github presidentbeef/brakeman v1.5.0

  • Add version check for SafeBuffer vulnerability
  • Add check for select vulnerability in Rails 3
  • select() is no longer considered safe in Rails 2
  • Add check for skipping CSRF protection with a blacklist
  • Add JSON report format
  • Model#id should not be considered XSS
  • Standardize methods to check for SQL injection
  • Fix Rails 2 route parsing issue with nested routes
latest releases: v5.1.1, v5.1.0, v5.0.4...
7 years ago