patch: updated stix2 module name

docs/conf.py

@@ -6,9 +6,9 @@ import sys
 
 from sphinx.ext.autodoc import ClassDocumenter
 
-from stix2.base import _STIXBase
-from stix2.equivalence.object import WEIGHTS
-from stix2.version import __version__
+from misp_lib_stix2.base import _STIXBase
+from misp_lib_stix2.equivalence.object import WEIGHTS
+from misp_lib_stix2.version import __version__
 
 sys.path.insert(0, os.path.abspath('..'))
 

examples/taxii_example.py

@@ -1,6 +1,6 @@
 from taxii2client.v21 import Collection
 
-import stix2
+import misp_lib_stix2
 
 # This example is based on the medallion server with default_data.json
 # See https://github.com/oasis-open/cti-taxii-server for more information
@@ -13,7 +13,7 @@ def main():
     )
 
     # instantiate TAXII data source
-    taxii = stix2.TAXIICollectionSource(collection)
+    taxii = misp_lib_stix2.TAXIICollectionSource(collection)
 
     # get (url watch indicator)
     indicator_fw = taxii.get("indicator--6770298f-0fd8-471a-ab8c-1c658a46574e")
@@ -27,7 +27,7 @@ def main():
         print(indicator.serialize(indent=4))
 
     # add TAXII filter (ie filter should be passed to TAXII)
-    query_filter = stix2.Filter("type", "in", "malware")
+    query_filter = misp_lib_stix2.Filter("type", "in", "malware")
 
     # query() - but with filter attached. There are no malware objects in this collection
     malwares = taxii.query(query=query_filter)

misp_lib_stix2/base.py

@@ -9,8 +9,8 @@ import uuid
 
 import simplejson as json
 
-import stix2
-from stix2.canonicalization.Canonicalize import canonicalize
+import misp_lib_stix2
+from misp_lib_stix2.canonicalization.Canonicalize import canonicalize
 
 from .exceptions import (
     AtLeastOnePropertyError, DependentPropertiesError, ExtraPropertiesError,
@@ -120,11 +120,11 @@ class _STIXBase(collections.abc.Mapping):
         self.__now = get_timestamp()
 
         self.__INTEROPERABILITY_types = (
-            stix2.properties.EmbeddedObjectProperty, stix2.properties.EnumProperty,
-            stix2.properties.ExtensionsProperty, stix2.properties.DictionaryProperty,
-            stix2.properties.HashesProperty, stix2.properties.IDProperty,
-            stix2.properties.ListProperty, stix2.properties.OpenVocabProperty,
-            stix2.properties.ReferenceProperty, stix2.properties.SelectorProperty,
+            misp_lib_stix2.properties.EmbeddedObjectProperty, misp_lib_stix2.properties.EnumProperty,
+            misp_lib_stix2.properties.ExtensionsProperty, misp_lib_stix2.properties.DictionaryProperty,
+            misp_lib_stix2.properties.HashesProperty, misp_lib_stix2.properties.IDProperty,
+            misp_lib_stix2.properties.ListProperty, misp_lib_stix2.properties.OpenVocabProperty,
+            misp_lib_stix2.properties.ReferenceProperty, misp_lib_stix2.properties.SelectorProperty,
         )
 
         custom_props = kwargs.pop('custom_properties', {})
@@ -172,7 +172,7 @@ class _STIXBase(collections.abc.Mapping):
         all_custom_prop_names = (custom_kwargs | custom_props.keys()) - \
             self._properties.keys()
         if all_custom_prop_names:
-            if not isinstance(self, stix2.v20._STIXBase20):
+            if not isinstance(self, misp_lib_stix2.v20._STIXBase20):
                 for prop_name in all_custom_prop_names:
                     if not re.match(PREFIX_21_REGEX, prop_name):
                         raise InvalidValueError(

misp_lib_stix2/canonicalization/Canonicalize.py

@@ -22,7 +22,7 @@
 
 import re
 
-from stix2.canonicalization.NumberToJson import convert2Es6Format
+from misp_lib_stix2.canonicalization.NumberToJson import convert2Es6Format
 
 try:
     from _json import encode_basestring_ascii as c_encode_basestring_ascii

misp_lib_stix2/datastore/__init__.py

@@ -15,8 +15,8 @@ Python STIX2 DataStore API.
 from abc import ABCMeta, abstractmethod
 import uuid
 
-from stix2.datastore.filters import Filter, FilterSet
-from stix2.utils import deduplicate
+from misp_lib_stix2.datastore.filters import Filter, FilterSet
+from misp_lib_stix2.utils import deduplicate
 
 
 def make_id():

misp_lib_stix2/datastore/filesystem.py

@@ -6,15 +6,15 @@ import os
 import re
 import stat
 
-from stix2 import v20, v21
-from stix2.base import _STIXBase
-from stix2.datastore import (
+from misp_lib_stix2 import v20, v21
+from misp_lib_stix2.base import _STIXBase
+from misp_lib_stix2.datastore import (
     DataSink, DataSource, DataSourceError, DataStoreMixin,
 )
-from stix2.datastore.filters import Filter, FilterSet, apply_common_filters
-from stix2.parsing import parse
-from stix2.serialization import fp_serialize
-from stix2.utils import format_datetime, get_type_from_id, parse_into_datetime
+from misp_lib_stix2.datastore.filters import Filter, FilterSet, apply_common_filters
+from misp_lib_stix2.parsing import parse
+from misp_lib_stix2.serialization import fp_serialize
+from misp_lib_stix2.utils import format_datetime, get_type_from_id, parse_into_datetime
 
 
 def _timestamp2filename(timestamp):

misp_lib_stix2/datastore/filters.py

@@ -3,7 +3,7 @@
 import collections
 from datetime import datetime
 
-import stix2.utils
+import misp_lib_stix2.utils
 
 """Supported filter operations"""
 FILTER_OPS = ['=', '!=', 'in', '>', '<', '>=', '<=', 'contains']
@@ -82,7 +82,7 @@ class Filter(collections.namedtuple('Filter', ['property', 'op', 'value'])):
         # try to convert the filter value to a datetime instance.
         if isinstance(stix_obj_property, datetime) and \
                 isinstance(self.value, str):
-            filter_value = stix2.utils.parse_into_datetime(self.value)
+            filter_value = misp_lib_stix2.utils.parse_into_datetime(self.value)
         else:
             filter_value = self.value
 

misp_lib_stix2/datastore/memory.py

@@ -5,11 +5,11 @@ import itertools
 import json
 import os
 
-from stix2 import v20, v21
-from stix2.base import _STIXBase
-from stix2.datastore import DataSink, DataSource, DataStoreMixin
-from stix2.datastore.filters import FilterSet, apply_common_filters
-from stix2.parsing import parse
+from misp_lib_stix2 import v20, v21
+from misp_lib_stix2.base import _STIXBase
+from misp_lib_stix2.datastore import DataSink, DataSource, DataStoreMixin
+from misp_lib_stix2.datastore.filters import FilterSet, apply_common_filters
+from misp_lib_stix2.parsing import parse
 
 
 def _add(store, stix_data, allow_custom=True, version=None):

misp_lib_stix2/datastore/taxii.py

@@ -2,14 +2,14 @@
 
 from requests.exceptions import HTTPError
 
-from stix2 import v20, v21
-from stix2.base import _STIXBase
-from stix2.datastore import (
+from misp_lib_stix2 import v20, v21
+from misp_lib_stix2.base import _STIXBase
+from misp_lib_stix2.datastore import (
     DataSink, DataSource, DataSourceError, DataStoreMixin,
 )
-from stix2.datastore.filters import Filter, FilterSet, apply_common_filters
-from stix2.parsing import parse
-from stix2.utils import deduplicate
+from misp_lib_stix2.datastore.filters import Filter, FilterSet, apply_common_filters
+from misp_lib_stix2.parsing import parse
+from misp_lib_stix2.utils import deduplicate
 
 try:
     from taxii2client import v20 as tcv20

misp_lib_stix2/equivalence/pattern/compare/comparison.py

@@ -4,8 +4,8 @@ Comparison utilities for STIX pattern comparison expressions.
 import base64
 import functools
 
-from stix2.equivalence.pattern.compare import generic_cmp, iter_lex_cmp
-from stix2.patterns import (
+from misp_lib_stix2.equivalence.pattern.compare import generic_cmp, iter_lex_cmp
+from misp_lib_stix2.patterns import (
     AndBooleanExpression, BinaryConstant, BooleanConstant, FloatConstant,
     HexConstant, IntegerConstant, ListConstant, ListObjectPathComponent,
     OrBooleanExpression, StringConstant, TimestampConstant,

misp_lib_stix2/equivalence/pattern/compare/observation.py

@@ -1,11 +1,11 @@
 """
 Comparison utilities for STIX pattern observation expressions.
 """
-from stix2.equivalence.pattern.compare import generic_cmp, iter_lex_cmp
-from stix2.equivalence.pattern.compare.comparison import (
+from misp_lib_stix2.equivalence.pattern.compare import generic_cmp, iter_lex_cmp
+from misp_lib_stix2.equivalence.pattern.compare.comparison import (
     comparison_expression_cmp, generic_constant_cmp,
 )
-from stix2.patterns import (
+from misp_lib_stix2.patterns import (
     AndObservationExpression, FollowedByObservationExpression,
     ObservationExpression, OrObservationExpression,
     QualifiedObservationExpression, RepeatQualifier, StartStopQualifier,

misp_lib_stix2/equivalence/pattern/transform/comparison.py

@@ -4,15 +4,15 @@ Transformation utilities for STIX pattern comparison expressions.
 import functools
 import itertools
 
-from stix2.equivalence.pattern.compare import iter_in, iter_lex_cmp
-from stix2.equivalence.pattern.compare.comparison import (
+from misp_lib_stix2.equivalence.pattern.compare import iter_in, iter_lex_cmp
+from misp_lib_stix2.equivalence.pattern.compare.comparison import (
     comparison_expression_cmp,
 )
-from stix2.equivalence.pattern.transform import Transformer
-from stix2.equivalence.pattern.transform.specials import (
+from misp_lib_stix2.equivalence.pattern.transform import Transformer
+from misp_lib_stix2.equivalence.pattern.transform.specials import (
     ipv4_addr, ipv6_addr, windows_reg_key,
 )
-from stix2.patterns import (
+from misp_lib_stix2.patterns import (
     AndBooleanExpression, ObjectPath, OrBooleanExpression,
     ParentheticalExpression, _BooleanExpression, _ComparisonExpression,
 )

misp_lib_stix2/equivalence/pattern/transform/observation.py

@@ -4,25 +4,25 @@ Transformation utilities for STIX pattern observation expressions.
 import functools
 import itertools
 
-from stix2.equivalence.pattern.compare import iter_in, iter_lex_cmp
-from stix2.equivalence.pattern.compare.observation import (
+from misp_lib_stix2.equivalence.pattern.compare import iter_in, iter_lex_cmp
+from misp_lib_stix2.equivalence.pattern.compare.observation import (
     observation_expression_cmp,
 )
-from stix2.equivalence.pattern.transform import (
+from misp_lib_stix2.equivalence.pattern.transform import (
     ChainTransformer, SettleTransformer, Transformer,
 )
-from stix2.equivalence.pattern.transform.comparison import (
+from misp_lib_stix2.equivalence.pattern.transform.comparison import (
     SpecialValueCanonicalization,
 )
-from stix2.equivalence.pattern.transform.comparison import \
+from misp_lib_stix2.equivalence.pattern.transform.comparison import \
     AbsorptionTransformer as CAbsorptionTransformer
-from stix2.equivalence.pattern.transform.comparison import \
+from misp_lib_stix2.equivalence.pattern.transform.comparison import \
     DNFTransformer as CDNFTransformer
-from stix2.equivalence.pattern.transform.comparison import \
+from misp_lib_stix2.equivalence.pattern.transform.comparison import \
     FlattenTransformer as CFlattenTransformer
-from stix2.equivalence.pattern.transform.comparison import \
+from misp_lib_stix2.equivalence.pattern.transform.comparison import \
     OrderDedupeTransformer as COrderDedupeTransformer
-from stix2.patterns import (
+from misp_lib_stix2.patterns import (
     AndObservationExpression, FollowedByObservationExpression,
     ObservationExpression, OrObservationExpression, ParentheticalExpression,
     QualifiedObservationExpression, _CompoundObservationExpression,

misp_lib_stix2/equivalence/pattern/transform/specials.py

@@ -3,7 +3,7 @@ Some simple comparison expression normalization functions.
 """
 import socket
 
-from stix2.equivalence.pattern.compare.comparison import (
+from misp_lib_stix2.equivalence.pattern.compare.comparison import (
     object_path_to_raw_values,
 )
 

misp_lib_stix2/markings/__init__.py

@@ -19,7 +19,7 @@ Note:
 |
 """
 
-from stix2.markings import granular_markings, object_markings
+from misp_lib_stix2.markings import granular_markings, object_markings
 
 
 def get_markings(obj, selectors=None, inherited=False, descendants=False, marking_ref=True, lang=True):

misp_lib_stix2/markings/granular_markings.py

@@ -1,9 +1,9 @@
 """Functions for working with STIX2 granular markings."""
 
-from stix2 import exceptions
-from stix2.markings import utils
-from stix2.utils import is_marking
-from stix2.versioning import new_version
+from misp_lib_stix2 import exceptions
+from misp_lib_stix2.markings import utils
+from misp_lib_stix2.utils import is_marking
+from misp_lib_stix2.versioning import new_version
 
 
 def get_markings(obj, selectors, inherited=False, descendants=False, marking_ref=True, lang=True):

misp_lib_stix2/markings/object_markings.py

@@ -1,8 +1,8 @@
 """Functions for working with STIX2 object markings."""
 
-from stix2 import exceptions
-from stix2.markings import utils
-from stix2.versioning import new_version
+from misp_lib_stix2 import exceptions
+from misp_lib_stix2.markings import utils
+from misp_lib_stix2.versioning import new_version
 
 
 def get_markings(obj):

misp_lib_stix2/markings/utils.py

@@ -2,7 +2,7 @@
 
 import collections
 
-from stix2 import exceptions, utils
+from misp_lib_stix2 import exceptions, utils
 
 
 def _evaluate_expression(obj, selector):

misp_lib_stix2/properties.py

@@ -8,8 +8,8 @@ import inspect
 import re
 import uuid
 
-import stix2
-import stix2.hashes
+import misp_lib_stix2
+import misp_lib_stix2.hashes
 
 from .base import _STIXBase
 from .exceptions import CustomContentError, DictionaryKeyError, STIXError
@@ -436,7 +436,7 @@ class HashesProperty(DictionaryProperty):
         # names which are recognized as hash algorithms by this library.
         self.__alg_to_spec_name = {}
         for spec_hash_name in spec_hash_names:
-            alg = stix2.hashes.infer_hash_algorithm(spec_hash_name)
+            alg = misp_lib_stix2.hashes.infer_hash_algorithm(spec_hash_name)
             if alg:
                 self.__alg_to_spec_name[alg] = spec_hash_name
 
@@ -449,11 +449,11 @@ class HashesProperty(DictionaryProperty):
 
         has_custom = False
         for hash_k, hash_v in clean_dict.items():
-            hash_alg = stix2.hashes.infer_hash_algorithm(hash_k)
+            hash_alg = misp_lib_stix2.hashes.infer_hash_algorithm(hash_k)
 
             if hash_alg:
                 # Library-supported hash algorithm: sanity check the value.
-                if not stix2.hashes.check_hash(hash_alg, hash_v):
+                if not misp_lib_stix2.hashes.check_hash(hash_alg, hash_v):
                     raise ValueError(
                         "'{0}' is not a valid {1} hash".format(
                             hash_v, hash_alg.name,

misp_lib_stix2/serialization.py

@@ -5,7 +5,7 @@ import io
 
 import simplejson as json
 
-import stix2.base
+import misp_lib_stix2.base
 
 from .utils import format_datetime
 
@@ -22,7 +22,7 @@ class STIXJSONEncoder(json.JSONEncoder):
     def default(self, obj):
         if isinstance(obj, (dt.date, dt.datetime)):
             return format_datetime(obj)
-        elif isinstance(obj, stix2.base._STIXBase):
+        elif isinstance(obj, misp_lib_stix2.base._STIXBase):
             tmp_obj = dict(obj)
             for prop_name in obj._defaulted_optional_properties:
                 del tmp_obj[prop_name]
@@ -42,7 +42,7 @@ class STIXJSONIncludeOptionalDefaultsEncoder(json.JSONEncoder):
     def default(self, obj):
         if isinstance(obj, (dt.date, dt.datetime)):
             return format_datetime(obj)
-        elif isinstance(obj, stix2.base._STIXBase):
+        elif isinstance(obj, misp_lib_stix2.base._STIXBase):
             return dict(obj)
         else:
             return super(STIXJSONIncludeOptionalDefaultsEncoder, self).default(obj)
@@ -174,7 +174,7 @@ def find_property_index(obj, search_key, search_value):
     if search_key.isdigit():
         return int(search_key)
 
-    if isinstance(obj, stix2.base._STIXBase):
+    if isinstance(obj, misp_lib_stix2.base._STIXBase):
         if search_key in obj and obj[search_key] == search_value:
             idx = _find(list(obj), search_key)
         else:

misp_lib_stix2/test/test_hashes.py

@@ -1,6 +1,6 @@
 import pytest
 
-from stix2.hashes import Hash, check_hash, infer_hash_algorithm
+from misp_lib_stix2.hashes import Hash, check_hash, infer_hash_algorithm
 
 
 @pytest.mark.parametrize(

misp_lib_stix2/test/test_pattern_equivalence.py

@@ -1,6 +1,6 @@
 import pytest
 
-from stix2.equivalence.pattern import (
+from misp_lib_stix2.equivalence.pattern import (
     equivalent_patterns, find_equivalent_patterns,
 )
 

misp_lib_stix2/test/test_properties.py

@@ -3,11 +3,11 @@ import datetime as dt
 import pytest
 import pytz
 
-from stix2.base import _STIXBase
-from stix2.exceptions import (
+from misp_lib_stix2.base import _STIXBase
+from misp_lib_stix2.exceptions import (
     CustomContentError, ExtraPropertiesError, STIXError,
 )
-from stix2.properties import (
+from misp_lib_stix2.properties import (
     BinaryProperty, BooleanProperty, EmbeddedObjectProperty, EnumProperty,
     FloatProperty, HashesProperty, HexProperty, IntegerProperty, ListProperty,
     OpenVocabProperty, Property, StringProperty, TimestampProperty,

misp_lib_stix2/test/test_spec_version_detect.py

@@ -2,7 +2,7 @@ from __future__ import unicode_literals
 
 import pytest
 
-from stix2.utils import detect_spec_version
+from misp_lib_stix2.utils import detect_spec_version
 
 
 @pytest.mark.parametrize(

misp_lib_stix2/test/test_utils_type_checks.py

@@ -1,6 +1,6 @@
 import pytest
 
-import stix2.utils
+import misp_lib_stix2.utils
 
 ###
 # Tests using types/behaviors common to STIX 2.0 and 2.1.
@@ -25,13 +25,13 @@ import stix2.utils
     ],
 )
 def test_is_sdo(type_, stix_version):
-    assert stix2.utils.is_sdo(type_, stix_version)
+    assert misp_lib_stix2.utils.is_sdo(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert stix2.utils.is_sdo(id_, stix_version)
+    assert misp_lib_stix2.utils.is_sdo(id_, stix_version)
 
-    assert stix2.utils.is_stix_type(
-        type_, stix_version, stix2.utils.STIXTypeClass.SDO,
+    assert misp_lib_stix2.utils.is_stix_type(
+        type_, stix_version, misp_lib_stix2.utils.STIXTypeClass.SDO,
     )
 
 
@@ -48,18 +48,18 @@ def test_is_sdo(type_, stix_version):
     ],
 )
 def test_is_not_sdo(type_, stix_version):
-    assert not stix2.utils.is_sdo(type_, stix_version)
+    assert not misp_lib_stix2.utils.is_sdo(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert not stix2.utils.is_sdo(id_, stix_version)
+    assert not misp_lib_stix2.utils.is_sdo(id_, stix_version)
 
     d = {
         "type": type_,
     }
-    assert not stix2.utils.is_sdo(d, stix_version)
+    assert not misp_lib_stix2.utils.is_sdo(d, stix_version)
 
-    assert not stix2.utils.is_stix_type(
-        type_, stix_version, stix2.utils.STIXTypeClass.SDO,
+    assert not misp_lib_stix2.utils.is_stix_type(
+        type_, stix_version, misp_lib_stix2.utils.STIXTypeClass.SDO,
     )
 
 
@@ -87,13 +87,13 @@ def test_is_not_sdo(type_, stix_version):
     ],
 )
 def test_is_sco(type_, stix_version):
-    assert stix2.utils.is_sco(type_, stix_version)
+    assert misp_lib_stix2.utils.is_sco(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert stix2.utils.is_sco(id_, stix_version)
+    assert misp_lib_stix2.utils.is_sco(id_, stix_version)
 
-    assert stix2.utils.is_stix_type(
-        type_, stix_version, stix2.utils.STIXTypeClass.SCO,
+    assert misp_lib_stix2.utils.is_stix_type(
+        type_, stix_version, misp_lib_stix2.utils.STIXTypeClass.SCO,
     )
 
 
@@ -109,18 +109,18 @@ def test_is_sco(type_, stix_version):
     ],
 )
 def test_is_not_sco(type_, stix_version):
-    assert not stix2.utils.is_sco(type_, stix_version)
+    assert not misp_lib_stix2.utils.is_sco(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert not stix2.utils.is_sco(id_, stix_version)
+    assert not misp_lib_stix2.utils.is_sco(id_, stix_version)
 
     d = {
         "type": type_,
     }
-    assert not stix2.utils.is_sco(d, stix_version)
+    assert not misp_lib_stix2.utils.is_sco(d, stix_version)
 
-    assert not stix2.utils.is_stix_type(
-        type_, stix_version, stix2.utils.STIXTypeClass.SCO,
+    assert not misp_lib_stix2.utils.is_stix_type(
+        type_, stix_version, misp_lib_stix2.utils.STIXTypeClass.SCO,
     )
 
 
@@ -132,13 +132,13 @@ def test_is_not_sco(type_, stix_version):
     ],
 )
 def test_is_sro(type_, stix_version):
-    assert stix2.utils.is_sro(type_, stix_version)
+    assert misp_lib_stix2.utils.is_sro(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert stix2.utils.is_sro(id_, stix_version)
+    assert misp_lib_stix2.utils.is_sro(id_, stix_version)
 
-    assert stix2.utils.is_stix_type(
-        type_, stix_version, stix2.utils.STIXTypeClass.SRO,
+    assert misp_lib_stix2.utils.is_stix_type(
+        type_, stix_version, misp_lib_stix2.utils.STIXTypeClass.SRO,
     )
 
 
@@ -154,29 +154,29 @@ def test_is_sro(type_, stix_version):
     ],
 )
 def test_is_not_sro(type_, stix_version):
-    assert not stix2.utils.is_sro(type_, stix_version)
+    assert not misp_lib_stix2.utils.is_sro(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert not stix2.utils.is_sro(id_, stix_version)
+    assert not misp_lib_stix2.utils.is_sro(id_, stix_version)
 
     d = {
         "type": type_,
     }
-    assert not stix2.utils.is_sro(d, stix_version)
+    assert not misp_lib_stix2.utils.is_sro(d, stix_version)
 
-    assert not stix2.utils.is_stix_type(
-        type_, stix_version, stix2.utils.STIXTypeClass.SRO,
+    assert not misp_lib_stix2.utils.is_stix_type(
+        type_, stix_version, misp_lib_stix2.utils.STIXTypeClass.SRO,
     )
 
 
 @pytest.mark.parametrize("stix_version", ["2.0", "2.1"])
 def test_is_marking(stix_version):
-    assert stix2.utils.is_marking("marking-definition", stix_version)
+    assert misp_lib_stix2.utils.is_marking("marking-definition", stix_version)
 
     id_ = "marking-definition--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert stix2.utils.is_marking(id_, stix_version)
+    assert misp_lib_stix2.utils.is_marking(id_, stix_version)
 
-    assert stix2.utils.is_stix_type(
+    assert misp_lib_stix2.utils.is_stix_type(
         "marking-definition", stix_version, "marking-definition",
     )
 
@@ -192,17 +192,17 @@ def test_is_marking(stix_version):
     ],
 )
 def test_is_not_marking(type_, stix_version):
-    assert not stix2.utils.is_marking(type_, stix_version)
+    assert not misp_lib_stix2.utils.is_marking(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert not stix2.utils.is_marking(id_, stix_version)
+    assert not misp_lib_stix2.utils.is_marking(id_, stix_version)
 
     d = {
         "type": type_,
     }
-    assert not stix2.utils.is_marking(d, stix_version)
+    assert not misp_lib_stix2.utils.is_marking(d, stix_version)
 
-    assert not stix2.utils.is_stix_type(
+    assert not misp_lib_stix2.utils.is_stix_type(
         type_, stix_version, "marking-definition",
     )
 
@@ -219,44 +219,44 @@ def test_is_not_marking(type_, stix_version):
     ],
 )
 def test_is_object(type_, stix_version):
-    assert stix2.utils.is_object(type_, stix_version)
+    assert misp_lib_stix2.utils.is_object(type_, stix_version)
 
     id_ = type_ + "--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert stix2.utils.is_object(id_, stix_version)
+    assert misp_lib_stix2.utils.is_object(id_, stix_version)
 
 
 @pytest.mark.parametrize("stix_version", ["2.0", "2.1"])
 def test_is_not_object(stix_version):
-    assert not stix2.utils.is_object("foo", stix_version)
+    assert not misp_lib_stix2.utils.is_object("foo", stix_version)
 
     id_ = "foo--a12fa04c-6586-4128-8d1a-cfe0d1c081f5"
-    assert not stix2.utils.is_object(id_, stix_version)
+    assert not misp_lib_stix2.utils.is_object(id_, stix_version)
 
     d = {
         "type": "foo",
     }
-    assert not stix2.utils.is_object(d, stix_version)
+    assert not misp_lib_stix2.utils.is_object(d, stix_version)
 
 
 @pytest.mark.parametrize("stix_version", ["2.0", "2.1"])
 def test_is_stix_type(stix_version):
 
-    assert not stix2.utils.is_stix_type(
-        "foo", stix_version, stix2.utils.STIXTypeClass.SDO, "foo",
+    assert not misp_lib_stix2.utils.is_stix_type(
+        "foo", stix_version, misp_lib_stix2.utils.STIXTypeClass.SDO, "foo",
     )
 
-    assert stix2.utils.is_stix_type(
+    assert misp_lib_stix2.utils.is_stix_type(
         "bundle", stix_version, "foo", "bundle",
     )
 
-    assert stix2.utils.is_stix_type(
+    assert misp_lib_stix2.utils.is_stix_type(
         "identity", stix_version,
-        stix2.utils.STIXTypeClass.SDO,
-        stix2.utils.STIXTypeClass.SRO,
+        misp_lib_stix2.utils.STIXTypeClass.SDO,
+        misp_lib_stix2.utils.STIXTypeClass.SRO,
     )
 
-    assert stix2.utils.is_stix_type(
+    assert misp_lib_stix2.utils.is_stix_type(
         "software", stix_version,
-        stix2.utils.STIXTypeClass.SDO,
-        stix2.utils.STIXTypeClass.SCO,
+        misp_lib_stix2.utils.STIXTypeClass.SDO,
+        misp_lib_stix2.utils.STIXTypeClass.SCO,
     )

misp_lib_stix2/test/test_workbench.py

@@ -1,8 +1,8 @@
 import importlib
 import os
 
-import stix2
-from stix2.workbench import (
+import misp_lib_stix2
+from misp_lib_stix2.workbench import (
     _STIX_VID, AttackPattern, Bundle, Campaign, CourseOfAction,
     ExternalReference, File, FileSystemSource, Filter, Grouping, Identity,
     Indicator, Infrastructure, IntrusionSet, Location, Malware,
@@ -325,8 +325,8 @@ def test_default_created_timestamp():
     campaign = Campaign(**constants.CAMPAIGN_KWARGS)
 
     assert 'created' not in constants.CAMPAIGN_KWARGS
-    assert stix2.utils.format_datetime(campaign.created) == timestamp
-    assert stix2.utils.format_datetime(campaign.modified) == timestamp
+    assert misp_lib_stix2.utils.format_datetime(campaign.created) == timestamp
+    assert misp_lib_stix2.utils.format_datetime(campaign.modified) == timestamp
 
     # turn off side-effects to avoid affecting future tests
     set_default_created(None)

misp_lib_stix2/test/v20/conftest.py

@@ -2,7 +2,7 @@ import uuid
 
 import pytest
 
-import stix2
+import misp_lib_stix2
 
 from .constants import (
     FAKE_TIME, INDICATOR_KWARGS, MALWARE_KWARGS, RELATIONSHIP_KWARGS,
@@ -13,12 +13,12 @@ from .constants import (
 @pytest.fixture
 def clock(monkeypatch):
 
-    class mydatetime(stix2.utils.STIXdatetime):
+    class mydatetime(misp_lib_stix2.utils.STIXdatetime):
         @classmethod
         def now(cls, tz=None):
             return FAKE_TIME
 
-    monkeypatch.setattr(stix2.utils, 'STIXdatetime', mydatetime)
+    monkeypatch.setattr(misp_lib_stix2.utils, 'STIXdatetime', mydatetime)
 
 
 @pytest.fixture
@@ -36,17 +36,17 @@ def uuid4(monkeypatch):
 
 @pytest.fixture
 def indicator(uuid4, clock):
-    return stix2.v20.Indicator(**INDICATOR_KWARGS)
+    return misp_lib_stix2.v20.Indicator(**INDICATOR_KWARGS)
 
 
 @pytest.fixture
 def malware(uuid4, clock):
-    return stix2.v20.Malware(**MALWARE_KWARGS)
+    return misp_lib_stix2.v20.Malware(**MALWARE_KWARGS)
 
 
 @pytest.fixture
 def relationship(uuid4, clock):
-    return stix2.v20.Relationship(**RELATIONSHIP_KWARGS)
+    return misp_lib_stix2.v20.Relationship(**RELATIONSHIP_KWARGS)
 
 
 @pytest.fixture
@@ -193,4 +193,4 @@ def stix_objs2():
 
 @pytest.fixture
 def real_stix_objs2(stix_objs2):
-    return [stix2.parse(x, version="2.0") for x in stix_objs2]
+    return [misp_lib_stix2.parse(x, version="2.0") for x in stix_objs2]

misp_lib_stix2/test/v20/pattern_ast_overrides.py

@@ -1,7 +1,7 @@
 """
 AST node class overrides for testing the pattern AST builder.
 """
-from stix2.patterns import (
+from misp_lib_stix2.patterns import (
     EqualityComparisonExpression, StartStopQualifier, StringConstant,
 )
 

misp_lib_stix2/test/v20/test_attack_pattern.py

@@ -3,8 +3,8 @@ import datetime as dt
 import pytest
 import pytz
 
-import stix2
-import stix2.exceptions
+import misp_lib_stix2
+import misp_lib_stix2.exceptions
 
 from .constants import ATTACK_PATTERN_ID
 
@@ -25,7 +25,7 @@ EXPECTED = """{
 
 
 def test_attack_pattern_example():
-    ap = stix2.v20.AttackPattern(
+    ap = misp_lib_stix2.v20.AttackPattern(
         id=ATTACK_PATTERN_ID,
         created="2016-05-12T08:17:27.000Z",
         modified="2016-05-12T08:17:27.000Z",
@@ -60,7 +60,7 @@ def test_attack_pattern_example():
     ],
 )
 def test_parse_attack_pattern(data):
-    ap = stix2.parse(data, version="2.0")
+    ap = misp_lib_stix2.parse(data, version="2.0")
 
     assert ap.type == 'attack-pattern'
     assert ap.id == ATTACK_PATTERN_ID
@@ -73,8 +73,8 @@ def test_parse_attack_pattern(data):
 
 
 def test_attack_pattern_invalid_labels():
-    with pytest.raises(stix2.exceptions.InvalidValueError):
-        stix2.v20.AttackPattern(
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError):
+        misp_lib_stix2.v20.AttackPattern(
             id=ATTACK_PATTERN_ID,
             created="2016-05-12T08:17:27Z",
             modified="2016-05-12T08:17:27Z",
@@ -84,8 +84,8 @@ def test_attack_pattern_invalid_labels():
 
 
 def test_overly_precise_timestamps():
-    with pytest.raises(stix2.exceptions.InvalidValueError):
-        stix2.v20.AttackPattern(
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError):
+        misp_lib_stix2.v20.AttackPattern(
             id=ATTACK_PATTERN_ID,
             created="2016-05-12T08:17:27.0000342Z",
             modified="2016-05-12T08:17:27.000287Z",
@@ -99,7 +99,7 @@ def test_overly_precise_timestamps():
 
 
 def test_less_precise_timestamps():
-    ap = stix2.v20.AttackPattern(
+    ap = misp_lib_stix2.v20.AttackPattern(
         id=ATTACK_PATTERN_ID,
         created="2016-05-12T08:17:27.00Z",
         modified="2016-05-12T08:17:27.0Z",

misp_lib_stix2/test/v20/test_base.py

@@ -4,7 +4,7 @@ import json
 import pytest
 import pytz
 
-from stix2.base import STIXJSONEncoder
+from misp_lib_stix2.base import STIXJSONEncoder
 
 
 def test_encode_json_datetime():

misp_lib_stix2/test/v20/test_bundle.py

@@ -3,7 +3,7 @@ import json
 
 import pytest
 
-import stix2
+import misp_lib_stix2
 
 from ...exceptions import InvalidValueError
 from .constants import IDENTITY_ID
@@ -86,7 +86,7 @@ EXPECTED_BUNDLE_DICT = {
 
 
 def test_empty_bundle():
-    bundle = stix2.v20.Bundle()
+    bundle = misp_lib_stix2.v20.Bundle()
 
     assert bundle.type == "bundle"
     assert bundle.id.startswith("bundle--")
@@ -95,27 +95,27 @@ def test_empty_bundle():
 
 
 def test_bundle_with_wrong_type():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Bundle(type="not-a-bundle")
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Bundle(type="not-a-bundle")
 
-    assert excinfo.value.cls == stix2.v20.Bundle
+    assert excinfo.value.cls == misp_lib_stix2.v20.Bundle
     assert excinfo.value.prop_name == "type"
     assert excinfo.value.reason == "must equal 'bundle'."
     assert str(excinfo.value) == "Invalid value for Bundle 'type': must equal 'bundle'."
 
 
 def test_bundle_id_must_start_with_bundle():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Bundle(id='my-prefix--')
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Bundle(id='my-prefix--')
 
-    assert excinfo.value.cls == stix2.v20.Bundle
+    assert excinfo.value.cls == misp_lib_stix2.v20.Bundle
     assert excinfo.value.prop_name == "id"
     assert excinfo.value.reason == "must start with 'bundle--'."
     assert str(excinfo.value) == "Invalid value for Bundle 'id': must start with 'bundle--'."
 
 
 def test_create_bundle_fp_serialize_pretty(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle(objects=[indicator, malware, relationship])
+    bundle = misp_lib_stix2.v20.Bundle(objects=[indicator, malware, relationship])
     buffer = io.StringIO()
 
     bundle.fp_serialize(buffer, pretty=True)
@@ -125,7 +125,7 @@ def test_create_bundle_fp_serialize_pretty(indicator, malware, relationship):
 
 
 def test_create_bundle_fp_serialize_nonpretty(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle(objects=[indicator, malware, relationship])
+    bundle = misp_lib_stix2.v20.Bundle(objects=[indicator, malware, relationship])
     buffer = io.StringIO()
 
     bundle.fp_serialize(buffer, sort_keys=True)
@@ -135,69 +135,69 @@ def test_create_bundle_fp_serialize_nonpretty(indicator, malware, relationship):
 
 
 def test_create_bundle1(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle(objects=[indicator, malware, relationship])
+    bundle = misp_lib_stix2.v20.Bundle(objects=[indicator, malware, relationship])
 
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
 
 
 def test_create_bundle2(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle(objects=[indicator, malware, relationship])
+    bundle = misp_lib_stix2.v20.Bundle(objects=[indicator, malware, relationship])
 
     assert json.loads(bundle.serialize()) == EXPECTED_BUNDLE_DICT
 
 
 def test_create_bundle_with_positional_args(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle(indicator, malware, relationship)
+    bundle = misp_lib_stix2.v20.Bundle(indicator, malware, relationship)
 
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
 
 
 def test_create_bundle_with_positional_listarg(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle([indicator, malware, relationship])
+    bundle = misp_lib_stix2.v20.Bundle([indicator, malware, relationship])
 
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
 
 
 def test_create_bundle_with_listarg_and_positional_arg(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle([indicator, malware], relationship)
+    bundle = misp_lib_stix2.v20.Bundle([indicator, malware], relationship)
 
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
 
 
 def test_create_bundle_with_listarg_and_kwarg(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle([indicator, malware], objects=[relationship])
+    bundle = misp_lib_stix2.v20.Bundle([indicator, malware], objects=[relationship])
 
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
 
 
 def test_create_bundle_with_arg_listarg_and_kwarg(indicator, malware, relationship):
-    bundle = stix2.v20.Bundle([indicator], malware, objects=[relationship])
+    bundle = misp_lib_stix2.v20.Bundle([indicator], malware, objects=[relationship])
 
     assert bundle.serialize(pretty=True) == EXPECTED_BUNDLE
 
 
 def test_create_bundle_invalid(indicator, malware, relationship):
     with pytest.raises(InvalidValueError) as excinfo:
-        stix2.v20.Bundle(objects=[1])
+        misp_lib_stix2.v20.Bundle(objects=[1])
     assert excinfo.value.reason == "This property may only contain a dictionary or object"
 
     with pytest.raises(InvalidValueError) as excinfo:
-        stix2.v20.Bundle(objects=[{}])
+        misp_lib_stix2.v20.Bundle(objects=[{}])
     assert excinfo.value.reason == "This property may only contain a non-empty dictionary or object"
 
     with pytest.raises(InvalidValueError) as excinfo:
-        stix2.v20.Bundle(objects=[{'type': 'bundle'}])
+        misp_lib_stix2.v20.Bundle(objects=[{'type': 'bundle'}])
     assert excinfo.value.reason == 'This property may not contain a Bundle object'
 
 
 @pytest.mark.parametrize("version", ["2.0"])
 def test_parse_bundle(version):
-    bundle = stix2.parse(EXPECTED_BUNDLE, version=version)
+    bundle = misp_lib_stix2.parse(EXPECTED_BUNDLE, version=version)
 
     assert bundle.type == "bundle"
     assert bundle.id.startswith("bundle--")
-    assert isinstance(bundle.objects[0], stix2.v20.Indicator)
+    assert isinstance(bundle.objects[0], misp_lib_stix2.v20.Indicator)
     assert bundle.objects[0].type == 'indicator'
     assert bundle.objects[1].type == 'malware'
     assert bundle.objects[2].type == 'relationship'
@@ -214,15 +214,15 @@ def test_parse_unknown_type():
         "name": "Green Group Attacks Against Finance",
     }
 
-    with pytest.raises(stix2.exceptions.ParseError) as excinfo:
-        stix2.parse(unknown, version="2.0")
+    with pytest.raises(misp_lib_stix2.exceptions.ParseError) as excinfo:
+        misp_lib_stix2.parse(unknown, version="2.0")
     assert str(excinfo.value) == "Can't parse unknown object type 'other'! For custom types, use the CustomObject decorator."
 
 
 def test_stix_object_property():
-    prop = stix2.properties.STIXObjectProperty(spec_version='2.0')
+    prop = misp_lib_stix2.properties.STIXObjectProperty(spec_version='2.0')
 
-    identity = stix2.v20.Identity(name="test", identity_class="individual")
+    identity = misp_lib_stix2.v20.Identity(name="test", identity_class="individual")
     assert prop.clean(identity, False) == (identity, False)
 
