Releases: rapid7/nexpose-client
Nexpose Client v0.7.2
Modifications to Roles, so that new roles default to -1 and the ControlsInsight role is added as a constant.
Nexpose Client v0.7.1
Fixes a missing dependency issue and adds a few smaller features.
Release 10 April 2014.
This release is backwards compatible with version 0.7.0.
Bug Fixes
Adds 'cgi' dependency, which is required for saving Dynamic Asset Groups.
New Features
Add ability to disable TCP ports in a scan template.
Minor convenience changes, like default arguments and aliasing existing methods.
Adds "name" attribute to reports returned from the Connection#reports method. (Only supported in version 5.9.4 and newer of Nexpose. Otherwise, nil.)
Nexpose Client v0.7.0
Adds new functionality, such as Tags, and re-writes the multi-tenant objects and calls.
Release 26 March 2014
There are breaking changes in this release. When you update your Nexpose deployment to version 5.9, you will need to use at least version 0.7 of this gem in order to save asset groups. Multi-tenant calls are also redesigned and not backward compatible with earlier versions of the gem.
New Features
Adds support for Tagging, with a Tag class as well an numerous methods on the Connection class for querying tags and tagged elements. Modifies sites and groups to include tag information. Adds constants for searching by tags.
Adds the Silo class, allowing for creating, editing, and deleting silos.
Adds the SiloProfile class, allowing for creating, editing, and deleting silo profiles.
Adds the MultiTenantUser class, allowing for creating, editing, and deleting multi-tenant users.
Adds the DiscoveryConnection class, allowing for creating, querying, and deleting discovery connections. Changes to the Site class in coordination with this allows for adding and modifying dynamic sites.
Adds a 'dynamic' attribute to the AssetGroupSummary object, so that listing the asset groups will indicate whether a group is static or dynamic.
Adds a delete_scan method to the Connection object. This can be used to delete individual scans from the scan history of a site. Care should be exercised, as this is a backdoor into removing data which may require DBCC to be run afterward.
Nexpose Client v0.6.5
Addresses issue when a Site configuration has Organization information and is modified.
Release 11 March 2014
There are no breaking changes in this release. This release fixes a problem with loading and saving Organization information for a Site.
Bug Fixes
Marshalls and unmarshalls Organization information from a Site XML object so that it can be loaded, changed, and saved. Issue #53
Nexpose Client v0.6.4
Adds several new features missing or difficult to get in previous versions of the gem.
Release 10 March 2014
There are no breaking changes in this release. This release brings in a number of new calls and options.
Bug Fixes
Fills in several missing constants for filtering.
New Features
Adds #test method to the SharedCredential class. This allows users to confirm a shared credential before saving, but will not work against loaded credentials.
Adds #group_assets method to the Connection class. This retrieves all the assets currently associated with a group. This information used to only be available for static asset groups via the gem. The method applies to static or dynamic groups.
Adds convenience methods for adjusting TCP and UDP ports on scan templates.
Adds console configuration class and methods, primarily useful for internal automation use, such as adjusting the default timeout for the console or the number of scan threads.
Nexpose Client v0.6.3
Addresses bugs found in vuln exception and site saving methods.
Release 25 February 2014
There are no breaking changes in this release. This release converts to using an #as_xml method to return REXML objects, but the old #to_xml_elem methods are aliased for backwards compatibility.
Bug Fixes
Addresses comments not saving correctly when saving Vulnerability Exceptions.
Properly sanitize the description and alerts when saving a Site.
Nexpose Client v0.6.2
Addresses bugs found in asset group scanning, scan template copying, and building report configurations.
Release 31 January 2014
There are no breaking changes in this release.
Bug Fixes
Adds missing constants for Asset Filter Searching around last scan date: BETWEEN and EARLIER_THAN.
Fixes ScanTemplate#copy method. It should now correctly assign the "new" template ID and alter the name of the copied template, so that the new template can be saved to the console.
AssetGroup#rescan_assets method now calls correct ad hoc scan method, returning a list of successful scans.
ReportConfig#build method now generates a report immediately if the generate_now flag is supplied.
Nexpose Client v0.6.1
Addresses bugs found in downloading and filtering.
Release 9 January 2014
There are no breaking changes in this release.
Bug Fixes
The Connection#filter method was not correctly converting asset IDs following the 5.8.2 release.
The Connection#download method did not have the binary flag on, so files written to disk could have binary difference from the version pulled from Nexpose.
Nexpose Client v0.6.0
Enables changes incorporated into Nexpose release 5.8.2.
Release 18 December 2013.
There are breaking changes in 0.6.0. Underlying calls to Nexpose have changed, and some calls may not work against versions older than 5.8.2 of Nexpose. This applies to methods which relied on the clean_data_table! method, as well as to the list_scan_templates method.
The majority of version 0.6.0 is backwards compatible with 0.5.0
Bug Fixes
Engines could not be saved through the gem if they included reserved XML entity characters.
New Features
Adds users array to Site object, which allows them to be retrieved and saved. Prior to 0.6, the access list to a site could be eliminated by saving through the API.
The asset_vulns call now uses the proper string identifier as the ID. For the console-specific ID, users can still call console_id. The return value also includes date information for verified vulns.
Report calls have been modified to accommodate SQL statements.
Report Filter classes now have built-in equality methods.
Connection#scan_templates method now returns a list of summary objects with id and name. It was previously just a list of the IDs.
Nexpose Client v0.5.6
Adds timeout argument for scan starting.
Release 21 November 2013.
There are no breaking changes in 0.5.6
Version 0.5.6 is backwards compatible with 0.5.0
New Features
Adds timeout argument for scan initiation. A request to initiate a scan could timeout if it took more than 60 seconds to get a response from Nexpose (typically because of heavy load). When this happens, the gem would initiate a new scan request, which will fail with a cryptic message indicating that a scan is already running.