search

mitre-attack / attack-website

MITRE ATT&CK Website
https://attack.mitre.org
Apache License 2.0
470 stars 143 forks source link

Implement idempotent UUID generation based on content and website ver… #456

Closed seansica closed 10 months ago

seansica commented 10 months ago

Description of what has changed

Changed the UUID generation logic to use CONTENT_VERSION and WEBSITE_VERSION as seeds for idempotent UUID creation. This ensures consistent UUIDs for the same content and website versions, optimizing storage usage and preventing the creation of redundant IndexedDB tables.

Issues addressed by pull request

Closes #455.

Testing

UUID idempotence was tested with the following script:

import hashlib

def generate_uuid_from_seeds(content_version, website_version):
    """
    Generate a UUID based on the given content_version and website_version.

    Args:
    - content_version (str): Semantic version of the content without a leading 'v'.
    - website_version (str): Semantic version of the website with a leading 'v'.

    Returns:
    - str: A UUID generated based on the two versions.
    """
    # Combine and hash the values
    seed = f"{content_version}-{website_version}".encode('utf-8')
    hashed_seed = hashlib.md5(seed).hexdigest()

    # Convert the first 32 characters of the hash to a UUID format
    return '-'.join([hashed_seed[i:i+length] for i, length in zip([0, 8, 12, 16, 20], [8, 4, 4, 4, 12])])

def test_uuid_idempotency():
    """
    Test the idempotency of the UUID generation.
    """
    test_pairs = [
        ("4.0.4", "v13.1"),
        ("4.0.5", "v13.2"),
        ("5.0.0", "v14.0")
    ]

    for content, website in test_pairs:
        first_uuid = generate_uuid_from_seeds(content, website)
        second_uuid = generate_uuid_from_seeds(content, website)

        assert first_uuid == second_uuid, f"UUIDs for {content}-{website} are not idempotent."
        print(f"UUID for {content}-{website}: {first_uuid}")

if __name__ == "__main__":
    test_uuid_idempotency()

Output:

❯ python3 test_uuid.py
UUID for 4.0.4-v13.1: 112d7f46-f2b7-3723-0d6d-f9d1938c70e6
UUID for 4.0.5-v13.2: c42f3ff0-edc1-63d5-ce44-43662b9e4939
UUID for 5.0.0-v14.0: 54e7ea6c-81c0-c8a4-50aa-ba42449be348
sonarcloud[bot] commented 10 months ago

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot E 1 Security Hotspot
Code Smell A 0 Code Smells

0.0% 0.0% Coverage
0.0% 0.0% Duplication

idea Catch issues before they fail your Quality Gate with our IDE extension sonarlint SonarLint