 
@@ -255,13 +255,13 @@ def test_bundle_with_different_spec_objects():
     ]
 
     with pytest.raises(InvalidValueError) as excinfo:
-        stix2.v20.Bundle(objects=data)
+        misp_lib_stix2.v20.Bundle(objects=data)
 
     assert "Spec version 2.0 bundles don't yet support containing objects of a different spec version." in str(excinfo.value)
 
 
 def test_bundle_obj_id_found():
-    bundle = stix2.parse(EXPECTED_BUNDLE)
+    bundle = misp_lib_stix2.parse(EXPECTED_BUNDLE)
 
     mal_list = bundle.get_obj("malware--00000000-0000-4000-8000-000000000003")
     assert bundle.objects[1] == mal_list[0]
@@ -318,7 +318,7 @@ def test_bundle_obj_id_found():
     }],
 )
 def test_bundle_objs_ids_found(bundle_data):
-    bundle = stix2.parse(bundle_data)
+    bundle = misp_lib_stix2.parse(bundle_data)
 
     mal_list = bundle.get_obj("malware--00000000-0000-4000-8000-000000000003")
     assert bundle.objects[1] == mal_list[0]
@@ -327,14 +327,14 @@ def test_bundle_objs_ids_found(bundle_data):
 
 
 def test_bundle_getitem_overload_property_found():
-    bundle = stix2.parse(EXPECTED_BUNDLE)
+    bundle = misp_lib_stix2.parse(EXPECTED_BUNDLE)
 
     assert bundle.type == "bundle"
     assert bundle['type'] == "bundle"
 
 
 def test_bundle_getitem_overload_obj_id_found():
-    bundle = stix2.parse(EXPECTED_BUNDLE)
+    bundle = misp_lib_stix2.parse(EXPECTED_BUNDLE)
 
     mal_list = bundle["malware--00000000-0000-4000-8000-000000000003"]
     assert bundle.objects[1] == mal_list[0]
@@ -342,7 +342,7 @@ def test_bundle_getitem_overload_obj_id_found():
 
 
 def test_bundle_obj_id_not_found():
-    bundle = stix2.parse(EXPECTED_BUNDLE)
+    bundle = misp_lib_stix2.parse(EXPECTED_BUNDLE)
 
     with pytest.raises(KeyError) as excinfo:
         bundle.get_obj('non existent')
@@ -350,7 +350,7 @@ def test_bundle_obj_id_not_found():
 
 
 def test_bundle_getitem_overload_obj_id_not_found():
-    bundle = stix2.parse(EXPECTED_BUNDLE)
+    bundle = misp_lib_stix2.parse(EXPECTED_BUNDLE)
 
     with pytest.raises(KeyError) as excinfo:
         bundle['non existent']

misp_lib_stix2/test/v20/test_campaign.py

@@ -3,7 +3,7 @@ import datetime as dt
 import pytest
 import pytz
 
-import stix2
+import misp_lib_stix2
 
 from .constants import CAMPAIGN_ID, CAMPAIGN_MORE_KWARGS, IDENTITY_ID
 
@@ -19,7 +19,7 @@ EXPECTED = """{
 
 
 def test_campaign_example():
-    campaign = stix2.v20.Campaign(**CAMPAIGN_MORE_KWARGS)
+    campaign = misp_lib_stix2.v20.Campaign(**CAMPAIGN_MORE_KWARGS)
 
     assert campaign.serialize(pretty=True) == EXPECTED
 
@@ -39,7 +39,7 @@ def test_campaign_example():
     ],
 )
 def test_parse_campaign(data):
-    cmpn = stix2.parse(data, version="2.0")
+    cmpn = misp_lib_stix2.parse(data, version="2.0")
 
     assert cmpn.type == 'campaign'
     assert cmpn.id == CAMPAIGN_ID

misp_lib_stix2/test/v20/test_course_of_action.py

@@ -3,7 +3,7 @@ import datetime as dt
 import pytest
 import pytz
 
-import stix2
+import misp_lib_stix2
 
 from .constants import COURSE_OF_ACTION_ID, IDENTITY_ID
 
@@ -19,7 +19,7 @@ EXPECTED = """{
 
 
 def test_course_of_action_example():
-    coa = stix2.v20.CourseOfAction(
+    coa = misp_lib_stix2.v20.CourseOfAction(
         id=COURSE_OF_ACTION_ID,
         created_by_ref=IDENTITY_ID,
         created="2016-04-06T20:03:48.000Z",
@@ -46,7 +46,7 @@ def test_course_of_action_example():
     ],
 )
 def test_parse_course_of_action(data):
-    coa = stix2.parse(data, version="2.0")
+    coa = misp_lib_stix2.parse(data, version="2.0")
 
     assert coa.type == 'course-of-action'
     assert coa.id == COURSE_OF_ACTION_ID

misp_lib_stix2/test/v20/test_custom.py

@@ -1,15 +1,15 @@
 import pytest
 
-import stix2
-import stix2.parsing
-import stix2.registration
-import stix2.registry
-import stix2.v20
+import misp_lib_stix2
+import misp_lib_stix2.parsing
+import misp_lib_stix2.registration
+import misp_lib_stix2.registry
+import misp_lib_stix2.v20
 
 from ...exceptions import DuplicateRegistrationError, InvalidValueError
 from .constants import FAKE_TIME, IDENTITY_ID, MARKING_DEFINITION_ID
 
-IDENTITY_CUSTOM_PROP = stix2.v20.Identity(
+IDENTITY_CUSTOM_PROP = misp_lib_stix2.v20.Identity(
     name="John Smith",
     identity_class="individual",
     x_foo="bar",
@@ -19,7 +19,7 @@ IDENTITY_CUSTOM_PROP = stix2.v20.Identity(
 
 def test_identity_custom_property():
     with pytest.raises(ValueError) as excinfo:
-        stix2.v20.Identity(
+        misp_lib_stix2.v20.Identity(
             id=IDENTITY_ID,
             created="2015-12-21T19:59:11Z",
             modified="2015-12-21T19:59:11Z",
@@ -29,8 +29,8 @@ def test_identity_custom_property():
         )
     assert str(excinfo.value) == "'custom_properties' must be a dictionary"
 
-    with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
-        stix2.v20.Identity(
+    with pytest.raises(misp_lib_stix2.exceptions.ExtraPropertiesError) as excinfo:
+        misp_lib_stix2.v20.Identity(
             id=IDENTITY_ID,
             created="2015-12-21T19:59:11Z",
             modified="2015-12-21T19:59:11Z",
@@ -43,7 +43,7 @@ def test_identity_custom_property():
         )
     assert "Unexpected properties for Identity" in str(excinfo.value)
 
-    identity = stix2.v20.Identity(
+    identity = misp_lib_stix2.v20.Identity(
         id=IDENTITY_ID,
         created="2015-12-21T19:59:11Z",
         modified="2015-12-21T19:59:11Z",
@@ -57,8 +57,8 @@ def test_identity_custom_property():
 
 
 def test_identity_custom_property_invalid():
-    with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
-        stix2.v20.Identity(
+    with pytest.raises(misp_lib_stix2.exceptions.ExtraPropertiesError) as excinfo:
+        misp_lib_stix2.v20.Identity(
             id=IDENTITY_ID,
             created="2015-12-21T19:59:11Z",
             modified="2015-12-21T19:59:11Z",
@@ -66,13 +66,13 @@ def test_identity_custom_property_invalid():
             identity_class="individual",
             x_foo="bar",
         )
-    assert excinfo.value.cls == stix2.v20.Identity
+    assert excinfo.value.cls == misp_lib_stix2.v20.Identity
     assert excinfo.value.properties == ['x_foo']
     assert "Unexpected properties for" in str(excinfo.value)
 
 
 def test_identity_custom_property_allowed():
-    identity = stix2.v20.Identity(
+    identity = misp_lib_stix2.v20.Identity(
         id=IDENTITY_ID,
         created="2015-12-21T19:59:11Z",
         modified="2015-12-21T19:59:11Z",
@@ -98,32 +98,32 @@ def test_identity_custom_property_allowed():
     ],
 )
 def test_parse_identity_custom_property(data):
-    with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
-        stix2.parse(data, version="2.0")
-    assert issubclass(excinfo.value.cls, stix2.v20.Identity)
+    with pytest.raises(misp_lib_stix2.exceptions.ExtraPropertiesError) as excinfo:
+        misp_lib_stix2.parse(data, version="2.0")
+    assert issubclass(excinfo.value.cls, misp_lib_stix2.v20.Identity)
     assert excinfo.value.properties == ['foo']
     assert "Unexpected properties for" in str(excinfo.value)
 
-    identity = stix2.parse(data, version="2.0", allow_custom=True)
+    identity = misp_lib_stix2.parse(data, version="2.0", allow_custom=True)
     assert identity.foo == "bar"
 
 
 def test_custom_property_object_in_bundled_object():
-    bundle = stix2.v20.Bundle(IDENTITY_CUSTOM_PROP, allow_custom=True)
+    bundle = misp_lib_stix2.v20.Bundle(IDENTITY_CUSTOM_PROP, allow_custom=True)
 
     assert bundle.objects[0].x_foo == "bar"
     assert '"x_foo": "bar"' in str(bundle)
 
 
 def test_custom_properties_object_in_bundled_object():
-    obj = stix2.v20.Identity(
+    obj = misp_lib_stix2.v20.Identity(
         name="John Smith",
         identity_class="individual",
         custom_properties={
             "x_foo": "bar",
         },
     )
-    bundle = stix2.v20.Bundle(obj, allow_custom=True)
+    bundle = misp_lib_stix2.v20.Bundle(obj, allow_custom=True)
 
     assert bundle.objects[0].x_foo == "bar"
     assert '"x_foo": "bar"' in str(bundle)
@@ -139,9 +139,9 @@ def test_custom_property_dict_in_bundled_object():
         'x_foo': 'bar',
     }
     with pytest.raises(InvalidValueError):
-        stix2.v20.Bundle(custom_identity)
+        misp_lib_stix2.v20.Bundle(custom_identity)
 
-    bundle = stix2.v20.Bundle(custom_identity, allow_custom=True)
+    bundle = misp_lib_stix2.v20.Bundle(custom_identity, allow_custom=True)
     assert bundle.objects[0].x_foo == "bar"
     assert '"x_foo": "bar"' in str(bundle)
 
@@ -161,16 +161,16 @@ def test_custom_properties_dict_in_bundled_object():
     # must not succeed: allow_custom was not set to True when creating
     # the bundle, so it must reject the customized identity object.
     with pytest.raises(InvalidValueError):
-        stix2.v20.Bundle(custom_identity)
+        misp_lib_stix2.v20.Bundle(custom_identity)
 
 
 def test_custom_property_in_observed_data():
-    artifact = stix2.v20.File(
+    artifact = misp_lib_stix2.v20.File(
         allow_custom=True,
         name='test',
         x_foo='bar',
     )
-    observed_data = stix2.v20.ObservedData(
+    observed_data = misp_lib_stix2.v20.ObservedData(
         allow_custom=True,
         first_observed="2015-12-21T19:00:00Z",
         last_observed="2015-12-21T19:00:00Z",
@@ -183,17 +183,17 @@ def test_custom_property_in_observed_data():
 
 
 def test_custom_property_object_in_observable_extension():
-    ntfs = stix2.v20.NTFSExt(
+    ntfs = misp_lib_stix2.v20.NTFSExt(
         allow_custom=True,
         sid=1,
         x_foo='bar',
     )
-    artifact = stix2.v20.File(
+    artifact = misp_lib_stix2.v20.File(
         allow_custom=True,
         name='test',
         extensions={'ntfs-ext': ntfs},
     )
-    observed_data = stix2.v20.ObservedData(
+    observed_data = misp_lib_stix2.v20.ObservedData(
         allow_custom=True,
         first_observed="2015-12-21T19:00:00Z",
         last_observed="2015-12-21T19:00:00Z",
@@ -207,7 +207,7 @@ def test_custom_property_object_in_observable_extension():
 
 def test_custom_property_dict_in_observable_extension():
     with pytest.raises(InvalidValueError):
-        stix2.v20.File(
+        misp_lib_stix2.v20.File(
             name='test',
             extensions={
                 'ntfs-ext': {
@@ -217,7 +217,7 @@ def test_custom_property_dict_in_observable_extension():
             },
         )
 
-    artifact = stix2.v20.File(
+    artifact = misp_lib_stix2.v20.File(
         allow_custom=True,
         name='test',
         extensions={
@@ -227,7 +227,7 @@ def test_custom_property_dict_in_observable_extension():
             },
         },
     )
-    observed_data = stix2.v20.ObservedData(
+    observed_data = misp_lib_stix2.v20.ObservedData(
         allow_custom=True,
         first_observed="2015-12-21T19:00:00Z",
         last_observed="2015-12-21T19:00:00Z",
@@ -245,15 +245,15 @@ def test_identity_custom_property_revoke():
 
 
 def test_identity_custom_property_edit_markings():
-    marking_obj = stix2.v20.MarkingDefinition(
+    marking_obj = misp_lib_stix2.v20.MarkingDefinition(
         id=MARKING_DEFINITION_ID,
         definition_type="statement",
-        definition=stix2.v20.StatementMarking(statement="Copyright 2016, Example Corp"),
+        definition=misp_lib_stix2.v20.StatementMarking(statement="Copyright 2016, Example Corp"),
     )
-    marking_obj2 = stix2.v20.MarkingDefinition(
+    marking_obj2 = misp_lib_stix2.v20.MarkingDefinition(
         id=MARKING_DEFINITION_ID,
         definition_type="statement",
-        definition=stix2.v20.StatementMarking(statement="Another one"),
+        definition=misp_lib_stix2.v20.StatementMarking(statement="Another one"),
     )
 
     # None of the following should throw exceptions
@@ -266,9 +266,9 @@ def test_identity_custom_property_edit_markings():
 
 
 def test_custom_marking_no_init_1():
-    @stix2.v20.CustomMarking(
+    @misp_lib_stix2.v20.CustomMarking(
         'x-new-obj', [
-            ('property1', stix2.properties.StringProperty(required=True)),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewObj():
@@ -279,9 +279,9 @@ def test_custom_marking_no_init_1():
 
 
 def test_custom_marking_no_init_2():
-    @stix2.v20.CustomMarking(
+    @misp_lib_stix2.v20.CustomMarking(
         'x-new-obj2', [
-            ('property1', stix2.properties.StringProperty(required=True)),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewObj2(object):
@@ -293,9 +293,9 @@ def test_custom_marking_no_init_2():
 
 def test_register_duplicate_marking():
     with pytest.raises(DuplicateRegistrationError) as excinfo:
-        @stix2.v20.CustomMarking(
+        @misp_lib_stix2.v20.CustomMarking(
             'x-new-obj2', [
-                ('property1', stix2.properties.StringProperty(required=True)),
+                ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
             ],
         )
         class NewObj2():
@@ -303,10 +303,10 @@ def test_register_duplicate_marking():
     assert "cannot be registered again" in str(excinfo.value)
 
 
-@stix2.v20.CustomObject(
+@misp_lib_stix2.v20.CustomObject(
     'x-new-type', [
-        ('property1', stix2.properties.StringProperty(required=True)),
-        ('property2', stix2.properties.IntegerProperty()),
+        ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
+        ('property2', misp_lib_stix2.properties.IntegerProperty()),
     ],
 )
 class NewType(object):
@@ -328,7 +328,7 @@ def test_custom_object_type():
     nt = NewType(property1='something')
     assert nt.property1 == 'something'
 
-    with pytest.raises(stix2.exceptions.MissingPropertiesError) as excinfo:
+    with pytest.raises(misp_lib_stix2.exceptions.MissingPropertiesError) as excinfo:
         NewType(property2=42)
     assert "No values for required properties" in str(excinfo.value)
 
@@ -338,9 +338,9 @@ def test_custom_object_type():
 
 
 def test_custom_object_no_init_1():
-    @stix2.v20.CustomObject(
+    @misp_lib_stix2.v20.CustomObject(
         'x-new-obj', [
-            ('property1', stix2.properties.StringProperty(required=True)),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewObj():
@@ -351,9 +351,9 @@ def test_custom_object_no_init_1():
 
 
 def test_custom_object_no_init_2():
-    @stix2.v20.CustomObject(
+    @misp_lib_stix2.v20.CustomObject(
         'x-new-obj2', [
-            ('property1', stix2.properties.StringProperty(required=True)),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewObj2(object):
@@ -365,9 +365,9 @@ def test_custom_object_no_init_2():
 
 def test_custom_object_invalid_type_name():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x', [
-                ('property1', stix2.properties.StringProperty(required=True)),
+                ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
             ],
         )
         class NewObj(object):
@@ -375,9 +375,9 @@ def test_custom_object_invalid_type_name():
     assert "Invalid type name 'x': " in str(excinfo.value)
 
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x_new_object', [
-                ('property1', stix2.properties.StringProperty(required=True)),
+                ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
             ],
         )
         class NewObj2(object):
@@ -386,9 +386,9 @@ def test_custom_object_invalid_type_name():
 
 
 def test_custom_object_ref_property_as_identifier():
-    @stix2.v20.CustomObject(
+    @misp_lib_stix2.v20.CustomObject(
         'x-new-obj-with-ref', [
-            ('property_ref', stix2.properties.ReferenceProperty(invalid_types=[])),
+            ('property_ref', misp_lib_stix2.properties.ReferenceProperty(invalid_types=[])),
         ],
     )
     class NewObs():
@@ -396,9 +396,9 @@ def test_custom_object_ref_property_as_identifier():
 
 
 def test_custom_object_refs_property_containing_identifiers():
-    @stix2.v20.CustomObject(
+    @misp_lib_stix2.v20.CustomObject(
         'x-new-obj-with-refs', [
-            ('property_refs', stix2.properties.ListProperty(stix2.properties.ReferenceProperty(invalid_types=[]))),
+            ('property_refs', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.ReferenceProperty(invalid_types=[]))),
         ],
     )
     class NewObs():
@@ -407,9 +407,9 @@ def test_custom_object_refs_property_containing_identifiers():
 
 def test_custom_object_ref_property_as_objectref():
     with pytest.raises(ValueError, match=r"not a subclass of 'ReferenceProperty"):
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x-new-obj-with-objref', [
-                ('property_ref', stix2.properties.ObjectReferenceProperty()),
+                ('property_ref', misp_lib_stix2.properties.ObjectReferenceProperty()),
             ],
         )
         class NewObs():
@@ -418,9 +418,9 @@ def test_custom_object_ref_property_as_objectref():
 
 def test_custom_object_refs_property_containing_objectrefs():
     with pytest.raises(ValueError, match=r"not a 'ListProperty' containing a subclass of 'ReferenceProperty"):
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x-new-obj-with-objrefs', [
-                ('property_refs', stix2.properties.ListProperty(stix2.properties.ObjectReferenceProperty())),
+                ('property_refs', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.ObjectReferenceProperty())),
             ],
         )
         class NewObs():
@@ -429,9 +429,9 @@ def test_custom_object_refs_property_containing_objectrefs():
 
 def test_custom_object_invalid_ref_property():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x-new-obj', [
-                ('property_ref', stix2.properties.StringProperty()),
+                ('property_ref', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObs():
@@ -441,9 +441,9 @@ def test_custom_object_invalid_ref_property():
 
 def test_custom_object_invalid_refs_property():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x-new-obj', [
-                ('property_refs', stix2.properties.StringProperty()),
+                ('property_refs', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObs():
@@ -453,9 +453,9 @@ def test_custom_object_invalid_refs_property():
 
 def test_custom_object_invalid_refs_list_property():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x-new-obj', [
-                ('property_refs', stix2.properties.ListProperty(stix2.properties.StringProperty)),
+                ('property_refs', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.StringProperty)),
             ],
         )
         class NewObs():
@@ -477,16 +477,16 @@ def test_custom_subobject_dict():
         ],
     }
 
-    obj = stix2.parse(obj_dict, allow_custom=True)
+    obj = misp_lib_stix2.parse(obj_dict, allow_custom=True)
     assert obj["objects"][0]["x_foo"] == 123
     assert obj.has_custom
 
     with pytest.raises(InvalidValueError):
-        stix2.parse(obj_dict, allow_custom=False)
+        misp_lib_stix2.parse(obj_dict, allow_custom=False)
 
 
 def test_custom_subobject_obj():
-    ident = stix2.v20.Identity(
+    ident = misp_lib_stix2.v20.Identity(
         name="alice", identity_class=123, x_foo=123, allow_custom=True,
     )
 
@@ -496,12 +496,12 @@ def test_custom_subobject_obj():
         "objects": [ident],
     }
 
-    obj = stix2.parse(obj_dict, allow_custom=True)
+    obj = misp_lib_stix2.parse(obj_dict, allow_custom=True)
     assert obj["objects"][0]["x_foo"] == 123
     assert obj.has_custom
 
     with pytest.raises(InvalidValueError):
-        stix2.parse(obj_dict, allow_custom=False)
+        misp_lib_stix2.parse(obj_dict, allow_custom=False)
 
 
 def test_parse_custom_object_type():
@@ -511,7 +511,7 @@ def test_parse_custom_object_type():
         "property1": "something"
     }"""
 
-    nt = stix2.parse(nt_string, version="2.0", allow_custom=True)
+    nt = misp_lib_stix2.parse(nt_string, version="2.0", allow_custom=True)
     assert nt["property1"] == 'something'
 
 
@@ -522,8 +522,8 @@ def test_parse_unregistered_custom_object_type():
         "property1": "something"
     }"""
 
-    with pytest.raises(stix2.exceptions.ParseError) as excinfo:
-        stix2.parse(nt_string, version="2.0")
+    with pytest.raises(misp_lib_stix2.exceptions.ParseError) as excinfo:
+        misp_lib_stix2.parse(nt_string, version="2.0")
     assert "Can't parse unknown object type" in str(excinfo.value)
     assert "use the CustomObject decorator." in str(excinfo.value)
 
@@ -538,15 +538,15 @@ def test_parse_unregistered_custom_object_type_w_allow_custom():
         "property1": "something"
     }"""
 
-    custom_obj = stix2.parse(nt_string, version="2.0", allow_custom=True)
+    custom_obj = misp_lib_stix2.parse(nt_string, version="2.0", allow_custom=True)
     assert custom_obj["type"] == "x-foobar-observable"
 
 
-@stix2.v20.CustomObservable(
+@misp_lib_stix2.v20.CustomObservable(
     'x-new-observable', [
-        ('property1', stix2.properties.StringProperty(required=True)),
-        ('property2', stix2.properties.IntegerProperty()),
-        ('x_property3', stix2.properties.BooleanProperty()),
+        ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
+        ('property2', misp_lib_stix2.properties.IntegerProperty()),
+        ('x_property3', misp_lib_stix2.properties.BooleanProperty()),
     ],
 )
 class NewObservable():
@@ -561,7 +561,7 @@ def test_custom_observable_object_1():
     no = NewObservable(
         property1='something',
         extensions={
-            'archive-ext': stix2.v20.observables.ArchiveExt(
+            'archive-ext': misp_lib_stix2.v20.observables.ArchiveExt(
                 contains_refs=['file--e277603e-1060-5ad4-9937-c26c97f1ca68'],
                 version='2.0',
                 comment='for real',
@@ -573,7 +573,7 @@ def test_custom_observable_object_1():
 
 
 def test_custom_observable_object_2():
-    with pytest.raises(stix2.exceptions.MissingPropertiesError) as excinfo:
+    with pytest.raises(misp_lib_stix2.exceptions.MissingPropertiesError) as excinfo:
         NewObservable(property2=42)
     assert excinfo.value.properties == ['property1']
     assert "No values for required properties" in str(excinfo.value)
@@ -593,9 +593,9 @@ def test_custom_observable_raises_exception():
 
 
 def test_custom_observable_object_no_init_1():
-    @stix2.v20.CustomObservable(
+    @misp_lib_stix2.v20.CustomObservable(
         'x-new-observable-1', [
-            ('property1', stix2.properties.StringProperty()),
+            ('property1', misp_lib_stix2.properties.StringProperty()),
         ],
     )
     class NewObs():
@@ -606,9 +606,9 @@ def test_custom_observable_object_no_init_1():
 
 
 def test_custom_observable_object_no_init_2():
-    @stix2.v20.CustomObservable(
+    @misp_lib_stix2.v20.CustomObservable(
         'x-new-obs2', [
-            ('property1', stix2.properties.StringProperty()),
+            ('property1', misp_lib_stix2.properties.StringProperty()),
         ],
     )
     class NewObs2(object):
@@ -620,9 +620,9 @@ def test_custom_observable_object_no_init_2():
 
 def test_custom_observable_object_invalid_type_name():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x', [
-                ('property1', stix2.properties.StringProperty()),
+                ('property1', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObs(object):
@@ -630,9 +630,9 @@ def test_custom_observable_object_invalid_type_name():
     assert "Invalid type name 'x':" in str(excinfo.value)
 
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x_new_obs', [
-                ('property1', stix2.properties.StringProperty()),
+                ('property1', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObs2(object):
@@ -642,9 +642,9 @@ def test_custom_observable_object_invalid_type_name():
 
 def test_custom_observable_object_ref_property_as_identifier():
     with pytest.raises(ValueError, match=r"not a subclass of 'ObjectReferenceProperty"):
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x-new-obs-with-ref', [
-                ('property_ref', stix2.properties.ReferenceProperty(invalid_types=[])),
+                ('property_ref', misp_lib_stix2.properties.ReferenceProperty(invalid_types=[])),
             ],
         )
         class NewObs():
@@ -653,9 +653,9 @@ def test_custom_observable_object_ref_property_as_identifier():
 
 def test_custom_observable_object_refs_property_containing_identifiers():
     with pytest.raises(ValueError, match=r"not a 'ListProperty' containing a subclass of 'ObjectReferenceProperty"):
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x-new-obs-with-refs', [
-                ('property_refs', stix2.properties.ListProperty(stix2.properties.ReferenceProperty(invalid_types=[]))),
+                ('property_refs', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.ReferenceProperty(invalid_types=[]))),
             ],
         )
         class NewObs():
@@ -663,9 +663,9 @@ def test_custom_observable_object_refs_property_containing_identifiers():
 
 
 def test_custom_observable_object_ref_property_as_objectref():
-    @stix2.v20.CustomObservable(
+    @misp_lib_stix2.v20.CustomObservable(
         'x-new-obs-with-objref', [
-            ('property_ref', stix2.properties.ObjectReferenceProperty()),
+            ('property_ref', misp_lib_stix2.properties.ObjectReferenceProperty()),
         ],
     )
     class NewObs():
@@ -673,9 +673,9 @@ def test_custom_observable_object_ref_property_as_objectref():
 
 
 def test_custom_observable_object_refs_property_containing_objectrefs():
-    @stix2.v20.CustomObservable(
+    @misp_lib_stix2.v20.CustomObservable(
         'x-new-obs-with-objrefs', [
-            ('property_refs', stix2.properties.ListProperty(stix2.properties.ObjectReferenceProperty())),
+            ('property_refs', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.ObjectReferenceProperty())),
         ],
     )
     class NewObs():
@@ -684,9 +684,9 @@ def test_custom_observable_object_refs_property_containing_objectrefs():
 
 def test_custom_observable_object_invalid_ref_property():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x-new-obs', [
-                ('property_ref', stix2.properties.StringProperty()),
+                ('property_ref', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObs():
@@ -696,9 +696,9 @@ def test_custom_observable_object_invalid_ref_property():
 
 def test_custom_observable_object_invalid_refs_property():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x-new-obs', [
-                ('property_refs', stix2.properties.StringProperty()),
+                ('property_refs', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObs():
@@ -708,9 +708,9 @@ def test_custom_observable_object_invalid_refs_property():
 
 def test_custom_observable_object_invalid_refs_list_property():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x-new-obs', [
-                ('property_refs', stix2.properties.ListProperty(stix2.properties.StringProperty)),
+                ('property_refs', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.StringProperty)),
             ],
         )
         class NewObs():
@@ -719,10 +719,10 @@ def test_custom_observable_object_invalid_refs_list_property():
 
 
 def test_custom_observable_object_invalid_valid_refs():
-    @stix2.v20.CustomObservable(
+    @misp_lib_stix2.v20.CustomObservable(
         'x-new-obs', [
-            ('property1', stix2.properties.StringProperty(required=True)),
-            ('property_ref', stix2.properties.ObjectReferenceProperty(valid_types='email-addr')),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
+            ('property_ref', misp_lib_stix2.properties.ObjectReferenceProperty(valid_types='email-addr')),
         ],
     )
     class NewObs():
@@ -740,7 +740,7 @@ def test_custom_observable_object_invalid_valid_refs():
 def test_custom_no_properties_raises_exception():
     with pytest.raises(TypeError):
 
-        @stix2.v20.CustomObject('x-new-object-type')
+        @misp_lib_stix2.v20.CustomObject('x-new-object-type')
         class NewObject1(object):
             pass
 
@@ -748,7 +748,7 @@ def test_custom_no_properties_raises_exception():
 def test_custom_wrong_properties_arg_raises_exception():
     with pytest.raises(ValueError):
 
-        @stix2.v20.CustomObservable('x-new-object-type', (("prop", stix2.properties.BooleanProperty())))
+        @misp_lib_stix2.v20.CustomObservable('x-new-object-type', (("prop", misp_lib_stix2.properties.BooleanProperty())))
         class NewObject2(object):
             pass
 
@@ -759,8 +759,8 @@ def test_parse_custom_observable_object():
         "property1": "something"
     }"""
 
-    nt = stix2.parse_observable(nt_string, [], version='2.0')
-    assert isinstance(nt, stix2.base._STIXBase)
+    nt = misp_lib_stix2.parse_observable(nt_string, [], version='2.0')
+    assert isinstance(nt, misp_lib_stix2.base._STIXBase)
     assert nt.property1 == 'something'
 
 
@@ -770,15 +770,15 @@ def test_parse_unregistered_custom_observable_object():
         "property1": "something"
     }"""
 
-    with pytest.raises(stix2.exceptions.ParseError) as excinfo:
-        stix2.parse_observable(nt_string, version='2.0')
+    with pytest.raises(misp_lib_stix2.exceptions.ParseError) as excinfo:
+        misp_lib_stix2.parse_observable(nt_string, version='2.0')
     assert "Can't parse unknown observable type" in str(excinfo.value)
 
-    parsed_custom = stix2.parse_observable(nt_string, allow_custom=True, version='2.0')
+    parsed_custom = misp_lib_stix2.parse_observable(nt_string, allow_custom=True, version='2.0')
     assert parsed_custom['property1'] == 'something'
     with pytest.raises(AttributeError) as excinfo:
         assert parsed_custom.property1 == 'something'
-    assert not isinstance(parsed_custom, stix2.base._STIXBase)
+    assert not isinstance(parsed_custom, misp_lib_stix2.base._STIXBase)
 
 
 def test_parse_unregistered_custom_observable_object_with_no_type():
@@ -786,8 +786,8 @@ def test_parse_unregistered_custom_observable_object_with_no_type():
         "property1": "something"
     }"""
 
-    with pytest.raises(stix2.exceptions.ParseError) as excinfo:
-        stix2.parse_observable(nt_string, allow_custom=True, version='2.0')
+    with pytest.raises(misp_lib_stix2.exceptions.ParseError) as excinfo:
+        misp_lib_stix2.parse_observable(nt_string, allow_custom=True, version='2.0')
     assert "Can't parse observable with no 'type' property" in str(excinfo.value)
 
 
@@ -807,7 +807,7 @@ def test_parse_observed_data_with_custom_observable():
             }
         }
     }"""
-    parsed = stix2.parse(input_str, version="2.0", allow_custom=True)
+    parsed = misp_lib_stix2.parse(input_str, version="2.0", allow_custom=True)
     assert parsed.objects['0']['property1'] == 'something'
 
 
@@ -816,8 +816,8 @@ def test_parse_invalid_custom_observable_object():
         "property1": "something"
     }"""
 
-    with pytest.raises(stix2.exceptions.ParseError) as excinfo:
-        stix2.parse_observable(nt_string, version='2.0')
+    with pytest.raises(misp_lib_stix2.exceptions.ParseError) as excinfo:
+        misp_lib_stix2.parse_observable(nt_string, version='2.0')
     assert "Can't parse observable with no 'type' property" in str(excinfo.value)
 
 
@@ -839,7 +839,7 @@ def test_observable_custom_property():
 
 
 def test_observable_custom_property_invalid():
-    with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
+    with pytest.raises(misp_lib_stix2.exceptions.ExtraPropertiesError) as excinfo:
         NewObservable(
             property1='something',
             x_foo="bar",
@@ -859,7 +859,7 @@ def test_observable_custom_property_allowed():
 
 def test_observed_data_with_custom_observable_object():
     no = NewObservable(property1='something')
-    ob_data = stix2.v20.ObservedData(
+    ob_data = misp_lib_stix2.v20.ObservedData(
         first_observed=FAKE_TIME,
         last_observed=FAKE_TIME,
         number_observed=1,
@@ -869,10 +869,10 @@ def test_observed_data_with_custom_observable_object():
     assert ob_data.objects['0'].property1 == 'something'
 
 
-@stix2.v20.CustomExtension(
+@misp_lib_stix2.v20.CustomExtension(
     'x-new-ext', [
-        ('property1', stix2.properties.StringProperty(required=True)),
-        ('property2', stix2.properties.IntegerProperty()),
+        ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
+        ('property2', misp_lib_stix2.properties.IntegerProperty()),
     ],
 )
 class NewExtension():
@@ -894,7 +894,7 @@ def test_custom_extension():
     ext = NewExtension(property1='something')
     assert ext.property1 == 'something'
 
-    with pytest.raises(stix2.exceptions.MissingPropertiesError) as excinfo:
+    with pytest.raises(misp_lib_stix2.exceptions.MissingPropertiesError) as excinfo:
         NewExtension(property2=42)
     assert excinfo.value.properties == ['property1']
     assert str(excinfo.value) == "No values for required properties for NewExtension: (property1)."
@@ -908,7 +908,7 @@ def test_custom_extension_wrong_observable_type():
     # NewExtension is an extension of DomainName, not File
     ext = NewExtension(property1='something')
     with pytest.raises(InvalidValueError) as excinfo:
-        stix2.v20.File(
+        misp_lib_stix2.v20.File(
             name="abc.txt",
             extensions={
                 "ntfs-ext": ext,
@@ -931,9 +931,9 @@ def test_custom_extension_wrong_observable_type():
     ],
 )
 def test_custom_extension_with_list_and_dict_properties_observable_type(data):
-    @stix2.v20.CustomExtension(
+    @misp_lib_stix2.v20.CustomExtension(
         'some-extension', [
-                ('keys', stix2.properties.ListProperty(stix2.properties.DictionaryProperty, required=True)),
+                ('keys', misp_lib_stix2.properties.ListProperty(misp_lib_stix2.properties.DictionaryProperty, required=True)),
         ],
     )
     class SomeCustomExtension:
@@ -945,9 +945,9 @@ def test_custom_extension_with_list_and_dict_properties_observable_type(data):
 
 def test_custom_extension_invalid_type_name():
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomExtension(
+        @misp_lib_stix2.v20.CustomExtension(
             'x', {
-                    'property1': stix2.properties.StringProperty(required=True),
+                    'property1': misp_lib_stix2.properties.StringProperty(required=True),
             },
         )
         class FooExtension():
@@ -955,9 +955,9 @@ def test_custom_extension_invalid_type_name():
     assert "Invalid type name 'x':" in str(excinfo.value)
 
     with pytest.raises(ValueError) as excinfo:
-        @stix2.v20.CustomExtension(
+        @misp_lib_stix2.v20.CustomExtension(
             'x_new_ext', {
-                    'property1': stix2.properties.StringProperty(required=True),
+                    'property1': misp_lib_stix2.properties.StringProperty(required=True),
             },
         )
         class BlaExtension():
@@ -967,29 +967,29 @@ def test_custom_extension_invalid_type_name():
 
 def test_custom_extension_no_properties():
     with pytest.raises(ValueError):
-        @stix2.v20.CustomExtension('x-new-ext2', None)
+        @misp_lib_stix2.v20.CustomExtension('x-new-ext2', None)
         class BarExtension():
             pass
 
 
 def test_custom_extension_empty_properties():
     with pytest.raises(ValueError):
-        @stix2.v20.CustomExtension('x-new-ext2', [])
+        @misp_lib_stix2.v20.CustomExtension('x-new-ext2', [])
         class BarExtension():
             pass
 
 
 def test_custom_extension_dict_properties():
     with pytest.raises(ValueError):
-        @stix2.v20.CustomExtension('x-new-ext2', {})
+        @misp_lib_stix2.v20.CustomExtension('x-new-ext2', {})
         class BarExtension():
             pass
 
 
 def test_custom_extension_no_init_1():
-    @stix2.v20.CustomExtension(
+    @misp_lib_stix2.v20.CustomExtension(
         'x-new-extension', [
-                ('property1', stix2.properties.StringProperty(required=True)),
+                ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewExt():
@@ -1000,9 +1000,9 @@ def test_custom_extension_no_init_1():
 
 
 def test_custom_extension_no_init_2():
-    @stix2.v20.CustomExtension(
+    @misp_lib_stix2.v20.CustomExtension(
         'x-new-ext2', [
-                ('property1', stix2.properties.StringProperty(required=True)),
+                ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewExt2(object):
@@ -1024,7 +1024,7 @@ def test_parse_observable_with_custom_extension():
         }
     }"""
 
-    parsed = stix2.parse_observable(input_str, version='2.0')
+    parsed = misp_lib_stix2.parse_observable(input_str, version='2.0')
     assert parsed.extensions['x-new-ext'].property2 == 12
 
 
@@ -1049,12 +1049,12 @@ def test_parse_observable_with_custom_extension_property():
         }
     }"""
 
-    parsed = stix2.parse(input_str, version='2.0', allow_custom=True)
+    parsed = misp_lib_stix2.parse(input_str, version='2.0', allow_custom=True)
     assert parsed.has_custom
     assert parsed["objects"]["0"]["extensions"]["raster-image-ext"]["x-foo"] is False
 
     with pytest.raises(InvalidValueError):
-        stix2.parse(input_str, version="2.0", allow_custom=False)
+        misp_lib_stix2.parse(input_str, version="2.0", allow_custom=False)
 
 
 def test_custom_and_spec_extension_mix():
@@ -1063,7 +1063,7 @@ def test_custom_and_spec_extension_mix():
     extension doesn't result in a completely uncleaned extensions property.
     """
 
-    file_obs = stix2.v20.File(
+    file_obs = misp_lib_stix2.v20.File(
         name="my_file.dat",
         extensions={
             "x-custom1": {
@@ -1093,10 +1093,10 @@ def test_custom_and_spec_extension_mix():
 
     # Both of these should have been converted to objects, not left as dicts.
     assert isinstance(
-        file_obs.extensions["raster-image-ext"], stix2.v20.RasterImageExt,
+        file_obs.extensions["raster-image-ext"], misp_lib_stix2.v20.RasterImageExt,
     )
     assert isinstance(
-        file_obs.extensions["ntfs-ext"], stix2.v20.NTFSExt,
+        file_obs.extensions["ntfs-ext"], misp_lib_stix2.v20.NTFSExt,
     )
 
 
@@ -1128,12 +1128,12 @@ def test_custom_and_spec_extension_mix():
 )
 def test_parse_observable_with_unregistered_custom_extension(data):
     with pytest.raises(InvalidValueError) as excinfo:
-        stix2.parse_observable(data, version='2.0')
+        misp_lib_stix2.parse_observable(data, version='2.0')
     assert "Can't parse unknown extension type" in str(excinfo.value)
 
-    parsed_ob = stix2.parse_observable(data, allow_custom=True, version='2.0')
+    parsed_ob = misp_lib_stix2.parse_observable(data, allow_custom=True, version='2.0')
     assert parsed_ob['extensions']['x-foobar-ext']['property1'] == 'foo'
-    assert not isinstance(parsed_ob['extensions']['x-foobar-ext'], stix2.base._STIXBase)
+    assert not isinstance(parsed_ob['extensions']['x-foobar-ext'], misp_lib_stix2.base._STIXBase)
 
 
 def test_register_custom_object():
@@ -1142,12 +1142,12 @@ def test_register_custom_object():
         _type = 'awesome-object'
 
     with pytest.raises(ValueError):
-        stix2.registration._register_object(CustomObject2, version="2.0")
+        misp_lib_stix2.registration._register_object(CustomObject2, version="2.0")
 
 
 def test_extension_property_location():
-    assert 'extensions' in stix2.v20.OBJ_MAP_OBSERVABLE['x-new-observable']._properties
-    assert 'extensions' not in stix2.v20.EXT_MAP['x-new-ext']._properties
+    assert 'extensions' in misp_lib_stix2.v20.OBJ_MAP_OBSERVABLE['x-new-observable']._properties
+    assert 'extensions' not in misp_lib_stix2.v20.EXT_MAP['x-new-ext']._properties
 
 
 @pytest.mark.parametrize(
@@ -1167,9 +1167,9 @@ def test_extension_property_location():
     ],
 )
 def test_custom_object_nested_dictionary(data):
-    @stix2.v20.CustomObject(
+    @misp_lib_stix2.v20.CustomObject(
         'x-example', [
-            ('dictionary', stix2.properties.DictionaryProperty()),
+            ('dictionary', misp_lib_stix2.properties.DictionaryProperty()),
         ],
     )
     class Example(object):
@@ -1186,10 +1186,10 @@ def test_custom_object_nested_dictionary(data):
     assert data == example.serialize(pretty=True)
 
 
-@stix2.v20.CustomObject(
+@misp_lib_stix2.v20.CustomObject(
     'x-new-type-2', [
-        ('property1', stix2.properties.StringProperty()),
-        ('property2', stix2.properties.IntegerProperty()),
+        ('property1', misp_lib_stix2.properties.StringProperty()),
+        ('property2', misp_lib_stix2.properties.IntegerProperty()),
     ],
 )
 class NewType2(object):
@@ -1202,9 +1202,9 @@ def test_register_custom_object_with_version():
         "id": "x-new-type-2--00000000-0000-4000-8000-000000000007",
     }
 
-    cust_obj_1 = stix2.parsing.dict_to_stix2(custom_obj_1, version='2.0')
+    cust_obj_1 = misp_lib_stix2.parsing.dict_to_stix2(custom_obj_1, version='2.0')
 
-    assert cust_obj_1.type in stix2.registry.STIX2_OBJ_MAPS['2.0']['objects']
+    assert cust_obj_1.type in misp_lib_stix2.registry.STIX2_OBJ_MAPS['2.0']['objects']
     # spec_version is not in STIX 2.0, and is required in 2.1, so this
     # suffices as a test for a STIX 2.0 object.
     assert "spec_version" not in cust_obj_1
@@ -1212,10 +1212,10 @@ def test_register_custom_object_with_version():
 
 def test_register_duplicate_object_with_version():
     with pytest.raises(DuplicateRegistrationError) as excinfo:
-        @stix2.v20.CustomObject(
+        @misp_lib_stix2.v20.CustomObject(
             'x-new-type-2', [
-                ('property1', stix2.properties.StringProperty()),
-                ('property2', stix2.properties.IntegerProperty()),
+                ('property1', misp_lib_stix2.properties.StringProperty()),
+                ('property2', misp_lib_stix2.properties.IntegerProperty()),
             ],
         )
         class NewType2(object):
@@ -1223,9 +1223,9 @@ def test_register_duplicate_object_with_version():
     assert "cannot be registered again" in str(excinfo.value)
 
 
-@stix2.v20.CustomObservable(
+@misp_lib_stix2.v20.CustomObservable(
     'x-new-observable-2', [
-        ('property1', stix2.properties.StringProperty()),
+        ('property1', misp_lib_stix2.properties.StringProperty()),
     ],
 )
 class NewObservable2(object):
@@ -1235,14 +1235,14 @@ class NewObservable2(object):
 def test_register_observable_with_version():
     custom_obs = NewObservable2(property1="Test Observable")
 
-    assert custom_obs.type in stix2.registry.STIX2_OBJ_MAPS['2.0']['observables']
+    assert custom_obs.type in misp_lib_stix2.registry.STIX2_OBJ_MAPS['2.0']['observables']
 
 
 def test_register_duplicate_observable_with_version():
     with pytest.raises(DuplicateRegistrationError) as excinfo:
-        @stix2.v20.CustomObservable(
+        @misp_lib_stix2.v20.CustomObservable(
             'x-new-observable-2', [
-                ('property1', stix2.properties.StringProperty()),
+                ('property1', misp_lib_stix2.properties.StringProperty()),
             ],
         )
         class NewObservable2(object):
@@ -1251,22 +1251,22 @@ def test_register_duplicate_observable_with_version():
 
 
 def test_register_marking_with_version():
-    @stix2.v20.CustomMarking(
+    @misp_lib_stix2.v20.CustomMarking(
         'x-new-obj-2', [
-            ('property1', stix2.properties.StringProperty(required=True)),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewObj2():
         pass
 
     no = NewObj2(property1='something')
-    assert no._type in stix2.registry.STIX2_OBJ_MAPS['2.0']['markings']
+    assert no._type in misp_lib_stix2.registry.STIX2_OBJ_MAPS['2.0']['markings']
 
 
 def test_register_observable_extension_with_version():
-    @stix2.v20.CustomExtension(
+    @misp_lib_stix2.v20.CustomExtension(
         'some-extension-2', [
-                ('keys', stix2.properties.StringProperty(required=True)),
+                ('keys', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class SomeCustomExtension2:
@@ -1274,15 +1274,15 @@ def test_register_observable_extension_with_version():
 
     example = SomeCustomExtension2(keys='test123')
 
-    assert example._type in stix2.registry.STIX2_OBJ_MAPS['2.0']['extensions']
+    assert example._type in misp_lib_stix2.registry.STIX2_OBJ_MAPS['2.0']['extensions']
 
 
 def test_register_duplicate_observable_extension():
     with pytest.raises(DuplicateRegistrationError) as excinfo:
-        @stix2.v20.CustomExtension(
+        @misp_lib_stix2.v20.CustomExtension(
             'some-extension-2', [
-                    ('property1', stix2.properties.StringProperty(required=True)),
-                    ('property2', stix2.properties.IntegerProperty()),
+                    ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
+                    ('property2', misp_lib_stix2.properties.IntegerProperty()),
             ],
         )
         class NewExtension2():

misp_lib_stix2/test/v20/test_datastore.py

@@ -1,9 +1,9 @@
 import pytest
 
-from stix2.datastore import (
+from misp_lib_stix2.datastore import (
     CompositeDataSource, DataSink, DataSource, DataStoreMixin,
 )
-from stix2.datastore.filters import Filter
+from misp_lib_stix2.datastore.filters import Filter
 
 from .constants import CAMPAIGN_MORE_KWARGS
 

misp_lib_stix2/test/v20/test_datastore_composite.py

@@ -1,10 +1,10 @@
 import pytest
 
-from stix2.datastore import CompositeDataSource, make_id
-from stix2.datastore.filters import Filter
-from stix2.datastore.memory import MemorySink, MemorySource, MemoryStore
-from stix2.utils import parse_into_datetime
-from stix2.v20.common import TLP_GREEN
+from misp_lib_stix2.datastore import CompositeDataSource, make_id
+from misp_lib_stix2.datastore.filters import Filter
+from misp_lib_stix2.datastore.memory import MemorySink, MemorySource, MemoryStore
+from misp_lib_stix2.utils import parse_into_datetime
+from misp_lib_stix2.v20.common import TLP_GREEN
 
 
 def test_add_remove_composite_datasource():

misp_lib_stix2/test/v20/test_datastore_filesystem.py

@@ -8,13 +8,13 @@ import stat
 import pytest
 import pytz
 
-import stix2
-from stix2.datastore import DataSourceError
-from stix2.datastore.filesystem import (
+import misp_lib_stix2
+from misp_lib_stix2.datastore import DataSourceError
+from misp_lib_stix2.datastore.filesystem import (
     AuthSet, _find_search_optimizations, _get_matching_dir_entries,
     _timestamp2filename,
 )
-from stix2.exceptions import STIXError
+from misp_lib_stix2.exceptions import STIXError
 
 from .constants import (
     CAMPAIGN_ID, CAMPAIGN_KWARGS, IDENTITY_ID, IDENTITY_KWARGS, INDICATOR_ID,
@@ -27,7 +27,7 @@ FS_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), "stix2_data"
 @pytest.fixture
 def fs_store():
     # create
-    yield stix2.FileSystemStore(FS_PATH)
+    yield misp_lib_stix2.FileSystemStore(FS_PATH)
 
     # remove campaign dir
     shutil.rmtree(os.path.join(FS_PATH, "campaign"), True)
@@ -36,7 +36,7 @@ def fs_store():
 @pytest.fixture
 def fs_source():
     # create
-    fs = stix2.FileSystemSource(FS_PATH)
+    fs = misp_lib_stix2.FileSystemSource(FS_PATH)
     assert fs.stix_dir == FS_PATH
     yield fs
 
@@ -47,7 +47,7 @@ def fs_source():
 @pytest.fixture
 def fs_sink():
     # create
-    fs = stix2.FileSystemSink(FS_PATH)
+    fs = misp_lib_stix2.FileSystemSink(FS_PATH)
     assert fs.stix_dir == FS_PATH
     yield fs
 
@@ -92,15 +92,15 @@ def bad_stix_files():
 
 @pytest.fixture(scope='module')
 def rel_fs_store():
-    cam = stix2.v20.Campaign(id=CAMPAIGN_ID, **CAMPAIGN_KWARGS)
-    idy = stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
-    ind = stix2.v20.Indicator(id=INDICATOR_ID, **INDICATOR_KWARGS)
-    mal = stix2.v20.Malware(id=MALWARE_ID, **MALWARE_KWARGS)
-    rel1 = stix2.v20.Relationship(ind, 'indicates', mal, id=RELATIONSHIP_IDS[0])
-    rel2 = stix2.v20.Relationship(mal, 'targets', idy, id=RELATIONSHIP_IDS[1])
-    rel3 = stix2.v20.Relationship(cam, 'uses', mal, id=RELATIONSHIP_IDS[2])
+    cam = misp_lib_stix2.v20.Campaign(id=CAMPAIGN_ID, **CAMPAIGN_KWARGS)
+    idy = misp_lib_stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
+    ind = misp_lib_stix2.v20.Indicator(id=INDICATOR_ID, **INDICATOR_KWARGS)
+    mal = misp_lib_stix2.v20.Malware(id=MALWARE_ID, **MALWARE_KWARGS)
+    rel1 = misp_lib_stix2.v20.Relationship(ind, 'indicates', mal, id=RELATIONSHIP_IDS[0])
+    rel2 = misp_lib_stix2.v20.Relationship(mal, 'targets', idy, id=RELATIONSHIP_IDS[1])
+    rel3 = misp_lib_stix2.v20.Relationship(cam, 'uses', mal, id=RELATIONSHIP_IDS[2])
     stix_objs = [cam, idy, ind, mal, rel1, rel2, rel3]
-    fs = stix2.FileSystemStore(FS_PATH)
+    fs = misp_lib_stix2.FileSystemStore(FS_PATH)
     for o in stix_objs:
         fs.add(o)
     yield fs
@@ -126,12 +126,12 @@ def rel_fs_store():
 
 def test_filesystem_source_nonexistent_folder():
     with pytest.raises(ValueError):
-        stix2.FileSystemSource('nonexistent-folder')
+        misp_lib_stix2.FileSystemSource('nonexistent-folder')
 
 
 def test_filesystem_sink_nonexistent_folder():
     with pytest.raises(ValueError):
-        stix2.FileSystemSink('nonexistent-folder')
+        misp_lib_stix2.FileSystemSink('nonexistent-folder')
 
 
 def test_filesystem_source_bad_json_file(fs_source, bad_json_files):
@@ -184,7 +184,7 @@ def test_filesystem_source_all_versions(fs_source):
 
 def test_filesystem_source_query_single(fs_source):
     # query2
-    is_2 = fs_source.query([stix2.Filter("external_references.external_id", '=', "T1027")])
+    is_2 = fs_source.query([misp_lib_stix2.Filter("external_references.external_id", '=', "T1027")])
     assert len(is_2) == 1
 
     is_2 = is_2[0]
@@ -194,7 +194,7 @@ def test_filesystem_source_query_single(fs_source):
 
 def test_filesystem_source_query_multiple(fs_source):
     # query
-    intrusion_sets = fs_source.query([stix2.Filter("type", '=', "intrusion-set")])
+    intrusion_sets = fs_source.query([misp_lib_stix2.Filter("type", '=', "intrusion-set")])
     assert len(intrusion_sets) == 2
     assert "intrusion-set--a653431d-6a5e-4600-8ad3-609b5af57064" in [is_.id for is_ in intrusion_sets]
     assert "intrusion-set--f3bdec95-3d62-42d9-a840-29630f6cdc1a" in [is_.id for is_ in intrusion_sets]
@@ -209,9 +209,9 @@ def test_filesystem_source_backward_compatible(fs_source):
     # it.
     modified = datetime.datetime(2018, 11, 16, 22, 54, 20, 390000, pytz.utc)
     results = fs_source.query([
-        stix2.Filter("type", "=", "malware"),
-        stix2.Filter("id", "=", "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38"),
-        stix2.Filter("modified", "=", modified),
+        misp_lib_stix2.Filter("type", "=", "malware"),
+        misp_lib_stix2.Filter("id", "=", "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38"),
+        misp_lib_stix2.Filter("modified", "=", modified),
     ])
 
     assert len(results) == 1
@@ -224,7 +224,7 @@ def test_filesystem_source_backward_compatible(fs_source):
 
 def test_filesystem_sink_add_python_stix_object(fs_sink, fs_source):
     # add python stix object
-    camp1 = stix2.v20.Campaign(
+    camp1 = misp_lib_stix2.v20.Campaign(
         name="Hannibal",
         objective="Targeting Italian and Spanish Diplomat internet accounts",
         aliases=["War Elephant"],
@@ -266,7 +266,7 @@ def test_filesystem_sink_add_stix_object_dict(fs_sink, fs_source):
     # as what's in the dict, since the parsing process can enforce a precision
     # constraint (e.g. truncate to milliseconds), which results in a slightly
     # different name.
-    camp2obj = stix2.parse(camp2)
+    camp2obj = misp_lib_stix2.parse(camp2)
     filepath = os.path.join(
         FS_PATH, "campaign", camp2obj["id"],
         _timestamp2filename(camp2obj["modified"]) + ".json",
@@ -303,7 +303,7 @@ def test_filesystem_sink_add_stix_bundle_dict(fs_sink, fs_source):
 
     fs_sink.add(bund)
 
-    camp_obj = stix2.parse(bund["objects"][0])
+    camp_obj = misp_lib_stix2.parse(bund["objects"][0])
     filepath = os.path.join(
         FS_PATH, "campaign", camp_obj["id"],
         _timestamp2filename(camp_obj["modified"]) + ".json",
@@ -328,7 +328,7 @@ def test_filesystem_sink_add_json_stix_object(fs_sink, fs_source):
 
     fs_sink.add(camp4)
 
-    camp4obj = stix2.parse(camp4)
+    camp4obj = misp_lib_stix2.parse(camp4)
     filepath = os.path.join(
         FS_PATH, "campaign",
         "campaign--6a6ca372-ba07-42cc-81ef-9840fc1f963d",
@@ -353,7 +353,7 @@ def test_filesystem_sink_json_stix_bundle(fs_sink, fs_source):
             ' "name": "Spartacus", "objective": "Oppressive regimes of Africa and Middle East"}]}'
     fs_sink.add(bund2)
 
-    bund2obj = stix2.parse(bund2)
+    bund2obj = misp_lib_stix2.parse(bund2)
     camp_obj = bund2obj["objects"][0]
 
     filepath = os.path.join(
@@ -373,7 +373,7 @@ def test_filesystem_sink_json_stix_bundle(fs_sink, fs_source):
 
 def test_filesystem_sink_add_objects_list(fs_sink, fs_source):
     # add list of objects
-    camp6 = stix2.v20.Campaign(
+    camp6 = misp_lib_stix2.v20.Campaign(
         name="Comanche",
         objective="US Midwest manufacturing firms, oil refineries, and businesses",
         aliases=["Horse Warrior"],
@@ -391,7 +391,7 @@ def test_filesystem_sink_add_objects_list(fs_sink, fs_source):
 
     fs_sink.add([camp6, camp7])
 
-    camp7obj = stix2.parse(camp7)
+    camp7obj = misp_lib_stix2.parse(camp7)
 
     camp6filepath = os.path.join(
         FS_PATH, "campaign", camp6.id,
@@ -421,7 +421,7 @@ def test_filesystem_sink_add_objects_list(fs_sink, fs_source):
 
 def test_filesystem_attempt_stix_file_overwrite(fs_store):
     # add python stix object
-    camp8 = stix2.v20.Campaign(
+    camp8 = misp_lib_stix2.v20.Campaign(
         name="George Washington",
         objective="Create an awesome country",
         aliases=["Georgey"],
@@ -446,11 +446,11 @@ def test_filesystem_attempt_stix_file_overwrite(fs_store):
 
 
 def test_filesystem_sink_marking(fs_sink):
-    marking = stix2.v20.MarkingDefinition(
+    marking = misp_lib_stix2.v20.MarkingDefinition(
         id="marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
         created="2017-01-20T00:00:00.000Z",
         definition_type="tlp",
-        definition=stix2.v20.TLPMarking(tlp="green"),
+        definition=misp_lib_stix2.v20.TLPMarking(tlp="green"),
     )
 
     fs_sink.add(marking)
@@ -485,14 +485,14 @@ def test_filesystem_store_all_versions(fs_store):
 
 def test_filesystem_store_query(fs_store):
     # query()
-    tools = fs_store.query([stix2.Filter("labels", "in", "tool")])
+    tools = fs_store.query([misp_lib_stix2.Filter("labels", "in", "tool")])
     assert len(tools) == 2
     assert "tool--242f3da3-4425-4d11-8f5c-b842886da966" in [tool.id for tool in tools]
     assert "tool--03342581-f790-4f03-ba41-e82e67392e23" in [tool.id for tool in tools]
 
 
 def test_filesystem_store_query_single_filter(fs_store):
-    query = stix2.Filter("labels", "in", "tool")
+    query = misp_lib_stix2.Filter("labels", "in", "tool")
     tools = fs_store.query(query)
     assert len(tools) == 2
     assert "tool--242f3da3-4425-4d11-8f5c-b842886da966" in [tool.id for tool in tools]
@@ -507,20 +507,20 @@ def test_filesystem_store_empty_query(fs_store):
 
 
 def test_filesystem_store_query_multiple_filters(fs_store):
-    fs_store.source.filters.add(stix2.Filter("labels", "in", "tool"))
-    tools = fs_store.query(stix2.Filter("id", "=", "tool--242f3da3-4425-4d11-8f5c-b842886da966"))
+    fs_store.source.filters.add(misp_lib_stix2.Filter("labels", "in", "tool"))
+    tools = fs_store.query(misp_lib_stix2.Filter("id", "=", "tool--242f3da3-4425-4d11-8f5c-b842886da966"))
     assert len(tools) == 1
     assert tools[0].id == "tool--242f3da3-4425-4d11-8f5c-b842886da966"
 
 
 def test_filesystem_store_query_dont_include_type_folder(fs_store):
-    results = fs_store.query(stix2.Filter("type", "!=", "tool"))
+    results = fs_store.query(misp_lib_stix2.Filter("type", "!=", "tool"))
     assert len(results) == 28
 
 
 def test_filesystem_store_add(fs_store):
     # add()
-    camp1 = stix2.v20.Campaign(
+    camp1 = misp_lib_stix2.v20.Campaign(
         name="Great Heathen Army",
         objective="Targeting the government of United Kingdom and insitutions affiliated with the Church Of England",
         aliases=["Ragnar"],
@@ -541,9 +541,9 @@ def test_filesystem_store_add(fs_store):
 
 
 def test_filesystem_store_add_as_bundle():
-    fs_store = stix2.FileSystemStore(FS_PATH, bundlify=True)
+    fs_store = misp_lib_stix2.FileSystemStore(FS_PATH, bundlify=True)
 
-    camp1 = stix2.v20.Campaign(
+    camp1 = misp_lib_stix2.v20.Campaign(
         name="Great Heathen Army",
         objective="Targeting the government of United Kingdom and insitutions affiliated with the Church Of England",
         aliases=["Ragnar"],
@@ -566,7 +566,7 @@ def test_filesystem_store_add_as_bundle():
 
 
 def test_filesystem_add_bundle_object(fs_store):
-    bundle = stix2.v20.Bundle()
+    bundle = misp_lib_stix2.v20.Bundle()
     fs_store.add(bundle)
 
 
@@ -581,11 +581,11 @@ def test_filesystem_store_add_invalid_object(fs_store):
 
 
 def test_filesystem_store_add_marking(fs_store):
-    marking = stix2.v20.MarkingDefinition(
+    marking = misp_lib_stix2.v20.MarkingDefinition(
         id="marking-definition--34098fce-860f-48ae-8e50-ebd3cc5e41da",
         created="2017-01-20T00:00:00.000Z",
         definition_type="tlp",
-        definition=stix2.v20.TLPMarking(tlp="green"),
+        definition=misp_lib_stix2.v20.TLPMarking(tlp="green"),
     )
 
     fs_store.add(marking)
@@ -603,7 +603,7 @@ def test_filesystem_store_add_marking(fs_store):
 
 
 def test_filesystem_object_with_custom_property(fs_store):
-    camp = stix2.v20.Campaign(
+    camp = misp_lib_stix2.v20.Campaign(
         name="Scipio Africanus",
         objective="Defeat the Carthaginians",
         x_empire="Roman",
@@ -618,14 +618,14 @@ def test_filesystem_object_with_custom_property(fs_store):
 
 
 def test_filesystem_object_with_custom_property_in_bundle(fs_store):
-    camp = stix2.v20.Campaign(
+    camp = misp_lib_stix2.v20.Campaign(
         name="Scipio Africanus",
         objective="Defeat the Carthaginians",
         x_empire="Roman",
         allow_custom=True,
     )
 
-    bundle = stix2.v20.Bundle(camp, allow_custom=True)
+    bundle = misp_lib_stix2.v20.Bundle(camp, allow_custom=True)
     fs_store.add(bundle)
 
     camp_r = fs_store.get(camp.id)
@@ -654,9 +654,9 @@ def test_filesystem_custom_object_dict(fs_store):
 
 
 def test_filesystem_custom_object(fs_store):
-    @stix2.v20.CustomObject(
+    @misp_lib_stix2.v20.CustomObject(
         'x-new-obj-2', [
-            ('property1', stix2.properties.StringProperty(required=True)),
+            ('property1', misp_lib_stix2.properties.StringProperty(required=True)),
         ],
     )
     class NewObj():
@@ -775,7 +775,7 @@ def test_auth_set_black1():
 
 def test_optimize_types1():
     filters = [
-        stix2.Filter("type", "=", "foo"),
+        misp_lib_stix2.Filter("type", "=", "foo"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -788,8 +788,8 @@ def test_optimize_types1():
 
 def test_optimize_types2():
     filters = [
-        stix2.Filter("type", "=", "foo"),
-        stix2.Filter("type", "=", "bar"),
+        misp_lib_stix2.Filter("type", "=", "foo"),
+        misp_lib_stix2.Filter("type", "=", "bar"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -802,8 +802,8 @@ def test_optimize_types2():
 
 def test_optimize_types3():
     filters = [
-        stix2.Filter("type", "in", ["A", "B", "C"]),
-        stix2.Filter("type", "in", ["B", "C", "D"]),
+        misp_lib_stix2.Filter("type", "in", ["A", "B", "C"]),
+        misp_lib_stix2.Filter("type", "in", ["B", "C", "D"]),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -816,8 +816,8 @@ def test_optimize_types3():
 
 def test_optimize_types4():
     filters = [
-        stix2.Filter("type", "in", ["A", "B", "C"]),
-        stix2.Filter("type", "in", ["D", "E", "F"]),
+        misp_lib_stix2.Filter("type", "in", ["A", "B", "C"]),
+        misp_lib_stix2.Filter("type", "in", ["D", "E", "F"]),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -830,8 +830,8 @@ def test_optimize_types4():
 
 def test_optimize_types5():
     filters = [
-        stix2.Filter("type", "in", ["foo", "bar"]),
-        stix2.Filter("type", "!=", "bar"),
+        misp_lib_stix2.Filter("type", "in", ["foo", "bar"]),
+        misp_lib_stix2.Filter("type", "!=", "bar"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -844,8 +844,8 @@ def test_optimize_types5():
 
 def test_optimize_types6():
     filters = [
-        stix2.Filter("type", "!=", "foo"),
-        stix2.Filter("type", "!=", "bar"),
+        misp_lib_stix2.Filter("type", "!=", "foo"),
+        misp_lib_stix2.Filter("type", "!=", "bar"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -858,8 +858,8 @@ def test_optimize_types6():
 
 def test_optimize_types7():
     filters = [
-        stix2.Filter("type", "=", "foo"),
-        stix2.Filter("type", "!=", "foo"),
+        misp_lib_stix2.Filter("type", "=", "foo"),
+        misp_lib_stix2.Filter("type", "!=", "foo"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -883,8 +883,8 @@ def test_optimize_types8():
 
 def test_optimize_types_ids1():
     filters = [
-        stix2.Filter("type", "in", ["foo", "bar"]),
-        stix2.Filter("id", "=", "foo--00000000-0000-0000-0000-000000000000"),
+        misp_lib_stix2.Filter("type", "in", ["foo", "bar"]),
+        misp_lib_stix2.Filter("id", "=", "foo--00000000-0000-0000-0000-000000000000"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -897,8 +897,8 @@ def test_optimize_types_ids1():
 
 def test_optimize_types_ids2():
     filters = [
-        stix2.Filter("type", "=", "foo"),
-        stix2.Filter("id", "=", "bar--00000000-0000-0000-0000-000000000000"),
+        misp_lib_stix2.Filter("type", "=", "foo"),
+        misp_lib_stix2.Filter("id", "=", "bar--00000000-0000-0000-0000-000000000000"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -911,8 +911,8 @@ def test_optimize_types_ids2():
 
 def test_optimize_types_ids3():
     filters = [
-        stix2.Filter("type", "in", ["foo", "bar"]),
-        stix2.Filter("id", "!=", "bar--00000000-0000-0000-0000-000000000000"),
+        misp_lib_stix2.Filter("type", "in", ["foo", "bar"]),
+        misp_lib_stix2.Filter("id", "!=", "bar--00000000-0000-0000-0000-000000000000"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -925,8 +925,8 @@ def test_optimize_types_ids3():
 
 def test_optimize_types_ids4():
     filters = [
-        stix2.Filter("type", "in", ["A", "B", "C"]),
-        stix2.Filter(
+        misp_lib_stix2.Filter("type", "in", ["A", "B", "C"]),
+        misp_lib_stix2.Filter(
             "id", "in", [
                 "B--00000000-0000-0000-0000-000000000000",
                 "C--00000000-0000-0000-0000-000000000000",
@@ -948,16 +948,16 @@ def test_optimize_types_ids4():
 
 def test_optimize_types_ids5():
     filters = [
-        stix2.Filter("type", "in", ["A", "B", "C"]),
-        stix2.Filter("type", "!=", "C"),
-        stix2.Filter(
+        misp_lib_stix2.Filter("type", "in", ["A", "B", "C"]),
+        misp_lib_stix2.Filter("type", "!=", "C"),
+        misp_lib_stix2.Filter(
             "id", "in", [
                 "B--00000000-0000-0000-0000-000000000000",
                 "C--00000000-0000-0000-0000-000000000000",
                 "D--00000000-0000-0000-0000-000000000000",
             ],
         ),
-        stix2.Filter("id", "!=", "D--00000000-0000-0000-0000-000000000000"),
+        misp_lib_stix2.Filter("id", "!=", "D--00000000-0000-0000-0000-000000000000"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)
@@ -970,7 +970,7 @@ def test_optimize_types_ids5():
 
 def test_optimize_types_ids6():
     filters = [
-        stix2.Filter("id", "=", "A--00000000-0000-0000-0000-000000000000"),
+        misp_lib_stix2.Filter("id", "=", "A--00000000-0000-0000-0000-000000000000"),
     ]
 
     auth_types, auth_ids = _find_search_optimizations(filters)

misp_lib_stix2/test/v20/test_datastore_filters.py

@@ -1,8 +1,8 @@
 import pytest
 
-from stix2 import parse
-from stix2.datastore.filters import Filter, apply_common_filters
-from stix2.utils import STIXdatetime, parse_into_datetime
+from misp_lib_stix2 import parse
+from misp_lib_stix2.datastore.filters import Filter, apply_common_filters
+from misp_lib_stix2.utils import STIXdatetime, parse_into_datetime
 
 stix_objs = [
     {

misp_lib_stix2/test/v20/test_datastore_memory.py

@@ -3,10 +3,10 @@ import shutil
 
 import pytest
 
-from stix2 import Filter, MemorySource, MemoryStore, properties
-from stix2.datastore import make_id
-from stix2.utils import parse_into_datetime
-from stix2.v20 import (
+from misp_lib_stix2 import Filter, MemorySource, MemoryStore, properties
+from misp_lib_stix2.datastore import make_id
+from misp_lib_stix2.utils import parse_into_datetime
+from misp_lib_stix2.v20 import (
     Bundle, Campaign, CustomObject, Identity, Indicator, Malware, Relationship,
 )
 

misp_lib_stix2/test/v20/test_datastore_taxii.py

@@ -6,10 +6,10 @@ from requests.models import Response
 from taxii2client.common import _filter_kwargs_to_query_params
 from taxii2client.v20 import MEDIA_TYPE_STIX_V20, Collection
 
-import stix2
-from stix2.datastore import DataSourceError
-from stix2.datastore.filters import Filter
-from stix2.utils import get_timestamp
+import misp_lib_stix2
+from misp_lib_stix2.datastore import DataSourceError
+from misp_lib_stix2.datastore.filters import Filter
+from misp_lib_stix2.utils import get_timestamp
 
 COLLECTION_URL = 'https://example.com/api1/collections/91a7b528-80eb-42ed-a74d-c6fbd5a26116/'
 
@@ -55,7 +55,7 @@ class MockTAXIICollectionEndpoint(Collection):
             resp.status_code = 200
             resp.headers["Content-Range"] = f"items 0-{len(objs)}/{len(objs)}"
             resp.encoding = "utf-8"
-            resp._content = bytes(stix2.v20.Bundle(objects=objs).serialize(ensure_ascii=False), resp.encoding)
+            resp._content = bytes(misp_lib_stix2.v20.Bundle(objects=objs).serialize(ensure_ascii=False), resp.encoding)
             return resp
         else:
             resp = Response()
@@ -80,7 +80,7 @@ class MockTAXIICollectionEndpoint(Collection):
         else:
             filtered_objects = []
         if filtered_objects:
-            return stix2.v20.Bundle(objects=filtered_objects)
+            return misp_lib_stix2.v20.Bundle(objects=filtered_objects)
         else:
             resp = Response()
             resp.status_code = 404
@@ -128,15 +128,15 @@ def collection_no_rw_access(stix_objs1, stix_objs1_manifests):
 
 
 def test_ds_taxii(collection):
-    ds = stix2.TAXIICollectionSource(collection)
+    ds = misp_lib_stix2.TAXIICollectionSource(collection)
     assert ds.collection is not None
 
 
 def test_add_stix2_object(collection):
-    tc_sink = stix2.TAXIICollectionSink(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSink(collection)
 
     # create new STIX threat-actor
-    ta = stix2.v20.ThreatActor(
+    ta = misp_lib_stix2.v20.ThreatActor(
         name="Teddy Bear",
         labels=["nation-state"],
         sophistication="innovator",
@@ -151,10 +151,10 @@ def test_add_stix2_object(collection):
 
 
 def test_add_stix2_with_custom_object(collection):
-    tc_sink = stix2.TAXIICollectionStore(collection, allow_custom=True)
+    tc_sink = misp_lib_stix2.TAXIICollectionStore(collection, allow_custom=True)
 
     # create new STIX threat-actor
-    ta = stix2.v20.ThreatActor(
+    ta = misp_lib_stix2.v20.ThreatActor(
         name="Teddy Bear",
         labels=["nation-state"],
         sophistication="innovator",
@@ -171,10 +171,10 @@ def test_add_stix2_with_custom_object(collection):
 
 
 def test_add_list_object(collection, indicator):
-    tc_sink = stix2.TAXIICollectionSink(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSink(collection)
 
     # create new STIX threat-actor
-    ta = stix2.v20.ThreatActor(
+    ta = misp_lib_stix2.v20.ThreatActor(
         name="Teddy Bear",
         labels=["nation-state"],
         sophistication="innovator",
@@ -189,24 +189,24 @@ def test_add_list_object(collection, indicator):
 
 
 def test_get_object_found(collection):
-    tc_source = stix2.TAXIICollectionSource(collection)
+    tc_source = misp_lib_stix2.TAXIICollectionSource(collection)
     result = tc_source.query([
-        stix2.Filter("id", "=", "indicator--00000000-0000-4000-8000-000000000001"),
+        misp_lib_stix2.Filter("id", "=", "indicator--00000000-0000-4000-8000-000000000001"),
     ])
     assert result
 
 
 def test_get_object_not_found(collection):
-    tc_source = stix2.TAXIICollectionSource(collection)
+    tc_source = misp_lib_stix2.TAXIICollectionSource(collection)
     result = tc_source.get("indicator--00000000-0000-4000-8000-000000000005")
     assert result is None
 
 
 def test_add_stix2_bundle_object(collection):
-    tc_sink = stix2.TAXIICollectionSink(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSink(collection)
 
     # create new STIX threat-actor
-    ta = stix2.v20.ThreatActor(
+    ta = misp_lib_stix2.v20.ThreatActor(
         name="Teddy Bear",
         labels=["nation-state"],
         sophistication="innovator",
@@ -217,11 +217,11 @@ def test_add_stix2_bundle_object(collection):
         ],
     )
 
-    tc_sink.add(stix2.v20.Bundle(objects=[ta]))
+    tc_sink.add(misp_lib_stix2.v20.Bundle(objects=[ta]))
 
 
 def test_add_str_object(collection):
-    tc_sink = stix2.TAXIICollectionSink(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSink(collection)
 
     # create new STIX threat-actor
     ta = """{
@@ -245,7 +245,7 @@ def test_add_str_object(collection):
 
 
 def test_add_dict_object(collection):
-    tc_sink = stix2.TAXIICollectionSink(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSink(collection)
 
     ta = {
         "type": "threat-actor",
@@ -268,7 +268,7 @@ def test_add_dict_object(collection):
 
 
 def test_add_dict_bundle_object(collection):
-    tc_sink = stix2.TAXIICollectionSink(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSink(collection)
 
     ta = {
         "type": "bundle",
@@ -297,7 +297,7 @@ def test_add_dict_bundle_object(collection):
 
 
 def test_get_stix2_object(collection):
-    tc_sink = stix2.TAXIICollectionSource(collection)
+    tc_sink = misp_lib_stix2.TAXIICollectionSource(collection)
 
     objects = tc_sink.get("indicator--00000000-0000-4000-8000-000000000001")
 
@@ -320,7 +320,7 @@ def test_parse_taxii_filters(collection):
         Filter("version", "=", "first"),
     ]
 
-    ds = stix2.TAXIICollectionSource(collection)
+    ds = misp_lib_stix2.TAXIICollectionSource(collection)
 
     taxii_filters = ds._parse_taxii_filters(query)
 
@@ -328,7 +328,7 @@ def test_parse_taxii_filters(collection):
 
 
 def test_add_get_remove_filter(collection):
-    ds = stix2.TAXIICollectionSource(collection)
+    ds = misp_lib_stix2.TAXIICollectionSource(collection)
 
     # First 3 filters are valid, remaining properties are erroneous in some way
     valid_filters = [
@@ -364,7 +364,7 @@ def test_add_get_remove_filter(collection):
 
 
 def test_get_all_versions(collection):
-    ds = stix2.TAXIICollectionStore(collection)
+    ds = misp_lib_stix2.TAXIICollectionStore(collection)
 
     indicators = ds.all_versions('indicator--00000000-0000-4000-8000-000000000001')
     # There are 3 indicators but 2 share the same 'modified' timestamp
@@ -376,7 +376,7 @@ def test_can_read_error(collection_no_rw_access):
     instance that does not have read access, check ValueError exception is raised"""
 
     with pytest.raises(DataSourceError) as excinfo:
-        stix2.TAXIICollectionSource(collection_no_rw_access)
+        misp_lib_stix2.TAXIICollectionSource(collection_no_rw_access)
     assert "Collection object provided does not have read access" in str(excinfo.value)
 
 
@@ -385,7 +385,7 @@ def test_can_write_error(collection_no_rw_access):
     instance that does not have write access, check ValueError exception is raised"""
 
     with pytest.raises(DataSourceError) as excinfo:
-        stix2.TAXIICollectionSink(collection_no_rw_access)
+        misp_lib_stix2.TAXIICollectionSink(collection_no_rw_access)
     assert "Collection object provided does not have write access" in str(excinfo.value)
 
 
@@ -406,7 +406,7 @@ def test_get_404():
             resp.status_code = 404
             resp.raise_for_status()
 
-    ds = stix2.TAXIICollectionSource(TAXIICollection404())
+    ds = misp_lib_stix2.TAXIICollectionSource(TAXIICollection404())
 
     # this will raise 404 from mock TAXII Client but TAXIICollectionStore
     # should handle gracefully and return None
@@ -418,7 +418,7 @@ def test_all_versions_404(collection):
     """ a TAXIICollectionSource.all_version() call that recieves an HTTP 404
     response code from the taxii2client should be returned as an exception"""
 
-    ds = stix2.TAXIICollectionStore(collection)
+    ds = misp_lib_stix2.TAXIICollectionStore(collection)
 
     with pytest.raises(DataSourceError) as excinfo:
         ds.all_versions("indicator--1")
@@ -430,7 +430,7 @@ def test_query_404(collection):
     """ a TAXIICollectionSource.query() call that recieves an HTTP 404
     response code from the taxii2client should be returned as an exception"""
 
-    ds = stix2.TAXIICollectionStore(collection)
+    ds = misp_lib_stix2.TAXIICollectionStore(collection)
     query = [Filter("type", "=", "malware")]
 
     with pytest.raises(DataSourceError) as excinfo:

misp_lib_stix2/test/v20/test_environment.py

@@ -3,9 +3,9 @@ import os
 
 import pytest
 
-import stix2
-import stix2.equivalence.graph
-import stix2.equivalence.object
+import misp_lib_stix2
+import misp_lib_stix2.equivalence.graph
+import misp_lib_stix2.equivalence.object
 
 from .constants import (
     CAMPAIGN_ID, CAMPAIGN_KWARGS, FAKE_TIME, IDENTITY_ID, IDENTITY_KWARGS,
@@ -18,46 +18,46 @@ FS_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), "stix2_data"
 
 @pytest.fixture
 def ds():
-    cam = stix2.v20.Campaign(id=CAMPAIGN_ID, **CAMPAIGN_KWARGS)
-    idy = stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
-    ind = stix2.v20.Indicator(id=INDICATOR_ID, **INDICATOR_KWARGS)
-    mal = stix2.v20.Malware(id=MALWARE_ID, **MALWARE_KWARGS)
-    rel1 = stix2.v20.Relationship(ind, 'indicates', mal, id=RELATIONSHIP_IDS[0])
-    rel2 = stix2.v20.Relationship(mal, 'targets', idy, id=RELATIONSHIP_IDS[1])
-    rel3 = stix2.v20.Relationship(cam, 'uses', mal, id=RELATIONSHIP_IDS[2])
-    reprt = stix2.v20.Report(
+    cam = misp_lib_stix2.v20.Campaign(id=CAMPAIGN_ID, **CAMPAIGN_KWARGS)
+    idy = misp_lib_stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
+    ind = misp_lib_stix2.v20.Indicator(id=INDICATOR_ID, **INDICATOR_KWARGS)
+    mal = misp_lib_stix2.v20.Malware(id=MALWARE_ID, **MALWARE_KWARGS)
+    rel1 = misp_lib_stix2.v20.Relationship(ind, 'indicates', mal, id=RELATIONSHIP_IDS[0])
+    rel2 = misp_lib_stix2.v20.Relationship(mal, 'targets', idy, id=RELATIONSHIP_IDS[1])
+    rel3 = misp_lib_stix2.v20.Relationship(cam, 'uses', mal, id=RELATIONSHIP_IDS[2])
+    reprt = misp_lib_stix2.v20.Report(
         name="Malware Report",
         published="2021-05-09T08:22:22Z",
         labels=["campaign"],
         object_refs=[mal.id, rel1.id, ind.id],
     )
     stix_objs = [cam, idy, ind, mal, rel1, rel2, rel3, reprt]
-    yield stix2.MemoryStore(stix_objs)
+    yield misp_lib_stix2.MemoryStore(stix_objs)
 
 
 @pytest.fixture
 def ds2():
-    cam = stix2.v20.Campaign(id=CAMPAIGN_ID, **CAMPAIGN_KWARGS)
-    idy = stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
-    ind = stix2.v20.Indicator(id=INDICATOR_ID, created_by_ref=idy.id, **INDICATOR_KWARGS)
+    cam = misp_lib_stix2.v20.Campaign(id=CAMPAIGN_ID, **CAMPAIGN_KWARGS)
+    idy = misp_lib_stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
+    ind = misp_lib_stix2.v20.Indicator(id=INDICATOR_ID, created_by_ref=idy.id, **INDICATOR_KWARGS)
     indv2 = ind.new_version(
         external_references=[{
             "source_name": "unknown",
             "url": "https://examplewebsite.com/",
         }],
     )
-    mal = stix2.v20.Malware(id=MALWARE_ID, created_by_ref=idy.id, **MALWARE_KWARGS)
+    mal = misp_lib_stix2.v20.Malware(id=MALWARE_ID, created_by_ref=idy.id, **MALWARE_KWARGS)
     malv2 = mal.new_version(
         external_references=[{
             "source_name": "unknown",
             "url": "https://examplewebsite2.com/",
         }],
     )
-    rel1 = stix2.v20.Relationship(ind, 'indicates', mal, id=RELATIONSHIP_IDS[0])
-    rel2 = stix2.v20.Relationship(mal, 'targets', idy, id=RELATIONSHIP_IDS[1])
-    rel3 = stix2.v20.Relationship(cam, 'uses', mal, id=RELATIONSHIP_IDS[2])
+    rel1 = misp_lib_stix2.v20.Relationship(ind, 'indicates', mal, id=RELATIONSHIP_IDS[0])
+    rel2 = misp_lib_stix2.v20.Relationship(mal, 'targets', idy, id=RELATIONSHIP_IDS[1])
+    rel3 = misp_lib_stix2.v20.Relationship(cam, 'uses', mal, id=RELATIONSHIP_IDS[2])
     stix_objs = [cam, idy, ind, indv2, mal, malv2, rel1, rel2, rel3]
-    reprt = stix2.v20.Report(
+    reprt = misp_lib_stix2.v20.Report(
         created_by_ref=idy.id,
         name="example",
         labels=["campaign"],
@@ -65,115 +65,115 @@ def ds2():
         object_refs=stix_objs,
     )
     stix_objs.append(reprt)
-    yield stix2.MemoryStore(stix_objs)
+    yield misp_lib_stix2.MemoryStore(stix_objs)
 
 
 @pytest.fixture
 def fs():
-    yield stix2.FileSystemSource(FS_PATH)
+    yield misp_lib_stix2.FileSystemSource(FS_PATH)
 
 
 def test_object_factory_created_by_ref_str():
-    factory = stix2.ObjectFactory(created_by_ref=IDENTITY_ID)
-    ind = factory.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(created_by_ref=IDENTITY_ID)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     assert ind.created_by_ref == IDENTITY_ID
 
 
 def test_object_factory_created_by_ref_obj():
-    id_obj = stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
-    factory = stix2.ObjectFactory(created_by_ref=id_obj)
-    ind = factory.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    id_obj = misp_lib_stix2.v20.Identity(id=IDENTITY_ID, **IDENTITY_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(created_by_ref=id_obj)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     assert ind.created_by_ref == IDENTITY_ID
 
 
 def test_object_factory_override_default():
-    factory = stix2.ObjectFactory(created_by_ref=IDENTITY_ID)
+    factory = misp_lib_stix2.ObjectFactory(created_by_ref=IDENTITY_ID)
     new_id = "identity--983b3172-44fe-4a80-8091-eb8098841fe8"
-    ind = factory.create(stix2.v20.Indicator, created_by_ref=new_id, **INDICATOR_KWARGS)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, created_by_ref=new_id, **INDICATOR_KWARGS)
     assert ind.created_by_ref == new_id
 
 
 def test_object_factory_created():
-    factory = stix2.ObjectFactory(created=FAKE_TIME)
-    ind = factory.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(created=FAKE_TIME)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     assert ind.created == FAKE_TIME
     assert ind.modified == FAKE_TIME
 
 
 def test_object_factory_external_reference():
-    ext_ref = stix2.v20.ExternalReference(
+    ext_ref = misp_lib_stix2.v20.ExternalReference(
         source_name="ACME Threat Intel",
         description="Threat report",
     )
-    factory = stix2.ObjectFactory(external_references=ext_ref)
-    ind = factory.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(external_references=ext_ref)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     assert ind.external_references[0].source_name == "ACME Threat Intel"
     assert ind.external_references[0].description == "Threat report"
 
-    ind2 = factory.create(stix2.v20.Indicator, external_references=None, **INDICATOR_KWARGS)
+    ind2 = factory.create(misp_lib_stix2.v20.Indicator, external_references=None, **INDICATOR_KWARGS)
     assert 'external_references' not in ind2
 
 
 def test_object_factory_obj_markings():
-    stmt_marking = stix2.v20.StatementMarking("Copyright 2016, Example Corp")
-    mark_def = stix2.v20.MarkingDefinition(
+    stmt_marking = misp_lib_stix2.v20.StatementMarking("Copyright 2016, Example Corp")
+    mark_def = misp_lib_stix2.v20.MarkingDefinition(
         definition_type="statement",
         definition=stmt_marking,
     )
-    factory = stix2.ObjectFactory(object_marking_refs=[mark_def, stix2.v20.TLP_AMBER])
-    ind = factory.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(object_marking_refs=[mark_def, misp_lib_stix2.v20.TLP_AMBER])
+    ind = factory.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     assert mark_def.id in ind.object_marking_refs
-    assert stix2.v20.TLP_AMBER.id in ind.object_marking_refs
+    assert misp_lib_stix2.v20.TLP_AMBER.id in ind.object_marking_refs
 
-    factory = stix2.ObjectFactory(object_marking_refs=stix2.v20.TLP_RED)
-    ind = factory.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
-    assert stix2.v20.TLP_RED.id in ind.object_marking_refs
+    factory = misp_lib_stix2.ObjectFactory(object_marking_refs=misp_lib_stix2.v20.TLP_RED)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
+    assert misp_lib_stix2.v20.TLP_RED.id in ind.object_marking_refs
 
 
 def test_object_factory_list_append():
-    ext_ref = stix2.v20.ExternalReference(
+    ext_ref = misp_lib_stix2.v20.ExternalReference(
         source_name="ACME Threat Intel",
         description="Threat report from ACME",
     )
-    ext_ref2 = stix2.v20.ExternalReference(
+    ext_ref2 = misp_lib_stix2.v20.ExternalReference(
         source_name="Yet Another Threat Report",
         description="Threat report from YATR",
     )
-    ext_ref3 = stix2.v20.ExternalReference(
+    ext_ref3 = misp_lib_stix2.v20.ExternalReference(
         source_name="Threat Report #3",
         description="One more threat report",
     )
-    factory = stix2.ObjectFactory(external_references=ext_ref)
-    ind = factory.create(stix2.v20.Indicator, external_references=ext_ref2, **INDICATOR_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(external_references=ext_ref)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, external_references=ext_ref2, **INDICATOR_KWARGS)
     assert ind.external_references[1].source_name == "Yet Another Threat Report"
 
-    ind = factory.create(stix2.v20.Indicator, external_references=[ext_ref2, ext_ref3], **INDICATOR_KWARGS)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, external_references=[ext_ref2, ext_ref3], **INDICATOR_KWARGS)
     assert ind.external_references[2].source_name == "Threat Report #3"
 
 
 def test_object_factory_list_replace():
-    ext_ref = stix2.v20.ExternalReference(
+    ext_ref = misp_lib_stix2.v20.ExternalReference(
         source_name="ACME Threat Intel",
         description="Threat report from ACME",
     )
-    ext_ref2 = stix2.v20.ExternalReference(
+    ext_ref2 = misp_lib_stix2.v20.ExternalReference(
         source_name="Yet Another Threat Report",
         description="Threat report from YATR",
     )
-    factory = stix2.ObjectFactory(external_references=ext_ref, list_append=False)
-    ind = factory.create(stix2.v20.Indicator, external_references=ext_ref2, **INDICATOR_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(external_references=ext_ref, list_append=False)
+    ind = factory.create(misp_lib_stix2.v20.Indicator, external_references=ext_ref2, **INDICATOR_KWARGS)
     assert len(ind.external_references) == 1
     assert ind.external_references[0].source_name == "Yet Another Threat Report"
 
 
 def test_environment_functions():
-    env = stix2.Environment(
-        stix2.ObjectFactory(created_by_ref=IDENTITY_ID),
-        stix2.MemoryStore(),
+    env = misp_lib_stix2.Environment(
+        misp_lib_stix2.ObjectFactory(created_by_ref=IDENTITY_ID),
+        misp_lib_stix2.MemoryStore(),
     )
 
     # Create a STIX object
-    ind = env.create(stix2.v20.Indicator, id=INDICATOR_ID, **INDICATOR_KWARGS)
+    ind = env.create(misp_lib_stix2.v20.Indicator, id=INDICATOR_ID, **INDICATOR_KWARGS)
     assert ind.created_by_ref == IDENTITY_ID
 
     # Add objects to datastore
@@ -189,40 +189,40 @@ def test_environment_functions():
     assert resp['labels'][0] == 'benign'
 
     # Search on something other than id
-    query = [stix2.Filter('type', '=', 'vulnerability')]
+    query = [misp_lib_stix2.Filter('type', '=', 'vulnerability')]
     resp = env.query(query)
     assert len(resp) == 0
 
     # See different results after adding filters to the environment
     env.add_filters([
-        stix2.Filter('type', '=', 'indicator'),
-        stix2.Filter('created_by_ref', '=', IDENTITY_ID),
+        misp_lib_stix2.Filter('type', '=', 'indicator'),
+        misp_lib_stix2.Filter('created_by_ref', '=', IDENTITY_ID),
     ])
-    env.add_filter(stix2.Filter('labels', '=', 'benign'))  # should be 'malicious-activity'
+    env.add_filter(misp_lib_stix2.Filter('labels', '=', 'benign'))  # should be 'malicious-activity'
     resp = env.get(INDICATOR_ID)
     assert resp['labels'][0] == 'benign'  # should be 'malicious-activity'
 
 
 def test_environment_source_and_sink():
-    ind = stix2.v20.Indicator(id=INDICATOR_ID, **INDICATOR_KWARGS)
-    env = stix2.Environment(source=stix2.MemorySource([ind]), sink=stix2.MemorySink([ind]))
+    ind = misp_lib_stix2.v20.Indicator(id=INDICATOR_ID, **INDICATOR_KWARGS)
+    env = misp_lib_stix2.Environment(source=misp_lib_stix2.MemorySource([ind]), sink=misp_lib_stix2.MemorySink([ind]))
     assert env.get(INDICATOR_ID).labels[0] == 'malicious-activity'
 
 
 def test_environment_datastore_and_sink():
     with pytest.raises(ValueError) as excinfo:
-        stix2.Environment(
-            factory=stix2.ObjectFactory(),
-            store=stix2.MemoryStore(), sink=stix2.MemorySink,
+        misp_lib_stix2.Environment(
+            factory=misp_lib_stix2.ObjectFactory(),
+            store=misp_lib_stix2.MemoryStore(), sink=misp_lib_stix2.MemorySink,
         )
     assert 'Data store already provided' in str(excinfo.value)
 
 
 def test_environment_no_datastore():
-    env = stix2.Environment(factory=stix2.ObjectFactory())
+    env = misp_lib_stix2.Environment(factory=misp_lib_stix2.ObjectFactory())
 
     with pytest.raises(AttributeError) as excinfo:
-        env.add(stix2.v20.Indicator(**INDICATOR_KWARGS))
+        env.add(misp_lib_stix2.v20.Indicator(**INDICATOR_KWARGS))
     assert 'Environment has no data sink to put objects in' in str(excinfo.value)
 
     with pytest.raises(AttributeError) as excinfo:
@@ -247,20 +247,20 @@ def test_environment_no_datastore():
 
 
 def test_environment_add_filters():
-    env = stix2.Environment(factory=stix2.ObjectFactory())
+    env = misp_lib_stix2.Environment(factory=misp_lib_stix2.ObjectFactory())
     env.add_filters([INDICATOR_ID])
     env.add_filter(INDICATOR_ID)
 
 
 def test_environment_datastore_and_no_object_factory():
     # Uses a default object factory
-    env = stix2.Environment(store=stix2.MemoryStore())
-    ind = env.create(stix2.v20.Indicator, id=INDICATOR_ID, **INDICATOR_KWARGS)
+    env = misp_lib_stix2.Environment(store=misp_lib_stix2.MemoryStore())
+    ind = env.create(misp_lib_stix2.v20.Indicator, id=INDICATOR_ID, **INDICATOR_KWARGS)
     assert ind.id == INDICATOR_ID
 
 
 def test_parse_malware():
-    env = stix2.Environment()
+    env = misp_lib_stix2.Environment()
     data = """{
         "type": "malware",
         "id": "malware--9c4638ec-f1de-4ddb-abf4-1b760417654e",
@@ -282,46 +282,46 @@ def test_parse_malware():
 
 
 def test_creator_of():
-    identity = stix2.v20.Identity(**IDENTITY_KWARGS)
-    factory = stix2.ObjectFactory(created_by_ref=identity.id)
-    env = stix2.Environment(store=stix2.MemoryStore(), factory=factory)
+    identity = misp_lib_stix2.v20.Identity(**IDENTITY_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(created_by_ref=identity.id)
+    env = misp_lib_stix2.Environment(store=misp_lib_stix2.MemoryStore(), factory=factory)
     env.add(identity)
 
-    ind = env.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    ind = env.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     creator = env.creator_of(ind)
     assert creator is identity
 
 
 def test_creator_of_no_datasource():
-    identity = stix2.v20.Identity(**IDENTITY_KWARGS)
-    factory = stix2.ObjectFactory(created_by_ref=identity.id)
-    env = stix2.Environment(factory=factory)
+    identity = misp_lib_stix2.v20.Identity(**IDENTITY_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(created_by_ref=identity.id)
+    env = misp_lib_stix2.Environment(factory=factory)
 
-    ind = env.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    ind = env.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     with pytest.raises(AttributeError) as excinfo:
         env.creator_of(ind)
     assert 'Environment has no data source' in str(excinfo.value)
 
 
 def test_creator_of_not_found():
-    identity = stix2.v20.Identity(**IDENTITY_KWARGS)
-    factory = stix2.ObjectFactory(created_by_ref=identity.id)
-    env = stix2.Environment(store=stix2.MemoryStore(), factory=factory)
+    identity = misp_lib_stix2.v20.Identity(**IDENTITY_KWARGS)
+    factory = misp_lib_stix2.ObjectFactory(created_by_ref=identity.id)
+    env = misp_lib_stix2.Environment(store=misp_lib_stix2.MemoryStore(), factory=factory)
 
-    ind = env.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    ind = env.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     creator = env.creator_of(ind)
     assert creator is None
 
 
 def test_creator_of_no_created_by_ref():
-    env = stix2.Environment(store=stix2.MemoryStore())
-    ind = env.create(stix2.v20.Indicator, **INDICATOR_KWARGS)
+    env = misp_lib_stix2.Environment(store=misp_lib_stix2.MemoryStore())
+    ind = env.create(misp_lib_stix2.v20.Indicator, **INDICATOR_KWARGS)
     creator = env.creator_of(ind)
     assert creator is None
 
 
 def test_relationships(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     mal = env.get(MALWARE_ID)
     resp = env.relationships(mal)
 
@@ -332,7 +332,7 @@ def test_relationships(ds):
 
 
 def test_relationships_no_id(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     mal = {
         "type": "malware",
         "name": "some variant",
@@ -343,7 +343,7 @@ def test_relationships_no_id(ds):
 
 
 def test_relationships_by_type(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     mal = env.get(MALWARE_ID)
     resp = env.relationships(mal, relationship_type='indicates')
 
@@ -352,7 +352,7 @@ def test_relationships_by_type(ds):
 
 
 def test_relationships_by_source(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     resp = env.relationships(MALWARE_ID, source_only=True)
 
     assert len(resp) == 1
@@ -360,7 +360,7 @@ def test_relationships_by_source(ds):
 
 
 def test_relationships_by_target(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     resp = env.relationships(MALWARE_ID, target_only=True)
 
     assert len(resp) == 2
@@ -369,7 +369,7 @@ def test_relationships_by_target(ds):
 
 
 def test_relationships_by_target_and_type(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     resp = env.relationships(MALWARE_ID, relationship_type='uses', target_only=True)
 
     assert len(resp) == 1
@@ -377,7 +377,7 @@ def test_relationships_by_target_and_type(ds):
 
 
 def test_relationships_by_target_and_source(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     with pytest.raises(ValueError) as excinfo:
         env.relationships(MALWARE_ID, target_only=True, source_only=True)
 
@@ -385,7 +385,7 @@ def test_relationships_by_target_and_source(ds):
 
 
 def test_related_to(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     mal = env.get(MALWARE_ID)
     resp = env.related_to(mal)
 
@@ -396,7 +396,7 @@ def test_related_to(ds):
 
 
 def test_related_to_no_id(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     mal = {
         "type": "malware",
         "name": "some variant",
@@ -407,7 +407,7 @@ def test_related_to_no_id(ds):
 
 
 def test_related_to_by_source(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     resp = env.related_to(MALWARE_ID, source_only=True)
 
     assert len(resp) == 1
@@ -415,7 +415,7 @@ def test_related_to_by_source(ds):
 
 
 def test_related_to_by_target(ds):
-    env = stix2.Environment(store=ds)
+    env = misp_lib_stix2.Environment(store=ds)
     resp = env.related_to(MALWARE_ID, target_only=True)
 
     assert len(resp) == 2
@@ -424,7 +424,7 @@ def test_related_to_by_target(ds):
 
 
 def test_versioned_checks(ds, ds2):
-    weights = stix2.equivalence.graph.WEIGHTS.copy()
+    weights = misp_lib_stix2.equivalence.graph.WEIGHTS.copy()
     weights.update({
         "_internal": {
             "ignore_spec_version": True,
@@ -432,12 +432,12 @@ def test_versioned_checks(ds, ds2):
             "max_depth": 1,
         },
     })
-    score = stix2.equivalence.object._versioned_checks(INDICATOR_ID, INDICATOR_ID, ds, ds2, **weights)
+    score = misp_lib_stix2.equivalence.object._versioned_checks(INDICATOR_ID, INDICATOR_ID, ds, ds2, **weights)
     assert round(score) == 100
 
 
 def test_semantic_check_with_versioning(ds, ds2):
-    weights = stix2.equivalence.graph.WEIGHTS.copy()
+    weights = misp_lib_stix2.equivalence.graph.WEIGHTS.copy()
     weights.update({
         "_internal": {
             "ignore_spec_version": False,
@@ -447,7 +447,7 @@ def test_semantic_check_with_versioning(ds, ds2):
             "max_depth": 1,
         },
     })
-    ind = stix2.v20.Indicator(
+    ind = misp_lib_stix2.v20.Indicator(
         **dict(
             labels=["malicious-activity"],
             pattern="[file:hashes.'SHA-256' = 'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855']",
@@ -458,16 +458,16 @@ def test_semantic_check_with_versioning(ds, ds2):
                   "url": "https://examplewebsite2.com/",
                 },
             ],
-            object_marking_refs=[stix2.v20.TLP_WHITE],
+            object_marking_refs=[misp_lib_stix2.v20.TLP_WHITE],
         )
     )
     ds.add(ind)
-    score = stix2.equivalence.object.reference_check(ind.id, INDICATOR_ID, ds, ds2, **weights)
+    score = misp_lib_stix2.equivalence.object.reference_check(ind.id, INDICATOR_ID, ds, ds2, **weights)
     assert round(score) == 0  # Since pattern is different score is really low
 
 
 def test_list_semantic_check(ds, ds2):
-    weights = stix2.equivalence.graph.WEIGHTS.copy()
+    weights = misp_lib_stix2.equivalence.graph.WEIGHTS.copy()
     weights.update({
         "_internal": {
             "ignore_spec_version": False,
@@ -491,7 +491,7 @@ def test_list_semantic_check(ds, ds2):
         "relationship--a0cbb21c-8daf-4a7f-96aa-7155a4ef8f70",
     ]
 
-    score = stix2.equivalence.object.list_reference_check(
+    score = misp_lib_stix2.equivalence.object.list_reference_check(
         object_refs1,
         object_refs2,
         ds,
@@ -504,16 +504,16 @@ def test_list_semantic_check(ds, ds2):
 def test_graph_similarity_raises_value_error(ds):
     with pytest.raises(ValueError):
         prop_scores1 = {}
-        stix2.Environment().graph_similarity(ds, ds2, prop_scores1, max_depth=-1)
+        misp_lib_stix2.Environment().graph_similarity(ds, ds2, prop_scores1, max_depth=-1)
 
 
 def test_graph_similarity_with_filesystem_source(ds, fs):
     prop_scores1 = {}
-    env1 = stix2.Environment().graph_similarity(fs, ds, prop_scores1, ignore_spec_version=True)
+    env1 = misp_lib_stix2.Environment().graph_similarity(fs, ds, prop_scores1, ignore_spec_version=True)
 
