* update
* Updated to pathlib
* Linting
* Add string cast where needed
* Add additional string conversion as needed
* Str conversions to support eql lib
* Attack typo
* Typo in test script
* Updated for more pathlib
* Linting
* Update to convert string to path object
* Fix typo
* update
* Updated to pathlib
* Linting
* Add string cast where needed
* Add additional string conversion as needed
* Str conversions to support eql lib
* Attack typo
* Typo in test script
* Updated for more pathlib
* Linting
* Update to convert string to path object
* initial patch
* Update definitions to allow for brackets in name
* Update to prompt for required fields.
* Update detection_rules/cli_utils.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* Adding support for elastic package version 3
* replaced OS with Pathlib where applicable
* added sub-dataclasses for V3
* fixed flake errors
* adjusted registry dataclasses to inherit base
* adding missing field strategy option to alert suppression
* fixed linting errors
* added validate methods for alertsuppression dataclass
* fixed linting errors
* replaced old variable with new variable
* removing test rule
* adding post_load to queryruledata
* changed post_load to validates_schema
* updated unit testing for alert suppression
* fixed linting errors
* changed validates method name to validates_exceptions
* removed min compat for fields
* prepping for 8.11 branch
* fixed lint errors
* added 8.11 to stack schema map
* trimmed version lock file; adjusted new terms validation
* reverting changes to version lock, stack schema and workflow
* bug fix for tag navigator generation
* addressing flake errors
* added unit test to ensure prefix exists
* updated unit test case sensitivity
* moved expected tags to definitions.py
* removed expected prefixes
* revert downloadable updates JSON file
* adding preparations for 8.8 release
* addressed flake single new line error
* froze and updated API schemas
* updated get_intregration_manifests
* adjusted boolean in find_latest_integration_version
* removed custom semver and replaced with pypi
* updated beats.py version references
* updated bump-versions CLI command to use semver and change logic
* updated schemas __init__, test_version_lock and unstage incompatible rules CLI
* updated test_stack_schema_map in TestVersions unittest
* updated test_all_rules unit testing Version() references
* updated stack_compat.py for get_restricted_field references)
* updated version_lock.py Version() references
* updated docs.py Version() reference for parse_registry
* updated devtools.py Version() reference for trim-version-lock
* updated mixins.py Version() reference in validate_field_compatibility
* adjusted schemas.__init__ Version() reference in get_stack_schemas
* adjusted ecs.py Version() references
* adjusted integrations.py Version() references
* adjusted rule.py Version() references
* sorted imports
* replaced custom semver with pypi semver in unit test files
* addressed unit test and flake errors
* changed semver strings casted to version_lock.py
* fixed sorting in integrations.py
* updated bump-pkgs-versions CLI command
* adjusted semantic version in unstage-incompatible-rules command
* adjusted semver import to VersionInfo
* added semver 3 and adjusted import names
* added option_minor_and_patch parameter where version is major.minor
* updated bump-pkg-versions to always save to packages.yml
* removed leftover split call & updated find latest compatible version command
* updated integrations.py, version_lock.py and schemas.__init__.py
* changed fstring reference in downgrade function
* reverted formatting changes for detection_rules __init__.py
* added newline to detection_rules __init__.py
* adjusted finding latest_release for attack package logic
* adjusted unstage-incompatible-rules command logic comparing versions
* removing changes from misc.py related to auto-formatting
* adding newline to misc.py
* fixed bug in downgrade function calling decorators
* added semantic version validation on migrate decorator function
* added expected type returned from find_latest_integration_version in integrations.py
* add comment about stripped versions for version lock file
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
---------
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* adding support new_terms_fields and window_start_history
* adjusted rule.py to address flake errors
* added assertion error if history_window_start does not exist
* removed sample rule
* removed self.rule_id from DataValidator
* added new_terms to RuleType
* changed new terms to its own class in rule.py
* removed nonexisting function call in DataValidator class
* adjusted new_terms field value in dataclass
* changed literal type for history_window_start; view-rule working
* removing test TOML rule
* addressed flake errors for missing newlines
* added validation option and adjusted object referencing
* adjusted validation method call in post_validation
* addressed flake errors for multiple spaces
* added transform method to NewTermsRuleData class
* added validation for min stack version and new terms array length restraints
* added validation for unique new terms array
* Update detection_rules/rule.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* removed historywindowstart definition and adjusted subclass
* removed test rule from commit
* adjusted if/else for data transform method check
* adjusted stack-schema-map; validation method name
* Update detection_rules/rule.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* added assertion for history_window_start field value
* added variables for feature min stack and extended field min stack
* Update detection_rules/rule.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* Update detection_rules/rule.py
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
* addressed flake errors for continuation line with same indent
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
Jonhnathan