fix(driver,userspace/libsinsp): use new PPME_CONTAINER_JSON_2_ events with large payload #118
Conversation
… with large payload; leave old ones untouched to avoid breaking backward compatibility. This way, new scap files with PPME_CONTAINER_JSON_2_ events cannot be open by old falco; moreover, new falco can correctly open old PPME_CONTAINER_JSON_ events. Signed-off-by: Federico Di Pierro <[email protected]> Co-authored-by: Mark Stemm <[email protected]>
poiana
added
kind/bug
|
Hi @FedeDP. Thanks for your PR. I'm waiting for a falcosecurity member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/ok-to-test |
|
LGTM label has been added. Git tree hash: 1ba222e6566b43cf0a6f0bb73a5c0737fb6fad7b
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: FedeDP, leogr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What type of PR is this?
/kind bug
Any specific area of the project related to this PR?
/area libsinsp
What this PR does / why we need it:
Deny new scap files with PPME_CONTAINER_JSON_2_ events from be opened by old falco; moreover, new falco is now correctly able to open old PPME_CONTAINER_JSON_ events.
Which issue(s) this PR fixes:
Fixes #
Special notes for your reviewer:
Does this PR introduce a user-facing change?: