Skip to main content
Panther Knowledge Base

How should I keep my fork of panther-analysis up to date with the upstream version?

  1. Last updated
  2. Save as PDF

QUESTION

 If I fork the panther-analysis repository, how should I stay in sync with your upstream repository?

ANSWER

Staying in sync with our version of the panther-analysis repository is important to ensure you get the latest patches, and detection content. In order to set this up to make it run smoothly, we offer the following suggestions:

  • Make sure to pull only from the latest tagged release version of panther-analysis. The master branch contains content that is in active development and may not be ready to be added to your Panther Console.

    To find the latest tagged release:
    1. Navigate to the Panther Labs repository on GitHub
    2. Click the master branch dropdown
    3. Click on the "Tags" tab to see a list of all of our tagged releases. The latest should be at the top.

Screen Shot 2022-09-16 at 3.18.35 PM.png

  • To minimize merge conflicts when syncing with our upstream version, we recommend to keep your own custom detection content/analyses files in a separate directory within your fork of this repository. This ensures that if Panther makes any modifications to our detections and releases them to panther-analysis, that your own versions will be in a different directory, and thus won't have a merge conflict the next time you run git pull.
  • Lastly, you can keep this fork up to date either manually, or automatically. We have instructions for either option here in our documentation.