Skip to content

Latest commit

 

History

History
253 lines (152 loc) · 11.7 KB

CHANGES.md

File metadata and controls

253 lines (152 loc) · 11.7 KB
  • [CHANGED] Add compatibility with assertEquals() for Python 3.12+.
  • [CHANGED] Remove IBM findings notifier.
  • [FIXED] Enable universal newlines when executing local commands.
  • [ADDED] Documentation on how to use it with 1Password CLI.
  • [CHANGED] "--creds-path" does not default to "~/.credentials". (BREAKING)
  • [FIXED] Number of errors/warnings shown correctly for single checks.
  • [FIXED] Update pre-commit dependencies.
  • [CHANGED] Use python 3.8 in GitHub Actions as newer flake8 does not support less than that.
  • [CHANGED] Dot not update pre-commit hooks during "make develop".
  • [ADDED] Add basic pre-commit hooks.
  • [FIXED] Support for agent signing of binary content.
  • [FIXED] Demo fetcher/check for World Clock API replaced with GitHub API example.
  • [ADDED] Documentation about using @parameterized.
  • [CHANGED] Unify github demo code in one single place.
  • [FIXED] flake8 now scans demo code too.
  • [CHANGED] Removed yapf in favour of black as code formatter.
  • [ADDED] Locker shallow clone depth configuration.
  • [ADDED] Multiple remote lockers for fetching evidence.
  • [FIXED] Correctly acquire the locker lock when iterating repository commits.
  • [FIXED] Raise the EvidenceNotFoundError exception for missing evidence.
  • [FIXED] Set Python version to 3.7 in publish/deploy GH action to match other actions.
  • [ADDED] Agent mode for storing cryptographically signed evidence.
  • [ADDED] Configurable branch name for evidence repository.
  • [ADDED] Configurable force push to remote for evidence repository.
  • [ADDED] Fetcher helper for running local commands.
  • [FIXED] Attempt to import missing fetchers from the include JSON configuration.
  • [FIXED] Addressed PagerDuty notifier hanging and not firing pages.
  • [ADDED] Repository pull request metadata retrieval added to Github service utility.
  • [ADDED] Returned support for DerivedEvidence.
  • [ADDED] Returned support for TmpEvidence.
  • [FIXED] Evidence cache loading bug resolved.
  • [ADDED] Pre-commit hook for running bandit as part of CI/CD was added.
  • [CHANGED] Replaced the deprecated imp library with importlib.
  • [CHANGED] Replaced the deprecated ibm_security_advisor_findings_api_sdk library with ibm_cloud_security_advisor.
  • [FIXED] Added clarifying PagerDuty notifier documentation content.
  • [FIXED] Addressed bandit (minor) security issue findings.
  • [CHANGED] Now using pathlib exclusively for operating system filepath and file functionality.
  • [FIXED] README table of contents generation multi-blank line bug is resolved.
  • [ADDED] Locker get_large_files method added to return large files in the locker.
  • [ADDED] Logging of large files added to remote push operation.
  • [ADDED] Locker get_empty_evidences method added to return all empty evidence paths.
  • [ADDED] Evidence base class has override-able is_empty property.
  • [FIXED] The evidences context manager now raises an exception when no evidence is found.
  • [ADDED] The filtered_content attribute has been added to RawEvidence.
  • [ADDED] Locker clone duration logging has been added.
  • [FIXED] The binary_content attribute on raw evidence is retained as metadata now.
  • [FIXED] All partitioned evidence defined via constructor correctly retains attributes now.
  • [ADDED] Configurable shallow cloning of locker is now supported.
  • [ADDED] Referencing historical evidence from a previous locker is now supported.
  • [ADDED] The optional locker.prev_repo_url configuration element was added.
  • [ADDED] Evidence used by checks found in reports metadata includes the locker URL field now.
  • [ADDED] Links to evidence used by checks found in the table of contents point to the appropriate lockers.
  • [ADDED] Evidence used by checks found in check_results.json includes the locker URL field now.
  • [ADDED] Fetcher execution using --evidence full-remote mode pushes to remote locker now.
  • [FIXED] Reading raw evidence in checks is now supported.
  • [FIXED] Cleaned up Design Principles document formatting.
  • [FIXED] Virtual environment creation syntax corrected in Quick Start document.
  • [ADDED] Binary content fetcher and checks included in demo examples.
  • [CHANGED] GitHub Issues notifier can create issues for a subset of an accreditation's checks with a new configuration element.
  • [FIXED] Github service Github.get_issue_comments returns all issue comments now.
  • [ADDED] Storing raw evidence as binary content is now possible.
  • [CHANGED] Improved selective fetcher bulk execution performance.
  • [ADDED] Selective fetcher bulk --include and --exclude execution is now possible.
  • [FIXED] LazyLoader namedtuple defaults removed; Framework compatible with Python 3.6 again.
  • [FIXED] Subclassed evidence support works with cached evidence now.
  • [ADDED] Check evidence decorators and context manager now support subclassed evidence.
  • [ADDED] Evidence objects now have a content_as_json property.
  • [ADDED] Direct calls to the GH API can be made using the Github service now.
  • [ADDED] Demo set of fetchers and checks added.
  • [ADDED] "Try It" section added to the README.
  • [CHANGED] Quick Start guide updated to include references to demo fetchers and checks implementation.
  • [ADDED] Fetcher and check execution times are now included in execution logging.
  • [FIXED] Table of contents now handled appropriately for locker without a README.
  • [FIXED] Table of contents now handles old/abandoned report evidence metadata appropriately.
  • [ADDED] Check reports table of contents now appended to an evidence locker's README.
  • [ADDED] ComplianceCheck.get_historical_evidence supports historical evidence retrieval.
  • [ADDED] Remote locker push failure notifications were added.
  • [ADDED] Logging for git locker operations was added.
  • [ADDED] Notifier logging was added.
  • [CHANGED] The file descriptor (stdout) notifier always notifies now.
  • [CHANGED] PagerDuty notifier can send alerts for a subset of the accreditation checks based on the config.
  • [ADDED] A warning for possible sensitive information contained within notifications was added.
  • [CHANGED] Simplified controls.json format. Original format is also supported.
  • [ADDED] Documentation for controls.json and check execution was added.
  • [ADDED] ControlDescriptor unit tests were added.
  • [FIXED] ComplianceFetcher session object is auto-closed now in tearDownClass.
  • [CHANGED] Removed PyYAML dependency to resolve downstream dependency issues.
  • [CHANGED] Removed Github.get_issue_template helper method.
  • [FIXED] ComplianceFetcher.session can now be reset.
  • [FIXED] Credentials section bug affecting the Slack notifier is squashed.
  • [CHANGED] Fetchers and checks that failed to load appear as errors in STDERR now.
  • [CHANGED] Github service get_commit_details now take path as an optional argument.
  • [FIXED] Github service branch protection method now returns "required_signatures" content.
  • [FIXED] Notifier msg_ methods are now accurately found based on check test_ method names.
  • [ADDED] Branch option to retrieving commit details from the Github service was added.
  • [ADDED] Repository details retrieval was added to Github service class.
  • [ADDED] Recent commit details retrieval was added to Github service class.
  • [ADDED] Repository branch protection details retrieval was added to Github service class.
  • [FIXED] Added PyYAML library as a dependency to resolve Github service issue.
  • [FIXED] Added external evidence as a valid evidence type to evidence map.
  • [ADDED] Made the Auditree Framework public.