Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add PyAFF4 suppport #657

Open
joachimmetz opened this issue Apr 8, 2019 · 8 comments
Open

Add PyAFF4 suppport #657

joachimmetz opened this issue Apr 8, 2019 · 8 comments
Assignees
@joachimmetz
Labels
blocked Work cannot progress until another issue is resolved maintenance

Comments

@joachimmetz
Copy link
Member

joachimmetz commented Apr 8, 2019
edited
Loading

To unblock log2timeline/dfvfs#362 add PyAFF4 suppport to l2tdevtools and l2tbinaries/GIFT

https://pypi.org/project/PyAFF4/
https://github.com/aff4/pyaff4

@blschatz FYI

WIP: https://github.com/joachimmetz/l2tdevtools/tree/pyaff4
@joachimmetz joachimmetz self-assigned this Apr 8, 2019
@joachimmetz joachimmetz mentioned this issue Apr 8, 2019
Open
@joachimmetz
Copy link
Member Author

joachimmetz commented Apr 8, 2019
edited
Loading

No releases in https://github.com/aff4/pyaff4 and 2017 release in https://pypi.org/project/PyAFF4/

Let's get this updated first, marking as blocked

@joachimmetz joachimmetz added the blocked Work cannot progress until another issue is resolved label Apr 8, 2019
@joachimmetz
Copy link
Member Author

joachimmetz commented Apr 8, 2019
edited
Loading

Looks like this is going to be more involved:

  • future
  • aff4-snappy == 0.5.1
  • rdflib[sparql] == 4.2.2 (six, isodate, pyparsing)
  • intervaltree == 2.1.0
  • pyblake2 >= 0.9.3
  • expiringdict == 1.1.4
  • pyyaml
  • tzlocal
  • html5lib
  • python-dateutil
  • fastchunking (pybindgen)

@joachimmetz
Copy link
Member Author

Potential licensing issues:

  • pyblake2 is public domain

@blschatz
Copy link

blschatz commented Apr 9, 2019

New release 0.27 in PyPi.

Re the observation that the dependency list is going to be more involved, can you elaborate?

@joachimmetz
Copy link
Member Author

New release 0.27 in PyPi.

Thx

Re the observation that the dependency list is going to be more involved, can you elaborate?

The thing is that plaso ships a packaged version that includes all dependencies for this reason all dependencies need to be compatible with the plaso license (https://github.com/log2timeline/l2tdocs/blob/master/process/Dependencies.md). Seeing the uncertainty around compatibility of PD and FOSS (some context https://opensource.org/node/878) I would need to take a closer look how this affects plaso.

An option might be to make pyaff4 an optional dependency to dfVFS and not ship it as part of the packaged release of plaso. However this means additional steps in the release build process.

@blschatz
Copy link

blschatz commented Apr 9, 2019

We could make the pyblake2 dependency a soft one - it isn't regularly used.

@joachimmetz
Copy link
Member Author

In general, the less dependencies the easier to deploy. Maybe an alternative approach is to have a pyaff4(-core) and pyaff4-blake (or equiv) split?

@joachimmetz
Copy link
Member Author

joachimmetz commented Apr 23, 2019
edited
Loading

What is aff4-snappy, a fork from https://github.com/andrix/python-snappy? Under rekall-innovations (https://github.com/rekall-innovations/aff4-snappy)?

Asked for clarification: aff4/pyaff4#9

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@joachimmetz joachimmetz

Labels
blocked Work cannot progress until another issue is resolved maintenance
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@blschatz @joachimmetz