orlikoski
diff --git a/‎.gitignore
+4 b/‎.gitignore
+4
diff --git a/‎.travis.yml
+1-1 b/‎.travis.yml
+1-1
diff --git a/‎CHANGELOG.md
+60 b/‎CHANGELOG.md
+60
diff --git a/‎CUSTOM_PATH_TEMPLATE.txt
+177 b/‎CUSTOM_PATH_TEMPLATE.txt
+177
diff --git a/‎CyLR/CyLR.csproj
+3-2 b/‎CyLR/CyLR.csproj
+3-2
@@ -1,6 +1,8 @@
 CyLR/bin/
 CyLR/obj/
+.DS_Store
 .vs/
+.vscode/
 packages/
 *.vspx
 *.db
@@ -13,3 +15,5 @@ CyLRTests/bin/
 *.zip
 deployments/
 warp-packer
+lcov.info
+*.log
@@ -29,7 +29,7 @@ script:
   - if [[ "$TRAVIS_OS_NAME" == "windows" ]]; then PowerShell -File scripts/build_win.ps1 ; fi
   - if [[ "$TRAVIS_OS_NAME" == "windows" ]]; then PowerShell -File scripts/package_win.ps1 ; fi
 
-  - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then BUILD_ARCH=osx-x64 USE_CORERT=TRUE scripts/test.sh ; fi
+  #- if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then BUILD_ARCH=osx-x64 USE_CORERT=TRUE scripts/test.sh ; fi
   - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then BUILD_ARCH=osx-x64 USE_CORERT=TRUE scripts/build.sh ; fi
   - if [[ "$TRAVIS_OS_NAME" == "osx" ]]; then BUILD_ARCH=osx-x64 USE_CORERT=TRUE scripts/package.sh ; fi
 
 
@@ -0,0 +1,60 @@
+# CHANGE LOG
+
+## 2.2.0 - 2020-07-09
+
+This version includes numerous modifications and introduction of new features,
+highlighted below:
+
+### Added
+
+* Logging is available, to destinations including the console, a log file, and
+  embedded within the resulting archive. The log name is specified with `-l`
+  and verbosity is adjusted with `-v` to increase or `-q` to silence.
+* Added `CUSTOM_PATH_TEMPLATE.txt` with documentation on how to specify custom
+  paths for collection.
+* Implemented enumeration of files system contents in the same manner cross
+  platform
+* Through new FS enumeration, eliminated extra scanning/duplicate collection
+  of data within symbolic link directories. Eliminated dependency on the
+  `find` binary.
+* Enabled the use of globbing patterns within paths. This includes patterns
+  such as:
+  * `**/*.plist`
+  * `/home/*/.*sh_history`
+  * `\Windows\Temp\[a-z0-9][a-z0-9][a-z0-9][a-z0-9]\*`
+  * `**/Library/*Support/Google/Chrome/Default/History*`
+* Enabled the use of regular expressions within paths. This includes full line
+  and substring patterns, such as:
+  * `.*mawlare.*`
+  * `^C:\Windows\Temp\[A-Za-z0-9]{8}\.*$`
+  * `^C:\Windows\System32\Config\(SOFTWARE|SYSTEM|SAM|SECURITY).*$`
+* Added functionality to allow the user to select whether the existence of a
+  custom collection list (`-c`) should be in addition to versus in place of
+  the default artifact list. Continues to default to the replacement option
+  where it will only collect specified files.
+* Modified config file to support specification of path pattern type. Can be
+  one of `static`, `glob`, or `regex`. Format should be a tab delimited text
+  file with one pattern type and path per line. A line starting with a pound
+  character will be ignored.
+* Provided status messages to summarize the number of files scanned and paths
+  staged for collection.
+* Increased documentation of source code.
+
+### Removed
+
+* Removed collection of Windows Search path due to large size on some systems
+  (`%PROGRAMDATA%\Microsoft\Search\Data\Applications\Windows`).
+  Please use `-c` to re-include as needed.
+
+### Changed
+
+* Edited build scripts to point to C:\Program Files\7z instead of x86 folder
+* Improved the default collection paths for Linux platforms.
+* Modified the USNJrnl collection argument to default to disabled collection.
+* Improved SFTP handling to collect to a local zip file and attempt the
+  upload three times, with a 30 second delay between attempts.
+* Semantic changes to packaging and build scripts to avoid alias use.
+* Added packaging script check to see if packaging tool was local before
+  re-downloading.
+* Updated argument usage information.
+* Added tests to increase coverage of Arguments.cs
@@ -0,0 +1,177 @@
+#===========================================#
+# CyLR Custom File Path Collection Template #
+#===========================================#
+#
+# This file contains example methods for specifying file or folder paths to 
+# collect with CyLR.
+#
+
+#################
+# General Usage #
+#################
+#
+# CyLR contains default paths per-operating system that it will collect if you
+# do not specify this file. This file allows you to replace or extend the 
+# default collection capability of CyLR.
+#
+# To configure CyLR to only collect the paths specified in this file, you can 
+# provide this file at execution time as `CyLR.exe -c custom.txt` (where 
+# custom.txt is this file's name and relative location). If you would like to
+# collect both default and custom items, you can accomplish this with `-d` in 
+# place of `-c`. If you only want to collect default items, you can omit either
+# argument.
+#
+
+###################################
+# Specifying custom path patterns #
+###################################
+#
+# This configuration file supports comments, meaning lines with a leading `#`
+# are ignored and not evaluated further; this is for the purpose of custom file 
+# documentation, such as in this file, and for your own documentation as you 
+# build out custom configurations for collections.
+#
+# When specifying a file or folder path to collect, you will want to use the 
+# format of:
+#   {pattern_type}	{file_or_folder_path}
+#
+# This format specifies the pattern type and target folder or file path, 
+# delimited by a tab character. *Please be sure to validate that the delimiter 
+# is a tab character and not a series of space characters.*
+#
+# *Please note distinction between file and folder pattern support.*
+#
+# There are four supported pattern types:
+# * static -> Full path specification to a specific file 
+# * glob -> Supports glob patterns for collection, such as `/path/**` or 
+#           `/Users/*/.*history`. Where possible, this should be used in place
+#           of regex due to performance. Most common use case is to recursively
+#           collect a path with a pattern such as `/path/**`.
+# * regex -> Support regular expressions in paths.
+# * force -> Try to collect a static path even if the path is not found during
+#            the file system enumeration.
+#
+# There is no requirements for the file path specified so long as it is tab 
+# delimited from the pattern type. The file path can contain spaces and special
+# characters so long as the dotnet file system library is able to interpret it.
+#
+# Please note that in order to collect all items in a folder, or recursively on
+# a path, you will need to use glob paths. We will dive into more details for 
+# each of these pattern types below.
+#
+
+#***************************#
+# * IMPORTANT INFORMATION * #
+#***************************#
+#
+# All patterns (except force) will attempt to match against an enumeration of 
+# files on a system. This enumeration is performed by an internal function and
+# is subject to the permissions granted at runtime. If a discovered path is 
+# responsive to a pattern, it is added to the collection queue.
+#
+# The `force` pattern type specifies to attempt collection regardless of 
+# whether the file is available through enumeration. For this reason, it must
+# be a static full path for collection. 
+#
+# All pattern matching is case insensitive.
+#
+# Please specify the path delimiter for the system targeted. This means "/" for
+# UNIX-like systems and "\" for Windows systems.
+#
+
+#+++++++++++++++++#
+# Static patterns #
+#+++++++++++++++++#
+# 
+# This pattern format is the most basic and can be used to collect a single
+# file at a known location. This path must be discovered during file system 
+# enumeration to queue for collection.
+#
+# Examples:
+static	C:\Windows\System32\Config\SOFTWARE
+static	/etc/group
+
+#++++++++++++++++#
+# Force patterns #
+#++++++++++++++++#
+# 
+# This pattern format is the the same as static, but will add the file to the 
+# collection queue regardless of whether the file is present in the file system
+# enumeration operation. 
+# 
+# This is useful for collecting hidden/hard to access artifacts such as 
+# alternate data streams. 
