[pull] master from kevoreilly:master

.actrc

@@ -0,0 +1,5 @@
+ # Nektos act runs tests as root. Without this environment variable
+ # being set, CAPE exits at line 10 of web/web/settings.py,
+ # and no tests are run.
+
+ --env CAPE_AS_ROOT=1

.github/issue_template.md → .github/ISSUE_TEMPLATE/bug_report.md

@@ -1,15 +1,28 @@
-## This is opensource and you getting __free__ support so be friendly!
-* Free support from doomedraven ended, no whiskey no support. For something he updated the documentation :)
+---
+name: Having problem/bug/issue
+about: Create a report to help us improve
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+## About accounts on [capesandbox.com](https://capesandbox.com/)
+* Issues isn't the way to ask for account activation. Ping capesandbox in [Twitter](https://twitter.com/capesandbox) with your username
+
+## This is open source and you are getting __free__ support so be friendly!
 
 # Prerequisites
 
 Please answer the following questions for yourself before submitting an issue.
 
 - [ ] I am running the latest version
+- [ ] I did read the README!
 - [ ] I checked the documentation and found no answer
 - [ ] I checked to make sure that this issue has not already been filed
 - [ ] I'm reporting the issue to the correct repository (for multi-repository projects)
-- [ ] I'm have read all configs with all optional parts
+- [ ] I have read and checked all configs (with all optional parts)
+- [ ] Asked and no solution about my issue with [deepwiki](https://deepwiki.com/kevoreilly/CAPEv2)
 
 
 # Expected Behavior
@@ -34,7 +47,7 @@ Please provide detailed steps for reproducing the issue.
 
 ## Context
 
-Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions.
+Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions. Operating system version, bitness, installed software versions, test sample details/hash/binary (if applicable).
 
 | Question         | Answer
 |------------------|--------------------

.github/actions/python-setup/action.yml

@@ -0,0 +1,32 @@
+name: 'Python setup steps that can be reused'
+description: 'Install dependencies, poetry, requirements'
+inputs:
+  python-version:
+    required: true
+    description: The python version
+
+runs:
+  using: "composite"
+  steps:
+    - name: Install dependencies
+      if: ${{ runner.os == 'Linux' }}
+      shell: bash
+      run: |
+        sudo apt update && sudo apt-get install -y --no-install-recommends libxml2-dev libxslt-dev python3-dev libgeoip-dev ssdeep libfuzzy-dev innoextract unrar upx
+
+    - name: Install poetry
+      shell: bash
+      run: PIP_BREAK_SYSTEM_PACKAGES=1 pip install poetry poetry-plugin-export
+    #- name: Python Poetry Action
+    #  uses: abatilo/[email protected]
+
+    - name: Set up Python ${{ inputs.python-version }}
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ inputs.python-version }}
+        cache: 'poetry'
+
+    - name: Install requirements
+      shell: bash
+      run: |
+        PIP_BREAK_SYSTEM_PACKAGES=1 poetry install --no-interaction

.github/copilot-instructions.md

@@ -0,0 +1,58 @@
+# Copilot Instructions for CAPEv2
+
+## General Architecture
+- CAPEv2 is an automated malware analysis platform, based on Cuckoo Sandbox, with extensions for dynamic, static, and network analysis.
+- The backend is mainly Python, using SQLAlchemy for the database and Django/DRF for the web API.
+- Main components include:
+  - `lib/cuckoo/core/database.py`: database logic and ORM.
+  - `web/apiv2/views.py`: REST API endpoints (Django REST Framework).
+  - `lib/cuckoo/common/`: shared utilities, configuration, helpers.
+  - `storage/`: analysis results and temporary files.
+- Typical flow: sample upload → DB registration → VM assignment → analysis → result storage → API query.
+
+## Conventions and Patterns
+- Heavy use of SQLAlchemy 2.0 ORM, with explicit sessions and nested transactions (`begin_nested`).
+- Database models (Sample, Task, Machine, etc.) are always managed via `Database` object methods.
+- API endpoints always return a dict with `error`, `data`, and, if applicable, `error_value` keys.
+- Validation and request argument parsing is centralized in helpers (`parse_request_arguments`, etc.).
+- Integrity errors (e.g., duplicates) are handled with `try/except IntegrityError` and recovery of the existing object.
+- Tags are managed as comma-separated strings and normalized before associating to models.
+- Code avoids mutable global variables; configuration is accessed via `Config` objects.
+
+## Developer Workflows
+- No Makefile or standard build scripts; dependency management is usually via `poetry` or `pip`.
+- For testing, use virtual environments and run scripts manually.
+- Typical backend startup is via Django (`manage.py runserver`), and analysis workers are launched separately.
+- Database changes require manual migrations (see Alembic comments in `database.py`).
+
+## Integrations and Dependencies
+- Optional integration with MongoDB and Elasticsearch, controlled by configuration (`reporting.conf`).
+- The system can use different compression tools (zlib, 7zip) depending on config.
+- Sample analysis may invoke external utilities (e.g., Sflock, PE parsers).
+
+## Key Pattern Examples
+- IntegrityError handling example:
+  ```python
+  try:
+      with self.session.begin_nested():
+          self.session.add(sample)
+  except IntegrityError:
+      sample = self.session.scalar(select(Sample).where(Sample.md5 == file_md5))
+  ```
+- API response example:
+  ```python
+  return Response({"error": False, "data": result})
+  ```
+- Tag assignment example:
+  ```python
+  tags = ",".join(set(_tags))
+  ```
+
+## Key Files
+- `lib/cuckoo/core/database.py`: database logic, sample/task registration, machine management.
+- `web/apiv2/views.py`: REST endpoints, validation, high-level business logic.
+- `lib/cuckoo/common/`: utilities, helpers, configuration.
+
+---
+
+If you introduce new endpoints, helpers, or models, follow the validation, error handling, and standard response patterns. See the files above for implementation examples.

.github/workflows/antitemplaters.yml_disabled

@@ -0,0 +1,17 @@
+on:
+  issues:
+    types: [opened, edited]
+
+jobs:
+  auto_close_issues:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Automatically close issues that don't follow the issue template
+        uses: lucasbento/[email protected]
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          issue-close-message: "@${issue.user.login}: hello! :wave:\n\nThis issue is being automatically closed because it does not follow the issue template.\n\n This is open source project!\n\t So please apreciate our time that we sacrify from other thing that we could enjoy, instead of asking boring things over and over." # optional property
+          closed-issues-label: "🙁 Not following issue template"

.github/workflows/auto_answer.yml

@@ -0,0 +1,36 @@
+name: Auto Answer Bot (using uv run)
+
+on:
+  issues:
+    types: [opened]
+
+jobs:
+  answer:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository code
+        uses: actions/checkout@v4
+
+      - name: Set up Python with caching
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.10'
+          cache: 'pip'
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+        with:
+          enable-cache: true
+
+      - name: Run the answer bot with uv run
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
+          ISSUE_NUMBER: ${{ github.event.issue.number }}
+          REPO_NAME: ${{ github.repository }}
+        run: |
+          cd KnowledgeBaseBot && \
+          uv run \
+          --with-requirements ../requirements.txt \
+          --with-requirements requirements.txt \
+          python auto_answer_bot.py

.github/workflows/export-requirements.yml

@@ -0,0 +1,46 @@
+name: Update requirements.txt file
+
+on:
+  push:
+    branches: [ master, staging ]
+    paths:
+      - "pyproject.toml"
+      - "poetry.lock"
+
+jobs:
+  update:
+    if: ${{ !github.event.act }} # skip during local actions testing
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+    strategy:
+      matrix:
+        python-version: ["3.10"]
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      - name: Install poetry
+        run: pip install poetry poetry-plugin-export --user
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        with:
+          check-latest: true
+          python-version: ${{ matrix.python-version }}
+          cache: 'poetry'
+
+      - name: Export requirements.txt
+        run: poetry export --format requirements.txt --output requirements.txt
+
+      - name: Commit changes if any
+        # Skip this step if being run by nektos/act
+        if: ${{ !env.ACT }}
+        run: |
+          git config user.name "GitHub Actions"
+          git config user.email "[email protected]"
+          if output=$(git status --porcelain) && [ ! -z "$output" ]; then
+            git pull -f
+            git commit -m "ci: Update requirements.txt" -a
+            git push
+          fi

.github/workflows/pip-audit.yml

@@ -0,0 +1,21 @@
+name: PIP audit
+
+on:
+  schedule:
+  - cron: '0 8 * * 1'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+    strategy:
+      matrix:
+        python-version: ["3.10"]
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      - uses: pypa/[email protected]
+        with:
+          inputs: requirements.txt

.github/workflows/python-package-windows.yml

@@ -0,0 +1,43 @@
+name: Python tests on windows
+
+env:
+  COLUMNS: 120
+
+on:
+  push:
+    branches: [ master, staging ]
+  pull_request:
+    branches: [ master, staging ]
+
+jobs:
+  test:
+    runs-on: windows-latest
+    timeout-minutes: 20
+    strategy:
+      matrix:
+        python-version: ["3.10"]
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      - name: Set up Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v5
+        # Use x86 python because of https://github.com/kevoreilly/CAPEv2/issues/168
+        with:
+          python-version: ${{ matrix.python-version }}
+          cache: 'pip'
+          architecture: 'x86'
+
+      - name: Install dependencies
+        run: pip install --upgrade pytest requests
+
+      - name: Run analyzer unit tests
+        run: |
+          cd analyzer/windows
+          pytest -v .
+
+      - name: Run agent unit tests
+        run: |
+          cd agent
+          pytest -v .