regscale-cli 6.21.2.0__py3-none-any.whl → 6.21.2.2__py3-none-any.whl

regscale/_version.py

@@ -33,7 +33,7 @@ def get_version_from_pyproject() -> str:
                     return match.group(1)
     except Exception:
         pass
-    return "6.21.2.0"  # fallback version
+    return "6.21.2.2"  # fallback version
 
 
 __version__ = get_version_from_pyproject()

regscale/core/app/application.py

@@ -260,6 +260,7 @@ class Application(metaclass=Singleton):
             "tenableMinimumSeverityFilter": "low",
             "token": DEFAULT_POPULATED,
             "userId": "enter RegScale user id here",
+            "useMilestones": False,
             "otx": "enter AlienVault API key here",
             "wizAccessToken": DEFAULT_POPULATED,
             "wizAuthUrl": "https://auth.wiz.io/oauth/token",

regscale/integrations/commercial/wizv2/policy_compliance.py

@@ -39,6 +39,7 @@ from regscale.integrations.scanner_integration import (
     IntegrationFinding,
     issue_due_date,
 )
+from regscale.integrations.variables import ScannerVariables
 from regscale.models import regscale_models
 
 logger = logging.getLogger("regscale")
@@ -193,6 +194,8 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
     type = ScannerIntegrationType.CONTROL_TEST
     # Use wizId field for asset identification (matches other Wiz integrations)
     asset_identifier_field = "wizId"
+    issue_identifier_field = "wizId"
+
     # Do not create assets - they come from separate inventory import
     options_map_assets_to_components: bool = False
     # Do not create vulnerabilities from compliance policy results
@@ -906,7 +909,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
 
             asset = IntegrationAsset(
                 name=compliance_item.resource_name,
-                identifier=f"{compliance_item.resource_name} ({compliance_item.resource_id})",
+                identifier=compliance_item.resource_name,  # Use name only without UUID
                 external_id=compliance_item.resource_id,
                 other_tracking_number=compliance_item.resource_id,  # For deduplication
                 asset_type=asset_type,
@@ -1239,7 +1242,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
         filtered_nodes = self._filter_nodes_to_framework(nodes)
         progress.update(
             task,
-            description=f"[green]✓ Completed Wiz policy assessments: {len(filtered_nodes)} nodes",
+            description=f"[green]Completed Wiz policy assessments: {len(filtered_nodes)} nodes",
             completed=1,
             total=1,
         )
@@ -1816,19 +1819,19 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
             self._sync_assets()
 
             # Step 2: CRITICAL - Pre-populate control implementation cache BEFORE creating assessments
-            logger.info("🔧 Pre-populating control implementation cache for issue processing...")
+            logger.info("Pre-populating control implementation cache for issue processing...")
             self._populate_control_implementation_cache()
 
             # Step 3: Create control assessments BEFORE issues (ensures assessmentId is available)
-            logger.info("🔧 Creating control assessments BEFORE issue processing...")
+            logger.info("Creating control assessments BEFORE issue processing...")
             self._sync_control_assessments()
 
             # Step 3.5: CRITICAL - Refresh assessment cache after assessments are created
-            logger.info("🔧 Refreshing assessment cache with newly created assessments...")
+            logger.info("Refreshing assessment cache with newly created assessments...")
             self._refresh_assessment_cache_after_creation()
 
             # Step 4: NOW process issues with controlId and assessmentId properly set
-            logger.info("🔧 Processing issues with control and assessment IDs available...")
+            logger.info("Processing issues with control and assessment IDs available...")
             self._sync_issues()
 
             self._finalize_scan_history(scan_history)
@@ -1868,7 +1871,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
 
             # Step 3: Sync using the overridden method (which ensures proper ordering)
             logger.info(
-                f"🔧 Sync parameters: create_issues={self.create_issues}, update_control_status={self.update_control_status}"
+                f"Sync parameters: create_issues={self.create_issues}, update_control_status={self.update_control_status}"
             )
 
             self.sync_compliance()
@@ -1932,7 +1935,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
         # CRITICAL FIX: If assessment_id is set, prepare the finding for assessment parenting
         if hasattr(finding, "assessment_id") and finding.assessment_id:
             assessment_id = finding.assessment_id
-            logger.debug(f"🔄 PRE-SETTING ASSESSMENT PARENT: assessmentId={assessment_id}")
+            logger.debug(f"PRE-SETTING ASSESSMENT PARENT: assessmentId={assessment_id}")
 
             # Add parent override fields to the finding for the ScannerIntegration to use
             finding._override_parent_id = assessment_id
@@ -2031,7 +2034,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
         if hasattr(finding, "_override_parent_id") and hasattr(finding, "_override_parent_module"):
             parent_id = finding._override_parent_id
             parent_module = finding._override_parent_module
-            logger.debug(f"🔄 USING OVERRIDE PARENT: {parent_module} #{parent_id}")
+            logger.debug(f"USING OVERRIDE PARENT: {parent_module} #{parent_id}")
         else:
             parent_id = self.plan_id
             parent_module = self.parent_module
@@ -2084,7 +2087,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
 
         # CRITICAL: Set assessmentId (this is the key fix)
         issue.assessmentId = finding.assessment_id
-        logger.debug(f"✅ SETTING assessmentId = {finding.assessment_id} with parent = {parent_module} #{parent_id}")
+        logger.debug(f"SETTING assessmentId = {finding.assessment_id} with parent = {parent_module} #{parent_id}")
 
         control_id = self.get_control_implementation_id_for_cci(finding.cci_ref) if finding.cci_ref else None
         issue.controlId = control_id
@@ -2117,16 +2120,30 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
             issue = self.lookup_kev_and_update_issue(cve=finding.cve, issue=issue, cisa_kevs=self._kev_data)
 
         if existing_issue:
-            logger.debug(f"💾 Saving existing issue {issue.id} with assessmentId={issue.assessmentId}")
+            logger.debug(f"Saving existing issue {issue.id} with assessmentId={issue.assessmentId}")
             issue.save(bulk=True)
         else:
-            logger.info(f"💾 Creating new issue with assessmentId={issue.assessmentId}")
+            logger.info(f"Creating new issue with assessmentId={issue.assessmentId}")
             issue = issue.create_or_update(
                 bulk_update=True, defaults={"otherIdentifier": self._get_other_identifier(finding, is_poam)}
             )
-            self.extra_data_to_properties(finding, issue.id)
+            if issue and issue.id:
+                logger.debug(f"Issue created with ID: {issue.id}")
+                self.extra_data_to_properties(finding, issue.id)
+            else:
+                logger.error(f" Issue creation failed - no ID returned for finding {finding.external_id}")
+                return None
+
+        # Only create milestones if issue has an ID
+        if issue and issue.id:
+            # Check if existing issue needs initial milestone creation
+            if existing_issue and ScannerVariables.useMilestones:
+                self._ensure_issue_has_milestone(issue, finding)
+
+            self._handle_property_and_milestone_creation(issue, finding, existing_issue)
+        else:
+            logger.debug("Skipping milestone creation - issue has no ID")
 
-        self._handle_property_and_milestone_creation(issue, finding, existing_issue)
         return issue
 
     def _populate_compliance_fields_on_finding(self, finding: IntegrationFinding) -> None:
@@ -2163,6 +2180,59 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
         except Exception:
             pass
 
+    def _ensure_issue_has_milestone(self, issue: regscale_models.Issue, finding: IntegrationFinding) -> None:
+        """
+        Ensure that an existing issue has at least one milestone.
+
+        This method checks if an existing issue has any milestones, and if not,
+        creates an initial "Issue created" milestone. This handles cases where
+        issues were created before milestone tracking was enabled, or were
+        created through other means without milestones.
+
+        :param issue: The existing issue to check for milestones
+        :param finding: The finding data
+        :return: None
+        """
+        try:
+            # Check if the issue already has milestones
+            # We need to make a direct API call because the Milestone model's endpoint configuration
+            # doesn't include the module parameter that the API expects
+            from regscale.models.regscale_models.milestone import Milestone
+
+            try:
+                existing_milestones = Milestone.get_all_by_parent(parent_id=issue.id, parent_module="issues")
+                logger.debug(f"Fetched {len(existing_milestones)} existing milestones for issue {issue.id}")
+            except Exception as api_error:
+                # If the API call fails, log it and assume no milestones exist
+                logger.debug(f"Could not fetch existing milestones for issue {issue.id}: {api_error}")
+                existing_milestones = []
+
+            if not existing_milestones:
+                # Create an initial milestone for the existing issue
+                logger.debug(f"Creating initial milestone for existing issue {issue.id} that had no milestones")
+
+                # Use the issue's dateCreated if available, otherwise use current date
+                if hasattr(issue, "dateCreated") and issue.dateCreated:
+                    # Convert to string if it's a datetime object (e.g., in tests)
+                    if hasattr(issue.dateCreated, "isoformat"):
+                        milestone_date = issue.dateCreated.isoformat()
+                    else:
+                        milestone_date = issue.dateCreated
+                else:
+                    milestone_date = get_current_datetime()
+
+                regscale_models.Milestone(
+                    title=f"Issue created by {self.title}",
+                    milestoneDate=milestone_date,
+                    responsiblePersonId=self.assessor_id,
+                    parentID=issue.id,
+                    parentModule=regscale_models.Issue.get_module_slug(),
+                ).create()
+
+                logger.debug(f"Created initial milestone for existing issue {issue.id}")
+        except Exception as e:
+            logger.warning(f"Could not check/create milestone for issue {issue.id}: {e}")
+
     def _enhance_issue_with_compliance_fields(self, issue: regscale_models.Issue, finding: IntegrationFinding) -> None:
         """
         Enhance an issue with compliance-specific fields (controlId and assessmentId).
@@ -2231,7 +2301,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
         try:
             from regscale.models import regscale_models
 
-            logger.info("🔍 Pre-populating control implementation cache for issue processing...")
+            logger.info("Pre-populating control implementation cache for issue processing...")
 
             # Get all control implementations for this plan
             implementations = regscale_models.ControlImplementation.get_all_by_parent(
@@ -2285,7 +2355,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                 except Exception:
                     continue
 
-            logger.info("✓ Control implementation cache populated:")
+            logger.info("Control implementation cache populated:")
             logger.info(f"  - {controls_mapped} control ID mappings")
             logger.info(f"  - {assessments_mapped} assessment mappings")
 
@@ -2307,7 +2377,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
             from regscale.models import regscale_models
             from datetime import datetime
 
-            logger.info("🔄 Refreshing assessment cache with newly created assessments...")
+            logger.info("Refreshing assessment cache with newly created assessments...")
 
             refreshed_count = 0
             today = datetime.now().date()
@@ -2361,7 +2431,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                 except Exception:
                     continue
 
-            logger.info(f"✓ Assessment cache refreshed: {refreshed_count} assessments updated")
+            logger.info(f"Assessment cache refreshed: {refreshed_count} assessments updated")
 
         except Exception as e:
             logger.error(f"Error refreshing assessment cache: {e}")
@@ -2408,7 +2478,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                         impl_control_id = self._normalize_control_id_string(security_control.controlId)
 
                         if impl_control_id == control_id:
-                            logger.info(f"✓ Found control implementation {impl.id} for control {control_id}")
+                            logger.info(f"Found control implementation {impl.id} for control {control_id}")
                             # Cache it for future lookups
                             if not hasattr(self, "_impl_id_by_control"):
                                 self._impl_id_by_control = {}
@@ -2418,7 +2488,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                     continue
 
             logger.warning(
-                f"⚠️ No control implementation found for control {control_id} among {len(implementations)} implementations"
+                f"No control implementation found for control {control_id} among {len(implementations)} implementations"
             )
             return None
         except Exception as e:
@@ -2495,9 +2565,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                 # Sort by ID (highest/newest first) if multiple today
                 today_assessments.sort(key=lambda a: a.id if hasattr(a, "id") else 0, reverse=True)
                 assessment = today_assessments[0]
-                logger.info(
-                    f"✓ Found today's assessment {assessment.id} for control implementation {implementation_id}"
-                )
+                logger.info(f"Found today's assessment {assessment.id} for control implementation {implementation_id}")
                 # Cache it for future lookups
                 if not hasattr(self, "_assessment_by_impl_today"):
                     self._assessment_by_impl_today = {}
@@ -2512,14 +2580,14 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                     reverse=True,
                 )
                 assessment = recent_assessments[0][0]
-                logger.info(f"✓ Found recent assessment {assessment.id} for control implementation {implementation_id}")
+                logger.info(f"Found recent assessment {assessment.id} for control implementation {implementation_id}")
                 # Cache it even if not today's
                 if not hasattr(self, "_assessment_by_impl_today"):
                     self._assessment_by_impl_today = {}
                 self._assessment_by_impl_today[implementation_id] = assessment
                 return assessment.id
 
-            logger.warning(f"⚠️ No usable assessments found for control implementation {implementation_id}")
+            logger.warning(f"No usable assessments found for control implementation {implementation_id}")
             return None
         except Exception as e:
             logger.error(f"Error finding assessment for control implementation {implementation_id}: {e}")
@@ -2558,7 +2626,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
         with existing assets in RegScale. This ensures we don't create assessments for
         controls that have no assets in our boundary.
         """
-        logger.info("🎯 Starting control assessment processing for Wiz compliance integration")
+        logger.info("Starting control assessment processing for Wiz compliance integration")
 
         # Ensure existing records cache is loaded
         self._load_existing_records_cache()
@@ -2615,8 +2683,8 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                 validated_passing_controls[control_id] = self.passing_controls[control_id]
 
         if not validated_controls_with_assets:
-            logger.warning("❌ No controls have assets in RegScale boundary - no control assessments will be created")
-            logger.info("📊 SUMMARY: 0 control assessments created (no assets exist in RegScale)")
+            logger.warning(" No controls have assets in RegScale boundary - no control assessments will be created")
+            logger.info("SUMMARY: 0 control assessments created (no assets exist in RegScale)")
             return
 
         assessments_created = 0
@@ -2638,15 +2706,15 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
 
         if assessments_created > 0:
             logger.info(
-                f"✅ Created {assessments_created} control assessments: {passing_assessments} passing, {failing_assessments} failing"
+                f"Created {assessments_created} control assessments: {passing_assessments} passing, {failing_assessments} failing"
             )
         else:
             logger.warning(
-                f"⚠️  No control assessments were actually created (0 assessments) despite finding {len(validated_controls_with_assets)} controls with assets"
+                f"No control assessments were actually created (0 assessments) despite finding {len(validated_controls_with_assets)} controls with assets"
             )
 
         logger.info(
-            f"📊 CONTROL ASSESSMENT SUMMARY: {assessments_created} assessments created for {len(validated_controls_with_assets)} validated controls"
+            f"CONTROL ASSESSMENT SUMMARY: {assessments_created} assessments created for {len(validated_controls_with_assets)} validated controls"
         )
 
     def _sync_assessment_cache_from_base_class(self) -> None:
@@ -2665,10 +2733,10 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                 self._control_cache.set_assessment(impl_id, assessment)
                 synced_count += 1
 
-            logger.info(f"✅ Synced {synced_count} assessments from base class cache to control cache")
+            logger.info(f"Synced {synced_count} assessments from base class cache to control cache")
 
         except Exception as e:
-            logger.warning(f"⚠️ Failed to sync assessment cache: {e}")
+            logger.warning(f"Failed to sync assessment cache: {e}")
 
     def _get_validated_control_compliance_items(self, control_id: str) -> List[ComplianceItem]:
         """
@@ -2861,7 +2929,7 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
             self._load_existing_records_cache()
 
             # CRITICAL: Pre-populate control implementation cache before any processing
-            logger.info("🎯 Pre-populating control implementation cache for reliable issue linking...")
+            logger.info("Pre-populating control implementation cache for reliable issue linking...")
             self._populate_control_implementation_cache()
 
             # Call parent's compliance data processing (assessments, etc.) but skip issue creation
@@ -2891,10 +2959,10 @@ class WizPolicyComplianceIntegration(ComplianceIntegration):
                 )
 
                 logger.info(
-                    f"📊 SUMMARY: Processed {issues_processed} policy violations resulting in {actual_issues} consolidated issues for failed controls for assets in RegScale"
+                    f"SUMMARY: Processed {issues_processed} policy violations resulting in {actual_issues} consolidated issues for failed controls for assets in RegScale"
                 )
             else:
-                logger.info("📊 SUMMARY: No issues processed - no failed controls with existing assets")
+                logger.info("SUMMARY: No issues processed - no failed controls with existing assets")
 
         except Exception as e:
             error_and_exit(f"Error during Wiz compliance sync: {e}")
@@ -3017,7 +3085,7 @@ def list_available_frameworks() -> str:
     output.append("=" * 50)
 
     # Show shorthand mappings first
-    output.append("\n📋 Quick Shortcuts:")
+    output.append("\nQuick Shortcuts:")
     output.append("-" * 20)
     shortcut_items = sorted(FRAMEWORK_SHORTCUTS.items())
     for shorthand, framework_id in shortcut_items[:10]:  # Show first 10

regscale/integrations/compliance_integration.py

@@ -201,7 +201,7 @@ class ComplianceIntegration(ScannerIntegration, ABC):
             self._load_existing_assessments()
 
             self._cache_loaded = True
-            logger.info("🗄️  Loaded existing records cache to prevent duplicates:")
+            logger.info("Loaded existing records cache to prevent duplicates:")
             logger.info(f"   - Assets: {len(self._existing_assets_cache)}")
             logger.info(f"   - Issues: {len(self._existing_issues_cache)}")
             logger.info(f"   - Assessments: {len(self._existing_assessments_cache)}")
@@ -253,7 +253,7 @@ class ComplianceIntegration(ScannerIntegration, ABC):
                 parent_id=self.plan_id, parent_module=self.parent_module
             )
             all_issues.update(plan_issues)
-            logger.debug(f"🔍 Found {len(plan_issues)} issues directly under plan {self.plan_id}")
+            logger.debug(f"Found {len(plan_issues)} issues directly under plan {self.plan_id}")
 
             # Method 2: Get issues associated with control implementations (matches scanner integration logic)
             try:
@@ -274,11 +274,11 @@ class ComplianceIntegration(ScannerIntegration, ABC):
                             except Exception as e:
                                 logger.debug(f"Could not load issue {issue_id}: {e}")
 
-                logger.debug(f"🔍 Found {impl_issues_count} additional issues via control implementations")
+                logger.debug(f"Found {impl_issues_count} additional issues via control implementations")
             except Exception as e:
                 logger.debug(f"Could not load issues by control implementation: {e}")
 
-            logger.debug(f"🔍 Total unique issues found: {len(all_issues)} for plan {self.plan_id}")
+            logger.debug(f"Total unique issues found: {len(all_issues)} for plan {self.plan_id}")
 
             wiz_issues = 0
             for issue in all_issues:
@@ -287,11 +287,11 @@ class ComplianceIntegration(ScannerIntegration, ABC):
                     self._existing_issues_cache[issue.externalId] = issue
                     if "wiz-policy" in issue.externalId.lower():
                         wiz_issues += 1
-                        logger.debug(f"📋 Cached Wiz issue: {issue.id} -> external_id: {issue.externalId}")
+                        logger.debug(f"Cached Wiz issue: {issue.id} -> external_id: {issue.externalId}")
                 if hasattr(issue, "otherIdentifier") and issue.otherIdentifier:
                     self._existing_issues_cache[issue.otherIdentifier] = issue
 
-            logger.debug(f"🔍 Cached {wiz_issues} Wiz policy issues out of {len(all_issues)} total issues")
+            logger.debug(f"Cached {wiz_issues} Wiz policy issues out of {len(all_issues)} total issues")
 
         except Exception as e:
             logger.debug(f"Error loading existing issues: {e}")

regscale/integrations/scanner_integration.py

@@ -1742,7 +1742,7 @@ class ScannerIntegration(ABC):
             ).create_or_update()
             logger.debug("Added CWE property %s to issue %s", finding.plugin_id, issue.id)
 
-        if ScannerVariables.useMilestones:
+        if ScannerVariables.useMilestones and issue.id:
             if (
                 existing_issue
                 and existing_issue.status == regscale_models.IssueStatus.Closed
@@ -1754,7 +1754,7 @@ class ScannerIntegration(ABC):
                     responsiblePersonId=self.assessor_id,
                     parentID=issue.id,
                     parentModule="issues",
-                ).create_or_update()
+                ).create()
                 logger.debug("Added milestone for issue %s from finding %s", issue.id, finding.external_id)
             elif (
                 existing_issue
@@ -1767,7 +1767,7 @@ class ScannerIntegration(ABC):
                     responsiblePersonId=self.assessor_id,
                     parentID=issue.id,
                     parentModule="issues",
-                ).create_or_update()
+                ).create()
                 logger.debug("Added milestone for issue %s from finding %s", issue.id, finding.external_id)
             elif not existing_issue:
                 regscale_models.Milestone(
@@ -1776,7 +1776,7 @@ class ScannerIntegration(ABC):
                     responsiblePersonId=self.assessor_id,
                     parentID=issue.id,
                     parentModule="issues",
-                ).create_or_update()
+                ).create()
                 logger.debug("Created milestone for issue %s from finding %s", issue.id, finding.external_id)
             else:
                 logger.debug("No milestone created for issue %s from finding %s", issue.id, finding.external_id)
@@ -2661,7 +2661,7 @@ class ScannerIntegration(ABC):
         issue.dateLastUpdated = get_current_datetime()
         issue.save()
 
-        if ScannerVariables.useMilestones:
+        if ScannerVariables.useMilestones and issue.id:
             regscale_models.Milestone(
                 title=f"Issue closed from {self.title} scan",
                 milestoneDate=issue.dateCompleted,
@@ -2669,7 +2669,7 @@ class ScannerIntegration(ABC):
                 completed=True,
                 parentID=issue.id,
                 parentModule="issues",
-            ).create_or_update()
+            ).create()
             logger.debug("Created milestone for issue %s from %s tool", issue.id, self.title)
 
         with count_lock:

regscale/models/integration_models/cisa_kev_data.json

@@ -1,9 +1,55 @@
 {
     "title": "CISA Catalog of Known Exploited Vulnerabilities",
-    "catalogVersion": "2025.08.21",
-    "dateReleased": "2025-08-21T17:02:19.8046Z",
-    "count": 1401,
+    "catalogVersion": "2025.08.25",
+    "dateReleased": "2025-08-25T17:04:19.9796Z",
+    "count": 1404,
     "vulnerabilities": [
+        {
+            "cveID": "CVE-2025-48384",
+            "vendorProject": "Git",
+            "product": "Git",
+            "vulnerabilityName": "Git Link Following Vulnerability",
+            "dateAdded": "2025-08-25",
+            "shortDescription": "Git contains a link following vulnerability that stems from Git\u2019s inconsistent handling of carriage return characters in configuration files.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-09-15",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https:\/\/github.com\/git\/git\/security\/advisories\/GHSA-vwqx-4fm8-6qc9 ; https:\/\/access.redhat.com\/errata\/RHSA-2025:13933 ; https:\/\/alas.aws.amazon.com\/AL2\/ALAS2-2025-2941.html ; https:\/\/linux.oracle.com\/errata\/ELSA-2025-11534.html ; https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2025-48384 ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-48384",
+            "cwes": [
+                "CWE-59",
+                "CWE-436"
+            ]
+        },
+        {
+            "cveID": "CVE-2024-8068",
+            "vendorProject": "Citrix",
+            "product": "Session Recording",
+            "vulnerabilityName": "Citrix Session Recording Improper Privilege Management Vulnerability",
+            "dateAdded": "2025-08-25",
+            "shortDescription": "Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the same Windows Active Directory domain as the session recording server domain.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-09-15",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/support.citrix.com\/external\/article\/691941\/citrix-session-recording-security-bullet.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8068",
+            "cwes": [
+                "CWE-269"
+            ]
+        },
+        {
+            "cveID": "CVE-2024-8069",
+            "vendorProject": "Citrix",
+            "product": "Session Recording",
+            "vulnerabilityName": "Citrix Session Recording Deserialization of Untrusted Data Vulnerability",
+            "dateAdded": "2025-08-25",
+            "shortDescription": "Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.",
+            "requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
+            "dueDate": "2025-09-15",
+            "knownRansomwareCampaignUse": "Unknown",
+            "notes": "https:\/\/support.citrix.com\/external\/article\/691941\/citrix-session-recording-security-bullet.html ; https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-8069",
+            "cwes": [
+                "CWE-502"
+            ]
+        },
         {
             "cveID": "CVE-2025-43300",
             "vendorProject": "Apple",

regscale/models/regscale_models/milestone.py

@@ -3,7 +3,8 @@
 """Class for milestone model in RegScale platform"""
 
 from typing import Optional
-from pydantic import ConfigDict, Field
+
+from pydantic import Field, field_validator, model_validator
 
 from regscale.core.app.utils.app_utils import get_current_datetime
 from regscale.models.regscale_models.regscale_model import RegScaleModel
@@ -14,27 +15,44 @@ class Milestone(RegScaleModel):
 
     _module_slug = "milestones"
     _module_string = "milestones"
+    _unique_fields = ["title", "parentModule"]
 
     title: str
     id: int = 0
     isPublic: Optional[bool] = True
     milestoneDate: Optional[str] = Field(default_factory=get_current_datetime)
     responsiblePersonId: Optional[str] = None
-    predecessorStepId: Optional[int] = 0
+    predecessorStepId: Optional[int] = None
     completed: Optional[bool] = False
-    dateCompleted: Optional[str] = Field(default_factory=get_current_datetime)
+    dateCompleted: Optional[str] = None
     notes: Optional[str] = ""
     parentID: Optional[int] = None
     parentModule: str = ""
 
-    @staticmethod
-    def _get_additional_endpoints() -> ConfigDict:
-        """
-        Get additional endpoints for the Milestone model
-
-        :return: A dictionary of additional endpoints
-        :rtype: ConfigDict
-        """
-        return ConfigDict(
-            get_all_by_parent="/api/{model_slug}/getAllByParent/{intParentID}",
-        )
+    @field_validator("milestoneDate")
+    @classmethod
+    def validate_milestone_date(cls, v: Optional[str]) -> str:
+        """Ensure milestoneDate is never empty."""
+        if not v or v == "":
+            return get_current_datetime()
+        return v
+
+    @field_validator("dateCompleted")
+    @classmethod
+    def set_date_completed(cls, v: Optional[str], info) -> Optional[str]:
+        """Set dateCompleted based on completed field."""
+        completed = info.data.get("completed", False)
+        if completed and (v is None or v == ""):
+            return get_current_datetime()
+        if not completed:
+            return None
+        return v
+
+    @model_validator(mode="after")
+    def validate_completion(self):
+        """Ensure dateCompleted is set when completed is True."""
+        if self.completed and (self.dateCompleted is None or self.dateCompleted == ""):
+            self.dateCompleted = get_current_datetime()
+        elif not self.completed:
+            self.dateCompleted = None
+        return self

{regscale_cli-6.21.2.0.dist-info → regscale_cli-6.21.2.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: regscale-cli
-Version: 6.21.2.0
+Version: 6.21.2.2
 Summary: Command Line Interface (CLI) for bulk processing/loading data into RegScale
 Home-page: https://github.com/RegScale/regscale-cli
 Author: Travis Howerton

{regscale_cli-6.21.2.0.dist-info → regscale_cli-6.21.2.2.dist-info}/RECORD

@@ -1,5 +1,5 @@
 regscale/__init__.py,sha256=ZygAIkX6Nbjag1czWdQa-yP-GM1mBE_9ss21Xh__JFc,34
-regscale/_version.py,sha256=RSHUslawemipH8yaOMvaSKPUKiKa27EuRFDlAk-t2k4,1198
+regscale/_version.py,sha256=c23bJjOSOin3Rj2jQMCSQSWCsJkFOj3c3AkLRqbD5mc,1198
 regscale/regscale.py,sha256=xcxnTwEwWgfO3Fnp0LVo32SZCJzAswq3WDZgm21nHnI,30914
 regscale/airflow/__init__.py,sha256=yMwN0Bz4JbM0nl5qY_hPegxo_O2ilhTOL9PY5Njhn-s,270
 regscale/airflow/click_dags.py,sha256=H3SUR5jkvInNMv1gu-VG-Ja_H-kH145CpQYNalWNAbE,4520
@@ -36,7 +36,7 @@ regscale/core/lazy_group.py,sha256=S2-nA5tzm47A929NOTqGkzrzKuZQDlq2OAPbNnG1W1Q,2
 regscale/core/login.py,sha256=-8vy1HVAtv1iARnZh6uzYtwmx8VFYPwLYR0QAf1ttCk,2714
 regscale/core/app/__init__.py,sha256=nGcCN1vWBAnZzoccIlt0jwWQdegCOrBWOB7LPhQkQSs,96
 regscale/core/app/api.py,sha256=CSyUCV6haBAQ9IyE1FViJcAfTcoS5GJRaULwnRoAV9U,23499
-regscale/core/app/application.py,sha256=R86hqlOG5AI1kpLQr16cDsm9cZvBUz0FY9S9-gcU144,31867
+regscale/core/app/application.py,sha256=O-Z0EVQuGIWAeUSjz2IK1LnUP5zF1YNOb4gxZ79B1LI,31903
 regscale/core/app/logz.py,sha256=8AdBKmquv45JGi5fCMc38JqQg6-FpUONGmqfd5EGwrI,2583
 regscale/core/app/internal/__init__.py,sha256=rod4nmE7rrYDdbuYF4mCWz49TK_2r-v4tWy1UHW63r0,4808
 regscale/core/app/internal/admin_actions.py,sha256=hOdma7QGwFblmxEj9UTjiWWmZGUS5_ZFtxL2qZdhf-Q,7443
@@ -111,10 +111,10 @@ regscale/exceptions/validation_exception.py,sha256=_DW_GARtPr_Dyy8tolnvC_AYsHRsU
 regscale/integrations/__init__.py,sha256=Sqthp3Jggo7co_go380cLn3OAb0cHwqL609_4QJSFBY,58
 regscale/integrations/api_paginator.py,sha256=73rjaNM9mGv8evHAeoObXEjZPg-bJuGPo60ewCLEil8,33192
 regscale/integrations/api_paginator_example.py,sha256=lEuYI-xEGcjnXuIzbCobCP0YRuukLF0s8S3d382SAH4,12119
-regscale/integrations/compliance_integration.py,sha256=8HPu9WRheJjoowP8fnTjJOGIFcB8qEwbP-qEGPDdAsY,68428
+regscale/integrations/compliance_integration.py,sha256=aR13rcMh-BTpr_ibENPQZ1z5rlhtuqpPGRI9YfbqJjw,68394
 regscale/integrations/integration_override.py,sha256=HjYBCuvNpU3t3FptaqYAkdexLFOZBAFrFE9xU0RD1Nc,5867
 regscale/integrations/jsonl_scanner_integration.py,sha256=l8nq_T3rE1XX-6HxrNHm3xzxCNWbIjxQvGMdtZWs7KQ,57003
-regscale/integrations/scanner_integration.py,sha256=JpRr7LgzOdRdrncJ-wJrypgUTVWZ1j3Jbhl0zrNMvts,145540
+regscale/integrations/scanner_integration.py,sha256=o7RdZ7Z0x0Ldhh5JrjUx1qFGKiJLw_y-6mFyhyA2P1k,145526
 regscale/integrations/variables.py,sha256=MfQ34WuYVN5437A9sZ2ssHRkA3gFhMHfk1DVasceGmY,2336
 regscale/integrations/commercial/__init__.py,sha256=LZj1qV5f7RdHIOfedDVELV62ADe5gyNccWayHMF1aVc,14026
 regscale/integrations/commercial/ad.py,sha256=YXSmK8vRf6yi2GnREGa5GrE6GelhFrLj44SY8AO1pK0,15509
@@ -240,7 +240,7 @@ regscale/integrations/commercial/wizv2/data_fetcher.py,sha256=tMdwWfaQCqLpZg9tGE
 regscale/integrations/commercial/wizv2/finding_processor.py,sha256=Rn2dYob4cz24_Ks-UTwNQe-KQ6hmFWS6GB8PQXV0ZPE,11361
 regscale/integrations/commercial/wizv2/issue.py,sha256=PA_7BNpCnHGoAc1caU6COGHaIIvCBvIt6DLn3L7Bilo,13451
 regscale/integrations/commercial/wizv2/parsers.py,sha256=dsSMiZaUrBXbuW7U-I5nLoF-TQlpvXys83sTSqT4Yks,11819
-regscale/integrations/commercial/wizv2/policy_compliance.py,sha256=GjqgQu8o3Hajd17nXcPyU9qsM-6ZDzNt2pQs6ZONzbg,129874
+regscale/integrations/commercial/wizv2/policy_compliance.py,sha256=a2VzMxwGiGeIcU8FnyCH6I0z0wdyXeVQPFM7hV9Td-k,133181
 regscale/integrations/commercial/wizv2/policy_compliance_helpers.py,sha256=-KAlDxMiojyUX2DtUi3uVbpmFhDLtGs7wj11MPBCaRE,22174
