[Security Solution] Side effects of no-content version bumps in prebuilt rules

[spong]

Surfaced in the 8.2 Prebuilt Rules PR (though probably started occurring ~8.0), there are instances where there can be no-content version bumps (i.e. no rule content changes between releases other than the version being incremented). Opening this issue to describe the side effects to UX within the Security Solution app & docs as a result of these changes.

For details about how & why this can happen, please see this detection-rules issue on forking rules, and the above comment from the 8.2 Prebuilt Rules PR, but gist is that since we don't have version blocks (e.g. rule version 10-20 is reserved for the 7.14.x stack release), anytime a rule is updated in an earlier release (via OOB package deployment), the current version of the rule must also be incremented (even if there aren't content changes) to ensure that it has the highest version and will be installed when users upgrade their stack.

As a result of these no-content version bumps, there are three main touch points that will affect the user:

1. Incorrect updated rules count in Security Solution UI

2. Incorrect list of updated rules per release on the documentation page (Note: these scripts are currently owned by the detection-rules repo folks)

3. In the planned work for the merge rule upgrade ux, (internal issue) we would be including these no-content rules in this flow automatically (showing up with no field deltas) if we don't make additional logic changes.

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[terrancedejesus]

@jpdjere Apologies for the late response.

We should be good with this. Around 8.1 - 8.3 we had some bugs with our versioning logic. References are below. It is possible that these were missed in the releases but then found later upstream resulting in this issue.

• [Bug] Version Comparison Bug in Related Integrations Field at Build Time detection-rules#2331
• [Bug] Adding Adjustment to Route C of manage_versions.py detection-rules#2307
• [Bug] resolves bug in Rule version methods detection-rules#2021
• Manually reconciled versions from forked rule package generation bug detection-rules#1950
• [Bug] Fix bug in version_lock.py detection-rules#1880

At the moment, we only release OOB and have since fixed these bugs. The last ~30 packages we have released via OOB have not included unnecessary version bumps that we identified.

[jpdjere]

Thanks @terrancedejesus!

Confident now that this won't cause any issues for now. Closing the ticket.