This release introduces a new report format!
Changes since 4.9.1:
- Add SARIF report format (Steve Winton)
SARIF Report Format
Steve Winton from GitHub has contributed support for Static Analysis Results Interchange Format (SARIF). This is a standard format for static analysis tools and can be consumed by some report viewers, such as this one for Visual Studio Code.
To output a SARIF report, use
-f sarif or a file name like
Previewing Brakeman 5.0
What is planned for Brakeman 5.0?
The big change coming in 5.0 is scanning way more files. Currently, Brakeman scans specific directories in
It also only looks for files in particular places - e.g. views will be somewhere in
In 5.0, Brakeman will scan (almost) all files in the project directory with
.rb or template-related extensions.
This will dramatically increase the scope of Brakeman scans, which is better coverage but at the cost of more false positives and slower scans.
Also expected in Brakeman 5.0 is a bump of minimum Ruby version to 2.4.0 (which is already EOL).
The SHA256 sums for this release are:
7bef7df71137d06be5fc3325ead57f8ce35be7691bf6dd389228461d731b79dd brakeman-4.10.0.gem 698b8eb02cdea7a6e407192c261c61d8fc6cd24d590a1b388defc9de17966119 brakeman-lib-4.10.0.gem 64bb565ee84b9a9646985e456db1125ff9fb884ca83de6ba6fbc2c63bdbc8de9 brakeman-min-4.10.0.gem
Thank you to everyone who reported bugs and contributed to this release!