regscale-cli 6.16.2.0__py3-none-any.whl → 6.16.4.0__py3-none-any.whl

regscale/__init__.py

@@ -1 +1 @@
-__version__ = "6.16.2.0"
+__version__ = "6.16.4.0"

regscale/core/app/internal/control_editor.py

@@ -20,6 +20,7 @@ if TYPE_CHECKING:
 from openpyxl import Workbook, load_workbook
 from openpyxl.styles import Alignment, PatternFill, Protection
 from openpyxl.worksheet.datavalidation import DataValidation
+import warnings
 
 
 from regscale.core.app.logz import create_logger
@@ -48,6 +49,12 @@ def control_editor():
     """
     Performs actions on Control Editor Feature to edit controls to RegScale.
     """
+    warnings.filterwarnings("always", category=DeprecationWarning)
+    warnings.warn(
+        "Control Editor is deprecated and will be removed in a future release. Use `regscale model` with the `--model control` argument instead.",
+        DeprecationWarning,
+        stacklevel=2,
+    )
 
 
 # Get data and pull into Excel worksheets.
@@ -68,7 +75,13 @@ def generate_data_download(regscale_id: int, regscale_module: str, path: Path):
     This function will build and populate a spreadsheet of all control implementations
     with the selected RegScale Parent Id and RegScale Module.
     """
-    data_load(parent_id=regscale_id, parent_module=regscale_module, path=path)
+    warnings.filterwarnings("always", category=DeprecationWarning)
+    warnings.warn(
+        "Control Editor is deprecated and will be removed in a future release. Use `regscale model generate --model control` instead.",
+        DeprecationWarning,
+        stacklevel=2,
+    )
+    data_load(regscale_id, regscale_module, path)
 
 
 def data_load(parent_id: int, parent_module: str, path: Path) -> None:
@@ -359,8 +372,13 @@ def _fetch_implementations(api: "Api", parent_id: int, parent_module: str) -> "p
 def generate_db_update(path: Path, skip_prompt: bool):
     """
     This function will check changes made to spreadsheet and upload any changes made to RegScale.
-
     """
+    warnings.filterwarnings("always", category=DeprecationWarning)
+    warnings.warn(
+        "Control Editor is deprecated and will be removed in a future release. Use `regscale model load --model control` instead.",
+        DeprecationWarning,
+        stacklevel=2,
+    )
     db_update(path, skip_prompt)
 
 
@@ -514,6 +532,12 @@ def build_implementation(i: dict, regscale_parent_id: int, regscale_parent_modul
 )
 def generate_delete_file(path: Path):
     """This command will delete files used during the Control editing process."""
+    warnings.filterwarnings("always", category=DeprecationWarning)
+    warnings.warn(
+        "Control Editor is deprecated and will be removed in a future release. Use `regscale model` with the `--model control` argument instead.",
+        DeprecationWarning,
+        stacklevel=2,
+    )
     delete_file(path)
 
 

regscale/core/app/internal/model_editor.py

@@ -328,7 +328,6 @@ def upload_data(path: Path, obj_type: str) -> None:
     :return: None
     :rtype: None
     """
-    import numpy as np  # Optimize import performance
     import pandas as pd
 
     app = Application()
@@ -356,30 +355,25 @@ def upload_data(path: Path, obj_type: str) -> None:
         if df1.equals(df2):
             error_and_exit("No differences detected.")
 
