ggandor
commented
3 years ago 
This seems to be a valid threat, not a false positive. I have tried all the ones above 0.9, with the same result. The Linux binaries seem fine, at least the most recent one.
Closed ggandor closed 3 years ago
ggandor
commented
3 years ago
This seems to be a valid threat, not a false positive. I have tried all the ones above 0.9, with the same result. The Linux binaries seem fine, at least the most recent one.
technomancy
commented
3 years ago This seems to be a valid threat
I don't understand what this means. Are you saying that fennel-lang.org was compromised and the binaries hosted on that site were replaced with versions containing malware?
ggandor
commented
3 years ago Oh, I meant Win32/Uwamson.A!ml seems to be some actual, potentially dangerous malware.
Are you saying that fennel-lang.org was compromised and the binaries hosted on that site were replaced with versions containing malware?
I guess...(?) I wanted to upgrade to 0.9.2, but was unable to execute it, access was denied immediately. It's the same with any of the Windows binaries that I download from fennel-lang.org now.
technomancy
commented
3 years ago Oh, I meant Win32/Uwamson.A!ml seems to be some actual, potentially dangerous malware.
Sorry, that doesn't really make things any clearer. I have never heard of Win32/Uwamson.A!ml before; how is it related to Fennel?
What makes you think that this is not a false positive?
ggandor
commented
3 years ago I have never heard of Win32/Uwamson.A!ml before; how is it related to Fennel?
No idea, I haven't heard of it before either. I have found a more or less recent, related issue: https://github.com/clangen/musikcube/issues/436 This could be some false positive after all, but even if that is the case, the problem still persists, namely that the OS simply doesn't allow to run the .exe files now. (There doesn't seem to be any way to circumvent the restriction.)
technomancy
commented
3 years ago Sure, OK. But I don't see how this is a problem with Fennel; it seems like an issue with your OS. Nothing much we can do on our side.
ggandor
commented
3 years ago I see, but the maintainer wrote in that linked issue that a Visual Studio update + recompilation solved the problem for them, so I thought maybe something could be done after all.
technomancy
commented
3 years ago OK, I see; maybe you can build from source and use that to work around your problem.
technomancy
commented
3 years ago I had to upload a new version to fix an unrelated issue with #351 so you can see if it still flags the new version.
ggandor
commented
3 years ago The new version of 0.9.2 works, it's not flagged anymore. Thank you for your assistance!