92ab1227ed
docstrings, changes to equivalence.ipynb
2020-10-16 17:12:52 -04:00
fb705c4885
Graph Equivalence ( #449 )
...
* new packages for graph and object-based semantic equivalence
* new method graphically_equivalent for Environment, move equivalence methods out
* object equivalence function, methods used for object-based moved here.
* new graph_equivalence methods
* add notes
* add support for versioning checks (default disabled)
* new tests to cover graph equivalence and new methods
* added more imports to environment.py to prevent breaking changes
* variable changes, new fields for checks, reset depth check per call
* flexibility when object is not available on graph.
* refactor debug logging message
* new file stix2.equivalence.graph_equivalence.rst and stix2.equivalence.object_equivalence.rst for docs
* API documentation for new modules
* additional text required to build docs
* add more test methods for list_semantic_check an graphically_equivalent/versioning
* add logging debug messages, code clean-up
* include individual scoring on results dict, fix issue on list_semantic_check not keeping highest score
* include results as summary in prop_scores, minor tweaks
* Update __init__.py
doctrings update
* apply feedback from pull request
- rename semantic_check to reference_check
- rename modules to graph and object respectively to eliminate redundancy
- remove created_by_ref and object_marking_refs from graph WEIGHTS and rebalance
* update docs/ entries
* add more checks, make max score based on actual objects checked instead of the full list, only create entry when type is present in WEIGHTS dictionary
update tests to reflect changes
* rename package patterns -> pattern
* documentation, moving weights around
* more documentation moving
* rename WEIGHTS variable for graph_equivalence
2020-10-16 11:35:26 -04:00
d17d01d165
Merge pull request #444 from chisholm/comp_ds_unversioned_objs
...
Update CompositeDataSource and deduplicate() support for unversioned objects
2020-10-15 08:57:55 -04:00
7b35b82996
TAXIICollectionSource custom object handling fix
2020-09-29 11:21:02 -04:00
3267036f33
Merge pull request #452 from oasis-open/api-reference-for-pattern-eq
...
Expose API Reference for Pattern Equivalence - ReadTheDocs
2020-09-18 13:52:02 -04:00
ddb25c544a
Merge pull request #456 from chisholm/fix_comparison_expression_root_type
...
Fix object type tracking for AST comparison expression 'AND'
2020-09-18 09:59:53 -04:00
7d64764ae3
Fix object type tracking for comparison expressions in the pattern
...
AST module.
2020-09-14 15:42:36 -04:00
bad42e5b78
pre-commit stylistic junk
2020-09-12 19:33:56 -04:00
ff35e8a01b
Add some unit tests for the AST make_constant() function.
2020-09-12 19:14:29 -04:00
f2691e89f5
Fix make_constant() in the AST module, to always return a
...
constant. It was failing to do so for timestamps, instead
returning a STIXdatetime object.
2020-09-12 19:14:29 -04:00
639769d885
expose API Reference for Pattern Equivalence for ReadTheDocs
2020-09-11 13:54:13 -04:00
b5015b74ba
pre-commit stylistic fixes
2020-08-19 12:10:51 -04:00
3c25410a9d
pre-commit stylistic fix
2020-08-19 11:51:47 -04:00
7fa3c78dea
Update CompositeDataSource and deduplicate() to handle unversioned
...
objects, including 2.1 SCOs. Updated some unit tests to test
this. Fixed a typo in a 2.0 unit test (2.0 deduplicate() test).
2020-08-17 18:38:29 -04:00
b6c2206491
Add some unit test suites for pattern equivalence which use some
...
STIX version-specific pattern features.
2020-08-14 19:56:49 -04:00
9e707a3a81
Add stix_version kwargs to the pattern equivalence functions.
...
This allows the patterns to be parsed using either 2.0 or 2.1+
syntax.
2020-08-14 19:55:00 -04:00
320129e26c
Add another unit test to help a bit with lack of coverage of
...
compare/comparison.py. This one tests patterns with more
constant types.
2020-08-13 18:45:52 -04:00
c21b230edb
pre-commit hook stylistic changes
2020-08-13 17:44:42 -04:00
16a8c544ac
Add a find_equivalent_patterns() function and unit tests, in case
...
a user wants a more efficient search capability. (It is more
efficient than calling equivalent_patterns() over and over in a
loop, because it doesn't repeatedly re-canonicalize the search
pattern.)
2020-08-13 17:09:04 -04:00
bd5635f5be
Add some unit tests for pattern equivalence.
2020-08-13 16:46:25 -04:00
6c92f670cb
Fix ipv4/6 special canonicalizers to reformat IP addresses even
...
when a non-CIDR address is used. Before, it left plain IP
addresses untouched.
2020-08-13 16:22:24 -04:00
5d6c7d8c8a
Add some simple context-sensitive constant canonicalization, used
...
as part of canonicalizing comparison expressions. This
required adding a new comparison expression transformer callback
for leaf-node comparison expression objects, and updating all
existing comparison transformers to work (it affected all/most
of them). The observation expression transformer which actually
does the comparison canonicalization was updated to also perform
this special canonicalization step.
2020-08-12 19:28:35 -04:00
311fe38cea
Add first cut of a pattern equivalence capability
2020-08-10 18:33:26 -04:00
1948b38eec
Merge pull request #438 from oasis-open/issue_437
...
hack for issue_435
Fixes #435 .
2020-08-07 09:55:41 -04:00
1f9a844941
Merge pull request #439 from maybe-sybr/fix/customs-class-name
...
fix: Respect name of `@Custom*` decorated defs
2020-08-04 07:32:03 -04:00
8f76a84bbf
handle quoted path components
2020-07-30 15:32:06 -04:00
15344527aa
fix: Respect name of `@Custom*` decorated defs
2020-07-28 11:13:59 +10:00
8cdbfed5e4
Merge pull request #431 from oasis-open/filesys-write-custom
...
Fix bug when adding custom object to FileSystemSink if the object type hasn't been registered
2020-07-27 09:43:38 -04:00
b7a30befdc
add tests and fix introduced bug
2020-07-25 14:47:40 -04:00
0fc2befd6a
hack for issue_435
2020-07-25 14:22:03 -04:00
084941dd41
handle mixed boolean expressions
2020-07-24 11:40:21 -04:00
08137ff6be
add serialization to API documentation
2020-07-22 15:38:17 -04:00
8093898a3d
move serialization-related methods to serialization.py
...
update tests that call specific methods from this area
2020-07-22 15:36:48 -04:00
ca56a74e12
update docstrings for _STIXBase method
2020-07-22 15:20:39 -04:00
978aee9a8e
fix circular import problem
2020-07-22 14:53:37 -04:00
c760e04c9a
rename module to serialization.py
2020-07-22 14:31:26 -04:00
853bd0da21
move classes and methods from base.py to serialize.py
2020-07-22 13:56:24 -04:00
37f0238fc6
add serialize.py module
2020-07-22 13:37:41 -04:00
806389117f
Allow mixing single objects and lists in bundles
...
...in bundle constructor
Related: #429 .
2020-07-20 00:24:36 -04:00
55ea84ece2
Fix bug when adding custom obj to FileSystemSink
...
... if the object type hasn't been registered.
Related: #439 .
2020-07-20 00:04:32 -04:00
d888eb60e2
Remove protocol_family and its uses from the v21 network
...
socket SCO extension. It's a 2.0 property that got copied into
the 2.1 code by mistake.
2020-07-08 14:26:02 -04:00
bf66744db3
remove round from `fuzz.token_sort_ratio(str1, str2)` call
2020-07-08 11:02:56 -04:00
457085a115
Merge pull request #377 from maxbachmann-forks/master
...
use rapidfuzz instead of fuzzywuzzy
2020-07-08 10:49:41 -04:00
f1bb0b1b01
Bump version: 2.0.1 → 2.0.2
2020-07-07 09:42:01 -04:00
b29527cae1
Fix for isort v5.0.0
2020-07-07 09:03:07 -04:00
ee3425cc01
Bump version: 2.0.0 → 2.0.1
2020-07-06 16:44:29 -04:00
c8a9d31d7b
Bump version: 1.4.0 → 2.0.0
2020-07-06 16:43:12 -04:00
8e785cbd05
Remove outdated comment
2020-07-06 16:42:33 -04:00
c3e5da4634
add `pattern_visitor` to api reference
2020-07-01 10:30:05 -04:00
2ac3a4b524
add module docstring for versioning.py
2020-07-01 10:30:05 -04:00
53dbc5835e
Add test for coverage
...
Tests creating a property with both required and default.
2020-07-01 09:54:50 -04:00
3397805367
Consolidate version-independent property tests
2020-07-01 09:41:10 -04:00
7ef3a02971
update docstrings environment.py and parsing.py
2020-06-30 22:32:04 -04:00
21e109d881
remove `core` and added `parsing`, `versioning` to autosummary
2020-06-30 22:16:15 -04:00
9a0cb02ab3
nit-pick on v21 Indicator constructor
2020-06-30 13:58:19 -04:00
e25734d2b6
Fix trailing commas
2020-06-26 16:43:19 -04:00
d5d664ba41
Update docs for 2.1 as default
2020-06-26 16:43:19 -04:00
10bdfe9e25
Fix KeyError in TAXII DataStore
2020-06-26 16:43:19 -04:00
3ef63d5e17
Update Workbench for 2.1
2020-06-26 16:43:19 -04:00
d62f5ee141
Remove 'encoding' param from json.loads
...
It's ignored since Python 3.1 and we've dropped 2.7.
2020-06-26 16:43:19 -04:00
e80d3bad2c
Fix 2.0 HashesProperties
2020-06-26 16:43:19 -04:00
f78b396648
Fix parsing tests
2020-06-26 16:43:19 -04:00
b42b1cafa7
Move a couple tests for organization
2020-06-26 16:43:19 -04:00
b2ee33208f
Set STIX 2.1 as default, fix indicator.valid_from
2020-06-26 16:43:19 -04:00
bf5176f370
Add some new unit tests corresponding to ListProperty revamp.
2020-06-17 16:31:03 -04:00
bc51cd47bd
Revamp ListProperty so its logic makes more sense.
2020-06-17 16:11:30 -04:00
9d05c9d3e2
Merge pull request #401 from chisholm/fix_versionable_detection
...
Fix versionability detection
2020-06-10 10:22:59 -04:00
00b78e7a47
Stylistic pre-commit junk
2020-06-08 17:51:13 -04:00
99bf4215a3
Change all uses of ObjectReferenceProperty in 2.1 SCO classes
...
to ReferenceProperty. Add a unit test to ensure that when a
stix2 object is passed as a value of a ReferenceProperty, that
the ID is properly pulled out and used as the actual property
value, and that it doesn't affect the deterministic ID
calculation.
2020-06-08 17:24:33 -04:00
8bde22fa1f
Merge pull request #407 from emmanvg/flexibility-selector-syntax
...
Update SELECTOR_REGEX for GranularMarkings
2020-06-08 13:54:39 -04:00
aa18575c83
add `id` as special-case option in regex. closes #406
2020-06-08 09:27:12 -04:00
c13cb182db
versioning related updates:
...
- remove var 'properties_to_change' since it's unnecessary
- delete most of remove_custom_stix() since it was unnecessary,
greatly simplify it
2020-06-05 14:24:16 -04:00
9c5f950d5b
Add a new_version() restriction preventing SCO ID contributing
...
properties from being changed, if a UUIDv5 is in use. Changing
one of those properties would imply an ID change, which is not
allowed across versions. Also:
- add a trailing comma
- change unchangable_properties to a set instead of a list,
in case there are dupe props between STIX_UNMOD_PROPERTIES and
sco_locked_props
2020-06-05 14:24:16 -04:00
eaa7f17ee4
Fix versionability detection: _properties is an OrderedDict not
...
a list of tuples! (despite what it looks like if you glance at it
quickly.)
2020-06-05 14:24:16 -04:00
15e75cb4de
Python 2 compatibility fix in versionability detection. In
...
python2, Mapping.keys() returns a list instead of a set!
2020-06-05 14:24:16 -04:00
a05dbc42d5
Improve the docstring for new_version(). Especially with the
...
three-value logic for allow_custom, it needed some much better
documentation.
2020-06-05 14:24:16 -04:00
d4cecd6f51
In remove_custom_stix(), when creating the new version,
...
use allow_custom=False to force custom properties to be
disallowed. This is extra insurance against a custom prop
accidentally getting through.
2020-06-05 14:24:16 -04:00
78d3b2c4c5
Add stix2.utils import to v20/test_versioning.py since the module
...
was used but not imported there. Also import sorting from the
pre-commit hook.
2020-06-05 14:24:16 -04:00
5522050899
Improve versionability detection when creating new versions
...
of objects. Move versioning-related stuff out of stix2.utils
to its own module. Some misc versioning-related fixes.
2020-06-05 14:24:16 -04:00
5a5484d464
Move/merge some deterministic ID tests from the observed-data SDO
...
test suite to the test suite specific to testing deterministic
IDs. This keeps the tests for that specific system in one place.
2020-06-05 14:14:44 -04:00
f17f782134
Bugfixes to the json un-escaping function. Added some unit tests
...
for that.
2020-06-05 14:14:44 -04:00
2179028c91
Fix deterministic ID behavior when an empty "hashes" property is
...
given. Now, an exception is raised. Added a unit test for this.
2020-06-05 14:14:44 -04:00
c94feae623
Add a deterministic ID unit test with an embedded object
2020-06-05 14:14:43 -04:00
fa981affa9
stupid python 3.8 pre-commit still not adding the right trailing
...
commas....
2020-06-05 14:14:43 -04:00
9dcffd9fad
Add some unit tests for deterministic IDs.
2020-06-05 14:14:43 -04:00
1f5e8defd3
Argh, I fixed an RFC URL but forgot to fix the comment which
...
described it and gave the RFC number...
2020-06-05 14:14:43 -04:00
22c0d5806c
Trailing comma for the pre-commit hook
2020-06-05 14:14:43 -04:00
e22c37a16b
Update a RFC URL to the latest version. I'd accidentally used
...
one which had been obsoleted by a newer one.
2020-06-05 14:14:43 -04:00
6c2c4781e7
Revamp deterministic ID generation code to fix bugs.
2020-06-05 14:14:43 -04:00
41525f9be0
Merge pull request #400 from oasis-open/issue-398
...
fixed start/stop qualifier constant issue
Fixes #398 .
2020-06-05 10:57:59 -04:00
53dfe40c30
only test start/stop timestamps if they are strings (2.0)
2020-06-05 09:25:06 -04:00
04af273d71
flaky
2020-06-05 09:17:42 -04:00
7def04fd6f
Add __all__'s to v20 and v21/__init__.py to ensure that
...
star-imports from those modules get the right symbols. "base"
was a problem because it was getting imported via
stix2/__init__.py and overwriting stix2.base, making the actual
stix2/base.py module inaccessible.
2020-06-03 17:39:09 -04:00
977107e713
2.0 Start/Stop Quailifer uses StringConstants
2020-06-01 22:34:40 -04:00
cfe0648c98
fixed start/stop qualifier constant issue
2020-05-26 15:12:02 -04:00
7955a41997
Drop python-dateutil as a dependency and switch to the builtin
...
datetime module for parsing timestamps. Dateutil proved too
slow.
2020-05-20 15:06:53 -04:00
b4dbc419f6
Merge branch 'master' of github.com:oasis-open/cti-python-stix2 into 391-ssdeep-hash-case
2020-05-14 12:51:02 -04:00
68f7ca6377
resolve problem with SSDEEP vocab use for 2.1, closes #391
2020-05-13 18:17:17 -04:00
998b4c0725
Change streamlined_obj_vals list to streamlined_object dict
2020-05-13 12:45:16 -05:00
9ce299b660
Fixes #389
2020-05-13 11:40:37 -05:00
Emmanuelle Vargas-Gonzalez