upgrade - useRememberedArgumentsForUpgrades feature does not remember C4B/Pro specific install arguments

[bcurran3]

Originally here: https://github.com/chocolatey/choco/issues/1547

Similar to https://github.com/chocolatey/choco/issues/797 Follow on enhancement to https://github.com/chocolatey/choco/issues/797

What You Are Seeing? Chocolatey licensed arguments, specifically --skip-virus-check are not remembered or used during a cup procedure.

What is Expected? For Chocolatey licensed editions install arguments to be remembered and used the same way as Chocolatey FOSS.

How Did You Get This To Happen? (Steps to Reproduce) & Output Log There are a number of packages that get get flagged by Chocolatey licensed editions as possible malware during install. Yeah, I know default is 4 minimum positives for abort and I know I can change it, BUT it sure would be nice to have "--skip-virus-check" remembered on some packages and not have to see upgrades fail and then manually upgrade them.

i.e.: (sysinternals packaged installed via "cinst sysinternals --skip-virus-check" and [x] useRememberedArgumentsForUpgrades)

C:\WINDOWS\system32>cup sysinternals Chocolatey v0.10.10 Professional Upgrading the following packages: sysinternals By upgrading you accept licenses for the packages.

You have sysinternals v2018.1.18 installed. Version 2018.2.13 is available based on your source(s). Progress: Downloading sysinternals 2018.2.13... 100%

sysinternals v2018.2.13 [Approved] sysinternals package files upgrade completed. Performing other installation steps. Sysinternals Suite is going to be installed in 'C:\ProgramData\chocolatey\lib\sysinternals\tools' File appears to be downloaded already. Verifying with package checksum to determine if it needs to be redownloaded. Hashes match. Virus check: 7/61 scan engines flagged this assembly. Due to possible false positives we fail at 4 minimum positives. Virus scan engine 'Cylance' found potential 'Unsafe'. Virus scan engine 'TrendMicro-HouseCall' found potential 'Suspicious_GEN.F47V0214'. Virus scan engine 'Sophos' found potential 'PsExec (PUA)'. Virus scan engine 'Jiangmin' found potential 'Trojan/Win32.Emotet.a'. Virus scan engine 'Antiy-AVL' found potential 'Trojan/Win32.AGeneric'. Virus scan engine 'Zoner' found potential 'Trojan.Petya'. Virus scan engine 'Yandex' found potential 'Trojan.Agent!MT0GiLQiUhU'. ERROR: Virus scan engines indicate possible malware. If you determine this file is safe, you can use --skip-virus-check to ignore. You may also need to adjust the default minimum positives above the default of 4. For details of the scan results see https://www.virustotal.com/file/90616e1fad661b07c2ff5b13f7cdc023028ab01f91ea204184eb95fc62d3165f/analysis/ The upgrade of sysinternals was NOT successful. Error while running 'C:\ProgramData\chocolatey\lib\sysinternals\tools\chocolateyInstall.ps1'. See log for details.

Chocolatey upgraded 0/1 packages. 1 packages failed. See the log for details (C:\ProgramData\chocolatey\logs\chocolatey.log).

Failures

sysinternals (exited -1) - Error while running 'C:\ProgramData\chocolatey\lib\sysinternals\tools\chocolateyInstall.ps1'. See log for details. This collection of programs is sometimes updated very frequently and it's a pain to constantly manually "cup sysinternals --skip-virus-check" to keep it up to date.

It's put out by Mark Russinovich who is the CTO of Microsoft Azure!!!!!!!!!!! Someone please go smack those AV companies! :)

...and referenced back to https://github.com/chocolatey/choco/issues/797 - but it's currently closed.

┆Issue is synchronized with this Gitlab issue by Unito

[ferventcoder]

This behavior is expected at this time. We plan to enhance this in the future to allow more visibility there.