Open Coffeeye opened 2 days ago
as always.. check #185 for ex =)
Thats actualy the first time and I've been using prev releases for some time now. Windows never done it before.
Trojan:Win32/Wacatac.B!ml
const { doSign } = require('app-builder-lib/out/codeSign/windowsCodeSign')
/**
@type {import("electron-builder").CustomWindowsSign} sign */ module.exports = async function sign(config, packager) { // Do not sign if no certificate is provided. if (!config.cscInfo) { return }
// Do not sign elevate file, because maybe that prompts virus warning? const targetPath = config.path if (targetPath.endsWith('elevate.exe')) { return }
return doSign(config, packager) }
i dont have code signing certificate..
If this part is not important, please make version that does not implement that part of code and continue with it for future compilation.
Or maybe try different approach if possible ?
If this part is not important, please make version that does not implement that part of code and continue with it for future compilation.
Or maybe try different approach if possible ?
what part? Notthatimportantnah post code for signing
what part?
The one thats rising alert in v1.5.8.0 and does not in v1.5.7.0 :)
what part?
The one thats rising alert in v1.5.8.0 and does not in v1.5.7.0 :)
and what line of code do you think it is ? https://github.com/fedorovvl/tso_client/compare/v1.5.7.0%E2%80%A6v1.5.8.0
Brief look on those changes, I can understand why scanners get suspicious. In my opinion direct loading files from the cloud in a manner that involves dynamic token handling, encrypt, and file operations without full visibility into the structure and content of these files can raise security concerns...
Without insight into what exactly is being downloaded from Dropbox and how it is used, it's difficult to ensure that these operations don't inadvertently introduce vulnerabilities or expose sensitive data?
This gives anyone whos got access to those files a window for manipulation
So the nevest client file raise alarm on W11.