ยซ Changelog History


Brakeman v4.5.1 Release Notes

Release Date: 2019-05-11 // almost 5 years ago
    • โž• Add initial Rails 6 support
    • โž• Add optional check for config.force_ssl (#1181)
    • โž• Add deserialization warning for Oj.load/object_load
    • Add SQL injection checks for destroy_by/delete_by
    • Add SQL injection checks for find_or_create_by and friends
    • Check link_to with block for href XSS (#1339)
    • Convert !! calls to boolean value (#1343)
    • Use relative paths for __FILE__
    • Represent file paths internally as Brakeman::FilePath
    • ๐Ÿ– Handle empty partial names
    • ๐Ÿ– Handle trailing comma in block args
    • โœ‚ Remove code for Ruby versions prior to 1.9