gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-04-28 11:53:20 -07:00
Code Issues Packages Projects Releases Wiki Activity
6,033 Commits 56 Branches 49 Tags
295ae3ee4b34f1775d89ab87b4ed5e9f4f24ce73
Commit Graph

6033 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Willi Ballenthin
295ae3ee4b fix: add missing submodule imports for Pyright attribute access 2026-04-23 16:11:58 +03:00
Willi Ballenthin
0655263ed3 fix: add inline explanations to all type: ignore comments 2026-04-23 16:11:58 +03:00
Willi Ballenthin
eb0d313264 fix: type: ignore placement for Pydantic alias parameters in freeze/__init__.py 2026-04-23 16:11:58 +03:00
Willi Ballenthin
aa502d3523 fix: rename unused self to _self in filter closures in base_extractor.py 2026-04-23 16:11:58 +03:00
Willi Ballenthin
546f0b77ea fix: private imports, return types, and unused imports in elffile.py and test_optimizer.py 2026-04-23 16:11:58 +03:00
Willi Ballenthin
7e75f97614 fix: type narrowing, unused imports, and TextIOWrapper guard in main.py 2026-04-23 16:11:58 +03:00
Willi Ballenthin
98d62bd39a fix: assert_never for exhaustive checks, tfile/line unbound, import paths, progress columns 2026-04-23 16:11:58 +03:00
Willi Ballenthin
dadf8b0961 fix: type annotations for disable_progress and module attribute access 2026-04-23 16:11:58 +03:00
Willi Ballenthin
2881939dc3 fix: possibly unbound variables and type annotations in elf.py and address.py 2026-04-23 16:11:58 +03:00
Moritz
74276c8c40 Merge pull request #3006 from mandiant/dependabot/pip/pydantic-2.13.0 
build(deps): bump pydantic from 2.12.4 to 2.13.0
 2026-04-17 15:23:57 +00:00
dependabot[bot]
e72f8baea6 build(deps): bump rich from 14.3.2 to 15.0.0 (#3007) 
Bumps [rich](https://github.com/Textualize/rich) from 14.3.2 to 15.0.0.
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Textualize/rich/compare/v14.3.2...v15.0.0)

---
updated-dependencies:
- dependency-name: rich
  dependency-version: 15.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-16 12:36:42 -06:00
Mike Hunhoff
3cd0e7867b Merge branch 'master' into dependabot/pip/pydantic-2.13.0 2026-04-16 12:36:15 -06:00
Moritz
557f521713 tests: update expected Binary Ninja version to 5.3 (#3011) 2026-04-16 12:35:43 -06:00
Moritz
c0ce1a3fb5 build(deps): bump msgspec from 0.20.0 to 0.21.1 (#3008) 
Bumps [msgspec](https://github.com/jcrist/msgspec) from 0.20.0 to 0.21.1.
- [Release notes](https://github.com/jcrist/msgspec/releases)
- [Changelog](https://github.com/jcrist/msgspec/blob/main/docs/changelog.md)
- [Commits](https://github.com/jcrist/msgspec/compare/0.20.0...0.21.1)

---
updated-dependencies:
- dependency-name: msgspec
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-15 07:59:11 +00:00
dependabot[bot]
b4e307b85d build(deps): bump msgspec from 0.20.0 to 0.21.1 
Bumps [msgspec](https://github.com/jcrist/msgspec) from 0.20.0 to 0.21.1.
- [Release notes](https://github.com/jcrist/msgspec/releases)
- [Changelog](https://github.com/jcrist/msgspec/blob/main/docs/changelog.md)
- [Commits](https://github.com/jcrist/msgspec/compare/0.20.0...0.21.1)

---
updated-dependencies:
- dependency-name: msgspec
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 16:00:22 +00:00
dependabot[bot]
d71dc8520f build(deps): bump pydantic from 2.12.4 to 2.13.0 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.4 to 2.13.0.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](https://github.com/pydantic/pydantic/compare/v2.12.4...v2.13.0)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 16:00:05 +00:00
Moritz
99ecd65852 ci: update GitHub Actions to Node.js 24 (#2984) 
* ci: update GitHub Actions to Node.js 24 and pin more versions
 2026-04-13 16:35:55 +02:00
Mike Hunhoff
0798528b7b ci: use explicit and per job permissions (#3002) 
* ci: use explicit and per job permissions

* update CHANGELOG
 2026-04-07 14:39:41 -06:00
Mike Hunhoff
c55b06860c ci: fix web rules failure (#3003) 
* ci: fix web rules failure

* address feedback

* ruff cleanup
 2026-04-07 13:01:23 -06:00
Mike Hunhoff
ed7e0cd77d lint: replace black/isort/flake8 with ruff (#2992) 
* lint: replace isort/flake8 with ruff

* update ruff links

* remove stale isort reference

* update CHANGELOG

* address review

* remove unused imports

* remove unnecessary list comprehension

* remove quotes from type annotation

* use dict.get instead of if-else block

* remove unnecessary utf-8 encoding declaration

* Revert "remove unused imports"

This reverts commit 18ba50a22b.

