github presidentbeef/brakeman v4.2.0

  • Handle ERb use of String#<< method for Ruby 2.5 (Pocke)
  • Exclude template folders in lib/ (kru0096)
  • Warn about SQL injection with not
  • Avoid warning about symbol DoS on Model#attributes (#1096)
  • Avoid warning about open redirects with model methods ending with _path(#1117)
  • Avoid warning about command injection with Shellwords.escape (#1159)
  • Use ivars from initialize in libraries
  • Fix multiple assignment of globals (#1155)
  • Sexp#body= can accept :rlist from Sexp#body_list
  • Update RubyParser to 3.11.0
latest releases: v5.1.1, v5.1.0, v5.0.4...
3 years ago