stidantic 0.1.0__tar.gz → 0.2.0__tar.gz

{stidantic-0.1.0 → stidantic-0.2.0}/PKG-INFO

@@ -1,14 +1,11 @@
 Metadata-Version: 2.4
 Name: stidantic
-Version: 0.1.0
-Summary: A Pydantic-based Python library for parsing, validating, and creating STIX 2.1 cyber threat intelligence data
+Version: 0.2.0
+Summary: A Pydantic-based Python library for parsing, validating, and creating STIX 2.1 cyber threat intelligence data.
 Project-URL: Homepage, https://github.com/nicocti/stidantic
-Project-URL: Repository, https://github.com/nicocti/stidantic
-Project-URL: Issues, https://github.com/nicocti/stidantic/issues
-Project-URL: Documentation, https://github.com/nicocti/stidantic#readme
-Author-email: nicocti <your.email@example.com>
-Maintainer-email: nicocti <your.email@example.com>
-License: MIT
+Project-URL: Bug Tracker, https://github.com/nicocti/stidantic/issues
+Author-email: nicocti <nicocti@users.noreply.github.com>
+Maintainer-email: nicocti <nicocti@users.noreply.github.com>
 License-File: LICENSE
 Keywords: cti,pydantic,stix,stix2,stix2.1
 Classifier: Development Status :: 3 - Alpha
@@ -23,17 +20,24 @@ Classifier: Topic :: Security
 Classifier: Topic :: Software Development :: Libraries :: Python Modules
 Classifier: Typing :: Typed
 Requires-Python: >=3.12
+Requires-Dist: annotated-types>=0.6.0
 Requires-Dist: pydantic>=2.12
+Requires-Dist: typing-extensions>=4.14.1
+Provides-Extra: dev
+Requires-Dist: basedpyright; extra == 'dev'
+Provides-Extra: test
+Requires-Dist: deepdiff; extra == 'test'
 Description-Content-Type: text/markdown
 
 # stidantic [WIP]
 
-**This is work in progress, not compliant yet.**
+**This is work in progress, compliant but untested.**
 
 A Pydantic-based Python library for parsing, validating, and creating STIX 2.1 cyber threat intelligence data.
 
 [![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.python.org/downloads/)
 [![Pydantic v2](https://img.shields.io/badge/pydantic-v2.12+-green.svg)](https://docs.pydantic.dev/)
+[![STIX v2.1](https://img.shields.io/badge/stix-v2.1+-red.svg)](https://oasis-open.github.io/cti-documentation/stix/intro)
 
 ## Overview
 
@@ -53,7 +57,7 @@ This library leverages [Pydantic](https://docs.pydantic.dev/) to provide:
 ### Requirements
 
 - Python 3.12 or later (uses PEP 695 type statements)
-- Pydantic > 2.10
+- Pydantic >= 2.12
 
 ## Quick Start
 
@@ -80,7 +84,6 @@ from stidantic.sdo import Campaign
 from stidantic.types import Identifier
 
 campaign = Campaign(
-    id=Identifier("campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"),
     created=datetime.now(),
     modified=datetime.now(),
     name="Operation Stealth",
@@ -93,48 +96,71 @@ json_output = campaign.model_dump_json(indent=2, exclude_none=True, by_alias=Tru
 print(json_output)
 ```
 
+### Handling property extensions
+
+```python
+from stidantic.marking import MarkingDefinition
+from stidantic.extensions.pap import PAPExtensionDefinition, PAPExtension
+
+MarkingDefinition.register_new_extension(PAPExtensionDefinition, PAPExtension)
+data = {
+    "extensions": {
+        "extension-definition--f8d78575-edfd-406e-8e84-6162a8450f5b": {
+            "extension_type": "property-extension",
+            "pap": "green",
+        }
+    },
+    "created": "2022-10-01T00:00:00Z",
+    "name": "PAP:GREEN",
+}
+
+pap_green = MarkingDefinition.model_validate(data)
+if isinstance(pap_green.extensions[PAPExtensionDefinition.id], PAPExtension):
+    print("Extension was parsed & validated by Pydantic.")
+```
+
 ## Implemented STIX Objects
 
 ### STIX Domain Objects (SDOs)
 - ✅ `AttackPattern` - Ways adversaries attempt to compromise targets
 - ✅ `Campaign` - Grouping of adversarial behaviors over time
-- 🚧 `Course of Action` - Action taken to prevent or respond to an attack
-- 🚧 `Grouping` - Explicitly asserts that STIX Objects have a shared context
-- 🚧 `Identity` - Actual individuals, organizations, or groups
-- 🚧 `Incident` - A stub object representing a security incident
-- 🚧 `Indicator` - Pattern that can be used to detect suspicious or malicious activity
-- 🚧 `Infrastructure` - Systems, software services, and associated resources
-- 🚧 `Intrusion Set` - A grouped set of adversarial behaviors and resources
-- 🚧 `Location` - A geographic location
-- 🚧 `Malware` - A type of TTP that represents malicious code
-- 🚧 `Malware Analysis` - The results of a malware analysis
-- 🚧 `Note` - Analyst-created content and context
-- 🚧 `Observed Data` - Information about cyber security related entities
-- 🚧 `Opinion` - An assessment of the correctness of a STIX Object
-- 🚧 `Report` - Collections of threat intelligence
-- 🚧 `Threat Actor` - Actual individuals, groups, or organizations
-- 🚧 `Tool` - Legitimate software that can be used by threat actors
-- 🚧 `Vulnerability` - A mistake in software that can be used to compromise a system
+- ✅ `Course of Action` - Action taken to prevent or respond to an attack
+- ✅ `Grouping` - Explicitly asserts that STIX Objects have a shared context
+- ✅ `Identity` - Actual individuals, organizations, or groups
+- ✅ `Incident` - A stub object representing a security incident
+- ✅ `Indicator` - Pattern that can be used to detect suspicious or malicious activity
+- ✅ `Infrastructure` - Systems, software services, and associated resources
+- ✅ `Intrusion Set` - A grouped set of adversarial behaviors and resources
+- ✅ `Location` - A geographic location
+- ✅ `Malware` - A type of TTP that represents malicious code
+- ✅ `Malware Analysis` - The results of a malware analysis
+- ✅ `Note` - Analyst-created content and context
+- ✅ `Observed Data` - Information about cyber security related entities
+- ✅ `Opinion` - An assessment of the correctness of a STIX Object
+- ✅ `Report` - Collections of threat intelligence
+- ✅ `Threat Actor` - Actual individuals, groups, or organizations
+- ✅ `Tool` - Legitimate software that can be used by threat actors
+- ✅ `Vulnerability` - A mistake in software that can be used to compromise a system
 
 ### STIX Cyber-observable Objects (SCOs)
 - ✅ `Artifact` - Binary or file-like objects
 - ✅ `AutonomousSystem` - Autonomous System (AS) information
-- 🚧 `Directory` - A directory on a file system
-- 🚧 `Domain Name` - A network domain name
-- 🚧 `Email Address` - An email address
-- 🚧 `Email Message` - An email message
-- 🚧 `File` - A computer file
-- 🚧 `IPv4 Address` - An IPv4 address
-- 🚧 `IPv6 Address` - An IPv6 address
-- 🚧 `MAC Address` - A Media Access Control (MAC) address
-- 🚧 `Mutex` - A mutual exclusion object
-- 🚧 `Network Traffic` - A network traffic flow
-- 🚧 `Process` - A running process
-- 🚧 `Software` - A software product
-- 🚧 `URL` - A Uniform Resource Locator (URL)
-- 🚧 `User Account` - A user account on a system
-- 🚧 `Windows Registry Key` - A key in the Windows registry
-- 🚧 `X.509 Certificate` - An X.509 certificate
+- ✅ `Directory` - A directory on a file system
+- ✅ `Domain Name` - A network domain name
+- ✅ `Email Address` - An email address
+- ✅ `Email Message` - An email message
+- ✅ `File` - A computer file
+- ✅ `IPv4 Address` - An IPv4 address
+- ✅ `IPv6 Address` - An IPv6 address
+- ✅ `MAC Address` - A Media Access Control (MAC) address
+- ✅ `Mutex` - A mutual exclusion object
+- ✅ `Network Traffic` - A network traffic flow
+- ✅ `Process` - A running process
+- ✅ `Software` - A software product
+- ✅ `URL` - A Uniform Resource Locator (URL)
+- ✅ `User Account` - A user account on a system
+- ✅ `Windows Registry Key` - A key in the Windows registry
+- ✅ `X.509 Certificate` - An X.509 certificate
 
 ### STIX Relationship Objects (SROs)
 - ✅ `Relationship` - Connections between STIX objects
@@ -148,14 +174,21 @@ print(json_output)
 ### Bundle
 - ✅ `StixBundle` - Container for STIX objects
 
+### Extensions
+- ✅ `PAP` - Permissible Actions Protocol (PAP) extension from [Oasis](https://github.com/oasis-open/cti-stix-common-objects/blob/main/extension-definition-specifications/pap-marking-definition-f8d/STIX-2.1-PAP-marking-definition.adoc)
+
 ## Roadmap
 
-- **Full STIX 2.1 Compliance**
-- **Python packaging**
+- ~~**Full STIX 2.1 Compliance**~~
+- ~~**Python packaging**~~
 - **Extensive Testing**
+- ~~Mind the datetime datatype serializer to follow the specification (convert to UTC).~~
+- ~~Implement auto deterministic UUIv5 generation for STIX Identifiers.~~
+- Implement a Indicator to Observable export method (and the other way round ?).
+- Add Generics validation for Identifier properties that must be of some type.
 - Better STIX Extension Support: Develop a robust and user-friendly mechanism for defining, parsing, and validating custom STIX extensions.
 - TAXII 2.1 Server: Build a TAXII 2.1 compliant server using FastAPI.
-- OCA Standard Extensions: Implement STIX extensions from the [Open Cybersecurity Alliance (OCA)](https://github.com/opencybersecurityalliance/stix-extensions) repository.
+- OCA Standard Extensions: Implement STIX extensions from the [Open Cybersecurity Alliance (OCA)](https://github.com/opencybersecurityalliance/stix-extensions) and [stix-common-objects](https://github.com/oasis-open/cti-stix-common-objects) repositories.
 - Performance Tuning: Profile and optimize parsing and serialization.
 
 ## Resources
@@ -170,4 +203,4 @@ stidantic is released under the [MIT License](https://opensource.org/licenses/MI
 
 ## Acknowledgments
 
-This project implements the STIX 2.1 specification published by the OASIS Cyber Threat Intelligence (CTI) Technical Committee.
+This project implements the STIX 2.1 specification edited by Bret Jordan, Rich Piazza, and Trey Darley, published by the OASIS Cyber Threat Intelligence (CTI) Technical Committee.

stidantic-0.2.0/README.md

@@ -0,0 +1,175 @@
+# stidantic [WIP]
+
+**This is work in progress, compliant but untested.**
+
+A Pydantic-based Python library for parsing, validating, and creating STIX 2.1 cyber threat intelligence data.
+
+[![Python 3.12+](https://img.shields.io/badge/python-3.12+-blue.svg)](https://www.python.org/downloads/)
+[![Pydantic v2](https://img.shields.io/badge/pydantic-v2.12+-green.svg)](https://docs.pydantic.dev/)
+[![STIX v2.1](https://img.shields.io/badge/stix-v2.1+-red.svg)](https://oasis-open.github.io/cti-documentation/stix/intro)
+
+## Overview
+
+**stidantic** provides a type-safe, Pythonic way to work with [STIX 2.1](https://oasis-open.github.io/cti-documentation/stix/intro) (Structured Threat Information Expression) objects.
+
+This library leverages [Pydantic](https://docs.pydantic.dev/) to provide:
+
+- 🔒 **Strong type validation** for all STIX objects
+- 📝 **IDE auto-completion** and type hints
+- ✅ **Automatic validation** of STIX specification constraints
+- 🔄 **Easy JSON serialization/deserialization**
+- ❄️ **Immutable models** with frozen Pydantic configurations
+- 🎯 **Discriminated unions** for polymorphic STIX object handling
+
+## Installation
+
+### Requirements
+
+- Python 3.12 or later (uses PEP 695 type statements)
+- Pydantic >= 2.12
+
+## Quick Start
+
+### Parsing a STIX Bundle
+
+```python
+from stidantic.bundle import StixBundle
+
+# Load from JSON file
+with open("threat_data.json", "r") as f:
+    bundle = StixBundle.model_validate_json(f.read())
+
+# Access objects
+print(f"Bundle contains {len(bundle.objects)} objects")
+for obj in bundle.objects:
+    print(f"- {obj.type}: {obj.id}")
+```
+
+### Creating STIX Objects
+
+```python
+from datetime import datetime
+from stidantic.sdo import Campaign
+from stidantic.types import Identifier
+
+campaign = Campaign(
+    created=datetime.now(),
+    modified=datetime.now(),
+    name="Operation Stealth",
+    description="A sophisticated campaign targeting financial institutions",
+    objective="Financial gain through wire fraud"
+)
+
+# Export to JSON
+json_output = campaign.model_dump_json(indent=2, exclude_none=True, by_alias=True)
+print(json_output)
+```
+
+### Handling property extensions
+
+```python
+from stidantic.marking import MarkingDefinition
+from stidantic.extensions.pap import PAPExtensionDefinition, PAPExtension
+
+MarkingDefinition.register_new_extension(PAPExtensionDefinition, PAPExtension)
+data = {
+    "extensions": {
+        "extension-definition--f8d78575-edfd-406e-8e84-6162a8450f5b": {
+            "extension_type": "property-extension",
+            "pap": "green",
+        }
+    },
+    "created": "2022-10-01T00:00:00Z",
+    "name": "PAP:GREEN",
+}
+
+pap_green = MarkingDefinition.model_validate(data)
+if isinstance(pap_green.extensions[PAPExtensionDefinition.id], PAPExtension):
+    print("Extension was parsed & validated by Pydantic.")
+```
+
+## Implemented STIX Objects
+
+### STIX Domain Objects (SDOs)
+- ✅ `AttackPattern` - Ways adversaries attempt to compromise targets
+- ✅ `Campaign` - Grouping of adversarial behaviors over time
+- ✅ `Course of Action` - Action taken to prevent or respond to an attack
+- ✅ `Grouping` - Explicitly asserts that STIX Objects have a shared context
+- ✅ `Identity` - Actual individuals, organizations, or groups
+- ✅ `Incident` - A stub object representing a security incident
+- ✅ `Indicator` - Pattern that can be used to detect suspicious or malicious activity
+- ✅ `Infrastructure` - Systems, software services, and associated resources
+- ✅ `Intrusion Set` - A grouped set of adversarial behaviors and resources
+- ✅ `Location` - A geographic location
+- ✅ `Malware` - A type of TTP that represents malicious code
+- ✅ `Malware Analysis` - The results of a malware analysis
+- ✅ `Note` - Analyst-created content and context
+- ✅ `Observed Data` - Information about cyber security related entities
+- ✅ `Opinion` - An assessment of the correctness of a STIX Object
+- ✅ `Report` - Collections of threat intelligence
+- ✅ `Threat Actor` - Actual individuals, groups, or organizations
+- ✅ `Tool` - Legitimate software that can be used by threat actors
+- ✅ `Vulnerability` - A mistake in software that can be used to compromise a system
+
+### STIX Cyber-observable Objects (SCOs)
+- ✅ `Artifact` - Binary or file-like objects
+- ✅ `AutonomousSystem` - Autonomous System (AS) information
+- ✅ `Directory` - A directory on a file system
+- ✅ `Domain Name` - A network domain name
+- ✅ `Email Address` - An email address
+- ✅ `Email Message` - An email message
+- ✅ `File` - A computer file
+- ✅ `IPv4 Address` - An IPv4 address
+- ✅ `IPv6 Address` - An IPv6 address
+- ✅ `MAC Address` - A Media Access Control (MAC) address
+- ✅ `Mutex` - A mutual exclusion object
+- ✅ `Network Traffic` - A network traffic flow
+- ✅ `Process` - A running process
+- ✅ `Software` - A software product
+- ✅ `URL` - A Uniform Resource Locator (URL)
+- ✅ `User Account` - A user account on a system
+- ✅ `Windows Registry Key` - A key in the Windows registry
+- ✅ `X.509 Certificate` - An X.509 certificate
+
+### STIX Relationship Objects (SROs)
+- ✅ `Relationship` - Connections between STIX objects
+- ✅ `Sighting` - Observations of threat intelligence in the wild
+
+### Meta Objects
