pdfalyzer 1.15.1__py3-none-any.whl → 1.16.1__py3-none-any.whl

CHANGELOG.md

@@ -1,5 +1,12 @@
 # NEXT RELEASE
 
+### 1.16.1
+* Configure a `Changelog` link for `pypi` to display
+
+# 1.16.0
+* Upgrade `PyPDF2` 2.x to `pypdf` 5.0.1 (new name, same package)
+* Add `--image-quality` option to `combine_pdfs` tool
+
 ### 1.15.1
 * Add `--no-default-yara-rules` command line option so users can use _only_ their own custom YARA rules files if they want. Previously you could only use custom YARA rules _in addition to_ the default rules; now you can just skip the default rules.
 

pdfalyzer/__init__.py

@@ -4,9 +4,8 @@ from os import environ, getcwd, path
 from pathlib import Path
 
 from dotenv import load_dotenv
-# TODO: PdfMerger is deprecated in favor of PdfWriter at v3.9.1 (see https://pypdf.readthedocs.io/en/latest/user/merging-pdfs.html#basic-example)
-from PyPDF2 import PdfMerger
-from PyPDF2.errors import PdfReadError
+from pypdf import PdfWriter
+from pypdf.errors import PdfReadError
 
 # Should be first local import before load_dotenv() (or at least I think it needs to come first)
 from pdfalyzer.config import PdfalyzerConfig
@@ -31,7 +30,8 @@ from pdfalyzer.helpers.rich_text_helper import print_highlighted
 from pdfalyzer.output.pdfalyzer_presenter import PdfalyzerPresenter
 from pdfalyzer.output.styles.rich_theme import PDFALYZER_THEME_DICT
 from pdfalyzer.pdfalyzer import Pdfalyzer
-from pdfalyzer.util.argument_parser import ask_to_proceed, output_sections, parse_arguments, parse_combine_pdfs_args
+from pdfalyzer.util.argument_parser import (MAX_QUALITY, ask_to_proceed, output_sections, parse_arguments,
+     parse_combine_pdfs_args)
 from pdfalyzer.util.pdf_parser_manager import PdfParserManager
 
 # For the table shown by running pdfalyzer_show_color_theme
@@ -93,10 +93,13 @@ def pdfalyzer_show_color_theme() -> None:
 
 
 def combine_pdfs():
-    """Utility method to combine multiple PDFs into one. Invocable with 'combine_pdfs PDF1 [PDF2...]'."""
+    """
+    Utility method to combine multiple PDFs into one. Invocable with 'combine_pdfs PDF1 [PDF2...]'.
+    Example: https://github.com/py-pdf/pypdf/blob/main/docs/user/merging-pdfs.md
+    """
     args = parse_combine_pdfs_args()
     set_max_open_files(args.number_of_pdfs)
-    merger = PdfMerger()
+    merger = PdfWriter()
 
     for pdf in args.pdfs:
         try:
@@ -106,18 +109,19 @@ def combine_pdfs():
             print_highlighted(f"      -> Failed to merge '{pdf}'! {e}", style='red')
             ask_to_proceed()
 
-    if args.compression_level == 0:
-        print_highlighted("\nSkipping content stream compression...")
-    else:
-        print_highlighted(f"\nCompressing content streams with zlib level {args.compression_level}...")
+    # Iterate through pages and compress, lowering image quality if requested
+    # See https://pypdf.readthedocs.io/en/latest/user/file-size.html#reducing-image-quality
+    for i, page in enumerate(merger.pages):
+        if args.image_quality < MAX_QUALITY:
+            for j, img in enumerate(page.images):
+                print_highlighted(f"  -> Reducing image #{j + 1} quality on page {i + 1} to {args.image_quality}...", style='dim')
+                img.replace(img.image, quality=args.image_quality)
 
-        for i, page in enumerate(merger.pages):
-            # TODO: enable image quality reduction + zlib level once PyPDF is upgraded to 4.x and option is available
-            # See https://pypdf.readthedocs.io/en/latest/user/file-size.html#reducing-image-quality
-            print_highlighted(f"  -> Compressing page {i + 1}...", style='dim')
-            page.pagedata.compress_content_streams()  # This is CPU intensive!
+        print_highlighted(f"  -> Compressing page {i + 1}...", style='dim')
+        page.compress_content_streams()  # This is CPU intensive!
 
