Skip to content

Commit

Permalink
Merge branch 'nav-unit-testing' of github.com:mitre-attack/attack-nav…
Browse files Browse the repository at this point in the history
…igator into nav-unit-testing
  • Loading branch information
adpare committed Jan 30, 2024
2 parents 105f741 + f0e47cd commit 1267160
Show file tree
Hide file tree
Showing 15 changed files with 124 additions and 72 deletions.
35 changes: 35 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
name: Jasmine Testing

on:
push:
branches: [ "develop" ]
pull_request:
branches: [ "master", "develop" ]

jobs:
run-jasmine-tests:
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./nav-app/
strategy:
matrix:
node-version: [16.x]
steps:
- uses: actions/checkout@v4
- name: Use Node.js ${{ matrix.node-version }}
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node-version }}
cache: 'npm'
cache-dependency-path: nav-app/package-lock.json
- name: Install
run: npm ci
- name: Run Jasmine tests
run: npm run test -- --code-coverage --no-watch --browsers ChromeHeadlessCI
- name: Archive code coverage results
uses: actions/upload-artifact@v4
if: always()
with:
name: code-coverage-report
path: nav-app/coverage/chrome/index.html
16 changes: 12 additions & 4 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,22 @@
This will patch the version number appropriately and create the correct tag on the current commit.
The creation of the tag can be disabled with the --no-git-tag-version if desired.
-->
# 4.9.1 - 14 November 2023

# Changes Staged on Develop
Adds support for ATT&CK v14.1.

## Fixes
- Fixed an issue with the Dockerfile which was preventing the docker image from building. See issue [#598](https://github.com/mitre-attack/attack-navigator/pull/598).

# 4.9.0 - 31 October 2023

Adds support for ATT&CK v14.0.

## New Features
- Consolidated the JSON, Excel, and SVG export options into a single dropdown. Added an option to the export interface to only download annotations on visible techniques. See issue [#215](https://github.com/mitre-attack/attack-navigator/issues/215).
- Extended search interface to support searching for techniques by asset.
- Added the ability to configure how sub-techniques are displayed in the layer file through the `expandedSubtechniques` property - annotated, all, or none. See issue [#560](https://github.com/mitre-attack/attack-navigator/issues/560) and the `Layer File Format Changes` section.
- Added functionality to download all open layers in JSON or MS Excel format. Also added the functionality to upload file with multiple layers. See issue [#128](https://github.com/mitre-attack/attack-navigator/issues/128).
- Added functionality to download all open layers in JSON or MS Excel format. Also added the ability to upload a file with multiple layers. See issue [#128](https://github.com/mitre-attack/attack-navigator/issues/128).
- Added a new toolbar option to enable or disable the sticky toolbar.

## Improvements
Expand All @@ -39,8 +47,8 @@
Layer file format updated to version 4.5. See [layers/LAYERFORMATv4_5.md](layers/LAYERFORMATv4_5.md) for the full specification.

- Added support for selecting only visible techniques. The `selectVisibleTechniques` field specifies whether or not hidden techniques will be included in the different select behaviors.
- Added support for configuring how to display sub-techniques in the layer file with the help of the `expandedSubtechniques` field. This property can be set to `all`, `none`, or `annotated` to display the sub-techniques.
- Added support for downloading all open layers in JSON or MS Excel (.xlsx) format. The user can now upload a file with multiple layers.
- Added support for configuring how sub-techniques are displayed in the layer with the `expandedSubtechniques` field. This property can be set to `all`, `annotated`, or `none` to expand all sub-techniques, expand only annotated sub-techniques, or collapse all sub-techniques, respectively.
- Added support for a list of layers. Users can now upload a layer file that contains multiple layers.

# 4.8.2 - 9 May 2023

Expand Down
17 changes: 4 additions & 13 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,13 @@ ENV NODE_OPTIONS=--openssl-legacy-provider

# install node packages - cache for faster future builds
WORKDIR /src/nav-app
COPY nav-app/package*.json nav-app/patch-webpack.js .
# install packages and build
RUN npm install --unsafe-perm --legacy-peer-deps

# NOTE on legacy-peer-deps:
# The --legacy-peer-deps flags is included to bypass the dependency peer resolution conflict that arises between Angular
# and @angular-devkit/build-angular@0.1100.7, the latter of which has peerDependency: karma: '~5.1.0'. However,
# upgrading karma to 5.1.0 cascades into a litany of other dependency conflicts, which would ultimately require us to
# upgrade from Angular v11 to v12. Therefore, legacy-peer-deps will be allowed until a major framework upgrade can occur
COPY ./nav-app/package*.json ./

# give user permissions
RUN chown -R node:node ./
# install packages and build
RUN npm install

# copy over needed files
USER node
COPY nav-app/ ./
COPY ./nav-app/ ./

WORKDIR /src
COPY layers/*.md ./layers/
Expand Down
2 changes: 1 addition & 1 deletion NOTICE.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Copyright 2023 The MITRE Corporation
Copyright 2024 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 18-0128.

Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -256,7 +256,7 @@ STIX is designed to improve many different capabilities, such as collaborative t

## Notice

Copyright 2023 The MITRE Corporation
Copyright 2024 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 18-0128.

Expand Down
2 changes: 1 addition & 1 deletion USAGE.md
Original file line number Diff line number Diff line change
Expand Up @@ -635,7 +635,7 @@ To get the full view of the matrix on a single page, be sure to disable the stic

# Notice

Copyright 2023 The MITRE Corporation
Copyright 2024 The MITRE Corporation

Approved for Public Release; Distribution Unlimited. Case Number 18-0128.

Expand Down
12 changes: 6 additions & 6 deletions layers/LAYERFORMATv4_5.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ This document describes **Version 4.5** of the MITRE ATT&CK Navigator Layer file
| Name | Type | Required? | Default Value (if not present) | Description |
| :------------- | :------------- | :------------- | :------------- | :------------- |
| attack | String | No | Current version of ATT&CK | ATT&CK version of this layer |
| navigator | String | Yes | | Must be at least "4.8.0" |
| navigator | String | Yes | | Must be at least "4.9.0" |
| layer | String | Yes | | Must be "4.5" |

## Technique Object properties
Expand Down Expand Up @@ -109,7 +109,7 @@ The following example illustrates the layer file format of a single layer:
"name": "example layer",
"versions": {
"attack": "13",
"navigator": "4.8.2",
"navigator": "4.9.1",
"layer": "4.5"
},
"domain": "enterprise-attack",
Expand Down Expand Up @@ -232,8 +232,8 @@ The following example illustrates the layer file format of multiple layers. The
{
"name": "example layer",
"versions": {
"attack": "13",
"navigator": "4.8.2",
"attack": "14",
"navigator": "4.9.1",
"layer": "4.5"
},
"domain": "enterprise-attack",
Expand Down Expand Up @@ -350,8 +350,8 @@ The following example illustrates the layer file format of multiple layers. The
{
"name": "example layer",
"versions": {
"attack": "13",
"navigator": "4.8.2",
"attack": "14",
"navigator": "4.9.1",
"layer": "4.5"
},
"domain": "enterprise-attack",
Expand Down
3 changes: 2 additions & 1 deletion nav-app/angular.json
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,8 @@
"node_modules/tinygradient/browser.js"
],
"styles": ["src/styles.scss"],
"assets": ["src/assets", "src/favicon.ico"]
"assets": ["src/assets", "src/favicon.ico"],
"codeCoverage": true
}
},
"lint": {
Expand Down
2 changes: 2 additions & 0 deletions nav-app/karma.conf.js
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,8 @@ module.exports = function (config) {
coverageReporter: {
type: 'html',
dir: 'coverage/',
subdir: 'chrome',
file: 'index.html'
},
});
};
28 changes: 14 additions & 14 deletions nav-app/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion nav-app/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"type": "git",
"url": "https://github.com/mitre-attack/attack-navigator.git"
},
"version": "4.8.2",
"version": "4.9.1",
"license": "Apache-2.0",
"scripts": {
"ng": "ng",
Expand Down
27 changes: 14 additions & 13 deletions nav-app/src/app/classes/view-model.ts
Original file line number Diff line number Diff line change
Expand Up @@ -918,9 +918,6 @@ export class ViewModel {
*/
private sortingAlgorithm(technique1: Technique, technique2: Technique, score1: number, score2: number) {
switch (this.sorting) {
default:
case 0: // A-Z
return technique1.name.localeCompare(technique2.name);
case 1: // Z-A
return technique2.name.localeCompare(technique1.name);
case 2: // 1-2
Expand All @@ -935,6 +932,9 @@ export class ViewModel {
} else {
return score2 - score1;
}
case 0: // A-Z
default:
return technique1.name.localeCompare(technique2.name);
}
}

