yara-x 1.4.0__cp38-abi3-manylinux_2_28_x86_64.whl → 1.6.0__cp38-abi3-manylinux_2_28_x86_64.whl

yara_x/__init__.pyi

@@ -1,10 +1,33 @@
-import typing
+import collections
 
+from typing import Any, Dict, BinaryIO, TextIO, Optional, Tuple, final
+
+class CompileError(Exception):
+    r"""
+    Error occurred while compiling rules.
+    """
+
+class ScanError(Exception):
+    r"""
+    Error occurred during a scan operation.
+    """
+
+class TimeoutError(Exception):
+    r"""
+    Error indicating that a timeout occurred during a scan operation.
+    """
+
+@final
 class Compiler:
     r"""
     Compiles YARA source code producing a set of compiled [`Rules`].
     """
-    def new(self, relaxed_re_syntax: bool, error_on_slow_pattern: bool) -> Compiler:
+    def __new__(
+        cls,
+        relaxed_re_syntax: bool = False,
+        error_on_slow_pattern: bool = False,
+        includes_enabled: bool = True,
+    ) -> Compiler:
         r"""
         Creates a new [`Compiler`].
 
@@ -22,10 +45,13 @@ class Compiler:
 
         The `error_on_slow_pattern` argument tells the compiler to treat slow
         patterns as errors, instead of warnings.
+
+        The `includes_enabled` argument controls whether the compiler should
+        enable or disable the inclusion of files with the `include` directive.
         """
         ...
 
-    def add_source(self, src: str, origin: typing.Optional[str]) -> None:
+    def add_source(self, src: str, origin: Optional[str] = None) -> None:
         r"""
         Adds a YARA source code to be compiled.
 
@@ -47,7 +73,20 @@ class Compiler:
         """
         ...
 
-    def define_global(self, ident: str, value: typing.Any) -> None:
+    def add_include_dir(self, dir: str) -> None:
+        r"""
+        Adds a directory to the list of directories where the compiler should
+        look for included files.
+        """
+        ...
+
+    def enable_includes(self, yes: bool) -> None:
+        r"""
+        Enables or disables the inclusion of files with the `include` directive.
+        """
+        ...
+
+    def define_global(self, ident: str, value: Any) -> None:
         r"""
         Defines a global variable and sets its initial value.
 
@@ -96,7 +135,7 @@ class Compiler:
         """
         ...
 
-    def errors(self) -> typing.Any:
+    def errors(self) -> Any:
         r"""
         Retrieves all errors generated by the compiler.
 
@@ -105,7 +144,7 @@ class Compiler:
         """
         ...
 
-    def warnings(self) -> typing.Any:
+    def warnings(self) -> Any:
         r"""
         Retrieves all warnings generated by the compiler.
 
@@ -126,34 +165,89 @@ class Compiler:
         """
         ...
 
-    def required_metadata(self, regexp: typing.Dict[str, str]) -> None:
+@final
+class Scanner:
+    r"""
+    Scans data with already compiled YARA rules.
+
+    The scanner receives a set of compiled [`Rules`] and scans data with those
+    rules. The same scanner can be used for scanning multiple files or in-memory
+    data sequentially, but you need multiple scanners for scanning in parallel.
+    """
+
+    def __new__(cls, rules: Rules) -> Scanner:
         r"""
-        Specify required metadata identifiers and types for the values in each
-        rule. Any rule which does not meet these requirements will result in a
-        compiler warning.
+        Creates a new [`Scanner`] with a given set of [`Rules`].
+        """
+        ...
 
-        The key in your dictionary corresponds to the metadata identifier and
-        the value in your dictionary corresponds to the required type for that
-        metadata in the rule.
+    def scan(self, data: bytes) -> ScanResults:
+        r"""
+        Scans in-memory data.
+        """
+        ...
 
-        Acceptable values are documented in [the config file](https://virustotal.github.io/yara-x/docs/cli/config-file/).
+    def scan_file(self, path: str) -> ScanResults:
+        r"""
+        Scans a file
+        """
+        ...
+
+    def set_global(self, ident: str, value: Any) -> None:
+        r"""
+        Sets the value of a global variable.
+
+        The variable must has been previously defined by calling
+        [`Compiler::define_global`], and the type it has during the definition
+        must match the type of the new value.
+
+        The variable will retain the new value in subsequent scans, unless this
+        function is called again for setting a new value.
+
+        The type of `value` must be: `bool`, `str`, `bytes`, `int` or `float`.
+
+        # Raises
+
+        [TypeError](https://docs.python.org/3/library/exceptions.html#TypeError)
+        if the type of `value` is not one of the supported ones.
+        """
+        ...
+
+    def set_timeout(self, seconds: int) -> None:
+        r"""
+        Sets a timeout for each scan.
+
+        After setting a timeout scans will abort after the specified `seconds`.
+        """
+        ...
+
+    def console_log(self, callback: collections.abc.Callable[[str], Any]) -> None:
+        r"""
+        Sets a callback that is invoked every time a YARA rule calls the
+        `console` module.
+
+        The `callback` function is invoked with a string representing the
+        message being logged. The function can print the message to stdout,
+        append it to a file, etc. If no callback is set these messages are
+        ignored.
         """
         ...
 
+@final
 class Formatter:
     r"""
     Formats YARA rules.
     """
-    def new(
-        self,
-        align_metadata: bool,
-        align_patterns: bool,
-        indent_section_headers: bool,
-        indent_section_contents: bool,
-        indent_spaces: int,
-        newline_before_curly_brace: bool,
-        empty_line_before_section_header: bool,
-        empty_line_after_section_header: bool,
+    def __new__(
+        cls,
+        align_metadata: bool = True,
+        align_patterns: bool = True,
+        indent_section_headers: bool = True,
+        indent_section_contents: bool = True,
+        indent_spaces: int = 2,
+        newline_before_curly_brace: bool = False,
+        empty_line_before_section_header: bool = True,
+        empty_line_after_section_header: bool = False,
     ) -> Formatter:
         r"""
         Creates a new [`Formatter`].
@@ -169,73 +263,87 @@ class Formatter:
         """
         ...
 
-    def format(self, input: typing.Any, output: typing.Any) -> str:
+    def format(self, input: TextIO, output: TextIO) -> None:
         r"""
         Format a YARA rule
         """
         ...
 
+@final
 class Match:
     r"""
     Represents a match found for a pattern.
     """
+    @property
     def offset(self) -> int:
         r"""
         Offset where the match occurred.
         """
         ...
 
+    @property
     def length(self) -> int:
         r"""
         Length of the match in bytes.
         """
         ...
 
-    def xor_key(self) -> typing.Optional[int]:
+    @property
+    def xor_key(self) -> Optional[int]:
         r"""
         XOR key used for decrypting the data if the pattern had the xor
         modifier, or None if otherwise.
         """
         ...
 
+@final
 class Pattern:
     r"""
     Represents a pattern in a YARA rule.
     """
+
+    @property
     def identifier(self) -> str:
         r"""
         Pattern identifier (e.g: '$a', '$foo').
         """
         ...
 
+    @property
     def matches(self) -> tuple:
         r"""
         Matches found for this pattern.
         """
         ...
 
+@final
 class Rule:
     r"""
     Represents a rule that matched while scanning some data.
     """
+
+    @property
     def identifier(self) -> str:
         r"""
         Returns the rule's name.
         """
         ...
 
+    @property
     def namespace(self) -> str:
         r"""
         Returns the rule's namespace.
         """
         ...
 
+    @property
     def tags(self) -> tuple:
         r"""
         Returns the rule's tags.
         """
         ...
 
+    @property
     def metadata(self) -> tuple:
         r"""
         A tuple of pairs `(identifier, value)` with the metadata associated to
@@ -243,12 +351,14 @@ class Rule:
         """
         ...
 
+    @property
     def patterns(self) -> tuple:
         r"""
         Patterns defined by the rule.
         """
         ...
 
+@final
 class Rules:
     r"""
     A set of YARA rules in compiled form.
@@ -261,30 +371,34 @@ class Rules:
         """
         ...
 
-    def serialize_into(self, file: typing.Any) -> None:
+    def serialize_into(self, file: BinaryIO) -> None:
         r"""
         Serializes the rules into a file-like object.
         """
         ...
 
