As found when checking stdin in #21, the check functionality currently treats an empty Path specification as normal, giving the output as if rules were processed.
(sigma-cli-py3.11) ❯❯❯❯ cat rules/windows/process_creation/certutil_susp_download.yml | sigma check && echo $?
DEBUG: input: ()
Parsing Sigma rules [####################################] 100%
Checking Sigma rules [####################################] 100%
=== Summary ===
Found 0 errors, 0 condition errors and 0 issues.
No rule errors found.
No condition errors found.
No validation issues found.
0
(sigma-cli-py3.11) ❯❯❯❯ sigma check && echo $?
DEBUG: input: ()
Parsing Sigma rules [####################################] 100%
Checking Sigma rules [####################################] 100%
=== Summary ===
Found 0 errors, 0 condition errors and 0 issues.
No rule errors found.
No condition errors found.
No validation issues found.
0
This issue could extend #21 in allowing standard input for check while providing a message supplied by the program to indicate that no rules were found and as such no rules were processed (indicating as such in the summary).
Preferably this would produce an exit(1), but this is open to debate, or a potential configuration option.
As found when checking stdin in #21, the
check
functionality currently treats an empty Path specification as normal, giving the output as if rules were processed.This issue could extend #21 in allowing standard input for
check
while providing a message supplied by the program to indicate that no rules were found and as such no rules were processed (indicating as such in the summary).Preferably this would produce an
exit(1)
, but this is open to debate, or a potential configuration option.