+- ✅ `MarkingDefinition` - Data markings (includes TLP)
+- ✅ `LanguageContent` - Translations and internationalization
+- ✅ `ExtensionDefinition` - Custom STIX extensions
+
+### Bundle
+- ✅ `StixBundle` - Container for STIX objects
+
+### Extensions
+- ✅ `PAP` - Permissible Actions Protocol (PAP) extension from [Oasis](https://github.com/oasis-open/cti-stix-common-objects/blob/main/extension-definition-specifications/pap-marking-definition-f8d/STIX-2.1-PAP-marking-definition.adoc)
+
+## Roadmap
+
+- ~~**Full STIX 2.1 Compliance**~~
+- ~~**Python packaging**~~
+- **Extensive Testing**
+- ~~Mind the datetime datatype serializer to follow the specification (convert to UTC).~~
+- ~~Implement auto deterministic UUIv5 generation for STIX Identifiers.~~
+- Implement a Indicator to Observable export method (and the other way round ?).
+- Add Generics validation for Identifier properties that must be of some type.
+- Better STIX Extension Support: Develop a robust and user-friendly mechanism for defining, parsing, and validating custom STIX extensions.
+- TAXII 2.1 Server: Build a TAXII 2.1 compliant server using FastAPI.
+- OCA Standard Extensions: Implement STIX extensions from the [Open Cybersecurity Alliance (OCA)](https://github.com/opencybersecurityalliance/stix-extensions) and [stix-common-objects](https://github.com/oasis-open/cti-stix-common-objects) repositories.
+- Performance Tuning: Profile and optimize parsing and serialization.
+
+## Resources
+
+- [STIX 2.1 Specification](https://docs.oasis-open.org/cti/stix/v2.1/stix-v2.1.html)
+- [STIX 2.1 Introduction](https://oasis-open.github.io/cti-documentation/stix/intro)
+- [Pydantic Documentation](https://docs.pydantic.dev/)
+
+## License
+
+stidantic is released under the [MIT License](https://opensource.org/licenses/MIT).
+
+## Acknowledgments
+
+This project implements the STIX 2.1 specification edited by Bret Jordan, Rich Piazza, and Trey Darley, published by the OASIS Cyber Threat Intelligence (CTI) Technical Committee.

stidantic-0.2.0/pyproject.toml

@@ -0,0 +1,208 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+dynamic = ["version"]
+name = "stidantic"
+authors = [
+  { name="nicocti", email="nicocti@users.noreply.github.com" },
+]
+maintainers = [
+  { name="nicocti", email="nicocti@users.noreply.github.com" },
+]
+description = "A Pydantic-based Python library for parsing, validating, and creating STIX 2.1 cyber threat intelligence data."
+readme = "README.md"
+requires-python = ">=3.12"
+dependencies = [
+    "pydantic>=2.12",
+    "annotated-types>=0.6.0",
+    "typing-extensions>=4.14.1",
+]
+keywords = [
+    "stix",
+    "stix2",
+    "stix2.1",
+    "cti",
+    "pydantic",
+]
+classifiers = [
+    "Development Status :: 3 - Alpha",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Typing :: Typed",
+    "Operating System :: OS Independent",
+    "License :: OSI Approved :: MIT License",
+    "Intended Audience :: Developers",
+    "Intended Audience :: Information Technology",
+    "Topic :: Security",
+    "Topic :: Software Development :: Libraries :: Python Modules",
+]
+licence = "MIT"
+license-files = ["LICENSE"]
+
+[project.optional-dependencies]
+dev = ["basedpyright"]
+test = ["deepdiff"]
+
+[project.urls]
+"Homepage" = "https://github.com/nicocti/stidantic"
+"Bug Tracker" = "https://github.com/nicocti/stidantic/issues"
+
+[tool.hatch.build.targets.wheel]
+packages = ["stidantic"]
+
+[tool.hatch.version]
+path = "VERSION"
+pattern = "(?P<version>[^']+)"
+
+[tool.hatch.build.targets.sdist]
+include = [
+    "/stidantic",
+    "/README.md",
+    "/LICENSE",
+]
+
+[tool.pyright]
+strict = ["stidantic/"]
+
+[tool.ruff]
+line-length = 120
+indent-width = 4
+
+[tool.ruff.format]
+docstring-code-format = true
+indent-style = "space"
+line-ending = "lf"
+quote-style = "double"
+
+
+[tool.ruff.lint]
+ignore = [
+    "TRY003",  # Avoid specifying long messages outside the exception class
+    "RUF003",  # ambiguous-unicode-character-comment
+    "RUF012",  # mutable-class-default
+]
+select = [
+    # Pylint
+    "PLE", "PLW", "PLR", "PLC",
+    # pycodestyle
+    "E", "W",
+    # isort
+    "I",
+    # Pyflakes
+    "F",
+    # flake8-bugbear
+    "B",
+    # flake8-bandit
+    "S",
+    # pyupgrade
+    "UP",
+    # flake8-simplify
+    "SIM",
+    # flake8-annotations
+    "ANN",
+    # flake8-async
+    "ASYNC",
+    # flake8-blind-except
+    "BLE",
+    # flake8-boolean-trap
+    "FBT",
+    # flake8-builtins
+    "A",
+    # flake8-comprehensions
+    "C4",
+    # flake8-datetimez
+    "DTZ",
+    # flake8-debugger
+    "T10",
+    # flake8-gettext
+    "INT",
+    # flake8-implicit-str-concat
+    "ISC",
+    # flake8-logging
+    "LOG",
+    # flake8-logging-format
+    "G",
+    # flake8-no-pep420
+    "INP",
+    # flake8-pie
+    "PIE",
+    # flake8-print
+    "T20",
+    # flake8-quotes
+    "Q",
+    # flake8-raise
+    "RSE",
+    # flake8-return
+    "RET",
+    # flake8-self
+    "SLF",
+    # flake8-slots
+    "SLOT",
+    # flake8-tidy-imports
+    "TID",
+    # flake8-type-checking
+    "TC",
+    # flake8-unused-arguments
+    "ARG",
+    # flake8-use-pathlib
+    "PTH",
+    # flynt
+    "FLY",
+    # pep8-naming
+    "N",
+    # Perflint
+    "PERF",
+    # Pyflakes
+    "F",
+    # pygrep-hooks
+    "PGH",
+    # refurb
+    "FURB",
+    # Ruff-specific rules
+    "RUF",
+    # tryceratops
+    "TRY",
+    # eradicate
+    "ERA",
+    # pydoclint
+    # "DOC",
+    # pydocstyle
+    # "D",
+    # airflow
+    # "AIR",
+    # fastapi
+    # "FAST",
+    # flake8-2020
+    # "YTT",
+    # flake8-commas
+    # "COM",
+    # flake8-copyright
+    # "CPY",
+    # flake8-django
+    # "DJ",
+    # flake8-errmsg
+    # "EM",
+    # flake8-executable
+    # "EXE",
+    # flake8-fixme
+    # "FIX",
+    # flake8-future-annotations
+    # "FA",
+    # flake8-import-conventions
+    # "ICN",
+    # flake8-pyi
+    # "PYI",
+    # flake8-pytest-style
+    # "PT",
+    # flake8-todos
+    # "TD",
+    # mccabe
+    # "C90",
+    # NumPy-specific rules
+    # "NPY",
+    # pandas-vet
+    # "PD",
+]

{stidantic-0.1.0 → stidantic-0.2.0}/stidantic/bundle.py

@@ -1,12 +1,14 @@
 from typing import Annotated
+
 from pydantic import Field
-from stidantic.types import StixCore, Identifier, StixCommon
-from stidantic.sdo import SDOs
-from stidantic.sco import SCOs
-from stidantic.sro import SROs
+
+from stidantic.extension import ExtensionDefinition
 from stidantic.language import LanguageContent
 from stidantic.marking import MarkingDefinition
-from stidantic.extension import ExtensionDefinition
+from stidantic.sco import SCOs
+from stidantic.sdo import SDOs
+from stidantic.sro import SROs
+from stidantic.types import Identifier, StixCommon, StixCore
 
 
 # 8. Stix Bundle
@@ -15,14 +17,7 @@ class StixBundle(StixCore):
     type: str = "bundle"
     objects: list[
         Annotated[
-            (
-                SROs
-                | SDOs
-                | SCOs
-                | MarkingDefinition
-                | LanguageContent
-                | ExtensionDefinition
-            ),
+            (SROs | SDOs | SCOs | MarkingDefinition | LanguageContent | ExtensionDefinition),
             Field(discriminator="type"),
         ]
         | StixCommon

{stidantic-0.1.0 → stidantic-0.2.0}/stidantic/extension.py

@@ -1,7 +1,9 @@
-from typing import Literal, Annotated, Self
+from typing import Annotated, Literal, Self
+
 from pydantic import Field
 from pydantic.functional_validators import model_validator
-from stidantic.types import StixExtension, ExtensionType, StixProp
+
+from stidantic.types import ExtensionType, StixExtension, StixProp
 
 
 # 7.3 Extension Definition
@@ -106,8 +108,7 @@ class ExtensionDefinition(StixExtension):
         top-level of an existing object.
         """
         if (
-            self.extension_properties
-            and ExtensionType.toplevel_property_extension not in self.extension_types
+            self.extension_properties and ExtensionType.toplevel_property_extension.value not in self.extension_types  # pyright: ignore[reportUnnecessaryContains] because of use_enum_value=True
         ):
             raise ValueError(
                 "extension_types property can't be used without toplevel-property-extension in extension_types."