Question
doctl v1.87.0 for windows is detected as a malware by windows security
- Posted on November 17, 2022
- DigitalOcean API and CLI (doctl)
Asked by BubblyGreenBlueSquid
Today I attempted to update the doctl in my pc from 1.85.0 to 1.87.0 via scoop. The update process was broken on the package extraction step because the content of the package was detected as Trojan:Script/Wacatac.B!ml
❯ scoop install doctl
Installing 'doctl' (1.87.0) [64bit] from main bucket
Starting download with aria2 ...
Download: Download Results:
Download: gid |stat|avg speed |path/URI
Download: ======+====+===========+=======================================================
Download: 5f8f02|OK | 2.8MiB/s|C:/Users/magelan/scoop/cache/doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip
Download: Status Legend:
Download: (OK):download completed.
Get-Content: C:\Users\magelan\scoop\apps\scoop\current\lib\core.ps1:1173
Line |
1173 | return Get-Content $file -AsByteStream -TotalCount 8
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Operation did not complete successfully because the file contains a virus or potentially unwanted software. :
| 'C:\Users\magelan\scoop\cache\doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip'
Checking hash of doctl-1.87.0-windows-amd64.zip ... Get-FileHash: C:\Users\magelan\scoop\apps\scoop\current\lib\install.ps1:674
Line |
674 | $actual = (Get-FileHash -Path $file -Algorithm $algorithm).Hash.T …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Operation did not complete successfully because the file contains a virus or potentially unwanted software. :
| 'C:\Users\magelan\scoop\cache\doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip'
InvalidOperation: C:\Users\magelan\scoop\apps\scoop\current\lib\install.ps1:674
Line |
674 | $actual = (Get-FileHash -Path $file -Algorithm $algorithm).Hash.T …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| You cannot call a method on a null-valued expression.
Get-Content: C:\Users\magelan\scoop\apps\scoop\current\lib\core.ps1:1173
Line |
1173 | return Get-Content $file -AsByteStream -TotalCount 8
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Operation did not complete successfully because the file contains a virus or potentially unwanted software. :
| 'C:\Users\magelan\scoop\cache\doctl#1.87.0#https_github.com_digitalocean_doctl_releases_download_v1.87.0_doctl-1.87.0-windows-amd64.zip'
ERROR Hash check failed!
App: main/doctl
URL: https://github.com/digitalocean/doctl/releases/download/v1.87.0/doctl-1.87.0-windows-amd64.zip
First bytes:
Expected: 01506e9987faf47ab52ff028005955818a58c1c696d7b2387f5ef76129ed4fec
Actual:
Please try again or create a new issue by using the following link and paste your console output:
https://github.com/ScoopInstaller/Main/issues/new?title=doctl%401.87.0%3a+hash+check+failed
Submit an answer
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
The
scoopinstaller is a third-party tool for installing software. Officialdoctldownloads are available on GitHub:https://github.com/digitalocean/doctl/releases
We provide checksums that can be used to validate the downloads.
Looking at the error message,
01506e9987faf47ab52ff028005955818a58c1c696d7b2387f5ef76129ed4fecis the correct checksum for the officialdoctl-1.87.0-windows-amd64.ziprelease.Have you opened an issue with the Scoop team?