Ruby on Rails Static Analysis Security Tool

Brakeman 6.0.1 Released

Very tiny release this time!

Changes since 6.0.0:

  • Accept strings for load_defaults version (#1784)
  • Bundle latest ruby_parser

Strings for load_defaults

While the default for Rails generators and documentation is to use floats for versions, e.g. load_defaults 6.1, internally it uses strings. It appears quite a few apps also use strings.

Now Brakeman supports and uses strings.


Latest RubyParser

Bundled with ruby_parser 3.20.3, which includes additional support for Ruby 3.2 syntax.


The SHA256 sums for this release are:

39641c63bc247bbdf993a349de90a13e146c464c872191f2adc12555bde591be  brakeman-6.0.1.gem
e029fbd43c97bbb9c084fa4f0e13ee259bf193b79d66ba7ef94fa9496bab62cd  brakeman-lib-6.0.1.gem
ef2ff1234ba2a9e7216a0a047b9df0def8c3b8d162d29853c907238901353a54  brakeman-min-6.0.1.gem

Reporting Issues

Thank you to everyone who reported bugs and contributed to this release!

Please report any issues with this release. Take a look at this guide to reporting Brakeman problems.

Follow @brakeman on Twitter and hang out on Github for questions and discussion.