Closed jdrch closed 1 year ago
Martchus
commented
1 year ago This is again just a false positive. Please don't spam the issues with duplicates like that or I'll have to stop providing the Window version publicly.
Build it on your own if you think this is a trojan. If you really want to report an issue, please provide evidence why this is a trojan.
jdrch
commented
1 year ago This is again
1st time seeing it.
lease don't spam the issues with duplicates like that
Again, 1st time seeing it.
I'll have to stop providing the Window version publicly.
Thereby killing the popularity of your own project? Issues like this are a fact of life for any software project, and the more popular the software is the more people will notice and report bugs.
That said, I'd pin the false positive issue so that people are aware that it's a known thing. Currently it doesn't show under Issues right away so I think a lot of the people reporting it think their report is the 1st thereof.
if you think this is a trojan. If you really want to report an issue, please provide evidence why this is a trojan.
The problem isn't that I think it's a trojan, it's that the target PC's Zscaler installation thinks it is, and so I can't update. I don't have admin rights on the target PC so there's nothing I can do to work around that.
Martchus
commented
1 year ago Maybe it is the first time someone reported this for this particular release but it happened before multiple times and only recently again for the last release.
Thereby killing the popularity of your own project? Issues like this are a fact of life for any software project, and the more popular the software is the more people will notice and report bugs.
This is not a commercial project. I don't gain anything by "selling" more units/licenses and unfortunately the number of contributors is quite low anyways. (Especially Windows users don't seem to be interested in contributing at all. They are almost only creating issues which just means more work for me.)
The problem isn't that I think it's a trojan, it's that the target PC's Zscaler installation thinks it is, and so I can't update. I don't have admin rights on the target PC so there's nothing I can do to work around that.
That's not a problem of Syncthing Tray itself so reporting an issue here will not get you any help. Even if I wanted, I could not help you.
I could submit a false-positives as it has already been done by a user for the previous release (https://github.com/Martchus/syncthingtray/issues/189) but that's something you can simply do on your own without my help. I personally don't have any interest in submitting such reports because unless I had a way of automating it that is not a long-term sustainable approach.
Martchus
commented
1 year ago By the way, something that I in fact plan to do is signing releases so you can verify the integrity of the binaries on GitHub. I don't think it is likely that they are ever compromised but that is at least a slight improvement which I'm going to implement when I have the time and motivation.
(One can also download binaries from https://martchus.no-ip.biz/repo/arch/ownstuff/os/x86_64 and those archives are already signed.)
jdrch
commented
1 year ago @Martchus Thanks!
Before reporting, please have a look at "Known bugs and workarounds".
Note that I cannot support all operating systems, their flavors and different tooling you might be using (Anti Virus scanners, GNU/Linux desktop environments, AUR helpers, …). So please avoid filing bug reports specific to them and contact the respective vendors instead.
Note that adaptions for newer versions of certain platforms (or for completely new platforms) would be feature requests and not bugs. So for instance, making Syncthing Tray work under an updated/new GNU/Linux desktop environment should be filed as a feature request and not a bug report.
Note that I will likely have to reject bug reports about Wayland-specific problems due to limitations of that protocol which I cannot workaround from my side.
Relevant components
syncthingctl)libsyncthing)Environment and versions
syncthingtray,qtutilitiesandc++utilities: v1.4.4Bug description Multiple anti-malware engines detect trojans in the
syncthingtray-1.4.4-x86_64-w64-mingw32.exe.zipfileSteps to reproduce
Expected behavior
No Trojans.