Windows Defender identifies proc-macro-hack's transitive dependency artifacts as a threat

[ErichDonGubler]

How To Reproduce

1. Use a Windows 11 installation with up-to-date threat definitions for Windows Defender (as of 2022-07-15).

2. Clone this project using Git.

3. Run cargo build.

4. Observe that Windows Defender will (eventually) flag files in the user's Temp folder as severe threats, like the following screenshot:

   

   This can be expedited by navigating to %USERPROFILE%\AppData\Local in Windows Explorer and initiating a Quick Scan:

   

Expected Outcome

Windows shouldn't be flagging this library's build artifacts as malicious...unless that's your intent! 😜

Actual Outcome

Windows flags a threat as described above.

Additional Details

• This should be fixable after Windows Defender identifies proc-macro-hack dependency artifacts as a threat rust-phf/rust-phf#255 is resolved and published. I have a PR open for it already.
• Cargo.toml entry: Reproducing on my machine with commit 88f4028 with no modifications.
• Rust version(s): rustc 1.60.0 (7737e0b5c 2022-04-04)
• Target platform: Windows 11, version 10.0.22000.

[Ogeon]

Huh, that's definitely not the intended effect! Thanks for notifying, I'll keep an eye on this for sure and see what can be done.

[ErichDonGubler]

phf upstream has published v0.11.0, which contains the fix mentioned above. This seems like a straightforward fix now! 🎉

[Ogeon]

Perfect! Thank you! 🎉 I'll see how far back I actually need to patch but I'll check 0.4, 0.5 and 0.6.

[Ogeon]

Looks like it's only present in 0.6.0 among the published versions.

[Ogeon]

A 0.6.1 patch has been published and its changes have been merged up to the master branch.

Thanks once again!