Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

GitHub Desktop - Flagged by Virus Total Vendors #18549

Open
paul-cossey opened this issue May 3, 2024 · 6 comments
Open

GitHub Desktop - Flagged by Virus Total Vendors #18549

paul-cossey opened this issue May 3, 2024 · 6 comments
Assignees
@steveward

Comments

@paul-cossey
Copy link

The problem

Hi, Folks

Not really a bug, but the latest version of GitHub Desktop for macOS is being flagged by a couple of vendor on Virus Total.

I'm pretty sure these are false positives, but you may wish to work with vendors to correct the errors.

https://www.virustotal.com/gui/file-analysis/ODJjMTMyNDExOWU4M2RiMzRhOGI5YWYwM2I0YWMxZjk6MTcxNDc0MDk3OA==

Thanks!

Release version

3.3.14

Operating system

macOS

Steps to reproduce the behavior

Download GitHub Desktop for macOS (Intel or Apple Silicon)
Upload to https://www.virustotal.com

Log files

No response

Screenshots

No response

Additional context

No response
@steveward
Copy link
Member

Thanks for sharing this @paul-cossey! This does happen quite often when we update GitHub Desktop, especially with Git updates. I have reached out to some vendors in the past when we receive reports of this, and often they will self-resolve. I'll keep an eye out for further reports, but thanks again for the heads up!

@mhrono
Copy link

mhrono commented May 13, 2024

@steveward FWIW, 3.3.17 is still being flagged on VirusTotal: https://www.virustotal.com/gui/file/3f503171e8eb6139ff6cd693dd59798f1e3216233f06985bf663ba34496e1b98/detection/f-3f503171e8eb6139ff6cd693dd59798f1e3216233f06985bf663ba34496e1b98-1715274325

Because of this, automations I have in place to keep my macOS fleet up to date are being held back. >0 VT detections on a package trigger the automation to fail. I can handle this manually and accept it as a false positive, but it'd be great to...not have to do that.

For additional context, the following tools are in use for this automation:

Happy to chat further and discuss workflows if necessary. AutoPkg (and the VirusTotalAnalyzer post-processor) are very popular tools within the MacAdmins community, so this is likely affecting many more folks than take the time to open an issue or otherwise report it. I understand some of this is out of GitHub's control, especially interacting with third parties scanning your code/packages, but anything that can potentially be done to reduce the risk of false positives would be awesome.

@steveward
Copy link
Member

Thanks for sharing that @mhrono. I'll reopen this for further investigation.

@steveward steveward reopened this May 13, 2024
@steveward steveward mentioned this issue May 16, 2024
Closed
@steveward steveward self-assigned this May 20, 2024
@steveward
Copy link
Member

I uploaded the most recent version of GitHub Desktop and only one vendor (Ikarus) was flagging that version. I've reached out to Ikarus to get them to mark this as a false positive, and will follow up here when they confirm the change.

@paul-cossey
Copy link
Author

Thanks, @steveward!

@paul-cossey
Copy link
Author

Morning, @steveward

I just rescanned our initial alert https://www.virustotal.com/gui/file/79dd7a600c1598cbf32603570aed72a57a3f52495bff30f795e401256bf4352b?nocache=1

And we now have a clean bill of health! 🎉

I'm happy for this to be closed if you are.

Thanks for you efforts on this, much appreciated

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@steveward steveward

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@steveward @paul-cossey @mhrono