Changes since 7.0.2:
- Add Haml 6.x support (#1914, #1841, etc.)
- Support render model shortcut (#959, #1940, etc.)
- Add
--ensure-no-obsolete-config-entries
option (viralpraxis) - Update JUnit report for CircleCI (Philippe Bernery)
- Improve ignored warnings layout in HTML report (Sebastien Savater)
- Only load escape functionality from cgi library (Earlopain)
- Add EOL dates for Rails 8.0 and Ruby 3.4
- Use lazy file lists for AppTree
Haml 6 Support
Brakeman now ships with and supports Haml 6.
To continue using Brakeman with Haml 5.x, please use the brakeman-lib
or brakeman-min
gems.
(changes)
Render Shortcuts
After many, many years, Brakeman now supports shortcuts where specific models or collections are rendered. For example: render User.find(..)
or render User.all
Brakeman does not currently support rendering of collections with mixed types of models.
(changes)
Fail on Obsolete Ignored Warnings
When Brakeman is configured to ignore warnings, but then those warnings aren’t found, Brakeman reports “obsolete ignored warnings”.
viralpraxis added the --ensure-no-obsolete-config-entries
option to return a failure exit code if there are obsolete entries.
(changes)
JUnit Report for CircleCI
Philippe Bernery has fixed JUnit reports to be compatible with CircleCI (again). Thanks!
(changes)
Better Ignored Warnings Layout
Speaking of ignored warnings, Sebastien Savater has improved the layout in the HTML report to make it easier to read notes for ignored warnings.
(changes)
CGI Loading
In preparation for Ruby 3.5, Earlopain updated Brakeman to explcitly load cgi/escape
instead of the entire CGI library.
(changes)
Lazy File Lists
Use lazy file lists when managing files in Brakeman::AppTree
. This provides a small (~9%) speed improvement for large applications.
(changes)
Reporting Issues
Thank you to everyone who reported bugs and contributed to this release!
Please report any issues with this release. Take a look at this guide to reporting Brakeman problems.
Hang out on Github for questions and discussion.
Checksums
The SHA256 sums for this release are:
Reporting Issues
Thank you to everyone who reported bugs and contributed to this release!
Please report any issues with this release. Take a look at this guide to reporting Brakeman problems.
Hang out on GitHub for questions and discussion.