Closed louspringer closed 1 year ago
Hello, @louspringer! Thank you very much for opening this issue. I will investigate it as quickly as possible and let you know once a fix is released or if we discover that this is a false-positive. A couple of Sourcery releases were also flagged as potential malware in the past by some antiviruses, but they all turned out to be just false positives. Hopefully, this will be the case again.
To reproduce @louspringer's results:
sourcery.sourcery-1.3.0.vsix
into a directory (e.g. sourcery.sourcery-1.3.0/
)sourcery.sourcery-1.3.0/extension/sourcery_binaries/install/linux/sourcery
sourcery.sourcery-1.3.0/extension/sourcery_binaries/install/mac/sourcery
sourcery.sourcery-1.3.0/extension/sourcery_binaries/install/win/sourcery.exe
Following the steps outlined above, I got the following results:
I also uploaded the binaries from the latest Sourcery build (not yet released) and got the following results:
I will keep investigating this and keep you posted.
Updates:
If you are getting virus reports from any of those antiviruses, please update your antivirus in the next few days. Sourcery will then be considered safe. You can also safelist the Sourcery executable since the antivirus vendors confirmed nothing is wrong with it.
Regarding the violation found on Windows, the issue is actually a "low confidence score" issued by a single vendor, which doesn't actually mean that there's anything wrong with the executable.
I'll close this issue for now since there doesn't seem to be anything wrong with the Sourcery executable - and that the oncoming release does not trigger any violations in VirusTotal.
Thank you again for opening this issue, and please let us know if the problem persists in the future!
Checklist
Description
6 securtity vendors have flagged the MacOS VS Code plugin as containing malicious software.
Code snippet that reproduces issue
n/a
Debug Information
IDE Version: VS Code Version: 1.79.0
Sourcery Version: Uninstalled, unknown, latest.
Operating system and Version: MacOS 13.3.1 (a) (22E772610a)
6 securtity vendors have flagged the MacOS VS Code plugin as containing malicious software.