Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Carthage Analyzr #1697

Closed
sushi2k opened this issue Apr 18, 2020 · 1 comment · Fixed by #1811
Closed

Carthage Analyzr #1697

sushi2k opened this issue Apr 18, 2020 · 1 comment · Fixed by #1811
Labels
close? Issue can potentially be closed according to the new approach. iOS tools

Comments

@sushi2k
Copy link
Collaborator

sushi2k commented Apr 18, 2020
edited
Loading

Platform:
iOS

Description:

At the moment it's not possible to analyse Cartage packages. This is still a gap and can be added to Document/0x06i-Testing-Code-Quality-and-Build-Settings.md.

Tasks:

  1. Research if any other tool can find vulnerabilites in Carthage
  2. Develop your own analyzer and share with the community :-) See
    Add Swift PM and Dependency-check #1690 (comment)
@sushi2k sushi2k mentioned this issue Apr 18, 2020
Merged
1 task
@cpholguera cpholguera added the iOS label Apr 26, 2020
@cpholguera cpholguera added tools close? Issue can potentially be closed according to the new approach. labels Aug 26, 2020
@cpholguera cpholguera mentioned this issue Aug 30, 2020
Merged
@cpholguera
Copy link
Collaborator

There's an issue for this in OWASP Dep. Check: jeremylong/DependencyCheck#962; info added to PR #1811 so we can close this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
close? Issue can potentially be closed according to the new approach. iOS tools
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Various fixes OWASP/owasp-mastg
2 participants
@sushi2k @cpholguera