1.0.3 (2025-12-16)
Bug Fixes
TAXII 2.1 Specification Compliance
-
taxii: resolve match query parsing and TAXII 2.1 spec compliance after NestJS v11 upgrade (d602846)
- All endpoints requiring the
Content-Typeresponse header now set the appropriate TAXII value (application/taxii+json;version=2.1) - Added support for
match[version]=first,match[version]=last, andmatch[version]=allquery parameters - Server now rejects requests with duplicate
matchquery parameter keys (e.g.,match[type]=attack-pattern&match[type]=tool) - Comma-separated values remain supported (e.g.,
match[type]=attack-pattern,tool)
- All endpoints requiring the
-
taxii: correctly compute X-TAXII-Date-Added headers (ecd477d)
- Resolved buffer overflow causing
X-TAXII-Date-Added-Lastto incorrectly matchX-TAXII-Date-Added-Firstin large envelope responses - Headers now format as proper TAXII
timestampresources
- Resolved buffer overflow causing
Collection Synchronization
- hydrate: enable pulling multiple versions of a STIX collection (99fa771)
- The TAXII server can now synchronize multiple versions of the same STIX collection (e.g., ATT&CK v17.1 and v18.1 with identical STIX
idvalues) - Previously, only the first observed collection would synchronize
- The TAXII server can now synchronize multiple versions of the same STIX collection (e.g., ATT&CK v17.1 and v18.1 with identical STIX
Code Quality
- resolve linting errors (d9304ac)