From 7eec163d2aa808a96265655259d1fffd7fecb97b Mon Sep 17 00:00:00 2001
From: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
Date: Fri, 14 Feb 2025 00:14:28 +0530
Subject: [PATCH] Modify Unit Test to Support Alert Suppression for EQL
 Sequences (#4457)

(cherry picked from commit aded9deb7929636fd04cf465a2b9fb8f43aae901)
---
 pyproject.toml          | 2 +-
 tests/test_all_rules.py | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index 5043a3adf73..3a354cd5639 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [project]
 name = "detection_rules"
-version = "0.4.10"
+version = "0.4.11"
 description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine."
 readme = "README.md"
 requires-python = ">=3.12"
diff --git a/tests/test_all_rules.py b/tests/test_all_rules.py
index aa90ea2f5d4..850e8da1283 100644
--- a/tests/test_all_rules.py
+++ b/tests/test_all_rules.py
@@ -1449,8 +1449,9 @@ def test_group_field_in_schemas(self):
                         self.fail(f"{self.rule_str(rule)} alert suppression field {fld} not \
                             found in ECS, Beats, or non-ecs schemas")
 
-    @unittest.skipIf(PACKAGE_STACK_VERSION < Version.parse("8.14.0"),
-                     "Test only applicable to 8.14+ stacks for eql non-sequence rule alert suppression feature.")
+    @unittest.skipIf(PACKAGE_STACK_VERSION < Version.parse("8.14.0") or  # noqa: W504
+                     PACKAGE_STACK_VERSION >= Version.parse("8.18.0"),  # noqa: W504
+                     "Test is applicable to 8.14 --> 8.17 stacks for eql non-sequence rule alert suppression feature.")
     def test_eql_non_sequence_support_only(self):
         for rule in self.all_rules:
             if (