diff --git a/CHANGELOG-Japanese.md b/CHANGELOG-Japanese.md index 30e48749e..37825a204 100644 --- a/CHANGELOG-Japanese.md +++ b/CHANGELOG-Japanese.md @@ -6,6 +6,10 @@ - `gt`、`gte`、`lt`、`lte`のフィールドモディファイアに対応した。(#1433) (@fukusuket) +**改善:** + +- `yaml-rust`クレートを`yaml-rust2`に更新した。 (#461) (@yamatosecurity) + **バグ修正:** - `csv-timeline`と`json-timeline`コマンドで、結果をターミナルに出力すると、プログレスバーの後にいくつかの結果が表示されていた。 (#1459) (@fukusuket) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d6225c04..fc9059283 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ - Support for the `gt`, `gte`, `lt`, `lte` field modifiers. (#1433) (@fukusuket) +**Enhancements:** + +- Updated the `yaml-rust` crate to `yaml-rust2`. (#461) (@yamatosecurity) + **Bug Fixes:** - Some results would be displayed after the progress bar when outputting results to the terminal with `csv-timeline` and `json-timeline`. (#1459) (@fukusuket) diff --git a/Cargo.lock b/Cargo.lock index 036e84991..da1c8da21 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -17,6 +17,18 @@ version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "512761e0bb2578dd7380c6baaa0f4ce03e84f95e960231d1dec8bf4d7d6e2627" +[[package]] +name = "ahash" +version = "0.8.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" +dependencies = [ + "cfg-if", + "once_cell", + "version_check", + "zerocopy", +] + [[package]] name = "aho-corasick" version = "1.1.3" @@ -49,9 +61,9 @@ dependencies = [ [[package]] name = "anstream" -version = "0.6.15" +version = "0.6.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "64e15c1ab1f89faffbf04a634d5e1962e9074f2741eef6d97f3c4e322426d526" +checksum = "23a1e53f0f5d86382dafe1cf314783b2044280f406e7e1506368220ad11b1338" dependencies = [ "anstyle", "anstyle-parse", @@ -64,43 +76,49 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.8" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bec1de6f59aedf83baf9ff929c98f2ad654b97c9510f4e70cf6f661d49fd5b1" +checksum = "8365de52b16c035ff4fcafe0092ba9390540e3e352870ac09933bebcaa2c8c56" [[package]] name = "anstyle-parse" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eb47de1e80c2b463c735db5b217a0ddc39d612e7ac9e2e96a5aed1f57616c1cb" +checksum = "3b2d16507662817a6a20a9ea92df6652ee4f94f914589377d69f3b21bc5798a9" dependencies = [ "utf8parse", ] [[package]] name = "anstyle-query" -version = "1.1.1" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6d36fc52c7f6c869915e99412912f22093507da8d9e942ceaf66fe4b7c14422a" +checksum = "79947af37f4177cfead1110013d678905c37501914fba0efea834c3fe9a8d60c" dependencies = [ - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "anstyle-wincon" -version = "3.0.4" +version = "3.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bf74e1b6e971609db8ca7a9ce79fd5768ab6ae46441c572e46cf596f59e57f8" +checksum = "2109dbce0e72be3ec00bed26e6a7479ca384ad226efdd66db8fa2e3a38c83125" dependencies = [ "anstyle", - "windows-sys 0.52.0", + "windows-sys 0.59.0", ] [[package]] name = "anyhow" -version = "1.0.90" +version = "1.0.91" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c042108f3ed77fd83760a5fd79b53be043192bb3b9dba91d8c574c0ada7850c8" + +[[package]] +name = "arraydeque" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "37bf3594c4c988a53154954629820791dde498571819ae4ca50ca811e060cc95" +checksum = "7d902e3d592a523def97af8f317b08ce16b7ab854c1985a0c671e6f15cebc236" [[package]] name = "arrayvec" @@ -186,9 +204,9 @@ checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b" [[package]] name = "bytes" -version = "1.7.2" +version = "1.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "428d9aa8fbc0670b7b8d6030a7fadd0f86151cae55e4dbbece15f3780a3dfaf3" +checksum = "9ac0150caa2ae65ca5bd83f25c7de183dea78d4d366469f148435e2acfbad0da" [[package]] name = "bytesize" @@ -316,7 +334,7 @@ dependencies = [ "heck", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -327,9 +345,9 @@ checksum = "1462739cb27611015575c0c11df5df7601141071f07518d56fcc1be504cbec97" [[package]] name = "colorchoice" -version = "1.0.2" +version = "1.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3fd119d74b830634cea2a0f58bbd0d54540518a14397557951e79340abc28c0" +checksum = "5b63caa9aa9397e2d9480a9b13673856c78d8ac123288526c37d7839f2a86990" [[package]] name = "comfy-table" @@ -597,6 +615,15 @@ version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a246d82be1c9d791c5dfde9a2bd045fc3cbba3fa2b11ad558f27d01712f00569" +[[package]] +name = "encoding_rs" +version = "0.8.35" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3" +dependencies = [ + "cfg-if", +] + [[package]] name = "equivalent" version = "1.0.1" @@ -624,8 +651,8 @@ dependencies = [ [[package]] name = "evtx" -version = "0.8.10" -source = "git+https://github.com/Yamato-Security/hayabusa-evtx.git?rev=5027622#50276228f536a8d9bb3ff527a745677ffddf63f1" +version = "0.8.11" +source = "git+https://github.com/Yamato-Security/hayabusa-evtx.git?rev=c8ed9d2#c8ed9d2b45ab159a0d9151ec02aaf6a741da5615" dependencies = [ "anyhow", "bitflags 2.6.0", @@ -771,6 +798,9 @@ name = "hashbrown" version = "0.14.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1" +dependencies = [ + "ahash", +] [[package]] name = "hashbrown" @@ -783,9 +813,18 @@ dependencies = [ "foldhash", ] +[[package]] +name = "hashlink" +version = "0.9.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6ba4ff7128dee98c7dc9794b6a411377e1404dba1c97deb8d1a55297bd25d8af" +dependencies = [ + "hashbrown 0.14.5", +] + [[package]] name = "hayabusa" -version = "2.18.0" +version = "2.19.0-dev" dependencies = [ "aho-corasick", "base64", @@ -831,7 +870,7 @@ dependencies = [ "tokio", "ureq", "wildmatch", - "yaml-rust", + "yaml-rust2", ] [[package]] @@ -1087,12 +1126,6 @@ dependencies = [ "vcpkg", ] -[[package]] -name = "linked-hash-map" -version = "0.5.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" - [[package]] name = "linux-raw-sys" version = "0.4.14" @@ -1335,7 +1368,7 @@ checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -1346,9 +1379,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-src" -version = "300.3.2+3.3.2" +version = "300.4.0+3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a211a18d945ef7e648cc6e0058f4c548ee46aab922ea203e0d30e966ea23647b" +checksum = "a709e02f2b4aca747929cca5ed248880847c650233cf8b8cdc48f40aaf4898a6" dependencies = [ "cc", ] @@ -1397,9 +1430,9 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" [[package]] name = "pin-project-lite" -version = "0.2.14" +version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bda66fc9667c18cb2758a2ac84d1167245054bcf85d5d1aaa6923f45801bdd02" +checksum = "915a1e146535de9163f3987b8944ed8cf49a18bb0056bcebcdcece385cece4ff" [[package]] name = "pkg-config" @@ -1424,9 +1457,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.88" +version = "1.0.89" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7c3a7fc5db1e57d5a779a352c8cdb57b29aa4c40cc69c3a68a7fedc815fbf2f9" +checksum = "f139b0662de085916d1fb67d2b4169d1addddda1919e696f3252b740b629986e" dependencies = [ "unicode-ident", ] @@ -1444,9 +1477,9 @@ dependencies = [ [[package]] name = "quick-xml" -version = "0.36.2" +version = "0.37.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f7649a7b4df05aed9ea7ec6f628c67c9953a43869b8bc50929569b2999d443fe" +checksum = "ffbfb3ddf5364c9cfcd65549a1e7b801d0e8d1b14c1a1590a6408aa93cfbfa84" dependencies = [ "memchr", ] @@ -1521,9 +1554,9 @@ dependencies = [ [[package]] name = "regex" -version = "1.11.0" +version = "1.11.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38200e5ee88914975b69f657f0801b6f6dccafd44fd9326302a4aaeecfacb1d8" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" dependencies = [ "aho-corasick", "memchr", @@ -1603,7 +1636,7 @@ dependencies = [ "proc-macro2", "quote", "rust-embed-utils", - "syn 2.0.82", + "syn 2.0.85", "walkdir", ] @@ -1626,9 +1659,9 @@ checksum = "719b953e2095829ee67db738b3bfa9fa368c94900df327b3f07fe6e794d2fe1f" [[package]] name = "rustix" -version = "0.38.37" +version = "0.38.38" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8acb788b847c24f28525660c4d7758620a7210875711f79e7f663cc152726811" +checksum = "aa260229e6538e52293eeb577aabd09945a09d6d9cc0fc550ed7529056c2e32a" dependencies = [ "bitflags 2.6.0", "errno", @@ -1639,9 +1672,9 @@ dependencies = [ [[package]] name = "rustls" -version = "0.23.15" +version = "0.23.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fbb44d7acc4e873d613422379f69f237a1b141928c02f6bc6ccfddddc2d7993" +checksum = "eee87ff5d9b36712a58574e12e9f0ea80f915a5b0ac518d322b24a465617925e" dependencies = [ "log", "once_cell", @@ -1707,22 +1740,22 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.210" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c8e3592472072e6e22e0a54d5904d9febf8508f65fb8552499a1abc7d1078c3a" +checksum = "f55c3193aca71c12ad7890f1785d2b73e1b9f63a0bbc353c08ef26fe03fc56b5" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.210" +version = "1.0.214" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "243902eda00fad750862fc144cea25caca5e20d615af0a81bee94ca738f1df1f" +checksum = "de523f781f095e28fa605cdce0f8307e451cc0fd14e2eb4cd2e98a355b147766" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -1834,7 +1867,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -1856,9 +1889,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.82" +version = "2.0.85" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83540f837a8afc019423a8edb95b52a8effe46957ee402287f4292fae35be021" +checksum = "5023162dfcd14ef8f32034d8bcd4cc5ddc61ef7a247c024a33e24e1f24d21b56" dependencies = [ "proc-macro2", "quote", @@ -1909,22 +1942,22 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.64" +version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d50af8abc119fb8bb6dbabcfa89656f46f84aa0ac7688088608076ad2b459a84" +checksum = "5d11abd9594d9b38965ef50805c5e469ca9cc6f197f883f717e0269a3057b3d5" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.64" +version = "1.0.65" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "08904e7672f5eb876eaaf87e0ce17857500934f4981c4a0ab2b4aa98baac7fc3" +checksum = "ae71770322cbd277e69d762a16c444af02aa0575ac0d174f0b9562d3b37f8602" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -1944,9 +1977,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.40.0" +version = "1.41.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2b070231665d27ad9ec9b8df639893f46727666c6767db40317fbe920a5d998" +checksum = "145f3413504347a2be84393cc8a7d2fb4d863b375909ea59f2158261aa258bbb" dependencies = [ "backtrace", "bytes", @@ -1968,7 +2001,7 @@ checksum = "693d596312e88961bc67d7f1f97af8a70227d9f90c31bba5806eec004978d752" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] @@ -2099,7 +2132,7 @@ dependencies = [ "once_cell", "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "wasm-bindgen-shared", ] @@ -2121,7 +2154,7 @@ checksum = "26c6ab57572f7a24a4985830b120de1594465e5d500f24afe89e16b4e833ef68" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", "wasm-bindgen-backend", "wasm-bindgen-shared", ] @@ -2353,12 +2386,14 @@ dependencies = [ ] [[package]] -name = "yaml-rust" -version = "0.4.5" +name = "yaml-rust2" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "56c1936c4cc7a1c9ab21a1ebb602eb942ba868cbd44a99cb7cdc5892335e1c85" +checksum = "2a1a1c0bc9823338a3bdf8c61f994f23ac004c6fa32c08cd152984499b445e8d" dependencies = [ - "linked-hash-map", + "arraydeque", + "encoding_rs", + "hashlink", ] [[package]] @@ -2379,7 +2414,7 @@ checksum = "fa4f8080344d4671fb4e831a13ad1e68092748387dfc4f55e356242fae12ce3e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.82", + "syn 2.0.85", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index a1697d55c..53f406b7f 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "hayabusa" -version = "2.18.0" +version = "2.19.0-dev" repository = "https://github.com/Yamato-Security/hayabusa" authors = ["Yamato Security @SecurityYamato"] edition = "2021" @@ -21,7 +21,7 @@ csv = "1.3.