From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1788711-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 9348D1581B9
	for <garchives@archives.gentoo.org>; Fri, 03 Oct 2025 00:37:09 +0000 (UTC)
Received: from lists.gentoo.org (bobolink.gentoo.org [140.211.166.189])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(No client certificate requested)
	(Authenticated sender: relay-lists.gentoo.org@gentoo.org)
	by smtp.gentoo.org (Postfix) with ESMTPSA id 946E6340F15
	for <garchives@archives.gentoo.org>; Fri, 03 Oct 2025 00:37:07 +0000 (UTC)
Received: from bobolink.gentoo.org (localhost [127.0.0.1])
	by bobolink.gentoo.org (Postfix) with ESMTP id 435AA1103E2;
	Fri, 03 Oct 2025 00:37:06 +0000 (UTC)
Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(No client certificate requested)
	by bobolink.gentoo.org (Postfix) with ESMTPS id 3388D1103E2
	for <gentoo-commits@lists.gentoo.org>; Fri, 03 Oct 2025 00:37:06 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange x25519)
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 86B3B340D48
	for <gentoo-commits@lists.gentoo.org>; Fri, 03 Oct 2025 00:35:05 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 7C18B3A93
	for <gentoo-commits@lists.gentoo.org>; Fri, 03 Oct 2025 00:33:57 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1759451275.88cab2ea901bcc61a3b99f4341bd9d05dad8aff7.sam@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: app-forensics/volatility3/
X-VCS-Repository: repo/gentoo
X-VCS-Files: app-forensics/volatility3/Manifest app-forensics/volatility3/volatility3-2.26.2.ebuild
X-VCS-Directories: app-forensics/volatility3/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: 88cab2ea901bcc61a3b99f4341bd9d05dad8aff7
X-VCS-Branch: master
Date: Fri, 03 Oct 2025 00:33:57 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 169e3907-c8c2-4534-bf03-0d1bb0c3174c
X-Archives-Hash: 7f0e03350fedc647be8feaa02fb717d7

commit:     88cab2ea901bcc61a3b99f4341bd9d05dad8aff7
Author:     Mario Haustein <mario.haustein <AT> hrz <DOT> tu-chemnitz <DOT> de>
AuthorDate: Fri Sep 26 22:06:33 2025 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Oct  3 00:27:55 2025 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=88cab2ea

app-forensics/volatility3: add 2.26.2

Signed-off-by: Mario Haustein <mario.haustein <AT> hrz.tu-chemnitz.de>
Part-of: https://github.com/gentoo/gentoo/pull/43949
Closes: https://github.com/gentoo/gentoo/pull/43949
Signed-off-by: Sam James <sam <AT> gentoo.org>

 app-forensics/volatility3/Manifest                 |   6 ++
 .../volatility3/volatility3-2.26.2.ebuild          | 102 +++++++++++++++++++++
 2 files changed, 108 insertions(+)

diff --git a/app-forensics/volatility3/Manifest b/app-forensics/volatility3/Manifest
index ae8ceaae3497..377dfd7df005 100644
--- a/app-forensics/volatility3/Manifest
+++ b/app-forensics/volatility3/Manifest
@@ -1,3 +1,9 @@
 DIST volatility3-2.11.0.gh.tar.gz 629201 BLAKE2B e32a7b804e0cec74d093e56ce5b448ad8f51d268880c103e68a6ab24341492d4acd66eab98bc9afd70ec8df4bb3191620f27f0d71be06cf70669bca114e6d1c1 SHA512 6cb02e2db34a64e26115883c7ac545c25effcc5600ec075c7d115c4ec825350788957bc8798370753fb5872467d4438cc45d11f40e8b772dac9ded3ac0148831
+DIST volatility3-2.26.2-symbols-linux.zip 2980184 BLAKE2B 53cd49663938c6f39e71193ae225e4985f8d0e6d301f2420eaa021c2722bfa6f9c9e7d029854b81f4cdd47bf2870e28efeff432fdc1281842b54ee9ffe6e3807 SHA512 59056044c3702c1ffd5f1490cb457831d65d1f48fbc523da92b950963155df994a2ff2f11abd5f3b1a977c7f28ed48b3b256c88f81dfa96a66419cb50934ba49
+DIST volatility3-2.26.2-symbols-mac.zip 84808562 BLAKE2B d10ecf88cc17653373a765b5b49a6025b334565c8aeeeb2069651ad93ad610c613097ada02fedab734f02f4004fc029204d552b44b049ba9ae2d0c72f05d166f SHA512 51063f2023227ecc4492063054e898a99d094a03b9777b1dd6da8dffe38686a6836fdffa22c44bd62f1bd4119aeee0b84714857dc61e434dcbfb7f41fec22c12
+DIST volatility3-2.26.2-symbols-windows.zip 839727133 BLAKE2B a9631b35fc57f079ca3c856d2b8082b263683895c832e468efa9daf5103ce000dde313f343c37b37266eaf5c7b616ccae797a98a7504095640a30e07bb2c432f SHA512 077dde23120ce03d999580acff3c5b10a657d71bcedc3c6373d89e3b3211e1cf0759e22793b49f34ad397c4acf4c150410aff6ec3a4ef9c097de948e3369801b
+DIST volatility3-2.26.2.gh.tar.gz 1169293 BLAKE2B 4c0a27af5145182000fae8412d138a1656343846b32010f2dca2d038ef405cfcd38efc748a0cd7359c645c998dd72e7ffdccf3007305a8f9f19105c782d8f212 SHA512 00597fde942995741d4439aac8fc51c050267ded1ff38ef726886c69ac98fcb7a7092845c433eac470d5b2dc79abf72d95095b72b6e8e9ff100ef652fe4a2ead
 DIST volatility3-linux-sample-1.bin.gz 143967523 BLAKE2B 3321e991a50b6e4ccf19e0ee48d779664f43f4cdbdb950ca31a5d08c8ee9de0018e2d4f69f42206f7e8f1c6ea735c47f8aa42806ed0f85e9a837b611f07b3289 SHA512 82a34aa1d4e7d7deb9ea12e892f14ba0a28908b2da2e31ca76efd1e9e59d87769064a1ffffe8979a58b992cea7005fa20954df50984dbe1dd186513ad95168d7
+DIST volatility3-symbols-symbols_win-10_19041-2025_03.zip 789065 BLAKE2B efe8fb700e1f9388807fe36277faf7459f5e23af0ff11cac713057611a3679315ef6f155d3bf8c768ff0802d0ca807bb529e52b2600e99b8e31fd876e960fa05 SHA512 381c982753f628cef4997d894a7569453ecd34774e09259e87481b94c46a068332f5eb23d0290ee75308752b41cb6abecf322eb50d73bd7e1c5b097aec32ae1f
+DIST volatility3-win-10_19041-2025_03.dmp.gz 693221397 BLAKE2B 4549ef7631150cf88c0e82025ff7f14b8ce3e238abe9ffbc540a9262b17e06fcfad96b4bd633596d02b40394c7a546c9d61ed36b4adb466ec5f6a39afd644dca SHA512 7554ad59a086f18b972a4306975d96e79f595b853680052efe98954a9108b8368acc47276c7c48af5e42cecc309dfb454b1c42ac538dd2b007ab0b7036e73aba
 DIST volatility3-win-xp-laptop-2005-06-25.img.gz 180343409 BLAKE2B 9fc10ddb9208d7023854e9619f6cf5ce140f2a2aa5772ccd8bcd852dd50c6f77e36298dbf7df1512334e7976b6ab35dd77f4c49505e531c3a289dd0f26cfc01e SHA512 a1f758cc1b4febcf11f64bc01b872c7528d19c686d81f8e03d742424fa0600254914e656cdf35c3752b406354f769a8aa256622b2f2afe2d691c4bb6d3be3f52

diff --git a/app-forensics/volatility3/volatility3-2.26.2.ebuild b/app-forensics/volatility3/volatility3-2.26.2.ebuild
new file mode 100644
index 000000000000..3594aca616ea
--- /dev/null
+++ b/app-forensics/volatility3/volatility3-2.26.2.ebuild
@@ -0,0 +1,102 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{10..13} )
+inherit distutils-r1
+
+MY_PV=${PV//_beta/-beta.}
+
+DESCRIPTION="Framework for analyzing volatile memory"
+HOMEPAGE="https://github.com/volatilityfoundation/volatility3/ https://www.volatilityfoundation.org/"
+SRC_URI="
+	https://github.com/volatilityfoundation/volatility3/archive/v${MY_PV}.tar.gz -> ${P}.gh.tar.gz
+	https://downloads.volatilityfoundation.org/volatility3/symbols/linux.zip -> ${P}-symbols-linux.zip
+	https://downloads.volatilityfoundation.org/volatility3/symbols/mac.zip -> ${P}-symbols-mac.zip
+	https://downloads.volatilityfoundation.org/volatility3/symbols/windows.zip -> ${P}-symbols-windows.zip
+	test?
+	(
+		https://downloads.volatilityfoundation.org/volatility3/images/linux-sample-1.bin.gz -> ${PN}-linux-sample-1.bin.gz
+		https://downloads.volatilityfoundation.org/volatility3/images/win-xp-laptop-2005-06-25.img.gz -> ${PN}-win-xp-laptop-2005-06-25.img.gz
+		https://downloads.volatilityfoundation.org/volatility3/images/win-10_19041-2025_03.dmp.gz -> ${PN}-win-10_19041-2025_03.dmp.gz
+		https://downloads.volatilityfoundation.org/volatility3/symbols/symbols_win-10_19041-2025_03.zip -> ${PN}-symbols-symbols_win-10_19041-2025_03.zip
+	)
+"
+S="${WORKDIR}"/${PN}-${MY_PV}
+
+LICENSE="Volatility-1.0"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="crypt disasm jsonschema leechcore snappy test yara"
+
+# We need to select *all* subslots of app-arch/snappy which select
+# SONAME=libsnappy.so.1. See (https://github.com/gentoo/gentoo/pull/30585#discussion_r1167753625)
+RDEPEND="
+	>=dev-python/pefile-2024.8.26[${PYTHON_USEDEP}]
+	crypt? ( >=dev-python/pycryptodome-3.21.0[${PYTHON_USEDEP}] )
+	disasm? (
+		>=dev-libs/capstone-5.0.3[python,${PYTHON_USEDEP}]
+		<dev-libs/capstone-6[python,${PYTHON_USEDEP}]
+	)
+	jsonschema? ( >=dev-python/jsonschema-4.23.0[${PYTHON_USEDEP}] )
+	leechcore? ( >=dev-python/leechcorepyc-2.19.2[${PYTHON_USEDEP}] )
+	snappy? ( app-arch/snappy:0/1.1 )
+	yara? (
+		|| (
+			>=app-forensics/yara-x-0.10.0[${PYTHON_USEDEP}]
+			>=dev-python/yara-python-4.5.0[${PYTHON_USEDEP}]
+		)
+	)
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+	app-arch/unzip
+"
+
+# Tests require optional features
+REQUIRED_USE="test? ( yara )"
+
+RESTRICT="!test? ( test )"
+
+distutils_enable_tests pytest
+
+src_prepare() {
+	default
+
+	mv "${WORKDIR}/linux" "${S}/${PN}/symbols" || die
+	mv "${WORKDIR}"/*.dmg.json.xz "${S}/${PN}/symbols" || die
+	mv "${WORKDIR}/windows" "${S}/${PN}/symbols" || die
+
+	if use test; then
+		# tests want the images in a common directory
+		mkdir "${T}/test_images" || die
+		mv "${WORKDIR}/${PN}-linux-sample-1.bin" "${T}/test_images/linux-sample-1.bin" || die
+		mv "${WORKDIR}/${PN}-win-xp-laptop-2005-06-25.img" "${T}/test_images/win-xp-laptop-2005-06-25.img" || die
+		mv "${WORKDIR}/${PN}-win-10_19041-2025_03.dmp" "${T}/test_images/win-10_19041-2025_03.dmp" || die
+		mv "${WORKDIR}/167FE94B5641C005AC3036212A01F8DC-1.json" "${S}/${PN}/symbols" || die
+	fi
+}
+
+python_test() {
+	# see .github/workflows/test.yaml
+	epytest "${S}/test/plugins/windows/windows.py" \
+		--volatility=volshell.py \
+		--image-dir "${T}/test_images" \
+		-k test_windows_volshell -v
+	epytest "${S}/test/plugins/linux/linux.py" \
+		--volatility=volshell.py \
+		--image-dir "${T}/test_images" \
+		-k test_linux_volshell -v
+
+	# unable to get tests working
+	# epytest "${S}/test/plugins/windows/windows.py" \
+	# 	--volatility=vol.py \
+	# 	--image "${T}/test_images/win-10_19041-2025_03.dmp" \
+	# 	-k "test_windows and not test_windows_volshell" -v --durations=0
+	# epytest "${S}/test/plugins/linux/linux.py" \
+	# 	--volatility=vol.py \
+	# 	--image-dir "${T}/test_images" \
+	# 	-k "test_linux and not test_linux_volshell" -v
+}