markuskont
markuskont
Yea, nothing against type assertions. The idea was to just clean up some nasty code. The first reference was a particular sore point as it's a lot of repeat code....
Ah, yes. Indeed. I don't mind a bigger refactor to be honest if it meant bringing in more type safety. But since the engine has to deal with arbitrary input...
I actually just realized that moving the lib to go 1.18 has potentially a big benefit - native fuzz testing.
Writing next to morning coffee, so excuse me if I'm missing something. How would this approach be better than just generating a OR Matcher during rule parse time whenever we...
Sorry for absence, last month was busy both on and offline. Heat did not help. I wanted to properly focus on the idea and also to play around with it...
Upon closer inspection, I believe this is actually a extension of the `Selection` object. That's because it operates on concrete type, rather than more abstract `Event`. More specifically, it needs...
In the meanwhile, I did some (very preliminary coding). It's not much and totally not tested, but at least it shows what direction my thinking took - https://github.com/markuskont/go-sigma-rule-engine/compare/master...next-placeholders-2022-07 I simply...
Hey, I think it's a great idea. Most of the constructors were built before `embed.FS` existed, thus lack of support. Just a heads up though, you can do experiments against...
Linking https://github.com/markuskont/go-sigma-rule-engine/issues/8
Hi @mjnovice Yep, that's exactly what I had in mind. Thanks a lot!