belav
CSharpier detected as Malware by AVG
Environments
- IDE Version: Rider 2023.3.3
- Extension Version: 1.8.2
- CSharpier Version: 0.30.2
will NOT be the same as the extension version - Operating System: Windows 11
- .csharpierrc Settings:
- .editorconfig Settings:
Log Output Not relevant log ouptut
Steps to reproduce
- Install AVG
- Update AVGdefinitions to the latest available release
- Open the IDE
Expected behavior AVG should not detect AVG as malware
Actual behavior AVG will complain about CSharpier being IDP.Generic malware
Please report it as false positive when you're sure there's no risk. https://www.avg.com/en-ww/report-false-positive
It is a false positive so feel free to report it. I don't see any reason that I would need to report it for you.
How do I know you is not impersonating the real author or someone in Jetbrains is infecting the plugin and doing a supply chain attack? Yes probably is better that AVG takes a look at that.
How do I know you is not impersonating the real author or someone in Jetbrains is infecting the plugin and doing a supply chain attack? Yes probably is better that AVG takes a look at that.
Good point, I shouldn't just dismiss it as a false positive immediately.
The git history is available to view, and you can build the nuget package from source to compare it to what is avaiable on nuget.
You can do the same for the rider plugin, downloading it from jetbrains and building it from source.
When I did that just now the initial zip file had a different size, but after unpacking it the jar files inside are the same size. BeyondCompare supports comparing the contents of jar files and the only difference showing between the jar I created and the one from jetbrains is the plugin.xml file. Although it isn't clear what is actually different in the xml file.