Merge pull request #1274 from Yamato-Security/finalize-2.13.0

finalize 2.13.0

CHANGELOG-Japanese.md

@@ -1,33 +1,26 @@
 # 変更点
 
-## 2.13.0 [2024/XX/XX] "XXX Release"
-
-**新機能:**
-
-- XXX
+## 2.13.0 [2024/02/11] "Year Of The Dragon Release"
 
 **改善:**
 
 - `search` コマンドのフィルタオプションを完全一致にするようにした。加えてフィルタオプションはワイルドカード対応をするようにした。 (#1240) (@hitenkoku)
-- `update-rules`コマンドを実行したときに、検知ルールが変更された場合にルール名を出力するようにした。以前は`modified:`フィールドを更新したルールだけが表示されていた。(#1243) (@hitenkoku)
+- `update-rules`コマンドを実行したときに、検知ルールが変更された場合にルール名を出力するようにした。以前は`modified`フィールドを更新したルールだけが表示されていた。(#1243) (@hitenkoku)
 - `json-timeline`コマンドの標準出力でJSONフォーマットを出力するように修正した。 (#1197) (@hitenkoku)
 - JSON入力でデータが配列内にある場合に解析できるようにした。 (#1248) (@hitenkoku)
 - 古いターミナルでも正しく表示されるように、また読みやすくするために、`‖`区切り文字を`·`区切り文字に変更した。(#1258) (@YamatoSecurity)
-- General Optionsに`-h --help`オプションを追加した。 (#1255) (@hitenkoku)
+- General Optionsに`-h, --help`オプションを追加した。 (#1255) (@hitenkoku)
 - `json-timeline`コマンドの`Details`の出力で、要素がアルファベット順に並んでいたのをルールに記載されているオリジナルの順番に変更した。 (#1264) (@hitenkoku)
 -  ルールをロードする必要のないコマンドを実行した場合、検出ルールのロードをスキップするようにした。 (#1263) (@hitenkoku)
 - `csv-timeline`コマンドの標準出力のカラー出力ルールを変更した。 (#1271) (@hitenkoku)
+- リファクタリングとパフォーマンスの改善。(#1268, #1260) (@hach1yon)
 
 **バグ修正:**
 
 - `search`コマンドの出力に入っている不要な改行文字を削除した。 (#1253) (@hitenkoku)
 - `no-color`オプション使用時のプログレスバーとウィザードのカラー出力を修正した。 (#1256) (@hitenkoku)
 - ローカルのタイムゾーンを特定できない場合にパニックが発生する問題を修正した。`chrono`クレートのバージョン0.4.32で修正された。(#1273)
 
-**その他:**
-
-- XXX
-
 ## 2.12.0 [2023/12/24] "SECCON Christmas Release"
 
 **改善:**

CHANGELOG.md

@@ -1,33 +1,26 @@
 # Changes
 
-## 2.13.0 [2024/XX/XX] "XXX Release"
-
-**New Features:**
-
-- XXX
+## 2.13.0 [2024/02/11] "Year Of The Dragon Release"
 
 **Enhancements:**
 
 - Adjusted the `search` command's Filter option to be an exact match and support wildcard characters. (#1240) (@hitenkoku)
-- Any time there is a change in a detection rule, it will be displayed when running the `update-rules` command. Previously, only rules that updated their `modified:` field would be displayed. (#1243) (@hitenkoku)
+- Any time there is a change in a detection rule, it will be displayed when running the `update-rules` command. Previously, only rules that updated their `modified` field would be displayed. (#1243) (@hitenkoku)
 - The `json-timeline` command now outputs in JSON format when outputting to the terminal. (#1197) (@hitenkoku)
 - Added support for parsing JSON input when the data is inside an array. (#1248) (@hitenkoku)
 - Changed the `‖` separator into a `·` separator to make it easier to read and render properly on older terminals. (#1258) (@YamatoSecurity)
-- Added back `-h --help` option to General Options. (#1255) (@hitenkoku)
-- Changed the `Details` output in `json-timeline` command from alphabetical order to the original order.
-- Skiped loading detection rules when running to command which is no need to load rule. (#1263) (@hitenkoku)
-- Changed standard output color rule in `csv-timeline` command. (#1271) (@hitenkoku)
+- Added a `-h, --help` option to General Options for all commands. (#1255) (@hitenkoku)
+- Changed the `Details` output in the `json-timeline` command from alphabetical order to the original order.
+- Loading detection rules is now skipped when running commands that do not need them. (#1263) (@hitenkoku)
+- Improved the standard output colors in the `csv-timeline` command. (#1271) (@hitenkoku)
+- Refactoring and performance enhancements. (#1268, #1260) (@hach1yon)
 
