mihari 5.0.0 → 5.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 41784cbe3811a8f5f2a6a4de663ceaa03e2635c329c455b523e5fc55fda0c9e7
-  data.tar.gz: '052987fcb8805a8f71a0716d5e0970b0c4c7451059dded4b5149679ccda6c999'
+  metadata.gz: 9481229c15756515053bbc91453db90d914e40e5f536d0b5aaad0f2b8fff5868
+  data.tar.gz: 1ea1f9caa3dbb1f945f4a3ba9f9af17c80c786594692de1564ca4f76692fa628
 SHA512:
-  metadata.gz: f16447e83adb4630baf9587eecea0dbb6f580de23894d70fa2c1729483faa6dc1c86fe5de2bd782100f8cba89e2a50e7ce2f0ab675de822fe5fb767fb2c6f45f
-  data.tar.gz: af70fcc510ed4fd6a434481a8372c56d20a54b605ee0b49425a1315531d2261db6df9588f1961ba34796728ff40f0ce188ad58e6c542f4c3644a8c8251b37eb5
+  metadata.gz: f13bb894b69d4c92b03afc30fcce1be95ba1af1b0cb963c553a328fb85f771c852ee5526af751a098dd4f1b69c60592f021a0e3ee7e40004856d1d4eabc53aba
+  data.tar.gz: 751ad7fc17f2db38961e835f8c9b2a325cbf82692df65ef29c638bcf3eec9cbc17905a39bcbcf5a53bcf477adbf6080a23aa40702b3fb5a55727038eefe9b09d

data/.rspec

@@ -1,3 +1,3 @@
---format documentation
+--format Fuubar
 --color
 --require spec_helper

data/docker/Dockerfile

@@ -3,7 +3,7 @@ FROM ruby:3.1.3-alpine3.17
 RUN apk --no-cache add git build-base ruby-dev sqlite-dev postgresql-dev mysql-client mysql-dev && \
   gem install pg mysql2
 
-ARG MIHARI_VERSION=4.11.0
+ARG MIHARI_VERSION=5.1.0
 
 RUN gem install mihari -v ${MIHARI_VERSION}
 

data/lib/mihari/analyzers/base.rb

@@ -9,7 +9,6 @@ module Mihari
 
       include Mixins::AutonomousSystem
       include Mixins::Configurable
-      include Mixins::Database
       include Mixins::Retriable
 
       # @return [Mihari::Structs::Rule, nil]
@@ -42,16 +41,14 @@ module Mihari
           raise ConfigurationError, "#{class_name} is not configured correctly"
         end
 
-        with_db_connection do
-          set_enriched_artifacts
+        set_enriched_artifacts
 
-          responses = Parallel.map(valid_emitters) do |emitter|
-            run_emitter emitter
-          end
-
-          # returns Mihari::Alert created by the database emitter
-          responses.find { |res| res.is_a?(Mihari::Alert) }
+        responses = Parallel.map(valid_emitters) do |emitter|
+          run_emitter emitter
         end
+
+        # returns Mihari::Alert created by the database emitter
+        responses.find { |res| res.is_a?(Mihari::Alert) }
       end
 
       #

data/lib/mihari/cli/database.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require "mihari/commands/database"
+
+module Mihari
+  module CLI
+    class Database < Base
+      include Mihari::Commands::Database
+    end
+  end
+end

data/lib/mihari/cli/main.rb

@@ -3,23 +3,29 @@
 require "thor"
 
 # Commands
-require "mihari/commands/initializer"
 require "mihari/commands/searcher"
-require "mihari/commands/validator"
 require "mihari/commands/version"
 require "mihari/commands/web"
+require "mihari/commands/database"
 
 # CLIs
 require "mihari/cli/base"
 
+require "mihari/cli/database"
+require "mihari/cli/rule"
+
 module Mihari
   module CLI
     class Main < Base
       include Mihari::Commands::Searcher
       include Mihari::Commands::Version
       include Mihari::Commands::Web
-      include Mihari::Commands::Validator
-      include Mihari::Commands::Initializer
+
+      desc "db", "Sub commands for DB"
+      subcommand "db", Database
+
+      desc "rule", "Sub commands for rule"
+      subcommand "rule", Rule
     end
   end
 end

data/lib/mihari/cli/rule.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+require "mihari/commands/rule"
+
+module Mihari
+  module CLI
+    class Rule < Base
+      include Mihari::Commands::Rule
+    end
+  end
+end

data/lib/mihari/commands/database.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Mihari
+  module Commands
+    module Database
+      include Mixins::Database
+
+      def self.included(thor)
+        thor.class_eval do
+          desc "migrate", "Migrate DB schemas"
+          method_option :verbose, type: :boolean, default: true
+          #
+          # @param [String] direction
+          #
+          #
+          def migrate(direction = "up")
+            verbose = options["verbose"]
+            ActiveRecord::Migration.verbose = verbose
+
+            with_db_connection do
+              Mihari::Database.migrate(direction.to_sym)
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/mihari/commands/{initializer.rb → rule.rb}

@@ -4,20 +4,41 @@ require "pathname"
 
 module Mihari
   module Commands
-    module Initializer
+    module Rule
       def self.included(thor)
         thor.class_eval do
-          desc "init", "Initialize a new rule"
-          method_option :path, type: :string, default: "./rule.yml"
-          def init
-            path = options["path"]
+          desc "validate [PATH]", "Validate a rule file"
+          #
+          # Validate format of a rule
+          #
+          # @param [String] path
+          #
+          def validate(path)
+            rule = Structs::Rule.from_path_or_id(path)
 
+            begin
+              rule.validate!
+              Mihari.logger.info "Valid format. The input is parsed as the following:"
+              Mihari.logger.info rule.data.to_yaml
+            rescue RuleValidationError
+              nil
+            end
+          end
+
+          desc "init [PATH]", "Initialize a new rule file"
+          #
+          # Initialize a new rule file
+          #
+          # @param [String] path
+          #
+          #
+          def init(path = "./rule.yml")
             warning = "#{path} exists. Do you want to overwrite it? (y/n)"
             return if Pathname(path).exist? && !(yes? warning)
 
             initialize_rule path
 
-            Mihari.logger.info "A new rule is initialized as #{path}."
+            Mihari.logger.info "A new rule is initialized: #{path}."
           end
 
           no_commands do

data/lib/mihari/commands/searcher.rb

@@ -9,39 +9,49 @@ module Mihari
       def self.included(thor)
         thor.class_eval do
           desc "search [PATH]", "Search by a rule"
-          method_option :yes, type: :boolean, aliases: "-y", desc: "yes to overwrite the rule in the database"
+          method_option :force_overwrite, type: :boolean, aliases: "-f", desc: "Force an overwrite the rule"
+          #
+          # Search by a rule
+          #
+          # @param [String] path_or_id
+          #
           def search(path_or_id)
-            rule = Structs::Rule.from_path_or_id path_or_id
+            with_db_connection do
+              rule = Structs::Rule.from_path_or_id path_or_id
 
-            # validate
-            begin
-              rule.validate!
-            rescue RuleValidationError
-              return
-            end
+              # validate
+              begin
+                rule.validate!
+              rescue RuleValidationError
+                return
+              end
+
+              force_overwrite = options["force_overwrite"] || false
+
+              begin
+                rule_model = Mihari::Rule.find(rule.id)
+                has_change = rule_model.data != rule.data.deep_stringify_keys
+                has_change_and_not_force_overwrite = has_change & !force_overwrite
 
-            # check update
-            yes = options["yes"] || false
-            unless yes
-              with_db_connection do
-                next if Mihari::Rule.find(rule.id).data == rule.data.deep_stringify_keys
-                unless yes?("This operation will overwrite the rule in the database (Rule ID: #{rule.id}). Are you sure you want to update the rule? (y/n)")
+                if has_change_and_not_force_overwrite && !yes?("This operation will overwrite the rule in the database (Rule ID: #{rule.id}). Are you sure you want to update the rule? (y/n)")
                   return
                 end
+
+                # update the rule
+                rule.model.save
               rescue ActiveRecord::RecordNotFound
-                next
+                # create a new rule
+                rule.model.save
               end
-            end
-            # update rule model
-            rule.model.save
-
-            with_error_notification do
-              alert = rule.analyzer.run
-              if alert
-                data = Mihari::Entities::Alert.represent(alert)
-                puts JSON.pretty_generate(data.as_json)
-              else
-                Mihari.logger.info "There is no new alert created in the database"
+
+              with_error_notification do
+                alert = rule.analyzer.run
+                if alert
+                  data = Mihari::Entities::Alert.represent(alert)
+                  puts JSON.pretty_generate(data.as_json)
+                else
+                  Mihari.logger.info "There is no new alert created in the database"
+                end
               end
             end
           end

data/lib/mihari/database.rb

@@ -9,10 +9,6 @@ def env
   ENV["APP_ENV"] || ENV["RACK_ENV"]
 end
 
-def test_env?
-  env == "test"
-end
-
 def development_env?
   env == "development"
 end
@@ -121,22 +117,24 @@ def adapter
   "sqlite3"
 end
 
+#
+# @return [Array<ActiveRecord::Migration>] schemas
+#
+def schemas
+  [V5Schema]
+end
+
 module Mihari
   class Database
     class << self
-      include Memist::Memoizable
-
       #
       # DB migraration
       #
       # @param [Symbol] direction
       #
       def migrate(direction)
-        ActiveRecord::Migration.verbose = false
-
-        [V5Schema].each { |schema| schema.migrate direction }
+        schemas.each { |schema| schema.migrate direction }
       end
-      memoize :migrate unless test_env?
 
       #
       # Establish DB connection
@@ -153,10 +151,7 @@ module Mihari
             database: Mihari.config.database_url.path[1..]
           )
         end
-
         ActiveRecord::Base.logger = Logger.new($stdout) if development_env?
-
-        migrate :up
       rescue StandardError => e
         Mihari.logger.error e
       end
@@ -169,15 +164,6 @@ module Mihari
 
         ActiveRecord::Base.clear_active_connections!
       end
-
-      #
-      # Destory DB
-      #
-      def destroy!
-        return unless ActiveRecord::Base.connected?
-
-        migrate :down
-      end
     end
   end
 end

data/lib/mihari/mixins/database.rb

@@ -6,6 +6,8 @@ module Mihari
       def with_db_connection
         Mihari::Database.connect
         yield
+      rescue ActiveRecord::StatementInvalid
+        Mihari.logger.error("You haven't finished the DB migration! Please run 'mihari db migrate'.")
       ensure
         Mihari::Database.close
       end

data/lib/mihari/structs/rule.rb

@@ -164,8 +164,6 @@ module Mihari
       end
 
       class << self
-        include Mixins::Database
-
         #
         # Load rule from YAML string
         #
@@ -209,11 +207,9 @@ module Mihari
         # @return [Mihari::Structs::Rule, nil]
         #
         def from_id(id)
-          with_db_connection do
-            return nil unless Mihari::Rule.exists?(id)
+          return nil unless Mihari::Rule.exists?(id)
 
-            Structs::Rule.from_model Mihari::Rule.find(id)
-          end
+          Structs::Rule.from_model Mihari::Rule.find(id)
         end
 
         #

data/lib/mihari/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Mihari
-  VERSION = "5.0.0"
+  VERSION = "5.1.0"
 end

data/mihari.gemspec

@@ -30,6 +30,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "bundler", "~> 2.4"
   spec.add_development_dependency "coveralls_reborn", "~> 0.27"
   spec.add_development_dependency "fakefs", "~> 2.4"
+  spec.add_development_dependency "fuubar", "~> 2.5"
   spec.add_development_dependency "mysql2", "~> 0.5"
   spec.add_development_dependency "overcommit", "~> 0.60"
   spec.add_development_dependency "pg", "~> 1.4"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: mihari
 version: !ruby/object:Gem::Version
-  version: 5.0.0
+  version: 5.1.0
 platform: ruby
 authors:
 - Manabu Niseki
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-02-19 00:00:00.000000000 Z
+date: 2023-02-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -52,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.4'
+- !ruby/object:Gem::Dependency
+  name: fuubar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.5'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.5'
 - !ruby/object:Gem::Dependency
   name: mysql2
   requirement: !ruby/object:Gem::Requirement
@@ -1066,10 +1080,12 @@ files:
 - lib/mihari/analyzers/virustotal_intelligence.rb
 - lib/mihari/analyzers/zoomeye.rb
 - lib/mihari/cli/base.rb
+- lib/mihari/cli/database.rb
 - lib/mihari/cli/main.rb
-- lib/mihari/commands/initializer.rb
+- lib/mihari/cli/rule.rb
+- lib/mihari/commands/database.rb
+- lib/mihari/commands/rule.rb
 - lib/mihari/commands/searcher.rb
-- lib/mihari/commands/validator.rb
 - lib/mihari/commands/version.rb
 - lib/mihari/commands/web.rb
 - lib/mihari/constants.rb

data/lib/mihari/commands/validator.rb

@@ -1,31 +0,0 @@
-# frozen_string_literal: true
-
-module Mihari
-  module Commands
-    module Validator
-      def self.included(thor)
-        thor.class_eval do
-          desc "validate [PATH]", "Validate a rule file"
-          #
-          # Validate format of a rule
-          #
-          # @param [String] path
-          #
-          # @return [nil]
-          #
-          def validate(path)
-            rule = Structs::Rule.from_path_or_id(path)
-
-            begin
-              rule.validate!
-              Mihari.logger.info "Valid format. The input is parsed as the following:"
-              Mihari.logger.info rule.data.to_yaml
-            rescue RuleValidationError
-              nil
-            end
-          end
-        end
-      end
-    end
-  end
-end