Add basic support for Sobelow #651
Conversation
|
Below should help pass the tests - Adding Adding JSON object |
|
Similarly adding - Adding Adding JSON object |
|
Thanks I’ll give it a try.
…
On Jul 4, 2022, at 4:09 PM, maitrayshah ***@***.***> wrote:
Similarly adding -
Adding "Sobelow" to this list - https://github.com/coinbase/salus/blob/5d6b2777632ae5d186ef947ac3d56851df1f30db/spec/fixtures/processor/remote_uri/expected_report.json#L62
Adding JSON object
"Sobelow": {
"pass_on_raise": false,
"scanner_timeout_s": 0
},
to https://github.com/coinbase/salus/blob/5d6b2777632ae5d186ef947ac3d56851df1f30db/spec/fixtures/processor/remote_uri/expected_report.json#L103
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you authored the thread.
|
|
@maitrayshah Thanks for the suggestions, looks like it's passing now. Let me know if you need anything else from me to get this merged. |
|
@alex0112 Thanks for adding this, I'll take a look and if everything looks good will merge it in. |
|
@maitrayshah I'm not sure how to resolve this new error. Any pointers? |
|
@alex0112 Yeah I think my bad, while resolving conflict I messed up the config file. Essentially just make sure it matches this block - https://github.com/coinbase/salus/blob/e732912847a39450e6d7f17dd7b3e715c30a5da5/spec/fixtures/processor/local_uri/expected_report.json#L54 and has an object for Sobelow too and that should fix it. Apologize for the issue. |
andrew-booth-cb
force-pushed
the
master
branch
from
1d09854
to
e927762
Compare
With regards to #627
This PR is intended to be a minimum viable scanner. It will correctly detect and scan Phoenix applications. Instructions for omitting false positives are found in the doc for this scanner, but as a TODO I would like to add the complete list of options for the scanner to a config file in line with how the remainder of the application works.