reject unsupported logic edge cases during rule loading #4369
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: build | |
| on: | |
| pull_request: | |
| branches: [ master ] | |
| paths-ignore: | |
| - 'web/**' | |
| - 'doc/**' | |
| - '**.md' | |
| release: | |
| types: [edited, published] | |
| workflow_dispatch: # manual trigger for testing | |
| permissions: | |
| contents: write | |
| jobs: | |
| build: | |
| name: PyInstaller for ${{ matrix.os }} / Py ${{ matrix.python_version }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| # set to false for debugging | |
| fail-fast: true | |
| matrix: | |
| include: | |
| - os: ubuntu-22.04 | |
| # use old linux so that the shared library versioning is more portable | |
| artifact_name: capa | |
| asset_name: linux | |
| python_version: '3.10' | |
| # for Ghidra | |
| java-version: '21' | |
| ghidra-version: '12.0' | |
| public-version: 'PUBLIC_20251205' | |
| ghidra-sha256: 'af43e8cfb2fa4490cf6020c3a2bde25c159d83f45236a0542688a024e8fc1941' | |
| - os: ubuntu-22.04-arm | |
| artifact_name: capa | |
| asset_name: linux-arm64 | |
| python_version: '3.10' | |
| - os: ubuntu-22.04 | |
| artifact_name: capa | |
| asset_name: linux-py312 | |
| python_version: '3.12' | |
| - os: windows-2022 | |
| artifact_name: capa.exe | |
| asset_name: windows | |
| python_version: '3.10' | |
| # Windows 11 ARM64 complains of conflicting package version | |
| # Additionally, there is no ARM64 build of Python for Python 3.10 on Windows 11 ARM: https://raw.githubusercontent.com/actions/python-versions/main/versions-manifest.json | |
| #- os: windows-11-arm | |
| # artifact_name: capa.exe | |
| # asset_name: windows-arm64 | |
| # python_version: '3.12' | |
| - os: macos-15-intel | |
| # macos-15-intel is the lowest native intel build | |
| artifact_name: capa | |
| asset_name: macos | |
| python_version: '3.10' | |
| - os: macos-14 | |
| artifact_name: capa | |
| asset_name: macos-arm64 | |
| python_version: '3.10' | |
| steps: | |
| - name: Checkout capa | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| with: | |
| submodules: true | |
| - name: Set up Python ${{ matrix.python_version }} | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 | |
| with: | |
| python-version: ${{ matrix.python_version }} | |
| - if: matrix.os == 'ubuntu-22.04' || matrix.os == 'ubuntu-22.04-arm' | |
| run: sudo apt-get install -y libyaml-dev | |
| - name: Upgrade pip, setuptools | |
| run: python -m pip install --upgrade pip setuptools | |
| - name: Install capa with build requirements | |
| run: | | |
| pip install -r requirements.txt | |
| pip install -e .[build] | |
| - name: Build standalone executable | |
| run: pyinstaller --log-level DEBUG .github/pyinstaller/pyinstaller.spec | |
| - name: Does it run without warnings or errors? | |
| shell: bash | |
| run: | | |
| if [[ "${{ matrix.os }}" == "windows-2022" ]] || [[ "${{ matrix.os }}" == "windows-11-arm" ]]; then | |
| EXECUTABLE=".\\dist\\capa" | |
| else | |
| EXECUTABLE="./dist/capa" | |
| fi | |
| output=$(${EXECUTABLE} --version 2>&1) | |
| exit_code=$? | |
| echo "${output}" | |
| echo "${exit_code}" | |
| if echo "${output}" | grep -iE 'error|warning'; then | |
| exit 1 | |
| fi | |
| if [[ "${exit_code}" -ne 0 ]]; then | |
| exit 1 | |
| fi | |
| - name: Does it run (PE)? | |
| run: dist/capa -d "tests/data/Practical Malware Analysis Lab 01-01.dll_" | |
| - name: Does it run (Shellcode)? | |
| run: dist/capa -d "tests/data/499c2a85f6e8142c3f48d4251c9c7cd6.raw32" | |
| - name: Does it run (ELF)? | |
| run: dist/capa -d "tests/data/7351f8a40c5450557b24622417fc478d.elf_" | |
| - name: Does it run (CAPE)? | |
| run: | | |
| 7z e "tests/data/dynamic/cape/v2.2/d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json.gz" | |
| dist/capa -d "d46900384c78863420fb3e297d0a2f743cd2b6b3f7f82bf64059a168e07aceb7.json" | |
| - name: Set up Java ${{ matrix.java-version }} | |
| if: matrix.os == 'ubuntu-22.04' && matrix.python_version == '3.10' | |
| uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0 | |
| with: | |
| distribution: 'temurin' | |
| java-version: ${{ matrix.java-version }} | |
| - name: Install Ghidra ${{ matrix.ghidra-version }} | |
| if: matrix.os == 'ubuntu-22.04' && matrix.python_version == '3.10' | |
| run: | | |
| mkdir ./.github/ghidra | |
| wget "https://github.com/NationalSecurityAgency/ghidra/releases/download/Ghidra_${{ matrix.ghidra-version }}_build/ghidra_${{ matrix.ghidra-version }}_${{ matrix.public-version }}.zip" -O ./.github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC.zip | |
| echo "${{ matrix.ghidra-sha256 }} ./.github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC.zip" | sha256sum -c - | |
| unzip .github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC.zip -d .github/ghidra/ | |
| - name: Does it run (Ghidra)? | |
| if: matrix.os == 'ubuntu-22.04' && matrix.python_version == '3.10' | |
| env: | |
| GHIDRA_INSTALL_DIR: ${{ github.workspace }}/.github/ghidra/ghidra_${{ matrix.ghidra-version }}_PUBLIC | |
| run: dist/capa -b ghidra -d "tests/data/Practical Malware Analysis Lab 01-01.dll_" | |
| - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 | |
| with: | |
| name: ${{ matrix.asset_name }} | |
| path: dist/${{ matrix.artifact_name }} | |
| zip_and_upload: | |
| # upload zipped binaries to Release page | |
| if: github.event_name == 'release' | |
| name: zip and upload ${{ matrix.asset_name }} | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| strategy: | |
| matrix: | |
| include: | |
| - asset_name: linux | |
| artifact_name: capa | |
| - asset_name: linux-arm64 | |
| artifact_name: capa | |
| - asset_name: linux-py312 | |
| artifact_name: capa | |
| - asset_name: windows | |
| artifact_name: capa.exe | |
| #- asset_name: windows-arm64 | |
| # artifact_name: capa.exe | |
| - asset_name: macos | |
| artifact_name: capa | |
| - asset_name: macos-arm64 | |
| artifact_name: capa | |
| steps: | |
| - name: Download ${{ matrix.asset_name }} | |
| uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 | |
| with: | |
| name: ${{ matrix.asset_name }} | |
| - name: Set executable flag | |
| run: chmod +x ${{ matrix.artifact_name }} | |
| - name: Set zip name | |
| run: echo "zip_name=capa-${GITHUB_REF#refs/tags/}-${{ matrix.asset_name }}.zip" >> $GITHUB_ENV | |
| - name: Zip ${{ matrix.artifact_name }} into ${{ env.zip_name }} | |
| run: zip ${ZIP_NAME} ${{ matrix.artifact_name }} | |
| - name: Upload ${{ env.zip_name }} to GH Release | |
| uses: svenstaro/upload-release-action@2728235f7dc9ff598bd86ce3c274b74f802d2208 # v2 | |
| with: | |
| repo_token: ${{ secrets.GITHUB_TOKEN}} | |
| file: ${{ env.zip_name }} | |
| tag: ${{ github.ref }} |