eric-therond
eric-therond
Hi @co-valtira 1. Can you check there are no previous errors while running `./build.sh` and if yes copy paste them here. 2. Memory problems with progpilot is a known issue,...
Hello, this is related to an issue (https://github.com/ircmaxell/php-cfg/issues/58) in the ircmaxell/php-cfg dependency. You can comment this issue to alert the maintainer? On the progpilot side if you surround the analysis...
Hi @wpenton-itc about performances problems, it's a lot of work, I plan to do something at the end of the year. Normally excluded files/folders should not be analyzed. Can you...
How to you run progpilot? ``` progpilot --configuration configuration.yml /usr/www/trunck/ ``` I forgot to ask, in the configuration file what are the values for: - `setFolder` - `setFile` - `setIncludes`...
You have to pass `--configuration` option in the command line with the path to your configuration file: ``` docker run --rm --user="$(id -u):$(id -g)" -v $(pwd):/usr/www/trunk -w /usr/www/trunk $IMAGES_URL/progpilot --configuration...
Hi, what version of PHP do you use ? https://github.com/designsecurity/progpilot/blob/master/docs/FAQ.md > The minimum version of PHP needed to run Progpilot is 7.0.25 Eric
To know and extend the list of vulnerabilities that progpilot can detect, you could look in each sinks.json and rules.json files in this folder and frameworks folder : https://github.com/designsecurity/progpilot/tree/master/package/src/uptodate_data/php the...
Thanks for the bug report SQLite3 was not supported and there was also another bug I have used your code as a new test case : https://github.com/designsecurity/progpilot/blob/master/projects/tests/tests/data/sink9.php It's fixed, you...
Hi @lucmichalski happy new year! You can't use wildcard when excluding files or folders, progpilot read all files in scope and will continue the analysis (try to parse php code)...
Hi can you try to use the latest version of progpilot to see if it solves the problem? there is a open issue about this in the corresponding dependency used...