git: dd7ef094cbf4 - main - security/py-plaso: update to 20240826

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Antoine Brodin <antoine_at_FreeBSD.org>
Date: Tue, 18 Feb 2025 10:13:43 UTC
The branch main has been updated by antoine:

URL: https://cgit.FreeBSD.org/ports/commit/?id=dd7ef094cbf439f7af5c44c9fbc07c0af649acd8

commit dd7ef094cbf439f7af5c44c9fbc07c0af649acd8
Author:     Antoine Brodin <antoine@FreeBSD.org>
AuthorDate: 2025-02-18 10:13:10 +0000
Commit:     Antoine Brodin <antoine@FreeBSD.org>
CommitDate: 2025-02-18 10:13:10 +0000

    security/py-plaso: update to 20240826
---
 security/py-plaso/Makefile                         | 21 +++-------
 security/py-plaso/distinfo                         |  6 +--
 .../files/patch-plaso_output_winevt__rc.py         | 47 ++++++++++++++++++++++
 .../py-plaso/files/patch-plaso_parsers_sqlite.py   | 13 ++++++
 ...patch-plaso_parsers_sqlite__plugins_imessage.py | 11 +++++
 ...so_parsers_sqlite__plugins_windows__timeline.py | 16 ++++++++
 .../patch-tests_storage_sqlite_sqlite__file.py     | 18 +++++++++
 7 files changed, 114 insertions(+), 18 deletions(-)

diff --git a/security/py-plaso/Makefile b/security/py-plaso/Makefile
index 78c0b58a819c..fe4c2d123089 100644
--- a/security/py-plaso/Makefile
+++ b/security/py-plaso/Makefile
@@ -1,6 +1,5 @@
 PORTNAME=	plaso
-PORTVERSION=	20231224
-PORTREVISION=	3
+PORTVERSION=	20240826
 CATEGORIES=	security python
 MASTER_SITES=	https://github.com/log2timeline/plaso/releases/download/${PORTVERSION}/ \
 		LOCAL/antoine
@@ -13,10 +12,13 @@ WWW=		https://github.com/log2timeline/plaso/wiki
 LICENSE=	APACHE20
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
+BUILD_DEPENDS=	${PY_SETUPTOOLS} \
+		${PYTHON_PKGNAMEPREFIX}wheel>=0:devel/py-wheel@${PY_FLAVOR}
 RUN_DEPENDS=	libcaes>=a:security/libcaes \
 		libesedb>=e:devel/libesedb \
 		libevt>=a:devel/libevt \
 		libevtx>=a:devel/libevtx \
+		libfcrypto>=a:security/libfcrypto \
 		libfwsi>=e:devel/libfwsi \
 		liblnk>=0:devel/liblnk \
 		libmsiecf>=a:devel/libmsiecf \
@@ -28,19 +30,18 @@ RUN_DEPENDS=	libcaes>=a:security/libcaes \
 		${PYTHON_PKGNAMEPREFIX}artifacts>=0:security/py-artifacts@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}bencode.py>=0:converters/py-bencode.py@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}certifi>=0:security/py-certifi@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}defusedxml>=0:devel/py-defusedxml@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}dfdatetime>=0:security/py-dfdatetime@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}dfvfs>=0:filesystems/py-dfvfs@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}dfwinreg>=0:security/py-dfwinreg@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}dtfabric>=0:devel/py-dtfabric@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}Flor>=0:textproc/py-flor@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}future>=0:devel/py-future@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}lz4>=0:archivers/py-lz4@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}opensearch-py>=0:textproc/py-opensearch-py@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pefile>=0:devel/py-pefile@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}psutil>=0:sysutils/py-psutil@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pyparsing>=0:devel/py-pyparsing@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}python-dateutil>=0:devel/py-python-dateutil@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pytsk>=0:sysutils/py-pytsk@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pytz>=0:devel/py-pytz@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pyzmq>=0:net/py-pyzmq@${PY_FLAVOR} \
@@ -48,7 +49,6 @@ RUN_DEPENDS=	libcaes>=a:security/libcaes \
 		${PYTHON_PKGNAMEPREFIX}requests>=0:www/py-requests@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}six>=0:devel/py-six@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}sqlite3>=0:databases/py-sqlite3@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}urllib3>=0:net/py-urllib3@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}xattr>=0:devel/py-xattr@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}XlsxWriter>=0:textproc/py-xlsxwriter@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pyyaml>=0:devel/py-pyyaml@${PY_FLAVOR} \
@@ -59,7 +59,7 @@ TEST_DEPENDS=	${PYTHON_PKGNAMEPREFIX}fakeredis>=0:databases/py-fakeredis@${PY_FL
 
 USES=		python
 USE_LOCALE=	en_US.UTF-8
-USE_PYTHON=	autoplist concurrent cryptography distutils
+USE_PYTHON=	autoplist concurrent cryptography pep517
 # Upstream archive contains files with UTF-8 names
 EXTRACT_CMD=	${SETENV} LANG=${USE_LOCALE} LC_ALL=${USE_LOCALE} ${TAR}
 DO_MAKE_TEST=	${SETENV} ${TEST_ENV} ${PYTHON_CMD}
@@ -67,13 +67,4 @@ TEST_TARGET=	run_tests.py
 
 NO_ARCH=	yes
 
-post-patch:
-	${REINPLACE_CMD} "s|'share', 'artifacts'|'share', '${PYTHON_PKGNAMEPREFIX}artifacts'|" \
-		${WRKSRC}/plaso/cli/helpers/artifact_definitions.py
-	${REINPLACE_CMD} "s|'share', 'plaso'|'share', '${PYTHON_PKGNAMEPREFIX}plaso'|" \
-		${WRKSRC}/plaso/cli/helpers/data_location.py
-	${REINPLACE_CMD} "s|share/plaso|${DATADIR_REL}|" \
-		${WRKSRC}/setup.py
-	${REINPLACE_CMD} "/cffi/d" ${WRKSRC}/requirements.txt
-
 .include <bsd.port.mk>
diff --git a/security/py-plaso/distinfo b/security/py-plaso/distinfo
index a2cd2b3a9e7c..89e97705d81c 100644
--- a/security/py-plaso/distinfo
+++ b/security/py-plaso/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1707838875
-SHA256 (plaso-20231224.tar.gz) = af106a449746830632affc578e2f80439ae7c4220f17e4a39630e8c9879ba8bf
-SIZE (plaso-20231224.tar.gz) = 195666335
+TIMESTAMP = 1739801390
+SHA256 (plaso-20240826.tar.gz) = 4ac3a65cf31b87e507edc4c4d628a693703a6f1b933553da2fbe402a2250ef30
+SIZE (plaso-20240826.tar.gz) = 196604839
diff --git a/security/py-plaso/files/patch-plaso_output_winevt__rc.py b/security/py-plaso/files/patch-plaso_output_winevt__rc.py
new file mode 100644
index 000000000000..8513d7181c47
--- /dev/null
+++ b/security/py-plaso/files/patch-plaso_output_winevt__rc.py
@@ -0,0 +1,47 @@
+--- plaso/output/winevt_rc.py.orig	2024-06-08 09:38:22 UTC
++++ plaso/output/winevt_rc.py
+@@ -16,7 +16,7 @@ class Sqlite3DatabaseFile(object):
+ 
+   _HAS_TABLE_QUERY = (
+       'SELECT name FROM sqlite_master '
+-      'WHERE type = "table" AND name = "{0:s}"')
++      'WHERE type = \'table\' AND name = \'{0:s}\'')
+ 
+   def __init__(self):
+     """Initializes the database file object."""
+@@ -166,7 +166,7 @@ class WinevtResourcesSqlite3DatabaseReader(object):
+     """
+     table_names = ['event_log_providers']
+     column_names = ['event_log_provider_key']
+-    condition = f'log_source == "{log_source:s}"'
++    condition = f'log_source == \'{log_source:s}\''
+ 
+     values_list = list(self._database_file.GetValues(
+         table_names, column_names, condition))
+@@ -202,7 +202,7 @@ class WinevtResourcesSqlite3DatabaseReader(object):
+       return None
+ 
+     column_names = ['message_string']
+-    condition = f'message_identifier == "0x{message_identifier:08x}"'
++    condition = f'message_identifier == \'0x{message_identifier:08x}\''
+ 
+     values = list(self._database_file.GetValues(
+         [table_name], column_names, condition))
+@@ -290,7 +290,7 @@ class WinevtResourcesSqlite3DatabaseReader(object):
+       return None
+ 
+     column_names = ['value']
+-    condition = f'name == "{attribute_name:s}"'
++    condition = f'name == \'{attribute_name:s}\''
+ 
+     values = list(self._database_file.GetValues(
+         [table_name], column_names, condition))
+@@ -485,7 +485,7 @@ class WinevtResourcesHelper(object):
+         'windows_wevt_template_event'):
+       # TODO: add message_file_identifiers to filter_expression
+       filter_expression = (
+-          f'provider_identifier == "{provider_identifier:s}" and '
++          f'provider_identifier == \'{provider_identifier:s}\' and '
+           f'identifier == {message_identifier:d}')
+       if event_version is not None:
+         filter_expression = (
diff --git a/security/py-plaso/files/patch-plaso_parsers_sqlite.py b/security/py-plaso/files/patch-plaso_parsers_sqlite.py
new file mode 100644
index 000000000000..617764ff23a8
--- /dev/null
+++ b/security/py-plaso/files/patch-plaso_parsers_sqlite.py
@@ -0,0 +1,13 @@
