Skip to content

Bump yara-x from 1.5.0 to 1.12.0#1525

Open
dependabot[bot] wants to merge 1 commit intonewfrom
dependabot/pip/new/yara-x-1.12.0
Open

Bump yara-x from 1.5.0 to 1.12.0#1525
dependabot[bot] wants to merge 1 commit intonewfrom
dependabot/pip/new/yara-x-1.12.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 26, 2026

Bumps yara-x from 1.5.0 to 1.12.0.

Release notes

Sourced from yara-x's releases.

v1.12.0

  • Improvements in the parser to produce better Concrete Syntax Trees (#531, c46b3bd).
  • BUGFIX: avoid panic when parsing some regular expressions (136ab9f).

v1.11.0

  • Make the parser stricter (#502).
  • Implement dex module (#458).
  • Implement C api console log (#515).
  • Implement permhash for the crx module (#510).
  • Implement the imports() method for the Rules object in the Python API (fd17833).
  • Implement parsing for LC_LAZY_LOAD_DYLIB and LC_LOAD_UPWARD_DYLIB in macho module (#518).
  • Raise warning when a global rule is used in a condition (a429c98).
  • Raise warnings when the result of multiple hash functions is compared to strings that can't match the hash (74c005c).
  • BUGFIX: properly parse dylib trie in macho module (#517).
  • BUGFIX: panic when comparing two booleans with == (3fe7b38).
  • BUGFIX: panic when an invalid escape sequence is found in some unicode strings (d12ca9e).
  • BUGFIX: issues in the parser (ae9be7d, 4e1a74e).
  • BUGFIX: don't acquire the GIL in the Python module during scan operations (4f38eda)

Contributors: @​delvinru @​latonis @​wxsBSD

v1.10.0

  • New yr fix warnings command (#493).
  • Generate more efficient WASM code for some expressions, reducing the size of compiled rules (5efc214, a865681).
  • Improve the API for traversing the AST in DFS order (8443106, 2b67943).
  • Raise invariant_expr warning in some for loops that can't be true (#499).

Contributors: @​wxsBSD @​egibs

v1.9.0

  • Add function for scanning files by path to the C and Go APIs (32bac10).
  • Add version number to the Rust API (bdb53e8, #469).
  • Add osabi field to elf module (afa0960).
  • Avoid verifying patterns when the file size is not in the range specified in the rule condition (#473).
  • Avoid emitting code that invokes search_for_patterns if not necessary (#487).
  • Implement DFS iterator for expressions in AST (#488).
  • BUGFIX: Check if AddressOfFunctions is zero while parsing PE files (#482).

Contributors: @​vojone

v1.8.1

  • BUGFIX: don't mangle the C API function yrx_finalize and include it in the header files (#467).
  • BUGFIX: fix some issues and edge cases in block scanning (d7873db).

Contributors: @​metthal

v1.8.0

... (truncated)

Commits
  • 466a624 chore: hide the mods::reflect API for the time being.
  • 61989d0 refactor: remove the FieldKind::Bytes variant and use FieldKind::String i...
  • ecc12dc chore: bump version to 1.12.0
  • bc35619 chore: replace the array-bytes crate with the hex crate.
  • 09241b9 fix: make the mods::module_names function return the modules sorted by name.
  • abe3b06 ci(ls): fix broken test cases.
  • e8283e4 feat(ls): implement autocompletion for module names in import statements.
  • 9362406 ci: exclude the Python extension from coverage analysis.
  • fcf4c68 chore(ls): bump language server version.
  • c374295 fix(ls): broken image links when rendering README file in Visual Studio Marke...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump yara-x from 1.5.0 to 1.12.0
97c6f83 
Bumps [yara-x](https://github.com/VirusTotal/yara-x) from 1.5.0 to 1.12.0.
- [Release notes](https://github.com/VirusTotal/yara-x/releases)
- [Commits](VirusTotal/yara-x@v1.5.0...v1.12.0)

---
updated-dependencies:
- dependency-name: yara-x
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 26, 2026
@dependabot dependabot bot mentioned this pull request Jan 26, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@dadokkio dadokkio

@garanews garanews

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dadokkio @garanews