PyPI - regscale-cli - Versions diffs - 6.23.0.1__py3-none-any.whl → 6.24.0.0__py3-none-any.whl - Mend

regscale-cli 6.23.0.1py3-none-any.whl → 6.24.0.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (43) hide show

regscale/_version.py +1 -1
regscale/core/app/application.py +2 -0
regscale/integrations/commercial/__init__.py +1 -0
regscale/integrations/commercial/sarif/sarif_converter.py +1 -1
regscale/integrations/commercial/wizv2/click.py +109 -2
regscale/integrations/commercial/wizv2/compliance_report.py +1485 -0
regscale/integrations/commercial/wizv2/constants.py +72 -2
regscale/integrations/commercial/wizv2/data_fetcher.py +61 -0
regscale/integrations/commercial/wizv2/file_cleanup.py +104 -0
regscale/integrations/commercial/wizv2/issue.py +775 -27
regscale/integrations/commercial/wizv2/policy_compliance.py +599 -181
regscale/integrations/commercial/wizv2/reports.py +243 -0
regscale/integrations/commercial/wizv2/scanner.py +668 -245
regscale/integrations/compliance_integration.py +304 -51
regscale/integrations/due_date_handler.py +210 -0
regscale/integrations/public/cci_importer.py +444 -0
regscale/integrations/scanner_integration.py +718 -153
regscale/models/integration_models/CCI_List.xml +1 -0
regscale/models/integration_models/cisa_kev_data.json +18 -3
regscale/models/integration_models/synqly_models/capabilities.json +1 -1
regscale/models/regscale_models/form_field_value.py +1 -1
regscale/models/regscale_models/milestone.py +1 -0
regscale/models/regscale_models/regscale_model.py +225 -60
regscale/models/regscale_models/security_plan.py +3 -2
regscale/regscale.py +7 -0
{regscale_cli-6.23.0.1.dist-info → regscale_cli-6.24.0.0.dist-info}/METADATA +9 -9
{regscale_cli-6.23.0.1.dist-info → regscale_cli-6.24.0.0.dist-info}/RECORD +43 -26
tests/fixtures/test_fixture.py +13 -8
tests/regscale/integrations/public/__init__.py +0 -0
tests/regscale/integrations/public/test_alienvault.py +220 -0
tests/regscale/integrations/public/test_cci.py +458 -0
tests/regscale/integrations/public/test_cisa.py +1021 -0
tests/regscale/integrations/public/test_emass.py +518 -0
tests/regscale/integrations/public/test_fedramp.py +851 -0
tests/regscale/integrations/public/test_fedramp_cis_crm.py +3661 -0
tests/regscale/integrations/public/test_file_uploads.py +506 -0
tests/regscale/integrations/public/test_oscal.py +453 -0
tests/regscale/models/test_form_field_value_integration.py +304 -0
tests/regscale/models/test_module_integration.py +582 -0
{regscale_cli-6.23.0.1.dist-info → regscale_cli-6.24.0.0.dist-info}/LICENSE +0 -0
{regscale_cli-6.23.0.1.dist-info → regscale_cli-6.24.0.0.dist-info}/WHEEL +0 -0
{regscale_cli-6.23.0.1.dist-info → regscale_cli-6.24.0.0.dist-info}/entry_points.txt +0 -0
{regscale_cli-6.23.0.1.dist-info → regscale_cli-6.24.0.0.dist-info}/top_level.txt +0 -0

regscale/_version.py CHANGED Viewed

@@ -33,7 +33,7 @@ def get_version_from_pyproject() -> str:
                     return match.group(1)
     except Exception:
         pass
-    return "6.23.0.1"  # fallback version
+    return "6.24.0.0"  # fallback version
 __version__ = get_version_from_pyproject()

regscale/core/app/application.py CHANGED Viewed

@@ -214,6 +214,7 @@ class Application(metaclass=Singleton):
                     "low": 365,
                     "medium": 90,
                     "status": "Open",
+                    "minimumSeverity": "low",
                 },
                 "xray": {
                     "critical": 30,
@@ -264,6 +265,7 @@ class Application(metaclass=Singleton):
             "token": DEFAULT_POPULATED,
             "userId": "enter RegScale user id here",
             "useMilestones": False,
+            "preventAutoClose": True,
             "otx": "enter AlienVault API key here",
             "wizAccessToken": DEFAULT_POPULATED,
             "wizAuthUrl": "https://auth.wiz.io/oauth/token",

regscale/integrations/commercial/__init__.py CHANGED Viewed

@@ -491,6 +491,7 @@ show_mapping(veracode, "veracode")
         "vulnerabilities": "regscale.integrations.commercial.wizv2.click.vulnerabilities",
         "add_report_evidence": "regscale.integrations.commercial.wizv2.click.add_report_evidence",
         "sync_compliance": "regscale.integrations.commercial.wizv2.click.sync_compliance",
+        "compliance_report": "regscale.integrations.commercial.wizv2.click.compliance_report",
     },
     name="wiz",
 )

regscale/integrations/commercial/sarif/sarif_converter.py CHANGED Viewed

@@ -44,7 +44,7 @@ def sarif():
     type=click.DateTime(formats=["%Y-%m-%d"]),
     help="The scan date of the file.",
     required=False,
-    default=get_current_datetime(),
+    default=get_current_datetime("%Y-%m-%d"),
 )
 def import_sarif(file_path: Path, asset_id: int, scan_date: Optional[datetime.datetime] = None) -> None:
     """Convert a SARIF file(s) to OCSF format using an API converter."""

