Just a little release. Next up: 4.0!
Changes since 3.7.1:
Changes since 3.7.0:
- Handle simple guard with
returnat end of branch (#1073)
- Add more collection methods for iteration detection
- Improve multi-value
Another Simple Guard
Brakeman will now handle when the branch in a simple guard condition ends in
unless [:valid, :value].include? params[:x] do_stuff more_stuff return end x.send(params[:x]) # Will no longer warn because `params[:x]` must be 'safe'
More Collection Methods
Brakeman attempts to detect when a template is iterating over records from a database query.
This release adds a few more methods that might return a collection of records.
The logic in the
brakeman executable has now entirely been moved to
Brakeman::Commandline for easier testing and custom behavior.
The SHA256 sums for this release are:
9ad563247cc6a57b965e59e5bbbaefa202ce34ceb6d10e97ce500406d60cdb6e brakeman-3.7.2.gem 5b753206f8e5937c33494edd323a9e6573e07958d9f8f5bb662b0f6085eafe19 brakeman-lib-3.7.2.gem 517a074cb92ece8a7e426ea221d63ddbcae6e3b851664083b7e73e6d7e0dd138 brakeman-min-3.7.2.gem
Brakeman 4.0 Plans
If all goes well, Brakeman 4.0 will be released on August 27th, which is also the 7th anniversary of Brakeman’s first release. It will also be the 101st release of Brakeman!
At least two major changes will be coming in Brakeman 4.0:
plainreport format will be the default instead of tables
--exit-on-warn(sets exit code if any warnings are found) will be on by default
There will likely be other changes, but these two will be the most obvious.
Thank you to everyone who reported bugs and contributed to this release.
If you find Brakeman valuable and want to support its development, check out Brakeman Pro.