Skip to content

[pull] master from Neo23x0:master #123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pull merged 4 commits into from
Jan 31, 2026
Merged

[pull] master from Neo23x0:master #123

pull merged 4 commits into from
Jan 31, 2026
+126 −0

Conversation

@pull
Copy link

@pull pull bot commented Jan 31, 2026
edited
Loading

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

RuneBot14 and others added 4 commits January 31, 2026 09:07
ci: add YARA syntax check test framework
9a2db78 
Add automated syntax checking for YARA rules:
- tests/syntax/check.sh: Script to validate all .yar files
- .github/workflows/syntax-check.yml: CI pipeline for PRs
- Makefile: 'make test-syntax' for local testing

Features:
- Tests compilation of all YARA rules
- Skips rules with external variables (known limitation)
- Runs on Ubuntu with YARA 4.5+
- Reports pass/skip/fail counts

Part of Phase 1 quality checks for signature-base repository.
ci: add YARA syntax check test framework
7936bc0 
Adds a GitHub Actions workflow that checks all YARA rule files for
syntax errors on every push and PR.

Features:
- Compiles each .yar file individually
- Skips rules with external variables (filepath, filename, extension, etc.)
- Reports pass/fail/skip summary
- Uploads results as artifact

Skipped files (external variables):
- generic_anomalies, general_cloaking, gen_webshells_ext_vars
- thor_inverse_matches, yara_mixed_ext_vars, configured_vulns_ext_vars
- gen_fake_amsi_dll, expl_citrix, vuln_drivers_strict_renamed
- expl_connectwise_screenconnect_vuln_feb24
- gen_mal_3cx_compromise_mar23, gen_susp_obfuscation
- gen_vcruntime140_dll_sideloading
chore: trigger CI rebuild
710ad0c
@Neo23x0
Merge pull request #387 from RuneBot14/fix/syntax-check-complete
6a18e50 
ci: fix YARA syntax check - add missing external var skips
@pull pull bot locked and limited conversation to collaborators Jan 31, 2026
@pull pull bot added the ⤵️ pull label Jan 31, 2026
@pull pull bot merged commit 6a18e50 into threatcode:master Jan 31, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

⤵️ pull

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Neo23x0