mihari 7.3.0 → 7.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 328a34edf637c36456cc7de39fccabdaaf75937b449b5e8a8e0434e71b9328c2
-  data.tar.gz: 8483c669cfb3e715c86b4a3878961885e4cd4f93611e487c4360cb3030267c18
+  metadata.gz: ed9b24457d01edc4d1643e6c31c654ad7c13bf71fc849b10bb02276abf45852c
+  data.tar.gz: 1be36d2083e0b0209ad16475a8f20eb4d2ee9bfcb37eae43fa76091207526def
 SHA512:
-  metadata.gz: 9858608c1ceb30f846a27b487e4bcbbad463aba56a401991fdade512bf6a7a7f028e5facecd764b200d94795a1da1a2b631b85540dfe1bbf002c756100b6627f
-  data.tar.gz: c050fdafab0e7855eb610ad3d50762583ca931d31afeeb57fc654a2dc65ff381f20cb31eb28d0a61b5888c0a19df02320b09a529830fe332389b59f739721aba
+  metadata.gz: 4482938e33386e24054cb215f78f065e3190ba32269872aea6a9f543745a2c71777bb609120dcaa3872dba9b6ebd307651f80239342d6ac9427db205f03c80e0
+  data.tar.gz: 5723cbca9f18c519fc4cf91775d751f417a85161add0c0c6d499fd03075c7985c1cb73ef68e24b4913b1d8d3a9652a0e4e1025a32b83c987d3e9e22886923e38

data/lib/mihari/actor.rb

@@ -50,13 +50,6 @@ module Mihari
       options[:timeout]
     end
 
-    #
-    # @return [Boolean]
-    #
-    def parallel?
-      options[:parallel] || Mihari.config.parallel
-    end
-
     def validate_configuration!
       return if configured?
 

data/lib/mihari/analyzers/base.rb

@@ -40,6 +40,13 @@ module Mihari
         options[:ignore_error] || Mihari.config.ignore_error
       end
 
+      #
+      # @return [Boolean]
+      #
+      def parallel?
+        options[:parallel] || Mihari.config.parallel
+      end
+
       # @return [Array<String>, Array<Mihari::Models::Artifact>]
       def artifacts
         raise NotImplementedError, "You must implement #{self.class}##{__method__}"

data/lib/mihari/emitters/base.rb

@@ -19,6 +19,13 @@ module Mihari
         @rule = rule
       end
 
+      #
+      # @return [Boolean]
+      #
+      def parallel?
+        options[:parallel] || Mihari.config.parallel
+      end
+
       # A target to emit the data
       #
       # @return [String]

data/lib/mihari/rule.rb

@@ -33,9 +33,9 @@ module Mihari
     # @return [Boolean]
     #
     def errors?
-      return false if @errors.nil?
+      return false if errors.nil?
 
-      !@errors.empty?
+      !errors.empty?
     end
 
     def [](key)
@@ -163,9 +163,7 @@ module Mihari
     # @return [Array<Mihari::Models::Artifact>]
     #
     def unique_artifacts
-      normalized_artifacts.select do |artifact|
-        artifact.unique?(base_time: base_time, artifact_ttl: artifact_ttl)
-      end
+      normalized_artifacts.select { |artifact| artifact.unique?(base_time: base_time, artifact_ttl: artifact_ttl) }
     end
 
     #
@@ -174,11 +172,11 @@ module Mihari
     # @return [Array<Mihari::Models::Artifact>]
     #
     def enriched_artifacts
-      @enriched_artifacts ||= unique_artifacts.map do |artifact|
-        serial_enrichers.each { |enricher| enricher.result(artifact) }
-        Parallel.each(parallel_enrichers) { |enricher| enricher.result(artifact) }
-
-        artifact
+      @enriched_artifacts ||= Parallel.map(unique_artifacts) do |artifact|
+        artifact.tap do |tapped|
+          # NOTE: To apply changes correctly, enrichers should be applied to an artifact serially
+          enrichers.each { |enricher| enricher.result(tapped) }
+        end
       end
     end
 
@@ -337,9 +335,10 @@ module Mihari
 
     # @return [Array<Dry::Monads::Result::Success<Array<Mihari::Models::Artifact>>, Dry::Monads::Result::Failure>]
     def analyzer_results
-      parallel_results = Parallel.map(parallel_analyzers, &:result)
-      serial_results = serial_analyzers.map(&:result)
-      parallel_results + serial_results
+      [].tap do |out|
+        out << Parallel.map(parallel_analyzers, &:result)
+        out << serial_analyzers.map(&:result)
+      end.flatten
     end
 
     #
@@ -404,14 +403,6 @@ module Mihari
       end
     end
 
-    def parallel_enrichers
-      enrichers.select(&:parallel?)
-    end
-
-    def serial_enrichers
-      enrichers.reject(&:parallel?)
-    end
-
     #
     # Validate the data format
     #

data/lib/mihari/schemas/analyzer.rb

@@ -117,6 +117,6 @@ module Mihari
       end
     end
 
-    Analyzer = Schemas::Analyzers.get_or_composition
+    Analyzer = Schemas::Analyzers.compose_by_or
   end
 end

data/lib/mihari/schemas/concerns/orrable.rb

@@ -9,7 +9,7 @@ module Mihari
       module Orrable
         extend ActiveSupport::Concern
 
