Brakeman v0.6.0 Release Notes

Release Date: 2011-07-20 // over 11 years ago
    • Tests are in place and fully functional
    • Hide errors by default in HTML output
    • Warn if routes.rb cannot be found
    • Narrow methods assumed to be file access
    • Increase confidence for methods known to not escape output
    • Fixes to output processing for Erubis
    • Fixes for Rails 3 XSS checks
    • Fixes to line numbers with Erubis
    • Fixes to escaped output scanning
    • Update CSRF CVE-2011-0447 message to be less assertive