feat: add attack_changelog command for generating changelog artifacts between ATT&CK versions (#236)

Author: jondricek

examples/generate_multiple_attack_diffs.py

@@ -2,7 +2,7 @@
 
 import argparse
 
-from mitreattack.diffStix.changelog_helper import get_new_changelog_md
+from mitreattack.diffStix.attack_changelog import generate_attack_changelog
 
 DOMAINS = ["enterprise-attack", "mobile-attack", "ics-attack"]
 VERSION_PAIRS = [
@@ -11,17 +11,6 @@
 ]
 
 
-def get_release_output_folder(old_version: str, new_version: str) -> str:
-    """Return the output folder for a release comparison."""
-    return f"output/v{old_version}-v{new_version}"
-
-
-def get_artifact_link_prefix(old_version: str, new_version: str, *, attack_website_links: bool = False) -> str:
-    """Return the link prefix for generated layers and changelog JSON."""
-    if not attack_website_links:
-        return ""
-    return f"/docs/changelogs/v{old_version}-v{new_version}"
-
 
 def get_parsed_args():
     """Parse command line arguments for the example script."""
@@ -37,31 +26,18 @@ def get_parsed_args():
 
 def generate_diff(old_version: str, new_version: str, *, attack_website_links: bool = False):
     """Generate changelog outputs for a single ATT&CK release pair."""
-    output_folder = get_release_output_folder(old_version, new_version)
+    output_folder = f"output/v{old_version}-v{new_version}"
     print(f"Generating ATT&CK Diffs between {old_version}-{new_version}: {output_folder}")
 
-    get_new_changelog_md(
+    generate_attack_changelog(
+        old_version=old_version,
+        new_version=new_version,
         domains=DOMAINS,
-        layers=[
-            f"{output_folder}/layer-enterprise.json",
-            f"{output_folder}/layer-mobile.json",
-            f"{output_folder}/layer-ics.json",
-        ],
-        old=f"attack-releases/stix-2.0/v{old_version}",
-        new=f"attack-releases/stix-2.0/v{new_version}",
-        show_key=True,
-        # site_prefix: str = "",
+        output_dir=output_folder,
         verbose=True,
-        include_contributors=True,
-        markdown_file=f"{output_folder}/changelog.md",
-        html_file=f"{output_folder}/index.html",
-        html_file_detailed=f"{output_folder}/changelog-detailed.html",
-        additional_formats_prefix=get_artifact_link_prefix(
-            old_version,
-            new_version,
-            attack_website_links=attack_website_links,
-        ),
-        json_file=f"{output_folder}/changelog.json",
+        markdown_file=True,
+        html_file=True,
+        attack_website_links=attack_website_links,
     )
 
 

mitreattack/diffStix/README.md

@@ -53,6 +53,24 @@ Example execution:
 diff_stix -v --show-key --html-file output/changelog.html --html-file-detailed output/changelog-detailed.html --markdown-file output/changelog.md  --json-file output/changelog.json --layers output/layer-enterprise.json output/layer-mobile.json output/layer-ics.json --old path/to/old/stix/ --new path/to/new/stix/
 ```
 
+Generate release changelog artifacts for one ATT&CK version pair:
+
+```shell
+attack_changelog --old-version 17.1 --new-version 18.0
+```
+
+The `attack_changelog` command reads local release data from `attack-releases/stix-2.0/v{version}` by default.
+If either requested release is missing, it downloads the needed STIX bundles into a temporary directory and
+removes them when generation is complete.
+It always writes detailed HTML, JSON, and Navigator layer artifacts under `output/v{old_version}-v{new_version}`.
+It can also generate `changelog.md` or `index.html` if needed by passing the corresponding flags:
+
+```shell
+attack_changelog --old-version 17.1 --new-version 18.0 \
+  --markdown-file \
+  --html-file
+```
+
 ## Changelog JSON format
 
 The changelog helper script has the option to output a JSON file with detailed differences between ATT&CK releases.