Skip to content

v7.0.0-beta

Pre-release
Pre-release
Compare
Choose a tag to compare
@mr-tz mr-tz released this 24 Jan 13:59
· 783 commits to master since this release
85e1495

This is the beta release of capa v7.0 which was mainly worked on during the Google Summer of Code (GSoC) 2023. A huge
shoutout to @colton-gabertan and @yelhamer for their amazing work.

Also a big thanks to the other contributors: @aaronatp, @Aayush-Goel-04, @bkojusner, @doomedraven, @ruppde, and @xusheng6.

New Features

Breaking Changes

  • remove the SCOPE_* constants in favor of the Scope enum #1764 @williballenthin
  • protobuf: deprecate RuleMetadata.scope in favor of RuleMetadata.scopes @williballenthin
  • protobuf: deprecate Metadata.analysis in favor of Metadata.analysis2 that is dynamic analysis aware @williballenthin
  • update freeze format to v3, adding support for dynamic analysis @williballenthin
  • extractor: ignore DLL name for api features #1815 @mr-tz

New Rules (41)

Bug Fixes

Development

Developer Notes

With this new release, many classes and concepts have been split up into static (mostly identical to the
prior implementations) and dynamic ones. For example, the legacy FeatureExtractor class has been renamed to
StaticFeatureExtractor and the DynamicFeatureExtractor has been added.

Starting from version 7.0, we have moved the component responsible for feature extractor from main to a new
capabilities' module. Now, users wishing to utilize capa’s feature extraction abilities should use that module instead
of importing the relevant logic from the main file.

For sandbox-based feature extractors, we are using Pydantic models. Contributions of more models for other sandboxes
are very welcome!

Raw diffs