[wzdd]

I've had both Sophos and Windows Defender pick up innocuous Pyinstaller-based packages as malware, presumably because packaging malware with Pyinstaller is such a common technique. It's quite frustrating if you intend to release the software.

Example issue: https://github.com/pyinstaller/pyinstaller/issues/3802

[pansa2]

The other issue with using PyInstaller to build a program into a single binary is that every time the program runs, it needs to extract its own contents to a temporary directory. This causes slow start-up and, if the program exits abnormally, orphaned files left on disk.

I think other packaging tools have a workaround for this particular problem but, in my experience, have other issues. I’d love to use Python for building CLI tools, but building a binary is so fragile that I only use the language for prototyping, and rewrite in C++ (maybe Go in future?) for production.

[rripken]

What you are describing sounds like the onefile mode. Pyinstaller also has a onedir mode which is much faster to start. I packaged some python ml models into a pyinstaller built exe and a larger java application calls them. Onedir makes for a big install but they only take a second or two to run.

[MereInterest]

I've had similar false positives from McAfee when first installing pyinstaller, but not on the using of executables generated by pyinstaller. I hadn't known that pyinstaller was used by malware, and had assumed it was because the bundled interpreter could potentially make any system call, thus making it flag on lots of heuristics.

[ryanlol]

> assumed it was because the bundled interpreter could potentially make any system call, thus making it flag on lots of heuristics

You seriously overestimate AV “heuristics”.

[KptMarchewa]

Signing created binary with valid certificate usually prevents most of antivir problems, as they act way more lenient in regards to those binaries.

[sudasana]

I've had this issue with recent versions of Pyinstaller and had to roll it back to version 3.4 to avoid it.