Commit Graph

1369 Commits (7eba8fdb1af784861296479d91c257c4dc841aa4)

Author SHA1 Message Date
Chris Lenk 3ef63d5e17 Update Workbench for 2.1 2020-06-26 16:43:19 -04:00
Chris Lenk d62f5ee141 Remove 'encoding' param from json.loads
It's ignored since Python 3.1 and we've dropped 2.7.
2020-06-26 16:43:19 -04:00
Chris Lenk e80d3bad2c Fix 2.0 HashesProperties 2020-06-26 16:43:19 -04:00
Chris Lenk f78b396648 Fix parsing tests 2020-06-26 16:43:19 -04:00
Chris Lenk b42b1cafa7 Move a couple tests for organization 2020-06-26 16:43:19 -04:00
Chris Lenk b2ee33208f Set STIX 2.1 as default, fix indicator.valid_from 2020-06-26 16:43:19 -04:00
Michael Chisholm bf5176f370 Add some new unit tests corresponding to ListProperty revamp. 2020-06-17 16:31:03 -04:00
Michael Chisholm bc51cd47bd Revamp ListProperty so its logic makes more sense. 2020-06-17 16:11:30 -04:00
Chris Lenk 9d05c9d3e2
Merge pull request #401 from chisholm/fix_versionable_detection
Fix versionability detection
2020-06-10 10:22:59 -04:00
Michael Chisholm 00b78e7a47 Stylistic pre-commit junk 2020-06-08 17:51:13 -04:00
Michael Chisholm 99bf4215a3 Change all uses of ObjectReferenceProperty in 2.1 SCO classes
to ReferenceProperty.  Add a unit test to ensure that when a
stix2 object is passed as a value of a ReferenceProperty, that
the ID is properly pulled out and used as the actual property
value, and that it doesn't affect the deterministic ID
calculation.
2020-06-08 17:24:33 -04:00
Chris Lenk 8bde22fa1f
Merge pull request #407 from emmanvg/flexibility-selector-syntax
Update SELECTOR_REGEX for GranularMarkings
2020-06-08 13:54:39 -04:00
Emmanuelle Vargas-Gonzalez aa18575c83 add `id` as special-case option in regex. closes #406 2020-06-08 09:27:12 -04:00
Michael Chisholm c13cb182db versioning related updates:
- remove var 'properties_to_change' since it's unnecessary
- delete most of remove_custom_stix() since it was unnecessary,
  greatly simplify it
2020-06-05 14:24:16 -04:00
Michael Chisholm 9c5f950d5b Add a new_version() restriction preventing SCO ID contributing
properties from being changed, if a UUIDv5 is in use.  Changing
one of those properties would imply an ID change, which is not
allowed across versions.  Also:

- add a trailing comma
- change unchangable_properties to a set instead of a list,
  in case there are dupe props between STIX_UNMOD_PROPERTIES and
  sco_locked_props
2020-06-05 14:24:16 -04:00
Michael Chisholm eaa7f17ee4 Fix versionability detection: _properties is an OrderedDict not
a list of tuples! (despite what it looks like if you glance at it
quickly.)
2020-06-05 14:24:16 -04:00
Michael Chisholm 15e75cb4de Python 2 compatibility fix in versionability detection. In
python2, Mapping.keys() returns a list instead of a set!
2020-06-05 14:24:16 -04:00
Michael Chisholm a05dbc42d5 Improve the docstring for new_version(). Especially with the
three-value logic for allow_custom, it needed some much better
documentation.
2020-06-05 14:24:16 -04:00
Michael Chisholm d4cecd6f51 In remove_custom_stix(), when creating the new version,
use allow_custom=False to force custom properties to be
disallowed.  This is extra insurance against a custom prop
accidentally getting through.
2020-06-05 14:24:16 -04:00
Michael Chisholm 78d3b2c4c5 Add stix2.utils import to v20/test_versioning.py since the module
was used but not imported there.  Also import sorting from the
pre-commit hook.
2020-06-05 14:24:16 -04:00
Michael Chisholm 5522050899 Improve versionability detection when creating new versions
of objects.  Move versioning-related stuff out of stix2.utils
to its own module.  Some misc versioning-related fixes.
2020-06-05 14:24:16 -04:00
Michael Chisholm 5a5484d464 Move/merge some deterministic ID tests from the observed-data SDO
test suite to the test suite specific to testing deterministic
IDs.  This keeps the tests for that specific system in one place.
2020-06-05 14:14:44 -04:00
Michael Chisholm f17f782134 Bugfixes to the json un-escaping function. Added some unit tests
for that.
2020-06-05 14:14:44 -04:00
Michael Chisholm 2179028c91 Fix deterministic ID behavior when an empty "hashes" property is
given.  Now, an exception is raised.  Added a unit test for this.
2020-06-05 14:14:44 -04:00
Michael Chisholm c94feae623 Add a deterministic ID unit test with an embedded object 2020-06-05 14:14:43 -04:00
Michael Chisholm fa981affa9 stupid python 3.8 pre-commit still not adding the right trailing
commas....
2020-06-05 14:14:43 -04:00
Michael Chisholm 9dcffd9fad Add some unit tests for deterministic IDs. 2020-06-05 14:14:43 -04:00
Michael Chisholm 1f5e8defd3 Argh, I fixed an RFC URL but forgot to fix the comment which
described it and gave the RFC number...
2020-06-05 14:14:43 -04:00
Michael Chisholm 22c0d5806c Trailing comma for the pre-commit hook 2020-06-05 14:14:43 -04:00
Michael Chisholm e22c37a16b Update a RFC URL to the latest version. I'd accidentally used
one which had been obsoleted by a newer one.
2020-06-05 14:14:43 -04:00
Michael Chisholm 6c2c4781e7 Revamp deterministic ID generation code to fix bugs. 2020-06-05 14:14:43 -04:00
Chris Lenk 41525f9be0
Merge pull request #400 from oasis-open/issue-398
fixed start/stop qualifier constant issue
Fixes #398.
2020-06-05 10:57:59 -04:00
Rich Piazza 53dfe40c30 only test start/stop timestamps if they are strings (2.0) 2020-06-05 09:25:06 -04:00
Rich Piazza 04af273d71 flaky 2020-06-05 09:17:42 -04:00
Michael Chisholm 7def04fd6f Add __all__'s to v20 and v21/__init__.py to ensure that
star-imports from those modules get the right symbols.  "base"
was a problem because it was getting imported via
stix2/__init__.py and overwriting stix2.base, making the actual
stix2/base.py module inaccessible.
2020-06-03 17:39:09 -04:00
Rich Piazza 977107e713 2.0 Start/Stop Quailifer uses StringConstants 2020-06-01 22:34:40 -04:00
Rich Piazza cfe0648c98 fixed start/stop qualifier constant issue 2020-05-26 15:12:02 -04:00
Michael Chisholm 7955a41997 Drop python-dateutil as a dependency and switch to the builtin
datetime module for parsing timestamps.  Dateutil proved too
slow.
2020-05-20 15:06:53 -04:00
Emmanuelle Vargas-Gonzalez b4dbc419f6 Merge branch 'master' of github.com:oasis-open/cti-python-stix2 into 391-ssdeep-hash-case 2020-05-14 12:51:02 -04:00
Emmanuelle Vargas-Gonzalez 68f7ca6377 resolve problem with SSDEEP vocab use for 2.1, closes #391 2020-05-13 18:17:17 -04:00
Desai, Kartikey H 998b4c0725 Change streamlined_obj_vals list to streamlined_object dict 2020-05-13 12:45:16 -05:00
Desai, Kartikey H 9ce299b660 Fixes #389 2020-05-13 11:40:37 -05:00
Desai, Kartikey H 65d4060e6a Fixes #389 2020-05-13 11:23:26 -05:00
Desai, Kartikey H 0b1297b14a Fixes #389 2020-05-13 11:22:51 -05:00
Desai, Kartikey H de3fa99a12 Add property names to canonicalization for deterministic id gen 2020-05-13 11:20:16 -05:00
Chris Lenk 31cb2f85be Bump version: 1.3.1 → 1.4.0 2020-04-03 17:44:52 -04:00
Chris Lenk df92770d25
Merge pull request #384 from oasis-open/365-versioned-classes
Validate custom type/property name formats
2020-04-03 17:30:24 -04:00
Emmanuelle Vargas-Gonzalez 2b0d63c4b1 update test_datastore_taxii.py conftest.py for latest changes in medallion. add extra data used by filter 2020-04-03 17:19:36 -04:00
Chris Lenk c7fb79d195 Fix some TAXII DataStore tests 2020-04-03 15:58:56 -04:00
Chris Lenk 9145bdf5e8
Merge pull request #374 from chisholm/version_precision
Support STIX 2.1 version precision
2020-04-03 15:52:42 -04:00
Chris Lenk 0d770972cf
Merge pull request #382 from oasis-open/more-pattern-tests
More pattern tests
2020-04-03 11:24:43 -04:00
Chris Lenk e730d45d44 Use DEFAULT_VERSION in create_pattern_object() 2020-04-03 10:45:36 -04:00
Chris Lenk 14540c0ea1 Clean up _register_* functions
Made them consistent with _register_observable_extension, by:
- moving validation logic there from _custom_*_builder functions
- using a new function for ensuring properties are dict-like
- using the library default spec version instead of None

Fix #371, fix #372, fix #373.
2020-04-02 14:15:45 -04:00
Chris Lenk bbf0f81d5f
Merge pull request #376 from khdesai/fix_issue_363
Fix existing tests and add new tests. Fixes #363
2020-04-02 13:42:02 -04:00
Chris Lenk d33adbcc71 Rename test files to align with module renaming 2020-04-02 08:22:49 -04:00
Chris Lenk 13cddf9d6d Move TypeProperty format checks to __init__
TypeProperty uses a fixed value, so check() was never called. This way
also runs the check at object registration time because the wrapper
creates an instance of TypeProperty and doesn't have to wait for the
object to be instantiated so clean() can be called.
Also fix some tests.
2020-04-02 08:17:34 -04:00
Chris Lenk 03cb225932 Merge branch 'master' into 365-versioned-classes 2020-04-02 06:02:20 -04:00
Chris Lenk 897e884217 Fix some testing 2020-04-02 04:46:11 -04:00
Chris Lenk c494a2e477 Use TypeProperty.clean() to verify type format 2020-04-01 21:52:04 -04:00
Desai, Kartikey H c911cff97f Add duplicate checking to markings and observable extensions, and fix some tests and add some tests. Fixes #363 2020-03-27 14:58:18 -04:00
Rich Piazza 1a2b1367cf flaky 2 2020-03-27 14:06:24 -04:00
Rich Piazza 9933f88975 few more pattern op tests 2020-03-27 13:59:03 -04:00
Rich Piazza e3ebb6393d flaky 2020-03-27 12:33:24 -04:00
Rich Piazza 202111acdf more pattern tests 2020-03-27 11:22:00 -04:00
Rich Piazza 46219bf072 add 2.1 links 2020-03-27 09:36:10 -04:00
Chris Lenk b4700e6d00 Fix import errors
And pin medallion version for testing.
2020-03-27 06:33:29 -04:00
Chris Lenk 50df6f1474 Rename core.py -> parsing.py 2020-03-27 05:53:39 -04:00
Chris Lenk 01ba190525 Reorganize bases, use isinstance to check version
Renamed STIXDomainObject -> _DomainObject.
Renamed STIXRelationshipObject -> _RelationshipObject.
