Skip to content

[Meta] Refactor Rule Formatter #3558

New issue
New issue
Open
Open
[Meta] Refactor Rule Formatter#3558
Labels
MetaTeam: TRADEbacklogenhancementNew feature or requestpythonInternal python for the repository
@Mikaayenson

Description

@Mikaayenson
Mikaayenson
opened on Apr 2, 2024

Parent Epic (If Applicable)

https://github.com/elastic/security-team/issues/8718

Meta Summary

The formatter was once written when the schemas were flat structures. Now that they have evolved to nested structures, the rule formatter should be refactored.

  • The new solution should easily be able to specify the order of the toml file.
  • The solution should remain consistent and not unintentionally create new sha256 calculations.
  • The solution should still support some of the old features:
    • text wrapping after a certain character limit
    • skipping fields that should not be formatted or normalized

Estimated Time to Complete

Potential Blockers

Tasklist

### Meta Tasks
- [ ] Provide Week 1 Update Comment
- [ ] Provide Week 2 Update or Closeout Comment
- [ ] Leverage tomlkit to refactor how we format our toml rules
- [ ] Develop a CLI command to validate all existing toml files and reformat (lint)
- [ ] Ensure all rules have 
- [ ] Add unit tests for the formatter

Resources / References

Metadata

Metadata

Assignees

No one assigned

    Labels

    MetaTeam: TRADEbacklogenhancementNew feature or requestpythonInternal python for the repository

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions