CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/pypi-stix2-validator

APIs and scripts for validating STIX 2.x documents against specification requirements and best practices.

Overview
Eval results
Files

configuration.mddocs/

Configuration and Options

Comprehensive configuration system for customizing STIX validation behavior, including version selection, strictness levels, custom schema directories, and selective enabling/disabling of validation checks.

Capabilities

ValidationOptions Class

Central configuration class that controls all aspects of STIX validation behavior, supporting both programmatic configuration and command-line argument parsing.

class ValidationOptions:
    """
    Collection of validation options which can be set via command line or programmatically in a script.
    
    Parameters:
    - cmd_args (argparse.Namespace, optional): Command line arguments from argparse
    - version (str, optional): STIX specification version to validate against ("2.0" or "2.1")
    - verbose (bool): Enable verbose output with detailed error messages (default: False)
    - silent (bool): Suppress all output to stdout (default: False)
    - files (List[str], optional): List of input files and directories to validate
    - recursive (bool): Recursively search directories for JSON files (default: False)
    - schema_dir (str, optional): Custom schema directory path for validation
    - disabled (str): Comma-separated list of "SHOULD" check codes to disable (default: "")
    - enabled (str): Comma-separated list of "SHOULD" check codes to enable (default: "")
    - strict (bool): Treat "SHOULD" recommendations as errors instead of warnings (default: False)
    - strict_types (bool): Disallow custom object types (default: False)
    - strict_properties (bool): Disallow custom properties (default: False)
    - enforce_refs (bool): Ensure referenced objects are in the same bundle (default: False)
    - interop (bool): Enable interoperability validation settings (default: False)
    - no_cache (bool): Disable caching of external source values (default: False)
    - refresh_cache (bool): Clear cache and download fresh external values (default: False)
    - clear_cache (bool): Clear external source cache after validation (default: False)
    
    Methods:
    - set_check_codes(version=None): Configure which validation checks are enabled/disabled
    """
    
    def __init__(self, cmd_args=None, version=None, verbose=False, silent=False, 
                 files=None, recursive=False, schema_dir=None, disabled="", 
                 enabled="", strict=False, strict_types=False, 
                 strict_properties=False, enforce_refs=False, interop=False,
                 no_cache=False, refresh_cache=False, clear_cache=False):
        pass
    
    def set_check_codes(self, version=None):
        """
        Set which checks are enabled/disabled based on version and configuration.
        
        Parameters:
        - version (str, optional): STIX version to configure checks for
        """
        pass

Example Usage:

from stix2validator import ValidationOptions, validate_file

# Basic configuration
options = ValidationOptions(
    version="2.1",
    verbose=True
)

# Strict validation configuration
strict_options = ValidationOptions(
    version="2.1",
    strict=True,
    strict_types=True,
    strict_properties=True,
    enforce_refs=True
)

# Custom schema validation
custom_options = ValidationOptions(
    schema_dir="/path/to/custom/schemas",
    version="2.1"
)

# Selective check configuration
selective_options = ValidationOptions(
    version="2.1",
    disabled="101,102",  # Disable custom prefix checks
    enabled="1,2,3"      # Enable specific check categories
)

# Use options with validation
results = validate_file("stix_document.json", strict_options)

Command Line Argument Parsing

Converts command line arguments into ValidationOptions objects, enabling integration with command-line tools and scripts.

def parse_args(cmd_args, is_script=False):
    """
    Parses a list of command line arguments into a ValidationOptions object.
    
    Parameters:
    - cmd_args (List[str]): The list of command line arguments to be parsed
    - is_script (bool): Whether arguments are for standalone script or imported tool (default: False)
    
    Returns:
    ValidationOptions: Configured ValidationOptions instance
    
    Raises:
    SystemExit: If invalid arguments are provided (argparse behavior)
    """

Example Usage:

import sys
from stix2validator import parse_args, run_validation

# Parse command line arguments
options = parse_args(sys.argv[1:], is_script=True)

# Run validation with parsed options
results = run_validation(options)

# Example command line arguments that would be parsed:
# ["--version", "2.1", "--strict", "--verbose", "stix_files/", "--recursive"]
cmd_args = ["--version", "2.1", "--strict", "--verbose", "stix_files/", "--recursive"]
options = parse_args(cmd_args)

print(f"Version: {options.version}")
print(f"Strict mode: {options.strict}")
print(f"Verbose: {options.verbose}")
print(f"Files: {options.files}")
print(f"Recursive: {options.recursive}")

Configuration Options

Version Selection

# STIX 2.0 validation
options_2_0 = ValidationOptions(version="2.0")

# STIX 2.1 validation (default)
options_2_1 = ValidationOptions(version="2.1")

# Default version constant
from stix2validator.util import DEFAULT_VER
print(f"Default STIX version: {DEFAULT_VER}")  # "2.1"

Output Control

# Verbose output with detailed messages
verbose_options = ValidationOptions(verbose=True)

# Silent mode - no stdout output
silent_options = ValidationOptions(silent=True)

# Normal output (default)
normal_options = ValidationOptions(verbose=False, silent=False)

Strictness Levels

# Relaxed validation (warnings only for SHOULD requirements)
relaxed_options = ValidationOptions(strict=False)

# Strict validation (SHOULD requirements become errors)
strict_options = ValidationOptions(strict=True)

# Strict type checking (no custom object types)
type_strict_options = ValidationOptions(strict_types=True)

# Strict property checking (no custom properties)
property_strict_options = ValidationOptions(strict_properties=True)

# Reference enforcement (all referenced objects must be in bundle)
ref_strict_options = ValidationOptions(enforce_refs=True)

# All strict options combined
full_strict_options = ValidationOptions(
    strict=True,
    strict_types=True,
    strict_properties=True,
    enforce_refs=True
)

Check Code Management

# Disable specific validation checks
disabled_checks = ValidationOptions(
    disabled="101,102,111",  # Disable custom prefix and vocab checks
    version="2.1"
)

# Enable only specific checks
enabled_checks = ValidationOptions(
    enabled="1,2",  # Enable only format and approved-values categories
    version="2.1"
)

# Combined enable/disable
selective_checks = ValidationOptions(
    enabled="1,2,3",      # Enable categories 1, 2, 3
    disabled="101,121",   # But disable specific checks 101, 121
    version="2.1"
)

File Processing Options

# Single file validation
single_file_options = ValidationOptions(
    files=["single_document.json"]
)

# Multiple files and directories
multi_file_options = ValidationOptions(
    files=["file1.json", "stix_directory/", "file2.json"],
    recursive=True  # Search directories recursively
)

# Directory-only with recursion
directory_options = ValidationOptions(
    files=["stix_files/", "indicators/"],
    recursive=True
)

Custom Schema Support

# Use custom schema directory
custom_schema_options = ValidationOptions(
    schema_dir="/path/to/custom/stix/schemas",
    version="2.1"
)

# Interoperability mode with specific schema handling
interop_options = ValidationOptions(
    interop=True,
    version="2.1"
)

Advanced Configuration Examples

Enterprise Validation Pipeline

from stix2validator import ValidationOptions, run_validation

# Configure for enterprise threat intelligence pipeline
enterprise_options = ValidationOptions(
    version="2.1",
    strict=True,
    strict_types=False,      # Allow custom threat types
    strict_properties=True,  # But enforce standard properties
    enforce_refs=True,       # Ensure bundle consistency
    disabled="102",          # Allow more flexible custom prefixes
    verbose=True,
    files=["intel_feeds/", "threat_reports/"],
    recursive=True
)

results = run_validation(enterprise_options)

# Process results for enterprise reporting
for result in results:
    if not result.is_valid:
        # Enterprise-specific error handling
        handle_validation_failure(result)

Research Environment Configuration

# Configure for cybersecurity research with flexibility
research_options = ValidationOptions(
    version="2.1",
    strict=False,           # Allow warnings for experimental data
    strict_types=False,     # Allow custom object types for research
    strict_properties=False, # Allow custom properties for extended attributes
    enforce_refs=False,     # Allow cross-bundle references
    enabled="1,2",          # Basic format and value checks only
    verbose=True
)

Production Validation Configuration

# High-security production environment
production_options = ValidationOptions(
    version="2.1",
    strict=True,
    strict_types=True,
    strict_properties=True,
    enforce_refs=True,
    silent=False,  # Log validation results
    verbose=False  # But keep output concise
)

Install with Tessl CLI

npx tessl i tessl/pypi-stix2-validator

docs

cli-utilities.md

configuration.md

core-validation.md

exception-handling.md

index.md

results-output.md

tile.json