     # Switching parameters
     prop_scores2 = {}
-    env2 = stix2.Environment().graph_similarity(ds, fs, prop_scores2, ignore_spec_version=True)
+    env2 = misp_lib_stix2.Environment().graph_similarity(ds, fs, prop_scores2, ignore_spec_version=True)
 
     assert round(env1) == 25
     assert round(prop_scores1["matching_score"]) == 451
@@ -530,7 +530,7 @@ def test_graph_similarity_with_filesystem_source(ds, fs):
 
 def test_graph_similarity_with_duplicate_graph(ds):
     prop_scores = {}
-    env = stix2.Environment().graph_similarity(ds, ds, prop_scores)
+    env = misp_lib_stix2.Environment().graph_similarity(ds, ds, prop_scores)
     assert round(env) == 100
     assert round(prop_scores["matching_score"]) == 800
     assert round(prop_scores["len_pairs"]) == 8
@@ -538,11 +538,11 @@ def test_graph_similarity_with_duplicate_graph(ds):
 
 def test_graph_similarity_with_versioning_check_on(ds2, ds):
     prop_scores1 = {}
-    env1 = stix2.Environment().graph_similarity(ds, ds2, prop_scores1, versioning_checks=True)
+    env1 = misp_lib_stix2.Environment().graph_similarity(ds, ds2, prop_scores1, versioning_checks=True)
 
     # Switching parameters
     prop_scores2 = {}
-    env2 = stix2.Environment().graph_similarity(ds2, ds, prop_scores2, versioning_checks=True)
+    env2 = misp_lib_stix2.Environment().graph_similarity(ds2, ds, prop_scores2, versioning_checks=True)
 
     assert round(env1) == 88
     assert round(prop_scores1["matching_score"]) == 789
@@ -559,11 +559,11 @@ def test_graph_similarity_with_versioning_check_on(ds2, ds):
 
 def test_graph_similarity_with_versioning_check_off(ds2, ds):
     prop_scores1 = {}
-    env1 = stix2.Environment().graph_similarity(ds, ds2, prop_scores1)
+    env1 = misp_lib_stix2.Environment().graph_similarity(ds, ds2, prop_scores1)
 
     # Switching parameters
     prop_scores2 = {}
-    env2 = stix2.Environment().graph_similarity(ds2, ds, prop_scores2)
+    env2 = misp_lib_stix2.Environment().graph_similarity(ds2, ds, prop_scores2)
 
     assert round(env1) == 88
     assert round(prop_scores1["matching_score"]) == 789
@@ -580,11 +580,11 @@ def test_graph_similarity_with_versioning_check_off(ds2, ds):
 
 def test_graph_equivalence_with_filesystem_source(ds, fs):
     prop_scores1 = {}
-    env1 = stix2.Environment().graph_equivalence(fs, ds, prop_scores1, ignore_spec_version=True)
+    env1 = misp_lib_stix2.Environment().graph_equivalence(fs, ds, prop_scores1, ignore_spec_version=True)
 
     # Switching parameters
     prop_scores2 = {}
-    env2 = stix2.Environment().graph_equivalence(ds, fs, prop_scores2, ignore_spec_version=True)
+    env2 = misp_lib_stix2.Environment().graph_equivalence(ds, fs, prop_scores2, ignore_spec_version=True)
 
     assert env1 is False
     assert round(prop_scores1["matching_score"]) == 451
@@ -601,7 +601,7 @@ def test_graph_equivalence_with_filesystem_source(ds, fs):
 
 def test_graph_equivalence_with_duplicate_graph(ds):
     prop_scores = {}
-    env = stix2.Environment().graph_equivalence(ds, ds, prop_scores)
+    env = misp_lib_stix2.Environment().graph_equivalence(ds, ds, prop_scores)
     assert env is True
     assert round(prop_scores["matching_score"]) == 800
     assert round(prop_scores["len_pairs"]) == 8
@@ -609,11 +609,11 @@ def test_graph_equivalence_with_duplicate_graph(ds):
 
 def test_graph_equivalence_with_versioning_check_on(ds2, ds):
     prop_scores1 = {}
-    env1 = stix2.Environment().graph_equivalence(ds, ds2, prop_scores1, versioning_checks=True)
+    env1 = misp_lib_stix2.Environment().graph_equivalence(ds, ds2, prop_scores1, versioning_checks=True)
 
     # Switching parameters
     prop_scores2 = {}
-    env2 = stix2.Environment().graph_equivalence(ds2, ds, prop_scores2, versioning_checks=True)
+    env2 = misp_lib_stix2.Environment().graph_equivalence(ds2, ds, prop_scores2, versioning_checks=True)
 
     assert env1 is True
     assert round(prop_scores1["matching_score"]) == 789
@@ -630,11 +630,11 @@ def test_graph_equivalence_with_versioning_check_on(ds2, ds):
 
 def test_graph_equivalence_with_versioning_check_off(ds2, ds):
     prop_scores1 = {}
-    env1 = stix2.Environment().graph_equivalence(ds, ds2, prop_scores1)
+    env1 = misp_lib_stix2.Environment().graph_equivalence(ds, ds2, prop_scores1)
 
     # Switching parameters
     prop_scores2 = {}
-    env2 = stix2.Environment().graph_equivalence(ds2, ds, prop_scores2)
+    env2 = misp_lib_stix2.Environment().graph_equivalence(ds2, ds, prop_scores2)
 
     assert env1 is True
     assert round(prop_scores1["matching_score"]) == 789

misp_lib_stix2/test/v20/test_external_reference.py

@@ -4,7 +4,7 @@ import re
 
 import pytest
 
-import stix2
+import misp_lib_stix2
 
 VERIS = """{
     "source_name": "veris",
@@ -17,7 +17,7 @@ VERIS = """{
 
 
 def test_external_reference_veris():
-    ref = stix2.v20.ExternalReference(
+    ref = misp_lib_stix2.v20.ExternalReference(
         source_name="veris",
         external_id="0001AA7F-C601-424A-B2B8-BE6C9F5164E7",
         hashes={
@@ -36,7 +36,7 @@ CAPEC = """{
 
 
 def test_external_reference_capec():
-    ref = stix2.v20.ExternalReference(
+    ref = misp_lib_stix2.v20.ExternalReference(
         source_name="capec",
         external_id="CAPEC-550",
     )
@@ -53,7 +53,7 @@ CAPEC_URL = """{
 
 
 def test_external_reference_capec_url():
-    ref = stix2.v20.ExternalReference(
+    ref = misp_lib_stix2.v20.ExternalReference(
         source_name="capec",
         external_id="CAPEC-550",
         url="http://capec.mitre.org/data/definitions/550.html",
@@ -70,7 +70,7 @@ THREAT_REPORT = """{
 
 
 def test_external_reference_threat_report():
-    ref = stix2.v20.ExternalReference(
+    ref = misp_lib_stix2.v20.ExternalReference(
         source_name="ACME Threat Intel",
         description="Threat report",
         url="http://www.example.com/threat-report.pdf",
@@ -87,7 +87,7 @@ BUGZILLA = """{
 
 
 def test_external_reference_bugzilla():
-    ref = stix2.v20.ExternalReference(
+    ref = misp_lib_stix2.v20.ExternalReference(
         source_name="ACME Bugzilla",
         external_id="1370",
         url="https://www.example.com/bugs/1370",
@@ -103,7 +103,7 @@ OFFLINE = """{
 
 
 def test_external_reference_offline():
-    ref = stix2.v20.ExternalReference(
+    ref = misp_lib_stix2.v20.ExternalReference(
         source_name="ACME Threat Intel",
         description="Threat report",
     )
@@ -115,8 +115,8 @@ def test_external_reference_offline():
 
 
 def test_external_reference_source_required():
-    with pytest.raises(stix2.exceptions.MissingPropertiesError) as excinfo:
-        stix2.v20.ExternalReference()
+    with pytest.raises(misp_lib_stix2.exceptions.MissingPropertiesError) as excinfo:
+        misp_lib_stix2.v20.ExternalReference()
 
-    assert excinfo.value.cls == stix2.v20.ExternalReference
+    assert excinfo.value.cls == misp_lib_stix2.v20.ExternalReference
     assert excinfo.value.properties == ["source_name"]

misp_lib_stix2/test/v20/test_fixtures.py

@@ -1,6 +1,6 @@
 import uuid
 
-from stix2 import utils
+from misp_lib_stix2 import utils
 
 from .constants import FAKE_TIME
 

misp_lib_stix2/test/v20/test_granular_markings.py

@@ -1,9 +1,9 @@
 
 import pytest
 
-from stix2 import markings
-from stix2.exceptions import InvalidSelectorError, MarkingNotFoundError
-from stix2.v20 import TLP_RED, Malware
+from misp_lib_stix2 import markings
+from misp_lib_stix2.exceptions import InvalidSelectorError, MarkingNotFoundError
+from misp_lib_stix2.v20 import TLP_RED, Malware
 
 from .constants import MALWARE_MORE_KWARGS as MALWARE_KWARGS_CONST
 from .constants import MARKING_IDS

misp_lib_stix2/test/v20/test_identity.py

@@ -3,7 +3,7 @@ import datetime as dt
 import pytest
 import pytz
 
-import stix2
+import misp_lib_stix2
 
 from .constants import IDENTITY_ID
 
@@ -18,7 +18,7 @@ EXPECTED = """{
 
 
 def test_identity_example():
-    identity = stix2.v20.Identity(
+    identity = misp_lib_stix2.v20.Identity(
         id=IDENTITY_ID,
         created="2015-12-21T19:59:11.000Z",
         modified="2015-12-21T19:59:11.000Z",
@@ -43,7 +43,7 @@ def test_identity_example():
     ],
 )
 def test_parse_identity(data):
-    identity = stix2.parse(data, version="2.0")
+    identity = misp_lib_stix2.parse(data, version="2.0")
 
     assert identity.type == 'identity'
     assert identity.id == IDENTITY_ID
@@ -53,8 +53,8 @@ def test_parse_identity(data):
 
 
 def test_parse_no_type():
-    with pytest.raises(stix2.exceptions.ParseError):
-        stix2.parse(
+    with pytest.raises(misp_lib_stix2.exceptions.ParseError):
+        misp_lib_stix2.parse(
             """
         {
             "id": "identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
@@ -67,7 +67,7 @@ def test_parse_no_type():
 
 
 def test_identity_with_custom():
-    identity = stix2.v20.Identity(
+    identity = misp_lib_stix2.v20.Identity(
         name="John Smith",
         identity_class="individual",
         custom_properties={'x_foo': 'bar'},

misp_lib_stix2/test/v20/test_indicator.py

@@ -4,7 +4,7 @@ import re
 import pytest
 import pytz
 
-import stix2
+import misp_lib_stix2
 
 from .constants import FAKE_TIME, INDICATOR_ID, INDICATOR_KWARGS
 
@@ -38,7 +38,7 @@ def test_indicator_with_all_required_properties():
     now = dt.datetime(2017, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
     epoch = dt.datetime(1970, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
 
-    ind = stix2.v20.Indicator(
+    ind = misp_lib_stix2.v20.Indicator(
         type="indicator",
         id=INDICATOR_ID,
         created=now,
@@ -73,78 +73,78 @@ def test_indicator_autogenerated_properties(indicator):
 
 
 def test_indicator_type_must_be_indicator():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(type='xxx', **INDICATOR_KWARGS)
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(type='xxx', **INDICATOR_KWARGS)
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.prop_name == "type"
     assert excinfo.value.reason == "must equal 'indicator'."
     assert str(excinfo.value) == "Invalid value for Indicator 'type': must equal 'indicator'."
 
 
 def test_indicator_id_must_start_with_indicator():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(id='my-prefix--', **INDICATOR_KWARGS)
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(id='my-prefix--', **INDICATOR_KWARGS)
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.prop_name == "id"
     assert excinfo.value.reason == "must start with 'indicator--'."
     assert str(excinfo.value) == "Invalid value for Indicator 'id': must start with 'indicator--'."
 
 
 def test_indicator_required_properties():
-    with pytest.raises(stix2.exceptions.MissingPropertiesError) as excinfo:
-        stix2.v20.Indicator()
+    with pytest.raises(misp_lib_stix2.exceptions.MissingPropertiesError) as excinfo:
+        misp_lib_stix2.v20.Indicator()
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.properties == ["labels", "pattern"]
     assert str(excinfo.value) == "No values for required properties for Indicator: (labels, pattern)."
 
 
 def test_indicator_required_property_pattern():
-    with pytest.raises(stix2.exceptions.MissingPropertiesError) as excinfo:
-        stix2.v20.Indicator(labels=['malicious-activity'])
+    with pytest.raises(misp_lib_stix2.exceptions.MissingPropertiesError) as excinfo:
+        misp_lib_stix2.v20.Indicator(labels=['malicious-activity'])
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.properties == ["pattern"]
 
 
 def test_indicator_created_ref_invalid_format():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(created_by_ref='myprefix--12345678', **INDICATOR_KWARGS)
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(created_by_ref='myprefix--12345678', **INDICATOR_KWARGS)
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.prop_name == "created_by_ref"
 
 
 def test_indicator_revoked_invalid():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(revoked='no', **INDICATOR_KWARGS)
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(revoked='no', **INDICATOR_KWARGS)
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.prop_name == "revoked"
     assert excinfo.value.reason == "must be a boolean value."
 
 
 def test_cannot_assign_to_indicator_attributes(indicator):
-    with pytest.raises(stix2.exceptions.ImmutableError) as excinfo:
+    with pytest.raises(misp_lib_stix2.exceptions.ImmutableError) as excinfo:
         indicator.valid_from = dt.datetime.now()
 
     assert str(excinfo.value) == "Cannot modify 'valid_from' property in 'Indicator' after creation."
 
 
 def test_invalid_kwarg_to_indicator():
-    with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
-        stix2.v20.Indicator(my_custom_property="foo", **INDICATOR_KWARGS)
+    with pytest.raises(misp_lib_stix2.exceptions.ExtraPropertiesError) as excinfo:
+        misp_lib_stix2.v20.Indicator(my_custom_property="foo", **INDICATOR_KWARGS)
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.properties == ['my_custom_property']
     assert str(excinfo.value) == "Unexpected properties for Indicator: (my_custom_property)."
 
 
 def test_created_modified_time_are_identical_by_default():
     """By default, the created and modified times should be the same."""
-    ind = stix2.v20.Indicator(**INDICATOR_KWARGS)
+    ind = misp_lib_stix2.v20.Indicator(**INDICATOR_KWARGS)
 
     assert ind.created == ind.modified
 
@@ -166,7 +166,7 @@ def test_created_modified_time_are_identical_by_default():
     ],
 )
 def test_parse_indicator(data):
-    idctr = stix2.parse(data, version="2.0")
+    idctr = misp_lib_stix2.parse(data, version="2.0")
 
     assert idctr.type == 'indicator'
     assert idctr.id == INDICATOR_ID
@@ -178,21 +178,21 @@ def test_parse_indicator(data):
 
 
 def test_invalid_indicator_pattern():
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(
             labels=['malicious-activity'],
             pattern="file:hashes.MD5 = 'd41d8cd98f00b204e9800998ecf8427e'",
         )
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.prop_name == 'pattern'
     assert 'input is missing square brackets' in excinfo.value.reason
 
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(
             labels=['malicious-activity'],
             pattern='[file:hashes.MD5 = "d41d8cd98f00b204e9800998ecf8427e"]',
         )
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert excinfo.value.prop_name == 'pattern'
     assert 'mismatched input' in excinfo.value.reason
 
@@ -202,8 +202,8 @@ def test_indicator_stix21_invalid_pattern():
     epoch = dt.datetime(1970, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
     patrn = "[EXISTS windows-registry-key:values]"
 
-    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
-        stix2.v20.Indicator(
+    with pytest.raises(misp_lib_stix2.exceptions.InvalidValueError) as excinfo:
+        misp_lib_stix2.v20.Indicator(
             type="indicator",
             id=INDICATOR_ID,
             created=now,
@@ -213,5 +213,5 @@ def test_indicator_stix21_invalid_pattern():
             labels=["malicious-activity"],
         )
 
-    assert excinfo.value.cls == stix2.v20.Indicator
+    assert excinfo.value.cls == misp_lib_stix2.v20.Indicator
     assert "FAIL: Error found at line 1:8. no viable alternative at input 'EXISTS" in str(excinfo.value)

misp_lib_stix2/test/v20/test_interoperability.py

@@ -2,7 +2,7 @@ import datetime
 
 import pytz
 
-import stix2
+import misp_lib_stix2
 
 FAKE_TIME = datetime.datetime(2017, 1, 1, 12, 34, 56, tzinfo=pytz.utc)
 
@@ -169,22 +169,22 @@ VULNERABILITY_KWARGS = dict(
 
 
 if __name__ == '__main__':
-    attack_pattern = stix2.v20.AttackPattern(**ATTACK_PATTERN_KWARGS, interoperability=True)
-    campaign = stix2.v20.Campaign(**CAMPAIGN_KWARGS, interoperability=True)
-    course_of_action = stix2.v20.CourseOfAction(**COURSE_OF_ACTION_KWARGS, interoperability=True)
-    identity = stix2.v20.Identity(**IDENTITY_KWARGS, interoperability=True)
-    indicator = stix2.v20.Indicator(**INDICATOR_KWARGS, interoperability=True)
-    intrusion_set = stix2.v20.IntrusionSet(**INTRUSION_SET_KWARGS, interoperability=True)
-    malware = stix2.v20.Malware(**MALWARE_KWARGS, interoperability=True)
-    marking_definition = stix2.v20.MarkingDefinition(**MARKING_DEFINITION_KWARGS, interoperability=True)
-    observed_data = stix2.v20.ObservedData(**OBSERVED_DATA_KWARGS, interoperability=True)
-    relationship = stix2.v20.Relationship(**RELATIONSHIP_KWARGS, interoperability=True)
-    sighting = stix2.v20.Sighting(**SIGHTING_KWARGS, interoperability=True)
-    threat_actor = stix2.v20.ThreatActor(**THREAT_ACTOR_KWARGS, interoperability=True)
-    tool = stix2.v20.Tool(**TOOL_KWARGS)
-    vulnerability = stix2.v20.Vulnerability(**VULNERABILITY_KWARGS, interoperability=True)
-    report = stix2.v20.Report(**REPORT_KWARGS, interoperability=True)
-    bundle = stix2.v20.Bundle(
+    attack_pattern = misp_lib_stix2.v20.AttackPattern(**ATTACK_PATTERN_KWARGS, interoperability=True)
+    campaign = misp_lib_stix2.v20.Campaign(**CAMPAIGN_KWARGS, interoperability=True)
+    course_of_action = misp_lib_stix2.v20.CourseOfAction(**COURSE_OF_ACTION_KWARGS, interoperability=True)
+    identity = misp_lib_stix2.v20.Identity(**IDENTITY_KWARGS, interoperability=True)
+    indicator = misp_lib_stix2.v20.Indicator(**INDICATOR_KWARGS, interoperability=True)
+    intrusion_set = misp_lib_stix2.v20.IntrusionSet(**INTRUSION_SET_KWARGS, interoperability=True)
+    malware = misp_lib_stix2.v20.Malware(**MALWARE_KWARGS, interoperability=True)
+    marking_definition = misp_lib_stix2.v20.MarkingDefinition(**MARKING_DEFINITION_KWARGS, interoperability=True)
+    observed_data = misp_lib_stix2.v20.ObservedData(**OBSERVED_DATA_KWARGS, interoperability=True)
+    relationship = misp_lib_stix2.v20.Relationship(**RELATIONSHIP_KWARGS, interoperability=True)
+    sighting = misp_lib_stix2.v20.Sighting(**SIGHTING_KWARGS, interoperability=True)
+    threat_actor = misp_lib_stix2.v20.ThreatActor(**THREAT_ACTOR_KWARGS, interoperability=True)
+    tool = misp_lib_stix2.v20.Tool(**TOOL_KWARGS)
+    vulnerability = misp_lib_stix2.v20.Vulnerability(**VULNERABILITY_KWARGS, interoperability=True)
+    report = misp_lib_stix2.v20.Report(**REPORT_KWARGS, interoperability=True)
+    bundle = misp_lib_stix2.v20.Bundle(
         **BUNDLE_KWARGS, interoperability=True,
         objects=[
             attack_pattern, campaign, course_of_action, identity, indicator,
@@ -192,5 +192,5 @@ if __name__ == '__main__':
             relationship, sighting, threat_actor, vulnerability, report,
         ]
     )
-    stix2.parse(dict(bundle), interoperability=True)
+    misp_lib_stix2.parse(dict(bundle), interoperability=True)
     print("All interoperability tests passed !")