search

oasis-open / cti-pattern-validator

OASIS TC Open Repository: Validate patterns used to express cyber observable content in STIX Indicators
https://stix2-patterns.readthedocs.io/
BSD 3-Clause "New" or "Revised" License
26 stars 23 forks source link

Upgrade default pattern to 2.1 #95

Open febrezo opened 1 year ago

febrezo commented 1 year ago

The change permits the usage of importing the v2.1 Pattern class from stix2patterns.pattern by default instead of v2.0. With this update, this:

>>> from stix2patterns.pattern import Pattern
>>> p = Pattern("[file:hashes.'SHA-256' = 'aec070645fe53ee3b3763059376134f058cc337247c978add178b6ccdfb0019f']")
>>> dir(p)
['_Pattern__do_parse', '_Pattern__parse_tree', '__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__gt__', '__hash__', '__init__', '__init_subclass__', '__le__', '__lt__', '__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', 'inspect', 'visit', 'walk']
>>> p.inspect()
pattern_data(comparisons={'file': [(['hashes', 'SHA-256'], '=', "'aec070645fe53ee3b3763059376134f058cc337247c978add178b6ccdfb0019f'")]}, observation_ops=set(), qualifiers=set())

Is now equivalent to:

>>> from stix2patterns.v21.pattern import Pattern
>>> p = Pattern("[file:hashes.'SHA-256' = 'aec070645fe53ee3b3763059376134f058cc337247c978add178b6ccdfb0019f']")
>>> dir(p)
['_Pattern__do_parse', '_Pattern__parse_tree', '__class__', '__delattr__', '__dict__', '__dir__', '__doc__', '__eq__', '__format__', '__ge__', '__getattribute__', '__gt__', '__hash__', '__init__', '__init_subclass__', '__le__', '__lt__', '__module__', '__ne__', '__new__', '__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__sizeof__', '__str__', '__subclasshook__', '__weakref__', 'inspect', 'visit', 'walk']
>>> p.inspect()
pattern_data(comparisons={'file': [(['hashes', 'SHA-256'], '=', "'aec070645fe53ee3b3763059376134f058cc337247c978add178b6ccdfb0019f'")]}, observation_ops=set(), qualifiers=set())
CLAassistant commented 1 year ago

CLA assistant check
All committers have signed the CLA.

codecov-commenter commented 1 year ago

Codecov Report

Merging #95 (3d0c0cd) into master (ead1801) will not change coverage. The diff coverage is 0.00%.

@@           Coverage Diff           @@
##           master      #95   +/-   ##
=======================================
  Coverage   82.03%   82.03%           
=======================================
  Files          31       31           
  Lines        4925     4925           
=======================================
  Hits         4040     4040           
  Misses        885      885
Impacted Files Coverage Δ
stix2patterns/pattern.py 0.00% <0.00%> (ø)

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more