diff --git a/.github/workflows/python-ci-tests.yml b/.github/workflows/python-ci-tests.yml
index 8242723..692dfb5 100644
--- a/.github/workflows/python-ci-tests.yml
+++ b/.github/workflows/python-ci-tests.yml
@@ -25,7 +25,7 @@ jobs:
pip install stix2-validator
- name: Install npm dependencies
run: |
- npm install -g ajv-cli ajv-formats-draft2019
+ npm install -g ajv-cli ajv-formats-draft2019 ajv-formats
- name: Test Examples
run: |
./test_examples.sh
diff --git a/README.md b/README.md
index 867c241..e141856 100644
--- a/README.md
+++ b/README.md
@@ -38,9 +38,10 @@ Initially, the associated TC members have designated one or more persons to serv
**Current Maintainers of this TC Open Repository**
- * [Chris Lenk](mailto:clenk@mitre.org); GitHub ID: [https://github.com/clenk](https://github.com/clenk); WWW: [MITRE](https://www.mitre.org)
* [Jason Keirstead](mailto:Jason.Keirstead@ca.ibm.com); GitHub ID: [https://github.com/JasonKeirstead](https://github.com/JasonKeirstead); WWW: [IBM](http://www.ibm.com/)
-
+ * [Emily Ratliff](mailto:Emily.Ratliff@ibm.com); GitHub ID: [https://github.com/ejratl](https://github.com/ejratl); WWW: [IBM](http://www.ibm.com/)
+ * [Duncan Sparrell](mailto:duncan@sfractal.com); GitHub ID: [https://github.com/sparrell](https://github.com/sparrell); WWW: [sFractal](http://sfractal.com/)
+
## About OASIS TC Open Repositories
* [TC Open Repositories: Overview and Resources](https://www.oasis-open.org/resources/open-repositories/)
diff --git a/examples/interop-objectmarking-test.json b/examples/interop-objectmarking-test.json
new file mode 100644
index 0000000..8dbba8d
--- /dev/null
+++ b/examples/interop-objectmarking-test.json
@@ -0,0 +1,21 @@
+{
+ "type": "campaign",
+ "spec_version": "2.1",
+ "id": "campaign--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
+ "created": "2016-05-12T08:17:27.000Z",
+ "modified": "2016-05-12T08:17:27.000Z",
+ "created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
+ "name": "Spear Phishing",
+ "external_references": [
+ {
+ "source_name": "capec",
+ "external_id": "CAPEC-163"
+ }
+ ],
+ "object_marking_refs": [
+ "marking-definition--5e57c739-391a-4eb3-b6be-7d15ca92d5ed",
+ "marking-definition--5e57c739-391a-4eb3-b6be-7d15ca92d5ec"
+ ]
+ }
+
+
\ No newline at end of file
diff --git a/interop/attack-pattern.json b/interop/attack-pattern.json
new file mode 100644
index 0000000..8d07ab8
--- /dev/null
+++ b/interop/attack-pattern.json
@@ -0,0 +1,17 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/attack-pattern.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/attack-pattern.json"
+ }
+ ],
+ "required": [
+ "external_references",
+ "kill_chain_phases",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/campaign.json b/interop/campaign.json
new file mode 100644
index 0000000..d41cf9d
--- /dev/null
+++ b/interop/campaign.json
@@ -0,0 +1,15 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/campaign.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/campaign.json"
+ }
+ ],
+ "required": [
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/core.json b/interop/core.json
new file mode 100644
index 0000000..2bfd506
--- /dev/null
+++ b/interop/core.json
@@ -0,0 +1,39 @@
+{
+ "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/core.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "title": "core",
+ "description": "Unique interop properties",
+ "type": "object",
+ "allOf": [
+ {
+ "$ref": "../schemas/common/core.json"
+ },
+ {
+ "properties": {
+ "object_marking_refs": {
+ "type": "array",
+ "description": "The list of marking-definition objects to be applied to this object.",
+ "contains": {
+ "pattern":"^marking-definition--((613f2e26-407d-48c7-9eca-b8e91df99dc9)|(34098fce-860f-48ae-8e50-ebd3cc5e41da)|(f88d31f6-486f-44da-b317-01333bde0b82)|(5e57c739-391a-4eb3-b6be-7d15ca92d5ed))$"
+ },
+ "minContains": 0,
+ "maxContains": 1,
+ "items": {
+ "allOf":[
+ {
+ "$ref": "../schemas/common/identifier.json"
+ },
+ {
+ "pattern": "^marking-definition--"
+
+ }
+ ]
+ },
+ "minItems": 1
+ }
+ }
+ }
+
+ ]
+
+ }
\ No newline at end of file
diff --git a/interop/course-of-action.json b/interop/course-of-action.json
new file mode 100644
index 0000000..139de8f
--- /dev/null
+++ b/interop/course-of-action.json
@@ -0,0 +1,16 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/campaign.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "$ref": "../schemas/sdos/course-of-action.json",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/course-of-action.json"
+ }
+ ],
+ "required": [
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/grouping.json b/interop/grouping.json
new file mode 100644
index 0000000..b5bf071
--- /dev/null
+++ b/interop/grouping.json
@@ -0,0 +1,15 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/grouping.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/grouping.json"
+ }
+ ],
+ "required": [
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/indicator.json b/interop/indicator.json
new file mode 100644
index 0000000..7082d96
--- /dev/null
+++ b/interop/indicator.json
@@ -0,0 +1,17 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/indicator.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/indicator.json"
+ }
+ ],
+ "required": [
+ "name",
+ "indicator_types",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/infrastructure.json b/interop/infrastructure.json
new file mode 100644
index 0000000..e0ca226
--- /dev/null
+++ b/interop/infrastructure.json
@@ -0,0 +1,16 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/infrastructure.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/infrastructure.json"
+ }
+ ],
+ "required": [
+ "infrastructure_types",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/intrusion-set.json b/interop/intrusion-set.json
new file mode 100644
index 0000000..8ada25b
--- /dev/null
+++ b/interop/intrusion-set.json
@@ -0,0 +1,17 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/intrusion-set.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/intrusion-set.json"
+ }
+ ],
+ "required": [
+ "resource_level",
+ "primary_motivation",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/location.json b/interop/location.json
new file mode 100644
index 0000000..4fee5b4
--- /dev/null
+++ b/interop/location.json
@@ -0,0 +1,16 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/location.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/location.json"
+ }
+ ],
+ "required": [
+ "region",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/malware-analysis.json b/interop/malware-analysis.json
new file mode 100644
index 0000000..f1c6088
--- /dev/null
+++ b/interop/malware-analysis.json
@@ -0,0 +1,20 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/malware-analysis.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/malware-analysis.json"
+ }
+ ],
+ "required": [
+ "version",
+ "submitted",
+ "analysis_started",
+ "analysis_ended",
+ "result",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/malware.json b/interop/malware.json
new file mode 100644
index 0000000..2e16d4c
--- /dev/null
+++ b/interop/malware.json
@@ -0,0 +1,23 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/malware.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "$ref": "../schemas/sdos/malware.json",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/malware.json"
+ }
+ ],
+ "required": [
+ "name",
+ "malware_types",
+ "first_seen",
+ "last_seen",
+ "architecture_exectuion_envs",
+ "implementation_languages",
+ "capabiliites",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/note.json b/interop/note.json
new file mode 100644
index 0000000..35308b3
--- /dev/null
+++ b/interop/note.json
@@ -0,0 +1,15 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/note.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/note.json"
+ }
+ ],
+ "required": [
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/observed-data.json b/interop/observed-data.json
new file mode 100644
index 0000000..dad0002
--- /dev/null
+++ b/interop/observed-data.json
@@ -0,0 +1,16 @@
+{
+ "$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/interop/observed-data.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/observed-data.json"
+ }
+ ],
+ "required": [
+ "object_refs",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/opinion.json b/interop/opinion.json
new file mode 100644
index 0000000..3aeaae7
--- /dev/null
+++ b/interop/opinion.json
@@ -0,0 +1,15 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/opinion.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/opinion.json"
+ }
+ ],
+ "required": [
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/relationship.json b/interop/relationship.json
new file mode 100644
index 0000000..963e57d
--- /dev/null
+++ b/interop/relationship.json
@@ -0,0 +1,15 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/relationship.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sros/relationship.json"
+ }
+ ],
+ "required": [
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/report.json b/interop/report.json
new file mode 100644
index 0000000..a6dacec
--- /dev/null
+++ b/interop/report.json
@@ -0,0 +1,16 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/report.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/report.json"
+ }
+ ],
+ "required": [
+ "report_types",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/sighting.json b/interop/sighting.json
new file mode 100644
index 0000000..f74d3b7
--- /dev/null
+++ b/interop/sighting.json
@@ -0,0 +1,18 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/sighting.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sros/sighting.json"
+ }
+ ],
+ "required": [
+ "first_seen",
+ "last_seen",
+ "count",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/threat-actor.json b/interop/threat-actor.json
new file mode 100644
index 0000000..9175470
--- /dev/null
+++ b/interop/threat-actor.json
@@ -0,0 +1,20 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/threat-actor.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/threat-actor.json"
+ }
+ ],
+ "required": [
+ "threat_actor_types",
+ "roles",
+ "sophistication",
+ "resource_level",
+ "primary_motivation",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/tool.json b/interop/tool.json
new file mode 100644
index 0000000..046beee
--- /dev/null
+++ b/interop/tool.json
@@ -0,0 +1,16 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/tool.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/tool.json"
+ }
+ ],
+ "required": [
+ "tool_types",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/interop/vulnerability.json b/interop/vulnerability.json
new file mode 100644
index 0000000..3ef6d13
--- /dev/null
+++ b/interop/vulnerability.json
@@ -0,0 +1,16 @@
+{
+ "$id":"http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/interop/vulnerability.json",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
+ "allOf": [
+ {
+ "$ref": "core.json"
+ },
+ {
+ "$ref": "../schemas/sdos/vulnerability.json"
+ }
+ ],
+ "required": [
+ "external_references:",
+ "created_by_ref"
+ ]
+}
\ No newline at end of file
diff --git a/schemas/common/binary.json b/schemas/common/binary.json
index 95a7c20..254f0d8 100644
--- a/schemas/common/binary.json
+++ b/schemas/common/binary.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/binary.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "binary",
"description": "The binary data type represents a sequence of bytes. In order to allow pattern matching on custom objects, for all properties that use the binary type, the property name MUST end with '_bin'. The JSON MTI serialization represents this as a base64-encoded string as specified in RFC4648. Other serializations SHOULD use a native binary type, if available.",
"type": "string",
diff --git a/schemas/common/bundle.json b/schemas/common/bundle.json
index a0b9a3b..847d61d 100644
--- a/schemas/common/bundle.json
+++ b/schemas/common/bundle.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/bundle.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "bundle",
"description": "A Bundle is a collection of arbitrary STIX Objects and Marking Definitions grouped together in a single container.",
"type": "object",
diff --git a/schemas/common/core.json b/schemas/common/core.json
index 0ef9cc6..1e10205 100644
--- a/schemas/common/core.json
+++ b/schemas/common/core.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/core.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "core",
"description": "Common properties and behavior across all STIX Domain Objects and STIX Relationship Objects.",
"type": "object",
@@ -148,4 +148,4 @@
"created",
"modified"
]
-}
+}
\ No newline at end of file
diff --git a/schemas/common/cyber-observable-core.json b/schemas/common/cyber-observable-core.json
index fe2b269..969d98c 100644
--- a/schemas/common/cyber-observable-core.json
+++ b/schemas/common/cyber-observable-core.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/cyber-observable-core.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "cyber-observable-core",
"description": "Common properties and behavior across all Cyber Observable Objects.",
"type": "object",
diff --git a/schemas/common/dictionary.json b/schemas/common/dictionary.json
index d835b1d..3a26493 100644
--- a/schemas/common/dictionary.json
+++ b/schemas/common/dictionary.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/dictionary.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "dictionary",
"description": "A dictionary captures a set of key/value pairs",
"type": "object",
diff --git a/schemas/common/extension-definition.json b/schemas/common/extension-definition.json
index 7a7c3db..060b870 100644
--- a/schemas/common/extension-definition.json
+++ b/schemas/common/extension-definition.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/extension-definition.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "extension-definition",
"description": "The STIX Extension Definition object allows producers of threat intelligence to extend existing STIX objects or to create entirely new STIX objects in a standardized way.",
"type": "object",
diff --git a/schemas/common/extension.json b/schemas/common/extension.json
index b2b5358..ffd8a08 100644
--- a/schemas/common/extension.json
+++ b/schemas/common/extension.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/extension.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"type": "object",
"minProperties": 1,
"properties": {
diff --git a/schemas/common/external-reference.json b/schemas/common/external-reference.json
index 3902a9c..632e3ad 100644
--- a/schemas/common/external-reference.json
+++ b/schemas/common/external-reference.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/external-reference.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "external-reference",
"description": "External references are used to describe pointers to information represented outside of STIX.",
"type": "object",
diff --git a/schemas/common/granular-marking.json b/schemas/common/granular-marking.json
index dcdec2e..c5f664a 100644
--- a/schemas/common/granular-marking.json
+++ b/schemas/common/granular-marking.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/granular-marking.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "granular-marking",
"description": "The granular-marking type defines how the list of marking-definition objects referenced by the marking_refs property to apply to a set of content identified by the list of selectors in the selectors property.",
"type": "object",
diff --git a/schemas/common/hashes-type.json b/schemas/common/hashes-type.json
index 64cd575..7ee62ed 100644
--- a/schemas/common/hashes-type.json
+++ b/schemas/common/hashes-type.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/hashes-type.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "hashes",
"description": "The Hashes type represents one or more cryptographic hashes, as a special set of key/value pairs",
"type": "object",
diff --git a/schemas/common/hex.json b/schemas/common/hex.json
index c71d008..0f257e0 100644
--- a/schemas/common/hex.json
+++ b/schemas/common/hex.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/hex.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "hex",
"description": "The hex data type encodes an array of octets (8-bit bytes) as hexadecimal. The string MUST consist of an even number of hexadecimal characters, which are the digits '0' through '9' and the letters 'a' through 'f'. In order to allow pattern matching on custom objects, all properties that use the hex type, the property name MUST end with '_hex'.",
"type": "string",
diff --git a/schemas/common/identifier.json b/schemas/common/identifier.json
index 178d17f..923b723 100644
--- a/schemas/common/identifier.json
+++ b/schemas/common/identifier.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/identifier.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "identifier",
"description": "Represents identifiers across the CTI specifications. The format consists of the name of the top-level object being identified, followed by two dashes (--), followed by a UUIDv4.",
"type": "string",
diff --git a/schemas/common/kill-chain-phase.json b/schemas/common/kill-chain-phase.json
index b013b7b..d437b03 100644
--- a/schemas/common/kill-chain-phase.json
+++ b/schemas/common/kill-chain-phase.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/kill-chain-phase.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "kill-chain-phase",
"description": "The kill-chain-phase represents a phase in a kill chain.",
"type": "object",
diff --git a/schemas/common/language-content.json b/schemas/common/language-content.json
index a8aa7a2..170e05f 100644
--- a/schemas/common/language-content.json
+++ b/schemas/common/language-content.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/language-content.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "language-content",
"description": "The language-content object represents text content for STIX Objects represented in languages other than that of the original object.",
"type": "object",
diff --git a/schemas/common/marking-definition.json b/schemas/common/marking-definition.json
index f5f9098..7abd4a7 100644
--- a/schemas/common/marking-definition.json
+++ b/schemas/common/marking-definition.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/marking-definition.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "marking-definition",
"description": "The marking-definition object represents a specific marking.",
"type": "object",
diff --git a/schemas/common/properties.json b/schemas/common/properties.json
index 29fda66..510ca2e 100644
--- a/schemas/common/properties.json
+++ b/schemas/common/properties.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/properties.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "properties",
"description": "Rules for custom properties",
"patternProperties": {
diff --git a/schemas/common/timestamp.json b/schemas/common/timestamp.json
index ff89ffe..555b6ef 100644
--- a/schemas/common/timestamp.json
+++ b/schemas/common/timestamp.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/timestamp.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "timestamp",
"description": "Represents timestamps across the CTI specifications. The format is an RFC3339 timestamp, with a required timezone specification of 'Z'.",
"type": "string",
diff --git a/schemas/common/url-regex.json b/schemas/common/url-regex.json
index 0ad192a..4c69a34 100644
--- a/schemas/common/url-regex.json
+++ b/schemas/common/url-regex.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/common/url-regex.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "url-regex",
"description": "Matches a URI according to RFC 3986.",
"type": "string",
diff --git a/schemas/observables/artifact.json b/schemas/observables/artifact.json
index 9076518..84bf512 100644
--- a/schemas/observables/artifact.json
+++ b/schemas/observables/artifact.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/artifact.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "artifact",
"description": "The Artifact Object permits capturing an array of bytes (8-bits), as a base64-encoded string string, or linking to a file-like payload.",
"type": "object",
diff --git a/schemas/observables/autonomous-system.json b/schemas/observables/autonomous-system.json
index fad576b..3279630 100644
--- a/schemas/observables/autonomous-system.json
+++ b/schemas/observables/autonomous-system.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/autonomous-system.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "autonomous-system",
"description": "The AS object represents the properties of an Autonomous Systems (AS).",
"type": "object",
diff --git a/schemas/observables/directory.json b/schemas/observables/directory.json
index 136bc3b..955171b 100644
--- a/schemas/observables/directory.json
+++ b/schemas/observables/directory.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/directory.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "directory",
"description": "The Directory Object represents the properties common to a file system directory.",
"type": "object",
diff --git a/schemas/observables/domain-name.json b/schemas/observables/domain-name.json
index c8026ad..39de662 100644
--- a/schemas/observables/domain-name.json
+++ b/schemas/observables/domain-name.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/domain-name.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "domain-name",
"description": "The Domain Name represents the properties of a network domain name.",
"type": "object",
diff --git a/schemas/observables/email-addr.json b/schemas/observables/email-addr.json
index 1583c8f..0bba9ff 100644
--- a/schemas/observables/email-addr.json
+++ b/schemas/observables/email-addr.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/email-addr.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "email-addr",
"description": "The Email Address Object represents a single email address.",
"type": "object",
diff --git a/schemas/observables/email-message.json b/schemas/observables/email-message.json
index 0658e99..e07bdc7 100644
--- a/schemas/observables/email-message.json
+++ b/schemas/observables/email-message.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/email-message.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "email-message",
"description": "The Email Message Object represents an instance of an email message.",
"type": "object",
diff --git a/schemas/observables/file.json b/schemas/observables/file.json
index 4cb7f75..31cfc71 100644
--- a/schemas/observables/file.json
+++ b/schemas/observables/file.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/file.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "file",
"description": "The File Object represents the properties of a file.",
"type": "object",
diff --git a/schemas/observables/ipv4-addr.json b/schemas/observables/ipv4-addr.json
index c5e5162..9b2c068 100644
--- a/schemas/observables/ipv4-addr.json
+++ b/schemas/observables/ipv4-addr.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/ipv4-addr.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "ipv4-addr",
"description": "The IPv4 Address Object represents one or more IPv4 addresses expressed using CIDR notation.",
"type": "object",
diff --git a/schemas/observables/ipv6-addr.json b/schemas/observables/ipv6-addr.json
index 11b2aa3..48ccf5e 100644
--- a/schemas/observables/ipv6-addr.json
+++ b/schemas/observables/ipv6-addr.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/ipv6-addr.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "ipv6-addr",
"description": "The IPv6 Address Object represents one or more IPv6 addresses expressed using CIDR notation.",
"type": "object",
diff --git a/schemas/observables/mac-addr.json b/schemas/observables/mac-addr.json
index 2f84b8e..03480f3 100644
--- a/schemas/observables/mac-addr.json
+++ b/schemas/observables/mac-addr.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/mac-addr.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "mac-addr",
"description": "The MAC Address Object represents a single Media Access Control (MAC) address.",
"type": "object",
diff --git a/schemas/observables/mutex.json b/schemas/observables/mutex.json
index 8415c4d..2d8ad28 100644
--- a/schemas/observables/mutex.json
+++ b/schemas/observables/mutex.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/mutex.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "mutex",
"description": "The Mutex Object represents the properties of a mutual exclusion (mutex) object.",
"type": "object",
diff --git a/schemas/observables/network-traffic.json b/schemas/observables/network-traffic.json
index c233015..2a4cfb8 100644
--- a/schemas/observables/network-traffic.json
+++ b/schemas/observables/network-traffic.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/network-traffic.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "network-traffic",
"description": "The Network Traffic Object represents arbitrary network traffic that originates from a source and is addressed to a destination.",
"type": "object",
diff --git a/schemas/observables/process.json b/schemas/observables/process.json
index 5f698ec..2dcfd57 100644
--- a/schemas/observables/process.json
+++ b/schemas/observables/process.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/process.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "process",
"description": "The Process Object represents common properties of an instance of a computer program as executed on an operating system.",
"type": "object",
diff --git a/schemas/observables/software.json b/schemas/observables/software.json
index a40b228..fd10dc4 100644
--- a/schemas/observables/software.json
+++ b/schemas/observables/software.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/software.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "software",
"description": "The Software Object represents high-level properties associated with software, including software products.",
"type": "object",
diff --git a/schemas/observables/url.json b/schemas/observables/url.json
index 3493482..5072276 100644
--- a/schemas/observables/url.json
+++ b/schemas/observables/url.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/url.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "url",
"description": "The URL Object represents the properties of a uniform resource locator (URL).",
"type": "object",
diff --git a/schemas/observables/user-account.json b/schemas/observables/user-account.json
index b2cb1e7..7d374e9 100644
--- a/schemas/observables/user-account.json
+++ b/schemas/observables/user-account.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/user-account.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "user-account",
"description": "The User Account Object represents an instance of any type of user account, including but not limited to operating system, device, messaging service, and social media platform accounts.",
"type": "object",
diff --git a/schemas/observables/windows-registry-key.json b/schemas/observables/windows-registry-key.json
index c71468c..8634e11 100644
--- a/schemas/observables/windows-registry-key.json
+++ b/schemas/observables/windows-registry-key.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/windows-registry-key.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "windows-registry-key",
"description": "The Registry Key Object represents the properties of a Windows registry key.",
"type": "object",
diff --git a/schemas/observables/x509-certificate.json b/schemas/observables/x509-certificate.json
index 1eda586..66bbd53 100644
--- a/schemas/observables/x509-certificate.json
+++ b/schemas/observables/x509-certificate.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/observables/x509-certificate.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "x509-certificate",
"description": "The X509 Certificate Object represents the properties of an X.509 certificate.",
"type": "object",
diff --git a/schemas/sdos/attack-pattern.json b/schemas/sdos/attack-pattern.json
index 5fa1cda..e2c27d6 100644
--- a/schemas/sdos/attack-pattern.json
+++ b/schemas/sdos/attack-pattern.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/attack-pattern.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "attack-pattern",
"description": "Attack Patterns are a type of TTP that describe ways that adversaries attempt to compromise targets. ",
"type": "object",
diff --git a/schemas/sdos/campaign.json b/schemas/sdos/campaign.json
index fe4576c..07cac45 100644
--- a/schemas/sdos/campaign.json
+++ b/schemas/sdos/campaign.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/campaign.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "campaign",
"description": "A Campaign is a grouping of adversary behavior that describes a set of malicious activities or attacks that occur over a period of time against a specific set of targets.",
"type": "object",
diff --git a/schemas/sdos/course-of-action.json b/schemas/sdos/course-of-action.json
index 3217d3c..742ae66 100644
--- a/schemas/sdos/course-of-action.json
+++ b/schemas/sdos/course-of-action.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/course-of-action.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "course-of-action",
"description": "A Course of Action is an action taken either to prevent an attack or to respond to an attack that is in progress. ",
"type": "object",
diff --git a/schemas/sdos/grouping.json b/schemas/sdos/grouping.json
index 3985214..3d12dd2 100644
--- a/schemas/sdos/grouping.json
+++ b/schemas/sdos/grouping.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/grouping.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "grouping",
"description": "A Grouping object explicitly asserts that the referenced STIX Objects have a shared content.",
"type": "object",
diff --git a/schemas/sdos/identity.json b/schemas/sdos/identity.json
index b73afc3..26b1895 100644
--- a/schemas/sdos/identity.json
+++ b/schemas/sdos/identity.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/identity.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "identity",
"description": "Identities can represent actual individuals, organizations, or groups (e.g., ACME, Inc.) as well as classes of individuals, organizations, or groups.",
"type": "object",
diff --git a/schemas/sdos/incident.json b/schemas/sdos/incident.json
index 33e43d5..772d3e8 100644
--- a/schemas/sdos/incident.json
+++ b/schemas/sdos/incident.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/incident.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "incident",
"description": "The Incident object in STIX 2.1 is a stub, to be expanded in future STIX 2 releases.",
"type": "object",
diff --git a/schemas/sdos/indicator.json b/schemas/sdos/indicator.json
index e2db857..23f32aa 100644
--- a/schemas/sdos/indicator.json
+++ b/schemas/sdos/indicator.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/indicator.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "indicator",
"description": "Indicators contain a pattern that can be used to detect suspicious or malicious cyber activity.",
"type": "object",
diff --git a/schemas/sdos/infrastructure.json b/schemas/sdos/infrastructure.json
index 1495971..90a5687 100644
--- a/schemas/sdos/infrastructure.json
+++ b/schemas/sdos/infrastructure.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/infrastructure.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "infrastructure",
"description": "Infrastructure objects describe systems, software services, and associated physical or virtual resources.",
"type": "object",
diff --git a/schemas/sdos/intrusion-set.json b/schemas/sdos/intrusion-set.json
index af1a335..4e9b53b 100644
--- a/schemas/sdos/intrusion-set.json
+++ b/schemas/sdos/intrusion-set.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/intrusion-set.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "intrusion-set",
"description": "An Intrusion Set is a grouped set of adversary behavior and resources with common properties that is believed to be orchestrated by a single organization.",
"type": "object",
diff --git a/schemas/sdos/location.json b/schemas/sdos/location.json
index 68bba68..0aa981b 100644
--- a/schemas/sdos/location.json
+++ b/schemas/sdos/location.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/location.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "location",
"description": "A Location represents a geographic location. The location may be described as any, some or all of the following: region (e.g., North America), civic address (e.g. New York, US), latitude and longitude.",
"type": "object",
diff --git a/schemas/sdos/malware-analysis.json b/schemas/sdos/malware-analysis.json
index 4e48489..e12dd32 100644
--- a/schemas/sdos/malware-analysis.json
+++ b/schemas/sdos/malware-analysis.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/malware-analysis.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "malware-analysis",
"description": "Malware Analysis captures the metadata and results of a particular analysis performed (static or dynamic) on the malware instance or family.",
"type": "object",
diff --git a/schemas/sdos/malware.json b/schemas/sdos/malware.json
index 5ac094b..aaa7f33 100644
--- a/schemas/sdos/malware.json
+++ b/schemas/sdos/malware.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/malware.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "malware",
"description": "Malware is a type of TTP that is also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim's data, applications, or operating system (OS) or of otherwise annoying or disrupting the victim.",
"type": "object",
diff --git a/schemas/sdos/note.json b/schemas/sdos/note.json
