Merge branch 'parse-cyber-observables' into cyber-observables

stix2.1
Rich Piazza 2017-05-09 15:36:59 -04:00 committed by GitHub
commit 7c1fd1e7f0
27 changed files with 70 additions and 35 deletions

View File

@ -6,3 +6,8 @@
args:
- --max-line-length=160
- id: check-merge-conflict
- repo: https://github.com/FalconSocial/pre-commit-python-sorter
sha: 1.0.4
hooks:
- id: python-import-sorter

View File

@ -2,20 +2,20 @@
# flake8: noqa
from . import exceptions
from .bundle import Bundle
from .observables import Artifact, AutonomousSystem, Directory, DomainName, \
EmailAddress, EmailMessage, File, IPv4Address, IPv6Address, MACAddress, \
Mutex, NetworkTraffic, Process, Software, URL, UserAccount, WindowsRegistryKey, \
X509Certificate
from .other import ExternalReference, KillChainPhase, MarkingDefinition, \
GranularMarking, StatementMarking, TLPMarking
from .sdo import AttackPattern, Campaign, CourseOfAction, Identity, Indicator, \
IntrusionSet, Malware, ObservedData, Report, ThreatActor, Tool, \
Vulnerability
from .observables import (URL, Artifact, AutonomousSystem, Directory,
DomainName, EmailAddress, EmailMessage, File,
IPv4Address, IPv6Address, MACAddress, Mutex,
NetworkTraffic, Process, Software, UserAccount,
WindowsRegistryKey, X509Certificate)
from .other import (ExternalReference, GranularMarking, KillChainPhase,
MarkingDefinition, StatementMarking, TLPMarking)
from .sdo import (AttackPattern, Campaign, CourseOfAction, Identity, Indicator,
IntrusionSet, Malware, ObservedData, Report, ThreatActor,
Tool, Vulnerability)
from .sro import Relationship, Sighting
from .utils import get_dict
from . import exceptions
OBJ_MAP = {
'attack-pattern': AttackPattern,

View File

@ -3,14 +3,12 @@
import collections
import copy
import datetime as dt
import json
from .exceptions import ExtraFieldsError, ImmutableError, InvalidObjRefError, \
InvalidValueError, MissingFieldsError, RevokeError, \
UnmodifiablePropertyError
from .utils import format_datetime, get_timestamp, NOW, parse_into_datetime
from .exceptions import (ExtraFieldsError, ImmutableError, InvalidObjRefError,
InvalidValueError, MissingFieldsError, RevokeError,
UnmodifiablePropertyError)
from .utils import NOW, format_datetime, get_timestamp, parse_into_datetime
__all__ = ['STIXJSONEncoder', '_STIXBase']

View File

@ -4,7 +4,7 @@ from .base import _STIXBase
from .properties import (IDProperty, ListProperty, Property, ReferenceProperty,
SelectorProperty, StringProperty, TimestampProperty,
TypeProperty)
from .utils import get_dict, NOW
from .utils import NOW, get_dict
class ExternalReference(_STIXBase):

View File

@ -5,12 +5,10 @@ import datetime as dt
import inspect
import re
import uuid
from dateutil import parser
import pytz
from six import text_type
from .base import _STIXBase, Observable
import pytz
from dateutil import parser
from .base import Observable, _STIXBase
from .exceptions import DictionaryKeyError

View File

@ -5,8 +5,8 @@ import pytest
import stix2
from .constants import FAKE_TIME
from .constants import INDICATOR_KWARGS, MALWARE_KWARGS, RELATIONSHIP_KWARGS
from .constants import (FAKE_TIME, INDICATOR_KWARGS, MALWARE_KWARGS,
RELATIONSHIP_KWARGS)
# Inspired by: http://stackoverflow.com/a/24006251

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import ATTACK_PATTERN_ID
EXPECTED = """{
"created": "2016-05-12T08:17:27Z",
"description": "...",

View File

@ -2,6 +2,7 @@ import pytest
import stix2
EXPECTED_BUNDLE = """{
"id": "bundle--00000000-0000-0000-0000-000000000004",
"objects": [

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import CAMPAIGN_ID
EXPECTED = """{
"created": "2016-04-06T20:03:00Z",
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import COURSE_OF_ACTION_ID
EXPECTED = """{
"created": "2016-04-06T20:03:48Z",
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",

View File

@ -3,8 +3,10 @@
import re
import pytest
import stix2
VERIS = """{
"external_id": "0001AA7F-C601-424A-B2B8-BE6C9F5164E7",
"source_name": "veris",

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import IDENTITY_ID
EXPECTED = """{
"created": "2015-12-21T19:59:11Z",
"id": "identity--311b2d2d-f010-5473-83ec-1edf84858f4c",

View File

@ -3,10 +3,12 @@ import re
import pytest
import pytz
import stix2
from .constants import FAKE_TIME, INDICATOR_ID, INDICATOR_KWARGS
EXPECTED_INDICATOR = """{
"created": "2017-01-01T00:00:01Z",
"id": "indicator--01234567-89ab-cdef-0123-456789abcdef",

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import INTRUSION_SET_ID
EXPECTED = """{
"aliases": [
"Zookeeper"

View File

@ -4,6 +4,7 @@ import pytest
import stix2
LMCO_RECON = """{
"kill_chain_name": "lockheed-martin-cyber-kill-chain",
"phase_name": "reconnaissance"

View File

@ -3,10 +3,12 @@ import re
import pytest
import pytz
import stix2
from .constants import FAKE_TIME, MALWARE_ID, MALWARE_KWARGS
EXPECTED_MALWARE = """{
"created": "2016-05-12T08:17:27Z",
"id": "malware--fedcba98-7654-3210-fedc-ba9876543210",

View File

@ -2,11 +2,13 @@ import datetime as dt
import pytest
import pytz
import stix2
from stix2.other import TLP_WHITE
from .constants import MARKING_DEFINITION_ID
EXPECTED_TLP_MARKING_DEFINITION = """{
"created": "2017-01-20T00:00:00Z",
"definition": {

View File

@ -3,10 +3,12 @@ import re
import pytest
import pytz
import stix2
from .constants import OBSERVED_DATA_ID
from ..exceptions import InvalidValueError
from .constants import OBSERVED_DATA_ID
EXPECTED = """{
"created": "2016-04-06T19:58:16Z",

View File

@ -4,9 +4,9 @@ from stix2.exceptions import DictionaryKeyError
from stix2.observables import EmailMIMEComponent
from stix2.properties import (BinaryProperty, BooleanProperty,
DictionaryProperty, EmbeddedObjectProperty,
HashesProperty, HexProperty,
IDProperty, IntegerProperty, ListProperty,
Property, ReferenceProperty, StringProperty,
HashesProperty, HexProperty, IDProperty,
IntegerProperty, ListProperty, Property,
ReferenceProperty, StringProperty,
TimestampProperty, TypeProperty)
from .constants import FAKE_TIME

View File

@ -5,8 +5,8 @@ import pytz
import stix2
from .constants import FAKE_TIME, INDICATOR_ID, MALWARE_ID, RELATIONSHIP_ID
from .constants import RELATIONSHIP_KWARGS
from .constants import (FAKE_TIME, INDICATOR_ID, MALWARE_ID, RELATIONSHIP_ID,
RELATIONSHIP_KWARGS)
EXPECTED_RELATIONSHIP = """{

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import INDICATOR_KWARGS, REPORT_ID
EXPECTED = """{
"created": "2015-12-21T19:59:11Z",
"created_by_ref": "identity--a463ffb3-1bd9-4d94-b02d-74e4f1658283",

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import THREAT_ACTOR_ID
EXPECTED = """{
"created": "2016-04-06T20:03:48Z",
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import TOOL_ID
EXPECTED = """{
"created": "2016-04-06T20:03:48Z",
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",

View File

@ -1,4 +1,5 @@
import pytest
import stix2

View File

@ -2,10 +2,12 @@ import datetime as dt
import pytest
import pytz
import stix2
from .constants import VULNERABILITY_ID
EXPECTED = """{
"created": "2016-05-12T08:17:27Z",
"external_references": [

View File

@ -3,8 +3,8 @@
import datetime as dt
import json
from dateutil import parser
import pytz
from dateutil import parser
# Sentinel value for fields that should be set to the current time.
# We can't use the standard 'default' approach, since if there are multiple

View File

@ -1,5 +1,5 @@
[tox]
envlist = py26,py27,py33,py34,py35,py36,pycodestyle
envlist = py26,py27,py33,py34,py35,py36,pycodestyle,isort-check
[testenv]
deps =
@ -18,11 +18,10 @@ passenv = CI TRAVIS TRAVIS_*
[testenv:pycodestyle]
deps =
flake8
flake8-import-order
pycodestyle
commands =
pycodestyle ./stix2
flake8 --max-line-length=160 --import-order-style='google'
flake8 --max-line-length=160
[pycodestyle]
ignore=
@ -31,6 +30,10 @@ max-line-length=160
[flake8]
max-line-length=160
[testenv:isort-check]
deps = isort
commands = isort -ns __init__.py -c -rc stix2
[travis]
python =
2.6: py26