Merge remote-tracking branch 'origin/main' into main

Resolved conflicts favoring local changes:
- Kept our deletions (scan_config_api.py, scans/mongodb.py, scans_routes.py, auth_service.py)
- Kept our modifications to main.py, scans/compliance.py, scans/config.py, scans/models.py
- Remote had Black formatting changes that conflicted with our refactoring

Our changes take precedence as they represent functional refactoring (E1-S1, E1-S2, E1-S3).

Author: remyluslosius

backend/app/routes/compliance/drift.py

@@ -88,7 +88,9 @@ class DriftEventsListResponse(BaseModel):
 )
 async def list_drift_events(
     host_id: Optional[UUID] = Query(None, description="Filter by host ID"),
-    drift_type: Optional[str] = Query(None, description="Filter by drift type (major, minor, improvement, stable)"),
+    drift_type: Optional[str] = Query(
+        None, description="Filter by drift type (major, minor, improvement, stable)"
+    ),
     exclude_stable: bool = Query(False, description="Exclude stable drift events"),
     limit: int = Query(10, ge=1, le=100, description="Maximum number of events to return"),
     offset: int = Query(0, ge=0, description="Number of events to skip"),
@@ -142,7 +144,9 @@ async def list_drift_events(
         builder.where("sde.drift_type != :stable", "stable", "stable")
 
     # Get total count
-    count_builder = QueryBuilder("scan_drift_events sde").join("hosts h", "h.id = sde.host_id", "INNER")
+    count_builder = QueryBuilder("scan_drift_events sde").join(
+        "hosts h", "h.id = sde.host_id", "INNER"
+    )
     if host_id:
         count_builder.where("sde.host_id = :host_id", host_id, "host_id")
     if drift_type:

backend/app/routes/compliance/intelligence.py

@@ -98,7 +98,9 @@ class ComplianceOverview(BaseModel):
 async def get_semantic_rules(
     framework: Optional[str] = Query(None, description="Filter by framework"),
     business_impact: Optional[str] = Query(None, description="Filter by business impact"),
-    remediation_available: Optional[bool] = Query(None, description="Filter by remediation availability"),
+    remediation_available: Optional[bool] = Query(
+        None, description="Filter by remediation availability"
+    ),
     db: Session = Depends(get_db),
     current_user: Dict[str, Any] = Depends(get_current_user),
 ) -> Dict[str, Any]:
@@ -149,7 +151,9 @@ async def get_semantic_rules(
                     "remediation_complexity": rule.remediation_complexity,
                     "estimated_fix_time": rule.estimated_fix_time,
                     "remediation_available": rule.remediation_available,
-                    "confidence_score": (float(rule.confidence_score) if rule.confidence_score else 1.0),
+                    "confidence_score": (
+                        float(rule.confidence_score) if rule.confidence_score else 1.0
+                    ),
                 }
             )
 
@@ -220,7 +224,9 @@ async def get_framework_intelligence(
 
             remediation_coverage = 0
             if stats.rule_count > 0:
-                remediation_coverage = round((stats.remediation_available_count / stats.rule_count) * 100)
+                remediation_coverage = round(
+                    (stats.remediation_available_count / stats.rule_count) * 100
+                )
 
             frameworks.append(
                 {
@@ -307,7 +313,9 @@ async def get_compliance_overview(
 
     except Exception as e:
         logger.error(f"Error retrieving compliance overview: {e}")
-        raise HTTPException(status_code=500, detail=f"Failed to retrieve compliance overview: {str(e)}")
+        raise HTTPException(
+            status_code=500, detail=f"Failed to retrieve compliance overview: {str(e)}"
+        )
 
 
 @router.get("/semantic-analysis/{scan_id}")
@@ -337,9 +345,13 @@ async def get_semantic_analysis(
             "scan_id": str(analysis.scan_id),
             "host_id": str(analysis.host_id),
             "semantic_rules_count": analysis.semantic_rules_count,
-            "frameworks_analyzed": (json.loads(analysis.frameworks_analyzed) if analysis.frameworks_analyzed else []),
+            "frameworks_analyzed": (
+                json.loads(analysis.frameworks_analyzed) if analysis.frameworks_analyzed else []
+            ),
             "remediation_available_count": analysis.remediation_available_count,
-            "processing_metadata": (json.loads(analysis.processing_metadata) if analysis.processing_metadata else {}),
+            "processing_metadata": (
+                json.loads(analysis.processing_metadata) if analysis.processing_metadata else {}
+            ),
             "analysis_data": (json.loads(analysis.analysis_data) if analysis.analysis_data else {}),
             "created_at": (analysis.created_at.isoformat() if analysis.created_at else None),
             "updated_at": (analysis.updated_at.isoformat() if analysis.updated_at else None),
@@ -349,7 +361,9 @@ async def get_semantic_analysis(
         raise
     except Exception as e:
         logger.error(f"Error retrieving semantic analysis: {e}")
-        raise HTTPException(status_code=500, detail=f"Failed to retrieve semantic analysis: {str(e)}")
+        raise HTTPException(
+            status_code=500, detail=f"Failed to retrieve semantic analysis: {str(e)}"
+        )
 
