0.6.3

0.6.3/.buildinfo

@@ -0,0 +1,4 @@
+# Sphinx build info version 1
+# This file hashes the configuration used when building these files. When it is not found, a full rebuild will be done.
+config: 89095c7e8ca5cc5c9e72e464ce61fdb5
+tags: 645f666f9bcd5a90fca523b33c5a78b7

0.6.3/_images/trace.svg

@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?><svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" contentScriptType="application/ecmascript" contentStyleType="text/css" height="343px" preserveAspectRatio="none" style="width:465px;height:343px;background:#FFFFFF;" version="1.1" viewBox="0 0 465 343" width="465px" zoomAndPan="magnify"><defs><filter height="300%" id="f1ifdi7fec0v69" width="300%" x="-1" y="-1"><feGaussianBlur result="blurOut" stdDeviation="2.0"/><feColorMatrix in="blurOut" result="blurOut2" type="matrix" values="0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 .4 0"/><feOffset dx="4.0" dy="4.0" in="blurOut2" result="blurOut3"/><feBlend in="SourceGraphic" in2="blurOut3" mode="normal"/></filter></defs><g><!--MD5=[df86c7edb43ffccca5c77127fc172015]
+class Trace--><rect codeLine="3" fill="#FEFECE" filter="url(#f1ifdi7fec0v69)" height="132.8281" id="Trace" style="stroke:#A80036;stroke-width:1.5;" width="208" x="7" y="7"/><ellipse cx="90.25" cy="23" fill="#FF7700" rx="11" ry="11" style="stroke:#A80036;stroke-width:1.0;"/><path d="M90.6875,20.5313 L92.5313,20.5313 L92.5313,22.125 C92.5313,22.5156 92.5625,22.6875 92.6563,22.8281 C92.8125,23.0781 93.0938,23.2344 93.3906,23.2344 C93.6563,23.2344 93.9063,23.1094 94.0781,22.8906 C94.2188,22.7188 94.2344,22.5938 94.2344,22.125 L94.2344,18.8438 L85.4688,18.8438 L85.4688,22.125 C85.4688,22.5156 85.5,22.6875 85.5781,22.8281 C85.7344,23.0938 86.0313,23.2344 86.3125,23.2344 C86.5938,23.2344 86.8438,23.1094 87.0156,22.8906 C87.125,22.7188 87.1563,22.5781 87.1563,22.125 L87.1563,20.5313 L88.9844,20.5313 L88.9844,27.0469 L87.875,27.0469 C87.4375,27.0469 87.3125,27.0625 87.1563,27.1719 C86.9063,27.3281 86.75,27.6094 86.75,27.9063 C86.75,28.1563 86.8906,28.4219 87.1094,28.5781 C87.2656,28.7031 87.4844,28.75 87.875,28.75 L91.8125,28.75 C92.1406,28.75 92.4063,28.7031 92.5156,28.625 C92.7813,28.4844 92.9219,28.1875 92.9219,27.9063 C92.9219,27.625 92.7969,27.375 92.5625,27.2031 C92.4063,27.0781 92.2656,27.0469 91.8125,27.0469 L90.6875,27.0469 L90.6875,20.5313 Z " fill="#000000"/><text fill="#000000" font-family="sans-serif" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="33" x="110.75" y="27.1543">Trace</text><line style="stroke:#A80036;stroke-width:1.5;" x1="8" x2="214" y1="39" y2="39"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" text-decoration="underline" textLength="47" x="13" y="53.2104">String id</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" text-decoration="underline" textLength="70" x="13" y="66.0151">String name</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" text-decoration="underline" textLength="70" x="13" y="78.8198">String[] path</text><line style="stroke:#A80036;stroke-width:1.0;stroke-dasharray:1.0,2.0;" x1="8" x2="214" y1="85.4141" y2="85.4141"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" textLength="196" x="13" y="99.6245">Map&lt;Type, Properties&gt; properties</text><line style="stroke:#A80036;stroke-width:1.0;stroke-dasharray:1.0,2.0;" x1="8" x2="214" y1="106.2188" y2="106.2188"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" textLength="106" x="13" y="120.4292">List&lt;DataStream&gt;</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" textLength="118" x="13" y="133.2339">List&lt;Trace&gt; children</text><!--MD5=[50cd0ce30480505486a438a40998d2af]
+class DataStream--><rect codeLine="14" fill="#FEFECE" filter="url(#f1ifdi7fec0v69)" height="112.0234" id="DataStream" style="stroke:#A80036;stroke-width:1.5;" width="131" x="45.5" y="217"/><ellipse cx="72.65" cy="233" fill="#DA70D6" rx="11" ry="11" style="stroke:#A80036;stroke-width:1.0;"/><path d="M70.1656,236.2969 C69.5094,236.2969 69.1188,236.6094 69.1188,237.1563 C69.1188,237.4063 69.2594,237.6719 69.4781,237.8281 C69.6344,237.9531 69.8531,238 70.2594,238 L73.7281,238 C75.2125,238 76.2281,237.6094 77.0563,236.7188 C77.8375,235.9063 78.2438,234.8594 78.2438,233.6094 L78.2438,232.8125 C78.2438,230.1406 76.3531,228.0938 73.8688,228.0938 L70.2594,228.0938 C69.8063,228.0938 69.6813,228.1094 69.525,228.2031 C69.275,228.3594 69.1188,228.6563 69.1188,228.9375 C69.1188,229.4844 69.4938,229.7813 70.1656,229.7813 L70.1656,236.2969 Z M71.8531,236.2969 L71.8531,229.7813 L73.7281,229.7813 C74.6344,229.7813 75.275,230.0625 75.7906,230.6563 C76.275,231.2344 76.5563,231.9844 76.5563,232.7813 L76.5563,233.5625 C76.5563,234.4375 76.3219,235.0313 75.8531,235.5469 C75.3219,236.0938 74.7594,236.2969 73.7438,236.2969 L71.8531,236.2969 Z " fill="#000000"/><text fill="#000000" font-family="sans-serif" font-size="12" font-style="italic" lengthAdjust="spacing" textLength="72" x="89.35" y="237.1543">DataStream</text><line style="stroke:#A80036;stroke-width:1.5;" x1="46.5" x2="175.5" y1="249" y2="249"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" text-decoration="underline" textLength="63" x="51.5" y="263.2104">String type</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" text-decoration="underline" textLength="73" x="51.5" y="276.0151">String length</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" text-decoration="underline" textLength="63" x="51.5" y="288.8198">byte[] data</text><line style="stroke:#A80036;stroke-width:1.0;stroke-dasharray:1.0,2.0;" x1="46.5" x2="175.5" y1="295.4141" y2="295.4141"/><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" textLength="84" x="51.5" y="309.6245">String fileType</text><text fill="#000000" font-family="sans-serif" font-size="11" lengthAdjust="spacing" textLength="119" x="51.5" y="322.4292">Properties properties</text><!--MD5=[fb06886e19d901fa862b82bf8e3130a2]
+reverse link Trace to Trace--><path codeLine="23" d="M228.466,57.056 C241.545,60.165 250,65.646 250,73.5 C250,83.758 235.576,89.969 215.264,92.132 " fill="none" id="Trace-backto-Trace" style="stroke:#A80036;stroke-width:1.0;"/><polygon fill="#A80036" points="215.264,54.868,220.5291,59.7953,227.1025,56.8303,221.8373,51.903,215.264,54.868" style="stroke:#A80036;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="196" x="256" y="78.0669">a trace could have child traces</text><!--MD5=[1c8c088d66d441b7bb3e5365796f8ca5]
+reverse link Trace to DataStream--><path codeLine="24" d="M111,153.292 C111,174.542 111,197.079 111,216.741 " fill="none" id="Trace-backto-DataStream" style="stroke:#A80036;stroke-width:1.0;"/><polygon fill="#A80036" points="111,140.265,107,146.265,111,152.265,115,146.265,111,140.265" style="stroke:#A80036;stroke-width:1.0;"/><text fill="#000000" font-family="sans-serif" font-size="13" lengthAdjust="spacing" textLength="209" x="112" y="183.0669">a trace could have data streams</text><!--MD5=[301865a2716401ae266beb548d3a6457]
+@startuml
+hide empty methods
+
+    Interface Trace << (T,#FF7700 >> {
+      {static} String id
+      {static} String name
+      {static} String[] path
+      ..
+      Map<Type, Properties> properties
+      ..
+      List<DataStream>
+      List<Trace> children
+    }
+
+    Interface DataStream  << (D,orchid>> {
+      {static} String type
+      {static} String length
+      {static} byte[] data
+      ..
+      String fileType
+      Properties properties
+    }
+
+    Trace *- - Trace : a trace could have child traces
+    Trace *- - DataStream : a trace could have data streams
+@enduml
+
+PlantUML version 1.2021.11beta6(Unknown compile time)
+(GPL source distribution)
+Java Runtime: Java(TM) SE Runtime Environment
+JVM: Java HotSpot(TM) 64-Bit Server VM
+Default Encoding: UTF-8
+Language: en
+Country: US
+--></g></svg>

0.6.3/_modules/hansken_extraction_plugin/api/data_context.html

@@ -0,0 +1,128 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.data_context &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.data_context</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.data_context</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;This module contains the definition of the DataContext.&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">dataclasses</span> <span class="kn">import</span> <span class="n">dataclass</span>
+
+
+<div class="viewcode-block" id="DataContext"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.data_context.html#hansken_extraction_plugin.api.data_context.DataContext">[docs]</a><span class="nd">@dataclass</span><span class="p">(</span><span class="n">frozen</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+<span class="k">class</span> <span class="nc">DataContext</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;This class contains the data context of a plugin that is processing a trace.&quot;&quot;&quot;</span>
+
+    <span class="n">data_type</span><span class="p">:</span> <span class="nb">str</span>  <span class="c1">#: the named data type that is being processed</span>
+    <span class="n">data_size</span><span class="p">:</span> <span class="nb">int</span>  <span class="c1">#: the size / total length of the data stream that is being processed</span>
+
+    <span class="k">def</span> <span class="fm">__eq__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">other</span><span class="p">):</span>
+        <span class="c1"># override the default equality check, a subclass is considered equal as long as it matches all the fields this</span>
+        <span class="c1"># type describes</span>
+        <span class="k">return</span> <span class="nb">isinstance</span><span class="p">(</span><span class="n">other</span><span class="p">,</span> <span class="n">DataContext</span><span class="p">)</span> <span class="ow">and</span> <span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">data_type</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">data_size</span><span class="p">)</span> <span class="o">==</span> <span class="p">(</span><span class="n">other</span><span class="o">.</span><span class="n">data_type</span><span class="p">,</span> <span class="n">other</span><span class="o">.</span><span class="n">data_size</span><span class="p">)</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/extraction_plugin.html

@@ -0,0 +1,181 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.extraction_plugin &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.extraction_plugin</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.extraction_plugin</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">This module contains the different types of Extraction Plugins.</span>
+
+<span class="sd">The types of Extraction Plugins differ in their process functions.</span>
+<span class="sd">&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">abc</span> <span class="kn">import</span> <span class="n">ABC</span><span class="p">,</span> <span class="n">abstractmethod</span>
+
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.data_context</span> <span class="kn">import</span> <span class="n">DataContext</span>
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.extraction_trace</span> <span class="kn">import</span> <span class="n">ExtractionTrace</span><span class="p">,</span> <span class="n">MetaExtractionTrace</span>
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.plugin_info</span> <span class="kn">import</span> <span class="n">PluginInfo</span>
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.trace_searcher</span> <span class="kn">import</span> <span class="n">TraceSearcher</span>
+
+
+<div class="viewcode-block" id="BaseExtractionPlugin"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.BaseExtractionPlugin">[docs]</a><span class="k">class</span> <span class="nc">BaseExtractionPlugin</span><span class="p">(</span><span class="n">ABC</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;All Extraction Plugins are derived from this class.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="BaseExtractionPlugin.plugin_info"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.BaseExtractionPlugin.plugin_info">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">plugin_info</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">PluginInfo</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;Return information about this extraction plugin.&quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="ExtractionPlugin"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.ExtractionPlugin">[docs]</a><span class="k">class</span> <span class="nc">ExtractionPlugin</span><span class="p">(</span><span class="n">BaseExtractionPlugin</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Default extraction plugin, that processes a trace and one of its datastreams.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="ExtractionPlugin.process"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.ExtractionPlugin.process">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">process</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">trace</span><span class="p">:</span> <span class="n">ExtractionTrace</span><span class="p">,</span> <span class="n">data_context</span><span class="p">:</span> <span class="n">DataContext</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Process a given trace.</span>
+
+<span class="sd">        This method is called for every trace that is processed by this tool.</span>
+
+<span class="sd">        :param trace: Trace that is being processed</span>
+<span class="sd">        :param data_context: Data data_context describing the data stream that is being processed</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="MetaExtractionPlugin"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.MetaExtractionPlugin">[docs]</a><span class="k">class</span> <span class="nc">MetaExtractionPlugin</span><span class="p">(</span><span class="n">BaseExtractionPlugin</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Extraction Plugin that processes a trace only with its metadata, without processing its data.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="MetaExtractionPlugin.process"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.MetaExtractionPlugin.process">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">process</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">trace</span><span class="p">:</span> <span class="n">MetaExtractionTrace</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Process a given trace.</span>
+
+<span class="sd">        This method is called for every trace that is processed by this tool.</span>
+
+<span class="sd">        :param trace: Trace that is being processed</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="DeferredExtractionPlugin"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.DeferredExtractionPlugin">[docs]</a><span class="k">class</span> <span class="nc">DeferredExtractionPlugin</span><span class="p">(</span><span class="n">BaseExtractionPlugin</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    Extraction Plugin that can be run at a different extraction stage.</span>
+
+<span class="sd">    This type of plugin also allows accessing other traces using the searcher.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="DeferredExtractionPlugin.process"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_plugin.html#hansken_extraction_plugin.api.extraction_plugin.DeferredExtractionPlugin.process">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">process</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">trace</span><span class="p">:</span> <span class="n">ExtractionTrace</span><span class="p">,</span> <span class="n">data_context</span><span class="p">:</span> <span class="n">DataContext</span><span class="p">,</span> <span class="n">searcher</span><span class="p">:</span> <span class="n">TraceSearcher</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Process a given trace.</span>
+
+<span class="sd">        This method is called for every trace that is processed by this tool.</span>
+
+<span class="sd">        :param trace: Trace that is being processed</span>
+<span class="sd">        :param data_context: Data data_context describing the data stream that is being processed</span>
+<span class="sd">        :param searcher: TraceSearcher that can be used to obtain more traces</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/extraction_trace.html

@@ -0,0 +1,313 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.extraction_trace &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.extraction_trace</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.extraction_trace</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">This module contains the different Trace apis.</span>
+
+<span class="sd">Note that there are a couple of different traces:</span>
+<span class="sd">  * The ExtractionTrace and MetaExtractionTrace, which are offered to the process function.</span>
+<span class="sd">  * ExtractionTraceBuilder, which is a trace that can be built; it does not exist in hansken yet, but it is added after</span>
+<span class="sd">    building.</span>
+<span class="sd">  * SearchTrace, which represents an immutable trace which is returned after searching for traces.</span>
+<span class="sd">&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">abc</span> <span class="kn">import</span> <span class="n">ABC</span><span class="p">,</span> <span class="n">abstractmethod</span>
+<span class="kn">from</span> <span class="nn">io</span> <span class="kn">import</span> <span class="n">BufferedReader</span>
+<span class="kn">from</span> <span class="nn">typing</span> <span class="kn">import</span> <span class="n">Any</span><span class="p">,</span> <span class="n">Mapping</span><span class="p">,</span> <span class="n">Optional</span><span class="p">,</span> <span class="n">Union</span>
+
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.tracelet</span> <span class="kn">import</span> <span class="n">Tracelet</span>
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.transformation</span> <span class="kn">import</span> <span class="n">Transformation</span>
+
+
+<div class="viewcode-block" id="ExtractionTraceBuilder"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder">[docs]</a><span class="k">class</span> <span class="nc">ExtractionTraceBuilder</span><span class="p">(</span><span class="n">ABC</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    ExtractionTrace that can be build.</span>
+
+<span class="sd">    Represents child traces.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="ExtractionTraceBuilder.update"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder.update">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">update</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key_or_updates</span><span class="p">:</span> <span class="n">Union</span><span class="p">[</span><span class="n">Mapping</span><span class="p">,</span> <span class="nb">str</span><span class="p">]</span> <span class="o">=</span> <span class="kc">None</span><span class="p">,</span> <span class="n">value</span><span class="p">:</span> <span class="n">Any</span> <span class="o">=</span> <span class="kc">None</span><span class="p">,</span>
+               <span class="n">data</span><span class="p">:</span> <span class="n">Mapping</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">]</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;ExtractionTraceBuilder&#39;</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Update or add metadata properties for this `.ExtractionTraceBuilder`.</span>
+
+<span class="sd">        Can be used to update the name of the Trace represented by this builder,</span>
+<span class="sd">        if not already set.</span>
+
+<span class="sd">        :param key_or_updates: either a `str` (the metadata property to be</span>
+<span class="sd">                               updated) or a mapping supplying both keys and values to be updated</span>
+<span class="sd">        :param value: the value to update metadata property *key* to (used</span>
+<span class="sd">                      only when *key_or_updates* is a `str`, an exception will be thrown</span>
+<span class="sd">                      if *key_or_updates* is a mapping)</span>
+<span class="sd">        :param data: a `dict` mapping data type / stream name to bytes to be</span>
+<span class="sd">                     added to the trace</span>
+<span class="sd">        :return: this `.ExtractionTraceBuilder`</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="ExtractionTraceBuilder.add_tracelet"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder.add_tracelet">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">add_tracelet</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span>
+                     <span class="n">tracelet</span><span class="p">:</span> <span class="n">Union</span><span class="p">[</span><span class="n">Tracelet</span><span class="p">,</span> <span class="nb">str</span><span class="p">],</span>
+                     <span class="n">value</span><span class="p">:</span> <span class="n">Optional</span><span class="p">[</span><span class="n">Mapping</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]]</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;ExtractionTraceBuilder&#39;</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Add a `.Tracelet` to this `.ExtractionTraceBuilder`.</span>
+
+<span class="sd">        :param tracelet: the Tracelet or tracelet type (supplied as a `str`) to add</span>
+<span class="sd">        :param value: the tracelet properties to add (only applicable when *tracelet* is a `str`)</span>
+<span class="sd">        :return: this `.ExtractionTraceBuilder`</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="ExtractionTraceBuilder.add_transformation"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder.add_transformation">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">add_transformation</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">data_type</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">transformation</span><span class="p">:</span> <span class="n">Transformation</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;ExtractionTraceBuilder&#39;</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Update or add transformations for this `.ExtractionTraceBuilder`.</span>
+
+<span class="sd">        :param data_type: data type of the Transformation</span>
+<span class="sd">        :param transformation: the Transformation to add</span>
+<span class="sd">        :return: this `.ExtractionTraceBuilder`</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="ExtractionTraceBuilder.child_builder"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder.child_builder">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">child_builder</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">:</span> <span class="nb">str</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;ExtractionTraceBuilder&#39;</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Create a new `.TraceBuilder` to build a child trace to the trace to be represented by this builder.</span>
+
+<span class="sd">        .. note::</span>
+<span class="sd">            Traces should be created and built in depth first order,</span>
+<span class="sd">            parent before child (pre-order).</span>
+
+<span class="sd">        :return: a `.TraceBuilder` set up to save a new trace as the child</span>
+<span class="sd">                 trace of this builder</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="ExtractionTraceBuilder.add_data"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder.add_data">[docs]</a>    <span class="k">def</span> <span class="nf">add_data</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">stream</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">data</span><span class="p">:</span> <span class="nb">bytes</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;ExtractionTraceBuilder&#39;</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Add data to this trace as a named stream.</span>
+
+<span class="sd">        :param stream: name of the data stream to be added</span>
+<span class="sd">        :param data: data to be attached</span>
+<span class="sd">        :return: this `.ExtractionTraceBuilder`</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">update</span><span class="p">(</span><span class="n">data</span><span class="o">=</span><span class="p">{</span><span class="n">stream</span><span class="p">:</span> <span class="n">data</span><span class="p">})</span></div>
+
+<div class="viewcode-block" id="ExtractionTraceBuilder.build"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTraceBuilder.build">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">build</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">str</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Save the trace being built by this builder to remote.</span>
+
+<span class="sd">        .. note::</span>
+<span class="sd">            Building more than once will result in an error being raised.</span>
+
+<span class="sd">        :return: the new trace&#39; id</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="Trace"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.Trace">[docs]</a><span class="k">class</span> <span class="nc">Trace</span><span class="p">(</span><span class="n">ABC</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;All trace classes should be able to return values.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="Trace.get"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.Trace.get">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">get</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">default</span><span class="p">:</span> <span class="n">Any</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Any</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Return metadata properties for this `.ExtractionTrace`.</span>
+
+<span class="sd">        :param key: the metadata property to be retrieved</span>
+<span class="sd">        :param default: value returned if property is not set</span>
+<span class="sd">        :return: the value of the requested metadata property</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="SearchTrace"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.SearchTrace">[docs]</a><span class="k">class</span> <span class="nc">SearchTrace</span><span class="p">(</span><span class="n">Trace</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;SearchTraces represent traces returned when searching for traces.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="SearchTrace.open"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.SearchTrace.open">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">open</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">stream</span><span class="p">:</span> <span class="nb">str</span> <span class="o">=</span> <span class="s1">&#39;raw&#39;</span><span class="p">,</span> <span class="n">offset</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">size</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">BufferedReader</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Open a data stream of the data that is being processed.</span>
+
+<span class="sd">        :param stream: data stream of trace to open. defaults to raw. other examples are html, text, etc.</span>
+<span class="sd">        :param offset: byte offset to start the stream on</span>
+<span class="sd">        :param size: the number of bytes to make available</span>
+<span class="sd">        :return: a file-like object to read bytes from the named stream</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="MetaExtractionTrace"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.MetaExtractionTrace">[docs]</a><span class="k">class</span> <span class="nc">MetaExtractionTrace</span><span class="p">(</span><span class="n">Trace</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    MetaExtractionTraces contain only metadata.</span>
+
+<span class="sd">    This class represenst traces during the extraction of an extraction plugin without a data stream.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="MetaExtractionTrace.update"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.MetaExtractionTrace.update">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">update</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">key_or_updates</span><span class="p">:</span> <span class="n">Union</span><span class="p">[</span><span class="n">Mapping</span><span class="p">,</span> <span class="nb">str</span><span class="p">]</span> <span class="o">=</span> <span class="kc">None</span><span class="p">,</span> <span class="n">value</span><span class="p">:</span> <span class="n">Any</span> <span class="o">=</span> <span class="kc">None</span><span class="p">,</span>
+               <span class="n">data</span><span class="p">:</span> <span class="n">Mapping</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="nb">bytes</span><span class="p">]</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Update or add metadata properties for this `.ExtractionTrace`.</span>
+
+<span class="sd">        :param key_or_updates: either a `str` (the metadata property to be</span>
+<span class="sd">                               updated) or a mapping supplying both keys and values to be updated</span>
+<span class="sd">        :param value: the value to update metadata property *key* to (used</span>
+<span class="sd">                      only when *key_or_updates* is a `str`, an exception will be thrown</span>
+<span class="sd">                      if *key_or_updates* is a mapping)</span>
+<span class="sd">        :param data: a `dict` mapping data type / stream name to bytes to be</span>
+<span class="sd">                     added to the trace</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="MetaExtractionTrace.add_tracelet"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.MetaExtractionTrace.add_tracelet">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">add_tracelet</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span>
+                     <span class="n">tracelet</span><span class="p">:</span> <span class="n">Union</span><span class="p">[</span><span class="n">Tracelet</span><span class="p">,</span> <span class="nb">str</span><span class="p">],</span>
+                     <span class="n">value</span><span class="p">:</span> <span class="n">Optional</span><span class="p">[</span><span class="n">Mapping</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]]</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Add a `.Tracelet` to this `.MetaExtractionTrace`.</span>
+
+<span class="sd">        :param tracelet: the Tracelet or tracelet type to add</span>
+<span class="sd">        :param value: the tracelet properties to add (only applicable when *tracelet* is a tracelet type)</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="MetaExtractionTrace.add_transformation"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.MetaExtractionTrace.add_transformation">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">add_transformation</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">data_type</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">transformation</span><span class="p">:</span> <span class="n">Transformation</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="kc">None</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Update or add transformations for this `.ExtractionTraceBuilder`.</span>
+
+<span class="sd">        :param data_type: data type of the Transformation</span>
+<span class="sd">        :param transformation: the Transformation to add</span>
+<span class="sd">        &quot;&quot;&quot;</span></div>
+
+<div class="viewcode-block" id="MetaExtractionTrace.child_builder"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.MetaExtractionTrace.child_builder">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">child_builder</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">:</span> <span class="nb">str</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">ExtractionTraceBuilder</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Create a `.TraceBuilder` to build a trace to be saved as a child of this `.Trace`.</span>
+
+<span class="sd">        A new trace will only be added to the index once explicitly saved (e.g.</span>
+<span class="sd">        through `.TraceBuilder.build`).</span>
+
+<span class="sd">        .. note::</span>
+<span class="sd">            Traces should be created and built in depth first order,</span>
+<span class="sd">            parent before child (pre-order).</span>
+
+<span class="sd">        :param name: the name for the trace being built</span>
+<span class="sd">        :return: a `.TraceBuilder` set up to create a child trace of this `.MetaExtractionTrace`</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+
+
+<div class="viewcode-block" id="ExtractionTrace"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTrace">[docs]</a><span class="k">class</span> <span class="nc">ExtractionTrace</span><span class="p">(</span><span class="n">MetaExtractionTrace</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Trace offered to be processed.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="ExtractionTrace.open"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.extraction_trace.html#hansken_extraction_plugin.api.extraction_trace.ExtractionTrace.open">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">open</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">offset</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">0</span><span class="p">,</span> <span class="n">size</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="kc">None</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">BufferedReader</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Open a data stream of the data that is being processed.</span>
+
+<span class="sd">        :param offset: byte offset to start the stream on</span>
+<span class="sd">        :param size: the number of bytes to make available</span>
+<span class="sd">        :return: a file-like object to read bytes from the named stream</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/plugin_info.html

@@ -0,0 +1,195 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.plugin_info &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.plugin_info</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.plugin_info</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;This module contains all definitions to describe meta data of a plugin, a.k.a. PluginInfo.&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">dataclasses</span> <span class="kn">import</span> <span class="n">dataclass</span>
+<span class="kn">from</span> <span class="nn">enum</span> <span class="kn">import</span> <span class="n">Enum</span>
+<span class="kn">from</span> <span class="nn">typing</span> <span class="kn">import</span> <span class="n">Optional</span>
+
+
+<div class="viewcode-block" id="Author"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.plugin_info.html#hansken_extraction_plugin.api.plugin_info.Author">[docs]</a><span class="nd">@dataclass</span><span class="p">(</span><span class="n">frozen</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+<span class="k">class</span> <span class="nc">Author</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    The author of an Extraction Plugin.</span>
+
+<span class="sd">    This information can be retrieved by an end-user from Hansken.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="n">name</span><span class="p">:</span> <span class="nb">str</span>
+    <span class="n">email</span><span class="p">:</span> <span class="nb">str</span>
+    <span class="n">organisation</span><span class="p">:</span> <span class="nb">str</span></div>
+
+
+<div class="viewcode-block" id="MaturityLevel"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.plugin_info.html#hansken_extraction_plugin.api.plugin_info.MaturityLevel">[docs]</a><span class="k">class</span> <span class="nc">MaturityLevel</span><span class="p">(</span><span class="n">Enum</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;This class represents the maturity level of an extraction plugin.&quot;&quot;&quot;</span>
+
+    <span class="n">PROOF_OF_CONCEPT</span> <span class="o">=</span> <span class="mi">0</span>
+    <span class="n">READY_FOR_TEST</span> <span class="o">=</span> <span class="mi">1</span>
+    <span class="n">PRODUCTION_READY</span> <span class="o">=</span> <span class="mi">2</span></div>
+
+
+<div class="viewcode-block" id="PluginId"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.plugin_info.html#hansken_extraction_plugin.api.plugin_info.PluginId">[docs]</a><span class="nd">@dataclass</span><span class="p">(</span><span class="n">frozen</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+<span class="k">class</span> <span class="nc">PluginId</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Identifier of a plugin, consisting of domain, category and name. Needs to be unique among all tools/plugins.&quot;&quot;&quot;</span>
+
+    <span class="n">domain</span><span class="p">:</span> <span class="nb">str</span>
+    <span class="n">category</span><span class="p">:</span> <span class="nb">str</span>
+    <span class="n">name</span><span class="p">:</span> <span class="nb">str</span>
+
+    <span class="k">def</span> <span class="fm">__str__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="k">return</span> <span class="sa">f</span><span class="s1">&#39;</span><span class="si">{</span><span class="bp">self</span><span class="o">.</span><span class="n">domain</span><span class="si">}</span><span class="s1">/</span><span class="si">{</span><span class="bp">self</span><span class="o">.</span><span class="n">category</span><span class="si">}</span><span class="s1">/</span><span class="si">{</span><span class="bp">self</span><span class="o">.</span><span class="n">name</span><span class="si">}</span><span class="s1">&#39;</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span></div>
+
+
+<div class="viewcode-block" id="PluginResources"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.plugin_info.html#hansken_extraction_plugin.api.plugin_info.PluginResources">[docs]</a><span class="nd">@dataclass</span><span class="p">(</span><span class="n">frozen</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+<span class="k">class</span> <span class="nc">PluginResources</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;PluginResources contains information about how many resources will be used for a plugin.&quot;&quot;&quot;</span>
+
+    <span class="n">maximum_cpu</span><span class="p">:</span> <span class="n">Optional</span><span class="p">[</span><span class="nb">float</span><span class="p">]</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    CPU resources are measured in cpu units. One cpu is equivalent to 1 vCPU/Core for cloud providers and 1 hyperthread</span>
+<span class="sd">    on bare-metal Intel processors. Also, fractional requests are allowed. A plugin that asks 0.5 CPU uses half as</span>
+<span class="sd">    much CPU as one that asks for 1 CPU.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+    <span class="n">maximum_memory</span><span class="p">:</span> <span class="n">Optional</span><span class="p">[</span><span class="nb">int</span><span class="p">]</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;Max usable memory for a plugin, measured in megabytes.&quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="nf">__post_init__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">maximum_cpu</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">maximum_cpu</span> <span class="o">&lt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="sa">f</span><span class="s1">&#39;maximum_cpu cannot be &lt; 0: </span><span class="si">{</span><span class="bp">self</span><span class="o">.</span><span class="n">maximum_cpu</span><span class="si">}</span><span class="s1">&#39;</span><span class="p">)</span>
+        <span class="k">if</span> <span class="bp">self</span><span class="o">.</span><span class="n">maximum_memory</span> <span class="ow">is</span> <span class="ow">not</span> <span class="kc">None</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">maximum_memory</span> <span class="o">&lt;</span> <span class="mi">0</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="sa">f</span><span class="s1">&#39;maximum_memory cannot be &lt; 0: </span><span class="si">{</span><span class="bp">self</span><span class="o">.</span><span class="n">maximum_memory</span><span class="si">}</span><span class="s1">&#39;</span><span class="p">)</span></div>
+
+
+<div class="viewcode-block" id="PluginInfo"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.plugin_info.html#hansken_extraction_plugin.api.plugin_info.PluginInfo">[docs]</a><span class="nd">@dataclass</span>
+<span class="k">class</span> <span class="nc">PluginInfo</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    This information is used by Hansken to identify and run the plugin.</span>
+
+<span class="sd">    Note that the build_plugin.py build script is used to build a plugin docker image with PluginInfo docker labels.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="nb">id</span><span class="p">:</span> <span class="n">PluginId</span>  <span class="c1">#: a plugin&#39;s unique identifier, see PluginId</span>
+    <span class="n">version</span><span class="p">:</span> <span class="nb">str</span>  <span class="c1">#: version of the plugin</span>
+    <span class="n">description</span><span class="p">:</span> <span class="nb">str</span>  <span class="c1">#: short description of the functionality of the plugin</span>
+    <span class="n">author</span><span class="p">:</span> <span class="n">Author</span>  <span class="c1">#: the plugin&#39;s author, see Author</span>
+    <span class="n">maturity</span><span class="p">:</span> <span class="n">MaturityLevel</span>  <span class="c1">#: maturity level, see MaturityLevel</span>
+    <span class="n">matcher</span><span class="p">:</span> <span class="nb">str</span>  <span class="c1">#: this matcher selects the traces offered to the plugin</span>
+    <span class="n">webpage_url</span><span class="p">:</span> <span class="nb">str</span>  <span class="c1">#: plugin url</span>
+    <span class="n">license</span><span class="p">:</span> <span class="n">Optional</span><span class="p">[</span><span class="nb">str</span><span class="p">]</span> <span class="o">=</span> <span class="kc">None</span>  <span class="c1">#: license of this plugin</span>
+    <span class="n">deferred_iterations</span><span class="p">:</span> <span class="nb">int</span> <span class="o">=</span> <span class="mi">1</span>  <span class="c1">#: number of deferred iterations (1 to 20), nly for deferred plugins (optional)</span>
+    <span class="n">resources</span><span class="p">:</span> <span class="n">Optional</span><span class="p">[</span><span class="n">PluginResources</span><span class="p">]</span> <span class="o">=</span> <span class="kc">None</span>  <span class="c1">#: resources to be reserved for a plugin (optional)</span>
+
+    <span class="k">def</span> <span class="nf">__post_init__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+        <span class="k">if</span> <span class="ow">not</span> <span class="mi">1</span> <span class="o">&lt;=</span> <span class="bp">self</span><span class="o">.</span><span class="n">deferred_iterations</span> <span class="o">&lt;=</span> <span class="mi">20</span><span class="p">:</span>
+            <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="sa">f</span><span class="s1">&#39;Invalid value for deferred_iterations: </span><span class="si">{</span><span class="bp">self</span><span class="o">.</span><span class="n">deferred_iterations</span><span class="si">}</span><span class="s1">. &#39;</span>
+                             <span class="sa">f</span><span class="s1">&#39;Valid values are 1 =&lt; 20.&#39;</span><span class="p">)</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/search_result.html

@@ -0,0 +1,185 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.search_result &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.search_result</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.search_result</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;This module contains a representation of a search result.&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">abc</span> <span class="kn">import</span> <span class="n">ABC</span><span class="p">,</span> <span class="n">abstractmethod</span>
+<span class="kn">from</span> <span class="nn">itertools</span> <span class="kn">import</span> <span class="n">islice</span>
+<span class="kn">from</span> <span class="nn">typing</span> <span class="kn">import</span> <span class="n">Iterable</span><span class="p">,</span> <span class="n">List</span><span class="p">,</span> <span class="n">Optional</span>
+
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.extraction_trace</span> <span class="kn">import</span> <span class="n">SearchTrace</span>
+
+
+<div class="viewcode-block" id="SearchResult"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.search_result.html#hansken_extraction_plugin.api.search_result.SearchResult">[docs]</a><span class="k">class</span> <span class="nc">SearchResult</span><span class="p">(</span><span class="n">ABC</span><span class="p">,</span> <span class="n">Iterable</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    Class representing a stream of traces, returned when performing a search request.</span>
+
+<span class="sd">    This result can only be iterated once. Results can be retrieved in three ways:</span>
+
+<span class="sd">    Treating the result as an iterable:</span>
+
+<span class="sd">    .. code-block:: python</span>
+
+<span class="sd">        for trace in result:</span>
+<span class="sd">            print(trace.name)</span>
+
+<span class="sd">    Calling `.take` to process one or more batches of traces:</span>
+
+<span class="sd">    .. code-block:: python</span>
+
+<span class="sd">        first_100 = result.take(100)</span>
+<span class="sd">        process_batch(first_100)</span>
+
+<span class="sd">    Calling `.takeone` to get a single trace:</span>
+
+<span class="sd">    .. code-block:: python</span>
+
+<span class="sd">        first = result.takeone()</span>
+<span class="sd">        second = result.takeone()</span>
+
+<span class="sd">        print(first.name, second.name)</span>
+
+<span class="sd">    &quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="SearchResult.total_results"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.search_result.html#hansken_extraction_plugin.api.search_result.SearchResult.total_results">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">total_results</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="nb">int</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Return the  total number of hits.</span>
+
+<span class="sd">        :return: Total number of hits</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">pass</span></div>
+
+<div class="viewcode-block" id="SearchResult.takeone"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.search_result.html#hansken_extraction_plugin.api.search_result.SearchResult.takeone">[docs]</a>    <span class="k">def</span> <span class="nf">takeone</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">Optional</span><span class="p">[</span><span class="n">SearchTrace</span><span class="p">]:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Return a single trace, if this stream is not exhausted.</span>
+
+<span class="sd">        :return: A searchtrace, or None if no trace is available</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="nb">next</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="fm">__iter__</span><span class="p">(),</span> <span class="kc">None</span><span class="p">)</span></div>
+
+<div class="viewcode-block" id="SearchResult.take"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.search_result.html#hansken_extraction_plugin.api.search_result.SearchResult.take">[docs]</a>    <span class="k">def</span> <span class="nf">take</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">num</span><span class="p">:</span> <span class="nb">int</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">List</span><span class="p">[</span><span class="n">SearchTrace</span><span class="p">]:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Return a list containing at most num number of traces, or less if they are not available.</span>
+
+<span class="sd">        :param num: Number of traces to take</span>
+<span class="sd">        :return: List containing zero or more traces</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="nb">list</span><span class="p">(</span><span class="n">islice</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="fm">__iter__</span><span class="p">(),</span> <span class="n">num</span><span class="p">))</span></div>
+
+<div class="viewcode-block" id="SearchResult.close"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.search_result.html#hansken_extraction_plugin.api.search_result.SearchResult.close">[docs]</a>    <span class="k">def</span> <span class="nf">close</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Close this SearchResult if no more traces are to be retrieved.</span>
+
+<span class="sd">        Required to keep compatibility with hansken.py.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="k">pass</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/trace_searcher.html

@@ -0,0 +1,131 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.trace_searcher &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.trace_searcher</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.trace_searcher</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;This module contains the definition of a trace searcher.&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">abc</span> <span class="kn">import</span> <span class="n">abstractmethod</span>
+
+<span class="kn">from</span> <span class="nn">hansken_extraction_plugin.api.search_result</span> <span class="kn">import</span> <span class="n">SearchResult</span>
+
+
+<div class="viewcode-block" id="TraceSearcher"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.trace_searcher.html#hansken_extraction_plugin.api.trace_searcher.TraceSearcher">[docs]</a><span class="k">class</span> <span class="nc">TraceSearcher</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;This class can be used to search for traces, using the search method.&quot;&quot;&quot;</span>
+
+<div class="viewcode-block" id="TraceSearcher.search"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.trace_searcher.html#hansken_extraction_plugin.api.trace_searcher.TraceSearcher.search">[docs]</a>    <span class="nd">@abstractmethod</span>
+    <span class="k">def</span> <span class="nf">search</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">query</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">count</span><span class="p">:</span> <span class="nb">int</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="n">SearchResult</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Search for indexed traces in Hansken using provided query returning at most count results.</span>
+
+<span class="sd">        :param query: HQL-query used for searching</span>
+<span class="sd">        :param count: Maximum number of traces to return</span>
+<span class="sd">        :return: SearchResult containing found traces</span>
+<span class="sd">        &quot;&quot;&quot;</span></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/tracelet.html

@@ -0,0 +1,141 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.tracelet &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.tracelet</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.tracelet</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;This module contains the definition of a Tracelet.&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">typing</span> <span class="kn">import</span> <span class="n">Any</span><span class="p">,</span> <span class="n">Mapping</span>
+
+
+<div class="viewcode-block" id="Tracelet"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.tracelet.html#hansken_extraction_plugin.api.tracelet.Tracelet">[docs]</a><span class="k">class</span> <span class="nc">Tracelet</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">    A tracelet contains the values of a single fvt (Few Valued Type).</span>
+
+<span class="sd">    A few valued type is a trace property type that is a collection of tracelets. A trace can contain multiple few</span>
+<span class="sd">    valued types containing one or more tracelets. For example, the `trace.identity`` type may look like this::</span>
+
+<span class="sd">        {emailAddress: &#39;interesting@notreally.com&#39;},</span>
+<span class="sd">        {firstName: &#39;piet&#39;},</span>
+<span class="sd">        {emailAddress: &#39;anotheremail@notreally.com&#39;},</span>
+
+<span class="sd">    The trace.identity few valued types contains three different tracelets.</span>
+<span class="sd">    &quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">name</span><span class="p">:</span> <span class="nb">str</span><span class="p">,</span> <span class="n">value</span><span class="p">:</span> <span class="n">Mapping</span><span class="p">[</span><span class="nb">str</span><span class="p">,</span> <span class="n">Any</span><span class="p">]):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">        Initialize a tracelet.</span>
+
+<span class="sd">        :param name: name or type of the tracelet. In the example this would be ``identity``.</span>
+<span class="sd">        :param value: Mapping of keys to properties of this tracelet. In the example this could be</span>
+<span class="sd">                      ``{emailAddress: &#39;anotheremail@notreally.com&#39;}``.</span>
+<span class="sd">        &quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">name</span> <span class="o">=</span> <span class="n">name</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">value</span> <span class="o">=</span> <span class="n">value</span></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/hansken_extraction_plugin/api/transformation.html

@@ -0,0 +1,174 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>hansken_extraction_plugin.api.transformation &mdash; Hansken Extraction Plugins for plugin developers SNAPSHOT
+ documentation</title>
+      <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../../../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../../../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
+        <script src="../../../_static/doctools.js"></script>
+        <script src="../../../_static/sphinx_highlight.js"></script>
+    <script src="../../../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../../../genindex.html" />
+    <link rel="search" title="Search" href="../../../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../../../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                SNAPSHOT
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../../../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../../../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
+          <li class="breadcrumb-item"><a href="../../index.html">Module code</a></li>
+      <li class="breadcrumb-item active">hansken_extraction_plugin.api.transformation</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>Source code for hansken_extraction_plugin.api.transformation</h1><div class="highlight"><pre>
+<span></span><span class="sd">&quot;&quot;&quot;This module contains the definition of a Transformation.&quot;&quot;&quot;</span>
+<span class="kn">from</span> <span class="nn">abc</span> <span class="kn">import</span> <span class="n">ABC</span>
+<span class="kn">from</span> <span class="nn">dataclasses</span> <span class="kn">import</span> <span class="n">dataclass</span>
+<span class="kn">from</span> <span class="nn">typing</span> <span class="kn">import</span> <span class="n">List</span>
+
+
+<div class="viewcode-block" id="Transformation"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.Transformation">[docs]</a><span class="k">class</span> <span class="nc">Transformation</span><span class="p">(</span><span class="n">ABC</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;A super class for data transformations. Currently only :class:RangedTransformation is supported.&quot;&quot;&quot;</span>
+
+    <span class="k">pass</span></div>
+
+
+<div class="viewcode-block" id="Range"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.Range">[docs]</a><span class="nd">@dataclass</span><span class="p">(</span><span class="n">frozen</span><span class="o">=</span><span class="kc">True</span><span class="p">)</span>
+<span class="k">class</span> <span class="nc">Range</span><span class="p">:</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;A Range describes a range of bytes with a offset and length.&quot;&quot;&quot;</span>
+
+    <span class="n">offset</span><span class="p">:</span> <span class="nb">int</span>  <span class="c1">#: the starting point of the data</span>
+    <span class="n">length</span><span class="p">:</span> <span class="nb">int</span>  <span class="c1">#: the size of the data</span></div>
+
+
+<div class="viewcode-block" id="RangedTransformation"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.RangedTransformation">[docs]</a><span class="k">class</span> <span class="nc">RangedTransformation</span><span class="p">(</span><span class="n">Transformation</span><span class="p">):</span>
+<span class="w">    </span><span class="sd">&quot;&quot;&quot;A :class:RangedTransformation describes a data transformation consisting of a list of :class:Range.&quot;&quot;&quot;</span>
+
+    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">ranges</span><span class="p">:</span> <span class="n">List</span><span class="p">[</span><span class="n">Range</span><span class="p">]):</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;:type ranges: list of :class:Range.&quot;&quot;&quot;</span>
+        <span class="bp">self</span><span class="o">.</span><span class="n">ranges</span> <span class="o">=</span> <span class="n">ranges</span>
+
+<div class="viewcode-block" id="RangedTransformation.builder"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.RangedTransformation.builder">[docs]</a>    <span class="nd">@staticmethod</span>
+    <span class="k">def</span> <span class="nf">builder</span><span class="p">():</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;:return a Builder.&quot;&quot;&quot;</span>
+        <span class="k">return</span> <span class="n">RangedTransformation</span><span class="o">.</span><span class="n">Builder</span><span class="p">()</span></div>
+
+<div class="viewcode-block" id="RangedTransformation.Builder"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.RangedTransformation.Builder">[docs]</a>    <span class="k">class</span> <span class="nc">Builder</span><span class="p">:</span>
+<span class="w">        </span><span class="sd">&quot;&quot;&quot;Helper class that implements a transformation builder.&quot;&quot;&quot;</span>
+
+        <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
+<span class="w">            </span><span class="sd">&quot;&quot;&quot;Initialize a Builder.&quot;&quot;&quot;</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_ranges</span><span class="p">:</span> <span class="n">List</span><span class="p">[</span><span class="n">Range</span><span class="p">]</span> <span class="o">=</span> <span class="p">[]</span>
+
+<div class="viewcode-block" id="RangedTransformation.Builder.add_range"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.RangedTransformation.Builder.add_range">[docs]</a>        <span class="k">def</span> <span class="nf">add_range</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">offset</span><span class="p">:</span> <span class="nb">int</span><span class="p">,</span> <span class="n">length</span><span class="p">:</span> <span class="nb">int</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;RangedTransformation.Builder&#39;</span><span class="p">:</span>
+<span class="w">            </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">            Add a range to a ranged transformation by providing the range&#39;s offset and length.</span>
+
+<span class="sd">            :param offset the offset of the data transformation</span>
+<span class="sd">            :param length the length of the data transformation</span>
+<span class="sd">            :return: this `.RangedTransformation.Builder`</span>
+<span class="sd">            &quot;&quot;&quot;</span>
+            <span class="k">if</span> <span class="n">offset</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s1">&#39;offset is required&#39;</span><span class="p">)</span>
+            <span class="k">if</span> <span class="n">length</span> <span class="ow">is</span> <span class="kc">None</span><span class="p">:</span>
+                <span class="k">raise</span> <span class="ne">ValueError</span><span class="p">(</span><span class="s1">&#39;length is required&#39;</span><span class="p">)</span>
+            <span class="bp">self</span><span class="o">.</span><span class="n">_ranges</span><span class="o">.</span><span class="n">append</span><span class="p">(</span><span class="n">Range</span><span class="p">(</span><span class="n">offset</span><span class="o">=</span><span class="n">offset</span><span class="p">,</span> <span class="n">length</span><span class="o">=</span><span class="n">length</span><span class="p">))</span>
+            <span class="k">return</span> <span class="bp">self</span></div>
+
+<div class="viewcode-block" id="RangedTransformation.Builder.build"><a class="viewcode-back" href="../../../dev/python/api/hansken_extraction_plugin.api.transformation.html#hansken_extraction_plugin.api.transformation.RangedTransformation.Builder.build">[docs]</a>        <span class="k">def</span> <span class="nf">build</span><span class="p">(</span><span class="bp">self</span><span class="p">)</span> <span class="o">-&gt;</span> <span class="s1">&#39;RangedTransformation&#39;</span><span class="p">:</span>
+<span class="w">            </span><span class="sd">&quot;&quot;&quot;</span>
+<span class="sd">            Return a RangedTransformation.</span>
+
+<span class="sd">            :return: a :class:RangedTransformation</span>
+<span class="sd">            &quot;&quot;&quot;</span>
+            <span class="k">return</span> <span class="n">RangedTransformation</span><span class="p">(</span><span class="n">ranges</span><span class="o">=</span><span class="bp">self</span><span class="o">.</span><span class="n">_ranges</span><span class="p">)</span></div></div></div>
+</pre></div>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_modules/index.html

@@ -0,0 +1,120 @@
+<!DOCTYPE html>
+<html class="writer-html5" lang="en" >
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+  <title>Overview: module code &mdash; Hansken Extraction Plugins for plugin developers 0.6.3
+ documentation</title>
+      <link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
+      <link rel="stylesheet" href="../_static/css/theme.css" type="text/css" />
+      <link rel="stylesheet" href="../_static/wider_pages.css" type="text/css" />
+  <!--[if lt IE 9]>
+    <script src="../_static/js/html5shiv.min.js"></script>
+  <![endif]-->
+  
+        <script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script>
+        <script src="../_static/doctools.js"></script>
+        <script src="../_static/sphinx_highlight.js"></script>
+    <script src="../_static/js/theme.js"></script>
+    <link rel="index" title="Index" href="../genindex.html" />
+    <link rel="search" title="Search" href="../search.html" /> 
+</head>
+
+<body class="wy-body-for-nav"> 
+  <div class="wy-grid-for-nav">
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
+      <div class="wy-side-scroll">
+        <div class="wy-side-nav-search" >
+
+          
+          
+          <a href="../index.html" class="icon icon-home">
+            Hansken Extraction Plugins for plugin developers
+          </a>
+              <div class="version">
+                0.6.3
+
+              </div>
+<div role="search">
+  <form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
+    <input type="hidden" name="check_keywords" value="yes" />
+    <input type="hidden" name="area" value="default" />
+  </form>
+</div>
+        </div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
+              <p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
+<ul>
+<li class="toctree-l1"><a class="reference internal" href="../dev/introduction.html">Introduction</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../dev/concepts.html">General concepts</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../dev/spec.html">Extraction Plugin specifications</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../dev/java.html">Java</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../dev/python.html">Python</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../dev/examples.html">Examples</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../dev/faq.html">Frequently Asked Questions</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../contact.html">Contact</a></li>
+<li class="toctree-l1"><a class="reference internal" href="../changes.html">Changelog</a></li>
+</ul>
+
+        </div>
+      </div>
+    </nav>
+
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
+          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+          <a href="../index.html">Hansken Extraction Plugins for plugin developers</a>
+      </nav>
+
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="Page navigation">
+  <ul class="wy-breadcrumbs">
+      <li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
+      <li class="breadcrumb-item active">Overview: module code</li>
+      <li class="wy-breadcrumbs-aside">
+      </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
+           <div itemprop="articleBody">
+             
+  <h1>All modules for which code is available</h1>
+<ul><li><a href="hansken_extraction_plugin/api/data_context.html">hansken_extraction_plugin.api.data_context</a></li>
+<li><a href="hansken_extraction_plugin/api/extraction_plugin.html">hansken_extraction_plugin.api.extraction_plugin</a></li>
+<li><a href="hansken_extraction_plugin/api/extraction_trace.html">hansken_extraction_plugin.api.extraction_trace</a></li>
+<li><a href="hansken_extraction_plugin/api/plugin_info.html">hansken_extraction_plugin.api.plugin_info</a></li>
+<li><a href="hansken_extraction_plugin/api/search_result.html">hansken_extraction_plugin.api.search_result</a></li>
+<li><a href="hansken_extraction_plugin/api/trace_searcher.html">hansken_extraction_plugin.api.trace_searcher</a></li>
+<li><a href="hansken_extraction_plugin/api/tracelet.html">hansken_extraction_plugin.api.tracelet</a></li>
+<li><a href="hansken_extraction_plugin/api/transformation.html">hansken_extraction_plugin.api.transformation</a></li>
+</ul>
+
+           </div>
+          </div>
+          <footer>
+
+  <hr/>
+
+  <div role="contentinfo">
+    <p>&#169; Copyright 2020-2023 Netherlands Forensic Institute.</p>
+  </div>
+
+  Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
+    <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
+    provided by <a href="https://readthedocs.org">Read the Docs</a>.
+   
+
+</footer>
+        </div>
+      </div>
+    </section>
+  </div>
+  <script>
+      jQuery(function () {
+          SphinxRtdTheme.Navigation.enable(true);
+      });
+  </script> 
+
+</body>
+</html>

0.6.3/_sources/changes.rst.txt

@@ -0,0 +1,15 @@
+.. _changelog:
+
+Changelog
+=========
+
+The following page lists all (technical) changes in the extraction plugin SDK.
+
+Programming language specific API changes are described in more detail on API changelog pages.
+These pages list new API functionalities, and describe how to update your plugins when API changes are in order.
+For the API changelog pages see:
+
+* :doc:`dev/java/api_changelog`
+* :doc:`dev/python/api_changelog`
+
+.. mdinclude:: ../CHANGES.md

0.6.3/_sources/contact.md.txt

@@ -0,0 +1,16 @@
+# Contact
+
+Please get in touch with us:
+
+* if you have questions about the SDK,
+* have found a bug,
+* have a feature request,
+* see other opportunity to improve,
+* want to contribute,
+* ...
+
+Chat with us on [Discord](https://www.discord.com). You can find members of the extraction plugin SDK development team
+in the Hansken Community server, in the `extraction-plugins` channel. This is a Hansken community-private server. If you
+don't have access to the Hansken Community server, please contact your Hansken business owner. He or she can invite you
+to the Hansken Community server. If you don't know who to contact, feel free to fill in
+the [contact form](https://www.hansken.nl/contact) for further questions/contact.

0.6.3/_sources/dev/concepts.rst.txt

@@ -0,0 +1,20 @@
+General concepts
+================
+
+.. toctree::
+   :maxdepth: 1
+   :caption: Contents:
+
+   concepts/extraction_plugins
+   concepts/anatomy_of_a_plugin
+   concepts/plugin_types
+   concepts/plugin_naming_convention
+   concepts/traces
+   concepts/hql_lite
+   concepts/data_transformations
+
+   concepts/test_framework
+
+   concepts/isolation
+   concepts/kubernetes_autoscaling
+

0.6.3/_sources/dev/concepts/anatomy_of_a_plugin.md.txt

@@ -0,0 +1,72 @@
+# Anatomy of a plugin
+
+This page describes the general anatomy of a plugin, and its (simplified) execution in Hansken.
+
+## The plugin itself
+
+Each plugin must implement two methods:
+
+* `pluginInfo()`: This method returns information about the plugin.
+* `process()`: This method performs the extraction task of the plugin.
+
+Lets dive a bit deeper into these methods in the next sections!
+
+### The method `pluginInfo()`
+
+The `pluginInfo()` method returns a `PluginInfo` object. Hansken needs this object to be able to know the capabilities
+of the plugin, and to show the plugin in the list of tools. The most important fields that must be set on `PluginInfo`
+are the following:
+
+| `id`          | The identifier of the plugin. This will be used as a unique name for the plugin Hansken.            |
+| `description` | A description of the plugin that is shown in Hansken.                                               |
+| `author`      | The author of the plugin that is shown in Hansken.                                                  |
+| `license`     | The type of license of the plugin that is shown in Hansken.                                         |
+| `matcher`     | This matcher is used by Hansken to determine which Traces are sent to the Plugin during extraction. |
+
+### The method `process()`
+
+During extraction, Hansken calls the `process()` method for every matching trace. The `matcher` attribute of
+the `PluginInfo` is very important as it determines which traces will be sent to the `process` method.
+
+Although the plugin developer is free to program whatever seems useful, the following tasks are typically performed
+within the `process()` method:
+
+* Creating child-traces
+* Reading trace properties
+* Adding trace properties
+* Reading the data that the Trace represents
+* Writing data on a Trace
+
+Depending on the type of plugin that is implemented, different functionality is available in the `process()` method.
+See [Plugin Types](plugin_types.md) for more details.
+
+## The execution in Hansken
+
+This describes the process of running a plugin from the perspective of Hansken. The perspective of the user is described
+in [Hansken Extraction Plugins](extraction_plugins.md).
+
+### Plugin discovery
+
+Hansken manages a list of tools that can be used in extractions. The available plugins must be added to this list so
+that the user can select them. To accomplish this, Hansken scans the Docker registry for docker images that are plugins.
+Each image is started up, and a call is done to its `pluginInfo()` method. If the call resulted in a valid `PluginInfo`
+object, the Extraction Plugin is added to the list of tools visible to users. After the `PluginInfo` is retrieved, the
+docker image is shutdown again.
+
+### Starting an extraction
+
+Hansken checks if any plugins are selected by the user that started the extraction. For each selected plugin, at least
+one docker image will be started. See [Kubernetes autoscaling](kubernetes_autoscaling.md) for more details on expanding
+the number of instances for each plugin.
+
+### Extracting
+
+During an extraction, Hansken will iteratively loop through all selected tools, including Extraction Plugins. For each
+trace that matches on a tool, Hansken will call its `process` method. For Extraction Plugins, this means that
+the `process` method is called via the gRPC protocol. The trace to be processed is sent over gRPC to the plugin, and any
+other communication between Hansken and the Extraction Plugin (like created properties and child traces, search requests
+and written data) are done using gRPC.
+
+### Finishing an extraction
+
+At the end of an extraction, Hansken will stop all associated plugins.

0.6.3/_sources/dev/concepts/data_transformations.md.txt

@@ -0,0 +1,24 @@
+# Data Transformations
+
+Extraction Plugins can create new :ref:`data-streams <datastreams>` on a Trace through data transformations. Data
+transformations describe how data can be obtained from a source. Data transformations are preferred over storing blobs
+because they take less space. This is because they only describe the data instead of specifying the actual data.
+
+The following figure shows how Hansken visualizes data transformations:
+![datatransformations.png](datatransformations.png)
+Note that transformations can be applied on transformations. The SDK only supports range transformations at the moment,
+while this image also shows some transformations that are currently available in Hansken but not in the SDK.
+
+An example case is an extraction plugin that processes an archive file. The plugin creates a child trace per entry in
+the archive file. Each child trace will have a data stream that is a transformation that marks the start and length of
+the entry in the original archive data. By just describing the data instead of specifying the actual data, a lot of
+space is saved.
+
+Although Hansken supports various transformations, the Extraction Plugins SDK for now only supports ranged data
+transformations. Ranged data transformations define data as a list of ranges, each range with an offset and length in a
+bytearray.
+
+## See also
+
+* [Data Transformations in Java](../java/snippets.md#Data Transformations)
+* [Data Transformations in Python](../python/snippets.md#Data Transformations)

0.6.3/_sources/dev/concepts/extraction_plugins.md.txt

@@ -0,0 +1,60 @@
+# Hansken Extraction Plugins
+
+Hansken Extraction Plugins enable Hansken users to add their own extraction tools to Hansken.
+
+To use an Extraction Plugin in Hansken, the following steps have to be done:
+
+1. Build the plugin
+2. Upload the plugin to Hansken
+3. Refresh the Hansken tools list
+4. Start an extraction with the plugin enabled
+
+## Building a plugin
+
+Hansken Extraction Plugins can be built in Java or Python by implementing an interface. Which interface you choose
+depends on the type of plugin you choose to make, see [Plugin Types](plugin_types.md). For more information on coding
+your own plugin, see the [Extraction Plugin Examples](https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples).
+
+The plugin can then be tested using the [Test Framework](test_framework.md). This way you make sure everything works as
+expected before taking further steps.
+
+## Package the plugin
+
+To upload a plugin into Hansken, a docker image for this plugin must be uploaded to the docker registry. First, the
+plugin container image must be packaged.
+A plugin is packaged into an OCI image (also known as Docker image).
+
+* [Package a docker image for a Python plugin](../python/packaging.md)
+* [Package a docker image for a Java plugin](../java/packaging.md)
+
+
+.. _upload_plugin:
+
+## Upload the plugin to Hansken
+
+Hansken finds the plugins by scanning a docker registry. It will try to load all docker images with a certain prefix as
+Extraction Plugins. The settings for this are defined in Hansken properties:
+
+* `registry.extraction.plugins.registry.uri` defines the registry
+* `registry.extraction.plugins.registry.prefix` defines the prefix plugins must have
+
+When the image is packaged locally, it needs to be pushed (uploaded) to the docker registry. These commands provide an 
+outline of how to do this:
+
+* `docker login <docker-registry>` (make sure you are logged in to the registry)
+* `docker push <docker-registry><prefix><pluginname>` (push the plugin docker image to the registry)
+
+.. note:: For more information about uploading plugins and running them in Hansken, see the 'Using extraction plugins in
+   Hansken' chapter of the *Hansken User Guide*.
+
+## Refresh the Hansken tools list
+
+Hansken checks which plugins are available at startup. The list of available plugins can also be refreshed by calling
+the following endpoint: `<hansken-domain>/gatekeeper/tools?refresh=true`
+
+This can be invoked via an internet browser.
+
+## Start an extraction with the plugin enabled
+
+If everything went well, the list of available tools in Hansken should now feature your plugin. To run the plugin in an
+extraction, be sure to select its checkbox in the extraction tools dialog.

0.6.3/_sources/dev/concepts/hql_lite.md.txt

@@ -0,0 +1,359 @@
+# HQL-Lite
+
+## Overview
+
+HQL-Lite is a query language derived from Hanskens full HQL human. HQL stands for Hansken Query Language and can be
+used to search or match traces. Since not all elements of full HQL can be used in the context of an extraction,
+extraction plugins use HQL-Lite, a lightweight version of HQL. This document describes the usage of HQL-Lite in the
+context of extraction plugins.
+
+## How does Hansken work?
+
+- Let's say we have a Hansken image `hansken_image1` with 10 pdf files, and 5 jpegs.
+- And our Hansken contains 2 tools:
+  - PdfPlugin
+  - JpegTool
+
+.. note:: All plugins are Hansken tools, but not all Hansken tools are plugins. Some tools are included in Hansken core.
+
+Let's look at a (simplified) pseudocode example of the inner workings of Hansken:
+
+```python
+    for each trace in new_traces {
+        for each datastream in trace {
+            for each tool in hansken_tools {
+                if tool.can_this_tool_process_the_provided_trace(trace, datastream) { 
+                    tool.process_the_trace(trace, datastream) 
+                }
+            }
+        }
+    }
+```
+
+So in this example we know the following:
+
+- `new_traces` has
+  - 10 pdf files
+  - 5 jpeg files
+- `hansken_tools` contains:
+  - PdfPlugin
+  - JpegTool
+
+So the question here is, how do we prevent that traces are not processed by incompatible tools?
+
+The answer is the `tool.can_this_tool_process_the_provided_trace()` part of the pseudocode.
+
+### What does `can_this_tool_process_the_provided_trace()` do?
+
+Hansken actually contains many more tools/plugins than these 2, and instead of 15 files/traces, we usually deal with
+millions.
+
+.. note:: If each trace has 1 extra second of overhead, 1 million traces would take 11.5 days of extra CPU time
+
+#### Matchers to the rescue
+
+To reduce the unnecessary overhead of processing all traces (even the ones the tool cannot actually process), Hansken
+implements the concept of a `matcher` for each tool. This _matcher_ basically checks the _trace_ for _"matching
+conditions"_, that would allow the tool to process it.
+
+Sometimes these _matching conditions_ can be as simple as a specific `filename` or `extension`, but are often more
+elaborate in the sense that they check multiple factors that require some intimate knowledge of Hansken.
+
+## What is HQL-Lite?
+
+HQL-Lite is a language based on HQL (Hansken Query Language) that allows plugin developers to write _matchers_ for
+Hansken Extraction Plugins. It could be said that HQL-Lite contains a subset of HQL features, plus some HQL-Lite unique
+features that are only interesting for _matchers_.
+
+.. note::
+  Please note that even though the HQL-Lite query is part of the plugin, it is compiled and stored in Hansken during
+  startup to achieve performance.
+
+### Why not just use HQL for plugins?
+
+HQL was designed to search for traces stored in the Elasticsearch database. As such, some of its features are tightly
+coupled to the Elasticsearch implementation, making it difficult to re-implement them for plugins.
+
+Also, even though HQL is more complex than the requirements for _matching_ in plugins, a couple of minor features that
+are absolutely necessary for _matching_ are not implemented in HQL, as they don't make much sense from a search point of
+view. This is because HQL was designed to be used with _finished extractions_ with all the traces stored in the
+database, while HQL-Lite was designed for _active extractions_.
+
+### HQL-Lite syntax
+
+| Matcher  | Syntax                 | remarks                                                                                                |
+|----------|------------------------|--------------------------------------------------------------------------------------------------------|
+| All      | `""`                   | an empty string translates to match for __all__ traces                                                 |
+| And      | `foo:1 AND bar:2`      | the case-sensitive `AND` operator behaves like a logical AND of 2 conditions                           |
+| Not      | `NOT foo` or `-foo`    | the case-sensitive `NOT` or `-` negates the expression that follows                                    |
+| Range    | `foo>1` or `1<=foo<10` | a numbered-range check with a min or/and max range(s)                                                  |
+| Or       | `foo:1 OR bar:2`       | the case-sensitive `OR` operator behaves like a logical OR of 2 conditions                             |
+| Data     | `$data.foo:1`          | see `$data` section below                                                                              |
+| DataType | `$data.type:raw`       | this query matches against the type of the current datastream                                          |
+| Types    | `type:email`           | this query checks if the trace contains a certain trace type as defined in the Hansken trace model     |
+
+There are also a couple of general guidelines that apply to all matchers:
+
+- Equals/not equals:
+  - `:` or `=` : The most basic of left equals right statements. note that `=` is also valid.
+  - `!=` : The opposite of equals, not equals. Note that `!:` is __NOT__ supported.
+- Wildcards:
+  - `?`: Match against any single character. E.g. `foo:r?w` will match against `raw, row` but not against `rowing`.
+  - `*`: Match against any chars. E.g. `foo:r*` will match against `r, ra, raw, raaaaaw` but not against `aw`.
+- Exact match: By surrounding a value with quotes, we tell the parser that it is a single value. This is especially
+  helpful for values that might contain separators. E.g. `foo:'hello hql-lite'`.
+- CSV: Currently only the `type` query supports multiple values to check against. E.g. `type:email,chatMessage` will only
+  return `true` if both types exist for this trace.
+- `()` grouping: You can group statements by putting brackets around them. E.g. `foo:1 AND (bar:2 OR bla:3)` which
+  translates to `foo:1` plus one of the statements in the brackets.
+- Escaping `\"\\ .\t\r\n:=><!()~/,[]{}`: Some characters are used internally by HQL-Lite, and need to be escaped if they
+  are used in the value side of the key-value pair. These values can be escaped by adding prepending `\\` to the
+  character(s). Example: `foo:/bar` should be `foo:\\/bar`, `foo:foo bar` should be `foo:foo\\ bar`, `foo.bar:foo\\.bar`
+  ...etc.
+
+#### $data matchers
+
+In Hansken, a trace can have multiple :ref:`datastreams <datastreams>`. The exact content of said datastreams is
+discussed elsewhere, but the basic idea is that a trace can have multiple representations. For example, a trace might
+have a `raw` datastream, but after we identify that the raw bytes contain a __text__ file, we might add a separate
+datastream `text`.
+
+.. note::
+  The `process()` method of each plugin is called for each datastream of each trace. This is explained
+  in [How does Hansken work?](#how-does-hansken-work). Subsequently, you might have the same property for a
+  different datastream. For example: you might have a `data.raw.size` and a `data.text.size` property. The reason you
+  might have the same property multiple times, is because it could have a different meaning.
+
+For example:
+
+- data.raw.size: is the size in bytes
+- data.text.size: is the number of bytes in the text representation of the raw stream
+
+If we want to check if either of these properties is not empty by using a `$data` matcher, we do:
+
+```text
+  $data.size>0
+```
+
+##### When is it useful to use a $data matcher?
+
+For example, there is a simple plugin called `LetterCountPlugin`, that counts the letters in text based datastreams.
+
+So to match on these text based datastreams, we have 2 choices:
+
+- List all the possibilities
+  - Which is too tedious, and not very flexible when new types are supported
+- Match on a common property
+  - More compact, but sometimes difficult to find a common property
+
+In this case we might match on mimeType, which we know is `text/plain` or `text/x-log` for 2 of types we want to match:
+
+```text
+  $data.mimeType=text\\/*
+```
+
+This will match the following:
+
+- `data.text.mimeType=text\\/plain`
+- `data.text.mimeType=text\\/not\\ plain`
+- `data.pdf.mimeType=text\\/encoded`
+- `data.foo.mimeType=text\\/bar`
+
+But will __not__ match any of the following:
+
+- `data.text.mimeType=txt`
+- `data.text.mimeType=pdf`
+- `data.text.mime=text\\/plain`
+- `data.foo.bar=text\\/plain`
+
+## How to write a matcher?
+
+The functional requirements for writing a matcher can be summarized in the following:
+
+1. What does my plugin expect as input?
+2. How can I describe that input with the information Hansken provides?
+
+### PdfPlugin example
+
+Let's say we just finished writing a `PdfPlugin`. This is a simple plugin that checks if pdf files contain the
+word `the`.
+
+So let's go over our checklist:
+
+#### _What does my plugin expect as input?_
+
+PDF files.
+
+#### _How can I describe that input with the information Hansken provides?_
+
+Hansken consumes and produces :ref:`Traces <traces>`. To that effect, we can only match on trace properties that are
+available in Hansken.
+
+##### Match on extension
+
+The easiest way would be to only allow traces with the `.pdf` extension. Looking at the :ref:`Hansken trace model` (or a
+Hansken extraction), we can see that there's a property `file`
+which contains a property `extension`.
+
+So what would that look like in HQL-lite? Something like
+
+```text
+  file.extension=pdf
+```
+
+.. warning:: This of course __only__ works if the file has the correct extension (note that matchers are case-sensitive).
+
+So what do we do, if we also want to match pdf files that are (un)intentionally misnamed?
+
+##### Match on mime-type
+
+Looking at Wikipedia, we see that `pdf` has a couple of mime-types. In return looking at our extraction and the
+trace-model, we see both at `data.raw.mimeType`, with a further explanation in the :ref:`Hansken trace model` that
+the `raw` portion of the property is the __data type__ of the datastream.
+
+If we don't know which datastream has the `mimeType` property beforehand, we could use the broad-scoped `$data.` matcher
+to look at every datastream.
+
+So our matcher becomes:
+
+```text
+  file.extension=pdf OR
+  (
+    $data.mimeType=application\\/pdf OR
+    $data.mimeType=application\\/x-pdf
+  )
+```
+
+##### Match on data size
+
+Some pdf files can be huge, meaning that parsing them will need a lot of resources. Could we add a data size check to
+the matcher? According to the :ref:`Hansken trace model` `data` has a property `size` (similar to `mimeType`) that we
+could use for this.
+
+.. note:: This is also a good way to check if a file is empty or not.
+
+Let's say our cutoff limit is 1 MB, meaning our matcher becomes:
+
+```text
+  0 < $data.size < 1000000 AND
+  (
+    file.extension=pdf OR
+    (
+      $data.mimeType=application\\/pdf OR
+      $data.mimeType=application\\/x-pdf
+    )
+  )
+```
+
+##### Match if 'property is set'
+
+It is not uncommon to have some overlap between tools/plugins. For example:
+
+- PdfPlugin: a plugin that only supports pdf documents
+- DocumentPlugin: this plugin supports a lot of document types, including `pdf`.
+
+So how would we prevent our plugin from processing a trace that has already been processed by the `DocumentPlugin`?
+
+The easiest solution would be to check if a certain property has already been set. Meaning, that if both plugins set
+the `foo.bar` property, we check if said property has already been set.
+
+So we __only__ process the trace if `foo.bar` is __empty__, meaning our matcher becomes:
+
+```text
+  foo.bar!=* AND
+  0 < $data.size < 1000000 AND
+  (
+    file.extension=pdf OR
+    (
+      $data.mimeType=application\\/pdf OR
+      $data.mimeType=application\\/x-pdf
+    )
+  )
+```
+
+##### Match on excluding a certain path
+
+It is also not uncommon to exclude certain paths from your plugin. These paths might contain invalid or encrypted files,
+for example.
+
+So let's say we want to exclude all files under in the `/tmp/virus` path. How do we go about it?
+
+Again, we check our extraction/:ref:`Hansken trace model`, and we see that `file.path` looks promising.
+
+So excluding `/tmp/virus` would look something like:
+
+```text
+  -file.path=/tmp/virus* AND
+  foo.bar!=* AND
+  0 < $data.size < 1000000 AND
+  (
+    file.extension=pdf OR
+    (
+      $data.mimeType=application\\/pdf OR
+      $data.mimeType=application\\/x-pdf
+    )
+  )
+```
+
+.. _hql datastreams:
+
+##### Match on specific datastream type, an anti-pattern
+
+.. warning:: Matching on specific datastream types is an anti-pattern! It is not recommended to match on a datastream 
+   type. Instead one should match on other datastream properties, such as `fileType`, `mimeType` or `mimeClass`. 
+   The reason for this is explained in the paragraph below.
+
+Using a matcher that is too loose or too tight can yield unexpected results. Usually one will match on properties
+of a datastream like `fileType`, `mimeType` or `mimeClass` as these are reliable properties that have been added by 
+Hansken tools. Matching on a specific datastream says nothing about the type of file. For example a PDF file may be 
+available in a `raw` as well as in a `decrypted` datastream. By matching on the datastream type one may exclude traces 
+that were not intended to be excluded. 
+Contrarily, note that matching on a datastream type may include *more* traces than you expected as well. For example, 
+someone may think "Plugin A puts data on the `plain` datastream, so I'll match on the `plain` datastream with Plugin B", 
+forgetting that `plain` may be used by other tools as well. In other words, there may be traces with that datastream 
+type that you did not know of, potentially crashing your plugin. See :ref:`datastreams` for more information.
+
+Now that you know why it is an anti-pattern, lets explain how it would be done (for those edge cases where it's needed): 
+Lets say we want our `PdfPlugin` to __ONLY__ process `raw` datastreams. 
+The best way to do this would be to match
+on `$data.type:raw`. Note that `$data.type` matches against the type of the current datastream, so in this case it
+matches only when the current datastream is of type `raw`.
+
+An __incorrect__ way to do it would be to replace `$data.` matcher(s) with `data.raw.`. This means the matcher
+will match whenever a trace has this datastream type, even if the current datastream type is different.
+Remember that the `process` method of an extraction plugin is always called once for each datastream on each trace.
+For example, lets say a trace has two datastreams, `raw` and `text`. The matcher would match for both the datastreams
+because the trace has a `raw` datastream (even though the current datastream type may be `text`). This results in the 
+`process` method being called twice (for `raw` and for `text`), which may lead to other bugs if the developer doesn't
+know this. For example, the second time the plugin may be trying to overwrite data on a trace which is prohibited. 
+
+So, using `$data.type`, our matcher would look like:
+
+```text
+  $data.type:raw AND
+  -file.path=/tmp/virus* AND
+  foo.bar!=* AND
+  0 < $data.size < 1000000 AND
+  (
+    file.extension=pdf OR
+    (
+      $data.mimeType=application\\/pdf OR
+      $data.mimeType=application\\/x-pdf
+    )
+  )
+```
+
+## How precise should a matcher be?
+
+In practice, only you as the plugin dev can answer this question.
+
+Know that from the point of view of Hansken, we only care that the plugin:
+
+- __Should not crash__: If a matcher does not compile, then your plugin will not be available in Hansken. Tip: be sure
+  to test your plugin with the :ref:`test framework <test_framework>`.
+- __Should not be slow__: Matching is designed to be extremely fast, but of course, if you make it too complex it can
+  take longer than we want. In the example above, we calculated that 1 second extra for 1 million traces is 11 days of
+  extra CPU time. Unlike processing, matching is done for __every trace__, in every extraction iteration, so be careful!
+- __Should match on the bare minimum__: Don't go too far by matching 50 different criteria before allowing a trace to be
+  processed. Note that a lot of (if not all) of these criteria depend on properties set by other tools, and you don't
+  really have any control on how these tools work.

0.6.3/_sources/dev/concepts/isolation.md.txt

@@ -0,0 +1,28 @@
+# Plugin isolation
+
+Extraction plugins allows arbitrary code to be executed during a Hansken extraction. This code is executed inside the
+Hansken cluster. Extraction plugins are subjected
+to [Hanskens design principles](https://www.sciencedirect.com/science/article/pii/S1742287615000857?via%3Dihub)
+such as security, privacy and transparency. To ensure that plugins are compliant to these principles, each plugin will
+be executed in isolation. This page describes the isolation measures that are in place.
+
+## User isolation
+
+The following user restrictions are implied on the plugin:
+
+* The plugin can not run as `root`.
+* Instead, the plugin will run as user `1000`
+* and with group `2000`
+* and with fsgroup `3000`
+
+## System calls
+
+Plugins are only allowed to call a limited set of (Linux) system calls. This ensures that a plugin can be executed in a
+secure manner within the Hansken platform.
+
+Hansken uses Kubernetes to run extraction plugins. The Kubernetes `RuntimeDefault` secure computing mode (`seccomp`) is
+enabled to provide a sane default of available system calls.
+
+## Network isolation
+
+Plugins are not allowed to communicate over the network.

0.6.3/_sources/dev/concepts/kubernetes_autoscaling.md.txt

@@ -0,0 +1,27 @@
+# Kubernetes, Autoscaling, Resourcemanagement
+
+Extraction Plugins can be run in a Kubernetes cluster. This can be the same cluster Hansken run on, or another external
+cluster. For each plugin, a *pod* is created by Hansken. Each plugin will have 12 threads by default to process traces
+separately within one pod.
+
+## Autoscaling
+
+Hansken will create a Horizontal Pod Autoscaler (*HPA*) for each pod. HPA's manage the number of replica's of a pod
+based on metrics. The Extraction Plugins SDK provides two metrics to be set in the PluginInfo:
+
+* Observed CPU utilization
+* Observed memory usage
+
+For more info on how to set these metrics follow these links:
+
+* [Specifying system resources (Java)](../java/snippets.md#Specifying system resources)
+* [Specifying system resources (Python)](../python/snippets.md#Specifying system resources)
+
+If a pod reaches the CPU or memory usage provided with the PluginInfo, the HPA will increase the number of replicas for
+that plugin. Scaling down is done automatically. The maximum number of replicas per pod is specified within Hansken
+properties and can be adapted by an operator (needs restart).
+
+## Finding the right settings
+
+This depends on the kubernetes cluster settings, the nodes it runs on, and of course the plugin itself. Monitor the
+number of replica's and resource metrics while an extraction is running and adapt accordingly.

0.6.3/_sources/dev/concepts/plugin_naming_convention.md.txt

@@ -0,0 +1,44 @@
+# Plugin naming convention
+
+## Plugin identifier
+
+Each extraction plugin has a unique identifier. The identifier consists of three fields. These three fields combined
+form the plugin name.
+
+The three fields of a plugin identifier are: *domain*, *category*, and *name*. The fields are described in more detail
+below.
+
+**domain**
+The domain name of the organisation where the plugin is created. If an organisation has multiple domain names, the
+shortest name is preferred over the longer domain names. Examples: `nfi.nl`, `politie.nl`, `fiod.nl`, `hansken.org`.
+
+**category**
+A type of action that the plugin performs. The category is a free text field, but the following table gives some
+recommendations.
+
+| Category     | Description                                                                                                                                     |
+|--------------|-------------------------------------------------------------------------------------------------------------------------------------------------|
+| ``extract``  | The plugin parses a clear data structure                                                                                                        |
+| ``carve``    | The plugin parses data fragments to reassemble traces in the absence of filesystem metadata                                                     |
+| ``classify`` | The plugin categorizes a plugin based on its content, e.g. detecting money on traces of type `picture`                                          |
+| ``digest``   | The plugin digests data to compute a hash                                                                                                       |
+| ``ocr``      | The plugin applies ocr (optical character recognition) to read text on `pictures` or scanned documents                                          |
+| ``match``    | The plugin matches a trace against a database, and reports whether there was hit or miss, e.g. matching a trace to a well known files database  |
+
+**name**
+The name of the plugin, or in the classic sense, a description detailing what the plugin processes. Note that the name
+can contain (forward) slashes.
+
+## Examples
+
+The following table shows a list of plugin identifiers. The last column of the table shows the derived full plugin name.
+The derived full plugin name will be shown in Hansken.
+
+| Domain          | Category     | Name            | Derived plugin name                | Explanation                                                                                                     |
+|-----------------|--------------|-----------------|------------------------------------|-------------------------------------------------------------------------------------------------------------|
+| ``hansken.org`` | ``extract``  | ``archive``     | ``hansken.org/extract/archive``    | A plugin created by the Hansken development team that extracts traces from an arbitrary ``archive`` format  |
+| ``nfi.nl``      | ``extract``  | ``archive/zip`` | ``nfi.nl/extract/archive/zip``     | A plugin created by an NFI team that extracts traces from a specific ``archive`` format: ``zip``            |
+| ``politie.nl``  | ``extract``  | ``archive/zip`` | ``politie.nl/extract/archive/zip`` | The same as the previous example, but now the plugin is created by a different organisation: ``politie.nl`` |
+| ``hansken.org`` | ``carve``    | ``archive/zip`` | ``hansken.org/carve/archive/zip``  | A plugin that carves data to detect a specific ``archive`` format: ``zip``                                  |
+| ``hansken.org`` | ``digest``   | ``sha256``      | ``hansken.org/digest/sha256``      | A plugin that digests data to compute a ``sha256`` hash                                                     |
+| ``hansken.org`` | ``ocr``      | ``tesseract``   | ``hansken.org/ocr/tesseract``      | A plugin that performs ocr using ``tesseract``                                                              |

0.6.3/_sources/dev/concepts/plugin_types.md.txt

@@ -0,0 +1,59 @@
+# Extraction plugin types
+
+Currently three types of Hansken Extraction Plugins are supported:
+
+* Standard Extraction Plugins
+* Meta Extraction Plugins
+* Deferred Extraction Plugins
+
+## Standard Extraction Plugins
+
+Standard Extraction Plugins provide enough functionality for most cases. This includes:
+
+* Processing traces
+* Creating child-traces
+* Reading trace properties
+* Adding trace properties
+* Reading data
+* Writing data
+* Writing [data transformations](data_transformations.md)
+
+## Meta Extraction Plugins
+
+Meta Extraction Plugins can only process and produce trace properties without the need  (or possibility) for processing
+actual trace data. This includes:
+
+* Processing traces
+* Creating child-traces
+* Reading trace properties
+* Adding trace properties
+
+.. _deferred extraction plugins:
+
+## Deferred Extraction Plugins
+
+These plugins have two additional features that are not included with Standard Extraction Plugins:
+
+* a developer can choose to *defer* their execution
+* information about other traces can be obtained while processing the current extraction trace. Code examples can be
+  found here: :ref:`Java <java_snippets_deferred>`, :ref:`Python <python_snippets_deferred>`.
+
+*Deferring execution*
+A single Hansken image extraction consists of multiple *iterations*. Within every *iteration*, every Hansken tool and
+plugin is executed on matching traces, which produces new traces or modifies existing traces. If a tool can be executed
+another time because of these additions or modifications, another iteration is started.
+
+A regular plugin is executed in the same iteration a trace is matched. Deferred plugins are executed in a different
+iteration; they are always deferred for at least one iteration. This is very useful when searching for traces, because
+you are certain the deferred plugin is executed after all other tools performed their modifications.
+
+Sometimes, executing your plugin in the next iteration is not enough; it needs to be executed in a different iteration.
+This is why the SDK allows setting a *deferredIterations* parameter in the plugin info. After the plugin matches with a
+trace, it will be executed after *deferredIterations*. The execution can currently be deferred by a maximum of **20**
+iterations and the default is **1**.
+
+*Searching for traces*
+This type of plugin can perform a search to look for saved traces in the current **project**. This search is performed
+using a provided **HQL** query. A maximum of **50** traces is returned for a given search request.
+
+.. warning:: Please note that HQL-Lite specific syntax such as the `Data` or `DataType` matchers is **NOT** supported.

0.6.3/_sources/dev/concepts/test_framework.md.txt

@@ -0,0 +1,276 @@
+# Test framework
+
+.. _test_framework:
+
+The SDK provides the _FLITS Test Framework_ for integration testing. This allows us to test/validate the plugin input
+and output without having a running Hansken instance.
+
+To use the test framework, three components are required:
+
+1. A running server instance of an extraction plugin. See section :ref:`How to test your plugin <howtotestyourplugin>`.
+2. Input test data
+3. Results (expected output)
+
+## Creating test data
+
+The test data is independent of which programming language is used for the plugin (Java or Python). This section
+describes the setup of the test data, while the sections thereafter will link to the language specific documentation.
+
+.. _basictestdata:
+
+### Basic test data directory structure
+
+Example test data directory structure with an `inputs` and `results` directory:
+
+```text
+tests/
+├── inputs
+│   ├── example1.raw
+│   ├── example1.text
+│   ├── example1.trace
+│   ├── example2.raw
+│   └── example2.trace
+└── results
+    ├── example1.raw.PluginName.trace
+    ├── example1.text.PluginName.trace
+    └── example2.raw.PluginName.trace
+ ```
+
+The `inputs` folder contains all traces that will be processed during the test. These 'input traces' are defined in
+files with the '.trace' extension, using JSON. This JSON structure is explained in section
+:ref:`Trace format<traceformat>`. Each trace may have various :ref:`data-streams<datastreams>`. The data for each trace
+is put into separate files for each data-stream. The data-stream files need to have the same name as their corresponding
+trace file but differ in extension. They can have any extension, for example 'raw', 'text' or 'jpeg'. __Note that one
+input trace will always have one '.trace' file, and can have none, one or many data files.__ Also note that if the
+plugin doesn't match on any of the input files and there are no result files yet, the test will succeed.
+
+.. note:: The test-framework uses the extension of the input test file(s) _(other than __.trace__)_ as type of the
+    current data-stream.
+
+The expected results (which are also traces) are stored in a separate `results` folder next to the `inputs` folder. The
+file names in the `results` folder correspond to the file names in the `inputs` folder. Note that the name of the plugin
+is added between the file basename and the file extension. This can be useful if one maintains a single test input and
+output test datasets for multiple extraction plugins.
+
+.. note:: It is possible to let the test framework regenerate the results files automatically. See the
+   :ref:`Java<java testing>` and :ref:`Python<python testing>` sections on testing on how to do this. If no files are
+   being generated, check if the plugin matcher is actually matching the input files.
+
+The test runner will invoke the extraction plugin for each input trace. The test runner collects the plugin output and
+compares it against the trace defined in the `results` folder. If there is a mismatch, the test runner will fail with an
+exit code 1. If all tests pass the test runner will finish with exit code 0.
+
+Given the files in the example above, the test runner will invoke the extraction plugin three times:
+
+| Input                                                        | Result                                         |
+|--------------------------------------------------------------|------------------------------------------------|
+| `example1.trace` with data `stream example1.raw`             | `example1.raw.PluginName.trace`                |
+| `example1.trace` with data `stream example1.text`            | `example1.text.PluginName.trace`               |
+| `example2.trace` with data `stream example2.text`            | `example2.raw.PluginName.trace`                |
+
+### Test data structure for deferred extraction plugins
+
+:ref:`Deferred extration plugins <deferred extraction plugins>` have the unique ability to search traces with a query.
+The `input` test data should be extended to contain the results of searches done by deferred extraction plugins. These
+_search traces_ are stored in separate folders that follow the naming format '{deferred trace name}/searchtraces/'. Below
+is an example test data directory structure for a deferred extraction plugin that searches for
+a `deferredExampleSearch.trace`:
+
+```text
+tests/
+├── inputs
+│   ├── deferredExample.trace
+│   ├── deferredExample.raw
+│   ├── deferredExample/
+│   │   ├── searchtraces/
+│   │   │   ├── deferredExampleSearch.trace
+└── results
+    └── deferredExample.raw.DeferredPluginName.trace
+```
+
+.. warning:: The plugin will try to match on all traces in the input folder, including traces used for search results (
+   of deferred extraction plugins). This means that it is impossible to search on traces that match the same deferred
+   extraction plugin, as it would create an infinite loop.
+
+Given the files in the example above, the test runner will invoke the extraction plugin one time:
+
+| Input                                                          | Result                                         |
+|----------------------------------------------------------------|------------------------------------------------|
+| `deferredExample.trace` with data stream `deferredExample.raw` | `deferredExample.raw.DeferredPluginName.trace` |
+
+.. warning:: The search query should be written in HQL, as that is how Hansken will interpret it. However, the test
+   framework interprets the query using its HQL-lite interpreter. Therefore, not all queries will be supported.
+
+.. _traceformat:
+
+### Trace format
+
+Input and result traces both stored in a JSON structure. There is however a slight difference between the two: The
+result trace may store additional values that are purely there for testing purposes. The input format will first be
+discussed, followed by the result format.
+
+#### Input trace JSON format
+
+Input traces start with a `trace` key, which contains a mapping of properties. The property names are split in a
+dictionary structure. The example below shows a serialized trace with six properties: `data.raw.mimeClass` and the five
+data types that are currently supported by the test-framework.
+
+The `data` key defines the :ref:`data-streams <datastreams>` of the trace. When adding a data-stream make sure you also
+add the corresponding input data file, as described :ref:`above<basictestdata>`.
+
+```json
+{
+  "trace": {
+    "data": {
+      "raw": {
+        "mimeClass": "text"
+      }
+    },
+    "supported data types": {
+      "Boolean": true,
+      "Integer": 1,
+      "Double": 0.1,
+      "String": "a string",
+      "StringList": [
+        "a",
+        "b",
+        "c",
+        "d"
+      ]
+    }
+  }
+}
+```
+
+.. warning:: The extraction plugin SDK and the test framework have no knowledge of the
+   :ref:`trace model <Trace model and the extraction plugin SDK>`. This means that when properties are used that don't
+   comply with the trace model, this will not cause the test to fail, but it will fail when running your plugin in Hansken.
+
+#### Result trace JSON format
+
+The result traces have the same format as the input traces, namely a `trace` key which contains the full input trace
+with all its properties. However, the result traces may have two additional keys `children` and `data` (which are
+explained in-depth below). These are added for testing purposes. If the plugin adds :ref:`child traces <child traces>`
+or writes [data transformations](data_transformations.md) to Hansken, this would normally not reflect on the JSON of the
+trace. However, the test framework adds these to the result JSON structure to be able to test them.
+
+Consequently, result traces are stored in a JSON structure that may consist of up to three parts, namely the always
+present `trace` and the occasional `children` and `data`:
+
+* `trace`: The key `trace` contains a mapping of its properties, in exactly the same way as is done for input traces.
+* `children`: :ref:`Child traces <child traces>` that have been created by the plugin during the test are stored under a
+  reserved field `children`, which is a list of traces. The example trace below contains a child trace with a property
+  `name`.
+* `data`: [Data transformations](data_transformations.md) that have been created by the plugin during the test are
+  stored under a reserved field `data`. For each data-stream type there is a `descriptor` field describing the data
+  transformation in a JSON format. The example trace has a ranged data transformation for the raw data-stream. Note that
+  this `data` is entirely different from the `data` key that may be present _inside_ the `trace`!
+
+```json
+{
+  "trace": {
+    "data": {
+      "raw": {
+        "mimeClass": "text"
+      }
+    },
+    "supported data types": {
+      "Boolean": true,
+      "Integer": 1,
+      "Double": 0.1,
+      "String": "a string",
+      "List": [
+        "a",
+        "b",
+        "c",
+        "d"
+      ]
+    }
+  },
+  "children": [
+    {
+      "trace": {
+        "name": "child trace 1"
+      }
+    }
+  ],
+  "data": {
+    "raw": {
+      "descriptor": "[{\"ranges\":[{\"length\":79,\"offset\":0}]}]"
+    }
+  }
+}
+```
+
+### Testing exceptions
+
+Some scenarios may throw exceptions and this can be part of your tests too. For example, an input file that has the
+wrong format can be part of your integration tests. When an exception occurs during the test, it will be written to the
+result file. This can be deliberately used to test exceptions. However, it is often impractical to match against a full
+exception. For example, the row numbers in the exception are very much prone to change due to circumstances irrelevant
+to the case being tested. Therefore, the testframework provides some options to match only on those parts of result
+files that are relevant to the test.  
+
+The following sections will explain these partial result matchers using the following example exception:
+
+```json
+{
+  "class": "org.hansken.plugin.extraction.runtime.grpc.client.ExtractionPluginException",
+  "message": "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Mauris faucibus varius sodales."
+}
+```
+
+#### Leaving out the message
+
+It is possible to leave of the message of the exception, which will still result in a valid result:
+
+```json
+{
+  "class": "org.hansken.plugin.extraction.runtime.grpc.client.ExtractionPluginException"
+}
+```
+
+#### The `startsWith` partial result matcher
+
+The `startsWith` partial result matcher requires a string as a parameter. The result will be valid if the actual result
+starts with this string.
+
+```json
+{
+  "class": "org.hansken.plugin.extraction.runtime.grpc.client.ExtractionPluginException",
+  "message.startsWith": "Lorem ipsum dolor sit amet, "
+}
+```
+
+#### The `containsInOrder` partial result matcher
+
+The `containsInOrder` partial result matcher requires a list of strings as a parameter. The result will be valid if
+every string in the list can be found in that same order in the actual result.
+
+```json
+{
+  "class": "org.hansken.plugin.extraction.runtime.grpc.client.ExtractionPluginException",
+  "message.containsInOrder": [
+    "Lorem ipsum dolor sit amet,",
+    "consectetur adipiscing elit.",
+    "Mauris faucibus varius sodales."
+  ]
+}
+```
+
+.. _howtotestyourplugin:
+
+## How to test your plugin
+
+Running an integration test for an extraction plugin depends on the language in which the extraction plugin is built.
+
+### Java
+
+The Test Framework itself is built in Java. When building extraction plugins with Java, it can be incorporated in your
+unit tests, as shown in [Using the Test Framework in Java](../java/testing.md).
+
+### Python
+
+The Python SDK also uses the Java based Test Framework. This is done by providing a wrapper to make calls to an included
+Test Framework 'jar' file. See [Advanced use of the Test Framework in Python](../python/testing.md) for documentation
+and examples on how to use FLITS for testing your Python plugin.

0.6.3/_sources/dev/concepts/traces.md.txt

@@ -0,0 +1,213 @@
+# Traces & Trace model
+
+.. _traces:
+
+## Traces
+
+Traces are structured data objects produced by tools/plugins during an extraction. A trace represents a piece of
+information found in an evidence file.
+
+The following figure shows the main elements of a trace. Each element is described in more detail in the following
+paragraphs.
+
+![trace.svg](trace.svg)
+
+.. The following diagram is used to produce the trace.png file
+
+    @startuml
+    hide empty methods
+
+    Interface Trace << (T,#FF7700 >> {
+      {static} String id
+      {static} String name
+      {static} String[] path
+      ..
+      Map<Type, Properties> properties
+      ..
+      List<DataStream>
+      List<Trace> children
+    }
+
+    Interface DataStream  << (D,orchid>> {
+      {static} String type
+      {static} String length
+      {static} byte[] data
+      ..
+      String fileType
+      Properties properties
+    }
+
+    Trace *-- Trace : a trace could have child traces
+    Trace *-- DataStream : a trace could have data streams
+
+    @enduml
+
+### Types and Properties
+
+A trace has properties that describe the information of it by means of a property value. Trace properties are grouped by
+a trace type. A trace can have multiple types.
+
+All types and properties that can be set are defined in the :ref:`Hansken trace model`.
+
+An example of a type is `document`, which could have the properties `application` and `createdOn`. The trace will have a
+type `document`, and can the following properties with values:
+
+    document.application: Libre Office
+    document.createdOn: 2021-09-18 20:00:00
+
+### Intrinsic properties
+
+A trace has several *intrinsic* properties. These are properties that are not related to a trace type. The intrinsic
+properties available to extraction plugins are:
+
+* `id`: a unique identifier of the trace, generated when a trace is created
+* `name`: a name given to a trace when it is created
+* `path`: a logical path of the trace, of which the elements are the names of traces from the root trace until this
+  trace
+
+.. _datastreams:
+
+### Data streams
+
+Typically, a trace represents a piece of data found in an evidence file. This data is part of the trace and available as
+a data stream. A trace can have multiple data streams. Each data stream has a type. Data streams can also have
+properties that apply to the data stream itself. The data stream properties are modeled as properties of the trace, in
+the following pattern:
+`data.<datastreamtype>.propertyname` (where `<datastreamtype>` is substituted by the actual type of the data stream).
+
+The set of data stream types and data stream properties is fixed. All allowed types and properties are defined in the
+:ref:`Hansken trace model` (see `data`).
+
+An important data stream property is the `fileType` property. This property contains a textual description of the
+*detected* file type for the data stream. An example of a `fileType` is  'Adobe Pdf'. The `fileType` is a good candidate
+to use in a extraction plugin 'matcher'. This `fileType` is detected by Hansken using file type heuristics, which are
+primarily based on the data stream bytes itself, and secondarily on other metadata such as a file extension.
+(N.B. The `fileType` is detected in Hansken by the extraction tool `Firefli`.) For more information on how datastream 
+properties can be used for matching, see :ref:`here<hql datastreams>`.
+
+Note that not all traces have data streams. In these cases it is a trace of meta-data derived from another trace.
+
+Usually, each trace with data has a data stream of type `raw`. This data stream contains the bytes of the traces as they
+were found when the trace was created. In some occasions, the `raw` data can be represented in a different form before it
+can be processed further, for example if the data can be decoded or decrypted. Hansken tools and plugins can decode
+the `raw` data stream to a standard UTF-8 data stream, or can decrypt the data if a decryption key is present. Hansken
+tools and extraction plugins can store the new data at the new trace in a new data stream. This new data stream has a
+different type than the `raw` type.
+
+Examples in code can be found here:
+
+* Adding a Datastream :ref:`Java <datastreams java>`
+* Adding a Datastream :ref:`Python <datastreams python>`
+
+.. TODO: Add a link to matcher in the paragraph above
+
+.. _child traces:
+
+### Child traces
+
+A trace can have child traces. For example, a trace of type `archive` can have children, where each child is a trace
+that represents an entry in the archive.
+
+With an extraction plugin it is possible to create child traces for a trace that is being processed. New properties,
+data streams, and other child traces can be set on the new child traces. When a child trace is created, the plugin
+should provide a `name` for the child trace. The `id` of the child trace is generated, in the following
+form: `parenttraceid-childnumber`. For example, if the parent has an id `0-0-0-0-0:0-9`, the first child gets the
+id `0-0-0-0-0:0-9-1`, the second child gets the id `0-0-0-0-0:0-9-2`, and so on.
+
+Note that a trace does not have (direct) access to its parent trace.
+
+### Trace property types
+
+The SDK supports the following property types for traces:
+
+|             | Java                  | Python                |
+|-------------|-----------------------|-----------------------|
+| binary      | `byte[]`              | `bytes` / `bytearray` |
+| boolean     | `boolean`             | `bool`                |
+| integer     | `int` / `long`        | `int`                 |
+| real        | `float` / `double`    | `float`               |
+| string      | `String`              | `str`                 |
+| date & time | `Date`                | `datetime`            |
+| list        | `List`                | `list` / `tuple`      |
+| mapping     | `Map`                 | `dict`                |
+| location    | `LatLong`             | `GeographicLocation`  |
+| vector      | `Vector`              | `Vector`              |
+| tracelet    | *see Tracelets below* | *see Tracelets below* |
+
+Both location and vector types are available from the SDK, Java package `org.hansken.plugin.extraction.api` or Python module `hansken.util`.
+
+.. _vector:
+
+#### Vector
+
+A vector is a data type that can be used to store points in n-dimensional space as an array of floating point values.
+Once indexed, the vectors can then be used in a gui or other client to search for traces that have a nearby vectors.
+For example, it is possible to use a neural network that provides embeddings of human faces as vectors. Once indexed,
+the vectors can then be used to find pictures with similar faces. To do this, the search rest api can be used to 
+sort by the euclidean- or manhattan distance, or cosine similarity to a given vector.
+
+.. _tracelets:
+
+#### Tracelets
+
+A Tracelet is a bundle of property values that belong to a single type. It is a property on a trace that can have
+multiple properties itself, making it a list of key/value pairs. The API doesn't specify the cardinality, but the
+implementation is limited to cardinality 'Few'. In Hansken these are called FVT's (Few Valued Types).
+
+.. note::  MVT's (Many Valued Types) are currently not supported in the SDK and will be added in a future release.
+
+An example of a tracelet is the `prediction` property, which describes a category or class a trace belongs to. It is
+possible for a trace to have multiple predictions. Therefore `prediction` is a tracelet. Other examples of
+tracelets are `identity` and `collection`.
+
+Examples in code can be found here:
+
+* Adding tracelets in :ref:`Java <tracelets java>`
+* Adding tracelets in :ref:`Python <tracelets python>`
+
+.. _Hansken trace model:
+
+## Hansken trace model
+
+All traces in Hansken are based on a specific version of the trace model, and must comply to that version of the trace
+model. This is a nested data structure composed of origins, categories, types and properties.
+
+All non-inrinsic trace properties are optional and are grouped by **type**. These types are defined under the trace
+model section 'categories'. Every **category** has a list of allowed types. When a trace is identified as being a
+document, it will get this set of predefined document properties. Trace types can have different **origins**. The
+possible origins are defined in the trace model section 'origins'. An example of this is the processed types that are
+always generated by the system during an extraction.
+
+The details of the current trace model can be retrieved using the `/tracemodel`
+REST call on the Gatekeeper endpoint of Hansken, or check the Hansken Documentation on the trace model.
+
+.. TODO: nice screenshot on how to find the trace model in Hansken?
+
+.. _Trace model and the extraction plugin SDK:
+
+### Trace model and the extraction plugin SDK
+
+.. warning:: The extraction plugin SDK has no knowledge of the trace model
+
+The Extraction Plugins SDK has no knowledge of the trace model at this time. It is however possible to create new traces
+with plugins. If any newly created Traces don't comply to the model, Hansken will not accept them and mark the plugin
+execution as failed. The Extraction Plugins SDK and the provided [Test Framework](test_framework.md) don't check this.
+Please make sure to use the right naming when creating new Traces, as provided by the trace model.
+
+If an erroneous trace property is set, Hansken will show an error. The error can be found in the Hansken Expert UI
+interface by double-clicking on the trace. Then the trace details screen will be opened and the error will be displayed
+as follows:
+
+.. image:: toolrun_error.png
+
+This error describes that a property does not exist in the trace model. To get more information about the error, the
+extraction log can be viewed. In the extraction log you have to search
+for `java.lang.IllegalArgumentException: no such type` to find out which property is not supported by the trace model.
+
+In the example extraction log below, the property `this_property_does_not_exist` could not be found 681 times.
+
+    Cumulative warnings, based on the message without numbers, uuids and trace objects. Only showing full message for first warning of this type.
+          Count | Key                                                   | Message
+            681 | org.hansken.ep.shade.io.grpc.StatusRuntimeException   | CANCELLED: Cancelled by client with StreamObserver.onError(); org.hansken.ep.shade.io.grpc.StatusRuntimeException: ABORTED: java.lang.IllegalArgumentException: no such type: this_property_does_not_exist
+              7 | java.lang.IllegalStateException                       | call was cancelled
+              1 | org.hansken.ep.shade.io.grpc.StatusRuntimeException   | UNAVAILABLE: HTTP/2 error code: NO_ERROR Received Rst Stream

0.6.3/_sources/dev/examples.md.txt

@@ -0,0 +1,7 @@
+# Examples
+
+Extraction Plugin Examples in both Java and Python can be found in the
+[Hansken Extraction Plugin Examples Repository](https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples)
+on the Hansken developer community.
+
+If you don't have access to the Hansken developer community, please see ":ref:`communityaccess`" the in the [FAQ](faq.md).

0.6.3/_sources/dev/faq.md.txt

@@ -0,0 +1,64 @@
+# Frequently Asked Questions
+
+.. _communityaccess:
+
+## How can I access Hansken developer community
+
+You will first need git access to the Hansken developer community. Here you can find started guides and examples. If you
+have no access yet, you can get access by following the next steps:
+
+1. Sign up at [git.eminjenv.nl](https://git.eminjenv.nl/)
+2. After you have created your account, you should request access to the "
+   Hansken Community" group . Do this by contacting your organisations Hansken business owner. If you don't know who to
+   contact as your business owner, please read the :doc:`../contact` page.
+
+## Why use Extraction Plugins?
+
+Extraction plugins enable you to run your own extraction code in Hansken.
+
+* Your plugin runs during extraction
+* Extraction plugins are faster than Hansken.py
+* Multiple programming languages are supported
+* Scalability: Extraction plugins can be scaled flexibly on a kubernetes cluster
+
+## What programming languages are supported?
+
+The SDK contains an API and tools to write a Hansken extraction plugin in Java or Python. The Java API can be used to
+develop extraction plugins in JVM-compatible languages, such as Scala and Kotlin.
+
+## Will you support language *foobar*?
+
+Probably not. It takes time and effort to create a proper SDK. If you think there is a good use case to support
+language *foobar*, and there is gRPC support, feel free to contact us. We can discuss the options to add support for
+Hansken extraction plugins with *foobar*.
+
+Under the hood, extraction plugins use gRPC to communicate with Hansken. In theory, all programming languages that have
+a gRPC implementation can be used to write Hansken extraction plugins.
+
+## Can I reuse or modify the Extraction Plugins SDK?
+
+The SDK is distributed under the Apache 2.0 License, see the LICENSE file in the SDK for more details.
+
+## Can I use a plugin that someone else wrote?
+
+Yes, at your own risk. The Hansken Team does not take responsibility for code written by third parties in the form of
+Extraction Plugins.
+
+## What are the legal implications of creating your own Extraction Plugin(s)?
+
+All Extraction Plugins not written by the Hansken Team are considered **third party** Extraction Plugins. Please refer
+to [Can I use a plugin that someone else wrote?](faq.md#can-i-use-a-plugin-that-someone-else-wrote?)
+
+## How safe are Extraction Plugins?
+
+We are doing everything to make sure Extraction Plugins are as safe as possible, however note that the Extraction Plugin
+SDK is still in beta. Use it at your own risk. For more information on security see [Isolation](concepts/isolation.md).
+
+## Can my Extraction Plugin be embedded into Hansken for performance reasons?
+
+Embedding an Extraction Plugin into Hansken requires access to the Hansken source code. If you have access to the source
+code then please `../contact` us for assistance. Please note that embedded Extraction Plugins are **not officially
+supported**.
+
+If you do not have access to the Hansken source code, then please contact your own Business Owner, and ask them to
+contact the Hansken Team.

0.6.3/_sources/dev/introduction.md.txt

@@ -0,0 +1,50 @@
+# Introduction
+
+The Extraction Plugin Software Development Kit can be used to develop a [Hansken](https://www.hansken.nl/an-introduction-to-hansken)
+extraction plugin.
+
+Hansken is designed to give access to and insight in digital data and traces originating from seized and demanded
+digital material. One aspect of the Hansken platform is the extraction engine (extraction framework). The extraction
+engine contains digital forensics knowledge, which is used to find traces in digital material. With extraction plugins
+case investigators can add new digital forensics knowledge to the extraction framework. In this way, Hansken is enabled
+to understand new digital formats, and thus is able to find new types of traces in the seized and demanded material.
+
+Examples of digital forensics knowledge that can be added to Hansken with extraction plugins:
+
+* new file formats (e.g. a new crypto currency wallet)
+* combine traces to find new information (e.g. use a windows registry entry required to read a file from disk)
+* apply algorithms on traces (e.g. speech to text from audio files)
+
+The primary goals of this SDK are:
+
+* to make it as easy as possible to add new digital forensics knowledge to Hansken.
+* be able to share digital forensics knowledge with other Hansken community members
+
+## Software Development Kit (SDK)
+
+In order to create extraction plugins, the Hansken project maintains an Extraction Plugin Software Development Kit
+(SDK).
+
+This SDK contains the following elements:
+
+* [Java API and tooling](java), to be able to write an extraction plugin with the [Java](https://www.java.com/)
+  programming language
+* [Python API and tooling](python), to be able to write an extraction plugin with [Python](https://www.python.org/)
+  programming language
+* [Test framework](concepts/test_framework.md), to be able to test extraction plugins before they are used production
+* Documentation for plugin developers to help understand the SDK and all its facets (this documentation)
+* :doc:`examples`
+
+## Development steps of a plugin
+
+To create a plugin, the plugin developer could follow the following steps. Detailed information per step will be added
+later to the documentation.
+
+1. Create a new empty plugin
+2. Implement the plugin logic
+3. Verify the plugin using the [test framework](concepts/test_framework.md), using reference data (test data) and
+   expected output
+4. Test the plugin in Hansken
+5. Use the plugin in an actual case
+6. Share the plugin with the Hansken community, so other case investigations can benefit from the plugin as well (
+   optional, but encouraged)

0.6.3/_sources/dev/java.rst.txt

@@ -0,0 +1,14 @@
+Java
+====
+
+.. toctree::
+   :maxdepth: 1
+   :caption: Contents:
+
+   java/api_changelog
+   java/prerequisites
+   java/packaging
+   java/snippets
+   java/testing
+   java/debugging
+   java/javadoc

0.6.3/_sources/dev/java/api_changelog.md.txt

@@ -0,0 +1,205 @@
+# Java API Changelog
+
+This document summarizes all important API changes in the Extraction Plugin API. This document only shows changes that
+are important to plugin developers. For a full list of changes per version, please refer to the general
+:ref:`changelog <changelog>`.
+
+.. If present, remove `..` before `## |version|` if you create a new entry after a previous release.
+
+.. ## |version|
+
+
+## 0.6.1
+
+* The JAVA SDK is now distributed through maven central instead of the Hansken community.
+
+## 0.6.0
+
+.. warning:: It is highly recommended to upgrade your plugin to this new version.
+             See the migration steps below.
+
+* Extraction plugin container images are now labeled with PluginInfo. This
+  allows Hansken to efficiently load extraction plugins.
+
+* By default, extraction plugin version is managed in the plugin's `pom.xml`.
+  The `.pluginVersion(..)` can be removed from the PluginInfo builder.
+
+* **Migration steps from earlier versions** -- for plugins that use the Java
+  extraction plugin SuperPOM:
+
+  1. Update the SDK version in your `pom.xml`
+  2. If you come from a version prior to `0.4.0`, or if you use a plugin name
+     instead of a plugin id in your `pluginInfo()`, switch to the plugin id style
+     (read  instructions for version `0.4.0`)
+  3. Set your plugin version in your project's `pom.xml`, and remove the
+     following from your `PluginInfo.Builder`:
+
+     ```java
+     .pluginVersion(...)
+     ```
+
+  4. Update your build scripts to build your plugin (Docker) container image.
+     You should build your plugin container image with the following command:
+
+     ```bash
+     mvn package docker:build`
+     ```
+
+     This will generate a plugin image:
+
+     * The extraction plugin is added to your local image registry
+       (`docker images`),
+     * The image name is `extraction-plugin/PLUGINID`, e.g.
+       `extraction-plugin/nfi.nl/extract/chat/whatsapp`,
+     * The image is tagged with two tags: `latest`, and your plugin version.
+
+     Nb. If Docker is not available in your environment, `podman` can be used
+     as an alternative. See :ref:`packaging <java_superpom_podman>` for more
+     details.
+
+## 0.5.0
+
+* Add new tracelet api `Trace.addTracelet(type, consumer)`.
+  It can be used like this:
+
+  ```java
+  trace.addTracelet("prediction", tracelet -> tracelet
+       .set("type", "classification")
+       .set("label", "label")
+       .set("confidence", 0.8f)
+       .set("embedding", Vector.of(1,2,3))
+       .set("modelName", "yolo")
+       .set("modelVersion", "2.0"));
+  ```
+
+* Deprecate Trace.addTracelet(Trace)
+* Support vector data type in trace properties.
+
+## 0.4.13
+
+* When writing input search traces for tests, it is no longer required to explicitly set an `id` property.
+  These are automatically generated when executing tests.
+
+## 0.4.7
+
+* A new convenience method `id(String, String, String)` is added to the PluginInfo builder. This removes some
+  boilerplate code when setting the pluginId. More details on the plugin naming conventions can be found at the
+  :doc:`../concepts/plugin_naming_convention` section.
+
+  ```java
+  PluginInfo.builderFor(this)
+            .id("nfi.nl", "extract", "TestPlugin") // new style
+            .id(new PluginId("nfi.nl", "extract", "TestPlugin")) // old style, but also works
+            ...
+  ```
+
+## 0.4.6
+
+* It is now possible to specify maximum system resources in the `PluginInfo`. To run a plugin with 0.5 cpu (= 0.5
+  vCPU/Core/hyperthread) and 1 gb memory, for example, the following configuration can be added to `PluginInfo`:
+
+  ```java
+  PluginInfo.builderFor(this)
+      ...
+      .pluginResources(PluginResources.builder()
+          .maximumCpu(0.5f)
+          .maximumMemory(1000)
+          .build())
+      .build();
+  ```
+
+## 0.4.0
+
+* Extraction Plugins are now identified with a `PluginInfo.PluginId` containing a domain, category and name. The
+  method `PluginInfo.name(pluginName)` has been replaced by `PluginInfo.id(new PluginId(domain, category, name)`. More
+  details on the plugin naming conventions can be found at the :doc:`../concepts/plugin_naming_convention` section.
+
+* `PluginInfo.name()` is now deprecated (but will still work for backwards compatibility).
+
+* A new license field `PluginInfo.license` has also been added in this release.
+
+* The following example creates a PluginInfo for a plugin with the name `TestPlugin`, licensed under
+  the `Apache License 2.0` license:
+
+  ```java
+  PluginInfo.builderFor(this)
+            .id(new PluginId("nfi.nl", "extract", "TestPlugin")) // id.domain: nfi.nl, id.category: extract, id.name: TestPlugin
+            // .name("TestPlugin") // no longer supported
+            .pluginVersion("0.4.1")
+            .author(Author.builder()...build())
+            .description("A plugin for testing.")
+            .maturityLevel(MaturityLevel.PROOF_OF_CONCEPT)
+            .hqlMatcher("*")
+            .webpageUrl("https://www.hansken.org")
+            .license("Apache License 2.0")
+            .build();
+  ```
+
+## 0.3.0
+
+* Extraction Plugins can now create new datastreams on a Trace through data transformations. Data transformations
+  describe how data can be obtained from a source.
+
+  An example case is an extraction plugin that processes an archive file. The plugin creates a child trace per entry in
+  the archive file. Each child trace will have a datastream that is a transformation that marks the start and length of
+  the entry in the original archive data. By just describing the data instead of specifying the actual data, a lot of
+  space is saved.
+
+  Although Hansken supports various transformations, the Extraction Plugins SDK for now only supports ranged data
+  transformations. Ranged data transformations define data as a list of ranges, each range with an offset and length in
+  a bytearray.
+
+  The following example sets a new datastream with dataType `html` on a trace, by setting a ranged data transformation:
+
+  ```java
+  trace.setData("html", RangedDataTransformation.builder().addRange(offset, length).build());
+  ```
+
+  The following example creates a child trace and sets a new datastream with dataType `raw` on it, by setting a ranged
+  data transformation with two ranges:
+
+  ```java
+  trace.newChild(format("lineNumber %d", lineNumber), child -> {
+      child.setData("raw", RangedDataTransformation.builder()
+        .addRange(10, 20)
+        .addRange(50, 30)
+        .build());
+  });
+  ```
+
+  More detailed documentation will follow in an upcoming SDK release.
+
+## 0.2.0
+
+.. warning:: This is an API breaking change. Plugins created with an earlier version of the extraction plugin SDK are
+   not compatible with Hansken that uses `0.2.0` or later.
+
+* Introduced a new extraction plugin type `DeferredExtractioPlugin`. Deferred Extraction plugins can be run at a
+  different extraction stage. This type of plugin also allows accessing other traces using the searcher.
+
+* The class `ExtractionContext` has been renamed to `DataContext`. The new name `DataContext` represents the class
+  contents better. Plugins have to update matching import statements and the type in `ExtractionPlugin.process()`
+  implementation in the same way. This change has no functional side effects.
+
+  Old:
+
+  ```java
+  import org.hansken.plugin.extraction.api.ExtractionContext;
+
+  @Override
+
+  public void process(final Trace trace, final ExtractionContext context) throws IOException {
+
+  }
+  ```
+
+  New:
+
+  ```java
+  import org.hansken.plugin.extraction.api.DataContext;
+
+  @Override
+  public void process(final Trace trace, final DataContext dataContext) throws IOException {
+
+  }
+  ```

0.6.3/_sources/dev/java/debugging.md.txt

@@ -0,0 +1,134 @@
+# How to debug an Extraction Plugin
+
+Debugging is the art of removing bugs — hopefully quickly.
+
+## Locally
+
+To debug a plugin locally, it is recommended to start the plugin via the IDE by running the integration test. This has
+the advantage that breakpoints can easily be put in the code instead of printing log statements, for example.
+
+### Logging
+
+The logging of the extraction plugin is displayed in the console.
+
+## Locally with Docker
+
+Debugging an extraction plugin via docker is a bit trickier. Java has the advantage that remote debugging is already
+baked in.
+
+Using Java Remote Debug with Docker containers requires 3 distinct steps:
+
+1. Build a Docker image
+2. Run the Docker image with specific Java tool options
+3. Setting breakpoints in your code
+
+### Build a Docker image
+
+If the Docker image is not built, run the following command to build the Docker image:
+
+```bash
+mvn package docker:build
+```
+
+### Run the Docker image with specific Java tool options
+
+In Java, the remote debug functionality is not enabled by default. To enable the remote debug functionality, the
+following environments variable must be set in the Docker container:
+
+```bash
+JAVA_TOOL_OPTIONS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005"
+ ```
+
+This environment variable allows the debugger to connect to the debuggee (application being debugged). To start the
+Docker image with the `JAVA_TOOL_OPTIONS` environment variable, the following command can be used:
+
+```bash
+docker run -p 5005:5005 -e JAVA_TOOL_OPTIONS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005" your_extraction_plugin_name
+```
+
+The next step is to attach the debugger to the debuggee.
+For Intellij, the instructions are clearly described on the following
+page: [Tutorial: Remote debug](https://www.jetbrains.com/help/idea/tutorial-remote-debug.html#49be7f04)
+
+### Setting breakpoints in the code
+
+The last step is to add breakpoints in the code.
+
+### Logging in Docker
+
+The logging of the extraction plugin is displayed in the console after running the `docker run` command. In addition,
+the logging is also displayed in the IntelliJ console while debugging.
+
+## Kubernetes
+
+In kubernetes it is currently _not_ possible to debug via Java Remote Debug because:
+
+* no debug ports are published;
+* the container was not started with the environment variable `JAVA_TOOL_OPTIONS` so debugging is not enabled.
+
+### Logging in Kubernetes
+
+If there is authorization to the kubernetes cluster, the logging can be viewed with the following command:
+
+```bash
+kubectl logs -f hansken-extraction-plugins/your_extraction_plugin_pod
+```
+
+## Debug HQL
+
+An HQL query can be debugged by overriding the `isVerboseLoggingEnabled()` method of the `ExtractionPluginFlits` class.
+The example below shows an example of an embedded FLITS test with verbose logging enabled.
+
+```java
+public class TestPluginFlitsIT extends EmbeddedExtractionPluginFlits {
+
+    @Override
+    public Path testPath() {
+        return srcPath("integration/inputs/plugin");
+    }
+
+    @Override
+    public Path resultPath() {
+        return srcPath("integration/results/embedded/plugin");
+    }
+
+    @Override
+    protected ExtractionPlugin pluginToTest() {
+        return new TestPlugin();
+    }
+
+    @Override
+    public boolean regenerate() {
+        return true;
+    }
+
+    @Override
+    protected boolean isVerboseLoggingEnabled() {
+        return true;
+    }
+}
+```
+
+The following output will then be displayed in the console:
+
+```text
+HQL match found for:
+$data.type=jpg
+With trace:
+dataType=jpg
+types={file, data}
+properties={data.raw.mimeType=image/jpg, path=/test-input-trace, file.name=image.jpg, name=test-input-trace, id=0}
+```
+
+If the HQL query contains an error, it will be shown in the generated test results. An example of an invalid query
+is ``$data.mimeType=image/jpg`` (slash not escaped). This query will produce an error like the one shown below.
+
+```json
+{
+  "class": "org.hansken.plugin.extraction.hql_lite.lang.ParseException",
+  "message": "HqlLiteHumanQueryParser: line 1:20 token recognition error at: '/jpg'"
+}
+```
+
+.. note:: The error is only shown in the generated trace, so to find out the `ParseException` override
+   the `regenerate()` method from `Flits` and then let this method return `true`.

0.6.3/_sources/dev/java/javadoc.md.txt

@@ -0,0 +1,3 @@
+# Javadoc
+
+Visit the `Javadoc of the Extraction Plugins SDK API <../../_static/javadoc/index.html>`_.

0.6.3/_sources/dev/java/packaging.md.txt

@@ -0,0 +1,42 @@
+# Packaging
+
+Extraction plugins are packaged as OCI images (also known as Docker images).
+The OCI images are labeled with the PluginInfo.
+To automate packaging of a Java plugin and labeling the OCI image, the Extraction Plugin SuperPom has been configured to automate this for you.
+
+If your project uses the Extraction Plugin SuperPom (see [Prerequisites](prerequisites.md)), Packaging an extraction plugin is handled by Maven.
+To package your plugin into a container image, the following command can be used:
+
+```bash
+mvn package docker:build
+```
+
+This will generate a plugin image:
+
+* The extraction plugin is added to your local image registry
+(`docker images`),
+* The image name is `extraction-plugin/PLUGINID`, e.g.
+`extraction-plugin/nfi.nl/extract/chat/whatsapp`,
+* The image is labeled with two tags: `latest`, and your plugin version.
+
+It is possible to apply extra arguments to the docker command [as described here](http://dmp.fabric8.io/#docker:build).
+For example, to specify a proxy, use the following command:
+
+```bash
+mvn package docker:build -Ddocker.buildArg.https_proxy=https://proxy:8001
+```
+
+Once your plugin is packaged, it can be published or 'uploaded' to Hansken.
+See ":ref:`upload_plugin`" for instructions.
+
+.. _java_superpom_podman:
+
+Note: if your build environment does not have Docker available, you can use
+[podman](https://podman.io/) as an alternative. Install podman on your machine
+or build agent, and run the following commands _before_ invoking the
+`mvn package docker:build` command:
+
+```bash
+podman system service --time=0 unix:/run/user/$(id -u)/podman/podman.sock &
+export DOCKER_HOST="unix:/run/user/$(id -u)/podman/podman.sock"
+```

0.6.3/_sources/dev/java/prerequisites.md.txt

@@ -0,0 +1,41 @@
+# Prerequisites
+
+Required software:
+
+* Java 11 or higher
+* Docker for [packaging](packaging.md) and publishing plugins  
+  (or use a Docker alternative such as `podman`)
+* Maven (recommended, build automation tool)
+
+Required dependencies: 
+* All required project dependencies to build extraction plugins are published on the public Maven Central, under `org.hansken.plugin.extraction:plugin-super-pom`.
+  For maven based extraction plugins, the following `pom.xml` snippet can be used as basis of a plugin:
+  ```xml
+  <?xml version="1.0" encoding="UTF-8"?>
+  <project xmlns="http://maven.apache.org/POM/4.0.0"
+      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+      xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+      <modelVersion>4.0.0</modelVersion>
+  
+      <parent>
+          <groupId>org.hansken.plugin.extraction</groupId>
+          <artifactId>plugin-super-pom</artifactId>
+          <version>SET_THE_SDK_VERSION_HERE</version>
+      </parent>
+  
+      <artifactId>CHOOSE_YOUR_ARTIFACTID_HERE</artifactId>
+      <version>SET_THE_PLUGIN_VERSION_HERE</version>
+  
+      <licenses>
+          <license>
+              <name>The Apache Software License, Version 2.0</name>
+              <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
+              <distribution>repo</distribution>
+          </license>
+      </licenses>
+  
+      <properties>
+          <mainClass>SET_THE_PLUGIN_MAIN_CLASS_HERE</mainClass>
+      </properties>
+  </project>
+  ```

0.6.3/_sources/dev/java/snippets.md.txt

@@ -0,0 +1,246 @@
+# Java code snippets
+
+This page contains Java code snippets for common patterns that will be used when writing a plugin.
+
+## RandomAccessData as InputStream
+
+In Java, `InputStream` is a common type to pass data to another class or method. The SDK provides a simple utility to
+use a `RandomAccessData` as `InputStream`.
+
+Add the following import to your code:
+
+```java
+import org.hansken.plugin.extraction.core.data.RandomAccessDatas;
+```
+
+Next we can create an `InputStream` from the `RandomAccessData` as shown in the following snippet. Note that the
+`InputStream` is created using a `try-with-resources`-statement. This ensures that the `InputStream` is correctly closed
+when the `InputStream` is no longer required.
+
+```java
+RandomAccessData traceData=...;
+    try(InputStream asInputStream=RandomAccessDatas.asInputStream(traceData)){
+    // use the InputStream here
+    }
+```
+
+Notes:
+
+* the created `InputStream` is *not* thread-safe,
+* the created `InputStream` changes state in the provided `RandomAccessData`
+  (e.g. when data is read, the position updated in both the `InputStream` *and*
+  the `RandomAccessData` instances),
+* for more details on the implementation of the `InputStream`, refer to the `RandomAccessDataInputStream` JavaDoc.
+
+
+.. _tracelets java:
+
+## Adding tracelets
+
+In the following Java example, a "classification" :ref:`tracelet<tracelets>` is added to a trace. The tracelet consists
+of a list of four properties, namely "class", "confidence", "modelName" and "modelVersion".
+
+```java
+trace.addTracelet("prediction", tracelet -> tracelet
+     .set("type", "classification")
+     .set("class", "telephone")
+     .set("label", "label")
+     .set("confidence", 0.8f)
+     .set("embedding", Vector.of(1,2,3))
+     .set("modelName", "yolo")
+     .set("modelVersion", "2.0"));
+```
+or
+```java
+trace.addTracelet(new Tracelet("prediction", List.of(
+    new TraceletProperty("prediction.type","classification"),
+    new TraceletProperty("prediction.class","telephone"),
+    new TraceletProperty("prediction.label","label"),
+    new TraceletProperty("prediction.confidence",0.8f))),
+    new TraceletProperty("prediction.embedding", Vector.of(1,2,3)),
+    new TraceletProperty("prediction.modelName","yolo"),
+    new TraceletProperty("prediction.modelVersion","2.0"));
+```
+
+
+.. _datastreams java:
+
+## Adding data to a trace
+
+Traces can have data attatched to them. See :ref:`datastreams` for more information.
+The following two snippets demonstrate how to add data to a trace.
+
+It is currently not possible to verify that a specific data stream is already set or not.
+
+### Data Transformations
+
+The most efficient way to add data to a trace is using data transformations.
+See :doc:`../concepts/data_transformations` for more details.
+
+The following example sets a new data stream with dataType `html` on a trace, by setting a ranged data transformation:
+
+```java
+trace.setData("html", RangedDataTransformation.builder().addRange(offset, length).build());
+```
+
+The following example creates a child trace and sets a new datastream with dataType `raw` on it, by setting a ranged
+data transformation with two ranges:
+
+```java
+trace.newChild(format("lineNumber %d", lineNumber), child -> {
+    child.setData("raw", RangedDataTransformation.builder()
+                  .addRange(10, 20)
+                  .addRange(50, 30)
+                  .build());
+});
+```
+
+### Blobs
+
+It is not always possible to create a transormation for the data that has to be
+added to a trace. For example the data is a result of a computation, and not
+a direct subset of another data stream..
+
+The following examples show how to creates a new data stream of dataType `raw` on a trace.
+
+In case all data is stored in a `byte[]`, we can add the byte array to the data stream with:
+
+```java
+final byte[] rawBytes = {.....};
+trace.setData("raw", writer -> writer.write(rawBytes));
+```
+
+Alternatively, if the data is available in an `InputStream` the data can be added with:
+
+```java
+final InputStream inputStream = ...;
+trace.setData("raw", inputStream);
+```
+
+## Specifying system resources
+
+In the `PluginInfo` you can specify **maximum** system resource metrics for a plugin. These are used for scaling the
+number of pods as described [here](../concepts/kubernetes_autoscaling.md#Autoscaling). To run a plugin with 0.5 cpu (=
+0.5 vCPU/Core/hyperthread) and 1 gb memory, for example, the following configuration can be added to `PluginInfo`:
+
+```java
+PluginInfo.builderFor(this)
+    ...
+    .pluginResources(PluginResources.builder()
+    .maximumCpu(0.5f)
+    .maximumMemory(1000)
+    .build())
+    .build();
+```
+
+.. _java_snippets_deferred:
+
+## Deferred Extraction Plugins
+
+Using a deferred plugin requires inheriting the `DeferredExtractionPlugin` base class. This allows access to
+a ``TraceSearcher`` object in the process function to search for traces.
+
+```java
+public class ExampleDeferred extends DeferredExtractionPlugin {
+    @Override
+    public PluginInfo pluginInfo();
+
+    @Override
+    public void process(final Trace trace, final ExtractionContext context,
+                        final TraceSearcher searcher) {
+        final SearchResult result = searcher.search("file.extension=asc", 10);
+    }
+}
+```
+
+The ``search`` method accepts a HQL query and a count, which represents the maximum number of traces to return. It may
+be useful to specifically search for traces from the image being extracted. Add ``"image:" + trace.get("image")`` to
+your query. The query of the provided example could be extended like this:
+`"file.extension = asc AND image:" + trace.get("image")`.
+
+The traces contained in the ``SearchResult`` are returned as a stream.
+
+```java
+final Stream<Trace> stream = result.getTraces();
+stream.limit(5);
+```
+
+
+## Logging
+
+The logging is provided by Log4j 2 with a SLF4J binding. The Log4j 2 SLF4J binding allows applications coded to the
+SLF4J API to use Log4j 2 as the implementation.
+
+### Usage
+
+Here is an example illustrating how to log something with SLF4J. It begins by getting a logger with the name "LOG". This
+logger is in turn used to log the message `I'm logging a variable 1234!`.
+
+```java
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class Example {
+    private static final Logger LOG = LoggerFactory.getLogger(Example.class);
+
+    public void example() {
+        final int aNumber = 1234;
+        // logs to console: I'm logging a variable 1234!
+        LOG.info("I'm logging a variable {}!", aNumber);
+    }
+}
+```
+
+### Customize logging
+
+It's easy to change the logging format with a file called `log4j2.xml`. If desired, this file must be in the `resources`
+folder, for example `src/main/resources/log4j2.xml`
+
+```xml
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+    <appenders>
+        <console name="stdout" target="SYSTEM_OUT">
+            <patternLayout
+                    pattern="%-5p|%d{yyyy-MM-dd HH:mm:ss}|%-20.20t|%-32.32c{1}|%m%n"/>
+        </console>
+    </appenders>
+    <loggers>
+        <root level="info">
+            <appenderRef ref="stdout"/>
+        </root>
+    </loggers>
+</configuration>
+```
+
+.. warning:: Be careful with logging sensitive information.
+
+.. note:: More information about customizing the logging can be found `here <https://logging.apache.org/log4j/2.x>`_.
+
+.. note:: The default logger is pre-configured to log `INFO` to `STDOUT` (see the configuration above)
+
+.. note:: Log4j 2 supports various logging formats, including xml, yaml, json, properties, etc.
+   Currently, only the xml format is supported.
+
+.. note:: Contact your Hansken administrator for more information on where to find logs for your Hansken environment.
+
+## [EXPERIMENTAL FEATURE] Adding previews to a trace
+
+.. warning:: This is an experimental feature, which might change or get removed in future releases.
+
+Example:
+
+```java
+public class ExamplePlugin extends ExtractionPlugin {
+  @Override
+  public PluginInfo pluginInfo();
+
+  @Override
+  public void process(final Trace trace, final DataContext context) {
+    final byte[] previewData;
+    // set the preview data for the image/png MIME-type
+    trace.set("preview.image/png", previewData);
+    trace.set("preview.image/png", previewData);
+  }
+}
+```

0.6.3/_sources/dev/java/testing.md.txt

@@ -0,0 +1,156 @@
+# Using the Test Framework in Java
+
+.. _java testing:
+
+This section assumes you use the same setup as is used in the
+[Extraction Plugin Examples](https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples).
+
+## Prerequisites
+
+Java Plugins can use the `plugin-super-pom` as maven parent, which makes sure the
+FLITS [Test Framework](../concepts/test_framework.md) is included in the build.
+
+```xml
+
+<parent>
+    <groupId>org.hansken.plugin.extraction</groupId>
+    <artifactId>plugin-super-pom</artifactId>
+    <version>0.4.3</version>
+</parent>
+```
+
+## Embedded Testing versus Remote Testing
+
+There are ways of integration testing a plugin with the Test Framework:
+
+* **Embedded testing**: Here the plugin is run directly from a JUnit test without using the gRPC layer.
+* **Remote testing**: Here the test will start an ExtractionPluginServer that will serve the plugin. All communication
+  is between server and plugin is done using gRPC.
+
+See below for an example of each way of testing.
+The [Extraction Plugin Examples](https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples) contains many
+more examples.
+
+### Embedded Testing example
+
+Embedded tests can be run as a unit test.
+
+```java
+import static nl.minvenj.nfi.flits.util.FlitsUtil.srcPath;
+
+import java.nio.file.Path;
+
+import org.hansken.plugin.extraction.api.ExtractionPlugin;
+import org.hansken.plugin.extraction.test.EmbeddedExtractionPluginFlits;
+
+/**
+ * An integration test for MyPlugin.
+ */
+class MyPluginIT extends EmbeddedExtractionPluginFlits {
+
+    @Override
+    protected ExtractionPlugin pluginToTest() {
+        // MyPlugin is a class implementing the ExtractionPlugin interface, 
+        // with pluginInfo() and process() methods. 
+        return new MyPlugin();
+    }
+
+    @Override
+    public Path testPath() {
+        // Provide the folder containing input files. For examples, see 
+        // https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples.
+        return srcPath("integration/inputs");
+    }
+
+    @Override
+    public Path resultPath() {
+        // Provide the folder containing result files. For examples, see 
+        // https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples.
+        return srcPath("integration/results");
+    }
+
+    @Override
+    public boolean regenerate() {
+        // Returning false means the test will fail if the result files don't 
+        // match the outcome of the=++ test. Returning true means the test create 
+        // new result files .
+        return false;
+    }
+}
+```
+
+### Remote Testing example
+
+Note that the following example serves the plugin by using `ExtractionServer`.
+
+```java
+import static nl.minvenj.nfi.flits.util.FlitsUtil.srcPath;
+
+import java.nio.file.Path;
+
+import org.hansken.plugin.extraction.runtime.grpc.client.ExtractionPluginClient;
+import org.hansken.plugin.extraction.runtime.grpc.server.ExtractionPluginServer;
+import org.hansken.plugin.extraction.test.plugins.DataTransformationsPlugin;
+import org.junit.jupiter.api.AfterAll;
+import org.junit.jupiter.api.BeforeAll;
+
+public class RemoteTransformationPluginFlitsIT extends RemoteExtractionPluginFlits {
+
+    private static ExtractionPluginServer _server;
+    private static ExtractionPluginClient _client;
+
+    @BeforeAll
+    public static void init() throws Exception {
+        final int port = 8999;
+
+        // Serve MyPlugin.
+        // MyPlugin is a class implementing the ExtractionPlugin interface, with PluginInfo and Process methods.
+        _server = ExtractionPluginServer.serve(port, MyPlugin::new);
+
+        // Create an ExtractionPluginClient
+        _client = new ExtractionPluginClient("localhost", _server.getListeningPort());
+    }
+
+    @AfterAll
+    public static void destruct() {
+        // At the end of the test, make sure the server and client are closed.
+        if (_server != null) {
+            _server.close();
+        }
+        if (_client != null) {
+            _client.close();
+        }
+    }
+
+    @Override
+    public Path testPath() {
+        // Provide the folder containing input files. For examples, see https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples.
+        return srcPath("integration/inputs");
+    }
+
+    @Override
+    public Path resultPath() {
+        // Provide the folder containing result files. For examples, see https://git.eminjenv.nl/hanskaton/hansken-extraction-plugin-sdk/examples.
+        return srcPath("integration/results");
+    }
+
+    @Override
+    protected ExtractionPluginClient pluginToTest() {
+        // For Remote testing, the test won't talk directly to the plugin, but to the client. 
+        // The client will use gRPC to communicate with the served plugin.
+        return _client;
+    }
+
+    @Override
+    public boolean regenerate() {
+        // Returning false means the test will fail if the result files don't match the outcome of the test.
+        // Returning true means the test create new result files.
+        return false;
+    }
+}
+```
+
+.. note:: Note that with a `RemoteTransformationPluginFlitsIT` it is possible to start a docker image of a plugin and
+   run remote tests against it using your own testdata. To do this, simply remove all `_server` code and manually start
+   your plugin in a docker container. Then run the test against the docker container by setting the correct url and
+   port, presumably `new ExtractionPluginClient("localhost", 8999)`.

0.6.3/_sources/dev/python.rst.txt

@@ -0,0 +1,24 @@
+Python
+======
+
+.. toctree::
+   :maxdepth: 1
+   :caption: Contents:
+
+   python/api_changelog
+   python/prerequisites
+   python/getting_started
+   python/packaging
+   python/snippets
+   python/testing
+   python/hanskenpy
+   python/debugging
+
+API Documentation
+-----------------
+
+.. autosummary::
+   :toctree: python/api
+   :recursive:
+
+   hansken_extraction_plugin.api

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.data_context.rst.txt

@@ -0,0 +1,29 @@
+hansken\_extraction\_plugin.api.data\_context
+=============================================
+
+.. automodule:: hansken_extraction_plugin.api.data_context
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      DataContext
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.extraction_plugin.rst.txt

@@ -0,0 +1,32 @@
+hansken\_extraction\_plugin.api.extraction\_plugin
+==================================================
+
+.. automodule:: hansken_extraction_plugin.api.extraction_plugin
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      BaseExtractionPlugin
+      DeferredExtractionPlugin
+      ExtractionPlugin
+      MetaExtractionPlugin
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.extraction_trace.rst.txt

@@ -0,0 +1,33 @@
+hansken\_extraction\_plugin.api.extraction\_trace
+=================================================
+
+.. automodule:: hansken_extraction_plugin.api.extraction_trace
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      ExtractionTrace
+      ExtractionTraceBuilder
+      MetaExtractionTrace
+      SearchTrace
+      Trace
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.plugin_info.rst.txt

@@ -0,0 +1,33 @@
+hansken\_extraction\_plugin.api.plugin\_info
+============================================
+
+.. automodule:: hansken_extraction_plugin.api.plugin_info
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      Author
+      MaturityLevel
+      PluginId
+      PluginInfo
+      PluginResources
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.rst.txt

@@ -0,0 +1,38 @@
+hansken\_extraction\_plugin.api
+===============================
+
+.. automodule:: hansken_extraction_plugin.api
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   
+
+
+
+.. rubric:: Modules
+
+.. autosummary::
+   :toctree:
+   :recursive:
+
+   hansken_extraction_plugin.api.data_context
+   hansken_extraction_plugin.api.extraction_plugin
+   hansken_extraction_plugin.api.extraction_trace
+   hansken_extraction_plugin.api.plugin_info
+   hansken_extraction_plugin.api.search_result
+   hansken_extraction_plugin.api.trace_searcher
+   hansken_extraction_plugin.api.tracelet
+   hansken_extraction_plugin.api.transformation
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.search_result.rst.txt

@@ -0,0 +1,29 @@
+hansken\_extraction\_plugin.api.search\_result
+==============================================
+
+.. automodule:: hansken_extraction_plugin.api.search_result
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      SearchResult
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.trace_searcher.rst.txt

@@ -0,0 +1,29 @@
+hansken\_extraction\_plugin.api.trace\_searcher
+===============================================
+
+.. automodule:: hansken_extraction_plugin.api.trace_searcher
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      TraceSearcher
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.tracelet.rst.txt

@@ -0,0 +1,29 @@
+hansken\_extraction\_plugin.api.tracelet
+========================================
+
+.. automodule:: hansken_extraction_plugin.api.tracelet
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      Tracelet
+   
+   
+
+   
+   
+   
+
+
+

0.6.3/_sources/dev/python/api/hansken_extraction_plugin.api.transformation.rst.txt

@@ -0,0 +1,31 @@
+hansken\_extraction\_plugin.api.transformation
+==============================================
+
+.. automodule:: hansken_extraction_plugin.api.transformation
+
+   
+   
+   
+
+   
+   
+   
+
+   
+   
+   .. rubric:: Classes
+
+   .. autosummary::
+   
+      Range
+      RangedTransformation
+      Transformation
+   
+   
+
+   
+   
+   
+
+
+