misp-stix v2.4.188 - Supporting the ACS markings

v2.4.188 - 2024-03-21

Included in this release:

• Support of the ACS markings
  • Conversion of the Marking Definition object to a custom Galaxy Cluster, with an extraction and flattening of the complete ACS extension definition into the Cluster meta field
  • Extraction of a set of fields and values as Tags to provide a way to search existing MISP Events and Attributes based on those tags

Chg

• [poetry] Bumped lock file with latest versions
• [package] Bumping new version

Fix

• [stix2 import] Centralised the cluster creation in one single place and added the meta parsing as galaxy elements statement
• [stix2 import] Storing the galaxy args
• [stix2 import] Using the _add_misp_object helper that already handles tags and other stuff related to a MISP object and its attributes
• [stix2 import] Added missing collection_uuid value to the ACS marking clusters
• [stix2 import] Some typing and pycodestyle issues fixed
• [stix2 import] Fixed ACS marking parsing
• [stix2 import] Fixed variable assignment typo & storing of the acs marking clusters raising issues

Wip

• [stix2 import] Adding a set of tags alongside with the Galaxy Clusters converted from ACS markings
• [stix2 import] Attaching ACS markings as galaxies to the referenred data layer (attribute or event)
• [stix2 import] First shot of an ACS marking parsing method
• [stix2 import] Preparing for an update on marking definitions parsing