`Queries.json` lags behind YAML query updates — consider committing generated JSON or updating docs

[fin3ss3g0d]

Problem

The README states that individual query YAML files are "automatically combined into a single Queries.json file that powers the front-end." However, queries/*.yml appears to be updated more frequently than main/Queries.json, so the aggregated JSON can lag behind the YAML source-of-truth.

Additionally, the README references /Queries (capital Q), but the repo directory is queries/ (lowercase).

What I found

There is already a GitHub Actions workflow that runs utilities/python/convert.py to generate both Queries.zip and Queries.json, but it looks like those are generated for a (draft) release and not committed back into main. That would explain why main/Queries.json can drift from queries/*.yml.

Suggested fixes (choose one)

Option A (recommended): Treat main/Queries.json as the canonical aggregate and auto-regenerate + commit it whenever queries/**/*.yml changes (with paths-ignore for Queries.json to avoid workflow loops).

on:
  push:
    branches: [ main ]
    paths:
      - "queries/**/*.yml"
      - "utilities/python/**"
      - "requirements.txt"
    paths-ignore:
      - "Queries.json"

jobs:
  regenerate-json:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - uses: actions/setup-python@v3
        with:
          python-version: "3.10"

      - name: Install dependencies
        run: |
          python -m pip install --upgrade pip
          pip install -r requirements.txt

      - name: Generate Queries.json from YAML
        run: |
          python utilities/python/convert.py ./queries ./Queries.json

      - name: Commit updated Queries.json (if changed)
        if: github.actor != 'github-actions[bot]'
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          if git diff --quiet -- Queries.json; then
            echo "No changes to Queries.json"
            exit 0
          fi

          git config user.name "github-actions[bot]"
          git config user.email "github-actions[bot]@users.noreply.github.com"
          git add Queries.json
          git commit -m "chore: regenerate Queries.json [skip ci]"
          git push

Option B: Treat Queries.json as a build artifact only and update the README to direct users to Releases for the latest JSON/ZIP (and clarify what the frontend consumes).

Option C: At minimum, document how to run convert.py locally so contributors/users can regenerate Queries.json when it lags.

Also, there is a typo in the word BloodHound in the readme:

[d3vzer0]

Heya! Good point, we'll have to update the readme to clarify how the bundle is used/generated and remove the bundle from the repo. We initially pushed the bundle to the repo, but the pipeline now creates a release containing both the plain JSON and a ZIP file with the queries as a release: https://github.com/SpecterOps/BloodHoundQueryLibrary/releases/

[d3vzer0]

Fixed via: #46. Thanks @fin3ss3g0d :)