
+
+def _code_repo_markdown(pba, md_maker: MarkdownMaker, html_tags: bool) -> str:
+    if targets := pba.panel_status.targets:
+        md_maker.add_section('Targets', [t.name for t in targets])
+
+    _add_repository(pba, md_maker)
+    _add_assessment(pba, md_maker, html_tags)
+    return md_maker.format_output()