-        def get_or_composition
+        def compose_by_or
           schemas = constants.map { |sym| const_get sym }
           return schemas.first if schemas.length <= 1
 

data/lib/mihari/schemas/emitter.rb

@@ -10,28 +10,28 @@ module Mihari
 
       Database = Dry::Schema.Params do
         required(:emitter).value(Types::String.enum(*Mihari::Emitters::Database.keys))
-        optional(:options).hash(Options)
+        optional(:options).hash(EmitterOptions)
       end
 
       MISP = Dry::Schema.Params do
         required(:emitter).value(Types::String.enum(*Mihari::Emitters::MISP.keys))
         optional(:url).filled(:string)
         optional(:api_key).filled(:string)
-        optional(:options).hash(Options)
+        optional(:options).hash(EmitterOptions)
       end
 
       TheHive = Dry::Schema.Params do
         required(:emitter).value(Types::String.enum(*Mihari::Emitters::TheHive.keys))
         optional(:url).filled(:string)
         optional(:api_key).filled(:string)
-        optional(:options).hash(Options)
+        optional(:options).hash(EmitterOptions)
       end
 
       Slack = Dry::Schema.Params do
         required(:emitter).value(Types::String.enum(*Mihari::Emitters::Slack.keys))
         optional(:webhook_url).filled(:string)
         optional(:channel).filled(:string)
-        optional(:options).hash(Options)
+        optional(:options).hash(EmitterOptions)
       end
 
       Webhook = Dry::Schema.Params do
@@ -40,10 +40,10 @@ module Mihari
         optional(:method).value(Types::HTTPRequestMethods).default("POST")
         optional(:headers).filled(:hash)
         optional(:template).filled(:string)
-        optional(:options).hash(Options)
+        optional(:options).hash(EmitterOptions)
       end
     end
 
-    Emitter = Schemas::Emitters.get_or_composition
+    Emitter = Schemas::Emitters.compose_by_or
   end
 end

data/lib/mihari/schemas/enricher.rb

@@ -29,6 +29,6 @@ module Mihari
       end
     end
 
-    Enricher = Schemas::Enrichers.get_or_composition
+    Enricher = Schemas::Enrichers.compose_by_or
   end
 end

data/lib/mihari/schemas/options.rb

@@ -3,24 +3,29 @@
 module Mihari
   module Schemas
     Options = Dry::Schema.Params do
-      optional(:retry_times).value(:integer).default(Mihari.config.retry_times)
-      optional(:retry_interval).value(:integer).default(Mihari.config.retry_interval)
-      optional(:retry_exponential_backoff).value(:bool).default(Mihari.config.retry_exponential_backoff)
+      optional(:retry_times).value(:integer)
+      optional(:retry_interval).value(:integer)
+      optional(:retry_exponential_backoff).value(:bool)
       optional(:timeout).value(:integer)
-      optional(:parallel).value(:bool).default(Mihari.config.parallel)
     end
 
-    IgnoreErrorOptions = Dry::Schema.Params do
-      optional(:ignore_error).value(:bool).default(Mihari.config.ignore_error)
+    ParallelOptions = Dry::Schema.Params do
+      optional(:parallel).value(:bool)
     end
 
-    AnalyzerOptions = Options | IgnoreErrorOptions
+    IgnoreErrorOptions = Dry::Schema.Params do
+      optional(:ignore_error).value(:bool)
+    end
 
     PaginationOptions = Dry::Schema.Params do
-      optional(:pagination_interval).value(:integer).default(Mihari.config.pagination_interval)
-      optional(:pagination_limit).value(:integer).default(Mihari.config.pagination_limit)
+      optional(:pagination_interval).value(:integer)
+      optional(:pagination_limit).value(:integer)
     end
 
-    AnalyzerPaginationOptions = AnalyzerOptions | PaginationOptions
+    AnalyzerOptions = Options & IgnoreErrorOptions & ParallelOptions
+
+    AnalyzerPaginationOptions = AnalyzerOptions & PaginationOptions
+
+    EmitterOptions = Options & ParallelOptions
   end
 end

data/lib/mihari/schemas/rule.rb

@@ -21,9 +21,9 @@ module Mihari
       optional(:created_on).value(:date)
       optional(:updated_on).value(:date)
 
-      required(:queries).value(:array).each { Analyzer } # rubocop:disable Lint/Void
-      optional(:emitters).value(:array).each { Emitter }.default(DEFAULT_EMITTERS) # rubocop:disable Lint/Void
-      optional(:enrichers).value(:array).each { Enricher }.default(DEFAULT_ENRICHERS) # rubocop:disable Lint/Void
+      required(:queries).array { Analyzer }
+      optional(:emitters).array { Emitter }.default(DEFAULT_EMITTERS)
+      optional(:enrichers).array { Enricher }.default(DEFAULT_ENRICHERS)
 
       optional(:data_types).filled(array[Types::DataTypes]).default(Mihari::Types::DataTypes.values)
 

data/lib/mihari/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Mihari
-  VERSION = "7.3.0"
+  VERSION = "7.3.1"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 7.3.0
+  version: 7.3.1
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2024-01-20 00:00:00.000000000 Z
+date: 2024-01-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: better_errors