# 17 September 2023
* Added macOS and Windows to the build CI, test fails for Windows because the test deletes the SQLite DB file, but Windows won't allow that claiming the file is still in use.
* Removed the `ssdeep` crate in favour of the `fuzzyhash` crate, since `ssdeep` wasn't building on Windows and `fuzzyhash` has no dependencies.
* Published latest changes to `malwaredb-lzjd` which uses newer dependencies, making the `Cargo.lock` smaller.
* Updated readme docs which will appear in on Crates.io for the sub-crates when next published.
# 10 September 2023
* Replaced [fltk-rs](https://github.com/fltk-rs/fltk-rs/) with [slint](https://github.com/slint-ui/slint). The UI is easier to work with.
* Additional admin SQL functions and data in the `admin:User` struct to be shown in the GUI.
* Update CI so the GUI components are included when ensuring the project builds and is tested with Clippy.
# 09 September 2023
* Trying to use Postgres in CI, but running into an issue where `psql` can't connect, but the output from Docker shows Postgres listening on 0.0.0.0:5432. Further work needed.
* Created the [data](https://github.com/malwaredb/data) repository, which will hold some SQL files for some data, starting with [VirusShare](https://virusshare.com/) zip file sources.
# 07 September 2023
* Initial work to report back to the client if a submitted file was actually processed or not.
# 04 September 2023
* Additional admin data: show number of files associated with Groups and Sources, number of Groups associated with a Source.
# 26 August 2023
* Submit files into MalwareDB from a zip file from the server admin CLI and the client application.
# 21 August 2023
* MalwareDB is now on [crates.io](https://crates.io/)!
* Install the client: `cargo install malwaredb-client`
* Install the server: `cargo install malwaredb --features=admin,sqlite,admin-gui` (remove any undesired features from the command).
# 19 August 2023
* Started work on admin GUI, installed with the `admin-gui` feature on the server.
* Uses [fltk-rs](https://github.com/fltk-rs/fltk-rs/) & [fltk](https://www.fltk.org/) since it's cross-platform and has the desired GUI widgets.
* Just shows some data, no CRUD (create, rename, update, delete) yet.
# 17 August 2023
* Read from Zip files, including password-protected Zips.
# 16 July 2023
* [Dockerfile](https://github.com/malwaredb/docker) in progress.
# 12 July 2023
* Client can walk one or more directories, including symbolic links.
* Added an option for maximum file size.
# 25 June 2023
* Similarity search using some similarity metrics implemented.
* DB info reports if the extensions are installed (currently required for Postgres).
# 16 June 2023
* Server now saves samples, if configured to do so.
* Files may now also be retrieved.
# 01 June 2023
* Rust 1.70 adds `OnceLock`, which allowed for the removal of the unsafe static variable for the global config! -- Removed, no longer needed. No more global variables.
* Still need some unsafe code to efficiently parse PE32 files in the types crate, unless I switch to the goblin crate.
# 30 May 2023
* Files can be inserted into the database! Still working out how to handle the trait for executable file types, and how to have that data inserted cleanly.
* Added a trait for `.entropy()` for a vector of bytes.
* Some better PDF parsing to see if there's Javascript, forms; get author, title, and number of pages.
# 16 May 2023
* Started work on figuring out how to handle file type detection where the parsers and types in the `types` sub-crate may not be the supported files in the `filetype` database table.
* This so far is well decoupled, so the `types` sub-crate doesn't know about databases, HTTP, etc.
* The new `types::KnownType` enum will expose the format-specific data to the `server` crate so the extracted data can be saved to the database.
* Still need to figure out the similarity hashing situation, so that LZJD, SSDeep, SDHash, TLSH, and possibly others can easily be used by Rust.
# 14 May 2023
* Server finds it's config file in this order for all OSes:
* `~/.mdb_server/mdb_config.toml` for instances where the config is desired to be in the service account's home directory
* `/etc/mdb_server/mdb_config.toml` intended for Linux
* `/usr/local/etc/mdb_server/mdb_config.toml` intended for FreeBSD
* Run `./mdb_server run load <PATH_TO_FILE>` to provide the config file path
* Run `./mdb_server run config [-p <PORT>] [--ip <IP_ADDR>] [--dir <PATH_TO_FILES_DIR>] -db <DB_CONFIG_STRING>`
* Default IP is `127.0.0.1`
* No storage directory means MalwareDB won't save the samples it receives
* The database config string format: `"postgres user=usernamehere password=passwordhere dbname=thedatabasename host=localhost`
* The config files are in a custom directory since we'll probably need to store SSL cert and key as well, possibly other information.
* Admin features so far (when compiled with `cargo build --features=admin`):
* Create & list users
* Create & list groups
* Create & list sources
* List supported data types
* Missing: adding, removing user accounts to groups; adding, removing access to sources to various groups.
* Client features so far:
* Login (get API key, save API key and server URL in a config file at `~/.mdb_client.toml`)
* Show information about self: user ID, user name, group memberships, usable sources
* Show some server information (total number of files, memory/disk used, component versions, uptime)
* Show supported data types
* Some initial work is in place to handle files once received, but that's not implemented yet.
# 23 April 2023
* Users can login, get the API key to the local MDB client config.
* Trait `HashPath` for easy creation of a relative path based on a SHA-256 hash.
* Moved LZJD, Murmur hashes from rjzak account to MalwareDB org.
# 16 April 2023
* Get, display server stats.
* Finding global config for MDB server.
* Database pool for Postgres connection.
* Figured out how to return JSON with Axum.
* Figured out how to handle DB connections with Axum, but had to get rid of `DatabaseConnection` trait due to complexitied of having a trait with `async` functions, and that the [async-trait](https://crates.io/crates/async-trait) crate adds weirdness to data returned by the async functions.
# 11 April 2023
* Looking at using the `clap_complete` crate to generate shell autocompletion scripts. Didn't work when tested, but will investigate.
# 09 April 2023
* Postgres and SQLite are able to create users, login (get API key), reset all API keys, change passwords.
* `mdb_server` may have admin capabilities if compiled with `--features=admin`. SQLite support is also gated behind a feature flag, `--features=sqlite`.
* Unit tests are focused on SQLite for ease, but also exist for Postgres. Run with `cargo test -- --ignored`. Requires a database with username, password, and db name: "malwaredbtesting" on localhost.
* All crates have `pub const MDB_VERSION: &str = env!("CARGO_PKG_VERSION");` at the root level for future API use, to help ensure the client, server, and any future use can make sure the versions are the same before trying to make or interpret requests.
# 18 March 2023
* Refactored the code to prepare for client/server development. The `api` sub-crate will hold the common data structures used for communication.
* There will be only one `types` crate for all supported data formats, instead of the original plan of sub-crate per class of formats.
# 16 March 2023
* Trying to parse ELF imports is proving to be rather difficult!
* [Goblin](https://docs.rs/goblin/latest/goblin/) seems to be a well-supported and feature-rich crate, but I haven't figured out how to match the imported function to the library, so I [asked](https://github.com/m4b/goblin/issues/363).
# 19 Feb 2023
* Initial commit.