Onor.io
Securing Elixir Code
So lately the day job has been deploying a static checking tool for checking C# code for potential security vulnerabilities. This got me thinking–is there anything in the Elixir/Erlang ecosystem to warn about problematic code from a security perspective?
Honestly I’m not even sure what problematic code would look like in terms of security but I’d love to know if anyone has done any research on the topic or started any kind of tool to help insure our code isn’t full of vulnerabilities?
Most Liked Responses
BartOtten
Have a look at Sobelow
https://github.com/nccgroup/sobelow
4
Popular in Discussions
I’d love to hear what people think about Wisp, the new Gleam web framework started by Gleam’s primary creator Louis Pilfold.
Gleam, alon...
New
In django there is a cache framework backed by memcached. Rails also puts a lot of emphasis on caching, and even the idea of russian-doll...
New
Decided against including more info in the title, but the gist is that Plataformatec sponsored projects will continue with the assets bei...
New
It seems that the more I read, the more I find Elixir users speaking about all the ways that Elixir is not good for x, y, and z use cases...
New
Hi there Elixir friends :vulcan_salute:
In a recent task I was on, I needed to check in two dates which of them is the maximum and which...
New
Just a little information upfront. Generally speaking, if I feel like I need to either break a pipe chain or use an anonymous function in...
New
Hi all, I’ve been reading a lot about the “let it crash” term and how supervising processes and the whole messaging passing make an elixi...
New
I think this twitter post and youtube video didn’t get as much attention as I hoped
I am still new to Elixir, so can’t really judge
...
New
Sobelow
Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for g...
New
Seen any cool LiveView demos, sample apps or examples? Please post them here! :003:
New
Other popular topics
I have a another noob question about loop. Since elixir is immutable, while loop is not directly possible.
total = 10
while total != 0
...
New
Erlang/OTP 25 [erts-13.2.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1]
15:22:35.803 [error] gen_event {lager_file_backend...
New
Hello all!
I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
Posting this to see if we can make things easier for people to get into Neovim. If you use Neovim and have a favourite distro please let ...
New
What is the idiomatic way of matching for not nil in Elixir?
E.g.,
First way:
defp halt_if_not_signed_in(conn, signed_in_account) when...
New
Hello, how can I check the Phoenix version ?
Thanks !
New
What is the proper way to load a module from a file in to IEX?
In the python world, doing something like this pretty standard:
from ....
New
We’ve put together this wiki for Phoenix LiveView - please feel free to add any info you feel is worth including.
What is Phoenix LiveV...
New
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New








