Phoenix Icon


A productive Elixir web framework that does not compromise speed and maintainability
4 Stories
All Topics

Griffin Byatt

Sobelow – a security-focused static analyzer for the Phoenix framework

Yesterday, Griffin Byatt hit me up in Slack and let me know we had a few security holes. 😱 After a quick discussion about the magnitude of said holes, he informed me that he'd found them by running our code through his static analysis tool, Sobelow. Say what? For security researchers, it is a useful tool for getting a quick view of points-of-interest. For project maintainers, it can be used to prevent the introduction of a number of common vulnerabilities. I asked Griffin if he'd be kind enough to open a PR with the fixes so we can link it up and use it to show folks how handy this tool is. So that's what he did and that's what I'm doing! 💚



Elm, Elixir, and Phoenix: Reflecting on a functional full-stack project

Zack Kayser built a Texas Hold ‘Em app with the EEP (?) stack and wrote up his findings. He calls Elm and Elixir "a match made in Functional Heaven", but the endeavor wasn't without its challenges: I personally struggled with 1) how to organize my code, especially with larger modules, 2) figuring out how to make the UI more interactive, and 3) sharing code across modules. There's a lot to learn from Zack's experience. Both the Elm front-end and Phoenix back-end are open source. ✊

0:00 / 0:00