Yes, currently running with --config
is required because I didn’t want a case to arise where someone thought they were getting a full scan but they weren’t. So that might change in the future, and it could just have a warning that the scan is running with a config file.
But I’m not sure yet; I haven’t gotten a lot of feedback on the feature
Well consider this feedback. ^.^
Would be nice if --config
were default but if there were a summary of the things it changes from the defaults at the start of the scan.
1 Like
It helped me with a few things. The big one was that I was missing a few important things in my API pipeline. Thank you!
1 Like
This is such a great and useful library, but it seems it’s not maintained anymore…does anyone know future plans for it?
4 Likes
I’m getting into security of my projects more and was wondering the same thing.
1 Like
Good news, Sobelow is being actively maintained. Holden Oullette is the new maintainer, and my PR for adding HEEx support is included in the new release:
5 Likes