From ef50168799ec1e24791c11e70226b34158b0b4ade318d1e5720936cd781347c2 Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Mon, 23 Jun 2025 01:34:22 +0000 Subject: [PATCH] - Switch to pyproject macros. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-evtx?expand=0&rev=27 --- .gitattributes | 23 +++++++++ .gitignore | 1 + python-evtx-0.7.4.tar.gz | 3 ++ python-evtx-0.8.0.tar.gz | 3 ++ python-evtx.changes | 95 +++++++++++++++++++++++++++++++++++ python-evtx.spec | 106 +++++++++++++++++++++++++++++++++++++++ 6 files changed, 231 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 python-evtx-0.7.4.tar.gz create mode 100644 python-evtx-0.8.0.tar.gz create mode 100644 python-evtx.changes create mode 100644 python-evtx.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/python-evtx-0.7.4.tar.gz b/python-evtx-0.7.4.tar.gz new file mode 100644 index 0000000..1f62b37 --- /dev/null +++ b/python-evtx-0.7.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ecf3c1736ec9e080ddd1c64b6dad23c756e20d54bd30acc21245b9706258fdd9 +size 446141 diff --git a/python-evtx-0.8.0.tar.gz b/python-evtx-0.8.0.tar.gz new file mode 100644 index 0000000..5153a57 --- /dev/null +++ b/python-evtx-0.8.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f69fae1597d3a0b2cf738fd2fbe42d69ebd8ca1c2d0aa4569cce7884f524231d +size 447348 diff --git a/python-evtx.changes b/python-evtx.changes new file mode 100644 index 0000000..383df90 --- /dev/null +++ b/python-evtx.changes @@ -0,0 +1,95 @@ +------------------------------------------------------------------- +Mon Jun 23 01:30:09 UTC 2025 - Steve Kowalik + +- Switch to pyproject macros. + +------------------------------------------------------------------- +Fri Aug 23 07:56:38 UTC 2024 - pgajdos@suse.com + +- version update to 0.8.0 + * Remove support for Python 2.7 and specify minimum supported version is 3.8. + Use black/isort/ruff to ensure the consistency of the code. + * Fixed issue w/ Python 3 by @forensenellanebbia in #75 + * Fix file names in README.md by @maehw in #79 + * Add JSON dump functionality by @ajread4 in #82 + * add missing comma to array by @snipcodeit in #83 + * weaken the dependency rules for use with python3+Fedora by @xambroz in #84 + +------------------------------------------------------------------- +Mon Nov 8 11:04:39 UTC 2021 - Dirk Müller + +- add missing six dependency declaration + +------------------------------------------------------------------- +Tue Oct 5 12:35:19 UTC 2021 - Stefan Schubert + +- Use libalternatives instead of update-alternatives. + +------------------------------------------------------------------- +Mon Oct 4 08:29:55 UTC 2021 - Ben Greiner + +- Update to 0.7.4 + * relax dependencies for most users #72 + * show records by date filter + * handling of invalid dates #43 + * handling of malformed evtx files + * pin dependencies due to py2 deprecation #67 + * testing on pytest 4 +- Drop pytest4.patch merged upstream +- Fix rpmlint alternative link errors +- Fix missing python2-xml requirement + +------------------------------------------------------------------- +Tue May 26 06:34:09 UTC 2020 - Petr Gajdos + +- %python3_only -> %python_alternative + +------------------------------------------------------------------- +Mon Nov 4 15:05:59 CET 2019 - Matej Cepl + +- Add pytest4.patch making the testsuite running again. + +------------------------------------------------------------------- +Thu Aug 22 14:11:28 UTC 2019 - Tomáš Chvátal + +- Restrict to pytest3, newer releases do not work + +------------------------------------------------------------------- +Wed Jun 5 12:55:10 UTC 2019 - pgajdos@suse.com + +- version update to 0.6.1 + * unit tests! also, travis integration with github project. + * remove hacky python string templating solution to dealing with substitutions. + * add .xml() and .lxml() to records. + * lots of fixes to bring code in-line with pep8 and style guide. + * fix a bunch of bugs due to bad