Update pySigma-backend-loki to latest release candidate to test compatibility

Makefile

@@ -2,11 +2,11 @@ TARGET = loki
 RULE_FILE = ./test.yml
 
 test-convert:
-	@uv sync --directory actions/convert -q
-	@GITHUB_WORKSPACE=$(realpath ../sigma-internal) uv run --directory actions/convert main.py --config config/sigma-convert.example.yml
+	@uv sync --prerelease=allow --directory actions/convert -q
+	@GITHUB_WORKSPACE=$(realpath ../sigma-internal) uv run --prerelease=allow --directory actions/convert main.py --config config/sigma-convert.example.yml
 
 test:
-	@uv sync --directory actions/convert -q
-	@GITHUB_WORKSPACE=$(realpath ../sigma-internal) uv run --directory actions/convert pytest -vv .
+	@uv sync --prerelease=allow --directory actions/convert -q
+	@GITHUB_WORKSPACE=$(realpath ../sigma-internal) uv run --prerelease=allow --directory actions/convert pytest -vv .
 
 .PHONY: test test-convert

actions/Dockerfile

@@ -20,7 +20,8 @@ COPY --from=builder /build/integrate /usr/local/bin/integrate
 COPY ./convert ./convert
 
 WORKDIR /app/convert
-RUN apk add --no-cache bash=5.2.37-r0 && \
+# TODO: remove git once we released a new version of sigma-rule-deployer
+RUN apk add --no-cache bash=5.2.37-r0 git=2.49.1-r0 && \
     python -m pip install --no-cache-dir --upgrade pip==25.0.1 && \
     pip install --no-cache-dir uv==0.6.13
 

actions/convert/action.yml

@@ -51,17 +51,27 @@ runs:
         username: ${{ github.actor }}
         password: ${{ github.token }}
     - name: Get Last Commit or base_ref
-      if: ${{ github.event_name == 'pull_request' && inputs.changed_files_from_base == 'false' }}
+      if: ${{ (github.event_name == 'pull_request' || github.event_name == 'issue_comment') && inputs.changed_files_from_base == 'false' }}
       id: commits
       uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1
       env:
         ACTIONS_USERNAME: ${{ inputs.actions_username }}
       with:
         script: |
+          // Get PR number based on event type
+          let pullNumber;
+          if (context.eventName === 'pull_request') {
+            pullNumber = context.payload.pull_request.number;
+          } else if (context.eventName === 'issue_comment') {
+            pullNumber = context.issue.number;
+          } else {
+            throw new Error(`Unsupported event type: ${context.eventName}`);
+          }
+
           const iterator = await github.paginate(github.rest.pulls.listCommits.endpoint.merge({
             owner: context.repo.owner,
             repo: context.repo.repo,
-            pull_number: context.payload.pull_request.number,
+            pull_number: pullNumber,
             per_page: 1
           }));
           let commit = "";
@@ -90,7 +100,12 @@ runs:
         COMMIT: ${{ steps.commits.outputs.result }}
       with:
         script: |
-          const output = JSON.parse(process.env.COMMIT);
+          const commitEnv = process.env.COMMIT;
+          if (!commitEnv || commitEnv.trim() === '') {
+            console.log('No commit data available, using empty string');
+            return '';
+          }
+          const output = JSON.parse(commitEnv);
           console.log(`Last commit or base ref: ${output.commit}`);
           return output.commit;
         result-encoding: string
@@ -101,7 +116,12 @@ runs:
         COMMIT: ${{ steps.commits.outputs.result }}
       with:
         script: |
-          const output = JSON.parse(process.env.COMMIT);
+          const commitEnv = process.env.COMMIT;
+          if (!commitEnv || commitEnv.trim() === '') {
+            console.log('No commit data available, using empty string');
+            return '';
+          }
+          const output = JSON.parse(commitEnv);
           console.log(`PR First Commit: ${output.first_commit}`);
           return output.first_commit;
         result-encoding: string
@@ -112,7 +132,12 @@ runs:
         COMMIT: ${{ steps.commits.outputs.result }}
       with:
         script: |
-          const output = JSON.parse(process.env.COMMIT);
+          const commitEnv = process.env.COMMIT;
+          if (!commitEnv || commitEnv.trim() === '') {
+            console.log('No commit data available, using empty string');
+            return '';
+          }
+          const output = JSON.parse(commitEnv);
           console.log(`PR Last Commit by automation: ${output.last_commit}`);
           return output.last_commit;
         result-encoding: string
@@ -127,7 +152,7 @@ runs:
 
         echo all_changed_files=${CHANGED_FILES//\\n/} >> "$GITHUB_OUTPUT"
         echo deleted_files=${DELETED_FILES//\\n/} >> "$GITHUB_OUTPUT"
- 
+
     - name: Run Sigma Rule Converter
       id: convert
       shell: bash
@@ -218,7 +243,7 @@ runs:
                     ... on PullRequest {
                       number
                     }
-                  } 
+                  }
                 }
               }`
 

actions/convert/pyproject.toml

@@ -6,7 +6,7 @@ readme = "README.md"
 requires-python = ">=3.12"
 dependencies = [
     "dynaconf>=3.2.10",
-    "pysigma-backend-loki>=0.12.3",
+    "pysigma-backend-loki>=0.13.0rc1",
     "pyyaml>=6.0.2",
     "sigma-cli>=1.0.5",
     "orjson>=3.10.0",