Release/v2.11.0

.github/workflows/black.yml

@@ -11,3 +11,5 @@ jobs:
         with:
           options: "--check --diff --verbose"
           src: "./volatility3"
+          # FIXME: Remove when Volatility3 minimum Python version is >3.8
+          version: "24.8.0"

.github/workflows/build-pypi.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-20.04
     strategy:
       matrix:
-        python-version: ["3.7"]
+        python-version: ["3.8"]
     steps:
     - uses: actions/checkout@v4
     - name: Set up Python ${{ matrix.python-version }}

.github/workflows/install.yml

@@ -8,7 +8,7 @@ jobs:
       fail-fast: false
       matrix:
         host: [ ubuntu-latest, windows-latest ]
-        python-version: [ "3.7", "3.8", "3.9", "3.10", "3.11" ]
+        python-version: [ "3.8", "3.9", "3.10", "3.11" ]
     steps:
     - uses: actions/checkout@v4
 

.github/workflows/test.yaml

@@ -6,7 +6,7 @@ jobs:
     runs-on: ubuntu-20.04
     strategy:
       matrix:
-        python-version: ["3.7"]
+        python-version: ["3.8"]
     steps:
     - uses: actions/checkout@v4
     - name: Set up Python ${{ matrix.python-version }}
@@ -46,7 +46,7 @@ jobs:
 
     - name: Clean up post-test
       run: |
-        rm -rf *.lime
+        rm -rf *.bin
         rm -rf *.img
         cd volatility3/symbols
         rm -rf linux

README.md

@@ -20,7 +20,7 @@ more details.
 
 ## Requirements
 
-Volatility 3 requires Python 3.7.3 or later. To install the most minimal set of dependencies (some plugins will not work) use a command such as:
+Volatility 3 requires Python 3.8.0 or later. To install the most minimal set of dependencies (some plugins will not work) use a command such as:
 
 ```shell
 pip3 install -r requirements-minimal.txt
@@ -106,7 +106,7 @@ The latest generated copy of the documentation can be found at: <https://volatil
 
 ## Licensing and Copyright
 
-Copyright (C) 2007-2024 Volatility Foundation
+Copyright (C) 2007-2025 Volatility Foundation
 
 All Rights Reserved
 

doc/requirements.txt

@@ -4,5 +4,6 @@ sphinx_autodoc_typehints>=1.4.0
 sphinx-rtd-theme>=0.4.3
 
 yara-python
+yara-x
 pycryptodome
 pefile

doc/source/conf.py

@@ -169,7 +169,7 @@ def setup(app):
 
 # General information about the project.
 project = "Volatility 3"
-copyright = "2012-2024, Volatility Foundation"
+copyright = "2012-2025, Volatility Foundation"
 
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the

doc/source/getting-started-linux-tutorial.rst

@@ -11,6 +11,7 @@ Volatility3 does not provide the ability to acquire memory.  Below are some exam
 * `AVML - Acquire Volatile Memory for Linux <https://github.com/microsoft/avml>`_
 * `LiME - Linux Memory Extract <https://github.com/504ensicsLabs/LiME>`_
 
+Be aware that LiME raw format is not supported by volatility3, the padded or lime option should be used instead. `This issue contains further information <https://github.com/504ensicsLabs/LiME/issues/111>`_.
 
 Procedure to create symbol tables for linux
 --------------------------------------------

pyproject.toml

@@ -6,7 +6,7 @@ readme = "README.md"
 authors = [
     { name = "Volatility Foundation", email = "[email protected]" },
 ]
-requires-python = ">=3.7.3"
+requires-python = ">=3.8.0"
 license = { text = "VSL" }
 dynamic = ["dependencies", "optional-dependencies", "version"]
 

requirements.txt

@@ -9,7 +9,8 @@ yara-python>=3.8.0
 
 # This is required for several plugins that perform malware analysis and disassemble code.
 # It can also improve accuracy of Windows 8 and later memory samples.
-capstone>=3.0.5
+# FIXME: Version 6.0.0 is incompatible (#1336) so we'll need an adaptor at some point
+capstone>=3.0.5,<6.0.0
 
 # This is required by plugins that decrypt passwords, password hashes, etc.
 pycryptodome
@@ -19,4 +20,4 @@ leechcorepyc>=2.4.0; sys_platform != 'darwin'
 
 # This is required for memory analysis on a Amazon/MinIO S3 and Google Cloud object storage
 gcsfs>=2023.1.0
-s3fs>=2023.1.0
+s3fs>=2023.1.0