You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Would it make sense for plyara to handle this by checking if a ruleset only has includes, and then following the include files and loading them all as rulesets in the raw_input ?
Currently you'd have to load each ruleset individually from your code into plyara
(could traverse directory of files in python, but it may make more sense to use the feature of the language to do this)
p.s. Thanks for the work being done on this, I've been looking at the code and realised recently this is pretty much the only Python library of its kind
The text was updated successfully, but these errors were encountered:
This is doable. I am including this as a feature for the 3.0.0 release that I'm working on currently. I think the best way to implement this is actually to have a utility. I'm building the new version nearly from scratch. The idea is to follow closely the best practices for building a compiler. Therefore, there will be a data model object at the end of a parsing session.
To implement this enhancement properly, there will be a utility that is given the path to a YARA file. From the path, it will walk the file system and replace all includes failing if something is missing.
Does this sound like it would work for your use case?
It's common for yara ruleset collections to have 'index' rule files so one file can be referenced to load all the rulesets (especially useful when compiling programmatically like from yara-python), e.g. https://github.com/Yara-Rules/rules/blob/a1005b743c44e144e3f04cf152d0a8998d9a9811/malware_index.yar
Would it make sense for plyara to handle this by checking if a ruleset only has includes, and then following the include files and loading them all as rulesets in the raw_input ?
Currently you'd have to load each ruleset individually from your code into plyara
(could traverse directory of files in python, but it may make more sense to use the feature of the language to do this)
p.s. Thanks for the work being done on this, I've been looking at the code and realised recently this is pretty much the only Python library of its kind
The text was updated successfully, but these errors were encountered: