github presidentbeef/brakeman v3.1.0

  • Update dependencies to Ruby 1.8 incompatible versions
  • Update render path information in JSON reports
  • Remove renaming of several Sexp nodes
  • Treat html_safe like raw
  • Use railties version if rails gem is missing (Lucas Mazza)
  • Warn about unverified SSL mode in Net::HTTP.start
  • Expand XSS safe methods
  • Avoid warning on path creation methods in link_to
  • Add support for gems.rb/gems.locked (#705)
  • Fix low confidence XSS warning code
  • Avoid duplicate eval warnings
  • Convert YAML config keys to symbols (Karl Glaser)
latest releases: v5.1.1, v5.1.0, v5.0.4...
5 years ago