(ArgumentError) ranges (first..last) expect both sides to be integers, got: 1..1.0

nccgroup / sobelow

Security-focused static analysis for the Phoenix Framework

Apache License 2.0

1.66k stars 92 forks source link

(ArgumentError) ranges (first..last) expect both sides to be integers, got: 1..1.0 #161

Closed alvarezloaiciga closed 4 months ago

alvarezloaiciga commented 4 months ago

When I try mix sobelow on a phoenix project I get this:

** (ArgumentError) ranges (first..last) expect both sides to be integers, got: 1..1.0
    (elixir 1.16.0) lib/range.ex:193: Range.new/2
    (sobelow 0.13.0) lib/sobelow/parse.ex:458: Sobelow.Parse.create_fun_cap/3
    (sobelow 0.13.0) lib/sobelow/parse.ex:437: Sobelow.Parse.get_funs_of_type/3
    (elixir 1.16.0) lib/macro.ex:637: anonymous fn/4 in Macro.do_traverse_args/4
    (stdlib 5.2) lists.erl:1706: :lists.mapfoldl_1/3
    (elixir 1.16.0) lib/macro.ex:602: Macro.do_traverse/4
    (elixir 1.16.0) lib/macro.ex:608: Macro.do_traverse/4
    (stdlib 5.2) lists.erl:1706: :lists.mapfoldl_1/3

Elixir and Erlang


Erlang/OTP 26 [erts-14.2.1] [source] [64-bit] [smp:10:10] [ds:10:10:10] [async-threads:1] [jit]

Elixir 1.16.0 (compiled with Erlang/OTP 24)



I am currently using  `phoenix: 1.7.11` and `sobelow: 0.13.0`

houllette commented 4 months ago

Hey @alvarezloaiciga! This may be a duplicate of #145 which was fixed in v0.13.1 of Sobelow - which admittedly hasn't been pushed to hex yet (I was waiting for a response in another issue that has gone un-responded too). You can install Sobelow using GitHub has the version source to try out the fix in the mean time!

I will get on pushing out the patch change soon though, thanks for the bump!

alvarezloaiciga commented 4 months ago

Thanks for the quick response @houllette. Should I try the master branch. I could not find a 0.13.1 in GH

alvarezloaiciga commented 4 months ago

Fixed from master @houllette, thanks! Now I am onto another issue :). Every file in the /lib folder is coming back with

** (KeyError) key :endpoint? not found in: %{
  filename: "lib/****.ex",
  def_funs: [
    {:def, [line: 18, column: 3],
     [....

houllette commented 4 months ago

Oh shoot! While I'm glad your original issue was fixed from master branch, sorry to hear your experiencing more issues. This may be related to #158 and whatever is going on there which I'm realizing now my comment about #156 fixing it may not be the case.

I will look into this and try to get a fix out once I figure out what's going on - bear with me!

alvarezloaiciga commented 4 months ago

Hi @houllette any update on this? We're willing to add sobelow to our project soon but this is a blocker :). No pressure, just to give us an idea on when is this going to be ready. Also if there's something we can do, please let us know

houllette commented 4 months ago

Hey @alvarezloaiciga - master branch now incorporates the changes made in #157 and Sobelow is passing tests and running locally again; let me know if that fixes your issues!

Still standing by to push out v0.13.1 to hex til I get a response to another issue, but installing / running from master branch should do the trick for you.

alvarezloaiciga commented 4 months ago

Yeah, that fixed it, thanks!