data/encodings. + * add support for CharacterReferenceNode + * demonstrate unicode handling issue submitted by @stephensheridan in #37 + * fix hex32/64 node types, identified by @nbareil in #38 + * fix systemtime timestamp parsing, identified by @patatetom in #39 + +------------------------------------------------------------------- +Fri Mar 15 07:02:51 UTC 2019 - Hans-Peter Jansen + +- fix shebang interpreter handling + +------------------------------------------------------------------- +Tue Dec 4 12:47:47 UTC 2018 - Matej Cepl + +- Remove superfluous devel dependency for noarch package + +------------------------------------------------------------------- +Thu Aug 24 13:38:32 UTC 2017 - jmatejek@suse.com + +- singlespec auto-conversion + +------------------------------------------------------------------- +Wed May 3 11:56:57 UTC 2017 - cbosdonnat@suse.com + +- Update to 0.5.3 + +------------------------------------------------------------------- +Tue Apr 26 11:23:29 UTC 2016 - cbosdonnat@suse.com + +- Version 0.3.1 + diff --git a/python-evtx.spec b/python-evtx.spec new file mode 100644 index 0000000..15a894a --- /dev/null +++ b/python-evtx.spec @@ -0,0 +1,106 @@ +# +# spec file for package python-evtx +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%if 0%{?suse_version} > 1500 +%bcond_without libalternatives +%else +%bcond_with libalternatives +%endif + +%define commands dump dump_json dump_chunk_slack eid_record_numbers extract_record filter_records info record_structure structure templates +Name: python-evtx +Version: 0.8.0 +Release: 0 +Summary: Windows Event Log files parser +License: Apache-2.0 +URL: https://github.com/williballenthin/python-evtx +Source: https://github.com/williballenthin/python-evtx/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +BuildRequires: %{python_module hexdump} +BuildRequires: %{python_module lxml} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytest} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module wheel} +BuildRequires: dos2unix +BuildRequires: fdupes +BuildRequires: python-rpm-macros >= 20210929 +Requires: python-hexdump +Requires: python-lxml +%if %{with libalternatives} +BuildRequires: alts +Requires: alts +%else +Requires(post): update-alternatives +Requires(postun): update-alternatives +%endif +BuildArch: noarch +%python_subpackages + +%description +python-evtx is a pure Python parser for recent Windows Event Log files (those +with the file extension ".evtx"). The module provides programmatic access to the +File and Chunk headers, record templates, and event entries. For example, you +can use python-evtx to review the event logs of Windows 7 systems from a Mac or +Linux workstation. The structure definitions and parsing strategies were heavily +inspired by the work of Andreas Schuster and his Perl implementation +"Parse-Evtx". + +%prep +%autosetup -p1 + +find Evtx -name "*.py" | xargs sed -i '1 { /^#!/ d }' + +%build +%pyproject_wheel + +%install +%pyproject_install +for c in %{commands}; do + %python_clone -a %{buildroot}%{_bindir}/evtx_$c.py +done +%python_expand %fdupes %{buildroot}%{$python_sitelib} + +%check +%pytest + +%pre +# If libalternatives is used: Removing old update-alternatives entries. +%{lua:for c in rpm.expand("%{commands}"):gmatch("%S+") do + print(rpm.expand("%python_libalternatives_reset_alternative evtx_" .. c .. ".py")) +end} + +%post +%{lua:for c in rpm.expand("%{commands}"):gmatch("%S+") do + print(rpm.expand("%python_install_alternative evtx_" .. c .. ".py")) +end} + +%postun +%{lua:for c in rpm.expand("%{commands}"):gmatch("%S+") do + print(rpm.expand("%python_uninstall_alternative evtx_" .. c .. ".py")) +end} + +%files %{python_files} +%license LICENSE.TXT +%doc README.md +%{python_sitelib}/Evtx +%{python_sitelib}/python_evtx-%{version}.dist-info +%{lua:for c in rpm.expand("%{commands}"):gmatch("%S+") do + print(rpm.expand("%python_alternative %{_bindir}/evtx_" .. c .. ".py")) +end} + +%changelog