Fix model for incidents field of reports

2025-11-04 00:07:29 +00:00 · 2025-07-28 15:00:23 -05:00 · 2025-07-28 15:00:23 -05:00 · b58c1d6810
commit b58c1d6810
parent 084206c86d
3 changed files with 11 additions and 4 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [project]
 name = "pyhuntress"
-version = "0.1.1"
+version = "0.2.2"
 authors = [
  { name="Peter Annabel", email="peter.annabel@gmail.com" },
 ]
@ -27,11 +27,15 @@ keywords = [
 ]
 license = "GPL-3.0-only"
 license-files = ["LICEN[CS]E*"]
 dynamic = ["dependencies"]
 [project.urls]
 Homepage = "https://github.com/brygphilomena/pyhuntress"
 Issues = "https://github.com/brygphilomena/pyhuntress/issues"
 [build-system]
-requires = ["hatchling >= 1.26"]
+requires = ["hatchling >= 1.26", "hatch-requirements-txt"]
-build-backend = "hatchling.build"
+build-backend = "hatchling.build"
 [tool.hatch.metadata.hooks.requirements_txt]
 files = ["requirements.txt"]
--- a/requirements.txt
+++ b/requirements.txt
@ -0,0 +1,3 @@
 requests==2.32.4
 pydantic==2.11.7
 typing_extensions==4.14.1
--- a/src/pyhuntress/models/siem/init.py
+++ b/src/pyhuntress/models/siem/init.py
@ -237,7 +237,7 @@ class SIEMReports(HuntressModel):
    ransomware_note: str | None = Field(default=None, alias="RansomwareNote")
    # Huntress has incident_log listed as "complex" with the note "A JSON representation of any critical
    # or high severity incidents from this report"
-    incident_log: str | None = Field(default=None, alias="IncidentLog")
+    incident_log: list[dict[str, Any]] | None = Field(default=None, alias="IncidentLog")
    total_mav_detection_count: int | None = Field(default=None, alias="TotalMAVDetectionCount")
    blocked_malware_count: int | None = Field(default=None, alias="BlockedMalwareCount")
    investigated_mav_detection_count: int | None = Field(default=None, alias="InvestigatedMAVDetectionCount")