security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

Pin dependencies (#5086)

Browse Source 
Co-authored-by: Shashank K S <Shashank.Suryanarayana@elastic.co>
This commit is contained in:
elastic-renovate-prod[bot]
2025-09-12 22:46:24 +05:30
committed by GitHub
parent 1dedea798a
commit 39b6f19eb9
14 changed files with 42 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/add-guidelines.yml
+3 -3
View File
@@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
- name: Set environment variable for early exit control
id: check_label
@@ -47,14 +47,14 @@ jobs:
- name: Fail if no relevant labels are found
if: env.GUIDELINES_FILE == ''
uses: actions/github-script@v7
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7
with:
script: |
core.setFailed('No appropriate GitHub label found in the PR. Failing the job.')
- name: Add Guidelines Comment
if: env.CONTINUE_JOB == 'true' && (github.event.action == 'opened' || github.event.action == 'labeled')
uses: mshick/add-pr-comment@v2
uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2
with:
message-path: ${{ env.GUIDELINES_FILE }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
.github/workflows/backport.yml
+5 -5
View File
@@ -21,7 +21,7 @@ jobs:
github.event.pull_request.state == 'open' && !github.event.pull_request.draft
steps:
- name: 'Apply default "backport: auto" label'
uses: actions/github-script@v4
uses: actions/github-script@10b53a9ec6c222bb4ce97aa6bd2b5f739696b536 # v4
if: |
!contains(github.event.pull_request.labels.*.name, 'backport: auto') &&
!contains(github.event.pull_request.labels.*.name, 'backport: skip')
@@ -34,7 +34,7 @@ jobs:
labels: ['backport: auto']
})
- name: 'Remove "backport: auto" if "backport: skip" is set'
uses: actions/github-script@v4
uses: actions/github-script@10b53a9ec6c222bb4ce97aa6bd2b5f739696b536 # v4
if: |
contains(github.event.pull_request.labels.*.name, 'backport: auto') &&
contains(github.event.pull_request.labels.*.name, 'backport: skip')
@@ -65,7 +65,7 @@ jobs:
steps:
- name: Checkout repo
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
ref: main
@@ -91,7 +91,7 @@ jobs:
git reset --soft HEAD^
- name: Setup Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -159,7 +159,7 @@ jobs:
git push
- name: "Notify slack on failure"
uses: craftech-io/slack-action@v1
uses: craftech-io/slack-action@fb1d4e50375d7758efb90fa0564734bae931f84f # v1
with:
slack_webhook_url: ${{ secrets.EXTERNAL_SLACK_DETECTION_RULES_URL }}
status: failure
.github/workflows/branch-status-checks.yml
+2 -2
View File
@@ -18,14 +18,14 @@ jobs:
steps:
- name: Get Backport Status
id: get_backport_status
uses: fjogeleit/http-request-action@v1
uses: fjogeleit/http-request-action@bf78da14118941f7e940279dd58f67e863cbeff6 # v1
with:
url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}"
method: 'GET'
bearerToken: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
- name: Check Backport Status
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
script: |
const workflow_status = ${{ toJSON(fromJSON(steps.get_backport_status.outputs.response).workflow_runs[0].status) }}
.github/workflows/code-checks.yml
+2 -2
View File
@@ -17,12 +17,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 1
- name: Set up Python 3.13
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.13'
.github/workflows/community.yml
+2 -2
View File
@@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check if member of elastic org
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
id: membership
with:
github-token: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
@@ -40,7 +40,7 @@ jobs:
- name: Add label for community members
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
if: ${{ steps.membership.outputs.result == 'notMember' }}
with:
script: |
.github/workflows/get-target-branches.yml
+2 -2
View File
@@ -14,10 +14,10 @@ jobs:
outputs:
matrix: ${{ steps.get-branch-list.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
.github/workflows/kibana-mitre-update.yml
+1 -1
View File
@@ -14,7 +14,7 @@ jobs:
KIBANA_ISSUE_NUMBER: 166152 # Define the Kibana issue number as a variable
steps:
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
- name: Get MITRE Attack changed files
id: changed-attack-files
.github/workflows/lock-versions.yml
+5 -5
View File
@@ -14,7 +14,7 @@ jobs:
steps:
- name: Validate the source branch
uses: actions/github-script@v3
uses: actions/github-script@ffc2c79a5b2490bd33e0a41c1de74b877714d736 # v3
with:
script: |
if ('refs/heads/main' !== '${{github.event.ref}}') {
@@ -22,12 +22,12 @@ jobs:
}
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 0
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -62,7 +62,7 @@ jobs:
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@v3
uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3
with:
assignees: '${{github.actor}}'
delete-branch: true
@@ -78,7 +78,7 @@ jobs:
labels: "backport: auto"
- name: Archive production artifacts
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: release-files
path: |
.github/workflows/manual-backport.yml
+3 -3
View File
@@ -19,7 +19,7 @@ jobs:
steps:
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
fetch-depth: 0
@@ -46,7 +46,7 @@ jobs:
git reset --soft HEAD^
- name: Setup Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -79,7 +79,7 @@ jobs:
./detection_rules/etc/commit-and-push.sh $TARGET_BRANCH $COMMIT_SHA
- name: "Notify slack on failure"
uses: craftech-io/slack-action@v1
uses: craftech-io/slack-action@fb1d4e50375d7758efb90fa0564734bae931f84f # v1
with:
slack_webhook_url: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }}
status: failure
.github/workflows/pythonpackage.yml
+3 -3
View File
@@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 1
@@ -21,7 +21,7 @@ jobs:
git fetch origin main:refs/remotes/origin/main
- name: Set up Python 3.13
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.13'
@@ -48,7 +48,7 @@ jobs:
python -m detection_rules dev build-release $GENERATE_NAVIGATOR_FILES
- name: Archive production artifacts for branch builds
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
if: |
github.event_name == 'push'
with:
.github/workflows/release-docs.yml
+3 -3
View File
@@ -23,13 +23,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
path: detection-rules
fetch-depth: 0
- name: Checkout elastic/security-docs
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_SECURITY_DOCS_DETECTION_RULES_TOKEN }}
repository: "elastic/security-docs"
@@ -38,7 +38,7 @@ jobs:
ref: ${{ github.event.inputs.target_branch }}
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
.github/workflows/release-fleet.yml
+6 -6
View File
@@ -39,14 +39,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Validate the source branch
uses: actions/github-script@v3
uses: actions/github-script@ffc2c79a5b2490bd33e0a41c1de74b877714d736 # v3
with:
script: |
if ('refs/heads/main' === '${{github.ref}}') {
core.setFailed('Forbidden branch')
}
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
path: detection-rules
fetch-depth: 0
@@ -66,7 +66,7 @@ jobs:
git checkout $COMMIT_HASH
- name: Checkout elastic/integrations
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}
repository: ${{github.event.inputs.target_repo}}
@@ -74,7 +74,7 @@ jobs:
fetch-depth: 0
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -123,7 +123,7 @@ jobs:
git config --global user.name "tradebot-elastic"
- name: Setup go
uses: actions/setup-go@v3
uses: actions/setup-go@be3c94b385c4f180051c996d336f57a34c397495 # v3
with:
go-version: '^1.20.1'
check-latest: true
@@ -149,7 +149,7 @@ jobs:
$DRAFT_ARGS
- name: Archive production artifacts
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: release-files
path: |
.github/workflows/version-code-and-release.yml
+3 -3
View File
@@ -27,7 +27,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Ensure PR has Version Bump Label
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
@@ -44,7 +44,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 0
@@ -75,7 +75,7 @@ jobs:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 0
pyproject.toml
+2 -2
View File
@@ -1,6 +1,6 @@
[project]
name = "detection_rules"
version = "1.4.0"
version = "1.4.1"
description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Securitys Detection Engine."
readme = "README.md"
requires-python = ">=3.12"
@@ -38,7 +38,7 @@ dependencies = [
"typing-inspect==0.9.0",
"typing-extensions>=4.12",
"XlsxWriter~=3.2.0",
"semver==3.0.2",
"semver==3.0.4",
"PyGithub==2.2.0",
"detection-rules-kql @ git+https://github.com/elastic/detection-rules.git#subdirectory=lib/kql",
"detection-rules-kibana @ git+https://github.com/elastic/detection-rules.git#subdirectory=lib/kibana",