False positive? #35
Comments
|
@lefessan Maybe it is time for a new release and maybe you have some code-signing certificate at OCamlPro that can be used? |
|
It's weird, the executables are generated by cross-compiling on Linux to lower such risks. We currently have no code-signing certificates, but I should probably investigate how to get one... |
|
Note: cross-checking with VirusTotal shows that currently only one vendor flags this file https://www.virustotal.com/gui/file/2ef22dd5544bca090e07472eb9231b6e42996a8d13dac9a360af71b863da1788, according to that Microsoft doesn't do this any more. You therefore possibly want to close this issue as "not reproducible" and can keep the code-signing separate (note: I'm not aware of any "gratis" code-signing option, other than https://about.signpath.io/product/open-source [signing directly in CI/CD]). https://shop.certum.eu/open-source-code-signing-code.html is currently at 25 EUR/year |
The antivirus in Windows Server 2019 flags a Trojan in the Windows binary for v0.9, probably a false positive:
The text was updated successfully, but these errors were encountered: