• Support relative paths in reports (fsword)
• Allow Brakeman to be run without tty (fsword)
• Fix exit code with --compare (fsword)
• Fix --rake option (Deepak Kumar)
• Add high confidence warnings for to_json XSS (Neil Matatall)
• Fix redirect_to false negative
• Fix duplicate warnings with raw calls
• Fix shadowing of rendered partials
• Add "render chain" to HTML reports
• Add check for XSS in content_tag
• Add full backtrace for errors in debug mode
• Treat model attributes in or expressions as immediate values
• Switch to method access for Sexp nodes