github-actions[bot]
commented
1 month ago :scream: looks like some things could be wrong with the packs
[INFO][root]: ignoring file dependabot.ymlClosed ben-githubs closed 1 month ago
github-actions[bot]
commented
1 month ago :scream: looks like some things could be wrong with the packs
[INFO][root]: ignoring file dependabot.yml
ben-githubs
commented
1 month ago I have one concern with this: adding it to make lint means that some customers that have malformed MITRE tags will have the lint action fail. This might be a blocking issue for some customers. We may decide to add this as a separate lint action for now (just make lint-mitre or something) and instruct customers to run this on their local rules independently, and then make it part of the general lint action in 3 months or whatever. That way customers have time to see what mappings are broken and action on them before we make it a requirement for lint to pass.
Background
If a rule has a MITRE ATT&CK report mapping with an invalid format, the mapping doesn't resolve properly in the UI. This PR adds some automation to check for misformatted MITRE mappings and alert on them.
See this PR for more details.
This check didn't really fit as part of
pat validateorpat test, since it's concerned with the format of the YAML file, so we chose to add it a script that can be run as part ofmake lint.Changes
.scriptsdirectory, with a python script to check the mapping formatsmake lintis invokedTesting
make lint, and confirm it didn't raise any false positives when no malformed mappings were present