CrowdStrike · ChristopherHammond13 · Apr 9, 2026 · Nov 13, 2025 · Nov 13, 2025 · Nov 13, 2025
@@ -11,19 +11,31 @@ on:
       - 'v*'
   pull_request:
 
+permissions:
+  contents: read
+
 jobs:
   codequality:
+    environment: code-quality
+    timeout-minutes: 30
     strategy:
       matrix:
-        python-version: ["3.8", "3.9", "3.10", "3.11", "3.12", "3.13"]
+        python-version: ["3.10", "3.11", "3.12", "3.13", "3.14"]
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - name: Harden the runner (Audit all outbound calls)
+      uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      with:
+        egress-policy: audit
+        disable-sudo-and-containers: true
+
+    - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+
     - name: Install Poetry via pipx
-      run: pipx install poetry
+      run: pipx install poetry==2.2.1
 
     - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
       with:
         python-version: ${{ matrix.python-version }}
         cache: 'poetry'
@@ -74,3 +86,8 @@ jobs:
         poetry run bandit -r caracara --configfile .bandit
         poetry run bandit -r examples --configfile examples/.bandit
         poetry run bandit -r tests --configfile tests/.bandit
+
+    - name: Check for security vulnerabiltiies in the virtual environment
+      if: success() || failure()
+      run: |
+        poetry run pip-audit
@@ -1,26 +1,42 @@
-# This workflow will upload a Python Package using Twine when a release is created
-# For more information see: https://help.github.com/en/actions/language-and-framework-guides/using-python-with-github-actions#publishing-to-package-registries
-
+# This workflow will upload a Python Package via the Trusted Publishing functionality in PyPI.
 name: Publish Python Package
 
 on:
   release:
     types: [created]
 
+permissions:
+  contents: read
+
 jobs:
   deploy:
     runs-on: ubuntu-latest
+    environment: release
+    timeout-minutes: 30
+    permissions:
+      id-token: write
     steps:
-    - uses: actions/checkout@v4
+    - name: Harden the runner (Audit all outbound calls)
+      uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      with:
+        egress-policy: audit
+        disable-sudo-and-containers: true
+
+    - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
+
     - name: Set up Python
-      uses: actions/setup-python@v5
+      uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
       with:
-        python-version: '3.x'
+        python-version: '3.13.9'
+
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
-        python -m pip install poetry --pre
-    - name: Build and publish
+        python -m pip install poetry==2.2.1
+
+    - name: Build package with Poetry
       run: |
-        poetry config pypi-token.pypi ${{ secrets.PACKAGE_API_SECRET }}
-        poetry publish --build
+        poetry build
+
+    - name: Publish package to PyPI
+      uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # release/v1
@@ -16,12 +16,21 @@
 
 A friendly wrapper to help you interact with the CrowdStrike Falcon API. Less code, less fuss, better performance, and full interoperability with [FalconPy](https://github.com/CrowdStrike/falconpy/).
 
-- [Features](#features)
-- [Installation](#installation-instructions)
-- [Basic Usage](#basic-usage-example)
-- [Examples](#examples-collection)
-- [Documentation](#documentation)
-- [Contributing](#contributing)
+- [Caracara](#caracara)
+  - [Features](#features)
+  - [Installation Instructions](#installation-instructions)
+    - [Poetry: Installation](#poetry-installation)
+    - [Poetry: Upgrading](#poetry-upgrading)
+    - [Poetry: Removal](#poetry-removal)
+    - [Pip: Installation](#pip-installation)
+    - [Pip: Upgrading](#pip-upgrading)
+    - [Pip: Removal](#pip-removal)
+  - [Basic Usage Examples](#basic-usage-examples)
+  - [Examples Collection](#examples-collection)
+    - [Executing the Examples](#executing-the-examples)
+  - [Documentation](#documentation)
+  - [Contributing](#contributing)
+  - [Why Caracara?](#why-caracara)
 
 ## Features
 
@@ -41,7 +50,7 @@ A few of the developer experience enhancements provided by the Caracara toolkit
 
 Caracara supports all major Python packaging solutions. Instructions for [Poetry](https://python-poetry.org) and [Pip](https://pypi.org/project/pip/) are provided below.
 
