Comments (4)
Thanks, @jmgnc.
Right now we don't distinguish "errors" from "warnings". Specific checks can be turned on and off using --enable
or --disable
. Additionally, all of the SHOULD checks can be turned off with --lax
.
Do you think the current implementation is sufficient, or do we need to distinguish errors from warnings (besides being able to selectively turn them on and off)?
from cti-stix-validator.
I think supporting warnings would be a good thing. It lets those warnings
be annoying as opposed to turning them off prevents you from seeing when
new warning happen. It's also not clear from the table which of the errors
are SHOULDs versus MUSTs.
On Tue, Nov 22, 2016 at 7:19 AM, Greg Back [email protected] wrote:
Thanks, @jmgnc https://github.com/jmgnc.
Right now we don't distinguish "errors" from "warnings". Specific checks
can be turned on and off using --enable or --disable. Additionally, all
of the SHOULD checks can be turned off with --lax.Do you think the current implementation is sufficient, or do we need to
distinguish errors from warnings (besides being able to selectively turn
them on and off)?—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#5 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/ALCthQN7DfgIO5wyDq0U_mnC-FK8VPgtks5rAwftgaJpZM4K418h
.
from cti-stix-validator.
It'd be great to see this same warning behavior applied to open vocabularies. According to the spec, it's acceptable to use custom values in an open-vocab
field (which consumers are free to ignore).
The value of the property SHOULD be chosen from the suggested vocabulary but MAY be any other string value.
The validator treats this as an error right now.
Example:
malware--031e8443-3a44-5068-b897-7a242b69b0b6: {216} labels contains a value not in the malware-label-ov vocabulary.
Edit: Just saw the other issue that mentions this. To me, they're effectively the same issue. Best practices are great, but they should not fail validation.
from cti-stix-validator.
Sounds good! We'll take a look.
from cti-stix-validator.
Related Issues (20)
- [CS03] location.administrative_area SHOULD contain valid 3166-2 code
- [CS03] software.languages must be RFC5646
- [CS03] Network Traffic Protocol Property and Extensions
- SDOs should not be allowed in in Observed Data's object_refs property
- 2.1 validator does not handle top-level extension definition properly HOT 5
- malware-analysis schema requires 'result', spec says 'av_result'. HOT 1
- windows-registry-key SCO doesn't have to start with a hive portion
- STIX Cyber-observable Objects SHOULD use UUIDv5. It is not a MUST. HOT 1
- SCOs are allowed in Observable Containers as per Section 2.13 of the spec - so the validator must allow it HOT 1
- KeyError Exceptions in validate_instance HOT 3
- Get string representation of validation results the way print_results() displays HOT 1
- UUIDv5 validation HOT 2
- draft7_format_checker is deprecated HOT 13
- 3.1.0 missing schemas HOT 3
- Better warning messages for open vocabs and relationship types
- Enhanced Interoperability Support
- TAXII Support?
- HTTPSConnectionPool Fatal Error HOT 1
- RefResolver deprecated HOT 17
- Outdated validation for Marking Definition HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cti-stix-validator.