Vulnerability warning

For several months my anti-virus package keeps warning me that a certain file in the Keyman Developer is vulnerable to be used by outsiders access my computer. The anti-virus package recommends the removal of the file. So far I have not removed the file.

I am using the Keyman Developer latest version. I am using the Kaspersky Antivirus standard package. The warning is about the following file.

“C:…\Keyman\Keyman Developer\Server\node_modules\ngrok\bin\ngrok”

I thank you to look into this and advice me as I feel uneasy.

ngrok is an external component that Keyman Developer uses for testing a keyboard layout.

Here is a link from their FAQ about why ngrok gets flagged by anti-virus packages:

2 Likes

The ngrok component is only needed if you want to test your keyboard on a device outside your local network. More info: https://help.keyman.com/developer/current-version/context/server#toc-making-your-keyman-developer-server-instance-globally-available-with-ngrok

You can disable or remove it if you don’t want or need it and Keyman Developer should continue to work fine.

1 Like