Skip to content

- build_pack_catalog.py was writing over category #665

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
scottbrumley merged 2 commits into from
Mar 19, 2026
Merged

- build_pack_catalog.py was writing over category #665

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
319af2d
- build_pack_catalog.py was writing over category
scottbrumley Mar 19, 2026
7eeca1f
Merge branch 'main' into fix/pack_catalog
scottbrumley Mar 19, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions pack_catalog.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
{
"id": "SocFrameworkCrowdstrikeFalcon",
"display_name": "SOC CrowdStrike Falcon Integration Enhancement for Cortex XSIAM",
"category": "End Point",
"version": "1.0.44",
"path": "Packs/SocFrameworkCrowdstrikeFalcon",
"visible": true,
Expand All @@ -11,6 +12,7 @@
{
"id": "SocFrameworkMicrosoftDefender",
"display_name": "SOC Microsoft Defender Integration Enhancement for Cortex XSIAM",
"category": "End Point",
"version": "1.0.28",
"path": "Packs/SocFrameworkMicrosoftDefender",
"visible": true,
Expand All @@ -19,6 +21,7 @@
{
"id": "SocFrameworkOptimization",
"display_name": "SOC Framework (DEPRECATED)",
"category": "Use Case",
"version": "2.1.48",
"path": "Packs/SocFrameworkOptimization",
"visible": false,
Expand All @@ -27,6 +30,7 @@
{
"id": "SocFrameworkProofPointTap",
"display_name": "SOC Proofpoint TAP Integration Enhancement for Cortex XSIAM",
"category": "Email Security",
"version": "1.1.2",
"path": "Packs/SocFrameworkProofPointTap",
"visible": true,
Expand All @@ -35,6 +39,7 @@
{
"id": "SocFrameworkTrendMicroVisionOne",
"display_name": "SOC Trend Micro Enhancement for Cortex XSIAM",
"category": "End Point",
"version": "1.0.29",
"path": "Packs/SocFrameworkTrendMicroVisionOne",
"visible": true,
Expand All @@ -43,6 +48,7 @@
{
"id": "soc-common-playbooks",
"display_name": "SOC Common Playbooks",
"category": "Utility",
"version": "2.7.52",
"path": "Packs/soc-common-playbooks",
"visible": false,
Expand All @@ -51,6 +57,7 @@
{
"id": "soc-common-playbooks-unified",
"display_name": "SOC Common Playbooks Unified",
"category": "Use Case",
"version": "2.7.54",
"path": "Packs/soc-common-playbooks-unified",
"visible": false,
Expand All @@ -59,6 +66,7 @@
{
"id": "soc-framework-manager",
"display_name": "SOC Framework Package Manager",
"category": "Utility",
"version": "1.0.13",
"path": "Packs/soc-framework-manager",
"visible": false,
Expand All @@ -67,6 +75,7 @@
{
"id": "soc-framework-nist-ir",
"display_name": "SOC Framework NIST IR (800-61)",
"category": "Utility",
"version": "1.1.0",
"path": "Packs/soc-framework-nist-ir",
"visible": false,
Expand All @@ -75,6 +84,7 @@
{
"id": "soc-microsoft-graph-security",
"display_name": "SOC Microsoft Graph Security Content Pack Enhancement for Cortex XSIAM",
"category": "End Point",
"version": "1.0.11",
"path": "Packs/soc-microsoft-graph-security",
"visible": false,
Expand All @@ -83,6 +93,7 @@
{
"id": "soc-optimization-unified",
"display_name": "SOC Framework Unified",
"category": "Use Case",
"version": "3.4.0",
"path": "Packs/soc-optimization-unified",
"visible": true,
Expand Down
9 changes: 9 additions & 0 deletions tools/build_pack_catalog.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,14 @@ def build_catalog_entry(
if existing_entry is not None and isinstance(existing_entry.get("visible"), bool):
visible = existing_entry["visible"]

# Preserve existing "category" if present; otherwise read from pack_metadata
category = None
if existing_entry is not None and existing_entry.get("category"):
category = existing_entry["category"]
elif meta.get("categories"):
cats = meta["categories"]
category = cats[0] if isinstance(cats, list) else cats

# Detect xsoar_config.json and build raw URL if it exists
xsoar_config_path = pack_dir / "xsoar_config.json"
if xsoar_config_path.is_file():
Expand All @@ -92,6 +100,7 @@ def build_catalog_entry(
return {
"id": pack_id,
"display_name": display_name,
"category": category,
"version": version,
"path": str(pack_dir.as_posix()),
"visible": visible,
Expand Down
Loading