v0.10.9

What's Changed

• Add Summiting the Pyramid v1.0.0 tags
• Add more validator
• Some typo fix and link

Thanks to @svnscha, @frack113, @alexott

Full Changelog: v0.10.8...v0.10.9

v0.10.8

What's Changed

• Fix a bug in InvalidRelatedTypeValidator, InvalidRelatedSubfieldValid… by @Res260 in #162

Full Changelog: v0.10.7...v0.10.8

v0.10.7

What's Changed

• Add DuplicateReferencesValidator by @frack113 in #155
• Add New Tags validator by @frack113 in #157
• Fix a bug where SigmaRegularExpression.escape() was buggy when using … by @Res260 in #154
• add new validator by @frack113 in #159
• add metadata tests by @frack113 in #160
• Add Filename Validator by @frack113 in #161

Full Changelog: v0.10.6...v0.10.7

v0.10.6

What's Changed

• Added replace query post-processing transformation.
• Add Basic Wildcard Validator by @nasbench in #146
• Fix data sharing among class instances by @mostafa in #145
• feat: small updates and additions by @nasbench in #147
• Add py.typed file to package root by @wbadart in #149
• Quick fix to rule falsepositives validation in from_dict by @wbadart in #150

New Contributors

• @wbadart made their first contribution in #149

Full Changelog: v0.10.5...v0.10.6

v0.10.5

• Updated dependencies to fix certification validation security issues caused by old certifi package.
• Enforce fields value in Sigma rules is a list.

Full Changelog: v0.10.4...v0.10.5

v0.10.4

Fixed testing

v0.10.3

• Fixed deprecated escaping
• Reintroduced visibility of test backend and pipeline only with pytest present.
• Removal of _pipeline from pipeline identifiers.
• Completed postprocessing and finalizer dicts.
• Removal of backend and pipeline dicts.

Full Changelog: v0.10.2...v0.10.3

v0.10.2

Fixed pipeline test class.

v0.10.1

What's Changed

• Fix broken "finalize_query" function by @cyberphor in #140

Full Changelog: v0.10.0...v0.10.1

v0.10.0

Added

• Extended processing pipelines by query post-processing and output finalization.

⚠️ Breaking Changes ⚠️

• The order of ProcessingPipeline parameters has changed. New elements postprocessing_items and finalizers were added between items and vars.
• The order of ProcessingItem parameters has changed. The identifier is now located after rule_conditions and before detection item and field name conditions.

Please take care of these changes in own projects that initialize ProcessingPipeline or ProcessingItem objects with positional parameters. For better readability and compatibility with further breaking changes it is recommended to use keyword arguments for initialization of these classes.

What's Changed

• Detect modules automatically by @mostafa in #119
• Fix json serialization of SigmaLogSource by @DenizenB in #123
• Include custom attributes in SigmaRule.to_dict() by @DenizenB in #124
• Distinct condition state by @kelnage in #127
• Experimental pipelines by @mostafa in #130
• Add validator autodiscovery instructions in README.md by @Res260 in #117
• Linting with Black by @mostafa in #132
• Apply backend naming convention by @mostafa in #134
• Fix cidr expansion for backends that use custom wildcard char by @DenizenB in #139
• Unhandled placeholders raise SigmaPlaceholderError while conversion.

New Contributors

• @DenizenB made their first contribution in #123

Full Changelog: v0.9.11...v0.10.0