Community
    • Login

    Columns++ recommended update to 1.0.2

    Scheduled Pinned Locked Moved
    Notepad++ & Plugin Development
    3
    4
    331
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • CoisesC
      Coises
      last edited by

      If you are using any version of Columns++ from 0.8 to 1.0.1, I recommend updating to 1.0.2 as soon as possible.

      There is a fault in the Search | Replace All/Before/After logic in 0.8-1.0.1 which can cause a hang, necessitating force-closing Notepad++ and hence losing unsaved changes in all open documents.

      I apologize for the error.

      If anyone knows if there is a way I can make sure the pull request for this update gets merged into the plugins list that will be shipped with the next Notepad++ release, I would appreciate being told how to do it. I hate to see it go out (as it happens, the first release of Notepad++ that will have Columns++ in Plugins Admin) with a known fault that can cause data loss.

      R M Andre Z EckenrodeM 2 Replies Last reply Reply Quote 3
      • R
        rdipardo @Coises
        last edited by

        @Coises said in [Columns++ recommended update to 1.0.2]

        If anyone knows if there is a way I can make sure the pull request for this update gets merged into the plugins list that will be shipped with the next Notepad++ release, I would appreciate being told how to do it.

        The next release has already been published, and I don’t think a last-minute rebuild has ever been done for a third-party plugin.

        “Use at your own risk” is pretty much the accepted general policy of open source software; that’s why the license includes a liability disclaimer in all capital letters.

        For future reference, there’s a self-described “not OFFICIAL” merge window policy on GitHub: Question about Plugin updates and new releases

        1 Reply Last reply Reply Quote 1
        • M Andre Z EckenrodeM
          M Andre Z Eckenrode @Coises
          last edited by

          @Coises said in Columns++ recommended update to 1.0.2:

          I recommend updating to 1.0.2 as soon as possible.

          Thanks for your work on this useful-sounding plugin. This was my first time downloading it (I tried downloading both “ColumnsPlusPlus-1.0.2.exe” and “ColumnsPlusPlus-1.0.2-x86.zip”), but Windows Defender immediately identified each file as containing Trojan:Win32/Wacatac.B!ml war and blocked them.

          VirusTotal appears to confirm the presence of one or more threats:

          https://www.virustotal.com/gui/file/cce04a06ad096ba5943b157734aa6f4c82fc4b3a33fcb36f06ea6888beda5736

          SHA-256 checksum for my downloaded copy of “ColumnsPlusPlus-1.0.2-x86.zip” matches what you have posted at GitHub. I don’t see an SHA-256 for “ColumnsPlusPlus-1.0.2.exe” posted there, but my downloaded copy of that, according to PowerShell/Get-FileHash, calculates as:

          CCE04A06AD096BA5943B157734AA6F4C82FC4B3A33FCB36F06EA6888BEDA5736

          Please advise.

          CoisesC 1 Reply Last reply Reply Quote 0
          • CoisesC
            Coises @M Andre Z Eckenrode
            last edited by

            @M-Andre-Z-Eckenrode said in Columns++ recommended update to 1.0.2:

            VirusTotal appears to confirm the presence of one or more threats

            This is a frustrating situation for me, and I don’t know that there is much I can do about it.

            I can promise you that there is no malware in the releases I’ve posted on GitHub, but you don’t know me.

            The just-released version of Notepad++ includes Columns++ in Plugins Admin, but I fixed a serious error after the version that will be included, so the fix won’t be included until the next time Notepad++ is updated.

            I suspect the Quick Installer gets flagged because I used a very simple method to package a script to update the plugin files — something that’s probably done by malware more often than legitimate software. I might be able to fix that, but it will take time.

            I’m not sure why the x86.zip file is flagged. I see just 2 of 61 vendors flagging it. (The x64 file contains exactly the same code, compiled for 64-bit execution, and 1 of 61 vendors flags it.) There is no way for an independent developer to find out why it is flagged. (Understandably, telling programmers how malware is detected would be telling malware authors how to avoid detection.)

            The situation may have gotten worse because I included logic to check for new versions, out of concern for exactly the situation that has occurred — finding a serious error too late to have the version with the fix included in the next Notepad++ plugins admin.

            I’m sorry that I have no better advice than this to give:

            • You can trust me and bypass the malware warnings (if your system isn’t configured to deny you that option).

            • You can compile from source. (Not likely to be practical unless you are a developer yourself and already have Visual Studio set up on your computer.)

            • You can use the version available through the Plugins Admin in Notepad 8.6.1 and be careful not to use Replace All/Before/After if you have any unsaved data in any tabs, because there is a condition in which it will hang and necessitate force-closing Notepad++.

            • You can wait until some future version of Notepad++ happens to release with the Plugins Admin containing version of Columns++ in which I haven’t made a serious blunder.

            I truly hate this. I’m already disgusted with myself for having made such a serious error, but that I can’t fix it without telling people to ignore their malware scanners and just install anyway is maddening.

            1 Reply Last reply Reply Quote 5
            • First post
              Last post
            The Community of users of the Notepad++ text editor.
            Powered by NodeBB | Contributors