UPX compression may cause false positives with virus scanners

[mpkorstanje]

It seems like the issue is not that it's a go executable but that its additionally with reduced with UPX. At lest my current understanding. And I wonder if it's necessary.

Originally posted by @tobmaster in https://github.com/cucumber/json-formatter/issues/23#issuecomment-1232194030

I don't know much about Go or UPX or how this project is build.

If someone can:

• verify that UPX is the the root cause of the false positives;
• and remove UPX from the build process

Then I can see it released.

[tobmaster]

Sorry it took so long but it slipped through my attention.

Problem is that UPX packaged executables are often blocked by company virus scanners and proxies. Its cause its often used by hackers to mask their malicious payloads (its another discussion for sec people if that should be an issue but now it is for companies using the formatter)

[ArturN]

This file: https://github.com/cucumber/json-formatter/releases/download/v19.0.0/cucumber-json-formatter-windows-386 triggers 20 out of 69 AV providers: https://www.virustotal.com/gui/file/43533900b5f969029440011f67126f92bec29e04acd3f49915427b5d8ad790b9

This one: https://github.com/cucumber/json-formatter/releases/download/v19.0.0/cucumber-json-formatter-windows-amd64 12/70: https://www.virustotal.com/gui/file/a1b27a9647c6fffc2b0476ff2a52f147b7466c6f8df51fb995654412c776927a