Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
enable matching on namespaces
See original GitHub issuein order to detect that a category of rules match, without hardcoding all the options, we’d like to be able to write statements that specify that a namespace must much. for example, a statement like match: anti-analysis/packer would match if any rule with this namespace (prefix) also matches.
we can currently write rules that contain statements like match: writes to TCP socket to indicate the rule with name writes to TCP socket must match for the parent rule to match. today, if we wanted to specify “packed AND writes to TCP socket” we’d have to hardcode all the packer rules in a large AND block, which is a point of maintenance when new packer rules are added.
i propose extending the match statement to also match namespaces. because namespaces and rule names are typically formatted differently (kebab-case with slashes vs human readable sentence fragments) they should rarely/never overlap.
this supports #390
Issue Analytics
- State:
- Created 2 years ago
- Comments:7
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
im just padding my stats here.
already documented, too. closing issue as already complete.