PyPI - vysion - Versions diffs - 2.1.6__tar.gz → 2.2.0__tar.gz - Mend

vysion 2.1.6tar.gz → 2.2.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

{vysion-2.1.6 → vysion-2.2.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: vysion
-Version: 2.1.6
+Version: 2.2.0
 Summary: The official Python client library for Vysion
 Home-page: https://vysion.ai
 License: Apache-2.0
@@ -29,7 +29,7 @@ Welcome to the PyPi webpage for Vysion, our implementation as a Python library t
 You can request a demo for the web app or an API-key to use in this library at [vysion.ai](https://vysion.ai).
-Latest version: [2.1.6](https://pypi.org/project/vysion/)
+Latest version: [2.2.0](https://pypi.org/project/vysion/)
 You can visit [the documentation](https://developers.vysion.ai/?python) for more information on the searches and requests performed with the library or directly on the API.

{vysion-2.1.6 → vysion-2.2.0}/README.md RENAMED Viewed

@@ -4,7 +4,7 @@ Welcome to the PyPi webpage for Vysion, our implementation as a Python library t
 You can request a demo for the web app or an API-key to use in this library at [vysion.ai](https://vysion.ai).
-Latest version: [2.1.6](https://pypi.org/project/vysion/)
+Latest version: [2.2.0](https://pypi.org/project/vysion/)
 You can visit [the documentation](https://developers.vysion.ai/?python) for more information on the searches and requests performed with the library or directly on the API.

{vysion-2.1.6 → vysion-2.2.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "vysion"
-version = "2.1.6"
+version = "2.2.0"
 description = "The official Python client library for Vysion"
 homepage = "https://vysion.ai"
 repository = "https://github.com/ByronLabs/vysion-py"
@@ -25,18 +25,14 @@ softenum = "1.0.1"
 requests = "^2.28.1"
 pymisp = "^2.4.194"
-[tool.poetry.dev-dependencies]
-pytest = "7.1.2"
+[tool.poetry.group.dev.dependencies]
+pytest = "^8.3.2"
 python-dotenv = "0.19.2"
 flake8 = "4.0.1"
 pyflakes = "2.4.0"
 mypy = "^0.961"
 black = "^24.3.0"
-[tool.poetry.group.dev.dependencies]
 ruff = "^0.5.2"
-pytest = "^8.3.2"
 [build-system]
 requires = ["poetry-core>=1.0.0"]

{vysion-2.1.6 → vysion-2.2.0}/vysion/client/client.py RENAMED Viewed

@@ -38,6 +38,7 @@ from vysion.dto import (
     ImMessageHit,
     ImProfileHit,
     ImServerHit,
+    LeakHit,
 )
 from vysion.version import __version__ as vysion_version
@@ -414,8 +415,7 @@ class Client(BaseClient):
             page_size=page_size,
             username=username,
         )
-        print(url)
         result = VysionResponse[ImMessageHit].model_validate(self._make_request(url))
         return result.data
@@ -438,7 +438,6 @@ class Client(BaseClient):
             page=page,
             page_size=page_size,
         )
-        print(url)
         result = VysionResponse[ImProfileHit].model_validate(self._make_request(url))
         return result.data
@@ -462,7 +461,6 @@ class Client(BaseClient):
             page=page,
             page_size=page_size,
         )
-        print(url)
         result = VysionResponse[ImChannelHit].model_validate(self._make_request(url))
         return result.data
@@ -559,6 +557,246 @@ class Client(BaseClient):
         return result.data
+    #
+    # Leak search methods
+    #
+    @vysion_error_manager
+    def get_leak_by_email(
+        self,
+        email: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Search for leaks containing a specific email address.
+        :param email: Email address to search for
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects
+        """
+        url = self._build_api_url__(
+            f"leak/email/{email}",
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def get_leak_by_wallet(
+        self,
+        chain: str,
+        address: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Search for leaks containing a cryptocurrency wallet address.
+        :param chain: Blockchain (btc, eth, xmr, xrp, zec, dot, bnb, dash)
+        :param address: Wallet address
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects
+        """
+        url = self._build_api_url__(
+            f"leak/wallet/{chain}/{address}",
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def get_leak_by_ip(
+        self,
+        ip_address: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Search for leaks containing an IP address (IPv4 or IPv6).
+        :param ip_address: IP address to search for
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects
+        """
+        url = self._build_api_url__(
+            f"leak/ip/{ip_address}",
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def get_leak_by_phone(
+        self,
+        country_code: str,
+        number: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Search for leaks containing a phone number.
+        :param country_code: Country code (e.g., "1" for US, "34" for Spain)
+        :param number: Phone number without country code
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects
+        """
+        url = self._build_api_url__(
+            f"leak/phone/{country_code}/{number}",
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def get_leak_by_username(
+        self,
+        username: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Search for leaks containing a specific username.
+        :param username: Username to search for
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects
+        """
+        url = self._build_api_url__(
+            f"leak/username/{username}",
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def get_leak_by_hash(
+        self,
+        hash_value: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Search for leaks by file hash (SHA256, SHA1, or MD5).
+        Hash type is auto-detected based on length.
+        :param hash_value: File hash (32, 40, or 64 hex characters)
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects
+        """
+        url = self._build_api_url__(
+            f"leak/hash/{hash_value}",
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def search_leaks(
+        self,
+        q: str,
+        page: int = 1,
+        page_size: int = 50,
+        gte: datetime = None,
+        lte: datetime = None,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Generic search across all leak content and metadata fields.
+        :param q: Search query (minimum 3 characters)
+        :param page: Page number (default: 1)
+        :param page_size: Results per page (default: 50, max: 100)
+        :param gte: Start date filter (optional)
+        :param lte: End date filter (optional)
+        :return: VysionResponse containing LeakHit objects with highlights
+        """
+        url = self._build_api_url__(
+            "leak/search",
+            q=q,
+            page=page,
+            page_size=page_size,
+            gte=gte,
+            lte=lte,
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
+    @vysion_error_manager
+    def get_leak_by_id(
+        self,
+        leak_id: str,
+    ) -> VysionResponse[LeakHit]:
+        """
+        Retrieve a single leak document by its Elasticsearch ID.
+        Includes downloadUrl if available from linked Telegram message.
+        :param leak_id: Elasticsearch document ID
+        :return: VysionResponse containing a single LeakHit object
+        """
+        url = self._build_api_url__(
+            f"leak/{leak_id}",
+        )
+        result = VysionResponse[LeakHit].model_validate(self._make_request(url))
+        return result.data
     #
     # FEEDS
     #

{vysion-2.1.6 → vysion-2.2.0}/vysion/dto/dto.py RENAMED Viewed

@@ -478,6 +478,57 @@ class ImServerHit(BaseModel):
             raise ValueError("creationDate field cannot be empty")
         return v
+class LeakHit(BaseModel):
+    """
+    Represents a leak document from telegram-leaks-* indices.
+    Contains file metadata and detected sensitive information.
+    """
+    # Core identification
+    id: str
+    detectionDate: datetime
+    # File metadata
+    filePath: Optional[str] = Field(default_factory=lambda: None)
+    fileHash: Optional[str] = Field(default_factory=lambda: None)  # SHA256, SHA1, or MD5
+    fileSize: Optional[int] = Field(default_factory=lambda: None)
+    fileType: Optional[str] = Field(default_factory=lambda: None)
+    detectedMimeType: Optional[str] = Field(default_factory=lambda: None)
+    decompressedFilename: Optional[str] = Field(default_factory=lambda: None)
+    # Archive metadata (if leak came from archive file)
+    archiveSource: Optional[str] = Field(default_factory=lambda: None)
+    archiveMemberPath: Optional[str] = Field(default_factory=lambda: None)
+    # Telegram source metadata
+    telegram: Optional[dict] = Field(default_factory=lambda: None)  # Contains channel_id, message_id, etc.
+    # Detected sensitive information (enrichment data)
+    detectedInfo: Optional[dict] = Field(default_factory=lambda: None)
+    # detectedInfo contains: emails, usernames, phone_numbers, ipv4_addresses, ipv6_addresses,
+    # btc_wallets, eth_wallets, xmr_wallets, xrp_wallets, zec_wallets, dot_wallets, bnb_wallets, dash_wallets
+    # Language detection
+    language: Optional[str] = Field(default_factory=lambda: None)
+    languages: Optional[List[LanguagePair]] = Field(default_factory=lambda: None)
+    # Parse status
+    parseStatus: Optional[str] = Field(default_factory=lambda: None)
+    # Download URL (only present for /leak/{id} endpoint)
+    downloadUrl: Optional[str] = Field(default_factory=lambda: None)
+    # Search highlights (only present for search endpoints)
+    highlight: Optional[dict] = Field(default_factory=lambda: None)
+    model_config = ConfigDict(exclude_defaults=True)
+    @field_validator("detectionDate")
+    def validate_detectionDate(cls, v: datetime) -> datetime:
+        if not v:
+            raise ValueError("detectionDate field cannot be empty")
+        return v
 class ImFeedHit(BaseModel):
     id: str
     telegram: List[str]

{vysion-2.1.6 → vysion-2.2.0}/vysion/version.py RENAMED Viewed

@@ -15,4 +15,4 @@ See the License for the specific language governing permissions and
 limitations under the License.
 """
-__version__ = "2.1.6"
+__version__ = "2.2.0"