From 5c40ff2b087cfa6fcd70d53a11a30a6c1cb8eb0a Mon Sep 17 00:00:00 2001 From: solonovamax Date: Mon, 12 Jun 2023 03:02:23 -0400 Subject: [PATCH 001/114] Huge refactor of buildscript - Store versions in version catalogs - Move any duplicate logic to convention plugins - Refactor modules - Refactor main project -> api subproject - Refactor compose subproject -> gui subproject - Add axion-release plugin for versioning - Add typesafe project accessors for depending on subprojects - Add dokka for documentation generation - Clean up & refactor publishing Signed-off-by: solonovamax --- api/build.gradle.kts | 74 ++++++ .../dev/kosmx/needle/dbGen/Generator.kt | 0 .../dev/kosmx/needle/dbGen/db/Fractureiser.kt | 0 .../dev/kosmx/needle/dbGen/db/README.md | 0 .../dev/kosmx/needle/dbGen/db/Skyrage.kt | 0 .../kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt | 6 +- .../dev/kosmx/needle/dbGen/dsl/SampleDSL.kt | 0 .../dev/kosmx/needle/dbGen/dsl/TypeEntry.kt | 0 .../kotlin/dev/kosmx/needle/CheckWrapper.kt | 2 +- .../main/kotlin/dev/kosmx/needle/CliRun.kt | 0 .../main/kotlin/dev/kosmx/needle/Static.kt | 0 .../dev/kosmx/needle/core/AssetChecker.kt | 0 .../dev/kosmx/needle/core/ClassChecker.kt | 0 .../dev/kosmx/needle/core/InsnComparator.kt | 0 .../dev/kosmx/needle/core/JarCheckMatch.kt | 0 .../dev/kosmx/needle/core/JarCheckResult.kt | 0 .../dev/kosmx/needle/core/JarChecker.kt | 3 +- .../dev/kosmx/needle/database/AssetMatch.kt | 3 +- .../dev/kosmx/needle/database/ClassMatch.kt | 0 .../dev/kosmx/needle/database/FileParser.kt | 3 +- .../kotlin/dev/kosmx/needle/database/Init.kt | 0 .../kotlin/dev/kosmx/needle/database/Match.kt | 0 .../needle/database/MatchFilteredSequence.kt | 0 .../kosmx/needle/database/MatchSequence.kt | 5 +- .../kosmx/needle/database/WildcardMatch.kt | 4 +- .../hardCodedDetectors/HardCodedDetectors.kt | 0 .../needle/launchWrapper/JavaAgentLauncher.kt | 3 +- .../needle/launchWrapper/KnotClientWrapper.kt | 0 .../launchWrapper/ParameterizedWrapper.kt | 0 .../kotlin/dev/kosmx/needle/lib/Matcher.kt | 0 .../src}/main/resources/logging.properties | 0 {src => api/src}/main/resources/url | 0 .../dev/kosmx/jarchecker/lib/MatcherTest.kt | 0 .../dev/kosmx/jarchecker/lib/MkConfig.kt | 0 build.gradle.kts | 163 +------------- buildSrc/build.gradle.kts | 25 ++ buildSrc/settings.gradle.kts | 14 ++ buildSrc/src/main/kotlin/Utilities.kt | 30 +++ .../kotlin/jneedle.compilation.gradle.kts | 43 ++++ .../src/main/kotlin/jneedle.dokka.gradle.kts | 53 +++++ .../main/kotlin/jneedle.publishing.gradle.kts | 94 ++++++++ .../kotlin/jneedle.repositories.gradle.kts | 20 ++ .../src/main/kotlin/jneedle.tasks.gradle.kts | 47 ++++ cli/build.gradle.kts | 77 +++++++ compose/build.gradle.kts | 60 ----- dokka/includes/Core.md | 3 + dokka/includes/Main.md | 3 + dokka/includes/Module.md | 37 +++ gradle/libs.versions.toml | 213 ++++++++++++++++++ gui/build.gradle.kts | 34 +++ .../dev/kosmx/needle/compose/ComposeMain.kt | 0 settings.gradle.kts | 7 +- 52 files changed, 789 insertions(+), 237 deletions(-) create mode 100644 api/build.gradle.kts rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt (100%) rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt (100%) rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/db/README.md (100%) rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt (100%) rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt (94%) rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/SampleDSL.kt (100%) rename {src => api/src}/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/TypeEntry.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/CheckWrapper.kt (98%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/CliRun.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/Static.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/core/JarChecker.kt (98%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt (98%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/FileParser.kt (98%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/Init.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/Match.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt (97%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt (99%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt (98%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt (100%) rename {src => api/src}/main/kotlin/dev/kosmx/needle/lib/Matcher.kt (100%) rename {src => api/src}/main/resources/logging.properties (100%) rename {src => api/src}/main/resources/url (100%) rename {src => api/src}/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt (100%) rename {src => api/src}/test/kotlin/dev/kosmx/jarchecker/lib/MkConfig.kt (100%) create mode 100644 buildSrc/build.gradle.kts create mode 100644 buildSrc/settings.gradle.kts create mode 100644 buildSrc/src/main/kotlin/Utilities.kt create mode 100644 buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts create mode 100644 buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts create mode 100644 buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts create mode 100644 buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts create mode 100644 buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts create mode 100644 cli/build.gradle.kts delete mode 100644 compose/build.gradle.kts create mode 100644 dokka/includes/Core.md create mode 100644 dokka/includes/Main.md create mode 100644 dokka/includes/Module.md create mode 100644 gradle/libs.versions.toml create mode 100644 gui/build.gradle.kts rename {compose => gui}/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt (100%) diff --git a/api/build.gradle.kts b/api/build.gradle.kts new file mode 100644 index 0000000..cef5eaf --- /dev/null +++ b/api/build.gradle.kts @@ -0,0 +1,74 @@ +plugins { + application + + kotlin("jvm") + alias(libs.plugins.kotlin.serialization) + + alias(libs.plugins.shadow) + + jneedle.repositories + jneedle.tasks + jneedle.publishing + jneedle.compilation + jneedle.dokka +} + +val mainClassName = "dev.kosmx.needle.CliRunKt" +ext["mainClass"] = mainClassName +application.mainClass.set(mainClassName) + +sourceSets { + val main by getting + create("dbGen") { + compileClasspath += main.compileClasspath + main.output + runtimeClasspath += main.runtimeClasspath + main.output + } +} + +dependencies { + implementation(libs.kotlin.stdlib) + + implementation(libs.bundles.kotlinx.serialization) + + implementation(libs.bundles.kotlinx.coroutines) + testImplementation(libs.bundles.kotlinx.coroutines.debugging) + + implementation(libs.kotlinx.cli) + + implementation(libs.bundles.asm) + + implementation(libs.cafedude) + + implementation(libs.slf4j) + implementation(libs.slf4k) + implementation(libs.logback) + + testImplementation(kotlin("test")) +} + + +tasks { + withType().configureEach { + manifest { + val javaAgent = "dev.kosmx.needle.launchWrapper.JavaAgentLauncher" + attributes( + "Premain-Class" to javaAgent, + "Agent-Class" to javaAgent, + "Can-Redefine-Classes" to "false", + "Can-Retransform-Classes" to "false", + ) + } + } + + shadowJar { + relocate("kotlin", "dev.kosmx.needle.kotlin") + relocate("kotlinx", "dev.kosmx.needle.kotlinx") + relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") + } + + // TODO: 2023-06-12 buildDb should be a subproject, or possibly a build script thingy + create("buildDb") { + this.mainClass.set("dev.kosmx.needle.dbGen.GeneratorKt") + this.classpath = sourceSets["dbGen"].runtimeClasspath + } +} diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt similarity index 100% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt similarity index 100% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/README.md b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/README.md similarity index 100% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/README.md rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/README.md diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt similarity index 100% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt similarity index 94% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt index e5f3a23..13249b3 100644 --- a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt @@ -9,11 +9,7 @@ import org.objectweb.asm.ClassWriter import org.objectweb.asm.Opcodes import org.objectweb.asm.Opcodes.ACC_PRIVATE import org.objectweb.asm.Opcodes.ACC_STATIC -import org.objectweb.asm.tree.AbstractInsnNode -import org.objectweb.asm.tree.ClassNode -import org.objectweb.asm.tree.InsnNode -import org.objectweb.asm.tree.MethodNode -import org.objectweb.asm.tree.VarInsnNode +import org.objectweb.asm.tree.* import java.nio.file.Path import java.time.Instant import java.util.jar.JarEntry diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/SampleDSL.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/SampleDSL.kt similarity index 100% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/SampleDSL.kt rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/SampleDSL.kt diff --git a/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/TypeEntry.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/TypeEntry.kt similarity index 100% rename from src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/TypeEntry.kt rename to api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/TypeEntry.kt diff --git a/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt similarity index 98% rename from src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt rename to api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt index e374041..74b0b86 100644 --- a/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt @@ -49,7 +49,7 @@ object CheckWrapper { val databasePath: Path get() = System.getProperty("dev.kosmx.jneedle.databasePath")?.let { Path(it) } - ?: Path(System.getProperty("user.home")).resolve(".jneedle") + ?: Path(System.getProperty("user.home")).resolve(".jneedle") // TODO: 2023-06-11 We should use ~/.cache/jneedle instead /** * Run the check for the given jar file. path has to point to a jar file diff --git a/src/main/kotlin/dev/kosmx/needle/CliRun.kt b/api/src/main/kotlin/dev/kosmx/needle/CliRun.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/CliRun.kt rename to api/src/main/kotlin/dev/kosmx/needle/CliRun.kt diff --git a/src/main/kotlin/dev/kosmx/needle/Static.kt b/api/src/main/kotlin/dev/kosmx/needle/Static.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/Static.kt rename to api/src/main/kotlin/dev/kosmx/needle/Static.kt diff --git a/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt rename to api/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt diff --git a/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt rename to api/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt diff --git a/src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt b/api/src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt rename to api/src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt diff --git a/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt rename to api/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt diff --git a/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt rename to api/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt diff --git a/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt similarity index 98% rename from src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt rename to api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt index 688e7ab..7ddadba 100644 --- a/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt @@ -1,6 +1,7 @@ package dev.kosmx.needle.core -import dev.kosmx.needle.* +import dev.kosmx.needle.LogLevel +import dev.kosmx.needle.log import me.coley.cafedude.classfile.ClassFile import me.coley.cafedude.io.ClassFileReader import me.coley.cafedude.io.ClassFileWriter diff --git a/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt similarity index 98% rename from src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt index 1270398..db9bc85 100644 --- a/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt @@ -6,4 +6,5 @@ import java.util.jar.JarEntry interface AssetMatch : Match { fun match(data: Lazy, jarEntry: LocalFileHeader): Boolean -} \ No newline at end of file +} + diff --git a/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt diff --git a/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt similarity index 98% rename from src/main/kotlin/dev/kosmx/needle/database/FileParser.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt index aa2b682..1fae9cf 100644 --- a/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt @@ -1,11 +1,12 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.* +import dev.kosmx.needle.LogLevel import dev.kosmx.needle.core.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.JarCheckResult import dev.kosmx.needle.core.MatchType import dev.kosmx.needle.lib.Word +import dev.kosmx.needle.log import kotlinx.serialization.ExperimentalSerializationApi import kotlinx.serialization.Serializable import kotlinx.serialization.json.Json diff --git a/src/main/kotlin/dev/kosmx/needle/database/Init.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/database/Init.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/Init.kt diff --git a/src/main/kotlin/dev/kosmx/needle/database/Match.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Match.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/database/Match.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/Match.kt diff --git a/src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt diff --git a/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt similarity index 97% rename from src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt index 08cc589..93035e7 100644 --- a/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt @@ -1,12 +1,11 @@ package dev.kosmx.needle.database +import dev.kosmx.needle.core.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.core.InsnComparator import dev.kosmx.needle.lib.Word import dev.kosmx.needle.lib.match import org.objectweb.asm.tree.AbstractInsnNode -import kotlin.reflect.KClass typealias InsnSequence = Word @@ -24,4 +23,4 @@ open class MatchSequence( this(id, Word(instructions, InsnComparator::compare), matchType, matchId = matchId) override fun checkResult(): JarCheckMatch = JarCheckMatch(matchType, id, matchId) -} \ No newline at end of file +} diff --git a/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt similarity index 99% rename from src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt index 05ef838..6bf541e 100644 --- a/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt @@ -1,8 +1,8 @@ package dev.kosmx.needle.database +import dev.kosmx.needle.core.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.core.InsnComparator import dev.kosmx.needle.lib.Word import dev.kosmx.needle.lib.match import org.objectweb.asm.tree.AbstractInsnNode @@ -59,4 +59,4 @@ class WildcardMatch( private fun List.toWord(): Word { return Word(this.toTypedArray(), InsnComparator::compare) -} \ No newline at end of file +} diff --git a/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt b/api/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt rename to api/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt diff --git a/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt b/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt similarity index 98% rename from src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt rename to api/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt index c2bcf16..3b6f064 100644 --- a/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt @@ -5,7 +5,6 @@ import dev.kosmx.needle.LogLevel import dev.kosmx.needle.core.MatchType import dev.kosmx.needle.log import java.lang.instrument.Instrumentation -import kotlin.Exception import kotlin.io.path.Path import kotlin.system.exitProcess import kotlin.time.ExperimentalTime @@ -61,4 +60,4 @@ object JavaAgentLauncher { }.let { println("Malware checking done in ${it.inWholeMilliseconds} ms") } } -} \ No newline at end of file +} diff --git a/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt rename to api/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt diff --git a/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt rename to api/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt diff --git a/src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt b/api/src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt similarity index 100% rename from src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt rename to api/src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt diff --git a/src/main/resources/logging.properties b/api/src/main/resources/logging.properties similarity index 100% rename from src/main/resources/logging.properties rename to api/src/main/resources/logging.properties diff --git a/src/main/resources/url b/api/src/main/resources/url similarity index 100% rename from src/main/resources/url rename to api/src/main/resources/url diff --git a/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt b/api/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt similarity index 100% rename from src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt rename to api/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt diff --git a/src/test/kotlin/dev/kosmx/jarchecker/lib/MkConfig.kt b/api/src/test/kotlin/dev/kosmx/jarchecker/lib/MkConfig.kt similarity index 100% rename from src/test/kotlin/dev/kosmx/jarchecker/lib/MkConfig.kt rename to api/src/test/kotlin/dev/kosmx/jarchecker/lib/MkConfig.kt diff --git a/build.gradle.kts b/build.gradle.kts index 8ea4f96..29a596b 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -1,165 +1,8 @@ plugins { - java - val kotlinVersion = "1.8.20" - kotlin("jvm") version kotlinVersion - kotlin("plugin.serialization") version kotlinVersion - id("com.github.johnrengelman.shadow") version "8.1.1" - `maven-publish` - signing // well, make sure it's me! + alias(libs.plugins.axion.release) } -java.sourceCompatibility = JavaVersion.VERSION_1_8 -java.targetCompatibility = JavaVersion.VERSION_1_8 - -group = "dev.kosmx.needle" -version = project.property("version") as String - allprojects { - repositories { - google() - mavenCentral() - maven("https://jitpack.io") - } -} - -sourceSets { - val main by getting - create("dbGen") { - compileClasspath += main.compileClasspath - runtimeClasspath += main.runtimeClasspath - compileClasspath += main.output - runtimeClasspath += main.output - } -} - -configurations { - val shadowImplement by creating - val implementation by getting - implementation.extendsFrom(shadowImplement) -} - -dependencies { - "shadowImplement"("org.jetbrains.kotlinx:kotlinx-serialization-json:1.5.1") - "shadowImplement"("org.jetbrains.kotlinx:kotlinx-cli:0.3.5") - - "shadowImplement"("org.ow2.asm:asm:${project.property("asm_version")}") - "shadowImplement"("org.ow2.asm:asm-tree:${project.property("asm_version")}") - "shadowImplement"("org.jetbrains.kotlinx:kotlinx-coroutines-core:1.7.1") - - "shadowImplement"("com.github.Col-E:CAFED00D:1.10.2") - "shadowImplement"("org.slf4j:slf4j-jdk14:2.0.7") - - "shadowImplement"(group = "software.coley", name = "lljzip", version = "1.4.0") - //shadow("org.slf4j:slf4j:2.0.7") - - - testImplementation(kotlin("test")) -} - -kotlin { - jvmToolchain(java.targetCompatibility.majorVersion.toInt()) -} - - -tasks { - - test { - useJUnitPlatform() - } - - withType().configureEach { - options.release.set(java.targetCompatibility.majorVersion.toInt()) - } - - java { - withSourcesJar() - withJavadocJar() - } - - jar { - from("LICENSE") { - rename { "${it}_${base.archivesName.get()}" } - } - manifest { - attributes( - "Main-Class" to "dev.kosmx.needle.CliRunKt", - "Premain-Class" to "dev.kosmx.needle.launchWrapper.JavaAgentLauncher", - "Agent-Class" to "dev.kosmx.needle.launchWrapper.JavaAgentLauncher", - "Can-Redefine-Classes" to "false", - "Can-Retransform-Classes" to "false", - ) - } - //archiveClassifier.set("slim") - } - - shadowJar { - configurations = listOf(project.configurations["shadowImplement"]) - archiveClassifier.set("fat") - relocate("kotlin", "dev.kosmx.needle.kotlin") - relocate("kotlinx", "dev.kosmx.needle.kotlinx") - relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") - } - build { - dependsOn(shadowJar) - } - - create("buildDb") { - this.mainClass.set("dev.kosmx.needle.dbGen.GeneratorKt") - this.classpath = sourceSets["dbGen"].runtimeClasspath - } -} - - -publishing { - publications { - create("maven") { - groupId = project.group as String - artifactId = "jneedle" - version = project.version as String - from(components["java"]) - - - pom { - name.set("jNeedle") - description.set("java malware detection tool") - url.set("https://github.com/KosmX/jneedle") - licenses { - license { - name.set("The MIT License (MIT)") - url.set("https://mit-license.org/") - } - } - developers { - developer { - id.set("kosmx") - name.set("KosmX") - email.set("kosmx.mc@gmail.com") - } - } - scm { - connection.set("scm:git:https://github.com/KosmX/jneedle.git") - url.set("https://github.com/KosmX/jneedle") - } - } - } - } - repositories { - maven { - val release = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/") - val snapshot = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/") - url = (if ("SNAPSHOT" in version.toString()) snapshot else release) - authentication { - credentials { - username = "kosmx" // wow! - val passFile = File("maven.pass") - password = if (passFile.isFile) passFile.readText() else "nope" - } - } - } - } -} - -signing { - useGpgCmd() - sign(publishing.publications["maven"]) + group = "dev.kosmx.needle" + version = rootProject.scmVersion.version } diff --git a/buildSrc/build.gradle.kts b/buildSrc/build.gradle.kts new file mode 100644 index 0000000..22c82d2 --- /dev/null +++ b/buildSrc/build.gradle.kts @@ -0,0 +1,25 @@ +plugins { + `kotlin-dsl` + // alias(libs.plugins.kotlin.jvm) +} + +repositories { + maven("https://maven.solo-studios.ca/releases/") + mavenCentral() + // for kotlin-dsl plugin + gradlePluginPortal() +} + +kotlin { + jvmToolchain(8) +} + +dependencies { + implementation(gradlePlugin("org.jetbrains.dokka", libs.versions.kotlin)) + implementation(gradlePlugin("org.jetbrains.kotlin.jvm", libs.versions.kotlin)) + implementation(gradlePlugin("org.ajoberstar.grgit", libs.versions.grgit)) +} + +fun gradlePlugin(id: String, version: Provider): String { + return "$id:$id.gradle.plugin:${version.get()}" +} diff --git a/buildSrc/settings.gradle.kts b/buildSrc/settings.gradle.kts new file mode 100644 index 0000000..8a7e8e5 --- /dev/null +++ b/buildSrc/settings.gradle.kts @@ -0,0 +1,14 @@ +pluginManagement { + repositories { + maven("https://maven.solo-studios.ca/releases/") + gradlePluginPortal() + } +} + +dependencyResolutionManagement { + versionCatalogs { + create("libs") { + from(files("../gradle/libs.versions.toml")) + } + } +} diff --git a/buildSrc/src/main/kotlin/Utilities.kt b/buildSrc/src/main/kotlin/Utilities.kt new file mode 100644 index 0000000..2cde6dc --- /dev/null +++ b/buildSrc/src/main/kotlin/Utilities.kt @@ -0,0 +1,30 @@ +import org.gradle.api.Project +import java.util.* + +val Project.fullName: String + get() = "${rootProject.name}-${project.name}" + +fun String.capitalize(): String { + return replaceFirstChar { if (it.isLowerCase()) it.titlecase(Locale.getDefault()) else it.toString() } +} + +val Project.isSnapshot: Boolean + get() = version.toString().endsWith("-SNAPSHOT") + +val Project.versionString: String + get() = project.version as? String ?: project.version.toString() + +val Project.groupString: String + get() = project.group as? String ?: project.group.toString() + +object Repository { + val projectUser = "KosmX" + val projectRepo = "jneedle" + val projectBaseUri = "github.com/$projectUser/$projectRepo" + val projectUrl = "https://$projectBaseUri" +} + +/** + * Project info class for the `processDokkaIncludes` task. + */ +data class ProjectInfo(val group: String, val module: String, val version: String) diff --git a/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts b/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts new file mode 100644 index 0000000..8d84136 --- /dev/null +++ b/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts @@ -0,0 +1,43 @@ +import org.jetbrains.dokka.gradle.DokkaTask + +plugins { + java + + kotlin("jvm") + + id("org.jetbrains.dokka") +} + +java { + withSourcesJar() + withJavadocJar() +} + +kotlin { + jvmToolchain(8) +} + +val dokkaHtml by tasks.getting(DokkaTask::class) + +val javadoc by tasks.getting(Javadoc::class) + +val jar by tasks.getting(Jar::class) + +val javadocJar by tasks.getting(Jar::class) { + dependsOn(dokkaHtml) + from(dokkaHtml.outputDirectory) + archiveClassifier.set("javadoc") + group = JavaBasePlugin.DOCUMENTATION_GROUP +} + +val sourcesJar by tasks.getting(Jar::class) { + from(sourceSets["main"].allSource) + archiveClassifier.set("sources") + group = JavaBasePlugin.DOCUMENTATION_GROUP +} + +artifacts { + archives(jar) + archives(sourcesJar) + archives(javadocJar) +} diff --git a/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts b/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts new file mode 100644 index 0000000..a20031a --- /dev/null +++ b/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts @@ -0,0 +1,53 @@ +import org.gradle.api.plugins.JavaBasePlugin +import org.gradle.kotlin.dsl.getValue +import org.gradle.kotlin.dsl.provideDelegate +import org.gradle.kotlin.dsl.register +import org.gradle.kotlin.dsl.withType +import org.gradle.language.jvm.tasks.ProcessResources +import org.jetbrains.dokka.gradle.DokkaTask +import java.time.Year + +plugins { + id("org.jetbrains.dokka") + + id("org.ajoberstar.grgit") +} + +tasks { + val processDokkaIncludes by tasks.register("processDokkaIncludes", ProcessResources::class) { + from(rootProject.projectDir.resolve("dokka/includes")) { + val projectInfo = ProjectInfo(project.groupString, project.fullName, project.versionString) + expand( + "project" to projectInfo, + ) + } + destinationDir = buildDir.resolve("dokka-include") + group = JavaBasePlugin.DOCUMENTATION_GROUP + } + + withType().configureEach { + dependsOn(processDokkaIncludes) + + val dokkaBaseConfiguration = """ + { + "footerMessage": "© ${Year.now()} Copyright jNeedle Contributors", + "separateInheritedMembers": true + } + """.trimIndent() + pluginsMapConfiguration.set(mapOf("org.jetbrains.dokka.base.DokkaBase" to dokkaBaseConfiguration)) + + moduleName.set(project.fullName) + moduleVersion.set(project.versionString) + + dokkaSourceSets.configureEach { + includes.from(processDokkaIncludes.destinationDir.listFiles()) + + jdkVersion.set(8) + reportUndocumented.set(true) + + // displayName.set(project.fullName) + } + + group = JavaBasePlugin.DOCUMENTATION_GROUP + } +} diff --git a/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts b/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts new file mode 100644 index 0000000..3480a33 --- /dev/null +++ b/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts @@ -0,0 +1,94 @@ +plugins { + signing + `maven-publish` +} + +publishing { + publications { + val projectName = project.fullName.split("-").joinToString(separator = " ") { word -> word.capitalize() } + val projectGroup = project.groupString + val projectVersion = project.versionString + val projectDescription = """ + Yet another jar malware detection tool + """.trimIndent() + val projectUrl = Repository.projectUrl + val projectBaseUri = Repository.projectBaseUri + + val licenseName = "MIT" + val licenseUrl = "https://mit-license.org/" + + + create("maven") { + groupId = projectGroup + artifactId = project.fullName + version = projectVersion + from(components["java"]) + + pom { + name.set(projectName) + description.set(projectDescription) + url.set(projectUrl) + + inceptionYear.set("2023") + + licenses { + license { + name.set(licenseName) + url.set(licenseUrl) + } + } + developers { + developer { + id.set("kosmx") + name.set("KosmX") + email.set("kosmx.mc@gmail.com") + } + + developer { + id.set("solonovamax") + name.set("solonovamax") + email.set("solonovamax@12oclockpoint.com") + url.set("https://solonovamax.gay/") + } + } + issueManagement { + system.set("GitHub") + url.set("$projectUrl/issues") + } + scm { + connection.set("scm:git:$projectUrl.git") + developerConnection.set("scm:git:ssh://$projectBaseUri.git") + url.set(projectUrl) + } + } + } + } + repositories { + maven { + name = "Sonatype" + + val releasesUrl = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/") // releases repo + val snapshotUrl = uri("https://s01.oss.sonatype.org/content/repositories/snapshots/") // snapshot repo + url = if (isSnapshot) snapshotUrl else releasesUrl + + credentials(PasswordCredentials::class) + } + maven { + name = "SoloStudios" + + val releasesUrl = uri("https://maven.solo-studios.ca/releases/") + val snapshotUrl = uri("https://maven.solo-studios.ca/snapshots/") + url = if (isSnapshot) snapshotUrl else releasesUrl + + credentials(PasswordCredentials::class) + authentication { // publishing doesn't work without this for some reason + create("basic") + } + } + } +} + +signing { + useGpgCmd() + sign(publishing.publications["maven"]) +} diff --git a/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts b/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts new file mode 100644 index 0000000..acac3b0 --- /dev/null +++ b/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts @@ -0,0 +1,20 @@ +repositories { + maven("https://maven.solo-studios.ca/releases/") { + name = "Solo Studios" + } + + mavenCentral() + + google() + + maven("https://jitpack.io") { + name = "Jitpack" + } + + maven("https://oss.sonatype.org/content/repositories/snapshots") { + name = "Maven Snapshots" + mavenContent { + snapshotsOnly() + } + } +} diff --git a/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts b/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts new file mode 100644 index 0000000..9992494 --- /dev/null +++ b/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts @@ -0,0 +1,47 @@ +import org.jetbrains.dokka.gradle.DokkaTask +import java.time.Year +import kotlin.math.max + +plugins { + java +} + +val ext = the() +val base = the() + +tasks { + withType().configureEach { + useJUnitPlatform() + + failFast = false + maxParallelForks = max(Runtime.getRuntime().availableProcessors() - 1, 1) + } + + withType() { + archiveBaseName.set(project.fullName) + } + + withType().configureEach { + options { + encoding = "UTF-8" + } + } + + withType().configureEach { + from(rootProject.file("LICENSE")) + + doLast { + manifest { + attributes( + "Main-Class" to ext["mainClass"], + "Implementation-Title" to project.fullName, + "Implementation-Version" to project.version.toString(), + ) + } + } + } + + named("build") { + dependsOn(withType()) + } +} diff --git a/cli/build.gradle.kts b/cli/build.gradle.kts new file mode 100644 index 0000000..04c4879 --- /dev/null +++ b/cli/build.gradle.kts @@ -0,0 +1,77 @@ +plugins { + java + signing + application + `java-library` + `maven-publish` + + kotlin("jvm") + alias(libs.plugins.kotlin.serialization) + + alias(libs.plugins.shadow) + + jneedle.repositories + jneedle.tasks + jneedle.publishing + jneedle.compilation +} + +val mainClassName = "dev.kosmx.needle.CliRunKt" +ext["mainClass"] = mainClassName + + +sourceSets { + val main by getting + create("dbGen") { + compileClasspath += main.compileClasspath + main.output + runtimeClasspath += main.runtimeClasspath + main.output + } +} + +dependencies { + implementation(libs.kotlin.stdlib) + + implementation(libs.bundles.kotlinx.serialization) + + implementation(libs.bundles.kotlinx.coroutines) + testImplementation(libs.bundles.kotlinx.coroutines.debugging) + + implementation(libs.kotlinx.cli) + + implementation(libs.bundles.asm) + + implementation(libs.cafedude) + + implementation(libs.slf4j) + implementation(libs.slf4k) + implementation(libs.logback) + + testImplementation(kotlin("test")) +} + + +tasks { + withType().configureEach { + manifest { + val javaAgent = "dev.kosmx.needle.launchWrapper.JavaAgentLauncher" + attributes( + "Premain-Class" to javaAgent, + "Agent-Class" to javaAgent, + "Can-Redefine-Classes" to "false", + "Can-Retransform-Classes" to "false", + ) + } + } + + shadowJar { + relocate("kotlin", "dev.kosmx.needle.kotlin") + relocate("kotlinx", "dev.kosmx.needle.kotlinx") + relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") + } + + // TODO: 2023-06-12 buildDb should be a subproject, or possibly a build script thingy + create("buildDb") { + this.mainClass.set("dev.kosmx.needle.dbGen.GeneratorKt") + this.classpath = sourceSets["dbGen"].runtimeClasspath + } +} diff --git a/compose/build.gradle.kts b/compose/build.gradle.kts deleted file mode 100644 index 41b74fa..0000000 --- a/compose/build.gradle.kts +++ /dev/null @@ -1,60 +0,0 @@ -import org.jetbrains.kotlin.gradle.plugin.mpp.pm20.util.archivesName - -plugins { - val kotlinVersion = "1.8.20" - kotlin("jvm") version kotlinVersion - kotlin("plugin.serialization") version kotlinVersion - id("com.github.johnrengelman.shadow") version "8.1.1" - id("org.jetbrains.compose") version "1.4.0" -} - -java.sourceCompatibility = JavaVersion.VERSION_1_8 -java.targetCompatibility = JavaVersion.VERSION_1_8 - - -dependencies { - implementation(rootProject) - implementation(compose.desktop.currentOs) - implementation("com.darkrockstudios:mpfilepicker-desktop:1.1.0") - implementation("org.jetbrains.kotlinx:kotlinx-datetime:0.4.0") -} - -compose.desktop { - application { - mainClass = "dev.kosmx.needle.compose.ComposeMainKt" - } -} - -kotlin { - jvmToolchain(8) -} - -version = rootProject.version - -tasks { - - withType().configureEach { - options.release.set(java.targetCompatibility.majorVersion.toInt()) - } - - archivesName.set("jneedle-gui") - jar { - from("LICENSE") { - rename { "${it}_${base.archivesName.get()}" } - } - manifest { - attributes( - "Main-Class" to "dev.kosmx.needle.compose.ComposeMainKt", - ) - } - archiveClassifier.set("slim") - } - - shadowJar { - //configurations = listOf(project.configurations["shadowImplement"]) - archiveClassifier.set("") - } - build { - dependsOn(shadowJar) - } -} diff --git a/dokka/includes/Core.md b/dokka/includes/Core.md new file mode 100644 index 0000000..c92fdfa --- /dev/null +++ b/dokka/includes/Core.md @@ -0,0 +1,3 @@ +# Package dev.kosmx.needle.core + +TODO diff --git a/dokka/includes/Main.md b/dokka/includes/Main.md new file mode 100644 index 0000000..07e9804 --- /dev/null +++ b/dokka/includes/Main.md @@ -0,0 +1,3 @@ +# Package dev.kosmx.needle + +TODO diff --git a/dokka/includes/Module.md b/dokka/includes/Module.md new file mode 100644 index 0000000..697fbb2 --- /dev/null +++ b/dokka/includes/Module.md @@ -0,0 +1,37 @@ +# Module jneedle-api + +Yet another jar malware detection tool + +## Features + +- TODO + +## Including + +You can include jNeedle in your project by adding the following: + +### Maven + +```xml + + ${project.group} + ${project.module} + ${project.version} + +``` + +### Gradle Groovy DSL + +```groovy +implementation '${project.group}:${project.module}:${project.version}' +``` + +### Gradle Kotlin DSL + +```kotlin +implementation("${project.group}:${project.module}:${project.version}") +``` + +## Examples + +TODO diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml new file mode 100644 index 0000000..fa16393 --- /dev/null +++ b/gradle/libs.versions.toml @@ -0,0 +1,213 @@ +[versions] +kotlin = "1.8.20" + +kotlinx-serialization = "1.5.1" +ktoml = "0.5.0" + +kotlinx-coroutines = "1.7.1" + +asm = "9.5" + +konf = "1.1.2" + +fuel = "2.3.1" + +junit-jupiter = "5.9.2" + +grgit = "4.1.1" + + +[plugins] +kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" } +kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" } + +axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.0" } + +shadow = { id = "com.github.johnrengelman.shadow", version = "8.1.1" } + +dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } + +compose = { id = "org.jetbrains.compose", version = "1.4.0" } + + +[libraries] + +# Kotlin stdlib +kotlin-stdlib = { group = "org.jetbrains.kotlin", name = "kotlin-stdlib", version.ref = "kotlin" } +kotlin-reflect = { group = "org.jetbrains.kotlin", name = "kotlin-reflect", version.ref = "kotlin" } + +# kotlinx.serialization +kotlinx-serialization-core = { group = "org.jetbrains.kotlinx", name = "kotlinx-serialization-core", version.ref = "kotlinx-serialization" } +kotlinx-serialization-json = { group = "org.jetbrains.kotlinx", name = "kotlinx-serialization-json", version.ref = "kotlinx-serialization" } +kotlinx-serialization-cbor = { group = "org.jetbrains.kotlinx", name = "kotlinx-serialization-cbor", version.ref = "kotlinx-serialization" } +kotlinx-serialization-hocon = { group = "org.jetbrains.kotlinx", name = "kotlinx-serialization-hocon", version.ref = "kotlinx-serialization" } +kotlinx-serialization-protobuf = { group = "org.jetbrains.kotlinx", name = "kotlinx-serialization-protobuf", version.ref = "kotlinx-serialization" } + +# TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) +# ktoml +## TOML serialization for kotlinx.serialization +ktoml-core = { group = "com.akuleshov7", name = "ktoml-core", version.ref = "ktoml" } +ktoml-source = { group = "com.akuleshov7", name = "ktoml-source", version.ref = "ktoml" } +ktoml-file = { group = "com.akuleshov7", name = "ktoml-file", version.ref = "ktoml" } + +# TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) +# Kaml +## YAML serialization for kotlinx.serialization +kaml = { group = "com.charleskorn.kaml", name = "kaml", version = "0.54.0" } + + +# kotlinx.coroutines +kotlinx-coroutines-core = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-core", version.ref = "kotlinx-coroutines" } +kotlinx-coroutines-jdk8 = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-jdk8", version.ref = "kotlinx-coroutines" } +kotlinx-coroutines-slf4j = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-slf4j", version.ref = "kotlinx-coroutines" } +kotlinx-coroutines-test = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-test", version.ref = "kotlinx-coroutines" } +kotlinx-coroutines-debug = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-debug", version.ref = "kotlinx-coroutines" } + + +kotlinx-datetime = { group = "org.jetbrains.kotlinx", name = "kotlinx-datetime", version = "0.4.0" } + + +# kotlinx-cli +## Pure Kotlin implementation of a generic command-line parser. +kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = "0.3.5" } + + +# Clikt +## Multiplatform Kotlin Library for writing CLI interfaces +clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "3.5.2" } + + +# TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) +# Konf +## Type-safe cascading configuration library for Kotlin +konf-core = { group = "com.uchuhimo", name = "konf-core", version.ref = "konf" } +konf-hocon = { group = "com.uchuhimo", name = "konf-hocon", version.ref = "konf" } +konf-toml = { group = "com.uchuhimo", name = "konf-toml", version.ref = "konf" } +konf-yaml = { group = "com.uchuhimo", name = "konf-yaml", version.ref = "konf" } + + +# Jetbrains Annotations +## Annotations for documentation and static code analysis +jetbrains-annotations = { group = "org.jetbrains", name = "annotations", version = "24.0.1" } + + +# ASM +## All purpose Java bytecode manipulation and analysis framework +asm = { group = "org.ow2.asm", name = "asm", version.ref = "asm" } +asm-tree = { group = "org.ow2.asm", name = "asm-tree", version.ref = "asm" } + + +# CAFED00D +## Another class library with a focus on obfuscation support +cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } + + +# LLJ-ZIP +## A closer to the spec implementation of ZIP parsing for Java. +lljzip = { group = "software.coley", name = "lljzip", version = "1.3.2" } + + + +# Okio +## A modern I/O library for Android, Java, and Kotlin Multiplatform. +okio = { group = "com.squareup.okio", name = "okio", version = "3.3.0" } + + +# SLF4J +## Simple Logging Facade for Java +slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.7" } +# SLF4K +## SLF4K is a set of kotlin extensions for SLF4J +slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } +# Logback +## The reliable, generic, fast and flexible logging framework for Java +logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.7" } + + +# Fuel +## The easiest HTTP networking library for Kotlin/Android +fuel-core = { group = "com.github.kittinunf.fuel", name = "fuel", version.ref = "fuel" } +fuel-coroutines = { group = "com.github.kittinunf.fuel", name = "fuel-coroutines", version.ref = "fuel" } +fuel-kotlinx-serialization = { group = "com.github.kittinunf.fuel", name = "fuel-kotlinx-serialization", version.ref = "fuel" } + + +# Guava +## A set of core Java libraries from Google that includes new collection types, immutable collections, a graph library, +## and utilities for concurrency, I/O, hashing, caching, primitives, strings, and more +guava = { group = "com.google.guava", name = "guava", version = "31.1-jre" } +# Guava Kotlin +## A wrapper around Guava to make it more idiomatic in kotlin +guava-kotlin = { group = "ca.solo-studios", name = "guava-kotlin", version = "0.1.0" } + + +# DSI Utilities +## A mishmash of utility classes accumulated during the last twenty years in projects developed at the DSI +dsi-dsiutils = { group = "it.unimi.dsi", name = "dsiutils", version = "2.7.3" } +# fastutil +## fastutil extends the Java Collections Framework by providing type-specific maps, sets, lists and queues +dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } + + +# Apache Commons +commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.23.0" } +commons-io = { group = "commons-io", name = "commons-io", version = "2.13.0" } +commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.15" } +commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } +# when 4.0.0 is released, commons-math is being split into: +# - commons-numbers +# - commons-geometry +# - commons-statistics +# - commons-rng +commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = "3.12.0" } +commons-text = { group = "org.apache.commons", name = "commons-text", version = "1.10.0" } + + +mpfilepicker-desktop = { group = "com.darkrockstudios", name = "mpfilepicker-desktop", version = "1.1.0" } + + +# JUnit +## Unit testing framework for Java +junit-jupiter-api = { group = "org.junit.jupiter", name = "junit-jupiter-api", version.ref = "junit-jupiter" } +junit-jupiter-engine = { group = "org.junit.jupiter", name = "junit-jupiter-engine", version.ref = "junit-jupiter" } +junit-jupiter-params = { group = "org.junit.jupiter", name = "junit-jupiter-params", version.ref = "junit-jupiter" } + + +[bundles] +kotlinx-serialization = [ + "kotlinx-serialization-core", + "kotlinx-serialization-json", +] + +kotlinx-coroutines = [ + "kotlinx-coroutines-core", + "kotlinx-coroutines-jdk8", + "kotlinx-coroutines-slf4j", +] +kotlinx-coroutines-debugging = [ + "kotlinx-coroutines-test", + "kotlinx-coroutines-debug", +] + +konf = [ + "konf-core", + "konf-hocon", + "konf-toml", + "konf-yaml", +] + +asm = [ + "asm", + "asm-tree", +] + +fuel = [ + "fuel-core", + "fuel-coroutines", + "fuel-kotlinx-serialization", +] + +junit = [ + "junit-jupiter-api", + "junit-jupiter-engine", + "junit-jupiter-params", +] diff --git a/gui/build.gradle.kts b/gui/build.gradle.kts new file mode 100644 index 0000000..f99835c --- /dev/null +++ b/gui/build.gradle.kts @@ -0,0 +1,34 @@ +plugins { + kotlin("jvm") + alias(libs.plugins.kotlin.serialization) + + alias(libs.plugins.shadow) + + alias(libs.plugins.compose) + + jneedle.repositories + jneedle.tasks + jneedle.publishing + jneedle.compilation +} + +version = rootProject.version + +val mainClassName = "dev.kosmx.needle.compose.ComposeMainKt" +ext["mainClass"] = mainClassName + +dependencies { + implementation(projects.api) + + implementation(compose.desktop.currentOs) + + implementation(libs.mpfilepicker.desktop) + + implementation(libs.kotlinx.datetime) +} + +compose.desktop { + application { + mainClass = mainClassName + } +} diff --git a/compose/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt similarity index 100% rename from compose/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt rename to gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt diff --git a/settings.gradle.kts b/settings.gradle.kts index 7037554..4e01166 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -9,4 +9,9 @@ plugins { } rootProject.name = "jneedle" -include(":compose") +include(":api") +//include(":cli") // TODO: 2023-06-12 Move cli shit into cli +include(":gui") + +enableFeaturePreview("TYPESAFE_PROJECT_ACCESSORS") + From 42494e942ab28965cb0603e43bec28b1f0575b7a Mon Sep 17 00:00:00 2001 From: solonovamax Date: Mon, 12 Jun 2023 03:10:27 -0400 Subject: [PATCH 002/114] oopsies autoformat did a glob import (I keep telling it to stop doing glob imports, and it keeps doing them, idk how to fix) Signed-off-by: solonovamax --- api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt index 13249b3..547d021 100644 --- a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt @@ -9,7 +9,11 @@ import org.objectweb.asm.ClassWriter import org.objectweb.asm.Opcodes import org.objectweb.asm.Opcodes.ACC_PRIVATE import org.objectweb.asm.Opcodes.ACC_STATIC -import org.objectweb.asm.tree.* +import org.objectweb.asm.tree.AbstractInsnNode +import org.objectweb.asm.tree.ClassNode +import org.objectweb.asm.tree.InsnNode +import org.objectweb.asm.tree.MethodNode +import org.objectweb.asm.tree.VarInsnNode import java.nio.file.Path import java.time.Instant import java.util.jar.JarEntry @@ -19,7 +23,7 @@ interface Entry { /** * Write file and returns filename for later use */ - fun generate(outputPath: Path) : String + fun generate(outputPath: Path): String } var idTracker = 0 From 2b84ea00c251b6d23afe47a9360d5407fa356a21 Mon Sep 17 00:00:00 2001 From: solonovamax Date: Tue, 13 Jun 2023 13:43:59 -0400 Subject: [PATCH 003/114] Fix build issue after rebasing onto master Signed-off-by: solonovamax --- api/build.gradle.kts | 2 ++ api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt | 3 +-- gradle/libs.versions.toml | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/api/build.gradle.kts b/api/build.gradle.kts index cef5eaf..cbab83e 100644 --- a/api/build.gradle.kts +++ b/api/build.gradle.kts @@ -39,6 +39,8 @@ dependencies { implementation(libs.cafedude) + implementation(libs.lljzip) + implementation(libs.slf4j) implementation(libs.slf4k) implementation(libs.logback) diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt index 7ddadba..76dc14f 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt @@ -1,5 +1,6 @@ package dev.kosmx.needle.core +import dev.kosmx.needle.CheckWrapper import dev.kosmx.needle.LogLevel import dev.kosmx.needle.log import me.coley.cafedude.classfile.ClassFile @@ -13,8 +14,6 @@ import software.coley.llzip.format.model.LocalFileHeader import software.coley.llzip.format.model.ZipArchive import software.coley.llzip.util.ByteData import software.coley.llzip.util.ByteDataUtil -import java.io.BufferedInputStream -import java.io.ByteArrayInputStream import java.io.File import java.io.IOException import java.util.jar.JarEntry diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index fa16393..c11b77c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -104,7 +104,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "1.3.2" } +lljzip = { group = "software.coley", name = "lljzip", version = "1.4.0" } From 0d2fa9b33392f1c3044e4b0b28c1418e0da96ccb Mon Sep 17 00:00:00 2001 From: solonovamax Date: Tue, 13 Jun 2023 13:44:27 -0400 Subject: [PATCH 004/114] Remove personal maven repo from publishing & repositories Signed-off-by: solonovamax --- .../src/main/kotlin/jneedle.publishing.gradle.kts | 12 ------------ .../src/main/kotlin/jneedle.repositories.gradle.kts | 4 ---- 2 files changed, 16 deletions(-) diff --git a/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts b/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts index 3480a33..3dbd2d9 100644 --- a/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts @@ -73,18 +73,6 @@ publishing { credentials(PasswordCredentials::class) } - maven { - name = "SoloStudios" - - val releasesUrl = uri("https://maven.solo-studios.ca/releases/") - val snapshotUrl = uri("https://maven.solo-studios.ca/snapshots/") - url = if (isSnapshot) snapshotUrl else releasesUrl - - credentials(PasswordCredentials::class) - authentication { // publishing doesn't work without this for some reason - create("basic") - } - } } } diff --git a/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts b/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts index acac3b0..2a4ce70 100644 --- a/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.repositories.gradle.kts @@ -1,8 +1,4 @@ repositories { - maven("https://maven.solo-studios.ca/releases/") { - name = "Solo Studios" - } - mavenCentral() google() From db7fac4f2f05ea7b85a451e1fb75b78ca9609d2b Mon Sep 17 00:00:00 2001 From: solonovamax Date: Tue, 13 Jun 2023 14:16:09 -0400 Subject: [PATCH 005/114] Fix funny build error on github actions - Previously we were implicitly compiling for kotlin api version 1.8. This is now explicit. - Previously we used gradle toolchain stuff, but this seemed to break on gh actions on windows for some reason, so we're instead just setting the jvm target to 1.8 Signed-off-by: solonovamax --- buildSrc/build.gradle.kts | 15 ++++++++++++++- .../main/kotlin/jneedle.compilation.gradle.kts | 12 +++++++++++- 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/buildSrc/build.gradle.kts b/buildSrc/build.gradle.kts index 22c82d2..c239adf 100644 --- a/buildSrc/build.gradle.kts +++ b/buildSrc/build.gradle.kts @@ -10,8 +10,21 @@ repositories { gradlePluginPortal() } +java { + sourceCompatibility = JavaVersion.VERSION_1_8 + targetCompatibility = JavaVersion.VERSION_1_8 +} + kotlin { - jvmToolchain(8) + target { + compilations.all { + kotlinOptions { + jvmTarget = JavaVersion.VERSION_1_8.toString() + languageVersion = "1.8" + apiVersion = "1.8" + } + } + } } dependencies { diff --git a/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts b/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts index 8d84136..3c61cab 100644 --- a/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.compilation.gradle.kts @@ -11,10 +11,20 @@ plugins { java { withSourcesJar() withJavadocJar() + sourceCompatibility = JavaVersion.VERSION_1_8 + targetCompatibility = JavaVersion.VERSION_1_8 } kotlin { - jvmToolchain(8) + target { + compilations.all { + kotlinOptions { + jvmTarget = JavaVersion.VERSION_1_8.toString() + languageVersion = "1.8" + apiVersion = "1.8" + } + } + } } val dokkaHtml by tasks.getting(DokkaTask::class) From a46b717269a933a48382ea3e5bcb8f0b5a6dd7a0 Mon Sep 17 00:00:00 2001 From: KosmX Date: Thu, 15 Jun 2023 00:53:15 +0200 Subject: [PATCH 006/114] Organize modules, replace logger to slf4k, fix dependencies, create shadow task --- api/build.gradle.kts | 24 +----- .../main/kotlin/dev/kosmx/needle/Static.kt | 28 +------ .../dev/kosmx/needle/core/JarChecker.kt | 80 ++++++++----------- .../dev/kosmx/needle/database/FileParser.kt | 7 +- .../kotlin/dev/kosmx/needle/database/Init.kt | 6 +- buildSrc/build.gradle.kts | 3 +- buildSrc/settings.gradle.kts | 1 - .../src/main/kotlin/jneedle.dokka.gradle.kts | 2 - .../main/kotlin/jneedle.publishing.gradle.kts | 1 + .../src/main/kotlin/jneedle.shadow.gradle.kts | 18 +++++ .../src/main/kotlin/jneedle.tasks.gradle.kts | 8 +- cli/build.gradle.kts | 58 ++------------ .../kotlin/dev/kosmx/needle/cli}/CliRun.kt | 3 +- gradle.properties | 3 - gradle/libs.versions.toml | 6 +- gui/build.gradle.kts | 7 +- .../dev/kosmx/needle/compose/ComposeMain.kt | 1 - launchwrapper/build.gradle.kts | 34 ++++++++ .../needle/launchWrapper/JavaAgentLauncher.kt | 7 +- .../needle/launchWrapper/KnotClientWrapper.kt | 0 .../launchWrapper/ParameterizedWrapper.kt | 0 settings.gradle.kts | 3 +- 22 files changed, 123 insertions(+), 177 deletions(-) create mode 100644 buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts rename {api/src/main/kotlin/dev/kosmx/needle => cli/src/main/kotlin/dev/kosmx/needle/cli}/CliRun.kt (96%) create mode 100644 launchwrapper/build.gradle.kts rename {api => launchwrapper}/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt (88%) rename {api => launchwrapper}/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt (100%) rename {api => launchwrapper}/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt (100%) diff --git a/api/build.gradle.kts b/api/build.gradle.kts index cbab83e..81439d9 100644 --- a/api/build.gradle.kts +++ b/api/build.gradle.kts @@ -1,21 +1,16 @@ plugins { - application - kotlin("jvm") + jneedle.compilation alias(libs.plugins.kotlin.serialization) - alias(libs.plugins.shadow) + //alias(libs.plugins.shadow) jneedle.repositories jneedle.tasks jneedle.publishing - jneedle.compilation jneedle.dokka } -val mainClassName = "dev.kosmx.needle.CliRunKt" -ext["mainClass"] = mainClassName -application.mainClass.set(mainClassName) sourceSets { val main by getting @@ -43,7 +38,7 @@ dependencies { implementation(libs.slf4j) implementation(libs.slf4k) - implementation(libs.logback) + "dbGenImplementation"(libs.logback) // API doesn't need a logger backend testImplementation(kotlin("test")) } @@ -52,22 +47,9 @@ dependencies { tasks { withType().configureEach { manifest { - val javaAgent = "dev.kosmx.needle.launchWrapper.JavaAgentLauncher" - attributes( - "Premain-Class" to javaAgent, - "Agent-Class" to javaAgent, - "Can-Redefine-Classes" to "false", - "Can-Retransform-Classes" to "false", - ) } } - shadowJar { - relocate("kotlin", "dev.kosmx.needle.kotlin") - relocate("kotlinx", "dev.kosmx.needle.kotlinx") - relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") - } - // TODO: 2023-06-12 buildDb should be a subproject, or possibly a build script thingy create("buildDb") { this.mainClass.set("dev.kosmx.needle.dbGen.GeneratorKt") diff --git a/api/src/main/kotlin/dev/kosmx/needle/Static.kt b/api/src/main/kotlin/dev/kosmx/needle/Static.kt index 3680491..675822f 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/Static.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/Static.kt @@ -1,32 +1,10 @@ package dev.kosmx.needle import org.objectweb.asm.Opcodes -import org.slf4j.Logger -import org.slf4j.LoggerFactory +import org.slf4j.kotlin.KLogger +import org.slf4j.kotlin.getLogger const val ASM_VERSION = Opcodes.ASM9 -val logger: Logger = LoggerFactory.getLogger("Jneedle") -val currentLogLevel = LogLevel.Info - -inline fun log(logLevel: LogLevel = LogLevel.Info, msg: () -> String) { - if (currentLogLevel >= logLevel) { - when(logLevel) { - LogLevel.Error -> logger.error(msg()) - LogLevel.Warning -> logger.warn(msg()) - LogLevel.Info -> logger.info(msg()) - LogLevel.Debug -> logger.debug(msg()) - LogLevel.Trace -> logger.trace(msg()) - } - } -} - -enum class LogLevel(val l: Int) { - Error(0), - Warning(1), - Info(2), - Debug(3), - Trace(4), - ; -} +val logger: KLogger by getLogger("jNeedle") diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt index 76dc14f..dcb342b 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt @@ -1,23 +1,21 @@ package dev.kosmx.needle.core import dev.kosmx.needle.CheckWrapper -import dev.kosmx.needle.LogLevel -import dev.kosmx.needle.log +import dev.kosmx.needle.logger import me.coley.cafedude.classfile.ClassFile import me.coley.cafedude.io.ClassFileReader import me.coley.cafedude.io.ClassFileWriter import me.coley.cafedude.transform.IllegalStrippingTransformer import org.objectweb.asm.ClassReader +import org.slf4j.kotlin.info +import org.slf4j.kotlin.warn import software.coley.llzip.ZipIO import software.coley.llzip.format.compression.ZipCompressions import software.coley.llzip.format.model.LocalFileHeader import software.coley.llzip.format.model.ZipArchive -import software.coley.llzip.util.ByteData import software.coley.llzip.util.ByteDataUtil import java.io.File import java.io.IOException -import java.util.jar.JarEntry -import java.util.jar.JarInputStream object JarChecker { @@ -28,7 +26,7 @@ object JarChecker { return CheckWrapper.checkJar(jar) } } catch (t: Throwable) { - log { + logger.warn { t.printStackTrace() "Failed to open $file" } @@ -38,38 +36,38 @@ object JarChecker { fun checkJar(jar: ZipArchive): Set { val results = mutableSetOf() - for ((jarEntry, byteData) in jar) { - byteData.let classEntry@{_ -> - val bytes = lazy { ByteDataUtil.toByteArray(byteData)!! } - if (jarEntry.fileNameAsString.endsWith(".class") || jarEntry.fileNameAsString.endsWith(".class/")) { - try { - results += checkClassFile(bytes.value, jarEntry) - return@classEntry - } catch (e: IOException) { - //results += JarCheckMatch(MatchType.POTENTIAL, "Illegal .class file: ${jarEntry.name}") - } - } else if (jarEntry.fileNameAsString.endsWith(".jar")) { - try { - - ZipIO.readJvm(byteData).use { jar -> - results += CheckWrapper.checkJar(jar) - } - return@classEntry - } catch (t: Throwable) { - results += JarCheckMatch(MatchType.INFO, "Failed to open nested jar: ${t.message}") - log(LogLevel.Info) { - t.printStackTrace() - t.message ?: "" - } - } + classEntry@for (jarEntry in jar) { + val byteData by lazy { ZipCompressions.decompress(jarEntry) } + val bytes = lazy { ByteDataUtil.toByteArray(byteData)!! } + if (jarEntry.fileNameAsString.endsWith(".class") || jarEntry.fileNameAsString.endsWith(".class/")) { + try { + results += checkClassFile(bytes.value, jarEntry) + continue@classEntry + } catch (e: IOException) { + //results += JarCheckMatch(MatchType.POTENTIAL, "Illegal .class file: ${jarEntry.name}") } - + } else if (jarEntry.fileNameAsString.endsWith(".jar")) { try { - results += AssetChecker.checkAsset(bytes, jarEntry) + + ZipIO.readJvm(byteData).use { nestedJar -> + results += CheckWrapper.checkJar(nestedJar) + } + continue@classEntry } catch (t: Throwable) { - results += JarCheckMatch(MatchType.INFO, "Asset checker failed: ${t.message}") + results += JarCheckMatch(MatchType.INFO, "Failed to open nested jar: ${t.message}") + logger.info { + t.printStackTrace() + t.message ?: "" + } } } + + try { + results += AssetChecker.checkAsset(bytes, jarEntry) + } catch (t: Throwable) { + results += JarCheckMatch(MatchType.INFO, "Asset checker failed: ${t.message}") + } + } return results @@ -96,19 +94,7 @@ object JarChecker { } } -fun JarInputStream.asSequence() = sequence>> { - val jar = this@asSequence - var entry: JarEntry? = nextJarEntry - while(entry != null) { - val bytes = lazy { jar.readBytes() } - yield(entry to bytes) - entry = jar.nextJarEntry - } -} - -operator fun JarInputStream.iterator(): Iterator>> = this.asSequence().iterator() - -fun ZipArchive.asSequence() = localFiles.asSequence().map { it to ZipCompressions.decompress(it) } +fun ZipArchive.asSequence() = localFiles.asSequence().map { it } -operator fun ZipArchive.iterator(): Iterator> = this.asSequence().iterator() +operator fun ZipArchive.iterator(): Iterator = this.asSequence().iterator() diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt index 1fae9cf..856c8fb 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt @@ -1,22 +1,21 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.LogLevel import dev.kosmx.needle.core.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.JarCheckResult import dev.kosmx.needle.core.MatchType import dev.kosmx.needle.lib.Word -import dev.kosmx.needle.log +import dev.kosmx.needle.logger import kotlinx.serialization.ExperimentalSerializationApi import kotlinx.serialization.Serializable import kotlinx.serialization.json.Json import org.objectweb.asm.ClassReader import org.objectweb.asm.tree.AbstractInsnNode import org.objectweb.asm.tree.ClassNode +import org.slf4j.kotlin.error import software.coley.llzip.format.model.LocalFileHeader import java.nio.file.Path import java.util.* -import java.util.jar.JarEntry import java.util.jar.JarFile import kotlin.io.path.extension @@ -71,7 +70,7 @@ object FileParser { else -> null } } catch (e: Exception) { - log(LogLevel.Error) { + logger.error { e.printStackTrace() "Failed to load database entry: $path reason: ${e.message}" } diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt index 47f1a80..789346b 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt @@ -1,13 +1,13 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.LogLevel import dev.kosmx.needle.core.AssetChecker import dev.kosmx.needle.core.ClassChecker import dev.kosmx.needle.database.hardCodedDetectors.HardCodedDetectors -import dev.kosmx.needle.log +import dev.kosmx.needle.logger import kotlinx.coroutines.