v1.0.0
bincapz is now malcontent
Ensure that your fork is updated to reference the new remote: git remote set-url origin git@github.com:chainguard-dev/malcontent.git
Tool Improvements
- Add .xz archive support by @egibs in #433
- programkind: Add .bat, .cpp, .dll, pyc by @tstromberg in #439
- Overhaul CLI functionality with urfave/cli by @egibs in #436
- Add shorter output format for 'scan' mode by @tstromberg in #457
- Don't return after encountering a report with lower than minimum risk by @egibs in #461
- Check if frs Map is nil before ranging over it by @egibs in #462
- bincapz is now malcontent by @egibs in #464
Rule Improvements
- Update third party rules by @tstromberg in #437
- Integrate JPCERT & TTC-CERT third party YARA rules by @tstromberg in #444
- Improve detection of droppers, stealers & obfuscated scripts by @tstromberg in #443
- Update third party rules, tighten base64_php_functions rule by @tstromberg in #446
- hadooken: Improve shell, python, and powershell dropper detection by @tstromberg in #455
- Improve JS/Python malware detection based on NPM/PyPI samples by @tstromberg in #456
Developer Improvements
- Add nil checks when iterating over sync.Maps by @egibs in #435
- Bump golang.org/x/term from 0.23.0 to 0.24.0 by @dependabot in #441
- Replace live OCI image pull with crane export by @egibs in #438
- Cache bincapz-samples repository to speed up subsequent tests by @egibs in #448
- refresh-sample-testdata refactor by @tstromberg in #450
- Bump step-security/harden-runner from 2.9.1 to 2.10.1 in the all group by @dependabot in #459
- refresh testdata: include scan_archive testdata by @tstromberg in #463
Full Changelog: v0.19.0...v1.0.0
Contributors
tstromberg, egibs, and dependabot