From 60805a4d242af39f714812e2c35ea7cce2ce3ab8 Mon Sep 17 00:00:00 2001
From: rabbitstack <rabbitstack7@gmail.com>
Date: Tue, 29 Jul 2025 19:39:54 +0200
Subject: [PATCH] feat(config,rules): Add authors field in rule definition

The new authors field allows specifying one or more
authors of the detection rule.
---
 pkg/config/_fixtures/filters/default.yml | 3 +++
 pkg/config/filters.go                    | 1 +
 pkg/config/filters_test.go               | 1 +
 pkg/config/schema_windows.go             | 1 +
 4 files changed, 6 insertions(+)

diff --git a/pkg/config/_fixtures/filters/default.yml b/pkg/config/_fixtures/filters/default.yml
index 58c988c68..601d65498 100644
--- a/pkg/config/_fixtures/filters/default.yml
+++ b/pkg/config/_fixtures/filters/default.yml
@@ -23,3 +23,6 @@ notes: |
   Lorem ipsum dolor sit amet, consectetur adipiscing elit.
   Ut ut ante id ligula molestie varius. Duis efficitur eros
   quis turpis accumsan, nec scelerisque libero euismod.
+authors:
+  - rabbitstack
+  - skynova
diff --git a/pkg/config/filters.go b/pkg/config/filters.go
index c89fd0a11..6c856cd6c 100644
--- a/pkg/config/filters.go
+++ b/pkg/config/filters.go
@@ -55,6 +55,7 @@ type FilterConfig struct {
 	Notes            string            `json:"notes" yaml:"notes"`
 	MinEngineVersion string            `json:"min-engine-version" yaml:"min-engine-version"`
 	Enabled          *bool             `json:"enabled" yaml:"enabled"`
+	Authors          []string          `json:"authors" yaml:"authors"`
 }
 
 // FilterAction wraps all possible filter actions.
diff --git a/pkg/config/filters_test.go b/pkg/config/filters_test.go
index 0e036b71e..c7018085e 100644
--- a/pkg/config/filters_test.go
+++ b/pkg/config/filters_test.go
@@ -58,6 +58,7 @@ func TestLoadRulesFromPaths(t *testing.T) {
 	assert.NotNil(t, f1.Action)
 	assert.Contains(t, f1.References, "ref2")
 	assert.NotEmpty(t, f1.Notes)
+	assert.Len(t, f1.Authors, 2)
 
 	acts, err := f1.DecodeActions()
 	require.NoError(t, err)
diff --git a/pkg/config/schema_windows.go b/pkg/config/schema_windows.go
index 69f0b2b0a..ae19d93eb 100644
--- a/pkg/config/schema_windows.go
+++ b/pkg/config/schema_windows.go
@@ -524,6 +524,7 @@ var rulesSchema = `
 		},
 		"tags":						{"type": "array", "items": [{"type": "string", "minLength": 1}]},
 		"references":			{"type": "array", "items": [{"type": "string", "minLength": 1}]},
+		"authors":				{"type": "array", "items": [{"type": "string", "minLength": 1}]},
 		"action": 				{
 			"type": "array",
 			"items": {