* import kotlinx.serialization.Serializable import kotlinx.serialization.json.Json +import org.slf4j.kotlin.warn import java.io.IOException import java.io.InputStream import java.net.URL @@ -42,7 +42,7 @@ object Database { } } } catch (e: Exception) { - log(LogLevel.Warning) { + logger.warn { e.printStackTrace() "Failed to fetch database: $databaseUrl is not available." } diff --git a/buildSrc/build.gradle.kts b/buildSrc/build.gradle.kts index c239adf..103a851 100644 --- a/buildSrc/build.gradle.kts +++ b/buildSrc/build.gradle.kts @@ -4,7 +4,6 @@ plugins { } repositories { - maven("https://maven.solo-studios.ca/releases/") mavenCentral() // for kotlin-dsl plugin gradlePluginPortal() @@ -30,7 +29,7 @@ kotlin { dependencies { implementation(gradlePlugin("org.jetbrains.dokka", libs.versions.kotlin)) implementation(gradlePlugin("org.jetbrains.kotlin.jvm", libs.versions.kotlin)) - implementation(gradlePlugin("org.ajoberstar.grgit", libs.versions.grgit)) + implementation(gradlePlugin("com.github.johnrengelman.shadow", libs.versions.shadow)) } fun gradlePlugin(id: String, version: Provider): String { diff --git a/buildSrc/settings.gradle.kts b/buildSrc/settings.gradle.kts index 8a7e8e5..8e4e697 100644 --- a/buildSrc/settings.gradle.kts +++ b/buildSrc/settings.gradle.kts @@ -1,6 +1,5 @@ pluginManagement { repositories { - maven("https://maven.solo-studios.ca/releases/") gradlePluginPortal() } } diff --git a/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts b/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts index a20031a..af87d37 100644 --- a/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.dokka.gradle.kts @@ -9,8 +9,6 @@ import java.time.Year plugins { id("org.jetbrains.dokka") - - id("org.ajoberstar.grgit") } tasks { diff --git a/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts b/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts index 3dbd2d9..ef0b01b 100644 --- a/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.publishing.gradle.kts @@ -42,6 +42,7 @@ publishing { id.set("kosmx") name.set("KosmX") email.set("kosmx.mc@gmail.com") + url.set("https://kosmx.dev/") } developer { diff --git a/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts b/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts new file mode 100644 index 0000000..0e7530b --- /dev/null +++ b/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts @@ -0,0 +1,18 @@ +plugins { + kotlin("jvm") + id("com.github.johnrengelman.shadow") +} + + +tasks { + shadowJar { + archiveClassifier.set("") + } + + jar { + archiveClassifier.set("slim") + } + build { + dependsOn(shadowJar) + } +} diff --git a/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts b/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts index 9992494..eb4517e 100644 --- a/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.tasks.gradle.kts @@ -1,5 +1,3 @@ -import org.jetbrains.dokka.gradle.DokkaTask -import java.time.Year import kotlin.math.max plugins { @@ -33,10 +31,14 @@ tasks { doLast { manifest { attributes( - "Main-Class" to ext["mainClass"], "Implementation-Title" to project.fullName, "Implementation-Version" to project.version.toString(), ) + if (ext.has("mainClass")) { + attributes( + "Main-Class" to ext["mainClass"], + ) + } } } } diff --git a/cli/build.gradle.kts b/cli/build.gradle.kts index 04c4879..5886ae2 100644 --- a/cli/build.gradle.kts +++ b/cli/build.gradle.kts @@ -1,77 +1,29 @@ plugins { - java - signing application - `java-library` - `maven-publish` - - kotlin("jvm") + jneedle.compilation alias(libs.plugins.kotlin.serialization) - alias(libs.plugins.shadow) + jneedle.shadow jneedle.repositories jneedle.tasks jneedle.publishing - jneedle.compilation } -val mainClassName = "dev.kosmx.needle.CliRunKt" +val mainClassName = "dev.kosmx.needle.cli.CliRunKt" ext["mainClass"] = mainClassName +application.mainClass.set(mainClassName) -sourceSets { - val main by getting - create("dbGen") { - compileClasspath += main.compileClasspath + main.output - runtimeClasspath += main.runtimeClasspath + main.output - } -} - dependencies { - implementation(libs.kotlin.stdlib) - - implementation(libs.bundles.kotlinx.serialization) + implementation(projects.api) implementation(libs.bundles.kotlinx.coroutines) testImplementation(libs.bundles.kotlinx.coroutines.debugging) implementation(libs.kotlinx.cli) - - implementation(libs.bundles.asm) - - implementation(libs.cafedude) - - implementation(libs.slf4j) - implementation(libs.slf4k) implementation(libs.logback) testImplementation(kotlin("test")) } - -tasks { - withType().configureEach { - manifest { - val javaAgent = "dev.kosmx.needle.launchWrapper.JavaAgentLauncher" - attributes( - "Premain-Class" to javaAgent, - "Agent-Class" to javaAgent, - "Can-Redefine-Classes" to "false", - "Can-Retransform-Classes" to "false", - ) - } - } - - shadowJar { - relocate("kotlin", "dev.kosmx.needle.kotlin") - relocate("kotlinx", "dev.kosmx.needle.kotlinx") - relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") - } - - // TODO: 2023-06-12 buildDb should be a subproject, or possibly a build script thingy - create("buildDb") { - this.mainClass.set("dev.kosmx.needle.dbGen.GeneratorKt") - this.classpath = sourceSets["dbGen"].runtimeClasspath - } -} diff --git a/api/src/main/kotlin/dev/kosmx/needle/CliRun.kt b/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt similarity index 96% rename from api/src/main/kotlin/dev/kosmx/needle/CliRun.kt rename to cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt index d14ce1d..4557e6d 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/CliRun.kt +++ b/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt @@ -1,5 +1,6 @@ -package dev.kosmx.needle +package dev.kosmx.needle.cli +import dev.kosmx.needle.CheckWrapper import dev.kosmx.needle.core.JarCheckResult import dev.kosmx.needle.core.JarChecker import kotlinx.cli.ArgParser diff --git a/gradle.properties b/gradle.properties index 1daaec4..7fc6f1f 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,4 +1 @@ kotlin.code.style=official - -version = 1.0.0 -asm_version = 9.5 diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index c11b77c..6407826 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -16,6 +16,8 @@ junit-jupiter = "5.9.2" grgit = "4.1.1" +shadow = "8.1.1" + [plugins] kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" } @@ -23,7 +25,7 @@ kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", versi axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.0" } -shadow = { id = "com.github.johnrengelman.shadow", version = "8.1.1" } +shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } @@ -104,7 +106,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "1.4.0" } +lljzip = { group = "software.coley", name = "lljzip", version = "1.6.0" } diff --git a/gui/build.gradle.kts b/gui/build.gradle.kts index f99835c..6e20a15 100644 --- a/gui/build.gradle.kts +++ b/gui/build.gradle.kts @@ -1,15 +1,13 @@ plugins { - kotlin("jvm") + jneedle.compilation alias(libs.plugins.kotlin.serialization) - alias(libs.plugins.shadow) - alias(libs.plugins.compose) + jneedle.shadow jneedle.repositories jneedle.tasks jneedle.publishing - jneedle.compilation } version = rootProject.version @@ -19,6 +17,7 @@ ext["mainClass"] = mainClassName dependencies { implementation(projects.api) + implementation(libs.logback) implementation(compose.desktop.currentOs) diff --git a/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt index 9da325d..9ac8da1 100644 --- a/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt +++ b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt @@ -25,7 +25,6 @@ import com.darkrockstudios.libraries.mpfilepicker.DirectoryPicker import com.darkrockstudios.libraries.mpfilepicker.FilePicker import dev.kosmx.needle.CheckWrapper import dev.kosmx.needle.ScanResult -import kotlinx.coroutines.CoroutineDispatcher import kotlinx.coroutines.CoroutineScope import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.launch diff --git a/launchwrapper/build.gradle.kts b/launchwrapper/build.gradle.kts new file mode 100644 index 0000000..c67b1e9 --- /dev/null +++ b/launchwrapper/build.gradle.kts @@ -0,0 +1,34 @@ +plugins { + application + jneedle.compilation + alias(libs.plugins.kotlin.serialization) + + jneedle.shadow + jneedle.repositories + jneedle.tasks + jneedle.publishing +} + + +val mainClassName = "dev.kosmx.needle.launchWrapper.Launch" +ext["mainClass"] = mainClassName +application.mainClass.set(mainClassName) + + +dependencies { + implementation(projects.api) + + implementation(libs.slf4k) + implementation(libs.logback) + + testImplementation(kotlin("test")) +} + +tasks { + // Relocation is necessary to avoid classpath collision + shadowJar { + relocate("kotlin", "dev.kosmx.needle.kotlin") + relocate("kotlinx", "dev.kosmx.needle.kotlinx") + relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") + } +} diff --git a/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt similarity index 88% rename from api/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt rename to launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt index 3b6f064..846ab8a 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt +++ b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt @@ -1,9 +1,9 @@ package dev.kosmx.needle.launchWrapper import dev.kosmx.needle.CheckWrapper -import dev.kosmx.needle.LogLevel import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.log +import dev.kosmx.needle.logger +import org.slf4j.kotlin.warn import java.lang.instrument.Instrumentation import kotlin.io.path.Path import kotlin.system.exitProcess @@ -23,13 +23,12 @@ object JavaAgentLauncher { @JvmStatic fun agentmain(agentArgs: String?, inst: Instrumentation) { if (!checked) { - log(LogLevel.Warning) { "Dynamically loading malware detection is risky, it may load after malware class is active" } + logger.warn { "Dynamically loading malware detection is risky, it may load after malware class is active" } runCheck(agentArgs) checked = true } } - @OptIn(ExperimentalTime::class) private fun runCheck(agentArgs: String?) { try { println("arg: $agentArgs") diff --git a/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt similarity index 100% rename from api/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt rename to launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/KnotClientWrapper.kt diff --git a/api/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt similarity index 100% rename from api/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt rename to launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/ParameterizedWrapper.kt diff --git a/settings.gradle.kts b/settings.gradle.kts index 4e01166..e997715 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -10,7 +10,8 @@ plugins { rootProject.name = "jneedle" include(":api") -//include(":cli") // TODO: 2023-06-12 Move cli shit into cli +include(":cli") +include(":launchwrapper") include(":gui") enableFeaturePreview("TYPESAFE_PROJECT_ACCESSORS") From 16fc513464f4fa99129ae63dfc0df6fb34a0bc36 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sat, 17 Jun 2023 15:37:41 +0200 Subject: [PATCH 007/114] start moving packages --- api/src/main/kotlin/dev/kosmx/needle/Static.kt | 4 ---- .../main/kotlin/dev/kosmx/needle/core/JarChecker.kt | 3 ++- .../kotlin/dev/kosmx/needle/database/FileParser.kt | 10 ++++++---- api/src/main/kotlin/dev/kosmx/needle/database/Init.kt | 3 ++- .../kotlin/dev/kosmx/needle/database/MatchSequence.kt | 8 ++++---- .../kotlin/dev/kosmx/needle/database/WildcardMatch.kt | 8 ++++---- .../dev/kosmx/needle/{core => util}/InsnComparator.kt | 6 ++++-- .../dev/kosmx/needle/{lib/Matcher.kt => util/KMP.kt} | 2 +- api/src/main/resources/logging.properties | 2 +- .../kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt | 4 ++-- cli/build.gradle.kts | 1 + cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt | 5 +++++ gradle/libs.versions.toml | 2 +- .../kosmx/needle/launchWrapper/JavaAgentLauncher.kt | 3 ++- 14 files changed, 35 insertions(+), 26 deletions(-) rename api/src/main/kotlin/dev/kosmx/needle/{core => util}/InsnComparator.kt (95%) rename api/src/main/kotlin/dev/kosmx/needle/{lib/Matcher.kt => util/KMP.kt} (98%) diff --git a/api/src/main/kotlin/dev/kosmx/needle/Static.kt b/api/src/main/kotlin/dev/kosmx/needle/Static.kt index 675822f..5b686f1 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/Static.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/Static.kt @@ -1,10 +1,6 @@ package dev.kosmx.needle import org.objectweb.asm.Opcodes -import org.slf4j.kotlin.KLogger -import org.slf4j.kotlin.getLogger const val ASM_VERSION = Opcodes.ASM9 - -val logger: KLogger by getLogger("jNeedle") diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt index dcb342b..828e4f3 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt @@ -1,12 +1,12 @@ package dev.kosmx.needle.core import dev.kosmx.needle.CheckWrapper -import dev.kosmx.needle.logger import me.coley.cafedude.classfile.ClassFile import me.coley.cafedude.io.ClassFileReader import me.coley.cafedude.io.ClassFileWriter import me.coley.cafedude.transform.IllegalStrippingTransformer import org.objectweb.asm.ClassReader +import org.slf4j.kotlin.getLogger import org.slf4j.kotlin.info import org.slf4j.kotlin.warn import software.coley.llzip.ZipIO @@ -19,6 +19,7 @@ import java.io.IOException object JarChecker { + private val logger by getLogger() fun checkJar(file: File): Set { try { diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt index 856c8fb..22d51ea 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt @@ -1,11 +1,10 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.core.InsnComparator +import dev.kosmx.needle.util.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.JarCheckResult import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.lib.Word -import dev.kosmx.needle.logger +import dev.kosmx.needle.util.Word import kotlinx.serialization.ExperimentalSerializationApi import kotlinx.serialization.Serializable import kotlinx.serialization.json.Json @@ -13,6 +12,7 @@ import org.objectweb.asm.ClassReader import org.objectweb.asm.tree.AbstractInsnNode import org.objectweb.asm.tree.ClassNode import org.slf4j.kotlin.error +import org.slf4j.kotlin.getLogger import software.coley.llzip.format.model.LocalFileHeader import java.nio.file.Path import java.util.* @@ -20,6 +20,8 @@ import java.util.jar.JarFile import kotlin.io.path.extension object FileParser { + private val logger by getLogger() + @OptIn(ExperimentalSerializationApi::class) fun parseFile(path: Path): Match? { try { @@ -80,7 +82,7 @@ object FileParser { } private fun Array.toWord(): Word { - return Word(this, InsnComparator::compare) + return Word(this, InsnComparator()::compare) } @Serializable diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt index 789346b..6ec7725 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt @@ -3,10 +3,10 @@ package dev.kosmx.needle.database import dev.kosmx.needle.core.AssetChecker import dev.kosmx.needle.core.ClassChecker import dev.kosmx.needle.database.hardCodedDetectors.HardCodedDetectors -import dev.kosmx.needle.logger import kotlinx.coroutines.* import kotlinx.serialization.Serializable import kotlinx.serialization.json.Json +import org.slf4j.kotlin.getLogger import org.slf4j.kotlin.warn import java.io.IOException import java.io.InputStream @@ -22,6 +22,7 @@ import kotlin.streams.asSequence * Initialize database, get ready for checking */ object Database { + private val logger by getLogger() fun init(databaseUrl: String?, dataPath: Path) { diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt index 93035e7..4fe5fbc 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt @@ -1,10 +1,10 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.core.InsnComparator +import dev.kosmx.needle.util.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.lib.Word -import dev.kosmx.needle.lib.match +import dev.kosmx.needle.util.Word +import dev.kosmx.needle.util.match import org.objectweb.asm.tree.AbstractInsnNode typealias InsnSequence = Word @@ -20,7 +20,7 @@ open class MatchSequence( word.match(instructions.filterMutable()) constructor(id: String, instructions: Array, matchType: MatchType = MatchType.MALWARE, matchId: String = "") : - this(id, Word(instructions, InsnComparator::compare), matchType, matchId = matchId) + this(id, Word(instructions, InsnComparator()::compare), matchType, matchId = matchId) override fun checkResult(): JarCheckMatch = JarCheckMatch(matchType, id, matchId) } diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt index 6bf541e..cd0f74c 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt @@ -1,10 +1,10 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.core.InsnComparator +import dev.kosmx.needle.util.InsnComparator import dev.kosmx.needle.core.JarCheckMatch import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.lib.Word -import dev.kosmx.needle.lib.match +import dev.kosmx.needle.util.Word +import dev.kosmx.needle.util.match import org.objectweb.asm.tree.AbstractInsnNode class WildcardMatch( @@ -58,5 +58,5 @@ class WildcardMatch( } private fun List.toWord(): Word { - return Word(this.toTypedArray(), InsnComparator::compare) + return Word(this.toTypedArray(), InsnComparator()::compare) } diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt b/api/src/main/kotlin/dev/kosmx/needle/util/InsnComparator.kt similarity index 95% rename from api/src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt rename to api/src/main/kotlin/dev/kosmx/needle/util/InsnComparator.kt index d26f294..4721d3f 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/core/InsnComparator.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/util/InsnComparator.kt @@ -1,8 +1,10 @@ -package dev.kosmx.needle.core +package dev.kosmx.needle.util import org.objectweb.asm.tree.* -object InsnComparator { + +class InsnComparator { + // comparator options, it may be needed to strictly enforce/omit policies fun compare(a: AbstractInsnNode, b: AbstractInsnNode): Boolean { if (a.opcode != b.opcode) return false diff --git a/api/src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt b/api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt similarity index 98% rename from api/src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt rename to api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt index 3f33f33..6cfd780 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/lib/Matcher.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt @@ -1,4 +1,4 @@ -package dev.kosmx.needle.lib +package dev.kosmx.needle.util /** * O(n+m) pattern matching with Knuth-Morris-Pratt algo diff --git a/api/src/main/resources/logging.properties b/api/src/main/resources/logging.properties index a587e01..8309498 100644 --- a/api/src/main/resources/logging.properties +++ b/api/src/main/resources/logging.properties @@ -1,3 +1,3 @@ -dev.kosmx.needle.lib=WARNING +dev.kosmx.needle.util=WARNING me.coley=WARNING \ No newline at end of file diff --git a/api/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt b/api/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt index f89b7e7..bd5626b 100644 --- a/api/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt +++ b/api/src/test/kotlin/dev/kosmx/jarchecker/lib/MatcherTest.kt @@ -1,7 +1,7 @@ package dev.kosmx.jarchecker.lib -import dev.kosmx.needle.lib.Word -import dev.kosmx.needle.lib.match +import dev.kosmx.needle.util.Word +import dev.kosmx.needle.util.match import org.junit.jupiter.api.Assertions import org.junit.jupiter.api.Test diff --git a/cli/build.gradle.kts b/cli/build.gradle.kts index 5886ae2..92fc928 100644 --- a/cli/build.gradle.kts +++ b/cli/build.gradle.kts @@ -22,6 +22,7 @@ dependencies { testImplementation(libs.bundles.kotlinx.coroutines.debugging) implementation(libs.kotlinx.cli) + implementation(libs.slf4k) implementation(libs.logback) testImplementation(kotlin("test")) diff --git a/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt b/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt index 4557e6d..6afbe9d 100644 --- a/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt +++ b/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt @@ -8,11 +8,15 @@ import kotlinx.cli.ArgType import kotlinx.cli.default import kotlinx.cli.required import kotlinx.coroutines.runBlocking +import org.slf4j.kotlin.debug +import org.slf4j.kotlin.toplevel.getLogger import kotlin.io.path.Path import kotlin.jvm.internal.Ref.IntRef import kotlin.time.ExperimentalTime import kotlin.time.measureTime +// top-level logger, slow! +private val logger by getLogger() @OptIn(ExperimentalTime::class) fun main(args: Array) { @@ -30,6 +34,7 @@ fun main(args: Array) { CheckWrapper.init(databaseUrl, Path(databaseLocation)) + logger.debug { "Strarting CLI run, file=$file, database=$databaseUrl, local cache=$databaseLocation" } val path = Path(file) if (path.toFile().isFile) { diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6407826..2465ad0 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -106,7 +106,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "1.6.0" } +lljzip = { group = "software.coley", name = "lljzip", version = "1.6.1" } diff --git a/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt index 846ab8a..eb2bbab 100644 --- a/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt +++ b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt @@ -2,7 +2,7 @@ package dev.kosmx.needle.launchWrapper import dev.kosmx.needle.CheckWrapper import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.logger +import org.slf4j.kotlin.getLogger import org.slf4j.kotlin.warn import java.lang.instrument.Instrumentation import kotlin.io.path.Path @@ -12,6 +12,7 @@ import kotlin.time.measureTime object JavaAgentLauncher { private var checked = false // avoid double runs + private val logger by getLogger() @JvmStatic fun premain(agentArgs: String?, inst: Instrumentation) { From a39a776ddc88d5a544bc63506ace98f915d49306 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sat, 17 Jun 2023 15:46:34 +0200 Subject: [PATCH 008/114] debug logger config --- logback-debug.xml | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 logback-debug.xml diff --git a/logback-debug.xml b/logback-debug.xml new file mode 100644 index 0000000..8710649 --- /dev/null +++ b/logback-debug.xml @@ -0,0 +1,40 @@ + + + true + + + + true + + %d %-24([%.-22(%thread)]) %highlight(%-5level) %-48logger{48} - %highlight(%msg){}%n{}%ex{full,DISPLAY_EX_EVAL} + + + + + + ${LOG_DIR}/jNeedle.log + + + ${LOG_DIR}/jNeedle.%d{yyyy-MM-dd}.%i.log.gz + + 60 + 5GB + 10MB + + + %d %-32([%.-30(%thread)]) %-5level %-64logger{64} - %msg{}%n{}%ex{full, DISPLAY_EX_EVAL} + + + + + + + + + + + + + + + \ No newline at end of file From 8ddc4623b9d4853edd5bbe08d451407d8e9d1322 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sat, 17 Jun 2023 23:59:38 +0200 Subject: [PATCH 009/114] Create new interfaces for rules, matcher and result --- .../dev/kosmx/needle/matcher/IMatchRule.kt | 80 +++++++++++++++++++ .../needle/matcher/result/ClassScanResult.kt | 21 +++++ .../needle/matcher/result/IScanResult.kt | 9 +++ .../kosmx/needle/matcher/result/Severity.kt | 7 ++ .../dev/kosmx/needle/util/InsnSequence.kt | 7 ++ 5 files changed, 124 insertions(+) create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/util/InsnSequence.kt diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt new file mode 100644 index 0000000..3b7bde8 --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt @@ -0,0 +1,80 @@ +package dev.kosmx.needle.matcher + +import dev.kosmx.needle.matcher.result.IScanResult +import org.objectweb.asm.tree.AbstractInsnNode +import org.objectweb.asm.tree.ClassNode +import org.objectweb.asm.tree.MethodNode +import software.coley.llzip.format.model.LocalFileHeader + +/** + * Represents a rule + * The implementation should be effectively immutable and thread-safe + * For every jar file, a matcher will be created + */ +fun interface IMatchRule { + + /** + * Create a matcher for the specific jar + * This method may validate ZipArchive but class checking shouldn't be done here. + * @param context File context containing path and ZipFile. It may be used for extra validation or scanner delegation + * @return JarMatcher or null if no checking is needed for this jar file + */ + fun getJarMatcher(context: FileMatchContext): IJarMatcher? +} + + +/** + * Mutable matcher type for specific JAR + * [getClassMatcher] used to verify classes and create class checkers + * Implementation may not be thread-safe, invocation order is strictly + * 1. [IMatchRule.getJarMatcher] will be invoked for every matchRule, creating matchers for the specific jar. (this should be thread-safe) + * 2. [IJarMatcher.getClassMatcher] will be invoked on instance + * 3. [IClassMatcher.matchMethod] will be invoked on every method in the class (including and ). The invocation order isn't specified + * 4. [IJarMatcher.postClassMatch] will be invoked after all methods in the class are matched, ideally to process same-class conditions. + * 5. [IJarMatcher.getMatchResult] will be invoked to get match result + * + * After step 1 and before step 5 [IJarMatcher.matchAsset] will be invoked on every asset. It doesn't have to be thread-safe but invocation order is not specified. + * + * A single class may implement [IJarMatcher] and [IClassMatcher] at the same time. + * In this case [getClassMatcher] can be used to filter classes + */ +interface IJarMatcher { + + /** + * Get checker object for specific class + * @param clazz class to check + * @return ClassMatcher or null to skip checking this class + */ + fun getClassMatcher(clazz: ClassNode): IClassMatcher? = null + + /** + * Invoked when all method is matched in current class + */ + fun postClassMatch() = Unit + + /** + * Match asset + * @param assetHeader file header + * @param asset lazy-evaluated asset data + */ + fun matchAsset(assetHeader: LocalFileHeader, asset: Lazy) = Unit + + /** + * After every class is checked in the JAR, this function will return [IScanResult] or null if no matches were found + */ + fun getMatchResult(): IScanResult? +} + +/** + * match classes + */ +fun interface IClassMatcher { + + /** + * Run match on instruction sequence. If matches, the corresponding [IJarMatcher] will return match results + * @param method method object for optional validation + * @param instructions method instruction sequence + */ + fun matchMethod(method: MethodNode, instructions: Sequence) +} + diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt new file mode 100644 index 0000000..af52d67 --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt @@ -0,0 +1,21 @@ +package dev.kosmx.needle.matcher.result + +data class ClassMatchResult( + override val malware: String, + override val rule: String, + override val severity: Severity, + val clues: Set, +) : IScanResult { + + constructor(malware: String, rule: String, severity: Severity, vararg clues: ClueMatchResult) : this(malware, rule, severity, clues.toSet()) + + override val extra: String + get() = if (clues.isNotEmpty()) clues.toString() else "" +} + + +data class ClueMatchResult( + val clue: String, + val `class`: String, + val method: String, +) diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt new file mode 100644 index 0000000..446038c --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt @@ -0,0 +1,9 @@ +package dev.kosmx.needle.matcher.result + +interface IScanResult { + val malware: String + val rule: String + val severity: Severity + val extra: String + get() = "" +} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt new file mode 100644 index 0000000..84ac1bb --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt @@ -0,0 +1,7 @@ +package dev.kosmx.needle.matcher.result + +enum class Severity(val level: Int) { + INFORMATION(0), + WARNING(1), + SEVERE(2), +} diff --git a/api/src/main/kotlin/dev/kosmx/needle/util/InsnSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/util/InsnSequence.kt new file mode 100644 index 0000000..43ef889 --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/util/InsnSequence.kt @@ -0,0 +1,7 @@ +package dev.kosmx.needle.util + +import dev.kosmx.needle.util.Word +import org.objectweb.asm.tree.AbstractInsnNode + +typealias InsnSequence = Word + From dcc28b05621fca963f27cceee34a3d6ae7a39d75 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 00:58:17 +0200 Subject: [PATCH 010/114] Move utility stuff --- .../dev/kosmx/needle/matcher/impl/Util.kt | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/impl/Util.kt diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/Util.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/Util.kt new file mode 100644 index 0000000..56a60ac --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/Util.kt @@ -0,0 +1,21 @@ +package dev.kosmx.needle.matcher.impl + +import dev.kosmx.needle.util.InsnComparator +import dev.kosmx.needle.util.Word +import org.objectweb.asm.tree.AbstractInsnNode +import org.objectweb.asm.tree.MethodNode + + +internal fun Array.toWord(): Word { + return Word(this, InsnComparator()::compare) +} + +internal fun List.toWord(): Word { + return Word(this.toTypedArray(), InsnComparator()::compare) +} + + +fun Sequence.filterDebugCodes() = filter { it.opcode != -1 } + +val MethodNode.id: String + get() = "$name$desc" From 8a0f541f1655435ed29389eba6e935f60975cc64 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 00:59:01 +0200 Subject: [PATCH 011/114] remove unneeded lazy --- api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt b/api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt index 6cfd780..d72f0c4 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/util/KMP.kt @@ -9,7 +9,7 @@ class Word(val word: Array, private val comparator: (T, T) -> Boolean = { init { require(word.isNotEmpty()) { "Matcher can't match empty word" } } - private val pattern by lazy { Pattern() } + private val pattern = Pattern() fun matcher() = Matcher(pattern) From 57c54fb7d71ef7db5fbbbcaea95176606883d206 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 01:02:11 +0200 Subject: [PATCH 012/114] Refactor whole scanning logic, make future extension easier, classes are grouped based on function, IJarMatcher interface should allow complex rules in the future. --- .../kotlin/dev/kosmx/needle/CheckWrapper.kt | 114 ++---------- .../dev/kosmx/needle/core/AssetChecker.kt | 32 ---- .../dev/kosmx/needle/core/ClassChecker.kt | 35 ---- .../dev/kosmx/needle/core/JarCheckMatch.kt | 11 -- .../dev/kosmx/needle/core/JarCheckResult.kt | 15 -- .../dev/kosmx/needle/core/JarChecker.kt | 101 ----------- .../dev/kosmx/needle/database/AssetMatch.kt | 10 -- .../dev/kosmx/needle/database/ClassMatch.kt | 15 -- .../dev/kosmx/needle/database/FileParser.kt | 116 ------------ .../kotlin/dev/kosmx/needle/database/Init.kt | 9 +- .../kotlin/dev/kosmx/needle/database/Match.kt | 8 - .../kosmx/needle/database/MatchSequence.kt | 26 --- .../hardCodedDetectors/HardCodedDetectors.kt | 4 +- .../needle/database/serializing/FileParser.kt | 95 ++++++++++ .../kosmx/needle/matcher/FileMatchContext.kt | 24 +++ .../dev/kosmx/needle/matcher/IMatchRule.kt | 1 + .../needle/matcher/impl/DataMatchRule.kt | 19 ++ .../impl/legacy}/MatchFilteredSequence.kt | 7 +- .../matcher/impl/legacy/MatchSequence.kt | 54 ++++++ .../impl/legacy}/WildcardMatch.kt | 39 +++-- .../needle/matcher/result/IScanResult.kt | 7 +- .../dev/kosmx/needle/scanner/ClassScanner.kt | 50 ++++++ .../dev/kosmx/needle/scanner/JarScanner.kt | 84 +++++++++ .../dev/kosmx/needle/scanner/ScanConfig.kt | 165 ++++++++++++++++++ .../dev/kosmx/needle/util/InsnSequence.kt | 1 - 25 files changed, 549 insertions(+), 493 deletions(-) delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/Match.kt delete mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/impl/DataMatchRule.kt rename api/src/main/kotlin/dev/kosmx/needle/{database => matcher/impl/legacy}/MatchFilteredSequence.kt (73%) create mode 100644 api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt rename api/src/main/kotlin/dev/kosmx/needle/{database => matcher/impl/legacy}/WildcardMatch.kt (52%) create mode 100644 api/src/main/kotlin/dev/kosmx/needle/scanner/ClassScanner.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt create mode 100644 api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt diff --git a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt index 74b0b86..d25c390 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt @@ -2,76 +2,52 @@ package dev.kosmx.needle -import dev.kosmx.needle.core.JarCheckResult -import dev.kosmx.needle.core.JarChecker -import dev.kosmx.needle.database.Database -import kotlinx.coroutines.* -import kotlinx.coroutines.channels.Channel -import kotlinx.coroutines.channels.ReceiveChannel -import software.coley.llzip.ZipIO +import dev.kosmx.needle.matcher.result.IScanResult +import dev.kosmx.needle.matcher.result.ScanResult +import dev.kosmx.needle.scanner.ScanConfig +import kotlinx.coroutines.CoroutineDispatcher +import kotlinx.coroutines.Dispatchers import software.coley.llzip.format.model.ZipArchive -import java.io.File -import java.io.InputStream import java.nio.file.Path -import java.util.jar.JarInputStream -import kotlin.io.path.Path import kotlin.jvm.internal.Ref.IntRef -typealias ScanResult = Pair> - /** * Wrapper (static class) for easier API use * * First call init(...) - * Then when it's returned the program state is effectively immutable, calling check functions is thread-safe + * Then when it's returned the wrapper state is effectively immutable, calling check functions is thread-safe * - * re-initialization is possible, it will refresh the database (should be thread-safe, but I wouldn't bet on it) + * re-initialization is possible, it will refresh the database (should be thread-safe) */ object CheckWrapper { - private var initialized = false + private lateinit var scanConfig: ScanConfig - private val defaultUrl = System.getProperty("dev.kosmx.jneedle.remoteDatabase") ?: String( - JarCheckResult::class.java.getResourceAsStream("/url")!!.readBytes() - ) @JvmStatic @JvmOverloads fun init( - databaseUrl: String? = defaultUrl, - databaseLocation: Path = databasePath + databaseUrl: String? = ScanConfig.Defaults.defaultUrl, + databaseLocation: Path = ScanConfig.Defaults.databasePath, ) { - - databaseLocation.toFile().mkdirs() - Database.init(databaseUrl, databaseLocation) - initialized = true + scanConfig = ScanConfig(databaseUrl, databaseLocation) } - val databasePath: Path - get() = System.getProperty("dev.kosmx.jneedle.databasePath")?.let { Path(it) } - ?: Path(System.getProperty("user.home")).resolve(".jneedle") // TODO: 2023-06-11 We should use ~/.cache/jneedle instead - /** * Run the check for the given jar file. path has to point to a jar file * throws IOException if can't open */ @JvmStatic - fun checkJar(path: Path): Set { - require(initialized) { "Cannot run check before initialization is complete" } - - ZipIO.readJvm(path).use { jar -> - return checkJar(jar) - } + fun checkJar(path: Path): Set { + return scanConfig.checkJar(path) } /** * Check jar input stream, can be used from memory files or web API backend */ @JvmStatic - fun checkJar(zipArchive: ZipArchive): Set { - require(initialized) { "Cannot run check before initialization is complete" } - - return JarChecker.checkJar(zipArchive) + fun checkJar(zipArchive: ZipArchive): Set { + return scanConfig.checkJar(zipArchive) } /** @@ -83,9 +59,7 @@ object CheckWrapper { fun checkPathBlocking( path: Path, threads: Int = Runtime.getRuntime().availableProcessors() * 4 - ): List = runBlocking { - checkPath(path, threads) - } + ): List = scanConfig.checkPathBlocking(path, threads) /** * async checks everything on the path. If the path points to a single file, it will not start threading @@ -96,66 +70,12 @@ object CheckWrapper { * @return check result */ //@JvmStatic this can only be used from Kotlin, fancy java interface isn't needed - @OptIn(ExperimentalStdlibApi::class) suspend fun checkPath( path: Path, threads: Int = Runtime.getRuntime().availableProcessors() * 4, dispatcher: CoroutineDispatcher = Dispatchers.IO, jarVisitCallback: ((ScanResult) -> Unit) = { }, scannedCount: IntRef = IntRef(), - ): List = coroutineScope { - require(initialized) { "Cannot run check before initialization is complete" } - if (path.toFile().isFile) { // single file selection case - return@coroutineScope listOf(path.toFile() to checkJar(path).also { - scannedCount.element++ - jarVisitCallback(path.toFile() to it) - }) - } - - val fileChannel = Channel(threads) // fine-tuning may be needed - val receiveChannel: ReceiveChannel = fileChannel - - val resultChannel = Channel>(threads) - - // Set the fileChannel source. This should effectively endlessly generate files (or as long as there is anything left) - launch { - var count = 0 - path.toFile().walk().forEach { - if (it.extension == "jar" && it.isFile) { - count++ - fileChannel.send(it) // channel has finite size, it will suspend if the buffer is full - } - } - scannedCount.element = count - fileChannel.close() // all files are sent, "insert close element" - } - - for (i in 0..() - - // for on a channel will receive elements as long as there is any. - // "if there is a new job, do it." - for (file in receiveChannel) { - val r = JarChecker.checkJar(file) - if (r.isNotEmpty()) { - jarVisitCallback(file to r) - results += file to r - } - } - // send back the result - resultChannel.send(results) - } - } - - - val results = mutableListOf() - for (i in 0.. = scanConfig.checkPath(path, threads, dispatcher, jarVisitCallback, scannedCount) } diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt deleted file mode 100644 index 6ba180f..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/core/AssetChecker.kt +++ /dev/null @@ -1,32 +0,0 @@ -package dev.kosmx.needle.core - -import dev.kosmx.needle.database.AssetMatch -import software.coley.llzip.format.model.LocalFileHeader -import java.util.jar.JarEntry - -/** - * invoked for every non-class file - */ -object AssetChecker { - - private lateinit var assets: List - - fun checkAsset(bytes: Lazy, asset: LocalFileHeader): Set { - - val result = mutableSetOf() - - - assets.forEach { m -> - if (m.match(bytes, asset)) { - result += m.checkResult() - } - } - - - return result - } - - fun init(assetMatches: List) { - assets = assetMatches - } -} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt deleted file mode 100644 index 313f358..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/core/ClassChecker.kt +++ /dev/null @@ -1,35 +0,0 @@ -package dev.kosmx.needle.core - -import dev.kosmx.needle.database.ClassMatch -import org.objectweb.asm.ClassReader -import org.objectweb.asm.tree.ClassNode - - -object ClassChecker { - - fun init(p: List) { - sequences = p - } - - private lateinit var sequences: List - - - fun checkClass(classReader: ClassReader): Set { - val result = mutableSetOf() - - val node = ClassNode() - classReader.accept(node, ClassReader.SKIP_DEBUG) - - node.methods.forEach { method -> - for (word in sequences) { - if (word.match(method.instructions.asSequence()) != -1) { - result += word.checkResult().copy(node = node.name ,method = "${method.name};${method.desc}") - } - } - method.instructions - } - - return result - } - -} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt deleted file mode 100644 index fc7504b..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckMatch.kt +++ /dev/null @@ -1,11 +0,0 @@ -package dev.kosmx.needle.core - -data class JarCheckMatch( - override val status: MatchType, - val id: String, - val matchId: String = "", - val node: String? = null, - val method: String? = null, -) : JarCheckResult { - override fun getMessage() = if (matchId.isEmpty()) "$status($id)" else "$status($id, clue=$matchId)" -} diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt deleted file mode 100644 index 46585a9..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/core/JarCheckResult.kt +++ /dev/null @@ -1,15 +0,0 @@ -package dev.kosmx.needle.core - -import kotlinx.serialization.Serializable - -interface JarCheckResult { - val status: MatchType - fun getMessage(): String -} - -@Serializable -enum class MatchType { - INFO, - POTENTIAL, - MALWARE, -} diff --git a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt b/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt deleted file mode 100644 index 828e4f3..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/core/JarChecker.kt +++ /dev/null @@ -1,101 +0,0 @@ -package dev.kosmx.needle.core - -import dev.kosmx.needle.CheckWrapper -import me.coley.cafedude.classfile.ClassFile -import me.coley.cafedude.io.ClassFileReader -import me.coley.cafedude.io.ClassFileWriter -import me.coley.cafedude.transform.IllegalStrippingTransformer -import org.objectweb.asm.ClassReader -import org.slf4j.kotlin.getLogger -import org.slf4j.kotlin.info -import org.slf4j.kotlin.warn -import software.coley.llzip.ZipIO -import software.coley.llzip.format.compression.ZipCompressions -import software.coley.llzip.format.model.LocalFileHeader -import software.coley.llzip.format.model.ZipArchive -import software.coley.llzip.util.ByteDataUtil -import java.io.File -import java.io.IOException - - -object JarChecker { - private val logger by getLogger() - - fun checkJar(file: File): Set { - try { - ZipIO.readJvm(file.toPath()).use { jar -> - return CheckWrapper.checkJar(jar) - } - } catch (t: Throwable) { - logger.warn { - t.printStackTrace() - "Failed to open $file" - } - } - return setOf() - } - - fun checkJar(jar: ZipArchive): Set { - val results = mutableSetOf() - classEntry@for (jarEntry in jar) { - val byteData by lazy { ZipCompressions.decompress(jarEntry) } - val bytes = lazy { ByteDataUtil.toByteArray(byteData)!! } - if (jarEntry.fileNameAsString.endsWith(".class") || jarEntry.fileNameAsString.endsWith(".class/")) { - try { - results += checkClassFile(bytes.value, jarEntry) - continue@classEntry - } catch (e: IOException) { - //results += JarCheckMatch(MatchType.POTENTIAL, "Illegal .class file: ${jarEntry.name}") - } - } else if (jarEntry.fileNameAsString.endsWith(".jar")) { - try { - - ZipIO.readJvm(byteData).use { nestedJar -> - results += CheckWrapper.checkJar(nestedJar) - } - continue@classEntry - } catch (t: Throwable) { - results += JarCheckMatch(MatchType.INFO, "Failed to open nested jar: ${t.message}") - logger.info { - t.printStackTrace() - t.message ?: "" - } - } - } - - try { - results += AssetChecker.checkAsset(bytes, jarEntry) - } catch (t: Throwable) { - results += JarCheckMatch(MatchType.INFO, "Asset checker failed: ${t.message}") - } - - } - - return results - } - - private fun checkClassFile(bytes: ByteArray, jarEntry: LocalFileHeader): Set { - try { - val classReader = ClassReader(bytes) - - return ClassChecker.checkClass(classReader) - } catch (t: Throwable) { - return try { - - val cr = ClassFileReader() - val classFile: ClassFile = cr.read(bytes) - IllegalStrippingTransformer(classFile).transform() - val classBytes = ClassFileWriter().write(classFile) - ClassChecker.checkClass(ClassReader(classBytes))// + JarCheckMatch(MatchType.POTENTIAL, "unlikely obfuscated") - - } catch (t: Throwable) { - throw IOException("can't read class file") - } - } - } -} - -fun ZipArchive.asSequence() = localFiles.asSequence().map { it } - -operator fun ZipArchive.iterator(): Iterator = this.asSequence().iterator() - diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt deleted file mode 100644 index db9bc85..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/database/AssetMatch.kt +++ /dev/null @@ -1,10 +0,0 @@ -package dev.kosmx.needle.database - -import org.objectweb.asm.tree.AbstractInsnNode -import software.coley.llzip.format.model.LocalFileHeader -import java.util.jar.JarEntry - -interface AssetMatch : Match { - fun match(data: Lazy, jarEntry: LocalFileHeader): Boolean -} - diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt deleted file mode 100644 index 9f828e0..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/database/ClassMatch.kt +++ /dev/null @@ -1,15 +0,0 @@ -package dev.kosmx.needle.database - -import dev.kosmx.needle.core.JarCheckMatch -import org.objectweb.asm.tree.AbstractInsnNode - -interface ClassMatch : Match { - fun match(instructions: Sequence): Int - - override fun checkResult(): JarCheckMatch -} - -fun Sequence.filterMutable() = filterDebugInfo() - - -fun Sequence.filterDebugInfo() = filter { it.opcode != -1 } diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt deleted file mode 100644 index 22d51ea..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/database/FileParser.kt +++ /dev/null @@ -1,116 +0,0 @@ -package dev.kosmx.needle.database - -import dev.kosmx.needle.util.InsnComparator -import dev.kosmx.needle.core.JarCheckMatch -import dev.kosmx.needle.core.JarCheckResult -import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.util.Word -import kotlinx.serialization.ExperimentalSerializationApi -import kotlinx.serialization.Serializable -import kotlinx.serialization.json.Json -import org.objectweb.asm.ClassReader -import org.objectweb.asm.tree.AbstractInsnNode -import org.objectweb.asm.tree.ClassNode -import org.slf4j.kotlin.error -import org.slf4j.kotlin.getLogger -import software.coley.llzip.format.model.LocalFileHeader -import java.nio.file.Path -import java.util.* -import java.util.jar.JarFile -import kotlin.io.path.extension - -object FileParser { - private val logger by getLogger() - - @OptIn(ExperimentalSerializationApi::class) - fun parseFile(path: Path): Match? { - try { - return when (path.extension) { - "jasm" -> { - JarFile(path.toFile()).use { jar -> - val info = Json.decodeFromString(jar.getInputStream(jar.getJarEntry("info.json")).asString()) - - - val tree = ClassNode() - ClassReader(jar.getInputStream(jar.getJarEntry("content.class")).readBytes()).accept( - tree, - ClassReader.SKIP_DEBUG - ) - - if (info.wildcardType) { - WildcardMatch( - info.name, - tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), - info.threat, - info.matchId, - info.filterType, - ) - } else if (info.filterType) { - MatchFilteredSequence ( - info.name, - tree.methods.find { it.name == "pattern" }!!.instructions.toArray().toWord(), - info.threat, - matchId = info.matchId - ) - } else { - MatchSequence( - info.name, - tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), - info.threat, - matchId = info.matchId - ) - } - } - } - - "asset" -> { - path.toFile().inputStream().use { - Json.decodeFromString(it.asString()) - } - } - - else -> null - } - } catch (e: Exception) { - logger.error { - e.printStackTrace() - "Failed to load database entry: $path reason: ${e.message}" - } - return null - } - } -} - -private fun Array.toWord(): Word { - return Word(this, InsnComparator()::compare) -} - -@Serializable -data class Info( - val name: String, - val threat: MatchType = MatchType.MALWARE, - val encoded: Boolean = false, - val matchId: String = "", - val filterType: Boolean = false, - val wildcardType: Boolean = false, -) - - - -@Serializable -data class Asset(val name: String, val threat: MatchType = MatchType.POTENTIAL, val data: String? = null, val fileName: String? = null) : - AssetMatch { - private val bytes by lazy { data?.let { Base64.getDecoder().decode(it) } } - override fun match(data: Lazy, jarEntry: LocalFileHeader): Boolean { - if (fileName != null && jarEntry.fileNameAsString != name) return false - - return if (bytes != null) { - data.value.contentEquals(bytes) - } else { - true - } - } - - override fun checkResult(): JarCheckResult = JarCheckMatch(threat, name) - -} diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt index 6ec7725..0ae54f8 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt @@ -1,8 +1,8 @@ package dev.kosmx.needle.database -import dev.kosmx.needle.core.AssetChecker -import dev.kosmx.needle.core.ClassChecker import dev.kosmx.needle.database.hardCodedDetectors.HardCodedDetectors +import dev.kosmx.needle.database.serializing.FileParser +import dev.kosmx.needle.matcher.IMatchRule import kotlinx.coroutines.* import kotlinx.serialization.Serializable import kotlinx.serialization.json.Json @@ -25,8 +25,7 @@ object Database { private val logger by getLogger() - fun init(databaseUrl: String?, dataPath: Path) { - val database = mutableListOf() + fun init(database: MutableList, databaseUrl: String?, dataPath: Path) { try { if (databaseUrl != null) { var localDbVersion = -1 @@ -59,8 +58,6 @@ object Database { } database += HardCodedDetectors.getHardCodedDetectors() - ClassChecker.init(database.filterIsInstance()) - AssetChecker.init(database.filterIsInstance()) } private fun updateDb(databaseUrl: String, dataPath: Path) { diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/Match.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Match.kt deleted file mode 100644 index 618e30d..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/database/Match.kt +++ /dev/null @@ -1,8 +0,0 @@ -package dev.kosmx.needle.database - -import dev.kosmx.needle.core.JarCheckResult - -interface Match { - - fun checkResult() : JarCheckResult -} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt deleted file mode 100644 index 4fe5fbc..0000000 --- a/api/src/main/kotlin/dev/kosmx/needle/database/MatchSequence.kt +++ /dev/null @@ -1,26 +0,0 @@ -package dev.kosmx.needle.database - -import dev.kosmx.needle.util.InsnComparator -import dev.kosmx.needle.core.JarCheckMatch -import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.util.Word -import dev.kosmx.needle.util.match -import org.objectweb.asm.tree.AbstractInsnNode - -typealias InsnSequence = Word - -open class MatchSequence( - private val id: String, - private val word: InsnSequence, - private val matchType: MatchType = MatchType.MALWARE, - private val matchId: String = "", - ): - ClassMatch { - override fun match(instructions: Sequence): Int = - word.match(instructions.filterMutable()) - - constructor(id: String, instructions: Array, matchType: MatchType = MatchType.MALWARE, matchId: String = "") : - this(id, Word(instructions, InsnComparator()::compare), matchType, matchId = matchId) - - override fun checkResult(): JarCheckMatch = JarCheckMatch(matchType, id, matchId) -} diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt b/api/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt index e2de299..e3edfb0 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/hardCodedDetectors/HardCodedDetectors.kt @@ -1,9 +1,9 @@ package dev.kosmx.needle.database.hardCodedDetectors -import dev.kosmx.needle.database.Match +import dev.kosmx.needle.matcher.IMatchRule object HardCodedDetectors { - fun getHardCodedDetectors(): List = listOf( + fun getHardCodedDetectors(): List = listOf( ) } \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt new file mode 100644 index 0000000..07c4fc0 --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt @@ -0,0 +1,95 @@ +package dev.kosmx.needle.database.serializing + +import dev.kosmx.needle.database.asString +import dev.kosmx.needle.matcher.IMatchRule +import dev.kosmx.needle.matcher.impl.legacy.MatchFilteredSequence +import dev.kosmx.needle.matcher.impl.legacy.MatchSequence +import dev.kosmx.needle.matcher.impl.legacy.WildcardMatch +import dev.kosmx.needle.matcher.impl.toWord +import dev.kosmx.needle.matcher.result.Severity +import kotlinx.serialization.Serializable +import kotlinx.serialization.json.Json +import org.objectweb.asm.ClassReader +import org.objectweb.asm.tree.ClassNode +import org.slf4j.kotlin.error +import org.slf4j.kotlin.getLogger +import java.nio.file.Path +import java.util.jar.JarFile +import kotlin.io.path.extension + +object FileParser { + private val logger by getLogger() + + fun parseFile(path: Path): IMatchRule? { + try { + return when (path.extension) { + "jasm" -> { + JarFile(path.toFile()).use { jar -> + val info = + Json.decodeFromString(jar.getInputStream(jar.getJarEntry("info.json")).asString()) + + + val tree = ClassNode() + ClassReader(jar.getInputStream(jar.getJarEntry("content.class")).readBytes()).accept( + tree, + ClassReader.SKIP_DEBUG + ) + + if (info.wildcardType) { + IMatchRule { + WildcardMatch( + info.name, + tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), + info.threat, + info.matchId, + info.filterType, + ) + } + } else if (info.filterType) { + IMatchRule { + MatchFilteredSequence( + info.name, + tree.methods.find { it.name == "pattern" }!!.instructions.toArray().toWord(), + info.threat, + matchId = info.matchId + ) + } + } else { + IMatchRule { + MatchSequence( + info.name, + tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), + info.threat, + matchId = info.matchId + ) + } + } + } + } + + "asset" -> TODO() + + else -> null + } + } catch (e: Exception) { + logger.error { + e.printStackTrace() + "Failed to load database entry: $path reason: ${e.message}" + } + return null + } + } +} + + +@Serializable +data class Info( + val name: String, + val threat: Severity = Severity.SEVERE, + val encoded: Boolean = false, + val matchId: String = "", + val filterType: Boolean = false, + val wildcardType: Boolean = false, +) + + diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt new file mode 100644 index 0000000..964836a --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt @@ -0,0 +1,24 @@ +package dev.kosmx.needle.matcher + +import dev.kosmx.needle.scanner.ScanConfig +import software.coley.llzip.format.model.ZipArchive +import java.nio.file.Path + + +/** + * Context for file matching + */ +data class FileMatchContext( + /** + * Current scan configuration + */ + val config: ScanConfig, + /** + * zipArchive of the jar. DO NOT CLOSE + */ + val jar: ZipArchive, + /** + * efficient string matcher, string equality should be delegated for efficiency + */ + // val stringMatcher +) diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt index 3b7bde8..92ad662 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt @@ -61,6 +61,7 @@ interface IJarMatcher { /** * After every class is checked in the JAR, this function will return [IScanResult] or null if no matches were found + * Conditions may be evaluated when this is invoked */ fun getMatchResult(): IScanResult? } diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/DataMatchRule.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/DataMatchRule.kt new file mode 100644 index 0000000..fa0434f --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/DataMatchRule.kt @@ -0,0 +1,19 @@ +package dev.kosmx.needle.matcher.impl + +import dev.kosmx.needle.matcher.FileMatchContext +import dev.kosmx.needle.matcher.IJarMatcher +import dev.kosmx.needle.matcher.IMatchRule + +/** + * Match rule defined by database. It should be serializable // TODO + * + */ +class DataMatchRule : IMatchRule { + + + + override fun getJarMatcher(context: FileMatchContext): IJarMatcher? { + TODO("Not yet implemented") + } + +} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchFilteredSequence.kt similarity index 73% rename from api/src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt rename to api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchFilteredSequence.kt index 7fe9680..32b9dcd 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/MatchFilteredSequence.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchFilteredSequence.kt @@ -1,13 +1,14 @@ -package dev.kosmx.needle.database +package dev.kosmx.needle.matcher.impl.legacy -import dev.kosmx.needle.core.MatchType +import dev.kosmx.needle.util.InsnSequence +import dev.kosmx.needle.matcher.result.Severity import org.objectweb.asm.tree.AbstractInsnNode class MatchFilteredSequence ( id: String, word: InsnSequence, - matchType: MatchType = MatchType.MALWARE, + matchType: Severity = Severity.SEVERE, matchId: String = "", private val typeFilter: Set> = word.word.map { it::class.java }.toSet() ) diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt new file mode 100644 index 0000000..a1cadff --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt @@ -0,0 +1,54 @@ +package dev.kosmx.needle.matcher.impl.legacy + +import dev.kosmx.needle.util.InsnSequence +import dev.kosmx.needle.matcher.IClassMatcher +import dev.kosmx.needle.matcher.IJarMatcher +import dev.kosmx.needle.matcher.impl.filterDebugCodes +import dev.kosmx.needle.matcher.impl.id +import dev.kosmx.needle.matcher.result.ClassMatchResult +import dev.kosmx.needle.matcher.result.ClueMatchResult +import dev.kosmx.needle.matcher.result.IScanResult +import dev.kosmx.needle.matcher.result.Severity +import dev.kosmx.needle.util.InsnComparator +import dev.kosmx.needle.util.Word +import dev.kosmx.needle.util.match +import org.objectweb.asm.tree.AbstractInsnNode +import org.objectweb.asm.tree.ClassNode +import org.objectweb.asm.tree.MethodNode + +open class MatchSequence( + private val id: String, + private val word: InsnSequence, + private val matchType: Severity = Severity.SEVERE, + private val matchId: String = "", +) : IJarMatcher, IClassMatcher { + + private var match: IScanResult? = null + lateinit var lastClass: ClassNode + + protected open fun match(instructions: Sequence): Int = + word.match(instructions.filterDebugCodes()) + + + constructor( + id: String, + instructions: Array, + matchType: Severity = Severity.SEVERE, + matchId: String = "" + ) : + this(id, Word(instructions, InsnComparator()::compare), matchType, matchId = matchId) + + private fun checkResult(): ClassMatchResult = ClassMatchResult(id, matchId, matchType) + override fun getClassMatcher(clazz: ClassNode): IClassMatcher { + lastClass = clazz + return this + } + + override fun getMatchResult() = match + + override fun matchMethod(method: MethodNode, instructions: Sequence) { + if (match != null && match(instructions) != -1) { + match = ClassMatchResult(id, matchId, matchType, ClueMatchResult(matchId, lastClass.name, method.id)) + } + } +} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/WildcardMatch.kt similarity index 52% rename from api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt rename to api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/WildcardMatch.kt index cd0f74c..24f0981 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/WildcardMatch.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/WildcardMatch.kt @@ -1,24 +1,32 @@ -package dev.kosmx.needle.database +package dev.kosmx.needle.matcher.impl.legacy -import dev.kosmx.needle.util.InsnComparator -import dev.kosmx.needle.core.JarCheckMatch -import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.util.Word +import dev.kosmx.needle.util.InsnSequence +import dev.kosmx.needle.matcher.IClassMatcher +import dev.kosmx.needle.matcher.IJarMatcher +import dev.kosmx.needle.matcher.impl.filterDebugCodes +import dev.kosmx.needle.matcher.impl.toWord +import dev.kosmx.needle.matcher.result.ClassMatchResult +import dev.kosmx.needle.matcher.result.IScanResult +import dev.kosmx.needle.matcher.result.Severity import dev.kosmx.needle.util.match import org.objectweb.asm.tree.AbstractInsnNode +import org.objectweb.asm.tree.ClassNode +import org.objectweb.asm.tree.MethodNode class WildcardMatch( private val id: String, word: Array, - private val matchType: MatchType = MatchType.MALWARE, + private val matchType: Severity = Severity.SEVERE, private val matchId: String = "", autoTypeFiltered: Boolean = false, -) : ClassMatch { +) : IJarMatcher, IClassMatcher { private val typeFilter: Set>? = if (autoTypeFiltered) word.map { it::class.java }.toSet() else null private val words: List + var match: IScanResult? = null + init { val words = mutableListOf() var current = mutableListOf() @@ -38,8 +46,8 @@ class WildcardMatch( this.words = words } - override fun match(instructions: Sequence): Int { - val ins = instructions.filterDebugInfo() + private fun match(instructions: Sequence): Int { + val ins = instructions.filterDebugCodes() .let { if (typeFilter != null) { it.filter { insn -> insn::class.java in typeFilter } @@ -48,15 +56,18 @@ class WildcardMatch( for (word in words) { if (word.match(ins) == -1) { - break + return -1 } } return 1 } + override fun getClassMatcher(clazz: ClassNode): IClassMatcher = this - override fun checkResult(): JarCheckMatch = JarCheckMatch(matchType, id, matchId) -} + override fun getMatchResult(): IScanResult? = match -private fun List.toWord(): Word { - return Word(this.toTypedArray(), InsnComparator()::compare) + override fun matchMethod(method: MethodNode, instructions: Sequence) { + if (match != null && match(instructions) != -1) { + match = ClassMatchResult(id, matchId, matchType) + } + } } diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt index 446038c..71e134c 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt @@ -1,9 +1,14 @@ package dev.kosmx.needle.matcher.result +import java.io.File + interface IScanResult { val malware: String val rule: String val severity: Severity val extra: String get() = "" -} \ No newline at end of file +} + + +typealias ScanResult = Pair> diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/ClassScanner.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/ClassScanner.kt new file mode 100644 index 0000000..20e29eb --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/ClassScanner.kt @@ -0,0 +1,50 @@ +package dev.kosmx.needle.scanner + +import dev.kosmx.needle.matcher.IJarMatcher +import me.coley.cafedude.classfile.ClassFile +import me.coley.cafedude.io.ClassFileReader +import me.coley.cafedude.io.ClassFileWriter +import me.coley.cafedude.transform.IllegalStrippingTransformer +import org.objectweb.asm.ClassReader +import org.objectweb.asm.ClassReader.SKIP_DEBUG +import org.objectweb.asm.tree.ClassNode +import java.io.IOException + +object ClassScanner { + fun checkClass(bytes: ByteArray, matchers: List) { + + try { + val classReader = ClassReader(bytes) + + checkClassNode(classReader, matchers) + } catch (t: Throwable) { + try { + + val cr = ClassFileReader() + val classFile: ClassFile = cr.read(bytes) + IllegalStrippingTransformer(classFile).transform() + val classBytes = ClassFileWriter().write(classFile) + checkClassNode(ClassReader(classBytes), matchers)// + JarCheckMatch(MatchType.POTENTIAL, "unlikely obfuscated") + + } catch (t: Throwable) { + throw IOException("can't read class file", t) + } + } + } + + private fun checkClassNode(classReader: ClassReader, matchers: List) { + val classNode = ClassNode() + classReader.accept(classNode, SKIP_DEBUG) + + val classMatchers = matchers.mapNotNull { it.getClassMatcher(classNode) } + + classNode.methods.forEach {method -> + classMatchers.forEach { + it.matchMethod(method, method.instructions.asSequence()) + } + } + + matchers.forEach { it.postClassMatch() } + + } +} \ No newline at end of file diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt new file mode 100644 index 0000000..a5bda4d --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt @@ -0,0 +1,84 @@ +package dev.kosmx.needle.scanner + +import dev.kosmx.needle.matcher.FileMatchContext +import dev.kosmx.needle.matcher.result.IScanResult +import org.slf4j.kotlin.debug +import org.slf4j.kotlin.getLogger +import org.slf4j.kotlin.info +import org.slf4j.kotlin.warn +import software.coley.llzip.ZipIO +import software.coley.llzip.format.compression.ZipCompressions +import software.coley.llzip.format.model.LocalFileHeader +import software.coley.llzip.format.model.ZipArchive +import software.coley.llzip.util.ByteDataUtil +import java.io.File +import java.io.IOException + + +object JarScanner { + private val logger by getLogger() + + fun checkJar(config: ScanConfig, file: File): Set { + try { + ZipIO.readJvm(file.toPath()).use { jar -> + return checkJar(config, jar) + } + } catch (t: Throwable) { + logger.warn(t) { + "Failed to open $file" + } + } + return setOf() + } + + fun checkJar(config: ScanConfig, jar: ZipArchive): Set { + val results = mutableSetOf() + val matches = config.scanRules.mapNotNull { it.getJarMatcher(FileMatchContext(config, jar)) } + + + zipEntry@for (jarEntry in jar) { + val byteData by lazy { ZipCompressions.decompress(jarEntry) } + val bytes = lazy { ByteDataUtil.toByteArray(byteData)!! } + if (jarEntry.fileNameAsString.let { it.endsWith(".class") || it.endsWith(".class/") }) { + try { + ClassScanner.checkClass(bytes.value, matches) + continue@zipEntry + } catch (e: IOException) { + logger.warn(e) { "Failed to scan class file: ${jarEntry.fileNameAsString}" } + //results += JarCheckMatch(MatchType.POTENTIAL, "Illegal .class file: ${jarEntry.name}") + } + } else if (jarEntry.fileNameAsString.let { it.endsWith(".jar") || it.endsWith(".jar/") }) { + try { + logger.debug { "Start scanning nested jar: ${jarEntry.fileNameAsString}" } + ZipIO.readJvm(byteData).use { nestedJar -> + results += checkJar(config, nestedJar) + } + continue@zipEntry + } catch (t: Throwable) { + //TODO results += JarCheckMatch(MatchType.INFO, "Failed to open nested jar: ${t.message}") + logger.info(t) { + t.message.orEmpty() + } + } + } + + try { + matches.forEach { it.matchAsset(jarEntry, bytes) } + } catch (t: Throwable) { + //TODO results += JarCheckMatch(MatchType.INFO, "Asset checker failed: ${t.message}") + logger.warn(t) { t.message.orEmpty() } + } + + } // end zipEntry + + // aand finally collect the results + results += matches.mapNotNull { it.getMatchResult() } + + return results + } +} + +fun ZipArchive.asSequence() = localFiles.asSequence().map { it } + +operator fun ZipArchive.iterator(): Iterator = this.asSequence().iterator() + diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt new file mode 100644 index 0000000..06d506c --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt @@ -0,0 +1,165 @@ +package dev.kosmx.needle.scanner + +import dev.kosmx.needle.CheckWrapper +import dev.kosmx.needle.CheckWrapper.checkPath +import dev.kosmx.needle.database.Database +import dev.kosmx.needle.matcher.IMatchRule +import dev.kosmx.needle.matcher.result.IScanResult +import dev.kosmx.needle.matcher.result.ScanResult +import kotlinx.coroutines.* +import kotlinx.coroutines.channels.Channel +import kotlinx.coroutines.channels.ReceiveChannel +import software.coley.llzip.ZipIO +import software.coley.llzip.format.model.ZipArchive +import java.io.File +import java.nio.file.Path +import kotlin.io.path.Path +import kotlin.jvm.internal.Ref + +/** + * Scan config API frontend, scan configuration + * + * After constructor is done, the class is immutable and thread-safe + * + * @param databaseUrl database server location override + * @param databaseLocation database cache location override + * @param rules extra rules to use for checker + */ +class ScanConfig +@JvmOverloads constructor( + databaseUrl: String? = Defaults.defaultUrl, + databaseLocation: Path = Defaults.databasePath, + rules: List = listOf(), +) { + /** + * Scan rules for config + */ + val scanRules: List + + init { + databaseLocation.toFile().mkdirs() + val mutableRules = rules.toMutableList() + Database.init(mutableRules, databaseUrl, databaseLocation) + + + scanRules = mutableRules + } + + + /** + * Run the check for the given jar file. path has to point to a jar file + * throws IOException if can't open + */ + fun checkJar(path: Path): Set { + ZipIO.readJvm(path).use { jar -> + return JarScanner.checkJar(this, jar) + } + } + + /** + * Check jar input stream, can be used from memory files or web API backend + */ + fun checkJar(zipArchive: ZipArchive): Set { + return JarScanner.checkJar(this, zipArchive) + } + + + /** + * Synchronous (blocking) wrapper for the async [checkPath] function for doing it async + * If you're from kotlin, please use the async version + */ + @JvmOverloads + fun checkPathBlocking( + path: Path, + threads: Int = Runtime.getRuntime().availableProcessors() * 4 + ): List = runBlocking { + CheckWrapper.checkPath(path, threads) + } + + + /** + * async checks everything on the path. If the path points to a single file, it will not start threading + * @param path the path to check, it will recursively walk on the path and check every single file + * @param threads limit the worker threads. The process can be IO bound, setting it to higher value than the actual CPU cores is normal + * @param dispatcher dispatcher for file IO checking. The function does the directory walk on the invoker thread. + * @param jarVisitCallback callback function invoked after every jar check. Invocation happens on thread, it must be thread-safe + * @return check result + */ + //@JvmStatic this can only be used from Kotlin, fancy java interface isn't needed + @OptIn(ExperimentalStdlibApi::class) + suspend fun checkPath( + path: Path, + threads: Int = Runtime.getRuntime().availableProcessors() * 4, + dispatcher: CoroutineDispatcher = Dispatchers.IO, + jarVisitCallback: ((ScanResult) -> Unit) = { }, + scannedCount: Ref.IntRef = Ref.IntRef(), + ): List = coroutineScope { + if (path.toFile().isFile) { // single file selection case + return@coroutineScope CheckWrapper.checkJar(path).also { + scannedCount.element++ + jarVisitCallback(path.toFile() to it) + }.let { + if (it.isNotEmpty()) { + listOf(path.toFile() to it) + } else listOf() + } + } + + val fileChannel = Channel(threads) // fine-tuning may be needed + val receiveChannel: ReceiveChannel = fileChannel + + val resultChannel = Channel>(threads) + + // Set the fileChannel source. This should effectively endlessly generate files (or as long as there is anything left) + launch { + var count = 0 + path.toFile().walk().forEach { + if (it.extension == "jar" && it.isFile) { + count++ + fileChannel.send(it) // channel has finite size, it will suspend if the buffer is full + } + } + scannedCount.element = count + fileChannel.close() // all files are sent, "insert close element" + } + + for (i in 0..() + + // for on a channel will receive elements as long as there is any. + // "if there is a new job, do it." + for (file in receiveChannel) { + val r = checkJar(file.toPath()) + if (r.isNotEmpty()) { + jarVisitCallback(file to r) + results += file to r + } + } + // send back the result + resultChannel.send(results) + } + } + + + val results = mutableListOf() + for (i in 0.. From d74b31fe884e1daf6737d20ff7d625ab2b443309 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 01:02:26 +0200 Subject: [PATCH 013/114] Update database generation code --- .../dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt | 4 ++-- api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt | 4 ++-- api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt index 3b93a9a..a7ec0bb 100644 --- a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Fractureiser.kt @@ -1,7 +1,7 @@ package dev.kosmx.needle.dbGen.db -import dev.kosmx.needle.core.MatchType import dev.kosmx.needle.dbGen.dsl.KDSL +import dev.kosmx.needle.matcher.result.Severity import org.objectweb.asm.Opcodes.* import org.objectweb.asm.tree.InsnNode import org.objectweb.asm.tree.IntInsnNode @@ -10,7 +10,7 @@ import org.objectweb.asm.tree.TypeInsnNode fun KDSL.fractureiser() { malwareId = "fractureiser" - type = MatchType.MALWARE + type = Severity.SEVERE "SIG1" byteCodeEntry { autoFilerInstructions = true diff --git a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt index c7c7ac9..f4401f9 100644 --- a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/Skyrage.kt @@ -1,7 +1,7 @@ package dev.kosmx.needle.dbGen.db -import dev.kosmx.needle.core.MatchType import dev.kosmx.needle.dbGen.dsl.KDSL +import dev.kosmx.needle.matcher.result.Severity import org.objectweb.asm.Opcodes import org.objectweb.asm.tree.LdcInsnNode import org.objectweb.asm.tree.MethodInsnNode @@ -9,7 +9,7 @@ import org.objectweb.asm.tree.TypeInsnNode fun KDSL.skyrage() { malwareId = "Skyrage" - type = MatchType.MALWARE + type = Severity.SEVERE "Upd1" byteCodeEntry { autoFilerInstructions = true diff --git a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt index 547d021..9ba5fd8 100644 --- a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/dsl/KDSL.kt @@ -1,7 +1,7 @@ package dev.kosmx.needle.dbGen.dsl -import dev.kosmx.needle.core.MatchType -import dev.kosmx.needle.database.Info +import dev.kosmx.needle.database.serializing.Info +import dev.kosmx.needle.matcher.result.Severity import kotlinx.serialization.ExperimentalSerializationApi import kotlinx.serialization.json.Json import kotlinx.serialization.json.encodeToStream @@ -32,7 +32,7 @@ var idTracker = 0 class KDSL(private val entries: MutableList) { var malwareId: String = "none" - var type: MatchType = MatchType.MALWARE + var type: Severity = Severity.SEVERE fun byteCodeEntry(block: ByteCodeEntry.() -> Unit) { entries += ByteCodeEntry().also(block) From 7cbb2e46175b893f1a0949e3be36508ccefcb22d Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 01:14:34 +0200 Subject: [PATCH 014/114] Update interfaces --- .../dev/kosmx/needle/matcher/result/ClassScanResult.kt | 3 +++ .../dev/kosmx/needle/matcher/result/IScanResult.kt | 3 +++ cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt | 9 ++++----- .../main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt | 2 +- .../dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt | 4 ++-- 5 files changed, 13 insertions(+), 8 deletions(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt index af52d67..ea872e5 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/ClassScanResult.kt @@ -11,6 +11,9 @@ data class ClassMatchResult( override val extra: String get() = if (clues.isNotEmpty()) clues.toString() else "" + + override fun getMessage(): String = + if (clues.isEmpty()) "$severity($malware, rule=$rule)" else "$severity($malware, rule=$rule, clues=$clues)" } diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt index 71e134c..928bf5d 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/IScanResult.kt @@ -8,6 +8,9 @@ interface IScanResult { val severity: Severity val extra: String get() = "" + + fun getMessage(): String = + if (extra.isEmpty()) "$severity($malware, rule=$rule)" else "$severity($malware, rule=$rule, info=$extra)" } diff --git a/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt b/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt index 6afbe9d..ea97178 100644 --- a/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt +++ b/cli/src/main/kotlin/dev/kosmx/needle/cli/CliRun.kt @@ -1,8 +1,7 @@ package dev.kosmx.needle.cli import dev.kosmx.needle.CheckWrapper -import dev.kosmx.needle.core.JarCheckResult -import dev.kosmx.needle.core.JarChecker +import dev.kosmx.needle.scanner.ScanConfig import kotlinx.cli.ArgParser import kotlinx.cli.ArgType import kotlinx.cli.default @@ -20,13 +19,13 @@ private val logger by getLogger() @OptIn(ExperimentalTime::class) fun main(args: Array) { - val defaultUrl = String(JarCheckResult::class.java.getResourceAsStream("/url")!!.readBytes()) + val defaultUrl = ScanConfig.Defaults.defaultUrl val parser = ArgParser("jNeedle") val file by parser.option(ArgType.String, shortName = "f", fullName = "file", description = "file or directory").required() val databaseUrl by parser.option(ArgType.String, shortName = "u", fullName = "url").default(defaultUrl) - val databaseLocation by parser.option(ArgType.String, fullName = "dblocation").default(CheckWrapper.databasePath.toString()) + val databaseLocation by parser.option(ArgType.String, fullName = "dblocation").default(ScanConfig.Defaults.databasePath.toString()) val threads by parser.option(ArgType.Int, fullName = "threads").default(Runtime.getRuntime().availableProcessors()) parser.parse(args) @@ -38,7 +37,7 @@ fun main(args: Array) { val path = Path(file) if (path.toFile().isFile) { - println(JarChecker.checkJar(path.toFile())) + println(CheckWrapper.checkJar(path)) } else { measureTime { diff --git a/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt index 9ac8da1..c5e2b89 100644 --- a/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt +++ b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt @@ -24,7 +24,7 @@ import androidx.compose.ui.window.application import com.darkrockstudios.libraries.mpfilepicker.DirectoryPicker import com.darkrockstudios.libraries.mpfilepicker.FilePicker import dev.kosmx.needle.CheckWrapper -import dev.kosmx.needle.ScanResult +import dev.kosmx.needle.matcher.result.ScanResult import kotlinx.coroutines.CoroutineScope import kotlinx.coroutines.Dispatchers import kotlinx.coroutines.launch diff --git a/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt index eb2bbab..d1644c4 100644 --- a/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt +++ b/launchwrapper/src/main/kotlin/dev/kosmx/needle/launchWrapper/JavaAgentLauncher.kt @@ -1,7 +1,7 @@ package dev.kosmx.needle.launchWrapper import dev.kosmx.needle.CheckWrapper -import dev.kosmx.needle.core.MatchType +import dev.kosmx.needle.matcher.result.Severity import org.slf4j.kotlin.getLogger import org.slf4j.kotlin.warn import java.lang.instrument.Instrumentation @@ -49,7 +49,7 @@ object JavaAgentLauncher { } ?: CheckWrapper.init() val result = CheckWrapper.checkPathBlocking(Path(".")) - if (result.any { pair -> pair.second.any { it.status != MatchType.INFO } }) { + if (result.any { pair -> pair.second.any { it.severity != Severity.INFORMATION } }) { result.forEach { (file, results) -> println("$file matches ${results.map { it.getMessage() }}") From 15aed54810b0e3043f94b037d6791e0d17429748 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 01:15:00 +0200 Subject: [PATCH 015/114] Fix a major bug causing the whole detector to not function --- .../dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt index a1cadff..f862c44 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/impl/legacy/MatchSequence.kt @@ -38,7 +38,6 @@ open class MatchSequence( ) : this(id, Word(instructions, InsnComparator()::compare), matchType, matchId = matchId) - private fun checkResult(): ClassMatchResult = ClassMatchResult(id, matchId, matchType) override fun getClassMatcher(clazz: ClassNode): IClassMatcher { lastClass = clazz return this @@ -47,7 +46,7 @@ open class MatchSequence( override fun getMatchResult() = match override fun matchMethod(method: MethodNode, instructions: Sequence) { - if (match != null && match(instructions) != -1) { + if (match == null && match(instructions) != -1) { match = ClassMatchResult(id, matchId, matchType, ClueMatchResult(matchId, lastClass.name, method.id)) } } From 7b39e68d9ff5f28057542180d4c8b05425ea0a56 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 12:23:22 +0200 Subject: [PATCH 016/114] change fat-jar naming scheme --- buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts b/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts index 0e7530b..36197f6 100644 --- a/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts +++ b/buildSrc/src/main/kotlin/jneedle.shadow.gradle.kts @@ -6,11 +6,11 @@ plugins { tasks { shadowJar { - archiveClassifier.set("") + archiveClassifier.set("all") } jar { - archiveClassifier.set("slim") + //archiveClassifier.set("slim") } build { dependsOn(shadowJar) From 6fa322ddd3730d85bcc563d0cf0ca5e62c83b5df Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 12:23:48 +0200 Subject: [PATCH 017/114] gitignore logs --- .gitignore | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 7bbe72a..0707399 100644 --- a/.gitignore +++ b/.gitignore @@ -119,4 +119,6 @@ run/ /database -*.pass \ No newline at end of file +*.pass + +/logs From cf3e61e06ea2fb59c92755490ddce2e718cf6ef6 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 12:24:10 +0200 Subject: [PATCH 018/114] collect all artifacts --- .github/workflows/build.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index dda1912..ffdb531 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -39,5 +39,7 @@ jobs: with: name: Artifacts path: | - build/libs/ - compose/build/libs/ + api/build/libs/ + cli/build/libs/ + launchwrapper/build/libs/ + gui/build/libs/ From 938c8f0c8bf52031553db74d049795b1e78eee15 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 15:42:22 +0200 Subject: [PATCH 019/114] cleanup unused method --- .../kotlin/dev/kosmx/needle/scanner/JarScanner.kt | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt index a5bda4d..571bc54 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt @@ -11,26 +11,12 @@ import software.coley.llzip.format.compression.ZipCompressions import software.coley.llzip.format.model.LocalFileHeader import software.coley.llzip.format.model.ZipArchive import software.coley.llzip.util.ByteDataUtil -import java.io.File import java.io.IOException object JarScanner { private val logger by getLogger() - fun checkJar(config: ScanConfig, file: File): Set { - try { - ZipIO.readJvm(file.toPath()).use { jar -> - return checkJar(config, jar) - } - } catch (t: Throwable) { - logger.warn(t) { - "Failed to open $file" - } - } - return setOf() - } - fun checkJar(config: ScanConfig, jar: ZipArchive): Set { val results = mutableSetOf() val matches = config.scanRules.mapNotNull { it.getJarMatcher(FileMatchContext(config, jar)) } From 652f87ec5e216613340cfbff6bedf86a7a353502 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 18 Jun 2023 15:43:06 +0200 Subject: [PATCH 020/114] more debug logging --- api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt index 06d506c..4c0b0b1 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt @@ -9,6 +9,8 @@ import dev.kosmx.needle.matcher.result.ScanResult import kotlinx.coroutines.* import kotlinx.coroutines.channels.Channel import kotlinx.coroutines.channels.ReceiveChannel +import org.slf4j.kotlin.debug +import org.slf4j.kotlin.getLogger import software.coley.llzip.ZipIO import software.coley.llzip.format.model.ZipArchive import java.io.File @@ -35,6 +37,7 @@ class ScanConfig * Scan rules for config */ val scanRules: List + private val logger by getLogger() init { databaseLocation.toFile().mkdirs() @@ -51,6 +54,7 @@ class ScanConfig * throws IOException if can't open */ fun checkJar(path: Path): Set { + logger.debug { "Start scanning jar: $path" } ZipIO.readJvm(path).use { jar -> return JarScanner.checkJar(this, jar) } From 29952e6a532bd790b2e25525ea676dfb7fd7fe8f Mon Sep 17 00:00:00 2001 From: KosmX Date: Fri, 23 Jun 2023 09:31:55 +0200 Subject: [PATCH 021/114] Extra notes and compatibility names on severity levels --- .../kosmx/needle/matcher/result/Severity.kt | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt index 84ac1bb..b3ac8f0 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt @@ -1,7 +1,28 @@ package dev.kosmx.needle.matcher.result +import kotlinx.serialization.ExperimentalSerializationApi +import kotlinx.serialization.Serializable +import kotlinx.serialization.json.JsonNames + +@Serializable +@OptIn(ExperimentalSerializationApi::class) enum class Severity(val level: Int) { + + /** + * It is very likely not a threat, but something may be an issue + */ + @JsonNames("INFO") INFORMATION(0), + + /** + * Threat isn't dangerous, something unwanted like data logging/etc, no token logging or backdoor access + */ + @JsonNames("POTENTIAL") WARNING(1), + + /** + * Serious threats like backdoor, token loggers, something that you definitely not want to run on your machine + */ + @JsonNames("MALWARE") SEVERE(2), } From 3f85125ba1cea91168838d7fb129bdf20d79d5e0 Mon Sep 17 00:00:00 2001 From: KosmX Date: Wed, 28 Jun 2023 13:52:47 +0200 Subject: [PATCH 022/114] proper logging --- api/src/main/kotlin/dev/kosmx/needle/database/Init.kt | 3 +-- .../kotlin/dev/kosmx/needle/database/serializing/FileParser.kt | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt index 0ae54f8..185483c 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/Init.kt @@ -42,8 +42,7 @@ object Database { } } } catch (e: Exception) { - logger.warn { - e.printStackTrace() + logger.warn(e) { "Failed to fetch database: $databaseUrl is not available." } } diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt index 07c4fc0..7242ea5 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt @@ -72,8 +72,7 @@ object FileParser { else -> null } } catch (e: Exception) { - logger.error { - e.printStackTrace() + logger.error(e) { "Failed to load database entry: $path reason: ${e.message}" } return null From 69ade6d6c2b020ff92f2f68a94d55567563463bf Mon Sep 17 00:00:00 2001 From: KosmX Date: Wed, 28 Jun 2023 14:00:52 +0200 Subject: [PATCH 023/114] minor refactor on database deserialization --- .../needle/database/serializing/FileParser.kt | 70 +----------------- .../serializing/LegacyDeserializer.kt | 73 +++++++++++++++++++ 2 files changed, 77 insertions(+), 66 deletions(-) create mode 100644 api/src/main/kotlin/dev/kosmx/needle/database/serializing/LegacyDeserializer.kt diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt index 7242ea5..87ca068 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/FileParser.kt @@ -1,71 +1,18 @@ package dev.kosmx.needle.database.serializing -import dev.kosmx.needle.database.asString import dev.kosmx.needle.matcher.IMatchRule -import dev.kosmx.needle.matcher.impl.legacy.MatchFilteredSequence -import dev.kosmx.needle.matcher.impl.legacy.MatchSequence -import dev.kosmx.needle.matcher.impl.legacy.WildcardMatch -import dev.kosmx.needle.matcher.impl.toWord -import dev.kosmx.needle.matcher.result.Severity -import kotlinx.serialization.Serializable -import kotlinx.serialization.json.Json -import org.objectweb.asm.ClassReader -import org.objectweb.asm.tree.ClassNode import org.slf4j.kotlin.error import org.slf4j.kotlin.getLogger import java.nio.file.Path -import java.util.jar.JarFile import kotlin.io.path.extension object FileParser { private val logger by getLogger() fun parseFile(path: Path): IMatchRule? { - try { - return when (path.extension) { - "jasm" -> { - JarFile(path.toFile()).use { jar -> - val info = - Json.decodeFromString(jar.getInputStream(jar.getJarEntry("info.json")).asString()) - - - val tree = ClassNode() - ClassReader(jar.getInputStream(jar.getJarEntry("content.class")).readBytes()).accept( - tree, - ClassReader.SKIP_DEBUG - ) - - if (info.wildcardType) { - IMatchRule { - WildcardMatch( - info.name, - tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), - info.threat, - info.matchId, - info.filterType, - ) - } - } else if (info.filterType) { - IMatchRule { - MatchFilteredSequence( - info.name, - tree.methods.find { it.name == "pattern" }!!.instructions.toArray().toWord(), - info.threat, - matchId = info.matchId - ) - } - } else { - IMatchRule { - MatchSequence( - info.name, - tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), - info.threat, - matchId = info.matchId - ) - } - } - } - } + return try { + when (path.extension) { + "jasm" -> LegacyDeserializer.jasm(path) "asset" -> TODO() @@ -75,20 +22,11 @@ object FileParser { logger.error(e) { "Failed to load database entry: $path reason: ${e.message}" } - return null + null } } } -@Serializable -data class Info( - val name: String, - val threat: Severity = Severity.SEVERE, - val encoded: Boolean = false, - val matchId: String = "", - val filterType: Boolean = false, - val wildcardType: Boolean = false, -) diff --git a/api/src/main/kotlin/dev/kosmx/needle/database/serializing/LegacyDeserializer.kt b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/LegacyDeserializer.kt new file mode 100644 index 0000000..d56be12 --- /dev/null +++ b/api/src/main/kotlin/dev/kosmx/needle/database/serializing/LegacyDeserializer.kt @@ -0,0 +1,73 @@ +package dev.kosmx.needle.database.serializing + +import dev.kosmx.needle.database.asString +import dev.kosmx.needle.matcher.IMatchRule +import dev.kosmx.needle.matcher.impl.legacy.MatchFilteredSequence +import dev.kosmx.needle.matcher.impl.legacy.MatchSequence +import dev.kosmx.needle.matcher.impl.legacy.WildcardMatch +import dev.kosmx.needle.matcher.impl.toWord +import dev.kosmx.needle.matcher.result.Severity +import kotlinx.serialization.Serializable +import kotlinx.serialization.json.Json +import org.objectweb.asm.ClassReader +import org.objectweb.asm.tree.ClassNode +import java.nio.file.Path +import java.util.jar.JarFile + +object LegacyDeserializer { + fun jasm(path: Path): IMatchRule { + + JarFile(path.toFile()).use { jar -> + val info = + Json.decodeFromString(jar.getInputStream(jar.getJarEntry("info.json")).asString()) + + + val tree = ClassNode() + ClassReader(jar.getInputStream(jar.getJarEntry("content.class")).readBytes()).accept( + tree, + ClassReader.SKIP_DEBUG + ) + + return if (info.wildcardType) { + IMatchRule { + WildcardMatch( + info.name, + tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), + info.threat, + info.matchId, + info.filterType, + ) + } + } else if (info.filterType) { + IMatchRule { + MatchFilteredSequence( + info.name, + tree.methods.find { it.name == "pattern" }!!.instructions.toArray().toWord(), + info.threat, + matchId = info.matchId + ) + } + } else { + IMatchRule { + MatchSequence( + info.name, + tree.methods.find { it.name == "pattern" }!!.instructions.toArray(), + info.threat, + matchId = info.matchId + ) + } + } + } + } + + + @Serializable + private data class Info( + val name: String, + val threat: Severity = Severity.SEVERE, + val encoded: Boolean = false, + val matchId: String = "", + val filterType: Boolean = false, + val wildcardType: Boolean = false, + ) +} From c467eb5506a1c36cd093938a03127caaf16526d3 Mon Sep 17 00:00:00 2001 From: KosmX Date: Fri, 30 Jun 2023 14:10:40 +0200 Subject: [PATCH 024/114] Create CONTRIBUTING.md --- CONTRIBUTING.md | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 CONTRIBUTING.md diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..237156c --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,52 @@ +# How can I help? + +## Requesting feature or request adding malware signature to the database + +In this case, feel free to open an issue or contact me on [Minecraft Malware Prevention Alliance](https://mmpa.info/) Discord server. +**Never upload malware to GitHub or Discord!** If you have a malware sample that you want to share with se, please share it via [Wormhole](https://wormhole.app/). + + +## Contribution +If you're familiar with [Kotlin](https://kotlinlang.org/) and you want to help with the project, feel free to open pull requests. + +### Pull-requests +Please keep pull requests clean: only add one feature per pull request. Pull requests modifying the whole project and adding multiple unrelated features will be rejected. +If you start working on a feature, please open a draft PR as soon as you can, and track your progress there. +This way people will know that someone is already working on XXX. + + +GitHub support checkboxes, you may use those: + +--- +```md +- [x] ticked checkbox +- [ ] todo checkbox +``` +- [x] ticked checkbox +- [ ] todo checkbox + + +--- + +## Coding +Follow common sense! + +### No premature optimization +First, make a feature work, then you might profile and optimize it. (you may choose efficient algorithms) + +You may use Object Oriented or Functional style, but please avoid unnecessary abstraction. +A readable code is better than an optimized or obfuscated code. + +### Readable code +Please avoid global variables and functions. Only use global if it is widely used in the project. +Group simple functions into Objects, or use extension functions. + +Multiple classes may be declared in a single file as long as those are closely related. + +If possible, avoid using reflection. + +Avoid [platform types](https://kotlinlang.org/docs/java-interop.html#null-safety-and-platform-types): If java library has no nullability annotation choose the expected type. +```kt +val mayBeNull = JavaClass.function() // Any! NOT OK +val mayBeNull: Any = JavaClass.function() // Any OK +``` From 787ffd768af1ec225c7b756aa1640ec34cd32e25 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 14:48:06 +0200 Subject: [PATCH 025/114] update gitignore --- .gitignore | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index 0707399..52773db 100644 --- a/.gitignore +++ b/.gitignore @@ -117,8 +117,8 @@ run/ # Avoid ignoring Gradle wrapper jar file (.jar files are usually ignored) !gradle-wrapper.jar -/database +/api/database *.pass -/logs +*/logs From cf1eb27df6100919e5cfd0a7c53acfe5d71cbd8a Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 14:59:53 +0200 Subject: [PATCH 026/114] update gradle wrapper to 8.2 --- gradle/wrapper/gradle-wrapper.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 37aef8d..a363877 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.1.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.2-bin.zip networkTimeout=10000 zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists From 03df40e4df8b22e4568f29538b3d642a4b360162 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:30:22 +0200 Subject: [PATCH 027/114] Add slf4k to gui module --- gui/build.gradle.kts | 1 + 1 file changed, 1 insertion(+) diff --git a/gui/build.gradle.kts b/gui/build.gradle.kts index 6e20a15..d2b2e61 100644 --- a/gui/build.gradle.kts +++ b/gui/build.gradle.kts @@ -18,6 +18,7 @@ ext["mainClass"] = mainClassName dependencies { implementation(projects.api) implementation(libs.logback) + implementation(libs.slf4k) implementation(compose.desktop.currentOs) From 761e59df5d81c01c9c0b64d783875b8485dd807b Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:30:55 +0200 Subject: [PATCH 028/114] Fix logger configuration, and add gui default config --- gui/src/main/resources/logback.xml | 32 ++++++++++++++++++++++++++++++ logback-debug.xml | 7 ++----- 2 files changed, 34 insertions(+), 5 deletions(-) create mode 100644 gui/src/main/resources/logback.xml diff --git a/gui/src/main/resources/logback.xml b/gui/src/main/resources/logback.xml new file mode 100644 index 0000000..e3aaddb --- /dev/null +++ b/gui/src/main/resources/logback.xml @@ -0,0 +1,32 @@ + + + true + + + + + %d %-24([%.-22(%thread)]) %highlight(%-5level) %-48logger{48} - %highlight(%msg){}%n{}%ex{full,DISPLAY_EX_EVAL} + + + + + + ${LOG_DIR}/jNeedle.log + + + ${LOG_DIR}/jNeedle.%d{yyyy-MM-dd}.%i.log.gz + + 60 + 5GB + 10MB + + + %d %-32([%.-30(%thread)]) %-5level %-64logger{64} - %msg{}%n{}%ex{full, DISPLAY_EX_EVAL} + + + + + + + + \ No newline at end of file diff --git a/logback-debug.xml b/logback-debug.xml index 8710649..bd023d1 100644 --- a/logback-debug.xml +++ b/logback-debug.xml @@ -26,15 +26,12 @@ - + - + - - - \ No newline at end of file From cb07d7ef0ce390f88df3b0b30d11c328a39564d4 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:32:18 +0200 Subject: [PATCH 029/114] add initialized value and re-initialization check to avoid accidental re-inits --- .../kotlin/dev/kosmx/needle/CheckWrapper.kt | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt index d25c390..ef2f753 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt @@ -1,5 +1,3 @@ -@file:OptIn(ExperimentalStdlibApi::class) - package dev.kosmx.needle import dev.kosmx.needle.matcher.result.IScanResult @@ -7,7 +5,7 @@ import dev.kosmx.needle.matcher.result.ScanResult import dev.kosmx.needle.scanner.ScanConfig import kotlinx.coroutines.CoroutineDispatcher import kotlinx.coroutines.Dispatchers -import software.coley.llzip.format.model.ZipArchive +import software.coley.lljzip.format.model.ZipArchive import java.nio.file.Path import kotlin.jvm.internal.Ref.IntRef @@ -21,15 +19,31 @@ import kotlin.jvm.internal.Ref.IntRef * re-initialization is possible, it will refresh the database (should be thread-safe) */ object CheckWrapper { - private lateinit var scanConfig: ScanConfig + private var _scanConfig: ScanConfig? = null + private var scanConfig: ScanConfig + get() = _scanConfig ?: error("CheckWrapper is not initialized") + set(value) { + _scanConfig = value + } + @JvmStatic + val initialized + get() = _scanConfig != null + /** + * Initialize or re-initialize static wrapper + * @param databaseUrl remote database URL, null if fetching is disabled + * @param databaseLocation database cache on local filesystem + * @param allowReInitialize allow re-initialization, if not, it will *assert* first initialization + */ @JvmStatic @JvmOverloads fun init( databaseUrl: String? = ScanConfig.Defaults.defaultUrl, databaseLocation: Path = ScanConfig.Defaults.databasePath, + allowReInitialize: Boolean = false, ) { + assert(allowReInitialize || !initialized) scanConfig = ScanConfig(databaseUrl, databaseLocation) } From e9dbdcab3bd7cd3ec45f0ed32bef19493f4c563e Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:32:30 +0200 Subject: [PATCH 030/114] Some fixes in GUI --- .../main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt index c5e2b89..e6a12b5 100644 --- a/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt +++ b/gui/src/main/kotlin/dev/kosmx/needle/compose/ComposeMain.kt @@ -45,7 +45,7 @@ object ComposeMain { @Preview @Composable - fun App() { + fun app() { var showDirectoryPicker by remember { mutableStateOf(false) } var showFilePicker by remember { mutableStateOf(false) } var targetPath by remember { mutableStateOf("C:\\") } @@ -53,8 +53,6 @@ object ComposeMain { val composerScope = rememberCoroutineScope() - CheckWrapper.init() - FilePicker(showFilePicker) { path -> showFilePicker = false targetPath = path?.path ?: targetPath @@ -220,11 +218,14 @@ object ComposeMain { } fun main() = application { + + CheckWrapper.init() + Window( state = WindowState(width = 1000.dp, height = 600.dp), onCloseRequest = ::exitApplication, title = "JNeedle Malware Detection Tool" ) { - ComposeMain.App() + ComposeMain.app() } } \ No newline at end of file From cb3ff726f1b9dac97ae63daece3729b747e62a1e Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:35:23 +0200 Subject: [PATCH 031/114] Create dependabot.yml --- .github/dependabot.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..a35c2aa --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "gradle" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" From 3dd68d9d2e0c1f2a1262ef20da6630b367380c26 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:40:11 +0200 Subject: [PATCH 032/114] Add GitHub dependency submission --- .github/workflows/build.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ffdb531..8abf8b6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -33,6 +33,9 @@ jobs: run: chmod +x ./gradlew - name: build run: ./gradlew build + - name: Gradle Dependency Submission + if: ${{ runner.os != 'Windows' }} + uses: mikepenz/gradle-dependency-submission@v0.8. - name: capture build artifacts if: ${{ runner.os == 'Linux' && matrix.java == '17' }} # Only upload artifacts built from latest java on one OS uses: actions/upload-artifact@v3 From 54afe7ada2fb12dc0ac809fd071a73d735b4d414 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:46:25 +0200 Subject: [PATCH 033/114] dependencyOops --- api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt index ef2f753..6821702 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt @@ -5,7 +5,7 @@ import dev.kosmx.needle.matcher.result.ScanResult import dev.kosmx.needle.scanner.ScanConfig import kotlinx.coroutines.CoroutineDispatcher import kotlinx.coroutines.Dispatchers -import software.coley.lljzip.format.model.ZipArchive +import software.coley.llzip.format.model.ZipArchive import java.nio.file.Path import kotlin.jvm.internal.Ref.IntRef From aa59ddcbece7873ba2ba93e1771441709d7b57e8 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:50:10 +0200 Subject: [PATCH 034/114] Update build.yml An extra dot --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8abf8b6..530cd34 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -35,7 +35,7 @@ jobs: run: ./gradlew build - name: Gradle Dependency Submission if: ${{ runner.os != 'Windows' }} - uses: mikepenz/gradle-dependency-submission@v0.8. + uses: mikepenz/gradle-dependency-submission@v0.8 - name: capture build artifacts if: ${{ runner.os == 'Linux' && matrix.java == '17' }} # Only upload artifacts built from latest java on one OS uses: actions/upload-artifact@v3 From c9259a0135bb9e8540a4d15807ada1a43426d937 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 20:54:06 +0200 Subject: [PATCH 035/114] Update build.yml maybe this works --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 530cd34..9a07dde 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -35,7 +35,7 @@ jobs: run: ./gradlew build - name: Gradle Dependency Submission if: ${{ runner.os != 'Windows' }} - uses: mikepenz/gradle-dependency-submission@v0.8 + uses: mikepenz/gradle-dependency-submission@v0.8.6 - name: capture build artifacts if: ${{ runner.os == 'Linux' && matrix.java == '17' }} # Only upload artifacts built from latest java on one OS uses: actions/upload-artifact@v3 From 4311bcc49692fd7301aac182b5fb733b88ea5eda Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 21:13:27 +0200 Subject: [PATCH 036/114] Include submodule dependencies in graph --- .github/workflows/build.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9a07dde..63500d7 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,6 +36,8 @@ jobs: - name: Gradle Dependency Submission if: ${{ runner.os != 'Windows' }} uses: mikepenz/gradle-dependency-submission@v0.8.6 + with: + sub-module-mode: COMBINED - name: capture build artifacts if: ${{ runner.os == 'Linux' && matrix.java == '17' }} # Only upload artifacts built from latest java on one OS uses: actions/upload-artifact@v3 From bbd822bfd5857f9260eaa5fb194fbdd92286927f Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 21:24:46 +0200 Subject: [PATCH 037/114] Attempt dependency stuff again (#26) *finally* --- .github/workflows/build.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 63500d7..9bf3a4b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -37,7 +37,11 @@ jobs: if: ${{ runner.os != 'Windows' }} uses: mikepenz/gradle-dependency-submission@v0.8.6 with: - sub-module-mode: COMBINED + gradle-build-module: |- + :api + :cli + :launchwrapper + :gui - name: capture build artifacts if: ${{ runner.os == 'Linux' && matrix.java == '17' }} # Only upload artifacts built from latest java on one OS uses: actions/upload-artifact@v3 From 1cfd2f0612dfce324e41455431bfac838dd99735 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 21:49:47 +0200 Subject: [PATCH 038/114] failing dependency submission shouldn't fail the action --- .github/workflows/build.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9bf3a4b..a5dced6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -42,6 +42,7 @@ jobs: :cli :launchwrapper :gui + continue-on-error: true - name: capture build artifacts if: ${{ runner.os == 'Linux' && matrix.java == '17' }} # Only upload artifacts built from latest java on one OS uses: actions/upload-artifact@v3 From 78bcc834e9fdad1bf97adf26b69efe79643a1e98 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 19:50:31 +0000 Subject: [PATCH 039/114] Bump ch.qos.logback:logback-classic from 1.3.7 to 1.4.8 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.3.7 to 1.4.8. - [Commits](https://github.com/qos-ch/logback/compare/v_1.3.7...v_1.4.8) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 2465ad0..1a0511d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -123,7 +123,7 @@ slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.7" } slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } # Logback ## The reliable, generic, fast and flexible logging framework for Java -logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.7" } +logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.4.8" } # Fuel From ce9575ee4f2e47656f61758876aa2c6480d2db91 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 19:58:15 +0000 Subject: [PATCH 040/114] Bump com.github.ajalt.clikt:clikt from 3.5.2 to 4.0.0 Bumps [com.github.ajalt.clikt:clikt](https://github.com/ajalt/clikt) from 3.5.2 to 4.0.0. - [Release notes](https://github.com/ajalt/clikt/releases) - [Changelog](https://github.com/ajalt/clikt/blob/master/CHANGELOG.md) - [Commits](https://github.com/ajalt/clikt/compare/3.5.2...4.0.0) --- updated-dependencies: - dependency-name: com.github.ajalt.clikt:clikt dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 1a0511d..24755c9 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -76,7 +76,7 @@ kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = # Clikt ## Multiplatform Kotlin Library for writing CLI interfaces -clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "3.5.2" } +clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.0.0" } # TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) From 60f290a0bdf86aea86834f36b62966768094cc47 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 20:19:37 +0000 Subject: [PATCH 041/114] Bump kotlinx-coroutines from 1.7.1 to 1.7.2 Bumps `kotlinx-coroutines` from 1.7.1 to 1.7.2. Updates `org.jetbrains.kotlinx:kotlinx-coroutines-core` from 1.7.1 to 1.7.2 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.1...1.7.2) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-jdk8` from 1.7.1 to 1.7.2 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.1...1.7.2) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-slf4j` from 1.7.1 to 1.7.2 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.1...1.7.2) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-test` from 1.7.1 to 1.7.2 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.1...1.7.2) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-debug` from 1.7.1 to 1.7.2 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.1...1.7.2) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-core dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-jdk8 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-test dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-debug dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 24755c9..b7a48e0 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -4,7 +4,7 @@ kotlin = "1.8.20" kotlinx-serialization = "1.5.1" ktoml = "0.5.0" -kotlinx-coroutines = "1.7.1" +kotlinx-coroutines = "1.7.2" asm = "9.5" From 110e92d8c04a319fa65a6b723026ddab4b61d812 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:14:35 +0000 Subject: [PATCH 042/114] Bump commons-codec:commons-codec from 1.15 to 1.16.0 Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.15 to 1.16.0. - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.15...rel/commons-codec-1.16.0) --- updated-dependencies: - dependency-name: commons-codec:commons-codec dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index b7a48e0..d6b495c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -153,7 +153,7 @@ dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } # Apache Commons commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.23.0" } commons-io = { group = "commons-io", name = "commons-io", version = "2.13.0" } -commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.15" } +commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.16.0" } commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } # when 4.0.0 is released, commons-math is being split into: # - commons-numbers From 06b58eab345c9e77d080f82ce30264f8654270fa Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 23:29:18 +0200 Subject: [PATCH 043/114] Update lljzip to 2.1.2 --- .../kotlin/dev/kosmx/needle/CheckWrapper.kt | 2 +- .../kosmx/needle/matcher/FileMatchContext.kt | 3 +-- .../dev/kosmx/needle/matcher/IMatchRule.kt | 2 +- .../dev/kosmx/needle/scanner/JarScanner.kt | 15 +++++---------- .../dev/kosmx/needle/scanner/ScanConfig.kt | 17 ++++++++++++----- gradle/libs.versions.toml | 2 +- 6 files changed, 21 insertions(+), 20 deletions(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt index 6821702..ef2f753 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/CheckWrapper.kt @@ -5,7 +5,7 @@ import dev.kosmx.needle.matcher.result.ScanResult import dev.kosmx.needle.scanner.ScanConfig import kotlinx.coroutines.CoroutineDispatcher import kotlinx.coroutines.Dispatchers -import software.coley.llzip.format.model.ZipArchive +import software.coley.lljzip.format.model.ZipArchive import java.nio.file.Path import kotlin.jvm.internal.Ref.IntRef diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt index 964836a..ee936b2 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/FileMatchContext.kt @@ -1,8 +1,7 @@ package dev.kosmx.needle.matcher import dev.kosmx.needle.scanner.ScanConfig -import software.coley.llzip.format.model.ZipArchive -import java.nio.file.Path +import software.coley.lljzip.format.model.ZipArchive /** diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt index 92ad662..db57c45 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/IMatchRule.kt @@ -4,7 +4,7 @@ import dev.kosmx.needle.matcher.result.IScanResult import org.objectweb.asm.tree.AbstractInsnNode import org.objectweb.asm.tree.ClassNode import org.objectweb.asm.tree.MethodNode -import software.coley.llzip.format.model.LocalFileHeader +import software.coley.lljzip.format.model.LocalFileHeader /** * Represents a rule diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt index 571bc54..8be51bf 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/JarScanner.kt @@ -6,11 +6,10 @@ import org.slf4j.kotlin.debug import org.slf4j.kotlin.getLogger import org.slf4j.kotlin.info import org.slf4j.kotlin.warn -import software.coley.llzip.ZipIO -import software.coley.llzip.format.compression.ZipCompressions -import software.coley.llzip.format.model.LocalFileHeader -import software.coley.llzip.format.model.ZipArchive -import software.coley.llzip.util.ByteDataUtil +import software.coley.lljzip.ZipIO +import software.coley.lljzip.format.compression.ZipCompressions +import software.coley.lljzip.format.model.ZipArchive +import software.coley.lljzip.util.ByteDataUtil import java.io.IOException @@ -22,7 +21,7 @@ object JarScanner { val matches = config.scanRules.mapNotNull { it.getJarMatcher(FileMatchContext(config, jar)) } - zipEntry@for (jarEntry in jar) { + zipEntry@for (jarEntry in jar.localFiles) { val byteData by lazy { ZipCompressions.decompress(jarEntry) } val bytes = lazy { ByteDataUtil.toByteArray(byteData)!! } if (jarEntry.fileNameAsString.let { it.endsWith(".class") || it.endsWith(".class/") }) { @@ -64,7 +63,3 @@ object JarScanner { } } -fun ZipArchive.asSequence() = localFiles.asSequence().map { it } - -operator fun ZipArchive.iterator(): Iterator = this.asSequence().iterator() - diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt index 4c0b0b1..e0ca5fc 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt @@ -10,10 +10,12 @@ import kotlinx.coroutines.* import kotlinx.coroutines.channels.Channel import kotlinx.coroutines.channels.ReceiveChannel import org.slf4j.kotlin.debug +import org.slf4j.kotlin.error import org.slf4j.kotlin.getLogger -import software.coley.llzip.ZipIO -import software.coley.llzip.format.model.ZipArchive +import software.coley.lljzip.ZipIO +import software.coley.lljzip.format.model.ZipArchive import java.io.File +import java.io.IOException import java.nio.file.Path import kotlin.io.path.Path import kotlin.jvm.internal.Ref @@ -51,12 +53,17 @@ class ScanConfig /** * Run the check for the given jar file. path has to point to a jar file - * throws IOException if can't open + * returns nothing if the file can't be opened as jar */ fun checkJar(path: Path): Set { logger.debug { "Start scanning jar: $path" } - ZipIO.readJvm(path).use { jar -> - return JarScanner.checkJar(this, jar) + return try { + ZipIO.readJvm(path).use { jar -> + JarScanner.checkJar(this, jar) + } + } catch (e: IOException) { + logger.error(e) {"File $path can't be opened as java archive (jar)"} + emptySet() } } diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index b7a48e0..3be10d0 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -106,7 +106,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "1.6.1" } +lljzip = { group = "software.coley", name = "lljzip", version = "2.1.2" } From 63d83f45f8f0dbcd7f42e4f7ed44539a47183f09 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:31:14 +0000 Subject: [PATCH 044/114] Bump junit-jupiter from 5.9.2 to 5.9.3 Bumps `junit-jupiter` from 5.9.2 to 5.9.3. Updates `org.junit.jupiter:junit-jupiter-api` from 5.9.2 to 5.9.3 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.2...r5.9.3) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.9.2 to 5.9.3 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.2...r5.9.3) Updates `org.junit.jupiter:junit-jupiter-params` from 5.9.2 to 5.9.3 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.2...r5.9.3) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5dee006..9424880 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -12,7 +12,7 @@ konf = "1.1.2" fuel = "2.3.1" -junit-jupiter = "5.9.2" +junit-jupiter = "5.9.3" grgit = "4.1.1" From dd5630766445968f8e59bab4b976d2316d99a80f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:31:20 +0000 Subject: [PATCH 045/114] Bump pl.allegro.tech.build.axion-release from 1.15.0 to 1.15.3 Bumps [pl.allegro.tech.build.axion-release](https://github.com/allegro/axion-release-plugin) from 1.15.0 to 1.15.3. - [Release notes](https://github.com/allegro/axion-release-plugin/releases) - [Commits](https://github.com/allegro/axion-release-plugin/compare/v1.15.0...v1.15.3) --- updated-dependencies: - dependency-name: pl.allegro.tech.build.axion-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5dee006..1e2ca29 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -23,7 +23,7 @@ shadow = "8.1.1" kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" } kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" } -axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.0" } +axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.3" } shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } From 44dc9ad6b11d4860c5306f98c91ccbccfd2b940d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:31:24 +0000 Subject: [PATCH 046/114] Bump com.google.guava:guava from 31.1-jre to 32.1.1-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 31.1-jre to 32.1.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5dee006..b191333 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -136,7 +136,7 @@ fuel-kotlinx-serialization = { group = "com.github.kittinunf.fuel", name = "fuel # Guava ## A set of core Java libraries from Google that includes new collection types, immutable collections, a graph library, ## and utilities for concurrency, I/O, hashing, caching, primitives, strings, and more -guava = { group = "com.google.guava", name = "guava", version = "31.1-jre" } +guava = { group = "com.google.guava", name = "guava", version = "32.1.1-jre" } # Guava Kotlin ## A wrapper around Guava to make it more idiomatic in kotlin guava-kotlin = { group = "ca.solo-studios", name = "guava-kotlin", version = "0.1.0" } From 5a1b629be06a060d258321a7152fc8675f379381 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:31:31 +0000 Subject: [PATCH 047/114] Bump com.squareup.okio:okio from 3.3.0 to 3.4.0 Bumps [com.squareup.okio:okio](https://github.com/square/okio) from 3.3.0 to 3.4.0. - [Changelog](https://github.com/square/okio/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okio/compare/parent-3.3.0...parent-3.4.0) --- updated-dependencies: - dependency-name: com.squareup.okio:okio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5dee006..e52096d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -112,7 +112,7 @@ lljzip = { group = "software.coley", name = "lljzip", version = "2.1.2" } # Okio ## A modern I/O library for Android, Java, and Kotlin Multiplatform. -okio = { group = "com.squareup.okio", name = "okio", version = "3.3.0" } +okio = { group = "com.squareup.okio", name = "okio", version = "3.4.0" } # SLF4J From 10728bd64234b0f34b6d569986dfc1e303898a75 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:31:35 +0000 Subject: [PATCH 048/114] Bump org.jetbrains.compose from 1.4.0 to 1.4.1 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.4.0 to 1.4.1. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.4.0...v1.4.1) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5dee006..9f2c110 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.4.0" } +compose = { id = "org.jetbrains.compose", version = "1.4.1" } [libraries] From 0f810eeeed34669e49f2d6164f60046aff34fe40 Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 9 Jul 2023 23:38:30 +0200 Subject: [PATCH 049/114] Update dependabot.yml Allow 12 dependency PR --- .github/dependabot.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a35c2aa..9cb5ce4 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,3 +9,4 @@ updates: directory: "/" # Location of package manifests schedule: interval: "weekly" + open-pull-requests-limit: 12 From bf795fc54508622b8716b1e446431a247068f0d3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 9 Jul 2023 21:39:03 +0000 Subject: [PATCH 050/114] Bump com.darkrockstudios:mpfilepicker-desktop from 1.1.0 to 1.2.0 Bumps [com.darkrockstudios:mpfilepicker-desktop](https://github.com/Wavesonics/compose-multiplatform-file-picker) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/Wavesonics/compose-multiplatform-file-picker/releases) - [Changelog](https://github.com/Wavesonics/compose-multiplatform-file-picker/blob/master/RELEASE.md) - [Commits](https://github.com/Wavesonics/compose-multiplatform-file-picker/compare/1.1.0...1.2.0) --- updated-dependencies: - dependency-name: com.darkrockstudios:mpfilepicker-desktop dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 9424880..0ed4f25 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -164,7 +164,7 @@ commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = commons-text = { group = "org.apache.commons", name = "commons-text", version = "1.10.0" } -mpfilepicker-desktop = { group = "com.darkrockstudios", name = "mpfilepicker-desktop", version = "1.1.0" } +mpfilepicker-desktop = { group = "com.darkrockstudios", name = "mpfilepicker-desktop", version = "1.2.0" } # JUnit From b22019e792a63a8c86cb0a3c73b6a19b37b91340 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 09:25:16 +0000 Subject: [PATCH 051/114] Bump org.gradle.toolchains.foojay-resolver-convention Bumps org.gradle.toolchains.foojay-resolver-convention from 0.5.0 to 0.6.0. --- updated-dependencies: - dependency-name: org.gradle.toolchains.foojay-resolver-convention dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- settings.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/settings.gradle.kts b/settings.gradle.kts index e997715..4194c38 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -5,7 +5,7 @@ pluginManagement { } } plugins { - id("org.gradle.toolchains.foojay-resolver-convention") version "0.5.0" + id("org.gradle.toolchains.foojay-resolver-convention") version "0.6.0" } rootProject.name = "jneedle" From 196f51007d37a6b78d091df58187c5c57ee83b77 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jul 2023 09:25:20 +0000 Subject: [PATCH 052/114] Bump com.github.ajalt.clikt:clikt from 4.0.0 to 4.1.0 Bumps [com.github.ajalt.clikt:clikt](https://github.com/ajalt/clikt) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/ajalt/clikt/releases) - [Changelog](https://github.com/ajalt/clikt/blob/master/CHANGELOG.md) - [Commits](https://github.com/ajalt/clikt/compare/4.0.0...4.1.0) --- updated-dependencies: - dependency-name: com.github.ajalt.clikt:clikt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index f782767..d92175c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -76,7 +76,7 @@ kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = # Clikt ## Multiplatform Kotlin Library for writing CLI interfaces -clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.0.0" } +clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.1.0" } # TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) From e5760ed655875b2928e33868522bee0854d2e1b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Jul 2023 09:44:42 +0000 Subject: [PATCH 053/114] Bump junit-jupiter from 5.9.3 to 5.10.0 Bumps `junit-jupiter` from 5.9.3 to 5.10.0. Updates `org.junit.jupiter:junit-jupiter-api` from 5.9.3 to 5.10.0 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.3...r5.10.0) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.9.3 to 5.10.0 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.3...r5.10.0) Updates `org.junit.jupiter:junit-jupiter-params` from 5.9.3 to 5.10.0 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.9.3...r5.10.0) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index d92175c..281ca1a 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -12,7 +12,7 @@ konf = "1.1.2" fuel = "2.3.1" -junit-jupiter = "5.9.3" +junit-jupiter = "5.10.0" grgit = "4.1.1" From e8db89c824179f0b97ab5c21a369a24d4e27b53e Mon Sep 17 00:00:00 2001 From: KosmX Date: Sun, 30 Jul 2023 00:54:42 +0200 Subject: [PATCH 054/114] Use logback 1.3.8 to maintain java 1.8 compatibility --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 281ca1a..af3b11d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -123,7 +123,7 @@ slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.7" } slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } # Logback ## The reliable, generic, fast and flexible logging framework for Java -logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.4.8" } +logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.8" } # Fuel From 0c8aeec5a9db40ee72337f6df079b66da5844aba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 29 Jul 2023 23:04:12 +0000 Subject: [PATCH 055/114] Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.13.0 Bumps org.apache.commons:commons-lang3 from 3.12.0 to 3.13.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index af3b11d..ce6157a 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -160,7 +160,7 @@ commons-math = { group = "org.apache.commons", name = "commons-math3", version = # - commons-geometry # - commons-statistics # - commons-rng -commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = "3.12.0" } +commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = "3.13.0" } commons-text = { group = "org.apache.commons", name = "commons-text", version = "1.10.0" } From 0a1d326824251b8f8657d331f49789edfd9dc349 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 29 Jul 2023 23:04:32 +0000 Subject: [PATCH 056/114] Bump kotlinx-coroutines from 1.7.2 to 1.7.3 Bumps `kotlinx-coroutines` from 1.7.2 to 1.7.3. Updates `org.jetbrains.kotlinx:kotlinx-coroutines-core` from 1.7.2 to 1.7.3 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.2...1.7.3) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-jdk8` from 1.7.2 to 1.7.3 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.2...1.7.3) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-slf4j` from 1.7.2 to 1.7.3 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.2...1.7.3) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-test` from 1.7.2 to 1.7.3 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.2...1.7.3) Updates `org.jetbrains.kotlinx:kotlinx-coroutines-debug` from 1.7.2 to 1.7.3 - [Release notes](https://github.com/Kotlin/kotlinx.coroutines/releases) - [Changelog](https://github.com/Kotlin/kotlinx.coroutines/blob/master/CHANGES.md) - [Commits](https://github.com/Kotlin/kotlinx.coroutines/compare/1.7.2...1.7.3) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-core dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-jdk8 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-slf4j dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-test dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-coroutines-debug dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index af3b11d..77eb1c9 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -4,7 +4,7 @@ kotlin = "1.8.20" kotlinx-serialization = "1.5.1" ktoml = "0.5.0" -kotlinx-coroutines = "1.7.2" +kotlinx-coroutines = "1.7.3" asm = "9.5" From dca35300209eec86b37e8884200bab77c1adc474 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 29 Jul 2023 23:04:47 +0000 Subject: [PATCH 057/114] Bump org.jetbrains.compose from 1.4.1 to 1.4.3 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.4.1 to 1.4.3. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.4.1...v1.4.3) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index af3b11d..a77de98 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.4.1" } +compose = { id = "org.jetbrains.compose", version = "1.4.3" } [libraries] From 2922a34f841c537ad38d6a5025c4281a13dfe149 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 29 Jul 2023 23:04:54 +0000 Subject: [PATCH 058/114] Bump pl.allegro.tech.build.axion-release from 1.15.3 to 1.15.4 Bumps [pl.allegro.tech.build.axion-release](https://github.com/allegro/axion-release-plugin) from 1.15.3 to 1.15.4. - [Release notes](https://github.com/allegro/axion-release-plugin/releases) - [Commits](https://github.com/allegro/axion-release-plugin/compare/v1.15.3...v1.15.4) --- updated-dependencies: - dependency-name: pl.allegro.tech.build.axion-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index af3b11d..9e09fb8 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -23,7 +23,7 @@ shadow = "8.1.1" kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" } kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" } -axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.3" } +axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.4" } shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } From 879c55db90b5cf634ead640569e68ba051f40c89 Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 17:35:07 +0200 Subject: [PATCH 059/114] docs(readme): Add quickstart section --- README.md | 42 +++++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index f8e7428..12b89f2 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,15 @@ # 🪡 jNeedle (or Needle) + Yet another jar malware detection tool --- + +## Quickstart + +If you came from [MMPA](https://blog.mmpa.info) or already know what this program does, look here to see how to use jNeedle. + +--- + ## How to find the needle in a haystack? - Use a strong enough magnet The detection tool is parsing jar `.class` files looking for signature instruction sequences. @@ -9,6 +17,7 @@ It is actually similar to string search: Is the following sequence: `"jump into the well"` in the program: + ```text exit house and lock door, get the bus and to the shop to buy milk @@ -17,53 +26,58 @@ come home ``` ## See the **light** at the end of the tunnel + ### Add to PrismLauncher ### Extra jar // recommended but harder to set-up + 1. Check current launch classpath in the Version menu: -Select the Fabric/Forge/Quilt/Minecraft (most bottom of these) and on the right menu, click Customize then Edit + Select the Fabric/Forge/Quilt/Minecraft (most bottom of these) and on the right menu, click Customize then Edit 2. This will open a text-editor, look for the `mainClass` entry in the class -Fabrc for example: `"mainClass": "net.fabricmc.loader.impl.launch.knot.KnotClient",` + Fabrc for example: `"mainClass": "net.fabricmc.loader.impl.launch.knot.KnotClient",` 3. Save (copy) the entry value: `net.fabricmc.loader.impl.launch.knot.KnotClient` 4. close the editor and optionally click Revert in Prismlauncher 5. click `Add to Minecraft.jar` button and select jneedle.jar 6. Click edit while jneedle.jar is selected 7. Add the following to the json: -`"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass={launchClass}"],` where you replace `{launchClass}` with the earlier saved class. + `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass={launchClass}"],` where you replace `{launchClass}` with the earlier saved class. 8. Add the following to the json: -`"mainClass": "dev.kosmx.needle.launchWrapper.ParameterizedWrapper",` + `"mainClass": "dev.kosmx.needle.launchWrapper.ParameterizedWrapper",` 9. Save the file and have fun! ---- +--- **The lines for specific launchers:** Quilt: `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass=org.quiltmc.loader.impl.launch.knot.KnotClient"],` -Fabric: `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass=net.fabricmc.loader.impl.launch.knot.KnotClient"],` +Fabric: `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass=net.fabricmc.loader.impl.launch.knot.KnotClient"],` Forge up to 1.12.2: `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass=net.minecraft.launchwrapper.Launch"],` -Forge from 1.13.2: `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass=io.github.zekerzhayard.forgewrapper.installer.Main"],` +Forge from 1.13.2: `"+jvmArgs": ["-Ddev.kosmx.jneedle.launchClass=io.github.zekerzhayard.forgewrapper.installer.Main"],` ### Easy path // slow but easy-to-setup -1. In the game version menu, click `Add agents`: + +1. In the game version menu, click `Add agents`: 2. Select jneedle.jar 3. Done. (It will be slow in large modpacks) ## JVM properties + Some parameter can be set as a JVM property: `-Ddev.kosmx.jneedle.remoteDatabase` to set online database location. -`-Ddev.kosmx.jneedle.remoteDatabase=https://maven.kosmx.dev/dev/kosmx/needles` is default. +`-Ddev.kosmx.jneedle.remoteDatabase=https://maven.kosmx.dev/dev/kosmx/needles` is default. `-Ddev.kosmx.jneedle.databasePath` to set local database cache. `-Ddev.kosmx.jneedle.databasePath=${user.home}/.jneedle` by default. - If using `-cp jneedle.jar dev.kosmx.needle.launchWrapper.ParameterizedWrapper` `-Ddev.kosmx.jneedle.launchClass` to set the start class after checking is completed. The application has to be in classpath. (This is for Minecraft wrapper use) ## GUI mode + There is a gui version, you can simply open it in a graphical environment ## CLI mode + ```text > java -jar .\jneedle-1.0.0.jar Value for option --file should be always provided in command line. @@ -77,18 +91,16 @@ Options: ``` ## API usage: + dev.kosmx.needle.CheckWrapper object (static class) has API functions: These can be used from any JVM interop language (ideally Kotlin) First call `CheckWrapper.init()` to initialize database. Optionally database location and file location can be specified -Then the program state is effectively immutable, calling check function is safe from any thread anytime. +Then the program state is effectively immutable, calling check function is safe from any thread anytime. `CheckWrapper.checkJar()` to check a single jar file (extension doesn't have to be jar) -`CheckWrapper.checkPathBlocking()` to check jar file or walk directory. Function will return with results once completed. +`CheckWrapper.checkPathBlocking()` to check jar file or walk directory. Function will return with results once completed. - `CheckWrapper.checkPath()` with parameters to check path as a coroutine function. It can have feedback while running. This function is kotlin only. - - From 3a06ae0aa69736813f5b1f2ac75be029f37cfb8b Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 18:03:57 +0200 Subject: [PATCH 060/114] docs(readme): Add GUI quickstart section --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 12b89f2..f5712c6 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,15 @@ Yet another jar malware detection tool If you came from [MMPA](https://blog.mmpa.info) or already know what this program does, look here to see how to use jNeedle. +### GUI (Graphical) mode + +The easiest way to use jNeedle is to use the GUI version. +Just download the `jneedle-gui-xxx.jar` from the [release page](https://github.com/KosmX/jneedle/releases/latest) and double click on it. + +> Help, it won't start! + +There currently is a bug in the GUI version with Java 1.8, which won't let the program start. This is known and will be fixed. + --- ## How to find the needle in a haystack? - Use a strong enough magnet From 4ebcde87258c849616f1e93765c25f85983aa05a Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 18:16:35 +0200 Subject: [PATCH 061/114] docs(readme): Add CLI section --- README.md | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f5712c6..c0d361b 100644 --- a/README.md +++ b/README.md @@ -13,9 +13,22 @@ If you came from [MMPA](https://blog.mmpa.info) or already know what this progra The easiest way to use jNeedle is to use the GUI version. Just download the `jneedle-gui-xxx.jar` from the [release page](https://github.com/KosmX/jneedle/releases/latest) and double click on it. -> Help, it won't start! +_Help, it won't start!_ -There currently is a bug in the GUI version with Java 1.8, which won't let the program start. This is known and will be fixed. +There currently is a bug in the GUI version with Java 1.8, which won't let the program start. This is known and will be fixed. +If you still want to use it, look at the [CLI mode](#cli-mode). + +### CLI mode + +If you want to use the CLI version, you have to download the `jneedle-xxx-fat.jar` from the [release page](https://github.com/KosmX/jneedle/releases/latest) and run it with the following command: + +```text +java -jar jneedle-xxx-fat.jar -f +``` + +_Help, where do I need to put that command?_ + +On Windows, open the file explorer, navigate to the folder where you downloaded the jar file. Press `Shift` and right click on empty space. Select `Open PowerShell window here` and type the command above. --- From ccaa1280eebe886463201759f672e06150c138db Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 18:20:16 +0200 Subject: [PATCH 062/114] ref(readme): Delete old GUI section --- README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/README.md b/README.md index c0d361b..bfe2500 100644 --- a/README.md +++ b/README.md @@ -94,10 +94,6 @@ If using `-cp jneedle.jar dev.kosmx.needle.launchWrapper.ParameterizedWrapper` `-Ddev.kosmx.jneedle.launchClass` to set the start class after checking is completed. The application has to be in classpath. (This is for Minecraft wrapper use) -## GUI mode - -There is a gui version, you can simply open it in a graphical environment - ## CLI mode ```text From 0b1c7ebdf7d7d09205e255591af492a53b842f96 Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 18:23:48 +0200 Subject: [PATCH 063/114] ref(readme): Merge old CLI section with new one --- README.md | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index bfe2500..479ac6a 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ Yet another jar malware detection tool --- -## Quickstart +## Quickstart / How to use If you came from [MMPA](https://blog.mmpa.info) or already know what this program does, look here to see how to use jNeedle. @@ -30,7 +30,19 @@ _Help, where do I need to put that command?_ On Windows, open the file explorer, navigate to the folder where you downloaded the jar file. Press `Shift` and right click on empty space. Select `Open PowerShell window here` and type the command above. ---- +For more CLI arguments, type the command without `-f`: + +```text +> java -jar .\jneedle-1.0.0.jar +Value for option --file should be always provided in command line. +Usage: jNeedle options_list +Options: + --file, -f -> file or directory (always required) { String } + --url, -u [https://maven.kosmx.dev/dev/kosmx/needles] { String } + --dblocation [C:\Users\kosmx\.jneedle] { String } + --threads [16] { Int } + --help, -h -> Usage info +``` ## How to find the needle in a haystack? - Use a strong enough magnet @@ -94,20 +106,6 @@ If using `-cp jneedle.jar dev.kosmx.needle.launchWrapper.ParameterizedWrapper` `-Ddev.kosmx.jneedle.launchClass` to set the start class after checking is completed. The application has to be in classpath. (This is for Minecraft wrapper use) -## CLI mode - -```text -> java -jar .\jneedle-1.0.0.jar -Value for option --file should be always provided in command line. -Usage: jNeedle options_list -Options: - --file, -f -> file or directory (always required) { String } - --url, -u [https://maven.kosmx.dev/dev/kosmx/needles] { String } - --dblocation [C:\Users\kosmx\.jneedle] { String } - --threads [16] { Int } - --help, -h -> Usage info -``` - ## API usage: From cc12da13a65516e63ad7436edec287a809138f11 Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 18:26:34 +0200 Subject: [PATCH 064/114] ref(cli-mode): Hold Shift instead of Press --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 479ac6a..4e9409b 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ java -jar jneedle-xxx-fat.jar -f _Help, where do I need to put that command?_ -On Windows, open the file explorer, navigate to the folder where you downloaded the jar file. Press `Shift` and right click on empty space. Select `Open PowerShell window here` and type the command above. +On Windows, open the file explorer, navigate to the folder where you downloaded the jar file. Hold `Shift` and right click on empty space. Select `Open PowerShell window here` and type the command above. For more CLI arguments, type the command without `-f`: From bd4ad0b95b9d41ec1eb0c644976d3ec70b572de3 Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 21:48:53 +0200 Subject: [PATCH 065/114] docs(cli): Explain output when finished --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4e9409b..5453bf7 100644 --- a/README.md +++ b/README.md @@ -26,8 +26,9 @@ If you want to use the CLI version, you have to download the `jneedle-xxx-fat.ja java -jar jneedle-xxx-fat.jar -f ``` -_Help, where do I need to put that command?_ +JNeedle will then check the given file or directory for malicious code. It gives a summary of the results at the end. +_Help, where do I need to put that command?_ On Windows, open the file explorer, navigate to the folder where you downloaded the jar file. Hold `Shift` and right click on empty space. Select `Open PowerShell window here` and type the command above. For more CLI arguments, type the command without `-f`: From e70ea38a2785b9e57a79076fba7aa88394e18721 Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 21:50:44 +0200 Subject: [PATCH 066/114] doc(readme): Warning for advanced options --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index 5453bf7..ec6dda2 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,9 @@ come home ## See the **light** at the end of the tunnel +**Attention! These are advanced options, which you probably won't need!** +For an easy setup, look at the [Quickstart](#quickstart--how-to-use) section. + ### Add to PrismLauncher ### Extra jar // recommended but harder to set-up From 89f12c860483f0f4d14c898737f36295b81529ed Mon Sep 17 00:00:00 2001 From: FGBxRamel Date: Sun, 30 Jul 2023 23:25:23 +0200 Subject: [PATCH 067/114] docs(readme): State that Java 1.8 isn't working --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index ec6dda2..54d4b0d 100644 --- a/README.md +++ b/README.md @@ -15,8 +15,7 @@ Just download the `jneedle-gui-xxx.jar` from the [release page](https://github.c _Help, it won't start!_ -There currently is a bug in the GUI version with Java 1.8, which won't let the program start. This is known and will be fixed. -If you still want to use it, look at the [CLI mode](#cli-mode). +There currently is a bug with Java 1.8, which won't let the program start. This is known and will be fixed in the future. ### CLI mode @@ -31,6 +30,9 @@ JNeedle will then check the given file or directory for malicious code. It gives _Help, where do I need to put that command?_ On Windows, open the file explorer, navigate to the folder where you downloaded the jar file. Hold `Shift` and right click on empty space. Select `Open PowerShell window here` and type the command above. +_Help, it won't start!_ +See the [GUI section](#gui-graphical-mode) for more information. + For more CLI arguments, type the command without `-f`: ```text From 3e8937d893c792ccb33ff014f0b06e8cf00c39ff Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Jul 2023 09:37:58 +0000 Subject: [PATCH 068/114] Bump com.charleskorn.kaml:kaml from 0.54.0 to 0.55.0 Bumps [com.charleskorn.kaml:kaml](https://github.com/charleskorn/kaml) from 0.54.0 to 0.55.0. - [Release notes](https://github.com/charleskorn/kaml/releases) - [Commits](https://github.com/charleskorn/kaml/compare/0.54.0...0.55.0) --- updated-dependencies: - dependency-name: com.charleskorn.kaml:kaml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bf96be..ffb3103 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -55,7 +55,7 @@ ktoml-file = { group = "com.akuleshov7", name = "ktoml-file", version.ref = "kto # TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) # Kaml ## YAML serialization for kotlinx.serialization -kaml = { group = "com.charleskorn.kaml", name = "kaml", version = "0.54.0" } +kaml = { group = "com.charleskorn.kaml", name = "kaml", version = "0.55.0" } # kotlinx.coroutines From 36fcf6ed539cb09081f4e13cd696111d00d1146b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Jul 2023 09:38:11 +0000 Subject: [PATCH 069/114] Bump com.github.ajalt.clikt:clikt from 4.1.0 to 4.2.0 Bumps [com.github.ajalt.clikt:clikt](https://github.com/ajalt/clikt) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/ajalt/clikt/releases) - [Changelog](https://github.com/ajalt/clikt/blob/master/CHANGELOG.md) - [Commits](https://github.com/ajalt/clikt/compare/4.1.0...4.2.0) --- updated-dependencies: - dependency-name: com.github.ajalt.clikt:clikt dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bf96be..39afef7 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -76,7 +76,7 @@ kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = # Clikt ## Multiplatform Kotlin Library for writing CLI interfaces -clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.1.0" } +clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.2.0" } # TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) From 347b7abf3e4916c06f5383857e1ea27a3d6c5e6c Mon Sep 17 00:00:00 2001 From: KosmX Date: Mon, 31 Jul 2023 14:54:13 +0200 Subject: [PATCH 070/114] Catch more ZIP exceptions --- api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt index e0ca5fc..ea1bf0c 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/scanner/ScanConfig.kt @@ -61,7 +61,7 @@ class ScanConfig ZipIO.readJvm(path).use { jar -> JarScanner.checkJar(this, jar) } - } catch (e: IOException) { + } catch (e: Exception) { logger.error(e) {"File $path can't be opened as java archive (jar)"} emptySet() } From 7a3a9f76f58916ae183fd1688e5c23915cadd13c Mon Sep 17 00:00:00 2001 From: KosmX Date: Mon, 31 Jul 2023 14:54:32 +0200 Subject: [PATCH 071/114] completely gitignore logs --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 52773db..d9bda54 100644 --- a/.gitignore +++ b/.gitignore @@ -121,4 +121,4 @@ run/ *.pass -*/logs +**/logs From 2dcbd18e21f989a0635d2f06ca23a32d0d96343d Mon Sep 17 00:00:00 2001 From: KosmX Date: Mon, 31 Jul 2023 15:47:08 +0200 Subject: [PATCH 072/114] Properly relocate libraries, fixes #45 --- launchwrapper/build.gradle.kts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/launchwrapper/build.gradle.kts b/launchwrapper/build.gradle.kts index c67b1e9..6ee455a 100644 --- a/launchwrapper/build.gradle.kts +++ b/launchwrapper/build.gradle.kts @@ -27,8 +27,8 @@ dependencies { tasks { // Relocation is necessary to avoid classpath collision shadowJar { - relocate("kotlin", "dev.kosmx.needle.kotlin") - relocate("kotlinx", "dev.kosmx.needle.kotlinx") - relocate("org.slf4j", "dev.kosmx.needle.org.slf4j") + isEnableRelocation = true + relocationPrefix = "needleWrapper" + exclude("META-INF/**") } } From 09834a82967f682cf35abb63a4b39701dd6cc9d2 Mon Sep 17 00:00:00 2001 From: KosmX Date: Mon, 31 Jul 2023 15:50:08 +0200 Subject: [PATCH 073/114] re-add java-agent info to META-INF --- launchwrapper/build.gradle.kts | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/launchwrapper/build.gradle.kts b/launchwrapper/build.gradle.kts index 6ee455a..61d0750 100644 --- a/launchwrapper/build.gradle.kts +++ b/launchwrapper/build.gradle.kts @@ -31,4 +31,12 @@ tasks { relocationPrefix = "needleWrapper" exclude("META-INF/**") } + + jar { + manifest { + attributes( + "Premain-Class" to "needleWrapper.dev.kosmx.needle.launchWrapper.JavaAgentLauncher", + "Agent-Class" to "needleWrapper.dev.kosmx.needle.launchWrapper.JavaAgentLauncher",) + } + } } From a193b9b4529d2ebffecae1e9aafa368fc7490d0d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Aug 2023 09:07:53 +0000 Subject: [PATCH 074/114] Bump com.squareup.okio:okio from 3.4.0 to 3.5.0 Bumps [com.squareup.okio:okio](https://github.com/square/okio) from 3.4.0 to 3.5.0. - [Changelog](https://github.com/square/okio/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okio/compare/parent-3.4.0...parent-3.5.0) --- updated-dependencies: - dependency-name: com.squareup.okio:okio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bf96be..49e4c20 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -112,7 +112,7 @@ lljzip = { group = "software.coley", name = "lljzip", version = "2.1.2" } # Okio ## A modern I/O library for Android, Java, and Kotlin Multiplatform. -okio = { group = "com.squareup.okio", name = "okio", version = "3.4.0" } +okio = { group = "com.squareup.okio", name = "okio", version = "3.5.0" } # SLF4J From c81859781bf711c894757fab5bcc86c3195be185 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Aug 2023 09:08:06 +0000 Subject: [PATCH 075/114] Bump ch.qos.logback:logback-classic from 1.3.8 to 1.3.9 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.3.8 to 1.3.9. - [Commits](https://github.com/qos-ch/logback/compare/v_1.3.8...v_1.3.9) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bf96be..95ad20d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -123,7 +123,7 @@ slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.7" } slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } # Logback ## The reliable, generic, fast and flexible logging framework for Java -logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.8" } +logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.9" } # Fuel From 77c2fc4c902af60b809f3ed7d935dd27d9f03565 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Aug 2023 09:08:11 +0000 Subject: [PATCH 076/114] Bump com.google.guava:guava from 32.1.1-jre to 32.1.2-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.1.1-jre to 32.1.2-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bf96be..e10577e 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -136,7 +136,7 @@ fuel-kotlinx-serialization = { group = "com.github.kittinunf.fuel", name = "fuel # Guava ## A set of core Java libraries from Google that includes new collection types, immutable collections, a graph library, ## and utilities for concurrency, I/O, hashing, caching, primitives, strings, and more -guava = { group = "com.google.guava", name = "guava", version = "32.1.1-jre" } +guava = { group = "com.google.guava", name = "guava", version = "32.1.2-jre" } # Guava Kotlin ## A wrapper around Guava to make it more idiomatic in kotlin guava-kotlin = { group = "ca.solo-studios", name = "guava-kotlin", version = "0.1.0" } From 227d4b832febfa674e926413191105d33b617cca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 7 Aug 2023 09:08:24 +0000 Subject: [PATCH 077/114] Bump software.coley:lljzip from 2.1.2 to 2.1.3 Bumps [software.coley:lljzip](https://github.com/Col-E/LL-Java-Zip) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/Col-E/LL-Java-Zip/releases) - [Changelog](https://github.com/Col-E/LL-Java-Zip/blob/master/jreleaser.yml) - [Commits](https://github.com/Col-E/LL-Java-Zip/compare/2.1.2...2.1.3) --- updated-dependencies: - dependency-name: software.coley:lljzip dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 3bf96be..536f6c9 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -106,7 +106,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "2.1.2" } +lljzip = { group = "software.coley", name = "lljzip", version = "2.1.3" } From 3007975c74e671c21e506e9a13da3ef7f52ba388 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Aug 2023 09:15:48 +0000 Subject: [PATCH 078/114] Bump ch.qos.logback:logback-classic from 1.3.9 to 1.3.11 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.3.9 to 1.3.11. - [Commits](https://github.com/qos-ch/logback/compare/v_1.3.9...v_1.3.11) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 439f100..00c38d7 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -123,7 +123,7 @@ slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.7" } slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } # Logback ## The reliable, generic, fast and flexible logging framework for Java -logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.9" } +logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.11" } # Fuel From 36483cb9b2ead6c7a4bfb50a4e6b229fd4c269b6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 21 Aug 2023 10:03:39 +0000 Subject: [PATCH 079/114] Bump org.gradle.toolchains.foojay-resolver-convention Bumps org.gradle.toolchains.foojay-resolver-convention from 0.6.0 to 0.7.0. --- updated-dependencies: - dependency-name: org.gradle.toolchains.foojay-resolver-convention dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- settings.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/settings.gradle.kts b/settings.gradle.kts index 4194c38..8533c02 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -5,7 +5,7 @@ pluginManagement { } } plugins { - id("org.gradle.toolchains.foojay-resolver-convention") version "0.6.0" + id("org.gradle.toolchains.foojay-resolver-convention") version "0.7.0" } rootProject.name = "jneedle" From 7237b0fd298241ea24e448abcbcc0a0a9f8c60e4 Mon Sep 17 00:00:00 2001 From: KosmX Date: Tue, 22 Aug 2023 19:08:41 +0200 Subject: [PATCH 080/114] Detecting weirdUtils --- .../dev/kosmx/needle/dbGen/Generator.kt | 2 +- .../dev/kosmx/needle/dbGen/db/WeirdUtils.kt | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) create mode 100644 api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/WeirdUtils.kt diff --git a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt index 9bc26db..6946be0 100644 --- a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/Generator.kt @@ -15,7 +15,7 @@ import kotlin.io.path.writeText import kotlin.streams.asSequence -const val databaseId = 5 +const val databaseId = 6 diff --git a/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/WeirdUtils.kt b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/WeirdUtils.kt new file mode 100644 index 0000000..b1cc782 --- /dev/null +++ b/api/src/dbGen/kotlin/dev/kosmx/needle/dbGen/db/WeirdUtils.kt @@ -0,0 +1,19 @@ +package dev.kosmx.needle.dbGen.db + +import dev.kosmx.needle.dbGen.dsl.KDSL +import dev.kosmx.needle.matcher.result.Severity +import org.objectweb.asm.tree.LdcInsnNode + +fun KDSL.weirdutils() { + malwareId = "WeirdUtils" + type = Severity.SEVERE + + "base64" byteCodeEntry { + autoFilerInstructions = true + + insn( + LdcInsnNode("aHR0cHM6Ly9wYXN0ZWJpbi5jb20vcmF3LzRMaG5EQ3Rm"), + ) + } + +} \ No newline at end of file From 2a6327bf1c9f9d3f4e12a930fa5d94db4e54e225 Mon Sep 17 00:00:00 2001 From: KosmX Date: Tue, 22 Aug 2023 19:21:34 +0200 Subject: [PATCH 081/114] Modify json format to keep compatibility --- .../kotlin/dev/kosmx/needle/matcher/result/Severity.kt | 10 ++++------ gradlew | 0 2 files changed, 4 insertions(+), 6 deletions(-) mode change 100644 => 100755 gradlew diff --git a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt index b3ac8f0..32a1b36 100644 --- a/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt +++ b/api/src/main/kotlin/dev/kosmx/needle/matcher/result/Severity.kt @@ -1,28 +1,26 @@ package dev.kosmx.needle.matcher.result -import kotlinx.serialization.ExperimentalSerializationApi +import kotlinx.serialization.SerialName import kotlinx.serialization.Serializable -import kotlinx.serialization.json.JsonNames @Serializable -@OptIn(ExperimentalSerializationApi::class) enum class Severity(val level: Int) { /** * It is very likely not a threat, but something may be an issue */ - @JsonNames("INFO") + @SerialName("INFO") INFORMATION(0), /** * Threat isn't dangerous, something unwanted like data logging/etc, no token logging or backdoor access */ - @JsonNames("POTENTIAL") + @SerialName("POTENTIAL") WARNING(1), /** * Serious threats like backdoor, token loggers, something that you definitely not want to run on your machine */ - @JsonNames("MALWARE") + @SerialName("MALWARE") SEVERE(2), } diff --git a/gradlew b/gradlew old mode 100644 new mode 100755 From ca48507b3cc590f1e5a4e20547511978c0cd016f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 09:32:45 +0000 Subject: [PATCH 082/114] Bump kotlinx-serialization from 1.5.1 to 1.6.0 Bumps `kotlinx-serialization` from 1.5.1 to 1.6.0. Updates `org.jetbrains.kotlinx:kotlinx-serialization-core` from 1.5.1 to 1.6.0 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.5.1...v1.6.0) Updates `org.jetbrains.kotlinx:kotlinx-serialization-json` from 1.5.1 to 1.6.0 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.5.1...v1.6.0) Updates `org.jetbrains.kotlinx:kotlinx-serialization-cbor` from 1.5.1 to 1.6.0 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.5.1...v1.6.0) Updates `org.jetbrains.kotlinx:kotlinx-serialization-hocon` from 1.5.1 to 1.6.0 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.5.1...v1.6.0) Updates `org.jetbrains.kotlinx:kotlinx-serialization-protobuf` from 1.5.1 to 1.6.0 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.5.1...v1.6.0) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-core dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-json dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-cbor dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-hocon dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..aca2d3a 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] kotlin = "1.8.20" -kotlinx-serialization = "1.5.1" +kotlinx-serialization = "1.6.0" ktoml = "0.5.0" kotlinx-coroutines = "1.7.3" From e3ed5a975ebb238fa57741bd9a766a77285e6fe0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 09:33:19 +0000 Subject: [PATCH 083/114] Bump org.jetbrains.kotlinx:kotlinx-datetime from 0.4.0 to 0.4.1 Bumps [org.jetbrains.kotlinx:kotlinx-datetime](https://github.com/Kotlin/kotlinx-datetime) from 0.4.0 to 0.4.1. - [Release notes](https://github.com/Kotlin/kotlinx-datetime/releases) - [Changelog](https://github.com/Kotlin/kotlinx-datetime/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx-datetime/compare/v0.4.0...v0.4.1) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-datetime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..8e31cc5 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -66,7 +66,7 @@ kotlinx-coroutines-test = { group = "org.jetbrains.kotlinx", name = "kotlinx-cor kotlinx-coroutines-debug = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-debug", version.ref = "kotlinx-coroutines" } -kotlinx-datetime = { group = "org.jetbrains.kotlinx", name = "kotlinx-datetime", version = "0.4.0" } +kotlinx-datetime = { group = "org.jetbrains.kotlinx", name = "kotlinx-datetime", version = "0.4.1" } # kotlinx-cli From f765f8f12eb3033bcfc9094b5497e091e203d903 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 09:33:33 +0000 Subject: [PATCH 084/114] Bump org.jetbrains.compose from 1.4.3 to 1.5.0 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.4.3 to 1.5.0. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.4.3...v1.5.0) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..feb0798 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.4.3" } +compose = { id = "org.jetbrains.compose", version = "1.5.0" } [libraries] From 12ea9b8d3bf17838cbad7dfab76f2fdef4bdb116 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 09:33:45 +0000 Subject: [PATCH 085/114] Bump software.coley:lljzip from 2.1.3 to 2.2.0 Bumps [software.coley:lljzip](https://github.com/Col-E/LL-Java-Zip) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/Col-E/LL-Java-Zip/releases) - [Changelog](https://github.com/Col-E/LL-Java-Zip/blob/master/jreleaser.yml) - [Commits](https://github.com/Col-E/LL-Java-Zip/compare/2.1.3...2.2.0) --- updated-dependencies: - dependency-name: software.coley:lljzip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..5df4ed1 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -106,7 +106,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "2.1.3" } +lljzip = { group = "software.coley", name = "lljzip", version = "2.2.0" } From b6176c1ad0f3db375eaecb672304c2a26de8b973 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 09:34:09 +0000 Subject: [PATCH 086/114] Bump org.slf4j:slf4j-api from 2.0.7 to 2.0.9 Bumps org.slf4j:slf4j-api from 2.0.7 to 2.0.9. --- updated-dependencies: - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..26f09fa 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -117,7 +117,7 @@ okio = { group = "com.squareup.okio", name = "okio", version = "3.5.0" } # SLF4J ## Simple Logging Facade for Java -slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.7" } +slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.9" } # SLF4K ## SLF4K is a set of kotlin extensions for SLF4J slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } From 1f8c5785edc4e651c1a72969218cbba942b3dd5d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 09:34:16 +0000 Subject: [PATCH 087/114] Bump org.jetbrains.kotlinx:kotlinx-cli from 0.3.5 to 0.3.6 Bumps [org.jetbrains.kotlinx:kotlinx-cli](https://github.com/Kotlin/kotlinx-cli) from 0.3.5 to 0.3.6. - [Release notes](https://github.com/Kotlin/kotlinx-cli/releases) - [Changelog](https://github.com/Kotlin/kotlinx-cli/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx-cli/compare/v0.3.5...v0.3.6) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-cli dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..e667d33 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -71,7 +71,7 @@ kotlinx-datetime = { group = "org.jetbrains.kotlinx", name = "kotlinx-datetime", # kotlinx-cli ## Pure Kotlin implementation of a generic command-line parser. -kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = "0.3.5" } +kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = "0.3.6" } # Clikt From 0b64cb6f926580733887264d06ce61e2bf772c81 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Sep 2023 09:52:28 +0000 Subject: [PATCH 088/114] Bump kotlin from 1.8.20 to 1.9.0 Bumps `kotlin` from 1.8.20 to 1.9.0. Updates `org.jetbrains.kotlin:kotlin-stdlib` from 1.8.20 to 1.9.0 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.8.20...v1.9.0) Updates `org.jetbrains.kotlin:kotlin-reflect` from 1.8.20 to 1.9.0 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.8.20...v1.9.0) Updates `org.jetbrains.kotlin.jvm` from 1.8.20 to 1.9.0 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.8.20...v1.9.0) Updates `org.jetbrains.kotlin.plugin.serialization` from 1.8.20 to 1.9.0 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.8.20...v1.9.0) Updates `org.jetbrains.dokka` from 1.8.20 to 1.9.0 - [Release notes](https://github.com/Kotlin/dokka/releases) - [Commits](https://github.com/Kotlin/dokka/compare/v1.8.20...v1.9.0) --- updated-dependencies: - dependency-name: org.jetbrains.kotlin:kotlin-stdlib dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlin:kotlin-reflect dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlin.jvm dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.kotlin.plugin.serialization dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.jetbrains.dokka dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 00c38d7..f6f94b7 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,5 +1,5 @@ [versions] -kotlin = "1.8.20" +kotlin = "1.9.0" kotlinx-serialization = "1.5.1" ktoml = "0.5.0" From 86ce5ab3c49934f9ff25eed9db4a8b7655e3fd3d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:18:30 +0000 Subject: [PATCH 089/114] Bump org.jetbrains.compose from 1.5.0 to 1.5.1 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.5.0 to 1.5.1. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.5.0...v1.5.1) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 263372d..bd7bafe 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.5.0" } +compose = { id = "org.jetbrains.compose", version = "1.5.1" } [libraries] From c8534e3ab9c2af4d48a209b528c49ddc1703bfbe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:18:42 +0000 Subject: [PATCH 090/114] Bump org.apache.commons:commons-compress from 1.23.0 to 1.24.0 Bumps org.apache.commons:commons-compress from 1.23.0 to 1.24.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 263372d..4039042 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -151,7 +151,7 @@ dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } # Apache Commons -commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.23.0" } +commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.24.0" } commons-io = { group = "commons-io", name = "commons-io", version = "2.13.0" } commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.16.0" } commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } From 766b43e5b050e04fd5bd1e0ae6d0da5160396b6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Sep 2023 09:23:45 +0000 Subject: [PATCH 091/114] build(deps): bump software.coley:lljzip from 2.2.0 to 2.3.0 Bumps [software.coley:lljzip](https://github.com/Col-E/LL-Java-Zip) from 2.2.0 to 2.3.0. - [Release notes](https://github.com/Col-E/LL-Java-Zip/releases) - [Changelog](https://github.com/Col-E/LL-Java-Zip/blob/master/jreleaser.yml) - [Commits](https://github.com/Col-E/LL-Java-Zip/compare/2.2.0...2.3.0) --- updated-dependencies: - dependency-name: software.coley:lljzip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5bed142..299492e 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -106,7 +106,7 @@ cafedude = { group = "com.github.Col-E", name = "CAFED00D", version = "1.10.2" } # LLJ-ZIP ## A closer to the spec implementation of ZIP parsing for Java. -lljzip = { group = "software.coley", name = "lljzip", version = "2.2.0" } +lljzip = { group = "software.coley", name = "lljzip", version = "2.3.0" } From 1e5a97aea229b510635014e016ed2a892c994965 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 09:08:46 +0000 Subject: [PATCH 092/114] build(deps): bump com.squareup.okio:okio from 3.5.0 to 3.6.0 Bumps [com.squareup.okio:okio](https://github.com/square/okio) from 3.5.0 to 3.6.0. - [Changelog](https://github.com/square/okio/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okio/compare/parent-3.5.0...parent-3.6.0) --- updated-dependencies: - dependency-name: com.squareup.okio:okio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5bed142..f561f93 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -112,7 +112,7 @@ lljzip = { group = "software.coley", name = "lljzip", version = "2.2.0" } # Okio ## A modern I/O library for Android, Java, and Kotlin Multiplatform. -okio = { group = "com.squareup.okio", name = "okio", version = "3.5.0" } +okio = { group = "com.squareup.okio", name = "okio", version = "3.6.0" } # SLF4J From 187b5c987b731727bafd1062b3210448100a9e53 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 09:09:00 +0000 Subject: [PATCH 093/114] build(deps): bump commons-io:commons-io from 2.13.0 to 2.14.0 Bumps commons-io:commons-io from 2.13.0 to 2.14.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5bed142..61d8cdc 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -152,7 +152,7 @@ dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } # Apache Commons commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.24.0" } -commons-io = { group = "commons-io", name = "commons-io", version = "2.13.0" } +commons-io = { group = "commons-io", name = "commons-io", version = "2.14.0" } commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.16.0" } commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } # when 4.0.0 is released, commons-math is being split into: From 73137389faa049153f5e0be27b27198abfc3166b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 09:09:19 +0000 Subject: [PATCH 094/114] build(deps): bump asm from 9.5 to 9.6 Bumps `asm` from 9.5 to 9.6. Updates `org.ow2.asm:asm` from 9.5 to 9.6 Updates `org.ow2.asm:asm-tree` from 9.5 to 9.6 --- updated-dependencies: - dependency-name: org.ow2.asm:asm dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.ow2.asm:asm-tree dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5bed142..ad8501a 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -6,7 +6,7 @@ ktoml = "0.5.0" kotlinx-coroutines = "1.7.3" -asm = "9.5" +asm = "9.6" konf = "1.1.2" From 0cbe8603b048d916d120bd1c4835c37974ccf371 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 09:09:34 +0000 Subject: [PATCH 095/114] build(deps): bump org.jetbrains.compose from 1.5.1 to 1.5.2 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.5.1 to 1.5.2. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.5.1...v1.5.2) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5bed142..81a8334 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.5.1" } +compose = { id = "org.jetbrains.compose", version = "1.5.2" } [libraries] From 14699f9264fc60c94de246d7f58760a2ace41c8e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Oct 2023 09:09:46 +0000 Subject: [PATCH 096/114] build(deps): bump pl.allegro.tech.build.axion-release Bumps [pl.allegro.tech.build.axion-release](https://github.com/allegro/axion-release-plugin) from 1.15.4 to 1.15.5. - [Release notes](https://github.com/allegro/axion-release-plugin/releases) - [Commits](https://github.com/allegro/axion-release-plugin/compare/v1.15.4...v1.15.5) --- updated-dependencies: - dependency-name: pl.allegro.tech.build.axion-release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 5bed142..9f4f222 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -23,7 +23,7 @@ shadow = "8.1.1" kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" } kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" } -axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.4" } +axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.5" } shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } From 3c83320e81cd5c710506cef0c969e7fca221396a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 09:37:45 +0000 Subject: [PATCH 097/114] build(deps): bump org.jetbrains.compose from 1.5.2 to 1.5.3 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.5.2 to 1.5.3. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.5.2...v1.5.3) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index d021d65..d647ca9 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.5.2" } +compose = { id = "org.jetbrains.compose", version = "1.5.3" } [libraries] From b7331f761ee7e56b152781f6d207c6a31a00ff40 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Oct 2023 09:37:53 +0000 Subject: [PATCH 098/114] build(deps): bump com.github.ajalt.clikt:clikt from 4.2.0 to 4.2.1 Bumps [com.github.ajalt.clikt:clikt](https://github.com/ajalt/clikt) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/ajalt/clikt/releases) - [Changelog](https://github.com/ajalt/clikt/blob/master/CHANGELOG.md) - [Commits](https://github.com/ajalt/clikt/compare/4.2.0...4.2.1) --- updated-dependencies: - dependency-name: com.github.ajalt.clikt:clikt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index d021d65..c920856 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -76,7 +76,7 @@ kotlinx-cli = { group = "org.jetbrains.kotlinx", name = "kotlinx-cli", version = # Clikt ## Multiplatform Kotlin Library for writing CLI interfaces -clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.2.0" } +clikt = { group = "com.github.ajalt.clikt", name = "clikt", version = "4.2.1" } # TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) From ce5c3a7d7f0718d762137979a1652abd8b7c7d14 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Oct 2023 09:56:19 +0000 Subject: [PATCH 099/114] build(deps): bump com.google.guava:guava from 32.1.2-jre to 32.1.3-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.1.2-jre to 32.1.3-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index b27b647..300c953 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -136,7 +136,7 @@ fuel-kotlinx-serialization = { group = "com.github.kittinunf.fuel", name = "fuel # Guava ## A set of core Java libraries from Google that includes new collection types, immutable collections, a graph library, ## and utilities for concurrency, I/O, hashing, caching, primitives, strings, and more -guava = { group = "com.google.guava", name = "guava", version = "32.1.2-jre" } +guava = { group = "com.google.guava", name = "guava", version = "32.1.3-jre" } # Guava Kotlin ## A wrapper around Guava to make it more idiomatic in kotlin guava-kotlin = { group = "ca.solo-studios", name = "guava-kotlin", version = "0.1.0" } From 3ed00cfffe1097d90e575f98051ed2e654f11417 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Oct 2023 10:03:14 +0000 Subject: [PATCH 100/114] build(deps): bump kotlin from 1.9.0 to 1.9.10 Bumps `kotlin` from 1.9.0 to 1.9.10. Updates `org.jetbrains.kotlin:kotlin-stdlib` from 1.9.0 to 1.9.10 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.10/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.9.0...v1.9.10) Updates `org.jetbrains.kotlin:kotlin-reflect` from 1.9.0 to 1.9.10 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.10/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.9.0...v1.9.10) Updates `org.jetbrains.kotlin.jvm` from 1.9.0 to 1.9.10 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.10/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.9.0...v1.9.10) Updates `org.jetbrains.kotlin.plugin.serialization` from 1.9.0 to 1.9.10 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/v1.9.10/ChangeLog.md) - [Commits](https://github.com/JetBrains/kotlin/compare/v1.9.0...v1.9.10) Updates `org.jetbrains.dokka` from 1.9.0 to 1.9.10 - [Release notes](https://github.com/Kotlin/dokka/releases) - [Commits](https://github.com/Kotlin/dokka/compare/v1.9.0...v1.9.10) --- updated-dependencies: - dependency-name: org.jetbrains.kotlin:kotlin-stdlib dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlin:kotlin-reflect dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlin.jvm dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlin.plugin.serialization dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.dokka dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 300c953..c065b69 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,5 +1,5 @@ [versions] -kotlin = "1.9.0" +kotlin = "1.9.10" kotlinx-serialization = "1.6.0" ktoml = "0.5.0" From 637a6f223ded2c7059e4ffef996da55897bf8b43 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 10:03:37 +0000 Subject: [PATCH 101/114] build(deps): bump commons-io:commons-io from 2.14.0 to 2.15.0 Bumps commons-io:commons-io from 2.14.0 to 2.15.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index c065b69..b3379e8 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -152,7 +152,7 @@ dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } # Apache Commons commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.24.0" } -commons-io = { group = "commons-io", name = "commons-io", version = "2.14.0" } +commons-io = { group = "commons-io", name = "commons-io", version = "2.15.0" } commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.16.0" } commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } # when 4.0.0 is released, commons-math is being split into: From 2e6ca9fc25610176711db95913da027a719da717 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Oct 2023 10:03:43 +0000 Subject: [PATCH 102/114] build(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 Bumps org.apache.commons:commons-text from 1.10.0 to 1.11.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index c065b69..7e88465 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -161,7 +161,7 @@ commons-math = { group = "org.apache.commons", name = "commons-math3", version = # - commons-statistics # - commons-rng commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = "3.13.0" } -commons-text = { group = "org.apache.commons", name = "commons-text", version = "1.10.0" } +commons-text = { group = "org.apache.commons", name = "commons-text", version = "1.11.0" } mpfilepicker-desktop = { group = "com.darkrockstudios", name = "mpfilepicker-desktop", version = "1.2.0" } From 227f5322a9b7f11efc96f54497db9037ad5bfb37 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Nov 2023 09:24:37 +0000 Subject: [PATCH 103/114] build(deps): bump junit-jupiter from 5.10.0 to 5.10.1 Bumps `junit-jupiter` from 5.10.0 to 5.10.1. Updates `org.junit.jupiter:junit-jupiter-api` from 5.10.0 to 5.10.1 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.0...r5.10.1) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.10.0 to 5.10.1 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.0...r5.10.1) Updates `org.junit.jupiter:junit-jupiter-params` from 5.10.0 to 5.10.1 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](https://github.com/junit-team/junit5/compare/r5.10.0...r5.10.1) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..9cf5cd0 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -12,7 +12,7 @@ konf = "1.1.2" fuel = "2.3.1" -junit-jupiter = "5.10.0" +junit-jupiter = "5.10.1" grgit = "4.1.1" From 95cb54bf5209deb5a3b3bdbd98b47159d477dc64 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 09:53:25 +0000 Subject: [PATCH 104/114] build(deps): bump org.jetbrains:annotations from 24.0.1 to 24.1.0 Bumps [org.jetbrains:annotations](https://github.com/JetBrains/java-annotations) from 24.0.1 to 24.1.0. - [Release notes](https://github.com/JetBrains/java-annotations/releases) - [Changelog](https://github.com/JetBrains/java-annotations/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/java-annotations/compare/24.0.1...24.1.0) --- updated-dependencies: - dependency-name: org.jetbrains:annotations dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..84b582d 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -90,7 +90,7 @@ konf-yaml = { group = "com.uchuhimo", name = "konf-yaml", version.ref = "konf" } # Jetbrains Annotations ## Annotations for documentation and static code analysis -jetbrains-annotations = { group = "org.jetbrains", name = "annotations", version = "24.0.1" } +jetbrains-annotations = { group = "org.jetbrains", name = "annotations", version = "24.1.0" } # ASM From 981adc7a0b1c4a938690569c46a20aa224fa8fbd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Nov 2023 09:53:27 +0000 Subject: [PATCH 105/114] build(deps): bump org.apache.commons:commons-compress Bumps org.apache.commons:commons-compress from 1.24.0 to 1.25.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..1ace144 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -151,7 +151,7 @@ dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } # Apache Commons -commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.24.0" } +commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.25.0" } commons-io = { group = "commons-io", name = "commons-io", version = "2.15.0" } commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.16.0" } commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } From c5de29e658c1c84487a8631b3cdf4911e94a0688 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Nov 2023 09:44:52 +0000 Subject: [PATCH 106/114] build(deps): bump org.jetbrains.compose from 1.5.3 to 1.5.11 Bumps [org.jetbrains.compose](https://github.com/JetBrains/compose-jb) from 1.5.3 to 1.5.11. - [Release notes](https://github.com/JetBrains/compose-jb/releases) - [Changelog](https://github.com/JetBrains/compose-multiplatform/blob/master/CHANGELOG.md) - [Commits](https://github.com/JetBrains/compose-jb/compare/v1.5.3...v1.5.11) --- updated-dependencies: - dependency-name: org.jetbrains.compose dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..88f3b94 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -29,7 +29,7 @@ shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } dokka = { id = "org.jetbrains.dokka", version.ref = "kotlin" } -compose = { id = "org.jetbrains.compose", version = "1.5.3" } +compose = { id = "org.jetbrains.compose", version = "1.5.11" } [libraries] From dad5c0516ab879dd3c854c981dfa5a624fde0c27 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Nov 2023 09:45:02 +0000 Subject: [PATCH 107/114] build(deps): bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 Bumps org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-lang3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..c4f8142 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -160,7 +160,7 @@ commons-math = { group = "org.apache.commons", name = "commons-math3", version = # - commons-geometry # - commons-statistics # - commons-rng -commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = "3.13.0" } +commons-lang = { group = "org.apache.commons", name = "commons-lang3", version = "3.14.0" } commons-text = { group = "org.apache.commons", name = "commons-text", version = "1.11.0" } From db4d9aa02d762e62a9acf8b45d50880ba782dd7c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 09:49:51 +0000 Subject: [PATCH 108/114] build(deps): bump kotlinx-serialization from 1.6.0 to 1.6.2 Bumps `kotlinx-serialization` from 1.6.0 to 1.6.2. Updates `org.jetbrains.kotlinx:kotlinx-serialization-core` from 1.6.0 to 1.6.2 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.6.0...v1.6.2) Updates `org.jetbrains.kotlinx:kotlinx-serialization-json` from 1.6.0 to 1.6.2 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.6.0...v1.6.2) Updates `org.jetbrains.kotlinx:kotlinx-serialization-cbor` from 1.6.0 to 1.6.2 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.6.0...v1.6.2) Updates `org.jetbrains.kotlinx:kotlinx-serialization-hocon` from 1.6.0 to 1.6.2 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.6.0...v1.6.2) Updates `org.jetbrains.kotlinx:kotlinx-serialization-protobuf` from 1.6.0 to 1.6.2 - [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases) - [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx.serialization/compare/v1.6.0...v1.6.2) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-core dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-json dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-cbor dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-hocon dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-protobuf dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..74b8275 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] kotlin = "1.9.10" -kotlinx-serialization = "1.6.0" +kotlinx-serialization = "1.6.2" ktoml = "0.5.0" kotlinx-coroutines = "1.7.3" From 301f5981cbec34dcd0aea7584924a375f6f6cec6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 09:50:05 +0000 Subject: [PATCH 109/114] build(deps): bump org.jetbrains.kotlinx:kotlinx-datetime Bumps [org.jetbrains.kotlinx:kotlinx-datetime](https://github.com/Kotlin/kotlinx-datetime) from 0.4.1 to 0.5.0. - [Release notes](https://github.com/Kotlin/kotlinx-datetime/releases) - [Changelog](https://github.com/Kotlin/kotlinx-datetime/blob/master/CHANGELOG.md) - [Commits](https://github.com/Kotlin/kotlinx-datetime/compare/v0.4.1...v0.5.0) --- updated-dependencies: - dependency-name: org.jetbrains.kotlinx:kotlinx-datetime dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..f9e870c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -66,7 +66,7 @@ kotlinx-coroutines-test = { group = "org.jetbrains.kotlinx", name = "kotlinx-cor kotlinx-coroutines-debug = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-debug", version.ref = "kotlinx-coroutines" } -kotlinx-datetime = { group = "org.jetbrains.kotlinx", name = "kotlinx-datetime", version = "0.4.1" } +kotlinx-datetime = { group = "org.jetbrains.kotlinx", name = "kotlinx-datetime", version = "0.5.0" } # kotlinx-cli From 154f66b8d964f6ee397654c2e955baa44ba601af Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 09:50:10 +0000 Subject: [PATCH 110/114] build(deps): bump ch.qos.logback:logback-classic from 1.3.11 to 1.3.14 Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.3.11 to 1.3.14. - [Commits](https://github.com/qos-ch/logback/compare/v_1.3.11...v_1.3.14) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..45f1b96 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -123,7 +123,7 @@ slf4j = { group = "org.slf4j", name = "slf4j-api", version = "2.0.9" } slf4k = { group = "ca.solo-studios", name = "slf4k", version = "0.5.3" } # Logback ## The reliable, generic, fast and flexible logging framework for Java -logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.11" } +logback = { group = "ch.qos.logback", name = "logback-classic", version = "1.3.14" } # Fuel From 01ffd9212e44de470a946490d396658b214d258d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Dec 2023 09:10:41 +0000 Subject: [PATCH 111/114] build(deps): bump pl.allegro.tech.build.axion-release Bumps [pl.allegro.tech.build.axion-release](https://github.com/allegro/axion-release-plugin) from 1.15.5 to 1.16.1. - [Release notes](https://github.com/allegro/axion-release-plugin/releases) - [Commits](https://github.com/allegro/axion-release-plugin/compare/v1.15.5...v1.16.1) --- updated-dependencies: - dependency-name: pl.allegro.tech.build.axion-release dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..4864ebb 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -23,7 +23,7 @@ shadow = "8.1.1" kotlin-jvm = { id = "org.jetbrains.kotlin.jvm", version.ref = "kotlin" } kotlin-serialization = { id = "org.jetbrains.kotlin.plugin.serialization", version.ref = "kotlin" } -axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.15.5" } +axion-release = { id = "pl.allegro.tech.build.axion-release", version = "1.16.1" } shadow = { id = "com.github.johnrengelman.shadow", version.ref = "shadow" } From 322e4dfe43e7cfc9e26c33eee80a79ae0bb9474c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Dec 2023 09:48:17 +0000 Subject: [PATCH 112/114] build(deps): bump com.squareup.okio:okio from 3.6.0 to 3.7.0 Bumps [com.squareup.okio:okio](https://github.com/square/okio) from 3.6.0 to 3.7.0. - [Changelog](https://github.com/square/okio/blob/master/CHANGELOG.md) - [Commits](https://github.com/square/okio/compare/parent-3.6.0...parent-3.7.0) --- updated-dependencies: - dependency-name: com.squareup.okio:okio dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..bf24f74 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -112,7 +112,7 @@ lljzip = { group = "software.coley", name = "lljzip", version = "2.3.0" } # Okio ## A modern I/O library for Android, Java, and Kotlin Multiplatform. -okio = { group = "com.squareup.okio", name = "okio", version = "3.6.0" } +okio = { group = "com.squareup.okio", name = "okio", version = "3.7.0" } # SLF4J From d66d0e32f093f3b0afb5d79b75d5c72226fc3d93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jan 2024 09:12:24 +0000 Subject: [PATCH 113/114] build(deps): bump com.charleskorn.kaml:kaml from 0.55.0 to 0.57.0 Bumps [com.charleskorn.kaml:kaml](https://github.com/charleskorn/kaml) from 0.55.0 to 0.57.0. - [Release notes](https://github.com/charleskorn/kaml/releases) - [Commits](https://github.com/charleskorn/kaml/compare/0.55.0...0.57.0) --- updated-dependencies: - dependency-name: com.charleskorn.kaml:kaml dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d4502e..961f226 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -55,7 +55,7 @@ ktoml-file = { group = "com.akuleshov7", name = "ktoml-file", version.ref = "kto # TODO: decide whether to use kotlinx.serialization for config or konf (or maybe smth else?) # Kaml ## YAML serialization for kotlinx.serialization -kaml = { group = "com.charleskorn.kaml", name = "kaml", version = "0.55.0" } +kaml = { group = "com.charleskorn.kaml", name = "kaml", version = "0.57.0" } # kotlinx.coroutines From 5fbcb48c0d3c7f0e16733c259a2c6b7046055230 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jan 2024 13:24:48 +0000 Subject: [PATCH 114/114] build(deps): bump commons-io:commons-io from 2.15.0 to 2.15.1 Bumps commons-io:commons-io from 2.15.0 to 2.15.1. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index efb8786..95f16d8 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -152,7 +152,7 @@ dsi-fastutil = { group = "it.unimi.dsi", name = "fastutil", version = "8.5.12" } # Apache Commons commons-compress = { group = "org.apache.commons", name = "commons-compress", version = "1.25.0" } -commons-io = { group = "commons-io", name = "commons-io", version = "2.15.0" } +commons-io = { group = "commons-io", name = "commons-io", version = "2.15.1" } commons-codec = { group = "commons-codec", name = "commons-codec", version = "1.16.0" } commons-math = { group = "org.apache.commons", name = "commons-math3", version = "3.6.1" } # when 4.0.0 is released, commons-math is being split into: