PyPI - pymisp - Versions diffs - 2.5.12__py3-none-any.whl → 2.5.17__py3-none-any.whl - Mend

pymisp 2.5.12py3-none-any.whl → 2.5.17py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pymisp might be problematic. Click here for more details.

Files changed (18) hide show

pymisp/__init__.py CHANGED Viewed

@@ -77,7 +77,7 @@ __all__ = ['PyMISP', 'register_user', 'AbstractMISP', 'MISPTag',
            'MISPOrganisationBlocklist', 'MISPEventReport', 'MISPCorrelationExclusion',
            'MISPDecayingModel', 'MISPGalaxy', 'MISPGalaxyCluster', 'MISPGalaxyClusterElement',
            'MISPGalaxyClusterRelation', 'MISPNote', 'MISPOpinion', 'MISPRelationship',
-           'PyMISPError', 'NewEventError', 'NewAttributeError',
+           'PyMISPError', 'NewEventError', 'NewAttributeError', 'MISPServerError',
            'NoURL', 'NoKey', 'InvalidMISPObject', 'UnknownMISPObjectTemplate', 'PyMISPInvalidFormat',
            'Distribution', 'ThreatLevel', 'Analysis', 'ExpandedPyMISP'
            ]

pymisp/abstract.py CHANGED Viewed

@@ -383,7 +383,7 @@ class MISPTag(AbstractMISP):
     def from_dict(self, **kwargs) -> None:  # type: ignore[no-untyped-def]
         if kwargs.get('Tag'):
-            kwargs = kwargs.get('Tag')  # type: ignore[assignment]
+            kwargs = kwargs.get('Tag')
         super().from_dict(**kwargs)
     def _set_default(self) -> None:

pymisp/api.py CHANGED Viewed

@@ -129,10 +129,10 @@ def brotli_supported() -> bool:
     # urllib >= 1.25.1 includes brotli support
     version_splitted = version('urllib3').split('.')  # noqa: F811
     if len(version_splitted) == 2:
-        major, minor = version_splitted  # type: ignore
+        major, minor = version_splitted
         patch = 0
     else:
-        major, minor, patch = version_splitted  # type: ignore
+        major, minor, patch = version_splitted
     major, minor, patch = int(major), int(minor), int(patch)
     urllib3_with_brotli = (major == 1 and ((minor == 25 and patch >= 1) or (minor >= 26))) or major >= 2
@@ -1050,7 +1050,7 @@ class PyMISP:
             # At this point, we assume the user tried to add an attribute on an event they don't own
             # Re-try with a proposal
             if isinstance(attribute, (MISPAttribute, dict)):
-                return self.add_attribute_proposal(event_id, attribute, pythonify)  # type: ignore
+                return self.add_attribute_proposal(event_id, attribute, pythonify)
         if not (self.global_pythonify or pythonify) or 'errors' in new_attribute:
             return new_attribute
         a = MISPAttribute()
@@ -1563,7 +1563,7 @@ class PyMISP:
             if isinstance(warninglist_id, list):
                 query['id'] = warninglist_id
             else:
-                query['id'] = [warninglist_id]  # type: ignore
+                query['id'] = [warninglist_id]
         if warninglist_name is not None:
             if isinstance(warninglist_name, list):
                 query['name'] = warninglist_name
@@ -3032,7 +3032,7 @@ class PyMISP:
         if return_format == 'csv':
             normalized_response_text = self._check_response(response)
             if (self.global_pythonify or pythonify) and not headerless:
-                return self._csv_to_dict(normalized_response_text)  # type: ignore
+                return self._csv_to_dict(normalized_response_text)
             else:
                 return normalized_response_text
         elif return_format not in ['json', 'yara-json']:
@@ -3060,7 +3060,7 @@ class PyMISP:
                     to_return.append(me)
             elif controller == 'attributes':
                 # FIXME: obvs, this is hurting my soul. We need something generic.
-                for a in normalized_response['Attribute']:  # type: ignore[call-overload]
+                for a in normalized_response['Attribute']:
                     ma = MISPAttribute()
                     ma.from_dict(**a)
                     if 'Event' in ma:

pymisp/data/misp-objects/objects/{flowintel-cm-case → flowintel-case}/definition.json RENAMED Viewed

@@ -88,9 +88,9 @@
       "ui-priority": 1
     }
   },
-  "description": "A case as defined by flowintel-cm.",
+  "description": "A case as defined by flowintel.",
   "meta-category": "misc",
-  "name": "flowintel-cm-case",
+  "name": "flowintel-case",
   "uuid": "19df57c7-b315-4fd2-84e5-d81ab221425e",
-  "version": 3
+  "version": 4
 }

pymisp/data/misp-objects/objects/{flowintel-cm-task → flowintel-task}/definition.json RENAMED Viewed

@@ -78,9 +78,9 @@
       "ui-priority": 0
     }
   },
-  "description": "A task as defined by flowintel-cm.",
+  "description": "A task as defined by flowintel.",
   "meta-category": "misc",
-  "name": "flowintel-cm-task",
+  "name": "flowintel-task",
   "uuid": "2f525f6e-d3f2-4cb9-9ca0-f1160d99397d",
-  "version": 4
+  "version": 5
 }

pymisp/data/misp-objects/objects/{flowintel-cm-task-note → flowintel-task-note}/definition.json RENAMED Viewed

@@ -27,9 +27,9 @@
       "ui-priority": 2
     }
   },
-  "description": "A task's note as defined by flowintel-cm.",
+  "description": "A task's note as defined by flowintel.",
   "meta-category": "misc",
-  "name": "flowintel-cm-task-note",
+  "name": "flowintel-task-note",
   "uuid": "2c6f6aba-48b6-482f-a810-81934d29be9a",
-  "version": 1
+  "version": 2
 }

pymisp/data/misp-objects/objects/flowintel-task-resource/definition.json ADDED Viewed

@@ -0,0 +1,35 @@
+{
+  "attributes": {
+    "origin-url": {
+      "description": "Origin of the task",
+      "disable_correlation": true,
+      "misp-attribute": "url",
+      "to_ids": false,
+      "ui-priority": 1
+    },
+    "resource": {
+      "description": "Resources of the task",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "to_ids": false,
+      "ui-priority": 0
+    },
+    "resource-uuid": {
+      "description": "UUID of the resource",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 2
+    },
+    "task-uuid": {
+      "description": "UUID of the parent task",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 2
+    }
+  },
+  "description": "A task's note as defined by flowintel.",
+  "meta-category": "misc",
+  "name": "flowintel-task-resource",
+  "uuid": "dc1d5bae-3611-499c-bbd6-1ca3ad4048dd",
+  "version": 1
+}

pymisp/data/misp-objects/objects/greynoise-ip/definition.json CHANGED Viewed

@@ -4,59 +4,107 @@
       "description": "GreyNoise Actor",
       "disable_correlation": true,
       "misp-attribute": "text",
+      "ui-priority": 4
+    },
+    "asn": {
+      "description": "GreyNoise ASN",
+      "disable_correlation": true,
+      "misp-attribute": "AS",
+      "ui-priority": 3
+    },
+    "bot": {
+      "description": "GreyNoise Is Bot Flag",
+      "disable_correlation": true,
+      "misp-attribute": "boolean",
       "ui-priority": 1
     },
     "classification": {
       "description": "GreyNoise Classification",
       "disable_correlation": true,
       "misp-attribute": "text",
-      "ui-priority": 1
+      "ui-priority": 6
+    },
+    "domain": {
+      "description": "GreyNoise Domain",
+      "disable_correlation": false,
+      "misp-attribute": "domain",
+      "ui-priority": 6
     },
     "first-seen": {
       "description": "First Seen",
       "disable_correlation": true,
       "misp-attribute": "datetime",
-      "ui-priority": 2
+      "ui-priority": 5
     },
     "ip-src": {
       "description": "Source IP address of the network connection.",
       "misp-attribute": "ip-src",
-      "ui-priority": 1
+      "ui-priority": 7
     },
     "last-seen": {
       "description": "Last Seen",
       "disable_correlation": true,
       "misp-attribute": "datetime",
-      "ui-priority": 1
+      "ui-priority": 5
     },
     "link": {
       "description": "GreyNoise Visualizer Link",
       "disable_correlation": true,
       "misp-attribute": "link",
-      "ui-priority": 2
+      "ui-priority": 4
     },
     "noise": {
       "description": "GreyNoise Internet Scanning Flag",
       "disable_correlation": true,
       "misp-attribute": "text",
-      "ui-priority": 1
+      "ui-priority": 4
     },
     "provider": {
       "description": "GreyNoise Service Provider",
       "disable_correlation": true,
       "misp-attribute": "text",
-      "ui-priority": 1
+      "ui-priority": 4
+    },
+    "rdns": {
+      "description": "GreyNoise Reverse DNS Hostname",
+      "disable_correlation": false,
+      "misp-attribute": "hostname",
+      "ui-priority": 2
+    },
+    "rdns_parent": {
+      "description": "GreyNoise Reverse DNS Domain",
+      "disable_correlation": true,
+      "misp-attribute": "domain",
+      "ui-priority": 2
     },
     "riot": {
       "description": "GreyNoise Common Business Service Flag",
       "disable_correlation": true,
       "misp-attribute": "text",
+      "ui-priority": 4
+    },
+    "source_country": {
+      "description": "GreyNoise Source Country",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "ui-priority": 3
+    },
+    "tor": {
+      "description": "GreyNoise Is Tor Flag",
+      "disable_correlation": true,
+      "misp-attribute": "boolean",
       "ui-priority": 1
     },
     "trust-level": {
       "description": "GreyNoise RIOT Trust Level",
       "disable_correlation": true,
       "misp-attribute": "text",
+      "ui-priority": 4
+    },
+    "vpn": {
+      "description": "GreyNoise Is VPN Flag",
+      "disable_correlation": true,
+      "misp-attribute": "boolean",
       "ui-priority": 1
     }
   },
@@ -67,5 +115,5 @@
     "ip-src"
   ],
   "uuid": "6B14A94A-46E4-4B82-B24D-0DBF8E8B3FD9",
-  "version": 1
+  "version": 2
 }

pymisp/data/misp-objects/objects/network-data/definition.json ADDED Viewed

@@ -0,0 +1,167 @@
+{
+  "attributes": {
+    "counter": {
+      "description": "counter (ex.: bytes, packets, flows, events, etc)",
+      "disable_correlation": true,
+      "misp-attribute": "counter",
+      "multiple": true,
+      "ui-priority": 3
+    },
+    "data": {
+      "description": "network traffic (ex.: payload, log lines, etc)",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 0
+    },
+    "description": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "describe type/content of the network data",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 15
+    },
+    "dst_ASN": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "destination autonomous system number",
+      "disable_correlation": true,
+      "misp-attribute": "AS",
+      "multiple": true,
+      "ui-priority": 8
+    },
+    "dst_CC": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "destination country code",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 9
+    },
+    "dst_IP": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "destination IP address",
+      "misp-attribute": "ip-dst",
+      "multiple": true,
+      "ui-priority": 7
+    },
+    "dst_hostname": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "destination hostname",
+      "misp-attribute": "hostname",
+      "multiple": true,
+      "ui-priority": 5
+    },
+    "dst_port": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "destination port",
+      "disable_correlation": true,
+      "misp-attribute": "port",
+      "multiple": true,
+      "ui-priority": 6
+    },
+    "first_seen": {
+      "description": "timestamp of the first data seen",
+      "disable_correlation": true,
+      "misp-attribute": "datetime",
+      "ui-priority": 2
+    },
+    "last_seen": {
+      "description": "timestamp of the last data seen",
+      "disable_correlation": true,
+      "misp-attribute": "datetime",
+      "ui-priority": 1
+    },
+    "protocol": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "protocol (ex.: TCP, UDP, ICMP, TLS, HTTP, HTTPS, SIP, etc)",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 4
+    },
+    "src_ASN": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "source autonomous system number",
+      "disable_correlation": true,
+      "misp-attribute": "AS",
+      "multiple": true,
+      "ui-priority": 13
+    },
+    "src_CC": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "source country code",
+      "disable_correlation": true,
+      "misp-attribute": "text",
+      "multiple": true,
+      "ui-priority": 14
+    },
+    "src_IP": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "source IP address",
+      "misp-attribute": "ip-src",
+      "multiple": true,
+      "ui-priority": 12
+    },
+    "src_hostname": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "source hostname",
+      "misp-attribute": "hostname",
+      "multiple": true,
+      "ui-priority": 10
+    },
+    "src_port": {
+      "categories": [
+        "Network activity",
+        "External analysis"
+      ],
+      "description": "source port",
+      "disable_correlation": true,
+      "misp-attribute": "port",
+      "multiple": true,
+      "ui-priority": 11
+    }
+  },
+  "description": "network data, including payloads/logs, relevant timestamps, data volume and enrichment of the TCP/IP 5-tuple connection information.",
+  "meta-category": "network",
+  "name": "network-data",
+  "requiredOneOf": [
+    "src_IP",
+    "data"
+  ],
+  "uuid": "64d5949b-98ac-459d-83b8-4688f45795de",
+  "version": 2
+}

pymisp/data/misp-objects/objects/original-imported-file/definition.json CHANGED Viewed

@@ -9,6 +9,7 @@
         "STIX 1.1",
         "STIX 1.2",
         "STIX 2.0",
+        "STIX 2.1",
         "OpenIOC"
       ],
       "ui-priority": 1

pymisp/data/misp-objects/objects/query/definition.json CHANGED Viewed

@@ -27,7 +27,9 @@
         "Google search query",
         "Ariel Query Language (qradar)",
         "Grep",
-        "Devo LINQ"
+        "Devo LINQ",
+        "Microsoft Defender XDR",
+        "Sentinel Advanced Security Information Model"
       ],
       "ui-priority": 0
     },
@@ -49,5 +51,5 @@
     "query"
   ],
   "uuid": "006539b3-f68a-4a02-a213-e600762d39b5",
-  "version": 3
+  "version": 4
 }

