Threat Intelligence Standard + Extended: OpenAPI specs, interactive reference, Postman

[ejntaylor]

Summary

• Brings the Standard and Extended tiers up to the same doc pattern as the Beta (Npm Dataset) tier landed in Threat Intelligence Beta: OpenAPI spec, interactive reference, Postman #22: hand-authored OpenAPI 3.1 specs drive an interactive reference, and deterministic Postman collections are generated at build time.
• Guide pages slimmed to narrative content (auth, rate limits, errors, curl samples, tier-specific concepts); shared Postman / LLM / SDK tooling content is consolidated into a single section on the Overview so all three Guides link to one source of truth.
• Sidebar nests each tier as Guide + Reference via per-schema createOpenAPISidebarGroup() placeholders. Removes a CSS rule that deliberately de-emphasised badged sidebar group labels — it made Beta look lighter than its Standard/Extended peers after this restructure.

New files

• public/schemas/threat-intel-standard.yaml — OpenAPI 3.1, 2 operations (/product/{type}/{name}/{version}, /.../exists)
• public/schemas/threat-intel-extended.yaml — OpenAPI 3.1, 5 operations (/latest, /product/..., /.../exists, /batch, /vulnerability/{id})
• Generated Postman collections for both

Changed

• astro.config.mjs — three OpenAPI schemas registered, sidebar reworked
• overview.md — comparison table removed; three tier pointer blocks + consolidated tooling section
• standard.md, extended.md — slimmed to tier-specific content
• beta.md — shared tooling section removed, links to Overview
• src/styles/custom.css — dropped the sidebar badge de-emphasis rule

Needs QA / API-team review

• Spec accuracy. The Standard and Extended YAMLs were hand-authored from the existing markdown. Fields, error codes, and response shapes should be sanity-checked against the live v2 API before partners start importing the spec as truth.
• Visual walk of the sidebar + reference pages. Especially the new Reference operation pages under /api-reference/threat-intelligence-standard/ and /api-reference/threat-intelligence-extended/.

Test plan

• npm run build succeeds
• Sidebar renders Overview → Standard API (Guide + Reference) → Extended API (Guide + Reference) → NPM standard API [Beta] (Guide + Reference) → API properties
• All three tier group labels render at the same visual weight
• Each Reference operation page renders parameters, request bodies, response schemas, and examples
• Postman collection import works (drag threat-intel-standard.postman_collection.json and threat-intel-extended.postman_collection.json into Postman, set PSKey, run a request)
• Generated Postman JSONs are byte-identical across consecutive builds (verified locally, worth one more confirmation post-merge)
• Inbound deep links to #find-vulnerability etc. will now land on the page but not a section anchor — confirm acceptable
• API team signs off on spec accuracy for Standard and Extended

🤖 Generated with Claude Code

[netlify]

✅ Deploy Preview for deluxe-meerkat-8daf24 ready!

Name	Link
🔨 Latest commit	54c44d4
🔍 Latest deploy log	https://app.netlify.com/projects/deluxe-meerkat-8daf24/deploys/69ea0009d135f40007736e11
😎 Deploy Preview	https://deploy-preview-27--deluxe-meerkat-8daf24.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[mariojgt]

@ejntaylor LGTM - one minor improvement is that the .json collection could open on another page, also, this may be a rabbit hole, but we could have a .txt version of all the pages, I see lots of companies doing that now for LLMs.