Is there a virus in the Hot Fix 2023/05/17 release?

[Lehnemann]

I don't know much about your code but Bitdefender warns me and I throw the exe file in virustotal.com and It said this to me...

Is it a false positive?

[KnugiHK]

TLDR: It is probably a false positive.

I compile the program with Nuitka in GitHub Action environment. A Python program packed/compiled into a binary is often easily detected as a virus. I checked some issues on Nuitka. Compiling the thing right without being falsely detected is behind their paywall.

I also checked the result from VirusTotal, no detection on Linux and MacOS binaries. Most of the threat detected in Windows's binary is "Lazy", and the sandbox analysis seems fine to me, with no evidence of the binary getting infected by other viruses.

The compiling is done automatically in GitHub Action. To further prevent tampering on the binaries after they are downloaded from the Artifact, I told the workflow to calculate the SHA256 checksum right after the binary is compiled (see commit). The hash will then displayed in the workflow. This (some kind of) security measure will goes into effect starting from next release.

Anyway, when in doubt, you can always review the code (which I always encourage people to do so before using someone else's software) and install the exporter with pip install ..

[Lehnemann]

Thanks.