[Package Issue]: Anchor.cli

[benburkert]

Please confirm these before moving forward

• [X] I have searched for my issue and not found a work-in-progress/duplicate/resolved issue.
• [X] I have not been informed if the issue is resolved in a preview version of the winget client.

Category of the issue

Other

Brief description of your issue

The last two release CI runs for the Anchor.cli package failed due to "Validation-Defender-Error". I have been able to install manually by running winget install --manifest . and ran a windows defender scan on the directory containing the binary, but there was no issue detected.

It looks like most other (possible all) open PRs with the "Validation Defender Error" label are also Go programs build with a recent release of Go. Could this security scanner be triggering all Go binaries?

https://github.com/microsoft/winget-pkgs/pulls?q=is%3Apr+label%3AValidation-Defender-Error+is%3Aopen

Steps to reproduce

See #177862 and #175317.

Actual behavior

"Installer failed security check"

Expected behavior

a successful install.

Environment

Windows Package Manager v1.8.1911
Copyright (c) Microsoft Corporation. All rights reserved.

Windows: Windows.Desktop v10.0.22631.4169
System Architecture: X64
Package: Microsoft.DesktopAppInstaller v1.23.1911.0

Winget Directories
-----------------------------------------------------------------------------------------------------------------------
Logs                               %LOCALAPPDATA%\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\LocalState\Diag…
User Settings                      %LOCALAPPDATA%\Packages\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\LocalState\sett…
Portable Links Directory (User)    %LOCALAPPDATA%\Microsoft\WinGet\Links
Portable Links Directory (Machine) C:\Program Files\WinGet\Links
Portable Package Root (User)       %LOCALAPPDATA%\Microsoft\WinGet\Packages
Portable Package Root              C:\Program Files\WinGet\Packages
Portable Package Root (x86)        C:\Program Files (x86)\WinGet\Packages
Installer Downloads                %USERPROFILE%\Downloads

Links
---------------------------------------------------------------------------
Privacy Statement   https://aka.ms/winget-privacy
License Agreement   https://aka.ms/winget-license
Third Party Notices https://aka.ms/winget-3rdPartyNotice
Homepage            https://aka.ms/winget
Windows Store Terms https://www.microsoft.com/en-us/storedocs/terms-of-sale

Admin Setting                             State
--------------------------------------------------
LocalManifestFiles                        Enabled
BypassCertificatePinningForMicrosoftStore Disabled
InstallerHashOverride                     Disabled
LocalArchiveMalwareScanOverride           Disabled
ProxyCommandLineOptions                   Disabled
DefaultProxy                              Disabled

Screenshots and Logs

No response

[stephengillie]

I run a search each morning, to retry PRs with the label https://github.com/microsoft/winget-pkgs/labels/Validation-Defender-Error. My automation is supposed to retry these every 18 hours, but doesn't always catch all of them.

This might be considered as a feature request for better retry automation on Defender errors.