commit: 77486277f80bfb390004d5fb94dc6fd0a33db913
Author: Mario Haustein <mario.haustein <AT> hrz <DOT> tu-chemnitz <DOT> de>
AuthorDate: Thu Jan 16 21:43:26 2025 +0000
Commit: Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Wed Feb 19 11:12:04 2025 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=77486277
app-forensics/volatility3: add 2.11.0
Signed-off-by: Mario Haustein <mario.haustein <AT> hrz.tu-chemnitz.de>
Signed-off-by: Sam James <sam <AT> gentoo.org>
app-forensics/volatility3/Manifest | 1 +
.../volatility3/volatility3-2.11.0.ebuild | 78 ++++++++++++++++++++++
2 files changed, 79 insertions(+)
diff --git a/app-forensics/volatility3/Manifest
b/app-forensics/volatility3/Manifest
index 48b4713805dc..124cc5c5c49d 100644
--- a/app-forensics/volatility3/Manifest
+++ b/app-forensics/volatility3/Manifest
@@ -1,3 +1,4 @@
+DIST volatility3-2.11.0.gh.tar.gz 629201 BLAKE2B
e32a7b804e0cec74d093e56ce5b448ad8f51d268880c103e68a6ab24341492d4acd66eab98bc9afd70ec8df4bb3191620f27f0d71be06cf70669bca114e6d1c1
SHA512
6cb02e2db34a64e26115883c7ac545c25effcc5600ec075c7d115c4ec825350788957bc8798370753fb5872467d4438cc45d11f40e8b772dac9ded3ac0148831
DIST volatility3-2.7.0.gh.tar.gz 523445 BLAKE2B
aa7209be5a3cb33b2f5b9fac52e3098407926b8135d2d5566746e0156d3873195ce9161e5652c2abf80e9bfd2955e7d02985ce75ac7fca3559d821866d0302cf
SHA512
bb9f79604ce2e647d42a1003941802a69ecdf845c1400b1d3f67e13494a228c99269478d635fbcdcde8ae67b792b73e07e7e26ce9a8e2e7b80185af7cc7ac3c0
DIST volatility3-2.8.0.gh.tar.gz 562563 BLAKE2B
bb33fc0085e87c84a92c45feb1ae8e2cf95f12a23333d6476698a778513b13f119b1c0150df85f316e03b16ef285da8052be00a84ab430fded4af069724ef2e5
SHA512
802c266c42891a76500414d07ec340a5917b0ebc89113c634196ead7bddc79f71787d9c20f0e912ee8686b8a3c0067615647c99cda01c9d8dffb5ac2647b728e
DIST volatility3-linux-sample-1.bin.gz 143967523 BLAKE2B
3321e991a50b6e4ccf19e0ee48d779664f43f4cdbdb950ca31a5d08c8ee9de0018e2d4f69f42206f7e8f1c6ea735c47f8aa42806ed0f85e9a837b611f07b3289
SHA512
82a34aa1d4e7d7deb9ea12e892f14ba0a28908b2da2e31ca76efd1e9e59d87769064a1ffffe8979a58b992cea7005fa20954df50984dbe1dd186513ad95168d7
diff --git a/app-forensics/volatility3/volatility3-2.11.0.ebuild
b/app-forensics/volatility3/volatility3-2.11.0.ebuild
new file mode 100644
index 000000000000..3403877a224b
--- /dev/null
+++ b/app-forensics/volatility3/volatility3-2.11.0.ebuild
@@ -0,0 +1,78 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{10..12} )
+inherit distutils-r1
+
+MY_PV=${PV//_beta/-beta.}
+
+DESCRIPTION="Framework for analyzing volatile memory"
+HOMEPAGE="https://github.com/volatilityfoundation/volatility3/
https://www.volatilityfoundation.org/";
+SRC_URI="
+
https://github.com/volatilityfoundation/volatility3/archive/v${MY_PV}.tar.gz ->
${P}.gh.tar.gz
+ test?
+ (
+
https://downloads.volatilityfoundation.org/volatility3/images/win-xp-laptop-2005-06-25.img.gz
-> ${PN}-win-xp-laptop-2005-06-25.img.gz
+
https://downloads.volatilityfoundation.org/volatility3/images/linux-sample-1.bin.gz
-> ${PN}-linux-sample-1.bin.gz
+ )
+"
+S="${WORKDIR}"/${PN}-${MY_PV}
+
+LICENSE="GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="crypt disasm jsonschema leechcore snappy test yara"
+
+# We need to select *all* subslots of app-arch/snappy which select
+# SONAME=libsnappy.so.1. See
(https://github.com/gentoo/gentoo/pull/30585#discussion_r1167753625)
+RDEPEND="
+ >=dev-python/pefile-2023.2.7[${PYTHON_USEDEP}]
+ crypt? ( >=dev-python/pycryptodome-3[${PYTHON_USEDEP}] )
+ disasm? (
+ >=dev-libs/capstone-3.0.5[python,${PYTHON_USEDEP}]
+ <dev-libs/capstone-6[python,${PYTHON_USEDEP}]
+ )
+ jsonschema? ( >=dev-python/jsonschema-2.3.0[${PYTHON_USEDEP}] )
+ leechcore? ( >=dev-python/leechcorepyc-2.4.0[${PYTHON_USEDEP}] )
+ snappy? ( app-arch/snappy:0/1.1 )
+ yara? (
+ || (
+ >=app-forensics/yara-x-0.5.0[${PYTHON_USEDEP}]
+ >=dev-python/yara-python-3.8.0[${PYTHON_USEDEP}]
+ )
+ )
+"
+DEPEND="${RDEPEND}"
+
+# Tests require optional features
+REQUIRED_USE="test? ( yara )"
+
+RESTRICT="!test? ( test )"
+
+src_prepare() {
+ default
+
+ # tests want the images in a common directory
+ mkdir "${T}/test_images" || die
+ mv "${WORKDIR}/${PN}-win-xp-laptop-2005-06-25.img" "${T}/test_images"
|| die
+ mv "${WORKDIR}/${PN}-linux-sample-1.bin" "${T}/test_images" || die
+}
+
+python_test() {
+ # see .github/workflows/test.yaml
+ "${EPYTHON}" "${S}/test/test_volatility.py" --volatility=volshell.py \
+ --image-dir "${T}/test_images" -k test_windows_volshell -v || \
+ die "Tests fail with ${EPYTHON}"
+ "${EPYTHON}" "${S}/test/test_volatility.py" --volatility=volshell.py \
+ --image-dir "${T}/test_images" -k test_linux_volshell -v || \
+ die "Tests fail with ${EPYTHON}"
+ "${EPYTHON}" "${S}/test/test_volatility.py" --volatility=vol.py \
+ --image-dir "${T}/test_images" -k "test_windows and not
test_windows_volshell" -v || \
+ die "Tests fail with ${EPYTHON}"
+ "${EPYTHON}" "${S}/test/test_volatility.py" --volatility=vol.py \
+ --image-dir "${T}/test_images" -k "test_linux and not
test_linux_volshell" -v || \
+ die "Tests fail with ${EPYTHON}"
+}
