ekristen
commented
6 years ago Do I really have to update the sift-cli binary manually?
Yes and no. A sift upgrade will install the latest sift-cli binary. However the reason for it not being in the sift ppa is that we get into a weird circular dependency. You'd have to configure the PPA and then install the package, and then the sift install process would want to manage that PPA. It's cleaner to have manual install instructions.
The SIFT cli is just a CLI utility that helps run the orchestration process underneath.
Why is there a sift update and sift upgrade - it seems that there are only new releases, no updates; right?
I can understand the confusion. The original intention was sift update was in place to basically ensure that the latest version you are on is up-to-date, meaning it would re-run the orchestration ensuring everything is as it should be.
sift upgrade on the other hand looks for a new release of the SIFT orchestration files, downloads and executes them, this could bring about config changes, new packages, deletion of packages, etc.
So the root question is: what is the proper way to keep the system current?
sift upgrade
I have installed sift on ubuntu by using sift-cli as described here: https://github.com/sans-dfir/sift-cli#installation
However, I still have sift-cli 1.5.1-beta.0-master installed. Current is v1.6.1 according to https://github.com/sans-dfir/sift-cli/releases/tag/v1.6.1
Do I really have to update the sift-cli binary manually?
I would expect that either:
Why is there a sift update and sift upgrade - it seems that there are only new releases, no updates; right?
So the root question is: what is the proper way to keep the system current?