Mirror of forum.nim-lang.org

12678 :: Downloading nim 2.2.2 is blocked by the browser

• NatsukiKarin (orginal) [2025-02-08T06:59:43+01:00] view original

  When I try to download nim2.2.2 using Chrome or Edge browser on Windows 11, the download is blocked and I receive a message indicating that a virus has been detected

---

• NatsukiKarin (orginal) [2025-02-08T07:04:23+01:00] view original

  choosenim update stable

  Updating stable

  Downloading Nim 2.2.2 from nim-lang.org

  [##################################################] 100.0% 0kb/s

  Extracting nim-2.2.2_x64.zip

  Error: Unable to extract. Error was 'Unable to complete the operation because the file contains a virus or potential malware

  ... '.

---

• Araq (orginal) [2025-02-08T08:04:59+01:00] view original

  Windows Antivir software is a scam, use Nim via WSL on Windows.

---

• NatsukiKarin (orginal) [2025-02-08T08:20:28+01:00] view original

  Yes I can install it fine on ubuntu!

---

• Abathargh (orginal) [2025-02-08T12:05:49+01:00] view original

  I don't know the details why, I'm not a huge windows user, but I read on the discord server that this always happens when compiling nim with mingw, and it seems to subside when doing so with other toolchains (I heard about doing it working fine with zig cc)

  Maybe it could be an interesting experiment to try and see if releases built with a different toolchain do not raise such issues

---

• enthus1ast (orginal) [2025-02-08T14:37:28+01:00] view original

  Since this happens again and again (and again :) ), would it be a viable option to start signing the executables? This might build a reputation for the signer and we finally can download (official) nim executables on Windows.

  I know nothing about executable signing to be honest. Does someone has some clue?

---

• foxoman (orginal) [2025-02-09T15:11:48+01:00] view original

  • Same issue always being reported, discussed here: https://github.com/nim-lang/Nim/issues/17820

---

• Boston (orginal) [2025-02-10T16:50:31+01:00] view original

  Signing is expensive, and it's on a per binary basis, meaning each release would be a new purchase.

---

• enthus1ast (orginal) [2025-02-11T09:27:47+01:00] view original

  So there is no free and general way? Like let's encryption for binary signing? :/

---

• Boston (orginal) [2025-02-14T21:39:09+01:00] view original

  I don't know for sure, I have not heard of such an authority, but I also would not expect Microsoft to give much credit to a free signing authority.

---

• thegraynode (orginal) [2025-02-17T22:03:16+01:00] view original

  Looks like there's hope:

  https://signpath.org

  Apparently, signpath does this for FOSS

---

• enthus1ast (orginal) [2025-02-19T11:52:54+01:00] view original

  I don't know how signing and Antivirus interveave but I can imagine that one signer can build "trust" but idk really

---