Skip to content

Issues: nccgroup/sobelow

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

28 Open 80 Closed
28 Open 80 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

MatchError - Sobelow.Config.Secrets.add_finding/5
#172 opened Nov 26, 2024 by mavmaso
FEATURE REQUEST Support for CI/CD Tools
#171 opened Nov 23, 2024 by jansenm
Parser chokes on sobelow_skip comment with trailing content
#168 opened Aug 20, 2024 by mikebveil
Allow specifying a config file location
#167 opened Jun 13, 2024 by kieraneglin
--no-router flag for use in non-Phoenix projects enhancement good first issue Solution is relatively straight forward and/or already outlined in thread help wanted
#165 opened May 3, 2024 by halostatue
3
Sobelow does not detect when secrets are in the test env
#164 opened Apr 25, 2024 by Adzz
1
sobelow should have better default flags
#163 opened Apr 12, 2024 by marcandre
2
sobelow does not analyse sigil_H
#160 opened Apr 3, 2024 by marcandre
1
sobelow should not accept # sobelow_skip that are not needed backlog feature good first issue Solution is relatively straight forward and/or already outlined in thread
#159 opened Apr 3, 2024 by marcandre
4
Pipeline error for sobelow
#158 opened Mar 19, 2024 by MikaAK
3
Better granularity of SQL injection
#154 opened Jan 4, 2024 by gpmcadam
2
.sobelow-skips not picked up when running in (gitlab) CI.
#147 opened Nov 14, 2023 by ottenkoop
7
(Protocol.UndefinedError) error
#142 opened Jul 9, 2023 by krispetek
8
Creating Performance Testing Suite backlog enhancement
#139 opened May 9, 2023 by houllette
DevEx: consider defaulting to [FILE_PATH]:[LINE_NUMBER] format for default vulnerability output backlog enhancement
#135 opened Apr 14, 2023 by vanderhoop
2
LiveView Support backlog feature
#125 opened Mar 27, 2023 by houllette
Add production runtime config to the missing HTTPS check backlog enhancement
#122 opened Mar 15, 2023 by LGuichet
3
Create robust testing suite against other popular Elixir repos backlog enhancement
#119 opened Jan 27, 2023 by houllette
Support detecting for Wildcard check_origin Vulnerability feature good first issue Solution is relatively straight forward and/or already outlined in thread
#117 opened Jan 10, 2023 by houllette
Add new output format for sonarqube feature
#106 opened Feb 10, 2022 by juancgalvis
1
4
error handler block in parse.ex throws on syntax error backlog bug good first issue Solution is relatively straight forward and/or already outlined in thread
#105 opened Feb 8, 2022 by christian-schulze
7
--exit flag does not exit with failure code bug
#104 opened Nov 22, 2021 by devtayls
4
Plugin Mechanism backlog feature
#94 opened Jun 9, 2021 by capitalist
@GriffinMB
5
Colour the output only if IO.ANSI.enabled?() == true
#82 opened Jan 10, 2021 by hauleth
1
2
Security checks are run against raw string AST instead against compiled AST backlog enhancement
#70 opened Jun 11, 2020 by skylerparr
3
ProTip! Add no:assignee to see everything that’s not assigned.