Modify Unit Test to Support Alert Suppression for EQL Sequences (#4457)

2025-02-14 00:14:28 +05:30
parent 5155f47b86
commit aded9deb79
2 changed files with 4 additions and 3 deletions
@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "0.4.10"
+version = "0.4.11"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"
@@ -1449,8 +1449,9 @@ class TestAlertSuppression(BaseRuleTest):
                        self.fail(f"{self.rule_str(rule)} alert suppression field {fld} not \
                            found in ECS, Beats, or non-ecs schemas")

-    @unittest.skipIf(PACKAGE_STACK_VERSION < Version.parse("8.14.0"),
-                     "Test only applicable to 8.14+ stacks for eql non-sequence rule alert suppression feature.")
+    @unittest.skipIf(PACKAGE_STACK_VERSION < Version.parse("8.14.0") or  # noqa: W504
+                     PACKAGE_STACK_VERSION >= Version.parse("8.18.0"),  # noqa: W504
+                     "Test is applicable to 8.14 --> 8.17 stacks for eql non-sequence rule alert suppression feature.")
    def test_eql_non_sequence_support_only(self):
        for rule in self.all_rules:
            if (