GriffinMB
commented
2 years ago Hi! If you are using Sobelow as a standalone tool, you should install it as an escript (e.g. 'mix escript.install' instead of archive).
Closed OlivettiOriana closed 1 year ago
GriffinMB
commented
2 years ago Hi! If you are using Sobelow as a standalone tool, you should install it as an escript (e.g. 'mix escript.install' instead of archive).
OlivettiOriana
commented
2 years ago I'm using it as a depency in a project. I added it manually to the mix.ex file. Then ran "mix deps.get" command and I'm using it as "mix sobelow". Cause this report is part of a CI pipeline
GriffinMB
commented
2 years ago Interesting. That shouldn't be causing any problems for you then. I'll take a look and see if I can reproduce this issue. In the meantime, double check that deps are installed before running, and that the lockfile is up to date.
If the repo is open source, a link might help me narrow down the problem.
OlivettiOriana
commented
2 years ago Thanks, I'll double-check the lockfile is up to date. Unfortunately, the repository is not open source to send you the link. I really appreciate your help and time. Thank you so much!
OlivettiOriana
commented
2 years ago Hi there! Were you able to reproduce the error? Thanks in advance!
squaresurf
commented
2 years ago @OlivettiOriana do you have jason in your projects deps? If not, would you try adding it and seeing if that works? I found that I had to add jason explicitly which may be something to do with the way that sobelow depends on jason.
Whenever I try to use the --format flag for saving the report into a file, I get some Jason related errors. I'm using sobelow version 0.11.1. I append pictures while trying the sarif and json formatting...
(json)
(sarif)
Am I using them wrong? I don't seem to find anything related on the internet to fix it. Thank you all in advance!