From 49c9c283e635eae0b2fb712335a21d923256ad1d Mon Sep 17 00:00:00 2001 From: "Mika Ayenson, PhD" Date: Mon, 16 Mar 2026 17:04:56 -0500 Subject: [PATCH] [FR] Reset deprecated lock to the latest state during lock (#5827) --- detection_rules/etc/lock-multiple.sh | 15 +++++++++++++-- pyproject.toml | 2 +- 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/detection_rules/etc/lock-multiple.sh b/detection_rules/etc/lock-multiple.sh index 5d418b626..20dbe6a71 100755 --- a/detection_rules/etc/lock-multiple.sh +++ b/detection_rules/etc/lock-multiple.sh @@ -4,13 +4,24 @@ set -e CURRENT_BRANCH=$(git rev-parse --abbrev-ref HEAD) -# switch to -for BRANCH in $(echo $@ | sed "s/,/ /g") +BRANCHES=($(echo "$@" | sed "s/,/ /g" | tr ' ' '\n' | sort -V)) +LAST_INDEX=$((${#BRANCHES[@]} - 1)) + +for i in "${!BRANCHES[@]}" do + BRANCH=${BRANCHES[$i]} echo $BRANCH git checkout $BRANCH git pull python -m detection_rules dev build-release --update-version-lock + + # Reset deprecated_rules.json after all branches except the last to prevent + # branch-specific deprecations from leaking across checkouts (e.g. D4C rules + # deprecated on 8.19 but active on 9.3+). The last branch is closest to main + # and carries the correct deprecation state forward. + if [ $i -lt $LAST_INDEX ]; then + git checkout -- detection_rules/etc/deprecated_rules.json + fi done git checkout ${CURRENT_BRANCH} diff --git a/pyproject.toml b/pyproject.toml index f2c47dd2c..608cd9e38 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "detection_rules" -version = "1.6.1" +version = "1.6.2" description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine." readme = "README.md" requires-python = ">=3.12"