Graphqler

Latest version: v2.3.6

Safety actively analyzes 682471 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 2

2.3.6

🔍Implemented detections!

User-facing changes

- Add introspection detection
- Add field suggestions detection
- Add HTML/XSS/SQLi/File/SSRF detections
- Add OS command injection detections
- Add deny-list bypass detections
- Add easier stats parsing
- Add detection logging for easier access
- Add `SKIP_NODES` option to the configuration to skip any nodes that might be causing issues on the API (IE. slow endpoints)


Detections example
![image](https://github.com/user-attachments/assets/866ec397-47e1-470f-896b-55468ddb8057)

---

Developer changes

- Moved `materializer` of each detection into `detection` classes
- Stats parsing now parses vulnerabilities as well
- Added general abstract `detection` class to be extended on
- Fix duplicate logging by checking logger handlers before initialization
- Fix materializer check for soft dependencies

2.2.2

Objects bucket refactor
- Can now keep track of all scalars seen
- Keeps track of all fields of objects seen


General
- Improved error handling & object bucket printing
- Checking max-depth on inputs for materializer
- Bug fix on max-depth of materializer in inputs not being used
- Bug fix stats not correctly giving back proper error codes
- Remove noise in `fuzzer.log` during normal usage (still available in DEBUG mode)

2.2.0

- SQLI testing
- Batch query/mutation testing
- Bug fixes on error handling

2.1.9

What's Changed
- Add support for args in fields
- Fix bugs in logging during retries
- Add re-trier functionality on NON_NULL fields of objects
- Add INTERFACE support

2.1.5

- Refactor a lot of materializer code
- Add UNION type support
- Add DEBUG support

2.1.3

Features
- IDOR checking
- Packaged GraphQLer as a pip package
- Bug fixes
- Improved logging for compiler and found objects
- Support for a TOML config file
- Use `--mode` to combine `--compile`, `--fuzz`, `--run`
- Add `--version` flag
- Add container to run GraphQLer in docker
- Add proxy support
- Add custom headers

Page 1 of 2

Links

Releases

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.