- Update Haml support to Haml 5.x (#1044)
- Catch shell injection from
-cshell commands (Jacob Evelyn) - Correctly handle non-symbols in
CheckCookieSerialization(Phil Turnbull) - Refactor
Brakeman::Differ#second_pass(Benoit Côté-Jodoin) - Fix
version_between?(Andrey Glushkov) - Ignore interpolation in
%W[](#1399) - Ignore
form_forfor XSS check