-
Notifications
You must be signed in to change notification settings - Fork 767
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
extension.bundle.js detects as Trojan #4967
Comments
A new alerts today after removing previous files by AV:
|
One option to fix this is to
|
It’s not entirely clear how running the action on the GitHub platform will help fix the problem that when you try to update an extension, the antivirus complains about the downloaded files of this extension |
Jude was talking about how we're going to fix the problem. The bytes in our obfuscated output are matching the signature used to identify the trojan. Obfuscation generates random hex values for the names of functions and occasionally we end up matching some series of bytes for a virus. One solution would be for us to check for this scenario and if it happens, redo the obfuscation. |
Thanks a lot for the explanation |
It should be a false positive. We believe the obfuscated code is generating a byte pattern that matches some trojan. You can double check that you have the released version by installing it directly from the marketplace . |
I tried to completely remove the extension from vscode and install the latest version from the store, and upon installation the antivirus complaint occurs again
I believe this could potentially be a false positive. But I believe even more that I installed the antivirus for a reason. And trusting this or that application without a reason, based only on the promises of the developers, is not the smartest idea. |
This was fixed by https://github.com/microsoft/pyrx/pull/5467/files#r1676259192. Our build will now fail (and need to be re-run) if Windows Defender finds a threat in our VSIX. |
Related to #2045 (new question because those issue was closed with suggestions to create a new one)
The text was updated successfully, but these errors were encountered: