-
Notifications
You must be signed in to change notification settings - Fork 9.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GitHub Desktop - Flagged by Virus Total Vendors #18549
Comments
Thanks for sharing this @paul-cossey! This does happen quite often when we update GitHub Desktop, especially with Git updates. I have reached out to some vendors in the past when we receive reports of this, and often they will self-resolve. I'll keep an eye out for further reports, but thanks again for the heads up! |
@steveward FWIW, 3.3.17 is still being flagged on VirusTotal: https://www.virustotal.com/gui/file/3f503171e8eb6139ff6cd693dd59798f1e3216233f06985bf663ba34496e1b98/detection/f-3f503171e8eb6139ff6cd693dd59798f1e3216233f06985bf663ba34496e1b98-1715274325 Because of this, automations I have in place to keep my macOS fleet up to date are being held back. >0 VT detections on a package trigger the automation to fail. I can handle this manually and accept it as a false positive, but it'd be great to...not have to do that. For additional context, the following tools are in use for this automation: Happy to chat further and discuss workflows if necessary. AutoPkg (and the VirusTotalAnalyzer post-processor) are very popular tools within the MacAdmins community, so this is likely affecting many more folks than take the time to open an issue or otherwise report it. I understand some of this is out of GitHub's control, especially interacting with third parties scanning your code/packages, but anything that can potentially be done to reduce the risk of false positives would be awesome. |
Thanks for sharing that @mhrono. I'll reopen this for further investigation. |
I uploaded the most recent version of GitHub Desktop and only one vendor (Ikarus) was flagging that version. I've reached out to Ikarus to get them to mark this as a false positive, and will follow up here when they confirm the change. |
Thanks, @steveward! |
Morning, @steveward I just rescanned our initial alert https://www.virustotal.com/gui/file/79dd7a600c1598cbf32603570aed72a57a3f52495bff30f795e401256bf4352b?nocache=1 And we now have a clean bill of health! 🎉 I'm happy for this to be closed if you are. Thanks for you efforts on this, much appreciated |
The problem
Hi, Folks
Not really a bug, but the latest version of GitHub Desktop for macOS is being flagged by a couple of vendor on Virus Total.
I'm pretty sure these are false positives, but you may wish to work with vendors to correct the errors.
https://www.virustotal.com/gui/file-analysis/ODJjMTMyNDExOWU4M2RiMzRhOGI5YWYwM2I0YWMxZjk6MTcxNDc0MDk3OA==
Thanks!
Release version
3.3.14
Operating system
macOS
Steps to reproduce the behavior
Download GitHub Desktop for macOS (Intel or Apple Silicon)
Upload to https://www.virustotal.com
Log files
No response
Screenshots
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: