github presidentbeef/brakeman v1.8.0

  • Support relative paths in reports (fsword)
  • Allow Brakeman to be run without tty (fsword)
  • Fix exit code with --compare (fsword)
  • Fix --rake option (Deepak Kumar)
  • Add high confidence warnings for to_json XSS (Neil Matatall)
  • Fix redirect_to false negative
  • Fix duplicate warnings with raw calls
  • Fix shadowing of rendered partials
  • Add "render chain" to HTML reports
  • Add check for XSS in content_tag
  • Add full backtrace for errors in debug mode
  • Treat model attributes in or expressions as immediate values
  • Switch to method access for Sexp nodes
latest releases: v5.1.1, v5.1.0, v5.0.4...
7 years ago