chore: bump yara-x to 1.15.0

.chainguard/source.yaml

@@ -11,6 +11,8 @@ spec:
             subject: https://github.com/chainguard-dev/malcontent/.github/workflows/release.yaml@refs/heads/main
           - issuer: https://token.actions.githubusercontent.com
             subject: https://github.com/chainguard-dev/malcontent/.github/workflows/third-party.yaml@refs/heads/main
+          - issuer: https://token.actions.githubusercontent.com
+            subject: https://github.com/chainguard-dev/malcontent/.github/workflows/update-yara-x.yaml@refs/heads/main
           - issuer: https://token.actions.githubusercontent.com
             subject: https://github.com/chainguard-dev/malcontent/.github/workflows/version.yaml@refs/heads/main
     - key:

.github/workflows/codeql.yaml

@@ -12,14 +12,14 @@
 
 env:
   CODEQL_EXTRACTOR_GO_BUILD_TRACING: "on"
-  YARA_X_RELEASE: "1.14.0"
+  YARA_X_RELEASE: "1.15.0"
 
 permissions: {}
 
 jobs:
   analyze:
     if: ${{ github.repository == 'chainguard-dev/malcontent' }}
     runs-on: ubuntu-latest-16-core
     permissions:
       actions: read
       contents: read
@@ -36,9 +36,12 @@
             dl.google.com:443
             github.com:443
             go.dev:443
+            index.crates.io:443
             objects.githubusercontent.com:443
             proxy.golang.org:443
             release-assets.githubusercontent.com:443
+            static.crates.io:443
+            static.rust-lang.org:443
             storage.googleapis.com:443
             sum.golang.org:443
             uploads.github.com:443

.github/workflows/fuzz.yaml

@@ -31,7 +31,7 @@ on:
 
 env:
   GO_RELEASE: "go-1.26"
-  YARA_X_RELEASE: "1.14.0"
+  YARA_X_RELEASE: "1.15.0"
 
 permissions: {}
 

.github/workflows/go-tests.yaml

@@ -13,14 +13,14 @@
 
 env:
   GO_RELEASE: "go-1.26"
-  YARA_X_RELEASE: "1.14.0"
+  YARA_X_RELEASE: "1.15.0"
 
 permissions: {}
 
 jobs:
   test:
     if: ${{ github.repository == 'chainguard-dev/malcontent' }}
     runs-on: ubuntu-latest-arm-16-core
     permissions:
       contents: read
     container:
@@ -71,7 +71,7 @@
 
   integration:
     if: ${{ github.repository == 'chainguard-dev/malcontent' }}
     runs-on: ubuntu-latest-arm-16-core
     permissions:
       contents: read
     container:

.github/workflows/style.yaml

@@ -5,7 +5,7 @@
 
 env:
   GO_RELEASE: "go-1.26"
-  YARA_X_RELEASE: "1.14.0"
+  YARA_X_RELEASE: "1.15.0"
 
 permissions: {}
 
@@ -91,7 +91,7 @@
         run: |
           yr --version
       - name: Run yr fmt
         run: |
           find rules -type f -name "*.yara" | xargs -n 1 -I {} yr fmt {}
           if [[ -n $(git status -s) ]]; then
             echo "Rule files updated; please run yr fmt locally and commit the changes"

.github/workflows/third-party.yaml

@@ -10,14 +10,14 @@
 
 env:
   GO_RELEASE: "go-1.26"
-  YARA_X_RELEASE: "1.14.0"
+  YARA_X_RELEASE: "1.15.0"
 
 permissions: {}
 
 jobs:
   update:
     if: ${{ github.repository == 'chainguard-dev/malcontent' }}
     runs-on: ubuntu-latest-arm-16-core
     container:
       image: cgr.dev/chainguard/wolfi-base:latest
       options: >-

Makefile

@@ -51,22 +51,22 @@ $(GOLANGCI_LINT_BIN):
 	mv $(LINT_ROOT)/out/linters/golangci-lint $@
 
 YARA_X_REPO ?= virusTotal/yara-x
-YARA_X_VERSION ?= v1.14.0
-YARA_X_COMMIT ?= 6a7982f5924c63a7ccafdf440798e06f5e6a4ccd
+YARA_X_VERSION ?= v1.15.0
+YARA_X_COMMIT ?= 71e1b4e0d9ca5a050d98a8db5ef3788d5ff00e36
 YARA_X_SHA :=
 ifeq ($(LINT_OS),Darwin)
 	ifeq ($(shell uname -m),arm64)
 		LINT_ARCH = aarch64
-		YARA_X_SHA = cee7ac001004fb721508c55190f57291b7b843290d488334a1d5cff45c519bc9
+		YARA_X_SHA = d3afa669299e35a79e1243201ee5f7a8b52079c3765e2e9d300beb44ad2a9c49
 	else
-		YARA_X_SHA = 344eedd347d2aafb447d381a18f88974576231171ca72b3d969e88ace0cbf9ca
+		YARA_X_SHA = 6466a91bd9f40e6e329ef6eb8217c11e4d352b0e31f48234c02f9b30ec6e113a
 	endif
 else ifeq ($(LINT_OS),Linux)
 	ifneq ($(filter $(shell uname -m),aarch64 arm64),)
 		LINT_ARCH = aarch64
-		YARA_X_SHA = 3c46835d0ffb8786b7e901517971b105eb1692f578dc244194ce206cf99ce988
+		YARA_X_SHA = 56d173b7a47a8285318b618b21fe8648db165f160bbbee02f56b8da2341c2b19
 	else
-		YARA_X_SHA = 59b768cf25aa48fc30e7e9aaeb9166921ce18e3472d7059e7f5b12744224b712
+		YARA_X_SHA = 90bb8898a2052781890684d8b030d62401a1226caab9fe58adf6fd7513f4a7b3
 	endif
 endif
 YARA_X_BIN := $(LINT_ROOT)/out/linters/yr-$(YARA_X_VERSION)-$(LINT_ARCH)

go.mod

@@ -3,7 +3,7 @@ module github.com/chainguard-dev/malcontent
 go 1.26.1
 
 require (
-	github.com/VirusTotal/yara-x/go v1.14.0
+	github.com/VirusTotal/yara-x/go v1.15.0
 	github.com/cavaliergopher/cpio v1.0.1
 	github.com/cavaliergopher/rpm v1.3.0
 	github.com/chainguard-dev/clog v1.8.0

go.sum

@@ -1,5 +1,5 @@
-github.com/VirusTotal/yara-x/go v1.14.0 h1:B8JDAVDN7TmzU2T1uVTMiMgpNIb1Lt4UZVePfFgthqs=
-github.com/VirusTotal/yara-x/go v1.14.0/go.mod h1:lgXP/nkYX349MVowrtTtU5hzMdCOWQLv3+wKll9+0F8=
+github.com/VirusTotal/yara-x/go v1.15.0 h1:s66mLNZ1X1sUn/wxa9OHDXq6nnuEx15/PsJth7jq/LI=
+github.com/VirusTotal/yara-x/go v1.15.0/go.mod h1:lgXP/nkYX349MVowrtTtU5hzMdCOWQLv3+wKll9+0F8=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
 github.com/bahlo/generic-list-go v0.2.0 h1:5sz/EEAK+ls5wF+NeqDpk5+iNdMDXrh3z3nPnH1Wvgk=