[orange-cyberdefense-enrichment-v3] internal-enrichment connector update

[ocd-acauchy]

Proposed changes

• chore: bump version of datalake python library
• fix: bug with import of some identity objects
• doc: update screenshots for v7

Related issues

N/A

Checklist

• I consider the submitted work as finished
• I have signed my commits using GPG key.
• I tested the code for its functionality using different use cases
• I added/update the relevant documentation (either on github or on notion)
• Where necessary I refactored code to improve the overall quality

Further comments

N/A

Closes #6120

[filigran-cla-bot]

Contributor License Agreement

✅ CLA signed 💚

Thank you @ocd-acauchy for signing the Contributor License Agreement! Your pull request can now be reviewed and merged.

We appreciate your contribution to Filigran's open source projects! ❤️

_{This is an automated message from the Filigran CLA Bot.}

[Copilot]

Pull request overview

Updates the orange-cyberdefense-enrichment-v3 internal-enrichment connector by aligning dependencies with the stable Datalake library release, hardening identity handling during STIX import, and refreshing documentation screenshots for OpenCTI v7.

Changes:

• Bump datalake-scripts from 3.0.0rc7 to 3.0.0.
• Avoid KeyError when checking identity_class / name on identity objects by using .get(...).
• Update README screenshot section headings and replace a screenshot asset.

Reviewed changes

Copilot reviewed 3 out of 8 changed files in this pull request and generated no comments.

File	Description
internal-enrichment/orange-cyberdefense-enrichment-v3/src/requirements.txt	Pins datalake-scripts to the stable 3.0.0 release.
internal-enrichment/orange-cyberdefense-enrichment-v3/src/main.py	Makes identity matching more resilient to missing keys during STIX object processing.
internal-enrichment/orange-cyberdefense-enrichment-v3/media/Indicator_2.png	Updates screenshot asset referenced by the README.
internal-enrichment/orange-cyberdefense-enrichment-v3/README.md	Adjusts screenshot section headings for v7 docs and references updated images.

Comments suppressed due to low confidence (1)

internal-enrichment/orange-cyberdefense-enrichment-v3/src/main.py:450

• self._process_object() can return None (e.g., for sightings when ocd_enrich_add_sightings is false), but this loop dereferences processed_object["type"] before the if processed_object is None: continue guard. This can raise a runtime exception. Move the None check immediately after _process_object() (before any indexing), or make _process_object() always return a dict and use .get("type") defensively.

            if (
                self.ocd_enrich_add_createdby
                and processed_object["type"] == "identity"
                and processed_object.get("identity_class", None) == "organization"
                and processed_object.get("name", None) == "Orange Cyberdefense"
            ):
                self.identity = processed_object  # pylint: disable=W0201
            if processed_object is None:
                continue

[Ninoxe]

Hi again @ocd-acauchy !

I think you can guess what I'm going to say: everything is good, but it has a conflict to resolve, just like the other PRs.
Thank you!

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 0.09%. Comparing base (6575c4e) to head (10b96a6).
⚠️ Report is 6 commits behind head on master.

❗ There is a different number of reports uploaded between BASE (6575c4e) and HEAD (10b96a6). Click for more details.

HEAD has 88 uploads less than BASE

Flag	BASE (6575c4e)	HEAD (10b96a6)
connectors	89	1

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #5873       +/-   ##
==========================================
- Coverage   39.22%   0.09%   -39.13%     
==========================================
  Files        2082    1626      -456     
  Lines      124471   97657    -26814     
==========================================
- Hits        48819      94    -48725     
- Misses      75652   97563    +21911     

Flag	Coverage Δ
baseline	0.00% <ø> (ø)
connectors	96.90% <ø> (+22.61%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Ninoxe]

Thanks again!