Stacs

Overview

This release adds support for zlib unpacking, weighted archive detection, decompression of `lzma`, `bz2`, and `zlib` DMG chunks, and resolves a trivial bug in the DMG implementation which lead to incomplete extraction of blobs from DMGs.

🛠️ **New Features**

* Zlib support

🍩 **Improvements**

* Handle `lzma`, `zlib`, and `bz2` compressed chunks in DMG reader.
* Weighted archive detection.
* Allows preferencing "container" formats when blobs contain multiple detected formats.

🐛 **Bug Fixes**

* Chunking issue in DMG reader.

Overview

This pull-request adds support for Apple Disk Images (DMGs).

🛠️ **New Features**

* Support for Apple Disk Images (DMGs).

🍩 **Improvements**

* Tags from rule matches are propagated on internal `Source` model.

🐛 **Bug Fixes**

* N/A

Overview

This pull-request adds the parent MD5 sum to the internal `manifest.Entry` model, and swaps the zstd decompression library to improve compatibility.

🛠️ **New Features**

* Add parent MD5 of nested archive members to internal entries model.

🍩 **Improvements**

* Dependency updates.
* Change zstd implementation for better support.

🐛 **Bug Fixes**

* N/A

Overview

This release resolves a bug which lead to incorrect unpacking of certain archive types.

🛠️ **New Features**

* N/A

🍩 **Improvements**

* N/A

🐛 **Bug Fixes**

* Fix chunking bug in libarchive unpacker.

Overview

This release provides a human readable output option (`--pretty`), binary wheels to simplify installation on common platforms, and adds support for additional archive types.

🛠️ **New Features**

* Human readable output.
* Via `--pretty` command-line option.
* Designed for humans, where SARIF is designed for machines.
* New archives types supported.
* eXtensible ARchive format (`xar`).
* Also provides support for macOS `pkg` files.
* CPIO (`cpio`).
* Enables processing of several new archive types, such as `rpm`.
* Microsoft Cabinet (`cab`).
* archiver (`ar`).
* Enables processing of several new archive types, such as `dpkg`.
* Roshal Archive (`rar`).

🍩 **Improvements**

* Binary wheels are now provided for popular platforms.
* This should remove the need to fight with out-of-date `libarchive` on macOS.

🐛 **Bug Fixes**

* Fixed several issues when processing malformed archives.

Overview

This release introduces a number of convenience and performance improvements to STACS.

🛠️ **New Features**

* Exit status is now non-zero if there are unsuppressed findings.
* This was based on the suggestion as part of 19.
* Exit status is now `100` when there are unsuppressed findings.
* STACS supports multiple paths to scan.
* This was based on the suggestion as part of 18.
* Mutiple paths can now be passed directly to STACS at runtime, and they will all be scanned.
* When running a container, specification of thread count, whether to enable debug, and whether to skip unprocessable archives can be controlled by environment variables
* `STACS_SKIP_UNPROCESSABLE`
* `STACS_THREADS`
* `STACS_DEBUG`

🍩 **Improvements**

* **SIGNIFICANT** performance improvements due to optimisation of rules.
* In testing this has seen scan runtime improvements of up to 8x in some cases.
* Dependencies have been updated.

🐛 **Bug Fixes**

* Resolved a minor edge-case where non UTF-8 characters would break sample generation.
* Unprocessable samples will now be base64 encoded - the same way that binary data is handled.