issues
search
doyensec
/
electronegativity
Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.
Apache License 2.0
972
stars
66
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Add Electron upgrade checks to Electronegativity
#60
jkleinsc
closed
4 years ago
4
Better node module support
#59
malept
closed
4 years ago
2
Update checks based on latest webPreferences defaults
#58
ikkisoft
opened
4 years ago
2
New Remote Module Not Disabled Check
#57
ikkisoft
closed
4 years ago
1
Error when parsing app.js: "ImportDeclaration should appear when the mode is ES6 and in the module context."
#56
vollkorn1982
closed
5 years ago
11
Reduce vulnerabilities reported from npm audit
#55
jnaulty
closed
5 years ago
0
`releases.$etag.json` is saved in the current path of execution in global installations
#54
phosphore
closed
4 years ago
3
UnhandledPromiseRejectionWarning while fetching new Electron releases
#53
Derek20
closed
5 years ago
10
Support for nodeintegrationinsubframes
#52
ikkisoft
closed
5 years ago
2
Upgraded `typescript-estree' to `@typescript-eslint/typescript-estree`
#51
jason-invision
closed
5 years ago
0
TypeError parsing Electron Release list
#50
jason-invision
closed
5 years ago
6
Error when installing via npm on Ubuntu
#49
bonkc
closed
5 years ago
3
Security warnings disabled checks
#48
phosphore
closed
5 years ago
0
Introduces Severity and Confidence attributes for each check
#47
phosphore
closed
5 years ago
2
Introduce AVAILABLE_SECURITY_FIXES_GLOBAL_CHECK, resolves #30
#46
phosphore
closed
5 years ago
0
add CUSTOM_ARGUMENTS_JSON_CHECK, improve CUSTOM_ARGUMENTS_JS_CHECK
#45
phosphore
closed
5 years ago
0
Introduces LIMIT_NAVIGATION_GLOBAL_CHECK and LIMIT_NAVIGATION_JS_CHECK, resolves #24
#44
phosphore
closed
5 years ago
2
Introduces PERMISSION_REQUEST_HANDLER_GLOBAL_CHECK, resolves #24
#43
phosphore
closed
5 years ago
1
Introduce CUSTOM_ARGUMENTS_JSON_CHECK
#42
phosphore
closed
5 years ago
2
resolves #24 adding support for on() events like 'will-navigate' and 'new-window'
#41
phosphore
closed
5 years ago
1
Implement Escope support, update existing checks as required by #32
#40
phosphore
closed
5 years ago
1
add AffinityGlobalCheck, tests, fix minor issue using -c flag
#39
phosphore
closed
5 years ago
2
Parsing error in package.json
#38
ikkisoft
closed
5 years ago
5
Introducing GlobalChecks (CSP check as first example)
#37
ikkisoft
closed
5 years ago
1
Introduces GlobalChecks, closes #27
#36
phosphore
closed
5 years ago
3
closes #27: Check for CSP
#35
phosphore
closed
5 years ago
3
closes #33: Ability to run a single scan check
#34
phosphore
closed
5 years ago
1
Ability to run a single scan check
#33
ikkisoft
closed
5 years ago
0
BrowserWindow configs passed as variable is not supported
#32
ikkisoft
closed
5 years ago
3
Consider introducing "Severity" and "Confidence" attributes for each check. Ideas?
#31
ikkisoft
closed
5 years ago
0
Improve ELECTRON_VERSION_CHECK
#30
ikkisoft
closed
5 years ago
1
Export to csv fixed
#29
JarLob
closed
6 years ago
0
FATAL ERROR: Ineffective mark-compacts near heap limit Allocation failed - JavaScript heap out of memory
#28
VoidSec
closed
6 years ago
3
Check for CSP
#27
JarLob
closed
5 years ago
1
Warn about ELECTRON_DISABLE_SECURITY_WARNINGS
#26
JarLob
closed
5 years ago
4
Add BrowserView support
#25
JarLob
closed
5 years ago
2
Show warnings for missing security-relevant handlers
#24
JarLob
closed
5 years ago
2
Pass electron version to checkers
#23
JarLob
closed
4 years ago
3
Command line arguments search is not implemented
#22
JarLob
closed
5 years ago
4
Different checkers fixed
#21
JarLob
closed
6 years ago
8
Electron version check fix
#20
JarLob
closed
6 years ago
0
Reduce false positives in eval check
#19
JarLob
closed
6 years ago
0
JS and JSX parsing improvement. TypeScript support added.
#18
JarLob
closed
6 years ago
1
Some file extensions were not scanned
#17
JarLob
closed
6 years ago
0
Fix asar loading on windows - replaced hardcoded path separator.
#16
JarLob
closed
6 years ago
1
Export to SARIF format added
#15
JarLob
closed
6 years ago
2
LoaderASAR tests fail
#14
JarLob
closed
6 years ago
0
False positive fix in OpenExternalCheck: ignore hardcoded strings
#13
JarLob
closed
6 years ago
0
False negative fix in HttpResourcesCheck: handle `HTTP://${url}`
#12
JarLob
closed
6 years ago
0
React.js support added
#11
JarLob
closed
6 years ago
2
Previous
Next