Open egibs opened 3 days ago
egibs
commented
3 days ago The Lint Check isn't having the best time:
reviewdog: post failed for misspell: fail to parse diff: GET https://api.github.com/repos/chainguard-dev/bincapz/pulls/304: 406 Sorry, the diff exceeded the maximum number of files (300). Consider using 'List pull requests files' API or locally cloning the repository instead. [{Resource:PullRequest Field:diff Code:too_large Message:}]
tstromberg
commented
1 day ago Since Florian is also the guy behind YARAForge, I suspect the best of his rules are already part of bincapz. Is there anything you feel like is missing?
egibs
commented
1 day ago Since Florian is also the guy behind YARAForge, I suspect the best of his rules are already part of bincapz. Is there anything you feel like is missing?
That's a good question. I'll comb through them and see if there's something more targeted we can implement. I'll carry over the path formatting fix into a new PR.
Relates to: #267
Florian Roth's signature-base repository contains a lot of interesting rules.
TBD how much overlap there is with what we currently have but I wanted to get a PR going to add them -- we'll also want to ensure that YaraCI doesn't have any false negatives.
The repository is licensed under DRL 1.1 which allows us to integrate these rules so long as we attribute them appropriately (which will happen automatically via Rule metadata).