Sobelow
Security-focused static analysis for the Phoenix Framework
... confidence" if it looks like a function could be used insecurely, but it cannot reliably be determined if the function accepts user-supplied input. That is to say, if a finding is marked green, it may be critically insecure, but it will require greater manual validation. This project is in constant development, and additional vulnerabilities will be flagged as time goes on. If you encounter a bug, or would like to request additional features or security checks, please open an issue!