From 28c42097b34334399da49c90aeaabaa5c080e1be Mon Sep 17 00:00:00 2001 From: Ana Maria Martinez Gomez Date: Thu, 16 May 2024 12:29:56 +0200 Subject: [PATCH] Add NEW NPM PACKAGE issue template Add new issue template to propose the addition of a new package/tool that is installed from the JavaScript Package Registry installed with `npm install -g `. The new issue template supports the `send PR` automation to create new packages automatically. --- .github/ISSUE_TEMPLATE/new_IDA_plugin.yml | 8 +- .github/ISSUE_TEMPLATE/new_metapackage.yml | 4 +- .github/ISSUE_TEMPLATE/new_node_package.yml | 127 ++++++++++++++++++++ .github/ISSUE_TEMPLATE/new_package.yml | 8 +- 4 files changed, 137 insertions(+), 10 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/new_node_package.yml diff --git a/.github/ISSUE_TEMPLATE/new_IDA_plugin.yml b/.github/ISSUE_TEMPLATE/new_IDA_plugin.yml index 5f46c2972..cb413d6b2 100644 --- a/.github/ISSUE_TEMPLATE/new_IDA_plugin.yml +++ b/.github/ISSUE_TEMPLATE/new_IDA_plugin.yml @@ -1,6 +1,6 @@ name: 🆕 NEW IDA PLUGIN -description: Propose the addition of a new IDA plugin. -title: "Package proposal: .vm" +description: Propose the addition of a new IDA plugin +title: "IDA plugin proposal: .vm" labels: [":new: package", ":curly_haired_woman: IDA", ":cyclone: FLARE-VM"] body: - type: markdown @@ -42,7 +42,7 @@ body: attributes: label: Version description: | - Plugin's version number. Example: `1.4.11`. + Plugin's version number. Example: `1.4.11`. See the [_Version_ documentation in our wiki](https://github.com/mandiant/VM-Packages/wiki/Package-Structure#version) for more details. placeholder: ex. 1.4.11 validations: required: true @@ -95,4 +95,4 @@ body: attributes: value: | --- - We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this plugin as fast as you may like. To speed up the process, please fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: + We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this plugin as fast as you may like. To speed up the process, please select the correct issue template and fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: diff --git a/.github/ISSUE_TEMPLATE/new_metapackage.yml b/.github/ISSUE_TEMPLATE/new_metapackage.yml index f382a92b0..29a677c8a 100644 --- a/.github/ISSUE_TEMPLATE/new_metapackage.yml +++ b/.github/ISSUE_TEMPLATE/new_metapackage.yml @@ -40,7 +40,7 @@ body: attributes: label: Version description: | - Tool's version number. Example: `1.4.11`. + Tool's version number. Example: `1.4.11`. See the [_Metapackages Version_ documentation in our wiki](https://github.com/mandiant/VM-Packages/wiki/Package-Structure#metapackages) for more details. placeholder: ex. 1.4.11 validations: required: true @@ -131,4 +131,4 @@ body: attributes: value: | --- - We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this tool as fast as you may like. To speed up the process, please fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: + We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this tool as fast as you may like. To speed up the process, please select the correct issue template and fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: diff --git a/.github/ISSUE_TEMPLATE/new_node_package.yml b/.github/ISSUE_TEMPLATE/new_node_package.yml new file mode 100644 index 000000000..55e382261 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/new_node_package.yml @@ -0,0 +1,127 @@ +name: 🆕 NEW NPM PACKAGE +description: Propose the addition of a new package/tool that is installed from the JavaScript Package Registry installed with npm +title: "npm package proposal: .vm" +labels: [":new: package"] +body: + - type: markdown + attributes: + value: | + Thanks for contributing to [VM-Packages](https://github.com/mandiant/VM-Packages), your package proposal supports tools available for [FLARE-VM](https://github.com/mandiant/flare-vm) and [CommandoVM](https://github.com/mandiant/commando-vm)! :cupid: Please ensure that your suggested tool doesn't already exist within the set of [current packages](https://github.com/mandiant/VM-Packages/tree/main/packages) and that there is no [issue](https://github.com/mandiant/VM-Packages/issues?q=is%3Aopen+is%3Aissue+label%3A%22%3Anew%3A+package%22) proposal already. If the tool is not related malware analysis, incident response, penetration testing and other security related tasking, consider using directly the [Chocolatey community package](https://community.chocolatey.org/packages) if there is one for the tool. + - type: input + id: pkg_name + attributes: + label: Package Name + description: | + The convention is to use lowercase names with the following format: `toolname` or `tool-name` and without `.vm` appended. Example: `js-deobfuscator`. **Please add this name to the issue title as well** (keep the `.vm` in the title). + placeholder: ex. js-deobfuscator + validations: + required: true + - type: input + id: tool_name + attributes: + label: Tool Name + description: | + The name of the tool being installed with `npm install -g `, normally the same as the package name for tools installed