Welcome, Guest. Please login or register. Did you miss your activation email?

Author Topic: SFML 2.5.0 released  (Read 20242 times)

0 Members and 1 Guest are viewing this topic.

eXpl0it3r

  • SFML Team
  • Hero Member
  • *****
  • Posts: 10801
    • View Profile
    • development blog
    • Email
SFML 2.5.0 released
« on: May 09, 2018, 11:59:11 pm »
SFML 2.5.0

We're finally here with a new SFML version! :)

Here are some highlights we're excited to share with an official release.
  • Modern CMake support with SFMLConfig.cmake
  • New system cursor API
  • New clipboard API
  • Introduction of sf::VertexBuffer
  • Added loop points for sf::Music
And many more features and bugfixes for which you can find the full changelog including detailed descriptions here:
https://www.sfml-dev.org/changelog.php#sfml-2.5.0

We're very grateful for everyone contributing, testing and discussing!

Visit https://www.sfml-dev.org/ for download instructions and extensive documentation. We hope you enjoy this release and would love to get some feedback!
Official FAQ: https://www.sfml-dev.org/faq.php
Official Discord Server: https://discord.gg/nr4X7Fh
——————————————————————
Dev Blog: https://duerrenberger.dev/blog/

marCOmics

  • Newbie
  • *
  • Posts: 7
  • Gaming is fun. Game Dev even more!
    • View Profile
Re: SFML 2.5.0 released
« Reply #1 on: May 10, 2018, 12:59:50 am »
Awesome, thanks for the ongoing development of this marvelous project!!  ;D

Haven't tried out 2.5 yet, but have a little question: On the previous version the kind and versionf of the compiler (IDE) was irrelevant, as far as I remember. Now the download page says "The compiler versions have to match 100%!", what has changed that made the downloads compiler-dependent? :)
2B || !2B, that is the question!

eXpl0it3r

  • SFML Team
  • Hero Member
  • *****
  • Posts: 10801
    • View Profile
    • development blog
    • Email
Re: SFML 2.5.0 released
« Reply #2 on: May 10, 2018, 01:19:23 am »
That message has been there for a while, but it wasn't as obvious so people didn't read it and then wondered why their compiler version didn't work. With the big red box we hope to mitigate that issue a bit, so people see it before they ask on the forum.

There's no standard ABI for C++, as such binaries are only really compatible with one compiler version (on Windows). ;)
Official FAQ: https://www.sfml-dev.org/faq.php
Official Discord Server: https://discord.gg/nr4X7Fh
——————————————————————
Dev Blog: https://duerrenberger.dev/blog/

c0d3r9

  • Newbie
  • *
  • Posts: 12
    • View Profile
Re: SFML 2.5.0 released
« Reply #3 on: May 10, 2018, 01:27:46 am »
Great new....many thanks.
I´m new with sfml but in past i build sfml myself from the sources and so there are no problems with the compiler version.

Btw.:I build with cmake for the first time in my life.(before 2.5)
Is it the same way with SFMLConfig.cmake ?

marCOmics

  • Newbie
  • *
  • Posts: 7
  • Gaming is fun. Game Dev even more!
    • View Profile
Re: SFML 2.5.0 released
« Reply #4 on: May 10, 2018, 01:07:57 pm »
Oh okay, thanks for the response!
2B || !2B, that is the question!

FRex

  • Hero Member
  • *****
  • Posts: 1845
  • Back to C++ gamedev with SFML in May 2023
    • View Profile
    • Email
Re: SFML 2.5.0 released
« Reply #5 on: May 10, 2018, 07:49:50 pm »
I'm quite hyped for the VertexBuffer and the Clipboard.

Maybe since Clipboard is a fully static class (why not free functions though?) to not have someone create an instance and think they aren't shared the ctor should be private?

Single and no param ctors of VertexBuffer could say what the default for unspecified values is then. VertexArray has that problem too actually.

And I guess convenience update methods from VertexArray to VertexBuffer could be nice too, right now VertexBuffer just became even more useless than std::vector of sf::Vertices that it was in 2.4.x.
« Last Edit: May 10, 2018, 07:52:03 pm by FRex »
Back to C++ gamedev with SFML in May 2023

kullerhamPster

  • Newbie
  • *
  • Posts: 40
    • View Profile
Re: SFML 2.5.0 released
« Reply #6 on: May 10, 2018, 11:01:23 pm »
Any ideas why some AV scanners seem to think that SFML 2.5.0 for Visual Studio contains malware?

https://www.virustotal.com/#/file/ad50ded8aa8938373f853a4f3f43d3f4f496bb185df95cda86b10cb7851840b6/detection

eXpl0it3r

  • SFML Team
  • Hero Member
  • *****
  • Posts: 10801
    • View Profile
    • development blog
    • Email
Re: SFML 2.5.0 released
« Reply #7 on: May 10, 2018, 11:06:54 pm »
Because they don't know the self-compiled binaries and found a random signature that matches something.
AV trigger a lot of false-positives. My AV often deletes just compiled binaries... ::)

You can try and report them as false positives by the respective AV company.
Official FAQ: https://www.sfml-dev.org/faq.php
Official Discord Server: https://discord.gg/nr4X7Fh
——————————————————————
Dev Blog: https://duerrenberger.dev/blog/

FRex

  • Hero Member
  • *****
  • Posts: 1845
  • Back to C++ gamedev with SFML in May 2023
    • View Profile
    • Email
Re: SFML 2.5.0 released
« Reply #8 on: May 11, 2018, 12:26:46 am »
Because AV stuff seems to be so much smoke and mirrors (and marketing??).

You can find tons of reports of people complaining about various AVs marking rare games, rare exes, any exes in zips, etc. as viruses or possibly dangerous. They also assign idiotic labels like rootkit, worm, trojan, etc. despite these having proper definitions.

Another thing is that almost no one who hasn't taken a statistics, medical testing or similar-ish class (or got told by someone who did or ran the numbers themselves) understands the implication of even very small false positive ratios if what you're looking for is very rare. E.g. if an AV has 0.1% false positive ratio and 100% real positive (meaning that if it sees a virus - it always catches it) it's still quite bad because of how rare viruses are. With those ratios, if you scan 5000 good files and 1 virus you will get 6 hits - more noise than signal. For context - I've never seen a virus out in the wild (although I'm not a regular computer user) but on my machine I have a bit over 8200 exes and 40 000 dlls right now.

UPX compressed files are also common false positives, as is UPX itself. Same with AHK (base exe is fine, any compiled script - even an empty one which is what I tried - can be marked unsafe or trojan, and compressed with UPX it gets different labels from different AVs and some that have caught it before compression now don't catch it but some others now do but didn't before).

I used to run a different AV than I do now and it kept deleting my own compiled exes because they were not widely used (at least they didn't get called a trojan or some other random label and I got a real reason).

I've also tried my Botes program (it's a GUI app in Pascal, not related to SFML) - it's safe when debug info is stripped, otherwise it's a trojan according to 1 AV. Compressed with UPX without debug info - still fine. But explorer.exe from Windows is fine only without UPX, with UPX it gets flagged by one AV too. I've no idea what's the pattern.

Some people's answer to random stuff getting detected falsely (by often paid products no less): stop using UPX (an open source tool with 100% public spec of how it works, what it does, etc.) because it causes trouble.

I also tried Eicar (the test string for AVs), several AVs didn't catch it and the 'community' votes were like 60% safe 40% unsafe (despite all catching AVs saying 'TEST-FILE-SAFE', etc.)... ::)

I tried all dll, lib and exe files from SFML-2.5.0-windows-vc15-32-bit.zip and unless I missed some the only one that is detected as a virus is this example: https://www.virustotal.com/en/file/a11d0bc18188d1dcdfa7cf75192fe992a71e1d0c1e51ed0248ed876501b11bf6/analysis/1525988276/

Maybe some of the pdb files get detected as viruses because debugging information = scaaary (just like my Botes got flagged if it had debug info included in the exe).

It's really hard to take some AVs seriously between stuff like that, pricing, using Sciter for their candy tablet like and very out of place in Windows UIs (just look at the products https://sciter.com/ lists as users - almost all are AV or similar).