+#
+# Examples:
+force	C:\$Extend\$UsnJrnl:$J
+
+
+#++++++++++++++++#
+# Glob patterns #
+#++++++++++++++++#
+# 
+# This pattern format is useful for when a basic pattern is needed to collect
+# responsive files. 
+#
+# Recursive collections
+#
+# The most common use case is for collecting files recursively. This is
+# achieved through using two sequential asterisk characters at the tail end of 
+# the path.
+#
+# Examples:
+glob	/var/log/**
+
+# Wildcards
+#
+# Another common use case is the wildcard, specified as a single asterisk 
+# character within a path segment. This Wildcard will match any character 
+# except a path delimiter. This means we can specify patterns that match a 
+# particular file name within any sub directory. 
+#
+# We can also use wildcards to match on parts of a file name within a path 
+# segment. Some use cases include collecting all files with a particular 
+# extension or all files with the same name but differing extensions.
+#
+# Examples:
+glob	C:\Users\*\NTUser.dat
+glob	/home/*/.bash_history
+glob	C:\Users\*\Appdata\Roaming\Microsoft\Windows\Recent\*.lnk
+glob	/root/.*_history
+
+# Other patterns
+# 
+# Globbing supports more patterns specified here: 
+#  * https://github.com/dazinator/DotNet.Glob/blob/a21476b1078a3b49070bdb4bfde07030739e641d/README.md
+#
+# You can also combine the patterns into a single line, allowing you to specify
+# patterns like those below. While regex may provide a more succinct manner 
+# to specify the pattern, glob should be favored for performance reasons.
+#
+# Examples:
+glob	C:\Windows\Temp\[A-Z][A-Z][A-Z][A-Z]\*.exe
+glob	C:\ProgramData\[A-Z][A-Z][A-Z][A-Z].exe
+glob	C:\**\*.docm
+glob	C:\**\r*.exe
+
+#++++++++++++++++#
+# Regex patterns #
+#++++++++++++++++#
+#
+# Allows the specification of advanced patterns for detection. This is the 
+# slowest method and should be leveraged if pattern functionality available 
+# through the other options is insufficient.
+#
+# This supports patterns specified by dotnet's regex implementation, documented
+# here: 
+# 
+#
+# Please note that the patterns are matched as a substring across a full path. 
+# This means a pattern of `[0-9]{8}` would match on any file system path 
+# containing eight numbers sequentially. You can leverage `^` to indicate the 
+# start of a file path, and `$` to denote the end. 
+#
+# Examples:
+regex	^C:\ProgramData\[A-Za-z]{8}\[A-Za-z]{5}.exe$
+regex	[0-9]+.exe
+
@@ -11,17 +11,18 @@
     <PublishSingleFile>true</PublishSingleFile>
     <PublishReadyToRunShowWarnings>false</PublishReadyToRunShowWarnings>
     <Win32Resource />
-    <Version>2.2.0</Version>
+    <Version>3.0.0</Version>
     <RepositoryUrl>https://github.com/orlikoski/CyLR</RepositoryUrl>
     <PackageLicenseUrl>https://github.com/orlikoski/CyLR/blob/master/LICENSE</PackageLicenseUrl>
     <Copyright>2018</Copyright>
     <PackageIconUrl>Martin-Berube-Character-Knight.ico</PackageIconUrl>
     <TargetLatestRuntimePatch>true</TargetLatestRuntimePatch>
+    <CopyOutputSymbolsToPublishDirectory>false</CopyOutputSymbolsToPublishDirectory>
   </PropertyGroup>
 
   <ItemGroup>
     <PackageReference Include="Discutils" Version="0.13.0-alpha" />
-    <!--<PackageReference Include="Microsoft.DotNet.ILCompiler" Version="1.0.0-alpha-*" Condition="'$(USE_CORERT)' == 'TRUE'" />-->
+    <PackageReference Include="DotNet.Glob" Version="3.1.0-alpha0009" />
     <PackageReference Include="RawDiskLib" Version="0.1.4" />
     <PackageReference Include="SharpZipLib" Version="1.0.0" />
     <PackageReference Include="SSH.NET" Version="2016.1.0" />