move capa/features/__init__.py logic to common.py

also cleanup imports across the board,
thanks to pylance.

scripts/bulk-process.py

@@ -55,6 +55,7 @@ Unless required by applicable law or agreed to in writing, software distributed
  is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and limitations under the License.
 """
+import os
 import sys
 import json
 import logging

scripts/capa2yara.py

@@ -31,7 +31,6 @@ See the License for the specific language governing permissions and limitations
 """
 
 import re
-import pdb
 import sys
 import string
 import logging
@@ -44,8 +43,7 @@ import capa.rules
 import capa.engine
 import capa.features
 import capa.features.insn
-from capa.features import ARCH_X32, ARCH_X64, String
-from capa.features.insn import Number, Offset
+from capa.features.common import ARCH_X32, ARCH_X64, String
 
 logger = logging.getLogger("capa2yara")
 
@@ -348,9 +346,9 @@ def convert_rule(rule, rulename, cround, depth):
             kid = rule.child
             kids = [kid]
             num_kids = 1
-            logger.info("kid: " + kids)
+            logger.info("kid: %s", kids)
         except:
-            logger.info("no kid in rule: " + rule.name)
+            logger.info("no kid in rule: %s", rule.name)
 
     # just a single statement without 'and' or 'or' before it in this rule
     if "kids" not in locals().keys():
@@ -366,7 +364,7 @@ def convert_rule(rule, rulename, cround, depth):
 
     else:
         x = 0
-        logger.info("doing kids: " + repr(kids) + " - len: " + str(num_kids))
+        logger.info("doing kids: %r - len: %s", kids, num_kids)
         for kid in kids:
             s_type = kid.name
             logger.info("doing type: " + s_type + " kidnum: " + str(x))

scripts/capa_as_library.py

@@ -10,8 +10,8 @@ import capa.features
 import capa.render.json
 import capa.render.utils as rutils
 import capa.render.default
+import capa.render.result_document
 from capa.engine import *
-from capa.render import convert_capabilities_to_result_document
 
 # edit this to set the path for file to analyze and rule directory
 RULES_PATH = "/tmp/capa/rules/"
@@ -203,7 +203,7 @@ def capa_details(file_path, output_format="dictionary"):
     capa_output = False
     if output_format == "dictionary":
         # ...as python dictionary, simplified as textable but in dictionary
-        doc = convert_capabilities_to_result_document(meta, rules, capabilities)
+        doc = capa.render.result_document.convert_capabilities_to_result_document(meta, rules, capabilities)
         capa_output = render_dictionary(doc)
     elif output_format == "json":
         # render results

scripts/lint.py

@@ -31,8 +31,8 @@ import ruamel.yaml
 import capa.main
 import capa.rules
 import capa.engine
-import capa.features
 import capa.features.insn
+import capa.features.common
 
 logger = logging.getLogger("lint")
 
@@ -326,7 +326,7 @@ class FeatureStringTooShort(Lint):
 
     def check_features(self, ctx, features):
         for feature in features:
-            if isinstance(feature, capa.features.String):
+            if isinstance(feature, capa.features.common.String):
                 if len(feature.value) < 4:
                     self.recommendation = self.recommendation.format(feature.value)
                     return True

scripts/show-capabilities-by-function.py

@@ -59,9 +59,9 @@ import colorama
 import capa.main
 import capa.rules
 import capa.engine
-import capa.render
 import capa.features
 import capa.render.utils as rutils
+import capa.render.result_document
 import capa.features.freeze
 from capa.helpers import get_file_taste
 
@@ -191,7 +191,7 @@ def main(argv=None):
     #  - when not an interactive session, and disable coloring
     # renderers should use coloring and assume it will be stripped out if necessary.
     colorama.init()
-    doc = capa.render.convert_capabilities_to_result_document(meta, rules, capabilities)
+    doc = capa.render.result_document.convert_capabilities_to_result_document(meta, rules, capabilities)
     print(render_matches_by_function(doc))
     colorama.deinit()