 
 @router.get("/compliance-matrix")
@@ -386,16 +400,22 @@ async def get_compliance_matrix(
                 {
                     "host_id": str(row.host_id),
                     "framework": row.framework,
-                    "compliance_score": (float(row.compliance_score) if row.compliance_score else 0.0),
+                    "compliance_score": (
+                        float(row.compliance_score) if row.compliance_score else 0.0
+                    ),
                     "total_rules": row.total_rules,
                     "passed_rules": row.passed_rules,
                     "failed_rules": row.failed_rules,
                     "previous_score": (float(row.previous_score) if row.previous_score else None),
                     "trend": row.trend,
                     "last_scan_id": str(row.last_scan_id) if row.last_scan_id else None,
                     "last_updated": (row.last_updated.isoformat() if row.last_updated else None),
-                    "predicted_next_score": (float(row.predicted_next_score) if row.predicted_next_score else None),
-                    "prediction_confidence": (float(row.prediction_confidence) if row.prediction_confidence else None),
+                    "predicted_next_score": (
+                        float(row.predicted_next_score) if row.predicted_next_score else None
+                    ),
+                    "prediction_confidence": (
+                        float(row.prediction_confidence) if row.prediction_confidence else None
+                    ),
                 }
             )
 
@@ -407,7 +427,9 @@ async def get_compliance_matrix(
 
     except Exception as e:
         logger.error(f"Error retrieving compliance matrix: {e}")
-        raise HTTPException(status_code=500, detail=f"Failed to retrieve compliance matrix: {str(e)}")
+        raise HTTPException(
+            status_code=500, detail=f"Failed to retrieve compliance matrix: {str(e)}"
+        )
 
 
 @router.post("/remediation/strategy")
@@ -468,7 +490,9 @@ async def create_remediation_strategy(
         raise
     except Exception as e:
         logger.error(f"Error creating remediation strategy: {e}")
-        raise HTTPException(status_code=500, detail=f"Failed to create remediation strategy: {str(e)}")
+        raise HTTPException(
+            status_code=500, detail=f"Failed to create remediation strategy: {str(e)}"
+        )
 
 
 @router.get("/health")

backend/app/routes/compliance/owca.py

@@ -256,7 +256,9 @@ async def get_host_framework_intelligence(
     """
     try:
         owca = get_owca_service(db)
-        intelligence = await owca.get_framework_intelligence(framework=framework, host_id=str(host_id))
+        intelligence = await owca.get_framework_intelligence(
+            framework=framework, host_id=str(host_id)
+        )
 
         if not intelligence:
             raise HTTPException(
@@ -269,7 +271,9 @@ async def get_host_framework_intelligence(
         if hasattr(intelligence, "dict"):
             result = dict(intelligence.dict())
         else:
-            result = dict(intelligence) if isinstance(intelligence, dict) else {"data": intelligence}
+            result = (
+                dict(intelligence) if isinstance(intelligence, dict) else {"data": intelligence}
+            )
         return result
 
     except HTTPException:
@@ -442,7 +446,9 @@ async def calculate_host_risk(
     description="Get all hosts ranked by risk score for prioritization",
 )
 async def rank_fleet_by_risk(
-    limit: Optional[int] = Query(None, ge=1, le=100, description="Maximum number of hosts to return"),
+    limit: Optional[int] = Query(
+        None, ge=1, le=100, description="Maximum number of hosts to return"
+    ),
     db: Session = Depends(get_db),
     _current_user: Dict[str, Any] = Depends(get_current_user),
 ) -> List[Dict[str, Any]]:
@@ -496,7 +502,9 @@ async def forecast_host_compliance(
     """
     try:
         owca = get_owca_service(db)
-        forecast = await owca.forecast_compliance(str(host_id), entity_type="host", days_ahead=days_ahead)
+        forecast = await owca.forecast_compliance(
+            str(host_id), entity_type="host", days_ahead=days_ahead
+        )
 
         if not forecast:
             raise HTTPException(
@@ -505,7 +513,9 @@ async def forecast_host_compliance(
             )
 
         # Convert to dict with proper type annotation
-        result: Dict[str, Any] = dict(forecast.dict()) if hasattr(forecast, "dict") else dict(forecast)
+        result: Dict[str, Any] = (
+            dict(forecast.dict()) if hasattr(forecast, "dict") else dict(forecast)
+        )
         return result
 
     except HTTPException:
@@ -523,7 +533,9 @@ async def forecast_host_compliance(
 )
 async def detect_host_anomalies(
     host_id: UUID,
-    lookback_days: int = Query(60, ge=30, le=180, description="Days of history to analyze (30-180)"),
+    lookback_days: int = Query(
+        60, ge=30, le=180, description="Days of history to analyze (30-180)"
+    ),
     db: Session = Depends(get_db),
     _current_user: Dict[str, Any] = Depends(get_current_user),
 ) -> List[Dict[str, Any]]:
@@ -542,7 +554,9 @@ async def detect_host_anomalies(
     """
     try:
         owca = get_owca_service(db)
-        anomalies = await owca.detect_anomalies(str(host_id), entity_type="host", lookback_days=lookback_days)
+        anomalies = await owca.detect_anomalies(
+            str(host_id), entity_type="host", lookback_days=lookback_days
+        )
 
         return [anomaly.dict() if hasattr(anomaly, "dict") else anomaly for anomaly in anomalies]
 

backend/app/routes/drift_events.py

@@ -74,7 +74,9 @@ class DriftEventsListResponse(BaseModel):
 )
 async def list_drift_events(
     host_id: Optional[UUID] = Query(None, description="Filter by host ID"),
-    drift_type: Optional[str] = Query(None, description="Filter by drift type (major, minor, improvement, stable)"),
+    drift_type: Optional[str] = Query(
+        None, description="Filter by drift type (major, minor, improvement, stable)"
+    ),
     exclude_stable: bool = Query(False, description="Exclude stable drift events"),
     limit: int = Query(10, ge=1, le=100, description="Maximum number of events to return"),
     offset: int = Query(0, ge=0, description="Number of events to skip"),
@@ -128,7 +130,9 @@ async def list_drift_events(
         builder.where("sde.drift_type != :stable", "stable", "stable")
 
     # Get total count
-    count_builder = QueryBuilder("scan_drift_events sde").join("hosts h", "h.id = sde.host_id", "INNER")
+    count_builder = QueryBuilder("scan_drift_events sde").join(
+        "hosts h", "h.id = sde.host_id", "INNER"
+    )
     if host_id:
         count_builder.where("sde.host_id = :host_id", host_id, "host_id")
     if drift_type:

backend/app/routes/host_compliance_discovery_legacy.py

@@ -97,10 +97,14 @@ async def discover_host_compliance_infrastructure(
 
         # Perform compliance discovery
         compliance_service = HostComplianceDiscoveryService()
-        discovery_results: Dict[str, Any] = compliance_service.discover_compliance_infrastructure(host)
+        discovery_results: Dict[str, Any] = compliance_service.discover_compliance_infrastructure(
+            host
+        )
 
         # Convert datetime to string for JSON serialization
-        discovery_results["discovery_timestamp"] = discovery_results["discovery_timestamp"].isoformat()
+        discovery_results["discovery_timestamp"] = discovery_results[
+            "discovery_timestamp"
+        ].isoformat()
 
         logger.info(
             f"Compliance discovery completed for host {host.hostname}: "
@@ -178,7 +182,9 @@ async def bulk_discover_compliance_infrastructure(
             discovery_results = compliance_service.discover_compliance_infrastructure(host)
 
             # Convert datetime to string for JSON serialization
-            discovery_results["discovery_timestamp"] = discovery_results["discovery_timestamp"].isoformat()
+            discovery_results["discovery_timestamp"] = discovery_results[
+                "discovery_timestamp"
+            ].isoformat()
 
             results[host_id] = ComplianceDiscoveryResponse(**discovery_results)
 
@@ -330,7 +336,9 @@ async def get_supported_compliance_frameworks(
     return frameworks
 
 
-def _assess_compliance_capabilities(host: Host, discovery_results: Dict[str, Any]) -> ComplianceCapabilityAssessment:
+def _assess_compliance_capabilities(
+    host: Host, discovery_results: Dict[str, Any]
+) -> ComplianceCapabilityAssessment:
     """Assess host's compliance capabilities based on discovery results"""
 
     # Assess SCAP capability

backend/app/routes/host_discovery_legacy.py

@@ -134,7 +134,9 @@ async def discover_basic_system_bulk(
                 if host.username and (host.ip_address or host.hostname):
                     valid_hosts.append(host)
                 else:
-                    invalid_hosts.append({"host_id": host_id, "error": "Missing connection information"})
+                    invalid_hosts.append(
+                        {"host_id": host_id, "error": "Missing connection information"}
+                    )
             else:
                 invalid_hosts.append({"host_id": host_id, "error": "Host not found"})
 
@@ -155,7 +157,9 @@ async def discover_basic_system_bulk(
 
         except Exception as e:
             logger.error(f"Failed to schedule discovery for host {host.id}: {str(e)}")
-            invalid_hosts.append({"host_id": str(host.id), "error": f"Failed to schedule: {str(e)}"})
+            invalid_hosts.append(
+                {"host_id": str(host.id), "error": f"Failed to schedule: {str(e)}"}
+            )
 
     # Estimate completion time (assume 30 seconds per host)
     estimated_completion = datetime.utcnow()