« Changelog History


Brakeman v4.9.0 Release Notes

Release Date: 2020-08-04 // over 3 years ago
    • ➕ Add --ensure-ignore-notes (Eli Block)
    • ➕ Add check for user input in ERB.new (Matt Hickman)
    • ➕ Add check for CVE-2020-8166 (Jamie Finnigan)
    • Always scan environment.rb
    • ⚠ Avoid warning when safe_yaml is used via YAML.load(..., safe: true)
    • Do not warn about mass assignment with params.permit!.slice
    • Ignore params.permit! in path helpers
    • Treat Dir.glob as safe source of values in guards
    • ✂ Remove whitelist/blacklist language, add clarifications
    • ➕ Add "full call" information to call index results
    • ⚡️ Updated Slim dependency (Jeremiah Church)