Moved data files into Python module ForensicArtifacts#594 (ForensicAr…

…tifacts#592)

MANIFEST.in

@@ -3,13 +3,12 @@ include dependencies.ini run_tests.py utils/__init__.py utils/dependencies.py
 include utils/check_dependencies.py
 include requirements.txt test_requirements.txt
 recursive-include config *
-recursive-include data *
 recursive-include test_data *
 exclude .gitignore
 exclude *.pyc
+recursive-exclude artifacts *.pyc
 recursive-include tools *.py
 recursive-exclude tools *.pyc
-recursive-exclude artifacts *.pyc
 # The test scripts are not required in a binary distribution package they
 # are considered source distribution files and excluded in find_package()
 # in setup.py.

artifacts/__init__.py

@@ -1,4 +1,4 @@
 # -*- coding: utf-8 -*-
 """ForensicArtifacts.com Artifact Repository."""
 
-__version__ = '20230928'
+__version__ = '20240107'

config/dpkg/changelog

@@ -1,5 +1,5 @@
-artifacts (20230928-1) unstable; urgency=low
+artifacts (20240107-1) unstable; urgency=low
 
   * Auto-generated
 
- -- Forensic artifacts <[email protected]>  Thu, 28 Sep 2023 13:23:32 +0200
+ -- Forensic artifacts <[email protected]>  Sun, 07 Jan 2024 10:05:41 +0100

config/dpkg/control

@@ -7,16 +7,9 @@ Standards-Version: 4.1.4
 X-Python3-Version: >= 3.6
 Homepage: https://github.com/ForensicArtifacts/artifacts
 
-Package: artifacts-data
-Architecture: all
-Depends: ${misc:Depends}
-Description: Data files for Digital Forensics Artifacts Repository
- A free, community-sourced, machine-readable knowledge base of forensic
- artifacts that the world can use both as an information source and within other tools.
-
 Package: python3-artifacts
 Architecture: all
-Depends: artifacts-data (>= ${binary:Version}), python3-yaml (>= 3.10), ${misc:Depends}
+Depends: python3-yaml (>= 3.10), ${misc:Depends}
 Description: Python 3 module of Digital Forensics Artifacts Repository
  A free, community-sourced, machine-readable knowledge base of forensic
  artifacts that the world can use both as an information source and within other tools.

docs/requirements.txt

@@ -1,3 +1,4 @@
+certifi >= 2023.11.17
 docutils
 Markdown
 recommonmark

docs/sources/background/Stats.md

@@ -4,12 +4,12 @@ The artifact definitions can be found in the
 [data directory](https://github.com/ForensicArtifacts/artifacts/tree/main/data) and the format is described in detail
 in the [Style Guide](https://artifacts.readthedocs.io/en/latest/sources/Format-specification.html).
 
-Status of the repository as of 2023-09-28
+Status of the repository as of 2024-01-07
 
 Description | Number
 --- | ---
-Number of artifact definitions: | 801
-Number of file paths: | 2047
+Number of artifact definitions: | 808
+Number of file paths: | 2058
 Number of Windows Registry key paths: | 677
 
 ### Artifact definition source types
@@ -18,7 +18,7 @@ Identifier | Number
 --- | ---
 ARTIFACT_GROUP | 47
 COMMAND | 10
-FILE | 516
+FILE | 523
 PATH | 28
 REGISTRY_KEY | 57
 REGISTRY_VALUE | 116
@@ -28,8 +28,8 @@ WMI | 27
 
 Identifier | Number
 --- | ---
-Darwin | 200
+Darwin | 202
 ESXi | 16
-Linux | 243
-Windows | 367
+Linux | 246
+Windows | 368
 

setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = artifacts
-version = 20231223
+version = 20240107
 description = ForensicArtifacts.com Artifact Repository.
 long_description = A free, community-sourced, machine-readable knowledge base of forensic artifacts that the world can use both as an information source and within other tools.
 long_description_content_type = text/plain
@@ -27,6 +27,10 @@ scripts =
   tools/stats.py
   tools/validator.py
 
+[options.package_data]
+artifacts.data =
+  data/*.yaml
+
 [options.packages.find]
 exclude =
   docs

tests/reader_test.py

@@ -318,10 +318,8 @@ def testDefinitionsAsDict(self):
     """Tests the AsDict function."""
     artifact_reader = reader.YamlArtifactsReader()
 
-    artifact_definitions = list(artifact_reader.ReadDirectory('data'))
-
     last_artifact_definition = None
-    for artifact in artifact_definitions:
+    for artifact in artifact_reader.ReadDirectory(self._DATA_PATH):
       try:
         artifact_definition = artifact.AsDict()
       except errors.FormatError:

tests/test_lib.py

@@ -10,7 +10,7 @@
 class BaseTestCase(unittest.TestCase):
   """The base test case."""
 
-  _DATA_PATH = os.path.join(os.getcwd(), 'data')
+  _DATA_PATH = os.path.join(os.getcwd(), 'artifacts', 'data')
   _TEST_DATA_PATH = os.path.join(os.getcwd(), 'test_data')
 
   # Show full diff results, part of TestCase so does not follow our naming

tests/validator_test.py

@@ -19,7 +19,8 @@ def testArtifactDefinitionsValidator(self):
     """Runs the validator over all the YAML artifact definitions files."""
     validator_object = validator.ArtifactDefinitionsValidator()
 
-    for definitions_file in glob.glob(os.path.join('data', '*.yaml')):
+    data_files_glob = os.path.join(self._DATA_PATH, '*.yaml')
+    for definitions_file in glob.glob(data_files_glob):
       result = validator_object.CheckFile(definitions_file)
       self.assertTrue(
           result, msg=f'in definitions file: {definitions_file:s}')

tools/stats.py

@@ -3,6 +3,7 @@
 """Report statistics about the artifact collection."""
 
 import collections
+import os
 import sys
 import time
 
@@ -70,7 +71,8 @@ def BuildStats(self):
     self._source_type_counts = {}
     self._total_count = 0
 
-    for artifact_definition in artifact_reader.ReadDirectory('data'):
+    data_files_path = os.path.join('artifacts', 'data')
+    for artifact_definition in artifact_reader.ReadDirectory(data_files_path):
       sources_supported_os = set()
       for source in artifact_definition.sources:
         self._total_count += 1

tools/validator.py

@@ -17,7 +17,7 @@
 class ArtifactDefinitionsValidator(object):
   """Artifact definitions validator."""
 
-  LEGACY_PATH = os.path.join('data', 'legacy.yaml')
+  LEGACY_PATH = os.path.join('artifacts', 'data', 'legacy.yaml')
 
   _MACOS_PRIVATE_SUB_PATHS = ('etc', 'tftpboot', 'tmp', 'var')
 

tox.ini

@@ -51,4 +51,4 @@ commands =
   pylint --version
   yamllint -v
   pylint --rcfile=.pylintrc artifacts setup.py tests tools
-  yamllint -c .yamllint.yaml data test_data
+  yamllint -c .yamllint.yaml artifacts/data test_data