When running yara_validator_cli.py, the _lastmodified metadata attribute is being overwritten with the current date whether the value already exists in the yara rule or not. This is only happening for _lastmodified and not _firstimported.
I would think the expected behavior is to leave the _lastmodified date as-is if found in the rule metadata.
The scenario where i ran into this was when importing an external ruleset that already had last_modified dates set. I would like to keep those dates as-is for context.
When running yara_validator_cli.py, the _lastmodified metadata attribute is being overwritten with the current date whether the value already exists in the yara rule or not. This is only happening for _lastmodified and not _firstimported.
I would think the expected behavior is to leave the _lastmodified date as-is if found in the rule metadata.
The scenario where i ran into this was when importing an external ruleset that already had last_modified dates set. I would like to keep those dates as-is for context.