v1.0.3

1.0.3 (2025-12-16)

Bug Fixes

TAXII 2.1 Specification Compliance

• taxii: resolve match query parsing and TAXII 2.1 spec compliance after NestJS v11 upgrade (d602846)

  • All endpoints requiring the Content-Type response header now set the appropriate TAXII value (application/taxii+json;version=2.1)
  • Added support for match[version]=first, match[version]=last, and match[version]=all query parameters
  • Server now rejects requests with duplicate match query parameter keys (e.g., match[type]=attack-pattern&match[type]=tool)
  • Comma-separated values remain supported (e.g., match[type]=attack-pattern,tool)

• taxii: correctly compute X-TAXII-Date-Added headers (ecd477d)

  • Resolved buffer overflow causing X-TAXII-Date-Added-Last to incorrectly match X-TAXII-Date-Added-First in large envelope responses
  • Headers now format as proper TAXII timestamp resources

Collection Synchronization

• hydrate: enable pulling multiple versions of a STIX collection (99fa771)
  • The TAXII server can now synchronize multiple versions of the same STIX collection (e.g., ATT&CK v17.1 and v18.1 with identical STIX id values)
  • Previously, only the first observed collection would synchronize

Code Quality

• resolve linting errors (d9304ac)

v1.0.2

1.0.2 (2025-12-11)

Bug Fixes

• construct uuid using standard library 'crypto' instead of 'uuid' (5c216dd)
• removal of destructuring resolves an issue causing empty response envelope (11113d1)
• tests: major upgrade to Nest.js v11 upgrade (b34cadd)

v1.0.1

1.0.1 (2025-12-10)

Bug Fixes

• middleware: apply middleware to controller classes instead of wildcard paths (b49d7b3)
• more linting issues (8430e18)
• more linting issues (a900b7a)
• resolve linting issues (26cfaa2)

v1.0.0

1.0.0 (2025-12-09)

v1.0.0 marks the first stable release managed by [semantic-release](https://github.com/semantic-release/semantic-release), which will automate all future versioning and releases based on [Conventional Commits](https://www.conventionalcommits.org/).

This release includes significant improvements to TAXII 2.1 specification compliance, particularly around content negotiation, response serialization, and DTO handling. Key changes include corrected Content-Type headers, proper envelope structure (objects instead of items), and improved error handling (404 for missing collections instead of 500). The release also adds a health check endpoint and graceful handling of Workbench unavailability during startup.

Bug Fixes

• bruno: expected keys in collection endpoints (2fa5d2b)
• bruno: refactor tests to comply with expected TAXII responses (4a53be8)
• cast envelope objects to dto class (434db72)
• change 'version' string property on api root dto to 'versions' string array (1468fee)
• change default api root relative path in template.env (bad3ec8)
• change envelope 'items' key to 'objects' (395334c)
• comment out portion of SetResponseMediaType interceptor that replaces 'taxii' with 'stix' (69f33bd)
• correct TAXII Content-Type header without charset (90da233), closes #36
• handle NestJS HTTP exceptions (d2cece7)
• hydrate: gracefully handle Workbench unavailability during startup (ff6d4ef)
• major refactor pertaining to DTO serialization (6552c64)
• modify publish ci job to not use cached docker layers (4e95535)
• refactor set-response-media-type.interceptor (528765e)
• refactor set-taxii-date-headers.interceptor (76c93c7)
• remove portion of SetResponseMediaType interceptor that replaces 'taxii' with 'stix' (bc6b1f2)
• remove unnecessary JSON transformation in controller return sequences (02207f6)
• resolve bug causing class-transformer to serialize dates to empty objects (6e4eef8)
• return 404 instead of 500 for missing collections (e9369d6)
• skip content negotiation for health check endpoint (e3530b9)
• tests: update manifest endpoint test for optional pagination (2876aed)
• update bruno tests for local dev to use new default port (608033c)
• update bruno tests for local dev to use new default port (39927c8)
• update default api root path (210189e)
• update how date properties are handled by DTOs (124c1ea)
• update HTTPS port mapping in docker run command for Mac/Windows (2a4e11e)
• update HTTPS port mapping in docker run command for Mac/Windows (4effac2)
• update MongoDB URI to include port number in configuration files (d491db9)
• update MongoDB URI to include port number in configuration files (bae80ea)
• update release process to use semantic release and fix broken unit test (728df20)
• update supported media types (54a9066)
• verify response content type is taxii+json not stix+json (e962831)

Features

• add snake case interceptor to handle transforming pascalCase properties to snake_case on http responses (e4fdf31)
• health: add basic ping endpoint with no content response (64d80d7)
• update TAXII server ports for HTTP and HTTPS configurations (8a08b93)
• update TAXII server ports for HTTP and HTTPS configurations (83d6d5f)

---

Note on versioning history

Prior to adopting semantic-release, versions were tagged without the v prefix (1.0.0 through 1.1.0). When semantic-release was introduced, it didn't recognize these tags and started fresh at v1.0.0.

To restore version continuity, the legacy tags have been remapped:

Original	New
1.0.0	v0.1.0
1.0.1	v0.1.1
1.0.2	v0.1.2
1.0.3	v0.1.3
1.0.4	v0.1.4
1.0.5	v0.1.5
1.1.0	v0.2.0

The original tags and pre-release tags (v1.0.0-rc1 through v1.0.0-rc3) have been removed. All releases now follow semantic versioning with the v prefix.

v1.0.0-beta.4

1.0.0-beta.4 (2025-12-05)

Bug Fixes

• correct TAXII Content-Type header without charset (90da233), closes #36
• handle NestJS HTTP exceptions (d2cece7)
• update bruno tests for local dev to use new default port (608033c)
• update HTTPS port mapping in docker run command for Mac/Windows (2a4e11e)
• update MongoDB URI to include port number in configuration files (d491db9)
• update release process to use semantic release and fix broken unit test (728df20)

Features

• update TAXII server ports for HTTP and HTTPS configurations (8a08b93)

v1.0.0-beta.3

1.0.0-beta.3 (2025-11-11)

Bug Fixes

• update HTTPS port mapping in docker run command for Mac/Windows (4effac2)
• update MongoDB URI to include port number in configuration files (bae80ea)

Features

• update TAXII server ports for HTTP and HTTPS configurations (83d6d5f)

v1.0.0-beta.2

1.0.0-beta.2 (2025-11-11)

Bug Fixes

• update bruno tests for local dev to use new default port (39927c8)

v1.0.0-beta.1

1.0.0-beta.1 (2025-11-11)

Bug Fixes

• bruno: expected keys in collection endpoints (2fa5d2b)
• bruno: refactor tests to comply with expected TAXII responses (4a53be8)
• cast envelope objects to dto class (434db72)
• change 'version' string property on api root dto to 'versions' string array (1468fee)
• change default api root relative path in template.env (bad3ec8)
• change envelope 'items' key to 'objects' (395334c)
• comment out portion of SetResponseMediaType interceptor that replaces 'taxii' with 'stix' (69f33bd)
• hydrate: gracefully handle Workbench unavailability during startup (ff6d4ef)
• major refactor pertaining to DTO serialization (6552c64)
• modify publish ci job to not use cached docker layers (4e95535)
• refactor set-response-media-type.interceptor (528765e)
• refactor set-taxii-date-headers.interceptor (76c93c7)
• remove portion of SetResponseMediaType interceptor that replaces 'taxii' with 'stix' (bc6b1f2)
• remove unnecessary JSON transformation in controller return sequences (02207f6)
• resolve bug causing class-transformer to serialize dates to empty objects (6e4eef8)
• return 404 instead of 500 for missing collections (e9369d6)
• skip content negotiation for health check endpoint (e3530b9)
• tests: update manifest endpoint test for optional pagination (2876aed)
• update default api root path (210189e)
• update how date properties are handled by DTOs (124c1ea)
• update supported media types (54a9066)
• verify response content type is taxii+json not stix+json (e962831)

Features

• add snake case interceptor to handle transforming pascalCase properties to snake_case on http responses (e4fdf31)
• health: add basic ping endpoint with no content response (64d80d7)

v0.2.0

Version 0.2.0 - Workbench-Driven State Management

This release introduces a fundamental shift in how the TAXII server manages state synchronization with ATT&CK Workbench, alongside improvements to collection versioning, data relationships, and system health monitoring.

Changes:

• Workbench-Driven State Management:

  • The TAXII server now strictly mirrors Workbench's state regardless of version numbers, ensuring perfect synchronization.
  • Supports seamless version transitions in all directions (upgrades, downgrades to new versions, downgrades to previously seen versions).
  • Collections and objects maintain history through active/inactive states rather than updates or deletions.

• Enhanced Data Relationship Management:

  • Replaced MongoDB document references with embedded collection metadata for improved data consistency and query performance.
  • Implemented TAXII-compliant sorting through optimized MongoDB indexes on _meta.createdAt.
  • Added proper tracking of collection-object relationships through embedded metadata.
  • Removed redundant object serialization to preserve STIX data integrity.

• System Health Monitoring:

  • Added /health/ping endpoint returning 204 No Content.
  • Bypass TAXII 2.1 content negotiation requirements for basic health checks.
  • Enhanced logging throughout the hydration process for better observability.

• Architecture Consolidation:

  • Merged collection and object management into a single HydrateService.
  • Simplified system configuration and setup.
  • Optimized database indexes for TAXII specification compliance.
  • Improved error handling and documentation.

Endpoint Validation:

All TAXII endpoints have been validated with the new state management system:

• Server Discovery
• Get API Root Information
• Get Collections (now with version history support)
• Get A Collection (with proper version state handling)
• Get Objects (with TAXII-compliant sorting)
• Get An Object (with collection relationship integrity)
• Get Object Manifests
• Get Object Versions

Impact Notice: While this release includes significant internal changes to state management and data relationships, it maintains backward compatibility with existing APIs. The system now provides more reliable synchronization with Workbench and better handles version transitions.

We strongly recommend upgrading to this version to benefit from the improved state management, enhanced version handling, and optimized data relationships.

For more information on TAXII and STIX structures, please refer to the TAXII 2.1 Specification.

v0.1.5

Version 0.1.5 - Enhanced STIX Data Ingestion and MongoDB Document Tracking

This release introduces significant improvements to the TAXII server’s data ingestion and storage mechanisms, optimizing how STIX data is retrieved from Workbench, validated, and stored in MongoDB.

Changes:

• Hydrate MongoDB from Workbench /api/stix-bundle:

  • The TAXII server now retrieves STIX objects from Workbench’s /api/stix-bundle endpoint instead of /api/attack-objects, enabling native ingestion of both STIX 2.0 and 2.1 objects.
  • Six REST calls are now made (for each ATT&CK domain and STIX version) instead of one. The slight overhead is offset by eliminating the need for complex, manual version conversion in the TAXII code.

• Removal of DTO Wrappers for STIX/ATT&CK Objects:

  • Removed DTO wrappers for STIX objects to avoid potential issues with missing properties during serialization.
  • This update allows all attributes of STIX objects to pass through as-is, reducing maintenance risks and preventing data loss due to incomplete DTOs.
  • Future data validation will be handled by the ATT&CK Data Model (ADM), specifically the stixBundleSchema, once full compatibility with Nest.js is feasible.

• New created_at Timestamp:

  • Added a created_at timestamp at the root of each document in MongoDB to mark when the object was added to the database.
  • This property allows for enhanced metadata tracking and can support future optimizations in data querying.

Endpoint Validation:

All primary TAXII endpoints were validated to ensure compatibility and correct functionality with the new data ingestion strategy:

• Server Discovery
• Get API Root Information
• Get Collections
• Get A Collection
• Get Objects (with accurate property representation)
• Get An Object (fully tested with match filters)
• Get Object Manifests
• Get Object Versions

Impact Notice: This release does not introduce breaking changes. However, it optimizes data ingestion and validation, simplifying the maintenance of STIX data and ensuring accurate data representation in MongoDB.

We recommend all users upgrade to this version to leverage the new, efficient handling of STIX objects and the enhanced data tracking capabilities.

For more details on TAXII and STIX structures, please refer to the TAXII 2.1 Specification.