• --exit-on-warn --compare only returns error code on new warnings (Jeff Yip)
• Sort warnings by fingerprint in JSON report (Jeff Yip)
• CVEs report correct line and file name (Gemfile/Gemfile.lock) (Rob Fletcher)
• Change --separate-models to be the default
• Local variables are no longer formatted as (local var)
• Actually skip skipped before filters
• Remove "fake filters" from warning fingerpints
• Index calls in lib/ files
• Handle symmetric multiple assignment
• Do not branch for self attribute assignment x = x.y (#552)
• Move Symbol DoS to optional checks
• Add check for cross site scripting via inline renders
• Add check for CVE-2014-7829
• Fix parsing of <%== in ERB
• Fix output format of command interpolation
• Fix CVE for CVE-2011-2932