Stix

2014-12-22
- 194, 220, 230 Standardized character encodings.
- 29 Consolidated common binding code.
- 96 Adding python-maec integration for MAEC Malware extension.
- 150 `STIXPackage.from_xml()` method accepts lxml etree object.
- 227 Fixed `to_obj()` in `TestMechanism` implementations

2014-10-15
- 10 Partial fix. Improved CDATA handling in bindings and API classes.
Added stix.utils.cdata() and stix.utils.strip_cdata() methods.
- 29 Moved duplicated binding code to stix.bindings module
- 163 Performance enhancements in to_xml() serialization
- 148 202 210 214 Fixed several issues with extensions.
- 171 Indicator negate attribute not exported unless set
- 173 Versions on core constructs are only output if set by user.
- 174 Non-core constructs no longer get auto-assigned IDs.
- 184 Added `include_schemalocs` parameter to to_xml() for optional
schemalocation output
- 199 Improvements to data marking __init__ methods (thanks benjamin9999!)
- 201 Added short_description property to stix.core.STIXHeader class
- 202 Fixed TOU marking schemalocation
- 209 Removed Python warning that is raised when trying to resolve
schemalocation for id namespace.
- 215 Fixed typos in Incident class (thanks DavidWatersHub!)
- Added more docs to stix.readthedocs.org

2014-08-12
- 133 Changed stix.core.ttps.TTPs to be iterable
- 139 Bug/typo fixes with confidence field on stix.indicator.Indicator
- 145 Updates to VocabString for support of non-default CVs
- 155 Added walk() and find() methods to stix.Entity class
- 154 143 Added YaraTestMechanism and GenericTestMechanism extensions
- 157 Implemented handling on TTP
- Made stix.Entity.from_json() a classmethod
- Added more coverage to STIX constructs

2014-05-09
- 132 Support for STIX v1.1.1
- Updated all schemalocations to reference new STIX v1.1.1 schemas
- Changed Confidence.source to be of type InformationSource
- Changed Statement.source to be of type InformationSource
- Changed Sighting.source to be of type InformationSource
- Updated AvailabilityLossType CV to align with STIX v1.1.1

2014-05-06
- Fixed issues with parsing Related Observables within an Incident
- Adjusted names of data marking properties to align with list naming conventions

2014-05-05
- Controlled Vocabulary (stix.common.vocabs.VocabString) overhaul
- All default STIX CV's have a corresponding VocabString derivation in stix.common.vocabs
- Each VocabString implementation performs input validation
- Each VocabString has static TERM_FOO values for each vocabulary term
- CV fields can now accept user-defined VocabString implementations
- Accepted Ubuntu installation documentation from mgoldsborough, thanks!
- Pluralized list fields where the naming makes sense
- Adjusted many CV fields to promote plain strings to default CV type in property setter
- Added exploit_targets, kill_chains to TTP
- Added status to Campaign
- Added motivations and identity to ThreatActor
- Added kill_chain_phases, related_indicators to Indicator
- Added FreeTextLine, ContactNumber to CIQ Identity extension
- Added discovery_methods, security_compromise, information_source, related_incidents, coa_taken to Incident
- Added profiles to STIXHeader
- Initial cut at Sphinx documentation