All Versions
23
Latest Version
Avg Release Cycle
42 days
Latest Release
-

Changelog History
Page 1

  • v0.10.1

    • Bug fixes
      • Sobelow will use ".sobelow-skips" instead of ".sobelow" in your root directory for --mark-skip-all
  • v0.10.0

    February 04, 2020
    • Enhancements
      • Sobelow now uses "~/.sobelow/sobelow-vsn-check" for update checks
      • The ".sobelow" file in your project root is for --mark-skip-all only
  • v0.9.3

    December 18, 2019
    • Enhancements

      • Improved checks for all aliased functions
    • Bug Fixes

      • JSON output for Raw findings is now properly normalized
      • send_download correctly flags aliased function calls
      • send_download now correctly flags piped functions
  • v0.9.2

    November 13, 2019
    • Bug Fixes
      • Fix error that resulted from redefining imported functions
  • v0.9.1

    October 14, 2019
    • Bug Fixes
      • Revert umbrella app recursion
  • v0.9.0

    • Enhancements

      • Add --mark-skip-all and --clear-skip flags
      • New CSRF via action reuse checks
      • Sobelow can now be run in umbrella apps
    • Bug Fixes

      • Fix an error when printing some kinds of variables
  • v0.8.0

    June 21, 2019
    • Enhancements

      • Improve output consistency
        • All JSON findings contain type, file, and line keys
        • "Line" output now refers directly to the vulnerable line
        • Default output headers have been normalized

      Note: If you depend on the structure of the output, this may be a breaking change. More information can be found at https://sobelow.io.

  • v0.7.8

    June 21, 2019
    • Enhancements

      • Add --threshold flag
      • Add module names to finding output
    • Deprecations

      • File/Path check has been deprecated
    • Bug Fixes

      • Fix inaccurate CSRF details
  • v0.7.7

    June 21, 2019
    • Enhancements

      • Add check for insecure websocket settings
    • Bug Fixes

      • Accept module attributes for application name
  • v0.7.6

    June 21, 2019
    • Bug Fixes
      • Fix issue that suppressed output options when config files were in use