All Versions
31
Latest Version
Avg Release Cycle
42 days
Latest Release
-
Changelog History
Page 2
Changelog History
Page 2
-
v0.9.3 Changes
December 18, 2019Enhancements
- Improved checks for all aliased functions
Bug Fixes
- JSON output for Raw findings is now properly normalized
send_download
correctly flags aliased function callssend_download
now correctly flags piped functions
-
v0.9.2 Changes
November 13, 2019- Bug Fixes
- Fix error that resulted from redefining imported functions
- Bug Fixes
-
v0.9.1 Changes
October 14, 2019- Bug Fixes
- Revert umbrella app recursion
- Bug Fixes
-
v0.9.0 Changes
Enhancements
- Add
--mark-skip-all
and--clear-skip
flags - New CSRF via action reuse checks
- Sobelow can now be run in umbrella apps
- Add
Bug Fixes
- Fix an error when printing some kinds of variables
-
v0.8.0 Changes
June 21, 2019Enhancements
- Improve output consistency
- All JSON findings contain
type
,file
, andline
keys - "Line" output now refers directly to the vulnerable line
- Default output headers have been normalized
- All JSON findings contain
Note: If you depend on the structure of the output, this may be a breaking change. More information can be found at https://sobelow.io.
- Improve output consistency
-
v0.7.8 Changes
June 21, 2019Enhancements
- Add
--threshold
flag - Add module names to finding output
- Add
Deprecations
- File/Path check has been deprecated
- File/Path check has been deprecated
Bug Fixes
- Fix inaccurate CSRF details
-
v0.7.7 Changes
June 21, 2019Enhancements
- Add check for insecure websocket settings
Bug Fixes
- Accept module attributes for application name
-
v0.7.6 Changes
June 21, 2019- Bug Fixes
- Fix issue that suppressed output options when config files were in use
- Bug Fixes
-
v0.7.5 Changes
June 21, 2019- Misc
- Sobelow will now only halt when
--exit
flag is used
- Sobelow will now only halt when
- Misc
-
v0.7.4 Changes
June 21, 2019- Bug Fixes
- Log hardcoded secrets for txt output
- Bug Fixes