fix: [d3fend] sort keys to make jq_all_the_things happy

galaxies/mitre-d3fend.json

@@ -2,17 +2,9 @@
   "description": "A knowledge graph of cybersecurity countermeasures.",
   "icon": "user-shield",
   "kill_chain_order": {
-    "Model": [
+    "Deceive": [
-      "Asset-Inventory",
+      "Decoy-Environment",
-      "Network-Mapping",
+      "Decoy-Object"
-      "Operational-Activity-Mapping",
-      "System-Mapping"
-    ],
-    "Harden": [
-      "Application-Hardening",
-      "Credential-Hardening",
-      "Message-Hardening",
-      "Platform-Hardening"
     ],
     "Detect": [
       "File-Analysis",
@@ -23,19 +15,27 @@
       "Process-Analysis",
       "User-Behavior-Analysis"
     ],
-    "Isolate": [
-      "Execution-Isolation",
-      "Network-Isolation"
-    ],
-    "Deceive": [
-      "Decoy-Environment",
-      "Decoy-Object"
-    ],
     "Evict": [
       "Credential-Eviction",
       "File-Eviction",
       "Process-Eviction"
     ],
+    "Harden": [
+      "Application-Hardening",
+      "Credential-Hardening",
+      "Message-Hardening",
+      "Platform-Hardening"
+    ],
+    "Isolate": [
+      "Execution-Isolation",
+      "Network-Isolation"
+    ],
+    "Model": [
+      "Asset-Inventory",
+      "Network-Mapping",
+      "Operational-Activity-Mapping",
+      "System-Mapping"
+    ],
     "Restore": [
       "Restore-Access",
       "Restore-Object"

tools/gen_mitre_d3fend.py

@@ -248,8 +248,8 @@ json_cluster = {
 
 # save the Galaxy and Cluster file
 with open(os.path.join('..', 'galaxies', galaxy_fname), 'w') as f:
-    # do not sort_keys as it would break the kill_chain_order
+    # sort_keys, even if it breaks the kill_chain_order , but jq_all_the_things requires sorted keys
-    json.dump(json_galaxy, f, indent=2, ensure_ascii=False)
+    json.dump(json_galaxy, f, indent=2, sort_keys=True, ensure_ascii=False)
     f.write('\n')  # only needed for the beauty and to be compliant with jq_all_the_things
 
 with open(os.path.join('..', 'clusters', galaxy_fname), 'w') as f: