Closed psrok1 closed 1 year ago
Multiple negated filters are unintuitive due to OR operator between them:
In[2]: Task({ "type": "sample", "kind": "runnable", "platform": "win32" }).matches_filters([ {"type": "sample", "platform": "!win*"}, {"type": "sample", "platform": "!linux"} ]) Out[2]: True
Above filter can be translated to(type:sample AND NOT platform:win*) OR (type:sample AND NOT platform:linux). So {type: "sample", platform: "win32"} matches the right side of OR expression, which is perfectly logical, but not desired behavior.
(type:sample AND NOT platform:win*) OR (type:sample AND NOT platform:linux)
{type: "sample", platform: "win32"}
Found by @Antelox.
Multiple negated filters are unintuitive due to OR operator between them:
Above filter can be translated to
(type:sample AND NOT platform:win*) OR (type:sample AND NOT platform:linux). So{type: "sample", platform: "win32"}matches the right side of OR expression, which is perfectly logical, but not desired behavior.Found by @Antelox.