Update go-yara to 4.3.3 (chainguard-dev#386)

Signed-off-by: egibs <[email protected]>

go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/fatih/color v1.17.0
 	github.com/google/go-cmp v0.6.0
 	github.com/google/go-containerregistry v0.20.1
-	github.com/hillu/go-yara/v4 v4.3.2
+	github.com/hillu/go-yara/v4 v4.3.3
 	github.com/liamg/magic v0.0.1
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/ulikunitz/xz v0.5.12

go.sum

@@ -19,8 +19,8 @@ github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-containerregistry v0.20.1 h1:eTgx9QNYugV4DN5mz4U8hiAGTi1ybXn0TPi4Smd8du0=
 github.com/google/go-containerregistry v0.20.1/go.mod h1:YCMFNQeeXeLF+dnhhWkqDItx/JSkH01j1Kis4PsjzFI=
-github.com/hillu/go-yara/v4 v4.3.2 h1:HGqUN3ORUduWZbb95RQjut4UzavGDbtt/C6SnGB3Amk=
-github.com/hillu/go-yara/v4 v4.3.2/go.mod h1:AHEs/FXVMQKVVlT6iG9d+q1BRr0gq0WoAWZQaZ0gS7s=
+github.com/hillu/go-yara/v4 v4.3.3 h1:O+7iYTZK20fzsXiJyvA0d529RTdnZCrgS6HdE0O7BMg=
+github.com/hillu/go-yara/v4 v4.3.3/go.mod h1:AHEs/FXVMQKVVlT6iG9d+q1BRr0gq0WoAWZQaZ0gS7s=
 github.com/klauspost/compress v1.17.9 h1:6KIumPrER1LHsvBVuDa0r5xaG0Es51mhhB9BQB2qeMA=
 github.com/klauspost/compress v1.17.9/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw=
 github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=

pkg/compile/compile.go

@@ -9,6 +9,7 @@ import (
 	"io/fs"
 	"log/slog"
 	"path/filepath"
+	"strings"
 
 	"github.com/chainguard-dev/bincapz/rules"
 	"github.com/chainguard-dev/clog"
@@ -113,20 +114,20 @@ func Recursive(ctx context.Context, fss []fs.FS) (*yara.Rules, error) {
 	warnings := map[string]string{}
 	for _, ycw := range yc.Warnings {
 		clog.WarnContext(ctx, "warning", slog.String("filename", ycw.Filename), slog.Int("line", ycw.Line), slog.String("text", ycw.Text))
-		if ycw.Rule == nil {
+		if ycw.Rule == "" {
 			continue
 		}
-
-		id := fmt.Sprintf("%s:%s", ycw.Rule.Namespace(), ycw.Rule.Identifier())
-		clog.WarnContext(ctx, "rule has warning", "id", id)
+		parts := strings.Split(ycw.Rule, ".")
+		id := parts[len(parts)-1]
 		warnings[id] = ycw.Text
+		clog.WarnContext(ctx, "rule has warning", id)
 	}
 
 	errors := []string{}
 	for _, yce := range yc.Errors {
 		clog.ErrorContext(ctx, "error", slog.String("filename", yce.Filename), slog.Int("line", yce.Line), slog.String("text", yce.Text))
-		if yce.Rule != nil {
-			clog.ErrorContext(ctx, "defective rule", slog.String("namespace", yce.Rule.Namespace()), slog.String("id", yce.Rule.Identifier()))
+		if yce.Rule != "" {
+			clog.ErrorContext(ctx, "defective rule", slog.String("rule", yce.Rule))
 		}
 		errors = append(errors, yce.Text)
 	}
@@ -138,28 +139,27 @@ func Recursive(ctx context.Context, fss []fs.FS) (*yara.Rules, error) {
 	if err != nil {
 		return nil, err
 	}
-
 	for _, r := range rs.GetRules() {
-		if badRules[r.Identifier()] {
-			clog.InfoContext(ctx, "info", slog.String("namespace", r.Namespace()), slog.String("id", r.Identifier()), slog.String("reason", "disabled (known bad rule)"))
+		id := r.Identifier()
+		if badRules[id] {
+			clog.InfoContext(ctx, "info", slog.String("namespace", r.Namespace()), slog.String("id", id), slog.String("reason", "disabled (known bad rule)"))
 			r.Disable()
 		}
 
-		id := fmt.Sprintf("%s:%s", r.Namespace(), r.Identifier())
 		warning := warnings[id]
 		if warning == "" {
 			continue
 		}
 
 		// use rule name instead of filename to lower maintenance in the face of renames
-		keep, known := rulesWithWarnings[r.Identifier()]
+		keep, known := rulesWithWarnings[id]
 		if keep {
 			continue
 		}
 		if !known {
-			clog.ErrorContext(ctx, "error", slog.String("namespace", r.Namespace()), slog.String("id", r.Identifier()), slog.String("disabled due to unexpected warning", warnings[id]))
+			clog.ErrorContext(ctx, "error", slog.String("namespace", r.Namespace()), slog.String("id", id), slog.String("disabled due to unexpected warning", warnings[id]))
 		} else {
-			clog.InfoContext(ctx, "info", slog.String("namespace", r.Namespace()), slog.String("id", r.Identifier()), slog.String("disabled due to expected warning", warnings[id]))
+			clog.InfoContext(ctx, "info", slog.String("namespace", r.Namespace()), slog.String("id", id), slog.String("disabled due to expected warning", warnings[id]))
 		}
 		r.Disable()
 	}