Integration with VirusTotal

microsoft / winget-cli

WinGet is the Windows Package Manager. This project includes a CLI (Command Line Interface), PowerShell modules, and a COM (Component Object Model) API (Application Programming Interface).

https://learn.microsoft.com/windows/package-manager/

MIT License

23.15k stars 1.45k forks source link

Integration with VirusTotal #4854

Closed ChaseKnowlden closed 2 weeks ago

ChaseKnowlden commented 2 weeks ago

Description of the new feature / enhancement

An integration to add VirusTotal into winget to prevent bad programs from being installed.

Proposed technical implementation details

Chocolatey already uses VirusTotal to check if the package you're trying to install has viruses. If so, then it would not be available to install.

denelon commented 2 weeks ago

@ChaseKnowlden, we already integrate with an internal security service at Microsoft for all submissions to the WinGet Community Repository. This service includes multiple AV partners. If you ever believe a package submission includes PUA, Malware, or any other security problem, we have a way for you to report the security incident. Thanks for being security minded!