Brakeman v4.4.0 Release Notes
Release Date: 2019-01-17 // over 5 years ago-
- โ Add check for CVE-2018-3760
- โ Add
--enable
option to enable optional checks - โ Add Dockerfile to run Brakeman inside Docker (Ryan Kemper)
- ๐ Handle empty
secrets.yml
files (Naoki Kimura) - โ Ignore Tempfiles in FileAccess warnings (Christina Koller)
- โ Avoid warning about command injection when
String#shellescape
andShellwords.shelljoin
are used (George Ogata) - Treat
if not
likeunless
(#1225) - ๐ Fix Rails 4 configuration handling
- 0๏ธโฃ Set default encoding to UTF-8
- ๐ Support reading gem versions from gemspecs
- ๐ Support gem versions which are just major.minor (e.g. 3.0)
- Correctly set
rel="noreferrer"
in HTML reports - ๐ Fix thread-safety issue in CallIndex
- ๐ Fix trim mode for ERb templates in old Rails versions
- Avoid
nil
errors when concatenating arrays - โ Add rendered template information to render paths
- Trim some unnecessary files from bundled gems
- ๐ Deadcode and typo fixes found via Coverity
- โ Complete overhaul of warning message construction
- โก๏ธ Update to Slim 4.0.1 (Jake Peterson)
- โก๏ธ Update to RubyParser 3.12.0
- โก๏ธ Updated license