Code42cli

Added

- `code42cli.extensions` module exposes `sdk_options` decorator and `script` group for writing custom extension scripts
using the Code42 CLI.

- `code42 devices list` options:
- `--include-legal-hold-membership` prints the legal hold matter name and ID for any active device on legal hold
- `--include-total-storage` prints the backup archive count and total storage

Changed

- Command options for `profile update`:
- `-n` `--name` is not required, and if omitted will use the default profile.
- `-s` `--server` and `-u` `--username` are not required and can be updated independently now.
- Example: `code42 profile update -s 1.2.3.4:1234`

Fixed

- Issue where `code42 alert-rules bulk add` would show as successful when adding users to a non-existent alert rule.

Added

- New choice `TLS-TCP` for `--protocol` option used by `send-to` commands:
- `code42 security-data send-to`
- `code42 alerts send-to`
- `code42 audit-logs send-to`
for more securely transporting data. Included are new flags:
- `--certs`
- `--ignore-cert-validation`

Changed

- The error text in cases command when:
- `cases create` sets a name that already exists in the system.
- `cases create` sets a description that has more than 250 characters.
- `cases update` sets a description that has more than 250 characters.
- `cases file-events add` is performed on an already closed case.
- `cases file-events add` sets an event id that is already added to the case.
- `cases file-events remove` is performed on an already closed case.

Added

- The `devices` command is added. Included are:
- `devices deactivate` to deactivate a single device.
- `devices reactivate` to reactivate a single device.
- `devices show` to retrieve detailed information about a device.
- `devices list` to retrieve info about many devices, including device settings.
- `devices list-backup-sets` to retrieve detailed info about device backup sets.
- `devices bulk deactivate` to deactivate a list of devices.
- `devices bulk reactivate` to reactivate a list of devices.
- `devices bulk generate-template` to create a blank CSV file for bulk commands.

- `code42 departing-employee list` command.

- `code42 high-risk-employee list` command.

- `code42 cases` commands:
- `create` to create a new case.
- `update` to update case details.
- `export` to download a case summary as a PDF file.
- `list` to view all cases.
- `show` to view the details of a particular case.

- `code42 cases file-events` commands:
- `add` to add an event to a case.
- `remove` to remove an event from a case.
- `list` to view all events associated with a case.

Changed

- The error text when removing an employee from a detection list now references the employee
by ID rather than the username.

- Improved help text for date option arguments.

Fixed

- Issue where `code42 profile delete` was allowed without giving a `profile_name` even
though deleting the default profile is not allowed.

Added

- `code42 audit-logs` commands:
- `search` to search for audit-logs.
- `send-to` to send audit-logs to server.

Changed

- `profile_name` argument is now required for `code42 profile delete`, as it was meant to be.

- The `--advanced-query` option on `alerts search` and `security-data (search|send-to)` commands has been updated:
- It can now accept the query as a JSON string or as the path to a file containing the JSON query.
- It can be used with the `--use-checkpoint/-c` option.

- Now, when adding a cloud alias to a detection list user, such as during `departing-employee add`, it will remove the existing cloud alias if one exists.
- Before, it would error and the cloud alias would not get added.

Fixed

- Bug where `code42 legal-hold show` would error when terminal was too small.

- Fixed bug in `departing_employee bulk add` command that allowed invalid dates to be passed without validation.

Changed

- The follow commands now print a nicer error message when trying to remove a user who is not on the list:
- `code42 departing-employee remove`
- `code42 high-risk-employee remove`
- `code42 alert-rules remove-user`

- `-i` (`--incremental`) has been removed, use `-c` (`--use-checkpoint`) with a string name for the checkpoint instead.

- The code42cli has been migrated to the [click](https://click.palletsprojects.com) framework. This brings:
- BREAKING CHANGE: Commands that accept multiple values for the same option now must have the option flag provided before each value:
use `--option value1 --option value2` instead of `--option value1 value2` (which was previously possible).
- Cosmetic changes to error messages, progress bars, and help message formatting.

- The `print` command on the `security-data` and `alerts` command groups has been replaced with the `search` command.
This was a name change only, all other functionality remains the same.

- A profile created with the `--disable-ssl-errors` flag will now correctly not verify SSL certs when making requests. A warning message is printed
each time the CLI is run with a profile configured this way, as it is not recommended.

- The `path` positional argument for bulk `generate-template` commands is now an option (`--p/-p`).

- Below `search` subcommands accept argument `--format/-f` to display result in formats `csv`, `table`, `json`, `raw-json`:
- Default output format is changed to `table` format from `raw-json`, returns a paginated response.
All properties would be displayed by default except when using `-f table`.
Pass `--include-all` when using `table` to view all non-nested top-level properties.
- `code42 alerts search`
- `code42 security-data search`
- `code42 security-data saved-search list`
- `code42 legal-hold list`
- `code42 alert-rules list`

Added

- `--or-query` option added to `security-data search` and `alerts search` commands which combines the provided filter arguments into an 'OR' query instead of the default 'AND' query.

- `--password` option added to `profile create` and `profile update` commands, enabling creating profiles while bypassing the interactive password prompt.

- Profiles can now save multiple alert and file event checkpoints. The name of the checkpoint to be used for a given query should be passed to `-c` (`--use-checkpoint`).

- `-y/--assume-yes` option added to `profile delete` and `profile delete-all` commands to not require interactive prompt.

- Below subcommands accept argument `--format/-f` to display result in formats `csv`, `table`, `json`, `formatted-json`:
- `code42 alert-rules list`
- `code42 legal-hold list`
- `code42 legal-hold show`
- `code42 security-data saved-search list`

Removed

- The `write-to` command for `security-data` and `alerts` command groups.