This keeps GitHub from being confused about this file being part of
the repository's license, and thus not displaying the proper linkage
to our actual COPYING file.
We may want to copy some of the current feature and lts releases
over to zeek/zeek by hand, but for now see if pushing works out
for zeek/zeek-dev, mainly.
* origin/topic/awelzel/fix-dump-events-test:
Func: Use std::stable_sort() for sorting bodies by priority
btest/dump-events: Do not skip everywhere and update baselines
This commit adds an optional event_groups field to the Logging::Stream record
to associated event groups with logging streams.
This can be used to disable all event groups of a logging stream when it is
disabled. It does require making an explicit connection between the
logging stream and the involved groups, however.
* origin/topic/vern/script-opt-maint.Dec22:
maintenance updates for -O C++
maintenance updates for -O ZAM
update test suite to avoid GH-2385 problems, including incorrect typing
Avoids platform/stdlib dependent sorting of bodies with the same
priority and the same handler. They should be guaranteed to be
executed in load order now.
* origin/topic/awelzel/2629-notice-file-info:
analyzer/files: handle non-analyzer names in describe_file()
frameworks/notice: Handle fa_file with no or more than a single connection better
When a fa_file object is created through the use of Input::add_analysis(),
the fa_file's source is likely not valid representation of an analyzer's
tag and a Files::describe() should not error and instead return an empty
description.
Add a new Analyzer::is_tag() helper that can be used to pre-check `f$source`.
* When a file is transferred over multiple connection, have
create_file_info() just pick the first one instead of none.
* Do not unconditionally assume cid and cuid as set on a
Notice::FileInfo object.
* 'topic/fox-ds/ssh-key-init-events' of github.com:fox-ds/zeek:
Added several events for detailed info on the SSH2 key init directions
* Straightened out the zeek:see lines in events.bif to be the same across all events.
When using the same function for eval conditions in signatures, we
previously attempted to add &is_used multiple times to the function
triggering an ambiguous attribute error.
Turns out there's already a list of attributes that are accepted
to be used multiple times, so just add ATTR_IS_USED there.
Fixes#2628
Python, Ruby, Javascript, Go, ..., allow use of trailing commas and is even
recommended in some style-guides as it keeps diffs smaller. The black formatter
for Python even goes as far to take a trailing comma as an indication to
format a list one-item on a line.
It has been a bit unusual to not be able to put trailing commas in Zeek
scripts, so this change allows for it.
It explicitly prevents trailing commas in list expressions on the left
hand side. Concretely, this disallows trailing commas in the key list
expression during table initializations.
It probably allows for commas in more places that I haven't fully grasped.
Maybe we should tighten those down again if we find them surprising.
With the release of alpine 3.17 (2022-11-22), the fts-dev package
was renamed to musl-fts-dev. Change it accordingly.
This is currently breaking CI in a fork of zeek/zeek. Suspect some
caching prevents it from breaking here currently.
Alpine 3.16 is still supported till 2024-05-23, but we're essentially
not doing CI testing for it anymore. Appears to be in line with the
comment in .cirrus.yml