index 0f70431..1ae4dba 100644
--- a/schemas/sdos/note.json
+++ b/schemas/sdos/note.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/note.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "note",
"description": "A Note is a comment or note containing informative text to help explain the context of one or more STIX Objects (SDOs or SROs) or to provide additional analysis that is not contained in the original object.",
"type": "object",
diff --git a/schemas/sdos/observed-data.json b/schemas/sdos/observed-data.json
index df54fc4..7c702e6 100644
--- a/schemas/sdos/observed-data.json
+++ b/schemas/sdos/observed-data.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/observed-data.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "observed-data",
"description": "Observed data conveys information that was observed on systems and networks, such as log data or network traffic, using the Cyber Observable specification.",
"type": "object",
diff --git a/schemas/sdos/opinion.json b/schemas/sdos/opinion.json
index bd50e0b..04b62f6 100644
--- a/schemas/sdos/opinion.json
+++ b/schemas/sdos/opinion.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/opinion.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "opinion",
"description": "An Opinion is an assessment of the correctness of the information in a STIX Object produced by a different entity and captures the level of agreement or disagreement using a fixed scale.",
"type": "object",
diff --git a/schemas/sdos/report.json b/schemas/sdos/report.json
index 943939a..dab1592 100644
--- a/schemas/sdos/report.json
+++ b/schemas/sdos/report.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/report.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "report",
"description": "Reports are collections of threat intelligence focused on one or more topics, such as a description of a threat actor, malware, or attack technique, including context and related details.",
"type": "object",
diff --git a/schemas/sdos/threat-actor.json b/schemas/sdos/threat-actor.json
index 2390715..9206b7b 100644
--- a/schemas/sdos/threat-actor.json
+++ b/schemas/sdos/threat-actor.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/threat-actor.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "threat-actor",
"description": "Threat Actors are actual individuals, groups, or organizations believed to be operating with malicious intent.",
"type": "object",
diff --git a/schemas/sdos/tool.json b/schemas/sdos/tool.json
index daa65dd..7af850e 100644
--- a/schemas/sdos/tool.json
+++ b/schemas/sdos/tool.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/tool.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "tool",
"description": "Tools are legitimate software that can be used by threat actors to perform attacks.",
"type": "object",
diff --git a/schemas/sdos/vulnerability.json b/schemas/sdos/vulnerability.json
index 3845452..06be3ac 100644
--- a/schemas/sdos/vulnerability.json
+++ b/schemas/sdos/vulnerability.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sdos/vulnerability.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "vulnerability",
"description": "A Vulnerability is a mistake in software that can be directly used by a hacker to gain access to a system or network.",
"type": "object",
diff --git a/schemas/sros/relationship.json b/schemas/sros/relationship.json
index 6a18f78..ad9faa5 100644
--- a/schemas/sros/relationship.json
+++ b/schemas/sros/relationship.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sros/relationship.json",
- "$schema": "http://json-schema.org/draft-07/schema#",
+ "$schema": "http://json-schema.org/draft/2020-12/schema#",
"title": "relationship",
"description": "The Relationship object is used to link together two SDOs in order to describe how they are related to each other.",
"type": "object",
diff --git a/schemas/sros/sighting.json b/schemas/sros/sighting.json
index 79e1908..c3ee579 100644
--- a/schemas/sros/sighting.json
+++ b/schemas/sros/sighting.json
@@ -1,6 +1,6 @@
{
"$id": "http://raw.githubusercontent.com/oasis-open/cti-stix2-json-schemas/stix2.1/schemas/sros/sighting.json",
- "$schema": "http://json-schema.org/draft-07/schema",
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
"title": "sighting",
"description": "A Sighting denotes the belief that something in CTI (e.g., an indicator, malware, tool, threat actor, etc.) was seen.",
"type": "object",
diff --git a/test_examples.sh b/test_examples.sh
index 3c31710..1f41315 100755
--- a/test_examples.sh
+++ b/test_examples.sh
@@ -1,4 +1,4 @@
#!/bin/bash
-ajv compile -s "schemas/*/*.json" -r "schemas/*/*.json" -c ajv-formats-draft2019 --verbose
+ajv compile -s "schemas/*/*.json" -r "schemas/*/*.json" --spec=draft2020 --verbose
stix2_validator --schemas `pwd`/schemas -r examples --strict --ignore 302