I’m wondering if it’s possible to achieve something like mix sobelow --skip --config
? From what I can tell the --config
flags seems to override skip.
The problem is that I have a few specific Traversal.FileModule
warnings that are safe so I want to tag them as such # sobelow_skip ["Traversal"]
. But I want to set all XSS.Raw
warnings as safe via the .sobelow-conf
, these warnings are all safe but fairly pervasive through the app so I don’t want to tag sobelow_skip
for each one.
With instances where one would want both is there a way to run sobelow with both flags?