- Fixes dead code warning when yara-scanning feature is not enabled
- read_process_memory is only used by scan_process which requires yara-scanning feature
When add_rules_str() fails, the compiler is already consumed.
Changed from 'continue' to 'return Err' to avoid trying to use
the moved compiler in the next loop iteration. This properly
handles the builder pattern where the value is consumed on error.
The add_rules_str() method consumes self and returns a new Compiler,
following a builder pattern. Updated to reassign the returned compiler
instead of treating it as a mutable method.
This fixes the compilation error when building with yara-scanning feature.
- Add allow dead_code to unused helper function
- Remove redundant PID assertion in macOS test
- All clippy checks pass with -D warnings
- All tests passing (33/33)
Fixed issues:
- Corrected Welford's online algorithm for variance calculation
- Added NaN and infinity guards to prevent invalid calculations
- Added Serialize/Deserialize traits to AnomalyScore and ProcessProfile
Added functionality:
- Profile persistence with save_profiles() and load_profiles()
- Global baseline computation from all process profiles
- Profile cleanup method to remove stale profiles
- Additional utility methods for profile management
- Replace add_rules_str_with_namespace with add_rules_str to avoid move semantics issues
- Simplify error handling in rule compilation loop
- This should resolve the E0382 use of moved value error
- Fix '?' operator error in detection.rs by proper error handling without changing return type
- Fix EbpfError::RuntimeError to use existing EventProcessingError variant
- Make compiler mutable in yara_engine.rs to fix move errors
- Add missing evasion_analysis field to DetectionResult struct
- Fix identifier clone issue in YARA rule matching
These fixes resolve the E0277, E0382, and E0599 compilation errors.
- Replace unwrap() in detection.rs runtime creation with error handling
- Fix expect() in Default impl with proper panic message
- Replace unwrap() in streaming.rs mutex locks with error handling
- Replace unwrap() in ebpf.rs ring buffer locks with error handling
- Fix unwrap() in hooks.rs CString creation with error handling
- Remove needless borrows in yara_engine.rs iterators
- Apply cargo fmt formatting across all files
All changes maintain functional behavior while improving error handling robustness.