-        else:
-            app.logger.warning("Differences found!")
-            # Need to strip out any net new rows before doing this comparison
-            df2 = strip_any_net_new_rows(app, df2, all_workbook_filename, obj_type, path, new_workbook_filename)
-            diff_mask = (df1 != df2) & ~(df1.isnull() & df2.isnull())
-            ne_stacked = diff_mask.stack()
-            changed = ne_stacked[ne_stacked]
-            changed.index.names = ["Id", "Column"]
-            difference_locations = np.nonzero(diff_mask)
-            changed_from = df1.values[difference_locations]
-            changed_to = df2.values[difference_locations]
-            changes = pd.DataFrame({"From": changed_from, "To": changed_to}, index=changed.index)
-            changes.to_csv(
-                os.path.join(path, DIFFERENCES_FILE),
-                header=True,
-                index=True,
-                sep=" ",
-                mode="w+",
-            )
-            app.logger.info(
-                "Please check differences.txt file located in %s to see changes made.",
-                path,
-            )
-            upload_existing_data(app, api, path, obj_type, all_workbook_filename)
+        app.logger.warning("Differences found!")
+        # Need to strip out any net new rows before doing this comparison
+        df3 = strip_any_net_new_rows(app, df2, all_workbook_filename, obj_type, path, new_workbook_filename)
+        try:
+            changes = compare_dataframes(df1, df3)
+        except ValueError:
+            changes = compare_dataframes(df1, df2)
+        changes.to_csv(
+            os.path.join(path, DIFFERENCES_FILE),
+            header=True,
+            index=True,
+            sep=" ",
+            mode="w+",
+        )
+        app.logger.info(
+            "Please check differences.txt file located in %s to see changes made.",
+            path,
+        )
+        upload_existing_data(app, api, path, obj_type, all_workbook_filename)
     else:
         app.logger.info("No files found for the specified type to load to RegScale.")
     return app.logger.info(
@@ -388,7 +382,26 @@ def upload_data(path: Path, obj_type: str) -> None:
     )
 
 
-# pylint: enable=R0914
+def compare_dataframes(df1: "pd.DataFrame", df2: "pd.DataFrame") -> "pd.DataFrame":
+    """
+    Compare two DataFrames and return a DataFrame with the differences.
+
+    :param pd.DataFrame df1: The first DataFrame to compare
+    :param pd.DataFrame df2: The second DataFrame to compare
+    :return: A DataFrame with the differences between the two DataFrames
+    :rtype: pd.DataFrame
+    """
+    import numpy as np
+    import pandas as pd
+
+    diff_mask = (df1 != df2) & ~(df1.isnull() & df2.isnull())
+    ne_stacked = diff_mask.stack()
+    changed = ne_stacked[ne_stacked]
+    changed.index.names = ["Id", "Column"]
+    difference_locations = np.nonzero(diff_mask)
+    changed_from = df1.values[difference_locations]
+    changed_to = df2.values[difference_locations]
+    return pd.DataFrame({"From": changed_from, "To": changed_to}, index=changed.index)
 
 
 @model.command(name="delete_files")

regscale/core/app/utils/api_handler.py

@@ -67,18 +67,11 @@ class APIHandler(Application):
         :return: The version string
         :rtype: str
         """
+        from regscale.utils.version import RegscaleVersion
+
+        rs_version = RegscaleVersion()
         if self._regscale_version is None:
-            try:
-                response = self.get("/assets/json/version.json")
-                if response.status_code == 200:
-                    version_data = response.json()
-                    self._regscale_version = version_data.get("version", "Unknown")
-                else:
-                    logger.error(f"Failed to fetch version. Status code: {response.status_code}")
-                    self._regscale_version = "Unknown"
-            except Exception as e:
-                logger.error(f"Error fetching version: {e}")
-                self._regscale_version = "Unknown"
+            self._regscale_version = rs_version.current_version
         return self._regscale_version
 
     def _make_request(

regscale/integrations/commercial/crowdstrike.py

@@ -1010,7 +1010,6 @@ def create_new_control_implementation(
     cim = ControlImplementation(
         controlOwnerId=user_id,
         dateLastAssessed=get_current_datetime(),
-        implementation=control.get("implementation", None),
         status=status,
         controlID=control["id"],
         parentId=parent_id,

regscale/integrations/commercial/grype/scanner.py

@@ -17,7 +17,7 @@ from pathlib import Path
 
 from regscale.core.app.utils.parser_utils import safe_datetime_str
 from regscale.integrations.jsonl_scanner_integration import JSONLScannerIntegration
-from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding, issue_due_date
 from regscale.models import IssueSeverity, AssetStatus, IssueStatus
 
 logger = logging.getLogger("regscale")
@@ -143,53 +143,61 @@ class GrypeIntegration(JSONLScannerIntegration):
         finding_info = self._extract_finding_info(item, data)
         artifact_info = self._extract_artifact_info(item)
         severity_info = self._determine_severity(finding_info)
-        cvss_fields = self._get_cvss_fields(finding_info["cvss"])
-        scan_date = safe_datetime_str(finding_info["descriptor"].get("timestamp", ""))
+        cvss_fields = self._get_cvss_fields(finding_info.get("cvss"))
+        file_scan_date = safe_datetime_str(finding_info.get("descriptor", {}).get("timestamp", ""))
+        if not self.scan_date:
+            self.scan_date = file_scan_date
         evidence = self._build_evidence(artifact_info)
         observations = self._build_observations(finding_info)
-        remediation_info = self._build_remediation_info(finding_info["fix"])
+        remediation_info = self._build_remediation_info(finding_info.get("fix"))
+
+        severity = severity_info["severity"]
 
         return IntegrationFinding(
             title=(
-                f"{severity_info['cve_id']}: {artifact_info['name']}"
-                if severity_info["cve_id"]
-                else artifact_info["name"]
+                f"{severity_info.get('cve_id')}: {artifact_info.get('name', 'unknown')}"
+                if severity_info.get("cve_id")
+                else artifact_info.get("name", "unknown")
             ),
             description=severity_info["description"],
-            severity=severity_info["severity"],
+            severity=severity,
             status=IssueStatus.Open,
             cvss_v3_score=cvss_fields.get("V3Score"),
             cvss_v3_vector=cvss_fields.get("V3Vector") or "",
             cvss_v2_score=cvss_fields.get("V2Score"),
             cvss_v2_vector=cvss_fields.get("V2Vector") or "",
-            plugin_name=artifact_info["name"],
+            plugin_name=artifact_info.get("name"),
             plugin_id=self.title,
             asset_identifier=asset_identifier,
             category="Vulnerability",
-            cve=severity_info["cve_id"],
+            cve=severity_info.get("cve_id"),
             control_labels=["CM-7", "SI-2"],
             evidence=evidence,
             observations=observations,
-            identified_risk=f"Vulnerable {artifact_info['type'] or 'package'} detected: {artifact_info['name'] or 'unknown'} {artifact_info['version'] or 'unknown'}",
+            identified_risk=f"Vulnerable {artifact_info.get('type', 'package')} detected: {artifact_info.get('name', 'unknown')} {artifact_info.get('version', 'unknown')}",
             recommendation_for_mitigation=remediation_info["remediation"],
-            scan_date=scan_date,
-            first_seen=scan_date,
-            last_seen=scan_date,
-            vulnerability_type=finding_info["type"],
-            rule_id=finding_info["id"],
-            source_rule_id=finding_info["id"],
-            remediation=remediation_info["remediation"],
-            vulnerable_asset=f"{artifact_info['name'] or 'unknown'}:{artifact_info['version'] or 'unknown'}",
-            security_check=finding_info["matcher"],
-            external_id=finding_info["data_source"],
-            installed_versions=artifact_info["version"],
-            affected_os=finding_info["affected_os"],
-            affected_packages=artifact_info["name"],
-            image_digest=finding_info["manifest_digest"],
-            package_path=artifact_info["purl"],
-            build_version=finding_info["build_version"],
-            fixed_versions=remediation_info["fixed_versions"],
-            fix_status=remediation_info["fix_status"],
+            scan_date=self.scan_date,
+            first_seen=file_scan_date,
+            last_seen=self.scan_date,
+            date_created=self.scan_date,
+            vulnerability_type=finding_info.get("type"),
+            rule_id=finding_info.get("id"),
+            source_rule_id=finding_info.get("id"),
+            remediation=remediation_info.get("remediation"),
+            vulnerable_asset=f"{artifact_info.get('name', 'unknown')}:{artifact_info.get('version', 'unknown')}",
+            security_check=finding_info.get("matcher"),
+            external_id=finding_info.get("data_source"),
+            installed_versions=artifact_info.get("version"),
+            affected_os=finding_info.get("affected_os"),
+            affected_packages=artifact_info.get("name"),
+            image_digest=finding_info.get("manifest_digest"),
+            package_path=artifact_info.get("purl"),
+            build_version=finding_info.get("build_version"),
+            fixed_versions=remediation_info.get("fixed_versions"),
+            fix_status=remediation_info.get("fix_status"),
+            due_date=issue_due_date(
+                severity=severity, created_date=file_scan_date, title="grype", config=self.app.config
+            ),
         )
 
     def _extract_finding_info(self, item: Dict[str, Any], data: Dict[str, Any]) -> Dict[str, Any]:

regscale/integrations/commercial/opentext/commands.py

@@ -61,6 +61,8 @@ def import_scans(
     Import and process a folder of Fortify WebInspect XML file(s).
     """
     # Use the new WebInspectIntegration class to sync assets and findings
+    if s3_bucket and not folder_path:
+        folder_path = s3_bucket
     wi = WebInspectIntegration(
         plan_id=regscale_ssp_id,
         file_path=str(folder_path) if folder_path else None,

regscale/integrations/commercial/opentext/scanner.py

@@ -14,9 +14,10 @@ from typing import Any, Dict, List, Optional, Union, Tuple, cast, Iterator, Set
 
 from pathlib import Path
 
+from regscale.core.app.utils.app_utils import check_license
 from regscale.core.app.utils.file_utils import find_files, read_file
 from regscale.integrations.jsonl_scanner_integration import JSONLScannerIntegration
-from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding
+from regscale.integrations.scanner_integration import IntegrationAsset, IntegrationFinding, issue_due_date
 from regscale.models import IssueSeverity, AssetStatus, IssueStatus, ImportValidater
 
 logger = logging.getLogger("regscale")
@@ -37,15 +38,19 @@ class WebInspectIntegration(JSONLScannerIntegration):
     # Constants for file paths
     ASSETS_FILE = "./artifacts/webinspect_assets.jsonl"
     FINDINGS_FILE = "./artifacts/webinspect_findings.jsonl"
+    file_date: Optional[str] = None
 
     def __init__(self, *args, **kwargs):
         """Initialize the WebInspectIntegration."""
+        self.app = check_license()
         # Override file_pattern for XML files
         kwargs["file_pattern"] = "*.xml"
         kwargs["read_files_only"] = True
         self.disable_mapping = kwargs["disable_mapping"] = True
-        # kwargs["re"]
+        self.set_scan_date(kwargs.get("scan_date"))
+        # logger.debug(f"scan_date: {self.scan_date}"
         super().__init__(*args, **kwargs)
+        logger.debug(f"WebInspectIntegration initialized with scan date: {self.scan_date}")
 
     def is_valid_file(self, data: Any, file_path: Union[Path, str]) -> Tuple[bool, Optional[Dict[str, Any]]]:
         """
@@ -232,6 +237,22 @@ class WebInspectIntegration(JSONLScannerIntegration):
             asset = self._prepare_asset(file, data)
             self._write_asset_if_new(asset, assets_file, asset_tracker)
 
