Prepare for 3.47.0 (#1165)

* Remove API flags for CI Checks (#1159) * Remove API flags for CI Checks * Remove validate Workflow; move validation to upload Workflow * chore: remove outdated license text (#1160) * Bump PDH version and Pipfile.lock (#1161) * custom enrichment LUT for TrailDiscover (#1162) * Add detection for multiple emails for gitlab password reset (#1157) * Add detection for multiple emails for gitlab password reset * Update gitlab_audit_password_reset_multiple_emails.py * Update rules/gitlab_rules/gitlab_audit_password_reset_multiple_emails.yml * Update rules/gitlab_rules/gitlab_audit_password_reset_multiple_emails.yml * Update rules/gitlab_rules/gitlab_production_password_reset_multiple_emails.yml * Update rules/gitlab_rules/gitlab_production_password_reset_multiple_emails.yml --------- Co-authored-by: Ariel Ropek <[email protected]> * Update PAT to 0.44.0 (#1163) * add prettier formatter (#1153) --------- Co-authored-by: Lucy Suddenly <[email protected]> Co-authored-by: Grant Joy <[email protected]> Co-authored-by: Ariel Ropek <[email protected]> Co-authored-by: Oleh Melenevskyi <[email protected]> Co-authored-by: Panos Sakkos <[email protected]>
panther-labs · Mar 26, 2024 · b84e2c5 · b84e2c5
1 parent 5fb9be9
commit b84e2c5
Show file tree

Hide file tree

Showing 19 changed files with 572 additions and 97 deletions.
diff --git a/.github/workflows/check-packs.yml b/.github/workflows/check-packs.yml
@@ -1,19 +1,3 @@
-# Panther is a Cloud-Native SIEM for the Modern Security Team.
-# Copyright (C) 2023 Panther Labs Inc
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
 on: 
   pull_request:
 

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -1,19 +1,3 @@
-# Panther is a Cloud-Native SIEM for the Modern Security Team.
-# Copyright (C) 2020 Panther Labs Inc
-#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU Affero General Public License as
-# published by the Free Software Foundation, either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU Affero General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program.  If not, see <https://www.gnu.org/licenses/>.
-
 on: 
   pull_request:
 

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -11,7 +11,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set python version  
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.9'
 
@@ -26,4 +26,4 @@ jobs:
 
       - name: test
         run: |
-          pipenv run panther_analysis_tool test --api-host ${{ secrets.API_HOST }} --api-token ${{ secrets.API_TOKEN }}
+          pipenv run panther_analysis_tool test
diff --git a/.github/workflows/upload.yml b/.github/workflows/upload.yml
@@ -33,7 +33,11 @@ jobs:
 
       - name: Setup venv
         run: make venv
+
+      - name: validate
+        run: |
+          pipenv run panther_analysis_tool validate --api-host ${{ env.API_HOST }} --api-token ${{ env.API_TOKEN }}
 
       - name: upload
         run: |
-            pipenv run panther_analysis_tool upload --api-host ${{ env.API_HOST }} --api-token ${{ env.API_TOKEN }}
+          pipenv run panther_analysis_tool upload --api-host ${{ env.API_HOST }} --api-token ${{ env.API_TOKEN }}
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
diff --git a/.gitignore b/.gitignore
@@ -45,6 +45,9 @@ MANIFEST
 pip-log.txt
 pip-delete-this-directory.txt
 
+# Node modules
+node_modules/
+
 # Unit test / coverage reports
 htmlcov/
 .tox/

diff --git a/Dockerfile b/Dockerfile
@@ -10,6 +10,8 @@ RUN apk update \
         bzip2-dev \
         git \
         libffi-dev \
+        nodejs \
+        npm \
         openssl-dev \
         readline-dev \
         sqlite-dev \

diff --git a/Makefile b/Makefile
@@ -51,9 +51,12 @@ pat-update:
 fmt:
 	pipenv run isort --profile=black $(dirs)
 	pipenv run black --line-length=100 $(dirs)
+	npx prettier . --write
 
 install:
 	pipenv sync --dev
+	# install prettier for formatting YAML and Markdown files
+	npm install
 
 test: global-helpers-unit-test
 	pipenv run panther_analysis_tool test $(TEST_ARGS)

diff --git a/Pipfile b/Pipfile
@@ -19,8 +19,8 @@ wrapt = "~=1.15"
 [packages]
 policyuniverse = "==1.5.1.20230817"
 requests = "==2.31.0"
-panther-analysis-tool = "~=0.43"
-panther-detection-helpers = "==0.2.0"
+panther-analysis-tool = "~=0.44"
+panther-detection-helpers = "==0.3.0"
 
 [requires]
 python_version = "3.9"
diff --git a/Pipfile.lock b/Pipfile.lock