- Drop EOL Python 3.6 and 3.7 support
- Add Python 3.11 support
- Remove mypy_extensions dependency
- Add public write support.
- Implement raise_unauthorized for taxii2, this was missing and lead to 500 errors.
- Allow custom properties. This can be disabled by config option
allow_custom_properties
- Nest details inside taxii2 job and allow counts without details
- Nest taxii2 endpoints under /taxii2/
- Add public_discovery option to taxii2 config
- Add support for publicly readable taxii 2 api roots
- Add support for publicly readable taxii 2 collections
- Move next_param handling into OpenTAXII2PersistenceAPI
- Implement taxii2.1 support
- Merge changes from 0.2.4 maintenance release
- Merge changes from 0.2.3 maintenance release
- Add python 3.10 support
- Enablement for future taxii2 implementation
- Fix documentation build issues
- Make sure werkzeug <2.1 and >=2.1 work correctly with auth system
- Fix bug in multithreaded use of sqlite (#210 thanks @rohits144 for the report)
- Fix readthedocs build
- Add tests for python 3.6, 3.7, 3.8, 3.9, pypy
- Add tests for sqlite, mysql, mariadb, postgresql
- Fix bug that broke
delete_content_blocks
when using mysql on sqlalchemy 1.3 - Docs: Add db schema diagram
- Docs: Clarify how to get default data in a default (development) docker instance
- Fix implicit routing in TAXII 1.1 Inboxes
- Update jwt usage to pyjwt >= 2.0 (thanks @SanyaKapoor)
- Enforce UTC usage in datetime fields in SQL DB Persistence API.
- Fix for #114: reintroduce
opentaxii-create-account
CLI command. - Fix for #153: check if user can modify a collection before advertising it over inbox service.
- Multiple coding style fixes.
- Various documentation updates.
- Remove unnecessary print statements.
- Make JSON logging consistent when the application is run via Gunicorn.
- Set
acceptable_destination
key in status details instead of extended headers - Allow passing
engine_parameters
toSQLDatabaseAPI
for those who want to customize SQLAlchemy engine parameters. - Require recent version of
lxml
for security reasons. - Various test and Docker infrastructure improvements.
- Replace separate service/collection/account creation process with single
opentaxii-sync-data
CLI command. - Persistence and Auth APIs extended with missing CRUD methods, that are used by
opentaxii-sync-data
. - Read/modify collection level ACL added.
- DB models for default implementation of Persistence API and Auth API were changed. No automatic migration code is provided (sorry!), so upgrading might require manual DB migration.
- Drop python2.7 from testing scope.
- Various bug fixes and improvements.
- libtaxii dependency upgraded to 1.1.111.
- Various bug fixes and improvements (thanks to @bjigmp, @chorsley, @rjprins).
- Ability to enable/disable "huge trees" support in XML parser. Configuration property
xml_parser_supports_huge_tree
set toyes
ortrue
will disable security restrictions and force XML parser to support very deep trees and very long text content. - Adjust SQL Persistence API implemetation so it works smoothly with MySQL backend.
- Use Python 3.5 instead of Python 3.4 for tests.
- Minor fixes.
- Dependencies were changed from hard-pinned to more flexible.
- Example of production DB configuration added to docs.
- Python 3.4 compatibility of the codebase. Tox configuration extended with python 3.4 environment run.
- Flake8 full style compatibility. Flake8 check added to Tox configuration.
- SQLAlchemy session scope issue fixed (related to #38).
- opentaxii-delete-blocks CLI command added (related to #45).
- delete_content_blocks method added to Persistence API.
- Collection's name is required to be unique in default SQL DB Auth API implementation.
- Fix for the issue with persistence backend returning
None
instead ofInboxMessage
object
- Hard-coded dependencies in
setup.py
removed.
- Versions of dependencies are pinned.
- Code adjusted for a new version of anyconfig API.
- Test for configuration loading added.
- Docker configuration added.
- Health check endpoint added.
- Basic authentication support added.
- Temporary workaround for Issue #191.
- Method
get_domain
in Persistence API returns domain value configured forservice_id
. If nothing returned, value set in configuration file will be used. - Performance optimisations.
- Bug fixes and style improvements.
- Alias for Root Logger added to logging configuration.
- Context object in a request scope that holds account and token added.
- Support for OPTIONS HTTP request to enable auto version negotiation added.
- Documentation improved.
- Initial release