{"id":16119559,"url":"https://github.com/stephenott/stix-interoperability-runner","last_synced_at":"2025-09-08T05:41:27.232Z","repository":{"id":148176384,"uuid":"234535799","full_name":"StephenOTT/STIX-Interoperability-Runner","owner":"StephenOTT","description":"STIX Interoperability Runner to write and validate STIX Interoperability Spec tests","archived":false,"fork":false,"pushed_at":"2020-02-11T23:52:21.000Z","size":60,"stargazers_count":5,"open_issues_count":8,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-28T09:11:42.942Z","etag":null,"topics":["cybersecurity","oasis","stix"],"latest_commit_sha":null,"homepage":"","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/StephenOTT.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-01-17T11:34:35.000Z","updated_at":"2021-01-12T10:19:59.000Z","dependencies_parsed_at":"2023-05-19T09:00:17.831Z","dependency_job_id":null,"html_url":"https://github.com/StephenOTT/STIX-Interoperability-Runner","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StephenOTT%2FSTIX-Interoperability-Runner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StephenOTT%2FSTIX-Interoperability-Runner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StephenOTT%2FSTIX-Interoperability-Runner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/StephenOTT%2FSTIX-Interoperability-Runner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/StephenOTT","download_url":"https://codeload.github.com/StephenOTT/STIX-Interoperability-Runner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243922128,"owners_count":20369353,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","oasis","stix"],"created_at":"2024-10-09T20:54:27.499Z","updated_at":"2025-03-18T10:31:36.762Z","avatar_url":"https://github.com/StephenOTT.png","language":"Kotlin","funding_links":[],"categories":[],"sub_categories":[],"readme":"# STIX Interoperability Runner (Work in Progress)\n\nThe STIX Interoperability Runner is a Gherkin/Cucumber based testing platform for writing \nand validating STIX interoperability scenarios and tests.\n\nThe runner provides gherkin syntax and cucumber steps to easily write meaningful and relevant STIX import, parse, manipulate, and validation features/scenarios.\n\nGiven the variance in the producers and consumers of STIX and the wide range of interoperability tests that are possible, \nthe runner provides a REST API for getting and submitting data during the tests. You can:\n\n1. Import STIX from JSON files\n1. Submit test start data by submitting to a provided REST endpoint\n1. Get STIX data and test metadata at defined points in a test\n1. Submit data and test metadata at defined points in a test\n\nThe purpose of this functionality is to allow those who are implementing the interoperability tests to choose how they want to validate:\n\n1. They may submit data directly from their application/hardware\n1. Completely automate the process\n1. Run the tests in a manual process where they submit and validate data / scenarios through a tool like [postman](https://getpostman.com)\n1. A test step may be to \"affirm\" that the producer/consumer's system provides access to the data. (this could support file uploads such as pictures if the community really wanted this..)\n\nBy automating, we gain the ability to quickly validate all STIX content against the cost STIX Spec, and then write additional test steps based on the additional needs of interoperability.\nThis will drastically reduce the size of Interoperability Spec business text, and provide repeatable, testable, common set of objective evidence results for interoperability validation.\n\n\nThe runner will provide:\n1. report output of all inputs and outputs\n1. Validation of each step and feature\n1. A plugable STIX Parser, providing a default parser, but can be replaced with other parsers (Kotlin, Python, Go, etc) \n1. Ability to run specific tests/scenarios that are relevant to the producer/consumer that is validating (\"I only want to run the TIP tests\")\n1. Configuration options for starting points, endpoint ports, and other helpful settings.\n\n\n# Example Scenario:\n\nRun the Runner in `com.github.stephenott.stix.interop.Runner`\n\n```gherkin\nFeature: Simple Attack Pattern Imports\n\n Scenario: Import and validate a Attack Pattern from a third-party System\n\n Given a STIX JSON object at \"/json/0_simple_object.json\"\n When I parse it as STIX\n Then it must have property \"key\" as type \"STRING\"\n Then it must be STIX type \"attack-pattern\"\n When wait for take of object at \"GET\" \"/scenario1\"\n When wait for submission of object at \"POST\" \"/scenario1/update\" as \"sub1\"\n Then parse \"sub1\" as an \"AttackPattern\"\n And \"sub1\" must have a different \"created_by_ref\" property\n Then print the object\n Then print parsed object \"sub1\"\n```\n\n-----\n\n# Raw development output\n\n```\nFeature: Simple Attack Pattern Imports\n\n Scenario: Import and validate a Attack Pattern from a third-party System # src/test/resources/features/0_simple_import.feature:3\n Given a STIX JSON object at \"/json/0_simple_object.json\" # En.java:1004\n When I parse it as STIX # En.java:1885\n Then it must have property \"key\" as type \"STRING\" # En.java:1503\n Then it must be STIX type \"attack-pattern\" # En.java:1463\nWiremock on localhost:8081\nwaiting for take at GET /scenario1\nrunning action...CompleterId(id=f4348d3e-4020-489d-ab5b-cafe7767fc09)\nclass com.github.stephenott.stix.interop.glue.CompleterId\nall done action\nALL DONE\n When wait for take of object at \"GET\" \"/scenario1\" # En.java:1962\nWiremock on localhost:8081\nwaiting for submission at POST /scenario1/update\nrunning action...CompleterId(id=e0d334ae-60f9-4618-9987-6e1f29ca95eb)\nclass com.github.stephenott.stix.interop.glue.CompleterId\nall done action\nsubmission with id: sub1 has body of: {\n \"key\": \"value\",\n \"created_by_ref\": \"cats2\",\n \"type\": \"attack-pattern\"\n}\nALL DONE\n When wait for submission of object at \"POST\" \"/scenario1/update\" as \"sub1\" # En.java:2004\n Then parse \"sub1\" as an \"AttackPattern\" # En.java:1503\n And \"sub1\" must have a different \"created_by_ref\" property # En.java:126\n{\"key\":\"value\",\"created_by_ref\":\"cats\",\"type\":\"attack-pattern\"}\n Then print the object # En.java:1426\n{\"key\":\"value\",\"created_by_ref\":\"cats2\",\"type\":\"attack-pattern\"}\n Then print parsed object \"sub1\" # En.java:1463\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstephenott%2Fstix-interoperability-runner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstephenott%2Fstix-interoperability-runner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstephenott%2Fstix-interoperability-runner/lists"}