Crowdstrike-falconpy

Added features and functionality
+ Added: Parameter abstraction for the Uber Class.
* Provides: Query string parameter payload abstraction for calls made using the Uber class.
- `api_complete.py`
- `_util.py`
+ Added: PEP-8 friendly `app_id` keyword for the `appId` parameter used by methods within the EventStreams Service Class.
- `event_streams.py`

Issues resolved
+ Fixed: Aggregate payload datatype mismatches in Recon Service Class methods.
- `recon.py`
+ Fixed: Missing payload parameter in recon rule payload handler.
- `_payload/_recon.py`
+ Fixed: Invalid query string parameter referenced in body payload handler for `query_sample` method within FalconXSandbox Service Class. Also resolved matching invalid docstring reference. Closes 409.
- `falconx_sandbox.py`
+ Fixed: Minor formatting issues within docstrings in all package files.

Other
+ Added: Docstring syntax validation workflow leveraging pydocstyle.
+ Removed: Deprecated `calc_url_from_args` method
- `_util.py`
+ Removed: Deprecated `parse_id_list` method
- `_util.py`


---

Added features and functionality
+ Updated: Service Class Refactoring (Rev 4)
* Provides: Body Payload Abstraction - Abstracted BODY payload parameters for all methods using PATCH, POST or PUT requests into keywords. Legacy usage pattern of passing the BODY payload directly as the _body_ keyword is still supported.
* Provides: PEP-257 formatting of all docstrings.
- `cspm_registration.py` - Closes 394
- `device_control_policies.py` - Closes 396
- `falconx_sandbox.py` - Closes 397
- `mssp.py` - Closes 398
- `kubernetes_protection.py` - Closes 399
- `custom_ioa.py` - Closes 400
- `falcon_complete_dashboard.py` - Closes 401
- `firewall_policies.py` - Closes 402
- `firewall_management.py` - Closes 403


---

Added features and functionality
+ Added: New combinedQueryVulnerabilities operation to SpotlightVulnerabilities Service Class.
- `spotlight_vulnerabilities.py` - Service Class
- `_endpoint/_spotlight_vulnerabilities.py` - Endpoint module
- `tests/test_spotlight_vulnerabilities.py` - Unit testing
+ Updated: Service Class Refactoring (Rev 4)
* Provides: Body Payload Abstraction - Abstracted BODY payload parameters for all methods using PATCH, POST or PUT requests into keywords. Legacy usage pattern of passing the BODY payload directly as the _body_ keyword is still supported.
* Provides: PEP-257 formatting of all docstrings.
- `cloud_connect_aws.py` - Closes 386
- `d4c_registration.py` - Closes 391
- `ioc.py` - Closes 388
- `iocs.py` - Closes 387
- `identity_protection.py` - Closes 385
- `incidents.py` - Closes 390
- `overwatch_dashboard.py` - Closes 389
- `real_time_response.py` - Closes 383
- `real_time_response_admin.py` - Closes 384
- `response_policies.py` - Closes 382


---

Issues resolved
+ Fixed: Missing body payload in CloudConnectAWS.verify_aws_account_access. Closes 376.


---

Added features and functionality
+ Updated: Service Class Refactoring (Rev 4)
* Provides: Body Payload Abstraction - Abstracted BODY payload parameters for all methods using PATCH, POST or PUT requests into keywords. Legacy usage pattern of passing the BODY payload directly as the _body_ keyword is still supported.
* Provides: PEP-257 formatting of all docstrings.
- `host_group.py` - Closes 361
- `ioa_exclusions.py` - Closes 359
- `installation_tokens.py` - Closes 363
- `ml_exclusions.py` - Closes 360
- `prevention_policy.py` - Closes 364
- `quarantine.py` - Closes 366
- `sensor_update_policy.py` - Closes 368
- `user_management.py` - Closes 367
+ Added: Class aliases for Sensor Update Policies and Prevention Policies service collections to provide classes that align to plural naming convention.

Issues resolved
+ Fixed: Hard-coded user-agent header for all requests. Moving forward, developers may specify a custom string to be used as the User-Agent header for all requests. Closes 365.
python
from falconpy import Hosts
falcon = Hosts(client_id="CLIENT_ID_HERE",
client_secret="CLIENT_SECRET_HERE",
user_agent="company-product/version"
)
result = falcon.query_devices_by_filter_scroll()
print(result)


---

Added features and functionality
+ Added: Updated `__all__` parameter in root `__init__.py`, publishing all PEP8 class names. This change allows developers to import these classes directly.
python
from falconpy import Hosts
falcon = Hosts(client_id="CLIENT_ID_HERE", client_secret="CLIENT_SECRET_HERE")
result = falcon.query_devices_by_filter()
print(result)

+ Added: Private Base URL enum. `_base_url.py`
- You may now specify your base URL by name or by URL.
+ US1
+ US2
+ USGOV1
+ EU1
+ Added: Default value for _action_name_ parameter in __refresh_active_stream__ method of EventStreams service class. `event_streams.py`
+ Added: Payload handling sub-module. `_payload/`
- `_payload/__init__.py`
- `_payload/_detects.py`
- `_payload/generic.py`
- `_payload/malquery.py`
- `_payload/recon.py`
+ Updated: Service Class Refactoring (Rev 4)
* Provides: Body Payload Abstraction - Abstracted BODY payload parameters for all methods using PATCH, POST or PUT requests into keywords. Legacy usage pattern of passing the BODY payload directly as the _body_ keyword is still supported.
* Provides: PEP-257 formatting of all docstrings.
- `detects.py` - Closes 353.
- `event_streams.py` - Closes 349
- `falcon_container.py` - Closes 348
- `hosts.py` - Closes 340.
- `intel.py` - Closes 352
- `malquery.py` - Closes 354
- `quick_scan.py` - Closes 351
- `recon.py` - Closes 350
- `report_executions.py` - Closes 346
- `sample_uploads.py` - Closes 344
- `scheduled_reports.py` - Closes 345
- `sensor_download.py` - Closes 343
- `sensor_visibility_exclusions.py` - Closes 347
- `spotlight_vulnerabilities.py` - Closes 342
- `zero_trust_assessment.py` - Closes 341
+ Updated: Endpoint module updated to reflect recent swagger changes.
- `_cspm_registration.py`
- `_mssp.py`

Issues resolved
+ Updated: Linter updates now result in usage of `format` being marked as a failure for scenarios where an `f-string` can be used. Updated all occurrences of this issue to make use of `f-string` formatting.
- `_service_class.py`
- `_util.py`
- `api_complete.py`
- `oauth2.py`

Other
+ Updated: PEP-257 syntax applied to all docstrings in all touched files.
+ Updated: README.md updated

---