7z.dll was also recently found to have a hole allowing arbitrary code execution and many AVs (supposedly) use it to scan rar and 7z contents. They can afford pricy Sciter but I wonder how many of those vendors have donated money or bug fixes to 7z if they didn't even bother auditing it for coding errors before running it as part of an AV...
« Last Edit: May 11, 2018, 12:31:35 am by FRex »
Back to C++ gamedev with SFML in May 2023

c0d3r9

  • Newbie
  • *
  • Posts: 12
    • View Profile
Re: SFML 2.5.0 released
« Reply #9 on: May 11, 2018, 12:49:33 am »
It´s the heuristic analysis i think.
Bitdefender have sometimes false positives.
In past with Kaspersky and Comodo i haven´t such problems.
Only my 2 cents.

Sub

  • Full Member
  • ***
  • Posts: 157
    • View Profile
Re: SFML 2.5.0 released
« Reply #10 on: May 11, 2018, 02:33:00 am »
Congrats on the release.  Thanks everyone who contributed for the hard work, looks like a solid release :D

MetalCoder

  • Newbie
  • *
  • Posts: 31
    • View Profile
Re: SFML 2.5.0 released
« Reply #11 on: May 11, 2018, 02:36:10 am »
This is great! Will CSFML get a 2.5.0 release?

kullerhamPster

  • Newbie
  • *
  • Posts: 40
    • View Profile
Re: SFML 2.5.0 released
« Reply #12 on: May 11, 2018, 10:56:33 am »
Because AV stuff seems to be so much smoke and mirrors (and marketing??).
[...]

Thank you for your detailed answer (and thanks for all other answers, too). I also don't trust AV software very much (in fact, I'm not running any on my machines), but I found it noteworthy that so many engines seem to have trouble with this file. If it were only one or two, I would have dismissed it as a false positive.

I re-ran the scan, and now there are even 11 engines that claim to have found malware.
https://www.virustotal.com/#/file/ad50ded8aa8938373f853a4f3f43d3f4f496bb185df95cda86b10cb7851840b6/detection

window.exe is reported by 15 engines:
https://www.virustotal.com/#/file/a11d0bc18188d1dcdfa7cf75192fe992a71e1d0c1e51ed0248ed876501b11bf6/detection

What is this file supposed to do?

eXpl0it3r

  • SFML Team
  • Hero Member
  • *****
  • Posts: 10801
    • View Profile
    • development blog
    • Email
Re: SFML 2.5.0 released
« Reply #13 on: May 11, 2018, 11:07:49 am »
It's just an example that renders some OpenGL code to an sf::Window. ;D

I can try and create a new build, but I can't do anything to make AVs happy. ;)
Official FAQ: https://www.sfml-dev.org/faq.php
Official Discord Server: https://discord.gg/nr4X7Fh
——————————————————————
Dev Blog: https://duerrenberger.dev/blog/

FRex

  • Hero Member
  • *****
  • Posts: 1845
  • Back to C++ gamedev with SFML in May 2023
    • View Profile
    • Email
Re: SFML 2.5.0 released
« Reply #14 on: May 11, 2018, 11:46:56 am »
You can remove the entire example folder and upload that zip, it's 0/54 then. ;D

https://www.virustotal.com/#/file/734849145a4c9b96a8dce0edfabbcc978700a7d6e81b14de1eb4243cf581a081/detection

I also appended a single 'a' character to the window.exe and it helped (we are down from 15 to 9) too ::):
https://www.virustotal.com/#/file/c8c67757baec6dc7b3029ab8b2447673bf6c54fdda415be4842ec1f7a71f0d55/detection

I get that someone might be paranoid/very security conscious so instead of trusting anyone here just remove the examples folder or compile them yourself (if you really need them, I'm pretty sure I never looked at any myself :P) and scan all the lib, pdb, dll, etc. files with virus total.

If you want you can try asking those AV makers but they might just ignore you or promise that it'll clear up on itself some time.
« Last Edit: May 11, 2018, 11:57:51 am by FRex »
Back to C++ gamedev with SFML in May 2023