From 0e1c7b41e9c84500ce3b3c22dbec7cea700ae511 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89milio=20Gonzalez?= Date: Fri, 12 Jan 2024 19:41:08 -0500 Subject: [PATCH 1/3] Fix typos and type hints in SigmaCollection --- sigma/collection.py | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/sigma/collection.py b/sigma/collection.py index aac5ab13..6bd3ee4a 100644 --- a/sigma/collection.py +++ b/sigma/collection.py @@ -1,27 +1,28 @@ from dataclasses import dataclass, field -from typing import Callable, Dict, Iterable, List, Optional, Union, IO from pathlib import Path +from typing import Callable, Dict, Iterable, List, Optional, Union, IO from uuid import UUID -from sigma.correlations import SigmaCorrelationRule -from sigma.rule import SigmaRule, SigmaRuleBase +import yaml + +from sigma.correlations import SigmaCorrelationRule from sigma.exceptions import ( SigmaCollectionError, SigmaError, SigmaRuleLocation, SigmaRuleNotFoundError, ) -import yaml +from sigma.rule import SigmaRule, SigmaRuleBase @dataclass class SigmaCollection: """Collection of Sigma rules""" - rules: List[SigmaRule] + rules: List[SigmaRuleBase] errors: List[SigmaError] = field(default_factory=list) - ids_to_rules: Dict[UUID, SigmaRule] = field(init=False, repr=False, hash=False, compare=False) - names_to_rules: Dict[str, SigmaRule] = field(init=False, repr=False, hash=False, compare=False) + ids_to_rules: Dict[UUID, SigmaRuleBase] = field(init=False, repr=False, hash=False, compare=False) + names_to_rules: Dict[str, SigmaRuleBase] = field(init=False, repr=False, hash=False, compare=False) def __post_init__(self): """ @@ -160,7 +161,7 @@ def load_ruleset( :param inputs: List of strings and :class:`pathlib.Path` objects that reference files or directories that should be loaded. - :param collect_errors: parse or verification errors are collected in :class:`SigmaRule` + :param collect_errors: parse or verification errors are collected in :class:`SigmaRuleBase` objects instead of raising them immediately. Defaults to ``False``. :param on_beforeload: Optional function that is called for each path to a Sigma rule before the parsing and construction of the :class:`SigmaCollection` object is done. The path returned by this function is @@ -212,7 +213,7 @@ def get_output_rules(self) -> Iterable[SigmaRuleBase]: """Returns an iterator across all rules where the output property is set to true""" return (rule for rule in self.rules if rule._output) - def get_unrefereced_rules(self) -> Iterable[SigmaRuleBase]: + def get_unreferenced_rules(self) -> Iterable[SigmaRuleBase]: """Returns an iterator across all rules that are not referenced by any other rule""" return (rule for rule in self.rules if not rule._backreferences) From b77fedb84708a7048328e8178065aa4a57b0c236 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89milio=20Gonzalez?= Date: Fri, 12 Jan 2024 19:46:09 -0500 Subject: [PATCH 2/3] reformat --- sigma/collection.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/sigma/collection.py b/sigma/collection.py index 6bd3ee4a..827c389e 100644 --- a/sigma/collection.py +++ b/sigma/collection.py @@ -21,8 +21,12 @@ class SigmaCollection: rules: List[SigmaRuleBase] errors: List[SigmaError] = field(default_factory=list) - ids_to_rules: Dict[UUID, SigmaRuleBase] = field(init=False, repr=False, hash=False, compare=False) - names_to_rules: Dict[str, SigmaRuleBase] = field(init=False, repr=False, hash=False, compare=False) + ids_to_rules: Dict[UUID, SigmaRuleBase] = field( + init=False, repr=False, hash=False, compare=False + ) + names_to_rules: Dict[str, SigmaRuleBase] = field( + init=False, repr=False, hash=False, compare=False + ) def __post_init__(self): """ From ea0104153b69133dbc3a802eb534834148a296d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=89milio=20Gonzalez?= Date: Fri, 12 Jan 2024 19:48:09 -0500 Subject: [PATCH 3/3] fix test --- tests/test_collection.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/tests/test_collection.py b/tests/test_collection.py index e486b984..e2da1d1d 100644 --- a/tests/test_collection.py +++ b/tests/test_collection.py @@ -1,6 +1,8 @@ from pathlib import Path from uuid import UUID + import pytest + from sigma.collection import SigmaCollection, deep_dict_update from sigma.correlations import ( SigmaCorrelationCondition, @@ -10,8 +12,6 @@ SigmaCorrelationType, SigmaRuleReference, ) -from sigma.rule import SigmaRule, SigmaLogSource -from sigma.types import SigmaString from sigma.exceptions import ( SigmaCollectionError, SigmaModifierError, @@ -19,6 +19,7 @@ SigmaError, SigmaRuleNotFoundError, ) +from sigma.rule import SigmaRule, SigmaLogSource def test_single_rule(): @@ -384,7 +385,7 @@ def test_get_output_rules(rules_with_correlation): def test_get_unreferenced_rules(rules_with_correlation): - output_rules = list(rules_with_correlation.get_unrefereced_rules()) + output_rules = list(rules_with_correlation.get_unreferenced_rules()) assert len(output_rules) == 1 assert isinstance(output_rules[0], SigmaCorrelationRule)