txt2stix 1.0.4__tar.gz → 1.0.6__tar.gz

{txt2stix-1.0.4 → txt2stix-1.0.6}/.github/workflows/run-tests.yml

@@ -1,15 +1,19 @@
 name: Run Tests
 
+permissions:
+  contents: read
+
 on:
   push:
     branches:
       - main
   pull_request:
-permissions:
-  contents: read
+    types:
+      - opened
+      - synchronize
 
 jobs:
-  run-tests:
+  test-pipeline:
     runs-on: ubuntu-latest
     environment: txt2stix_tests
     
@@ -24,8 +28,8 @@ jobs:
         with:
           python-version: "3.11"
     
-          
-      - name: Set .env testing purpose
+      - name: Setup environment
+        id: setup_environment
         run: |
             echo > .env
             echo "CTIBUTLER_BASE_URL=${{ secrets.CTIBUTLER_BASE_URL }}" >> .env
@@ -34,31 +38,30 @@ jobs:
             echo "VULMATCH_API_KEY=${{ secrets.VULMATCH_API_KEY }}" >> .env
             echo "TEST_AI_MODEL=${{ secrets.TEST_AI_MODEL }}" >> .env
             echo "INPUT_TOKEN_LIMIT=1000"  >> .env
-
             echo "OPENAI_API_KEY=${{ secrets.OPENAI_API_KEY}}" >> .env
             echo "ANTHROPIC_API_KEY=${{ secrets.ANTHROPIC_API_KEY}}" >> .env
             echo "GOOGLE_API_KEY=${{ secrets.GOOGLE_API_KEY}}" >> .env
             echo "OPENROUTER_API_KEY=${{ secrets.OPENROUTER_API_KEY}}" >> .env
-
             echo "BIN_LIST_API_KEY=${{ secrets.BIN_LIST_API_KEY }}" >> .env
 
-      - name: unit tests
-        id: unit-test
+      - name: Unit tests
+        id: unit_tests
         run: |
           set -a; 
           source .env;
           set +a;
           pip install -e .[tests]
-
           pytest --cov --cov-branch --cov-report=xml --junitxml=junit.xml -o junit_family=legacy
 
       - name: Upload coverage reports to Codecov
+        id: upload_unit_test_coverage
         if: ${{ !cancelled() }}
         uses: codecov/codecov-action@v5
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
 
       - name: Upload test results to Codecov
+        id: upload_unit_test_results
         if: ${{ !cancelled() }}
         uses: codecov/test-results-action@v1
         with:

{txt2stix-1.0.4 → txt2stix-1.0.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: txt2stix
-Version: 1.0.4
+Version: 1.0.6
 Summary: txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between them, convert them to STIX 2.1 objects, and output as a STIX 2.1 bundle.
 Project-URL: Homepage, https://github.com/muchdogesec/txt2stix
 Project-URL: Issues, https://github.com/muchdogesec/txt2stix/issues
@@ -111,6 +111,31 @@ cp .env.example .env
 
 To see more information about how to set the variables, and what they do, read the `.env.markdown` file.
 
+Then test your configoration
+
+```shell
+python3 txt2stix.py \
+	--check-credentials
+```
+
+It will return a response to show what API keys are working
+
+```txt
+============= Service Statuses ===============
+  ctibutler   : authorized      ✔
+  vulmatch    : authorized      ✔
+  binlist     : authorized      ✔
+
+  LLMS:
+    openai      : authorized      ✔
+    deepseek    : unsupported     –
+    gemini      : unsupported     –
+    openrouter  : unsupported     –
+    anthropic   : unsupported     –
+```
+
+Not all services need to be configured, if you have no intention of using them.
+
 ### Usage
 
 ```shell

{txt2stix-1.0.4 → txt2stix-1.0.6}/README.md

@@ -67,6 +67,31 @@ cp .env.example .env
 
 To see more information about how to set the variables, and what they do, read the `.env.markdown` file.
 
+Then test your configoration
+
+```shell
+python3 txt2stix.py \
+	--check-credentials
+```
+
+It will return a response to show what API keys are working
+
+```txt
+============= Service Statuses ===============
+  ctibutler   : authorized      ✔
+  vulmatch    : authorized      ✔
+  binlist     : authorized      ✔
+
+  LLMS:
+    openai      : authorized      ✔
+    deepseek    : unsupported     –
+    gemini      : unsupported     –
+    openrouter  : unsupported     –
+    anthropic   : unsupported     –
+```
+
+Not all services need to be configured, if you have no intention of using them.
+
 ### Usage
 
 ```shell

{txt2stix-1.0.4 → txt2stix-1.0.6}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "txt2stix"
-version = "1.0.4"
+version = "1.0.6"
 authors = [{ name = "dogesec" }]
 maintainers = [{ name = "dogesec" }]
 description = "txt2stix is a Python script that is designed to identify and extract IoCs and TTPs from text files, identify the relationships between them, convert them to STIX 2.1 objects, and output as a STIX 2.1 bundle."

