- Add
--ensure-ignore-notes
(Eli Block) - Add check for user input in
ERB.new
(Matt Hickman) - Add check for CVE-2020-8166 (Jamie Finnigan)
- Always scan
environment.rb
- Avoid warning when
safe_yaml
is used viaYAML.load(..., safe: true)
- Do not warn about mass assignment with
params.permit!.slice
- Ignore
params.permit!
in path helpers - Treat
Dir.glob
as safe source of values in guards - Remove whitelist/blacklist language, add clarifications
- Add "full call" information to call index results
- Updated Slim dependency (Jeremiah Church)