Brakeman v4.8.2 Release Notes

Release Date: 2020-05-12 // 3 months ago
    • ➕ Add --text-fields option
    • ➕ Add check for CVE-2020-8159
    • ➕ Add check for escaping HTML entities in JSON configuration option
    • Fix authenticate_or_request_with_http_basic check for passed blocks (Hugo Corbucci)

Previous changes from v4.8.1

    • Warn about global(!) mass assignment
    • Check SQL query strings using String#strip or String.squish (#1459)
    • 🖐 Handle non-symbol keys in locals hash for render (#1465)
    • Index calls in render arguments (#1459)