Skip to content

misp-stix v2.4.183 - Various import features fixed and improved
Compare
Choose a tag to compare
@chrisr3d chrisr3d released this 21 Jun 09:43
· 391 commits to main since this release
v2.4.183
daaee3a
This commit was signed with the committer’s verified signature.
chrisr3d Christian Studer
GPG key ID: 6BBED1B63A6D639F
Learn about vigilant mode.

v2.4.183 - 2024-01-04

Add

  • [stix2 import] Handling clusters sharing group id for content converter from external STIX 2.x
  • [stix2 import] Added cluster distribution argument to the external STIX 2 to MISP parser
  • [tests] Tests for internal STIX 2.x content with custom labels

Chg

  • [poetry] Bumped latest deps versions and lock file
  • [stix2 import] Handling external ids and synonyms from STIX 2.x objects imported as MISP Galaxy Clusters
  • [poetry] Updated pyproject & bumped lock file
  • [tests] Updated STIX 2.x internal samples to match the recent changes on STIX 2.x export capacity
  • [poetry] Bumped latest dependencies and versions

Fix

  • [stix2 import] Separating the synonyms and external ids handling
  • [stix2 import] Added missing imports for Observed Data Converters
  • [tests] Fixed tests for galaxy and their clusters following recent changes on the synonyms and external ids handling
  • [requirements] Updated the requirements list with no specific version
  • [tests] Fixed tests to avoid issues with aliases
  • [stix2 export] Fixed meta fields parsing for STIX objects having meta fields mapping
  • [stix2 export] Fixed the external references parsing from Clusters meta fields
  • [tests] Aligning test sample on tags with the tag name of the recently changed attack pattern cluster sample to keep testing the non duplication of the tag name with tags
  • [tests] Aligning test sample on tags with the tag name of the recently changed attack pattern cluster sample to keep testing the non duplication of the tag name with tags
  • [tests] Making the automated documentation generation specific to the related test Classes instead of making it run for each testing class tear down
  • [documentation] Fixed and regenerated documentation for Galaxy Clusters export to STIX 2.x
  • [documentation] Fixed and regenerated galaxies export documentation
  • [documentation] Regenerated documentation
  • [documentation] Changes in galaxies documentation, based on the cluster name changes
  • [tests] Fixed tests on cluster values
  • [stix2 export] Removing external id from all Galaxy Cluster value
  • [tests] Making the automated documentation generation specific to the related test Classes instead of making it run for each testing class tear down
  • [documentation] Fixed and regenerated documentation for Galaxy Clusters export to STIX 2.x
  • [documentation] Fixed and regenerated galaxies export documentation
  • [documentation] Regenerated documentation
  • [documentation] Changes in galaxies documentation, based on the cluster name changes
  • [tests] Fixed tests on cluster values
  • [stix2 export] Removing external id from all Galaxy Cluster value
  • [tests] Quick code style clean-up
  • [stix2 import] Quick clean-up
  • [stix2 import] Added missing cluster distribution argument
  • [stix2 import] Fixed issues with protocols and references from network traffic observable objects
  • [stix2 import] Cleaned up the unused parsing methods for internal STIX 2.x content, as they've been moved to the converters
  • [stix2 import] Avoiding issues with custom labels
  • [stix2 import] Some clean-up and better 'observable object id VS observed data id' handling
  • [stix2 import] Making the user account extension mapping name compliant with the generic observable objects parsing method
  • [tests] Fixed tests following recent changes including the observed data objects conversion, as well as some better UUID handling
  • [stix2 import] Fixed generic & user-account observables conversion
  • [stix2 import] Fixed domain-ip objects import from internal STIX 2.x
  • [stix2 import] Fixing a few tiny issues
  • [stix2 import] Fixed a few typo in variable names and indentation issues
  • [stix2 import] Added missing argument for email references observables parsing
  • [stix2 import] Fixed Network Traffic references id handling

Wip

  • [stix2 export] Better handling meta fields, and the synonyms in particular
  • [stix2 import] Supporting TLP 2.0 Marking definition
  • [stix2 import] Updated the observable objects conversion capacity to support the reusability between standalone observable objects and observable objects referenced by observed data objects
  • [stix2 import] Added Observed Data objects converter
  • [stix2 import] Reusing elements from mapping
  • [stix2 import] Parsing PE binary extensions within File observable objects
  • [stix2 import] Some clean-up
Assets 2
Loading