gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-04-28 11:53:20 -07:00
Code Issues Packages Projects Releases Wiki Activity
6,022 Commits 56 Branches 49 Tags
3cd0e7867b907326eb8aa2f13013af443510f4ed
Commit Graph

6022 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Hunhoff
3cd0e7867b Merge branch 'master' into dependabot/pip/pydantic-2.13.0 2026-04-16 12:36:15 -06:00
Moritz
557f521713 tests: update expected Binary Ninja version to 5.3 (#3011) 2026-04-16 12:35:43 -06:00
Moritz
c0ce1a3fb5 build(deps): bump msgspec from 0.20.0 to 0.21.1 (#3008) 
Bumps [msgspec](https://github.com/jcrist/msgspec) from 0.20.0 to 0.21.1.
- [Release notes](https://github.com/jcrist/msgspec/releases)
- [Changelog](https://github.com/jcrist/msgspec/blob/main/docs/changelog.md)
- [Commits](https://github.com/jcrist/msgspec/compare/0.20.0...0.21.1)

---
updated-dependencies:
- dependency-name: msgspec
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-15 07:59:11 +00:00
dependabot[bot]
b4e307b85d build(deps): bump msgspec from 0.20.0 to 0.21.1 
Bumps [msgspec](https://github.com/jcrist/msgspec) from 0.20.0 to 0.21.1.
- [Release notes](https://github.com/jcrist/msgspec/releases)
- [Changelog](https://github.com/jcrist/msgspec/blob/main/docs/changelog.md)
- [Commits](https://github.com/jcrist/msgspec/compare/0.20.0...0.21.1)

---
updated-dependencies:
- dependency-name: msgspec
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 16:00:22 +00:00
dependabot[bot]
d71dc8520f build(deps): bump pydantic from 2.12.4 to 2.13.0 
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.12.4 to 2.13.0.
- [Release notes](https://github.com/pydantic/pydantic/releases)
- [Changelog](https://github.com/pydantic/pydantic/blob/main/HISTORY.md)
- [Commits](https://github.com/pydantic/pydantic/compare/v2.12.4...v2.13.0)

---
updated-dependencies:
- dependency-name: pydantic
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 16:00:05 +00:00
Moritz
99ecd65852 ci: update GitHub Actions to Node.js 24 (#2984) 
* ci: update GitHub Actions to Node.js 24 and pin more versions
 2026-04-13 16:35:55 +02:00
Mike Hunhoff
0798528b7b ci: use explicit and per job permissions (#3002) 
* ci: use explicit and per job permissions

* update CHANGELOG
 2026-04-07 14:39:41 -06:00
Mike Hunhoff
c55b06860c ci: fix web rules failure (#3003) 
* ci: fix web rules failure

* address feedback

* ruff cleanup
 2026-04-07 13:01:23 -06:00
Mike Hunhoff
ed7e0cd77d lint: replace black/isort/flake8 with ruff (#2992) 
* lint: replace isort/flake8 with ruff

* update ruff links

* remove stale isort reference

* update CHANGELOG

* address review

* remove unused imports

* remove unnecessary list comprehension

* remove quotes from type annotation

* use dict.get instead of if-else block

* remove unnecessary utf-8 encoding declaration

* Revert "remove unused imports"

This reverts commit 18ba50a22b.

* skip check for unused imports

* fix UP036 Version block is outdated for minimum Python version

* add TODO comment for unused imports

* replace black with ruff

* address review comments
 2026-04-07 12:10:41 -06:00
Moritz
ac1cba74b3 feat: update vivisect to 1.3.2 (#3001) 2026-04-07 10:30:21 -06:00
Moritz
ed6b40e967 Merge pull request #3000 from mandiant/dependabot/npm_and_yarn/web/explorer/vite-6.4.2 
build(deps-dev): bump vite from 6.4.1 to 6.4.2 in /web/explorer
 2026-04-07 09:36:36 +00:00
dependabot[bot]
c07b9e1d33 build(deps-dev): bump vite from 6.4.1 to 6.4.2 in /web/explorer 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v6.4.2/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v6.4.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 6.4.2
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 18:21:14 +00:00
dependabot[bot]
70f275ac0b build(deps-dev): bump types-protobuf (#2994) 
Bumps [types-protobuf](https://github.com/python/typeshed) from 6.32.1.20250918 to 7.34.1.20260403.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-protobuf
  dependency-version: 7.34.1.20260403
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-04-06 12:15:37 -06:00
dependabot[bot]
63aa5729ee build(deps-dev): bump mypy from 1.19.1 to 1.20.0 (#2993) 
Bumps [mypy](https://github.com/python/mypy) from 1.19.1 to 1.20.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.19.1...v1.20.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-06 10:42:18 -06:00
dependabot[bot]
63edbedb7c build(deps-dev): bump lodash from 4.17.23 to 4.18.1 in /web/explorer (#2991) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-06 08:59:48 -06:00
Rizky Mirzaviandy Priambodo
ac82a25e11 build: bump linux standalone build to Python 3.13 (#2941) 
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-04-03 09:42:00 -06:00
Capa Bot
0b7a5f4b78 Sync capa-testfiles submodule 2026-04-03 15:12:39 +00:00
eversinc33
6aeec0f2b2 Change capa-rules version in installation guide (#2965) 
* Change capa-rules version in installation guide

Updated the installation instructions to reflect the newest version of capa-rules.

* add md files from /doc to bumpversion.toml

* adjust rule installation command

* bump to 9.4.0
 2026-04-03 09:06:49 -06:00
Moritz
7a79f799a7 Merge pull request #2982 from mandiant/fix/workflow-zip-env 
ci: fix ZIP_NAME environment variable in build workflow
v9.4.0 		2026-04-01 09:28:48 +00:00
mr-tz
4e4e16391a ci: fix ZIP_NAME environment variable in build workflow 2026-04-01 09:27:00 +00:00
Moritz
3276e351db Prepare release v9.4.0 (#2981) 
* Prepare release v9.4.0
 2026-04-01 10:58:02 +02:00
Capa Bot
d9b05ed534 Sync capa rules submodule 2026-03-31 16:39:30 +00:00
dependabot[bot]
c5fd75f118 build(deps): bump pyasn1 from 0.5.1 to 0.6.3 (#2939) 2026-03-30 21:12:42 +00:00
Moritz
b82c07d87e Merge pull request #2980 from mandiant/dependabot/pip/pygments-2.20.0 2026-03-30 21:12:06 +00:00
dependabot[bot]
0933594ae9 build(deps): bump pygments from 2.19.1 to 2.20.0 
Bumps [pygments](https://github.com/pygments/pygments) from 2.19.1 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.19.1...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 18:43:24 +00:00
Moritz
db84b2cf33 Merge pull request #2978 from mandiant/dependabot/pip/pygithub-2.9.0 
build(deps-dev): bump pygithub from 2.8.1 to 2.9.0
 2026-03-30 20:42:45 +02:00
Moritz
693233e9ee Merge pull request #2977 from mandiant/dependabot/pip/types-requests-2.33.0.20260327 
build(deps-dev): bump types-requests from 2.32.0.20240712 to 2.33.0.20260327
 2026-03-30 20:42:15 +02:00
Moritz
66a26d02ea build(deps): bump pygments from 2.18.0 to 2.20.0 in /web/rules (#2979) 
Bumps [pygments](https://github.com/pygments/pygments) from 2.18.0 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.18.0...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-30 20:41:47 +02:00
dependabot[bot]
3db27d2e89 build(deps): bump pygments from 2.18.0 to 2.20.0 in /web/rules 
Bumps [pygments](https://github.com/pygments/pygments) from 2.18.0 to 2.20.0.
- [Release notes](https://github.com/pygments/pygments/releases)
- [Changelog](https://github.com/pygments/pygments/blob/master/CHANGES)
- [Commits](https://github.com/pygments/pygments/compare/2.18.0...2.20.0)

---
updated-dependencies:
- dependency-name: pygments
  dependency-version: 2.20.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 17:41:53 +00:00
dependabot[bot]
e548fa07a4 build(deps-dev): bump pygithub from 2.8.1 to 2.9.0 
Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](https://github.com/pygithub/pygithub/compare/v2.8.1...v2.9.0)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-version: 2.9.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 16:09:57 +00:00
dependabot[bot]
9481499004 build(deps-dev): bump types-requests 
Bumps [types-requests](https://github.com/python/typeshed) from 2.32.0.20240712 to 2.33.0.20260327.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-requests
  dependency-version: 2.33.0.20260327
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-30 16:09:48 +00:00
dependabot[bot]
6980df98b0 build(deps-dev): bump deptry from 0.24.0 to 0.25.1 (#2964) 
* build(deps-dev): bump deptry from 0.24.0 to 0.25.1

Bumps [deptry](https://github.com/osprey-oss/deptry) from 0.24.0 to 0.25.1.
- [Release notes](https://github.com/osprey-oss/deptry/releases)
- [Changelog](https://github.com/osprey-oss/deptry/blob/main/CHANGELOG.md)
- [Commits](https://github.com/osprey-oss/deptry/compare/0.24.0...0.25.1)

---
updated-dependencies:
- dependency-name: deptry
  dependency-version: 0.25.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* style: auto-format with black and isort

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-03-27 12:24:42 -06:00
Capa Bot
82de4ef56b Sync capa rules submodule 2026-03-27 17:03:38 +00:00
Mike Hunhoff
a6ac839eea fix mypy formatting (#2973) 2026-03-27 10:54:28 -06:00
dependabot[bot]
4ba1b5d233 build(deps): bump bump-my-version from 1.2.4 to 1.3.0 (#2963) 
* build(deps): bump bump-my-version from 1.2.4 to 1.3.0

Bumps [bump-my-version](https://github.com/callowayproject/bump-my-version) from 1.2.4 to 1.3.0.
- [Release notes](https://github.com/callowayproject/bump-my-version/releases)
- [Changelog](https://github.com/callowayproject/bump-my-version/blob/master/CHANGELOG.md)
- [Commits](https://github.com/callowayproject/bump-my-version/compare/1.2.4...v1.3)

---
updated-dependencies:
- dependency-name: bump-my-version
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* style: auto-format with black and isort

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 15:30:46 -06:00
dependabot[bot]
f694c2ae5e build(deps): bump picomatch in /web/explorer (#2967) 
Bumps  and [picomatch](https://github.com/micromatch/picomatch). These dependencies needed to be updated together.

Updates `picomatch` from 4.0.2 to 4.0.4
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4)

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/4.0.2...4.0.4)

---
updated-dependencies:
- dependency-name: picomatch
  dependency-version: 4.0.4
  dependency-type: indirect
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-26 15:09:15 -06:00
devs6186
c930891c21 rules: address code review feedback for bytes prefix index 
- remove bytes_rules from _RuleFeatureIndex; bytes_prefix_index is the
  only structure needed for candidate selection
- build bytes_prefix_index directly in _index_rules_by_feature() instead
  of building bytes_rules then converting, removing one full pass
- add if -1 in bytes_prefix_index guard to avoid temporary object
  creation for the short-pattern fallback (almost never taken)
- remove assert isinstance(feature.value, bytes) checks in _match();
  add Bytes.value: bytes class-level annotation so mypy narrows the
  type without the runtime check
- remove cache structure compatibility block from cache.py per reviewer
  request to handle in a separate PR
- update test assertions from bytes_rules to bytes_prefix_index
 2026-03-20 21:37:04 +01:00
devs6186
f572c01d10 rules: clarify bytes_prefix_index guard and add mixed-pattern test 
- Change _match() guard from bytes_rules to bytes_prefix_index
  so the guard references the field actually used for candidate selection.
- Update stale comment to describe the prefix-bucket strategy.
- Clarify bytes_rules dataclass comment (retained for logging only).
- Add test_bytes_prefix_index_mixed_short_and_long_patterns covering
  rules with both short (<4B) and long (>=4B) patterns exercised together.
 2026-03-20 21:37:04 +01:00
devs6186
2673590370 rules: validate _RuleFeatureIndex structure when loading from cache 
When _RuleFeatureIndex gains a new field, pickle.loads() on an older
cached ruleset succeeds but the resulting objects silently lack the new
field — causing an AttributeError deep in _match() at runtime.

