Brakeman v4.6.0 Release Notes
Release Date: 2019-07-24 // over 4 years ago-
- ➕ Add check for cookie serialization with Marshal (#1316)
- ➕ Add reverse tabnabbing check (Linos Giannopoulos)
- ⚠ Avoid warning about file access with
ActiveStorage::Filename#sanitized
(Tejas Bubane) - ⚡️ Update loofah version for fixing CVE-2018-8048 (Markus Nölle)
- 👍 Warn people that Haml 5 is not fully supported (Jared Beck)
- Index calls in initializers
- 👌 Improve template output handling in conditional branches
- Avoid assigning
nil
line numbers toSexp
s - ➕ Add special warning code for custom checks
- ➕ Add call matching by regular expression
- Skip calls to
dup
(#1374) - ⏪ Restore
Warning#relative_path
- 👍 Better handling of gems with no version declared