with npm. Example: `js-deobfuscator`. + placeholder: ex. js-deobfuscator + validations: + required: true + - type: dropdown + id: type + validations: + required: true + attributes: + label: Package type + description: | + - **`NODE`** - A Node tool from the Javascript Package Registry installed with `npm install -g `. + + For other types of tools, use a different issue template. + options: + - NODE + - type: input + id: version + attributes: + label: Version + description: | + Use the following scheme and today's date, as we install the latest version with npm: `0.0.0.YYYYMMDD`. Example: `0.0.0.20240513`. See the [_Version_ documentation in our wiki](https://github.com/mandiant/VM-Packages/wiki/Package-Structure#version) for more details. + placeholder: ex. 0.0.0.20240513 + validations: + required: true + - type: dropdown + id: category + validations: + required: true + attributes: + label: Category + description: Which category should this tool be installed to? + options: + - Command & Control + - Credential Access + - Debuggers + - Delphi + - Disassemblers + - dotNet + - Documents + - Exploitation + - File Information + - Forensic + - Hex Editors + - InnoSetup + - Java & Android + - Javascript + - Lateral Movement + - Memory + - Networking + - Packers + - Payload Development + - PE + - Persistence + - Privilege Escalation + - Productivity Tools + - Reconnaissance + - Registry + - Shellcode + - Utilities + - Visual Basic + - Web Application + - Wordlists + - type: input + id: authors + attributes: + label: Tool's authors + description: | + Comma separated list of the tool's authors. Example: `Elmo, Bert, Grover, Cookie Monster`. + placeholder: ex. Elmo, Bert, Grover, Cookie Monster + validations: + required: true + - type: input + id: description + validations: + required: true + attributes: + label: Tool's description + description: | + The tool description should be short and not include version specific details or other information that is likely to change in a future version. Example: `Deobfuscator to remove common JS obfuscation techniques.`. + - type: input + id: dependencies + attributes: + label: Dependencies + description: | + The dependencies (tools/libraries that need to be installed) needed for installing or using this tool, for example if a concrete version of Node JS is needed. + placeholder: ex. nodejs >= 20.7 + - type: textarea + id: why + attributes: + label: Why is this tool a good addition? + description: Tell us why you would like to have this package in FLARE-VM/CommandoVM and how this tool is useful for malware analysis, incident response, penetration testing and other security related tasking. Adding new packages involves more maintenance work, tell us what is unique about this tool that can not be done with the current toolset. + validations: + required: true + - type: textarea + id: info + attributes: + label: Extra information + description: Tell us any other extra information that may be useful to create the package. + - type: markdown + attributes: + value: | + --- + We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this tool as fast as you may like. To speed up the process, please select the correct issue template and fill the issue accurately as this may allow our bot to send an automatic PR. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: diff --git a/.github/ISSUE_TEMPLATE/new_package.yml b/.github/ISSUE_TEMPLATE/new_package.yml index 3a01feb9d..47039acad 100644 --- a/.github/ISSUE_TEMPLATE/new_package.yml +++ b/.github/ISSUE_TEMPLATE/new_package.yml @@ -1,6 +1,6 @@ -name: 🆕 NEW PACKAGE +name: 🆕 NEW PACKAGE from URL description: Propose the addition of a new package/tool that is installed from a URL -title: "Package proposal: .vm" +title: "URL package proposal: .vm" labels: [":new: package"] body: - type: markdown @@ -58,7 +58,7 @@ body: attributes: label: Version description: | - Tool's version number. Example: `1.4.11`. + Tool's version number. Example: `1.4.11`. See the [_Version_ documentation in our wiki](https://github.com/mandiant/VM-Packages/wiki/Package-Structure#version) for more details. placeholder: ex. 1.4.11 validations: required: true @@ -156,4 +156,4 @@ body: attributes: value: | --- - We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this tool as fast as you may like. To speed up the process, please fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: + We really appreciate that you share your package idea with us and we will review your issue as soon as possible. Please understand that our time is limited and we may not be able to create a package for this tool as fast as you may like. To speed up the process, please select the correct issue template and fill the issue accurately as this may allow our bot to send an automatic PR. Note that this may not work for all cases. You can check our [Contributing Wiki page](https://github.com/mandiant/VM-Packages/wiki/Contributing) and send a pull request with the new package. We encourage the community to help us create new packages and to maintain existing ones. Join us! :hugs: