Invalid STIX bundle data/cybox/e2eStixBundle01.json #1707
Description
Describe the bug
The STIX bundle in data/cybox/e2eStixBundle01.json is invalid. It should not be used for testing. I'm not certain what this file is intended for.
Expected behavior
Negative or invalid test data should be marked as such (e.g. in the filename or the directory it's in).
Screenshots
$ stix2_validator --version 2.0 data/cybox/e2eStixBundle01.json
================================================================================
[-] Results for: data/cybox/e2eStixBundle01.json
[X] STIX JSON: Invalid
[!] Warning: identity--33fa3e56-6511-40de-bc69-c5ffeb3838f9: {213} identity_class contains a value not in the identity-class-ov vocabulary.
[!] Warning: observed-data--ed82dd61-cc41-485b-b608-d278469e6259: {101} Custom Observable Object type 'file:name' should start with 'x-' followed by a source unique identifier (like a domain name with dots replaced by hyphens), a hyphen and then the name.
[!] Warning: observed-data--ed82dd61-cc41-485b-b608-d278469e6259: {101} Custom Observable Object type 'file:hashes.'SHA-256'' should start with 'x-' followed by a source unique identifier (like a domain name with dots replaced by hyphens), a hyphen and then the name.
[!] Warning: observed-data--ed82dd61-cc41-485b-b608-d278469e6259: {101} Cyber Observable Object custom property 'value' should start with 'x_' followed by a source unique identifier (like a domain name with dots replaced by hyphens), a hyphen and then the name.
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.2: {'type': 'url', 'value': 'onedrivefiles.digital'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.5: {'type': 'user-account', 'value': 'e2e user'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.6: {'type': 'file:name', 'value': 'uat_file.exe'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: objects.7: {'type': "file:hashes.'SHA-256'", 'value': 'b0ab7076b0fe4b758d8e6622605d94204cc1b55baf718129cafe750d835ffb21'} is not valid under any of the given schemas:
{'type': 'object', 'oneOf': [{'allOf': [{'$ref': '../common/cyber-observable-core.json'}, {'not': {'properties': {'type': {'type': 'string', 'pattern': '^artifact|directory|file|mutex|process|software|user-account|windows-registry-key|x509-certificate|autonomous-system|domain-name|email-addr|email-message|ipv4-addr|ipv6-addr|mac-addr|network-traffic|url$', 'description': 'Indicates that this object is a custom Observable Object.'}}}}]}, {'$ref': '../observables/artifact.json'}, {'$ref': '../observables/autonomous-system.json'}, {'$ref': '../observables/directory.json'}, {'$ref': '../observables/domain-name.json'}, {'$ref': '../observables/email-addr.json'}, {'$ref': '../observables/email-message.json'}, {'$ref': '../observables/file.json'}, {'$ref': '../observables/ipv4-addr.json'}, {'$ref': '../observables/ipv6-addr.json'}, {'$ref': '../observables/mac-addr.json'}, {'$ref': '../observables/mutex.json'}, {'$ref': '../observables/network-traffic.json'}, {'$ref': '../observables/process.json'}, {'$ref': '../observables/software.json'}, {'$ref': '../observables/url.json'}, {'$ref': '../observables/user-account.json'}, {'$ref': '../observables/windows-registry-key.json'}, {'$ref': '../observables/x509-certificate.json'}]}
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '2': value: 'onedrivefiles.digital' does not match the format of a URL
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '5': 'user_id' is a required property
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '6': type: 'file:name' does not match '^\\-?[a-z0-9]+(-[a-z0-9]+)*\\-?$'
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: object '7': type: "file:hashes.'SHA-256'" does not match '^\\-?[a-z0-9]+(-[a-z0-9]+)*\\-?$'
[X] observed-data--ed82dd61-cc41-485b-b608-d278469e6259: 'parent_directory_ref' in observable object '10' must refer to an object of type 'directory'.
Desktop (please complete the following information):
N/A
Smartphone (please complete the following information):
N/A
Additional context