 regscale/integrations/commercial/wizv2/sbom.py,sha256=QcGaYiBGtZ3mBcbo-KGl-I2u6QHKAIinTk26LPy0Kng,4466
 regscale/integrations/commercial/wizv2/scanner.py,sha256=weSjSBFvvgHmMJp4lpjgomgvBIJ7rjpg_7W7JW-ds-A,74566
@@ -320,7 +320,7 @@ regscale/models/integration_models/azure_alerts.py,sha256=2etrpvcxa7jVQrc98bJlVG
 regscale/models/integration_models/base64.py,sha256=sxV6O5qY1_TstJENX5jBPsSdQwmA83-NNhgJFunXiZE,570
 regscale/models/integration_models/burp.py,sha256=FBEBkH3U0Q8vq71FFoWnvgLRF5Hkr9GYmQFmNNHFrVk,16932
 regscale/models/integration_models/burp_models.py,sha256=UytDTAcCaxyu-knFkm_mEUH6UmWK3OTXKSC9Sc6OjVs,3669
-regscale/models/integration_models/cisa_kev_data.json,sha256=rS7XvjrNcm6PObHircKJqKgO01ZhN5XhqehYerDuphQ,1253951
+regscale/models/integration_models/cisa_kev_data.json,sha256=kBsfInlBo4eaPjn8uFe7b3JSv51xtj7wjVCoNtWrG9I,1257565
 regscale/models/integration_models/defender_data.py,sha256=jsAcjKxiGmumGerj7xSWkFd6r__YpuKDnYX5o7xHDiE,2844
 regscale/models/integration_models/defenderimport.py,sha256=Ze4kgwns-IYPyO7sBjEzW8PXWlxwU-DAo2fIyRcTC3k,6242
 regscale/models/integration_models/drf.py,sha256=Aq7AdLa_CH97NrnR-CxaFI22JjVN9uCxVN7Z-BBUaNU,18896
@@ -415,7 +415,7 @@ regscale/models/regscale_models/line_of_inquiry.py,sha256=Uu0lQEhif0W6yTSkJo27Gy
 regscale/models/regscale_models/link.py,sha256=lAY4Ig3Menm1EqfcAbVJ7jsCsRO5tWtJIf-9-G9FXT8,6593
 regscale/models/regscale_models/master_assessment.py,sha256=t03-8vQJ7hnPNgEU0GSC1XGKOgAqHKuIupbt5IjJvtI,7322
 regscale/models/regscale_models/meta_data.py,sha256=Fg8rrWSTx3K00QkF4glH9UdY9OFWJ4_UqxleLSSbx8I,2482
-regscale/models/regscale_models/milestone.py,sha256=ooYVlao19fwwCXErhewwMvXqGjGLWW3EL_PQ_0lYQWY,1229
+regscale/models/regscale_models/milestone.py,sha256=HiBdx1uzasl3Crb03j9qdowCHUy93nTOuklLs_V2SSM,1943
 regscale/models/regscale_models/module.py,sha256=a7lalHmVTQ04ZILnJxuFWdHYDtyusBMTtonD4ICL-Wc,7272
 regscale/models/regscale_models/modules.py,sha256=yeva_tct88o2NFt93_zmqUcXZ3LucVbAv5FvQPru3cQ,8551
 regscale/models/regscale_models/objective.py,sha256=aJIpmkZ-NscqV2y8SGB4HYzm615b6mklyHnW9bL2ljk,249
@@ -533,9 +533,9 @@ tests/regscale/models/test_regscale_model.py,sha256=ZsrEZkC4EtdIsoQuayn1xv2gEGcV
 tests/regscale/models/test_report.py,sha256=IqUq7C__a1_q_mLaz0PE9Lq6fHggBsB14-AzEYNBxLw,4666
 tests/regscale/models/test_tenable_integrations.py,sha256=PNJC2Zu6lv1xj7y6e1yOsz5FktSU3PRKb5x3n5YG3w0,4072
 tests/regscale/models/test_user_model.py,sha256=e9olv28qBApgnvK6hFHOgXjUC-pkaV8aGDirEIWASL4,4427
-regscale_cli-6.21.2.0.dist-info/LICENSE,sha256=ytNhYQ9Rmhj_m-EX2pPq9Ld6tH5wrqqDYg-fCf46WDU,1076
-regscale_cli-6.21.2.0.dist-info/METADATA,sha256=MqoS0sl4OZ364E34R6tvMovjED3MWz63xJwSoipU1EQ,34955
-regscale_cli-6.21.2.0.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
-regscale_cli-6.21.2.0.dist-info/entry_points.txt,sha256=cLOaIP1eRv1yZ2u7BvpE3aB4x3kDrDwkpeisKOu33z8,269
-regscale_cli-6.21.2.0.dist-info/top_level.txt,sha256=Uv8VUCAdxRm70bgrD4YNEJUmDhBThad_1aaEFGwRByc,15
-regscale_cli-6.21.2.0.dist-info/RECORD,,
+regscale_cli-6.21.2.2.dist-info/LICENSE,sha256=ytNhYQ9Rmhj_m-EX2pPq9Ld6tH5wrqqDYg-fCf46WDU,1076
+regscale_cli-6.21.2.2.dist-info/METADATA,sha256=7yq5fry5SL1DvzcbSeD18IguQQoEOpA6s7lHM2nR2zA,34955
+regscale_cli-6.21.2.2.dist-info/WHEEL,sha256=oiQVh_5PnQM0E3gPdiz09WCNmwiHDMaGer_elqB3coM,92
+regscale_cli-6.21.2.2.dist-info/entry_points.txt,sha256=cLOaIP1eRv1yZ2u7BvpE3aB4x3kDrDwkpeisKOu33z8,269
+regscale_cli-6.21.2.2.dist-info/top_level.txt,sha256=Uv8VUCAdxRm70bgrD4YNEJUmDhBThad_1aaEFGwRByc,15
+regscale_cli-6.21.2.2.dist-info/RECORD,,