Merge pull request #537 from Ana06/master-py2-1_6_3

- Add v1.6.3 to changelog
- Remove capa rules from v1.6.2 (there were no changes). I'll remove the
tag in capa-rules once this is merged.
- Remove master (unreleased) section. This only makes sense in master
and we are only using this branch for backporting bug fixes.

.github/workflows/build.yml

@@ -26,10 +26,10 @@ jobs:
         uses: actions/checkout@v2
         with:
           submodules: true
-      - name: Set up Python 3.9
+      - name: Set up Python 3.8
         uses: actions/setup-python@v2
         with:
-          python-version: 3.9
+          python-version: 3.8
       - if: matrix.os == 'ubuntu-16.04'
         run: sudo apt-get install -y libyaml-dev
       - name: Install PyInstaller

.github/workflows/tests.yml

@@ -2,9 +2,9 @@ name: CI
 
 on:
   push:
-    branches: [ master ]
+    branches: [ master, master-py2 ]
   pull_request:
-    branches: [ master ]
+    branches: [ master, master-py2 ]
 
 jobs:
   code_style:
@@ -17,7 +17,7 @@ jobs:
       with:
         python-version: 3.8
     - name: Install dependencies
-      run: pip install 'isort==5.*' black
+      run: pip install -e .[dev]
     - name: Lint with isort
       run: isort --profile black --length-sort --line-width 120 -c .
     - name: Lint with black
@@ -34,7 +34,6 @@ jobs:
       uses: actions/setup-python@v2
       with:
         python-version: 3.8
-    # We don't need vivisect, so we can install capa using Python3
     - name: Install capa
       run: pip install -e .
     - name: Run rule linter

CHANGELOG.md

@@ -1,20 +1,29 @@
 # Change Log
 
-## master (unreleased)
+## v1.6.3 (2021-04-29)
 
-### New Features
+This release adds IDA 7.6 support to capa.
-
-### New Rules
-
-### Bug Fixes
 
 ### Changes
 
-### Development
+- IDA 7.6 support @williballenthin @Ana06
 
 ### Raw diffs
-- [capa v1.6.1...master](https://github.com/fireeye/capa/compare/v1.6.1...master)
+
-- [capa-rules v1.6.1...master](https://github.com/fireeye/capa-rules/compare/v1.6.1...master)
+  - [capa v1.6.2...v1.6.3](https://github.com/fireeye/capa/compare/v1.6.2...v1.6.3)
+
+
+## v1.6.2 (2021-04-13)
+
+This release backports a fix to capa 1.6: The Windows binary was built with Python 3.9 which doesn't support Windows 7.
+
+### Bug Fixes
+
+- build: use Python 3.8 for PyInstaller to support consistently running across multiple operating systems including Windows 7 @mr-tz @Ana06
+
+### Raw diffs
+
+  - [capa v1.6.1...v1.6.2](https://github.com/fireeye/capa/compare/v1.6.1...v1.6.2)
 
 
 ## v1.6.1 (2021-04-07)

capa/ida/helpers/__init__.py

@@ -24,6 +24,7 @@ SUPPORTED_IDA_VERSIONS = [
     "7.3",
     "7.4",
     "7.5",
+    "7.6",
 ]
 
 # file type names as returned by idaapi.get_file_type_name()

capa/ida/plugin/README.md

@@ -34,12 +34,29 @@ For more information on the FLARE team's open-source framework, capa, check out
 
 ### Requirements
 
-capa explorer supports the following IDA setups:
+capa explorer supports Python 2.7 and 3.6+ and the following IDA Pro versions:
 
-* IDA Pro 7.4+ with Python 2.7 or Python 3.
+* IDA 7.4
+* IDA 7.5
+* IDA 7.6 (caveat below)
 
 If you encounter issues with your specific setup, please open a new [Issue](https://github.com/fireeye/capa/issues).
 
+#### IDA 7.6 caveat: IDA 7.6sp1 or patch required
+
+As described [here](https://www.hex-rays.com/blog/ida-7-6-empty-qtreeview-qtreewidget/):
+
+> A rather nasty issue evaded our testing and found its way into IDA 7.6: using the PyQt5 modules that are shipped with IDA, QTreeView (or QTreeWidget) instances will always fail to display contents.
+
+Therefore, in order to use capa under IDA 7.6 you need the [Service Pack 1 for IDA 7.6](https://www.hex-rays.com/products/ida/news/7_6sp1). Alternatively, you can download and install the fix corresponding to your IDA installation, replacing the original QtWidgets DLL with the one contained in the .zip file (links to Hex-Rays):
+
+
+  - Windows: [pyqt5_qtwidgets_win](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_win.zip)
+  - Linux: [pyqt5_qtwidgets_linux](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_linux.zip)
+  - MacOS (Intel): [pyqt5_qtwidgets_mac_x64](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_mac_x64.zip)
+  - MacOS (AppleSilicon): [pyqt5_qtwidgets_mac_arm](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_mac_arm.zip)
+
+
 ### Supported File Types
 
 capa explorer is limited to the file types supported by capa, which include:

capa/version.py

@@ -1 +1 @@
-__version__ = "1.6.1"
+__version__ = "1.6.3"

setup.py

@@ -83,7 +83,7 @@ setuptools.setup(
             "pytest-cov==2.11.1",
             "pycodestyle==2.7.0",
             "black==20.8b1 ; python_version>'3.0'",
-            "isort==4.3.21",  # TODO: Change to 5.8.0 when removing py2
+            "isort==5.8.0 ; python_version>'3.0'",
         ]
     },
     zip_safe=False,