Malware in com.unity.mathematics

[JamesMcGhee]

You provide this advice with no further information

com.unity.mathematics is a math library for the Unity game engine from Unity its self. Doesn't mean its not a problem but does mean you need to offer some evidence to support your claim.

[darakian]

Hi @JamesMcGhee, is there a particluar advisory you have an issue with? Not sure I follow your concern.

[JamesMcGhee]

@darakian Any project that is a Unity project and references com.unity.mathematics incorrectly identifies Unity's mathematics as malware

Take a look at our System Core and our Stemworks Foundation linked below they both use Mathematics and absolutely that is not malware

https://github.com/heathen-engineering/SystemCore

https://github.com/heathen-engineering/SteamworksFoundation

We have since removed the Dependabot config as its not useful

[darakian]

Hey @JamesMcGhee apologies for this. It seems like there's a bug around processing your manifest file in the context of unity. Many thanks for raising this and I'll relay back to you when we can get action on it! 😃

[KateCatlin]

Chiming in to provide an update here. The relevant team to fix this issue has it on their radar still but is dealing with some pressing concerns so we don't have a timeline yet for addressing it. Thanks for your patience!

[darakian]

Hey @JamesMcGhee sorry for the delay, but we've just recently merged in a fix for this. You shouldn't be seeing these erroneous alerts anymore 😄

I'm gonna close this issue out, but feel free to reopen/make a new issue if you start seeing them again. 👍