Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Malware in com.unity.mathematics #516

Open
JamesMcGhee opened this issue Jul 16, 2022 · 4 comments
Open

Malware in com.unity.mathematics #516

JamesMcGhee opened this issue Jul 16, 2022 · 4 comments

Comments

@JamesMcGhee
Copy link

JamesMcGhee commented Jul 16, 2022

You provide this advice with no further information

com.unity.mathematics is a math library for the Unity game engine from Unity its self. Doesn't mean its not a problem but does mean you need to offer some evidence to support your claim.

@darakian
Copy link
Contributor

darakian commented Jul 18, 2022

Hi @JamesMcGhee, is there a particluar advisory you have an issue with? Not sure I follow your concern.

@JamesMcGhee
Copy link
Author

JamesMcGhee commented Jul 22, 2022

@darakian
Any project that is a Unity project and references com.unity.mathematics incorrectly identifies Unity's mathematics as malware

Take a look at our System Core and our Stemworks Foundation linked below they both use Mathematics and absolutely that is not malware

https://github.com/heathen-engineering/SystemCore

https://github.com/heathen-engineering/SteamworksFoundation

We have since removed the Dependabot config as its not useful

@darakian
Copy link
Contributor

darakian commented Jul 22, 2022

Hey @JamesMcGhee apologies for this. It seems like there's a bug around processing your manifest file in the context of unity. Many thanks for raising this and I'll relay back to you when we can get action on it! 😃

@KateCatlin
Copy link
Collaborator

KateCatlin commented Sep 14, 2022

Chiming in to provide an update here. The relevant team to fix this issue has it on their radar still but is dealing with some pressing concerns so we don't have a timeline yet for addressing it. Thanks for your patience!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants