mirror of
https://github.com/mandiant/capa.git
synced 2025-12-29 06:03:52 -08:00
66dc70a775
* ghidra: init commit switch to PyGhidra * update CHANGELOG and PyGhidra version requirements * Update capa/features/extractors/ghidra/helpers.py Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> * fix black errors * support Ghidra v12 * remove deprecated APIs * refactor outdated code * fix pyinstaller, code refactoring * address PR feedback * add back capa_explorer.py * beef up capa_explorer.py script * refactor README * refactor README * fix #2747 * add sha256 check for workflows * add sha256 check for workflows * add sha256 check for workflows --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
177 lines
7.0 KiB
YAML
177 lines
7.0 KiB
YAML
name: build
|
|
|
|
on:
|
|
pull_request:
|
|
branches: [ master ]
|
|
paths-ignore:
|
|
- 'web/**'
|
|
- 'doc/**'
|
|
- '**.md'
|
|
release:
|
|
types: [edited, published]
|
|
workflow_dispatch: # manual trigger for testing
|
|
|
|
permissions:
|
|
contents: write
|
|
|
|
jobs:
|
|
build:
|
|
name: PyInstaller for ${{ matrix.os }} / Py ${{ matrix.python_version }}
|
|
runs-on: ${{ matrix.os }}
|
|
strategy:
|
|
# set to false for debugging
|
|
fail-fast: true
|
|
matrix:
|
|
include:
|
|
- os: ubuntu-22.04
|
|
# use old linux so that the shared library versioning is more portable
|
|
artifact_name: capa
|
|
asset_name: linux
|
|
python_version: '3.10'
|
|
# for Ghidra
|
|
java-version: '21'
|
|
ghidra-version: '12.0'
|
|
public-version: 'PUBLIC_20251205'
|
|
ghidra-sha256: 'af43e8cfb2fa4490cf6020c3a2bde25c159d83f45236a0542688a024e8fc1941'
|
|
- os: ubuntu-22.04-arm
|
|
artifact_name: capa
|
|
asset_name: linux-arm64
|
|
python_version: '3.10'
|
|
- os: ubuntu-22.04
|
|
artifact_name: capa
|
|
asset_name: linux-py312
|
|
python_version: '3.12'
|
|
- os: windows-2022
|
|
artifact_name: capa.exe
|
|
asset_name: windows
|
|
python_version: '3.10'
|
|
# Windows 11 ARM64 complains of conflicting package version
|
|
# Additionally, there is no ARM64 build of Python for Python 3.10 on Windows 11 ARM: https://raw.githubusercontent.com/actions/python-versions/main/versions-manifest.json
|
|
#- os: windows-11-arm
|
|
# artifact_name: capa.exe
|
|
# asset_name: windows-arm64
|
|
# python_version: '3.12'
|
|
- os: macos-15-intel
|
|
# macos-15-intel is the lowest native intel build
|
|
artifact_name: capa
|
|
asset_name: macos
|
|
python_version: '3.10'
|
|
- os: macos-14
|
|
artifact_name: capa
|
|
asset_name: macos-arm64
|
|
python_version: '3.10'
|
|
steps:
|
|
- name: Checkout capa
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
|
with:
|
|
submodules: true
|
|
- name: Set up Python ${{ matrix.python_version }}
|
|
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0
|
|
with:
|
|
python-version: ${{ matrix.python_version }}
|
|
- if: matrix.os == 'ubuntu-22.04' || matrix.os == 'ubuntu-22.04-arm'
|
|
run: sudo apt-get install -y libyaml-dev
|
|
- name: Upgrade pip, setuptools
|
|
run: python -m pip install --upgrade pip setuptools
|
|
- name: Install capa with build requirements
|
|
run: |
|
|
pip install -r requirements.txt
|
|
pip install -e .[build]
|
|
- name: Build standalone executable
|
|
run: pyinstaller --log-level DEBUG .github/pyinstaller/pyinstaller.spec
|
|
- name: Does it run without warnings or errors?
|
|
shell: bash
|
|
run: |
|
|
if [[ "${{ matrix.os }}" == "windows-2022" ]] || [[ "${{ matrix.os }}" == "windows-11-arm" ]]; then
|
|
EXECUTABLE=".\\dist\\capa"
|
|
else
|
|
EXECUTABLE="./dist/capa"
|
|
fi
|
|
|
|
output=$(${EXECUTABLE} --version 2>&1)
|
|
exit_code=$?
|
|
|
|
echo "${output}"
|
|
echo "${exit_code}"
|
|
|
|
if echo "${output}" | grep -iE 'error|warning'; then
|
|
exit 1
|
|
fi
|
|
|
|
if [[ "${exit_code}" -ne 0 ]]; then
|
|
exit 1
|
|
fi
|
|
- name: Does it run (PE)?
|
|
run: dist/capa -d "tests/data/Practical Malware Analysis Lab 01-01.dll_"
|
|
- name: Does it run (Shellcode)?
|
|
run: dist/capa -d "tests/data/499c2a85f6e8142c3f48d4251c9c7cd6.raw32"
|
|
- name: Does it run (ELF)?
|
|
run: dist/capa -d "tests/data/7351f8a40c5450557b24622417fc478d.elf_"
|
|
- name: Does it run (CAPE)?
|
|
run: |
|
|
7z e "tests/data/dynamic/cape/v2.2/d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json.gz"
|
|
dist/capa -d "d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json"
|
|
- name: Set up Java ${{ matrix.java-version }}
|
|
if: matrix.os == 'ubuntu-22.04' && matrix.python_version == '3.10'
|
|
uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0
|
|
with:
|
|
distribution: 'temurin'
|
|
java-version: ${{ matrix.java-version }}
|
|
- name: Install Ghidra ${{ matrix.ghidra-version }}
|
|
if: matrix.os == 'ubuntu-22.04' && matrix.python_version == '3.10'
|
|
run: |
|
|
mkdir ./.github/ghidra
|
|
wget "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_${{ matrix.ghidra-version }}_build/ghidra_${{ matrix.ghidra-version }}_${{ matrix.public-version }}.zip" -O ./.github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC.zip
|
|
echo "${{ matrix.ghidra-sha256 }} ./.github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC.zip" | sha256sum -c -
|
|
unzip .github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC.zip -d .github/ghidra/
|
|
- name: Does it run (Ghidra)?
|
|
if: matrix.os == 'ubuntu-22.04' && matrix.python_version == '3.10'
|
|
env:
|
|
GHIDRA_INSTALL_DIR: ${{ github.workspace }}/.github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC
|
|
run: dist/capa -b ghidra -d "tests/data/Practical Malware Analysis Lab 01-01.dll_"
|
|
- uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
|
|
with:
|
|
name: ${{ matrix.asset_name }}
|
|
path: dist/${{ matrix.artifact_name }}
|
|
|
|
zip_and_upload:
|
|
# upload zipped binaries to Release page
|
|
if: github.event_name == 'release'
|
|
name: zip and upload ${{ matrix.asset_name }}
|
|
runs-on: ubuntu-latest
|
|
needs: [build]
|
|
strategy:
|
|
matrix:
|
|
include:
|
|
- asset_name: linux
|
|
artifact_name: capa
|
|
- asset_name: linux-arm64
|
|
artifact_name: capa
|
|
- asset_name: linux-py312
|
|
artifact_name: capa
|
|
- asset_name: windows
|
|
artifact_name: capa.exe
|
|
#- asset_name: windows-arm64
|
|
# artifact_name: capa.exe
|
|
- asset_name: macos
|
|
artifact_name: capa
|
|
- asset_name: macos-arm64
|
|
artifact_name: capa
|
|
steps:
|
|
- name: Download ${{ matrix.asset_name }}
|
|
uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2
|
|
with:
|
|
name: ${{ matrix.asset_name }}
|
|
- name: Set executable flag
|
|
run: chmod +x ${{ matrix.artifact_name }}
|
|
- name: Set zip name
|
|
run: echo "zip_name=capa-${GITHUB_REF#refs/tags/}-${{ matrix.asset_name }}.zip" >> $GITHUB_ENV
|
|
- name: Zip ${{ matrix.artifact_name }} into ${{ env.zip_name }}
|
|
run: zip ${{ env.zip_name }} ${{ matrix.artifact_name }}
|
|
- name: Upload ${{ env.zip_name }} to GH Release
|
|
uses: svenstaro/upload-release-action@2728235f7dc9ff598bd86ce3c274b74f802d2208 # v2
|
|
with:
|
|
repo_token: ${{ secrets.GITHUB_TOKEN}}
|
|
file: ${{ env.zip_name }}
|
|
tag: ${{ github.ref }}
|