     print_highlighted(f"\nWriting '{args.output_file}'...", style='cyan')
+    merger.compress_identical_objects(remove_identicals=True, remove_orphans=True)
     merger.write(args.output_file)
     merger.close()
     txt = Text('').append(f"  -> Wrote ")

pdfalyzer/decorators/document_model_printer.py

@@ -3,7 +3,7 @@ Deprecated old, pre-tree, more rawformat reader. Only used for debugging these d
 """
 from io import StringIO
 
-from PyPDF2.generic import ArrayObject, DictionaryObject, IndirectObject
+from pypdf.generic import ArrayObject, DictionaryObject, IndirectObject
 from rich.console import Console
 from rich.markup import escape
 

pdfalyzer/decorators/pdf_object_properties.py

@@ -1,9 +1,9 @@
 """
-Decorator for PyPDF2 PdfObject that extracts a couple of properties (type, label, etc).
+Decorator for PyPDF PdfObject that extracts a couple of properties (type, label, etc).
 """
 from typing import Any, List, Optional, Union
 
-from PyPDF2.generic import DictionaryObject, IndirectObject, NumberObject, PdfObject
+from pypdf.generic import DictionaryObject, IndirectObject, NumberObject, PdfObject
 from rich.text import Text
 from yaralyzer.util.logging import log
 

pdfalyzer/decorators/pdf_tree_node.py

@@ -9,8 +9,8 @@ hooks)
 from typing import Callable, List, Optional, Set
 
 from anytree import NodeMixin, SymlinkNode
-from PyPDF2.errors import PdfReadError
-from PyPDF2.generic import IndirectObject, PdfObject, StreamObject
+from pypdf.errors import PdfReadError
+from pypdf.generic import IndirectObject, PdfObject, StreamObject
 from rich.markup import escape
 from rich.text import Text
 from yaralyzer.output.rich_console import console
@@ -41,7 +41,7 @@ class PdfTreeNode(NodeMixin, PdfObjectProperties):
                 self.stream_data = self.obj.get_data()
                 self.stream_length = len(self.stream_data)
             except (NotImplementedError, PdfReadError) as e:
-                msg = f"PyPDF2 failed to decode stream in {self}: {e}.\n" + \
+                msg = f"PyPDF failed to decode stream in {self}: {e}.\n" + \
                        "Trees will be unaffected but scans/extractions will not be able to check this stream."
                 console.print_exception()
                 log.warning(msg)

pdfalyzer/decorators/pdf_tree_verifier.py

@@ -1,8 +1,8 @@
 """
 Verify that the PDF tree is complete/contains all the nodes in the PDF file.
 """
-from PyPDF2.errors import PdfReadError
-from PyPDF2.generic import IndirectObject, NameObject, NumberObject
+from pypdf.errors import PdfReadError
+from pypdf.generic import IndirectObject, NameObject, NumberObject
 from rich.markup import escape
 from yaralyzer.output.rich_console import console
 from yaralyzer.util.logging import log

pdfalyzer/font_info.py

@@ -3,8 +3,8 @@ Unify font information spread across a bunch of PdfObjects (Font, FontDescriptor
 and FontFile) into a single class.
 """
 
-from PyPDF2._cmap import build_char_map, prepare_cm
-from PyPDF2.generic import IndirectObject, PdfObject
+from pypdf._cmap import build_char_map, prepare_cm
+from pypdf.generic import IndirectObject, PdfObject
 from rich.text import Text
 from yaralyzer.output.rich_console import console
 from yaralyzer.util.logging import log

pdfalyzer/helpers/pdf_object_helper.py

@@ -1,9 +1,9 @@
 """
-Some methods to help with the direct manipulation/processing of PyPDF2's PdfObjects
+Some methods to help with the direct manipulation/processing of PyPDF's PdfObjects
 """
 from typing import List, Optional
 
-from PyPDF2.generic import IndirectObject, PdfObject
+from pypdf.generic import IndirectObject, PdfObject
 
 from pdfalyzer.pdf_object_relationship import PdfObjectRelationship
 from pdfalyzer.util.adobe_strings import *
@@ -24,7 +24,7 @@ def _sort_pdf_object_refs(refs: List[PdfObjectRelationship]) -> List[PdfObjectRe
 
 
 def pypdf_class_name(obj: PdfObject) -> str:
-    """Shortened name of type(obj), e.g. PyPDF2.generic._data_structures.ArrayObject becomes Array"""
+    """Shortened name of type(obj), e.g. PyPDF.generic._data_structures.ArrayObject becomes Array"""
     class_pkgs = type(obj).__name__.split('.')
     class_pkgs.reverse()
     return class_pkgs[0].removesuffix('Object')

pdfalyzer/helpers/rich_text_helper.py

@@ -4,7 +4,7 @@ Functions for miscellaneous Rich text/string operations.
 from functools import partial
 from typing import List
 
-from PyPDF2.generic import PdfObject
+from pypdf.generic import PdfObject
 from rich.console import Console
 from rich.highlighter import RegexHighlighter, JSONHighlighter
 from rich.text import Text

pdfalyzer/output/character_mapping.py

@@ -12,13 +12,13 @@ from pdfalyzer.helpers.rich_text_helper import quoted_text
 from pdfalyzer.helpers.string_helper import pp
 from pdfalyzer.output.layout import print_headline_panel, subheading_width
 
-CHARMAP_TITLE = 'Character Mapping (As Extracted By PyPDF2)'
+CHARMAP_TITLE = 'Character Mapping (As Extracted By PyPDF)'
 CHARMAP_TITLE_PADDING = (1, 0, 0, 2)
 CHARMAP_PADDING = (0, 2, 0, 10)
 
 
 def print_character_mapping(font: 'FontInfo') -> None:
-    """Prints the character mapping extracted by PyPDF2._charmap in tidy columns"""
+    """Prints the character mapping extracted by PyPDF._charmap in tidy columns"""
     if font.character_mapping is None or len(font.character_mapping) == 0:
         log.info(f"No character map found in {font}")
         return
@@ -38,12 +38,12 @@ def print_character_mapping(font: 'FontInfo') -> None:
 
 
 def print_prepared_charmap(font: 'FontInfo'):
-    """Prints the prepared_charmap returned by PyPDF2"""
+    """Prints the prepared_charmap returned by PyPDF."""
     if font.prepared_char_map is None:
         log.info(f"No prepared_charmap found in {font}")
         return
 
-    headline = f"{font} Adobe PostScript charmap prepared by PyPDF2"
+    headline = f"{font} Adobe PostScript charmap prepared by PyPDF"
     print_headline_panel(headline, style='charmap.prepared_title')
     print_bytes(font.prepared_char_map, style='charmap.prepared')
     console.line()

pdfalyzer/output/pdfalyzer_presenter.py

@@ -47,7 +47,7 @@ class PdfalyzerPresenter:
     def print_document_info(self) -> None:
         """Print the embedded document info (author, timestamps, version, etc)."""
         print_section_header(f'Document Info for {self.pdfalyzer.pdf_basename}')
-        console.print(pp.pformat(self.pdfalyzer.pdf_reader.getDocumentInfo()))
+        console.print(pp.pformat(self.pdfalyzer.pdf_reader.metadata))
         console.line()
         console.print(bytes_hashes_table(self.pdfalyzer.pdf_bytes, self.pdfalyzer.pdf_basename))
         console.line()

pdfalyzer/output/styles/node_colors.py

@@ -6,7 +6,7 @@ from collections import namedtuple
 from numbers import Number
 from typing import Any
 
-from PyPDF2.generic import (ArrayObject, ByteStringObject, EncodedStreamObject, IndirectObject,
+from pypdf.generic import (ArrayObject, ByteStringObject, EncodedStreamObject, IndirectObject,
      StreamObject, TextStringObject)
 from yaralyzer.output.rich_console import YARALYZER_THEME_DICT
 

pdfalyzer/output/tables/pdf_node_rich_table.py

@@ -5,7 +5,7 @@ from collections import namedtuple
 from typing import List, Optional
 
 from anytree import SymlinkNode
-from PyPDF2.generic import StreamObject
+from pypdf.generic import StreamObject
 from rich.markup import escape
 from rich.panel import Panel
 from rich.table import Table

pdfalyzer/pdf_object_relationship.py

@@ -3,7 +3,7 @@ Simple container class for information about a link between two PDF objects.
 """
 from typing import List, Optional, Union
 
-from PyPDF2.generic import IndirectObject, PdfObject
+from pypdf.generic import IndirectObject, PdfObject
 from yaralyzer.util.logging import log
 
 from pdfalyzer.helpers.string_helper import bracketed, is_prefixed_by_any

pdfalyzer/pdfalyzer.py

@@ -11,8 +11,8 @@ from typing import Dict, Iterator, List, Optional
 
 from anytree import LevelOrderIter, SymlinkNode
 from anytree.search import findall, findall_by_attr
-from PyPDF2 import PdfReader
-from PyPDF2.generic import IndirectObject
+from pypdf import PdfReader
+from pypdf.generic import IndirectObject
 from yaralyzer.helpers.file_helper import load_binary_data
 from yaralyzer.output.file_hashes_table import compute_file_hashes
 from yaralyzer.output.rich_console import console
@@ -36,7 +36,7 @@ class Pdfalyzer:
         self.pdf_basename = basename(pdf_path)
         self.pdf_bytes = load_binary_data(pdf_path)
         self.pdf_bytes_info = compute_file_hashes(self.pdf_bytes)
-        pdf_file = open(pdf_path, 'rb')  # Filehandle must be left open for PyPDF2 to perform seeks
+        pdf_file = open(pdf_path, 'rb')  # Filehandle must be left open for PyPDF to perform seeks
         self.pdf_reader = PdfReader(pdf_file)
 
         # Initialize tracking variables

pdfalyzer/util/adobe_strings.py

@@ -2,8 +2,8 @@
 String constants specified in the Adobe specs for PDFs, fonts, etc.
 """
 
-from PyPDF2.constants import (CatalogDictionary, ImageAttributes, PageAttributes,
-     PagesAttributes, Ressources as Resources)
+from pypdf.constants import (CatalogDictionary, ImageAttributes, PageAttributes,
+     PagesAttributes, Resources)
 
 from pdfalyzer.helpers.string_helper import is_prefixed_by_any
 

pdfalyzer/util/argument_parser.py

@@ -196,6 +196,8 @@ def all_sections_chosen(args):
 ###############################################
 # Separate arg parser for combine_pdfs script #
 ###############################################
+MAX_QUALITY = 10
+
 combine_pdfs_parser = ArgumentParser(
     description="Combine multiple PDFs into one.",
     epilog="If all PDFs end in a number (e.g. 'xyz_1.pdf', 'xyz_2.pdf', etc. sort the files as if those were" \
@@ -207,10 +209,10 @@ combine_pdfs_parser.add_argument('pdfs',
                                  metavar='PDF_PATH',
                                  nargs='+')
 
-combine_pdfs_parser.add_argument('-c', '--compression-level',
-                                 help='zlib image compression level (0=none, max=1 until PyPDF is upgraded)',
-                                 choices=range(0, 2),
-                                 default=1,
+combine_pdfs_parser.add_argument('-iq', '--image-quality',
+                                 help='image quality for embedded images (can compress PDF at loss of quality)',
+                                 choices=range(1, MAX_QUALITY + 1),
+                                 default=MAX_QUALITY,
                                  type=int)
 
 combine_pdfs_parser.add_argument('-o', '--output-file',

{pdfalyzer-1.15.1.dist-info → pdfalyzer-1.16.1.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: pdfalyzer
-Version: 1.15.1
+Version: 1.16.1
 Summary: A PDF analysis toolkit. Scan a PDF with relevant YARA rules, visualize its inner tree-like data structure in living color (lots of colors), force decodes of suspicious font binaries, and more.
 Home-page: https://github.com/michelcrypt4d4mus/pdfalyzer
 License: GPL-3.0-or-later
@@ -16,13 +16,14 @@ Classifier: Programming Language :: Python :: 3.11
 Classifier: Topic :: Artistic Software
 Classifier: Topic :: Scientific/Engineering :: Visualization
 Classifier: Topic :: Security
-Requires-Dist: PyPDF2 (>=2.10,<3.0)
 Requires-Dist: anytree (>=2.8,<3.0)
 Requires-Dist: chardet (>=5.0.0,<6.0.0)
+Requires-Dist: pypdf (>=5.0.1,<6.0.0)
 Requires-Dist: python-dotenv (>=0.21.0,<0.22.0)
 Requires-Dist: rich (>=12.5.1,<13.0.0)
 Requires-Dist: rich-argparse-plus (>=0.3.1,<0.4.0)
 Requires-Dist: yaralyzer (>=0.9.4,<0.10.0)
+Project-URL: Changelog, https://github.com/michelcrypt4d4mus/pdfalyzer/blob/master/CHANGELOG.md
 Project-URL: Documentation, https://github.com/michelcrypt4d4mus/pdfalyzer
 Project-URL: Repository, https://github.com/michelcrypt4d4mus/pdfalyzer
 Description-Content-Type: text/markdown
@@ -71,7 +72,7 @@ Installation with [pipx](https://pypa.github.io/pipx/)[^4] is preferred though `
 pipx install pdfalyzer
 ```
 
-See [PyPDF2 installation notes](https://github.com/py-pdf/PyPDF2#installation) about `PyCryptodome` if you plan to `pdfalyze` any files that use AES encryption.
+See [PyPDF installation notes](https://github.com/py-pdf/pypdf#installation) about `PyCryptodome` if you plan to `pdfalyze` any files that use AES encryption.
 
 If you are on macOS someone out there was kind enough to make [The Pdfalyzer available via homebrew](https://formulae.brew.sh/formula/pdfalyzer) so `brew install pdfalyzer` should work.
 
@@ -123,7 +124,7 @@ Warnings will be printed if any PDF object ID between 1 and the `/Size` reported
 ## Use As A Code Library
 For info about setting up a dev environment see [Contributing](#contributing) below.
 
-At its core The Pdfalyzer is taking PDF internal objects gathered by [PyPDF2](https://github.com/py-pdf/PyPDF2) and wrapping them in [AnyTree](https://github.com/c0fec0de/anytree)'s `NodeMixin` class.  Given that things like searching the tree or accessing internal PDF properties will be done through those packages' code it may be helpful to review their documentation.
+At its core The Pdfalyzer is taking PDF internal objects gathered by [PyPDF](https://github.com/py-pdf/pypdf) and wrapping them in [AnyTree](https://github.com/c0fec0de/anytree)'s `NodeMixin` class.  Given that things like searching the tree or accessing internal PDF properties will be done through those packages' code it may be helpful to review their documentation.
 
 As far as The Pdfalyzer's unique functionality goes, [`Pdfalyzer`](pdfalyzer/pdfalyzer.py) is the class at the heart of the operation. It holds the PDF's logical tree as well as a few other data structures. Chief among these are the [`FontInfo`](pdfalyzer/font_info.py) class which pulls together various properties of a font strewn across 3 or 4 different PDF objects and the [`BinaryScanner`](pdfalyzer/binary/binary_scanner.py) class which lets you dig through the embedded streams' bytes looking for suspicious patterns.
 
@@ -192,7 +193,7 @@ This image shows a more in-depth view of of the PDF tree for the same document s
 
 ## Fonts
 
-#### **Extract character mappings from ancient Adobe font formats**. It's actually `PyPDF2` doing the lifting here but we're happy to take the credit.
+#### **Extract character mappings from ancient Adobe font formats**. It's actually `PyPDF` doing the lifting here but we're happy to take the credit.
 
 ![](https://github.com/michelcrypt4d4mus/pdfalyzer/raw/master/doc/svgs/rendered_images/font_character_mapping.png)
 
@@ -275,7 +276,7 @@ scripts/install_t1utils.sh
 ## Did The World Really Need Another PDF Tool?
 This tool was built to fill a gap in the PDF assessment landscape following [my own recent experience trying to find malicious content in a PDF file](https://twitter.com/Cryptadamist/status/1570167937381826560). Didier Stevens's [pdfid.py](https://github.com/DidierStevens/DidierStevensSuite/blob/master/pdfid.py) and [pdf-parser.py](https://github.com/DidierStevens/DidierStevensSuite/blob/master/pdf-parser.py) are still the best game in town when it comes to PDF analysis tools but they lack in the visualization department and also don't give you much to work with as far as giving you a data model you can write your own code around. [Peepdf](https://github.com/jesparza/peepdf) seemed promising but turned out to be in a buggy, out of date, and more or less unfixable state. And neither of them offered much in the way of tooling for embedded binary analysis.
 
-Thus I felt the world might be slightly improved if I strung together a couple of more stable/well known/actively maintained open source projects ([AnyTree](https://github.com/c0fec0de/anytree), [PyPDF2](https://github.com/py-pdf/PyPDF2), [Rich](https://github.com/Textualize/rich), and [YARA](https://github.com/VirusTotal/yara-python) via [The Yaralyzer](https://github.com/michelcrypt4d4mus/yaralyzer)) into this tool.
+Thus I felt the world might be slightly improved if I strung together a couple of more stable/well known/actively maintained open source projects ([AnyTree](https://github.com/c0fec0de/anytree), [PyPDF](https://github.com/py-pdf/pypdf), [Rich](https://github.com/Textualize/rich), and [YARA](https://github.com/VirusTotal/yara-python) via [The Yaralyzer](https://github.com/michelcrypt4d4mus/yaralyzer)) into this tool.
 
 -------------
 
@@ -289,7 +290,7 @@ These are the naming conventions at play in The Pdfalyzer code base:
 
 | Term  | Meaning |
 | ----------------- | ---------------- |
-| **`PDF Object`** | Instance of a `PyPDF2` class that represents the information stored in the PDF binary between open and close guillemet quotes (« and ») |
+| **`PDF Object`** | Instance of a `PyPDF` class that represents the information stored in the PDF binary between open and close guillemet quotes (« and ») |
 | **`reference_key`** | String found in a PDF object that names a property (e.g. `/BaseFont` or `/Subtype`) |
 | **`reference`** | Link _from_ a PDF object _to_ another node. Outward facing relationships, basically. |
 | **`address`** | `reference_key` plus a hash key or numerical array index if that's how the reference works. e.g. if node A has a reference key `/Resources` pointing to a dict `{'/Font2': [IndirectObject(55), IndirectObject(2)]}` the address of `IndirectObject(55)` from node A would be `/Resources[/Font2][0]` |
@@ -300,11 +301,10 @@ These are the naming conventions at play in The Pdfalyzer code base:
 | **`link_node`** | nodes like `/Dest` that just contain a pointer to another node |
 
