pySigma 1.3.1__tar.gz → 1.3.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (65) hide show
  1. {pysigma-1.3.1 → pysigma-1.3.2}/PKG-INFO +1 -1
  2. {pysigma-1.3.1 → pysigma-1.3.2}/pyproject.toml +1 -1
  3. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/tags.py +12 -2
  4. {pysigma-1.3.1 → pysigma-1.3.2}/LICENSE +0 -0
  5. {pysigma-1.3.1 → pysigma-1.3.2}/README.md +0 -0
  6. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/backends/test/__init__.py +0 -0
  7. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/backends/test/backend.py +0 -0
  8. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/collection.py +0 -0
  9. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/conditions.py +0 -0
  10. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/conversion/__init__.py +0 -0
  11. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/conversion/base.py +0 -0
  12. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/conversion/deferred.py +0 -0
  13. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/conversion/state.py +0 -0
  14. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/correlations.py +0 -0
  15. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/data/mitre_attack.py +0 -0
  16. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/data/mitre_d3fend.py +0 -0
  17. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/exceptions.py +0 -0
  18. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/filters.py +0 -0
  19. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/modifiers.py +0 -0
  20. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/pipelines/base.py +0 -0
  21. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/pipelines/common.py +0 -0
  22. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/pipelines/test/__init__.py +0 -0
  23. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/pipelines/test/pipeline.py +0 -0
  24. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/plugins.py +0 -0
  25. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/__init__.py +0 -0
  26. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/condition_expressions.py +0 -0
  27. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/conditions/__init__.py +0 -0
  28. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/conditions/base.py +0 -0
  29. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/conditions/fields.py +0 -0
  30. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/conditions/rule.py +0 -0
  31. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/conditions/state.py +0 -0
  32. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/conditions/values.py +0 -0
  33. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/finalization.py +0 -0
  34. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/pipeline.py +0 -0
  35. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/postprocessing.py +0 -0
  36. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/resolver.py +0 -0
  37. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/templates.py +0 -0
  38. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/tracking.py +0 -0
  39. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/__init__.py +0 -0
  40. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/base.py +0 -0
  41. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/condition.py +0 -0
  42. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/detection_item.py +0 -0
  43. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/failure.py +0 -0
  44. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/fields.py +0 -0
  45. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/meta.py +0 -0
  46. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/placeholder.py +0 -0
  47. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/rule.py +0 -0
  48. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/state.py +0 -0
  49. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/processing/transformations/values.py +0 -0
  50. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/py.typed +0 -0
  51. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/__init__.py +0 -0
  52. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/attributes.py +0 -0
  53. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/base.py +0 -0
  54. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/detection.py +0 -0
  55. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/logsource.py +0 -0
  56. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/rule.py +0 -0
  57. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/types.py +0 -0
  58. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validation.py +0 -0
  59. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/base.py +0 -0
  60. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/__init__.py +0 -0
  61. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/condition.py +0 -0
  62. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/logsources.py +0 -0
  63. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/metadata.py +0 -0
  64. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/modifiers.py +0 -0
  65. {pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/values.py +0 -0
{pysigma-1.3.1 → pysigma-1.3.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: pySigma
3
- Version: 1.3.1
3
+ Version: 1.3.2
4
4
  Summary: Sigma rule processing and conversion tools
5
5
  License-Expression: LGPL-2.1-only
6
6
  License-File: LICENSE
{pysigma-1.3.1 → pysigma-1.3.2}/pyproject.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "pySigma"
3
- version = "1.3.1"
3
+ version = "1.3.2"
4
4
  license = "LGPL-2.1-only"
5
5
  description = "Sigma rule processing and conversion tools"
6
6
  authors = [
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/validators/core/tags.py RENAMED
@@ -43,7 +43,10 @@ class ATTACKTagValidator(SigmaTagValidator):
43
43
  """Check for usage of valid MITRE ATT&CK tags."""
44
44
 
45
45
  def __init__(self) -> None:
46
- self.allowed_tags = (
46
+ self.allowed_tags: set[str] | None = None
47
+
48
+ def _load_allowed_tags(self) -> set[str]:
49
+ return (
47
50
  {tactic.lower() for tactic in mitre_attack.mitre_attack_tactics.values()}
48
51
  .union({technique.lower() for technique in mitre_attack.mitre_attack_techniques.keys()})
49
52
  .union(
@@ -62,6 +65,8 @@ class ATTACKTagValidator(SigmaTagValidator):
62
65
  )
63
66
 
64
67
  def validate_tag(self, tag: SigmaRuleTag) -> list[SigmaValidationIssue]:
68
+ if self.allowed_tags is None:
69
+ self.allowed_tags = self._load_allowed_tags()
65
70
  if tag.namespace == "attack" and tag.name not in self.allowed_tags:
66
71
  return [InvalidATTACKTagIssue([self.rule], tag)]
67
72
  return []
@@ -78,13 +83,18 @@ class D3FENDTagValidator(SigmaTagValidator):
78
83
  """Check for usage of valid MITRE D3FEND tags."""
79
84
 
80
85
  def __init__(self) -> None:
81
- self.allowed_tags = (
86
+ self.allowed_tags: set[str] | None = None
87
+
88
+ def _load_allowed_tags(self) -> set[str]:
89
+ return (
82
90
  {tactic.lower() for tactic in mitre_d3fend.mitre_d3fend_tactics.keys()}
83
91
  .union({technique.lower() for technique in mitre_d3fend.mitre_d3fend_techniques.keys()})
84
92
  .union({artefact for artefact in mitre_d3fend.mitre_d3fend_artifacts.keys()})
85
93
  )
86
94
 
87
95
  def validate_tag(self, tag: SigmaRuleTag) -> list[SigmaValidationIssue]:
96
+ if self.allowed_tags is None:
97
+ self.allowed_tags = self._load_allowed_tags()
88
98
  if tag.namespace == "d3fend" and tag.name not in self.allowed_tags:
89
99
  return [InvalidD3FENDagIssue([self.rule], tag)]
90
100
  return []
{pysigma-1.3.1 → pysigma-1.3.2}/LICENSE RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/README.md RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/collection.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/conditions.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/correlations.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/exceptions.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/filters.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/modifiers.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/pipelines/base.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/plugins.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/py.typed RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/__init__.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/base.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/detection.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/logsource.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/rule/rule.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/types.py RENAMED
File without changes
{pysigma-1.3.1 → pysigma-1.3.2}/sigma/validation.py RENAMED
File without changes