gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-28 05:33:20 -08:00
Code Issues Packages Projects Releases Wiki Activity
2,464 Commits 45 Branches 48 Tags
9164713dd954501e5896677493905abd52ee3df7
Commit Graph

78 Commits

Author SHA1 Message Date
Moritz
65552575f8 Update dotnet-main (#979) 
* Sync capa rules submodule

* Sync capa-testfiles submodule

* Sync capa rules submodule

* changelog

* *: remove /x32 and /x64 flavors from number and offset features

* *: remove more references to /x32 and /x64

* linter: accept instruction scope

* rules: fix max operand index (4)

* API: better support A/W functions

* vverbose: show lib rule matches

* main: accept multiple paths to rules

* main: fix removal of default rules path

* lint: fix rules path

* changelog

* capa_as_library: fix rules path is list now

* main: better handle multiple rules paths

* main: bail if python 3.6 or below

closes #964

* ida: readme: remove python 3.6 support

* capa2yara: fix rules paths

* render: meta: display rule paths on separate lines

closes #971

* render: verbose: add doc

* verbose: make rule path multiline more concise

* vverbose: don't show examples in output

closes #970

* vverbose: render subscope name, like "basic block:"

closes #963

* build(deps-dev): bump pytest from 7.0.1 to 7.1.1

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.0.1 to 7.1.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.0.1...7.1.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* ci: build: update pip and setuptools

* ci: build: bump pyinstall to v4.10

* Sync capa rules submodule

* Dotnet mixed mode detect (#969)

* feat: start dotnet detection (#955)

* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* fix: imports and add tests

* feat: detect mixed mode and tests

* feat: start dotnet detection (#955)

* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* fix: imports and add tests

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* test: checkout submodules recursively

Co-authored-by: Capa Bot <capa-dev@mandiant.com>
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-07 17:45:29 +02:00
Moritz
b5be876e61 feat: start dotnet detection (#955) 
* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2022-04-06 11:33:14 +02:00
Willi Ballenthin
0617b87f36 ci: no longer test against py3.6 2022-04-05 10:19:09 -06:00
Willi Ballenthin
031ea167e8 add pycodestyle config 2022-03-28 13:17:18 -06:00
Willi Ballenthin
8afd12103d ci: build: try to use windows-2022 2022-03-11 17:40:35 -07:00
Moritz
5d106afca6 remove windows-2016 2022-03-11 08:38:09 +01:00
Willi Ballenthin
7e50a957ff ci: tests: python versions are strings not floats 2021-11-16 10:12:34 -07:00
Willi Ballenthin
137cff6127 ci: tests: test under py3.10 too 2021-11-16 10:06:32 -07:00
Moritz Raabe
8de69c639a s/fireeye/mandiant 2021-09-29 12:55:16 +02:00
Moritz Raabe
41786f4ab8 add hidden import and test 2021-09-28 15:39:23 +02:00
Moritz Raabe
16c12f816b update to ubuntu-18.04 2021-09-09 16:45:11 +02:00
Moritz Raabe
6860b9a040 address Willi's feedback 2021-06-29 21:16:31 +02:00
Moritz Raabe
5c8a4aafd7 test scripts and fix show-features 2021-06-29 21:16:31 +02:00
Moritz
2d7ac73caa update dependabot actor name 2021-06-21 16:24:43 +02:00
William Ballenthin
48756a7621 ci: invoke mypy during testing 2021-06-14 10:41:53 -06:00
Moritz Raabe
bed2e3777e job level exclusion 2021-06-07 12:38:03 +02:00
Moritz Raabe
ff66346d2a ignore dependabot for changelog check 2021-06-07 09:52:46 +02:00
Ana Maria Martinez Gomez
4ef3830b6b Use Ana06/get-changed-files@v1.2 
Use Ana06/get-changed-files@v1.2 which removes the _head commit is ahead
of the base commit_ check. This made the action failed in not up-to-date
branches (in which rebasing is needed).

It supersedes https://github.com/fireeye/capa/pull/599
 2021-06-04 14:03:41 +02:00
Ana Maria Martinez Gomez
f304bdbd20 ci: lint CHANGELOG 
The sync GH action in capa-rules relies on a single '- *$' in the
CHANGELOG file. Check in the tests that this is the case to avoid that
it is removed.

This happened in the following PR:
https://github.com/fireeye/capa/pull/591
This caused that the new rules in the following PR were not added to the
CHANGELOG:
https://github.com/fireeye/capa-rules/pull/400
 2021-06-02 12:42:48 +02:00
Ana Maria Martinez Gomez
38d41e2f59 ci: fix get-changed-files 
Ana06/get-changed-files@v1.1 is a fork of
https://github.com/jitterbit/get-changed-files, which supports
`pull_request_target` and allow to filter files using regular
expressions.

As we need to use `pull_request_target`, Ana06/get-changed-files@v1.1
works, but jitterbit/get-changed-files@v1 doesn't.
 2021-05-28 11:08:04 +02:00
Ana Maria Martinez Gomez
23ff9e719f ci: only reject once and fix dismiss 
`Ana06/automatic-pull-request-review@v0.1.0` is a fork of
https://github.com/AndrewMusgrave/automatic-pull-request-review which
fixes `DISMISS` and provides an `allow_duplicate` option which allows to
only approve once.
 2021-05-28 11:08:04 +02:00
Ana Maria Martinez Gomez
7a0a6f9cf1 ci: check changelog 
Request changes in a PR without CHANGELOG update.
 2021-05-28 11:08:04 +02:00
Moritz
424a25cb91 Fix tests on Windows - reduced memory impact and general fixes (#545) 
* Update tests.yml

* Update .github/workflows/tests.yml

* Update tests.yml

* update

* min tests

* enable all, no sigpaths

* update cache

* save workspace, log caching

* updated tests

* update tests

* update rec call test

* lower cache size

* address Ana's feedback
 2021-05-11 16:29:01 +02:00
William Ballenthin
a0e045dc52 ci: use black/isort dep from setup.py 
closes #535
 2021-04-26 08:39:01 -06:00
Moritz
3023634536 build using Py3.8 and test across more OSs (#506) 
* build using Py3.8 and test across more OSs

* enable for release

* test builds on push to master
 2021-04-13 15:42:58 +02:00
Ana María Martínez Gómez
255d6ea176 Merge pull request #517 from Ana06/better-tag 
ci: add capa release link to capa-rules tag
 2021-04-08 10:49:07 +02:00
Ana Maria Martinez Gomez
9d79baa96a ci: add capa release link to capa-rules tag 
GitHub displays the commit's message of the tag if no description is
given, which is ugly. Use annotated tags which include a message. Use
the release link as message, as this is useful information.
 2021-04-07 18:46:51 +02:00
Ana Maria Martinez Gomez
e9d190799e py3: use Python 3.6 to publish capa 2021-04-07 18:20:08 +02:00
Ana Maria Martinez Gomez
c0d6468347 py3: Remove Python 2 tests 
Tests don't need to support Python 2 any longer. Do not run tests with
Python 2.
 2021-04-07 18:20:07 +02:00
Ana Maria Martinez Gomez
d412e66cea ci: do not test Python 2.7 with Windows 
The Python 2.7 tests fail in Windows with vivisect because the Windows
filesystem encoding is not UTF-8. This shouldn't be a problem when using
capa as the given filename most likely uses the same encoding, but we
force UTF-8 in our tests. As we are planing to remove Python 2 support
is not wortwhile to invest time in making this test working. Instead,
test Python 2.7 only in Ubuntu.
 2021-04-06 21:39:01 +02:00
Moritz Raabe
efe50d3313 ci: test on Windows and macOS 
Run the tests on Windows and macOS to avoid failures OS related.

closes #460
 2021-04-06 21:38:07 +02:00
Ana María Martínez Gómez
6f289d1b8e Merge pull request #476 from Ana06/tag-workflow 2021-03-23 09:54:59 +01:00
Willi Ballenthin
29d8f1fd27 ci: tests: pin OS version 2021-03-22 09:51:20 -06:00
Willi Ballenthin
a6c472bb2a ci: publish: pin OS version 2021-03-22 09:50:47 -06:00
Willi Ballenthin
b880d419a3 ci: build: pin OS versions 2021-03-22 09:50:04 -06:00
Moritz Raabe
8719a23de4 dos2unix 2021-03-19 09:40:44 +01:00
Ana Maria Martinez Gomez
5d16a77891 ci: tag capa-rules on release 
Add GitHub Action to tag capa-rules when releasing capa. The used tag
name is the same as the one in capa.
 2021-03-16 12:45:02 +01:00
William Ballenthin
c01dde3fb2 ci: disable test building of pyinstaller upon push 2021-03-05 13:26:15 -07:00
William Ballenthin
6f9c660082 ci: test pyinstaller CI 2021-03-05 12:55:19 -07:00
William Ballenthin
9aaaa044da ci: use py3.9 and pyinstaller 4.2 to build standalone binaries 2021-03-05 12:52:38 -07:00
Moritz Raabe
4bc06aa8cd closes #405 2021-01-28 08:23:15 +01:00
Moritz Raabe
2c5508febd bump smda, enable Python 3.9 2021-01-22 10:00:25 +01:00
Moritz
a813e219e6 Merge pull request #363 from fireeye/williballenthin-patch-1 
ci: disable py3.9 testing
 2020-11-09 21:14:36 +01:00
Willi Ballenthin
65feb60bb8 ci: disable py3.9 testing 2020-11-09 13:06:37 -07:00
Moritz Raabe
75defc13a0 disable fail-fast for tests job 2020-11-09 13:22:23 +01:00
Willi Ballenthin
276928951c build: event published/edited, not created 2020-10-23 15:17:32 -06:00
Willi Ballenthin
3ba4a8cdd8 Update build.yml 2020-10-23 15:07:13 -06:00
Willi Ballenthin
8820dabab9 Update build.yml 2020-10-23 14:59:34 -06:00
Willi Ballenthin
f9d89301df Update build.yml 2020-10-23 14:58:44 -06:00
Willi Ballenthin
7edb93d3ad Update build.yml 2020-10-23 14:57:14 -06:00