Upgrades + change to GetDefinitionByAlias

.github/dependabot.yml

@@ -0,0 +1,11 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  - package-ecosystem: "" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "monthly"

.github/workflows/fastir.yml

@@ -30,19 +30,18 @@ jobs:
           draft: false
   build:
     runs-on: ${{ matrix.os }}
-    needs: release
     strategy:
       matrix:
         os: [windows-2019]
-        python-version: ['3.10']
+        python-version: ['3.11']
         arch: [x86, x64]
         include:
           - os: ubuntu-latest
             arch: x64
-            python-version: '3.10'
+            python-version: '3.11'
           - os: macos-latest
             arch: x64
-            python-version: '3.10'
+            python-version: '3.11'
     steps:
       - name: Use FastIR repository
         uses: actions/checkout@v3
@@ -66,10 +65,16 @@ jobs:
         run: |
           python -m pytest --cov-report xml --cov fastir tests
           pyinstaller fastir_artifacts.spec
-      - name: run tests on build
+      - name: run tests & zip
         run: |
           python -m pytest integration_tests
           python -m zipfile -c FastIR-Artifacts-${{ runner.os }}-${{ matrix.arch }}.zip dist/fastir_artifacts
+      - name: Archive build results
+        uses: actions/upload-artifact@v3
+        if: github.event_name == 'push' && !contains(github.ref, 'master')
+        with:
+          name: FastIR-Artifacts-${{ runner.os }}-${{ matrix.arch }}
+          path: FastIR-Artifacts-${{ runner.os }}-${{ matrix.arch }}.zip
       - name: Upload asset
         uses: AButler/upload-release-assets@v2.0
         if: github.ref == 'refs/heads/master' && github.event_name == 'push'

Pipfile

@@ -0,0 +1,21 @@
+[[source]]
+url = "https://pypi.org/simple"
+verify_ssl = true
+name = "pypi"
+
+[packages]
+artifacts = "==20230928"
+configargparse = "==1.7"
+pywin32 = {version= "==306", sys_platform = "== 'win32'"}
+pyyaml = "==6.0.1"
+pytsk3 = "==20231007"
+pyinstaller = "==6.1.0"
+psutil = "==5.9.6"
+jsonlines = "==4.0.0"
+filetype = "==1.2.0"
+pefile = "==2023.2.7"
+
+[dev-packages]
+
+[requires]
+python_version = "3.11"

fastir/common/filesystem.py

@@ -94,7 +94,6 @@ def __init__(self, manager, device, path):
 
         # Cache parsed entries for better performances
         self._entries_cache = {}
-        self._entries_cache_last = []
 
         # Open drive
         img_info = pytsk3.Img_Info(self._device)
@@ -135,18 +134,20 @@ def list_directory(self, path_object):
             return self._entries_cache[path_object.path]
         else:
             # Make sure we do not keep more than 10 000 entries in the cache
-            if len(self._entries_cache_last) >= 10000:
-                first = self._entries_cache_last.pop(0)
-                del self._entries_cache[first]
+            if len(self._entries_cache) >= 10000:
+                self._entries_cache.pop(next(iter(self._entries_cache)))
 
             entries = []
             directory = path_object.obj
 
             if not isinstance(directory, pytsk3.Directory):
                 if not self.is_directory(path_object):
                     return
-
-                directory = path_object.obj.as_directory()
+                try:
+                    directory = path_object.obj.as_directory()
+                except Exception as err:
+                    logger.error(f"Error collecting '{str(path_object.path)}': {err}")
+                    return
 
             for entry in directory:
                 if (
@@ -174,7 +175,6 @@ def list_directory(self, path_object):
                     entries.append(entry_path_object)
 
             self._entries_cache[path_object.path] = entries
-            self._entries_cache_last.append(entries)
 
             return entries
 

fastir/common/variables.py

@@ -57,6 +57,6 @@ def substitute(self, value):
 
             if not values:
                 logger.warning(f"Value '{value}' contains unsupported variables")
-                values.add(value)
+                # values.add(value)
 
         return values

fastir_artifacts.py

@@ -47,7 +47,7 @@ def resolve_artifact_groups(registry, artifact_names):
         resolved_names = set()
 
         for artifact in artifact_names:
-            definition = registry.GetDefinitionByName(artifact)
+            definition = registry.GetDefinitionByAlias(artifact)
 
             if definition:
                 resolved_names.add(artifact)

requirements-test.txt

@@ -1,2 +1,2 @@
-pytest==7.1.0
-pytest-cov==3.0.0
+pytest==7.4.2
+pytest-cov==4.1.0

requirements.txt

@@ -1,10 +1,10 @@
-git+https://github.com/ForensicArtifacts/artifacts.git@6b4753931aeb55f97a1838bdf582e4100ac2b3ee#egg=artifacts
-ConfigArgParse==1.5.3
-pypiwin32==223 ; sys_platform == 'win32'
-PyYAML==6.0
-pytsk3==20211111
-PyInstaller==4.10
-psutil==5.9.0
-jsonlines==3.0.0
-filetype==1.0.10
-pefile==2021.9.3
+artifacts==20230928
+ConfigArgParse==1.7
+pywin32==306; platform_system=='Windows'
+PyYAML==6.0.1
+pytsk3==20231007
+PyInstaller==6.1.0
+psutil==5.9.6
+jsonlines==4.0.0
+filetype==1.2.0
+pefile==2023.2.7