npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

stix2

v1.1.0

Published

This library is a Typescript implementation of the offical Python-based [stix2](https://stix2.readthedocs.io/) library, and is based on the STIX [v2.1 spec](https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html). A lot of the design-principles an

Downloads

4

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

stanleytstanleyt

Keywords

Readme

Overview

This library is a Typescript implementation of the offical Python-based stix2 library, and is based on the STIX v2.1 spec. A lot of the design-principles and structure of the library reflects that of the Python-based stix2 library. There are some additions and changes which make working with STIX data faster.

Goals

The goals of this library are:

  1. To make it as easy as possible to create & consume STIX.
  2. To make it hard (if not impossible) to create invalid STIX.

Setup

Installation

Install with npm

$ npm install stix2

Usage

🚧 This library is still undergoing development. Check back in soon for an updated usage guide.

Design Decisions

Architecture

Similar to the Python stix2 library, this library is broken up into different 'layers' which provide varying levels of abstraction to the end user:

  1. Object Layer (Deals with single STIX Objects)
  2. Bundle Layer (Deals with groups of STIX Objects)
  3. Enviornment Layer (Deals with all STIX Objects)

Object Layer

At the lowest level is the Object Layer which defines the actual stix2 object (SDO's, SROS's, etc.).

Bundle Layer 🚧 (To be Implemented)

At the next layer up we have the Bundle Layer which provides a level of abstraction and deals with the creation of bundles of STIX. There are 3 kinds of bundles supported: light, medium, heavy.

Enviornment Layer 🚧 (To be Implemented)

At the highest level we have the Enviornment Layer. The purpose of this layer is to deal with all the STIX objects you have collected. This layer is usefull for looking at all of your data in a big picture.

Validation

When working with the Object Layer there is a lot that can go wrong. To stick to our goal of making the process of emitting invalid STIX impossible, this library is written to aid both the creation and consumption of stix.

Creation: When creating STIX in code it is easy to forget object properties or mistakengly create invlaid objects. By using Typescript we can get better type-hints and errors at compile-time. This means that even before we run our code, the compiler can tell us if an object is valid & adheres to the spec.

Consumption: Often we don't know what kind of data we are parsing and consuming invalid STIX can hurt us at runtime. Every STIX object defined in the Object Layer can accept any input to its constructor. If the input is valid, all is well, however, if anything goes awry, the constructor will throw an error explaining where the object deviates from the spec. This allows us to always enforce that existing objects are valid, as well as parse new objects to be valid.

Why Typescript?

The rationale behind creating a Typescript-based stix2 library was to allow for stricter type-checking & validation when using STIX - mainly on the web. Having a robust library to produce and consume STIX, allows for exploration of web-based data viz, knowledge bases, and much more. Additionally, since STIX is JSON based, this library works more naturally its intended data format and avoids cross-language confusions.

The library is written so as to allow type-checking at both compile-time and run-time. This makes it easy for developers to produce valid STIX with compile-time checking and type hints, as well as consume valid STIX with type-checking at runtime.

This library does not use JSON schema or ajv to impelement runtime type-checking with Tyepscript. The process is done manually to minimize package size as well as enforce stricter type checking.