github.com/gemaraproj/gemara@v1.3.0

test/test-data/bad-threat-invalid-group.yaml raw

 1metadata:
 2  id: EXAMPLE-THREAT-CATALOG
 3  type: ThreatCatalog
 4  gemara-version: "1.1.0"
 5  version: "1.0.0"
 6  description: Example Threat Catalog
 7  author:
 8    id: security-team
 9    name: Security Team
10    type: Human
11  mapping-references:
12    - id: EXAMPLE-CAPABILITY-CATALOG
13      title: Example Capability Catalog
14      version: "1.0.0"
15
16title: Example Threat Catalog
17
18groups:
19  - id: stride-s
20    title: Spoofing
21    description: Impersonating something or someone to gain unauthorized access
22
23threats:
24  - id: THREAT-001
25    title: Exploitation of Vulnerable Container Images
26    description: Attackers exploit known vulnerabilities in container images.
27    group: nonexistent-group
28    capabilities:
29      - reference-id: EXAMPLE-CAPABILITY-CATALOG
30        entries:
31          - reference-id: CAP-001