devtayls
commented
2 years ago I wonder if we need to change the !is_nil(status) to !is_number(status) on line 190 of sobelow.ex
Open devtayls opened 2 years ago
devtayls
commented
2 years ago I wonder if we need to change the !is_nil(status) to !is_number(status) on line 190 of sobelow.ex
nwai90
commented
2 years ago Same issue here with version 0.8
houllette
commented
1 year ago Hey @devtayls - I'm working my way through issues having just recently become maintainer, sorry for the delay. I'm trying to recreate this issue and I'm unsuccessful - meaning that I'm getting the expected behavior you outlined.
I'm just using the Sobelow codebase itself and am getting failure codes with a Low threshold (since it detects a few low confidence vulnerabilities on itself) but as soon as you bump it to Medium (where it won't find anything) it exits cleanly.
goncalotomas
commented
1 year ago I was also seeing this behaviour but when using mix sobelow --exit. The exit option doesn't have a boolean value but instead takes the same value of the threshold option.
Simply switching to mix sobelow --exit medium or using exit: :medium in the configuration file fixed this for me.
Expected
When the
--exitflag is passed with a given threshold And I have notifications that exceed the confidence threshold Then the application returns a non-zero exit code indicating failureActual
When the
--exitflag is passed with a given threshold And I have notifications that exceed the confidence threshold Then the application does not return a non-zero exit code indicating failure And there is no indication that the notifications exceed the confidence threshold.Examples
)