yaralyzer 1.0.7__py3-none-any.whl → 1.0.9__py3-none-any.whl

yaralyzer/encoding_detection/encoding_assessment.py

@@ -1,5 +1,5 @@
 """
-Class to smooth some of the rough edges around the dicts returned by chardet.detect_all()
+Helps with `chardet` library.
 """
 from typing import Any, Optional
 
@@ -14,7 +14,23 @@ LANGUAGE = 'language'
 
 
 class EncodingAssessment:
+    """
+    Class to smooth some of the rough edges around the `dict`s returned by `chardet.detect_all()`.
+
+    Attributes:
+        assessment (dict): The dict returned by `chardet.detect_all()`.
+        encoding (str): The encoding detected, in lowercase.
+        confidence (float): Confidence score from 0.0 to 100.0.
+        confidence_text (Text): Rich `Text` object representing the confidence with styling.
+        language (Optional[str]): The detected language, if any.
+        encoding_label (Text): Rich `Text` object for displaying the encoding with optional language info.
+    """
+
     def __init__(self, assessment: dict) -> None:
+        """
+        Args:
+            assessment (dict): The `dict` returned by `chardet.detect_all()`.
+        """
         self.assessment = assessment
         self.encoding = assessment[ENCODING].lower()
 
@@ -27,14 +43,24 @@ class EncodingAssessment:
         self.set_encoding_label(self.language.title() if self.language else None)
 
     @classmethod
-    def dummy_encoding_assessment(cls, encoding) -> 'EncodingAssessment':
-        """Generate an empty EncodingAssessment to use as a dummy when chardet gives us nothing."""
+    def dummy_encoding_assessment(cls, encoding: str) -> 'EncodingAssessment':
+        """
+        Construct an empty `EncodingAssessment` to use as a dummy when `chardet` gives us nothing.
+
+        Args:
+            encoding (str): The encoding to use for the dummy assessment.
+        """
         assessment = cls({ENCODING: encoding, CONFIDENCE: 0.0})
         assessment.confidence_text = Text('none', 'no_attempt')
         return assessment
 
     def set_encoding_label(self, alt_text: Optional[str]) -> None:
-        """Alt text is displayed below the encoding in slightly dimmer font."""
+        """
+        Alt text is displayed below the encoding in slightly dimmer font.
+
+        Args:
+            alt_text (Optional[str]): Text to display along with the encoding (often the inferred language)
+        """
         self.encoding_label = Text(self.encoding, 'encoding.header')
 
         if alt_text is not None:
@@ -48,7 +74,7 @@ class EncodingAssessment:
         return self.__rich__().plain
 
     def _get_dict_empty_value_as_None(self, key: str) -> Any:
-        """Return None if the value at :key is an empty string, empty list, etc."""
+        """Return `None` if the value at `key` is an empty string, empty list, etc."""
         value = self.assessment.get(key)
 
         if isinstance(value, (dict, list, str)) and len(value) == 0:

yaralyzer/encoding_detection/encoding_detector.py

@@ -1,6 +1,5 @@
 """
-Manager class to ease dealing with the chardet encoding detection library 'chardet'.
-Each instance of this class manages a chardet.detect_all() scan on a single set of bytes.
+`EncodingDetector` class for managing chardet encoding detection.
 """
 from operator import attrgetter
 from typing import List
@@ -18,13 +17,37 @@ CONFIDENCE_SCORE_RANGE = range(0, 101)
 
 
 class EncodingDetector:
-    # 10 as in 10%, 0.02, etc.  Encodings w/confidences below this will not be displayed in the decoded table
+    """
+    Manager class to ease dealing with the encoding detection library `chardet`.
+
+    Each instance of this class manages a `chardet.detect_all()` scan on a single set of bytes.
+
+    Attributes:
+        bytes (bytes): The bytes to analyze.
+        bytes_len (int): The length of the bytes.
+        table (Table): A rich `Table` object summarizing the chardet results.
+        assessments (List[EncodingAssessment]): List of `EncodingAssessment` objects from `chardet` results.
+        unique_assessments (List[EncodingAssessment]): Unique assessments by encoding, highest confidence only.
+        raw_chardet_assessments (List[dict]): Raw list of dicts returned by `chardet.detect_all()`.
+        force_decode_assessments (List[EncodingAssessment]): Assessments above force decode threshold.
+        force_display_assessments (List[EncodingAssessment]): Assessments above force display threshold.
+        has_any_idea (Optional[bool]): `True` if `chardet` had any idea what the encoding might be,
+            `False` if not, `None` if `chardet` wasn't run yet.
+        force_display_threshold (float): `[class variable]` Default confidence threshold for forcing display
+            in decoded table.
+        force_decode_threshold (float): `[class variable]` Default confidence threshold for forcing a decode attempt.
+    """
+
+    # Default value for encodings w/confidences below this will not be displayed in the decoded table
     force_display_threshold = 20.0
-
-    # At what chardet.detect() confidence % should we force a decode with an obscure encoding?
+    # Default value for what chardet.detect() confidence % should we force a decode with an obscure encoding.
     force_decode_threshold = 50.0
 
     def __init__(self, _bytes: bytes) -> None:
+        """
+        Args:
+            _bytes (bytes): The bytes to analyze with `chardet`.
+        """
         self.bytes = _bytes
         self.bytes_len = len(_bytes)
         self.table = _empty_chardet_results_table()
@@ -53,21 +76,31 @@ class EncodingDetector:
         self.force_display_assessments = self.assessments_above_confidence(type(self).force_display_threshold)
 
     def get_encoding_assessment(self, encoding: str) -> EncodingAssessment:
-        """If chardet produced one, return it, otherwise return a dummy node with confidence of 0"""
+        """
+        Get the `chardet` assessment for a specific encoding.
+
+        Args:
+            encoding (str): The encoding to look for.
+
+        Returns:
+            EncodingAssessment: Assessment for the given encoding if it exists, otherwise a dummy with 0 confidence.
+        """
         assessment = next((r for r in self.unique_assessments if r.encoding == encoding), None)
         return assessment or EncodingAssessment.dummy_encoding_assessment(encoding)
 
     def has_enough_bytes(self) -> bool:
+        """Return `True` if we have enough bytes to run `chardet.detect()`."""
         return self.bytes_len >= YaralyzerConfig.args.min_chardet_bytes
 
     def assessments_above_confidence(self, cutoff: float) -> List[EncodingAssessment]:
+        """Return the assessments above the given confidence cutoff."""
         return [a for a in self.unique_assessments if a.confidence >= cutoff]
 
     def __rich__(self) -> Padding:
         return Padding(self.table, (0, 0, 0, 0))
 
     def _uniquify_results_and_build_table(self) -> None:
-        """Keep the highest result per encoding, ignoring the language chardet has indicated"""
+        """Keep the highest result per encoding, ignoring the language `chardet` has indicated."""
         already_seen_encodings = {}
 
         for i, result in enumerate(self.assessments):
@@ -87,6 +120,7 @@ class EncodingDetector:
         self.unique_assessments.sort(key=attrgetter('confidence'), reverse=True)
 
     def _set_empty_results(self) -> None:
+        """Set empty results for when `chardet` can't help us."""
         self.assessments = []
         self.unique_assessments = []
         self.raw_chardet_assessments = []
@@ -94,8 +128,8 @@ class EncodingDetector:
         self.force_display_assessments = []
 
 
-def _empty_chardet_results_table():
-    """Returns a fresh table"""
+def _empty_chardet_results_table() -> Table:
+    """Returns an empty `Table` with appropriate columns for `chardet` results."""
     table = Table(
         'Rank', 'Encoding', 'Confidence',
         title='chardet.detect results',

yaralyzer/helpers/bytes_helper.py

@@ -26,14 +26,35 @@ HEX_CHARS_PER_LINE = HEX_CHARS_PER_GROUP * HEX_GROUPS_PER_LINE
 
 def get_bytes_before_and_after_match(_bytes: bytes, match: re.Match, num_before=None, num_after=None) -> bytes:
     """
-    Get all bytes from num_before the start of the sequence up until num_after the end of the sequence
-    num_before and num_after will both default to the env var/CLI options having to do with surrounding
-    bytes. If only num_before is provided then num_after will use it as a default.
+    Get bytes before and after a regex match within a byte sequence.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        match (re.Match): The regex `Match` object.
+        num_before (int, optional): Number of bytes before the match to include. Defaults to configured value.
+        num_after (int, optional): Number of bytes after the match to include. Defaults to either configured value
+            or the `num_before` arg value.
+
+    Returns:
+        bytes: The surrounding bytes including the match.
     """
     return get_bytes_surrounding_range(_bytes, match.start(), match.end(), num_before, num_after)
 
 
 def get_bytes_surrounding_range(_bytes: bytes, start_idx: int, end_idx: int, num_before=None, num_after=None) -> bytes:
+    """
+    Get bytes surrounding a specified range in a byte sequence.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        start_idx (int): Start index of the range.
+        end_idx (int): End index of the range.
+        num_before (int, optional): Number of bytes before the range. Defaults to configured value.
+        num_after (int, optional): Number of bytes after the range. Defaults to configured value.
+
+    Returns:
+        bytes: The surrounding bytes including the range.
+    """
     num_after = num_after or num_before or YaralyzerConfig.args.surrounding_bytes
     num_before = num_before or YaralyzerConfig.args.surrounding_bytes
     start_idx = max(start_idx - num_before, 0)
@@ -42,7 +63,16 @@ def get_bytes_surrounding_range(_bytes: bytes, start_idx: int, end_idx: int, num
 
 
 def clean_byte_string(bytes_array: bytes) -> str:
-    """Gives you a string representation of bytes w/no cruft e.g. '\x80\nx44' instead of "b'\x80\nx44'"."""
+    r"""
+    Return a clean string representation of bytes, without Python's b'' or b"" wrappers.
+    e.g. '\x80\nx44' instead of "b'\x80\nx44'".
+
+    Args:
+        bytes_array (bytes): The bytes to convert.
+
+    Returns:
+        str: Clean string representation of the bytes.
+    """
     byte_printer = Console(file=StringIO())
     byte_printer.out(bytes_array, end='')
     bytestr = byte_printer.file.getvalue()
@@ -58,7 +88,16 @@ def clean_byte_string(bytes_array: bytes) -> str:
 
 
 def rich_text_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
-    """Print raw bytes to a Text object, highlighing the bytes in the bytes_match BytesMatch"""
+    """
+    Return a rich `Text` object of raw bytes, highlighting the matched bytes.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        bytes_match (BytesMatch): The BytesMatch object indicating which bytes to highlight.
+
+    Returns:
+        Text: Rich Text object with highlighted match.
+    """
     surrounding_bytes_str = clean_byte_string(_bytes)
     highlighted_bytes_str = clean_byte_string(bytes_match.bytes)
     highlighted_bytes_str_length = len(highlighted_bytes_str)
@@ -72,6 +111,16 @@ def rich_text_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
 
 
 def hex_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
+    """
+    Return a hexadecimal view of raw bytes, highlighting the matched bytes.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        bytes_match (BytesMatch): The BytesMatch object indicating which bytes to highlight.
+
+    Returns:
+        Text: Rich Text object with highlighted match in hex view.
+    """
     hex_str = hex_text(_bytes)
     highlight_start_idx = bytes_match.highlight_start_idx * 3
     highlight_end_idx = bytes_match.highlight_end_idx * 3
@@ -81,6 +130,16 @@ def hex_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
 
 
 def ascii_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
+    """
+    Return an ASCII view of raw bytes, highlighting the matched bytes.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        bytes_match (BytesMatch): The BytesMatch object indicating which bytes to highlight.
+
+    Returns:
+        Text: Rich Text object with highlighted match in ASCII view.
+    """
     txt = Text('', style=BYTES)
 
     for i, b in enumerate(_bytes):
@@ -113,23 +172,54 @@ def ascii_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
 
 
 def hex_text(_bytes: bytes) -> Text:
+    """
+    Return a rich Text object of the hex string for the given bytes.
+
+    Args:
+        _bytes (bytes): The bytes to convert.
+
+    Returns:
+        Text: Rich Text object of the hex string.
+    """
     return Text(hex_string(_bytes), style=GREY)
 
 
 def hex_string(_bytes: bytes) -> str:
+    """
+    Return a hex string representation of the given bytes.
+
+    Args:
+        _bytes (bytes): The bytes to convert.
+
+    Returns:
+        str: Hex string representation of the bytes.
+    """
     return ' '.join([hex(b).removeprefix('0x').rjust(2, '0') for i, b in enumerate(_bytes)])
 
 
 def print_bytes(bytes_array: bytes, style=None) -> None:
-    """Convert bytes to a string representation and print to console"""
+    """
+    Print a string representation of some bytes to the console.
+
+    Args:
+        bytes_array (bytes): The bytes to print.
+        style (str, optional): Style to use for printing. Defaults to 'bytes'.
+    """
     for line in bytes_array.split(NEWLINE_BYTE):
         console.print(escape(clean_byte_string(line)), style=style or 'bytes')
 
 
 def truncate_for_encoding(_bytes: bytes, encoding: str) -> bytes:
     """
-    Truncate bytes to the a modulus of the char width of the given encoding.
-    For utf-16 this means truncate to a multiple of 2, for utf-32 to a multiple of 4.
+    Truncate bytes to a multiple of the character width for the given encoding.
+    For example, for utf-16 this means truncating to a multiple of 2, for utf-32 to a multiple of 4.
+
+    Args:
+        _bytes (bytes): The bytes to truncate.
+        encoding (str): The encoding to consider.
+
+    Returns:
+        bytes: Truncated bytes.
     """
     char_width = encoding_width(encoding)
     num_bytes = len(_bytes)
@@ -142,15 +232,23 @@ def truncate_for_encoding(_bytes: bytes, encoding: str) -> bytes:
 
 
 def _find_str_rep_of_bytes(surrounding_bytes_str: str, highlighted_bytes_str: str, highlighted_bytes: BytesMatch):
-    """
-    Find the position of bytes_str in surrounding_byte_str. Both args are raw text dumps of binary data.
-    Because strings are longer than bytes (stuff like '\xcc' are 4 chars when printed are one byte and
-    the ANSI unprintables include stuff like 'NegativeAcknowledgement' which is over 20 chars) they represent
-    so we have to re-find the location to highlight the bytes correctly.
+    r"""
+    Find the position of the highlighted bytes string within the surrounding bytes string.
+
+    Both arguments are string representations of binary data. This is needed because the string
+    representation of bytes can be longer than the actual bytes (e.g., '\\xcc' is 4 chars for 1 byte).
+
+    Args:
+        surrounding_bytes_str (str): String representation of the full byte sequence.
+        highlighted_bytes_str (str): String representation of the matched bytes.
+        highlighted_bytes (BytesMatch): The BytesMatch object for context.
+
+    Returns:
+        int: The index in the surrounding string where the highlighted bytes start, or -1 if not found.
     """
     # Start a few chars in to avoid errors: sometimes we're searching for 1 or 2 bytes and there's a false positive
-    # in the extra bytes. Tthis isn't perfect - it's starting us at the first index into the *bytes* that's safe to
-    # check but this is almost certainly far too soon given the large % of bytes that take 4 chars to print ('\x02' etc)
+    # in the extra bytes. This isn't perfect - it's starting us at the first index into the *bytes* that's safe to
+    # check but this is almost certainly too soon given the large % of bytes that take 4 chars to print ('\x02' etc)
     highlight_idx = surrounding_bytes_str.find(highlighted_bytes_str, highlighted_bytes.highlight_start_idx)
 
     # TODO: Somehow \' and ' don't always come out the same :(

yaralyzer/helpers/dict_helper.py

@@ -4,5 +4,5 @@ Help with dicts.
 
 
 def get_dict_key_by_value(_dict: dict, value):
-    """Inverse of the usual dict operation"""
+    """Inverse of the usual dict operation."""
     return list(_dict.keys())[list(_dict.values()).index(value)]

yaralyzer/helpers/file_helper.py

@@ -3,16 +3,21 @@ Helper methods to work with files.
 """
 from datetime import datetime
 from os import listdir, path
+from pathlib import Path
 from typing import List, Optional
 
 
-def timestamp_for_filename() -> str:
-    """Returns a string showing current time in a file name friendly format"""
-    return datetime.now().strftime("%Y-%m-%dT%H.%M.%S")
+def files_in_dir(dir: Path | str, with_extname: Optional[str] = None) -> List[str]:
+    """
+    Returns paths for all non dot files in `dir` (optionally filtered to only those ending in 'with_extname').
 
+    Args:
+        dir (str): Directory to list files from.
+        with_extname (Optional[str], optional): If set, only return files with this extension. Defaults to None.
 
-def files_in_dir(dir: str, with_extname: Optional[str] = None) -> List[str]:
-    """paths for non dot files, optionally ending in 'with_extname'"""
+    Returns:
+        List[str]: List of file paths.
+    """
     files = [path.join(dir, path.basename(file)) for file in listdir(dir) if not file.startswith('.')]
     files = [file for file in files if not path.isdir(file)]
 
@@ -23,20 +28,22 @@ def files_in_dir(dir: str, with_extname: Optional[str] = None) -> List[str]:
 
 
 def files_with_extname(files: List[str], extname: str) -> List[str]:
+    """Return only files from the list that end with the given `extname`."""
     return [f for f in files if f.endswith(f".{extname}")]
 
 
-def load_word_list(file_path):
-    """For very simple files (1 col CSVs, if you wll)"""
-    with open(file_path, 'r') as f:
-        return [line.rstrip().lstrip() for line in f.readlines()]
-
-
-def load_binary_data(file_path) -> bytes:
+def load_binary_data(file_path: Path | str) -> bytes:
+    """Load and return the raw `bytes` from a file."""
     with open(file_path, 'rb') as f:
         return f.read()
 
 
-def load_file(file_path) -> str:
+def load_file(file_path: Path | str) -> str:
+    """Load and return the text contents of a file."""
     with open(file_path, 'r') as f:
         return f.read()
+
+
+def timestamp_for_filename() -> str:
+    """Returns a string showing current time in a file name friendly format."""
+    return datetime.now().strftime("%Y-%m-%dT%H.%M.%S")

yaralyzer/helpers/rich_text_helper.py

@@ -1,9 +1,10 @@
 """
 Methods to handle turning various objects into Rich text/table/etc representations
-Rich colors: https://rich.readthedocs.io/en/stable/appendix/colors.html
+
+[Rich color names](https://rich.readthedocs.io/en/stable/appendix/colors.html)
 TODO: interesting colors # row_styles[0] = 'reverse bold on color(144)' <-
 """
-from typing import List, Union
+from typing import List, Optional, Union
 
 from rich.columns import Columns
 from rich.panel import Panel
@@ -37,16 +38,17 @@ DECODING_ERRORS_MSG = Text('Yes', style='dark_red dim')
 
 
 def na_txt(style: Union[str, Style] = 'white'):
+    """Standard N/A text for tables and such."""
     return Text('N/A', style=style)
 
 
-def prefix_with_style(_str: str, style: str, root_style=None) -> Text:
-    """Sometimes you need a Text() object to start plain lest the underline or whatever last forever"""
+def prefix_with_style(_str: str, style: str, root_style: Optional[Union[Style, str]] = None) -> Text:
+    """Sometimes you need a Text() object to start plain lest the underline or whatever last forever."""
     return Text('', style=root_style or 'white') + Text(_str, style)
 
 
-def meter_style(meter_pct):
-    """For coloring numbers between 0 and 100 (AKA pcts). Closer to 100 means greener, closer to 0.0 means bluer"""
+def meter_style(meter_pct: float | int) -> str:
+    """For coloring numbers between 0 and 100 (AKA pcts). Closer to 100 means greener, closer to 0.0 means bluer."""
     if meter_pct > 100 or meter_pct < 0:
         log.warning(f"Invalid meter_pct: {meter_pct}")
 
@@ -81,15 +83,10 @@ def dim_if(txt: Union[str, Text], is_dim: bool, style: Union[str, None] = None):
 
 
 def reverse_color(style: Style) -> Style:
-    """Reverses the color for a given style"""
+    """Reverses the color for a given style."""
     return Style(color=style.bgcolor, bgcolor=style.color, underline=style.underline, bold=style.bold)
 
 
-def yaralyzer_show_color_theme() -> None:
-    """Script method to show yaralyzer's color theme. Invocable with 'yaralyzer_show_colors'."""
-    show_color_theme(YARALYZER_THEME_DICT)
-
-
 def show_color_theme(styles: dict) -> None:
     """Print all colors in 'styles' to screen in a grid"""
     console.print(Panel('The Yaralyzer Color Theme', style='reverse'))
@@ -104,7 +101,7 @@ def show_color_theme(styles: dict) -> None:
 
 
 def size_text(num_bytes: int) -> Text:
-    """Convert a number of bytes into (e.g.) 54,213 bytes (52 KB)"""
+    """Convert a number of bytes into (e.g.) 54,213 bytes (52 KB)."""
     kb_txt = prefix_with_style("{:,.1f}".format(num_bytes / 1024), style='bright_cyan', root_style='white')
     kb_txt.append(' kb ')
     bytes_txt = Text('(', 'white') + size_in_bytes_text(num_bytes) + Text(')')
@@ -116,4 +113,10 @@ def size_in_bytes_text(num_bytes: int) -> Text:
 
 
 def newline_join(texts: List[Text]) -> Text:
+    """Join a list of Text objects with newlines between them."""
     return Text("\n").join(texts)
+
+
+def yaralyzer_show_color_theme() -> None:
+    """Script method to show yaralyzer's color theme. Invocable with 'yaralyzer_show_colors'."""
+    show_color_theme(YARALYZER_THEME_DICT)

yaralyzer/helpers/string_helper.py

@@ -17,7 +17,7 @@ def line_count(_string: str) -> int:
 
 
 def hex_to_string(_string: str) -> str:
-    """String '0D 0A 25 25 45 4F 46 0D 0A' becomes '\r\n%%EOF\r\n'"""
+    r"""String '0D 0A 25 25 45 4F 46 0D 0A' becomes '\r\n%%EOF\r\n'"""
     return bytearray.fromhex(_string.replace(' ', '')).decode()
 
 

yaralyzer/output/decoding_attempts_table.py

@@ -1,14 +1,20 @@
 """
-Methods to build the rich.table used to display decoding attempts of a given bytes array.
+Methods to build the `rich.table` used to display decoding attempts of a given bytes array.
 
-Final output should be rich.table of decoding attempts that are sorted like this:
+Final output should be a `rich.table` of decoding attempts that are sorted like this:
 
     1. String representation of undecoded bytes is always the first row
-    2. Encodings which chardet.detect() ranked as > 0% likelihood are sorted based on that confidence
+
+    2. Encodings which `chardet.detect()` ranked as > 0% likelihood are sorted based on that confidence
+
     3. Then the unchardetectable:
+
         1. Decodings that were successful, unforced, and new
-        2. Decodings that 'successful' but forced
+
+        2. Decodings that were "successful" but forced
+
         3. Decodings that were the same as other decodings
+
         4. Failed decodings
 """
 from collections import namedtuple
@@ -45,7 +51,7 @@ RAW_BYTES = Text('Raw', style=f"bytes")
 
 
 def new_decoding_attempts_table(bytes_match: BytesMatch) -> Table:
-    """Build a new rich Table with two rows, the raw and hex views of the bytes_match data."""
+    """Build a new rich `Table` with two rows, the raw and hex views of the `bytes_match` data."""
     table = Table(show_lines=True, border_style='bytes', header_style='decode.table_header')
 
     def add_col(title, **kwargs):
@@ -65,7 +71,18 @@ def new_decoding_attempts_table(bytes_match: BytesMatch) -> Table:
 
 
 def decoding_table_row(assessment: EncodingAssessment, is_forced: Text, txt: Text, score: float) -> DecodingTableRow:
-    """Build a table row for a decoding attempt."""
+    """
+    Build a table row for a decoding attempt.
+
+    Args:
+        assessment (EncodingAssessment): The `chardet` assessment for the encoding used.
+        is_forced (Text): Text indicating if the decode was forced.
+        txt (Text): The decoded string as a rich `Text` object (with highlighting).
+        score (float): The score to use for sorting this row in the table.
+
+    Returns:
+        DecodingTableRow: The constructed table row named tuple.
+    """
     return DecodingTableRow(
         assessment.encoding_label,
         assessment.confidence_text,
@@ -78,13 +95,30 @@ def decoding_table_row(assessment: EncodingAssessment, is_forced: Text, txt: Tex
     )
 
 
-def assessment_only_row(assessment: EncodingAssessment, score) -> DecodingTableRow:
-    """Build a row with just chardet assessment confidence data and no actual decoding attempt string."""
+def assessment_only_row(assessment: EncodingAssessment, score: float) -> DecodingTableRow:
+    """
+    Build a `DecodingTableRow` with just `chardet` assessment confidence data and no actual decoding attempt string.
+
+    Args:
+        assessment (EncodingAssessment): The `chardet` assessment for the encoding used.
+        score (float): The score to use for sorting this row within the table.
+
+    Returns:
+        DecodingTableRow: The constructed table row named tuple with no decoding attempt string.
+    """
     return decoding_table_row(assessment, na_txt(), DECODE_NOT_ATTEMPTED_MSG, score)
 
 
 def _hex_preview_subtable(bytes_match: BytesMatch) -> Table:
-    """Build a sub table for hex view (hex on one side, ascii on the other side)."""
+    """
+    Build a sub `Table` for hex view row (hex on one side, ascii on the other side).
+
+    Args:
+        bytes_match (BytesMatch): The `BytesMatch` object containing the bytes to display.
+
+    Returns:
+        Table: A `rich.table` with hex and ascii views of the bytes.
+    """
     hex_table = Table(
         'hex',
         'ascii',

yaralyzer/output/file_export.py

@@ -1,7 +1,10 @@
+"""
+Functions to export Yaralyzer results to various file formats.
+"""
 import json
 import time
 from os import path
-from typing import Optional
+from typing import Callable, Optional
 
 from rich.terminal_theme import TerminalTheme
 
@@ -51,7 +54,16 @@ _EXPORT_KWARGS = {
 
 
 def export_json(yaralyzer: Yaralyzer, output_basepath: Optional[str]) -> str:
-    """Export YARA scan results to JSON. Returns the path to the output file that was written."""
+    """
+    Export YARA scan results to JSON.
+
+    Args:
+        yaralyzer (Yaralyzer): The `Yaralyzer` object containing the results to export.
+        output_basepath (Optional[str]): Base path to write output to. Should have no file extension.
+
+    Returns:
+        str: Path data was exported to.
+    """
     output_path = f"{output_basepath or 'yara_matches'}.json"
 
     matches_data = [
@@ -66,11 +78,16 @@ def export_json(yaralyzer: Yaralyzer, output_basepath: Optional[str]) -> str:
     return output_path
 
 
-def invoke_rich_export(export_method, output_file_basepath) -> str:
+def invoke_rich_export(export_method: Callable, output_file_basepath: str) -> str:
     """
-    Announce the export, perform the export, announce completion.
-    export_method is a Rich.console.save_blah() method, output_file_path is file path w/no extname.
-    Returns the path to path data was exported to.
+    Announce the export, perform the export, and announce completion.
+
+    Args:
+        export_method (Callable): Usually a `Rich.console.save_whatever()` method
+        output_file_basepath (str): Path to write output to. Should have no file extension.
+
+    Returns:
+        str: Path data was exported to.
     """
     method_name = export_method.__name__
     extname = 'txt' if method_name == 'save_text' else method_name.split('_')[-1]