MISP
/
cti-python-stix2
mirror of https://github.com/MISP/cti-python-stix2
2
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'master' of github.com:oasis-open/cti-python-stix2

pull/1/head
Christian Studer 2022-08-22 14:49:45 +02:00
parent 625576622f 20bef319a2
commit f6a53d1524
8 changed files with 63 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/python-ci-tests.yml vendored
View File

@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: [3.6, 3.7, 3.8, 3.9]
python-version: [3.7, 3.8, 3.9, '3.10']
name: Python ${{ matrix.python-version }} Build
steps:

15
README.rst
View File

@ -135,18 +135,15 @@ select additional or substitute Maintainers, per `consensus agreements
**Current Maintainers of this TC Open Repository**
- `Chris Lenk <mailto:clenk@mitre.org>`__; GitHub ID:
https://github.com/clenk/; WWW: `MITRE Corporation <http://www.mitre.org/>`__
- `Rich Piazza <mailto:rpiazza@mitre.org>`__; GitHub ID:
https://github.com/rpiazza/; WWW: `MITRE Corporation <https://www.mitre.org/>`__
- `Andy Chisholm <mailto:chisholm@mitre.org>`__; GitHub ID:
https://github.com/chisholm/; WWW: `MITRE Corporation <https://www.mitre.org/>`__
- `Jason Keirstead <mailto:Jason.Keirstead@ca.ibm.com>`__; GitHub ID:
https://github.com/JasonKeirstead; WWW: `IBM <http://www.ibm.com/>`__
- `Emily Ratliff <mailto:Emily.Ratliff@ibm.com>`__; GitHub ID:
https://github.com/ejratl; WWW: `IBM <http://www.ibm.com/>`__
- `Duncan Sparrell <mailto:duncan@sfractal.com>`__; GitHub ID:
https://github.com/sparrell; WWW: `sFractal <http://sfractal.com/>`__
About OASIS TC Open Repositories
--------------------------------

6
setup.py
View File

@ -31,8 +31,6 @@ setup(
url='https://oasis-open.github.io/cti-documentation/',
author='OASIS Cyber Threat Intelligence Technical Committee',
author_email='cti-users@lists.oasis-open.org',
maintainer='Chris Lenk',
maintainer_email='clenk@mitre.org',
license='BSD',
classifiers=[
'Development Status :: 4 - Beta',
@ -40,14 +38,14 @@ setup(
'Topic :: Security',
'License :: OSI Approved :: BSD License',
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.6',
'Programming Language :: Python :: 3.7',
'Programming Language :: Python :: 3.8',
'Programming Language :: Python :: 3.9',
'Programming Language :: Python :: 3.10',
],
keywords='stix stix2 json cti cyber threat intelligence',
packages=find_packages(exclude=['*.test', '*.test.*']),
python_requires='>=3.6',
python_requires='>=3.7',
install_requires=[
'pytz',
'requests',

29
stix2/test/test_spec_version_detect.py
View File

@ -77,6 +77,35 @@ from stix2.utils import detect_spec_version
},
"2.0",
),
(
{
"type": "bundle",
"id": "bundle--8379cb02-8131-47c8-8a7c-9a1f0e0986b1",
"spec_version": "2.1",
"objects": [
{
"type": "identity",
"spec_version": "2.1",
"id": "identity--d7f72e8d-657a-43ec-9324-b3ec67a97486",
"created": "1972-05-21T05:33:09.000Z",
"modified": "1973-05-28T02:10:54.000Z",
"name": "alice",
"identity_class": "individual",
},
{
"type": "marking-definition",
"spec_version": "2.1",
"id": "marking-definition--2a13090f-a493-4b70-85fe-fa021d91dcd2",
"created": "1998-03-27T19:44:53.000Z",
"definition_type": "statement",
"definition": {
"statement": "Copyright (c) ACME Corp.",
},
},
],
},
"2.0",
),
# STIX 2.1 examples
(
{

14
stix2/test/v20/test_utils.py
View File

@ -349,6 +349,10 @@ def test_is_not_sro_dict(dict_):
{"type": "identity"},
{"type": "software"},
{"type": "marking-definition"},
# Presence of spec_version property implies a STIX 2.0 bundle,
# regardless of the property's value. STIX 2.1 bundles don't have a
# "spec_version" property defined.
{"type": "bundle", "spec_version": "2.1"},
{
"type": "bundle",
"id": "bundle--8f431680-6278-4767-ba43-5edb682d7086",
@ -370,12 +374,20 @@ def test_is_object_dict(dict_):
{"type": "identity", "spec_version": "2.1"},
{"type": "software", "spec_version": "2.1"},
{"type": "marking-definition", "spec_version": "2.1"},
{"type": "bundle", "spec_version": "2.1"},
{"type": "language-content", "spec_version": "2.1"},
{"type": "relationship", "spec_version": "2.1"},
{"type": "sighting", "spec_version": "2.1"},
{"type": "foo", "spec_version": "2.1"},
{"type": "foo"},
{
"type": "bundle",
"id": "bundle--8f431680-6278-4767-ba43-5edb682d7086",
"objects": [
{"type": "identity"},
{"type": "software"},
{"type": "marking-definition"},
],
},
],
)
def test_is_not_object_dict(dict_):

2
stix2/test/v21/test_utils.py
View File

@ -382,7 +382,7 @@ def test_is_object_dict(dict_):
{"type": "identity"},
{"type": "software"},
{"type": "marking-definition"},
{"type": "bundle"},
{"type": "bundle", "spec_version": "2.1"},
{"type": "language-content"},
{"type": "relationship"},
{"type": "sighting"},

12
stix2/utils.py
View File

@ -327,9 +327,15 @@ def detect_spec_version(stix_dict):
obj_type = stix_dict["type"]
if 'spec_version' in stix_dict:
# For STIX 2.0, applies to bundles only.
# For STIX 2.1+, applies to SCOs, SDOs, SROs, and markings only.
v = stix_dict['spec_version']
# For STIX 2.0, applies to bundles only. Presence in a bundle implies
# STIX 2.0; the value applies to the content of the bundle, not the
# bundle itself, so we don't care here about the value.
#
# For STIX 2.1+, applies to non-bundles only.
if obj_type == "bundle":
v = "2.0"
else:
v = stix_dict['spec_version']
elif "id" not in stix_dict:
# Only 2.0 SCOs don't have ID properties
v = "2.0"

4
tox.ini
View File

@ -1,5 +1,5 @@
[tox]
envlist = py36,py37,py38,py39,packaging,pre-commit-check
envlist = py37,py38,py39,py310,packaging,pre-commit-check
[testenv]
deps =
@ -32,7 +32,7 @@ commands =
[gh-actions]
python =
3.6: py36
3.7: py37
3.8: py38
3.9: py39, packaging, pre-commit-check
3.10: py310