Podcast: ThinkingElixir 148 - Security Scanning our Apps with Sobelow

We go deeper on the Sobelow library, a security-focused static analysis tool for Elixir and Phoenix apps. We talk with Griffin Byatt, the creator, and Holden Oullette, the new maintainer. We learn how and why the project was created, how it works, what it can and can’t do, and how to use it in CI pipelines for continuous scanning. Sobelow is a cornerstone project in the community that checks a critical box for certification requirements which means we get to use Elixir when it might otherwise be a hard sell. Join us as we learn more about the project and the people behind it!


Such a great episode packed with a ton of fantastic news, I recommend people don’t skip this one :slight_smile: I’m particularly thrilled to hear that interviews are gradually coming back (no pressure! :wink:), I didn’t realize how much I would miss them. To sate my addiction I resorted to going through my (tiny) back catalog of unplayed Thinking Elixir episodes, and eventually back to old Elixir Mix episodes! It’s been really fun, actually.

Perhaps even more excited to hear that Podium plans to take a greater leadership role in the Elixir community and ecosystem, that could be huge. I’ve lowkey wished they would for years, dreams really do come true!