bac87465cb
Merge pull request #35 from oasis-open/pattern_expressions
...
Pattern expressions
2017-07-19 14:17:57 +00:00
a2aacc5e20
merge all classes into patterns.py
2017-07-19 14:03:43 +00:00
595ba10695
Merge pull request #34 from oasis-open/object-factory
...
Object factory
2017-07-19 13:54:24 +00:00
6fa009e509
added object_paths
...
added more tests for pattern expressions
added "set" comparison expressions
implemented make_constant
fixed type name for EmailAddress
2017-07-18 20:30:02 +00:00
c1b07ef505
Introduce constant objects for literals in pattern expressions
...
fixed idioms
2017-07-18 20:26:46 +00:00
c8bcece6f6
added tests for expressions
...
fix __str__ methods
2017-07-18 20:26:46 +00:00
c0467da5f9
added classes for Pattern Expressions
2017-07-18 20:26:44 +00:00
e1330692c8
Move ObservableProperty, ExtensionsProperty, and Observable parsing code
...
into observables.py to prevent circular imports and fix #23 .
2017-07-14 15:10:12 -04:00
0c47936ee0
Create ObjectFactory class
...
currently only supports created_by_ref
2017-07-12 11:36:15 -04:00
6f680be8a6
Add stix2.__version__
2017-07-06 09:41:50 -04:00
1d3c59cc44
Move TLP constants up to stix2 namespace
2017-07-05 13:27:09 -04:00
fdbb6ff337
Add custom Cyber Observables
2017-06-14 09:36:35 -04:00
bcfb13f23c
Add custom STIX Object types
2017-06-12 16:22:16 -04:00
8f1ae4e6d3
Add custom properties via 'allow_custom'
...
Custom properties can be specified by passing them to a STIX object
constructor in the 'custom_properties' argument, or with the
'allow_custom' argument set to True, which will add any unrecognized
keyword arguments as properties on the object. The 'allow_custom'
argument can also be used with the parse() and parse_observable()
functions.
An error is now raised when attempting to parse objects without a 'type'
property, such as external references, kill chain phases, and granular
markings. The object which contains them is what should be parsed, not
these objects themselves.
2017-06-12 13:04:20 -04:00
9761c37f20
Replace 'field' with 'property' to be consistent
...
with the specification
2017-05-16 12:27:30 -04:00
6456e490cc
added rest of cyber observables extensions and embedded objects
...
set up EXT_MAPs
added FloatProperty
implemented ExtensionsProperty
2017-05-15 13:48:41 -04:00
0568a0e671
Add ExtensionsProperty and ArchiveExt
2017-05-12 11:22:23 -04:00
13245d28ce
Add EnumProperty, use it in WindowsRegistryValueType
2017-05-10 11:52:59 -04:00
bdd18be6c3
Switch to isort for checking import order
...
because it has a pre-commit hook
2017-05-09 15:10:53 -04:00
f4c813d84b
Merge branch 'parse-cyber-observables'
2017-05-09 12:39:17 -04:00
555c81d30f
Add EmailMessage and EmbeddedObjectProperty (for embedded object types
...
like EmailMIMEComponent)
2017-05-09 11:03:19 -04:00
125f57e297
added basic cyber observables
...
added some test cases
in Observable constructor permit no _valid_refs in kwargs
in Observable._check_property ensure that the prop_name is in the kwargs
2017-05-08 21:03:15 -04:00
04e3a72a7d
Add EmailAddress and ObjectReferenceProperty
2017-05-05 12:32:02 -04:00
1a75d830bb
Add Autonomous System
2017-05-03 18:19:30 -04:00
2c67b90638
Add Artifact type
2017-05-03 17:35:33 -04:00
fe4c4d78fc
Fix typos, add to Property class documentation, small performance
...
boosts, and let strings and booleans in a ListProperty be handled by
__call__().
2017-04-24 17:34:16 -04:00
76acd8c0c2
Merge branch 'master' into parsing
2017-04-19 15:22:36 -04:00
d06df8b9da
Fix parsing errors
...
- Typos in Attack Pattern tests
- Put MarkingDefinition, ExternalReference, and KillChainPhase together
in a file for objects that aren't SDOs or SROs
- Create utility function to return dictionary from string or
file-like object
- Put off testing parsing Cyber Observable Objects until a later commit
2017-04-19 14:32:56 -04:00
fabfbe20ec
Parse all SDOs and SROs
2017-04-19 09:22:08 -04:00
2aa1f5cedd
Add exception for invalid Property values.
2017-04-18 14:19:16 -05:00
bc8bdccece
Merge branch 'master' into parsing
2017-04-11 15:05:22 -04:00
168105603b
Parse dictionaries as well as strings and file-like objects
2017-04-10 10:42:07 -04:00
3c17c9259c
Add Sighting object and data markings
...
- Update ReferenceProperty to allow specifying a particular object type
- Update ListProperty and add SelectorProperty
- Add description to Relationship
2017-04-07 16:07:17 -05:00
5e4ca9e882
Add parsing of Malware objects
2017-04-05 17:12:44 -04:00
a0600b5ba4
Fix or ignore Flake8 warnings.
2017-03-22 08:05:59 -05:00
7ef6e20e9a
Add tests for kill chain phases.
2017-02-24 12:53:57 -06:00
805c15c397
Add tests for all SDOs
2017-02-24 11:56:55 -06:00
96e880b49b
Refactor library into separate files.
2017-02-10 15:35:02 -06:00
1a46a4b073
Add external references.
2017-02-02 10:58:46 -06:00
5d7ed643bd
Check for required args first, and check for them all at once.
...
This is necessary for versions of Python <3.6, where dictionaries are
unordered by default, meaning we can't ensure the order in which fields
are checked.
2017-02-02 10:17:13 -06:00
1ba064734b
Special handling for timestamp fields.
...
If a type has more than one timestamp field that should be automatically generated,
we want them to all be same, not vary by milliseconds.
2017-02-02 09:50:35 -06:00
675a29dbfb
Add support for required fields with no default values.
2017-02-02 08:53:46 -06:00
67c3311672
Handle ID fields in a generic way.
2017-02-02 08:33:36 -06:00
724774900d
Generic form of JSON serialization
2017-02-01 16:04:20 -06:00
2a1709a7de
Allow passing objects to Bundle as args
2017-02-01 14:57:07 -06:00
58fccd7f7d
Further refactoring bundle.
2017-02-01 14:52:18 -06:00
ce31356839
start of automated property checking.
2017-02-01 14:35:41 -06:00
b4eb6c1fd1
Refactor common ID check.
2017-02-01 13:44:57 -06:00
b5ab54b6a9
WIP: convert bundle to using kwargs.
2017-02-01 13:34:44 -06:00
8843e9b190
WIP: refactor common fields.
2017-02-01 13:27:24 -06:00
Greg Back