Expand All @@ -958,13 +958,6 @@ export class ViewModel {
let aggScore: any = 0;

switch (this.layout.aggregateFunction) {
default:
case 'average':
// Divide by count of all subtechniques + 1 (for parent technique) if counting unscored is enabled
// Otherwise, divide by count of all scored only
score = scores.reduce((a, b) => a + b);
aggScore = score / (this.layout.countUnscored ? technique.subtechniques.length + 1 : validTechniquesCount);
break;
case 'min':
if (scores.length > 0) aggScore = Math.min(...scores);
break;
Expand All @@ -974,6 +967,13 @@ export class ViewModel {
case 'sum':
aggScore = scores.reduce((a, b) => a + b);
break;
case 'average':
default:
// Divide by count of all subtechniques + 1 (for parent technique) if counting unscored is enabled
// Otherwise, divide by count of all scored only
score = scores.reduce((a, b) => a + b);
aggScore = score / (this.layout.countUnscored ? technique.subtechniques.length + 1 : validTechniquesCount);
break;
}

aggScore = aggScore.toFixed(2);
Expand Down Expand Up @@ -1259,9 +1259,6 @@ export class ViewModel {
*/
if (typeof obj.viewMode === 'number') {
switch (obj.viewMode) {
default:
case 0:
break; //default matrix layout already initialized
case 1:
this.layout.layout = 'side';
this.layout.showName = false;
Expand All @@ -1271,6 +1268,10 @@ export class ViewModel {
this.layout.layout = 'mini';
this.layout.showName = false;
this.layout.showID = false;
break;
case 0:
default:
break; //default matrix layout already initialized
}
} else console.error('TypeError: viewMode field is not a number');
}
Expand Down
16 changes: 5 additions & 11 deletions nav-app/src/app/list-input/list-input.component.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,6 @@ export class ListInputComponent implements OnInit {
return this.config.type == 'links';
}

constructor() {
// intentionally left blank
}

ngOnInit(): void {
if (this.config.level == 'technique') {
this.list = this.config.list.map((item) => {
Expand Down Expand Up @@ -52,7 +48,7 @@ export class ListInputComponent implements OnInit {
this.list.splice(i, 1);
}

if (this.list[0] && this.list[0].divider) this.removeDivider(0);
if (this.list[0]?.divider) this.removeDivider(0);
if (this.list[this.list.length - 1] && this.list[this.list.length - 1].divider) this.removeDivider(this.list.length - 1);

this.updateList();
Expand Down Expand Up @@ -82,12 +78,10 @@ export class ListInputComponent implements OnInit {
public canAddDivider(i: number): boolean {
if (i < 1) return false; // cannot add divider before the first item
if (
this.list[i] &&
this.list[i].valid() &&
!this.list[i].divider &&
this.list[i - 1] &&
this.list[i - 1].valid() &&
!this.list[i - 1].divider
this.list[i]?.valid() &&
!this.list[i]?.divider &&
this.list[i - 1]?.valid() &&
!this.list[i - 1]?.divider
) {
return true;
}
Expand Down
11 changes: 5 additions & 6 deletions nav-app/src/app/services/data.service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ import { Version, VersionChangelog } from '../classes';
export class DataService {
public subscription;
constructor(private http: HttpClient) {
//let subscription;
console.debug('initializing data service');
this.subscription = this.getConfig().subscribe({
next: (config) => {
Expand Down Expand Up @@ -237,11 +236,11 @@ export class DataService {
private domainData$: Observable<Object>;

// URLs in case config file doesn't load properly
public readonly latestVersion: Version = { name: 'ATT&CK v13', number: '13' };
private lowestSupportedVersion: Version;
private enterpriseAttackURL: string = 'https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json';
private mobileAttackURL: string = 'https://raw.githubusercontent.com/mitre/cti/master/mobile-attack/mobile-attack.json';
private icsAttackURL: string = 'https://raw.githubusercontent.com/mitre/cti/master/ics-attack/ics-attack.json';
public latestVersion: Version = { name: "ATT&CK v14", number: "14" };
public lowestSupportedVersion: Version; // used by tabs component
public enterpriseAttackURL: string = "https://raw.githubusercontent.com/mitre/cti/master/enterprise-attack/enterprise-attack.json";
public mobileAttackURL: string = "https://raw.githubusercontent.com/mitre/cti/master/mobile-attack/mobile-attack.json";
public icsAttackURL: string = "https://raw.githubusercontent.com/mitre/cti/master/ics-attack/ics-attack.json";

/**
* Set up the URLs for data
Expand Down
Loading

0 comments on commit 1267160

Please sign in to comment.