Dev TESTING - DO NOT APPROVE

.github/wordlist.txt

@@ -1283,6 +1283,8 @@ shubham
 WorkflowUpdateHumanInputV
 WorkflowGetHumanInputV
 WorkflowDefinitionsCreate
+WorkflowDefinitionsStatus
+WorkflowDefinitionsAction
 WorkflowDefinitionsUpdate
 WorkflowDefinitionsImport
 WorkflowDefinitionsExport
@@ -1658,3 +1660,127 @@ ITAutomationSearchTaskGroups
 ITAutomationSearchTasks
 Parsers
 parsers
+GetCSPMInventoryBAServices
+GetCSPMInventoryServiceDetails
+GetArchiveExport
+SPL
+GetIntelligenceQueries
+slas
+combineVulnMetadataExt
+entitiesRolesGETV
+dweissbacher
+yakeeliuliu
+Matth
+wW
+GetIntelligenceQueries
+SearchIntelligenceQueries
+ReadDetectsCountBySeverity
+djacquensf
+SearchAndRReadUnidentifiedContainers
+iom
+ReplaceControlRules
+GetComplianceControls
+CreateComplianceControl
+UpdateComplianceControl
+DeleteComplianceControl
+GetSupportedSaasV
+GetSystemLogsV
+GetSystemUsersV
+GetUserInventoryV
+GetSensorUsageHourly
+atav
+RenameSectionComplianceFramework
+GetComplianceFrameworks
+CreateComplianceFramework
+UpdateComplianceFramework
+DeleteComplianceFramework
+GetEvaluationResult
+GetRuleOverride
+DismissSecurityCheckV
+GetSecurityChecksV
+GetSecurityCheckComplianceV
+IntegrationBuilderEndTransactionV
+IntegrationBuilderResetV
+IntegrationBuilderGetStatusV
+IntegrationBuilderUploadV
+GetAssetInventoryV
+GetDeviceInventoryV
+GetActivityMonitorV
+CreateRuleOverride
+UpdateRuleOverride
+DeleteRuleOverride
+GetRule
+CreateRule
+UpdateRule
+DeleteRuleMixin
+ListParsers
+ListSavedQueries
+SaaS
+GetMetricsV
+GetAlertsV
+GetAppInventoryUsers
+GetAppInventory
+GetSecurityCheckAffectedV
+DismissAffectedEntityV
+QueryComplianceControls
+QueryComplianceFrameworks
+QueryRule
+ListCloudGroupsExternal
+ListCloudGroupsByIDExternal
+CreateCloudGroupExternal
+UpdateCloudGroupExternal
+GetParser
+CreateParser
+UpdateParser
+DeleteParser
+GetSavedQueryTemplate
+CreateSavedQuery
+UpdateSavedQueryFromTemplate
+DeleteSavedQuery
+ListDashboards
+ListLookupFiles
+DeleteCloudGroupsExternal
+ListCloudGroupIDsExternal
+CombinedDetections
+FetchFilesDownloadInfo
+GetReportByReference
+GetReportByScanID
+PolicyChecks
+logscale
+GetDashboardTemplate
+CreateDashboardFromTemplate
+UpdateDashboardFromTemplate
+DeleteDashboard
+GetLookupFile
+CreateLookupFile
+UpdateLookupFile
+DeleteLookupFile
+GetParserTemplate
+CreateParserFromTemplate
+ITAutomationSearchUserGroup
+ITAutomationGetUserGroup
+ITAutomationCreateUserGroup
+ITAutomationUpdateUserGroup
+ITAutomationDeleteUserGroup
+namespace
+PostSearchKubernetesIOMEntities
+LastUpdated
+KillChain
+MaliciousConfidence
+MaliciousConfidenceValidatedTime
+FirstSeen
+LastSeen
+FamilyName
+gcp
+GetRuleInputSchema
+GetEnrichedAsset
+FileDetails
+DomainDetails
+URLDetails
+FetchFilesDownloadInfoV
+AggregateHuntingGuides
+GetHuntingGuides
+SearchHuntingGuides
+CreateScriptsV
+UpdateScriptsV
+aspm

.github/workflows/bleeding-edge.yml

@@ -0,0 +1,35 @@
+name: Publish Bleeding Edge Package
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+
+jobs:
+  deploy-package:
+    if: >
+      ${{ github.event.pull_request.merged == true && 
+      contains(github.event.pull_request.labels.*.name, 'bleeding-edge') }}
+    timeout-minutes: 45
+    environment: bleeding-edge
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+    steps:
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0
+    - name: Set up Python
+      uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+      with:
+        python-version: '3.x'
+    - name: Install dependencies
+      run: |
+        pipx install hatch
+    - name: Build and publish
+      env:
+        HATCH_INDEX_USER: ${{ secrets.HATCH_USER_ID }}
+        HATCH_INDEX_AUTH: ${{ secrets.HATCH_AUTH }}
+      run: |
+        hatch build
+        hatch publish

.github/workflows/codeql-analysis.yml

@@ -47,7 +47,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0
       with:
         persist-credentials: false
 

.github/workflows/development-edge.yml

@@ -0,0 +1,44 @@
+name: Publish Development Confirmation Package
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+
+jobs:
+  deploy-package:
+    if: >
+      ${{ github.event.pull_request.merged == true && 
+      contains(github.event.pull_request.labels.*.name, 'bleeding-edge') }}
+    timeout-minutes: 45
+    environment: bleeding-edge
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+    steps:
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0
+    - name: Set up Python
+      uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+      with:
+        python-version: '3.x'
+    - name: Install dependencies
+      run: |
+        pipx install hatch git
+    - name: Build and publish
+      env:
+        HATCH_INDEX_USER: ${{ secrets.HATCH_USER_ID }}
+        HATCH_INDEX_AUTH: ${{ secrets.HATCH_AUTH }}
+      run: |
+        git switch dev
+        sed -i '' 's/src\/falconpy/src\/falconpydev/g' pyproject.toml
+        sed -i '' 's/name = "crowdstrike-falconpy"/name = "crowdstrike-falconpy-dev"/g' pyproject.toml
+        sed -i '' 's/from falconpy import/from falconpydev import/g' README.md
+        sed -i '' 's/install crowdstrike-falconpy/install crowdstrike-falconpy-dev/g' README.md
+        sed -i '' "5,/FalconPy - The CrowdStrike Falcon SDK for Python/s/FalconPy - The CrowdStrike Falcon SDK for Python/$header/" README.md
+        sed -i '' 's/badgeFalconPy - The CrowdStrike Falcon SDK for Pythonlogo/badge&logo/g' README.md
+        sed -i '' 's/!\[CrowdStrike FalconPy\](https:\/\/raw.githubusercontent.com\/CrowdStrike\/falconpy\/main\/docs\/asset\/cs-logo-red.png#gh-dark-mode-only)//g' README.md
+        mv src/falconpy src/falconpydev
+        hatch build
+        hatch publish

.github/workflows/development-release.yml

@@ -0,0 +1,44 @@
+name: Publish Development Package
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+
+jobs:
+  deploy-package:
+    if: >
+      ${{ github.event.pull_request.merged == true && 
+      contains(github.event.pull_request.labels.*.name, 'bleeding-edge') }}
+    timeout-minutes: 45
+    environment: release
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+    steps:
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0
+    - name: Set up Python
+      uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+      with:
+        python-version: '3.x'
+    - name: Install dependencies
+      run: |
+        pipx install hatch git
+    - name: Build and publish
+      env:
+        HATCH_INDEX_USER: ${{ secrets.HATCH_USER_ID }}
+        HATCH_INDEX_AUTH: ${{ secrets.HATCH_AUTH }}
+      run: |
+        git switch dev
+        sed -i '' 's/src\/falconpy/src\/falconpydev/g' pyproject.toml
+        sed -i '' 's/name = "crowdstrike-falconpy"/name = "crowdstrike-falconpy-dev"/g' pyproject.toml
+        sed -i '' 's/from falconpy import/from falconpydev import/g' README.md
+        sed -i '' 's/install crowdstrike-falconpy/install crowdstrike-falconpy-dev/g' README.md
+        sed -i '' "5,/FalconPy - The CrowdStrike Falcon SDK for Python/s/FalconPy - The CrowdStrike Falcon SDK for Python/$header/" README.md
+        sed -i '' 's/badgeFalconPy - The CrowdStrike Falcon SDK for Pythonlogo/badge&logo/g' README.md
+        sed -i '' 's/!\[CrowdStrike FalconPy\](https:\/\/raw.githubusercontent.com\/CrowdStrike\/falconpy\/main\/docs\/asset\/cs-logo-red.png#gh-dark-mode-only)//g' README.md
+        mv src/falconpy src/falconpydev
+        hatch build
+        hatch publish

.github/workflows/production-release.yml

@@ -0,0 +1,29 @@
+name: Publish Production Release
+
+on:
+  release:
+    types: [created]
+
+jobs:
+  deploy:
+    timeout-minutes: 45
+    environment: release
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+    steps:
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0
+    - name: Set up Python
+      uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
+      with:
+        python-version: '3.x'
+    - name: Install dependencies
+      run: |
+        pipx install hatch
+    - name: Build and publish
+      env:
+        HATCH_INDEX_USER: ${{ secrets.HATCH_USER_ID }}
+        HATCH_INDEX_AUTH: ${{ secrets.HATCH_AUTH }}
+      run: |
+        hatch build
+        hatch publish

.github/workflows/unit_testing_eu1.yml

@@ -22,7 +22,7 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
     runs-on: ubuntu-24.04
     timeout-minutes: 45
-    environment: testing
+    environment: testing-eu1
     permissions:
       contents: read
     steps:

.github/workflows/unit_testing_us2.yml

@@ -22,7 +22,7 @@ jobs:
     if: github.event.pull_request.head.repo.full_name == github.repository
     runs-on: ubuntu-24.04
     timeout-minutes: 45
-    environment: testing
+    environment: testing-us2
     permissions:
       contents: read
     steps:

AUTHORS.md

@@ -107,7 +107,10 @@ This has been a critical element in the development of the FalconPy project.
 + Evan Stoner, `@evanstoner`
 + Gage Schaffer, `@Gage-BCCA`
 + `@JamesLochheadCRWD`
-
++ Matthew, `@Matth3wW`
++ `@dweissbacher`
++ `@atav928`
++ `@subbu-cs`
 
 ## Sponsors
 Without the support of these executives, the FalconPy project would not have happened.