Extend load_cached_ruleset() to walk every _RuleFeatureIndex in the
loaded ruleset and verify each dataclass field is present on the
instance. On mismatch, delete the stale cache and return None so the
caller rebuilds from scratch. Production users are unaffected (the
version hash in the cache key already invalidates caches across
releases); this guard covers developer switching between branches.
 2026-03-20 21:37:04 +01:00
devs6186
5e19574ba9 rules: build bytes prefix index once at construction, not per _match() call 
The previous implementation rebuilt a `defaultdict` mapping byte prefixes
to extracted feature values inside `_match()`, which is called per
function/basic-block/instruction. Moving the rule-side index build to
`_index_rules_by_feature()` (called once at RuleSet construction) eliminates
this per-call allocation and O(R) rule iteration from the hot path.

`_match()` now looks up candidate rules via the pre-built `bytes_prefix_index`
stored in `_RuleFeatureIndex`, iterating only extracted byte features to
compute their prefixes.
 2026-03-20 21:37:04 +01:00
devs6186
b868be55b8 rules: simplify bytes prefix indexing and add collision tests 2026-03-20 21:37:04 +01:00
devs6186
501ee0656a rules: index extracted bytes by length prefix for O(1) candidate selection 
Closes #2128
 2026-03-20 21:37:04 +01:00
devs6186
ed256d2416 rules: index extracted bytes by length prefix for O(1) candidate selection 
Instead of iterating all extracted Bytes features for every bytes-based rule,
build a prefix index keyed by fixed bucket sizes (4, 8, 16, 32, 64, 128, 256)
once per scope evaluation.  Each bytes pattern is looked up in the largest
bucket that fits its length, then only candidates sharing that prefix are
compared, replacing the previous O(n) linear scan with an O(1) hash lookup.
Patterns shorter than the minimum bucket still fall back to the full scan.
Adds a test to verify correctness for exact match, startswith match, mismatch,
and short-bytes cases.

Closes: https://github.com/mandiant/capa/issues/2128
 2026-03-20 21:37:04 +01:00
Harshit
01c5602bb1 tests: import capa.render.default in test_render (#2938) 
* tests: import capa.render.default in test_render

Signed-off-by: blenbot <harshitiszz23@gmail.com>

* tests: import capa.render.default in test_render

Signed-off-by: blenbot <harshitiszz23@gmail.com>

---------

Signed-off-by: blenbot <harshitiszz23@gmail.com>
 2026-03-20 13:52:48 -06:00
dependabot[bot]
d73c76a87b build(deps-dev): bump flatted from 3.3.1 to 3.4.2 in /web/explorer (#2948) 
Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.1 to 3.4.2.
- [Commits](https://github.com/WebReflection/flatted/compare/v3.3.1...v3.4.2)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-20 13:52:03 -06:00
Willi Ballenthin
0b1e3bfbdf cache: support *BSD (#2949) 
* cache: support *BSD

closes #2930 

thanks @res2500

* changelog
 2026-03-20 13:51:10 -06:00
blenbot
6579e01d15 fix(freeze): use get_base_address in dumps_dynamic 
Signed-off-by: blenbot <harshitiszz23@gmail.com>
 2026-03-18 19:23:06 +01:00
blenbot
7090aa9c37 fix(range): correct unbounded max sentinel precedence 
Signed-off-by: blenbot <harshitiszz23@gmail.com>
 2026-03-18 12:47:31 +01:00
EdoardoAllegrini
30d9989538 fix: resolve mypy type error in dumps_dynamic by using actual field name 2026-03-17 07:22:05 +01:00
dependabot[bot]
7b23834d8e build(deps-dev): bump black from 25.12.0 to 26.3.0 (#2902) 
* build(deps-dev): bump black from 25.12.0 to 26.3.0

Bumps [black](https://github.com/psf/black) from 25.12.0 to 26.3.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/25.12.0...26.3.0)

---
updated-dependencies:
- dependency-name: black
  dependency-version: 26.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* style: auto-format with black and isort

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
Co-authored-by: Capa Bot <capa-dev@mandiant.com>
 2026-03-13 15:46:13 +01:00