 **Bug Fixes:**
 
-- Removed newline characters in `search` command output. (#1253) (@hitenkoku)
-- Fixed progress bar and wizard colored output when `--no-color` option is used. (#1256) (@hitenkoku)
+- Removed newline characters in the `search` command output. (#1253) (@hitenkoku)
+- Fixed the progress bar and wizard colored output when the `--no-color` option is used. (#1256) (@hitenkoku)
 - Fixed a panic when the local timezone was not able to be identified. This was fixed in the `chrono` crate version 0.4.32. (#1273)
 
-**Other:**
-
-- XXX
-
 ## 2.12.0 [2023/12/23] "SECCON Christmas Release"
 
 **Enhancements:**

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "hayabusa"
-version = "2.13.0-dev"
+version = "2.13.0"
 repository = "https://github.com/Yamato-Security/hayabusa"
 authors = ["Yamato Security @SecurityYamato"]
 edition = "2021"
@@ -11,7 +11,7 @@ include = ["src/**/*", "LICENSE.txt", "README.md", "CHANGELOG.md"]
 itertools = "*"
 dashmap = "*"
 clap = { version = "4.*", features = ["derive", "cargo", "color"]}
-evtx = { git = "https://github.com/Yamato-Security/hayabusa-evtx.git" , features = ["fast-alloc"] , rev = "bb6ebb8" } # 0.8.7 2023/12/22 update
+evtx = { git = "https://github.com/Yamato-Security/hayabusa-evtx.git" , features = ["fast-alloc"] , rev = "6f1b0e3" } # 0.8.7 2024/02/10 update
 quick-xml = {version = "0.*", features = ["serialize"] }
 serde = { version = "1.*", features = ["derive"] }
 serde_json = { version = "1.0"}
@@ -54,7 +54,7 @@ num = "0.4.0"
 indexmap = "2.*"
 dialoguer = "*"
 wildmatch = "2.*"
-console = "0.15.7"
+console = "0.15.*"
 
 [profile.dev]
 debug = 0

src/detections/configs.rs

@@ -742,7 +742,7 @@ fn check_thread_number(config: &Config) -> Option<usize> {
 pub enum Action {
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe csv-timeline <INPUT> [OPTIONS]\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe csv-timeline <INPUT> [OPTIONS]\n\n{all-args}",
         term_width = 400,
         display_order = 290
     )]
@@ -751,7 +751,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe json-timeline <INPUT> [OPTIONS]\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe json-timeline <INPUT> [OPTIONS]\n\n{all-args}",
         term_width = 400,
         display_order = 360
     )]
@@ -760,7 +760,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe logon-summary <INPUT> [OPTIONS]\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe logon-summary <INPUT> [OPTIONS]\n\n{all-args}",
         term_width = 400,
         display_order = 383
     )]
@@ -769,7 +769,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe eid-metrics <INPUT> [OPTIONS]\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe eid-metrics <INPUT> [OPTIONS]\n\n{all-args}",
         term_width = 400,
         display_order = 310
     )]
@@ -778,7 +778,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe pivot-keywords-list <INPUT> [OPTIONS]\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe pivot-keywords-list <INPUT> [OPTIONS]\n\n{all-args}",
         term_width = 400,
         display_order = 420
     )]
@@ -787,7 +787,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe search <INPUT> <--keywords \"<KEYWORDS>\" OR --regex \"<REGEX>\"> [OPTIONS]\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe search <INPUT> <--keywords \"<KEYWORDS>\" OR --regex \"<REGEX>\"> [OPTIONS]\n\n{all-args}",
         term_width = 400,
         display_order = 450
     )]
@@ -796,7 +796,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
         term_width = 400,
         display_order = 470
     )]
@@ -805,7 +805,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
         term_width = 400,
         display_order = 380
     )]
@@ -814,7 +814,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
         term_width = 400,
         display_order = 451
     )]
@@ -831,7 +831,7 @@ pub enum Action {
 
     #[clap(
         author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-        help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
+        help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  {usage}\n\n{all-args}",
         term_width = 400,
         display_order = 290
     )]
@@ -1656,7 +1656,7 @@ pub struct ComputerMetricsOption {
 #[derive(Parser, Clone, Debug)]
 #[clap(
     author = "Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)",
-    help_template = "\nHayabusa v2.13.0 - Dev Build\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe <COMMAND> [OPTIONS]\n  hayabusa.exe help <COMMAND>\n\n{all-args}{options}",
+    help_template = "\nHayabusa v2.13.0 - Year Of The Dragon Release\n{author-with-newline}\n{usage-heading}\n  hayabusa.exe <COMMAND> [OPTIONS]\n  hayabusa.exe help <COMMAND>\n\n{all-args}{options}",
     term_width = 400
 )]
 pub struct Config {