pymisp/mispevent.py CHANGED Viewed

@@ -2,9 +2,9 @@ from __future__ import annotations
 from datetime import timezone, datetime, date
 import copy
+from dateutil.parser import parse
 import os
 import base64
-import sys
 from io import BytesIO, BufferedIOBase, TextIOBase
 from zipfile import ZipFile
 import uuid
@@ -111,12 +111,6 @@ class AnalystDataBehaviorMixin(AbstractMISP):
             self.add_relationship(**relationship)
-try:
-    from dateutil.parser import parse
-except ImportError:
-    logger.exception("Cannot import dateutil")
 def _make_datetime(value: int | float | str | datetime | date) -> datetime:
     if isinstance(value, (int, float)):
         # Timestamp
@@ -126,7 +120,7 @@ def _make_datetime(value: int | float | str | datetime | date) -> datetime:
             # faster
             value = datetime.fromisoformat(value)
         except Exception:
-            value = parse(value)  # type: ignore[arg-type]
+            value = parse(value)
     elif isinstance(value, datetime):
         pass
     elif isinstance(value, date):  # NOTE: date has to be *after* datetime, or it will be overwritten
@@ -399,7 +393,7 @@ class MISPAttribute(AnalystDataBehaviorMixin):
         if self.type == 'malware-sample':
             try:
                 # Ignore type, if data is None -> exception
-                with ZipFile(self.data) as f:  # type: ignore
+                with ZipFile(self.data) as f:
                     if not self.__is_misp_encrypted_file(f):
                         raise PyMISPError('Not an existing malware sample')
                     for name in f.namelist():
@@ -415,7 +409,12 @@ class MISPAttribute(AnalystDataBehaviorMixin):
     def __setattr__(self, name: str, value: Any) -> None:
         if name in ['first_seen', 'last_seen']:
-            _datetime = _make_datetime(value)
+            try:
+                _datetime = _make_datetime(value)
+            except Exception:
+                if value is not None:
+                    logger.warning(f'Invalid value ({value}) for {name}, skipping.')
+                return None
             # NOTE: the two following should be exceptions, but there are existing events in this state,
             # And we cannot dump them if it is there.
@@ -488,7 +487,7 @@ class MISPAttribute(AnalystDataBehaviorMixin):
             return self._malware_binary
         elif hasattr(self, 'malware_filename'):
             # Have a binary, but didn't decrypt it yet
-            with ZipFile(self.data) as f:  # type: ignore
+            with ZipFile(self.data) as f:
                 for name in f.namelist():
                     if not name.endswith('.filename.txt'):
                         with f.open(name, pwd=b'infected') as unpacked:
@@ -585,18 +584,13 @@ class MISPAttribute(AnalystDataBehaviorMixin):
         if self.type == 'datetime' and isinstance(self.value, str):
             try:
                 # Faster
-                if sys.version_info >= (3, 7):
-                    self.value = datetime.fromisoformat(self.value)
-                else:
-                    if '+' in self.value or '-' in self.value:
-                        self.value = datetime.strptime(self.value, "%Y-%m-%dT%H:%M:%S.%f%z")
-                    elif '.' in self.value:
-                        self.value = datetime.strptime(self.value, "%Y-%m-%dT%H:%M:%S.%f")
-                    else:
-                        self.value = datetime.strptime(self.value, "%Y-%m-%dT%H:%M:%S")
+                self.value = datetime.fromisoformat(self.value)
             except ValueError:
                 # Slower, but if the other ones fail, that's a good fallback
-                self.value = parse(self.value)
+                try:
+                    self.value = parse(self.value)
+                except Exception:
+                    raise NewAttributeError(f'{self.value} is not a valid datetime, the attribute is broken.')
         # Default values
         self.category = kwargs.pop('category', type_defaults['default_category'])
@@ -862,7 +856,12 @@ class MISPObject(AnalystDataBehaviorMixin):
     def __setattr__(self, name: str, value: Any) -> None:
         if name in ['first_seen', 'last_seen']:
-            value = _make_datetime(value)
+            try:
+                value = _make_datetime(value)
+            except Exception:
+                if value is not None:
+                    logger.warning(f'Invalid value ({value}) for {name}, skipping.')
+                return None
             if name == 'last_seen' and hasattr(self, 'first_seen') and self.first_seen > value:
                 logger.warning(f'last_seen ({value}) has to be after first_seen ({self.first_seen})')
@@ -1855,7 +1854,10 @@ class MISPEvent(AnalystDataBehaviorMixin):
                     # faster
                     value = date.fromisoformat(value)
                 except Exception:
-                    value = parse(value).date()
+                    try:
+                        value = parse(value).date()
+                    except Exception as e:
+                        raise NewEventError(f'Invalid format for the date: {e} - {type(value)} - {value}')
             elif isinstance(value, (int, float)):
                 value = date.fromtimestamp(value)
             elif isinstance(value, datetime):
@@ -1871,7 +1873,7 @@ class MISPEvent(AnalystDataBehaviorMixin):
         :param ignore_invalid: if True, assigns current date if d is not an expected type
         """
         if isinstance(d, (str, int, float, datetime, date)):
-            self.date = d  # type: ignore
+            self.date = d
         elif ignore_invalid:
             self.date = date.today()
         else:
@@ -1938,7 +1940,7 @@ class MISPEvent(AnalystDataBehaviorMixin):
             for rel_event in kwargs.pop('RelatedEvent'):
                 sub_event = MISPEvent()
                 sub_event.load(rel_event)
-                self.RelatedEvent.append({'Event': sub_event})  # type: ignore[arg-type]
+                self.RelatedEvent.append({'Event': sub_event})
         if kwargs.get('Tag'):
             [self.add_tag(tag) for tag in kwargs.pop('Tag')]
         if kwargs.get('Object'):

pymisp/tools/emailobject.py CHANGED Viewed

@@ -10,7 +10,7 @@ from email import policy, message_from_bytes
 from email.message import EmailMessage
 from io import BytesIO
 from pathlib import Path
-from typing import cast, Any
+from typing import Any
 from extract_msg import openMsg
 from extract_msg.msg_classes import MessageBase
@@ -50,7 +50,6 @@ class EMailObject(AbstractMISPObjectGenerator):
         eml = message_from_bytes(content_in_bytes,
                                  _class=EmailMessage,
                                  policy=policy.default)
-        eml = cast(EmailMessage, eml)  # Only needed to quiet mypy
         if len(eml) != 0:
             self.raw_emails['eml'] = self.__pseudofile
             return eml
@@ -73,7 +72,6 @@ class EMailObject(AbstractMISPObjectGenerator):
                 eml_bytes = content_in_bytes.decode("utf_8_sig").encode("utf-8")
                 eml = email.message_from_bytes(eml_bytes,
                                                policy=policy.default)
-                eml = cast(EmailMessage, eml)  # Only needed to quiet mypy
                 if len(eml) != 0:
                     self.raw_emails['eml'] = BytesIO(eml_bytes)
                     return eml
@@ -99,7 +97,7 @@ class EMailObject(AbstractMISPObjectGenerator):
     def _msg_to_eml(self, msg_bytes: bytes) -> EmailMessage:
         """Converts a msg into an eml."""
         # NOTE: openMsg returns a MessageBase, not a MSGFile
-        msg_obj: MessageBase = openMsg(msg_bytes)  # type: ignore
+        msg_obj: MessageBase = openMsg(msg_bytes)
         # msg obj stores the original raw header here
         message, body, attachments = self._extract_msg_objects(msg_obj)
         eml = self._build_eml(message, body, attachments)
@@ -107,7 +105,7 @@ class EMailObject(AbstractMISPObjectGenerator):
     def _extract_msg_objects(self, msg_obj: MessageBase) -> tuple[EmailMessage, dict[str, Any], list[AttachmentBase] | list[SignedAttachment]]:
         """Extracts email objects needed to construct an eml from a msg."""
-        message: EmailMessage = email.message_from_string(msg_obj.header.as_string(), policy=policy.default)  # type: ignore
+        message: EmailMessage = email.message_from_string(msg_obj.header.as_string(), policy=policy.default)
         body = {}
         if msg_obj.body is not None:
             body['text'] = {"obj": msg_obj.body,

pymisp/tools/peobject.py CHANGED Viewed

@@ -202,7 +202,7 @@ class PESigners(AbstractMISPObjectGenerator):
         self.add_attribute('digest_algorithm', value=str(self.__signer.digest_algorithm))
         self.add_attribute('encryption_algorithm', value=str(self.__signer.encryption_algorithm))
         self.add_attribute('digest-base64', value=b64encode(self.__signer.encrypted_digest))
-        info: lief.PE.SpcSpOpusInfo = self.__signer.get_attribute(lief.PE.Attribute.TYPE.SPC_SP_OPUS_INFO)  # type: ignore[assignment]
+        info: lief.PE.SpcSpOpusInfo = self.__signer.get_attribute(lief.PE.Attribute.TYPE.SPC_SP_OPUS_INFO)
         if info:
             self.add_attribute('program-name', value=info.program_name)
             self.add_attribute('url', value=info.more_info)

{pymisp-2.5.12.dist-info → pymisp-2.5.17.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: pymisp
-Version: 2.5.12
+Version: 2.5.17
 Summary: Python API for MISP.
 License: BSD-2-Clause
 Author: Raphaël Vinot
@@ -31,20 +31,20 @@ Provides-Extra: virustotal
 Requires-Dist: RTFDE (>=0.1.2.1) ; (python_version <= "3.9") and (extra == "email")
 Requires-Dist: beautifulsoup4 (>=4.13.4) ; extra == "openioc"
 Requires-Dist: deprecated (>=1.2.18)
-Requires-Dist: docutils (>=0.21.2) ; (python_version >= "3.11") and (extra == "docs")
+Requires-Dist: docutils (<0.22) ; (python_version >= "3.11") and (extra == "docs")
 Requires-Dist: extract_msg (>=0.54.1) ; extra == "email"
-Requires-Dist: lief (>=0.16.5) ; extra == "fileobjects"
+Requires-Dist: lief (>=0.16.6) ; extra == "fileobjects"
 Requires-Dist: myst-parser (>=4.0.1) ; (python_version >= "3.11") and (extra == "docs")
 Requires-Dist: oletools (>=0.60.2) ; extra == "email"
 Requires-Dist: pydeep2 (>=0.5.1) ; extra == "fileobjects"
 Requires-Dist: pyfaup (>=1.2) ; extra == "url"
 Requires-Dist: python-dateutil (>=2.9.0.post0)
 Requires-Dist: python-magic (>=0.4.27) ; extra == "fileobjects"
-Requires-Dist: reportlab (>=4.4.0) ; extra == "pdfexport"
-Requires-Dist: requests (>=2.32.3)
+Requires-Dist: reportlab (>=4.4.3) ; extra == "pdfexport"
+Requires-Dist: requests (>=2.32.4)
 Requires-Dist: sphinx (>=8.2.3) ; (python_version >= "3.11") and (extra == "docs")
 Requires-Dist: sphinx-autodoc-typehints (>=3.2.0) ; (python_version >= "3.11") and (extra == "docs")
-Requires-Dist: urllib3 (>=2.4.0) ; extra == "brotli"
+Requires-Dist: urllib3 (>=2.5.0) ; extra == "brotli"
 Requires-Dist: validators (>=0.35.0) ; extra == "virustotal"
 Project-URL: Documentation, https://pymisp.readthedocs.io
 Project-URL: Repository, https://github.com/MISP/PyMISP

{pymisp-2.5.12.dist-info → pymisp-2.5.17.dist-info}/RECORD RENAMED Viewed

@@ -1,6 +1,6 @@
-pymisp/__init__.py,sha256=NxD9URYrwmEvYsZdUDTtBqBuIsvzRjXnRr8QVPsuOGE,4004
-pymisp/abstract.py,sha256=hdf3heAGnEi3rFIxaAsCOKfO4Y1kT_UoDNpr564GiIk,15745
-pymisp/api.py,sha256=o-LEgdYLtpAMjJ4KgmbYddFuHq-JBs9xU_4FfKRUJMU,209471
+pymisp/__init__.py,sha256=0xHLChUKY2NJ6iTd7XTRjZz1ypm5w83dNDiKqmL2n9g,4023
+pymisp/abstract.py,sha256=QQ7qrgAzbNdTdmYBL3lRq_qn-xC-33Ao6O_De4xIr4Q,15717
+pymisp/api.py,sha256=-9E_cnascTsGzLlngC5lf1TAHcmRnn4jSmmeDYv6VJU,209360
 pymisp/data/describeTypes.json,sha256=hoOy6U_FDVmfk9EdaFgGfEe_GMifmRnIrW8FAJ1ylJ4,45889
 pymisp/data/misp-objects/objects/ADS/definition.json,sha256=EtPXOaNcngjtH0ylJ0gw9UfErgkjzUWFOyzvzC6pGfM,3048
 pymisp/data/misp-objects/objects/abuseipdb/definition.json,sha256=xWtZfdAwWWTR5_J76K8chrxFViJeH9T8CQQ6aRhEk3Q,1070
@@ -91,9 +91,10 @@ pymisp/data/misp-objects/objects/facial-composite/definition.json,sha256=gj4wK-V
 pymisp/data/misp-objects/objects/fail2ban/definition.json,sha256=5bAMbq3txZHWQrIX-NDZMQRg6vrpUBTbimJcCyk4Ixw,1601
 pymisp/data/misp-objects/objects/favicon/definition.json,sha256=KL6P9RGHjaLRj41DPzszif0mmEvUsnbEj5I4nOz497g,996
 pymisp/data/misp-objects/objects/file/definition.json,sha256=wPPyh74-tOLlphUHlKfAtjEUYoYY7jNHn8JwzUgF_MA,12900
-pymisp/data/misp-objects/objects/flowintel-cm-case/definition.json,sha256=d-Eq_KbwENHU30aWhL7k62GqZfxEIK3nkb001kxxIVc,2494
-pymisp/data/misp-objects/objects/flowintel-cm-task/definition.json,sha256=BUOp4w4PSq8nAlJZTYWH5sFKK80--3H-Uj78LAjbs5U,2199
-pymisp/data/misp-objects/objects/flowintel-cm-task-note/definition.json,sha256=p9MZ78Ur4T4GhUac4JvTItM64fYeZ0l5nhm2i9P8COA,895
+pymisp/data/misp-objects/objects/flowintel-case/definition.json,sha256=LCDG0OOJdpY_GbrGkv20edtyYfW6IUNn8rKc9hKiSbw,2488
+pymisp/data/misp-objects/objects/flowintel-task/definition.json,sha256=9ON-1bXHSOB7A07t8fRNQ0_37aY32EuLvBd5bfSDuNQ,2193
+pymisp/data/misp-objects/objects/flowintel-task-note/definition.json,sha256=wU5HLbzediH2Rol-dx45bClRIkXG-k8xxdUjCeTXSs4,889
+pymisp/data/misp-objects/objects/flowintel-task-resource/definition.json,sha256=iO0K2Gj5-TYJ9C0nkmzJDR0Ui8R4z3cYxPpK5CHzozU,908
 pymisp/data/misp-objects/objects/forensic-case/definition.json,sha256=tOaSEp9SAleSBXVVe8ms8G8jjd2q_IpaIDmfqt8NAsY,1281
 pymisp/data/misp-objects/objects/forensic-evidence/definition.json,sha256=d1Sjj0mts5mZ5YiKTXEYrNJXtC-ZJ0lN7Q7ux0-FN9c,2274
 pymisp/data/misp-objects/objects/forged-document/definition.json,sha256=xBpiPFyJjwuBVM0xrmQSHY4wmm0bTOQIg45avB3NgLw,2816
@@ -159,7 +160,7 @@ pymisp/data/misp-objects/objects/gitlab-user/definition.json,sha256=xCqY6NAG1Dht
 pymisp/data/misp-objects/objects/google-account/definition.json,sha256=fsyjqkMU12X0F4NpI1Mx4i09MQHNb1n-1HwJSIVrO0Q,3467
 pymisp/data/misp-objects/objects/google-safe-browsing/definition.json,sha256=Bxo1eu_EbY8Q1mMv0y0lDv9Rn0xDwmPtesuZ8jtk4Xc,739
 pymisp/data/misp-objects/objects/google-threat-intelligence-report/definition.json,sha256=EZgeF_PbgrxLVGaszm_BJPoWbEB8D7O52anB68vkA8s,1879
-pymisp/data/misp-objects/objects/greynoise-ip/definition.json,sha256=pPp13wr0ATb1GYrrjJRLJxzkXJmkbajCifo4IfOeNYc,1850
+pymisp/data/misp-objects/objects/greynoise-ip/definition.json,sha256=KQ99REeJsj3v63dMkxVOsVctR0CTV-_WdeMrkf1PXn0,3144
 pymisp/data/misp-objects/objects/gtp-attack/definition.json,sha256=WjQ4t_Iu1oMx74W20FWZ70UFJUJn9ta5hu7MPxXNZ7o,2611
 pymisp/data/misp-objects/objects/hashlookup/definition.json,sha256=rm3xJoDfJKqUuKhfGd8t17XE0xBJ2QMTWg6H7WJvKzI,2888
 pymisp/data/misp-objects/objects/hhhash/definition.json,sha256=HmPa_bN-FBaZQWDdz2_9fzZHqIREh1dkyio7OsWbzyo,1474
@@ -209,6 +210,7 @@ pymisp/data/misp-objects/objects/mutex/definition.json,sha256=zqun14zDa2seXkX5BG
 pymisp/data/misp-objects/objects/narrative/definition.json,sha256=VXEm_lcQgR7uFtMalrdbI73-ivv6HJHQVx6lPU0FYzA,2200
 pymisp/data/misp-objects/objects/netflow/definition.json,sha256=pQ_meRpiPEchaTBNTBUyUT5zPmL7QNIQgLGKdd_KTqE,4103
 pymisp/data/misp-objects/objects/network-connection/definition.json,sha256=6rGG8ZhW3YxgGAV_l91GFpZXk4QpyJ7iuedH5FU38HE,4248
+pymisp/data/misp-objects/objects/network-data/definition.json,sha256=XxC2GxhybnzSfYOXNI6iufmj7EFFj_4by6cLTogreeA,4322
 pymisp/data/misp-objects/objects/network-profile/definition.json,sha256=urPC6ysgZ5kaiB2L2ilL19iGmR2GNUzjO4pcUngQl5E,6175
 pymisp/data/misp-objects/objects/network-socket/definition.json,sha256=qEE1yvRnrpylHut3jFDJnPWWfsz61ZJO0-Lp40WOSjM,6571
 pymisp/data/misp-objects/objects/network-traffic/definition.json,sha256=jZSGhItwP-1Vxm7fv_IqbijXqnAvPFFKhjxolaDXudE,3144
@@ -217,7 +219,7 @@ pymisp/data/misp-objects/objects/news-media/definition.json,sha256=Mb4TQz-Cj035H
 pymisp/data/misp-objects/objects/open-data-security/definition.json,sha256=fNTNdk-Hjd83DkmhbhGst6PJv09ZJzuXC6RitsEinZg,3052
 pymisp/data/misp-objects/objects/opentide/definition.json,sha256=KAhBYWYMp_PF0lTMjanOBKZirdju2120Y9tNOlpMzy8,1496
 pymisp/data/misp-objects/objects/organization/definition.json,sha256=2Dq4Gs4ynlcaP1rnxfvDCU8cCARO39_Z3azkHYJjhh4,3956
-pymisp/data/misp-objects/objects/original-imported-file/definition.json,sha256=lip2yP3wdLoCGxsiCrNMcBC6nyQJUPcJFZYzlkpxeOA,921
+pymisp/data/misp-objects/objects/original-imported-file/definition.json,sha256=3GwBNwKhwKGjxM4V_mVxH7Za5t0yRgQ1i01ogIcHMvk,941
 pymisp/data/misp-objects/objects/paloalto-threat-event/definition.json,sha256=F1qMo6LN32i3e7ODjv38twX3BEzrgdLIqXN9PqL-3x4,2597
 pymisp/data/misp-objects/objects/parler-account/definition.json,sha256=YRDWupU7kbSGgTKzwnj7iIqNuAAlBCOPmocWBaYqcQw,3431
 pymisp/data/misp-objects/objects/parler-comment/definition.json,sha256=F6dwrsaryCXAmlu-EIjuqJq1ygDRqnfZcoaBsu2CI-8,3900
@@ -244,7 +246,7 @@ pymisp/data/misp-objects/objects/probabilistic-data-structure/definition.json,sh
 pymisp/data/misp-objects/objects/process/definition.json,sha256=JmRNrY6JTu5zw3C7uc8fcT4tgZBmBnfrg32NEKYreIM,5089
 pymisp/data/misp-objects/objects/publication/definition.json,sha256=j_ZEp8Xk0ZRNN-Gt2cGknPEL6fsN4rdFNpZX30CgoCI,3667
 pymisp/data/misp-objects/objects/python-etvx-event-log/definition.json,sha256=pEa37XSenCrGwPkJ3SqRd6umycXVoLWs5r3oZcKqcmc,4863
-pymisp/data/misp-objects/objects/query/definition.json,sha256=NmudWbuwIV8FoKQRhrim4Tc4U0_VKKwhVtfuThagkx8,1386
+pymisp/data/misp-objects/objects/query/definition.json,sha256=aInnfBGGVw0gKf2rD0GOMQFzgnCNsvLvE-Z4C3Bi59c,1476
 pymisp/data/misp-objects/objects/r2graphity/definition.json,sha256=ESpT5SLLUnlCpYjB20wd88kXgUMFwTLE9UsKrXZgFpo,4596
 pymisp/data/misp-objects/objects/ransom-negotiation/definition.json,sha256=jvbnAloyXHIHI0rI4XyZ-fAPKzK5baym11PXGQF-9xg,4588
 pymisp/data/misp-objects/objects/ransomware-group-post/definition.json,sha256=dUZsHN7brIVgu1CgZo7rJRlwWmPoy3TZypiiFytnwBc,3132
@@ -370,7 +372,7 @@ pymisp/data/misp-objects/schema_relationships.json,sha256=MCusp9GAyuHTo3lLyBrsvl
 pymisp/data/schema-lax.json,sha256=2QICdCbtfXRJkTVjwb7xjF3ypys2wOtrUyE1ZDz_qes,8561
 pymisp/data/schema.json,sha256=79N2hObemthb_syUHksDqM4djFttsWZQDg1sTYZYxys,9178
 pymisp/exceptions.py,sha256=IgGGadv5lnLAvO7Q6AjF0vEbjoWwwDWLYwMn-8pkU_k,1965
-pymisp/mispevent.py,sha256=rDlW0amvLSizJFjEid5Bw0wVLdF0pOsWqvdb0JMyISc,121527
+pymisp/mispevent.py,sha256=2FM7k1EwTSEiyUcyeCc2joUpTCInXbnXKp5DYpLTMYo,121613
 pymisp/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pymisp/tools/__init__.py,sha256=_KCihYo82e8G5cHV321ak2sgbao2GyFjf4sSTMiN_IM,2233
 pymisp/tools/_psl_faup.py,sha256=JyK8RQm8DPWvNuoF4rQpiE0rBm-Az-sr38Kl46dmWcs,7034
@@ -380,7 +382,7 @@ pymisp/tools/create_misp_object.py,sha256=PP78t4Gc7jiZtjt3MGC-0NuH976vSadSmhbaSk
 pymisp/tools/csvloader.py,sha256=d-Ox4KEehuXi9YxPE3hhf62etaj7D0pUHr5Qy4rPoqo,2588
 pymisp/tools/domainipobject.py,sha256=2w1ckOWPZvp9EW6TOAguT1Kwov72K1jJuJLqgU1whoo,847
 pymisp/tools/elfobject.py,sha256=thylyAVcAdF31II8ykVzG75Fe4Fgokc9qR90g1ybI8s,4966
-pymisp/tools/emailobject.py,sha256=sPgVAvQFyRiONMiXYDJNibSSMWsjX1df9J3EDZ5LDEE,22680
+pymisp/tools/emailobject.py,sha256=GjOj4MJ0IQsdStkfAk0pshxBe40OGn1_g0jTftym_0o,22500
 pymisp/tools/ext_lookups.py,sha256=acRbOVQftw7XpbjDZDrrdYzDmLDU4HmhoW48Og3UfaY,1022
 pymisp/tools/fail2banobject.py,sha256=VWxK8qWVL0AqO_YZSKmsOcaEnG_5j0jOok7OfEXWfMQ,740
 pymisp/tools/feed.py,sha256=eRG1D4fnG-2hZTFFy7SYUhGVozaAMVSiJXwxHoLP5Gg,700
@@ -393,7 +395,7 @@ pymisp/tools/machoobject.py,sha256=tSyuWz6z_i-ChZ0uFVwxAh8LE2vW30L82SnoPDPuvWs,4
 pymisp/tools/microblogobject.py,sha256=8_53_6M79VhfrJzR_itZ8HnPPclQwX9j0JdI9gMB2kg,6899
 pymisp/tools/neo4j.py,sha256=3Jr2QlOTk8D-P5c1DefYDEP6IIgKNswlZA7F5FocHjU,2088
 pymisp/tools/openioc.py,sha256=TwXcbUkWNzkZavmPoVXdZpjM_GcKB9bqLrw7o3xI24E,14458
-pymisp/tools/peobject.py,sha256=9XHvk4zpWsV1YvbI7YKQUrbnGrUuR21v86PE9z1Nxtg,11819
+pymisp/tools/peobject.py,sha256=FAOiJvvYsrmUdjvGLz5Xk2QYT44XvoCx5nsCh2OAWFw,11791
 pymisp/tools/reportlab_generator.py,sha256=njt0sP-WTWywQ2ieF7Qy5h-dk5FLA0P1i_HF9qhz_4I,76994
 pymisp/tools/sbsignatureobject.py,sha256=aq5To8zcBJe7BHBRZzlqC9xG7N31Naem6yp6bGTOwrU,790
 pymisp/tools/sshauthkeyobject.py,sha256=GEByZkdR7QN3KgE4GcDw3LYS_h-DrUw5cWAy6rMvA_Y,1284
@@ -401,7 +403,7 @@ pymisp/tools/update_objects.py,sha256=sp_XshzgtRjAU0Mqg8FgRTaokjVKLImyQ02xIcPSrH
 pymisp/tools/urlobject.py,sha256=PIucy1356zaljUm1NbeKmEpHpAUK9yiK2lAugcMp2t8,2489
 pymisp/tools/vehicleobject.py,sha256=bs7f4d47IBi2-VumssSM3HlqkH0viyHTLmIHQxe8Iz8,3687
 pymisp/tools/vtreportobject.py,sha256=NsdYzgqm47dywYeW8UnWmEDeIsf07xZreD2iJzFm2wg,3217
-pymisp-2.5.12.dist-info/LICENSE,sha256=1oPSVvs96qLjbJVi3mPn0yvWs-6aoIF6BNXi6pVlFmY,1615
-pymisp-2.5.12.dist-info/METADATA,sha256=zKo_Bqx7xWbM3RvDTsXuMzEqbncOjUp0KAMHwP5yCnk,8884
-pymisp-2.5.12.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
-pymisp-2.5.12.dist-info/RECORD,,
+pymisp-2.5.17.dist-info/LICENSE,sha256=1oPSVvs96qLjbJVi3mPn0yvWs-6aoIF6BNXi6pVlFmY,1615
+pymisp-2.5.17.dist-info/METADATA,sha256=bPg_gLL2CrOxXMgV-UqPtjrw-gWl1DmmxlGrBIuo_8E,8881
+pymisp-2.5.17.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
+pymisp-2.5.17.dist-info/RECORD,,

{pymisp-2.5.12.dist-info → pymisp-2.5.17.dist-info}/LICENSE RENAMED Viewed

File without changes

{pymisp-2.5.12.dist-info → pymisp-2.5.17.dist-info}/WHEEL RENAMED Viewed

File without changes

pymisp 2.5.12__py3-none-any.whl → 2.5.17__py3-none-any.whl

Potentially problematic release.

pymisp 2.5.12py3-none-any.whl → 2.5.17py3-none-any.whl