{txt2stix-1.0.4 → txt2stix-1.0.6}/tests/src/test_main.py

@@ -349,3 +349,12 @@ def test_extract_relationships_with_ai():
 
     mock_ai_session.extract_relationships.side_effect = Exception
     assert extract_relationships_with_ai(mock_bundler, text, all_extracts, mock_ai_session) == None
+
+
+def test_check_credentials(monkeypatch):
+    monkeypatch.setattr(sys, 'argv', [
+        "program",
+        "--check_credentials"
+    ])
+    with pytest.raises(SystemExit):
+        parse_args()

{txt2stix-1.0.4 → txt2stix-1.0.6}/txt2stix/ai_extractor/base.py

@@ -90,3 +90,13 @@ class BaseAIExtractor():
 
     def __hash__(self):
         return hash(self.extractor_name)
+    
+    def check_credential(self):
+        try:
+            return "authorized" if self._check_credential() else "unauthorized"
+        except:
+            return "unknown"
+        
+    def _check_credential(self):
+        self.llm.complete("say 'hi'")
+        return True

txt2stix-1.0.6/txt2stix/credential_checker.py

@@ -0,0 +1,97 @@
+import argparse
+import os
+import random
+from urllib.parse import urljoin
+import requests
+from stix2extensions.tools import creditcard2stix
+from txt2stix.retriever import STIXObjectRetriever
+
+
+def check_binlist():
+    card = str(random.randrange(432101, 456789))
+    api_key = os.getenv("BIN_LIST_API_KEY", "")
+    return "authorized" if creditcard2stix.get_bin_data(card, api_key) else "unauthorized"
+
+
+def check_llms():
+    from txt2stix.txt2stix import parse_model
+
+    auth_info = dict()
+    for model_name in ["openai", "deepseek", "gemini", "openrouter", "anthropic"]:
+        try:
+            model = parse_model(model_name)
+            auth_info[model_name] = model.check_credential()
+        except argparse.ArgumentTypeError:
+            auth_info[model_name] = "unsupported"
+        except:
+            auth_info[model_name] = "unauthorized"
+    return auth_info
+
+
+def check_ctibutler_vulmatch(service):
+    retriever = STIXObjectRetriever(service)
+    path = dict(
+        ctibutler="v1/location/versions/available/",
+        vulmatch="v1/cve/objects/vulnerability--f552f6f4-39da-48dc-8717-323772c99588/",
+    )[service]
+    try:
+        resp = retriever.session.get(urljoin(retriever.api_root, path))
+        match resp.status_code:
+            case 401 | 403:
+                return "unauthorized"
+            case 200:
+                return "authorized"
+            case _:
+                return "unknown"
+    except:
+        return "offline"
+
+def check_btcscan():
+    url = "https://btcscan.org/api/blocks/tip/height"
+    try:
+        resp = requests.get(url)
+        match resp.status_code:
+            case 401 | 403:
+                return "unauthorized"
+            case 200:
+                return "authorized"
+            case _:
+                return "unknown"
+    except:
+        return "offline"
+
+def check_statuses(test_llms=False):
+    statuses = dict(
+        ctibutler=check_ctibutler_vulmatch("ctibutler"),
+        vulmatch=check_ctibutler_vulmatch("vulmatch"),
+        binlist=check_binlist(),
+        btcscan=check_btcscan(),
+    )
+    if test_llms:
+        statuses.update(llms=check_llms())
+    return statuses
+
+
+def format_statuses(status_dict):
+    def get_marker(status):
+        """Return a checkmark, cross, or dash based on status."""
+        match status.lower():
+            case "authorized":
+                return "✔"
+            case "unauthorized":
+                return "✖"
+            case "unknown" | "offline" | "unsupported":
+                return "–"
+            case _:
+                return "?"
+
+    print("============= Service Statuses ===============")
+    for key, value in status_dict.items():
+        if key == "llms" and isinstance(value, dict):
+            print(f"\n  {key.upper()}:")
+            for llm_name, llm_status in value.items():
+                marker = get_marker(llm_status)
+                print(f"    {llm_name:<12}: {llm_status:<15} {marker}")
+        else:
+            marker = get_marker(value)
+            print(f"  {key:<12}: {value:<15} {marker}")

{txt2stix-1.0.4 → txt2stix-1.0.6}/txt2stix/retriever.py

@@ -17,6 +17,10 @@ class STIXObjectRetriever:
             self.api_key = os.environ.get('VULMATCH_API_KEY')
         else:
             raise NotImplementedError("The type `%s` is not supported", host)
+        self.session = requests.Session()
+        self.session.headers.update({
+            "API-KEY":  self.api_key,
+        })
 
     def get_attack_object(self, matrix, attack_id):
         endpoint = urljoin(self.api_root, f"v1/attack-{matrix}/objects/{attack_id}/")
@@ -48,14 +52,10 @@ class STIXObjectRetriever:
         return self._retrieve_objects(urljoin(self.api_root, f"v1/{type}/objects/?alias={alias}"))
     
     def _retrieve_objects(self, endpoint, key='objects'):
-        s = requests.Session()
-        s.headers.update({
-            "API-KEY":  self.api_key,
-        })
         data = []
         page = 1
         while True:
-            resp = s.get(endpoint, params=dict(page=page, page_size=50))
+            resp = self.session.get(endpoint, params=dict(page=page, page_size=50))
             resp.raise_for_status()
             d = resp.json()
             if len(d[key]) == 0:

{txt2stix-1.0.4 → txt2stix-1.0.6}/txt2stix/txt2stix.py

@@ -13,7 +13,7 @@ import sys, os
 from pydantic import BaseModel
 
 from txt2stix.ai_extractor.utils import DescribesIncident
-from txt2stix import attack_flow
+from txt2stix import attack_flow, credential_checker
 
 
 from .utils import RELATIONSHIP_TYPES, Txt2StixData, remove_links
@@ -135,6 +135,12 @@ def parse_args():
     all_extractors = extractions.parse_extraction_config(INCLUDES_PATH)
 
     parser = argparse.ArgumentParser(description="File Conversion Tool")
+    parser.add_argument('--check_credentials', "--check-credentials", action="store_true", help="Print the validity of the credentials and exit")
+    args, _ = parser.parse_known_args()
+    if args.check_credentials:
+        statuses = credential_checker.check_statuses(test_llms=True)
+        credential_checker.format_statuses(statuses)
+        sys.exit(0)
 
     inf_arg = parser.add_argument(
         "--input_file",