From b5381a3105d42d9005d8b2b44bae0842972f591b Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 11 Apr 2024 14:27:54 +0200
Subject: [PATCH 1/5] chg: [relationships] `shares` relationship added

Thanks to @gregWDumont for the feedback
---
 relationships/definition.json | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/relationships/definition.json b/relationships/definition.json
index e7d2203..e21b319 100644
--- a/relationships/definition.json
+++ b/relationships/definition.json
@@ -13,13 +13,21 @@
       "name": "derived-from"
     },
     {
-      "description": "This relationship describes an object which executes another object",
+      "description": "This relationship describes an object which executes another object.",
       "format": [
         "misp"
       ],
       "name": "executes",
       "opposite": "executed-by"
     },
+    {
+      "description": "This relationship describes an object which shares another object.",
+      "format": [
+        "misp"
+      ],
+      "name": "shares",
+      "opposite": "shared-by"
+    },
     {
       "description": "The referenced source and target objects are semantically duplicates of each other.",
       "format": [
@@ -1750,5 +1758,5 @@
       "opposite": "acquires"
     }
   ],
-  "version": 41
-}
\ No newline at end of file
+  "version": 42
+}

From 3de8faa15790e57908eadb5cb1b53ca408443506 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 11 Apr 2024 16:52:04 +0200
Subject: [PATCH 2/5] fix: [relationships] newline

---
 relationships/definition.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/relationships/definition.json b/relationships/definition.json
index e21b319..aaaf064 100644
--- a/relationships/definition.json
+++ b/relationships/definition.json
@@ -1759,4 +1759,4 @@
     }
   ],
   "version": 42
-}
+}
\ No newline at end of file

From a79ccb55fb61e5f9181790426a295c58a42bc429 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 11 Apr 2024 16:53:57 +0200
Subject: [PATCH 3/5] chg: [doc] list updated

---
 README.md | 22 +++++++++++++---------
 1 file changed, 13 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index c690614..e0c661b 100644
--- a/README.md
+++ b/README.md
@@ -134,6 +134,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
 - [objects/cap-alert](https://github.com/MISP/misp-objects/blob/main/objects/cap-alert/definition.json) - Common Alerting Protocol Version (CAP) alert object.
 - [objects/cap-info](https://github.com/MISP/misp-objects/blob/main/objects/cap-info/definition.json) - Common Alerting Protocol Version (CAP) info object.
 - [objects/cap-resource](https://github.com/MISP/misp-objects/blob/main/objects/cap-resource/definition.json) - Common Alerting Protocol Version (CAP) resource object.
+- [objects/cert-pl-phishing](https://github.com/MISP/misp-objects/blob/main/objects/cert-pl-phishing/definition.json) - cert.pl phishing object template representing an url along with some metadata as such phash, html-structure or partial-hash.
 - [objects/cloth](https://github.com/MISP/misp-objects/blob/main/objects/cloth/definition.json) - Describes clothes a natural person wears.
 - [objects/coin-address](https://github.com/MISP/misp-objects/blob/main/objects/coin-address/definition.json) - An address used in a cryptocurrency.
 - [objects/command](https://github.com/MISP/misp-objects/blob/main/objects/command/definition.json) - Command functionalities related to specific commands executed by a program, whether it is malicious or not. Command-line are attached to this object for the related commands.
@@ -300,6 +301,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
 - [objects/network-connection](https://github.com/MISP/misp-objects/blob/main/objects/network-connection/definition.json) - A local or remote network connection.
 - [objects/network-profile](https://github.com/MISP/misp-objects/blob/main/objects/network-profile/definition.json) - Elements that can be used to profile, pivot or identify a network infrastructure, including domains, ip and urls.
 - [objects/network-socket](https://github.com/MISP/misp-objects/blob/main/objects/network-socket/definition.json) - Network socket object describes a local or remote network connections based on the socket data structure.
+- [objects/network-traffic](https://github.com/MISP/misp-objects/blob/main/objects/network-traffic/definition.json) - Generic network traffic that originates from a source and is addressed to a destination.
 - [objects/news-agency](https://github.com/MISP/misp-objects/blob/main/objects/news-agency/definition.json) - News agencies compile news and disseminate news in bulk.
 - [objects/news-media](https://github.com/MISP/misp-objects/blob/main/objects/news-media/definition.json) - News media are forms of mass media delivering news to the general public.
 - [objects/open-data-security](https://github.com/MISP/misp-objects/blob/main/objects/open-data-security/definition.json) - An object describing an open dataset available and described under the open data security model. ref. https://github.com/CIRCL/open-data-security.
@@ -315,7 +317,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
 - [objects/paste](https://github.com/MISP/misp-objects/blob/main/objects/paste/definition.json) - Paste or similar post from a website allowing to share privately or publicly posts.
 - [objects/pcap-metadata](https://github.com/MISP/misp-objects/blob/main/objects/pcap-metadata/definition.json) - Network packet capture metadata.
 - [objects/pe](https://github.com/MISP/misp-objects/blob/main/objects/pe/definition.json) - Object describing a Portable Executable.
-- [objects/pe-optional-header](https://github.com/MISP/misp-objects/blob/main/objects/pe-optional-header/definition.json) - Object describing the Optional Header of a Portable Executable.
+- [objects/pe-optional-header](https://github.com/MISP/misp-objects/blob/main/objects/pe-optional-header/definition.json) - Object describing a Portable Executable Optional Header.
 - [objects/pe-section](https://github.com/MISP/misp-objects/blob/main/objects/pe-section/definition.json) - Object describing a section of a Portable Executable.
 - [objects/Deception PersNOna](https://github.com/MISP/misp-objects/blob/main/objects/Deception PersNOna/definition.json) - Fake persona with tasks.
 - [objects/person](https://github.com/MISP/misp-objects/blob/main/objects/person/definition.json) - An object which describes a person or an identity.
@@ -390,6 +392,7 @@ for a specific attribute. An optional **to_ids** boolean field to disable the ID
 - [objects/splunk](https://github.com/MISP/misp-objects/blob/main/objects/splunk/definition.json) - Splunk / Splunk ES object.
 - [objects/ss7-attack](https://github.com/MISP/misp-objects/blob/main/objects/ss7-attack/definition.json) - SS7 object of an attack as seen on the SS7 signaling protocol supporting GSM/GPRS/UMTS networks.
 - [objects/ssh-authorized-keys](https://github.com/MISP/misp-objects/blob/main/objects/ssh-authorized-keys/definition.json) - An object to store ssh authorized keys file.
+- [objects/stairwell](https://github.com/MISP/misp-objects/blob/main/objects/stairwell/definition.json) - Stairwell leverages automated analysis, YARA rule libraries, shared malware feeds, privately run AV verdicts, static & dynamic analysis, malware unpacking, and variant discovery.
 - [objects/stix2-pattern](https://github.com/MISP/misp-objects/blob/main/objects/stix2-pattern/definition.json) - An object describing a STIX pattern. The object can be linked via a relationship to other attributes or objects to describe how it can be represented as a STIX pattern.
 - [objects/stock](https://github.com/MISP/misp-objects/blob/main/objects/stock/definition.json) - Object to describe stock market.
 - [objects/submarine](https://github.com/MISP/misp-objects/blob/main/objects/submarine/definition.json) - Submarine description.
@@ -498,11 +501,12 @@ The MISP objects (JSON files) are dual-licensed under:
 or
 
 ~~~~
- Copyright (c) 2016-2023 Alexandre Dulaunoy - a@foo.be
- Copyright (c) 2016-2023 CIRCL - Computer Incident Response Center Luxembourg
- Copyright (c) 2016-2023 Andras Iklody
- Copyright (c) 2016-2023 Raphael Vinot
- Copyright (c) 2016-2023 Various contributors to MISP Project
+ Copyright (c) 2016-2024 Alexandre Dulaunoy - a@foo.be
+ Copyright (c) 2016-2024 CIRCL - Computer Incident Response Center Luxembourg
+ Copyright (c) 2016-2024 Andras Iklody
+ Copyright (c) 2016-2024 Raphael Vinot
+ Copyright (c) 2016-2024 Christian Studer
+ Copyright (c) 2016-2024 Various contributors to MISP Project
 
  Redistribution and use in source and binary forms, with or without modification,
  are permitted provided that the following conditions are met:
@@ -532,9 +536,9 @@ If a specific author of a taxonomy wants to license it under a different license
 
 ~~~~
 
-Copyright (C) 2016-2023 Andras Iklody
-Copyright (C) 2016-2023 Alexandre Dulaunoy
-Copyright (C) 2016-2023 CIRCL - Computer Incident Response Center Luxembourg
+Copyright (C) 2016-2024 Andras Iklody
+Copyright (C) 2016-2024 Alexandre Dulaunoy
+Copyright (C) 2016-2024 CIRCL - Computer Incident Response Center Luxembourg
 
 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU Affero General Public License as published by

From 07c6888b3c779d2be00c2d6cae00fcda1986cfa0 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Thu, 11 Apr 2024 17:44:39 +0200
Subject: [PATCH 4/5] fix: [relatonships] because mirrors are great

---
 relationships/definition.json | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/relationships/definition.json b/relationships/definition.json
index aaaf064..a4523d9 100644
--- a/relationships/definition.json
+++ b/relationships/definition.json
@@ -28,6 +28,14 @@
       "name": "shares",
       "opposite": "shared-by"
     },
+    {
+      "description": "This relationship describes an object which was shared by another object.",
+      "format": [
+        "misp"
+      ],
+      "name": "shared-by",
+      "opposite": "shares"
+    },
     {
       "description": "The referenced source and target objects are semantically duplicates of each other.",
       "format": [
@@ -1758,5 +1766,5 @@
       "opposite": "acquires"
     }
   ],
-  "version": 42
+  "version": 43
 }
\ No newline at end of file

From 223b7342d8bb7f70fd881b93e066ac61bb2d2f54 Mon Sep 17 00:00:00 2001
From: Alexandre Dulaunoy <a@foo.be>
Date: Fri, 12 Apr 2024 10:22:53 +0200
Subject: [PATCH 5/5] chg: [news-media] add governmental communication and also
 news agency source (including alert type)

---
 objects/news-media/definition.json | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/objects/news-media/definition.json b/objects/news-media/definition.json
index a1d4e32..f4eccbd 100644
--- a/objects/news-media/definition.json
+++ b/objects/news-media/definition.json
@@ -88,6 +88,8 @@
         "Pressure Group",
         "Staging",
         "Trade Site",
+        "Governmental Communication",
+        "Alert",
         "Other"
       ]
     },
@@ -117,6 +119,8 @@
         "Radio (Online)",
         "Podcast",
         "Alternative Media",
+        "Governmental",
+        "News agency",
         "Other"
       ],
       "ui-priority": 1
@@ -146,5 +150,5 @@
     "attachment"
   ],
   "uuid": "691463c5-5302-4847-9bec-4c56ccfec677",
-  "version": 2
+  "version": 3
 }
\ No newline at end of file