* skip check for unused imports

* fix UP036 Version block is outdated for minimum Python version

* add TODO comment for unused imports

* replace black with ruff

* address review comments
 2026-04-07 12:10:41 -06:00
Moritz
ac1cba74b3 feat: update vivisect to 1.3.2 (#3001) 2026-04-07 10:30:21 -06:00
Moritz
ed6b40e967 Merge pull request #3000 from mandiant/dependabot/npm_and_yarn/web/explorer/vite-6.4.2 
build(deps-dev): bump vite from 6.4.1 to 6.4.2 in /web/explorer
 2026-04-07 09:36:36 +00:00
dependabot[bot]
c07b9e1d33 build(deps-dev): bump vite from 6.4.1 to 6.4.2 in /web/explorer 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.4.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 6.4.2
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 18:21:14 +00:00
dependabot[bot]
70f275ac0b build(deps-dev): bump types-protobuf (#2994) 
Bumps [types-protobuf](https://github.com/python/typeshed) from 6.32.1.20250918 to 7.34.1.20260403.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-protobuf
  dependency-version: 7.34.1.20260403
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-04-06 12:15:37 -06:00
dependabot[bot]
63aa5729ee build(deps-dev): bump mypy from 1.19.1 to 1.20.0 (#2993) 
Bumps [mypy](https://github.com/python/mypy) from 1.19.1 to 1.20.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.19.1...v1.20.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-06 10:42:18 -06:00
dependabot[bot]
63edbedb7c build(deps-dev): bump lodash from 4.17.23 to 4.18.1 in /web/explorer (#2991) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-06 08:59:48 -06:00
Rizky Mirzaviandy Priambodo
ac82a25e11 build: bump linux standalone build to Python 3.13 (#2941) 
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-04-03 09:42:00 -06:00
Capa Bot
0b7a5f4b78 Sync capa-testfiles submodule 2026-04-03 15:12:39 +00:00
eversinc33
6aeec0f2b2 Change capa-rules version in installation guide (#2965) 
* Change capa-rules version in installation guide

Updated the installation instructions to reflect the newest version of capa-rules.

* add md files from /doc to bumpversion.toml

* adjust rule installation command

* bump to 9.4.0
 2026-04-03 09:06:49 -06:00
Moritz
7a79f799a7 Merge pull request #2982 from mandiant/fix/workflow-zip-env 
ci: fix ZIP_NAME environment variable in build workflow
v9.4.0 		2026-04-01 09:28:48 +00:00
mr-tz
4e4e16391a ci: fix ZIP_NAME environment variable in build workflow 2026-04-01 09:27:00 +00:00
Moritz
3276e351db Prepare release v9.4.0 (#2981) 
* Prepare release v9.4.0
 2026-04-01 10:58:02 +02:00
Capa Bot
d9b05ed534 Sync capa rules submodule 2026-03-31 16:39:30 +00:00
dependabot[bot]
c5fd75f118 build(deps): bump pyasn1 from 0.5.1 to 0.6.3 (#2939) 2026-03-30 21:12:42 +00:00
Moritz
b82c07d87e Merge pull request #2980 from mandiant/dependabot/pip/pygments-2.20.0 2026-03-30 21:12:06 +00:00
dependabot[bot]
0933594ae9 build(deps): bump pygments from 2.19.1 to 2.20.0 
Bumps [pygments](https://github.com/pygments/pygments) from 2.19.1 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.19.1...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 18:43:24 +00:00
Moritz
db84b2cf33 Merge pull request #2978 from mandiant/dependabot/pip/pygithub-2.9.0 
build(deps-dev): bump pygithub from 2.8.1 to 2.9.0
 2026-03-30 20:42:45 +02:00
Moritz
693233e9ee Merge pull request #2977 from mandiant/dependabot/pip/types-requests-2.33.0.20260327 
build(deps-dev): bump types-requests from 2.32.0.20240712 to 2.33.0.20260327
 2026-03-30 20:42:15 +02:00
Moritz
66a26d02ea build(deps): bump pygments from 2.18.0 to 2.20.0 in /web/rules (#2979) 
Bumps [pygments](https://github.com/pygments/pygments) from 2.18.0 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.18.0...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-30 20:41:47 +02:00
dependabot[bot]
3db27d2e89 build(deps): bump pygments from 2.18.0 to 2.20.0 in /web/rules 
Bumps [pygments](https://github.com/pygments/pygments) from 2.18.0 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.18.0...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 17:41:53 +00:00
dependabot[bot]
e548fa07a4 build(deps-dev): bump pygithub from 2.8.1 to 2.9.0 
Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](https://github.com/pygithub/pygithub/compare/v2.8.1...v2.9.0)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-version: 2.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 16:09:57 +00:00
dependabot[bot]
9481499004 build(deps-dev): bump types-requests 
Bumps [types-requests](https://github.com/python/typeshed) from 2.32.0.20240712 to 2.33.0.20260327.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-version: 2.33.0.20260327
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 16:09:48 +00:00
dependabot[bot]
6980df98b0 build(deps-dev): bump deptry from 0.24.0 to 0.25.1 (#2964) 
* build(deps-dev): bump deptry from 0.24.0 to 0.25.1

