UNPKG

@mitre-attack/attack-data-model

Version:

A TypeScript API for the MITRE ATT&CK data model

github.com/mitre-attack/attack-data-model

mitre-attack/attack-data-model

123 lines (121 loc) 4.63 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
"use strict"; var __defProp = Object.defineProperty; var __getOwnPropDesc = Object.getOwnPropertyDescriptor; var __getOwnPropNames = Object.getOwnPropertyNames; var __hasOwnProp = Object.prototype.hasOwnProperty; var __export = (target, all) => { for (var name in all) __defProp(target, name, { get: all[name], enumerable: true }); }; var __copyProps = (to, from, except, desc) => { if (from && typeof from === "object" || typeof from === "function") { for (let key of __getOwnPropNames(from)) if (!__hasOwnProp.call(to, key) && key !== except) __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable }); } return to; }; var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod); // src/schemas/common/stix-type.ts var stix_type_exports = {}; __export(stix_type_exports, { createMultiStixTypeValidator: () => createMultiStixTypeValidator, createStixTypeValidator: () => createStixTypeValidator, stixTypeSchema: () => stixTypeSchema, stixTypeToTypeName: () => stixTypeToTypeName }); module.exports = __toCommonJS(stix_type_exports); var import_v4 = require("zod/v4"); var stixTypeToTypeName = { "attack-pattern": "Technique", bundle: "StixBundle", campaign: "Campaign", "course-of-action": "Mitigation", "extension-definition": null, identity: "Identity", "intrusion-set": "Group", malware: "Malware", tool: "Tool", "marking-definition": "MarkingDefinition", "x-mitre-analytic": "Analytic", "x-mitre-data-component": "DataComponent", "x-mitre-detection-strategy": "DetectionStrategy", "x-mitre-data-source": "DataSource", "x-mitre-log-source": "LogSource", "x-mitre-tactic": "Tactic", "x-mitre-asset": "Asset", "x-mitre-matrix": "Matrix", "x-mitre-collection": "Collection", relationship: "Relationship", file: "", // not used in ATT&CK but used in sample_refs for Malware artifact: "" // not used in ATT&CK but used in sample_refs for Malware // 'observed-data': 'ObservedData', // not used in ATT&CK // 'report': 'Report', // not used in ATT&CK // 'threat-actor': 'ThreatActor', // not used in ATT&CK // 'vulnerability': 'Vulnerability', // not used in ATT&CK }; var supportedStixTypes = [ "attack-pattern", "bundle", "campaign", "course-of-action", "extension-definition", "identity", "intrusion-set", "malware", "tool", "marking-definition", "x-mitre-analytic", "x-mitre-data-component", "x-mitre-detection-strategy", "x-mitre-tactic", "x-mitre-asset", "x-mitre-data-source", "x-mitre-log-source", "x-mitre-matrix", "x-mitre-collection", "relationship", "file", // not used in ATT&CK but used in sample_refs for Malware "artifact" // not used in ATT&CK but used in sample_refs for Malware // "indicator", // not used in ATT&CK // "observed-data", // not used in ATT&CK // "report", // not used in ATT&CK // "threat-actor", // not used in ATT&CK // "vulnerability", // not used in ATT&CK ]; var stixTypeSchema = import_v4.z.enum(supportedStixTypes, { error: (issue) => { if (issue.code === "invalid_value") { const received = typeof issue.input === "string" ? issue.input : String(issue.input); return `Invalid STIX type '${received}'. Expected one of the supported STIX types.`; } return void 0; } }).meta({ description: "The type property identifies the type of STIX Object (SDO, Relationship Object, etc). The value of the type field MUST be one of the types defined by a STIX Object (e.g., indicator)." }); function createStixTypeValidator(stixType) { const objectName = stixTypeToTypeName[stixType]; return import_v4.z.literal(stixType).refine((val) => val === stixType, { error: (issue) => `Invalid 'type' property. Expected '${stixType}' for ${objectName} object, but received '${issue.input}'.` }); } function createMultiStixTypeValidator(stixTypes) { const objectNames = stixTypes.map((type) => stixTypeToTypeName[type]).join(" or "); const typeList = stixTypes.map((t) => `'${t}'`).join(" or "); const literals = stixTypes.map((type) => import_v4.z.literal(type)); return import_v4.z.union(literals).refine((val) => stixTypes.includes(val), { error: (issue) => `Invalid 'type' property. Expected ${typeList} for ${objectNames} object, but received '${issue.input}'.` }); } // Annotate the CommonJS export names for ESM import in node: 0 && (module.exports = { createMultiStixTypeValidator, createStixTypeValidator, stixTypeSchema, stixTypeToTypeName });