@cyvest/cyvest-js 3.0.1 → 3.2.0

package/dist/index.d.mts

@@ -1,80 +1,33 @@
-/**
- * Global investigation score.
- */
-type Score = number;
 /**
  * Security level classification for checks, observables, and threat intelligence.
  *
  * Levels are ordered from lowest (NONE) to highest (MALICIOUS) severity.
  */
 type Level = "NONE" | "TRUSTED" | "INFO" | "SAFE" | "NOTABLE" | "SUSPICIOUS" | "MALICIOUS";
-/**
- * Whether the investigation is whitelisted.
- */
-type Whitelisted = boolean;
-type Identifier = string;
-type Name = string;
 type Justification = string | null;
 /**
  * List of whitelist entries applied to this investigation.
  */
 type Whitelists = InvestigationWhitelist[];
-type Type = string;
-type Value = string;
-type Internal = boolean;
-type Whitelisted1 = boolean;
-type Comment = string;
-type Score1 = number;
 type ThreatIntels = string[];
-type TargetKey = string;
-type RelationshipType = string;
 /**
  * Direction of a relationship between observables.
  */
 type RelationshipDirection = "outbound" | "inbound" | "bidirectional";
 type Relationships = Relationship[];
-type Key = string;
 /**
  * Checks that generated this observable.
  */
 type GeneratedByChecks = string[];
-type CheckId = string;
-type Scope = string;
-type Description = string;
-type Comment1 = string;
-type Score2 = number;
 type Observables1 = string[];
 /**
  * Controls how a check reacts to linked observables.
  */
 type CheckScorePolicy = "auto" | "manual";
-type Key1 = string;
-type Source = string;
-type ObservableKey = string;
-type Comment2 = string;
-type Score3 = number;
 type Taxonomies = {
     [k: string]: unknown;
 }[];
-type Key2 = string;
-type Name1 = string;
-type Context = string;
-type Key3 = string;
-type Path = string;
-type Description1 = string;
 type Checks1 = string[];
-type Key4 = string;
-type AggregatedScore = number;
-type TotalObservables = number;
-type InternalObservables = number;
-type ExternalObservables = number;
-type WhitelistedObservables = number;
-type TotalChecks = number;
-type AppliedChecks = number;
-type TotalThreatIntel = number;
-type TotalContainers = number;
-type Checks2 = number;
-type Applied = number;
 /**
  * Root observable type used during data extraction.
  */
@@ -94,9 +47,19 @@ type ScoreMode = "max" | "sum";
  * schemas matching the actual model_dump() output.
  */
 interface CyvestInvestigation {
-    score: Score;
+    /**
+     * Investigation start time (UTC).
+     */
+    started_at: string;
+    /**
+     * Global investigation score.
+     */
+    score: number;
     level: Level;
-    whitelisted: Whitelisted;
+    /**
+     * Whether the investigation is whitelisted.
+     */
+    whitelisted: boolean;
     whitelists: Whitelists;
     observables: Observables;
     checks: Checks;
@@ -107,13 +70,17 @@ interface CyvestInvestigation {
     stats: StatisticsSchema;
     stats_checks: StatsChecksSchema;
     data_extraction: DataExtractionSchema;
+    /**
+     * Global investigation score formatted as fixed-point x.xx.
+     */
+    score_display: string;
 }
 /**
  * Represents a whitelist entry on an investigation.
  */
 interface InvestigationWhitelist {
-    identifier: Identifier;
-    name: Name;
+    identifier: string;
+    name: string;
     justification?: Justification;
     [k: string]: unknown;
 }
@@ -130,18 +97,19 @@ interface Observables {
  * through relationships.
  */
 interface Observable {
-    type: Type;
-    value: Value;
-    internal: Internal;
-    whitelisted: Whitelisted1;
-    comment: Comment;
+    type: string;
+    value: string;
+    internal: boolean;
+    whitelisted: boolean;
+    comment: string;
     extra: Extra;
-    score: Score1;
+    score: number;
     level: Level;
     threat_intels: ThreatIntels;
     relationships: Relationships;
-    key: Key;
+    key: string;
     generated_by_checks: GeneratedByChecks;
+    score_display: string;
     [k: string]: unknown;
 }
 interface Extra {
@@ -151,8 +119,8 @@ interface Extra {
  * Represents a relationship between observables.
  */
 interface Relationship {
-    target_key: TargetKey;
-    relationship_type: RelationshipType;
+    target_key: string;
+    relationship_type: string;
     direction: RelationshipDirection;
     [k: string]: unknown;
 }
@@ -169,16 +137,17 @@ interface Checks {
  * and contributes to the overall investigation score.
  */
 interface Check {
-    check_id: CheckId;
-    scope: Scope;
-    description: Description;
-    comment: Comment1;
+    check_id: string;
+    scope: string;
+    description: string;
+    comment: string;
     extra: Extra1;
-    score: Score2;
+    score: number;
     level: Level;
     observables: Observables1;
     score_policy?: CheckScorePolicy;
-    key: Key1;
+    key: string;
+    score_display: string;
     [k: string]: unknown;
 }
 interface Extra1 {
@@ -203,14 +172,15 @@ interface ThreatIntels1 {
  * like VirusTotal, URLScan.io, etc.
  */
 interface ThreatIntel {
-    source: Source;
-    observable_key: ObservableKey;
-    comment: Comment2;
+    source: string;
+    observable_key: string;
+    comment: string;
     extra: Extra2;
-    score: Score3;
+    score: number;
     level: Level;
     taxonomies: Taxonomies;
-    key: Key2;
+    key: string;
+    score_display: string;
     [k: string]: unknown;
 }
 interface Extra2 {
@@ -229,10 +199,10 @@ interface Enrichments {
  * context but doesn't directly contribute to scoring.
  */
 interface Enrichment {
-    name: Name1;
+    name: string;
     data: Data;
-    context: Context;
-    key: Key3;
+    context: string;
+    key: string;
     [k: string]: unknown;
 }
 interface Data {
@@ -251,12 +221,12 @@ interface Containers {
  * with aggregated scores and levels.
  */
 interface Container {
-    path: Path;
-    description?: Description1;
+    path: string;
+    description?: string;
     checks: Checks1;
     sub_containers: SubContainers;
-    key: Key4;
-    aggregated_score: AggregatedScore;
+    key: string;
+    aggregated_score: number;
     aggregated_level: Level;
 }
 interface SubContainers {
@@ -268,21 +238,21 @@ interface SubContainers {
  * Mirrors the output of `InvestigationStats.get_summary()`.
  */
 interface StatisticsSchema {
-    total_observables: TotalObservables;
-    internal_observables: InternalObservables;
-    external_observables: ExternalObservables;
-    whitelisted_observables: WhitelistedObservables;
+    total_observables: number;
+    internal_observables: number;
+    external_observables: number;
+    whitelisted_observables: number;
     observables_by_type?: ObservablesByType;
     observables_by_level?: ObservablesByLevel;
     observables_by_type_and_level?: ObservablesByTypeAndLevel;
-    total_checks: TotalChecks;
-    applied_checks: AppliedChecks;
+    total_checks: number;
+    applied_checks: number;
     checks_by_scope?: ChecksByScope;
     checks_by_level?: ChecksByLevel1;
-    total_threat_intel: TotalThreatIntel;
+    total_threat_intel: number;
     threat_intel_by_source?: ThreatIntelBySource;
     threat_intel_by_level?: ThreatIntelByLevel;
-    total_containers: TotalContainers;
+    total_containers: number;
 }
 interface ObservablesByType {
     [k: string]: number;
@@ -311,8 +281,8 @@ interface ThreatIntelByLevel {
  * Schema for check statistics summary.
  */
 interface StatsChecksSchema {
-    checks: Checks2;
-    applied: Applied;
+    checks: number;
+    applied: number;
 }
 /**
  * Schema for data extraction metadata.
@@ -1364,4 +1334,4 @@ declare function getRelationshipsForObservable(inv: CyvestInvestigation, observa
     }>;
 };
 
-export { type AggregatedScore, type Applied, type AppliedChecks, type Check, type CheckId, type CheckScorePolicy, type Checks, type Checks1, type Checks2, type ChecksByLevel, type ChecksByLevel1, type ChecksByScope, type Comment, type Comment1, type Comment2, type Container, type Containers, type Context, type CyvestInvestigation, type Data, type DataExtractionSchema, type Description, type Description1, type Enrichment, type Enrichments, type ExternalObservables, type Extra, type Extra1, type Extra2, type GeneratedByChecks, type GraphEdge, type GraphNode, type Identifier, type Internal, type InternalObservables, type InvestigationCounts, type InvestigationGraph, type InvestigationWhitelist, type Justification, type Key, type Key1, type Key2, type Key3, type Key4, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type Name, type Name1, type Observable, type ObservableKey, type Observables, type Observables1, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type Path, type Relationship, type RelationshipDirection, type RelationshipType, type Relationships, type RootType, type Scope, type Score, type Score1, type Score2, type Score3, type ScoreMode, type Source, type StatisticsSchema, type StatsChecksSchema, type SubContainers, type TargetKey, type Taxonomies, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type TotalChecks, type TotalContainers, type TotalObservables, type TotalThreatIntel, type Type, type Value, type Whitelisted, type Whitelisted1, type WhitelistedObservables, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findManuallyScored, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getStatsChecks, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };
+export { type Check, type CheckScorePolicy, type Checks, type Checks1, type ChecksByLevel, type ChecksByLevel1, type ChecksByScope, type Container, type Containers, type CyvestInvestigation, type Data, type DataExtractionSchema, type Enrichment, type Enrichments, type Extra, type Extra1, type Extra2, type GeneratedByChecks, type GraphEdge, type GraphNode, type InvestigationCounts, type InvestigationGraph, type InvestigationWhitelist, type Justification, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type Observable, type Observables, type Observables1, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type Relationship, type RelationshipDirection, type Relationships, type RootType, type ScoreMode, type StatisticsSchema, type StatsChecksSchema, type SubContainers, type Taxonomies, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findManuallyScored, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getStatsChecks, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };

package/dist/index.d.ts

@@ -1,80 +1,33 @@
-/**
- * Global investigation score.
- */
-type Score = number;
 /**
  * Security level classification for checks, observables, and threat intelligence.
  *
  * Levels are ordered from lowest (NONE) to highest (MALICIOUS) severity.
  */
 type Level = "NONE" | "TRUSTED" | "INFO" | "SAFE" | "NOTABLE" | "SUSPICIOUS" | "MALICIOUS";
-/**
- * Whether the investigation is whitelisted.
- */
-type Whitelisted = boolean;
-type Identifier = string;
-type Name = string;
 type Justification = string | null;
 /**
  * List of whitelist entries applied to this investigation.
  */
 type Whitelists = InvestigationWhitelist[];
-type Type = string;
-type Value = string;
-type Internal = boolean;
-type Whitelisted1 = boolean;
-type Comment = string;
-type Score1 = number;
 type ThreatIntels = string[];
-type TargetKey = string;
-type RelationshipType = string;
 /**
  * Direction of a relationship between observables.
  */
 type RelationshipDirection = "outbound" | "inbound" | "bidirectional";
 type Relationships = Relationship[];
-type Key = string;
 /**
  * Checks that generated this observable.
  */
 type GeneratedByChecks = string[];
-type CheckId = string;
-type Scope = string;
-type Description = string;
-type Comment1 = string;
-type Score2 = number;
 type Observables1 = string[];
 /**
  * Controls how a check reacts to linked observables.
  */
 type CheckScorePolicy = "auto" | "manual";
-type Key1 = string;
-type Source = string;
-type ObservableKey = string;
-type Comment2 = string;
-type Score3 = number;
 type Taxonomies = {
     [k: string]: unknown;
 }[];
-type Key2 = string;
-type Name1 = string;
-type Context = string;
-type Key3 = string;
-type Path = string;
-type Description1 = string;
 type Checks1 = string[];
-type Key4 = string;
-type AggregatedScore = number;
-type TotalObservables = number;
-type InternalObservables = number;
-type ExternalObservables = number;
-type WhitelistedObservables = number;
-type TotalChecks = number;
-type AppliedChecks = number;
-type TotalThreatIntel = number;
-type TotalContainers = number;
-type Checks2 = number;
-type Applied = number;
 /**
  * Root observable type used during data extraction.
  */
@@ -94,9 +47,19 @@ type ScoreMode = "max" | "sum";
  * schemas matching the actual model_dump() output.
  */
 interface CyvestInvestigation {
-    score: Score;
+    /**
+     * Investigation start time (UTC).
+     */
+    started_at: string;
+    /**
+     * Global investigation score.
+     */
+    score: number;
     level: Level;
-    whitelisted: Whitelisted;
+    /**
+     * Whether the investigation is whitelisted.
+     */
+    whitelisted: boolean;
     whitelists: Whitelists;
     observables: Observables;
     checks: Checks;
@@ -107,13 +70,17 @@ interface CyvestInvestigation {
     stats: StatisticsSchema;
     stats_checks: StatsChecksSchema;
     data_extraction: DataExtractionSchema;
+    /**
+     * Global investigation score formatted as fixed-point x.xx.
+     */
+    score_display: string;
 }
 /**
  * Represents a whitelist entry on an investigation.
  */
 interface InvestigationWhitelist {
-    identifier: Identifier;
-    name: Name;
+    identifier: string;
+    name: string;
     justification?: Justification;
     [k: string]: unknown;
 }
@@ -130,18 +97,19 @@ interface Observables {
  * through relationships.
  */
 interface Observable {
-    type: Type;
-    value: Value;
-    internal: Internal;
-    whitelisted: Whitelisted1;
-    comment: Comment;
+    type: string;
+    value: string;
+    internal: boolean;
+    whitelisted: boolean;
+    comment: string;
     extra: Extra;
-    score: Score1;
+    score: number;
     level: Level;
     threat_intels: ThreatIntels;
     relationships: Relationships;
-    key: Key;
+    key: string;
     generated_by_checks: GeneratedByChecks;
+    score_display: string;
     [k: string]: unknown;
 }
 interface Extra {
@@ -151,8 +119,8 @@ interface Extra {
  * Represents a relationship between observables.
  */
 interface Relationship {
-    target_key: TargetKey;
-    relationship_type: RelationshipType;
+    target_key: string;
+    relationship_type: string;
     direction: RelationshipDirection;
     [k: string]: unknown;
 }
@@ -169,16 +137,17 @@ interface Checks {
  * and contributes to the overall investigation score.
  */
 interface Check {
-    check_id: CheckId;
-    scope: Scope;
-    description: Description;
-    comment: Comment1;
+    check_id: string;
+    scope: string;
+    description: string;
+    comment: string;
     extra: Extra1;
-    score: Score2;
+    score: number;
     level: Level;
     observables: Observables1;
     score_policy?: CheckScorePolicy;
-    key: Key1;
+    key: string;
+    score_display: string;
     [k: string]: unknown;
 }
 interface Extra1 {
@@ -203,14 +172,15 @@ interface ThreatIntels1 {
  * like VirusTotal, URLScan.io, etc.
  */
 interface ThreatIntel {
-    source: Source;
-    observable_key: ObservableKey;
-    comment: Comment2;
+    source: string;
+    observable_key: string;
+    comment: string;
     extra: Extra2;
-    score: Score3;
+    score: number;
     level: Level;
     taxonomies: Taxonomies;
-    key: Key2;
+    key: string;
+    score_display: string;
     [k: string]: unknown;
 }
 interface Extra2 {
@@ -229,10 +199,10 @@ interface Enrichments {
  * context but doesn't directly contribute to scoring.
  */
 interface Enrichment {
-    name: Name1;
+    name: string;
     data: Data;
-    context: Context;
-    key: Key3;
+    context: string;
+    key: string;
     [k: string]: unknown;
 }
 interface Data {
@@ -251,12 +221,12 @@ interface Containers {
  * with aggregated scores and levels.
  */
 interface Container {
-    path: Path;
-    description?: Description1;
+    path: string;
+    description?: string;
     checks: Checks1;
     sub_containers: SubContainers;
-    key: Key4;
-    aggregated_score: AggregatedScore;
+    key: string;
+    aggregated_score: number;
     aggregated_level: Level;
 }
 interface SubContainers {
@@ -268,21 +238,21 @@ interface SubContainers {
  * Mirrors the output of `InvestigationStats.get_summary()`.
  */
 interface StatisticsSchema {
-    total_observables: TotalObservables;
-    internal_observables: InternalObservables;
-    external_observables: ExternalObservables;
-    whitelisted_observables: WhitelistedObservables;
+    total_observables: number;
+    internal_observables: number;
+    external_observables: number;
+    whitelisted_observables: number;
     observables_by_type?: ObservablesByType;
     observables_by_level?: ObservablesByLevel;
     observables_by_type_and_level?: ObservablesByTypeAndLevel;
-    total_checks: TotalChecks;
-    applied_checks: AppliedChecks;
+    total_checks: number;
+    applied_checks: number;
     checks_by_scope?: ChecksByScope;
     checks_by_level?: ChecksByLevel1;
-    total_threat_intel: TotalThreatIntel;
+    total_threat_intel: number;
     threat_intel_by_source?: ThreatIntelBySource;
     threat_intel_by_level?: ThreatIntelByLevel;
-    total_containers: TotalContainers;
+    total_containers: number;
 }
 interface ObservablesByType {
     [k: string]: number;
@@ -311,8 +281,8 @@ interface ThreatIntelByLevel {
  * Schema for check statistics summary.
  */
 interface StatsChecksSchema {
-    checks: Checks2;
-    applied: Applied;
+    checks: number;
+    applied: number;
 }
 /**
  * Schema for data extraction metadata.
@@ -1364,4 +1334,4 @@ declare function getRelationshipsForObservable(inv: CyvestInvestigation, observa
     }>;
 };
 
-export { type AggregatedScore, type Applied, type AppliedChecks, type Check, type CheckId, type CheckScorePolicy, type Checks, type Checks1, type Checks2, type ChecksByLevel, type ChecksByLevel1, type ChecksByScope, type Comment, type Comment1, type Comment2, type Container, type Containers, type Context, type CyvestInvestigation, type Data, type DataExtractionSchema, type Description, type Description1, type Enrichment, type Enrichments, type ExternalObservables, type Extra, type Extra1, type Extra2, type GeneratedByChecks, type GraphEdge, type GraphNode, type Identifier, type Internal, type InternalObservables, type InvestigationCounts, type InvestigationGraph, type InvestigationWhitelist, type Justification, type Key, type Key1, type Key2, type Key3, type Key4, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type Name, type Name1, type Observable, type ObservableKey, type Observables, type Observables1, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type Path, type Relationship, type RelationshipDirection, type RelationshipType, type Relationships, type RootType, type Scope, type Score, type Score1, type Score2, type Score3, type ScoreMode, type Source, type StatisticsSchema, type StatsChecksSchema, type SubContainers, type TargetKey, type Taxonomies, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type TotalChecks, type TotalContainers, type TotalObservables, type TotalThreatIntel, type Type, type Value, type Whitelisted, type Whitelisted1, type WhitelistedObservables, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findManuallyScored, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getStatsChecks, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };
+export { type Check, type CheckScorePolicy, type Checks, type Checks1, type ChecksByLevel, type ChecksByLevel1, type ChecksByScope, type Container, type Containers, type CyvestInvestigation, type Data, type DataExtractionSchema, type Enrichment, type Enrichments, type Extra, type Extra1, type Extra2, type GeneratedByChecks, type GraphEdge, type GraphNode, type InvestigationCounts, type InvestigationGraph, type InvestigationWhitelist, type Justification, type KeyType, LEVEL_COLORS, LEVEL_ORDER, LEVEL_VALUES, type Level, type Observable, type Observables, type Observables1, type ObservablesByLevel, type ObservablesByType, type ObservablesByTypeAndLevel, type Relationship, type RelationshipDirection, type Relationships, type RootType, type ScoreMode, type StatisticsSchema, type StatsChecksSchema, type SubContainers, type Taxonomies, type ThreatIntel, type ThreatIntelByLevel, type ThreatIntelBySource, type ThreatIntels, type ThreatIntels1, type Whitelists, areConnected, compareLevels, countRelationshipsByType, findChecksAtLeast, findChecksByCheckId, findChecksByLevel, findChecksByScope, findContainersAtLeast, findContainersByLevel, findExternalObservables, findInternalObservables, findLeafObservables, findManuallyScored, findObservablesAtLeast, findObservablesByLevel, findObservablesByType, findObservablesByValue, findObservablesContaining, findObservablesMatching, findObservablesWithThreatIntel, findOrphanObservables, findPath, findRootObservables, findThreatIntelAtLeast, findThreatIntelByLevel, findThreatIntelBySource, findWhitelistedObservables, generateCheckKey, generateContainerKey, generateEnrichmentKey, generateObservableKey, generateThreatIntelKey, getAllChecks, getAllContainers, getAllEnrichments, getAllObservableTypes, getAllObservables, getAllRelationshipTypes, getAllScopes, getAllThreatIntelSources, getAllThreatIntels, getCheck, getCheckByIdScope, getChecksForContainer, getChecksForObservable, getColorForLevel, getColorForScore, getContainer, getContainerByPath, getCounts, getDataExtraction, getEnrichment, getEnrichmentByName, getEntityLevel, getHighestScoringChecks, getHighestScoringObservables, getLevelFromScore, getMaliciousChecks, getMaliciousObservables, getObservable, getObservableByTypeValue, getObservableChildren, getObservableGraph, getObservableParents, getObservablesForCheck, getReachableObservables, getRelatedObservables, getRelatedObservablesByDirection, getRelatedObservablesByType, getRelationshipsForObservable, getStats, getStatsChecks, getSuspiciousChecks, getSuspiciousObservables, getThreatIntel, getThreatIntelBySourceObservable, getThreatIntelsForObservable, getWhitelists, hasLevel, isCyvest, isLevelAtLeast, isLevelHigherThan, isLevelLowerThan, isValidLevel, maxLevel, minLevel, normalizeLevel, parseCheckKey, parseCyvest, parseKeyType, parseObservableKey, parseThreatIntelKey, sortChecksByLevel, sortChecksByScore, sortObservablesByLevel, sortObservablesByScore, validateKey };

package/dist/index.js

@@ -185,6 +185,11 @@ var cyvest_schema_default = {
         key: {
           title: "Key",
           type: "string"
+        },
+        score_display: {
+          readOnly: true,
+          title: "Score Display",
+          type: "string"
         }
       },
       required: [
@@ -196,7 +201,8 @@ var cyvest_schema_default = {
         "score",
         "level",
         "observables",
-        "key"
+        "key",
+        "score_display"
       ],
       title: "Check",
       type: "object"
@@ -427,6 +433,11 @@ var cyvest_schema_default = {
           readOnly: true,
           title: "Generated By Checks",
           type: "array"
+        },
+        score_display: {
+          readOnly: true,
+          title: "Score Display",
+          type: "string"
         }
       },
       required: [
@@ -441,7 +452,8 @@ var cyvest_schema_default = {
         "threat_intels",
         "relationships",
         "key",
-        "generated_by_checks"
+        "generated_by_checks",
+        "score_display"
       ],
       title: "Observable",
       type: "object"
@@ -665,6 +677,11 @@ var cyvest_schema_default = {
         key: {
           title: "Key",
           type: "string"
+        },
+        score_display: {
+          readOnly: true,
+          title: "Score Display",
+          type: "string"
         }
       },
       required: [
@@ -675,7 +692,8 @@ var cyvest_schema_default = {
         "score",
         "level",
         "taxonomies",
-        "key"
+        "key",
+        "score_display"
       ],
       title: "ThreatIntel",
       type: "object"
@@ -686,6 +704,12 @@ var cyvest_schema_default = {
   additionalProperties: false,
   description: "Schema for a complete serialized investigation.\n\nThis model describes the output of `serialize_investigation()` from\n`cyvest.io_serialization`. It is the top-level schema for exported investigations.\n\nEntity types reference the runtime models directly. When generating schemas with\n`mode='serialization'`, Pydantic respects field_serializer decorators and produces\nschemas matching the actual model_dump() output.",
   properties: {
+    started_at: {
+      description: "Investigation start time (UTC).",
+      format: "date-time",
+      title: "Started At",
+      type: "string"
+    },
     score: {
       description: "Global investigation score.",
       title: "Score",
@@ -773,9 +797,16 @@ var cyvest_schema_default = {
     data_extraction: {
       $ref: "#/$defs/DataExtractionSchema",
       description: "Data extraction metadata."
+    },
+    score_display: {
+      description: "Global investigation score formatted as fixed-point x.xx.",
+      readOnly: true,
+      title: "Score Display",
+      type: "string"
     }
   },
   required: [
+    "started_at",
     "score",
     "level",
     "whitelisted",
@@ -788,7 +819,8 @@ var cyvest_schema_default = {
     "containers",
     "stats",
     "stats_checks",
-    "data_extraction"
+    "data_extraction",
+    "score_display"
   ],
   title: "Cyvest Investigation",
   type: "object"

package/dist/index.mjs

@@ -50,6 +50,11 @@ var cyvest_schema_default = {
         key: {
           title: "Key",
           type: "string"
+        },
+        score_display: {
+          readOnly: true,
+          title: "Score Display",
+          type: "string"
         }
       },
       required: [
@@ -61,7 +66,8 @@ var cyvest_schema_default = {
         "score",
         "level",
         "observables",
-        "key"
+        "key",
+        "score_display"
       ],
       title: "Check",
       type: "object"
@@ -292,6 +298,11 @@ var cyvest_schema_default = {
           readOnly: true,
           title: "Generated By Checks",
           type: "array"
+        },
+        score_display: {
+          readOnly: true,
+          title: "Score Display",
+          type: "string"
         }
       },
       required: [
@@ -306,7 +317,8 @@ var cyvest_schema_default = {
         "threat_intels",
         "relationships",
         "key",
-        "generated_by_checks"
+        "generated_by_checks",
+        "score_display"
       ],
       title: "Observable",
       type: "object"
@@ -530,6 +542,11 @@ var cyvest_schema_default = {
         key: {
           title: "Key",
           type: "string"
+        },
+        score_display: {
+          readOnly: true,
+          title: "Score Display",
+          type: "string"
         }
       },
       required: [
@@ -540,7 +557,8 @@ var cyvest_schema_default = {
         "score",
         "level",
         "taxonomies",
-        "key"
+        "key",
+        "score_display"
       ],
       title: "ThreatIntel",
       type: "object"
@@ -551,6 +569,12 @@ var cyvest_schema_default = {
   additionalProperties: false,
   description: "Schema for a complete serialized investigation.\n\nThis model describes the output of `serialize_investigation()` from\n`cyvest.io_serialization`. It is the top-level schema for exported investigations.\n\nEntity types reference the runtime models directly. When generating schemas with\n`mode='serialization'`, Pydantic respects field_serializer decorators and produces\nschemas matching the actual model_dump() output.",
   properties: {
+    started_at: {
+      description: "Investigation start time (UTC).",
+      format: "date-time",
+      title: "Started At",
+      type: "string"
+    },
     score: {
       description: "Global investigation score.",
       title: "Score",
@@ -638,9 +662,16 @@ var cyvest_schema_default = {
     data_extraction: {
       $ref: "#/$defs/DataExtractionSchema",
       description: "Data extraction metadata."
+    },
+    score_display: {
+      description: "Global investigation score formatted as fixed-point x.xx.",
+      readOnly: true,
+      title: "Score Display",
+      type: "string"
     }
   },
   required: [
+    "started_at",
     "score",
     "level",
     "whitelisted",
@@ -653,7 +684,8 @@ var cyvest_schema_default = {
     "containers",
     "stats",
     "stats_checks",
-    "data_extraction"
+    "data_extraction",
+    "score_display"
   ],
   title: "Cyvest Investigation",
   type: "object"

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cyvest/cyvest-js",
-  "version": "3.0.1",
+  "version": "3.2.0",
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
   "types": "dist/index.d.ts",

package/src/types.generated.ts

@@ -1,82 +1,35 @@
 // AUTO-GENERATED FROM cyvest.schema.json — DO NOT EDIT
 
-/**
- * Global investigation score.
- */
-export type Score = number;
 /**
  * Security level classification for checks, observables, and threat intelligence.
  *
  * Levels are ordered from lowest (NONE) to highest (MALICIOUS) severity.
  */
 export type Level = "NONE" | "TRUSTED" | "INFO" | "SAFE" | "NOTABLE" | "SUSPICIOUS" | "MALICIOUS";
-/**
- * Whether the investigation is whitelisted.
- */
-export type Whitelisted = boolean;
-export type Identifier = string;
-export type Name = string;
 export type Justification = string | null;
 /**
  * List of whitelist entries applied to this investigation.
  */
 export type Whitelists = InvestigationWhitelist[];
-export type Type = string;
-export type Value = string;
-export type Internal = boolean;
-export type Whitelisted1 = boolean;
-export type Comment = string;
-export type Score1 = number;
 export type ThreatIntels = string[];
-export type TargetKey = string;
-export type RelationshipType = string;
 /**
  * Direction of a relationship between observables.
  */
 export type RelationshipDirection = "outbound" | "inbound" | "bidirectional";
 export type Relationships = Relationship[];
-export type Key = string;
 /**
  * Checks that generated this observable.
  */
 export type GeneratedByChecks = string[];
-export type CheckId = string;
-export type Scope = string;
-export type Description = string;
-export type Comment1 = string;
-export type Score2 = number;
 export type Observables1 = string[];
 /**
  * Controls how a check reacts to linked observables.
  */
 export type CheckScorePolicy = "auto" | "manual";
-export type Key1 = string;
-export type Source = string;
-export type ObservableKey = string;
-export type Comment2 = string;
-export type Score3 = number;
 export type Taxonomies = {
   [k: string]: unknown;
 }[];
-export type Key2 = string;
-export type Name1 = string;
-export type Context = string;
-export type Key3 = string;
-export type Path = string;
-export type Description1 = string;
 export type Checks1 = string[];
-export type Key4 = string;
-export type AggregatedScore = number;
-export type TotalObservables = number;
-export type InternalObservables = number;
-export type ExternalObservables = number;
-export type WhitelistedObservables = number;
-export type TotalChecks = number;
-export type AppliedChecks = number;
-export type TotalThreatIntel = number;
-export type TotalContainers = number;
-export type Checks2 = number;
-export type Applied = number;
 /**
  * Root observable type used during data extraction.
  */
@@ -97,9 +50,19 @@ export type ScoreMode = "max" | "sum";
  * schemas matching the actual model_dump() output.
  */
 export interface CyvestInvestigation {
-  score: Score;
+  /**
+   * Investigation start time (UTC).
+   */
+  started_at: string;
+  /**
+   * Global investigation score.
+   */
+  score: number;
   level: Level;
-  whitelisted: Whitelisted;
+  /**
+   * Whether the investigation is whitelisted.
+   */
+  whitelisted: boolean;
   whitelists: Whitelists;
   observables: Observables;
   checks: Checks;
@@ -110,13 +73,17 @@ export interface CyvestInvestigation {
   stats: StatisticsSchema;
   stats_checks: StatsChecksSchema;
   data_extraction: DataExtractionSchema;
+  /**
+   * Global investigation score formatted as fixed-point x.xx.
+   */
+  score_display: string;
 }
 /**
  * Represents a whitelist entry on an investigation.
  */
 export interface InvestigationWhitelist {
-  identifier: Identifier;
-  name: Name;
+  identifier: string;
+  name: string;
   justification?: Justification;
   [k: string]: unknown;
 }
@@ -133,18 +100,19 @@ export interface Observables {
  * through relationships.
  */
 export interface Observable {
-  type: Type;
-  value: Value;
-  internal: Internal;
-  whitelisted: Whitelisted1;
-  comment: Comment;
+  type: string;
+  value: string;
+  internal: boolean;
+  whitelisted: boolean;
+  comment: string;
   extra: Extra;
-  score: Score1;
+  score: number;
   level: Level;
   threat_intels: ThreatIntels;
   relationships: Relationships;
-  key: Key;
+  key: string;
   generated_by_checks: GeneratedByChecks;
+  score_display: string;
   [k: string]: unknown;
 }
 export interface Extra {
@@ -154,8 +122,8 @@ export interface Extra {
  * Represents a relationship between observables.
  */
 export interface Relationship {
-  target_key: TargetKey;
-  relationship_type: RelationshipType;
+  target_key: string;
+  relationship_type: string;
   direction: RelationshipDirection;
   [k: string]: unknown;
 }
@@ -172,16 +140,17 @@ export interface Checks {
  * and contributes to the overall investigation score.
  */
 export interface Check {
-  check_id: CheckId;
-  scope: Scope;
-  description: Description;
-  comment: Comment1;
+  check_id: string;
+  scope: string;
+  description: string;
+  comment: string;
   extra: Extra1;
-  score: Score2;
+  score: number;
   level: Level;
   observables: Observables1;
   score_policy?: CheckScorePolicy;
-  key: Key1;
+  key: string;
+  score_display: string;
   [k: string]: unknown;
 }
 export interface Extra1 {
@@ -206,14 +175,15 @@ export interface ThreatIntels1 {
  * like VirusTotal, URLScan.io, etc.
  */
 export interface ThreatIntel {
-  source: Source;
-  observable_key: ObservableKey;
-  comment: Comment2;
+  source: string;
+  observable_key: string;
+  comment: string;
   extra: Extra2;
-  score: Score3;
+  score: number;
   level: Level;
   taxonomies: Taxonomies;
-  key: Key2;
+  key: string;
+  score_display: string;
   [k: string]: unknown;
 }
 export interface Extra2 {
@@ -232,10 +202,10 @@ export interface Enrichments {
  * context but doesn't directly contribute to scoring.
  */
 export interface Enrichment {
-  name: Name1;
+  name: string;
   data: Data;
-  context: Context;
-  key: Key3;
+  context: string;
+  key: string;
   [k: string]: unknown;
 }
 export interface Data {
@@ -254,12 +224,12 @@ export interface Containers {
  * with aggregated scores and levels.
  */
 export interface Container {
-  path: Path;
-  description?: Description1;
+  path: string;
+  description?: string;
   checks: Checks1;
   sub_containers: SubContainers;
-  key: Key4;
-  aggregated_score: AggregatedScore;
+  key: string;
+  aggregated_score: number;
   aggregated_level: Level;
 }
 export interface SubContainers {
@@ -271,21 +241,21 @@ export interface SubContainers {
  * Mirrors the output of `InvestigationStats.get_summary()`.
  */
 export interface StatisticsSchema {
-  total_observables: TotalObservables;
-  internal_observables: InternalObservables;
-  external_observables: ExternalObservables;
-  whitelisted_observables: WhitelistedObservables;
+  total_observables: number;
+  internal_observables: number;
+  external_observables: number;
+  whitelisted_observables: number;
   observables_by_type?: ObservablesByType;
   observables_by_level?: ObservablesByLevel;
   observables_by_type_and_level?: ObservablesByTypeAndLevel;
-  total_checks: TotalChecks;
-  applied_checks: AppliedChecks;
+  total_checks: number;
+  applied_checks: number;
   checks_by_scope?: ChecksByScope;
   checks_by_level?: ChecksByLevel1;
-  total_threat_intel: TotalThreatIntel;
+  total_threat_intel: number;
   threat_intel_by_source?: ThreatIntelBySource;
   threat_intel_by_level?: ThreatIntelByLevel;
-  total_containers: TotalContainers;
+  total_containers: number;
 }
 export interface ObservablesByType {
   [k: string]: number;
@@ -314,8 +284,8 @@ export interface ThreatIntelByLevel {
  * Schema for check statistics summary.
  */
 export interface StatsChecksSchema {
-  checks: Checks2;
-  applied: Applied;
+  checks: number;
+  applied: number;
 }
 /**
  * Schema for data extraction metadata.