feat(cli)!: standardize ATT&CK export command

.github/workflows/lint-and-test.yml

@@ -47,4 +47,4 @@ jobs:
         run: uv sync --all-extras
 
       - name: Run pytest
-        run: uv run pytest --cov=mitreattack
+        run: uv run pytest --cov=mitreattack --durations=20

docs/CONTRIBUTING.md

@@ -51,11 +51,14 @@ Run `just` with no arguments to see all available commands. Here are the most co
 
 ```bash
 just lint          # Run pre-commit hooks (ruff format) on all files
-just test          # Run tests
+just test          # Run the full test suite, matching CI expectations
+just test-fast     # Run the fast local subset, excluding integration and slow tests
 just test-cov      # Run tests with coverage report
 just build         # Build the package
 ```
 
+Use `just test-fast` while iterating locally on changes that do not need full STIX-backed export or other slow integration coverage. Tests or setup steps that normally take longer than 10 seconds should be marked `slow`, so they are skipped by `just test-fast`. Before opening a PR, run `just test`; GitHub Actions also runs the full suite with coverage.
+
 To run STIX-backed tests against specific local bundles, pass the bundle paths to pytest:
 
 ```bash

justfile

@@ -35,6 +35,10 @@ ruff-format:
 test:
     uv run pytest
 
+# Run the fast local test subset, excluding integration and slow tests
+test-fast:
+    uv run pytest -m "not integration and not slow"
+
 # Run tests with coverage
 test-cov:
     uv run pytest --cov=mitreattack

mitreattack/attackToExcel/README.md

@@ -10,19 +10,40 @@ It also provides a means to access ATT&CK data as [Pandas](https://pandas.pydata
 Print full usage instructions:
 
 ```shell
-python3 attackToExcel.py -h
+attack-to-excel --help
 ```
 
 Example execution:
 
 ```shell
-python3 attackToExcel.py
+attack-to-excel from-stix
 ```
 
 Build a excel files corresponding to a specific domain and version of ATT&CK:
 
 ```shell
-python3 attackToExcel -domain mobile-attack -version v5.0
+attack-to-excel from-stix --domain mobile-attack --version v5.0
+```
+
+Build Excel files for all ATT&CK domains from a release. If local STIX files
+are missing under `attack-releases/stix-2.0/v19.0`, they are downloaded
+temporarily for the export:
+
+```shell
+attack-to-excel from-release --version v19.0
+```
+
+To persist release STIX files before exporting, use `download_attack_stix`:
+
+```shell
+download_attack_stix -v 19.0
+attack-to-excel from-release --version v19.0
+```
+
+Build Excel files for selected ATT&CK domains from a release:
+
+```shell
+attack-to-excel from-release --version v19.0 --domains mobile-attack --domains ics-attack
 ```
 
 ### Module
@@ -35,6 +56,14 @@ import mitreattack.attackToExcel.attackToExcel as attackToExcel
 attackToExcel.export("mobile-attack", "v5.0", "/path/to/export/folder")
 ```
 
+Example execution targeting all release domains:
+
+```python
+import mitreattack.attackToExcel.attackToExcel as attackToExcel
+
+attackToExcel.export_release(version="v19.0", output_dir="output")
+```
+
 ## Interfaces
 
 ### attackToExcel
@@ -48,6 +77,7 @@ overview of the available methods follows.
 |build_dataframes| `src`: MemoryStore or other stix2 DataSource object holding domain data<br> `domain`: domain of ATT&CK that `src` corresponds to| Builds a Pandas DataFrame collection as a dictionary, with keys for each type, based on the ATT&CK data provided|
 |write_excel| `dataframes`: pandas DataFrame dictionary (generated by build_dataframes) <br>  `domain`: domain of ATT&CK that `dataframes` corresponds to <br> `version`: optional parameter indicating which version of ATT&CK is in use <br> `output_dir`: optional parameter specifying output directory| Writes out DataFrame based ATT&CK data to excel files|
 |export| `domain`: the domain of ATT&CK to download <br> `version`: optional parameter specifying which version of ATT&CK to download <br> `output_dir`: optional parameter specifying output directory| Downloads ATT&CK data from MITRE/CTI and exports it to Excel spreadsheets |
+|export_release| `version`: optional ATT&CK release version <br> `stix_version`: STIX release tree, such as "2.0" or "2.1" <br> `output_dir`: parent output directory <br> `stix_base_dir`: optional directory containing release STIX files <br> `domains`: optional list of domains <br> `versioned_output_dir`: preserve domain-version output folders| Exports a full ATT&CK release to Excel spreadsheets, downloading missing STIX files temporarily when needed |
 
 ### stixToDf