nccgroup/sobelow issues and pull requests

#161 - (ArgumentError) ranges (first..last) expect both sides to be integers, got: 1..1.0

Issue - State: open - Opened by alvarezloaiciga 3 months ago - 6 comments

#160 - sobelow does not analyse `sigil_H`

Issue - State: open - Opened by marcandre 3 months ago - 1 comment

#159 - sobelow should not accept `# sobelow_skip` that are not needed

Issue - State: open - Opened by marcandre 3 months ago - 3 comments
Labels: feature, backlog, good first issue

#158 - Pipeline error for sobelow

Issue - State: open - Opened by MikaAK 3 months ago - 2 comments

#157 - fix is_endpoint? error in main

Pull Request - State: closed - Opened by MikaAK 3 months ago

#156 - Update GitHub workflow

Pull Request - State: closed - Opened by iarekk 5 months ago - 4 comments

#155 - Update Sobelow.SQL.Query to test for both query() and query!(), similar to Sobelow.Traversal.FileModule (#153)

Pull Request - State: closed - Opened by iarekk 5 months ago

#154 - Better granularity of SQL injection

Issue - State: open - Opened by gpmcadam 6 months ago - 1 comment

#153 - Misses vector if function contains bang operator (!)

Issue - State: closed - Opened by gpmcadam 6 months ago - 1 comment
Labels: enhancement, backlog, good first issue

#152 - Update and fix warnings for new Elixir version

Issue - State: closed - Opened by houllette 6 months ago
Labels: backlog, good first issue

#151 - Added File.stream/.stream! to Traversal check

Pull Request - State: closed - Opened by jcowgar 6 months ago - 2 comments

#150 - Actions debug

Pull Request - State: closed - Opened by realcorvus 6 months ago

#149 - Include fingerprint in print and JSON format output

Pull Request - State: open - Opened by sb8244 7 months ago - 2 comments

#148 - Use trunc when idx is given as a float instead of an int

Pull Request - State: closed - Opened by realcorvus 7 months ago - 2 comments

#147 - .sobelow-skips not picked up when running in (gitlab) CI.

Issue - State: open - Opened by ottenkoop 8 months ago - 7 comments

#146 - Normalization & Truncation Error Fixes

Pull Request - State: closed - Opened by houllette 10 months ago

#145 - Source code with range traversal crashes sobelow

Issue - State: closed - Opened by doughsay 11 months ago - 6 comments

#144 - version bump - 0.13.0

Pull Request - State: closed - Opened by houllette 11 months ago

#143 - Upgrade to Elixir 1.15

Pull Request - State: closed - Opened by danschultzer 12 months ago - 1 comment

#142 - (Protocol.UndefinedError) error

Issue - State: open - Opened by krispetek 12 months ago - 8 comments

#141 - Misc.BinToTerm with [:safe] option

Issue - State: closed - Opened by mhanberg about 1 year ago - 2 comments

#140 - Update README.md

Pull Request - State: open - Opened by mushu8 about 1 year ago

#139 - Creating Performance Testing Suite

Issue - State: open - Opened by houllette about 1 year ago
Labels: enhancement, backlog

#138 - --details / -d adjustment

Pull Request - State: closed - Opened by houllette about 1 year ago
Labels: bug, enhancement

#137 - Too much info in --details / -d output

Issue - State: closed - Opened by houllette about 1 year ago - 2 comments
Labels: bug, enhancement

#136 - Add findings guide

Pull Request - State: closed - Opened by realcorvus about 1 year ago - 2 comments
Labels: enhancement

#135 - DevEx: consider defaulting to [FILE_PATH]:[LINE_NUMBER] format for default vulnerability output

Issue - State: open - Opened by vanderhoop about 1 year ago - 2 comments
Labels: enhancement, backlog

#134 - Remove CAStore

Pull Request - State: closed - Opened by houllette about 1 year ago

#133 - CAStore error when running as standalone script

Issue - State: closed - Opened by mbramson about 1 year ago - 7 comments
Labels: bug

#132 - Adds Credo (and associated enhancements)

Pull Request - State: closed - Opened by houllette about 1 year ago - 2 comments
Labels: enhancement

#131 - version bump - 0.12.1

Pull Request - State: closed - Opened by houllette about 1 year ago

#130 - CAStore vsn adjustment

Pull Request - State: closed - Opened by houllette about 1 year ago

#129 - castore vsn requirement

Issue - State: closed - Opened by houllette about 1 year ago - 3 comments
Labels: bug

#128 - Pull release branch up to master

Pull Request - State: closed - Opened by houllette about 1 year ago

#127 - version bump - 0.12.0

Pull Request - State: closed - Opened by houllette over 1 year ago

#126 - Macro.to_string/2 Deprecation

Pull Request - State: closed - Opened by houllette over 1 year ago

#125 - LiveView Support

Issue - State: open - Opened by houllette over 1 year ago
Labels: feature, backlog

#124 - --version hotfix

Pull Request - State: closed - Opened by houllette over 1 year ago

#123 - Add support for HEEx to Sobelow.XSS.Raw

Pull Request - State: closed - Opened by realcorvus over 1 year ago - 4 comments
Labels: enhancement

#122 - Add production runtime config to the missing HTTPS check

Issue - State: open - Opened by LGuichet over 1 year ago - 2 comments
Labels: enhancement, backlog

#121 - Improve installation instructions

Pull Request - State: closed - Opened by dmarcoux over 1 year ago
Labels: enhancement

#120 - Suggestion for installation instructions

Issue - State: closed - Opened by dmarcoux over 1 year ago - 1 comment

#119 - Create robust testing suite against other popular Elixir repos

Issue - State: open - Opened by houllette over 1 year ago
Labels: enhancement, backlog

#118 - added support for basic CLI version output

Pull Request - State: closed - Opened by houllette over 1 year ago

#117 - Support detecting for Wildcard check_origin Vulnerability

Issue - State: open - Opened by houllette over 1 year ago
Labels: feature, good first issue

#116 - Please match hex version code with github?

Issue - State: closed - Opened by pdgonzalez872 over 1 year ago - 1 comment

#115 - Macro.to_string/2 deprecation warning

Issue - State: closed - Opened by florish over 1 year ago - 3 comments
Labels: bug

#114 - Traversal.FileModule Issue.

Issue - State: closed - Opened by apoorv-2204 over 1 year ago - 1 comment

#113 - Plans for ongoing maintenance?

Issue - State: closed - Opened by prehnRA almost 2 years ago - 4 comments

#112 - Update dependencies

Pull Request - State: closed - Opened by fastjames almost 2 years ago - 4 comments

#111 - sets SSL opt verify_peer in version check

Pull Request - State: closed - Opened by bwireman about 2 years ago - 3 comments

#110 - Add support for --version opt

Issue - State: closed - Opened by houllette about 2 years ago
Labels: enhancement

#109 - multiple routers (not an umbrella :) )

Issue - State: closed - Opened by danturn about 2 years ago - 1 comment

#108 - Add umbrella app instructions to README.md

Pull Request - State: closed - Opened by prehnRA about 2 years ago

#107 - Add sonarqube formatter, extract formatter as abstract behavior

Pull Request - State: closed - Opened by juancgalvis over 2 years ago - 1 comment

#106 - Add new output format for sonarqube

Issue - State: open - Opened by juancgalvis over 2 years ago - 4 comments
Labels: feature

#105 - error handler block in parse.ex throws on syntax error

Issue - State: open - Opened by christian-schulze over 2 years ago - 7 comments
Labels: bug, backlog, good first issue

#104 - `--exit` flag does not exit with failure code

Issue - State: open - Opened by devtayls over 2 years ago - 4 comments
Labels: bug

#103 - Crash when attempting to normalize_path

Issue - State: closed - Opened by aham3r over 2 years ago - 1 comment

#102 - Create tags in github repository to match releases in hex

Issue - State: closed - Opened by squaresurf over 2 years ago - 2 comments

#101 - Skip false positive in .eex template

Issue - State: closed - Opened by taobojlen over 2 years ago - 1 comment

#100 - Fix typo

Pull Request - State: closed - Opened by kianmeng over 2 years ago

#99 - Sobelow --format flag not working

Issue - State: closed - Opened by OlivettiOriana almost 3 years ago - 6 comments

#98 - Use SPDX ID for licenses in mixfile

Pull Request - State: closed - Opened by Cantido almost 3 years ago - 2 comments

#97 - Path traversal issue with Plug.Upload

Issue - State: closed - Opened by wingyplus almost 3 years ago - 6 comments

#96 - Allow atom values for threshold in config file.

Pull Request - State: closed - Opened by hassan almost 3 years ago - 4 comments

#95 - Unable to use saved config

Issue - State: closed - Opened by OldhamMade about 3 years ago - 2 comments

#94 - Plugin Mechanism

Issue - State: open - Opened by capitalist about 3 years ago - 5 comments
Labels: feature, backlog

#93 - Bring flycheck output inline with expected format

Pull Request - State: closed - Opened by OldhamMade about 3 years ago - 2 comments

#92 - Do not use global state for configuration

Pull Request - State: closed - Opened by hauleth about 3 years ago - 1 comment

#91 - Properly escape generated configuration

Pull Request - State: closed - Opened by hauleth about 3 years ago - 1 comment

#90 - Colour output only when needed

Pull Request - State: closed - Opened by hauleth about 3 years ago - 3 comments

#89 - Formatting as json with `-f json` causes crash.

Issue - State: closed - Opened by alex0112 about 3 years ago - 2 comments

#88 - Update README.md

Pull Request - State: closed - Opened by marpo60 about 3 years ago

#87 - Add --strict flag

Pull Request - State: closed - Opened by squaresurf over 3 years ago - 1 comment

#86 - Add test coverage for Sobelow.Traversal.SendFile

Pull Request - State: closed - Opened by squaresurf over 3 years ago

#85 - Allow sarif to be output to a file

Pull Request - State: closed - Opened by squaresurf over 3 years ago

#84 - How to use sobelow_skip in .eex files or the router?

Issue - State: closed - Opened by bitboxer over 3 years ago - 3 comments

#83 - Getting a compilation error on sobelow 0.11.0

Issue - State: closed - Opened by skylerparr over 3 years ago - 2 comments

#82 - Colour the output only if `IO.ANSI.enabled?() == true`

Issue - State: open - Opened by hauleth over 3 years ago - 2 comments

#81 - no match of right hand side value 'config'

Issue - State: closed - Opened by davinerd over 3 years ago - 3 comments

#80 - Swap order of the compact report entries

Issue - State: closed - Opened by hauleth over 3 years ago - 4 comments

#79 - (FunctionClauseError) no function clause matching in List.last/1

Issue - State: closed - Opened by marlies90 over 3 years ago - 4 comments

#78 - Create CI Integration

Issue - State: closed - Opened by josepalafox over 3 years ago - 2 comments

#77 - Enable SARIF Report Output

Issue - State: closed - Opened by josepalafox over 3 years ago - 2 comments

#76 - Misc doc changes

Pull Request - State: closed - Opened by kianmeng over 3 years ago - 1 comment

#75 - chore(Elixir): Fix compiler warnings

Pull Request - State: closed - Opened by tomciopp over 3 years ago - 1 comment

#74 - nofile - unexpected token: end

Issue - State: closed - Opened by dabaer over 3 years ago - 2 comments

#73 - Add recommended combinations of Elixir and Erlang/OTP versions to CI

Pull Request - State: closed - Opened by adrianomitre almost 4 years ago - 1 comment

#72 - Cross-Site WebSocket Hijacking check false positive for Phoenix LiveView

Issue - State: closed - Opened by jarrodldavis almost 4 years ago - 4 comments

#71 - Fix CSRF Documentation URL

Pull Request - State: closed - Opened by jherdman almost 4 years ago

#70 - Security checks are run against raw string AST instead against compiled AST

Issue - State: open - Opened by skylerparr about 4 years ago - 3 comments
Labels: enhancement, backlog

#69 - Document Sobelow.XSS.SendResp

Issue - State: closed - Opened by jared-mackey about 4 years ago - 6 comments

#68 - Document Sobelow.Traversal.SendDownload

Issue - State: closed - Opened by jared-mackey about 4 years ago

#67 - Error: ranges (first..last) expect both sides to be integers...

Issue - State: closed - Opened by romaluca about 4 years ago - 2 comments

#66 - Missing sweet_xml vulnerability?

Issue - State: closed - Opened by Cohen-Carlisle about 4 years ago - 1 comment

#65 - config folder not scanned in umbrella projects

Issue - State: closed - Opened by Helpys about 4 years ago - 2 comments

#64 - Protocol.UndefinedError with format json

Issue - State: closed - Opened by lleger about 4 years ago - 6 comments

#63 - Feature Request: Scan multiple apps in the same command

Issue - State: closed - Opened by aselder about 4 years ago - 3 comments

#62 - Add docs with a solution on how to solve the check

Pull Request - State: closed - Opened by pdgonzalez872 about 4 years ago - 1 comment

GitHub / nccgroup/sobelow issues and pull requests