 ### Reference
-* [`PyPDF2 2.12.0` documentation](https://pypdf2.readthedocs.io/en/2.12.0/) (latest is 4.x or something so these are the relevant docs for `pdfalyze`)
+* [`PyPDF` documentation](https://pypdf.readthedocs.io/en/stable/) (latest is 4.x or something so these are the relevant docs for `pdfalyze`)
 
 
 # TODO
-* Upgrade `PyPDF` to latest and expand `combine_pdfs` compression command line option
 * Highlight decodes with a lot of Javascript keywords
 * https://github.com/mandiant/flare-floss (https://github.com/mandiant/flare-floss/releases/download/v2.1.0/floss-v2.1.0-linux.zip)
 * https://github.com/1Project/Scanr/blob/master/emulator/emulator.py

{pdfalyzer-1.15.1.dist-info → pdfalyzer-1.16.1.dist-info}/RECORD

@@ -1,38 +1,38 @@
-CHANGELOG.md,sha256=uQ7oQFJC0a7S2mV19yEeJNfpgNJSbEh1qOIWw0s49Wo,11581
+CHANGELOG.md,sha256=TisXF8v_aWS4qUyZzdZXCF2aY1YDBMot2t5Osjd2DkY,11775
 LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-pdfalyzer/__init__.py,sha256=BO4KrcTSwabB4nh284jFRVoM9WDNlxIjYnMxxVUlK9Y,5312
+pdfalyzer/__init__.py,sha256=q8qSdGdyUYmTYGOp_d2bRCCFASnlVt4wa-DlBikD5-M,5362
 pdfalyzer/__main__.py,sha256=Ko_AoAyYMLIe_cmhiUSl6twheLZrGyT8aOSJ2CP7EZY,43
 pdfalyzer/binary/binary_scanner.py,sha256=7NrXx8GB2gpb04oR2bcZJKkOXOlzn2hWpcGlcYMqSfs,10217
 pdfalyzer/config.py,sha256=oN-pVR037lt3giRsnsm4c8ku5hCW8ChFqYFi9V7w1qU,1918
-pdfalyzer/decorators/document_model_printer.py,sha256=VD9N47i7CGuNd7b6OYwYzPtx4-LDsEx9cpQIxFjDzI4,2683
+pdfalyzer/decorators/document_model_printer.py,sha256=2tjJItZltukmOD2wjGvl2IsBM7Gug59wMHGLpzGDbV0,2682
 pdfalyzer/decorators/indeterminate_node.py,sha256=ivB6dX5aN8W9m0ksXhmUcixnjYjnuE7DARalH-nMjxY,6616
-pdfalyzer/decorators/pdf_object_properties.py,sha256=8dqHmi0J2USwnGPSy0Sg_ria_2TsaRWe_HWs-14RKrg,5524
-pdfalyzer/decorators/pdf_tree_node.py,sha256=A69k-Wj7g4Y0AgnvFeE-stiNP4ZWNkFaDz3yZitgA4A,10930
-pdfalyzer/decorators/pdf_tree_verifier.py,sha256=IRgm7ikdaqJEq66q3JcMZo49XQoONODM7lySioJfxRc,4543
+pdfalyzer/decorators/pdf_object_properties.py,sha256=I7kix5hXNguAH2VW2uINIZRHJ8xYS4JGfc6Aiakyh4c,5522
+pdfalyzer/decorators/pdf_tree_node.py,sha256=sd3a4uQMu_KQ_wvo0pjwQ8K1HI7xGgsGd47eI2IWybY,10927
+pdfalyzer/decorators/pdf_tree_verifier.py,sha256=YC56SQxp5o2zMYgsBPCzX89pCkUHdZ-MCFNIPD9XKRc,4541
 pdfalyzer/detection/constants/binary_regexes.py,sha256=eFx1VVAOzxKmlacbGgicDCp1fcKgOkQkkzeduGjqLBQ,1594
 pdfalyzer/detection/constants/javascript_reserved_keywords.py,sha256=CXXdWskdQa0Hs5wCci2RBVvipgZg34_cLfmkWG4Xcmg,991
 pdfalyzer/detection/javascript_hunter.py,sha256=_wT2vkKTMlm_RGCjYsmwcmV-ag1qep3EpkHmUw0nWcQ,711
 pdfalyzer/detection/yaralyzer_helper.py,sha256=_l9eJQUtMlo9RhY5h8Xq9gBLxzn1VgJsCA1nCsFDGvo,1999
-pdfalyzer/font_info.py,sha256=L5ykKvlifAQv2uw-pKqxbQPqWrvbli0IcO8DgDK0SQo,6665
+pdfalyzer/font_info.py,sha256=0NQ6g4q3pTdirwGjJhur8HkXQlC732cR7IhilO33g2A,6663
 pdfalyzer/helpers/dict_helper.py,sha256=2TP0_EJBouaWD6jfnAekrEZ4M5eHKL8Tm61FgXZtBAg,303
 pdfalyzer/helpers/filesystem_helper.py,sha256=wHlFz4DFzPAJt2OzMRrhsjL-O3gLJ02JhuwBRwkE958,4089
 pdfalyzer/helpers/number_helper.py,sha256=8IlRmaOVLJsUV18VLvWRZU8SzRxL0XZjrY3sjmk2Ro4,292
-pdfalyzer/helpers/pdf_object_helper.py,sha256=u0j8B9mY8s5cTGo5LmDcozotvvgZNrwwJ4w_ipQqiXw,1105
-pdfalyzer/helpers/rich_text_helper.py,sha256=EkuF1GNQ8F8StZnl2flpI4C8RPvpxUV2aqCIDdjUDj8,2255
+pdfalyzer/helpers/pdf_object_helper.py,sha256=Ija6cWKfFQRXCfZv2ezU1V2v0KFDn9f4ayeX8eG9GmI,1102
+pdfalyzer/helpers/rich_text_helper.py,sha256=s5ytOme8CZCIWAsiPHFlIi6q0KN5qZPBb0OrtTfRkq4,2254
 pdfalyzer/helpers/string_helper.py,sha256=75EDEFw3UWHvWF32WtvZVBbqYY3ozO4y30dtH2qVMX0,2278
-pdfalyzer/output/character_mapping.py,sha256=lKPf-Xw3K3A3h33EOB_B-YaaxuFie7h7PUXCrphuwmw,2095
+pdfalyzer/output/character_mapping.py,sha256=MtC3jKdtMaugi5038fne0T_SFSo9QU4lZl_s7bW7gzI,2092
 pdfalyzer/output/layout.py,sha256=E58T9Tl6BYZTDsj6ouMr1J5SSUiXa7timUNxnOI2IzI,2149
-pdfalyzer/output/pdfalyzer_presenter.py,sha256=RoOuVMqc4MLgkOPMuPaymdNj_4cUS33rplXSj5dZ0Qo,8501
-pdfalyzer/output/styles/node_colors.py,sha256=sw-e97iRwAzqBdg0sP_b__9KCe6MbRcgMzQlPL6sCrA,3987
+pdfalyzer/output/pdfalyzer_presenter.py,sha256=CSboSnYFlkgOfwMf3TcoTTJY6FLXJ9OulI9UieSTJeE,8492
+pdfalyzer/output/styles/node_colors.py,sha256=rfsTAUF43K_buw21SZoP6L5c_cLy7S-xA4GUiWJsDkc,3986
 pdfalyzer/output/styles/rich_theme.py,sha256=Y8QmuINlyZNIHvf3oD0CV3w2dC49NNKtvOChvudDCT8,1983
 pdfalyzer/output/tables/decoding_stats_table.py,sha256=mhQOiWhmovaC4sop38WcxStv_bIdAlQWUysAz5fW4MU,3461
 pdfalyzer/output/tables/font_summary_table.py,sha256=xfTqC7BlQd0agQf6nDDhkcJno7hru6mf9_xY1f5IDcw,2065
-pdfalyzer/output/tables/pdf_node_rich_table.py,sha256=Soz5gkSl9pMFbwmGxyKyil_9X-Pl-fI0i8s0cvwLC3Q,5909
+pdfalyzer/output/tables/pdf_node_rich_table.py,sha256=7G-FLb_EUP50kZmYCTbo8Q6taU4xKp2QIGNOnQtYbNg,5908
 pdfalyzer/output/tables/stream_objects_table.py,sha256=nzCTci8Kqs8Pyghad3L5KWHDdIWRSrKCRNW8geA_rMo,707
-pdfalyzer/pdf_object_relationship.py,sha256=EgeIiVDofvZd-il114H8ZlKKwCOci5T5S4e15mHK_Wg,5340
-pdfalyzer/pdfalyzer.py,sha256=sOZqOKiRivd2I0Lek_cbYu0h4jIi8DXYnw5H0f6TfcA,11016
-pdfalyzer/util/adobe_strings.py,sha256=ea9rY83u1oL3uAx43AjuXY24zSdtyc2H7iJN6epaqkE,5048
-pdfalyzer/util/argument_parser.py,sha256=36FDle0ke_HyxdQIIKHvm88XLQCexdbjMgSLnT3ZK7g,11860
+pdfalyzer/pdf_object_relationship.py,sha256=ug-338eoXFdD4YtDWPdzcfxP2fQDQa-GE8I3m3a01TA,5339
+pdfalyzer/pdfalyzer.py,sha256=6JflqQJb2crXXaVA6DHHgWB45w2MBFB3pqE3AlZO5WI,11013
+pdfalyzer/util/adobe_strings.py,sha256=F1MOBtSyIuF5HPmzWDr8MgnLyVodOsZSy4AFFCMHq_Y,5033
+pdfalyzer/util/argument_parser.py,sha256=_8bhYkrw_lH9ce-ZnagcCtn9iqjeUW4dbbyQicB5hqE,11902
 pdfalyzer/util/debugging.py,sha256=nE64VUQbdu2OQRC8w8-AJkMtBOy8Kf3mjozuFslfWsw,156
 pdfalyzer/util/exceptions.py,sha256=XLFFTdx1n6i_VCmvuzvIOCa-djJvGEitfo9lhy3zq0k,98
 pdfalyzer/util/pdf_parser_manager.py,sha256=FVRYAYsCd0y5MAm--qvXnwCZnDtB3x85FdJtb-gpyw4,3109
@@ -40,8 +40,8 @@ pdfalyzer/yara_rules/PDF.yara,sha256=fBMKYmJgBLiCq-kpVzsTP9zUJEBep6yi_QVKmC-FdY0
 pdfalyzer/yara_rules/PDF_binary_stream.yara,sha256=oWRPLe5yQiRFMvi3BTHNTlB6T7NcAuxKn0C9OSvgJSM,804
 pdfalyzer/yara_rules/__init.py__,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pdfalyzer/yara_rules/lprat.static_file_analysis.yara,sha256=i0CwRH8pBx_QshKFTQtr1CP5n378EZelsF2FxMY2y5A,21859
-pdfalyzer-1.15.1.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-pdfalyzer-1.15.1.dist-info/METADATA,sha256=_xfjC5qZZtsjtGaNfUwYsGrekgGiZdfgenJXfxED9H0,25817
-pdfalyzer-1.15.1.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
-pdfalyzer-1.15.1.dist-info/entry_points.txt,sha256=aZurgt-Xg3pojS7oTRI4hNLpK1hO4kTfChf0x2eQoD8,147
-pdfalyzer-1.15.1.dist-info/RECORD,,
+pdfalyzer-1.16.1.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+pdfalyzer-1.16.1.dist-info/METADATA,sha256=XIwrDK_lRwcCb1CrxFghfAhUpL2uCsFRQGMNHdPzsN4,25812
+pdfalyzer-1.16.1.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
+pdfalyzer-1.16.1.dist-info/entry_points.txt,sha256=aZurgt-Xg3pojS7oTRI4hNLpK1hO4kTfChf0x2eQoD8,147
+pdfalyzer-1.16.1.dist-info/RECORD,,