Skip to content

CHANGELOG.md

Latest commit

 

History

History
1320 lines (726 loc) · 25.7 KB

CHANGELOG.md

File metadata and controls

1320 lines (726 loc) · 25.7 KB

Change Log (v2.8.1+)

v4.5.0 [2026-01-26]

What's New:

  • Added functionality for My Resources dynamic resources.
  • Added support for custom headers for My Access, My Resources, My Secrets.
  • Added support for service identity impersonation.
  • Added support for AI service identity type.
  • Added python3.14 support.
  • Dropped python3.9 support, EOL 2025-10-31.

Enhancements:

  • Added my_resources.[build|delete|list_dynamic_parameters] for dynamic resources usage.
  • Added headers param for [my_access|my_resources|my_secrets] methods.
  • Added impersonation to access_broker.profiles.[create|update] for service identity impersonation.
  • Added identity_management.ai_identities for AI service identity type.

Bug Fixes:

  • Trailing slash in url affects python3.14+.
  • Identity types is a requirement, updates to identity_management.identity_attributes.[create|identity_types]
  • Updated update_fields_to_keep for application_managment.profiles.update due to API error.
  • access_broker.resources.types.update requires name in payload to avoid name update error.

Dependencies:

  • python3.14 dependency bumps: [requests>=2.32.5, jmespath>=1.1.0]

Other:

  • Updated documentation for GCP federation provider doc string.
  • Various test fixes and adjustments

v4.4.0 [2025-10-24]

What's New:

  • Added Manager Approval support to [application_management|secrets_manager|system].
  • Added GCP Federation Provider.

Enhancements:

  • Added manager_condition parameter to [application_management.profiles|secrets_manager|system].policies.build.
  • Drop socket usage to speed up response times in specific scenarios, e.g., Windows DNS in WSL environments.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • Test naming convention updates.

v4.3.2 [2025-09-04]

What's New:

  • None

Enhancements:

  • Added org_scan_only parameter to application_management.[applications|scans].scan allowing organization only scans of Azure and GCP.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v4.3.1 [2025-08-14]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Fixed unbound variable error when check_response_for_error is run against generic HTTP error.

Dependencies:

  • None

Other:

  • None

v4.3.0 [2025-07-08]

What's New:

  • Added security.active_sessions functionality to allow administrative session management.

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v4.2.0 [2025-05-30]

What's New:

  • Added advanced_settings functionality to:
    • application_management
    • application_management.profiles
    • access_broker.profiles
  • Added global_settings.itsm functionality.

Enhancements:

  • Added missing params for secrets_manager.[secrets|vaults] and file updates.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • Updated tests to use uniform naming convention.
  • Refactored application_management.profiles to break out classes for added clarity.

v4.1.3 [2025-03-07]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Upload check[in|out]_file content for access_broker.resources.permissions.[create|update] to avoid requests injected headers.

Dependencies:

  • None

Other:

  • None

v4.1.2 [2025-03-06]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Added missing fields param to access_broker.resources.types.[create|update]
  • Fixed my_resources.list bug, where params is None instead of expected dict
  • Fixed issue with access_broker.resources.permissions.create uploading files when none are specified.
  • Correct the members param example for access_broker.profiles.policies.[create|update]

Dependencies:

  • None

Other:

  • Type hint cleanup and preferential sorting for access_broker

v4.1.1 [2025-03-05]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Added missing 409 Conflict to exceptions.allowed_exceptions
  • Added missing zero in the PP- errors in exceptions.badrequest
  • Raise specific InvalidTenantError when DNS resolution fails in helpers.utils.parse_tenant.
  • Updated type hint typo, from list to dict, in [my_access|my_resources].list.

Dependencies:

  • jmespath >= 1.0.1

Other:

  • None

v4.1.0 [2025-02-28]

What's New:

  • my_resources.list akin to my_access.list allowing the use of size.

Enhancements:

  • None

Bug Fixes:

  • managed_permissions added to the application_management init.
  • Britive.parse_tenant still referenced in aws federation provider.

Dependencies:

  • None

Other:

  • None

v4.0.1 [2025-01-29]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Withdrawn request now returns withdrawn status instead of cancelled.
  • Always include ITSM ticket_type and/or ticket_id if they are provided.
  • Failing my_resources.checkout due to 404 after approval.

Dependencies:

  • None

Other:

  • None

v4.0.0 [2025-01-17]

What's New:

  • Reorganized codebase to align with UI orginizational structure.
  • Decoupled my_requests and my_approvals from my_access.
  • Added brokers and pools functionality for access_broker.
  • Added firewall settings functionality.
  • Added Britive managed_permissions functionality.
  • Britive exceptions by type and error code.
  • my_resources improvements.

Enhancements:

  • Added add_favorite and delete_favorite to my_resources.
  • Added checkout approvals to my_resources.
  • Added ITSM to checkout approvals.
  • Added (create|list|update|delete)_filter) to my_access.
  • Added response_templates functionality for access_broker credentials.
  • Added request_approval[_by_name]|withdraw_approval_request[_by_name] to my_resources.
  • Added my_access.list to retrieve access details with new type=sdk option.

Bug Fixes:

  • Fixed missing param_values option for resource creation.
  • my_approvals.list now includes my_resources requests.
  • Make get call in helper method instead list_approvals.
  • Catch requests.exceptions.JSONDecodeError in handle_response.

Dependencies:

  • requests >= 2.32.0

Other:

  • Python 3.8 is EOL, so support is dropped.
  • Method assignments dropped:
Dropped New location
access_builder application_management.access_builder
accounts application_management.accounts
applications application_management.applications
audit_logs audit_logs.logs
environment_groups application_management.environment_groups
environments application_management.environments
groups application_management.groups
identity_attributes identity_management.identity_attributes
identity_providers identity_management.identity_providers
notification_mediums global_settings.notification_mediums
notifications workflows.notifications
permissions application_management.permissions
profiles application_management.profiles
saml security.saml
scans application_management.scans
security_policies security.security_policies
service_identities identity_management.service_identities
service_identity_tokens identity_management.service_identity_tokens
settings global_settings
step_up security.step_up_auth
tags identity_management.tags
task_services workflows.task_services
tasks workflows.tasks
users identity_management.users
workload identity_management.workload
my_access.approval_request_status my_requests.approval_request_status
my_access.approve_request my_approvals.approve_request
my_access.list_approvals my_approvals.list
my_access.reject_request my_approvals.reject_request

v3.1.0 [2024-10-07]

What's New:

  • Added access_broker functionality.

Enhancements:

  • None

Bug Fixes:

  • Fixed incorrect if filter in secrets_manager.

Dependencies:

  • None

Other:

  • Switched tox to install from requirements.txt

v3.0.0 [2024-09-09]

What's New:

  • Added access_builder functionality.
  • Added audit_logs.webhooks functionality.

Enhancements:

  • Added comments to my-access.{approve|reject}_request args.
  • Added filter_expression to notification_mediums.list.
  • notification_mediums.create now uses url=... and token=... instead of connection_parameters.
  • Added otp for step up authentication to my_secrets.{download|view}.

Bug Fixes:

  • Fixed issues with some tests and added missing test deletes.

Dependencies:

  • Dropped support for python3.7.
  • Dropped pkg_resources dependency.

Other:

  • Removed deprecated policies.py.
  • Removed deprecated from_time|to_time.
  • Switched to ruff for style linting and code-quality checking.

v2.25.0 [2024-07-01]

NOTE: This will be the last minor version before 3.0.0

What's New:

  • britive.my_resources - allow users to list, checkout, and checkin their Cloud PAM Anywhere resources.
  • britive.step_up.authenticate - allow users to use MFA/TOTP step-up authentication with britive.my_access.checkout

Enhancements:

  • Addition of gitlab federation provider
  • Addition of include_tags on users.list and service_identities.list

Bug Fixes:

  • Adding missing otp arguments to my_access.
  • missing otp dependency for tox testing.

Dependencies:

  • None

Other:

  • Added *_CA_BUNDLE examples to the docs.
  • Add PYBRITIVE_CA_BUNDLE to requests session if set, introduced in pybritive (v1.8.0rc2)

v2.25.0rc5 [2024-06-21]

What's New:

  • britive.my_resources - allow users to list, checkout, and checkin their Cloud PAM Anywhere resources.

Enhancements:

  • None

Bug Fixes:

  • missing otp dependency for tox testing.

Dependencies:

  • None

Other:

  • None

v2.25.0rc4 [2024-06-07]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Adding missing otp arguments to my_access.

Dependencies:

  • None

Other:

  • Added *_CA_BUNDLE examples to the docs.
  • Add PYBRITIVE_CA_BUNDLE to requests session if set, introduced in pybritive (v1.8.0rc2)

v2.25.0rc3 [2024-05-23]

What's New:

  • britive.step_up.authenticate - allow users to use MFA/TOTP step-up authentication with britive.my_access.checkout

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.25.0rc2 [2024-05-10]

What's New:

  • None

Enhancements:

  • Addition of include_tags on users.list and service_identities.list

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.25.0rc1 [2024-04-22]

What's New:

  • None

Enhancements:

  • Addition of gitlab federation provider

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.24.0 [2024-04-05]

What's New:

  • britive.settings.banner.* - administer the banner/system announcement
  • britive.banner - view the banner/system announcement (all end users can view the banner)

Enhancements:

  • Implement logic to catch and present user-friendly error if a tenant is under maintenance
  • britive.users.minimized_user_details method to get a summarized set of user attributes given a list of user ids
  • britive.tags.minimized_tag_details method to get a summarized set of tag attributes given a list of tag ids
  • britive.notification.configure method changes to support the memberRules attribute
  • Native spacelift.io OIDC workload federation support
  • Add filter_expression to listing of system policies/roles/permissions
  • Add secrets_manager.rename() method
  • Add view=includePolicies as an option to the listing of profiles

Bug Fixes:

  • Fix bug related to pagination with system policies/roles/permissions (#97)

Dependencies:

  • Removal of pkg_resources dependency

Other:

  • Remove references to version 1 of profiles as the Britive Platform no longer supports version 1 and all customers have been migrated to version 2
  • Updates to the test suite
  • Addition of __version__ in __init__.py

v2.24.0rc5 [2024-04-03]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • Removal of pkg_resources dependency

Other:

  • Addition of __version__ in __init__.py

v2.24.0rc4 [2024-04-01]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • Updates to the test suite

v2.24.0rc3 [2024-03-15]

What's New:

  • None

Enhancements:

  • Add filter_expression to listing of system policies/roles/permissions
  • Add secrets_manager.rename() method
  • Add view=includePolicies as an option

Bug Fixes:

  • Fix bug related to pagination with system policies/roles/permissions (#97)

Dependencies:

  • None

Other:

  • Updates to the test suite

v2.24.0rc2 [2024-01-24]

What's New:

  • None

Enhancements:

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.24.0rc1 [2024-01-18]

What's New:

  • britive.settings.banner.* - administer the banner/system announcement
  • britive.banner - view the banner/system announcement (all end users can view the banner)

Enhancements:

  • Implement logic to catch and present user-friendly error if a tenant is under maintenance
  • britive.users.minimized_user_details method to get a summarized set of user attributes given a list of user ids
  • britive.tags.minimized_tag_details method to get a summarized set of tag attributes given a list of tag ids
  • britive.notification.configure method changes to support the memberRules attribute

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • Remove references to version 1 of profiles as the Britive Platform no longer supports version 1 and all customers have been migrated to version 2

v2.23.0 [2023-11-07]

What's New:

  • None

Enhancements:

  • Support for extending a checked out profile via my_access.extend_checkout and my_access.extend_checkout_by_name

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.23.0rc1 [2023-11-03]

What's New:

  • None

Enhancements:

  • Support for extending a checked out profile via my_access.extend_checkout and my_access.extend_checkout_by_name

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.22.0 [2023-10-12]

What's New:

  • None

Enhancements:

  • Support additional policy condition format. Historically only "stringified" JSON was supported by the Britive backend. Now standard JSON is supported and this SDK will now optionally offer to convert the policy condition block to a python dictionary.

Bug Fixes:

  • Enhanced error handling when a secret or node/path in secrets manager does not exist
  • Fixed bug related to AWS federation provider when a tenant was not provided via the BRITIVE_TENANT environment variable

Dependencies:

  • None

Other:

  • None

v2.21.0 [2023-09-15]

What's New:

  • None

Enhancements:

  • Support for environment_association in profiles.list
  • Support for summary parameter on profiles.get

Bug Fixes:

  • Fixes a bug that will re-request access to a secret instead of raising an exception that the secret request was denied.
  • Fixes service identity tokens due to some changes in the way they are generated now that service identity workload federation is supported.
  • Fixes a bug with profiles.update which was not including all the proper fields in the update request.

Dependencies:

  • None

Other:

  • Updates to the test suite.

v2.20.1 [2023-06-26]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Properly handle situation when a user requests approval to checkout a profile but there is already an approved request for that same profile.

Dependencies:

  • None

Other:

  • None

v2.20.0 [2023-06-14]

What's New:

  • Support for profile permission constraints.

Enhancements:

  • Support multiple notification mediums for an approval policy condition.

Bug Fixes:

  • None

Dependencies:

Other:

  • None

v2.19.0 [2023-05-09]

What's New:

  • Added workload.scim_user for managed workload identity federation for SCIM users.
  • Added my_access.approve_request, my_access.reject_request, and my_access.list_approvals.

Enhancements:

  • Modified the way in which workload identity providers are associated with service identities.
  • Added date_schedule and days_schedule to the various policy build methods.

Bug Fixes:

  • Addressed race condition in my_access.checkout if multiple processes (running as the same user) attempt to check out the same profile for the same environment at the same time

Dependencies:

  • None

Other:

  • None

v2.18.0 [2023-03-27]

What's New:

  • Support for tag membership rules.

Enhancements:

  • Allow the creation of external tags (tags associated with an identity provider) using a non-SCIM identity.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.17.0 [2023-03-14]

What's New:

  • Workload API coverage (create workload federation identity providers and map to service identities) workload
  • System Policies coverage system.policies
  • System Roles coverage system.roles
  • System Permissions coverage system.permissions

Enhancements:

  • Add custom attribute coverage to users and service identities

Bug Fixes:

  • None

Dependencies:

  • For dev/test removed the pin on pytest which was causing issues with newer versions of python

Other:

  • None

DEPRECATION NOTICE

policies.py

This python file only holds one method build. The remainder of the system policy logic has been created in system.policies so as not to cause confusion with secrets manager and profile policies.

In the next major release, policies.py will be retired. As of release 2.17.0 the polices.build method simply calls system.policies.build.

v2.16.0 [2023-03-02]

What's New:

  • Natively support Azure Managed Identity OIDC authentication for workload federation.

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.15.1 [2023-02-16]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Added missing API call profiles.get_scopes()

Dependencies:

  • None

Other:

  • None

v2.15.0 [2023-02-06]

What's New:

  • Added two new APIs for managing single environment scope changes for a profile
    • profiles.add_single_environment_scope()
    • profiles.remove_single_environment_scope()

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.14.2 [2023-01-27]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • In poilicies.build() properly handle when lists are empty

Dependencies:

  • None

Other:

  • None

v2.14.1 [2023-01-24]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • In profile.poilicies.build() support the now available validFor approval parameter via method parameter access_validity_time.

Dependencies:

  • None

Other:

  • None

v2.14.0 [2023-01-18]

What's New:

  • Added Bitbucket as an OIDC federation provider so that the needed logic for authenticating to Britive via Bitbucket pipelines is abstracted away from the caller.

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.13.0 [2023-01-06]

What's New:

  • Ability to pass a callback function to the following my_access methods which will report progress of the process.
    • checkout
    • checkout_by_name
    • request_approval
    • request_approval_by_name

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.12.4 [2023-01-04]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Properly handle use case of long term (IAM User) vs. temporary credentials (AssumeRole/Federation) in the AWS Federation Provider

Dependencies:

  • None

Other:

  • None

v2.12.3 [2022-12-12]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Fix bug when catching JSON decode exceptions when decoding requests response - catching the more generic ValueError instead of a specific JSON decode error

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Remove port from tenant name in the AWS provider

Dependencies:

  • None

Other:

  • Allow disabling TLS/SSL verification for local development work by setting environment variable export BRITIVE_NO_VERIFY_SSL=true

v2.12.2 [2022-11-28]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Fix issue with AWS provider when injecting the tenant name into the AWS sigv4 signed request

Dependencies:

  • None

Other:

  • None

v2.12.1 [2022-11-17]

What's New:

  • None

Enhancements:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Allow caller to specify duration/expiration time of tokens generated by the AWS federation provider

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.12.0 [2022-11-16]

What's New:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Support for workload identity federation providers

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.11.2 [2022-11-01]

What's New:

  • None

Enhancements:

  • Reduce number of API calls required to checkout a profile

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.11.1 [2022-10-24]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Allow local machine DNS resolution (e.g. /etc/hosts) for tenant URL check

Dependencies:

  • None

Other:

  • None

v2.11.0 [2022-10-18]

What's New:

  • Support for Secrets Manager APIs
    • Vaults
    • Password Policies
    • Secrets
    • Policies
    • Static Secret Templates
    • Resources
    • Folders
  • Support for Notification Medium APIs

Enhancements:

  • Allow the use of a port number in a tenant URL

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.10.0 [2022-10-06]

What's New:

  • None

Enhancements:

  • Allow for non *.britive-app.com tenants. Default to britive-app.com if no valid URL is provided (for backwards compatibility)

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.9.0 [2022-09-30]

What's New:

  • Exponential backoff logic added to all API calls.

Enhancements:

  • Add filter_expression to britive.reports.run() to allow filtering the results as required by the caller.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.8.1 [2022-09-22]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Fixes an issue with britive.audit_logs.query() pagination. The last page of results is now included.
  • Fixes an issue with britive.reports.run() pagination. The last page of results is now included.
  • Fixes an issue with britive.reports.run() results being truncated to a maximum of 1000 records when csv=False. This was due to how the API handles JSON results vs. CSV results. Now the results are always obtained in CSV format from the API and then converted to a list of dictionaries if csv=False.

Dependencies:

  • None

Other:

  • None