From fbda8c1849c2bd9912149ee469db29075195a766 Mon Sep 17 00:00:00 2001 From: frack113 <62423083+frack113@users.noreply.github.com> Date: Fri, 28 Jun 2024 13:09:43 +0200 Subject: [PATCH] Remove useless validator --- sigma/validators/core/metadata.py | 35 --------------------- tests/test_validators_metadata.py | 52 ------------------------------- 2 files changed, 87 deletions(-) diff --git a/sigma/validators/core/metadata.py b/sigma/validators/core/metadata.py index 334736db..d13553a7 100644 --- a/sigma/validators/core/metadata.py +++ b/sigma/validators/core/metadata.py @@ -66,22 +66,6 @@ def finalize(self) -> List[SigmaValidationIssue]: ] -@dataclass -class TitleLengthSigmaHQIssue(SigmaValidationIssue): - description = "Rule has a title longer than 110 characters" - severity = SigmaValidationIssueSeverity.MEDIUM - - -class TitleLengthSigmaHQValidator(SigmaRuleValidator): - """Checks if rule has a title length longer than 110.""" - - def validate(self, rule: SigmaRule) -> List[TitleLengthSigmaHQIssue]: - if len(rule.title) > 110: - return [TitleLengthSigmaHQIssue([rule])] - else: - return [] - - @dataclass class DuplicateTitleIssue(SigmaValidationIssue): description: ClassVar[str] = "Rule title used by multiple rules" @@ -208,25 +192,6 @@ def finalize(self) -> List[SigmaValidationIssue]: ] -@dataclass -class FilenameSigmahqIssue(SigmaValidationIssue): - description: ClassVar[str] = "Rule filemane doesn't match SigmaHQ standard" - severity: ClassVar[SigmaValidationIssueSeverity] = SigmaValidationIssueSeverity.HIGH - filename: str - - -class FilenameSigmahqValidator(SigmaRuleValidator): - """Check rule filename match SigmaHQ standard.""" - - def validate(self, rule: SigmaRule) -> List[SigmaValidationIssue]: - filename_pattern = re.compile(r"[a-z0-9_]{10,90}\.yml") - if rule.source is not None: - filename = rule.source.path.name - if filename_pattern.match(filename) is None or not "_" in filename: - return [FilenameSigmahqIssue(rule, filename)] - return [] - - @dataclass class FilenameLenghIssue(SigmaValidationIssue): description: ClassVar[str] = "Rule filename is too short or long" diff --git a/tests/test_validators_metadata.py b/tests/test_validators_metadata.py index e4bd0072..a164b936 100644 --- a/tests/test_validators_metadata.py +++ b/tests/test_validators_metadata.py @@ -11,8 +11,6 @@ IdentifierExistenceIssue, IdentifierUniquenessValidator, IdentifierCollisionIssue, - TitleLengthSigmaHQIssue, - TitleLengthSigmaHQValidator, DuplicateTitleIssue, DuplicateTitleValidator, DuplicateReferencesIssue, @@ -25,8 +23,6 @@ DateExistenceIssue, DuplicateFilenameValidator, DuplicateFilenameIssue, - FilenameSigmahqValidator, - FilenameSigmahqIssue, FilenameLenghValidator, FilenameLenghIssue, CustomAttributesValidator, @@ -117,40 +113,6 @@ def test_validator_identifier_uniqueness(rules_with_id_collision): ] -def test_validator_lengthy_title(): - validator = TitleLengthSigmaHQValidator() - rule = SigmaRule.from_yaml( - """ - title: ThisIsAVeryLongTitleThisIsAVeryLongTitleThisIsAVeryLongTitleThisIsAVeryLongTitleThisIsAVeryLongTitleThisIsAVery - status: test - logsource: - category: test - detection: - sel: - field: path\\*something - condition: sel - """ - ) - assert validator.validate(rule) == [TitleLengthSigmaHQIssue([rule])] - - -def test_validator_lengthy_title_valid(): - validator = TitleLengthSigmaHQValidator() - rule = SigmaRule.from_yaml( - """ - title: Test - status: test - logsource: - category: test - detection: - sel: - field: path\\*something - condition: sel - """ - ) - assert validator.validate(rule) == [] - - def test_validator_duplicate_title(): validator = DuplicateTitleValidator() rule1 = SigmaRule.from_yaml( @@ -362,20 +324,6 @@ def test_validator_duplicate_filename_multiple_rules_in_one_file(): assert validator.finalize() == [] -def test_validator_sigmahqfilename(): - validator = FilenameSigmahqValidator() - sigma_collection = SigmaCollection.load_ruleset(["tests/files/rule_filename_errors"]) - rule = sigma_collection[0] - assert validator.validate(rule) == [FilenameSigmahqIssue([rule], "Name.yml")] - - -def test_validator_sigmahqfilename_valid(): - validator = FilenameSigmahqValidator() - sigma_collection = SigmaCollection.load_ruleset(["tests/files/rule_valid"]) - rule = sigma_collection[0] - assert validator.validate(rule) == [] - - def test_validator_filename_lengh(): validator = FilenameLenghValidator() sigma_collection = SigmaCollection.load_ruleset(["tests/files/rule_filename_errors"])