CHANGELOG.md

CHANGELOG

v3.0.0 (2024-02-12)

Chore

• chore: verify and update examples script to ensure they work (#146)

Signed-off-by: Timothy MacDonald <[email protected]> (f1fb12f)

• chore: update tests to include all current python versions (#135)

Signed-off-by: Timothy MacDonald <[email protected]> (9c2e858)

• chore: fix indent in workflow yaml (#134)

Signed-off-by: Timothy MacDonald <[email protected]> (965bd62)

• chore: add slack notification for test failure (#133)

Signed-off-by: Timothy MacDonald <[email protected]> (89443ec)

Ci

• ci(release): add git tag signing

Signed-off-by: Timothy MacDonald <[email protected]> (481a4b9)

• ci(release): fix commit author

Signed-off-by: Timothy MacDonald <[email protected]> (d2d938d)

• ci(release): update committer user name

Signed-off-by: Timothy MacDonald <[email protected]> (3846da5)

• ci(release): correct secret access syntax

Signed-off-by: Timothy MacDonald <[email protected]> (3a6fc0f)

• ci(release): add gpg signing key

Signed-off-by: Timothy MacDonald <[email protected]> (127a1f3)

• ci(release): activate the publish github action

Signed-off-by: Timothy MacDonald <[email protected]> (2272e5b)

• ci(release): run semantic release inside of poetry shell

Signed-off-by: Timothy MacDonald <[email protected]> (76919e7)

• ci(release): add ability to run release from release branch

Signed-off-by: Timothy MacDonald <[email protected]> (2aae9fa)

• ci(release): update github release action (#156)

• ci(release): updates to gh release action

Signed-off-by: Timothy MacDonald <[email protected]>

• ci(release): update git username

Signed-off-by: Timothy MacDonald <[email protected]>

• ci(release): add correct username and email for release

Signed-off-by: Timothy MacDonald <[email protected]>

• ci(release) fix commit user

Signed-off-by: Timothy MacDonald <[email protected]>

• ci(release): remove incorrect flag from semantic-release in GH action

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (da1f4d8)

• ci(release): add poetry to release action (#155)

poetry needs to be installed for semantic release action to run

Signed-off-by: Timothy MacDonald <[email protected]> (626af97)

• ci: add github action for semantic release (#154)

• ci (release): add semantic release configuration

Preparing to switch over to semantic release

Signed-off-by: Timothy MacDonald <[email protected]>

• ci: github action added for semantic release

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (8968228)

Documentation

• docs: fix CRUD search method docstring (#145)

It indicates a generator as a return type when it is actually a dict

Signed-off-by: Timothy MacDonald <[email protected]> (4894932)

• docs: Add handcrafted documentation (#141)

• docs: Add handcrafted documentation

To augment the autogenerated API docs

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: minor doc updates

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: minor docs changes

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (dea0162)

• docs: Update and lint all docstrings (#140)

• docs: Update docstrings to autogenerate lovely docs

Incremental work to reformat, rewrite, and correct docstrings for consumption by Sphinx autodoc

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: updated more docstrings

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: All docstrings updated to google format and verified

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: docstrings now pass linting without errors

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: Remove a few errant comments

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (cc50f0f)

• docs: change from pdoc to sphinx (#136)

• docs: change from pdoc to sphinx

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: update poetry lock file

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: update poetry files

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: removed autogen content

Added readme pointing to github pages instead.

Signed-off-by: Timothy MacDonald <[email protected]>

• docs: fix minor issues

Update copywrite and tweak docks-build command

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (da7b2e9)

Feature

• feat: Add support for data export rules endpoint (#132)

• feat: add missing API endpoint

Signed-off-by: Timothy MacDonald <[email protected]>

• feat: Add support for data export rules endpoint

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (19a8ba8)

Fix

• fix: SDK version in user agent string (#152)

Signed-off-by: Timothy MacDonald <[email protected]> (438ea14)

• fix(GROW-2675): replace old V1 APIs (#147)

• fix(GROW-2675): replace old V1 APIs

• more updates

• the rest (172bf9c)

• fix: Search class passes kwargs to pagination GET (#144)

kwargs are not passed to initial POST but are passed to subsequent pagination GET calls, causing crashes. Remove kwargs since they were never implemented in a working state for the search method.

Signed-off-by: Timothy MacDonald <[email protected]> (2cdc37a)

Refactor

• refactor: Make base classmethods private (#142)

• refactor: Make base classmethods private

These should have been private. This change fixes this which is required for the auto api doc generator to keep these methods out of the API docs.

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: bump major version due to breaking change

Marking these as private requires a major version change

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (1fdf77e)

• refactor(tests): use poe the poet for testing (#130)

Signed-off-by: Timothy MacDonald <[email protected]> (3aff0db)

Test

• test: fix resourceGroup test for RGv2 (#150)

• test: fix resourceGroup test for RGv2

Resource groups V2 changes the return schema for some objects. This adds logic to work around that for now as V2 appears to be a work in progress.

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: remove unused import

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (5a23119)

• test: testing alert close requires open alerts (#151)

• test: fix testAlerts failures

get_by_guid failing due to most alert guids not supporting timeline scope

Signed-off-by: Timothy MacDonald <[email protected]>

• test: testing alert close requires open alerts

Add logic to make sure an open alert exists

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (d27b972)

• test: fix testAlerts failures (#149)

get_by_guid failing due to most alert guids not supporting timeline scope

Signed-off-by: Timothy MacDonald <[email protected]> (45ac119)

• test: review, fix, and rename "flakey" tests (#148)

• test: Fix tests marked "flakey" and remove from flakey group

Signed-off-by: Timothy MacDonald <[email protected]>

• test: rename "flakey" test group to "quarantine" test group

"Flakey" is not the correct spelling of the word and it conflicts with the pytest "flaky" tag which is a different thing. The intent here is to avoid confusion.

Signed-off-by: Timothy MacDonald <[email protected]>

• test: fix policy exception test

Valid fieldKey values changed

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (170066a)

• test: fix race condition with delete tests (#139)

• test: disable slack alerting until testing fixed

Tests are randomly failing across all of the modules. Disabled alerting for now.

Also sorted some tests by refactoring the order in which they run.

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: update poetry lock file

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (f7a38e0)

• test: add docstring linting and move to separate action (#138)

• test: add linting for docstrings

using ruff

Signed-off-by: Timothy MacDonald <[email protected]>

• test: update lint test to run on push to all branches

Signed-off-by: Timothy MacDonald <[email protected]>

• test: create separate lint action to run on all push

Signed-off-by: Timothy MacDonald <[email protected]>

• chore: fix name of new GH action

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (379d66a)

• test: fix slack alerting and mark some tests as flakey (#137)

• test: mark resource group test flakey

Temporarily mark the get_by_guid test as flakey due to changes in the API

Signed-off-by: Timothy MacDonald <[email protected]>

• test: update test action to properly link to test results

Signed-off-by: Timothy MacDonald <[email protected]>

• test: make alert channel get_by_guid test flaky

This test is failing randomly with a 404 error. Marking flaky for now until the issue can be resolved.

Signed-off-by: Timothy MacDonald <[email protected]>

• test: mark some alert channel tests as flaky pending investigation

These randomly fail with a 404 error. More investigation needed.

Signed-off-by: Timothy MacDonald <[email protected]>

• test: mark alert channel test flakey

Randomly produces 404 errors. Needs investigation

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (12edf70)

• test: fix search test for AlertRules and UserGroups (#131)

• test: fix failing integration tests

Search failing for alert_rules and resource_groups

Signed-off-by: Timothy MacDonald <[email protected]>

• test: fix search test for AlertRules and UserGroups

Signed-off-by: Timothy MacDonald <[email protected]>

---

Signed-off-by: Timothy MacDonald <[email protected]> (b2dcf56)

Unknown

• Update .github/workflows/python-release.yml

Co-authored-by: Salim Afiune <[email protected]> (c484398)

• ci (release): add semantic release configuration (#153)

Preparing to switch over to semantic release

Signed-off-by: Timothy MacDonald <[email protected]> (b15ebbe)

• tests: put lockfile checks in place to detect tampering (#143)

Add poetry lockfile checks for git pre-commit and workflows

Signed-off-by: Timothy MacDonald <[email protected]> (cdf8998)

v2.1.0 (2023-08-02)

Fix

• fix: Python3.7 EoL and relaxed dependency versions (#127) (8d790de)

v2.0.0 (2023-06-29)

Breaking

• chore!: remove deprecated v1 API (#120) (9c76778)

Build

• build: using Poetry instead of Pip (#116) (8842bb6)

Chore

• chore: bump pyproject version (#123) (b59f4af)

• chore: publish workflow Poetry (#122) (e303cb1)

• chore: docs workflow with Poetry (#121) (d45fbcf)

v1.10.0 (2023-02-28)

Feature

• feat: add support for TeamUsers and UserGroups APIs (#114)

Enable managing users with the new, experimental, TeamUsers and UserGroups API (5433584)

v1.9.0 (2023-02-24)

Ci

• ci: marking v1 endpoints and TeamMembers as flaky (#108) (10344f8)

Feature

• feat: added scan and status methods to Inventory (#111)

• fix: modified create policy wrapper to use type bool instead of int for 'enabled' field

• feat: added scan and status methods to Inventory

• minor linting and pytest changes for inventory (9b0022c)

Unknown

• tests: updated policy exception tests for new constraints (#112) (d75f923)

• minor updates to example notebook to reflect API changes. (#109) (1282efe)

• updated README.md (#107)

fixed example JSON for searching container and host vulns.

Parameter is "timeFilter", not "timeFilters" (9b15e23)

v1.8.2 (2023-02-01)

Documentation

• docs: example for fetching active fixable container vulns (#103) (737be85)

Feature

• feat: added bulk_update method to Policies (#104) (ab95e9e)

Fix

• fix: pagination updates for the alerts endpoint (#106)

• Updated alerts.get to get paginated results

• Proposed changes for the list alerts function.

• Removed default limit and added paging data

---

Co-authored-by: Timothy MacDonald <[email protected]> (5da3f25)

v1.8.1 (2023-01-09)

Fix

• fix: moved DEFAULT_BASE_DOMAIN to object instantiation (#101) (4e3e58d)

v1.8.0 (2022-12-29)

Feature

• feat: added endpoints for AzureSubscriptions and GcpProjects (#99)

• feat: added endpoints for AzureSubscriptions and GcpProjects

• fix: linting for EOF (aa5edbd)

Fix

• fix: only load subaccount from config file when needed (#98)

• This PR aims to prevent loading a subaccount parameter from config files if an account was provided either directly or through an env var. (50ff463)

• fix: moving account validation to SDK object instantiation (#97) (3b4ef89)

Refactor

• refactor: moved examples to APIv2 (#95) (ca1ce15)

Unknown

• tests: updated inventory tests with new params (#96) (e387844)

• (fix) a bug where subaccounts got set on the jupyter object. (#94) (7802df3)

v1.7.0 (2022-11-01)

Chore

• chore: log deprecation warning for APIv1 usage (#91) (0afcd4b)

Documentation

• docs: Example for syscall policy (#90)

• syscall policy example

will link to this in syscall LQL/LPP documentation

• fixed alert profiles

• Update example_syscall_query_policy.py

Co-authored-by: Alan Nix <[email protected]>

• Update example_syscall_query_policy.py

Co-authored-by: Alan Nix <[email protected]>

Co-authored-by: Alan Nix <[email protected]> (90ec27c)

Unknown

• Adding easier way to get to subaccounts and set subaccounts. (#92) (89dbc7c)

• (fix) a bug in TS API client prevents the notebook from loading. (#89) (79d4f6b)

• fixed jupyter API calls that are subclasses of APIs (#87) (9325984)

v1.6.1 (2022-08-30)

Fix

• fix: allow exclusions to lower camel case conversion (#86) (358c80a)

v1.6.0 (2022-08-26)

Documentation

• docs: adding pdoc document generation (#84) (91095c3)

Feature

• feat: implemented new Policy Exceptions API endpoint (#85)

• feat: implemented new Policy Exceptions API endpoint

• docs: updated docs for new endpoint (ec2193c)

v1.5.0 (2022-08-23)

Chore

• chore: linting corrections for the EventsAPIv2 (#83) (063968a)

• chore: updating dependencies and improving tests (#80)

• chore: updated dev requirements to flake8 5.x

• chore: updated setup.py to include Python 3.10

• test: marking Alerts tests as flaky until GA (d2a4cb2)

Feature

• feat: implemented new Report Definitions API endpoint (#82) (4919251)

• feat: implemented new Reports API endpoint (#79) (a78a6cf)

v1.4.0 (2022-08-10)

Chore

• chore: update references from master to main (#75) (593bb12)

Ci

• ci: deprecating Python 3.6 in CI pipelines (#71)

• Update python-test.yml

• Update python-test-flaky.yml (d249352)

Feature

• feat: Implemented new Alerts API endpoints (#74) (fb3b68e)

Fix

• fix: sanitize the provided account name (#73) (4aef5c8)

Unknown

• eventsv2 api support (#78) (608d898)

• Fix to the Alerts API in Jupyter (#77) (a279172)

• tests: improved test reliability and extensibility (#76) (f8e9a60)

• Update requirements.txt (#68)

urllib3 1.25.8 was throwing an error and found 1.26+ is required. (1232bf7)

v1.3.0 (2022-05-23)

Unknown

• Adding AgentInfo and Inventory endpoints (#70)

• added AgentInfo, Inventory search endpoints

• tweaked doc

• tests: adding tests for AgentInfo and Inventory

• Update laceworksdk/api/init.py

Co-authored-by: Alan Nix <[email protected]>

Co-authored-by: Alan Nix <[email protected]> Co-authored-by: Alan Nix <[email protected]> (2f4f189)

• tests: fixed ResourceGroup tests (#67)

• tests: fixed ResourceGroup tests

• docs: docstring fixes for TeamMembersAPI (8ef599c)

v1.2.0 (2022-04-05)

Ci

• ci: marking alert channel tests as flaky due to throttling (#62) (ce31a65)

• ci: disabling fail-fast to complete tests on each version of Python (#58) (dc72d63)

Fix

• fix: updates to testing related to v4.60 changes (#61)

• fix: removed references to evaluatorId in tests and enhanced reliability

• fix: improved compatibility of test randomization

• fix: excluding testing of connections API (de3103f)

Unknown

• Adding support for Vulnerability Policies API endpoint (#66)

• feat: adding vulnerability policies support

• fix: simple UI fix in debug messaging

• tests: marking entire Alerts class as flaky until release

• tests: adding simple tests for Evidence endpoint (05c0b7e)

• Added Evidence API as well as some improvements to the Jupyter project. (#65)

• Added Evidence API as well as some improvements to the Jupyter project. (27fec08)

• tests: improved test reliability following dataplane API release (#63) (42ea236)

• Add export to csv examples for host and container vulnerabilities (#60)

• Add export csv examples

• Add export csv examples

• Update examples/example_container_vulnerabilities_csv.py

Completely agreed here and makes total sense.

Co-authored-by: Alan Nix <[email protected]>

• Consolidate examples

• Update image_info reference

• Update examples/example_export.py

Co-authored-by: Alan Nix <[email protected]>

• Update examples/example_export.py

Co-authored-by: Alan Nix <[email protected]>

• Update examples/example_export.py

Co-authored-by: Alan Nix <[email protected]>

Co-authored-by: Alan Nix <[email protected]> (debf77a)

• Minor change to the example colab notebook. (6d64b58)

• Fixed a minor bug in the helper feature. (e5e5ad7)

• Made changes to the Mitre ATT&CK Integration (#59)

Changed the way Mitre ATT&CK is integrated into Lacebook. (8a9293d)

v1.1.0 (2022-02-07)

Documentation

• docs: add Lacework logo to README.md (#55) (fd44171)

Feature

• feat: added support for Vulnerability Exceptions (#56)

• feat: added support for Vulnerability Exceptions

• fix: resolved boolean casting issue for None values on updates

• chore: code cleanup for error handling (64cde3e)

Unknown

• Removed taxi dependency from setup file

This is not needed, and caused issues with docker hub building of the image (62f310f)

• Changed jupyter README (cb6671f)

• Added a simple Mitre Att&ck class as well as a helper for Alerts API. (#57) (f541450)

v1.0.0 (2022-01-31)

Unknown

• Added a helper to extract data from JSON structs inside data frames (#54) (666049d)

• Added new APIv2 endpoints that allow advanced searches and included pagination functionality (#47)

• refactor: updated HttpSession class to be much more flexible

• feat: allow org-level access and sub-account to be modified dynamically

• refactor: created three base class types that endpoints should inherit

• refactor: reorganized existing code and refactored to use new base classes

• feat: implemented all new APIv2 endpoints including pagination support

• chore: included flake8-quotes in dev dependencies

• docs: small update to README.md for latest API endpoints

• refactor: corrected docs and simplified build_dict_from_items method

• fix: sanitizing access to 'query_data'

• fix: narrowing down exception handling for pagination iteration

• refactor: moved resource attribute to base of SeachEndpoint

• refactor: removed unnecessary override method

• docs: added docstrings for 'query_data' where needed

• docs: added docstrings for methods which are passed

• refactor: changed LaceworkException name to match conventions

• tests: massively de-duped code for new search API tests

• chore: importing Retry directly from urllib

Ref: https://github.com/psf/requests/blob/v2.22.0/requests/packages.py

• fix: passthrough Lacework response when maximum retries reached

• fix: supply json to the query execute function

• docs: improved function documentation for the BaseEndpoint class

• chore: removed references to query_data in favor of json

• chore: removed redundant search() method overrides

• fix: improved consistency of variable naming in AgentAccessTokensAPI

• chore: improved error message for JSONDecodeError

• docs: added additional class docstrings

• fix: fixed bugs and consistency issues found in testing

• refactor: simplified and modernized all APIv2 tests

• tests: fixed dependency issue with tests

• fix: modified error logging for 'nextPage' parsing

• refactor: changed LaceworksdkException to LaceworkSDKException (ee3f6f8)

• Added JOIN support to the query builder. (#53)

This PR adds in JOIN support for certain LQL queries inside the query builder. (6f0b47e)

• Fixed a minor issue with the query builder as well as added some dependencies. (#52) (f2ec0c8)

• Added an IP accessor with a reverse DNS function. (#51) (4664104)

• Made minor cosmetic changes to the query builder. (#50) (0afd43a)

• Added a query builder as a separate feature (#49) (c9b7328)

• Added custom query building as well as few more defined functions. (#48)

• Added custom query building as well as few more defined functions.

• minor changes (5cb0c68)

v0.11.0 (2021-12-23)

Chore

• chore: description-file is deprecated, moved to new description_file (4bb4664)

• chore: temporary ignores for RAIN-22931 (d5f74c2)

Fix

• fix: Improved consistency of datasources class (#36) (084337a)

Test

• test: added re-runs to vuln by machine ID test (41af43f)

Unknown

• Adding automated release notes drafting (#46)

• ci: Adding automated release notes drafting

• ci: run on master or main branch

• ci: run flaky tests once a week (3c5b0a8)

• Fixed a minor issue with the docker file. (50476b9)

• Added a decorator to quickly register a function as a feature. (#45)

• Added a decorator to quickly register a function as a feature.

• Moved feature additions to the lw object to a separate function.

• added marker to the pytest ini file.

• Added a bit more resilience into the decode accessor.

• Fixed error message for decoding base64. (8ad7f9b)

• Added custom dataframe accessors. (#44)

• Added an accessor file to define customer dataframe accessors.

• docstring change.

• Added a test

• Marked another test as flaky

• Added another test to the decode accessor (922d526)

• Fixed an issue with module vs state (#43) (4d9aed3)

• Added a simple feature exposing the running of stored LQL policies. (#41)

• Added a simple feature exposing the running of stored LQL policies.

• linter (292b11f)

• Minor README update (5cd5713)

• Added a cloud hunt feature to the lacebook container (#40)

• Integrated cloud hunter into lacebook.

• Updates to the code

• Minor updates to the code.

• Adding a state cache to the context

• Updating the requirements

• Minor updates to the code.

• Adding a default state for start and end time in UI

• Changing the widget layout, using Box instead of GridSpecLayout which caused issues.

• Remove an empty line.

• Made changes to how widgets are stored in the state to make it easier to manipulate UI elements

• Minor tweak to the report HTML

• Split tests into flaky and non-flaky

• Updated the readme file

• Fixed the GH test workflow (a912e1d)

• Made the evaluator ID optional for policies. (#39) (06a19a9)

• Updated the Jupyter README file. (0bebee1)

• Fixed an issue with fetching a new client. (#38)

• Fixed an issue with fetching a new client.

• Added a quick reference for the parse date offset into a feature

• Fixed an issue with list being changed.

• Removed an uneeded line (b97221c)

• Changed the Jupyter helper, adding ability to define helper functions (#37)

Made quite a few changes to the Jupyter notebook assistant:

• Adding a Lacework ctx (context) that is passed along if needed
• Adding a manager to better handle registration of new helper functions
• Moved the SDK wrapper to a separate client file
• The new main touching point of the notebook is an object that contains a context and can call functions or features
• Adding a new concept of features, which ties to the main notebook object that provides additional functionality
• Added two features, one for getting a new client and the other to run pre-defined LQL queries to gather more context
• Updated the notebook container to take advantage of these new features (353b68e)

• Merge pull request #35 from lacework/eval

Omitting evaluator ID if not set in LQL execute queries. (f17cd3f)

• Adding other uess of evaluator_id into optional variables. (0d9f98e)

• Quick fix for an empty evaluatorId (97ae02a)

• Merge pull request #34 from lacework/alannix-lw/test-improvements

Chores for tests and builds. (a625ba0)

• Merge pull request #33 from lacework/datasources

Added the new DataSources API into the SDK and made changes to the Jupyter wrapper (15f31db)

• Added one quick alert rule specific output. (80b52af)

• Updating the README (bd02b0b)

• Fixing a docstring. (00d554f)

• Adding the new data source API call into the SDK and made changes to the Jupyter wrapper. (342cf80)

• Added a unit test for Jupyter helper as well as minor fixes (#32) (5726399)

v0.10.0 (2021-09-12)

Chore

• chore: updated requirements files to use 'compatible release' clauses (40efd9b)

Ci

• ci: serialize testing for different python versions

Serializing testing for python versions due to "[400] Bad Request - Error: Cannot create policy ***-default-XXX because it already exists in database." errors when creating queries/policies. (e84590d)

Fix

• fix: pass LW_BASE_DOMAIN to tests (fd1034e)

Test

• test: implemented re-runs for LQL policy creation (02268cb)

• test: updated logic for TemplateFile schema in v4.21 (0ccd843)

• test: enabled/disable integration tests for QAN (979e37d)

• test: improving tests for LQL policies (1c322a6)

Unknown

• Merge pull request #31 from lacework/alannix-lw/test-improvements (d889211)

• Changed the Docker build context to jupyter/ (#30) (18efb6e)

• Merge pull request #29 from lacework/alannix-lw/serialize-ci

ci: serialize testing for different python versions (f2bf5e9)

• Minor change to the colab notebook example (83693e7)

• Added sample notebooks, badges to docker README and minor changes to helper. (#28)

• Adding sample notebooks, some badges to README and minor updates to code. (7c348e0)

• Added a docker config for lacebook (Jupyter notebook container) (#27)

Added the initial docker config for lacebook, a new Jupyter notebook that can be used to connect to Lacework through the API (23a3331)

• Merge pull request #26 from lacework/improved-lql-tests

test: improving tests for LQL policies (f22bd14)

• Added initial Jupyter notebook assistant. (#25)

Added initial version of a jupyter notebook assistant for the SDK (cab5471)

v0.9.23 (2021-08-24)

Documentation

• docs: adding Queries/Policies example (#23) (33f01c7)

Unknown

• Updates for Lacework v4.20 (#24)

• fix: removed policy_ui parameters for compatibility

• fix: cleanup for HTTP 204 response on search endpoints

• refactor: readability improvements for tests (3bb7f99)

v0.9.22 (2021-08-11)

Ci

• ci: changed test_recommendations_api_update_aws to be exempt from CI (#21) (1367e27)

Feature

• feat: implemented LQL Queries/Policies endpoints (#22)

• feat: implemented LQL Queries/Policies endpoints

• fix: added logic for HTTP 204 responses when printing debug

• fix: recommended changes from hazedav

• docs: updating README.md to reflect supported endpoints (8198add)

Unknown

• doc: Updated README.md with info on how to contribute (#20) (92f1b33)

v0.9.21 (2021-05-08)

Unknown

• Updates for Lacework v3.92 (#19)

• Updates for Lacework v3.92

  • Implemented Alert Channel 'Test' endpoint
  • Updated tests for Alert/Report Rules for new filter format

• test: Updated Suppression API tests to handle concurrent runs (1d85201)

v0.9.20 (2021-04-26)

Unknown

• Updates for Lacework v3.91 (#18)

• Updates for Lacework v3.91

• Added recommendations and suppressions v1 APIs

• Refactored test code directory structure (da16783)

v0.9.19 (2021-04-10)

Unknown

• Updates for Lacework v3.90 (#17)

• fix: 'CloudTrail' endpoint was renamed to 'CloudActivities'

• fix: 'REMOTE_SCANNER' registry type changed to 'INLINE_SCANNER'

• docs: Updated README.md for newer APIv2 endpoints

• feat: Implemented the 'account' endpoint (e28fa42)

v0.9.18 (2021-03-22)

Fix

• fix: Potentially uncaught exception in access token request (#16) (c3a9d1e)

• fix: Updated API endpoints for Lacework v3.82 (#15) (bb936e9)

• fix: Updated tests for Organizations with Sub-accounts (#13) (b87e58e)

v0.9.17 (2021-02-23)

Unknown

• Configureable Base Domain (#11)

• feat(client): configureable base domain

• fix: Fall back to default if 'None' provided for base_domain

Since 'None' is used as the default value of base_domain in init, if nothing was provided, and no env variable was set, 'None' was overriding the 'DEFAULT_BASE_DOMAIN' default in the HttpSession.

Co-authored-by: Alan Nix <[email protected]> (4ddd40f)

• Update codeql-analysis.yml (#10) (ce0a1bc)

• Documentation fixes (4bf9ef4)

• Added support for all APIv2 endpoints (#9)

• Preparation for APIv2 release

• Agent Access Tokens API Implemented
• Resource Groups API Implemented
• Alert Rules API Implemented, although backend bugs were identified
• Updated README.md
• Documentation updates

• Added support for Contract Info endpoint

• Added support for Contract Info endpoint
• Improved tests for Schemas endpoint

• Linting improvements

• Added support for Team Members endpoint

• Added support for Team Members endpoint
• Standardized formatting for methods

• Added support for Report Rules endpoint

• Eliminate duplicate Resource Group names during tests

• Utilize default alerts channels/resource groups for tests

• Optimized tests for simultaneous runs (2126549)

v0.9.16 (2021-01-22)

Unknown

• Fix for new return data format in 3.71 (#8) (b60b501)

• Updated links to the Lacework GitHub org (#7) (b403199)

v0.9.15 (2021-01-06)

Unknown

• Added automatic retries for specific HTTP response codes. (#6)

• Implemented automatic retries when receiving a 500, 502, or 504 response.
• Improved exception handling logic to handle edge cases (fef23e2)

v0.9.14 (2020-12-30)

Unknown

• Merge pull request #5 from alannix-lw/alannix-lw/apiv2

Initial implementation of APIv2 (d4d8c25)

• Improved HTTP header usage and enabled better logging in tests. (36f5b69)

• Updating GitHub Actions to run daily. (336cee3)

• Test improvements for Alert Channels/Integrations

• Individual test runs now create unique information to prevent conflicts if parallel tests are running. (57731ce)

• Clarified documentation for Agent Access Token API. (24d20f7)

• Refactoring/simplifying code and improving tests. (5ed679a)

• Timezone fix for older versions of Python. (991d799)

• Fixed error in comments (e145e05)

• Initial implementation of v2 APIs (f595f13)

v0.9.13 (2020-12-16)

Unknown

• Updating requirements.

• Bumping the 'requests' version.
• Including 'python-dotenv' in setup. (9008bf2)

v0.9.12 (2020-12-15)

Unknown

• Version determined by Git tags

• Setting the version of the code to be determined by the Git tag of the commit. (e380545)

• GitHub Actions Fixes

• Adjusted supported Python versions
• Added necessary Environment Variables for testing (35a6d88)

• GitHub Actions Changes

• Only publish to PyPi on a release.
• Run the flake8 and pytest tests on any push. (3c996c9)

v0.9.11 (2020-12-15)

Unknown

• Dropping TravisCI in favor of GitHub Actions (d269e55)

• Implementing PEP8 through Flake8

• Implementing PEP8 linting via Flake8
• Cleaned up code in accordance with PEP8 (f1fe67a)

• Simplified versioning to be single-source.

• Versioning now controlled by 'version.py' (ef188ef)

• Using primitives in python-publish. (3e6d460)

• Merge pull request #4 from alannix-lw/alannix-lw/lacework-org-prep

Prepping to move to Lacework organization. (9009a57)

• Update python-publish.yml (dbf6780)

• Fixes for GitHub Action YAML (a780ef6)

• Prepping for move to Lacework org.

• Simplified Travis CI to offload PyPi package creation to GitHub actions.
• Unified the Lacework variable terminology to match that of the Lacework CLI.
• Enabled the use of Environment Variable configuration to match the Lacework CLI. (680299f)

• Create codeql-analysis.yml (12f559f)

• Validate response codes when fetching an access token.

• Validate response codes when fetching an access token (fae50da)

• Removed spaces from User-Agent string.

• Removed spaces from User-Agent string (23831f4)

• Fixing CI build issues, and updating host vulns by machine ID test.

• Fixing CI build issues, and updating host vulns by machine ID test. (f9e5f36)

• Updated requirements to include 'setuptools'

• Updated requirements to include 'setuptools' (fdff76b)

• Adding User-Agent header to request to indicate the 'laceworksdk' version in use.

• Added User-Agent header to request to indicate the 'laceworksdk' version in use. (04460b2)

• Updated tests to grab latest machine CVE.

• Updated tests to grab latest machine CVE. (15b8dde)

• Container Evaluations was renamed to Container Assessments.

• The API endpoint and functions were renamed from Container Evaluations to Container Assessments. (db5746f)

• Updated README

• Removed To-Do List (5aa8b29)

• Only perform PyPI deploys on the master branch.

• Setting TravisCI to only perform PyPI deploys on the master branch. (6fa52b2)

• Fixed formatting for PEP-8 (d0d9869)

• Fixed a typo with the 'vulnerabilities' API endpoints.

• Fixed a typo with the 'vulnerabilities' API endpoints.
• Implemented automatic PyPi builds via TravisCI (ed35cae)

• Simplified the package scan method to better fit real use cases.

• Simplified the package scan method to allow a user to supply a "PackageScanRequest" object, or a single package. (309641f)

• Added package namespace and machine status filters for Vulnerability API (b229207)

• Code/Comment layout improvements. (21ff63e)

• Merge pull request #3 from alannix-lw/alannix/tests-implementation

Implemented tests and fixed issues found by those tests. (5baae2c)

• Exempting tests that can cause issues with API limits, and resource consumption. (338779c)

• Exempt running reports with TravisCI (1e92edd)

• Adding python-dotenv for pytest to work properly. (43ac2ab)

• Implemented tests and fixed issues found by those tests.

• Implemented tests for every API category, and most functions within them.
• Fixed a few issues with the Compliance and Vulnerability API implementations that were found by the tests. (b01794c)

• Adding Initial Travis CI integration. (c166e81)

• Implemented "get container evaluations by date"

• Implemented get container evaluations by date.
• Set example scripts to use UTC as best practice.
• Cleaned up imported modules in the example scripts. (d05f2af)

• All current classes implemented.

• All current classes and functions are implemented, so bumping to a more realistic version. (87ff064)

• Custom Compliance Config API

• Implemented Custom Compliance Config API (aaed75d)

• Implemented Custom Compliance Config API

• Implemented the Custom Compliance Config API (1e85aff)

• Implemented Integrations and cleaned up code.

• Implemented the Integrations API
• Updated documentation in the Token API class
• Improved exception messaging to pass through the Lacework message.
• Implemented PATCH in the HttpSession class
• Updated and fixed a typo in the README (32c147a)

• Code uniformity updates.

• Simplified method names in the "run_reports" class.
• Updated code formatting to match. (cd2ec1b)

• Merge pull request #2 from alannix-lw/awoj/runreports

Add support for RunReports API (6dc72f8)

• add dotenv back (68a2c57)

• update README (62e56ee)

• Add support for RunReports API (5027f1d)

• Improved logging and exception handling to happen at a lower level.

• Improved handling for ApiError exceptions.
• Handling logging in HttpSession now, so that it doesn't have to be dealt with in the API Class. (6b12c10)

• Merge pull request #1 from alannix-lw/awoj/add-pdf-compliance

add PDF output functionality for compliance library (3146061)

• add PDF output functionality for compliance library (146a06e)

• Implemented the Compliance and Download File APIs

• Implemented the Compliance API
• Implemented the Download File API
• Improved documentation formatting for EventsAPI and VulnerabilitiyAPI classes. (3207926)

• Updated README and provided examples. (744751b)

• Initial Commit. (9dcea56)