*" dashmap = "*" dialoguer = "*" downcast-rs = "1.*" -evtx = { git = "https://github.com/Yamato-Security/hayabusa-evtx.git" , features = ["fast-alloc"] , rev = "5027622" } # 0.8.10 2024/10/21 update +evtx = { git = "https://github.com/Yamato-Security/hayabusa-evtx.git" , features = ["fast-alloc"] , rev = "c8ed9d2" } # 0.8.11 2024/10/30 update git2 = "0.*" hashbrown = "0.15.*" hex = "0.4.*" @@ -48,7 +48,7 @@ terminal_size = "*" tokio = { version = "1", features = ["full"] } ureq = "*" wildmatch = "2.*" -yaml-rust = "0.4.*" +yaml-rust2 = "0.9" rust-embed={version = "8.5.0", features = ["include-exclude", "debug-embed"]} [profile.dev] diff --git a/rules b/rules index 51a882d8d..4fee6bf46 160000 --- a/rules +++ b/rules @@ -1 +1 @@ -Subproject commit 51a882d8db1b2741715c62f07f032c922d33890a +Subproject commit 4fee6bf46041350298aff2e288dce148a2d514f9 diff --git a/src/detections/configs.rs b/src/detections/configs.rs index 390c77de3..dfd04e1b4 100644 --- a/src/detections/configs.rs +++ b/src/detections/configs.rs @@ -20,7 +20,7 @@ use std::path::{Path, PathBuf}; use std::sync::RwLock; use std::{fs, io, process}; use terminal_size::{terminal_size, Width}; -use yaml_rust::{Yaml, YamlLoader}; +use yaml_rust2::{Yaml, YamlLoader}; use super::message::{create_output_filter_config, LEVEL_ABBR_MAP}; use super::utils::check_setting_path; @@ -829,7 +829,7 @@ fn check_thread_number(config: &Config) -> Option { pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe csv-timeline [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe csv-timeline [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 290, disable_help_flag = true @@ -839,7 +839,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe json-timeline [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe json-timeline [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 360, disable_help_flag = true @@ -849,7 +849,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe logon-summary [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe logon-summary [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 383, disable_help_flag = true @@ -859,7 +859,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe eid-metrics [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe eid-metrics [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 310, disable_help_flag = true @@ -869,7 +869,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe pivot-keywords-list [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe pivot-keywords-list [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 420, disable_help_flag = true @@ -879,7 +879,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe search <--keywords \"\" OR --regex \"\"> [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe search <--keywords \"\" OR --regex \"\"> [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 450, disable_help_flag = true @@ -889,7 +889,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}", term_width = 400, display_order = 470, disable_help_flag = true @@ -899,7 +899,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}", term_width = 400, display_order = 380, disable_help_flag = true @@ -909,7 +909,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n {usage}\n\n{all-args}", term_width = 400, display_order = 451, disable_help_flag = true @@ -927,7 +927,7 @@ pub enum Action { #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe computer-metrics [OPTIONS]\n\n{all-args}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe computer-metrics [OPTIONS]\n\n{all-args}", term_width = 400, display_order = 290, disable_help_flag = true @@ -1774,7 +1774,7 @@ pub struct ComputerMetricsOption { #[derive(Parser, Clone, Debug)] #[clap( author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)", - help_template = "\nHayabusa v2.18.0 - SecTor Release\n{author-with-newline}\n{usage-heading}\n hayabusa.exe [OPTIONS]\n hayabusa.exe help or hayabusa.exe -h\n\n{all-args}{options}", + help_template = "\nHayabusa v2.19.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n hayabusa.exe [OPTIONS]\n hayabusa.exe help or hayabusa.exe -h\n\n{all-args}{options}", term_width = 400, disable_help_flag = true )] diff --git a/src/detections/detection.rs b/src/detections/detection.rs index 665f85c8d..d633a1132 100644 --- a/src/detections/detection.rs +++ b/src/detections/detection.rs @@ -15,7 +15,7 @@ use num_format::{Locale, ToFormattedString}; use serde_json::Value; use termcolor::{BufferWriter, Color, ColorChoice}; use tokio::{runtime::Runtime, spawn, task::JoinHandle}; -use yaml_rust::Yaml; +use yaml_rust2::Yaml; use crate::detections::configs::Action; use crate::detections::configs::STORED_EKEY_ALIAS; @@ -1289,8 +1289,8 @@ mod tests { use chrono::Utc; use compact_str::CompactString; use serde_json::Value; - use yaml_rust::Yaml; - use yaml_rust::YamlLoader; + use yaml_rust2::Yaml; + use yaml_rust2::YamlLoader; use crate::detections; use crate::detections::configs::load_eventkey_alias; diff --git a/src/detections/field_data_map.rs b/src/detections/field_data_map.rs index c45108243..b487a5476 100644 --- a/src/detections/field_data_map.rs +++ b/src/detections/field_data_map.rs @@ -9,7 +9,7 @@ use serde_json::Value; use std::fs; use std::path::Path; use std::string::String; -use yaml_rust::{Yaml, YamlLoader}; +use yaml_rust2::{Yaml, YamlLoader}; pub type FieldDataMap = HashMap; pub type FieldDataMapEntry = HashMap; @@ -201,7 +201,7 @@ mod tests { use hashbrown::HashMap; use serde_json::Value; use std::path::Path; - use yaml_rust::{Yaml, YamlLoader}; + use yaml_rust2::{Yaml, YamlLoader}; fn build_yaml(s: &str) -> Yaml { YamlLoader::load_from_str(s) diff --git a/src/detections/rule/condition_parser.rs b/src/detections/rule/condition_parser.rs index 76c4a28ef..7ec14177c 100644 --- a/src/detections/rule/condition_parser.rs +++ b/src/detections/rule/condition_parser.rs @@ -428,7 +428,7 @@ mod tests { use crate::detections::rule::tests::parse_rule_from_str; use crate::detections::{self, utils}; use std::path::Path; - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; const SIMPLE_RECORD_STR: &str = r#" { diff --git a/src/detections/rule/correlation_parser.rs b/src/detections/rule/correlation_parser.rs index 98187da6a..d3a5e57e0 100644 --- a/src/detections/rule/correlation_parser.rs +++ b/src/detections/rule/correlation_parser.rs @@ -2,8 +2,8 @@ use std::error::Error; use std::sync::Arc; use hashbrown::HashMap; -use yaml_rust::yaml::Hash; -use yaml_rust::Yaml; +use yaml_rust2::yaml::Hash; +use yaml_rust2::Yaml; use crate::detections::configs::StoredStatic; use crate::detections::message::{AlertMessage, ERROR_LOG_STACK}; @@ -341,7 +341,7 @@ pub fn parse_correlation_rules( #[cfg(test)] mod tests { - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; use super::*; diff --git a/src/detections/rule/count.rs b/src/detections/rule/count.rs index c7278c85f..00b145141 100644 --- a/src/detections/rule/count.rs +++ b/src/detections/rule/count.rs @@ -559,7 +559,7 @@ mod tests { use hashbrown::HashMap; use chrono::{TimeZone, Utc}; - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; const SIMPLE_RECORD_STR: &str = r#" { diff --git a/src/detections/rule/matchers.rs b/src/detections/rule/matchers.rs index c48e7ce00..4d1182a9d 100644 --- a/src/detections/rule/matchers.rs +++ b/src/detections/rule/matchers.rs @@ -6,7 +6,7 @@ use regex::Regex; use std::net::IpAddr; use std::str::FromStr; use std::{cmp::Ordering, collections::HashMap}; -use yaml_rust::Yaml; +use yaml_rust2::Yaml; use crate::detections::{detection::EvtxRecordInfo, utils}; use downcast_rs::Downcast; diff --git a/src/detections/rule/mod.rs b/src/detections/rule/mod.rs index f8cfea3ff..b8d3aff26 100644 --- a/src/detections/rule/mod.rs +++ b/src/detections/rule/mod.rs @@ -5,7 +5,7 @@ use std::{fmt::Debug, sync::Arc, vec}; use chrono::{DateTime, Utc}; use hashbrown::HashMap; use nested::Nested; -use yaml_rust::Yaml; +use yaml_rust2::Yaml; use super::configs::{EventKeyAliasConfig, StoredStatic}; use super::detection::EvtxRecordInfo; @@ -407,7 +407,7 @@ impl AggResult { mod tests { use std::path::Path; - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; use crate::detections::{ self, diff --git a/src/detections/rule/selectionnodes.rs b/src/detections/rule/selectionnodes.rs index 8a4b9f4a1..18ecf6f54 100644 --- a/src/detections/rule/selectionnodes.rs +++ b/src/detections/rule/selectionnodes.rs @@ -3,7 +3,7 @@ use downcast_rs::Downcast; use nested::Nested; use serde_json::Value; use std::{sync::Arc, vec}; -use yaml_rust::Yaml; +use yaml_rust2::Yaml; use super::matchers::{self, DefaultMatcher}; diff --git a/src/filter.rs b/src/filter.rs index 69cce4c8c..5c0bb4e5b 100644 --- a/src/filter.rs +++ b/src/filter.rs @@ -8,7 +8,7 @@ use std::collections::HashSet; use std::fs::File; use std::io::{BufRead, BufReader}; use std::path::PathBuf; -use yaml_rust::Yaml; +use yaml_rust2::Yaml; #[derive(Debug)] pub struct DataFilterRule { @@ -223,7 +223,7 @@ pub fn create_channel_filter( mod tests { use super::*; use std::path::PathBuf; - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; #[test] fn test_channel_filter_scanable_rule_exists() { diff --git a/src/main.rs b/src/main.rs index d695c9ff5..515f38a69 100644 --- a/src/main.rs +++ b/src/main.rs @@ -2401,7 +2401,7 @@ mod tests { use chrono::Local; use hashbrown::HashSet; use itertools::Itertools; - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; use hayabusa::{ afterfact::{self, AfterfactInfo}, diff --git a/src/options/profile.rs b/src/options/profile.rs index 46fc86c37..a81bd7fa4 100644 --- a/src/options/profile.rs +++ b/src/options/profile.rs @@ -16,7 +16,7 @@ use std::borrow::Cow; use std::fs::OpenOptions; use std::io::{BufWriter, Write}; use std::path::Path; -use yaml_rust::{Yaml, YamlEmitter, YamlLoader}; +use yaml_rust2::{Yaml, YamlEmitter, YamlLoader}; #[derive(Embed)] #[folder = "config/"] diff --git a/src/yaml.rs b/src/yaml.rs index b41c392eb..3e41a0791 100644 --- a/src/yaml.rs +++ b/src/yaml.rs @@ -1,5 +1,5 @@ extern crate serde_derive; -extern crate yaml_rust; +extern crate yaml_rust2; use crate::detections::configs::{self, StoredStatic}; use crate::detections::message::AlertMessage; @@ -13,10 +13,10 @@ use std::ffi::OsStr; use std::fs; use std::io::{self, BufReader, Read}; use std::path::{Path, PathBuf}; -use yaml_rust::{Yaml, YamlLoader}; +use yaml_rust2::{Yaml, YamlLoader}; pub struct ParseYaml { - pub files: Vec<(String, yaml_rust::Yaml)>, + pub files: Vec<(String, yaml_rust2::Yaml)>, pub rulecounter: HashMap, pub rule_load_cnt: HashMap, pub rule_status_cnt: HashMap, @@ -788,7 +788,7 @@ mod tests { use std::fs::File; use std::io::Write; use std::path::{Path, PathBuf}; - use yaml_rust::YamlLoader; + use yaml_rust2::YamlLoader; fn create_dummy_stored_static() -> StoredStatic { StoredStatic::create_static_data(Some(Config {