Merge branch 'main' into dev_deps

Bumps [mkdocs-material](https://github.com/squidfunk/mkdocs-material) from 9.6.16 to 9.6.17.
- [Release notes](https://github.com/squidfunk/mkdocs-material/releases)
- [Changelog](https://github.com/squidfunk/mkdocs-material/blob/master/CHANGELOG)
- [Commits](https://github.com/squidfunk/mkdocs-material/compare/9.6.16...9.6.17)

---
updated-dependencies:
- dependency-name: mkdocs-material
  dependency-version: 9.6.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Tek <tek@randhome.io>

Makefile

@@ -23,7 +23,7 @@ install:
 	python3 -m pip install --upgrade -e .
 
 test-requirements:
-	python3 -m pip install --upgrade -r test-requirements.txt
+	python3 -m pip install --upgrade --group dev
 
 generate-proto-parsers:
 	# Generate python parsers for protobuf files

docs/requirements.txt

@@ -1,5 +1,5 @@
 mkdocs==1.6.1
 mkdocs-autorefs==1.4.2
-mkdocs-material==9.6.16
+mkdocs-material==9.6.17
 mkdocs-material-extensions==1.3.1
 mkdocstrings==0.30.0

pyproject.toml

@@ -1,13 +1,11 @@
 [project]
 name = "mvt"
 dynamic = ["version"]
-authors = [
+authors = [{ name = "Claudio Guarnieri", email = "nex@nex.sx" }]
-    {name = "Claudio Guarnieri", email = "nex@nex.sx"}
-]
 maintainers = [
-    {name = "Etienne Maynier", email = "tek@randhome.io"},
+    { name = "Etienne Maynier", email = "tek@randhome.io" },
-    {name = "Donncha Ó Cearbhaill", email = "donncha.ocearbhaill@amnesty.org"},
+    { name = "Donncha Ó Cearbhaill", email = "donncha.ocearbhaill@amnesty.org" },
-    {name = "Rory Flynn", email = "rory.flynn@amnesty.org"}
+    { name = "Rory Flynn", email = "rory.flynn@amnesty.org" },
 ]
 description = "Mobile Verification Toolkit"
 readme = "README.md"
@@ -16,7 +14,7 @@ classifiers = [
     "Development Status :: 5 - Production/Stable",
     "Intended Audience :: Information Technology",
     "Operating System :: OS Independent",
-    "Programming Language :: Python"
+    "Programming Language :: Python",
 ]
 dependencies = [
     "click==8.2.1",
@@ -45,20 +43,31 @@ homepage = "https://docs.mvt.re/en/latest/"
 repository = "https://github.com/mvt-project/mvt"
 
 [project.scripts]
-    mvt-ios = "mvt.ios:cli"
+mvt-ios = "mvt.ios:cli"
-    mvt-android = "mvt.android:cli"
+mvt-android = "mvt.android:cli"
+
+[dependency-groups]
+dev = [
+    "requests>=2.31.0",
+    "pytest>=7.4.3",
+    "pytest-cov>=4.1.0",
+    "pytest-github-actions-annotate-failures>=0.2.0",
+    "pytest-mock>=3.14.0",
+    "stix2>=3.0.1",
+    "ruff>=0.1.6",
+    "mypy>=1.7.1",
+    "betterproto[compiler]",
+]
 
 [build-system]
 requires = ["setuptools>=61.0"]
 build-backend = "setuptools.build_meta"
 
 [tool.coverage.run]
-omit = [
+omit = ["tests/*"]
-    "tests/*",
-]
 
 [tool.coverage.html]
-directory= "htmlcov"
+directory = "htmlcov"
 
 [tool.mypy]
 install_types = true
@@ -68,15 +77,13 @@ packages = "src"
 
 [tool.pytest.ini_options]
 addopts = "-ra -q --cov=mvt --cov-report html --junitxml=pytest.xml --cov-report=term-missing:skip-covered"
-testpaths = [
+testpaths = ["tests"]
-    "tests"
-]
 
 [tool.ruff.lint]
-select = ["C90", "E", "F", "W"]  # flake8 default set
+select = ["C90", "E", "F", "W"] # flake8 default set
 ignore = [
-    "E501",  # don't enforce line length violations
+    "E501", # don't enforce line length violations
-    "C901",  # complex-structure
+    "C901", # complex-structure
 
     # These were previously ignored but don't seem to be required:
     # "E265",  # no-space-after-block-comment
@@ -88,14 +95,14 @@ ignore = [
 ]
 
 [tool.ruff.lint.per-file-ignores]
-"__init__.py" = ["F401"]  # unused-import
+"__init__.py" = ["F401"] # unused-import
 
 [tool.ruff.lint.mccabe]
 max-complexity = 10
 
 [tool.setuptools]
 include-package-data = true
-package-dir = {"" = "src"}
+package-dir = { "" = "src" }
 
 [tool.setuptools.packages.find]
 where = ["src"]
@@ -104,4 +111,4 @@ where = ["src"]
 mvt = ["ios/data/*.json"]
 
 [tool.setuptools.dynamic]
-version = {attr = "mvt.common.version.MVT_VERSION"}
+version = { attr = "mvt.common.version.MVT_VERSION" }

src/mvt/android/artifacts/dumpsys_adb.py

@@ -21,22 +21,12 @@ class DumpsysADBArtifact(AndroidArtifact):
         stack = [res]
         cur_indent = 0
         in_multiline = False
-        # Normalize line endings to handle both Unix (\n) and Windows (\r\n)
+        for line in dump_data.strip(b"\n").split(b"\n"):
-        normalized_data = dump_data.replace(b"\r\n", b"\n").replace(b"\r", b"\n")
-        for line in normalized_data.strip(b"\n").split(b"\n"):
-            # Skip completely empty lines
-            if not line.strip():
-                continue
-
             # Track the level of indentation
             indent = len(line) - len(line.lstrip())
             if indent < cur_indent:
                 # If the current line is less indented than the previous one, back out
-                while len(stack) > 1 and indent < cur_indent:
+                stack.pop()
-                    stack.pop()
-                    # Check if we were in multiline mode and need to exit it
-                    if in_multiline and not isinstance(stack[-1], list):
-                        in_multiline = False
                 cur_indent = indent
             else:
                 cur_indent = indent
@@ -48,30 +38,12 @@ class DumpsysADBArtifact(AndroidArtifact):
 
             # Annoyingly, some values are multiline and don't have a key on each line
             if in_multiline:
-                if key == "" and len(vals) < 2:
+                if key == "":
                     # If the line is empty, it's the terminator for the multiline value
                     in_multiline = False
                     stack.pop()
-                    current_dict = stack[-1]
-                elif len(vals) >= 2 and (key in self.multiline_fields or key == "}" or vals[1] == b"{"):
-                    # If we encounter a new field while in multiline mode, exit multiline mode
-                    # and process this line as a new field
-                    in_multiline = False
-                    stack.pop()
-                    current_dict = stack[-1]
-                    # Don't continue here - let the line be processed as a new field
                 else:
-                    # When in multiline mode, the top of stack should be a list
+                    current_dict.append(line.lstrip())
-                    if isinstance(stack[-1], list):
-                        stack[-1].append(line.lstrip())
-                    else:
-                        # Something went wrong with the stack, exit multiline mode
-                        in_multiline = False
-                        current_dict = stack[-1]
-                    continue
-
-            # Skip lines that don't have a value after '='
-            if len(vals) < 2:
                 continue
 
             if key == "}":
@@ -161,16 +133,7 @@ class DumpsysADBArtifact(AndroidArtifact):
 
         # TODO: Parse AdbDebuggingManager line in output.
         start_of_json = content.find(b"\n{") + 2
-
+        end_of_json = content.rfind(b"}\n") - 2
-        # Handle both Unix (\n) and Windows (\r\n) line endings
-        end_of_json = content.rfind(b"}\n")
-        if end_of_json == -1:
-            end_of_json = content.rfind(b"}\r\n")
-            if end_of_json == -1:
-                self.log.error("Unable to find end of JSON block in dumpsys output")
-                return
-
-        end_of_json -= 2
         json_content = content[start_of_json:end_of_json].rstrip()
 
         parsed = self.indented_dump_parser(json_content)

src/mvt/android/modules/androidqf/files.py

@@ -112,18 +112,10 @@ class Files(AndroidQFModule):
 
     def run(self) -> None:
         if timezone := self._get_device_timezone():
-            try:
+            device_timezone = zoneinfo.ZoneInfo(timezone)
-                device_timezone = zoneinfo.ZoneInfo(timezone)
-            except zoneinfo.ZoneInfoNotFoundError:
-                self.log.warning("Device timezone '%s' not found, using UTC", timezone)
-                device_timezone = datetime.timezone.utc
         else:
             self.log.warning("Unable to determine device timezone, using UTC")
-            try:
+            device_timezone = zoneinfo.ZoneInfo("UTC")
-                device_timezone = zoneinfo.ZoneInfo("UTC")
-            except zoneinfo.ZoneInfoNotFoundError:
-                # Fallback for Windows systems where zoneinfo might not have UTC
-                device_timezone = datetime.timezone.utc
 
         for file in self._get_files_by_pattern("*/files.json"):
             rawdata = self._get_file_content(file).decode("utf-8", errors="ignore")

src/mvt/common/indicators.py

@@ -654,8 +654,7 @@ class Indicators:
             return None
 
         for ioc in self.get_iocs("processes"):
-            # Use os-agnostic path splitting to handle both Windows (\) and Unix (/) separators
+            parts = file_path.split("/")
-            parts = file_path.replace("\\", "/").split("/")
             if ioc["value"] in parts:
                 self.log.warning(
                     "Found known suspicious process name mentioned in file at "

src/mvt/ios/data/ios_versions.json

@@ -1135,5 +1135,9 @@
     {
         "version": "18.6",
         "build": "22G86"
+    },
+    {
+        "version": "18.6.1",
+        "build": "22G90"
     }
-]
+]

test-requirements.txt

@@ -1,9 +0,0 @@
-requests>=2.31.0
-pytest>=7.4.3
-pytest-cov>=4.1.0
-pytest-github-actions-annotate-failures>=0.2.0
-pytest-mock>=3.14.0
-stix2>=3.0.1
-ruff>=0.1.6
-mypy>=1.7.1
-betterproto[compiler]