[chirp_users] Panda reported a virus in Oct 9 and Oct 13 daily builds.

Debra Wilson dwilson223 at cox.net
Thu Oct 15 14:54:12 PDT 2015


Sent from mom's iPad

> On Oct 15, 2015, at 9:57 AM, Dan Smith via chirp_users <chirp_users at intrepid.danplanet.com> wrote:

> Every few months we get a message like this to the mailing list. It's
> usually one of the smaller antivirus packages reporting a virus. So
> far they have all been false positives. My guess is there are actual
> viruses out there using Python libraries, and not realizing they're
> looking at popular open source software, the antivirus company flags
> it.

Yep, and just to further explain how these builds are created for those
that are interested (and/or are wondering how we attempt to protect our
users who trust our builds):

Every night, when a change is pending, the build server literally builds
an entirely new Windows 7 virtual machine with known-good copies of all
of our base dependencies. It then creates the new chirp build on that
machine and uploads it to the chirp website. When it's done, it
*destroys* the temporary machine it created. The next day, the whole
thing starts from scratch.

The process takes about 10 minutes total and occurs on an almost
completely sealed private network. There's really no opportunity for
anything to get on the build machine and disrupt the process, and it
certainly wouldn't change day-to-day, build-to-build.

chirp_users mailing list
chirp_users at intrepid.danplanet.com
To unsubscribe, send an email to chirp_users-unsubscribe at intrepid.danplanet.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://intrepid.danplanet.com/pipermail/chirp_users/attachments/20151015/bd400097/attachment-0002.html 

More information about the chirp_users mailing list