[Security Solution] Prebuilt rules marked as customized on upgrade when updating the package from `8.16.2-beta.1` to `8.16.2`

[banderror]

Related to: #201631, #201825 (review)

Summary

This bug was discovered when testing a bugfix. It could be the same bug as #201631 or a different one.

Essentially:

• Given the prebuiltRulesCustomizationEnabled feature flag is turned ON
• And you have rules w/o customizations but with updates from Elastic
• When you upgrade such rules one-by-one using the suggestions from the ThreeWayDiff UI
• Then the rules will be upgraded but marked as customized

Expected behavior:

Both the cases -AB and AAB should not cause the rules to be marked as customized, as long as the user doesn't customize any fields in the flyout during upgrade.

Steps to reproduce

Please follow these exact steps, or try a shorter version:

First, run Kibana with the FF turned OFF and the package containing all historical versions: 8.16.2-beta.1

xpack.securitySolution.enableExperimental: []
xpack.securitySolution.prebuiltRulesPackageVersion: 8.16.2-beta.1

• Install all the prebuilt rules
• Don't customize anything

Then, enable the FF and switch the package to 8.16.2:

xpack.securitySolution.enableExperimental: ['prebuiltRulesCustomizationEnabled']
xpack.securitySolution.prebuiltRulesPackageVersion: 8.16.2

• You should have 64 rules that could be upgraded and 72 that could be installed
• Try upgrading them one-by-one via the flyout (accepting the default suggestions) or in bulk
• Observe that they are being marked as customized after upgrade

Please find all the details in #201825 (review)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)