fix(bitdefender): doc LOWs + sweep pagination + selftest alignment
Batched the audit doc/LOW findings plus the two pagination LOWs: - Pagination (gz_client): security_sweep and refresh_inventory stopped on a 'total' field some responses omit, truncating after page 1. Now page until a short page (< per_page) - the reliable last-page signal. - isolate/restore docstrings (gz_client): removed the stale 'v1.2 takes an ARRAY endpointIds' lines that contradicted the verified single-endpointId code. - Cache 'no PII' wording corrected (gz_client header + SKILL.md): cache holds infra identifiers (hostnames/FQDNs); no secrets. Dead _require_company_for_sweep removed. - Doc drift fixed: delete-package is '--id <packageId>' not '--package <name>' (SKILL.md + api-reference.md, verified live); module docstring + sweep --company help corrected (sweep with no --company fans out to ALL companies). - selftest aligned to the improved behavior: malformed ids now exit rc2 client-side (H3) instead of rc1; gate-refusal 'Would' messages now assert on stderr (they moved off stdout so --json isn't polluted). 75/75 pass; live sweep verified. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -1,9 +1,12 @@
|
||||
#!/usr/bin/env python3
|
||||
"""CLI for the bitdefender skill - GravityZone Cloud Public API.
|
||||
|
||||
Read-only subcommands run freely. Destructive subcommands (delete-endpoint,
|
||||
delete-package, delete-group) refuse to run unless --confirm is passed; without
|
||||
it they print what they WOULD do and exit non-zero.
|
||||
Read-only subcommands run freely. State-changing subcommands (delete-endpoint,
|
||||
delete-package, delete-group, move, scan, create-package, make-group, isolate,
|
||||
unisolate, blocklist-add/remove, assign-policy, set-label, reconfigure, push-set,
|
||||
company create/suspend/activate/delete, account/report create, push-test, and any
|
||||
destructive `raw` method) refuse to run unless --confirm is passed; without it
|
||||
they print what they WOULD do and exit non-zero. See SKILL.md for the full list.
|
||||
|
||||
Output: --json emits raw JSON; otherwise a readable table/summary.
|
||||
|
||||
@@ -338,13 +341,6 @@ def cmd_sweep(client, args):
|
||||
_print_sweep_table(summaries)
|
||||
|
||||
|
||||
def _require_company_for_sweep() -> str:
|
||||
from gz_client import ACG_COMPANIES_CONTAINER_ID
|
||||
print("[INFO] No --company given; sweeping the ACG companies container.",
|
||||
file=sys.stderr)
|
||||
return ACG_COMPANIES_CONTAINER_ID
|
||||
|
||||
|
||||
def cmd_policies(client, args):
|
||||
_emit(client.list_policies(), args.json, _print_policy_table)
|
||||
|
||||
@@ -948,7 +944,9 @@ def build_parser() -> argparse.ArgumentParser:
|
||||
sp.add_argument("endpoint_id")
|
||||
|
||||
sp = sub.add_parser("sweep", help="Live security posture sweep.", parents=[common])
|
||||
sp.add_argument("--company", help="Parent id (defaults to ACG container).")
|
||||
sp.add_argument("--company",
|
||||
help="Parent company id. Omit to sweep ALL client companies "
|
||||
"(many live API calls).")
|
||||
|
||||
sub.add_parser("policies", help="List policies (id + name).", parents=[common])
|
||||
sp = sub.add_parser("policy",
|
||||
|
||||
Reference in New Issue
Block a user