cti-stix message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: cti-pattern-validator - Operations question
- From: "Jason Keirstead" <Jason.Keirstead@ca.ibm.com>
- To: cti-stix@lists.oasis-open.org
- Date: Wed, 31 Oct 2018 10:19:45 -0400
Hello everyone. IBM is attempting to develop
& maintain STIX 2.1 provisional support in our STIX-Shifter project.
As part of that project, we are utilizing the cti-pattern-validator as
a dependancy to validate the SCO queries submitted.
Because of this, we are running into
a logistical problem, outlined as follows:
STIX-Shifter build process consumes
cti-pattern-validator from PyPi
... yet we want to support STIX 2.1,
and cti-pattern-validator does not support it yet
... which means the module in Pypi does
not support it
... yet the cti-pattern-validator key
maintainers are not yet ready to add 2.1 support until a CS is released
We are trying to figure out a clean
solution to this problem that avoids us creating a fork or copy of this
module.
Currently, we are simply bypassing all
validation if the pattern appears to have any 2.1-isms.
IBM is willing to start doing work on
a 2.1 branch on cti-pattern-validator, however, we would also need to start
publishing said module with provisional 2.1 support to Pypi
Interested in input on how to work through
this challenge.
-
Jason Keirstead
Lead Architect - IBM.Security
www.ibm.com/security
"Things may come to those who wait, but only the things left by those
who hustle." - Unknown
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]