This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2022-10-04
Channels
- # aleph (23)
- # announcements (1)
- # babashka (21)
- # beginners (70)
- # biff (3)
- # cider (8)
- # clj-kondo (45)
- # clj-yaml (9)
- # clojure (69)
- # clojure-europe (82)
- # clojure-nl (1)
- # clojure-norway (2)
- # clojurescript (34)
- # conjure (19)
- # core-typed (6)
- # cursive (2)
- # events (5)
- # fulcro (55)
- # honeysql (1)
- # integrant (18)
- # jobs (1)
- # lsp (124)
- # malli (10)
- # meander (1)
- # off-topic (26)
- # polylith (8)
- # reagent (7)
- # releases (1)
- # remote-jobs (1)
- # sci (2)
- # shadow-cljs (19)
- # squint (5)
- # vim (17)
- # xtdb (31)
Anyone else on Windows seeing this? https://twitter.com/askonomm/status/1577415413280956416
Just fired up my Windows 10 VM and fired up Edge browser and after initiating downloading https://github.com/babashka/babashka/releases/download/v0.10.163/babashka-0.10.163-windows-amd64.zip I see:
Not much more detail on this threat from microsoft: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Script/Wacatac.H!ml
@U026NQLSBLH says on twitter: if he scans the scoop-installed .exe there are no threats found
I think it would be nice to get this in sooner than later. https://github.com/babashka/babashka/issues/1369 Going for some 💤 now, let's keep an eye on it...
Just tried a scoop update *
and…
Updating 'babashka' (0.9.162 -> 0.10.163)
Downloading new version
babashka-0.10.163-windows-amd64.zip (20.5 MB) [=====================================================================================================================================================] 100%
Checking hash of babashka-0.10.163-windows-amd64.zip ... Get-FileHash : The file 'C:\Users\lee\scoop\cache\babashka#0.10.163#https_github.com_borkdude_babashka_releases_download_v0.10.163_babashka-0.10.163-windows-amd64.zip' cannot be read: Operation did not
complete successfully because the file contains a virus or potentially unwanted software.
At C:\Users\lee\scoop\apps\scoop\current\lib\install.ps1:697 char:21
+ ... return (Get-FileHash -Path $file -Algorithm $algname).Hash.T ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ReadError: (C:\Users\lee\sc...ndows-amd64.zip:PSObject) [Write-Error], WriteErrorException
+ FullyQualifiedErrorId : FileReadError,Get-FileHash
ERROR You cannot call a method on a null-valued expression.
Get-Content : Operation did not complete successfully because the file contains a virus or potentially unwanted software.
At C:\Users\lee\scoop\apps\scoop\current\lib\core.ps1:1142 char:16
+ return Get-Content $file -Encoding byte -TotalCount 8
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ReadError: (C:\Users\lee\sc...ndows-amd64.zip:String) [Get-Content], IOException
+ FullyQualifiedErrorId : GetContentReaderIOError,Microsoft.PowerShell.Commands.GetContentCommand
ERROR Hash check failed!
App: scoop-clojure/babashka
URL:
First bytes:
Expected: a81a76b432b47da301ff3192ad97100abe9d98490f16a9d33ff8f6ffcff8f180
Actual:
Please try again or create a new issue by using the following link and paste your console output:
I've submitted the file to MS security as a suspected false positive, but I don't really know anything about their review process or turn-around time or anything. The scanner doesn't have any problem with the .exe file, just the .zip.
I remember we had this issue once in the past. I also submitted binary along with a reference to release file on Github so they can analyse it and mark as false positive.
I think this might be addressed now - MS came back and said they can't reproduce a detection, so I tried on a machine where I've never d/led babashka and Windows is fine with it there
Nice! Can confirm: • download with Edge of https://github.com/babashka/babashka/releases/download/v0.10.163/babashka-0.10.163-windows-amd64.zip now produces no virus warning • scoop update of babashka now installs fine
@U013JFLRFS8 for future ref, where did you submit to Microsoft? Here?: https://www.microsoft.com/en-us/wdsi/filesubmission