-Caracara supports Python versions that are still supported by the Python Software Foundation, i.e., **Python 3.8 and up**.
+Caracara supports Python versions that are still supported by the Python Software Foundation, i.e., **Python 3.10 and up**.
 
 <details>
 <summary><h3>Installing Caracara from PyPI using Poetry (Recommended!)</h3></summary>

@@ -6,6 +6,7 @@
 
 This example will show all Child CIDs within a Parent Falcon Flight Control / MSSP CID.
 """
+
 from caracara import Client
 from examples.common import caracara_example, pretty_print
 

@@ -17,6 +17,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 from typing import Dict, List
 

@@ -12,6 +12,7 @@
 
 The example demonstrates how to use the Hosts API and a FalconFilter using a date.
 """
+
 import logging
 from datetime import datetime, timezone
 from typing import Dict

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -7,6 +7,7 @@
 list the device member details for every host group within your Falcon tenant.
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 from typing import Dict, List
 

@@ -8,6 +8,7 @@
 
 The example demonstrates how to use the Hosts API.
 """
+
 import logging
 from typing import Dict, List
 

@@ -9,6 +9,7 @@
 
 The example demonstrates how to use the FalconFilter() class and the Hosts API.
 """
+
 import logging
 
 from caracara import Client

@@ -13,6 +13,7 @@
 
 The example demonstrates how to use the Hosts API and the Client context.
 """
+
 import logging
 
 from tabulate import tabulate

@@ -7,6 +7,7 @@
 This example will create a Windows prevention rolicy based on the included template.
 You can use this code sample to customise the policy.
 """
+
 from caracara import Client
 from examples.common import caracara_example, pretty_print
 

@@ -10,6 +10,7 @@
 This example demonstrates using a combination of the FalconFilter class and
 the response policies API.
 """
+
 import logging
 from typing import List
 

@@ -7,6 +7,7 @@
 This example will create a Windows response policy based on the included template.
 You can use this code sample to customise the policy.
 """
+
 import logging
 
 from caracara import Client

@@ -10,6 +10,7 @@
 This example demonstrates using a combination of the FalconFilter class and
 the response policies API.
 """
+
 import logging
 from typing import List
 

@@ -10,6 +10,7 @@
 Note that this can only access sessions that were created with this API token,
 as the Falcon API will not let you clear somebody else's queued session.
 """
+
 import logging
 
 from caracara import Client

@@ -7,6 +7,7 @@
 This example will use the API credentials configuration in your config.yml file to
 list all the files that can be used with the PUT command.
 """
+
 import logging
 
 from caracara import Client

@@ -7,6 +7,7 @@
 This example will use the API credentials configuration in your config.yml file to
 list all queued RTR sesisons, as well as the commands scheduled for exection.
 """
+
 import logging
 
 from caracara import Client

@@ -7,6 +7,7 @@
 This example will use the API credentials configuration in your config.yml file to
 list all the scripts that are stored in the associated Falcon tenant
 """
+
 import logging
 
 from caracara import Client

@@ -24,6 +24,7 @@
   # Output folder on disk to download the logs to
   output_folder: /tmp/logs
 """
+
 import logging
 import os
 import time

@@ -16,6 +16,7 @@
     - Filter2Name__Operator: Filter2Value
   command: CommandToRun
 """
+
 import logging
 from typing import Dict, List
 

@@ -6,6 +6,7 @@
 
 This example will allow you to search for a system in the CID and get its maintenance token.
 """
+
 from typing import Dict
 
 from caracara import Client

@@ -7,6 +7,7 @@
 This example will use the API credentials configured in your config.yml file to
 add a user in the Falcon tenant.
 """
+
 import logging
 
 from caracara import Client
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,6 +6,7 @@ @@
     This example will show all Child CIDs within a Parent Falcon Flight Control / MSSP CID.
     """
     from caracara import Client
     from examples.common import caracara_example, pretty_print
@@ Expand Down @@