to enable ACS deployment.
reduce non-blocking warnings
thrown by appinspect api by
updating some automatically
generated app files.

to default.meta

in contentctl.py.
Print out what is returned from
ACS, even on success.

… that was accidentally dropped. set extra='forbid' for SecurityContentObject

… should not be in the yml

string from drilldown

to automatically create
drilldowns. We will
likely remove this, but let's
keep it now for purposes
of discussion.

in the risk index, create the detection type
as a list of 1 element, the type of the detection

contentctl v4.4.0

updated the jinja2 template.
escapeNewlines() was ONLY
being applied to the
detection.description before,
but it MUST be applied to
the explanation as well. This
bug was confirmed by generating
some conf files with description
and/or explanations, with spaces,
defined.
Now, whichever value is used to
populate that field is properly
escaped.

Ryanplasma add explanation

Add type_list to annotations

…e detection. Also remove the list of datasource from new_content_questions and instead use the datasource defined in enums and convert them to a list

Fix datasource in contentctl new

These values must be supplied explicitly.

the drilldowns and generating
defaults

we can support and arbitrary number of them

Format of multiple drilldowns in
savedsearches.conf is now correct.
We are still populating the default
drilldowns, this feature will
eventually be removed.

…validators

needs one should have the appropriate
default drilldown.

…ying to convert it into an integrationtest or manualtest.

content that has already been committed
to the current branch AND there are local,
uncommitted changes to that content,
GitService will pick up BOTH the fact that
this is new content AND the fact that it has been
modified. This will result in double-testing
the content. This commit removes that as
a possibility by adding content to be tested
to a SET instead of appending it to a LIST,
which couild have included duplicates.

Updates the requirements on [xmltodict](https://github.com/martinblech/xmltodict) to permit the latest version.
- [Changelog](https://github.com/martinblech/xmltodict/blob/master/CHANGELOG.md)
- [Commits](martinblech/xmltodict@v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: xmltodict
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

we can get this feature working
now.  Eventually the more
robust changes will be merged
from a separate branch

detection. Throw an error when four
or more ```` appear in a row in the
search field, which is invalid SPL.

modify: configure_hec to use get_all_indexes during HEC creation

Optionally suppress missing detections during metadata validation

…-and-lt-0.15

Update xmltodict requirement from ^0.13.0 to >=0.13,<0.15

…ests

Exception on malformatted unit tests in YMLs

…_deprecated_pydantic_validators

Refactoring for formatting and some logical error correction

…validators

…d_pydantic_validators

Mathieugonzales: replace deprecated pydantic validators

I am giving my approval after Casey's feedback was merged in from the branch containing a set of fixes.

…tentctl into add_drilldown_support

Drilldown Support

Merging to enable testing before the security_content PR containing all drilldowns is merged.

Allow testing with the default or custom_index

…ndexes function

…a custom_index that does not exist on the target server. list out the attempted index and all indexes on the server for documentation purposes.

for contentctl

Add more custom indexes

ESCU smoketests are failing because the Drilldowns PR has not been merged yet. This is expected.

add --compare_against flag to release_notes action

enum

search by name. Without
fixing this path, integration
testing fails to find the search
and errors out.

…ved search for scheduling to run during integtration testing. This bad path causes every integration test to fail.

committing. see
previous commit message.

Fix savedsearches path issue

remove "cloud" from the security_domain enum

just bumping version for release