Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update min-version required #335

Closed
wants to merge 1 commit into from
Closed

update min-version required #335

wants to merge 1 commit into from

Conversation

inashivb
Copy link
Member

Jason, who are the consumers of min-version keys? https://github.com/OISF/suricata-intel-index/blob/master/index.yaml#L59
Do we always know that these external sources do support the said min-versions even now?

@jasonish
Copy link
Member

Jason, who are the consumers of min-version keys? https://github.com/OISF/suricata-intel-index/blob/master/index.yaml#L59

Suricata-Update, and if its not looking at it, that was the idea. So if a ruleset had a min-version of 7, but you were running 6 it wouldn't be presented as an option to enable.

@jasonish
Copy link
Member

Do we always know that these external sources do support the said min-versions even now?

We have no idea.

@jasonish
Copy link
Member

Found this ticket https://redmine.openinfosecfoundation.org/issues/4930, I wonder if we should do that at some point as well?

@inashivb
Copy link
Member Author

Found this ticket https://redmine.openinfosecfoundation.org/issues/4930, I wonder if we should do that at some point as well?

Indeed.
Q: Would you rather see this ticket done than this patch?
Request: Could you please comment on the ticket what should be the default version? For example, in https://github.com/OISF/suricata-intel-index/blob/master/index.yaml#L232, recommended or 6.0?

@jasonish
Copy link
Member

Found this ticket https://redmine.openinfosecfoundation.org/issues/4930, I wonder if we should do that at some point as well?

Indeed. Q: Would you rather see this ticket done than this patch? Request: Could you please comment on the ticket what should be the default version? For example, in https://github.com/OISF/suricata-intel-index/blob/master/index.yaml#L232, recommended or 6.0?

No. We're talking about a change every few years, I think its fine in code.

I'm just trying to decide whether we drop this in 1.3.x, or a new 1.4. I'm thinking of dropping it in 1.3.x.

@victorjulien
Copy link
Member

Are there risks to existing users?

@jasonish
Copy link
Member

Are there risks to existing users?

Only to users who are running Suricata-Update unbundled from Suricata, on a system with no Suricata in their PATH and are expecting to get 4.0.0 rules. So potentially.

@victorjulien
Copy link
Member

Are there risks to existing users?

Only to users who are running Suricata-Update unbundled from Suricata, on a system with no Suricata in their PATH and are expecting to get 4.0.0 rules. So potentially.

Seems low enough risk to me, so lets merge this.

This was referenced Feb 15, 2024
Closed
Merged
@jasonish
Copy link
Member

Merged via #339. Thanks!

@jasonish jasonish closed this Feb 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jufajardini jufajardini jufajardini left review comments

@jasonish jasonish jasonish approved these changes

@victorjulien victorjulien victorjulien approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@inashivb @jasonish @victorjulien @jufajardini