isaisabel
commented
2 years ago I see you're way ahead of me regarding my comment on your other PR.
To quote something I wrote in my review there which is relevant to this issue:
We also should consider the long term maintenance plan of the two usage documents, the fact they're maintained in parallel means it's easy to accidentally forget to propagate a correction to both.
We may want to remove the MITRE/CTI USAGE document and replace it with a link to this document so we don't have to maintain two in parallel. This instance of the document includes information about the ATT&CK Spec features not available in the STIX 2.0 dataset so they're not completely identical, but the STIX 2.1 additions are clearly marked so it should be OK to remove the MITRE/CTI USAGE in favor of a single document on this repo:
The microlibrary described in the USAGE.md document is slightly out of sync with the one defined in https://github.com/mitre-attack/attack-stix-data, especially since this issue pointed out a discrepancy in how the relationships are filtered.
It might be a good idea to pull out the microlibrary into a separate section, possibly in the mitreattack-python library