Brakeman v5.0.0 Release Notes
Release Date: 2021-01-26 // about 3 years ago-
- Ignore
uuid
as a safe attribute - Collapse
__send__
calls - Ignore
Tempfile#path
in shell commands - Ignore development environment
- โ Revamp CSV report to a CSV list of warnings
- ๐ง Set Rails configuration defaults based on
load_defaults
version - โ Add check for (more) unsafe method reflection
- ๐
Suggest using
--force
if no Rails application is detected - โ Add Sonarqube report format (Adam England)
- โ Add check for potential HTTP verb confusion
- โ Add
--[no-]skip-vendor
option - ๐ Scan (almost) all Ruby files in project
- Ignore