intelmq icon indicating copy to clipboard operation
intelmq copied to clipboard
verified publisher icon certtools

Shadowserver 20220909

Open elsif2 opened this issue 3 years ago • 1 comments

Many thanks to Eric Halil for testing the 3.1 pre-release changes.

The following field types have been standardized across all Shadowserver reports:

  • destination.fqdn (validate_fqdn)
  • destination.url (convert_http_host_and_url)
  • extra.browser_trusted (convert_bool)
  • extra.duration (convert_int)
  • extra.end_time (convert_date_utc)
  • extra.freak_vulnerable (convert_bool)
  • extra.ok (convert_bool)
  • extra.password (validate_to_none)
  • extra.ssl_poodle (convert_bool)
  • extra.status (convert_int)
  • extra.uptime (convert_int)
  • extra.version (convert_to_none)
  • source.network (validate_network)

The following report field names have changed to better represent their values:

  • scan_rsync:extra.password renamed to extra.has_password
  • scan_elasticsearch:status renamed to http_code

Fixed spurious warning on fields that are defined yet empty.

Restored the 'classification.identifier' for Accessible-HTTP to match the previous release.

elsif2 avatar Sep 23 '22 14:09 elsif2

Codecov Report

Merging #2246 (3304bf8) into develop (122e3a3) will decrease coverage by 0.03%. The diff coverage is 60.00%.

:exclamation: Current head 3304bf8 differs from pull request most recent head de05f2f. Consider uploading reports for the commit de05f2f to get more accurate results

@@             Coverage Diff             @@
##           develop    #2246      +/-   ##
===========================================
- Coverage    76.30%   76.27%   -0.04%     
===========================================
  Files          454      454              
  Lines        23991    23998       +7     
  Branches      3782     3504     -278     
===========================================
- Hits         18307    18305       -2     
- Misses        4939     4944       +5     
- Partials       745      749       +4
Impacted Files Coverage Δ
intelmq/bots/parsers/shadowserver/_config.py 97.14% <ø> (-0.02%) :arrow_down:
...ests/bots/parsers/shadowserver/test_scan_docker.py 100.00% <ø> (ø)
.../tests/bots/parsers/shadowserver/test_scan_http.py 100.00% <ø> (ø)
.../parsers/shadowserver/test_scan_http_vulnerable.py 100.00% <ø> (ø)
.../bots/parsers/shadowserver/test_scan_kubernetes.py 100.00% <ø> (ø)
...sts/bots/parsers/shadowserver/test_scan_mongodb.py 100.00% <ø> (ø)
...sts/bots/parsers/shadowserver/test_scan_nat_pmp.py 100.00% <ø> (ø)
...tests/bots/parsers/shadowserver/test_scan_redis.py 100.00% <ø> (ø)
.../tests/bots/parsers/shadowserver/test_scan_snmp.py 100.00% <ø> (ø)
...q/tests/bots/parsers/shadowserver/test_scan_ssl.py 100.00% <ø> (ø)
... and 7 more

codecov-commenter avatar Sep 23 '22 15:09 codecov-commenter

To fix the codespell action fail, rebase on master and fix these:

./NEWS.md:45: unneccessary ==> unnecessary
./NEWS.md:45: identifer ==> identifier

and for the codestyle fail, fix these:

intelmq/bots/parsers/shadowserver/parser.py:112:20: E713 test for membership should be 'not in'
intelmq/bots/parsers/shadowserver/parser.py:142:20: E713 test for membership should be 'not in'

sebix avatar Nov 09 '22 08:11 sebix

Fixed.

elsif2 avatar Nov 09 '22 15:11 elsif2

I don't know how you rebase that you always end up with duplicated commits. Please use git rebase develop. I did that now, which removed 20 spurious commits from the branch.

sebix avatar Nov 09 '22 17:11 sebix

I did a git pull --rebase origin develop

elsif2 avatar Nov 09 '22 18:11 elsif2