* first pass
* Adding a dedicated code checking workflow
* Type fixes
* linting config and python version bump
* Type hints
* Drop incorrect config option
* More fixes
* Style fixes
* CI adjustments
* Pyproject fixes
* CI & pyproject fixes
* Proper version bump
* Tests formatting
* Resolve cirtular dependency
* Test fixes
* Make sure the tests are formatted correctly
* Check tweaks
* Bumping python version in CI images
* Pin marshmallow do 3.x because 4.x is not supported
* License fix
* Convert path to str
* Making myself a codeowner
* Missing kwargs param
* Adding a missing kwargs to `set_score`
* Update .github/CODEOWNERS
Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>
* Dropping unnecessary raise
* Dropping skipped test
* Drop unnecessary var
* Drop unused commented-out func
* Disable typehinting for the whole func
* Update linting command
* Invalid type hist on the input param
* Incorrect field type
* Incorrect value used fix
* Stricter values check
* Simpler function call
* Type condition fix
* TOML formatter fix
* Simpligy output conditions
* Formatting
* Use proper types instead of aliases
* MITRE attack fixes
* Using pathlib.Path for an argument
* Use proper method to update a set from a dict
* First round of `ruff` fixes
* More fixes
* More fixes
* Hack against cyclic dependency
* Ignore `PLC0415`
* Remove unused markers
* Cleanup
* Fixing the incorrect condition
* Update .github/CODEOWNERS
Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>
* Set explicit default values for optional fields
* Update the guidelines
* Adding None Defaults
---------
Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>
* chore: use `docs-dev` instead of `docs` folder
* patch version bump
* Rollback an incorrect rename
* Use exact docs dir in the helper comment
* Revert some overeager renamings
* Moving `docs` to `docs-dev`
* Update Docs Paths
---------
Co-authored-by: eric-forte-elastic <eric.forte@elastic.co>
* Delete RTAs
* Delete RTA-related orchestration code
* Drop RTAs from tests
* Remove RTAs from README
* Further cleanup
* Readme update
* Version bump and no more RTAs
* Styling fixes
* Drop RTAs from config files
* Drop `rule-mapping.yaml`
* Bring back event collector / normalizer
* Drop rta mention
* Cleanup rta leftovers
* Style fix
---------
Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>
* removed historical argument; added setup string; fixed links
* fixing flake errors
* added types for command arguments
* adjusted get_release_diff to append strings for release tags
* set fetch-depth to 0 for integrations checkout in workflow
* changed the name of the workflow
* removed TODOs
* adjusted release docs workflow to remove prefix for release tags
* adjusted URL replacement only if pointed to docs site
* added elastic website to regex pattern
* add docstrings; adjusted regex; add note for stopgap
* added a note about the regex pattern for elastic URLs
* removed custom semver and replaced with pypi
* updated beats.py version references
* updated bump-versions CLI command to use semver and change logic
* updated schemas __init__, test_version_lock and unstage incompatible rules CLI
* updated test_stack_schema_map in TestVersions unittest
* updated test_all_rules unit testing Version() references
* updated stack_compat.py for get_restricted_field references)
* updated version_lock.py Version() references
* updated docs.py Version() reference for parse_registry
* updated devtools.py Version() reference for trim-version-lock
* updated mixins.py Version() reference in validate_field_compatibility
* adjusted schemas.__init__ Version() reference in get_stack_schemas
* adjusted ecs.py Version() references
* adjusted integrations.py Version() references
* adjusted rule.py Version() references
* sorted imports
* replaced custom semver with pypi semver in unit test files
* addressed unit test and flake errors
* changed semver strings casted to version_lock.py
* fixed sorting in integrations.py
* updated bump-pkgs-versions CLI command
* adjusted semantic version in unstage-incompatible-rules command
* adjusted semver import to VersionInfo
* added semver 3 and adjusted import names
* added option_minor_and_patch parameter where version is major.minor
* updated bump-pkg-versions to always save to packages.yml
* removed leftover split call & updated find latest compatible version command
* updated integrations.py, version_lock.py and schemas.__init__.py
* changed fstring reference in downgrade function
* reverted formatting changes for detection_rules __init__.py
* added newline to detection_rules __init__.py
* adjusted finding latest_release for attack package logic
* adjusted unstage-incompatible-rules command logic comparing versions
* removing changes from misc.py related to auto-formatting
* adding newline to misc.py
* fixed bug in downgrade function calling decorators
* added semantic version validation on migrate decorator function
* added expected type returned from find_latest_integration_version in integrations.py
* add comment about stripped versions for version lock file
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* Generate attack layer files and build with package
* add update-navigator-gists command
* add workflow to update navigator gists on pushes to main
* Add coverage readme
* fix keys for links
* update navigator layer names
* purge gist files prior to update; add badge
* Update how the navigator links are displayed
* moved navigator code to dedicated and refactored to dataclasses
* convert gist links to permalink versions
* alphabetize; catch 404 for gist update
* Add DeprecatedCollection to RuleCollection to bypass validation
* use DeprecatedRule properties in RuleCollection
* use RuleCollection filter for max/min filtering in Package
* WIP: Convert Rule to a dataclass
* Fix make release
* Lint fixes
* Remove dead code
* Fix lint and tests
* Use Python 3.8 in GitHub actions
* Update README to 3.8+
* Add Python 3.8 assertion
* Fix is_dirty property
* Remove incorrect pop from contents
* Add mixin with from_dict() and to_dict() methods
* Bypass validation for deprecated rules
* Fix rule_prompt
* Fix dict_hash usage
* Fix rule_event_search
* Switch to definitions.Date
* Fix toml-lint command, ignoring 'unneeded defaults'
* Moved severity Literal to definitions.Severity
* Remove BaseMarshmallowDataclass
* Fix lint and tests
* Add maturity to metadata for rule prompt loop
* Fix typo in devtools
* Use rule loader to load single rule in toml-lint
* Add Schema hint to __schema method
* Add MITREAttackURL definition
* Fix is_dirty to compare sha<-->sha
* Normalize the autoformatted rule output for API and toml-lint
* Make the package hash match
* Make the rule object mutable but not rule contents
* Restore the rules
* replaced/removed all revoked/deprecated techniques
* tests will fail on revoked (changed) techniques
* tests will fail on deprecated techniques
* tests will fail when techniques are mapped to an invalid tactic
Eric Forte