From a332886aaf1adb69c8c1ce8c91dc38992c7742d6 Mon Sep 17 00:00:00 2001
From: Sean Sica <23294618+seansica@users.noreply.github.com>
Date: Fri, 8 May 2026 16:15:26 -0400
Subject: [PATCH] fix(analytics): validate no duplicate mutable elements

---
 src/schemas/sdo/analytic.schema.ts | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/src/schemas/sdo/analytic.schema.ts b/src/schemas/sdo/analytic.schema.ts
index af829c24..3afad123 100644
--- a/src/schemas/sdo/analytic.schema.ts
+++ b/src/schemas/sdo/analytic.schema.ts
@@ -90,10 +90,22 @@ export type MutableElement = z.infer<typeof xMitreMutableElementSchema>;
 //
 //==============================================================================
 
-export const xMitreMutableElementsSchema = z.array(xMitreMutableElementSchema).min(1).meta({
-  description:
-    'Environment-specific tuning knobs like TimeWindow, UserContext, or PortRange, so defenders can adapt without changing core behavior.',
-});
+export const xMitreMutableElementsSchema = z
+  .array(xMitreMutableElementSchema)
+  .min(1)
+  .check((ctx) => {
+    // Validate no duplicate mutable elements using composite key validation
+    // Each (field, description) tuple must be unique
+    validateNoDuplicates(
+      [],
+      ['field', 'description'],
+      'Duplicate mutable element found: each (field, description) tuple must be unique',
+    )(ctx);
+  })
+  .meta({
+    description:
+      'Environment-specific tuning knobs like TimeWindow, UserContext, or PortRange, so defenders can adapt without changing core behavior.',
+  });
 
 export type MutableElements = z.infer<typeof xMitreMutableElementsSchema>;