+--- plaso/parsers/sqlite.py.orig	2024-06-08 09:38:22 UTC
++++ plaso/parsers/sqlite.py
+@@ -118,8 +118,8 @@ class SQLiteDatabase(object):
+   SCHEMA_QUERY = (
+       'SELECT tbl_name, sql '
+       'FROM sqlite_master '
+-      'WHERE type = "table" AND tbl_name != "xp_proc" '
+-      'AND tbl_name != "sqlite_sequence"')
++      'WHERE type = \'table\' AND tbl_name != \'xp_proc\' '
++      'AND tbl_name != \'sqlite_sequence\'')
+ 
+   def __init__(self, filename, temporary_directory=None):
+     """Initializes a SQLite database.
diff --git a/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_imessage.py b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_imessage.py
new file mode 100644
index 000000000000..7e11a5b021d3
--- /dev/null
+++ b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_imessage.py
@@ -0,0 +1,11 @@
+--- plaso/parsers/sqlite_plugins/imessage.py.orig	2024-06-08 09:38:22 UTC
++++ plaso/parsers/sqlite_plugins/imessage.py
+@@ -81,7 +81,7 @@ class IMessagePlugin(interface.SQLitePlugin):
+ 
+   _CLIENT_VERSION_QUERY = (
+       'SELECT key, value FROM _SqliteDatabaseProperties '
+-      'WHERE key = "_ClientVersion"')
++      'WHERE key = \'_ClientVersion\'')
+ 
+   def _GetClientVersion(self, cache, database):
+     """Retrieves the client version.
diff --git a/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_windows__timeline.py b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_windows__timeline.py
new file mode 100644
index 000000000000..19263bebcf9b
--- /dev/null
+++ b/security/py-plaso/files/patch-plaso_parsers_sqlite__plugins_windows__timeline.py
@@ -0,0 +1,16 @@
+--- plaso/parsers/sqlite_plugins/windows_timeline.py.orig	2024-06-08 09:38:22 UTC
++++ plaso/parsers/sqlite_plugins/windows_timeline.py
+@@ -89,10 +89,10 @@ class WindowsTimelinePlugin(interface.SQLitePlugin):
+   QUERIES = [
+       (('SELECT StartTime, Payload, PackageName FROM Activity '
+         'INNER JOIN Activity_PackageId ON Activity.Id = '
+-        'Activity_PackageId.ActivityId WHERE instr(Payload, "UserEngaged") > 0'
+-        ' AND Platform = "packageid"'), 'ParseUserEngagedRow'),
++        'Activity_PackageId.ActivityId WHERE instr(Payload, \'UserEngaged\') > 0'
++        ' AND Platform = \'packageid\''), 'ParseUserEngagedRow'),
+       (('SELECT StartTime, Payload, AppId FROM Activity '
+-        'WHERE instr(Payload, "UserEngaged") = 0'), 'ParseGenericRow')]
++        'WHERE instr(Payload, \'UserEngaged\') = 0'), 'ParseGenericRow')]
+ 
+   SCHEMAS = [{
+       'Activity': (
diff --git a/security/py-plaso/files/patch-tests_storage_sqlite_sqlite__file.py b/security/py-plaso/files/patch-tests_storage_sqlite_sqlite__file.py
new file mode 100644
index 000000000000..96cf800956fc
--- /dev/null
+++ b/security/py-plaso/files/patch-tests_storage_sqlite_sqlite__file.py
@@ -0,0 +1,18 @@
+--- tests/storage/sqlite/sqlite_file.py.orig	2024-06-08 09:38:23 UTC
++++ tests/storage/sqlite/sqlite_file.py
+@@ -136,13 +136,13 @@ class SQLiteStorageFileTest(test_lib.StorageTestCase):
+             event_data_stream.CONTAINER_TYPE, column_names=column_names))
+         self.assertEqual(len(containers), 1)
+ 
+-        filter_expression = 'md5_hash == "8f0bf95a7959baad9666b21a7feed79d"'
++        filter_expression = 'md5_hash == \'8f0bf95a7959baad9666b21a7feed79d\''
+         containers = list(test_store._GetAttributeContainersWithFilter(
+             event_data_stream.CONTAINER_TYPE, column_names=column_names,
+             filter_expression=filter_expression))
+         self.assertEqual(len(containers), 1)
+ 
+-        filter_expression = 'md5_hash != "8f0bf95a7959baad9666b21a7feed79d"'
++        filter_expression = 'md5_hash != \'8f0bf95a7959baad9666b21a7feed79d\''
+         containers = list(test_store._GetAttributeContainersWithFilter(
+             event_data_stream.CONTAINER_TYPE, column_names=column_names,
+             filter_expression=filter_expression))