Brakeman v4.6.0 Release Notes

Release Date: 2019-07-24 // over 4 years ago
    • ➕ Add check for cookie serialization with Marshal (#1316)
    • ➕ Add reverse tabnabbing check (Linos Giannopoulos)
    • ⚠ Avoid warning about file access with ActiveStorage::Filename#sanitized (Tejas Bubane)
    • ⚡️ Update loofah version for fixing CVE-2018-8048 (Markus Nölle)
    • 👍 Warn people that Haml 5 is not fully supported (Jared Beck)
    • Index calls in initializers
    • 👌 Improve template output handling in conditional branches
    • Avoid assigning nil line numbers to Sexps
    • ➕ Add special warning code for custom checks
    • ➕ Add call matching by regular expression
    • Skip calls to dup (#1374)
    • ⏪ Restore Warning#relative_path
    • 👍 Better handling of gems with no version declared