Permissive Learning Mode 3/6 Config Generation#586
Open
lilybarkley-msft wants to merge 1 commit into
Open
Conversation
Adds the Adjusted_*.json writer, the per-event detection summary, and a merge_capabilities stub that errors when called with a non-empty set (PR2's parser never produces one; PR4 fills in the body). New config.rs functions: - resolve_adjusted_config_path, save_adjusted_config (pretty JSON + parent-dir create) - write_detection_summary (file paths + capabilities; UI section arrives in the UI-policy PR) - write_requested_capabilities_summary (verbose dump) - merge_capabilities stub stop.rs now writes Adjusted_<input>.json with the merged filesystem section. 37 tests pass; cargo fmt + clippy clean. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
📖 Description
PR 3 of 6 — stacked on PR2. Adds config generation.
Adjusted_<name>.jsonwriter next to the captured trace (or override path)resolve_adjusted_config_path+save_adjusted_configwrite_added_paths_summarywrite_detection_summary— per-path / per-mask groupingwrite_requested_capabilities_summarydecode_access_mask/classify_mask)merge_capabilitiesstub that errors on non-empty input — PR4 fills in the real body. The stub keeps wiring intact without silently dropping findings if a stray caller appears mid-stack.stopis wired to produce a fullAdjusted_<name>.json+ detection summary for filesystem deltas.🔗 References
user/lilybarkley/plm-pr2-fs-extraction)merge_capabilitiesstub + adds DACL ACE blob decoding)🔍 Validation
cargo build -p plm --target x86_64-pc-windows-msvc— cleancargo fmt --all -- --check— cleancargo clippy -p plm --target x86_64-pc-windows-msvc --all-targets -- -D warnings— cleancargo test -p plm --target x86_64-pc-windows-msvc— 37 passed (test count steady; PR3 changes are write-paths exercised end-to-end in PR4+).✅ Checklist
📋 Issue Type
GitHub Actions runs the PR validation build automatically. The ADO pipeline
(
MXC-PR-Build) is the official build pipeline that signs the binaries; itruns on merge to
mainand nightly, and Microsoft reviewers can trigger iton a PR with
/azp run. See docs/pull-requests.md.Microsoft Reviewers: Open in CodeFlow