Contentctl

contentctl 5.0.0 initial release.
More details about this release will be published in the next 48 hours.

Fixies a number of issues, most notably removing references to observables which are no longer used in the codebase. They have been superseded by the RBA object (which in turn has its own message, victim, and threat objects).
Some additional bugs were resolved around this removal and introduction of the new RBA field which happened in the first alpha.
Finally, some code cleanup (formatting and linting).

This is still a pre-release and not intended for public use at this time.

What's Changed
* lint fixes & formatting by ljstella in https://github.com/splunk/contentctl/pull/350
* removing code referencing observables by ljstella in https://github.com/splunk/contentctl/pull/352
* Fixes for 5.0.0a2 by ljstella in https://github.com/splunk/contentctl/pull/351
* Version bump for next alpha release by ljstella in https://github.com/splunk/contentctl/pull/354


**Full Changelog**: https://github.com/splunk/contentctl/compare/v5.0.0-alpha.2...v5.0.0-alpha.3

This is still a prelease version and not intended for public use. It resolves :
1. issues around detecting lookups that have changed when running `contentctl test mode:changes ...`
2. resolves an error in the savedsearches_detections.j2 template where erroneous newlines may be inclued in savedsearches.conf
3. reverts to using splunk/splunk:9.3 (instead of splunk/splunk:latest, which presently installs splunk:9.4) due to an error in contentctl where contentctl test does not wait for all apps to install before beginning testing. This will be resolved in a future release.


What's Changed
* Bugfixes on 5.0.0-alpha by ljstella in https://github.com/splunk/contentctl/pull/349


**Full Changelog**: https://github.com/splunk/contentctl/compare/v5.0.0-alpha...v5.0.0-alpha.2

There are a significant number of changes in this release and it is not intended for public use yet. This release is being done to enable testing of a number of different workflows in prep for a general release of contentctl 5.0. We DO NOT suggest using this release at this time.
When the non-alpha version of contentctl 5.0.0, we will give more detail about exactly what changes were made.

To indicate the state of this release, the following warning is printed every time contentctl is run:


WARNING - THIS IS AN ALPHA BUILD OF CONTENTCTL 5.
THERE HAVE BEEN NUMEROUS CHANGES IN CONTENTCTL (ESPECIALLY TO YML FORMATS).
YOU ALMOST CERTAINLY DO NOT WANT TO USE THIS BUILD.
IF YOU ENCOUNTER ERRORS, PLEASE USE THE LATEST CURRENTLY SUPPORTED RELEASE:

This resolves a bug which causes all contentctl operations to fail with Pydantic >= 2.10

What's Changed
* Pin Pydantic to Resolve Contentctl Bug by pyth0n1c in https://github.com/splunk/contentctl/pull/332


**Full Changelog**: https://github.com/splunk/contentctl/compare/v4.4.6...v4.4.7

contentctl does not yet support Python 3.13. This was not reflected in the pyproject.toml and thus Pypi.
This release updates the compatibility here and on Pypi. At this time, contentctl supports Python 3.11 and 3.12.

Look for Python 3.13 support in an upcoming release!

What's Changed
* don't declare py3.13 compat by ljstella in https://github.com/splunk/contentctl/pull/329


**Full Changelog**: https://github.com/splunk/contentctl/compare/v4.4.5...v4.4.6