Bumps [deptry](https://github.com/osprey-oss/deptry) from 0.24.0 to 0.25.1.
- [Release notes](https://github.com/osprey-oss/deptry/releases)
- [Changelog](https://github.com/osprey-oss/deptry/blob/main/CHANGELOG.md)
- [Commits](https://github.com/osprey-oss/deptry/compare/0.24.0...0.25.1)

---
updated-dependencies:
- dependency-name: deptry
  dependency-version: 0.25.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* style: auto-format with black and isort

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-03-27 12:24:42 -06:00
Capa Bot
82de4ef56b Sync capa rules submodule 2026-03-27 17:03:38 +00:00
Mike Hunhoff
a6ac839eea fix mypy formatting (#2973) 2026-03-27 10:54:28 -06:00
dependabot[bot]
4ba1b5d233 build(deps): bump bump-my-version from 1.2.4 to 1.3.0 (#2963) 
* build(deps): bump bump-my-version from 1.2.4 to 1.3.0

Bumps [bump-my-version](https://github.com/callowayproject/bump-my-version) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/callowayproject/bump-my-version/releases)
- [Changelog](https://github.com/callowayproject/bump-my-version/blob/master/CHANGELOG.md)
- [Commits](https://github.com/callowayproject/bump-my-version/compare/1.2.4...v1.3)

---
updated-dependencies:
- dependency-name: bump-my-version
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* style: auto-format with black and isort

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 15:30:46 -06:00
dependabot[bot]
f694c2ae5e build(deps): bump picomatch in /web/explorer (#2967) 
Bumps  and [picomatch](https://github.com/micromatch/picomatch). These dependencies needed to be updated together.

Updates `picomatch` from 4.0.2 to 4.0.4
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4)

---
updated-dependencies:
- dependency-name: picomatch
  dependency-version: 4.0.4
  dependency-type: indirect
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 15:09:15 -06:00
devs6186
c930891c21 rules: address code review feedback for bytes prefix index 
- remove bytes_rules from _RuleFeatureIndex; bytes_prefix_index is the
  only structure needed for candidate selection
- build bytes_prefix_index directly in _index_rules_by_feature() instead
  of building bytes_rules then converting, removing one full pass
- add if -1 in bytes_prefix_index guard to avoid temporary object
  creation for the short-pattern fallback (almost never taken)
- remove assert isinstance(feature.value, bytes) checks in _match();
  add Bytes.value: bytes class-level annotation so mypy narrows the
  type without the runtime check
- remove cache structure compatibility block from cache.py per reviewer
  request to handle in a separate PR
- update test assertions from bytes_rules to bytes_prefix_index
 2026-03-20 21:37:04 +01:00
devs6186
f572c01d10 rules: clarify bytes_prefix_index guard and add mixed-pattern test 
- Change _match() guard from bytes_rules to bytes_prefix_index
  so the guard references the field actually used for candidate selection.
- Update stale comment to describe the prefix-bucket strategy.
- Clarify bytes_rules dataclass comment (retained for logging only).
- Add test_bytes_prefix_index_mixed_short_and_long_patterns covering
  rules with both short (<4B) and long (>=4B) patterns exercised together.
 2026-03-20 21:37:04 +01:00
devs6186
2673590370 rules: validate _RuleFeatureIndex structure when loading from cache 
When _RuleFeatureIndex gains a new field, pickle.loads() on an older
cached ruleset succeeds but the resulting objects silently lack the new
field — causing an AttributeError deep in _match() at runtime.

Extend load_cached_ruleset() to walk every _RuleFeatureIndex in the
loaded ruleset and verify each dataclass field is present on the
instance. On mismatch, delete the stale cache and return None so the
caller rebuilds from scratch. Production users are unaffected (the
version hash in the cache key already invalidates caches across
releases); this guard covers developer switching between branches.
 2026-03-20 21:37:04 +01:00