intelowlproject · mlodic · Feb 14, 2025 · Feb 14, 2025
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -22,7 +22,8 @@ ENV LOG_PATH=/var/log/intel_owl
 ARG REPO_DOWNLOADER_ENABLED=true
 ARG WATCHMAN=false
 ENV watch_logs_cmd="watch -n1 tail -n10 /var/log/intel_owl/django/api_app.log"
-ARG PYCTI_VERSION=6.1.0
+# This is required to allow compatibility with different OpenCTI instances
+ARG PYCTI_VERSION=6.5.1
 
 RUN mkdir -p ${LOG_PATH} \
     ${LOG_PATH}/django \

diff --git a/integrations/malware_tools_analyzers/Dockerfile b/integrations/malware_tools_analyzers/Dockerfile
@@ -24,14 +24,14 @@ RUN useradd -ms /bin/bash ${USER} \
 WORKDIR ${PROJECT_PATH}
 
 # Install Box-js
-RUN npm install [email protected].17 --global --production \
+RUN npm install [email protected].27 --global --production \
     && mkdir -p /tmp/boxjs \
     && chown -R ${USER}:${USER} /tmp/boxjs
 
 # Install CAPA
 WORKDIR ${PROJECT_PATH}/capa
-RUN wget -q https://github.com/mandiant/capa/releases/download/v8.0.0/capa-v8.0.0-linux.zip \
-    && unzip capa-v8.0.0-linux.zip \
+RUN wget -q https://github.com/mandiant/capa/releases/download/v9.0.0/capa-v9.0.0-linux.zip \
+    && unzip capa-v9.0.0-linux.zip \
     && ln -s ${PROJECT_PATH}/capa/capa /usr/local/bin/capa
 
 # Install Floss
@@ -76,7 +76,7 @@ RUN python3 -m venv venv \
 
 # Install GoReSym
 WORKDIR ${PROJECT_PATH}/goresym
-RUN wget -q https://github.com/mandiant/GoReSym/releases/download/v2.7.4/GoReSym-linux.zip \
+RUN wget -q https://github.com/mandiant/GoReSym/releases/download/v3.0.2/GoReSym-linux.zip \
     && unzip GoReSym-linux.zip \
     && chmod +x GoReSym \
     && ln -s ${PROJECT_PATH}/goresym/GoReSym /usr/local/bin/goresym
@@ -105,6 +105,7 @@ RUN python3 -m venv venv \
 COPY ./droidlysis/general.conf ${PROJECT_PATH}/droidlysis/conf/general.conf
 
 # Install artifacts
+# there is no version management on this project so we just pull the most recent changes
 WORKDIR ${PROJECT_PATH}/artifacts
 RUN python3 -m venv venv \
     && . venv/bin/activate \

diff --git a/integrations/malware_tools_analyzers/requirements/droidlysis-requirements.txt b/integrations/malware_tools_analyzers/requirements/droidlysis-requirements.txt
@@ -1 +1,3 @@
+# they do not make releases
+# if you update this, you should take into considerations all the other dependencies in the Dockerfile too
 git+https://github.com/cryptax/droidlysis@c1645a5
diff --git a/requirements/hardcoded-requirements.txt b/requirements/hardcoded-requirements.txt
@@ -0,0 +1,16 @@
+# This file is used exclusively to trigger dependabot PR.
+# The update of the dependencies here has no actual effect.
+# For each updated dependency here you have to update its relative version hardcoded in the code.
+# So please add a comment for each dependency explaining where the related code must be updated.
+
+# docker/Dockerfile
+pycti==6.5.1
+# integrations/malware_tools_analyzers/Dockerfile
+flare-capa==9.0.0
+flare-floss==3.1.1
+
+# other unmanaged versions
+# droydlys - they make no new versions, we pin the commit
+# goresym - they create releases in the repo
+# boxjs - we can get that info from npm packages
+# detect it easy - multi arch builds and releases in the repo