Misp-stix

Add
- [stix2 import] New argument to force the conversion of a STIX 2.x SDO as Galaxy Cluster

Chg
- [readme] Updated package information, CLI description & updated active period information
- [poetry] Bumped lock file with latest versions
- [poetry, package] Bumped package version
- [CLI] In long argument names, replaced underscores with dashes

Fix
- [CLI] Fixed confusion between `single_output` and `single_event` arguments


<a name="2025.01.07"></a>

Chg
- [poetry, package] New tag version
- [poetry] Bumped lock file with latest versions
- [poetry, package] Updated versions

Fix
- [CLI] Fixed argument confusion between the import & export command line feature


<a name="2024.12.20"></a>

Add
- [stix2 import] Adding to the Event the information on the producer using the `producer` galaxy
- [stix2 import] Adding to the Event the information on the producer using the `producer` galaxy
- [tests] Tests for Analyst Data import from STIX 2.x content generated from MISP
- [tests] Better report/grouping references handling in STIX2 Bundle samples
- [tests] Tests for Event Report import
- [tests] Testing the Note & Opinion objects type for Analyst Data exported to STIX 2.x
- [stix2 export] Added labels to Notes and Opinions objects converted from Analyst Data or Event Report
- [tests] Added tests for Analyst Data export to STIX 2.0
- [tests] Added tests for Event Report export to STIX 2.0
- [tests] Added tests with Analyst Data attached to a MISP object
- [misp_stix_converter] Making available the method to check the origin of STIX 1 files
- [stix1 import] STIX 1 to MISP automation methods added
- [tests] Tests for STIX 2.x Bundle import with specific producer or title set by user
- [misp_stix_converter] Added `title` argument to prefix Event info field with some title
- [readme] Added instructions on the producer argument
- [misp_stix_converter, stix2 import] Added `producer` argument to add in the Events converted from STIX 2.x the name of the producer
- [misp_stix_converter] Extended the command line feature to allow to push Events on MISP from the conversion of STIX 2.x Bundles
- [tests] Tests for Analyst Data export to STIX 2.1

Chg
- [poetry] Bumped lock file
- [stix2 import] Converting report or grouping description as MISP Event Report
- [stix2 import] Adding Analyst Data to Attributes, Objects and Event
- [stix2 import] Improved the Note & Opinion objects parsing
- [tests] Updated samples & tests for analyst data export with content exported to Observed Data
- [stix2 export] Making Analyst Data export to STIX 2.0 available
- [stix2 export] Exporting Event Reports also to STIX 2.0
- [stix2 import] More specific name for the method to check is a STIX 2.x file was generated from MISP
- [stix2 import] Better error and warning messages handling
- [poetry] Bumped lock file with latest versions
- [stix2 import] Defining a separate abstract class for methods related to external STIX only
- [stix2 import] Excluding the producer from the event info title
- [stix2 import] Better handling of the STIX2 Parser class arguments
- [stix2 import] Added separation in the generic Event info field, between the title and information on the producer
- [stix2 import] Adding producer - when provided - to the generic info field
- [misp_stix_converter] Getting the current user organisation uuid to use it for the Custom Clusters creation
- [readme] Updated instruction for the command line feature
- [stix2 export] Converting Analyst Notes and Opinions to STIX 2.1 Note & Opinion objects

Fix
- [poetry] Updated lock file with missing dependencies
- [poetry] Trying to fix `setuptools` dependency on Python 3.12 & 13
- [github actions] Updated Github actions setup
- [stix2 import] Trying to fix Python 3.9
- [poetry] Trying to fix missing setuptools dependency
- [poetry] Bumped latest PyMISP version
- [poetry] Bumped latest lock file with the right python versions and some library updates
- [github] Updated Python versions
- [poetry] Updated Python versions
- [stix2 import] Removed duplicated property method already present in a parent class
- [stix2 import] Quick clean-up
- [poetry] Bumped lock file
- [stix2 import] Utilising the set of creator id references to skip parsing identity objects that are mentioned is STIX objects with the `created_by_ref` field
- [stix2 import] Avoiding issues with event tags variable when we are parsing STIX documents with no report or grouping
- [stix2 import] Avoiding KeyError exceptions while parsing standalone STIX 2.1 observable objects
- [stix2 import] Better parsing for observables referenced in malwares objects
- [stix2 import] Fixed missing method name
- [stix2 import] Utilising the set of creator id references to skip parsing identity objects that are mentioned is STIX objects with the `created_by_ref` field
- [stix2 import] Avoiding issues with event tags variable when we are parsing STIX documents with no report or grouping
- [stix2 import] Avoiding KeyError exceptions while parsing standalone STIX 2.1 observable objects
- [stix2 import] Better parsing for observables referenced in malwares objects
- [stix2 import] Fixed missing method name
- [tests] Fixed `created_by_ref` identity id
- [stix2 import] Avoiding issues while attaching Data Analyst to the different MISP data layers
- [stix2 import] Better Analyst Data information loading and parsing
- [stix2 import] Properly importing Analyst Notes and Opinions attached to Event Reports
- [stix2 import] Added missing opinion value for Analyst Opinion imported from STIX 2.1 generated from MISP
- [tests] Updated tests for STIX 2 External content conversion to MISP
- [stix2 import] Simplifying some typings, avoiding missing variable
- [stix2 import] Variable name fixed
- [stix2 import] Converting Event Reports from STIX 2.0 Custom `x-misp-event-report` objects and STIX 2.1 Note objects
- [stix2 import] Added missing Event Report import feature
- [stix2 import] Removed unused import
- [stix2 import] Simplification of the converters declaration
- [stix2 import] Fixed Analyst Data `authors` fields that is a string in MISP
- [stix2 import] Fixed call to warning handling which taking place in the main parser and not in the converters
- [stix2 import] Removed duplicated property for MISP Event
- [stix2 import] Fixed a quick issue coming from the last conflicts resolving
- [stix1 import] Making python 3.8 & 3.9 happy with typings
- [tests] Quick fix on the tests for event report export as STIX 2.0
- [stix2 import] Added missing import
- [tests] Cleaned up tests for analyst data export
- [stix2 export] Fixed Note and Opinion objects arguments
- [stix2 export] Adding Note and Opinion IDs used at Event level to the `object_refs` list of references within the Report or Grouping object
- [stix2 export] Parsing analyst data related to Observed Data objects & added a few missing typings
- [tests] Avoiding issues with test samples being altered
- [stix2 export] Fixed Event Report references fetching
- [stix2 export] Making the methods related to event reports part of the parent STIX 2 export class
- [tests] Added fallback test to avoid issues with datetime values
- [stix2 export] Removed non existing `comment` field in Analyst Note
- [stix2 import] Added typing in external mapping and made different variable checks easier
- [stix2 export] Better Analyst Note & Opinion conversion
- [stix1 import] Fixing the email object handling and a few other clean-up changes
- [stix2 import] Fixed `synonyms_mapping` call
- [stix2 import] Fixed `synonyms_mapping` call
- [stix2 import] Removed unused part of the datetime to timestamp conversion method
- [stix2 import] Fixed test on indicator version
- [stix2 import] Code monkey typo fixed
- [stix2 import] Making the MISP_org_uuid available while putting its declaration at the right place
- [poetry] Bumped fixed version
- [stix2 import] Fixed the method to directly load and parse STIX Bundle giving a filename
- [stix2 import] Fixed the method to directly load and parse STIX Bundle giving a filename
- [misp_stix_converter] Fixed some argparse help values
- [tests] Fixed tests for STIX 2.x Bundles imported as MISP Events where producer and info values are set by user
- [stix2 import] Fixed generic info field to use the title set by users
- [stix2 export] Avoiding issues with Note objects referencing Custom objects
- [stix2 import] Avoiding issue with `getattr` which isn't able to check whether a `__` prefixed variable exists or not
- [misp_stix_converter] Handling cases where url or authentication key is not provided to connect to MISP
- [stix2 import] Added missing `producer` argument
- [misp_stix_converter] Updated command-line import arguments
- [stix2 import] Added bundle id to the generic Event info field used when there is no Report or Grouping to parse
- [misp_stix_converter] Quick fixes on the command-line feature
- [misp_stix_converter] Providing default value to the version and distribution arguments with the command line feature
- [stix2 import] Checking if internal STIX 2.1 `Note` object has labels
- [stix2 import] Avoiding issues with the Event tags variable
- [exportparser] Fixed variable name typo
- [stix2 export] Converting the `created` & `modified` values to datetime objects required within the STIX objects
- [stix2 export] Converting the `created` and `modified` fields of analyst notes and opinions
- [stix2 export] Some clean-up

Wip
- [stix1 import] First version of a STIX 1 import feature porting from the MISP core code base
- [stix2 import] Making the Note objects Converter an internal converter

Pull Requests
- Merge pull request [67](https://github.com/MISP/misp-stix/issues/67) from castaples/remove-keyerror

Contributions
* Remove KeyError bug by castaples in https://github.com/MISP/misp-stix/pull/67

New Contributors
* castaples made their first contribution in https://github.com/MISP/misp-stix/pull/67

**Full Changelog**: https://github.com/MISP/misp-stix/compare/v2.4.196...2025.01.09