search

liuweiGL / vite-plugin-mkcert

Provide certificates for vite's https dev service.
https://www.npmjs.com/package/vite-plugin-mkcert
MIT License
584 stars 37 forks source link

VirusTotal flags this as possible malaware #41

Closed sshevlyagin closed 2 years ago

sshevlyagin commented 2 years ago

Describe the bug

I'm using

    "vite": "^3.0.9",
    "vite-plugin-mkcert": "^1.9.0"

Reproduction

My system inspects executables and mkcert in ./vite-plugin-mkcert gets flagged as malaware from the scan https://www.virustotal.com/gui/file/a32dfab51f1845d51e810db8e47dcf0e6b51ae3422426514bf5a2b8302e97d4e/detection

System Info

Output of npx envinfo --system --npmPackages vite,@vitejs/plugin-vue --binaries --browsers:

 System:
    OS: macOS 12.5.1
    CPU: (10) arm64 Apple M1 Max
    Memory: 284.58 MB / 64.00 GB
    Shell: 5.8.1 - /bin/zsh
  Binaries:
    Node: 18.8.0 - ~/.nvm/versions/node/v18.8.0/bin/node
    Yarn: 1.22.19 - /opt/homebrew/bin/yarn
    npm: 8.18.0 - ~/.nvm/versions/node/v18.8.0/bin/npm
  Browsers:
    Chrome: 104.0.5112.101
    Firefox: 103.0.2
    Safari: 15.6.1
  npmPackages:
    vite: ^3.0.9 => 3.0.9

Used package manager: yarn

Logs 

➜ git:(main) ✗ yarn dev
yarn run v1.22.19
warning package.json: No license field
$ vite
{ mkcert: [Function: plugin] }
(node:26274) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time
(Use `node --trace-warnings ...` to show where the warning was created)

Santa

This application has been blocked from executing. Please use Precinct to vote to have this application added to the whitelist.

Path:       /Users/sshevlyagin/.vite-plugin-mkcert/mkcert
Identifier: a32dfab51f1845d51e810db8e47dcf0e6b51ae3422426514bf5a2b8302e97d4e
Parent:     node (26274)

More info:
[...](https://www.virustotal.com/gui/file/a32dfab51f1845d51e810db8e47dcf0e6b51ae3422426514bf5a2b8302e97d4e/detection)

error when starting dev server:
Error: Command failed: "/Users/sshevlyagin/.vite-plugin-mkcert/mkcert" -install -key-file "/Users/sshevlyagin/.vite-plugin-mkcert/certs/dev.key" -cert-file "/Users/sshevlyagin/.vite-plugin-mkcert/certs/dev.pem" localhost 127.0.0.1 192.168.4.107

    at ChildProcess.exithandler (node:child_process:412:12)
    at ChildProcess.emit (node:events:513:28)
    at maybeClose (node:internal/child_process:1091:16)
    at Socket.<anonymous> (node:internal/child_process:449:11)
    at Socket.emit (node:events:513:28)
    at Pipe.<anonymous> (node:net:313:12)
error Command failed with exit code 1.
liuweiGL commented 2 years ago

Sorry, there's nothing i can do

https://github.com/FiloSottile/mkcert/issues/153

sshevlyagin commented 2 years ago

I see, thanks for the link!