Thread: DotMod Releases
View Single Post
Old 12-21-23, 04:30 AM   #180
grzegorz75jan
Nub
 
Join Date: Nov 2023
Posts: 2
Downloads: 1
Uploads: 0
Default
Update available.
https://github.com/DotModGroup/ColdW...ases/tag/v0.4b

Quote:
@everyone
I apologize for the inconvenience, but it seems that recompiling the installer program did what I worried it might -- trigger anti-malware suites. I knew this could happen, but usually it results in Windows Defender removing it the moment I finish compiling it. Since that didn't happen, I assumed it was fine, however it seems I was most sorely mistaken. This is my fault and I 100% should have done more testing to make sure that it wasn't utterly broken. I've uploaded a new version of the release with the old installer executable and the old version of the source code. Again, this is entirely my fault and I absolutely should've done more testing. If you've already installed v0.4b, then you don't need to do anything, since there's no change to the actual mod content. If you plan on doing a manual install when this gets to you, proceed as before. You only need to re-download if you attempted to use the installer and it didn't work/gave you an error from your anti-malware suite. Here's hoping the old executable doesn't do the same, in which case I'm in a world of pain.
Sorry, folks.
-- HobbitJack


For those curious, the problem comes with the compiler, Nuitka. Like its counterpart Pyinstaller, anti-malware suites tend to have a rather picky time with executables compiled with these two softwares. In the end, the reason for this is fairly simple: Anti-malware suites look, among heuristic data and calls to various OS commands, at patterns of source code within compiled executables. Since any malware compiled with Pyinstaller and Nuitka would have those softwares' 'signatures' within the file's data, it's an easy thing for malware definitions to pick up on. Unfortunately, it results in a fairly high false positive rate. The program can be compiled directly from the Python source of a completely legitimate program (such as, for example, the source code to the installer included in every download), and we'll still get flagged for it. I sincerely hope this incident, which entirely is my fault for not testing beyond checking whether Windows Defender removed the executable immediately after compiling like it did in the past, has not eroded your trust in me. Again, my sincerest apologies.
https://discord.com/channels/8240840...24680776613889
grzegorz75jan is offline   Reply With Quote