Erwan
Erwan
- [ ] Update version before merging
When enumerating vulnerable plugins/themes, if there is no API token given, nothing will be output. This is the expected behaviour, however an error should be raised before doing the enumeration,...
**Describe the bug** When using taint with `not_conflicting`, or by simply having a sanitizer such as ``` - patterns: - pattern: $F(...) - pattern-not: something(...) ``` Will result in a...
**Is your feature request related to a problem? Please describe.** 1. ~~When playing around with the taint mode in PHP, I came across a case where I need to specify...
**Describe the bug** Join rules completely ignores the `--no-git-ignore` option **To Reproduce** - Copy the folder from https://github.com/returntocorp/semgrep/tree/develop/cli/tests/e2e/targets/join_rules - Copy the join rule from https://github.com/returntocorp/semgrep/blob/develop/cli/tests/e2e/rules/join_rules/inline/inline-rules.yaml - Run the rule against...
Is there a way to ignore all files in the spec/test folders ? We have quite a bit of package.json in our spec folder, which are used as fixture, resulting...
Related to #540 As mentioned in the Typhoeus' doc, the effective_url method should return a string: https://github.com/typhoeus/typhoeus/blob/de61860fecec32b58e150e63219d1a4062a77855/lib/typhoeus/response/informations.rb#L181 Currently in webmock, an Addressable::URI object is returned The fix would be to...
Unless I am doing something wrong, it's currently not possible to stub Typhoeus requests with cookies. ```ruby stub_request(:get, url) .with(headers: { 'Cookie' => 'key=value' }) .to_return(body: 'Cookies Accepted!') ``` does...
**Describe the bug** Code such as `sink(isset($source) ? 'something' : 'b');` is detected as a match, but should not be. Interestingly, code such as `$a = (isset($source) ? 'something' :...
Install & use wp-cli to manage the WP (add users, plugins, posts etc), will be easier I think :)