We go deeper on the Sobelow library, a security-focused static analysis tool for Elixir and Phoenix apps. We talk with Griffin Byatt, the creator, and Holden Oullette, the new maintainer. We learn how and why the project was created, how it works, what it can and can't do, and how to use it in CI pipelines for continuous scanning. Sobelow is a cornerstone project in the community that checks a critical box for certification requirements which means we get to use Elixir when it might otherwise be a hard sell. Join us as we learn more about the project and the people behind it!
Show Notes online - http://podcast.thinkingelixir.com/148 (http://podcast.thinkingelixir.com/148)
Elixir Community News
- https://news.livebook.dev/hubs-and-secret-management---launch-week-1---day-3-3tMaJ2 (https://news.livebook.dev/hubs-and-secret-management---launch-week-1---day-3-3tMaJ2?utm_source=thinkingelixir&utm_medium=shownotes) – Livebook Launch Week - Day 3 - Hubs, secrets, teams, authentication
- https://news.livebook.dev/build-and-deploy-a-whisper-chat-app-to-hugging-face-in-15-minutes---launch-week-1---day-4-wYM0w (https://news.livebook.dev/build-and-deploy-a-whisper-chat-app-to-hugging-face-in-15-minutes---launch-week-1---day-4-wYM0w?utm_source=thinkingelixir&utm_medium=shownotes) – Livebook Launch Week - Day 4 - What is deploying apps to HuggingFace?
- https://news.livebook.dev/data-wrangling-in-elixir-with-explorer-the-power-of-rust-the-elegance-of-r---launch-week-1---day-5-1xqwCI (https://news.livebook.dev/data-wrangling-in-elixir-with-explorer-the-power-of-rust-the-elegance-of-r---launch-week-1---day-5-1xqwCI?utm_source=thinkingelixir&utm_medium=shownotes) – Livebook Launch Week - Day 5 - Data wrangling in Elixir with https://news.livebook.dev/data-wrangling-in-elixir-with-explorer-the-power-of-rust-the-elegance-of-r---launch-week-1---day-5-1xqwCI
- https://github.com/elixir-nx (https://github.com/elixir-nx?utm_source=thinkingelixir&utm_medium=shownotes) – The Nx GitHub organization page was set up
- https://twitter.com/sorentwo/status/1646493981591625732 (https://twitter.com/sorentwo/status/1646493981591625732?utm_source=thinkingelixir&utm_medium=shownotes) – Oban update 2.15.0
- https://github.com/sorentwo/oban/releases/tag/v2.15.0 (https://github.com/sorentwo/oban/releases/tag/v2.15.0?utm_source=thinkingelixir&utm_medium=shownotes) – Oban release notes
- https://twitter.com/osterbergmarcus/status/1646833341881016323 (https://twitter.com/osterbergmarcus/status/1646833341881016323?utm_source=thinkingelixir&utm_medium=shownotes) – Tweet asking about bulk steam inserts
- https://twitter.com/elixirphoenix/status/1646913447030865921 (https://twitter.com/elixirphoenix/status/1646913447030865921?utm_source=thinkingelixir&utm_medium=shownotes) – Phoenix response says the bulk insert is in main now.
- https://hexdocs.pm/ecto/Ecto.Changeset.html#cast_assoc/3-sorting-and-deleting-from-many-collections (https://hexdocs.pm/ecto/Ecto.Changeset.html#cast_assoc/3-sorting-and-deleting-from-many-collections?utm_source=thinkingelixir&utm_medium=shownotes) – Ecto's Sorting and deleting from -many collections
- https://twitter.com/iteamon/status/1648310734479130627 (https://twitter.com/iteamon/status/1648310734479130627?utm_source=thinkingelixir&utm_medium=shownotes) – Dry run implementation by Tymon Tobolski
- https://twitter.com/theerlef/status/1646211583172034563 (https://twitter.com/theerlef/status/1646211583172034563?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf EU keynote to look forward to
Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com)
Discussion Resources
- https://twitter.com/paraxialio/status/1641242283134660616 (https://twitter.com/paraxialio/status/1641242283134660616?utm_source=thinkingelixir&utm_medium=shownotes)
- https://github.com/nccgroup/sobelow (https://github.com/nccgroup/sobelow?utm_source=thinkin