+            # Extract the date from the file name
+            file_name = os.path.basename(str(file))
+            # Extract the string after " - " and before ".xml" in the file name
+            parsed_string = file_name.split(" - ")[1].rsplit(".xml", 1)[0] if " - " in file_name else ""
+            # Convert parsed_string to a date in "%Y-%m-%d %H:%M:%S" format
+            try:
+                if len(parsed_string) == 6:  # Ensure the string is in "MMDDYY" format
+                    month = int(parsed_string[:2])
+                    day = int(parsed_string[2:4])
+                    year = int(parsed_string[4:])
+                    self.file_date = f"{year + 2000:04d}-{month:02d}-{day:02d}"
+                else:
+                    self.file_date = None
+            except ValueError:
+                self.file_date = None
+
             findings_data = self._get_findings_data_from_file(data)
             logger.info(f"Found {len(findings_data)} findings in file: {file}")
             findings_added = self._write_findings(findings_data, asset.identifier, findings_file, finding_tracker)
@@ -300,7 +321,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
         """
         findings_added = 0
         for finding_item in findings_data:
-            finding = self.parse_finding(asset_id, {}, finding_item)  # Pass empty dict for data if unused
+            finding = self.parse_finding(asset_id, findings_data, finding_item)  # Pass empty dict for data if unused
             finding_dict = dataclasses.asdict(finding)
             if not self.disable_mapping and self.mapping:
                 mapped_finding_dict = self._apply_mapping(
@@ -384,6 +405,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
 
         # Get the host from the first issue
         host = issues[0].get("Host", "Unknown Host")
+        url = issues[0].get("URL", "")
 
         # Create and return the asset
         return IntegrationAsset(
@@ -395,6 +417,7 @@ class WebInspectIntegration(JSONLScannerIntegration):
             asset_category="Hardware",
             parent_id=self.plan_id,
             parent_module="securityplans",
+            fqdn=url,
         )
 
     def _get_findings_data_from_file(self, data: Dict[str, Any]) -> List[Dict[str, Any]]:
@@ -457,51 +480,42 @@ class WebInspectIntegration(JSONLScannerIntegration):
         """
         severity_int = int(item.get("Severity", 3))
         severity_value = self.finding_severity_map.get(severity_int, IssueSeverity.High.value)
-
         try:
             severity = IssueSeverity(severity_value)
         except ValueError:
             severity = IssueSeverity.High
 
+        if self.scan_date is None:
+            self.scan_date = self.file_date
+
         title = item.get("Name", "")
-        host = item.get("Host", asset_identifier)
         plugin_id = item.get("VulnerabilityID", "")
-        external_id = str(host + plugin_id)
+        external_id = str(asset_identifier + plugin_id)
         sections = item.get("ReportSection", [])
 
         # Extract description and mitigation from report sections
         description = self._parse_report_section(sections, "Summary")
         mitigation = self._parse_report_section(sections, "Fix")
 
-        # Only create findings for certain severity levels
-        if severity in (IssueSeverity.Critical, IssueSeverity.High, IssueSeverity.Moderate, IssueSeverity.Low):
-            return IntegrationFinding(
-                external_id=external_id,
-                asset_identifier=host,
-                control_labels=[],
-                description=description,
-                status=IssueStatus.Open,
-                title=title,
-                severity=severity,
-                category=f"{self.title} Vulnerability",
-                plugin_id=plugin_id,
-                plugin_name=title,
-                rule_id=plugin_id,
-                recommendation_for_mitigation=mitigation,
-                source_report=self.title,
-            )
-        # Return a default finding for severities we skip
         return IntegrationFinding(
-            external_id=f"skip-{external_id}",
-            asset_identifier=host,
+            external_id=external_id,
+            asset_identifier=asset_identifier,
             control_labels=[],
-            description="Skipped finding due to low severity",
-            status=IssueStatus.Closed,
-            title=f"Skipped: {title}",
-            severity=IssueSeverity.NotAssigned,
-            category=f"{self.title} Skipped",
+            description=description,
+            status=IssueStatus.Open,
+            title=title,
+            severity=severity,
+            category=f"{self.title} Vulnerability",
+            scan_date=self.scan_date,
+            first_seen=self.scan_date,
+            last_seen=self.scan_date,
+            date_created=self.scan_date,
             plugin_id=plugin_id,
             plugin_name=title,
             rule_id=plugin_id,
+            recommendation_for_mitigation=mitigation,
             source_report=self.title,
+            due_date=issue_due_date(
+                severity=severity, created_date=self.scan_date, title="opentext", config=self.app.config
+            ),
         )