Jack Sheriff
Jack Sheriff
A content file may have dangling references, that is, references to objects that are not in the file. This is particularly the case when a matrix references a tactic (`stix.tactic_refs[]`),...
### The Issue Requests sent to the `GET /api/authn/oidc/callback` endpoint must include the cookie which identifies the server-side session for the user. Currently, requests that are missing this cookie result...
The design will be changed to have the client retrieve the collection index directly. This way we will avoid needing to support user authentication in the Collection Manager (since there...
A check subscriptions handler that runs longer than the configurable timeout length should be terminated and the collection index id cleared.
The Collection Manager must implement the endpoint: `POST /api/collectionIndexes/:id/refresh` The endpoint should: - Retrieve the last saved version of the Collection Index from the database using the Workbench REST API...
Currently there is a significant set of collection bundle validation code included directly in the `collectionBundlesController.importBundles()` function. This makes is difficult for other parts of the system to call `collectionBundlesService.importBundles()`...
Mongoose 7.x.x removes support for callbacks, so all calls to Mongoose models and documents need to be refactored to use `async` instead of callbacks before the REST API can upgrade...
The search query string should also match on ATT&CK Id, CAPAC Id, and MTC Id properties where applicable. Also look on platforms and domains where applicable.
Search should look for a match in the source name, target name, source ATT&CK Id, target ATT&CK Id, and description.
The `GET /api/collections/:stixId/modified/:modified` endpoint incorrectly returns the latest of each object in the contents when retrieveContents is true, instead of the object version that is in the `x_mitre_contents` reference.