Open xcrzx opened 10 hours ago
Pinging @elastic/security-solution (Team: SecuritySolution)
Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)
Pinging @elastic/security-detections-response (Team:Detections and Resp)
Summary
The
UpgradePrebuiltRulesTableContext
currently doesn’t consider rule revisions and target versions. It's possible for users to start resolving rule upgrades in the UI while a new package version is installed in the background. In such cases, all user-resolved values should be invalidated to prevent potential issues. Without this, users may unknowingly apply updates to an outdated version, resulting in unpredictable outcomes and difficult-to-debug situations.User-resolved values should be invalidated in the following situations:
revision
has been fetched. In this case, another user concurrently edited the ruletarget
rule with a higherversion
has been fetched. In this case, a newer rule package version was installed asynchronously