Hi onamint, we believe Defender is flagging the direct download of a JS file. We have gone ahead and packaged them in a ZIP file for all the updated plugins. Could you let us know if Defender has an issue with the new file when it is downloaded from the Store Page again?
Viewing post in Shatter Effect - RPG Maker MV/MZ Plugin comments
I had a feeling it was something like that; typically my browser throws a bit of a fuss over JS files which I was used to from downloading plugins, but Defender never bounced any previously. Was pretty sure it was a false alarm though, I've used y'all's plugins with no previous trouble and such.
Defender was marking them as some kind of Wacatac trojan variant, I can get the specifics when I'm back on my computer. I know it didn't bounce the ZIP I was downloading at the same time from the Shatter plugin I believe, so I think it's just the JS download that it's sensitive to.
Don't mean to be causing ya any trouble, love your plugins and such, very much appreciate y'all took a look at it ^^
Just following up, sorry it took me a bit to get around to poking at this proper. Defender still bounces this file specifically, MYTH_ShatterEffect.zip, though the other plugins I've updated have caused no stir whatsoever (such as the dynamic hue shifter, state window, etc.). I reproduced the result on a different computer, so I'm not sure what about this download specifically it snags on. Might just be remembering the false positive from before and the other device is synced to those settings? The Demo file for this plugin, which includes that same script I imagine, causes no such issues. I unzipped it and scanned it and everything, no reports.
I'm pretty sure it's just my stuff being squirrelly, so I don't think it needs any further attention unless the result is repeatable elsewhere (I'm curious to see if it does or doesn't). Maybe it's something with the file host? I don't expect y'all to be like digital security folks or anything, so sorry to bother if this is like, too much wading into the weeds and all.
EDIT: I did some sniffing around because I thought this output was kind of weird given the inconsistency above, and it turns out the "ml" in the error below is for "machine learning", and apparently that automated detection is a little prone to flagging false positives. Maybe the demo looks more legitimate to the model given the additional structure in it, I dunno.
The specific error code looks like this, if it better the understanding any:
Detected: Trojan:Script/Wacatac.B!ml
webfile: C:\[the download location] MYTH_ShatterEffect.zip|itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com/upload2/game/2169029/9948026?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=3edfcce40115d057d0b5606758e7e9ee%2F20240325%2Fauto%2Fs3%2Faws4_request&X-Amz-Date=20240325T143205Z&X-Amz-Expires=60&X-Amz-SignedHeaders=host&X-Amz-Signature=225a85f238482440d148413a4f9634e96b4fdb32ee0e3af72247cf11dbeb21a8|pid:13356,ProcessStart:133558507269125477