Has it really been three months since Brakeman 5.0? Yikes!
Here’s a small update with some bugfixes before we move on to 5.1.
Changes since 5.0.0:
- Support loading
- Set more line numbers on Sexps (#1579)
- Always ignore
onlycalls for mass assignment
- Don’t fail if $HOME/$USER are not defined
- Convert splat array arguments to arguments
- Bundle unreleased RubyParser changes
Support Smart Text in Slim Templates
In order to support “Smart Text” in Slim templates,
Brakeman will load
slim/smart is mentioned in the
More Line Numbers
nil value for the line number of a Sexp raises an exception.
This is usually from creating a Sexp without a line number in the first place.
More instances of this have been fixed in this release.
Always Ignore slice/only for Mass Assignment
only are called for arguments to mass assignment (e.g.
Brakeman will not warn about mass assignment.
These have been ignored for a while, but a logic error caused Brakeman to sometimes still warn about them.
Convert Splats to Arguments
In really obvious cases like
some_call(*[a, b, c])
Brakeman will convert the arguments to
some_call(a, b, c)
The SHA256 sums for this release are:
4c1b7c7747ecfca11a822a4bab5ad05f13515e195d7d34590d3add215573b431 brakeman-5.0.1.gem 79129c2977936113fc87a9a2e9490b734f088286d0b33ed9ca61cb6587dc18c7 brakeman-lib-5.0.1.gem 549034d7aeb2a5ca8fe299c41b91938d502a89e70a1afa68643ca3c9e5ccaf96 brakeman-min-5.0.1.gem
Thank you to everyone who reported bugs and contributed to this release!