Skip to content

v4.0.1
Compare
Choose a tag to compare
@pyth0n1c pyth0n1c released this 07 May 02:00
· 490 commits to main since this release
v4.0.1
3505a8f
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Support for the upcoming Enterprise Security

  • Added support for an upcoming Enterprise Security, including the actions.correlationsearch.metadata field for version, date, and other relevant information.

Improved Validation and Performance

  • Upgraded to Pydantic2 for enhanced object validation of detections, stories, lookups, and other content.
  • Leveraged newer Pydantic field validation technology to introduce strongly typed content fields, eliminating string references.
  • Moved many checks from runtime to validation time, allowing for faster error detection (3 seconds instead of 1-2 hour wait for failure).
  • Implemented Atomic GUID validation and support for detection tests.
  • Added strict checks for risk and threat object configuration, including type, allowed fields, and mandatory victim definition.
  • Introduced notable and risk message validation during runtime when Enterprise Security triggers the detection.

Bug Fixes and Consistency Improvements

  • Resolved inconsistencies between file names and detection names through programmatic enforcement.
  • Fixed broken references to analytic stories and detections that were mistyped or no longer existed.
  • Ensured all detections create correct risk and threat objects, addressing previous bugs.
  • Removed backspace usage for new lines in the detection description, fixing rendering issues and eliminating the need for escape characters (\).

Code Cleanup and Optimization

  • Cleaned out old, duplicated code.
  • Significantly improved execution speed across all content workflows, including validation and build generation.

Developer Experience Enhancements

  • Upgraded to Python 3.12 for improved performance and compatibility.
  • Added an app template folder for customization of the app generated by contentctl init, allowing users to add their own images, dashboards, panels, etc.
  • Improved command line ergonomics and documentation for a better developer experience.

Miscellaneous Updates

  • Improved release notes generation for easier tracking of changes between versions.

These updates aim to enhance the overall functionality, performance, and user experience of Contentctl, while addressing bugs and inconsistencies present in previous versions.

Assets 2
Loading