Skip to content

My first package walk through

MalwareMechanic edited this page Nov 29, 2022 · 8 revisions

You're missing a good analysis tools in this package repository? See below on how you can create the package via a GitHub issue or manually with the support of a package template script.

Manual package creation is the more versatile route and could lead to faster results if you're already familiar with the package structure and installation functions.

However, the issue driven package creation, can fully streamline the addition of a new tool. In the best case:

  • You submit an issue with the required package metadata
  • A package pull request gets automatically created, after a maintainer approves it
  • The package gets tested and pushed to the package feed

For more details on how to contribute please see the other Wiki pages.

Legal

To adhere to distribution rights, we only use packages that obtain files from the web at runtime and install them. No package in this project is self-contained (i.e., they do NOT contain the actual binaries). See this page for Chocolatey's legal details.

Automatic package pull request via new issue

  • Go to Issues - New Issue
  • Select the appropriate package type
    • For packages that install another package via dependencies select "NEW METAPACKAGE"
    • For all other packages select "NEW PACKAGE"
  • Fill out the required fields
    • For the URL please prefer a link that is version specific and unlikely to change (this reduces maintenance)
  • Submit your new issue
  • A maintainer will review your submission and label it for automatic package creation
    • The automated processing includes linting and testing
  • If changes are required, download the created branch and modify it locally

Manual package creation using Python template script

  • Find the appropriate package type
    • See supported options via $ python scripts/utils/create_package_template.py --type
    • Also see $python scripts/utils/create_package_template.py -h for detailed usage information
  • See required arguments via $ python scripts/utils/create_package_template.py --type <package_type>
  • Provide required arguments, for example for:
    • Type METAPACKAGE
    $ python scripts/utils/create_package_template.py \
      --type METAPACKAGE \
      --pkg_name dnspyex \
      --tool_name dnSpyEx \
      --version 6.2.0 \
      --category dotNet \
      --authors '0xd4d, ElektroKill' \
      --description 'dnSpyEx is ...' \
      --dependency 'dnSpyEx' \
      --shim_path '%PROGRAMDATA%\chocolatey\bin\dnSpy.exe'
    
    • Type ZIP_EXE
    $ python scripts/utils/create_package_template.py \
      --type ZIP_EXE \
      --pkg_name floss \
      --tool_name flare-floss \
      --version 2.1.0 \
      --authors Mandiant \
      --description 'FLOSS ...' \
      --category Utilities \
      --target_url https://github.com/mandiant/flare-floss/releases/download/v2.1.0/floss-v2.1.0-windows.zip \
      --target_hash 925df10403b45e29914e44ac50d92d762b2b2499c11cdd1801888aac95b53eb7
    
    • Alternatively, use the --raw option to create package template files using placeholder data
  • Ensure scripts and package meet code and structure requirements
    • See the Wiki
    • Lint PowerShell code: PS scripts/test/lint.ps1 (requires psscriptanalyzer, see lint.ps1 contents)
    • Lint all packages $ python scripts/test/lint.py packages
  • Test package installation
    • PS scripts/test/test_install.ps1 "common.vm <package>"
  • Test package uninstallation
    • PS scripts/test/test_uninstall.ps1 <package>
  • If required: modify package to fix issues
  • Submit a pull request
    • Lints and test run automatically for each pull request, they must succeed before pull requests can be accepted

Manual package creation based on existing package

  • Identify an existing package that's installed similarly to your tool
  • Copy package data and modify where appropriate
  • See steps on linting, testing, and submitting above