From b369d65ffeff31392040da45f4b3b8ef2787ed27 Mon Sep 17 00:00:00 2001
From: kmathisbf <82833266+kmathisbf@users.noreply.github.com>
Date: Tue, 7 Oct 2025 10:42:47 -0400
Subject: [PATCH 1/3] Fix signify changes with 0.9 release

---
 src/thrember/features.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/thrember/features.py b/src/thrember/features.py
index fbfc8c6..f89a87f 100644
--- a/src/thrember/features.py
+++ b/src/thrember/features.py
@@ -25,7 +25,7 @@
 import pefile
 from sklearn.feature_extraction import FeatureHasher
 import signify
-from signify.authenticode import SignedPEFile
+from signify.authenticode.signed_file import SignedPEFile
 from datetime import datetime
 
 
@@ -114,7 +114,7 @@ def __init__(self):
     def raw_features(self, bytez, pe):
         counts = np.bincount(np.frombuffer(bytez, dtype=np.uint8), minlength=256)
         return counts.tolist()
-    
+
     def process_raw_features(self, raw_obj):
         counts = np.array(raw_obj, dtype=np.float32)
         sum = counts.sum()
@@ -997,7 +997,7 @@ def __init__(self, warnings_file: Path):
         self.warning_prefixes = set()
         self.warning_suffixes = set()
         self.warning_ids = {}
-        
+
         if isinstance(warnings_file, Path) and warnings_file.exists():
             with open(warnings_file, "r") as f:
                 i = 0

From 0495b4877b3b135499c7b77603f791a8381fe4b5 Mon Sep 17 00:00:00 2001
From: kmathisbf <82833266+kmathisbf@users.noreply.github.com>
Date: Tue, 7 Oct 2025 14:30:54 -0400
Subject: [PATCH 2/3] Update signify iterator

---
 src/thrember/features.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/thrember/features.py b/src/thrember/features.py
index f89a87f..8cea30b 100644
--- a/src/thrember/features.py
+++ b/src/thrember/features.py
@@ -932,7 +932,7 @@ def raw_features(self, bytez, pe):
         }
         try:
             signed_pe = SignedPEFile(io.BytesIO(bytez))
-            for signed_data in signed_pe.iter_signed_datas():
+            for signed_data in signed_pe.iter_embedded_signatures():
                 raw_obj["num_certs"] += 1
                 if signed_data.signer_info.program_name is None:
                     raw_obj["empty_program_name"] = 1

From 173b9f39e42fded3b78d37f4ff4234a2085ea420 Mon Sep 17 00:00:00 2001
From: kmathisbf <82833266+kmathisbf@users.noreply.github.com>
Date: Tue, 7 Oct 2025 15:43:49 -0400
Subject: [PATCH 3/3] Bump signify version to 0.9.1 to support updated API spec

---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index a2044a6..d5dd00e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -14,7 +14,7 @@ dependencies = [
     "polars>=1.8.2",
     "scikit-learn>=1.5.1",
     "tqdm>=4.66.5",
-    "signify>=0.7.1",
+    "signify>=0.9.1",
     "huggingface_hub>=0.32.4",
     "matplotlib>=3.10.3",
     "lightgbm>=4.6.0",