I've experienced very strange paket restore behaviour today. I was constantly getting this error message on restoring packages: Could not acquire lock to C:\Gitlab-Runner\builds\cc2bad82\0\***\obj\paket.locked. Finally I found out it was caused by blocking the creation of *.locked files by my antivirus (McAfee) because of some virus which encrypts files and creates *.locked copy of it I guess.
Since our organization policy doesn't allow us to change any security settings it becomes unreal to run my build pipeline.
Please advice. Is it possibly to make paket.locked constant configurable or rename it to smth else? Thanks
I made a custom build with changed to paket.locked-whatever constant (located in Constants.fs) instead of paket.locked.
I think the correct fix is to tell McAfee about it. It's a bug in their
scanner.
Ivan Bianko notifications@github.com schrieb am Do., 28. März 2019, 22:32:
Description
I've experienced very strange paket restore behaviour today. I was
constantly getting this error message on restoring packages: Could not
acquire lock to C:\Gitlab-Runner\builds\cc2bad82\0***\objpaket.locked.
Finally I found out it was caused by blocking the creation of *.locked
files by my antivirus (McAfee) because of some virus which encrypts files
and creates *.locked copy of it I guess.Since our organization policy doesn't allow us to change any security
settings it becomes unreal to run my build pipeline.Please advice. Is it possibly to make paket.locked constant configurable
or rename it to smth else? Thanks
Known workaroundsI made a custom build with changed to paket.locked-whatever constant
(located in Constants.fs) instead of paket.locked.—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/fsprojects/Paket/issues/3535, or mute the thread
https://github.com/notifications/unsubscribe-auth/AADgNK7vqKzbpts4L2J9vqwp8Psn80bZks5vbTTlgaJpZM4cRLic
.
We've got the same behaviour in my company and it's pretty annoying. It's not _directly_ related to Paket but we planned to remove Paket because of that :(
all I can say: tell your antivirus vendor. They usually whitelist pretty fast
@forki Files ending with *.locked extension are treated by McAfee as ransomware. It may be stupid, but that's how McAfee works. I issued a ticket to whitelist this file in our company and after a week we only got temporary approval. I agree that it is McAfee's problem, but many companies use it and security experts are just afraid. We are basically forced to come with some alternative because our company does not want to allow it permanently. The alternative may be to not use Paket or have a custom fork. None of these options are good for us. It would be much better to just change the single line of code in Paket to change the filename. Is there some specific reason the file must have the name paket.locket?
I'm fine with changing the name
Michal Jirouš notifications@github.com schrieb am Fr., 24. Mai 2019,
16:15:
@forki https://github.com/forki Files ending with *.locked extension
are treated by McAfee as ransomware. It may be stupid, but that's how
McAfee works. I issued a ticket to whitelist this file in our company and
after a week we only got temporary approval. I agree that it McAfee
problem, but many companies use it and security experts are just afraid. We
are basically forced to come with some alternative because our company does
not want to allow it permanently. The alternative may be to not use Paket
or have a custom fork. None of these options are good for us. It would be
much better to just change the single line of code in Paket to change the
filename. Is there some specific reason the file must have the name
paket.locket?—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
https://github.com/fsprojects/Paket/issues/3535?email_source=notifications&email_token=AAAOANGGZQS53QUTZZLYSFTPW7Z6PA5CNFSM4HCEXCOKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWFP37A#issuecomment-495648252,
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAAOANBN6SDKUXIOFLUXDW3PW7Z6PANCNFSM4HCEXCOA
.
@forki would you mine to name it paket.lockfile or smth else? I can create a PR for it.
I'm fine with renaming the file as long as the change is backwards compatible on restore.
I think it should be something like .processlock
The HP Sure Click software does the same thing. Just lost an hour tracing down locking problems on a machine till we found this thread. Whitelisting the project folder fixed it, but not super smart strategy on their part.
Most helpful comment
I'm fine with changing the name
Michal Jirouš notifications@github.com schrieb am Fr., 24. Mai 2019,
16:15: