github presidentbeef/brakeman v4.1.0

  • Add check for dangerous keys in permit
  • Add optional check for divide by zero
  • Remove errors about divide by zero
  • Warn about dynamic values in Arel.sql
  • Show better location for Sass errors (Andrew Bromwich)
  • Avoid warning about file access for temp files (#1110)
  • Avoid CSRF warning in Rails 5.2 default config (#1132)
  • Better processing of op_asgn1 (e.g. x[:y] += 1) (#1103)
  • Handle nested destructuring/multiple assignment
  • Do not warn on params.permit with safe values (#1000)
  • Use HTTPS for warning links
  • Try to guess options for less pager (#1118)
  • Do not page if results fit on screen
  • Leave results on screen after paging
  • Fix upgrade version for CVE-2016-6316
  • Fix include_paths for Code Climate engine (Will Fleming)
  • Support app_path configuration for Code Climate engine (Noah Davis)
  • Refactor Code Climate engine options parsing (Noah Davis)
latest releases: v5.1.1, v5.1.0, v5.0.4...
3 years ago