fix: invert scope filter in import-to-ida.py so function-scope rules are annotated

The condition was skipping FUNCTION-scope rules instead of keeping them,
causing the script to never annotate any functions. Invert to match the
correct logic in import-to-bn.py.

CHANGELOG.md

@@ -50,6 +50,7 @@
 - fix: correct wrong dict key in VMRay _compute_monitor_threads assertion (used thread_id instead of process_id) @williballenthin
 fix: replace assert with isinstance guard in get_callee for invalid MethodSpec tokens @williballenthin
 - fix: replace assert with isinstance guard in get_callee for invalid MethodSpec tokens @williballenthin
+- fix: invert scope filter in import-to-ida.py so function-scope rules are annotated instead of skipped @williballenthin (SURF-81)
 - fix: remove dead string literal in test_detect_duplicate_features @williballenthin (SURF-80)
 - fix: remove duplicate Rule.from_yaml call in test_scope_instruction_description @williballenthin (SURF-79)
 - fix: remove unused imports of capa.helpers, capa.features.basicblock, and redundant bare capa.features.extractors.base_extractor from test_freeze_dynamic.py @williballenthin (SURF-78)

scripts/import-to-ida.py

@@ -96,7 +96,7 @@ def main():
             continue
         if rule.meta.is_subscope_rule:
             continue
-        if rule.meta.scopes.static == capa.rules.Scope.FUNCTION:
+        if rule.meta.scopes.static != capa.rules.Scope.FUNCTION:
             continue
 
         ns = rule.meta.namespace