@mitre-attack/attack-data-model

import { z } from 'zod/v4'; import { StixIdentifier } from '../common/stix-identifier.js'; import { StixType } from '../common/stix-type.js'; declare const relationshipTypeSchema: z.ZodEnum<{ uses: "uses"; mitigates: "mitigates"; "subtechnique-of": "subtechnique-of"; detects: "detects"; "attributed-to": "attributed-to"; targets: "targets"; "revoked-by": "revoked-by"; "found-in": "found-in"; }>; type RelationshipType = z.infer<typeof relationshipTypeSchema>; declare const validRelationshipObjectTypes: ("attack-pattern" | "campaign" | "course-of-action" | "intrusion-set" | "malware" | "tool" | "x-mitre-data-component" | "x-mitre-asset" | "x-mitre-log-source")[]; /** * Validates a STIX relationship based on source type, relationship type, and target type. * * @param {StixType} sourceType - The type of the source object in the relationship. * @param {RelationshipType} relationshipType - The type of relationship between the source and target. * @param {StixType} targetType - The type of the target object in the relationship. * @param {function} [errorCollector] - Optional function to collect detailed error information. * If provided, it will be called with a ZodIssue object for each validation error. * * @returns {boolean} Returns true if the relationship is valid, false otherwise. * * @example * // Validate a relationship without error collection * const isValid = isValidRelationship('malware', 'uses', 'attack-pattern'); * * @example * // Validate a relationship with error collection * let errors = []; * const isValid = isValidRelationship('malware', 'uses', 'malware', (issue) => errors.push(issue)); */ declare function isValidRelationship(sourceType: StixType, relationshipType: RelationshipType, targetType: StixType, errorCollector?: (issue: z.core.$ZodIssue) => void): boolean; /** * Represents a possible STIX relationship combination. */ type RelationshipCombination = { sourceType: StixType; relationshipType: RelationshipType; targetType: StixType; }; /** * Filters out invalid relationships from all possible combinations. * This array contains only the relationships that are not valid according to the STIX specification. * It's useful for testing purposes and for identifying which relationship combinations are not allowed. */ declare const invalidRelationships: RelationshipCombination[]; /** * Creates a refinement function for relationships * * @returns A refinement function for relationship validation */ declare function createRelationshipValidationRefinement(): (ctx: z.core.ParsePayload<Relationship | { relationship_type: RelationshipType; source_ref: StixIdentifier; target_ref: StixIdentifier; }>) => void; declare const extensibleRelationshipSchema: z.ZodObject<{ type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">; id: z.ZodString; description: z.ZodOptional<z.ZodString>; spec_version: z.ZodEnum<{ "2.0": "2.0"; 2.1: "2.1"; }>; created_by_ref: z.ZodOptional<z.ZodString>; created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">; modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">; revoked: z.ZodOptional<z.ZodBoolean>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; external_references: z.ZodOptional<z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>; object_marking_refs: z.ZodOptional<z.ZodArray<z.ZodString>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ marking_ref: z.ZodString; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; x_mitre_attack_spec_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; relationship_type: z.ZodEnum<{ uses: "uses"; mitigates: "mitigates"; "subtechnique-of": "subtechnique-of"; detects: "detects"; "attributed-to": "attributed-to"; targets: "targets"; "revoked-by": "revoked-by"; "found-in": "found-in"; }>; source_ref: z.ZodString; target_ref: z.ZodString; x_mitre_log_source_channel: z.ZodOptional<z.ZodString>; }, z.core.$strict>; declare const relationshipSchema: z.ZodObject<{ type: z.ZodLiteral<"attack-pattern" | "bundle" | "campaign" | "course-of-action" | "extension-definition" | "identity" | "intrusion-set" | "malware" | "tool" | "marking-definition" | "x-mitre-analytic" | "x-mitre-data-component" | "x-mitre-detection-strategy" | "x-mitre-tactic" | "x-mitre-asset" | "x-mitre-data-source" | "x-mitre-log-source" | "x-mitre-matrix" | "x-mitre-collection" | "relationship" | "file" | "artifact">; id: z.ZodString; description: z.ZodOptional<z.ZodString>; spec_version: z.ZodEnum<{ "2.0": "2.0"; 2.1: "2.1"; }>; created_by_ref: z.ZodOptional<z.ZodString>; created: z.core.$ZodBranded<z.ZodISODateTime, "StixCreatedTimestamp">; modified: z.core.$ZodBranded<z.ZodISODateTime, "StixModifiedTimestamp">; revoked: z.ZodOptional<z.ZodBoolean>; labels: z.ZodOptional<z.ZodArray<z.ZodString>>; external_references: z.ZodOptional<z.ZodArray<z.ZodObject<{ source_name: z.ZodString; description: z.ZodOptional<z.ZodString>; url: z.ZodOptional<z.ZodURL>; external_id: z.ZodOptional<z.ZodString>; }, z.core.$strip>>>; object_marking_refs: z.ZodOptional<z.ZodArray<z.ZodString>>; granular_markings: z.ZodOptional<z.ZodArray<z.ZodObject<{ marking_ref: z.ZodString; selectors: z.ZodArray<z.ZodString>; }, z.core.$strip>>>; confidence: z.ZodOptional<z.ZodOptional<z.ZodNumber>>; lang: z.ZodOptional<z.ZodString>; extensions: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnion<readonly [z.ZodObject<{ extension_type: z.ZodEnum<{ "new-sdo": "new-sdo"; "new-sco": "new-sco"; "new-sro": "new-sro"; "property-extension": "property-extension"; "toplevel-property-extension": "toplevel-property-extension"; }>; }, z.core.$catchall<z.ZodUnknown>>, z.ZodRecord<z.ZodString, z.ZodUnknown>]>>>; x_mitre_attack_spec_version: z.ZodString; x_mitre_old_attack_id: z.ZodOptional<z.ZodString>; x_mitre_deprecated: z.ZodOptional<z.ZodBoolean>; x_mitre_modified_by_ref: z.ZodLiteral<`identity--${string}`>; relationship_type: z.ZodEnum<{ uses: "uses"; mitigates: "mitigates"; "subtechnique-of": "subtechnique-of"; detects: "detects"; "attributed-to": "attributed-to"; targets: "targets"; "revoked-by": "revoked-by"; "found-in": "found-in"; }>; source_ref: z.ZodString; target_ref: z.ZodString; x_mitre_log_source_channel: z.ZodOptional<z.ZodString>; }, z.core.$strict>; type Relationship = z.infer<typeof extensibleRelationshipSchema>; export { type Relationship, type RelationshipCombination, type RelationshipType, createRelationshipValidationRefinement, extensibleRelationshipSchema, invalidRelationships, isValidRelationship, relationshipSchema, relationshipTypeSchema, validRelationshipObjectTypes };