Skip to content

remove old supported modules from incident type#43841

Merged
jbabazadeh merged 23 commits intomasterfrom
cleanup-invalid-license-incidentType
Apr 23, 2026
Merged

remove old supported modules from incident type#43841
jbabazadeh merged 23 commits intomasterfrom
cleanup-invalid-license-incidentType

Conversation

@Shir2611
Copy link
Copy Markdown
Contributor

@Shir2611 Shir2611 commented Apr 13, 2026

Contributing to Cortex XSOAR Content

Make sure to register your contribution by filling the contribution registration form

The Pull Request will be reviewed only after the contribution registration form is filled.

Status

  • In Progress
  • Ready
  • In Hold - (Reason for hold)

Related Issues

fixes: CIAC-15886

Description

remove old supported modules from classifiers
the old supported modules
cloud_posture
cloud
cloud_runtime_security
edr
xsoar
asm
tim
cloud_appsec
exposure_management

MATCH (c:IncidentType) WHERE ANY( m IN c.supportedModules WHERE m IN ["cloud_posture", "cloud", "cloud_runtime_security", "edr", "xsoar", "asm", "tim", "cloud_appsec", "exposure_management"] ) RETURN c.name AS classifier_name, c.supportedModules AS supported_modules ORDER BY c.name

Must have

  • Tests
  • Documentation

@Shir2611 Shir2611 requested a review from BEAdi April 13, 2026 11:51
@Shir2611 Shir2611 self-assigned this Apr 13, 2026
@Shir2611 Shir2611 added docs-approved bypass.url Whether to create build bucket, add this label for marketplace.bootstrap.bypass.url ready-for-pipeline-running Whether the pr is ready for running the whole pipeline, including testing on SAAS machines supported-modules-approved ready-for-ai-review The PR is ready for reviewing the PR with the AI Reviewer. labels Apr 13, 2026
@content-bot
Copy link
Copy Markdown
Contributor

content-bot commented Apr 13, 2026

🤖 AI-Powered Code Review Available

You can leverage AI-powered code review to assist with this PR!

Available Commands:

  • @marketplace-ai-reviewer start review - Initiate a full AI code review
  • @marketplace-ai-reviewer re-review - Incremental review for new commits

@marketplace-ai-reviewer marketplace-ai-reviewer removed the ready-for-ai-review The PR is ready for reviewing the PR with the AI Reviewer. label Apr 13, 2026
@marketplace-ai-reviewer
Copy link
Copy Markdown
Contributor

marketplace-ai-reviewer commented Apr 13, 2026

🤖 Analysis started. Please wait for results...

@marketplace-ai-reviewer
Copy link
Copy Markdown
Contributor

marketplace-ai-reviewer commented Apr 13, 2026

🤖 AI Review Disclaimer

This review was generated by an AI-powered tool and may contain inaccuracies. Please be advised, and we extend our sincere apologies for any inconvenience this may cause.

marketplace-ai-reviewer
marketplace-ai-reviewer reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@marketplace-ai-reviewer marketplace-ai-reviewer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for submitting your PR!
Before moving on with the detailed review, please take a moment to address the following general comments.

  • The PR title and description mention removing old supported modules (like cloud_posture, cloud, etc.), but the actual code changes add agentix and xsiam to the supportedModules field in files that didn't previously have it. Please update the PR title and description to accurately reflect that you are adding these new supported modules, or verify if the correct script was run.

@content-bot
Copy link
Copy Markdown
Contributor

content-bot commented Apr 13, 2026

This PR was automatically updated by a GitHub Action

  • CrowdStrikeFalcon pack version was bumped to 2.9.1.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Copy Markdown
Contributor

content-bot commented Apr 19, 2026

This PR was automatically updated by a GitHub Action

  • CrowdStrikeFalcon pack version was bumped to 2.9.2.
  • SailPointIdentityNow pack version was bumped to 1.1.7.
  • ExtraHop pack version was bumped to 2.3.12.
  • Code42 pack version was bumped to 6.1.9.
  • FireEyeHX pack version was bumped to 2.4.3.
  • MicrosoftDefenderAdvancedThreatProtection pack version was bumped to 1.20.28.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@content-bot
Copy link
Copy Markdown
Contributor

content-bot commented Apr 20, 2026

This PR was automatically updated by a GitHub Action

  • EDL pack version was bumped to 3.3.29.
  • PrismaCloud pack version was bumped to 4.4.20.
  • VirusTotal pack version was bumped to 2.7.16.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 20, 2026

Your contributed ExtraHop pack has been modified on files:

Packs/ExtraHop/pack_metadata.json
Packs/ExtraHop/ReleaseNotes/2_3_12.md
Packs/ExtraHop/IncidentTypes/incidenttype-ExtraHop_Detection.json
Please review the changes here

@content-bot
Copy link
Copy Markdown
Contributor

content-bot commented Apr 20, 2026

Validate summary
The following errors were reported as warnings: BC117 (Approved).
✅ BC117 validation has been approved by PM review (supported-modules-approved label present).
The following errors were thrown as a part of this pr: BC115.
The following errors cannot be ignored: BC115.
If the AG100 validation in the pre-commit GitHub Action fails, the pull request cannot be force-merged.
The following errors don't run as part of the nightly flow and therefore can be force merged: BC115.

Verdict: PR can be force merged from validate perspective? ✅

@content-bot
Copy link
Copy Markdown
Contributor

content-bot commented Apr 23, 2026

This PR was automatically updated by a GitHub Action

  • FireEyeEX pack version was bumped to 2.0.39.
  • F5Silverline pack version was bumped to 1.0.40.
  • AgariPhishingDefense pack version was bumped to 1.1.23.
  • IllusiveNetworks pack version was bumped to 1.0.41.
  • Carbon_Black_Enterprise_Response pack version was bumped to 2.1.57.
  • FireEyeHX pack version was bumped to 2.4.4.
  • Code42 pack version was bumped to 6.1.10.

To stop automatic version bumps, add the ignore-auto-bump-version label to the github PR.

@Shir2611 Shir2611 added the ForceMerge Forcing the merge of the PR despite the build status label Apr 23, 2026
@Shir2611
Copy link
Copy Markdown
Contributor Author

Shir2611 commented Apr 23, 2026

force merge as part of an effort of removing all old supported modules

@jbabazadeh jbabazadeh merged commit 296a7b4 into master Apr 23, 2026
24 of 28 checks passed
@jbabazadeh jbabazadeh deleted the cleanup-invalid-license-incidentType branch April 23, 2026 11:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marketplace-ai-reviewer marketplace-ai-reviewer marketplace-ai-reviewer left review comments

@BEAdi BEAdi BEAdi approved these changes

@JudahSchwartz JudahSchwartz Awaiting requested review from JudahSchwartz JudahSchwartz is a code owner

@noydavidi noydavidi Awaiting requested review from noydavidi noydavidi is a code owner

@talzich talzich Awaiting requested review from talzich

Assignees

@Shir2611 Shir2611

Labels

bypass.url Whether to create build bucket, add this label for marketplace.bootstrap.bypass.url docs-approved ForceMerge Forcing the merge of the PR despite the build status ready-for-pipeline-running Whether the pr is ready for running the whole pipeline, including testing on SAAS machines supported-modules-approved

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Shir2611 @content-bot @marketplace-ai-reviewer @BEAdi @jbabazadeh