Stix

2014-02-31
- Added COAs, Exploit Targets, Campaigns, and Related Packages to STIXPackage class
- Updated behavior of id, idref, and timestamp on core STIX constructs to align with best practices
- Added MAEC malware extension
- Improved Identity extension mechanism
- Added Sightings to Indicator
- Updates to OpenIOC test mechanism extension
- Extensions now record input schemalocations on parse
- Added Alternative_ID support to Indicator
- Added support for Composite Indicator Expressions
- Added Handling support to Indicator
- Added several fields to COA and Exploit Target
- Bug fixes

2014-02-24
- Added TTP structure (stix.ttp.TTP)
- Added COA structure (stix.coa.CourseOfAction)
- Added Campaign structure (stix.campaign.Campaign)
- Added Exploit Target structure (stix.exploit_target.ExploitTarget)
- Fixed bugs in CIQ extension classes
- Fixed bugs in namespace/schemalocation generation code
- Added *experimental* from_json() to base Entity class
- Added EntityList class for managing lists of STIX constructs in a more-pythonic manner
- Refactor of GenericRelationship and GenericRelationshipList classes
- Refactor of imports to reduce the amount of in-line, function scoped imports
- Added initial support for Snort Test Mechanism extension (stix.extensions.test_mechanism.snort_test_mechanism.SnortTestMechanism)
- Added initial support for OpenIOC 2010 Test Mechanism (stix.extensions.test_mechanism.openioc_2010_test_mechanism.OpenIOCTestMechanism)
- Updates to Indicator and Incident classes

2014-02-25
- Fixed bug where exception would be thrown if parsing defaults were unset
- Added ETCompatXMLParser support to fix parsing bugs when XML comments were encountered
- Addded huge_tree support to EntityParser

2014-02-22
- Added fields to Incident class
- Added test for CIQ Identity extension
- Fixed several CIQ Identity extension bugs
- Improved namespace parser performance
- Updated Incident test
- Added initial code for better support of non-standard id namespaces in input documents

2014-02-20
- Compatible with STIX v1.1
- Refactored Data Marking code
- Added support for TLP Marking, Simple Marking, and Terms of Use Marking
- Added Handling support to STIXPackage
- Removed more unneeded code from bindings
- Added support for concrete ControlledVocabularyStringType instances
- Added initial implementation of Incident class
- Added initial implementation of Threat Actor class
- Fixed interface issues between python-stix and python-cybox
- Added tests for InformationSource, Confidence, Statement, and Data Marking tests
- Added GenericRelationship class
- Added EntityParser class which performs version and root element conformance checks prior to full parse
- Added support for DateTimeWithPrecision
- Added RelatedIndicator class
- Added support for Incident list in STIXPackage
- Various bugfixes

2014-02-12
- Added more support for STIX v1.0.1
- Added updated bindings for STIX v1.0.1
- Updated extension bindings to leverage new STIX extension types and namespaces
- Fixed bug in setup.py that caused invalid versions of python-cybox to be installed via pip
- Accepted initial implementation of Data Markings pull request (thanks zeroq!)
- Accepted bugfix pull requests (thanks bgro!)
- Major refactor to namespace parsing and generation code
- Cleaned unused code from bindings
- Refactored stix.utility module into package with idgen, nsparser modules