2020-03-27 02:40:42 -04:00
Desai, Kartikey H a7e9a7dde5 Merge branch 'master' of https://github.com/oasis-open/cti-python-stix2 into fix_issue_363 2020-03-26 23:27:51 -04:00
maxbachmann d11b812a0e
round result 2020-03-26 20:28:09 +01:00
maxbachmann 9388a9820f
use rapidfuzz instead of fuzzywuzzy 2020-03-23 02:16:36 +01:00
Chris Lenk e8035863b8
Make swid an id-contributing property 2020-03-21 23:56:09 -04:00
Chris Lenk e31634c32b Rework spec version detection for _STIXBase objs 2020-03-21 22:22:36 -04:00
Desai, Kartikey H 1a1ad90388 Fixes #363 2020-03-20 17:37:15 -04:00
Desai, Kartikey H b06bc1afc1 Fix import issues 2020-03-20 17:32:18 -04:00
Desai, Kartikey H f37b84a564 Pull in updates from master 2020-03-20 16:52:21 -04:00
Desai, Kartikey H 1260c7b45e Fix existing tests and add new tests. Fixes #363 2020-03-20 16:49:20 -04:00
Rich Piazza 2dea4caf00 fix re so they begin with ^ 2020-03-20 14:24:16 -04:00
Rich Piazza d8a9fc2306 flaky 2020-03-20 13:15:42 -04:00
Rich Piazza 9e5e998c3d don't allow leading '_' on custom properties, whenever allow_custom is true 2020-03-20 12:49:20 -04:00
Rich Piazza 2c4e47de56 remove leading - from type name re 2020-03-20 11:56:09 -04:00
Rich Piazza 6e4151aeeb flaky 2020-03-19 16:49:46 -04:00
Rich Piazza fe919049b8 fix marking test 2020-03-19 16:43:37 -04:00
Rich Piazza f60e4170fd finish 365 2020-03-19 16:11:52 -04:00
Rich Piazza 844ec2c3bf more on issue 365 2020-03-19 14:16:48 -04:00
Rich Piazza 9699c78ad8 issue-365 2020-03-19 10:40:35 -04:00
Michael Chisholm 1741cc9f6b Fix import sort order for the import sorter precommit hook 2020-03-17 20:26:21 -04:00
Michael Chisholm 6f43814918 Add xfail mark to a unit test which trips a Python 3.6 bug.
https://bugs.python.org/issue32404
2020-03-17 20:21:09 -04:00
Michael Chisholm f99665f2ba One more comma, because python 3.8's add-trailing-comma
pre-commit hook doesn't add all the commas Travis's hook
script expects...
2020-03-17 19:45:39 -04:00
Michael Chisholm cf9aef59c2 More flake8 style fixes 2020-03-17 18:28:38 -04:00
Michael Chisholm a9ac7ce838 pre-commit hook changes, e.g. trailing commas, import sorting,
flake8 style.
2020-03-17 18:26:57 -04:00
Michael Chisholm 4aa69fa7c9 Add support for enforcing STIX 2.1 minimum precision requirement
on versioning timestamps.
2020-03-16 20:25:38 -04:00
Chris Lenk 6842abb371
Merge pull request #370 from chisholm/observable_extension_names_ext
New STIX 2.1 SCO extension name requirement: must end with "-ext"
2020-03-12 17:26:26 -04:00
Michael Chisholm 15316e7933 Added "x-" to SCO extension names in unit tests, to illustrate
best practice and follow a spec "should" rule.
2020-03-12 16:20:32 -04:00
Chris Lenk 3dda25e976
Merge pull request #362 from chisholm/file_id_contrib_props
Add parent_directory_ref as an ID contributing property for file SCOs
2020-03-12 09:36:16 -04:00
Chris Lenk 5abc139e79 Merge branch 'khdesai-fix_issue_338'; Close #347 2020-03-12 09:30:52 -04:00
Chris Lenk 3dd9351d38 Bring back lang, confidence for Course of Action 2020-03-12 09:24:43 -04:00
Desai, Kartikey H 82517ae284 Fixes #338 2020-03-12 09:24:43 -04:00
Desai, Kartikey H 8885a757cb Fix properties spec version back to 2.1, and re-adjust tests. Fixes #338 2020-03-12 09:24:43 -04:00
Desai, Kartikey H 36f7035785 Fixes #338 2020-03-12 09:24:43 -04:00
Chris Lenk e782d095ea
Merge pull request #369 from chisholm/malware_os_refs
Change software SCO: os_execution_envs -> operating_system_refs
2020-03-11 23:47:14 -04:00
Chris Lenk 94e3cd7ca6
Merge pull request #360 from chisholm/enforce_hash_keys
Enforce hash keys on 2.1 external-references
2020-03-11 23:13:55 -04:00
Chris Lenk 87c5ef30ad
Merge pull request #358 from chisholm/software_cpe_swid
Add swid property to the software SCO
2020-03-11 23:03:18 -04:00
Michael Chisholm 2472af387b Change a SWID tagId in a unit test from a UUID to something
more plausible.
2020-03-11 15:21:34 -04:00
Chris Lenk 33fb31421b
Merge pull request #357 from chisholm/malware_analysis_result
Update malware-analysis SDO's av_result property
2020-03-11 09:16:34 -04:00
Chris Lenk bdf7cab8fe
Merge pull request #356 from chisholm/malware_analysis_sample_ref
Add the "sample_ref" property to malware-analysis SDOs
2020-03-11 09:12:02 -04:00
Chris Lenk 2429533e4f
Merge pull request #355 from chisholm/optional_type_properties
Changed several *_types properties to be optional due to STIX spec change
2020-03-11 09:08:42 -04:00
Michael Chisholm 371bf0b9a4 Add trailing commas for git commit hook... 2020-03-10 21:21:53 -04:00
Michael Chisholm d708537b85 Add enforcement of a new STIX 2.1 SCO extension name requirement:
that it must end with "-ext".
2020-03-10 20:24:53 -04:00
Michael Chisholm 792cc570d7 Change the os_execution_envs property of software SCOs to
operating_system_refs, and add a test for it.
2020-03-06 19:43:47 -05:00
Chris Lenk 380926cff5 Bump version: 1.3.0 → 1.3.1 2020-03-06 09:50:09 -05:00
Michael Chisholm e32b074bc9 Fix stylistic issues for pre-commit hooks. 2020-03-05 17:39:35 -05:00
Michael Chisholm 22f2b241a7 Add a missing required property to fix up an external-reference
test.
2020-03-05 17:38:03 -05:00
Michael Chisholm a862b930be Add parent_directory_ref as an ID contributing property for the
file SCO.
2020-03-05 17:18:32 -05:00
Chris Lenk 3803e4bdd7
Merge pull request #343 from chisholm/sco_tlo_filesystemstore
Fix the filesystem store to support the new top-level 2.1 SCOs.
2020-03-05 17:08:20 -05:00
Chris Lenk cdde664434
Merge branch 'master' into fix_indicator_test 2020-03-05 10:51:03 -05:00
Michael Chisholm a5dc514403 Fix external-references to force hash keys to come from
hash-algorithm-ov.
2020-03-04 20:55:52 -05:00
Desai, Kartikey H a5cd0fdc50 Change location of None-check for id_contrib_props. Fixes #351 2020-03-04 14:46:55 -05:00
Desai, Kartikey H fc95b400ff Change default parameters from empty lists to None. Fixes #351 2020-03-04 14:29:35 -05:00
Desai, Kartikey H 8810983ca0 Merge branch 'master' of https://github.com/oasis-open/cti-python-stix2 into fix_issue_351 2020-03-04 14:16:54 -05:00
Chris Lenk 30a59ad776
Merge pull request #344 from chisholm/fix_ast_builder
Fix the pattern AST creation function
2020-03-04 13:49:16 -05:00
Chris Lenk 4f00c7ca4f Fix patterning test 2020-03-04 13:33:54 -05:00
Michael Chisholm 4e2b018272 Add a property to the software SCO, due to STIX spec change. 2020-03-02 16:57:18 -05:00
Michael Chisholm d2bff4d411 Update malware-analysis SDO's av_result property: replace it with
result and result_name properties.  Per:
https://github.com/oasis-tcs/cti-stix2/issues/213
2020-02-27 17:26:04 -05:00
Michael Chisholm 50eb188190 Add the "sample_ref" property to malware-analysis SDOs, per:
https://github.com/oasis-tcs/cti-stix2/issues/210
2020-02-27 16:40:56 -05:00
Desai, Kartikey H 055ad97a7a Add tests for _id_contributing_properties for custom observables 2020-02-27 15:15:37 -05:00
Michael Chisholm 93a8caa09d Remove unused import 2020-02-25 20:19:30 -05:00
Michael Chisholm 31c37a9b12 Changed several *_types properties which were formerly required,
to be optional, due to a STIX spec change.  Updated unit tests
accordingly.
2020-02-25 20:07:47 -05:00
Desai, Kartikey H 41e541959d Add _id_contributing_properties functionality to custom SCOs. Tests coming soon. Fixes #351 2020-02-24 21:11:42 -05:00
Michael Chisholm 274abc52e9 An exception message changed as a result of a pattern-validator
update.  This broke a unit test which was testing the message.
I updated the test.
2020-02-24 20:02:26 -05:00
Desai, Kartikey H a0a8b7d0e1 Fixes #334 2020-02-21 15:40:38 -05:00
Desai, Kartikey H 796a4e20fa Correct bug in recursive dict loop. Fixes #334 2020-02-21 15:26:19 -05:00
Michael Chisholm 1959cc6097 Removed a bunch of no-longer-used imports from pattern_visitor.py 2020-02-19 16:45:15 -05:00
Michael Chisholm 76a6eb5873 Greatly simplify the create_pattern_object() function to take
advantage of the pattern validator library's Pattern.visit()
method.
2020-02-19 16:39:15 -05:00
Desai, Kartikey H 1084c75d33 Fixes #334 2020-02-19 16:29:13 -05:00
Michael Chisholm 14daa1edae Add a test case to test parse exceptions from
create_pattern_object().
2020-02-19 15:39:23 -05:00
Desai, Kartikey H 8219b34ea4 Fix formatting issues. Fixes #336 2020-02-19 09:24:27 -05:00
Desai, Kartikey H 86f9e51a42 Fixes #336 2020-02-19 09:11:30 -05:00
Michael Chisholm cfb7c4c73b Fix stix2.pattern_visitor.create_pattern_object() so its
documentation at least isn't wrong, and it behaves better.
2020-02-17 19:26:21 -05:00
Michael Chisholm 4c67142b92 Fix the filesystem store to support the new top-level 2.1 SCOs. 2020-02-15 19:02:53 -05:00
Michael Chisholm be5274878d Add trailing commas for pre-commit hook... 2020-02-13 17:37:59 -05:00
Michael Chisholm 98a654884d Fix the memory store to support the new top-level 2.1 SCOs. 2020-02-13 17:11:58 -05:00
Michael Chisholm f86b6e8a66 More add-trailing-comma junk, which is not done by the python 3.8
pre-commit add-trailing-comma library.  Hopefully this satisfies
the travis tests for other versions of python!
2020-02-07 19:15:59 -05:00
Michael Chisholm bf83ca62b3 Add trailing commas for the pre-commit hook...... 2020-02-07 18:58:45 -05:00
Michael Chisholm 19707677c9 Fix STIX version detection from dicts. In particular, 2.1 SCOs
without the spec_version property ought to be correctly detected
as 2.1 now.
2020-02-07 18:17:12 -05:00
Chris Lenk c96b74294a
Merge pull request #331 from chisholm/remove_values_workaround
Remove workaround for "values" being both a Mapping method name and STIX property name
2020-02-04 10:39:42 -05:00
Michael Chisholm 176cb980a2 Remove workaround for "values" being both a Mapping method name
and sometimes a STIX property name.  It didn't work (caused
crashes under some circumstances).  Now, attributes whose names
conflict with Mapping methods will have the Mapping
interpretation.  Same-named STIX object properties will not be
accessible as attributes.
2020-01-28 18:13:36 -05:00
Desai, Kartikey H 5b07887edc Fixes #303 2020-01-28 15:41:38 -05:00
Emmanuelle Vargas-Gonzalez 88426de424 update test suite to include new property present in TLP Markings 2020-01-28 13:20:58 -05:00
Emmanuelle Vargas-Gonzalez 6f4e819c73 update check_tlp_marking() to contain new representation for TLP markings 2020-01-28 13:20:20 -05:00
Emmanuelle Vargas-Gonzalez 9463884170 add optional "name" StringProperty to MarkingDefinition
update TLP_* v21 constants according to spec
2020-01-28 13:19:23 -05:00
Emmanuelle Vargas-Gonzalez c467f198c8 add encoding to MemorySource load_from_file() 2020-01-15 14:15:08 -05:00
Emmanuelle Vargas-Gonzalez 25cfb25ef3 add encoding and propagate accordingly for calls 2020-01-15 14:12:58 -05:00
Chris Lenk 92f413a2e0 Bump version: 1.2.1 → 1.3.0 2020-01-04 19:40:01 -05:00
Chris Lenk 3092d88154 Fix trailing comma 2020-01-04 18:02:01 -05:00
Chris Lenk e3c2a3a57b Fix error: dict keys changing during iteration 2020-01-04 14:48:49 -05:00
Chris Lenk 6c0fba0e67 Add Python3.8 support, fix import
Uses try/catch to still support 2.7 too
2020-01-04 13:50:06 -05:00
Desai, Kartikey H d50792b4d2 Fix tests. Fixes #307 2020-01-04 10:24:17 -05:00
Desai, Kartikey H 7a47f348a0 Introduce and relocate version-based pattern checking. Fixes #307 2020-01-04 10:24:17 -05:00
Desai, Kartikey H 4350680e79 Introduce and relocate version-based pattern checking. Fixes #307 2020-01-04 10:24:17 -05:00
Desai, Kartikey H a18612bdfb Fixes #307 2020-01-04 10:24:17 -05:00
Desai, Kartikey H e260dbb716 Fixes #309 2019-12-23 17:30:34 -05:00
Desai, Kartikey H 32d2a0a4fd Fixes #309 2019-12-23 17:30:34 -05:00
Chris Lenk 74eeabab77 Merge branch 'khdesai-change_logging'
Close #304.
2019-12-23 17:20:32 -05:00
Chris Lenk 62cd4fd33c Change string semantic comparison algorithm
Use `fuzzywuzzy`'s Token Sort Ratio instead of Jaro-Winkler.
2019-12-23 17:00:52 -05:00
Chris Lenk 457564f2f9 Update SemEq test, use dict for property weights 2019-12-20 17:01:21 -05:00
Chris Lenk cde57ce8f7
Merge pull request #315 from khdesai/fix_issue_308
Fix issue 308
2019-12-17 12:13:25 -05:00
Desai, Kartikey H 6df7da65b8 Fixes #308 2019-12-17 11:57:55 -05:00
Desai, Kartikey H 8719a7206f Fixes #308 2019-12-16 16:32:55 -05:00
Chris Lenk 77eda29471 Add default weight_dict to documentation
for semantic equivalence
2019-12-11 13:13:36 -05:00
Desai, Kartikey H f6e75cd8f8 Add debug logging messages and add documentation to equivalence.ipynb 2019-12-06 10:46:27 -05:00
Desai, Kartikey H c09bd071d0 Make requested changes, except documentation, which is coming soon 2019-12-06 10:46:27 -05:00
Desai, Kartikey H 2b180c40b5 Remove unnecessary functions 2019-12-06 10:46:27 -05:00
Desai, Kartikey H f5d199bedf Generalize checking functionality within environment.py and add prop_scores dict so all scoring info is one python object 2019-12-06 10:46:27 -05:00
Desai, Kartikey H a350ad01ac Fixes #310 2019-12-06 09:54:00 -05:00
Chris Lenk e9795a945b Fix long line 2019-12-06 09:40:27 -05:00
Desai, Kartikey H 54ecba736d Add docstring for enumerate_types() 2019-12-06 09:35:36 -05:00
Desai, Kartikey H f09cf4867d Remove unnecessary comments 2019-12-06 09:35:36 -05:00
Desai, Kartikey H 3a46d42aaa parse() handles observables in 2.1. Change mechanism for (in)valid_types in ReferenceProperty. Fix _custom_observable_builder to include ReferenceProperty instead of ObjectReferenceProperty, and added ID property to custom observables 2019-12-06 09:35:36 -05:00
Desai, Kartikey H aee296ea46 Fixes #296 2019-12-06 09:35:36 -05:00
Zach Rush 9a56344d92 Forgot to add TLSH to a different regex 2019-11-25 16:14:23 -05:00
Zach Rush 806c6c52d9 Added tests for other changes, and moved attribute defaults to an init function 2019-11-25 15:52:50 -05:00
Zach Rush 46f1778d04 Fixed all issues brought up in issue #305 by Chris Lenk 2019-11-22 13:24:09 -05:00
Chris Lenk d4c0115735 Bump version: 1.2.0 → 1.2.1 2019-10-16 17:24:16 -04:00
Chris Lenk 1d671bd144 Merge branch 'master' into stix2.1 2019-10-16 17:02:21 -04:00
Emmanuelle Vargas-Gonzalez 13fda69079 add test for object not present in configuration 2019-10-15 13:25:11 -04:00
Emmanuelle Vargas-Gonzalez 024e023967 update semantic equivalence approach to:
- add more detailed output via the logging module
- don't fail hard if an object sent to the semantically_equivalent() method
- remove specific exception related to Semantic Equivalence and tests
2019-10-15 12:54:41 -04:00
Michael Chisholm edf465bd80 Add a unit test for deterministic ID, with unicode 2019-10-11 18:15:47 -04:00
Michael Chisholm 216b43d49e Fix determinstic UUID handling when there are high-codepoint
unicode characters.  Make compatible with both python 2 and 3.
2019-10-11 17:12:44 -04:00
Chris Lenk c6936ae7a2 Bump version: 1.1.3 → 1.2.0 2019-09-25 16:04:07 -04:00
Emmanuelle Vargas-Gonzalez de478df687 update test after merge, formatting 2019-09-23 23:27:43 -04:00
Emmanuelle Vargas-Gonzalez 88b883c91d
Merge branch 'master' into semantic-equivalence 2019-09-23 23:20:42 -04:00
Emmanuelle Vargas-Gonzalez dc79a1f869 add docstrings for new public methods. add test with disabled spec_version check.
fix calculation for distance, using incorrect algorithm. update package settings, tox settings
2019-09-23 23:13:50 -04:00
Chris Lenk 401c9ad950
Merge branch 'master' into stix2.1 2019-09-23 12:26:27 -04:00
Emmanuelle Vargas-Gonzalez 4eaaee89dc make changes according to feedback. allow for custom objects to be supplied to method 2019-09-23 09:44:09 -04:00
Desai, Kartikey H 113d481e84 Make SCO deterministic ID namespace a global var for better software hygiene 2019-09-19 10:31:14 -04:00
Desai, Kartikey H f241ed5c6c Remove at_least_one=False from Artifact SCO 2019-09-18 10:56:42 -04:00
Desai, Kartikey H 3b1c922ba6 Fix observed data property check for at least one property existing 2019-09-18 10:29:07 -04:00
Emmanuelle Vargas-Gonzalez e138753576 add another test 2019-09-17 16:10:54 -04:00
Emmanuelle Vargas-Gonzalez 351362ae33 more tests for coverage 2019-09-17 15:55:12 -04:00
Emmanuelle Vargas-Gonzalez 09858ba263 create more tests to improve coverage 2019-09-17 15:28:37 -04:00
Emmanuelle Vargas-Gonzalez 98ecdf53e3 update timestamp comparison method 2019-09-17 11:08:01 -04:00
Emmanuelle Vargas-Gonzalez e8eb7bcca2 fix logging messages, typos and add tests for the semantic equivalence method 2019-09-16 14:35:14 -04:00
Zach Rush 855bc96863 Avoid throwing exceptions when unneeded to avoid problems 2019-09-13 14:54:52 -04:00
Zach Rush 4c6519cf43 Changed 'six.text_type' to 'six.string_types', since the former didn't seem to work in python2.7 2019-09-13 12:09:02 -04:00
Zach Rush 4753519349 Marking-definitions are now checked for their attribute before being tested and tests were modified to expect the correct value 2019-09-13 10:52:50 -04:00
Zach Rush 5f3e41a9ab Marking-definitions are now checked for their attribute before being tested and tests were modified to expect the correct value 2019-09-13 10:51:28 -04:00
Desai, Kartikey H 8447c9fcd9 Add few tests to improve some code coverage 2019-09-11 14:21:41 -04:00
Zach Rush afa4af65c6 Fixing pre-commit things 2019-09-11 12:22:55 -04:00
Zach Rush e7a6554395 Fixing pre-commit issues 2019-09-11 12:12:26 -04:00
Zach Rush 7c96d991e6 Added a function to ensure precision consistency 2019-09-11 10:55:09 -04:00
Desai, Kartikey H 9c7128d074 Fix indentation issue 2019-09-11 10:49:11 -04:00
Desai, Kartikey H d828e41c78 End of changes 2019-09-11 10:44:14 -04:00
Emmanuelle Vargas-Gonzalez 6fa77adfe3 wrote all default weights, actually computing the equivalence score
logging for unsupported objects, finished implementing some methods. Missing to implement patterning.
2019-09-10 15:04:07 -04:00
Zach Rush 53db47b447 Statement-type definitions will now match the timestamp precision given to them 2019-09-09 21:38:58 -04:00
Desai, Kartikey H 5b6592e2dc Some changes. More fixes coming soon, hopefully 2019-09-06 18:08:27 -04:00
Desai, Kartikey H 8f773fd556 Temp backup of some code changes. More coming soon 2019-09-06 00:25:42 -04:00
Desai, Kartikey H abf2980336 Fix tests and ReferenceProperty 2019-09-04 19:08:34 -04:00
Desai, Kartikey H 44ebd64a16 Some test fixes. More coming soon 2019-08-30 03:47:47 -04:00
Desai, Kartikey H f69b13a006 Some more updates, primarily to ReferenceProperty (and related code) 2019-08-29 17:15:51 -04:00
Desai, Kartikey H 5825118ad4 Merge branch 'stix2.1' of https://github.com/oasis-open/cti-python-stix2 into wd05SCO 2019-08-27 17:37:14 -04:00
Desai, Kartikey H 49077352d7 Updates and corrections for SCO WD 05 updates. Temp backup; testing and more fixes coming soon 2019-08-27 17:36:45 -04:00
Michael Chisholm 94bb76f669 Fix docstring on the unit tests I added. I'd said "partially
cleaned" property, but actually, the cleaning algorithm works on
a dict copy, so aborting cleaning partway through doesn't
actually affect the object in that way.  It would actually cause
the extensions property to be completely uncleaned, rather than
partially cleaned.
2019-08-26 17:49:55 -04:00
Michael Chisholm c212c7c678 Fix handling of custom extensions: make sure when
allow_custom=True that you never get a half-cleaned property
value.
2019-08-26 17:10:54 -04:00
Desai, Kartikey H 7c9fc3fd08 Fix deterministic ID tests 2019-08-21 09:33:42 -04:00
Desai, Kartikey H 364daec40a Add deterministic ID tests 2019-08-21 09:21:51 -04:00
Desai, Kartikey H 5e9d6a6a14 Fix small indentation error 2019-08-21 08:49:33 -04:00
Desai, Kartikey H bf1b8b567d Updates to allow existing tests to pass 2019-08-21 02:00:41 -04:00
Desai, Kartikey H 46359ead69 Modify a few things 2019-08-19 13:35:17 -04:00
Desai, Kartikey H ec55463398 Update SCO stuff to WD 05 2019-08-19 09:39:13 -04:00
Chris Lenk b0a1bbbc84 Bump version: 1.1.2 → 1.1.3 2019-08-12 13:32:47 -04:00
Desai, Kartikey H dee2f1f60c Merge branch 'stix2.1' of https://github.com/oasis-open/cti-python-stix2 into wd05SCO 2019-08-12 08:16:00 -04:00
Chris Lenk b981cdf4fc Fix tests
by removing certain human message assertions from test suites.
(These changes are cherry-picked from commit by @khdesai on a different
branch)
2019-08-09 16:04:29 -04:00
Michael Chisholm 5e5a03c001 Changed emitted deprecation warnings to a custom DeprecationWarning
subclass.  Changed the unit test to test for that specific
warning category, instead of any DeprecationWarning.
2019-08-07 10:16:18 -04:00
Michael Chisholm 27beec4060 Add a deprecation warning for the "objects" property of
observed-data.  Add a unit test to ensure we get the warning.
2019-07-29 16:35:38 -04:00
Emmanuelle Vargas-Gonzalez 93aa709b68 write down some of the semantic-equivalence work. WIP 2019-07-26 16:01:45 -04:00
Michael Chisholm 9404cf4560 Fix flake8 style error. 2019-07-25 16:58:48 -04:00
Michael Chisholm 423487d65a Add a unit test for the first/last_seen value co-constraint
on ThreatActor.
2019-07-25 16:57:15 -04:00
Michael Chisholm 8362d80206 Change "object_modified" property of LocationContent to be
optional.  Add a corresponding unit test.
2019-07-25 16:56:34 -04:00
Michael Chisholm 5649559c6d Removed some more hard-codings of v20 in the workbench test
suite.
2019-07-24 17:39:00 -04:00
Michael Chisholm b0eb518997 Added adaptability to the workbench module, regarding the
autogenerated docstrings: v20/v21 is automatically referenced as
appropriate, based on stix2.DEFAULT_VERSION.  To avoid
duplication, I also moved _STIX_VID from test_workbench.py to
workbench.py; the former now imports it from the latter.
2019-07-24 17:20:52 -04:00
Michael Chisholm 22face6c1a Add trailing commas to satisfy pre-commit hooks... 2019-07-24 16:30:18 -04:00
Michael Chisholm 9d08cadcfd Turn off the workbench test suite's side effects after each test
that turns them on.  These have the potential to affect subsequent
tests.  The side effects include automatically setting
property values, and automatically appending additional values
to list-valued properties.
2019-07-24 16:23:19 -04:00
Michael Chisholm 38103ac6c5 Moved test/v20/test_workbench.py up one directory level since
it doesn't make sense to have a test per STIX version.  The
workbench only uses the latest supported STIX version.  In
order to make this work, the test suite was modified to
dynamically compute some settings like where to get demo data,
based on the value of stix2.DEFAULT_VERSION.

Switched stix2.DEFAULT_VERSION back to "2.0", since I figure it
should be sync'd up with the 'from .vxx import *' import
statement from the top level package.
2019-07-24 15:35:59 -04:00
Michael Chisholm d69449706f Revert the docstrings generated for the workbench dynamically
created subclasses, to mention v20 instead of v21.
2019-07-22 17:01:52 -04:00
Michael Chisholm 165d87e103 Revert the import in the top-level stix2 package, to v20. This
additionally required:

- Removing the v21 workbench test suite and reinstating the v20
  test suite
- Fixing up a few v20 unit tests to work with the workbench
  monkeypatching.
- I didn't revert the analogous changes I'd previously made to
  the v21 unit tests, because I think they make sense even when
  the workbench monkeypatching isn't happening.
2019-07-22 16:55:22 -04:00
Michael Chisholm 227383cdcb Removed _observed_data_init() from workbench.py, part of the old
monkeypatching algorithm.  It's no longer needed and I forgot to
delete it.
2019-07-19 15:58:15 -04:00
Michael Chisholm 823b67a4fc Add a few more tests to exercise more complex property presence
constraint checking.
2019-07-19 15:40:03 -04:00
Michael Chisholm 5589480980 Improved the exception class hierarchy:
- Removed all plain python base classes (e.g. ValueError, TypeError)
- Renamed InvalidPropertyConfigurationError -> PropertyPresenceError,
  since incorrect values could be considered a property config error, and
  I really just wanted this class to apply to presence (co-)constraint
  violations.
- Added ObjectConfigurationError as a superclass of InvalidValueError,
  PropertyPresenceError, and any other exception that could be raised
  during _STIXBase object init, which is when the spec compliance
  checks happen.  This class is intended to represent general spec
  violations.
- Did some class reordering in exceptions.py, so all the
  ObjectConfigurationError subclasses were together.

Changed how property "cleaning" errors were handled:
- Previous docs said they should all be ValueErrors, but that would require
  extra exception check-and-replace complexity in the property
  implementations, so that requirement is removed.  Doc is changed to just
  say that cleaning problems should cause exceptions to be raised.
  _STIXBase._check_property() now handles most exception types, not just
  ValueError.
- Decided to try chaining the original clean error to the InvalidValueError,
  in case the extra diagnostics would be helpful in the future.  This is
  done via 'six' adapter function and only works on python3.
- A small amount of testing was removed, since it was looking at custom
  exception properties which became unavailable once the exception was
  replaced with InvalidValueError.

Did another pass through unit tests to fix breakage caused by the changed
exception class hierarchy.

Removed unnecessary observable extension handling code from
parse_observable(), since it was all duplicated in ExtensionsProperty.
The redundant code in parse_observable() had different exception behavior
than ExtensionsProperty, which makes the API inconsistent and unit tests
more complicated.  (Problems in ExtensionsProperty get replaced with
InvalidValueError, but extensions problems handled directly in
parse_observable() don't get the same replacement, and so the exception
type is different.)

Redid the workbench monkeypatching.  The old way was impossible to make
work, and had caused ugly ripple effect hackage in other parts of the
codebase.  Now, it replaces the global object maps with factory functions
which behave the same way when called, as real classes.  Had to fix up a
few unit tests to get them all passing with this monkeypatching in place.
Also remove all the xfail markings in the workbench test suite, since all
tests now pass.

Since workbench monkeypatching isn't currently affecting any unit tests,
tox.ini was simplified to remove the special-casing for running the
workbench tests.

Removed the v20 workbench test suite, since the workbench currently only
works with the latest stix object version.
2019-07-19 14:50:11 -04:00
Desai, Kartikey H 4660d5ea28 Update SCO specs per WD 05 specs 2019-07-17 15:48:09 -04:00
Michael Chisholm cd0c4984fa Fix most unit tests to pass again. Awaiting feedback regarding
possible library bugs, before I fix the remaining unit tests.
2019-07-16 16:10:25 -04:00
Michael Chisholm 1b7abaf228 WIP: updating objects to be compliant with stix2.1 WD05. This
includes SDO/SRO class updates, but no unit test updates.  The
class updates broke unit tests, so that still needs to be
addressed.
2019-07-14 15:34:31 -04:00
Desai, Kartikey H b464a9cc0a Remove certain human message assertions from test suites 2019-07-09 13:34:19 -04:00
Desai, Kartikey H ae35d2ab01 Add and update tests to conform code to WD04 SDO specs 2019-07-02 13:17:43 -04:00
Desai, Kartikey H ffbf5fa34c Fix JSON encoding issue within tests 2019-07-01 15:41:44 -04:00
Desai, Kartikey H c98fcafb1a Update tests to address conformance to WD04 specs 2019-07-01 15:26:30 -04:00
Desai, Kartikey H ef408e1971 preliminary changes to make stix2 code conform to WD 04 specs 2019-07-01 11:52:55 -04:00
Chris Lenk 953a91ba8e
Merge pull request #273 from chisholm/update_course_of_action
Update course of action for stix2.1 (again)
2019-06-28 12:32:14 -04:00
Chris Lenk 266516ebbc
Merge pull request #272 from chisholm/malware_analysis
Add stix2.1 malware-analysis SDO
2019-06-28 09:57:47 -04:00
chrisr3d 6aff018695
fix: Avoid issues with custom objects
- Custom objects type is dict, which makes it fail
  when the attribute 'id' is called
2019-06-27 17:19:05 +02:00
Michael Chisholm e779cacf3e Update course of action tests, to include tests with the
action_reference property.  Also, stylistic changes to hopefully
let it do more testing with less code.
2019-06-26 21:01:41 -04:00
Michael Chisholm de93a2ee32 Fix stix2.1 course-of-action SDO class properties action_reference
and action_bin to have the correct types.
2019-06-26 19:54:28 -04:00
Michael Chisholm c6132537b8 Changes from add-trailing-comma hook 2019-06-26 17:17:16 -04:00
Michael Chisholm 68f93f4110 Oops, forgot to add the malware-analysis test suite... 2019-06-26 17:10:04 -04:00
Michael Chisholm 5c92db9861 Add stix2.1 malware-analysis SDO 2019-06-26 17:06:26 -04:00
Chris Lenk b8c5bec101 Merge branch 'master' into stix2.1 2019-06-26 12:22:40 -04:00
Chris Lenk 28ac284b84 Remove unnecessary ObservedData constraint
first_observed and last_observed are both required, so this co-constraint was removed from WD04.
2019-06-26 11:18:47 -04:00
Michael Chisholm 58ff89f112 Update observed-data SDO class, adding the new stix2.1 property
"object_refs".  Added a couple tests for it.
2019-06-21 15:44:04 -04:00
Michael Chisholm 23d5bef2ec Change all uses of multi-STIX-version properties (i.e. those
with a spec_version constructor argument) in STIX-version-specific
contexts, to explicitly specify the STIX version.
2019-06-21 14:29:08 -04:00
Michael Chisholm 9cc1e6e8c1 Change location of DEFAULT_VERSION definition, to be before
the imports.  This ensures the attribute will be defined even if
there are import loops.
2019-06-21 14:26:48 -04:00
Michael Chisholm 8bb6c79f1d Change import order to satisfy style checkers... 2019-06-21 14:25:36 -04:00
Michael Chisholm f9578313a0 Change stix2.DEFAULT_VERSION to "2.1" on the stix2.1 branch. 2019-06-21 13:20:37 -04:00
Michael Chisholm ea98a53fae Change all hard-coded spec_version defaults in property classes
to stix2.DEFAULT_VERSION.
2019-06-21 13:18:51 -04:00
Michael Chisholm d61b543266 Style changes to satisfy the 'style' tox check 2019-06-14 18:10:38 -04:00
Michael Chisholm a150b0f4aa Change all uses of IDProperty and ReferenceProperty to specify
a particular spec_version.
2019-06-14 17:58:51 -04:00
Michael Chisholm da5978d317 Factored out more of the STIX identifier validity checking,
partly inspired by PR #263.  This resulted in some error message
format changes (an improvement, I think), which caused some
unit test breakage.  Removed those asserts from the unit tests,
since tests shouldn't be testing human-targeted error messages.
2019-06-13 18:37:21 -04:00
Michael Chisholm ed106f23ff Update IDProperty and ReferenceProperty to support both stix 2.0
and 2.1 rules regarding identifiers.  Change relevant property
tests to specify which spec version to use, and modify tests
according to the specs.
2019-06-12 20:19:47 -04:00
Michael Chisholm 4f593e6d16 Changes from the add-trailing-comma pre-commit hook 2019-06-12 14:49:34 -04:00
Michael Chisholm caa1d45ae2 Update stix2.1 course-of-action support to the latest spec. 2019-06-11 18:10:02 -04:00
Chris Lenk a6fa3ff1d7 Slightly change bundle error message 2019-05-22 11:05:01 -04:00
Desai, Kartikey H ce86db2a12 Fixes #257 2019-05-20 15:36:35 -05:00
Desai, Kartikey H 86790a736f Fixes #257 2019-05-20 15:29:01 -05:00
Desai, Kartikey H 45d3020518 Fixes #257 2019-05-17 14:21:35 -05:00
Desai, Kartikey H a61344a8aa Add get_obj function to bundle.py to make accessing bundles easier 2019-05-14 13:48:54 -04:00
Kartikey Desai 1bf12221a0 Update _valid_refs doc and add test to v20 test suite 2019-05-13 09:18:50 -04:00
Desai, Kartikey H f79b3c9876 Add functionality to _valid_refs to accept actual cyber observable objects instead of just strings with their types 2019-05-10 10:22:45 -04:00
Emmanuelle Vargas-Gonzalez 087ac35f38 Merge branch 'master' of github.com:oasis-open/cti-python-stix2 into 252-TLPMarking-constraints 2019-05-08 10:43:13 -04:00
Emmanuelle Vargas-Gonzalez 00d99e3815 remove unused imports 2019-05-08 10:38:23 -04:00
Emmanuelle Vargas-Gonzalez 9c34e2f8ca update tests to make sure we are testing the serialized instance correctly 2019-05-08 10:36:31 -04:00
Emmanuelle Vargas-Gonzalez d5f0c46dd5 re-organize imports in v20, v21 2019-05-08 10:35:53 -04:00
Emmanuelle Vargas-Gonzalez 47f8ed9282 move check_tlp_marking to markings\utils.py 2019-05-08 10:34:56 -04:00
Chris Lenk 582ba2be2c
Merge pull request #259 from emmanvg/251-lang-markings-support
Language markings support
2019-05-08 09:48:21 -04:00
Emmanuelle Vargas-Gonzalez 4b21708e03 modify test to cover exception message 2019-05-03 11:05:32 -04:00
Emmanuelle Vargas-Gonzalez b3a601e4c8 add new files for marking-definition tests 2019-05-03 10:25:11 -04:00
Emmanuelle Vargas-Gonzalez d6497f66fe create a new exception for TLP validation and util method 2019-05-03 10:03:15 -04:00
Emmanuelle Vargas-Gonzalez 46c47a0d08 new approach towards validation of tlp instances 2019-05-03 09:59:07 -04:00
Emmanuelle Vargas-Gonzalez fff0e9e731 update test_datastore_filesystem.py to create proper tlp markings 2019-05-03 09:58:45 -04:00
Emmanuelle Vargas-Gonzalez c3aecd76ba update unnecesary property clean-up and add tests 2019-04-23 09:27:21 -04:00
Emmanuelle Vargas-Gonzalez f8857569d5 Add header to test file 2019-04-23 07:48:51 -04:00
Emmanuelle Vargas-Gonzalez dbc63b7b9f pre-commit changes 2019-04-23 07:43:56 -04:00