I’m wondering if it’s possible to achieve something like
mix sobelow --skip --config? From what I can tell the
--config flags seems to override skip.
The problem is that I have a few specific
Traversal.FileModule warnings that are safe so I want to tag them as such
# sobelow_skip ["Traversal"]. But I want to set all
XSS.Raw warnings as safe via the
.sobelow-conf, these warnings are all safe but fairly pervasive through the app so I don’t want to tag
sobelow_skip for each one.
With instances where one would want both is there a way to run sobelow with both flags?