Sobelow

Sobelow v0.11.0 Sobelow.Config.Secrets View Source

Hard-coded Secrets

In the event of a source-code disclosure via file read vulnerability, accidental commit, etc, hard-coded secrets may be exposed to an attacker. This may result in database access, cookie forgery, and other issues.

Sobelow detects missing hard-coded secrets by checking the prod configuration.

Hard-coded secrets checks can be ignored with the following command:

$ mix sobelow -i Config.Secrets

Link to this section Summary

Functions

details()
id()
is_env_var?(arg1)
rule()
run(dir_path, configs)

Link to this section Functions

Link to this function

details() View Source

Link to this function

id() View Source

Link to this function

is_env_var?(arg1) View Source

Link to this function

rule() View Source

Link to this function

run(dir_path, configs) View Source

Keyboard Shortcuts
×
c
Toggle sidebar
n
Toggle night mode
/ or s
Focus search bar
?
Bring up this help dialog