On 17/01/2022 05:30, Thomas Stephen Lee wrote:
Hi, I downloaded, extracted, and ran 0.8.0 https://github.com/koalaman/shellcheck/releases After running, I submitted the file to virustotal with the below result. https://www.virustotal.com/gui/file/f4bce23c11c3919c1b20bcb0f206f6b44c44e26f2bc95f8aa708716095fa0651 Should I be concerned that I ran the program once? Thanks
ShellCheck is available in EPEL (v0.3.8), at least for rhel7, if that is any indication of it's trustworthiness. The (older) EPEL version scans clean on VirusTotal.
You could look at the source code changes between the two releases and make a judgement if you feel there is any reason to be concerned. Alternatively I would suggest submitting a copy to the AV vendor who flagged it for further investigation as a potential false positive.
Phil _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
