Windows Defender scans (downloaded) EF Bundle as a Trojan

[bartlannoeye]

File a bug

I was troubleshooting why EF Bundle did not deploy in one of my teams's Azure DevOps pipelines and thought to quickly download the build artifact to see if it was a Azure DevOps issue or a bundle file issue.

After downloading (both as exe and extracting as zipped root folder), I got a notification from Windows Defender.

Since building local does work, this issue is certainly not critical but I find it very interesting and worth some research.

Include your code

Build agent image:

pool:
  vmImage: 'windows-latest'

Bundle task in build pipeline

  - task: DotNetCoreCLI@2
    displayName: 'Install Dotnet EF Tool'
    inputs:
      command: custom
      custom: "tool"
      arguments: "install --global dotnet-ef"

  - task: DotNetCoreCLI@2
    displayName: EFBundle
    inputs:
      command: custom
      custom: 'ef '
      arguments: 'migrations bundle --self-contained --project "src/Infrastructure/Infrastructure.csproj" --startup-project "src/Api/Api.csproj" -r win-x64 -o $(Build.ArtifactStagingDirectory)/SQL/Bundle.exe --verbose'

[william-liebenberg]

Experiencing this as well right now.

Running dotnet ef migrations bundle on my local Win11 machine triggers Windows Defender.

I'm using:

• .NET 8 SDK: 8.0.204
• EF CLI Tools: 8.0.4

Any mitigation advice would be greatly appreciated 😀

[AndriySvyryd]

The workaround is to add the output folder to exclusion list for Windows Defender