Brakeman v5.0.0 Release Notes

Release Date: 2021-01-26 // 9 months ago
    • Ignore uuid as a safe attribute
    • Collapse __send__ calls
    • Ignore Tempfile#path in shell commands
    • Ignore development environment
    • ⚠ Revamp CSV report to a CSV list of warnings
    • 🔧 Set Rails configuration defaults based on load_defaults version
    • ➕ Add check for (more) unsafe method reflection
    • 🚅 Suggest using --force if no Rails application is detected
    • ➕ Add Sonarqube report format (Adam England)
    • ➕ Add check for potential HTTP verb confusion
    • ➕ Add --[no-]skip-vendor option
    • 💎 Scan (almost) all Ruby files in project