ooprathamm
ooprathamm
Hi , I have made a pull request regarding this issue #6085
@williballenthin is adding a new format FORMAT_RESULT a correct approach as by this we can reuse args.sample to accept json file as cited by @mr-tz ,and rather than --format=result we...
* ResultDocument could act as output scheme, that is used by render_strings() or to dump json ------------------------------------------------------------------------------------------------------------------------------------------ * For Merging the database keys (Idea for discussion): * Migrate Databases from...
`pkgutil.get_data ` is supposed to be better at getting a resource from a package. Profiling load_databases: (Similar perf across multiple runs though) * As QS is distributed as a bundled...
For simplicity, the code for using `from_file` is commented out. Or we could leave something like `BASE_PATH = pathlib.Path(floss.qs.db.__file__).parent ` constant to infer on own.
Current Scenario - Pyinstaller - Uses a bootloader that [uncompresses](https://pyinstaller.org/en/stable/operating-mode.html#how-the-one-file-program-works:~:text=The%20bootloader%20uncompresses%20the%20support%20files%20and%20writes%20copies%20into%20the%20the%20temporary%20folder.) data files to a temp folder. [[Limitation](https://pyinstaller.org/en/stable/operating-mode.html#:~:text=In%20order%20to%20locate%20included%20files%20at%20run%20time%2C%20your%20program%20needs%20to%20be%20able%20to%20learn%20its%20path%20at%20run%20time%20in%20a%20way%20that%20works%20regardless%20of%20whether%20or%20not%20it%20is%20running%20from%20a%20bundle.)] Other Executable Builder Packages- - py2exe - Windows Only, data files bundled alongside...
On further looking into PyOxidizer. pkgutil.get_data() enhancement for in_memory rsrc still pending [github](https://github.com/indygreg/PyOxidizer/issues/457#:~:text=pkgutil.get_data()%20to%20read%20their%20bundled%20resources%2C%20currently%20fail%20when%20the%20sources%20are%20in%20memory%2C%20as%20they%20lack%20a%20__file__%20attribute.) The incompatibility is further confirmed here. ([comparing different utilities ](https://github.com/indygreg/PyOxidizer/issues/649#:~:text=I%27ve%20tested%20several,pkgutil%20never%20works)). For now, It might not be good...
@mr-tz Made a PR for #duplicate + mute with a sample output. Other possible ways to try - * Having a new STYLE *
@mr-tz I have worked on adding new format to parse output json back to capa in the past [[PR_#1396]](https://github.com/mandiant/capa/pull/1396). Can I look into this ?
> (combining all other keys from the databases?) should work here Could you please shed some light on this one.