Implement uniqueness validation for STIX bundle objects

[seansica]

Summary

Implements validation to ensure all objects in a STIX bundle have unique id values, preventing duplicate objects from passing schema validation.

Changes

New Features

• src/refinements/index.ts: Implemented createUniqueObjectsOnlyRefinement
  • Uses Set-based tracking for O(n) performance
  • Reports clear, actionable error messages with duplicate ID values
  • Provides proper error paths pointing to duplicate objects in the bundle
  • Called from stixBundleSchema alongside other bundle-level refinements

Testing

• test/objects/stix-bundle.test.ts: Added comprehensive test suite for uniqueness validation
  • ✅ True positive: Bundles with unique object IDs pass validation
  • ✅ True negative: Bundles with duplicate object IDs fail validation
  • ✅ Error messages include the duplicate ID value for debugging
  • ✅ Multiple duplicates in a single bundle are all detected and reported

Implementation Details

The implementation uses a simple, efficient Set-based approach:

export function createUniqueObjectsOnlyRefinement() {
  return (ctx: z.core.ParsePayload<StixBundle>): void => {
    const seen = new Set<string>();
    ctx.value.objects.forEach((item, index) => {
      const id = (item as AttackObject).id;
      if (seen.has(id)) {
        ctx.issues.push({
          code: 'custom',
          message: `Duplicate object with id "${id}" found. Each object in the bundle must have a unique id.`,
          path: ['objects', index, 'id'],
          input: id,
        });
      } else {
        seen.add(id);
      }
    });
  };
}

[seansica]

@jondricek

Notably:

1. This does not bump ATTACK_SPEC_VERSION. It remains 3.3.0. Given that this is new functionality, we should consider bumping to 3.4.0.
2. This constraint (uniqueness of the objects in STIX bundles) is NOT specified in STIX 2.1. Adding this would be an ATT&CK-specific behavior.