github presidentbeef/brakeman v4.9.0
4.9.0

  • Add --ensure-ignore-notes (Eli Block)
  • Add check for user input in ERB.new (Matt Hickman)
  • Add check for CVE-2020-8166 (Jamie Finnigan)
  • Always scan environment.rb
  • Avoid warning when safe_yaml is used via YAML.load(..., safe: true)
  • Do not warn about mass assignment with params.permit!.slice
  • Ignore params.permit! in path helpers
  • Treat Dir.glob as safe source of values in guards
  • Remove whitelist/blacklist language, add clarifications
  • Add "full call" information to call index results
  • Updated Slim dependency (Jeremiah Church)
latest releases: v5.1.1, v5.1.0, v5.0.4...
11 months ago