Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
helix buildpool machines are flagging some builds scripts as malicious
See original GitHub issue- This issue is blocking
- This issue is causing unreasonable pain
Windows defender is flagging build.ps1 as malicious activity.
Build 1 : https://dev.azure.com/dnceng/public/_build/results?buildId=1045372&view=logs&j=c2ddd5ec-9259-5b0e-e0fb-36454010f32b&t=15f2937b-1e18-51ea-f569-0546857790a8 Build 2 : https://dev.azure.com/dnceng/public/_build/results?buildId=1045792&view=logs&jobId=381005e4-1702-5f11-e3ba-1c83c6f16daf&j=381005e4-1702-5f11-e3ba-1c83c6f16daf&t=cf0c8f6c-b092-553d-d3b5-a9c73b3fa7b5
Error
2021-03-18T16:36:03.2174064Z ##[section]Starting: Build / Test
2021-03-18T16:36:03.2391703Z ==============================================================================
2021-03-18T16:36:03.2393155Z Task : Command line
2021-03-18T16:36:03.2393980Z Description : Run a command line script using Bash on Linux and macOS and cmd.exe on Windows
2021-03-18T16:36:03.2394848Z Version : 2.182.0
2021-03-18T16:36:03.2395547Z Author : Microsoft Corporation
2021-03-18T16:36:03.2396369Z Help : https://docs.microsoft.com/azure/devops/pipelines/tasks/utility/command-line
2021-03-18T16:36:03.2397308Z ==============================================================================
2021-03-18T16:36:08.5096643Z Generating script.
2021-03-18T16:36:08.5231734Z Script contents:
2021-03-18T16:36:08.5244295Z D:\workspace\_work\1\s\eng\cibuild.cmd -configuration Debug -architecture x64 -prepareMachine /p:OfficialBuildId=20210318.1
2021-03-18T16:36:08.5655776Z ========================== Starting Command Output ===========================
2021-03-18T16:36:08.6103689Z ##[command]"C:\Windows\system32\cmd.exe" /D /E:ON /V:OFF /S /C "CALL "D:\workspace\_work\_temp\03bb10c7-50fd-47b7-b092-ccd7d457f074.cmd""
2021-03-18T16:36:14.0110753Z Invoke-Expression : At line:1 char:1
2021-03-18T16:36:14.0115932Z + & "D:\workspace\_work\1\s\eng\..\eng\common\build.ps1" -build -config ...
2021-03-18T16:36:14.0117247Z + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2021-03-18T16:36:14.0118706Z This script contains malicious content and has been blocked by your antivirus software.
2021-03-18T16:36:14.0120475Z At D:\workspace\_work\1\s\eng\build.ps1:62 char:5
2021-03-18T16:36:14.0121736Z + Invoke-Expression "& `"$engroot\common\build.ps1`" -build -config ...
2021-03-18T16:36:14.0122874Z + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2021-03-18T16:36:14.0124376Z + CategoryInfo : ParserError: (:) [Invoke-Expression], ParseException
2021-03-18T16:36:14.0125622Z + FullyQualifiedErrorId : ScriptContainedMaliciousContent,Microsoft.PowerShell.Commands.InvokeExpressionCommand
2021-03-18T16:36:14.0126705Z
2021-03-18T16:36:14.2242929Z ##[error]Cmd.exe exited with code '1'.
2021-03-18T16:36:14.3080333Z ##[section]Finishing: Build / Test
cc: @hoyosjs @mikem8361
Issue Analytics
- State:
- Created 3 years ago
- Comments:20 (20 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I’ve created a PR in https://github.com/dotnet/diagnostics/pull/2138 to see if it’s gone
Yup seems to be good, https://github.com/dotnet/diagnostics/commit/0d395b26640ec088309287838e7f7c1493eb907c put it back 2 weeks ago.