Update master

.devcontainer/createCommand.sh

@@ -3,27 +3,22 @@
 set -e
 
 echo "Fixing permissions"
-
-sudo chown demisto /workspaces /workspaces/content
-sudo chown -R demisto /workspaces/content/.vscode /workspaces/content/.git /workspaces/content/.venv /workspaces/content/node_modules /workspaces/content/package-lock.json
+# get current folder name
+repo=${PWD##*/}
+sudo chown demisto /workspaces /workspaces/$repo
+sudo chown -R demisto /workspaces/$repo/.vscode /workspaces/content/.git /workspaces/$repo/.venv /workspaces/$repo/node_modules /workspaces/$repo/package-lock.json
 
 sudo chown -R demisto $HOME
 
-echo "Setting up VSCode paths"
-
-cp .devcontainer/settings.json .vscode/settings.json 
-touch CommonServerUserPython.py
-touch DemistoClassApiModule.py
-path=$(printf '%s:' Packs/ApiModules/Scripts/*)
-rm -f .env
-echo "PYTHONPATH=""$path"":$PYTHONPATH" >> .env
-echo "MYPYPATH=""$path"":$MYPYPATH" >> .env
-
 echo "Setting up git safe directory"
-git config --global --add safe.directory /workspaces/content
+git config --global --add safe.directory /workspaces/$repo
 
 echo "Setting up content dependencies"
 .hooks/bootstrap
 
+echo "Setting up VSCode"
+poetry run demisto-sdk setup-env
+
+
 echo "Run demisto-sdk pre-commit to cache dependencies"
-poetry run demisto-sdk pre-commit >/dev/null 2>&1 || true
+poetry run demisto-sdk pre-commit --mode=commit >/dev/null 2>&1 || true

.devcontainer/devcontainer.json

@@ -24,11 +24,6 @@
 		"DEMISTO_SDK_CONTENT_PATH": "${containerWorkspaceFolder}",
 		"PYTHONPATH": "${containerWorkspaceFolder}:${containerWorkspaceFolder}/Packs/Base/Scripts/CommonServerPython/:${containerWorkspaceFolder}/Packs/Base/Scripts/CommonServerUserPython/:${containerWorkspaceFolder}/Tests/demistomock/:${containerEnv:PYTHONPATH}",
 		"MYPYPATH": "${containerWorkspaceFolder}:${containerWorkspaceFolder}/Packs/Base/Scripts/CommonServerPython/:${containerWorkspaceFolder}/Packs/Base/Scripts/CommonServerUserPython/:${containerWorkspaceFolder}/Tests/demistomock/:${containerEnv:PYTHONPATH}",
-		"DEMISTO_BASE_URL": "${localEnv:DEMISTO_BASE_URL}",
-		"DEMISTO_USERNAME": "${localEnv:DEMISTO_USERNAME}",
-		"DEMISTO_PASSWORD": "${localEnv:DEMISTO_PASSWORD}",
-		"DEMISTO_VERIFY_SSL": "${localEnv:DEMISTO_VERIFY_SSL}",
-		"DEMISTO_API_KEY": "${localEnv:DEMISTO_API_KEY}"
 	},
 	"customizations": {
 		"vscode": {
@@ -97,7 +92,7 @@
 // 	"ghcr.io/devcontainers/features/common-utils:1"
 // ],
 "onCreateCommand": "sudo dos2unix -n .devcontainer/createCommand.sh .devcontainer/createCommand_unix.sh && bash .devcontainer/createCommand_unix.sh",
-"postStartCommand": "poetry install && poetry run demisto-sdk pre-commit >/dev/null 2>&1 || true",
+"postStartCommand": "git pull || true && poetry install && poetry run demisto-sdk pre-commit --mode=commit >/dev/null 2>&1 || true",
 "hostRequirements": {
 	"cpus": 4,
 	"memory": "8gb",

.github/CODEOWNERS

@@ -5,6 +5,8 @@
 /Tests/Marketplace/approved_categories.json @yaakovpraisler @bakatzir @GuyLibermanPA @demisto/content-leaders
 /Tests/Marketplace/core_packs_list.json @yaakovpraisler @bakatzir @GuyLibermanPA @demisto/content-leaders
 /Tests/Marketplace/core_packs_mpv2_list.json @yaakovpraisler @bakatzir @GuyLibermanPA @demisto/content-leaders
+/Tests/Marketplace/versions-metadata.json @yaakovpraisler
+/Tests/Marketplace/corepacks_override.json @yaakovpraisler
 
 # Docker native image
 /Tests/docker_native_image_config.json @GuyAfik @JudahSchwartz @samuelFain
@@ -35,7 +37,7 @@
 
 # PANW Products
 /Packs/Palo_Alto_Networks_Enterprise_DLP/ @DeanArbel
-/Packs/PAN-OS/Integrations/ @GuyAfik @jlevypaloalto
+/Packs/PAN-OS/Integrations/ @jlevypaloalto
 /Packs/PrismaCloudCompute/Integrations/ @GuyAfik
 /Packs/PrismaSaasSecurity/Integrations/ @GuyAfik
 

.github/workflows/create-internal-pr-from-external.yml

@@ -10,6 +10,9 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository == 'demisto/content' && github.event.action == 'closed' && github.event.pull_request.merged == true && github.event.pull_request.head.repo.fork == true
     steps:
+      - name: set pythonpath
+        run: |
+          echo "PYTHONPATH=$GITHUB_WORKSPACE" >> $GITHUB_ENV
       - name: Checkout
         uses: actions/checkout@v4
       - name: Setup Python

.github/workflows/handle-new-external-pr.yml

@@ -31,7 +31,9 @@ jobs:
       - name: Install Python Dependencies
         run: |
           poetry install --with ci
-
+      - name: set pythonpath
+        run: |
+          echo "PYTHONPATH=$GITHUB_WORKSPACE" >> $GITHUB_ENV
       - name: Update External PR
         env:
           CONTENTBOT_GH_ADMIN_TOKEN: ${{ secrets.CONTENTBOT_GH_ADMIN_TOKEN }}

.github/workflows/trigger-contribution-build-temp.yml

@@ -0,0 +1,35 @@
+name: Trigger Contribution Build Temp
+on:
+  pull_request_target:
+    types: [labeled]
+    branches:
+      - 'contrib/AradCarmi**'
+
+jobs:
+  trigget_contrib_build:
+    runs-on: ubuntu-latest
+    if: github.event.action == 'labeled' && contains(github.event.pull_request.labels.*.name, 'ready-for-instance-test') == true && github.event.pull_request.head.repo.fork == true
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Setup Python
+        uses: actions/setup-python@v3
+        with:
+          python-version: '3.9'
+      - name: Setup Poetry
+        uses: Gr1N/setup-poetry@v8
+      - name: Install Python Dependencies
+        run: |
+          poetry install --with ci
+      - name: Trigger Contribution Build
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+          BASE_BRANCH: ${{ github.event.pull_request.base.ref }}
+          CONTRIB_BRANCH: ${{ github.event.pull_request.head.label }}
+          CONTRIB_REPO: ${{ github.event.repository.name }}
+          USERNAME: ${{ secrets.SECRET_CHECK_USER_NG }}
+          PASSWORD: ${{ secrets.SECRET_CHECK_PASS_NG }}
+          GOLD_SERVER_URL: ${{ secrets.GOLD_SERVER_URL_NG }}
+        run: |
+          echo "Trigger contribution build for PR: $PR_NUMBER with base branch: $BASE_BRANCH contrib branch: $CONTRIB_BRANCH"
+          poetry run python ./Utils/github_workflow_scripts/trigger_contribution_build_temp.py --pr_number $PR_NUMBER --base_branch $BASE_BRANCH --contrib_branch $CONTRIB_BRANCH --contrib_repo $CONTRIB_REPO --username $USERNAME --password $PASSWORD --gold_server_url $GOLD_SERVER_URL

.github/workflows/update-demisto-sdk-version.yml

@@ -49,9 +49,9 @@ jobs:
       run: |
         poetry add --group dev demisto-sdk@${{inputs.release_version}}
         poetry lock --no-update
-        git add .
         source .venv/bin/activate
         demisto-sdk pre-commit --no-validate --no-secrets --no-unit-test
+        git add .
 
     - name: Create pull request
       run: |

.gitlab/ci/.gitlab-ci.global.yml

@@ -206,7 +206,7 @@
 .build_parameters: &build_parameters
   - section_start "Build Parameters" --collapsed
   - echo "Environment Variables:"
-  - set | grep -E "^ARTIFACTS_FOLDER.*=|^JIRA_.*=|^NIGHTLY=|^INSTANCE_TESTS=|^SERVER_BRANCH_NAME=|^ARTIFACT_BUILD_NUM=|^DEMISTO_SDK_NIGHTLY=|^TIME_TO_LIVE=|^CONTRIB_BRANCH=|^FORCE_PACK_UPLOAD=|^PACKS_TO_UPLOAD=|^BUCKET_UPLOAD=|^STORAGE_BASE_PATH=|^OVERRIDE_ALL_PACKS=|^GCS_MARKET_BUCKET=|^GCS_MARKET_V2_BUCKET=|^GCS_MARKET_XPANSE_BUCKET=|^SLACK_.*=|^NVM_DIR=|^NODE_VERSION=|^PATH=|^ARTIFACTS_FOLDER=|^ARTIFACTS_FOLDER_INSTANCE=|^ARTIFACTS_FOLDER_SERVER_TYPE=|^ENV_RESULTS_PATH=|^LAST_UPLOAD_COMMIT=|^DEMISTO_SDK_LOG_FILE_SIZE=|^DEMISTO_SDK_LOG_FILE_COUNT=|^DEMISTO_SDK_LOG_FILE_PATH=|^DEMISTO_SDK_LOG_NO_COLORS=|^DEMISTO_SDK_LOG_NOTIFY_PATH=|^POETRY_VIRTUALENVS_OPTIONS_ALWAYS_COPY=" | sort
+  - set | grep -E "^ARTIFACTS_FOLDER.*=|^JIRA_.*=|^NIGHTLY=|^INSTANCE_TESTS=|^SERVER_BRANCH_NAME=|^ARTIFACT_BUILD_NUM=|^DEMISTO_SDK_NIGHTLY=|^TIME_TO_LIVE=|^CONTRIB_BRANCH=|^FORCE_PACK_UPLOAD=|^PACKS_TO_UPLOAD=|^BUCKET_UPLOAD=|^STORAGE_BASE_PATH=|^OVERRIDE_ALL_PACKS=|^GCS_MARKET_BUCKET=|^GCS_MARKET_V2_BUCKET=|^GCS_MARKET_XPANSE_BUCKET=|^SLACK_.*=|^NVM_DIR=|^NODE_VERSION=|^PATH=|^ARTIFACTS_FOLDER=|^ARTIFACTS_FOLDER_INSTANCE=|^ARTIFACTS_FOLDER_SERVER_TYPE=|^ENV_RESULTS_PATH=|^LAST_UPLOAD_COMMIT=|^DEMISTO_SDK_LOG_FILE_SIZE=|^DEMISTO_SDK_LOG_FILE_COUNT=|^DEMISTO_SDK_LOG_FILE_PATH=|^DEMISTO_SDK_LOG_NO_COLORS=|^DEMISTO_SDK_LOG_NOTIFY_PATH=|^POETRY_VIRTUALENVS_OPTIONS_ALWAYS_COPY=|^DEMISTO_SDK_NIGHTLY=|^OVERRIDE_SDK_REF=|^SDK_REF=" | sort
   - echo "Versions Installed:"
   - python --version
   - python3 --version

.gitlab/ci/.gitlab-ci.on-push.yml

@@ -734,7 +734,9 @@ test-upload-flow:
 
     - section_start "Create Testing Branch"
     - export BRANCH="${CI_COMMIT_BRANCH}-upload_test_branch-${CI_PIPELINE_ID}"
-    - python3 ./Utils/test_upload_flow/create_test_branch.py -tb $BRANCH -a "${ARTIFACTS_FOLDER}" -g $GITLAB_PUSH_TOKEN
+    - echo "${BRANCH}" > "${ARTIFACTS_FOLDER}/test_upload_flow_branch.txt"
+    - python3 ./Utils/test_upload_flow/create_test_branch.py -tb "${BRANCH}" -a "${ARTIFACTS_FOLDER}" -g "${GITLAB_PUSH_TOKEN}"
+
     - echo "Created test branch:${BRANCH}"
     - section_end "Create Testing Branch"
 
@@ -760,6 +762,15 @@ test-upload-flow:
     - python3 ./Utils/test_upload_flow/verify_bucket.py -a "${ARTIFACTS_FOLDER}" -s $GCS_MARKET_KEY -sb $current_storage_base_path -b $ALL_BUCKETS
     - section_end "Verify Created Testing Bucket"
     - job-done
+  after_script:
+    - !reference [.default-after-script]
+    - section_start "Delete Testing Branch"
+    - |
+      if [ -f "${ARTIFACTS_FOLDER}/test_upload_flow_branch.txt" ]; then
+        BRANCH=$(cat "${ARTIFACTS_FOLDER}/test_upload_flow_branch.txt")
+        python3 ./Utils/test_upload_flow/delete_test_branch.py -tb "${BRANCH}" -g "${GITLAB_PUSH_TOKEN}"
+      fi
+    - section_end "Delete Testing Branch"
 
 .server_test_playbooks_results:
   stage: results

.gitlab/ci/.gitlab-ci.sdk-nightly.yml

@@ -526,9 +526,12 @@ demisto-sdk-nightly:trigger-slack-notify:
     PIPELINE_TO_QUERY: $CI_PIPELINE_ID
     WORKFLOW: "Demisto SDK Nightly"
     JOB_NAME: "demisto-sdk-nightly:fan-in"
+    DEMISTO_SDK_NIGHTLY: "true"
+    OVERRIDE_SDK_REF: $OVERRIDE_SDK_REF
+    SDK_REF: $SDK_REF
     SLACK_CHANNEL: $SLACK_CHANNEL
     SLACK_JOB: "true"
-    SLACK_ALLOW_FAILURE: 'false'
+    SLACK_ALLOW_FAILURE: "false"
     CI_PROJECT_ID: $CI_PROJECT_ID
     CI_SERVER_URL: $CI_SERVER_URL
     JIRA_SERVER_URL: $JIRA_SERVER_URL

.gitlab/ci/.gitlab-ci.slack-notify.yml

@@ -1,4 +1,3 @@
-
 default:
   image: docker-io.art.code.pan.run/devdemisto/gitlab-content-ci:1.0.0.64455
   artifacts:
@@ -11,19 +10,18 @@ default:
 stages:
   - notify
 
-
 include:
   - local: .gitlab/ci/.gitlab-ci.variables.yml
   - local: .gitlab/ci/.gitlab-ci.global.yml
 
-
 slack-notify:
   tags:
     - gke
   stage: notify
   extends: .default-job-settings
   script:
-    - python3 ./Tests/scripts/gitlab_slack_notifier.py -p "${PIPELINE_TO_QUERY}" -s "${SLACK_TOKEN}" -c "${GITLAB_STATUS_TOKEN}" -ch "${SLACK_CHANNEL}" --triggering-workflow "${WORKFLOW}" --allow-failure "${SLACK_ALLOW_FAILURE}"
+    - !reference [.download-demisto-conf]
+    - python3 ./Tests/scripts/gitlab_slack_notifier.py -p "${PIPELINE_TO_QUERY}" -s "${SLACK_TOKEN}" -c "${GITLAB_STATUS_TOKEN}" -ch "${SLACK_CHANNEL}" --triggering-workflow "${WORKFLOW}" --allow-failure "${SLACK_ALLOW_FAILURE}" --name-mapping_path "${CI_PROJECT_DIR}/name_mapping.json"
   retry:
     max: 2
   needs:

.pre-commit-config_template.yaml

@@ -289,7 +289,7 @@ repos:
     - decorator==5.1.1 ; python_version >= "3.8" and python_version < "3.11"
     - defusedxml==0.7.1 ; python_version >= "3.8" and python_version < "3.11"
     - demisto-py==3.2.13 ; python_version >= "3.8" and python_version < "3.11"
-    - demisto-sdk==1.25.1 ; python_version >= "3.8" and python_version < "3.11"
+    - demisto-sdk==1.25.3 ; python_version >= "3.8" and python_version < "3.11"
     - dictdiffer==0.9.0 ; python_version >= "3.8" and python_version < "3.11"
     - dictor==0.1.12 ; python_version >= "3.8" and python_version < "3.11"
     - distlib==0.3.7 ; python_version >= "3.8" and python_version < "3.11"
@@ -331,6 +331,7 @@ repos:
     - jsonschema==4.19.2 ; python_version >= "3.8" and python_version < "3.11"
     - junitparser==3.1.0 ; python_version >= "3.8" and python_version < "3.11"
     - lazy-object-proxy==1.9.0 ; python_version >= "3.8" and python_version < "3.11"
+    - lxml==5.1.0 ; python_version >= "3.8" and python_version < "3.11"
     - mccabe==0.6.1 ; python_version >= "3.8" and python_version < "3.11"
     - mergedeep==1.3.4 ; python_version >= "3.8" and python_version < "3.11"
     - more-itertools==9.1.0 ; python_version >= "3.8" and python_version < "3.11"

Packs/AWS-EC2/ReleaseNotes/1_4_1.md

@@ -0,0 +1,3 @@
+## AWS - EC2
+
+- Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Packs/AWS-EC2/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "AWS - EC2",
     "description": "Amazon Web Services Elastic Compute Cloud (EC2)",
     "support": "xsoar",
-    "currentVersion": "1.4.0",
+    "currentVersion": "1.4.1",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/AWS-IAM/ReleaseNotes/1_1_54.md

@@ -0,0 +1,3 @@
+## AWS - IAM
+
+- Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Packs/AWS-IAM/pack_metadata.json

@@ -3,7 +3,7 @@
     "description": "Amazon Web Services Identity and Access Management (IAM)",
     "support": "xsoar",
     "author": "Cortex XSOAR",
-    "currentVersion": "1.1.53",
+    "currentVersion": "1.1.54",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",
     "created": "2020-04-14T00:00:00Z",

Packs/AWS-Route53/ReleaseNotes/1_1_26.md

@@ -0,0 +1,3 @@
+## AWS - Route53
+
+- Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Packs/AWS-Route53/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "AWS - Route53",
     "description": "Amazon Web Services Managed Cloud DNS Service.",
     "support": "xsoar",
-    "currentVersion": "1.1.25",
+    "currentVersion": "1.1.26",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/AWS-S3/ReleaseNotes/1_2_20.md

@@ -0,0 +1,3 @@
+## AWS - S3
+
+- Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Packs/AWS-S3/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "AWS - S3",
     "description": "Amazon Web Services Simple Storage Service (S3)",
     "support": "xsoar",
-    "currentVersion": "1.2.19",
+    "currentVersion": "1.2.20",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/AWS_WAF/README.md

@@ -1,8 +1,7 @@
-<~XSIAM>
 # AWS WAF
 This pack includes Cortex XSIAM content.
 
-
+<~XSIAM>
 ## Configuration on Server Side
 - For information on configuring **ACL web logging**, refer to the following [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/logging-management.html).
 - For information on sending ACL web logs  to **S3 bucket**, refer to the following [documentation](https://docs.aws.amazon.com/waf/latest/developerguide/logging-s3.html).
@@ -29,15 +28,12 @@ To create or configure the Amazon S3 collector, use the information described [h
 | Vendor            | Set as 'aws'.                                                                                      | aws               |
 | Product           | Set as 'waf'.                                                                                       | waf               |
 | Compression       | Select 'gzip'.                                                                                      | gzip              |
-
-
 </~XSIAM>
 
 AWS WAF is a web application firewall service that lets you monitor web requests that are forwarded to an Amazon API Gateway API, an Amazon CloudFront distribution, or an Application Load Balancer. 
 You can protect those resources based on conditions that you specify, such as the IP addresses that the requests originate from.
 
 ## What does this pack do
-### AWS WAF
 This integration enables you to:
 - Create, retrieve, update, or delete IP sets.
 - Create, retrieve, update, or delete Regex patterns sets.

Packs/AccessInvestigation/ReleaseNotes/1_2_6.md

@@ -0,0 +1,3 @@
+## Access Investigation
+
+- Locked dependencies of the pack to ensure stability for versioned core packs. No changes in this release.

Packs/AccessInvestigation/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Access Investigation",
     "description": "This Content Pack automates response to unauthorised access incidents and contains customer access incident views and layouts to aid investigation.",
     "support": "xsoar",
-    "currentVersion": "1.2.5",
+    "currentVersion": "1.2.6",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

Packs/AgariPhishingDefense/Integrations/AgariPhishingDefense/AgariPhishingDefense.yml

@@ -323,7 +323,7 @@ script:
       required: true
     description: Remediate suspected message.
     name: apd-remediate-message
-  dockerimage: demisto/python3:3.10.13.83255
+  dockerimage: demisto/python3:3.10.13.84405
   isfetch: true
   runonce: false
   script: '-'

Packs/AgariPhishingDefense/ReleaseNotes/1_1_16.md

@@ -0,0 +1,3 @@
+#### Integrations
+##### Agari Phishing Defense
+- Updated the Docker image to: *demisto/python3:3.10.13.84405*.

Packs/AgariPhishingDefense/pack_metadata.json

@@ -2,7 +2,7 @@
     "name": "Agari Phishing Defense",
     "description": "Use the Agari Phishing Defense integration to retrieve Policy Events as Incidents, retrieve messages and remediate suspected messages.",
     "support": "partner",
-    "currentVersion": "1.1.15",
+    "currentVersion": "1.1.16",
     "author": "Agari",
     "url": "https://www.agari.com/support/",
     "email": "support@agari.com",

Packs/ApiModules/ReleaseNotes/2_2_21.md

@@ -0,0 +1,4 @@
+
+#### Scripts
+##### CoreIRApiModule
+- Improved implementation of *xdr-get-incidents* by unifying similar code blocks.