[
Date Prev][Date Next][
Thread Prev][Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [eclemma-dev] Is the AV detection on the Eclemma docs plugin on the 2023-12 release of JDT a FP?
|
I've reported it as a false positive to the AV vendors. Hopefully
they'll remove the signatures.
Thanks,
Alan
On 2023-12-26 5:41 a.m., Marc Hoffmann
wrote:
Hi Alan,
thanks for raising this issue! For me it looks like a
false positive:
1) Eclipse distro build is a different bild than on
GitHub. Therefore the different signature.
2) Distro jar
(org.eclipse.eclemma.doc_3.1.8.202311140945.jar) triggers
several warnings (see below), GitHub release jar
(org.eclipse.eclemma.doc_3.1.8.202312121452.jar) is green.
3) I compared both JARs: No differences beside the Meta
information about build timestamp und release commit.
Is there anything we can do about it?
Best regards,
-marc
> On 26. Dec 2023, at 09:03, Al T via eclemma-dev
<eclemma-dev@xxxxxxxxxxx> wrote:
>
> Sorry if this isn't the correct place to ask this.
>
> The plugin named
"org.eclipse.eclemma.doc_3.1.8.202311140945.jar" with
SHA256
E5F6C8694784E7DC01B69621885DCF848DD266357C5B250FF2058E63278C3AC4
in the 2023-12 release of Eclipse IDE is detected by
multiple AV engines on VirusTotal. It's included in both
the Eclipse IDE JDT and JEE 2023-12 releases. It doesn't
match the 3.1.8 build on the Eclemma website and Github.
Is this a false positive?
>
> Thanks,
> Alan
>
> _______________________________________________
> eclemma-dev mailing list
>
eclemma-dev@xxxxxxxxxxx
> To unsubscribe from this list, visit
https://www.eclipse.org/mailman/listinfo/eclemma-dev