janz Virus Detected

[louspringer]

Checklist

• [x] I have searched the Sourcery documentation for the issue, and found nothing
• [x] I have checked there are no open bugs referencing the same bug or problem

Description

6 securtity vendors have flagged the MacOS VS Code plugin as containing malicious software.

Code snippet that reproduces issue

n/a

Debug Information

IDE Version: VS Code Version: 1.79.0

Sourcery Version: Uninstalled, unknown, latest.

Operating system and Version: MacOS 13.3.1 (a) (22E772610a)

6 securtity vendors have flagged the MacOS VS Code plugin as containing malicious software.

[louspringer]

https://www.virustotal.com/gui/file/7928abba5c4c12e7ead23854978c79559de74943c10d76f4e2f0414e196ae509/detection

[ruancomelli]

Hello, @louspringer! Thank you very much for opening this issue. I will investigate it as quickly as possible and let you know once a fix is released or if we discover that this is a false-positive. A couple of Sourcery releases were also flagged as potential malware in the past by some antiviruses, but they all turned out to be just false positives. Hopefully, this will be the case again.

Steps to reproduce

To reproduce @louspringer's results:

1. download the Sourcery plugin from the Visual Studio Marketplace
2. extract the contents of the downloaded file sourcery.sourcery-1.3.0.vsix into a directory (e.g. sourcery.sourcery-1.3.0/)
3. find the binaries for Linux, MacOS and Windows in their respective subdirectories:
   1. Linux: sourcery.sourcery-1.3.0/extension/sourcery_binaries/install/linux/sourcery
   2. MacOS: sourcery.sourcery-1.3.0/extension/sourcery_binaries/install/mac/sourcery
   3. Windows: sourcery.sourcery-1.3.0/extension/sourcery_binaries/install/win/sourcery.exe

Results

Following the steps outlined above, I got the following results:

1. :green_heart: Linux: no issues - https://www.virustotal.com/gui/file/e772ef8dbd861309c74ae080bf088d8cb96b2d8f8357a6c4eb33b15c2291ffb0
2. :red_circle: MacOS: 5 security vendors found violations - https://www.virustotal.com/gui/file/7928abba5c4c12e7ead23854978c79559de74943c10d76f4e2f0414e196ae509
3. :red_circle: Windows: 1 security vendor found a violation - https://www.virustotal.com/gui/file/6464a3aa93364f002550995df407378c3effd2128af580775fc125e7c81955e4/detection

Latest commit

I also uploaded the binaries from the latest Sourcery build (not yet released) and got the following results:

1. :green_heart: Linux: no issues - https://www.virustotal.com/gui/file/f38cbc62229e34683afbe836c64396386079d8bf1ce223590ae5e799fcbc6875?nocache=1
2. :green_heart: MacOS: no issues - https://www.virustotal.com/gui/file/721bab50ef01997d958e9609a400cdc65fc79a3a3b0a361b23560db625348f20
3. :red_circle: Windows: 1 security vendor found a violation - https://www.virustotal.com/gui/file/f619b0e81fa51f7bc686264613c69011e06aca9a25f22d2e07fc180c23feb381?nocache=1

I will keep investigating this and keep you posted.

[ruancomelli]

Updates:

• :green_heart: after submitting a false positive claim, Avira reported that our executable is safe :partying_face:
• :green_heart: even though it was not listed in the VirusTotal report, Avast was also detecting potential malware threats in the Sourcery executable (this was reported by one of our users using our e-mail support); I contacted Avast and they also admitted it was a false positive;

If you are getting virus reports from any of those antiviruses, please update your antivirus in the next few days. Sourcery will then be considered safe. You can also safelist the Sourcery executable since the antivirus vendors confirmed nothing is wrong with it.

Regarding the violation found on Windows, the issue is actually a "low confidence score" issued by a single vendor, which doesn't actually mean that there's anything wrong with the executable.

I'll close this issue for now since there doesn't seem to be anything wrong with the Sourcery executable - and that the oncoming release does not trigger any violations in VirusTotal.

Thank you again for opening this issue, and please let us know if the problem persists in the future!