Merge remote-tracking branch 'origin/topic/etyp/enshrine-event-order'

CHANGES

@@ -1,3 +1,10 @@
+7.1.0-dev.393 | 2024-10-15 09:56:19 +0200
+
+  * Test `.evt` file `&priority` (Evan Typanski, Corelight)
+
+    This was not documented nor tested, so this tests the behavior.
+    Documentation should be added later.
+
 7.1.0-dev.390 | 2024-10-09 15:36:41 -0700
 
   * removed specialized ZAM instructions for GTPv1 and Teredo cleanup BiFs (Vern Paxson, Corelight)

VERSION

@@ -1 +1 @@
-7.1.0-dev.390
+7.1.0-dev.393

testing/btest/Baseline/spicy.hook-priority/output

@@ -2,4 +2,6 @@
 Spicy: highest prio
 Spicy: default prio
 Spicy: lowest prio
+Zeek: highest prio, [x=default]
 Zeek: default prio, [x=default]
+Zeek: lowest prio, [x=default]

testing/btest/spicy/hook-priority.zeek

@@ -12,11 +12,21 @@ event zeek_init()
 	Analyzer::register_for_port(Analyzer::ANALYZER_FOO, 80/tcp);
 	}
 
+event foo_last(x: foo::X)
+	{
+	print "Zeek: lowest prio", x;
+	}
+
 event foo(x: foo::X)
 	{
 	print "Zeek: default prio", x;
 	}
 
+event foo_first(x: foo::X)
+	{
+	print "Zeek: highest prio", x;
+	}
+
 # @TEST-START-FILE foo.spicy
 module foo;
 
@@ -54,8 +64,8 @@ protocol analyzer Foo over TCP:
 # by examining the data though which above Spicy hooks mutate; we expect to see
 # data from the default priority handler since we should run right after it.
 on foo::X -> event foo(self);
+on foo::X -> event foo_first(self) &priority=-500;
+on foo::X -> event foo_last(self) &priority=-1500;
 
 export foo::X;
-
-# TODO(bbannier): test that EVT hook priority can correctly be overriden.
 # @TEST-END-FILE