Yes, currently running with --config is required because I didn’t want a case to arise where someone thought they were getting a full scan but they weren’t. So that might change in the future, and it could just have a warning that the scan is running with a config file.
But I’m not sure yet; I haven’t gotten a lot of feedback on the feature 
Well consider this feedback. ^.^
Would be nice if --config were default but if there were a summary of the things it changes from the defaults at the start of the scan. 
It helped me with a few things. The big one was that I was missing a few important things in my API pipeline. Thank you!
This is such a great and useful library, but it seems it’s not maintained anymore…does anyone know future plans for it?
I’m getting into security of my projects more and was wondering the same thing.
Good news, Sobelow is being actively maintained. Holden Oullette is the new maintainer, and my PR for adding HEEx support is included in the new release:
© Copyright Elixir Forum | Terms | Privacy & Cookies
