[Change Request] Defender sees CLI as a virus

[David-Maisonave]

This is related to issue https://github.com/Martchus/tageditor/issues/110. I don't use the CLI, and I believe that would be true for most users.

Can the ZIP package be changed so that the CLI is in it's own zip file separated from the GUI app?

That will allow the average user to download the GUI app without having to go through multiple steps to get through the AV (Defender).

Thanks

[Martchus]

I created the CLI wrapper to fix problems people have complained about and I use the CLI sometimes myself. The CLI is actually also one of the features that sets this application apart from other more popular ones.

So there's no simple and good solution to that within the scope of this projects. (A good solution would be that the AV vendor would fix their broken software but that's out of scope here.)

[David-Maisonave]

Why not have a package that excludes the CLI? User who want the CLI can pick the package which has the CLI? Fixing the AV is outside of the scope of this project, but not package management.

[Martchus]

The list of assets is already quite long and doubling that again wouldn't be very nice (especially considering that I may add further architectures/platforms in the future). For my other project Syncthing Tray (which uses the same script for packaging/uploading binaries) it would even be worse. So I'm not sure whether this is the best idea.

Note that package management is also something external contributors can easily do for an open source project like this. In fact this and my other project Syncthing Tray are already distributed by other parties such as various GNU/Linux distributions. So if you really see the need of distributing this software in a special way than nobody is stopping you from doing just that.

I'd also like to note that I personally haven't used Anti Virus scanners anymore for years because the false-positive rate is just generally too high. This is not only about my software but also other software, especially (but not only) games. I still have never had trouble with actual Viruses. I would advise everybody to also just abandon Anti Virus scanners. If you really think having such software makes sense then I suggest improving that software instead of adding workarounds elsewhere.

[sertraline]

I'm here because Firefox now also detects file as malicious (https://virustotal.com/gui/file/b765ff8fdedf8dc1d586c9a017ad9125286e59db3d0bc5b38c032e9e71956d8a). Just to note, abandoning antivirus is not an option for Windows users who use Home edition, since they don't have a group policy editor available to turn Defender off.

[Martchus]

You'll just have to allow it in defender. But yes, this gets more and more annoying. I'll try what's suggested in https://github.com/Martchus/syncthingtray/issues/207#issuecomment-1832601777.

[Martchus]

Note that I filed a submission/dispute for my other project Syncthing Tray, see https://github.com/Martchus/syncthingtray/issues/207#issuecomment-1834457752. I also mentioned Tag Editor. Let's see whether that will help.

[Martchus]

By the way, for now I guess the best workaround is to add an exclusion: https://support.microsoft.com/en-us/windows/add-an-exclusion-to-windows-security-811816c0-4dfd-af4a-47e4-c301afe13b26

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[Martchus]

The submission/dispute worked for Syncthing Tray which remains undetected according to Virus Total. The CLI of Tag Editor on the other hand is still wrongly detected so I suppose I'll have to file a separate submission.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.