regscale/integrations/commercial/wizv2/click.py CHANGED Viewed

@@ -154,7 +154,7 @@ def issues(
     scanner = WizIssue(plan_id=regscale_ssp_id)
     scanner.sync_findings(
         plan_id=regscale_ssp_id,
-        filter_by_override=filter_by_override,  # type: ignore
+        filter_by_override=filter_by,  # Pass the processed dict with project ID
         client_id=client_id,  # type: ignore
         client_secret=client_secret,  # type: ignore
         wiz_project_id=wiz_project_id,
@@ -328,7 +328,11 @@ def add_report_evidence(
     )
-@wiz.command("sync_compliance")
+@wiz.command(
+    "sync_compliance",
+    deprecated=True,
+    help="[BETA] This command shows an experimental feature. Use with caution. Use compliance report instead for Compliance sync from Wiz.",
+)
 @click.option(  # type: ignore
     "--wiz_project_id",
     "-p",
@@ -476,3 +480,106 @@ def sync_compliance(
         create_issues=create_issues,
         update_control_status=update_control_status,
     )
+@wiz.command(name="compliance_report")
+@click.option(
+    "--wiz_project_id",
+    "-p",
+    prompt="Enter the Wiz project ID",
+    help="Enter the Wiz Project ID for compliance report processing.",
+    required=True,
+)
+@regscale_id(help="RegScale will create and update control assessments as children of this record.")
+@regscale_module(required=True, default="securityplans", prompt=False)
+@click.option(
+    "--client_id",
+    "-i",
+    help="Wiz Client ID, or can be set as environment variable wizClientId",
+    default="",
+    hide_input=False,
+    required=False,
+)
+@click.option(
+    "--client_secret",
+    "-s",
+    help="Wiz Client Secret, or can be set as environment variable wizClientSecret",
+    default="",
+    hide_input=True,
+    required=False,
+)
+@click.option(
+    "--report_file_path",
+    "-f",
+    help="Path to existing CSV compliance report file (optional - will create new report if not provided)",
+    default=None,
+    required=False,
+)
+@click.option(
+    "--create-issues/--no-create-issues",
+    "-ci/-ni",
+    default=True,
+    help="Create issues for failed compliance assessments (default: enabled)",
+)
+@click.option(
+    "--update-control-status/--no-update-control-status",
+    "-ucs/-nucs",
+    default=True,
+    help="Update control implementation status based on assessment results (default: enabled)",
+)
+@click.option(
+    "--create-poams/--no-create-poams",
+    "-cp/-ncp",
+    default=False,
+    help="Mark created issues as POAMs (default: disabled)",
+)
+def compliance_report(
+    wiz_project_id,
+    regscale_id,
+    regscale_module,
+    client_id,
+    client_secret,
+    report_file_path,
+    create_issues,
+    update_control_status,
+    create_poams,
+):
+    """
+    Process Wiz compliance reports and create assessments in RegScale.
+    This command can either:
+    1. Create a new compliance report from Wiz and process it
+    2. Process an existing compliance report CSV file
+    The command will:
+    - Parse compliance assessment data from CSV format
+    - Create control assessments based on compliance results
+    - Create issues for failed compliance assessments (if --create-issues enabled)
+    - Update control implementation status (if --update-control-status enabled)
+    - Support POAM creation for compliance issues
+    """
+    from regscale.integrations.commercial.wizv2.compliance_report import WizComplianceReportProcessor
+    # Use environment variables if not provided
+    if not client_secret:
+        client_secret = WizVariables.wizClientSecret
+    if not client_id:
+        client_id = WizVariables.wizClientId
+    # Create and run the compliance report processor
+    # Enable bypass_control_filtering by default for performance with large control sets
+    processor = WizComplianceReportProcessor(
+        plan_id=regscale_id,
+        wiz_project_id=wiz_project_id,
+        client_id=client_id,
+        client_secret=client_secret,
+        regscale_module=regscale_module,
+        create_poams=create_poams,
+        create_issues=create_issues,
+        update_control_status=update_control_status,
+        report_file_path=report_file_path,
+        bypass_control_filtering=True,  # Bypass filtering for performance with large control sets
+    )
+    # Process the compliance report using new ComplianceIntegration pattern
+    processor.process_compliance_sync()

regscale-cli 6.23.0.1__py3-none-any.whl → 6.24.0.0__py3-none-any.whl

Potentially problematic release.

regscale-cli 6.23.0.1py3-none-any.whl → 6.24.0.0py3-none-any.whl