Developing Content
Before you begin, follow the steps to install dependencies and pre-commit hooks
- Create virtualenv and install requirements:
virtualenv venv && source venv/bin/activate && pip install -r requirements.txt. - Install
pre-commit install.
- Select the content piece you want to write.
- Copy an example and edit it to suit your needs. At a minimum, you must write a detection search.
- Make a pull request.
- Run
python bin/validate.py --path . --verbose - For modifications to schema/tags related to detections run
python bin/generate.py -p . -o package
The pull request will trigger a CircleCI, a continuous-integration app that integrates with a VCS and automatically runs a series of steps every time that it detects a change to your repository. A CircleCI build consists of a series of steps, usually validation, generation and deployment. If your tests pass, you're good to go! A repository maintainer will make sure the PR makes it into the next release. Which will be deployed in the ESCU app and our API. If the CircleCI check fails, refer to troubleshooting first, some problems are easily described by CI. If not do not worry, our team will work with you in the PR to make sure your content passes validation and its part of our next release!
Changes to spec along with validation of the fields described in the spec can be accomplished by modifying two files located in:
- github/security-content/spec
- github/security-content/docs/spec
A markdown generation tool for testing changes to the spec needs to be manually installed and run against the relevant json. The tool can be installed from: jsonschema2md
For a more detailed explanation on how to contribute to the project, please see "Contributing"