Commit Graph

26 Commits

Author SHA1 Message Date
William Ballenthin cd06ee4544 main: correctly extract namespaces matches across scopes
closes #721
2021-08-10 13:05:31 -06:00
William Ballenthin c2981d5091 engine: cleanup some lints 2021-06-14 11:05:58 -06:00
William Ballenthin 7372aa91c6 engine: better type doc 2021-06-14 10:56:44 -06:00
William Ballenthin 4583692539 type: capa.main 2021-06-14 09:19:08 -06:00
William Ballenthin 83909b2be4 *: remove explicit object super class
closes #635
2021-06-14 08:47:09 -06:00
William Ballenthin b5a18de4a3 pep8 2021-06-09 23:52:15 -06:00
William Ballenthin 5408481606 type: capa.engine 2021-06-09 23:51:55 -06:00
William Ballenthin 527e993bb4 engine: remove dependency on rules, fixing circular import 2021-06-09 22:30:43 -06:00
William Ballenthin ac59e50b5f move capa/features/__init__.py logic to common.py
also cleanup imports across the board,
thanks to pylance.
2021-06-09 22:20:53 -06:00
Moritz Raabe 00b7f2e02f addressing Willi's feedback 2020-09-24 20:23:15 +02:00
Moritz Raabe 4691302a78 parse descriptions for statements 2020-09-24 15:35:30 +02:00
Ana María Martínez Gómez bee91583e5 Enable descriptions for statement nodes
Enable descriptions for statement nodes such as and and or.

Use of case in: fireeye/capa-rules/pull/51

Documentation should be added in capa-rules.
2020-07-28 15:58:24 +02:00
Ana María Martínez Gómez a74ab922a3 Get rid of * for Statement
They are not needed and complicate the code and make more difficult to
add more parameters to the initialization of Statements.

This produces many changes in the tests. The alternative would be to add
a parameter None in all of them, which are also a lot of changes.
2020-07-28 14:20:13 +02:00
William Ballenthin baeea5b6ec *: update license header to reference Apache 2.0
closes #173
2020-07-22 15:05:24 -06:00
Ana María Martínez Gómez 6fe56f6224 Make Regex a Feature
This enables description for regular expressions and simplifies the code.
2020-07-15 22:37:35 +02:00
William Ballenthin 3faf175da7 *: add license header
closes #144
2020-07-15 14:14:53 -06:00
William Ballenthin db2b1caeae Merge branch 'master' into fmt-black 2020-07-02 10:25:24 -06:00
Ana María Martínez Gómez f8cfb67d02 Fix KeyError in Range#evaluate()
If the key doesn't exist, `evaluate` raises a `KeyError` Exception,
making the tests fail.
2020-07-02 11:28:47 +02:00
William Ballenthin b9d017ad10 pep8 2020-07-01 12:43:12 -06:00
William Ballenthin ebff65adc4 rules: range: simplify logic 2020-06-30 00:46:19 -06:00
William Ballenthin 9aba2eb3a5 rules: range: correct handling of range with min==0
closes #57
2020-06-30 00:44:22 -06:00
William Ballenthin 3d0bd64e1b engine, rules: support matching namespaces, not just rule names
closes #37
2020-06-29 05:54:56 -06:00
William Ballenthin cb8fedc1b9 engine: Range should never return children results 2020-06-28 11:29:36 -06:00
William Ballenthin d3b02a0b4d render: splice in results for match statements 2020-06-27 08:04:35 -06:00
Ana María Martínez Gómez 7e1e9e6618 Get rid of the Element class
The `Element` class is just used for testing. By using `Element` we are
not testing the actual code. Also, every time we implement a new feature
for the `Feature` class, we need to implement it for `Element` as well.
Replace `Element` by `Integer`.
2020-06-24 18:05:52 +02:00
William Ballenthin add3537447 import source files, forgetting about 938 prior commits 2020-06-18 09:13:19 -06:00