     @staticmethod
-    def deserialize_from(self, file: typing.Any) -> Rules:
+    def deserialize_from(file: BinaryIO) -> Rules:
         r"""
         Deserializes rules from a file-like object.
         """
         ...
 
+@final
 class ScanResults:
     r"""
     Results produced by a scan operation.
     """
-    def matching_rules(self) -> tuple:
+
+    @property
+    def matching_rules(self) -> Tuple[Rule, ...]:
         r"""
         Rules that matched during the scan.
         """
         ...
 
-    def module_outputs(self) -> dict:
+    @property
+    def module_outputs(self) -> Dict[str, Any]:
         r"""
         Module output from the scan.
         """
@@ -299,11 +413,12 @@ def compile(src: str) -> Rules:
     """
     ...
 
+@final
 class Module:
     r"""A YARA-X module."""
-    def new(self, name: str) -> Module:
+    def __new__(cls, name: str) -> Module:
+        r"""Creates a new [`Module`] with the given name, which must be a valid YARA-X module name."""
         ...
-
-    def invoke(data: str) -> dict:
+    def invoke(self, data: str) -> Any:
         r"""Parse the data and collect module metadata."""
-        ...
+        ...

{yara_x-1.4.0.dist-info → yara_x-1.6.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: yara-x
-Version: 1.4.0
+Version: 1.6.0
 Classifier: Programming Language :: Rust
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Programming Language :: Python :: Implementation :: PyPy
@@ -8,7 +8,6 @@ Classifier: License :: OSI Approved :: BSD License
 Summary: Python bindings for YARA-X
 Keywords: pattern-matching,cybersecurity,forensics,malware,yara
 Home-Page: https://virustotal.github.io/yara-x
-License: BSD-3-Clause
 Requires-Python: >=3.9
 Description-Content-Type: text/markdown; charset=UTF-8; variant=GFM
 Project-URL: homepage, https://virustotal.github.io/yara-x

yara_x-1.6.0.dist-info/RECORD

@@ -0,0 +1,7 @@
+yara_x/__init__.py,sha256=nMyCIYe2XAcE0xoh-kWfMlEZjVx9_cnT6O6Iaxh9JoM,107
+yara_x/__init__.pyi,sha256=DVMCd5-GS1-Hm2Ib0DpW7OWWF6AOg7mNDXaV0MfRN9s,12469
+yara_x/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+yara_x/yara_x.abi3.so,sha256=f1LxcJrZQiFCUTbCXHTQbwuMXBtOyHMePLuknjz_QUg,32183648
+yara_x-1.6.0.dist-info/METADATA,sha256=SKakLaVrPLSAsxlTaGVTeEuxTR-Csa2pKQCcQ3CbaTA,1831
+yara_x-1.6.0.dist-info/WHEEL,sha256=o9MoQ468Z3FUwUKdyNbg6iGSdiXCzIugopu8jtWvISc,107
+yara_x-1.6.0.dist-info/RECORD,,

{yara_x-1.4.0.dist-info → yara_x-1.6.0.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: maturin (1.9.1)
+Generator: maturin (1.9.4)
 Root-Is-Purelib: false
 Tag: cp38-abi3-manylinux_2_28_x86_64
 

yara_x-1.4.0.dist-info/RECORD

@@ -1,7 +0,0 @@
-yara_x/__init__.py,sha256=nMyCIYe2XAcE0xoh-kWfMlEZjVx9_cnT6O6Iaxh9JoM,107
-yara_x/__init__.pyi,sha256=XHHI2JILfrN55nB7Mf2ySKBF2vLGrp6LijAkCQESekc,9621
-yara_x/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-yara_x/yara_x.abi3.so,sha256=wqFNRx_xb9gZBzmZ8R2OiGUpwavOdEAhbfKXuC8eZOo,29064344
-yara_x-1.4.0.dist-info/METADATA,sha256=XVKyoxe5wKEIcIWJMX7ZTW8a5QtnHIkrvLkkoV4CL7s,1853
-yara_x-1.4.0.dist-info/WHEEL,sha256=spMIA-rpx8X09oWaHinlErLVFzZemFOBJ65bg0tT6J4,107
-yara_x-1.4.0.dist-info/RECORD,,