From 30fb4751f6764d9d72aa3e20d39e88412a5617da Mon Sep 17 00:00:00 2001 From: Mike Hunhoff Date: Fri, 6 Jun 2025 12:02:06 -0600 Subject: [PATCH] fix build issues discovered during and after v9.2.0 release (#2684) * ci: downgrade Ubuntu version to accommodate older GLIBC versions * ci: upgrade Windows version to avoid deprecation * ci: exclude pkg_resources from PyInstaller build * update CHANGELOG * update spec file * ci: check if build runs without warnings or errors * update CHANGELOG * update build commands * update build commands * update build commands * update build commands * update build commands --- .github/pyinstaller/pyinstaller.spec | 3 +++ .github/workflows/build.yml | 34 +++++++++++++++++++++++----- .github/workflows/tests.yml | 20 ++++++++-------- CHANGELOG.md | 5 ++++ 4 files changed, 46 insertions(+), 16 deletions(-) diff --git a/.github/pyinstaller/pyinstaller.spec b/.github/pyinstaller/pyinstaller.spec index c2cbeb9b..e546ce1a 100644 --- a/.github/pyinstaller/pyinstaller.spec +++ b/.github/pyinstaller/pyinstaller.spec @@ -74,6 +74,9 @@ a = Analysis( # only be installed locally. "binaryninja", "ida", + # remove once https://github.com/mandiant/capa/issues/2681 has + # been addressed by PyInstaller + "pkg_resources", ], ) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 834a25fe..05a7bf27 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,16 +22,16 @@ jobs: fail-fast: true matrix: include: - - os: ubuntu-24.04 + - os: ubuntu-22.04 # use old linux so that the shared library versioning is more portable artifact_name: capa asset_name: linux python_version: '3.10' - - os: ubuntu-24.04 + - os: ubuntu-22.04 artifact_name: capa asset_name: linux-py312 python_version: '3.12' - - os: windows-2019 + - os: windows-2022 artifact_name: capa.exe asset_name: windows python_version: '3.10' @@ -49,7 +49,7 @@ jobs: uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: ${{ matrix.python_version }} - - if: matrix.os == 'ubuntu-24.04' + - if: matrix.os == 'ubuntu-22.04' run: sudo apt-get install -y libyaml-dev - name: Upgrade pip, setuptools run: python -m pip install --upgrade pip setuptools @@ -59,6 +59,28 @@ jobs: pip install -e .[build] - name: Build standalone executable run: pyinstaller --log-level DEBUG .github/pyinstaller/pyinstaller.spec + - name: Does it run without warnings or errors? + shell: bash + run: | + if [[ "${{ matrix.os }}" == "windows-2022" ]]; then + EXECUTABLE=".\\dist\\capa" + else + EXECUTABLE="./dist/capa" + fi + + output=$(${EXECUTABLE} --version 2>&1) + exit_code=$? + + echo "${output}" + echo "${exit_code}" + + if echo "${output}" | grep -iE 'error|warning'; then + exit 1 + fi + + if [[ "${exit_code}" -ne 0 ]]; then + exit 1 + fi - name: Does it run (PE)? run: dist/capa -d "tests/data/Practical Malware Analysis Lab 01-01.dll_" - name: Does it run (Shellcode)? @@ -82,10 +104,10 @@ jobs: matrix: include: # OSs not already tested above - - os: ubuntu-24.04 + - os: ubuntu-22.04 artifact_name: capa asset_name: linux - - os: ubuntu-24.04 + - os: ubuntu-22.04 artifact_name: capa asset_name: linux-py312 - os: windows-2022 diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index d15c2553..c0bf6b5f 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -26,7 +26,7 @@ env: jobs: changelog_format: - runs-on: ubuntu-24.04 + runs-on: ubuntu-22.04 steps: - name: Checkout capa uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -37,7 +37,7 @@ jobs: if [ $number != 1 ]; then exit 1; fi code_style: - runs-on: ubuntu-24.04 + runs-on: ubuntu-22.04 steps: - name: Checkout capa uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -64,7 +64,7 @@ jobs: run: pre-commit run deptry --hook-stage manual rule_linter: - runs-on: ubuntu-24.04 + runs-on: ubuntu-22.04 steps: - name: Checkout capa with submodules uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -88,16 +88,16 @@ jobs: strategy: fail-fast: false matrix: - os: [ubuntu-24.04, windows-2019, macos-13] + os: [ubuntu-22.04, windows-2022, macos-13] # across all operating systems python-version: ["3.10", "3.11"] include: # on Ubuntu run these as well - - os: ubuntu-24.04 + - os: ubuntu-22.04 python-version: "3.10" - - os: ubuntu-24.04 + - os: ubuntu-22.04 python-version: "3.11" - - os: ubuntu-24.04 + - os: ubuntu-22.04 python-version: "3.12" steps: - name: Checkout capa with submodules @@ -109,7 +109,7 @@ jobs: with: python-version: ${{ matrix.python-version }} - name: Install pyyaml - if: matrix.os == 'ubuntu-24.04' + if: matrix.os == 'ubuntu-22.04' run: sudo apt-get install -y libyaml-dev - name: Install capa run: | @@ -126,7 +126,7 @@ jobs: name: Binary Ninja tests for ${{ matrix.python-version }} env: BN_SERIAL: ${{ secrets.BN_SERIAL }} - runs-on: ubuntu-24.04 + runs-on: ubuntu-22.04 needs: [tests] strategy: fail-fast: false @@ -168,7 +168,7 @@ jobs: ghidra-tests: name: Ghidra tests for ${{ matrix.python-version }} - runs-on: ubuntu-24.04 + runs-on: ubuntu-22.04 needs: [tests] strategy: fail-fast: false diff --git a/CHANGELOG.md b/CHANGELOG.md index d15d342c..9fb0dc16 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,11 @@ ### Development +- ci: exclude pkg_resources from PyInstaller build @mike-hunhoff #2684 +- ci: upgrade Windows version to avoid deprecation @mike-hunhoff #2684 +- ci: downgrade Ubuntu version to accommodate older GLIBC versions @mike-hunhoff #2684 +- ci: check if build runs without warnings or errors @mike-hunhoff #2684 + ### Raw diffs - [capa v9.2.0...master](https://github.com/mandiant/capa/compare/v9.2.0...master) - [capa-rules v9.2.0...master](https://github.com/mandiant/capa-rules/compare/v9.2.0...master)