tessl/pypi-stix2-validator
APIs and scripts for validating STIX 2.x documents against specification requirements and best practices.
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-stix2-validator@3.2.0index.mddocs/
STIX2-Validator
A comprehensive Python library for validating STIX (Structured Threat Information eXpression) 2.x JSON documents against specification requirements and best practices. The validator ensures conformance with both mandatory "MUST" requirements and recommended "SHOULD" best practices from the STIX 2.0 and 2.1 specifications.
Package Information
- Package Name: stix2-validator
- Language: Python
- Installation:
pip install stix2-validator
Core Imports
import stix2validatorCommon validation functions:
from stix2validator import validate_file, validate_string, validate_instance, print_resultsConfiguration and utilities:
from stix2validator import ValidationOptions, parse_argsException handling:
from stix2validator import ValidationError, NoJSONFileFoundErrorExit codes and CLI utilities:
from stix2validator import codes
from stix2validator.codes import get_code, EXIT_SUCCESS, EXIT_FAILURE
from stix2validator.scripts.stix2_validator import mainBasic Usage
from stix2validator import validate_file, print_results
# Validate a STIX JSON file
results = validate_file("stix_document.json")
print_results(results)
# Check if validation passed
if results.is_valid:
print("STIX document is valid!")
else:
print("Validation errors found")
for error in results.errors:
print(f"Error: {error}")from stix2validator import validate_string, ValidationOptions
# Validate STIX JSON from string with custom options
stix_json = '{"type": "indicator", "id": "indicator--12345678-1234-1234-1234-123456789012", ...}'
options = ValidationOptions(
version="2.1",
strict=True,
verbose=True
)
results = validate_string(stix_json, options)
print(f"Valid: {results.is_valid}")Architecture
The validator follows a layered architecture:
- Validation Functions: Core entry points (validate_file, validate_string, etc.) that handle different input types
- ValidationOptions: Configuration class for customizing validation behavior
- Result Classes: Structured result objects (FileValidationResults, ObjectValidationResults) for validation outcomes
- Schema Validation: JSON Schema-based validation for STIX object structure
- Python Rule Validation: Custom Python functions for rules that cannot be expressed in JSON Schema
- Version-Specific Modules: Separate validation logic for STIX 2.0 and 2.1 specifications
Capabilities
Core Validation Functions
Main validation entry points for different input types including files, strings, Python dictionaries, and parsed JSON objects. These functions form the foundation of STIX document validation.
def validate_file(fn, options=None): ...
def validate_string(string, options=None): ...
def validate_instance(instance, options=None): ...
def validate_parsed_json(obj_json, options=None): ...
def validate(in_, options=None): ...
def run_validation(options): ...Configuration and Options
Comprehensive configuration system for customizing validation behavior, including version selection, strictness levels, custom schema directories, and selective enabling/disabling of validation checks.
class ValidationOptions: ...
def parse_args(cmd_args, is_script=False): ...Result Processing
Structured result classes and output formatting functions for handling validation outcomes, including error reporting, success indicators, and formatted console output with color coding.
class FileValidationResults: ...
class ObjectValidationResults: ...
def print_results(results): ...Exception Handling
Comprehensive exception hierarchy for different validation error scenarios, enabling precise error handling and programmatic response to validation failures.
class ValidationError(Exception): ...
class SchemaError(ValidationError): ...
class NoJSONFileFoundError(OSError): ...Exit Codes and Status
Exit code utilities for command-line integration and programmatic validation result processing, providing standardized status codes for different validation outcomes.
def get_code(results): ...
EXIT_SUCCESS: int
EXIT_FAILURE: int
EXIT_SCHEMA_INVALID: int
EXIT_VALIDATION_ERROR: intExit codes module provides standardized status codes for validation results and CLI integration.
Command-Line Interface
Command-line script entry point and utilities for standalone STIX validation from the command line with comprehensive option support.
def main(): ...The stix2_validator command-line script provides a complete CLI interface for STIX validation with all library features accessible via command-line arguments.
Types
from typing import Union, List
# Validation input types
FileInput = str # File path
StringInput = str # JSON string
InstanceInput = dict # Python dictionary representing STIX object
ParsedJsonInput = Union[dict, list] # Parsed JSON object or list
# Result types
FileValidationResult = FileValidationResults # For validate_file()
ObjectValidationResult = ObjectValidationResults # For validate_instance()
StreamValidationResult = Union[ObjectValidationResults, List[ObjectValidationResults]] # For validate_string(), validate_parsed_json(), validate()
BatchValidationResult = List[FileValidationResults] # For run_validation()
# Exit code constants
EXIT_SUCCESS = 0x0 # All documents valid
EXIT_FAILURE = 0x1 # Fatal system error
EXIT_SCHEMA_INVALID = 0x2 # Schema validation failed
EXIT_VALIDATION_ERROR = 0x10 # Validation error occurred